This chapter provides information about configuring chassis slots, cards, and ports.
Topics in this chapter include:
This guide uses the term “preprovisioning” in the context of preparing or preconfiguring entities such as chassis slots, the IOM, adapter cards, ports, and interfaces, prior to hardware actually being installed in the chassis. These entities can be installed but not enabled. When the entity is in a no shutdown state (administratively enabled), the entity is considered to be provisioned.
Nokia 7705 SAR routers provide the capability to configure chassis slots to accept specific adapter card types and set the relevant configurations before the equipment is actually installed. The preprovisioning ability allows you to plan your configurations as well as monitor and manage your router hardware inventory. Ports and interfaces can also be preprovisioned. When the functionality is needed, the cards can be inserted into the appropriate chassis slots as required.
The following sections are discussed:
The 7705 SAR card slot ID is always 1 and the card type for the IOM is always iom-sar.
On the 7705 SAR-8 Shelf V2 and 7705 SAR-18, the CSM, which can only be installed in slot A or B of the chassis, does not need to be provisioned. However, the IOM, which is virtualized in the 7705 SAR software, must be activated before the adapter cards, ports, and SCADA bridges can be preprovisioned and configured. The IOM is activated by designating it a card slot ID and card type. This enables the chassis slots to accept the adapter cards.
Note: On the 7705 SAR-8 Shelf V2, the CSM is called the CSMv2; both terms are used interchangeably in these guides. The CSMv2 supports bandwidth of 10 Gb/s, 2.5 Gb/s and 1 Gb/s in the first two adapter card slots and 2.5 Gb/s and 1 Gb/s in the remaining four adapter card slots. |
The 7705 SAR-M, 7705 SAR-H, 7705 SAR-Hc, 7705 SAR-A, 7705 SAR-Ax, 7705 SAR-W, 7705 SAR-Wx, and 7705 SAR-X have a fixed physical configuration and each router uses only one control and switching functional block, which is referred to on the CLI as CSM A. The CSM and IOM do not need to be provisioned in order to provision the interface at the adapter card level.
The slot ID (1) is used as part of the adapter card and port identifier on the CLI.
This section contains information on the following topics:
A chassis slot and card type must be specified and provisioned before an adapter card can be provisioned. A chassis slot is a physical slot designated with an MDA ID. On the 7705 SAR-8 Shelf V2, the MDA ID is from 1 to 6. On the 7705 SAR-18, the MDA ID is from 1 to 12 for the MDA slots and from X1 to X4 for the XMDA slots. An adapter card is provisioned when a card designated from the allowed adapter card types is inserted. A preprovisioned adapter card slot can remain empty without conflicting with populated slots.
The adapter cards can be installed in the chassis in any combination that does not exceed the maximum number. However, network applications require at least one network-capable adapter card to be installed.
Once installed and enabled, the system verifies that the installed adapter card type matches the configured parameters. If the parameters do not match, the adapter card remains offline.
Note: Unless otherwise specified, references to adapter cards with multiple versions include all versions of the cards. |
A maximum of six adapter cards can be installed in the 7705 SAR-8 Shelf V2 chassis. The following adapter cards are supported:
A maximum of 12 MDA adapter cards and 4 XMDA adapter cards can be installed in the 7705 SAR-18 chassis. The following adapter cards are supported:
Note:
|
The 7705 SAR hardware components have improved as technology has developed. Table 2 lists the Ethernet adapter cards, modules, and platforms according to their generation. Second-generation (Gen-2) components have additional features, increased card memory and/or improved QoS mechanisms over first-generation (Gen-1) components. Similarly, third-generation (Gen-3) components improve upon second-generation components.
Generation | Card, Module, and Platform |
First Generation | 8-port Ethernet Adapter card |
Second Generation | 2-port 10GigE (Ethernet) Adapter card (v-port) |
2-port 10GigE (Ethernet) module (v-port) (for 7705 SAR-M) | |
8-port Gigabit Ethernet Adapter card | |
10-port 1GigE/1-port 10GigE X-Adapter card | |
Packet Microwave Adapter card | |
7705 SAR-A | |
7705 SAR-Ax | |
7705 SAR-H | |
7705 SAR-Hc | |
7705 SAR-M | |
7705 SAR-W | |
7705 SAR-Wx | |
4-port SAR-H Fast Ethernet module | |
6-port SAR-M Ethernet module | |
Third Generation | 6-port Ethernet 10Gbps Adapter card |
7705 SAR-X |
The following cards and modules support channelization down to the DS0 level:
On the 16-port T1/E1 ASAP Adapter card, 32-port T1/E1 ASAP Adapter card, 2-port OC3/STM1 Channelized Adapter card, and 4-port DS3/E3 Adapter card (DS3 ports only), and on the T1/E1 ports of the 4-port T1/E1 and RS-232 Combination module, up to 24 channel groups are supported on a DS1 circuit and up to 32 channel groups on an E1 circuit.
The 12-port Serial Data Interface card supports a single channel group on a channelized V.35 circuit, RS-530, RS-232 (also known as EIA/TIA-232) circuit, or X.21 circuit. The RS-232 ports on the 4-port T1/E1 and RS-232 Combination module also support a single channel group on a channelized RS-232 circuit.
The 6-port E&M Adapter card supports a single channel group on a channelized E&M voice interface.
The 8-port Voice & Teleprotection card supports a single channel group on a channelized G.703 (codirectional) circuit, an IEEE C37.94 teleprotection interface (TPIF) circuit, FXS circuit, or FXO circuit.
The 8-port C37.94 Teleprotection card supports a single channel group on an IEEE C37.94 teleprotection interface (TPIF) circuit.
The 8-port FXO Adapter card supports a single channel group on an FXO circuit.
The 6-port FXS Adapter card supports a single channel group on an FXS circuit.
The 4-port OC3/STM1 / 1-port OC12/STM4 Adapter card supports channelization at the DS1/E1 level only.
The 16-port T1/E1 ASAP Adapter card, 32-port T1/E1 ASAP Adapter card, and the T1/E1 ports on the 4-port T1/E1 and RS-232 Combination module each support fractional T1/E1 on a PPP channel group in network mode. Fractional T1/E1 allows one or more DS0 channels to be bundled together (up to the maximum bandwidth of the network link), allowing the customer to use only that portion of the link that is needed. This means that the PPP service can use a selected number of timeslots (octets) in the network T1 or E1 link, thus reducing the amount of T1 or E1 bandwidth that must be leased or purchased from the attached carrier. This leads to multiplexing efficiencies in the transport network.
Only one channel group can be configured per port. When the channel group is configured for ppp-auto encapsulation and network mode, all timeslots (channels) are automatically allocated to the channel group. The user can then configure the number of timeslots needed. Timeslots not selected cannot be used.
A port can be configured after the IOM is activated (the card slot and card type are designated) and the adapter card slot is preprovisioned with an allowed adapter card type.
The 7705 SAR supports the port types listed below:
In addition, this section contains information on the following topics:
Ethernet ports are supported on the following cards, modules, and platforms:
The 6-port Ethernet 10Gbps Adapter card has four SFP ports for 1-Gb/s fiber or copper SFP transceivers and two SFP+ ports for 10-Gb/s fiber or copper SFP+ transceivers. The card also supports synchronous Ethernet timing. The 6-port Ethernet 10Gbps Adapter card is designed to complement or replace the 8-port Ethernet Adapter card or the 8-port Gigabit Ethernet Adapter card in situations where greater processing power and higher throughput capacity are required.
There are two versions of this card: 6-port Ethernet 10Gbps Adapter card and 6-port Ethernet 10Gbps Adapter card-E. The versions have identical functionality except that the 6-port Ethernet 10Gbps Adapter card-E does not have encryption functionality.
The ports and features on the 6-port Ethernet 10Gbps Adapter card are identical to the ports and features on the 8-port Gigabit Ethernet Adapter card, version 3, except that the 6-port Ethernet 10Gbps Adapter card uses only 4-priority schedulers for QoS instead of 4-priority or 16-priority schedulers.
The 8-port Ethernet Adapter card has six RJ-45 ports for 10/100Base-T (Ethernet and Fast Ethernet) connections. The card also has two SFP ports for fiber or copper SFPs. Fast Ethernet and Gigabit (100 Mb/s and 1000 Mb/s) fiber connections and 10/100/1000Base-T copper connections are supported. This variety of connections enables the adapter card to be connected to different devices at the customer site, including wireless base stations, DSL modems, microwave boxes, and other auxiliary equipment. As well, with fiber connections, the adapter card can be directly connected to the Metro Ethernet Provider (MEP) central office. The adapter card also supports synchronous Ethernet timing.
The 8-port Gigabit Ethernet Adapter card has eight SFP ports for fiber or copper SFPs. The card supports dual rate (100 Mb/s and 1000 Mb/s) and Gigabit (1000 Mb/s) fiber connections and 10/100/1000Base-T copper connections. The card also supports synchronous Ethernet timing. The 8-port Gigabit Ethernet Adapter card is designed to complement or replace the 8-port Ethernet Adapter card in situations where greater processing power and higher throughput capacity are required.
There are three versions of the 8-port Gigabit Ethernet Adapter card. Version 1 and version 2 are identical except that version 2 provides larger table space for FIBs, ACLs, and so on. Version 2 also supports the full IPv6 subnet range for IPv6 static routes and interface IP addresses. The static route range is from /1 to /128, and the default route is ::/0. Supported interface IP address prefixes are from /4 to /127, and /128 on system or loopback interfaces. Version 3 is identical to version 2 except that it is equipped with a hardware-based encryption engine to support features such as IPSec.
Higher limits and full subnet ranges are supported only when all the adapter cards in a particular node are equipped with hardware for larger table support.
Gigabit Ethernet optical ports offer significant advantages over fast Ethernet ports, even where lower-speed services are currently offered. With Gigabit Ethernet, service providers have the opportunity to standardize access infrastructure, ensure that capacity is available to accommodate growing bandwidth requirements, and minimize the operational costs associated with future service upgrades to hardware and software.
There are two versions of the 10-port 1GigE/1-port 10GigE X-Adapter card. Both versions are identical except that version 2 is equipped with a hardware-based encryption engine to support features such as IPSec. The card is supported only on the 7705 SAR-18.
The 10-port 1GigE/1-port 10GigE X-Adapter card has 10 small form-factor pluggable (SFP) ports on its faceplate.
When the 10-port 1GigE/1-port 10GigE X-Adapter card is configured in 10-port GigE mode, the 10 SFP ports are available for fiber SFP transceivers. In this mode, the card supports dual-rate (100 Mb/s and 1000 Mb/s) and Gigabit (1000 Mb/s) fiber connections. The card also supports synchronous Ethernet timing.
When the 10-port 1GigE/1-port 10GigE X-Adapter card is configured in 1-port GigE mode, only one SFP+ (port 1) of the 10 ports is active and available for use with fiber SFP+ transceivers. The card supports 10-Gb/s fiber connections. The card also supports synchronous Ethernet timing. The 1-port GigE mode is designed for use in situations where greater processing power and higher throughput capacity are required.
The 10-port 1GigE/1-port 10GigE X-Adapter card provides larger table space for FIBs, ACLs, and so on. The card also supports the full IPv6 subnet range for IPv6 static routes and interface IP addresses. The static route range is from /1 to /128, and the default route is ::/0. Supported interface IP address prefixes are from /4 to /127, and /128 on system or loopback interfaces.
Higher limits and full subnet ranges are supported only when all the adapter cards in a particular node are equipped with hardware for larger table support.
The 2-port 10GigE (Ethernet) Adapter card/module is used to connect to and from access rings carrying a high concentration of traffic. Table 3 lists the maximum number of cards or modules that are supported on each platform. A single card can be installed in the 7705 SAR-8 Shelf V2 or the 7705 SAR-18; however, it is strongly recommended that a minimum of two cards be installed for redundancy.
Chassis | Maximum Number of Cards or Modules |
7705 SAR-8 Shelf V2 | Up to four cards |
7705 SAR-18 | Up to six cards |
7705 SAR-M | One module |
The 2-port 10GigE (Ethernet) Adapter card/module has two small form-factor pluggable (XFP) ports on its faceplate. The two XFP ports are for 10-Gigabit Ethernet XFPs. The card provides high processing power and throughput capacity and operates at 10 Gb/s for Ethernet ports and 2.5 Gb/s for the virtual port (v-port).
The 2-port 10GigE (Ethernet) Adapter card provides larger table space for FIBs, ACLs, and so on. The card also supports the full IPv6 subnet range for IPv6 static routes and interface IP addresses on the v-port. The supported range for statically provisioned or dynamically learned routes is from /1 to /128. Supported interface IP address prefixes are from /4 to /127, and /128 on system or loopback interfaces.
The 2-port 10GigE (Ethernet) module supports IPv6 on the v-port. The supported range for statically provisioned or dynamically learned routes is from /1 to /64 or is /128 (indicating a host route). Supported interface IP address prefixes are from /4 to /64, and /128 on system or loopback interfaces.
The 2-port 10GigE (Ethernet) Adapter card/module supports LLDP on the Ethernet ports but not on the v-port.
The Packet Microwave Adapter card has two RJ-45 ports (ports 1 and 2) and six SFP ports (ports 3 through 8). All ports provide 10/100/1000 Mb/s connections (when connected to an MPR-e radio, they are always in Gigabit Ethernet (1-Gb/s) mode). Ports 1 through 4 support Microwave Awareness (MWA) and Ethernet/IP/MPLS networking; ports 5 through 8 support Ethernet/IP/MPLS networking only.
All Gigabit Ethernet ports provide the same networking feature capability as the 8-port Gigabit Ethernet Adapter card. For frequency synchronization, synchronous Ethernet and SSM are the mechanisms that are applied when using optical 1000Base-SX to connect to an MPR-e radio. When using electrical 1000Base-T to connect the Packet Microwave Adapter card and an MPR-e radio, Proprietary Clock Recovery (PCR) is used (a copper SFP is mandatory on ports 3 and 4).
The 4-port SAR-H Fast Ethernet module has four RJ-45 Fast Ethernet ports (10/100 Mb/s) on its faceplate. Any functionality supported on the 7705 SAR-H Ethernet ports is also supported on the 4-port SAR-H Fast Ethernet module, with the exception of hierarchical QoS (H-QoS) functionality and hybrid mode.
The 6-port SAR-M Ethernet module has six Ethernet ports:
Ports 5 and 6 can each support Power over Ethernet (PoE). Port 5 can also support PoE+, but if it is configured for PoE+, then port 6 cannot support PoE power.
Any functionality supported on the 7705 SAR-M Ethernet ports is also supported on the 6-port SAR-M Ethernet module, with the exception of half-duplex mode (all ports) and hybrid mode (Fast Ethernet ports only).
The 7705 SAR-A has two variants with fixed physical configurations. Both variants have 12 Ethernet ports:
The 7705 SAR-Ax has a fixed physical configuration that has 12 Ethernet ports:
The 7705 SAR-H has a fixed physical configuration that has eight Ethernet ports:
The 7705 SAR-H also has two module slots.
If a PoE Power Supply is connected, it increases the number of Ethernet ports that can supply PoE to a connected device.
The 7705 SAR-Hc has a fixed physical configuration that has six Ethernet ports:
The 7705 SAR-M has four variants with fixed physical configurations. All variants have seven Ethernet ports:
Two variants of the 7705 SAR-M also have a module slot.
The 7705 SAR-W has a fixed physical configuration that has five Ethernet ports:
The 7705 SAR-Wx has four variants with fixed physical configurations that provide the following Ethernet interfaces.
Two variants have the following five Gigabit Ethernet ports:
Two variants have the following five Gigabit Ethernet ports:
Note: The DSL variants of the 7705 SAR-Wx are no longer supported. |
The 7705 SAR-X has a fixed physical configuration that has 14 Ethernet ports:
TDM ports are supported on the following cards, modules, and platforms:
On the16-port T1/E1 ASAP Adapter card, channelization is supported down to the DS0 level. To change port types, all ports must first be shut down. The ports can be configured for DS1 (T1) or E1 operation. All ports on the card must be either T1 or E1; there cannot be a mix of the two types. When the first port is configured on a card, all other ports on the card must be set to the same type.
The 16-port T1/E1 ASAP Adapter card supports fractional T1/E1 on network ports configured for PPP. Fractional T1/E1 allows a portion of the link to be used for traffic (up to the full link bandwidth).
DS1 ports on the adapter card can be configured for either B8ZS (bipolar with eight-zero substitution) zero code suppression or AMI (alternate mark inversion). B8ZS and AMI are line coding techniques.
On the 32-port T1/E1 ASAP Adapter card, channelization is supported down to the DS0 level. To change port types, all ports must first be shut down. The ports can be configured for DS1 (T1) or E1 operation. All ports on the card must be either T1 or E1; there cannot be a mix of the two types. When the first port is configured on a card, all other ports on the card must be set to the same type.
The 32-port T1/E1 ASAP Adapter card supports fractional T1/E1 on network ports configured for PPP. Fractional T1/E1 allows a portion of the link to be used for traffic (up to the full link bandwidth).
DS1 ports on the card can be configured for either B8ZS (bipolar with eight-zero substitution) zero code suppression or AMI (alternate mark inversion). B8ZS and AMI are line coding techniques.
On the 2-port OC3/STM1 Channelized Adapter card, channelization is supported down to the DS0 level. To change port types, all ports must first be shut down. The ports can be configured for DS1 (T1) or E1 channelization. All ports on the card must be either SONET or SDH; there cannot be a mix of the two types. When the first port is configured on a card, all other ports on the card must be set to the same type.
The 2-port OC3/STM1 Channelized Adapter card also supports DS3 channelization on access for TDM services as well as network mode with PPP.
The 4-port OC3/STM1 / 1-port OC12/STM4 Adapter card can be configured to be in 4-port OC3/STM1 mode or 1-port OC12/STM4 mode (using the mda-mode command).
When the 4-port OC3/STM1 / 1-port OC12/STM4 Adapter card is configured in 4-port OC3/STM1 mode, four SFP ports are available for optical and electrical SFP transceivers. In this mode, the card supports OC3 SONET or STM1 SDH transmission.
When the 4-port OC3/STM1 / 1-port OC12/STM4 Adapter card is configured in 4-port OC3/STM1 mode, channelization is supported down to the DS1 level. To change port types, all ports must first be shut down. The ports can be configured for DS1 (T1) or E1 channelization in access mode, or PPP/MLPPP or POS in network mode. All ports on the card must be either SONET or SDH; there cannot be a mix of the two types. When the first port is configured on a card, all other ports on the card must be set to the same type. Switching between port types causes the adapter card to reset.
When the 4-port OC3/STM1 / 1-port OC12/STM4 Adapter card is configured in 1-port OC12/STM4 mode, SFP port 1 is available for optical SFP transceivers. Ports 2 through 4 are not available. In this mode, the card supports OC12 SONET and STM4 SDH transmission. The 1-port OC12/STM4 mode is designed for use in situations where greater bandwidth is required on a single port.
The 4-port DS3/E3 Adapter card has two versions. Both versions have the same functionality; version 2 of the adapter card is a replacement for version 1.
The 4-port DS3/E3 Adapter card has four TDM DS3/E3 ports. The port type must be configured to be either DS3 or E3. Each DS3 port can be clear channel or channelized down to DS0 (64 kb/s). E3 ports can be clear channel only. Once the first port type has been configured, all other ports on the same 4-port DS3/E3 Adapter card must be set to the same type.
To change between types, the ports must first be deleted. DS3 ports provide B3ZS (bipolar with three-zero substitution) zero code suppression and E3 ports provide HDB3 (high density bipolar of order 3) zero code suppression. B3ZS and HDB3 zero code suppression are line coding techniques.
Channelization is supported down to the DS0 level (for DS3 ports only). To change port types, all ports must first be shut down. The ports can be configured for DS1 (T1) or E1 operation. All ports on the card must be either T1 or E1; there cannot be a mix of the two types. When the first port is configured on a card, all other ports on the card must be set to the same type.
On the 8-port Voice & Teleprotection card, channelization is supported down to the DS0 level. To change port types, all ports must first be shut down. The ports can be configured for DS1 (T1) or E1 operation. All ports on the card must be either T1 or E1; there cannot be a mix of the two types. When the first port is configured on a card, all other ports on the card must be set to the same type.
Channelization is supported on the two codirectional G.703 ports and two IEEE C37.94 teleprotection interface ports.
On the 8-port C37.94 Teleprotection card, channelization is supported down to the DS0 level on the eight IEEE C37.94 teleprotection interface (TPIF) ports.
There are three versions of the 12-port Serial Data Interface card.
Version 1 and version 2 each have four connectors that support three serial data ports each. Each port grouping can be configured for V.35, RS-232, or X.21 operation. When a port has been configured for a specific interface type, the other two ports in that same grouping must be configured for the same type. The card also supports an RS-530 interface with the use of an adapter cable that connects to a DB15 connector on the front of the X.21 distribution panel. There is no configuration specifically for the RS-530 interface; configuration is done in X.21 mode and applies to the RS-530 interface when it is physically enabled through hardware. All X.21 functionality is available on the RS-530 interface, except that only DCE operation is supported for RS-530. However, because X.21 does not support all the control leads available for RS-530, only a subset of the RS-530 control leads are supported.
The 12-port Serial Data Interface card, version 3, has six connectors that support two data ports each. Each port grouping can be configured for V.35, RS-232, X.21, or RS-530 operation. When a port has been configured for a specific interface type, the other port in the group must be configured for the same type.
Channelization on the 12-port Serial Data Interface card is supported down to the DS0 level.
T1/E1 ports on the 4-port T1/E1 and RS-232 Combination module (supported on the 7705 SAR-H) support channelization down to the DS0 level. To change port types, all ports must first be shut down. The ports can be configured for DS1 (T1) or E1 operation. All ports on the module must be either T1 or E1; there cannot be a mix of the two types. When the first port is configured on a module, all other ports on the card must be set to the same type.
The 7705 SAR-A has two variants with fixed physical configurations. One variant supports both Ethernet and T1/E1 ports. The variant that supports T1/E1 ports includes eight RJ-45 T1/E1 ports. All ports must be configured as either T1 or E1 ports; a mix of T1 and E1 ports is not allowed.
DS1 (T1) ports on the chassis can be configured for either B8ZS (bipolar with eight-zero substitution) zero code suppression or AMI (alternate mark inversion). B8ZS and AMI are line coding techniques.
The 7705 SAR-Hc has a fixed physical configuration that includes two RS-232 RJ-45 ports. The chassis also includes Gigabit Ethernet/Ethernet support via SFP and RJ-45 ports.
The 7705 SAR-M has four variants with fixed physical configurations. Two variants support both Ethernet and T1/E1 ports. These variants include 16 RJ-45 T1/E1 ports. All ports must be configured as either T1 or E1 ports; a mix of T1 and E1 ports is not allowed.
DS1 (T1) ports on the chassis can be configured for either B8ZS (bipolar with eight-zero substitution) zero code suppression or AMI (alternate mark inversion). B8ZS and AMI are line coding techniques.
The 7705 SAR-X has a fixed physical configuration that provides TDM pseudowire services via eight T1/E1 RJ-45 ports.
The 7705 SAR-H GPS Receiver module is equipped with a GPS RF port for retrieval and recovery of GPS and GLONASS signals. The 7705 SAR-Ax and two variants of the 7705 SAR-Wx are equipped with an integrated GNSS receiver and a GNSS RF port for retrieval and recovery of GPS and GLONASS signals.
The GNSS Receiver card installed in the 7705 SAR-8 Shelf V2 or 7705 SAR-18 is equipped with a GNSS RF port for retrieval and recovery of both GPS and GLONASS signals.
Note: GLONASS-only signal recovery is not supported in this release. |
A multilink bundle is a collection of channels on channelized ports that physically reside on the same adapter card. Multilink bundles are used by providers who offer either bandwidth-on-demand services or fractional bandwidth (DS3) services. Multilink bundles are supported over PPP channels (MLPPP). All member links of an MLPPP group must be of the same type (either E1 or DS1).
The following cards, modules, and platforms support multilink bundles:
The 16-port T1/E1 ASAP Adapter card, 32-port T1/E1 ASAP Adapter card, and 2-port OC3/STM1 Channelized Adapter card support Inverse Multiplexing over ATM (IMA). IMA is a standard developed to address the increasing need for bandwidth greater than the DS1 or E1 link speeds (1.544 or 2.048 Mb/s, respectively) but less than higher link speeds such as DS3 (44.736 Mb/s). IMA combines the transport bandwidth of multiple DS1 or E1 channels in a logical link (called an IMA group) to provide scalable bandwidth.
The 4-port OC3/STM1 Clear Channel Adapter card has four hot-pluggable, SFP-based ports that can be independently configured to be SONET (OC3) or SDH (STM1).
The 2-port OC3/STM1 Channelized Adapter card has two hot-pluggable, SFP-based ports that can be configured to be SONET (OC3) or SDH (STM1). All ports on the 2-port OC3/STM1 Channelized Adapter card must be of the same type (either SONET or SDH).
The 4-port OC3/STM1 / 1-port OC12/STM4 Adapter card has four hot-pluggable, SFP-based ports that can be configured to be SONET (OC3 or OC12) or SDH (STM1 or STM4). The card can be configured to be in either 4-port mode or 1-port mode (using the mda-mode command). In 4-port mode, all four ports can be configured as OC3 or STM1. In 1-port mode, only port 1 can be configured as OC12 or STM4. All ports on the 4-port OC3/STM1 / 1-port OC12/STM4 Adapter card must be of the same type (either SONET or SDH).
Voice ports are supported on the following cards:
The 6-port E&M Adapter card has six RJ-45 ports that support the transport of an analog voiceband signal between two analog devices over a digital network. The analog signals are converted into a 64 kb/s digital Pulse Code Modulation (PCM) format using either Mu-Law (North America) or A-Law (Rest of World) companding. The type of companding is selectable on a per-card basis. Companding conversion (that is, Mu-Law to A-Law or vice versa) is not supported.
The signaling type is selectable on a per-card basis. When either A-Law or Mu-Law companding is configured, Type I, Type II, or Type V signaling can be selected. However, the only supported configurations are both ends of the connection operating in the same mode (for example, Type I to Type I) or one end operating in Type I mode and the other in Type V mode. The default signaling type for Mu-Law is Type I and the default signaling type for A-Law is Type V.
Each voice port can be configured to operate in either a two-wire or four-wire (default) mode. The ports (in groups of three – ports 1 to 3 and ports 4 to 6) can also be configured to operate in transmission-only mode, which provides a four-wire audio path with no signaling. A transmit and receive transmission level point (the analog-to-digital decibel level) can be configured for each port. See Table 4 for the signaling type, companding law, and audio wires configuration options on the 6-port E&M Adapter card.
Signaling Type | Companding Type | Number of Wires |
Type I, Type II, Type V | Mu-Law or A-Law | Two-wire or four-wire |
Transmission-only (no signaling) | Mu-Law or A-Law | Four-wire |
The 8-port Voice & Teleprotection card supports the transport of an analog voiceband signal between two analog devices over a digital network.
The card has two FXS RJ-45 ports and two FXO RJ-45 ports that support analog voiceband signals. The analog signals are converted into a 64 kb/s digital Pulse Code Modulation (PCM) format using either Mu-Law (North America) or A-Law (Rest of World) companding. The type of companding is selectable on a per-card basis. Companding conversion (that is, Mu-Law to A-Law or vice versa) is not supported.
The signaling type is selectable at the port level on a per-port basis depending on companding type.
FXO supports:
FXS supports:
The default signaling type for FXO and FXS is 3600ls for Mu-Law companding and 3600re for A-Law companding.
The 8-port FXO Adapter card supports the transport of an analog voiceband signal between two analog devices over a digital network.
The card supports analog voiceband signals through four RJ-45 connectors that provide eight Foreign Exchange Office (FXO) ports, with two ports supported per connector. The analog signals are converted into a 64 kb/s digital Pulse Code Modulation (PCM) format using either Mu-Law (North America) or A-Law (Rest of World) companding. The type of companding is selectable on a per-card basis. Companding conversion (that is, Mu-Law to A-Law or vice versa) is not supported.
The signaling type is selectable at the port level on a per-port basis depending on companding type.
FXO supports:
The default signaling type is 3600ls for Mu-Law companding and 3600re for A-Law companding.
The 6-port FXS Adapter card provides the capability of transporting a large number of voice circuits from one 7705 SAR location and terminating them at another 7705 SAR location that is connected to a PBX.
The card can also be configured for a Private Line Automatic Ringdown (PLAR) application, which is typically used outside of a PBX network, in order to provide a site-to-site or remote site-to-control center hotline functionality.
The card has six Foreign Exchange Subscriber (FXS) ports. Each port provides a short-reach, on-premises analog interface to an analog telephone set. After an incoming analog signal from a set is terminated on one of the FXS interfaces, it is converted into a digital 64 kb/s Pulse Code Modulation (PCM) format using either Mu-Law companding (North America) or A-Law companding (Rest of World).
The signal is then mapped into the E1 Channel Associated Signaling (CAS) transport scheme for A-Law or the T1 Robbed Bit Signaling (RBS) transport scheme for Mu-Law and transmitted using a Cpipe over any 7705 SAR network interface that supports the Cpipe service. For standard TDM, the network interface can be a T1/E1 or OC3/STM1 channelized interface. For MPLS, an Ethernet, T1/E1, OC3/STM1 channelized MLPPP, or OC3/STM1 clear channel interface can be used.
For a PBX application, the signal is terminated at the 7705 SAR hub location that is connected to a PBX by either an FXO interface or a T1/E1 interface (assuming the signaling formats are compatible). The FXO interface can be provided by either an 8-port FXO Adapter card or 8-port Voice & Teleprotection card that is installed in a 7705 SAR-8 Shelf V2 or 7705 SAR-18 chassis at the 7705 SAR hub location.
For a PLAR application, the signal is terminated on an FXS interface on either another 6-port FXS Adapter card or an 8-port Voice & Teleprotection card that is installed in a 7705 SAR-8 Shelf V2 or 7705 SAR-18 chassis that is located at a remote location, or terminated on a 3600 MainStreet or 1511 MAX. The connection is made over an E1 interface (3600 MainStreet or 1511 MAX) or a T1 interface (3600 MainStreet). A hotline call can originate from a 3600 MainStreet or 1511 MAX and terminate on an FXS interface on a 6-port FXS Adapter card (or on an FXS interface on an 8-port Voice & Teleprotection card).
Table 5 shows the configuration options available on a 6-port FXS Adapter card. The companding law type is configured at the card level; the other options are configured at the voice port level.
Configuration | Supported Options |
Companding type | Mu-Law (the default) A-Law |
Fault signaling | Idle (the default) Seized |
Line balance | Nominal (the default) 800 |
Ring generation | 16 Hz (the default) 20 Hz 25 Hz |
Signaling type | 3600 Private Line Automatic Ringdown (PLAR) (if Mu-Law or A-Law is used) 1511 PLAR (if A-Law is used) 1511 Profile1 (if A-Law is used) 3600 Loop Start (LS) (if Mu-Law is used; this is the default) 3600 Remote Extension (RE) (if A-Law is used; this is the default) 1511sn137 (1511 profile 137) (if A-Law is used) |
Transmission level point (TLP) | Rx: –7 dB to 0 dB (1-dB increments; the default is –3 dB) Tx: –4 dB to +3 dB (1-dB increments; the default is 0 dB) |
A microwave link can be configured as a virtual port object on a 7705 SAR-8 Shelf V2 or 7705 SAR-18 in order to provide a basic microwave connection or the Microwave Awareness (MWA) capability to an MPR-e node.
For more information, see Microwave Link.
On the CLI, the adapter cards are referred to as MDAs. A port is identified using the format slot/mda/port, where slot identifies the IOM card slot ID (always 1), mda identifies the physical slot in the chassis for the adapter card, and port identifies the physical port on the adapter card; for example, 1/5/1. Adapter cards are configured at the card and port level.
On the fixed platforms, no configuration is required at the adapter card level in order to provision the ports.
On the CLI for the 7705 SAR-A, the slot/mda identifier for the T1/E1 ports is 1/2 and for the Ethernet ports is 1/1. T1/E1 ports are identified as 1/2/1 through 1/2/8 for the variant of the chassis with T1/E1 ports. Ethernet ports for both variants of the 7705 SAR-A are identified as 1/1/1 through 1/1/12.
On the CLI for the 7705 SAR-Ax, the slot/mda identifier for the Ethernet ports is 1/1 and for the GNSS RF port is 1/2.
On the CLI for the 7705 SAR-H, the slot/mda identifier for the Ethernet ports is 1/1. The chassis has two slots for modules (the 4-port T1/E1 and RS-232 Combination module, the GPS Receiver module, and the 4-port SAR-H Fast Ethernet module). On the CLI, the slot/mda identifier for a module installed in the first slot position is 1/2 and for a module installed in the second slot position is 1/3. Ethernet ports are identified as 1/1/1 through 1/1/8. Module ports are identified as 1/2/port-num for modules installed in the first slot position and 1/3/port-num for modules installed in the second slot position.
On the CLI for the 7705 SAR-Hc, the slot/mda identifier for the Ethernet ports is 1/1 and for the RS-232 ports is 1/2. Ethernet ports are identified as 1/1/1 through 1/1/6 and RS-232 ports are identified as 1/2/1 and 1/2/2.
On the CLI for the 7705 SAR-M, the slot/mda identifier for the Ethernet ports is 1/1 and for the T1/E1 ports is 1/2. For those variants of the chassis that have a module slot, the slot/mda identifier for the module is 1/3. The 7705 SAR-M supports the following modules: CWDM OADM module, 2-port 10GigE (Ethernet) module, and 6-port SAR-M Ethernet module. Ethernet ports for all variants of the 7705 SAR-M are identified as 1/1/1 through 1/1/7. T1/E1 ports are identified as 1/2/1 through 1/2/16 for the variants with T1/E1 ports. Module ports are identified as 1/3/port-num for the variants with module slots.
On the CLI for the 7705 SAR-W, the slot/mda identifier for the Ethernet ports is 1/1. Ethernet ports are identified as 1/1/1 through 1/1/5. The 7705 SAR-W also has an internal (virtual) port used for in-band Ethernet management connection. The virtual port is identified as vrtl-mgmt on the CLI and as 1/1/6 via SNMP.
On the CLI for the 7705 SAR-Wx, the slot/mda identifier for the Ethernet ports is 1/1 and for the GPS connector is 1/3. Ethernet ports for the Ethernet-only variant and the Ethernet and PoE+ variant are identified as 1/1/1 through 1/1/5. For the variant supporting Ethernet ports and a GPS connector, the GPS connector is identified as 1/3/1.
On the CLI for the 7705 SAR-X, the slot/mda identifier for the T1/E1 ports is specified as 1/1 and for the Ethernet ports is 1/2 or 1/3. T1/E1 ports are identified as 1/1/1 to 1/1/8. Ethernet ports are identified as 1/2/port-num or 1/3/port-num, where the port number has a value from 1 to 7, depending on how the port is configured.
For the 16-port T1/E1 ASAP Adapter card, 32-port T1/E1 ASAP Adapter card, and 4-port DS3/E3 Adapter card, the channel-group-id identifies the DS1 or E1 channel group; for example, 1/5/1.20. For the 2-port OC3/STM1 Channelized Adapter card, the channel-group-id identifies the DS1, E1, or DS3 channel group. For the 4-port OC3/STM1 / 1-port OC12/STM4 Adapter card, the channel-group-id identifies the DS1 or E1 channel group. For the 12-port Serial Data Interface card, the channel-group-id identifies the V.35, RS-530, RS-232, or X.21 channel group; only one channel group per port is supported on the card, so the format would be 1/1/1.1.
For the 6-port E&M Adapter card, the channel-group-id identifies the E&M voice channel group; only one channel group per port is supported on the card, so the format would be 1/1/1.1. For the 8-port Voice & Teleprotection card, the 8-port C37.94 Teleprotection card, the 8-port FXO Adapter card, and the 6-port FXS Adapter card, the channel-group-id identifies the DS0 channel group; only one channel group per port is supported on the card, so the format would be 1/1/1.1.
For the 4-port T1/E1 and RS-232 Combination module, the channel-group-id identifies the DS1 or E1 channel group for the T1/E1 ports (for example, 1/2/3.5) or the channel group for the RS-232 ports (for example, 1/2/2.1).
On the CLI for the 2-port 10GigE (Ethernet) Adapter card or 2-port 10GigE (Ethernet) module, for virtual-port configuration, an Ethernet port is identified as v-port.
The following output examples display the administrative and operational states of adapter cards for all platforms.
For the 7705 SAR-8 Shelf V2:
For the 7705 SAR-18:
For the 7705 SAR-A:
For the 7705 SAR-Ax:
For the 7705 SAR-H:
For the 7705 SAR-Hc:
For the 7705 SAR-M:
For the 7705 SAR-W:
For the 7705 SAR-Wx Ethernet variant:
For the 7705 SAR-X:
All ports must be set to access (customer-facing), network, or hybrid mode. When the mode is configured on a port, the appropriate encapsulation type must be configured to distinguish the services on the port or channel (for access mode), or to define the transport mode (for network mode).
For the 16-port T1/E1 ASAP Adapter card, 32-port T1/E1 ASAP Adapter card, and 4-port DS3/E3 Adapter card, the card must be enabled to support a set of software services before the encapsulation type is configured. This support is enabled using the mda-mode command (see the mda-mode command in the Configuration Command Reference section):
Note:
|
Note: QinQ encapsulation is not supported on a port in network mode. |
The default modes are listed in Table 6. All channel groups on a port must either be all access or all network channel groups; there cannot be a mix. When the first channel group is configured, all other channel groups on that port must be set to the same mode. To change modes, all channel groups must first be shut down.
Default Mode | Adapter Card, Module, or Platform |
Network | 2-port 10GigE (Ethernet) Adapter card 2-port 10GigE (Ethernet) module 10-port 1GigE/1-port 10GigE X-Adapter card (in 1-port 10GigE mode, the port operates in network mode only) |
Access | 2-port OC3/STM1 Channelized Adapter card 4-port DS3/E3 Adapter card 4-port OC3/STM1 / 1-port OC12/STM4 Adapter card 4-port OC3/STM1 Clear Channel Adapter card 4-port SAR-H Fast Ethernet module 4-port T1/E1 and RS-232 Combination module is access for the T1/E1 ports; the RS-232 ports operate in access mode only 6-port E&M Adapter card 6-port Ethernet 10Gbps Adapter card 6-port FXS Adapter card 6-port SAR-M Ethernet module 8-port Ethernet Adapter card 8-port FXO Adapter card 8-port Gigabit Ethernet Adapter card 8-port Voice & Teleprotection card 8-port C37.94 Teleprotection card 12-port Serial Data Interface card 16-port T1/E1 ASAP Adapter card 32-port T1/E1 ASAP Adapter card Auxiliary Alarm card CWDM OADM Adapter card GNSS Receiver card GPS Receiver module Integrated Services card Packet Microwave Adapter card Power Injector card 7705 SAR-A 7705 SAR-Ax 7705 SAR-H 7705 SAR-Hc 7705 SAR-M 7705 SAR-W 7705 SAR-Wx 7705 SAR-X |
The 7705 SAR supports egress-rate limiting and ingress-rate limiting on Ethernet ports.
The egress rate is set at the port level in the config>port>ethernet context.
Egress-rate limiting sets a limit on the amount of traffic that can leave the port to control the total bandwidth on the interface. If the egress-rate limit is reached, the port applies backpressure on the queues, which stops the flow of traffic until the queue buffers are emptied. This feature is useful in scenarios where there is a fixed amount of bandwidth; for example, a mobile operator who has leased a fixed amount of bandwidth from the service provider.
The ingress-rate command configures a policing action to rate-limit the ingress traffic. Ingress-rate enforcement uses dedicated hardware for rate limiting; however, software configuration is required at the port level (ingress-rate limiter) to ensure that the network processor or the adapter card or port never receives more traffic than they are optimized for.
The configured ingress rate ensures that the network processor does not receive traffic greater than this configured value on a per-port basis. Once the ingress-rate value is reached, all subsequent frames are dropped. The ingress-rate limiter drops excess traffic without determining whether the traffic has a higher or lower priority.
Access ports on the following can be configured for PPP/MLPPP channel groups:
Customer IP traffic can be transported directly over PPP or MLPPP links. Access ports on the following can also be configured for TDM to transport 2G traffic from BTSs or ATM/IMA to transport 3G UMTS traffic from Node Bs:
In access mode, PPP channels can be associated with n × DS0 channel groups. Although multiple PPP channel groups are supported per T1/E1 port, all the channel groups must be the same encapsulation type. For example, if one channel group on a given port is set for ipcp encapsulation, another channel group on the same port cannot be set to cem. If MLPPP channels are used, an MLPPP channel group fills up an entire DS1 or E1 link.
The 2-port OC3/STM1 Channelized Adapter card supports ipcp encapsulation of PPP/MLPPP packets for transport over an Ipipe.
The data ports on the 12-port Serial Data Interface card and the RS-232 ports on the 4-port T1/E1 and RS-232 Combination module provide transport between two data devices. Each data stream that is transported across the network can be mapped into a TDM pseudowire (Cpipe) for transport across an MPLS network. The other end can terminate either on another 7705 SAR or a multiplexer capable of terminating the pseudowire.
The 12-port Serial Data Interface card supports frame-relay encapsulation of data on V.35 and X.21 channel groups for transport over a frame relay pseudowire (Fpipe) or IP interworking pseudowire (Ipipe). The 12-port Serial Data Interface card also supports ipcp and cisco-hdlc encapsulation of PPP and Cisco HDLC packets, respectively, for transport over an Ipipe.
The 12-port Serial Data Interface card and the 4-port T1/E1 and RS-232 Combination module can also be part of a system architecture where a circuit originates on an SDI port on the 7705 SAR, transits over an MPLS network, and terminates on a 3600 MainStreet node connected to a 7705 SAR over a T1/E1 connection. In addition to the MPLS network functionality, the 12-port Serial Data Interface card and the 4-port T1/E1 and RS-232 Combination module can also operate in a TDM SAP-to-SAP mode where the other SAP can be another port on the 12-port Serial Data Interface card or on a T1/E1 ASAP card.
Access ports on the 8-port Ethernet Adapter card, 8-port Gigabit Ethernet Adapter card, 6-port Ethernet 10Gbps Adapter card, 10-port 1GigE/1-port 10GigE X-Adapter card (10-port 1GigE mode only), and the Packet Microwave Adapter card can transport traffic from sources such as e911 locators, site surveillance equipment, VoIP phones, and video cameras. The Ethernet traffic is transported over the PSN using Ethernet VLLs.
Note: For information on VLLs, refer to the 7705 SAR Services Guide, “VLL Services”. |
A microwave link from a Packet Microwave Adapter card port in access mode can peer with user equipment such as a node B or MPR-e radio. The 7705 SAR-8 Shelf V2 or the 7705 SAR-18 treat the microwave access link as a normal SAP into a service such as Epipe, Ipipe, or VPLS/VPRN.
Voice ports on the 6-port E&M Adapter card, 8-port Voice & Teleprotection card, and 8-port FXO Adapter card provide voiceband transmission between two analog devices over a digital network. A 7705 SAR-8 Shelf V2 or 7705 SAR-18 terminates the voice circuit and then transmits the data over a TDM-based network interface (SAP-to-SAP) or an MPLS packet-based network interface (SAP-to-SDP). For standard TDM, a T1 or E1 interface is used to transmit the data across the network.
For MPLS, any network interface (that is, Ethernet, T1/E1 MLPPP, or OC3/STM1) can be used. The traffic originating from the 6-port E&M Adapter card, 8-port Voice & Teleprotection card, or 8-port FXO Adapter card can be mapped into a TDM pseudowire (Cpipe) for transport across the MPLS network. The 6-port E&M Adapter card, and 8-port FXO Adapter card support one TDM pseudowire per port.
The voice circuit can terminate on another 7705 SAR-8 Shelf V2 or 7705 SAR-18 over the MPLS or T1/E1 TDM connection, on other TDM-capable equipment (such as a 3600 MainStreet node) over a T1/E1 TDM connection, or on other MPLS-capable equipment over an MPLS pseudowire emulation (PWE) connection. A 3600 MainStreet or 1511 MAX can also connect to an FXO port on the 8-port Voice & Teleprotection card.
Voice ports on a 6-port FXS Adapter card can be configured for a PBX application or a PLAR (hotline) application. For a PBX application, the voice circuits are terminated on an FXO interface at a 7705 SAR hub location that is connected to a PBX. The FXO interface can be provided by either an 8-port FXO Adapter card or 8-port Voice & Teleprotection card that is installed in a 7705 SAR-8 Shelf V2 or 7705 SAR-18 chassis at the 7705 SAR hub location.
For a PLAR application, voice circuits are terminated on an FXS interface on either another 6-port FXS Adapter card or an 8-port Voice & Teleprotection card that is installed in a 7705 SAR-8 Shelf V2 or 7705 SAR-18 chassis located at a remote location, or terminated on a 3600 MainStreet or 1511 MAX. A hotline call can also originate from a 3600 MainStreet or 1511 MAX and terminate on an FXS interface on a 6-port FXS Adapter card (or on an FXS interface on an 8-port Voice & Teleprotection card.
On an 8-port C37.94 Teleprotection card, access traffic over the TPIF interfaces can be mapped into a TDM pseudowire (Cpipe) for transport across an MPLS network. The TPIF interfaces connect teleprotection relays used by utilities.They can also be used with a relay to connect to a TPIF interface on an 8-port Voice & Teleprotection card or to a TPIF interface on a 1511 Media Access Cross-Connect (1511 MAX).
SONET/SDH ports in access mode on a 4-port OC3/STM1 Clear Channel Adapter card can be configured for ATM (such as for 3G UMTS Node Bs).
The DS3/E3 clear channel access ports on the 4-port DS3/E3 Adapter card, can be configured for ATM PW services (categories CBR, VBR-rt, VBR-nrt, UBR, and UBR+MCR), for TDM PW services to transport 2G traffic from BTSs, and for frame relay PW service.
Access ports on the 2-port OC3/STM1 Channelized Adapter card can be configured for TDM to transport 2G traffic from BTSs or ATM/IMA to transport 3G UMTS traffic from Node Bs. Access ports on the 4-port OC3/STM1 / 1-port OC12/STM4 Adapter card can only be configured for TDM.
All member links of the IMA group must reside on the same card. The 2G traffic is transported across the PSN encapsulated in a TDM VLL. The 3G traffic is transported using ATM VLLs.
For PPP/MLPPP channel groups, the encapsulation type must be ipcp. For Ethernet VLLs, the encapsulation type can be null, dot1q, or qinq. For TDM VLLs, the encapsulation type must be cem. For ATM VLLs, the encapsulation type must be atm.
To support hierarchical QoS (H-QoS) on second-generation Ethernet adapter cards, the 7705 SAR supports the configuration of one aggregate CIR rate for all the unshaped 4-priority access egress Ethernet SAPs on a port, thereby ensuring that all the unshaped SAPs can compete with the shaped SAPs on the port for fabric bandwidth. Use the config>port>ethernet>access>egress>unshaped-sap-cir command to set the aggregate CIR rate.
Third-generation (Gen-3) Ethernet adapter cards and platforms have 4-priority schedulers, and all SAPs are shaped SAPs. See Table 2 for a list of first-, second-, and third-generation adapter cards, modules, and platforms. Refer to the “QoS for Gen-3 Adapter Cards and Platforms” section in the 7705 SAR Quality of Service Guide for more information on 4-priority schedulers for Gen-3 hardware.
Ports on the 4-port SAR-H Fast Ethernet module do not support H-QoS.
For more information on H-QoS and on shaped and unshaped Ethernet SAPs, refer to the “Per-SAP Aggregate Shapers (H-QoS)” section in the 7705 SAR Quality of Service Guide.
Network uplinks can be configured as standalone PPP ports, or MLPPP can be configured on T1/E1 ports or channels. All member links of an MLPPP group must be of the same type (either E1 or Ds1).
The following cards, modules, and platforms support multilink bundles:
Ethernet ports on the 8-port Ethernet Adapter card, 8-port Gigabit Ethernet Adapter card, 6-port Ethernet 10Gbps Adapter card, 10-port 1GigE/1-port 10GigE X-Adapter card, and Packet Microwave Adapter card can be configured for network mode. Ethernet uplinks can be used as a cost-effective alternative to T1/E1 links.
On the 2-port 10GigE (Ethernet) Adapter card and 2-port 10GigE (Ethernet) module, the Ethernet ports and the v-port can be configured for network mode only.
A microwave link from a Packet Microwave Adapter card port in network mode provides a network uplink to an MPR-e radio. The 7705 SAR-8 Shelf V2 or 7705 SAR-18 treats the microwave link as a Gigabit Ethernet network link with MPLS always running over it. All standard MPLS/IP functions available on a network port or SDP are also available on the microwave link.
For network uplinks on the 4-port OC3/STM1 Clear Channel Adapter card and 4-port OC3/STM1 / 1-port OC12/STM4 Adapter card, a clear channel port can be configured for POS to connect to the packet network. PPP can be enabled on a port by setting the encapsulation type to ppp-auto.
On the 2-port OC3/STM1 Channelized Adapter card, DS3 clear channels within OC3 or STM1 can be configured for PPP as the network uplink. The encapsulation type must be set to ppp-auto.
On the 4-port DS3/E3 Adapter card, a DS3/E3 clear channel port can be configured for PPP as the network uplink. The encapsulation type must be set to ppp-auto.
The 7705 SAR supports both copper and fiber uplinks.
The 7705 SAR supports the configuration of one aggregate CIR rate for all the unshaped network egress Ethernet VLANs on a port, thereby ensuring that all the unshaped VLANs can compete with the shaped VLANs (that is, network interfaces) at the port level for egress bandwidth. Use the config>port>ethernet> network>egress>unshaped-if-cir command to set the aggregate CIR rate.
Note: The unshaped-if-cir command does not apply to Gen-3 Ethernet adapter cards and platforms, except for network egress in hybrid mode. In this case, the shaper-if-cir command applies. |
For more information on shaped and unshaped Ethernet VLANs, refer to the “Per-VLAN Network Egress Shapers” and “QoS for Gen-3 Adapter Cards and Platforms” sections in the 7705 SAR Quality of Service Guide.
Hybrid ports are supported on Ethernet ports, where they provide the capabilities and features of access and network mode ports on a per-VLAN basis. The following services support hybrid port functionality: Epipe PW, Ipipe PW, IP-VPN, VPLS, and IES.
For ingress traffic, QoS and traffic management on a hybrid port functions in the same way for access and network port modes. Refer to the 7705 SAR Quality of Service Guide, “QoS for Hybrid Ports on Gen-2 Hardware” and “QoS for Gen-3 Adapter Cards and Platforms” for details.
Network VLANs on a hybrid port provide OAM down MEP support, as well as port loopback support (in line mode with latched timers only).
The following hardware supports hybrid ports:
In some scenarios, combining the access and network capabilities under the same port is beneficial. A typical scenario is shown in Figure 1, where a single port hosts both access-side services and a traffic management model together with network-side IP/MPLS routing and switching capabilities simultaneously.
In this scenario, a network interface is configured to ensure connectivity between the cell site 7705 SAR and the aggregation site 7705 SAR. The network interface is used for all IP/MPLS traffic and is bound to VLAN-1. Another VLAN (VLAN-2) is configured to bind the management traffic of a microwave radio (an MPR-e) to an access-side service such as an Ethernet PW or VPLS. For security reasons, many mobile operators prefer to transport management traffic of network elements under a service construct as opposed to basic GRT-based routing. To accommodate this preference, an access-side service and a network interface can be configured to coexist on the same port when the port is configured for hybrid mode.
Surveillance, Control, and Data Acquisition (SCADA) bridges are configured on an Integrated Services card as part of the multidrop data bridge (MDDB), pulse code modulation (PCM) multidrop bridge, and voice conference bridge (VCB) functionality. MDDB, PCM, and VCB are used to support SCADA systems on a 7705 SAR-8 Shelf V2 or 7705 SAR-18.
For information on MDDB, see Multidrop Data Bridge. For information on PCM multidrop bridge, see PCM Multidrop Bridge. For information on VCB, see Voice Conference Bridge.
A SCADA bridge can be configured after the IOM is activated (the card slot and card type are designated) and the adapter card slot is preprovisioned with the Integrated Services card mda-type.
This section contains information on the following topics:
This section contains information on the following topics:
Multilink point-to-point protocol (MLPPP) is a method of splitting, recombining, and sequencing packets across multiple logical data links. MLPPP is defined in the IETF RFC 1990, The PPP Multilink Protocol (MP).
MLPPP allows multiple PPP links to be bundled together, providing a single logical connection between two routers. Data can be distributed across the multiple links within a bundle to achieve high bandwidth. As well, MLPPP allows for a single frame to be fragmented and transmitted across multiple links. This capability allows for lower latency and also for a higher maximum receive unit (MRU).
Multilink protocol is negotiated during the initial LCP option negotiations of a standard PPP session. A system indicates to its peer that it is willing to perform MLPPP by sending the MP option as part of the initial LCP option negotiation.
The system indicates the following capabilities.
Once MLPPP has been successfully negotiated, the sending system is free to send PDUs encapsulated and/or fragmented with the MP header.
MP introduces a new protocol type with a protocol ID (PID) of 0x003d. Figure 2 and Figure 3 show the MLPPP fragment frame structure. Framing to indicate the beginning and end of the encapsulation is the same as that used by PPP and described in RFC 1662, PPP in HDLC-like Framing.
MP frames use the same HDLC address and control pair value as PPP: Address – 0xFF and Control – 0x03. The 2-octet protocol field is also structured the same way as in PPP encapsulation.
The required and default format for MP is the 24-bit format. During the LCP state, the 12-bit format can be negotiated. The 7705 SAR is capable of supporting and negotiating the alternate 12-bit frame format.
The maximum differential delay supported for MLPPP is 25 ms.
The protocol field is two octets. Its value identifies the datagram encapsulated in the Information field of the packet. In the case of MP, the PID also identifies the presence of a 4-octet MP header (or 2-octet, if negotiated).
A PID of 0x003d identifies the packet as MP data with an MP header.
The LCP packets and protocol states of the MLPPP session follow those defined by PPP in RFC 1661. The options used during the LCP state for creating an MLPPP NCP session are described in the sections that follow.
The B&E bits are used to indicate the start and end of a packet. Ingress packets to the MLPPP process will have an MTU, which may or may not be larger than the maximum received reconstructed unit (MRRU) of the MLPPP network. The B&E bits manage the fragmentation of ingress packets when the packet exceeds the MRRU.
The B-bit indicates the first (or beginning) packet of a given fragment. The E-bit indicates the last (or ending) packet of a fragment. If there is no fragmentation of the ingress packet, both B&E bits are set to true (=1).
Sequence numbers can be either 12 or 24 bits long. The sequence number is 0 for the first fragment on a newly constructed bundle and increments by one for each fragment sent on that bundle. The receiver keeps track of the incoming sequence numbers on each link in a bundle and reconstructs the desired unbundled flow through processing of the received sequence numbers and B&E bits. For a detailed description of the algorithm, refer to RFC 1990.
The Information field is zero or more octets. The Information field contains the datagram for the protocol specified in the protocol field.
The MRRU will have the same default value as the MTU for PPP. The MRRU is always negotiated during LCP.
On transmission, the Information field of the ending fragment may be padded with an arbitrary number of octets up to the MRRU. It is the responsibility of each protocol to distinguish padding octets from real information. Padding must only be added to the last fragment (E-bit set to true).
The FCS field of each MP packet is inherited from the normal framing mechanism from the member link on which the packet is transmitted. There is no separate FCS applied to the reconstituted packet as a whole if it is transmitted in more than one fragment.
The Link Control Protocol (LCP) is used to establish the connection through an exchange of configure packets. This exchange is complete, and the LCP opened state entered, once a Configure-Ack packet has been both sent and received.
LCP allows for the negotiation of multiple options in a PPP session. MP is somewhat different from PPP, and therefore the following options are set for MP and are not negotiated:
Any non-LCP packets received during this phase must be silently discarded.
T1/E1 link hold timers (or MLPPP link flap dampening) guard against the node reporting excessive interface transitions. Timers can be set to determine when link up and link down events are advertised; that is, up-to-down and down-to-up transitions of the interface are not advertised to upper layer protocols (are dampened) until the configured timer has expired.
The 7705 SAR supports multi-class MLPPP (MC-MLPPP) to address end-to-end delay caused by low-speed links transporting a mix of small and large packets. With MC-MLPPP, large, low-priority packets are fragmented to allow opportunities to send high-priority packets. QoS for MC-MLPPP is described in QoS in MC-MLPPP.
MC-MLPPP allows for the prioritization of multiple types of traffic flowing over MLPPP links, such as traffic between the cell site routers and the mobile operator’s aggregation routers. MC-MLPPP, as defined in RFC 2686, The Multi-Class Extension to Multi-Link PPP, is an extension of the MLPPP standard. MC-MLPPP is supported on access ports wherever PPP/MLPPP is supported, except on the 2-port OC3/STM1 Channelized Adapter card. It allows multiple classes of fragments to be transmitted over an MLPPP bundle, with each class representing a different priority level mapped to a forwarding class. The highest-priority traffic is transmitted over the MLPPP bundle with minimal delay regardless of the order in which packets are received.
Figure 4 shows the original MLPPP header format that allowed only two implied classes. The two classes were created by transmitting two interleaving flows of packets; one with MLPPP headers and one without. This resulted in two levels of priority sent over the physical link, even without the implementation of multi-class support.
Figure 5 shows the short and long sequence number fragment format MC-MLPPP headers. The short sequence number fragment format header includes two class bits to allow for up to four classes of service. Four class bits are available in the long sequence number fragment format header, but a maximum of four classes are still supported. This extension to the MLPPP header format is detailed in RFC 2686.
The new MC-MLPPP header format uses the previously unused bits before the sequence number as the class identifier to allow four distinct classes of service to be identified.
MC-MLPPP on the 7705 SAR supports scheduling based on multi-class implementation. Instead of the standard profiled queue-type scheduling, an MC-MLPPP encapsulated access port performs class-based traffic servicing. The four MC-MLPPP classes are scheduled in a strict priority fashion, as shown in Table 7.
MC-MLPPP Class | Priority |
0 | Priority over all other classes |
1 | Priority over classes 2 and 3 |
2 | Priority over class 3 |
3 | No priority |
For example, if a packet is sent to an MC-MLPPP class 3 queue and all other queues are empty, the 7705 SAR fragments the packet according to the configured fragment size and begins sending the fragments. If a new packet arrives at an MC-MLPPP class 2 queue while the class 3 fragment is still being serviced, the 7705 SAR finishes sending any fragments of the class 3 packet that are on the wire, then holds back the remaining fragments in order to service the higher-priority packet.
The fragments of the first packet remain at the top of the class 3 queue. For packets of the same class, MC-MLPPP class queues operate on a first-in, first-out basis.
The user configures the required number of MLPPP classes to use on a bundle. The forwarding class of the packet, as determined by the ingress QoS classification, is used to determine the MLPPP class for the packet. The mapping of forwarding class to MLPPP class is a function of the user-configurable number of MLPPP classes. The mapping for 4-class, 3-class, and 2-class MLPPP bundles is shown in Table 8.
FC ID | FC Name | MLPPP Class 4-class Bundle | MLPPP Class 3-class Bundle | MLPPP Class 2-class Bundle |
7 | NC | 0 | 0 | 0 |
6 | H1 | 0 | 0 | 0 |
5 | EF | 1 | 1 | 1 |
4 | H2 | 1 | 1 | 1 |
3 | L1 | 2 | 2 | 1 |
2 | AF | 2 | 2 | 1 |
1 | L2 | 3 | 2 | 1 |
0 | BE | 3 | 2 | 1 |
If one or more forwarding classes are mapped to a queue, the scheduling priority of the queue is based on the lowest forwarding class mapped to it. For example, if forwarding classes 0 and 7 are mapped to a queue, the queue is serviced by MC-MLPPP class 3 in a 4-class bundle model.
The 7705 SAR supports Cisco HDLC, which is an encapsulation protocol for information transfer. Cisco HDLC is a bit-oriented synchronous data-link layer protocol that specifies a data encapsulation method on synchronous serial links using frame characters and checksums.
Cisco HDLC monitors line status on a serial interface by exchanging keepalive request messages with peer network devices. The protocol also allows routers to discover IP addresses of neighbors by exchanging SLARP address-request and address-response messages with peer network devices.
The basic frame structure of a cHDLC frame is shown in Table 9.
Flag | Address | Control | Protocol | Information | FCS |
0x7E | 0x0F, 0x8F | 0x00 | 0x0800, 0x8035 | — | 16 or 32 bit |
The fields in the cHDLC frame have the following characteristics:
The 7705 SAR supports only the SLARP keepalive protocol.
For the SLARP keepalive protocol, each system sends the other a keepalive packet at a user configurable interval. The default interval is 10 seconds. Both systems must use the same interval to ensure reliable operation. Each system assigns sequence numbers to the keepalive packets it sends, starting with zero, independent of the other system. These sequence numbers are included in the keepalive packets sent to the other system. Also included in each keepalive packet is the sequence number of the last keepalive packet received from the other system, as assigned by the other system. This number is called the returned sequence number. Each system keeps track of the last returned sequence number it has received. Immediately before sending a keepalive packet, the system compares the sequence number of the packet it is about to send with the returned sequence number in the last keepalive packet it has received. If the two differ by 3 or more, it considers the line to have failed, and will not route higher-level data across it until an acceptable keepalive response is received.
IMA is a cell-based protocol where an ATM cell stream is inverse-multiplexed and demultiplexed in a cyclical fashion among ATM-supporting channels to form a higher bandwidth logical link. This logical link is called an IMA group. By grouping channels into an IMA group, customers gain bandwidth management capability at in-between rates (for example, between DS1 and DS3 or between E1 and E3) through the addition or removal of channels to or from the IMA group. The 7705 SAR supports the IMA protocol as specified by the Inverse Multiplexing for ATM (IMA) Specification version 1.1.
In the ingress direction, traffic coming over multiple ATM channels configured as part of a single IMA group is converted into a single ATM stream and passed for further processing to the ATM layer, where service-related functions (for example, Layer 2 traffic management or feeding into a pseudowire) are applied. In the egress direction, a single ATM stream (after service functions are applied) is distributed over all paths that are part of an IMA group after ATM layer processing takes place.
An IMA group interface compensates for differential delay and allows for only a minimal cell delay variation. The maximum differential delay supported for IMA is 75 ms on the 16-port T1/E1 ASAP Adapter card and 32-port T1/E1 ASAP Adapter card and 50 ms on the 2-port OC3/STM1 Channelized Adapter card.
The interface deals with links that are added or deleted, or that fail. The higher layers see only an IMA group and not individual links; therefore, service configuration and management is done using IMA groups, and not individual links that are part of it.
The IMA protocol uses an IMA frame as the unit of control. An IMA frame consists of a series of 128 consecutive cells. In addition to ATM cells received from the ATM layer, the IMA frame contains IMA OAM cells. Two types of cells are defined: IMA Control Protocol (ICP) cells and IMA filler cells. ICP cells carry information used by the IMA protocol at both ends of an IMA group (for example, IMA frame sequence number, link stuff indication, status and control indication, IMA ID, Tx and Rx test patterns, version of the IMA protocol). A single ICP cell is inserted at the ICP cell offset position (the offset may be different on each link of the group) of each frame. Filler cells are used by the transmitting side to fill up each IMA frame in case there are not enough ATM stream cells from the ATM layer, so a continuous stream of cells is presented to the physical layer. Those cells are then discarded by the receiving end. IMA frames are transmitted simultaneously on all paths of an IMA group, and when they are received out of sync at the other end of the IMA group link, the receiver compensates for differential link delays among all paths.
The 7705 SAR provides network synchronization on the following ports and CES circuits:
Line timing mode provides physical layer timing (Layer 1) that can be used as an accurate reference for nodes in the network. This mode is immune to any packet delay variation (PDV) occurring on a Layer 2 or Layer 3 link. Physical layer timing provides the best synchronization performance through a synchronization distribution network.
On the 7705 SAR-A variant with T1/E1 ports, line timing is supported on T1/E1 ports. Line timing is also supported on all synchronous Ethernet ports on both 7705 SAR-A variants. Synchronous Ethernet is supported on the XOR ports (1 to 4), configured as either RJ-45 ports or SFP ports. Synchronous Ethernet is also supported on SFP ports 5 to 8. Ports 9 to 12 do not support synchronous Ethernet and therefore do not support line timing.
On the 7705 SAR-Ax, line timing is supported on all Ethernet ports.
On the 7705 SAR-H, line timing is supported on:
On the 7705 SAR-Hc, line timing is supported on all Ethernet ports.
On the 7705 SAR-M variants with T1/E1 ports, line timing is supported on T1/E1 ports. Line timing is also supported on all RJ-45 Ethernet ports and SFP ports on all 7705 SAR-M variants.
In addition, line timing is supported on the following 7705 SAR-M modules:
On the 7705 SAR-W, line timing is supported on:
On the 7705 SAR-Wx, line timing is supported on:
On the 7705 SAR-X, line timing is supported on T1/E1 ports and Ethernet ports.
On the 7705 SAR-8 Shelf V2 and 7705 SAR-18, line timing is supported on:
Synchronous Ethernet is a variant of line timing and is automatically enabled on ports and SFPs that support it. The operator can select a synchronous Ethernet port as a candidate for the timing reference. The recovered timing from this port is then used to time the system. This ensures that any of the system outputs are locked to a stable, traceable frequency source.
Each SONET/SDH port can be independently configured to be loop-timed (recovered from an Rx line) or node-timed (recovered from the SSU in the active CSM).
A SONET/SDH port’s receive clock rate can be used as a synchronization source for the node.
Each clear channel DS3/E3 port on a 4-port DS3/E3 Adapter card can be independently configured to be loop-timed (recovered from an Rx line), node-timed (recovered from the SSU in the active CSM), or differential-timed (derived from the comparison of a common clock to the received RTP timestamp in TDM pseudowire packets). When a DS3 port is channelized, each DS1 or E1 channel can be independently configured to be loop-timed, node-timed, or differential-timed (differential timing on DS1/E1 channels is supported only on the first three ports of the card). When not configured for differential timing, a DS3/E3 port can be configured to be a timing source for the node.
Each DS3 CES circuit on a 2-port OC3/STM1 Channelized Adapter card card can be loop-timed (recovered from an Rx line) or free-run (timing source is from its own clock). A DS3 circuit can be configured to be a timing source for the node.
Each T1/E1 port can be independently configured for loop-timing (recovered from an Rx line) or node-timing (recovered from the SSU in the active CSM).
In addition, T1/E1 CES circuits on the following can be independently configured for adaptive timing (clocking is derived from incoming TDM pseudowire packets):
T1/E1 CES circuits on the following can be independently configured for differential timing (recovered from RTP in TDM pseudowire packets):
A T1/E1 port can be configured to be a timing source for the node.
Note: Adaptive timing and differential timing are not supported on DS1 or E1 channels that have CAS signaling enabled. |
The GNSS receiver port on the 7705 SAR-Ax, 7705 SAR-Wx, or 7705 SAR-H GPS Receiver module, and the GNSS Receiver card installed in a 7705 SAR-8 Shelf V2 or 7705 SAR-18, can provide a synchronization clock to the SSU in the router with the corresponding QL for SSM. This frequency can then be distributed to the rest of the router from the SSU as configured with the ref-order and ql-selection commands; refer to the 7705 SAR Basic System Configuration Guide for information. The GNSS reference is qualified only if the GNSS receiver port is operational, has sufficient satellites locked, and has a frequency successfully recovered. A PTP master/boundary clock can also use this frequency reference with PTP peers.
In the event of GNSS signal loss or jamming resulting in the unavailability of timing information, the GNSS receiver automatically prevents output of clock or synchronization data to the system, and the system can revert to alternate timing sources.
A 7705 SAR using GNSS or IEEE 1588v2 PTP for time of day/phase recovery can perform high-accuracy OAM timestamping and measurements. Refer to the 7705 SAR Basic System Configuration Guide for information about node timing sources.
IEEE 802.3x Flow Control, which is the process of pausing the transmission based on received pause frames, is supported on Fast Ethernet, Gigabit Ethernet, and 10-Gigabit Ethernet (SFP+) ports. In the transmit direction, the Ethernet ports generate pause frames if the buffer occupancy reaches critical values or if port FIFO buffers are overloaded. Pause frame generation is automatically handled by the Ethernet Adapter card when the system-wide constant thresholds are exceeded. The generation of pause frames ensures that newly arriving frames still can be processed and queued, mainly to maintain the SLA agreements.
If autonegotiation is on for an Ethernet port, enabling and disabling of IEEE 802.3x Flow Control is autonegotiated for receive and transmit directions separately. If autonegotiation is turned off, the reception and transmission of IEEE 802.3x Flow Control is enabled by default and cannot be disabled.
Ingress flow control for the 6-port SAR-M Ethernet module is Ethernet link-based and not port-based. When IEEE 802.3x Flow Control is enabled on the 6-port SAR-M Ethernet module, pause frames are multicast to all ports on the Ethernet link. There are two Ethernet links on the 6-port SAR-M Ethernet module: one for ports 1, 3, and 5, and one for ports 2, 4, and 6. Pause frames are sent to either ports 1, 3, and 5, or to ports 2, 4, and 6, depending on which link the pause frame originates.
This section contains information on the following topics:
For more information on Ethernet OAM, refer to the 7705 SAR OAM and Diagnostics Guide, “Ethernet OAM Capabilities”.
802.3ah Clause 57 (EFM OAM) defines the Operations, Administration, and Maintenance (OAM) sublayer, which is a link level Ethernet OAM. It provides mechanisms for monitoring link operations such as remote fault indication and remote loopback control.
Ethernet OAM gives network operators the ability to monitor the status of Ethernet links and quickly determine the location of failing links or fault conditions.
Because some of the sites where the 7705 SAR will be deployed will only have Ethernet uplinks, this OAM functionality is mandatory. For example, mobile operators must be able to request remote loopbacks from the peer router at the Ethernet layer in order to debug any connectivity issues. EFM OAM provides this capability.
EFM OAM is supported on network and access Ethernet ports and is configured at the port level. The access ports can be configured to tunnel the OAM traffic originated by the far-end devices.
EFM OAM has the following characteristics.
The following EFM OAM functions are supported:
With ignore-efm-state configured, if the EFM OAM protocol cannot negotiate a peer session or an established session fails, the port will enter the link up state. The link up state is used by many protocols to indicate that the port is administratively up and there is physical connectivity but a protocol (such as EFM OAM) has caused the port operational state to be down. The show port slot/mda/port command output includes a Reason Down field to indicate if the protocol is the underlying reason for the link up state. For EFM OAM, the Reason Down code is efmOamDown. This is shown in the following command output example, where port 1/1/3 is in a link up state.
The EFM OAM protocol can be decoupled from the port state and operational state. In cases where an operator wants to remove the protocol, monitor only the protocol, migrate, or make changes, the ignore-efm-state command can be configured under the config>port>ethernet>efm-oam context.
When the ignore-efm-state command is configured on a port, the protocol behavior is normal. However, any failure in the EFM protocol state (discovery, configuration, time-out, loops, and so on) will not affect the port. Only a protocol warning message will be raised to indicate issues with the protocol. When the ignore-efm-state command is not configured on a port, the default behavior is that the port state will be affected by any EFM OAM protocol fault or clear conditions.
Enabling and disabling this command will immediately affect the port state and operating state based on the active configuration, and this will be displayed in the show port command output. For example, if the ignore-efm-state command is configured on a port that is exhibiting a protocol error, that protocol error does not affect the port state or operational state and there is no Reason Down code in the output. If the ignore-efm-state command is disabled on a port with an existing EFM OAM protocol error, the port will transition to port state link up, operational state down with reason code efmOamDown.
If the port is a member of a microwave link, the ignore-efm-state command must be enabled before the EFM OAM protocol can be activated. This restriction is required because EFM OAM is not compatible with microwave links.
CRC errors typically occur when Ethernet links are compromised due to optical fiber degradation, weak optical signals, bad optical connections, or problems on a third-party networking element. As well, higher-layer OAM options such as EFM and BFD may not detect errors and trigger appropriate alarms and switchovers if the errors are intermittent, since this does not affect the continuous operation of other OAM functions.
CRC error monitoring on Ethernet ports allows degraded links to be alarmed or failed in order to detect network infrastructure issues, trigger necessary maintenance, or switch to redundant paths. This is achieved through monitoring ingress error counts and comparing them to the configured error thresholds. The rate at which CRC errors are detected on a port can trigger two alarm states. Crossing the configured signal degrade (SD) threshold (sd-threshold) causes an event to be logged and an alarm to be raised, which alerts the operator to a potential issue on a link. Crossing the configured signal failure (SF) threshold (sf-threshold) causes the affected port to enter the operationally down state, and causes an event to be logged and an alarm to be raised.
The CRC error rates are calculated as M×10E-N, which is the ratio of errored frames allowed for total frames received. The operator can configure both the threshold (N) and a multiplier (M). If the multiplier is not configured, the default multiplier (1) is used.
For example, setting the SD threshold to 3 results in a signal degrade error rate threshold of 1×10E-3 (1 errored frame per 1000 frames). Changing the configuration to an SD threshold of 3 and a multiplier of 5 results in a signal degrade error rate threshold of 5×10E-3 (5 errored frames per 1000 frames). The signal degrade error rate threshold must be lower than the signal failure error rate threshold because it is used to notify the operator that the port is operating in a degraded but not failed condition.
A sliding window (window-size) is used to calculate a statistical average of CRC error statistics collected every second. Each second, the oldest statistics are dropped from the calculation. For example, if the default 10-s sliding window is configured, at the 11th second the oldest second of statistical data is dropped and the 11th second is included. This sliding average is compared against the configured SD and SF thresholds to determine if the error rate over the window exceeds one or both of the thresholds, which will generate an alarm and log event.
When a port enters the failed condition as a result of crossing an SF threshold, the port is not automatically returned to service. Because the port is operationally down without a physical link, error monitoring stops. The operator can enable the port by using the shutdown and no shutdown port commands or by using other port transition functions such as clearing the MDA (clear mda command) or removing the cable. A port that is down due to crossing an SF threshold can also be re-enabled by changing or disabling the SD threshold. The SD state is self-clearing, and it clears if the error rate drops below 1/10th of the configured SD rate.
EFM OAM provides a link-layer frame loopback mode, which can be controlled remotely.
To initiate a remote loopback, the local EFM OAM client sends a loopback control OAMPDU by enabling the OAM remote loopback command. After receiving the loopback control OAMPDU, the remote OAM client puts the remote port into local loopback mode.
OAMPDUs are slow protocol frames that contain appropriate control and status information used to monitor, test, and troubleshoot OAM-enabled links.
To exit a remote loopback, the local EFM OAM client sends a loopback control OAMPDU by disabling the OAM remote loopback command. After receiving the loopback control OAMPDU, the remote OAM client puts the port back into normal forwarding mode.
When a port is in local loopback mode (the far end requested an Ethernet OAM loopback), any packets received on the port will be looped back, except for EFM OAMPDUs. No data will be transmitted from the node; only data that is received on the node will be sent back out.
When the node is in remote loopback mode, local data from the CSM is transmitted, but any data received on the node is dropped, except for EFM OAMPDUs.
Remote loopbacks should be used with caution; if dynamic signaling and routing protocols are used, all services go down when a remote loopback is initiated. If only static signaling and routing is used, the services stay up. On the 7705 SAR, the Ethernet port can be configured to accept or reject the remote-loopback command.
Customers who subscribe to Epipe service might have customer equipment running 802.3ah at both ends. The 7705 SAR can be configured to tunnel EFM OAMPDUs received from a customer device to the other end through the existing network using MPLS or GRE, or to terminate received OAMPDUs at a network or an access Ethernet port.
Note: This feature applies only to port-based Epipe SAPs because 802.3ah runs at port level, not at VLAN level. |
While tunneling offers the ability to terminate and process the OAM messages at the head-end, termination on the first access port at the cell site can be used to detect immediate failures or can be used to detect port failures in a timelier manner. The user can choose either tunneling or termination, but not both at the same time.
In Figure 6, scenario 1 shows the termination of received EFM OAMPDUs from a customer device on an access port, while scenario 2 shows the same thing except for a network port. Scenario 3 shows tunneling of EFM OAMPDUs through the associated Ethernet PW. To configure termination (scenario 1), use the config>port>ethernet>efm-oam>no shutdown command.
Dying gasp is used to notify the far end that EFM-OAM is disabled or shut down on the local port. The dying gasp flag is set on the OAMPDUs that are sent to the peer. The far end can then take immediate action and inform upper layers that EFM-OAM is down on the port.
When a dying gasp is received from a peer, the node logs the event and generates an SNMP trap to notify the operator.
The following loopbacks are supported on Ethernet ports:
A line loopback loops frames received on the corresponding port back towards the transmit direction. Line loopbacks are supported on ports configured for access or network mode.
Similarly, a line loopback with MAC addressing loops frames received on the corresponding port back towards the transmit direction, and swaps the source and destination MAC addresses before transmission. See MAC Swapping for more information.
An internal loopback loops frames from the local router back to the framer. This is usually referred to as an equipment loopback. The transmit signal is looped back and received by the interface. Internal loopbacks are supported on ports configured in access mode.
If a loopback is enabled on a port, the port mode cannot be changed until the loopback has been disabled.
A port can support only one loopback at a time. If a loopback exists on a port, it must be disabled or the timer must expire before another loopback can be configured on the same port. EFM-OAM cannot be enabled on a port that has an Ethernet loopback enabled on it. Similarly, an Ethernet loopback cannot be enabled on a port that has EFM-OAM enabled on it.
When an internal loopback is enabled on a port, autonegotiation is turned off silently. This is to allow an internal loopback when the operational status of a port is down. Any user modification to autonegotiation on a port configured with an internal Ethernet loopback will not take effect until the loopback is disabled.
The loopback timer can be configured from 30 s to 86400 s. All non-zero timed loopbacks are turned off automatically under the following conditions: an adapter card reset, an activity switch, or timer expiry. Line or internal loopback timers can also be configured as a latched loopback by setting the timer to 0 s, or as a persistent loopback with the persistent keyword. Latched and persistent loopbacks are enabled indefinitely until turned off by the user. Latched loopbacks survive adapter card resets and activity switches, but are lost if there is a system restart. Persistent loopbacks survive adapter card resets and activity switches and can survive a system restart if the admin-save or admin-save-detail command was executed prior to the restart. Latched loopbacks (untimed) and persistent loopbacks can be enabled only on Ethernet access ports.
Persistent loopbacks are the only Ethernet loopbacks saved to the database by the admin-save and admin-save-detail commands.
An Ethernet port loopback may interact with other features. See Interaction of Ethernet Port Loopback with Other Features for more information.
Typically, an Ethernet port loopback only echoes back received frames. That is, the received source and destination MAC addresses are not swapped. However, not all Ethernet equipment supports echo mode, where the original sender of the frame must support receiving its own port MAC address as the destination MAC address.
The MAC swapping feature on the 7705 SAR is an optional feature that will swap the received destination MAC address with the source MAC address when an Ethernet port is in loopback mode. After the swap, the FCS is recalculated to ensure the validity of the Ethernet frame and to ensure that the frame is not dropped by the original sender due to a CRC error.
EFM OAM and line loopback are mutually exclusive. If one of these functions is enabled, it must be disabled before the other can be used.
However, a line loopback precedes the dot1x behavior. That is, if the port is already dot1x-authenticated it will remain so. If it is not, EAP authentication will fail.
Ethernet port-layer line loopback and Ethernet port-layer internal loopback can be enabled on the same port with the down-when-looped feature. EFM OAM cannot be enabled on the same port with the down-when-looped feature. For more information, see Ethernet Port Down-When-Looped.
This section contains information on the following topics:
Connectivity fault management (CFM) loopback support for loopback messages (LBMs) on Ethernet ports allows operators to run standards-based Layer 1 and Layer 2 OAM tests on ports receiving unlabeled packets.
The 7705 SAR supports CFM MEPs associated with different endpoints (that is, spoke SDP Down MEPs, network interface facility MEPs, and SAP Up and SAP Down MEPs). In addition, for traffic received from an uplink (network ingress), the 7705 SAR supports CFM LBM for both labeled and unlabeled packets. CFM loopbacks are applied to the Ethernet port.
Refer to the 7705 SAR OAM and Diagnostics Guide, “Ethernet OAM Capabilities”, for information on CFM MEPs.
Figure 7 shows an application where an operator leases facilities from a transport network provider in order to transport traffic from a cell site to their MTSO. The operator leases a certain amount of bandwidth between the two endpoints (the cell site and the MTSO) from the transport provider, who offers Ethernet Virtual Private Line (EVPL) or Ethernet Private Line (EPL) PTP service. Before the operator offers services on the leased bandwidth, the operator runs OAM tests to verify the SLA. Typically, the transport provider (MEN provider) requires that the OAM tests be run in the direction of (towards) the first Ethernet port that is connected to the transport network. This is done in order to eliminate the potential effect of queuing, delay, and jitter that may be introduced by a spoke SDP or SAP.
Figure 7 shows an Ethernet verifier at the MTSO that is directly connected to the transport network (in front of the 7750 SR). Thus, the Ethernet OAM frames are not label-encapsulated. Given that Ethernet verifiers do not support label operations and the transport provider mandates that OAM tests be run between the two hand-off Ethernet ports, the verifier cannot be relocated behind the 7750 SR node at the MTSO. Therefore, CFM loopback frames received are not MPLS-encapsulated, but are simple Ethernet frames where the type is set to CFM (dot1ag or Y.1731).
The following list contains important facts to consider when working with CFM loopbacks:
Newly provisioned circuits are often put into loopback with a physical loopback cable for testing and to ensure the ports meet the SLA. If loopbacks are not cleared, or physically removed, by the operator when the testing is completed, they can adversely affect the performance of all other SDPs and customer interfaces (SAPs). This is especially problematic for point-to-multipoint services such as VPLS, since Ethernet does not support TTL, which is essential in terminating loops.
The down-when-looped feature is used on the 7705 SAR to detect loops within the network and to ensure continued operation of other ports. When the down-when-looped feature is activated, a keepalive loop PDU is transmitted periodically toward the network. The Ethernet port then listens for returning keepalive loop PDUs. In unicast mode, a loop is detected if any of the received PDUs have an Ethertype value of 9000, which indicates a loopback (Configuration Test Protocol), and the source (SRC) and destination (DST) MAC addresses are identical to the MAC address of the Ethernet port. In broadcast mode, a loop is detected if any of the received PDUs have an Ethertype value of 9000 and the SRC MAC address matches the MAC address of the Ethernet port and the DST MAC address matches the broadcast MAC address. When a loop is detected, the Ethernet port is immediately brought down.
Ethernet port-layer line loopbacks and the down-when-looped feature can be enabled on the same port. The keepalive loop PDU is still transmitted; however, if the port receives its own keepalive loop PDU, the keepalive PDU is extracted and processed to avoid infinite looping.
Ethernet port-layer internal loopbacks and the down-when-looped feature can also be enabled on the same port. When the keepalive PDU is internally looped back, it is extracted and processed as usual. If the SRC MAC address matches the port MAC address, the port is disabled due to detection of a loop. If the SRC MAC address is a broadcast MAC address because the swap-src-dst-mac option in the loopback command is enabled, then there is no change to port status and it remains operationally up.
EFM OAM and down-when-looped cannot be enabled on the same port.
The 2-port 10GigE (Ethernet) Adapter card can be installed in a 7705 SAR-8 Shelf V2 or 7705 SAR-18 chassis and the 2-port 10GigE (Ethernet) module can be installed in a 7705 SAR-M to connect to and from access rings carrying a high concentration of traffic. For the maximum number of cards or modules supported per chassis, see Table 3.
A number of 7705 SAR nodes in a ring typically aggregate traffic from customer sites, map the traffic to a service, and connect to an SR node. The SR node acts as a gateway point out of the ring. A 10GigE ring allows for higher bandwidth services and aggregation on a per-7705 SAR basis. The 2-port 10GigE (Ethernet) Adapter card/module increases the capacity of backhaul networks by providing 10GigE support on the aggregation nodes, thus increasing the port capacity.
In a deployment of a 2-port 10GigE (Ethernet) Adapter card/module, each 7705 SAR node in the ring is connected to the east and west side of the ring over two different 10GigE ports. If 10GigE is the main uplink, the following are required for redundancy:
With two cards per 7705 SAR-8 Shelf V2 or 7705 SAR-18 node, for example, east and west links of the ring can be terminated on two different adapter cards, reducing the impact of potential hardware failure.
The physical ports on the 2-port 10GigE (Ethernet) Adapter card/module boot up in network mode and this network setting cannot be disabled or altered. At boot-up, the MAC address of the virtual port (v-port) is programmed automatically for efficiency and security reasons.
There is native built-in Ethernet bridging among the ring ports and the v-port. Bridging destinations for traffic received from one of the ring ports include the 10GigE ring port and the network interfaces on the v-port. Bridging destinations for traffic received from the v-port include one or both of the 10GigE ring ports.
With bridging, broadcast and multicast frames are forwarded over all ports except the received one. Unknown frames are forwarded to both 10GigE ports if received from the v-port or forwarded to the other 10GigE port only if received from one of the 10GigE ports (the local v-port MAC address is always programmed).
The bridge traffic of the physical 10GigE ports is based on learned and programmed MAC addresses.
This section contains information on the following topics:
Because of the services overhead (that is, pseudowire/VLL, MPLS tunnel, dot1q/qinq and dot1p overhead), it is crucial that configurable variable frame size be supported for end-to-end service delivery.
Observe the following general rules when planning your service and physical Maximum Transmission Unit (MTU) configurations.
For more information, refer to the “MTU Settings” section in the 7705 SAR Services Guide. To configure various MTU points, use the following commands:
Frame size configuration is supported for an Ethernet port configured as an access or a network port.
For an Ethernet adapter card that does not support jumbo frames, all frames received at an ingress network or access port are policed against 1576 bytes (1572 + 4 bytes of FCS), regardless of the port MTU. Any frames longer than 1576 bytes are discarded and the “Too Long Frame” and “Error Stats” counters in the port statistics display are incremented. See Jumbo Frames for more information.
At network egress, Ethernet frames are policed against the configured port MTU. If the frame exceeds the configured port MTU, the “Interface Out Discards” counter in the port statistics is incremented.
When the network group encryption (NGE) feature is used, additional bytes due to NGE packet overhead must be considered. Refer to the “NGE Packet Overhead and MTU Considerations” section in the 7705 SAR Services Guide for more information.
IP fragmentation is used to fragment a packet that is larger than the MTU of the egress interface, so that the packet can be transported over that interface.
For IPv4, the router fragments or discards the IP packets based on whether the DF (Do not fragment) bit is set in the IP header. If the packet that exceeds the MTU cannot be fragmented, the packet is discarded and an ICMP message “Fragmentation Needed and Don’t Fragment was Set” is sent back to the source IP address.
For IPv6, the router cannot fragment the packet so must discard it. An ICMP message “Packet too big” is sent back to the source node.
As a source of self-generated traffic, the 7705 SAR can perform packet fragmentation.
Fragmentation can be enabled for GRE tunnels. Refer to the “GRE Fragmentation” section in the 7705 SAR Services Guide for more information.
Jumbo frames are supported on all Ethernet ports.
The maximum MTU size for a jumbo frame on the 7705 SAR is 9732 bytes. The maximum MTU for a jumbo frame may vary depending on the Ethernet encapsulation type, as shown in Table 10. The calculations of the other MTU values (service MTU, path MTU, and so on) are based on the port MTU. The values in Table 10 are also maximum receive unit (MRU) values. MTU values are user-configured values. MRU values are the maximum MTU value that a user can configure on an adapter card that supports jumbo frames.
Encapsulation | Maximum MTU (bytes) |
Null | 9724 |
Dot1q | 9728 |
QinQ | 9732 |
For an Ethernet adapter card, all frames received at an ingress network or access port are policed against the MRU for the ingress adapter card, regardless of the configured MTU. Any frames larger than the MRU are discarded and the “Too Long Frame” and “Error Stats” counters in the port statistics display are incremented.
At network egress, frames are checked against the configured port MTU. If the frame exceeds the configured port MTU and the DF bit is set, then the “MTU Exceeded” discard counter will be incremented on the ingress IP interface statistics display, or on the MPLS interface statistics display if the packet is an MPLS packet.
For example, on adapter cards that do not support an MTU greater than 2106 bytes, fragmentation is not supported for frames greater than the maximum supported MTU for that card (that is, 2106 bytes). If the maximum supported MTU is exceeded, the following occurs.
Jumbo frames offer better utilization of an Ethernet link because as more payload is packed into an Ethernet frame of constant size, the ratio of overhead to payload is minimized.
From the traffic management perspective, large payloads may cause long delays, so a balance between link utilization and delay must be found. For example, for ATM VLLs, concatenating a large number of ATM cells when the MTU is set to a very high value could generate a 9-kbyte ATM VLL frame. Transmitting a frame that large would take more than 23 ms on a 3-Mb/s policed Ethernet uplink.
The 7705 SAR-8 Shelf V2 and the 7705 SAR-18 do not support ingress fragmentation, and this is true for jumbo frames. Therefore, any jumbo frame packet arriving on one of these routers that gets routed to an adapter card that does not support jumbo frame MTU (for example, a 16-port T1/E1 ASAP Adapter card or a 4-port OC3/STM1 / 1-port OC12/STM4 Adapter card) is discarded if the packet size is greater than the TDM port’s maximum supported MTU. If the maximum supported MTU is exceeded, the following occurs.
For example, if a packet arrives on an 8-port Gigabit Ethernet Adapter card and is to be forwarded to a 16-port T1/E1 ASAP Adapter card with a maximum port MTU of 2090 bytes and a channel group configured for PPP with the port MTU of 1000 bytes, the following may occur.
The 7705 SAR-A, 7705 SAR-Ax, 7705 SAR-H, 7705 SAR-Hc, 7705 SAR-M, 7705 SAR-W, 7705 SAR-Wx, and 7705 SAR-X are able to fragment packets between Ethernet ports (which support jumbo frames) and TDM ports (which do not support jumbo frames). In this case, when a packet arrives from a port that supports jumbo frames and is routed to a port that does not support jumbo frames (that is, a TDM port) the packet will get fragmented to the port MTU of the TDM port.
For example, if a packet arrives on a 7705 SAR-A and is to be forwarded to a TDM port that has a maximum port MTU of 2090 bytes and a channel group configured for PPP with the port MTU of 1000 bytes (PPP port MTU), the following may occur.
Jumbo frames are supported in a multicast configuration as long as all adapter cards in the multicast group support jumbo frames. If an adapter card that does not support jumbo frames is present in the multicast group, the replicated multicast jumbo frame packet will be discarded by the fabric because of an MRU error of the fabric port (Rx).
The multicast group replicates the jumbo frame for all adapter cards, regardless of whether they support jumbo frames, only when forwarding the packet through the fabric. The replicated jumbo frame packet is discarded on adapter cards that do not support jumbo frames.
For the Packet Microwave Adapter card (PMC), ensure that the microwave hardware installed with the card supports the corresponding jumbo frame MTU. If the microwave hardware does not support the jumbo frame MTU, it is recommended that the MTU of the PMC port be set to the maximum frame size that is supported by the microwave hardware.
Table 11 displays the default and maximum port MTU values that are dependent upon the port type, mode, and encapsulation type.
Note: The 7705 SAR now supports a lower IP MTU value of 128 bytes (from the original 512-byte minimum). The IP MTU is derived from the port MTU configuration for network ports. This lower IP MTU is supported only on Ethernet encapsulated ports. Refer to the 7705 SAR Services Guide, “Bandwidth Optimization for Low-speed Links” for information. |
Port Type | Mode | Encap Type | Default (bytes) | Max MTU (bytes) |
10/100 Ethernet 1 | Access/ Network | null | 1514 | 9724 2 |
dot1q | 1518 | 9728 2 | ||
qinq 3 | 1522 (access only) | 9732 (access only) 2 | ||
GigE SFP 1 and 10-GigE SFP+ | Access/ Network | null | 1514 (access) 1572 (network) | 9724 (access and network) |
dot1q | 1518 (access) 1572 (network) | 9728 (access and network) | ||
qinq 3 | 1522 (access only) | 9732 (access only) | ||
Ring port | Network | null | 9728 (fixed) | 9728 (fixed) |
v-port (on Ring adapter card) | Network | null | 1572 | 9724 |
dot1q | 1572 | 9728 | ||
TDM (PW) | Access | cem | 1514 | 1514 |
TDM (ATM PW) | Access | atm | 1524 | 1524 |
TDM (FR PW) | Access | frame-relay | 1514 | 2090 |
TDM (HDLC PW) | Access | hdlc | 1514 | 2090 |
TDM (IW PW) | Access | cisco-hdlc | 1514 | 2090 |
TDM (PPP/MLPPP) | Access | ipcp | 1502 | 2090 |
Network | ppp-auto | 1572 | 2090 | |
Serial V.35 or X.21 4 (FR PW) | Access | frame-relay | 1514 | 2090 |
Serial V.35 or X.21 4 (HDLC PW) | Access | hdlc | 1514 | 2090 |
Serial V.35 or X.21 4 (IW PW) | Access | frame-relay | 1514 | 2090 |
ipcp | 1502 | 2090 | ||
cisco-hdlc | 1514 | 2090 | ||
SONET/SDH | Access | atm | 1524 | 1524 |
SONET/SDH | Network | ppp-auto | 1572 | 2090 |
Notes:
For more information, refer to the “MTU Settings” section in the 7705 SAR Services Guide.
This section contains information on the following topics:
The 7705 SAR supports Link Aggregation Groups (LAGs) based on the IEEE 802.1ax standard (formerly 802.3ad). Link aggregation provides:
In the 7705 SAR implementation, all links must operate at the same speed.
Packet sequencing must be maintained for any given session. The hashing algorithm deployed by Nokia routers is based on the type of traffic transported to ensure that all traffic in a flow remains in sequence while providing effective load sharing across the links in the LAG. See LAG and ECMP Hashing for more information.
LAGs must be statically configured or formed dynamically with Link Aggregation Control Protocol (LACP). See LACP and Active/Standby Operation for information on LACP.
All Ethernet-based supported services can benefit from LAG, including:
LAGs are supported on access, network, and hybrid ports. A LAG can be in active/active mode or in active/standby mode for access, network, or hybrid ports. Active/standby mode is a subset of active/active mode if subgroups are enabled.
LAGs are supported on access ports on the following:
LAGs are supported on network ports on the following:
LAGs are supported on hybrid ports on the following:
On access ports, a LAG supports active/active and active/standby operation. For active/standby operation the links must be in different subgroups. Links can be on the same platform or adapter card/module or distributed over multiple components. Load sharing is supported among the active links in a LAG group.
On network ports, a LAG supports active/active and active/standby operation. For active/standby operation the links must be in different subgroups. Links can be on the same platform or adapter card/module or distributed over multiple components. Load sharing is supported among the active links in a LAG group. Any tunnel type (for example, IP, GRE, or MPLS) transporting any service type, any IP traffic, or any labeled traffic (LER, LSR) can use the LAG load-sharing, active/active, and active/standby functionality.
LAGs are supported on network 1+0 microwave links. Ports that are in a microwave link can be added to the same LAG as ports that are not in a microwave link. Ports belonging to a microwave link must have limited autonegotiation enabled before the link can be added to a LAG.
A LAG that contains ports in a microwave link must have LACP enabled for active/standby operation. Static LAG configuration (without LACP) is not supported for active/standby LAGs with microwave-enabled ports.
On hybrid ports, a LAG supports active/active and active/standby operation. For active/standby operation the links must be in different subgroups. Links can be on the same platform or adapter card/module or distributed over multiple components. Load sharing is supported among the active links in a LAG group.
A LAG group with assigned members can be converted from one mode to another as long as the number of member ports are supported in the new mode and the ports all support the new mode, none of the members belong to a microwave link, and the LAG group is not associated with a network interface or a SAP.
Note: For details on LAG scale per platform or adapter card, contact your Nokia technical support representative. |
A subgroup is a group of links within a LAG. On access, network, or hybrid ports, a LAG can have a maximum of four subgroups and a subgroup can have links up to the maximum number supported on the LAG. The LAG is active/active if there is only one sub-group and is active/standby if there is more than one subgroup.
When configuring a LAG, most port features (port commands) can only be configured on the primary member port. The configuration, or any change to the configuration, is automatically propagated to any remaining ports within the same LAG. Operators cannot modify the configurations on non-primary ports. For more information, see Configuring LAG Parameters.
If the LAG has one member link on a first- or second-generation (Gen-1 or Gen-2) Ethernet adapter card, and the other link on a third-generation (Gen-3) Ethernet adapter card or platform, a mix-and-match scenario exists for traffic management on the LAG SAP. In this case, all QoS parameters for the LAG SAP are configured but only those parameters applicable to the active member link are used. See LAG Support on Mixed-Generation Hardware for more information.
Configuring a multiservice site (MSS) aggregate rate can restrict the use of LAG SAPs. For more information, refer to the “MSS and LAG Interaction on the 7705 SAR-8 Shelf V2 and 7705 SAR-18” section in the 7705 SAR Quality of Service Guide.
On access, network, and hybrid ports, where multiple links in a LAG can be active at the same time, normal operation is that all non-failing links are active and traffic is load-balanced across all the active links. In some cases, however, it is desirable to have only some of the links active and the other links kept in standby mode. The Link Aggregation Control Protocol (LACP) is used to make the selection of the active links in a LAG predictable and compatible with any vendor equipment. The mechanism is based on the IEEE 802.1ax standard so that interoperability is ensured.
Note: LACP cannot be configured for static LAG. For more information on static LAG, see Static LAG (Active/Standby LAG Operation without LACP). |
LACP is disabled by default and therefore must be enabled on the LAG if required. LACP can be used in either active mode or passive mode. The mode must match with connected CE devices for proper operation. For example, if the LAG on the 7705 SAR end is configured to be active, the CE end must be passive.
Figure 9 shows the interconnection between a DSLAM and a LAG aggregation node. In this configuration, LAG is used to protect against hardware failure. If the active link goes down, the link on standby takes over (see Figure 10). The links are distributed across two different adapter cards to eliminate a single point of failure.
LACP handles active/standby operation of LAG subgroups as follows.
Log events and traps are generated at both the LAG and link level to indicate any LACP changes. See the TIMETRA-LAG-MIB for details.
QoS on access port LAGs (access ports and hybrid ports in access mode) is handled differently from QoS on network port LAGs (see QoS for LAG on Network). Based on the configured hashing, traffic on a SAP can be sent over multiple LAG ports or can use a single port of a LAG. There are two user-selectable adaptive QoS modes (distribute and link) that allow the user to determine how the configured QoS rate is distributed to each of the active LAG port SAP queue schedulers, SAP schedulers (H-QoS), and MSS schedulers. These modes are:
Table 12 shows examples of rate and bandwidth distributions based on the adapt-qos mode configuration.
Distribute | Link | |
SAP queue scheduler | Rate distributed = rate / number of active links | 100% rate configured on each LAG SAP queue |
SAP scheduler (H-QoS) | Rate distributed = rate / number of active links | 100% rate configured on each SAP scheduler |
SAP egress MSS scheduler | Rate distributed = rate / number of active links | 100% rate configured on each port’s MSS scheduler |
SAP ingress MSS scheduler | Rate distributed per active LAG MDA = rate × (number of active links on MDA / total number of active links) | 100% rate configured on each active LAG MDA MSS scheduler |
The following restrictions apply to ingress MSS LAG adaptive QoS (distribute mode).
The following restrictions apply to egress MSS LAG.
The following limitations apply to adaptive QoS (distribute mode).
The following examples can be used as guidelines for configuring adapt-qos distribute.
SLA distribution for SAP queue-level PIR/CIR configuration
SLA distribution for ingress/egress (H-QoS)
SLA distribution for Ingress MSS
QoS on network port LAGs is handled differently from QoS on access port LAGs. The adapt-qos command is not supported on network port LAGs. However, QoS behavior on network port LAGs is similar to QoS on access port LAGs configured for adapt-qos link mode.For network queue and per-VLAN shapers, the full QoS rates are configured on each of the active LAG links. For example, if a per-VLAN shaper agg-rate-limit aggregate rate (PIR) and CIR are configured on an active/active LAG interface to be 200 Mb/s and 100 Mb/s respectively, and there are two active LAG ports, the per-VLAN shaper on each LAG port will be configured to an aggregate rate of 200 Mb/s and a CIR of 100 Mb/s.
In order to prevent traffic congestion and ease the effects of possible bursts, a fabric shaper is implemented on each adapter card. Traffic being switched to a LAG SAP on an access interface goes through fabric shapers that are either in aggregate mode or destination mode. When in destination mode, the multipoint shaper is used to set the rate on all adapter cards. For more information on the modes used in fabric shaping, refer to the 7705 SAR Quality of Service Guide, “Configurable Ingress Shaping to Fabric (Access and Network)”.
Note: Even though the multipoint shaper is used to set the fabric shaping rate for traffic switched to a LAG SAP, it is the per-destination unicast counters that are incremented to show the fabric statistics rather than the multipoint counter. Only the fabric statistics of the active port of the LAG are incremented, not the standby port. |
Hold-down timers control how quickly a LAG responds to operational port state changes. The following timers are supported:
Multi-chassis LAG (MC-LAG) is a redundancy feature on the 7705 SAR, useful for nodes that are taken out of service for maintenance, upgrades, or relocation. MC-LAG also provides redundancy for incidents of peer nodal failure. Refer to the “Multi-Chassis LAG Redundancy” section in the 7705 SAR Basic System Configuration Guide.
Some Layer 2-capable network equipment devices support LAG protected links in an active/standby mode but without LACP. This is commonly referred to as static LAG. In order to interwork with these products, the 7705 SAR supports configuring LAG without LACP.
LACP provides a standard means of communicating health and status information between LAG peers. If LACP is not used, the peers must be initially configured in a way that ensures that the ports on each end are connected and communicating. Otherwise, LAG will not be active. Which LAG peer is made active is a local decision. If the port priority settings are the same for all ports, it is possible that the two ends will select ports on different physical links and LAG will not be active. Decide the primary link by setting the port priority for the LAG on each peer to ensure that the active ports on each end coincide with the same physical link.
The key parameters for configuring static LAG are selection-criteria (set to best-port) and standby-signaling (set to power-off). The selection criteria is used to determine which selection algorithm decides the primary port (the active port in a no-fault condition). It is always the subgroup with the best-port (the highest-priority port - lowest configured value) that is chosen as the active subgroup. The selection criteria must be set to best-port before standby signaling can be placed in power-off mode. Once the selection criteria is set to best-port, setting the standby-signaling parameter to power-off causes the transmitters on the standby ports to be powered down.
After a switchover caused by a failure on the active link, the transmitters on the standby link are powered on. The switch time for static LAG is typically longer than it is with LACP, due to the time it takes for the transmitters to come up and transmission to be established. When the fault is restored, static LAG causes a revertive switch to take place. The revertive switch is of shorter duration than the initial switchover since the system is able to prepare the other side for the switch and initiate the switchover once it is ready.
Note: Since the transmitters on the standby link are off, it is not possible for the LAG to respond to a physical disconnect (fault) on the standby link. This means that it is possible to have a failure on the active link result in a switch to a failed standby link. |
This section contains information on the following topics:
The 6-port Ethernet 10Gbps Adapter card and the 7705 SAR-X are third-generation (Gen-3) hardware components. All other Ethernet cards are second-generation (Gen-2) adapter cards, except the 8-port Ethernet Adapter card, which is a first-generation (Gen-1) adapter card. See Table 2 for a list of first-, second-, and third-generation Ethernet adapter cards, ports, and platforms.
The 7705 SAR supports mix-and-match traffic management (TM) across LAG members, where one member is a port on a Gen-3 adapter card or platform and the other member is a port on either a Gen-2 or Gen-1 adapter card or platform. Mix-and-match LAG does not apply to the 7705 SAR-X because it has only Gen-3 Ethernet ports.
For mix-and-match LAG TM scenarios, the 7705 SAR supports a generic QoS configuration, where the operator can configure all the settings available on each generation adapter card, but it is the card responsible for transporting traffic that determines which settings are applicable. That is, only the settings that apply to the active member port are used. The only exception is if there is a Gen-1 adapter card in the mix. In this case scheduling-mode cannot be changed to 16-priority scheduling. Only 4-priority scheduling is applicable.
For example, configuring scheduling-mode applies to Gen-2 adapter card SAPs but does not apply to the Gen-3 adapter card SAPs because Gen-3 cards support only one scheduling mode (4-priority), which is its implicit (default) scheduler mode and is not configurable. In another example, although per-SAP (second-tier) shaper rates can be configured for Gen-2 and Gen-3 cards, they will not be applied to Gen-1 cards.
Since it cannot be known whether SAP traffic rides over a Gen-2 or a Gen-3 adapter card and whether both adapter cards support H-QoS (tier 2, per-SAP shapers), the operator can choose to configure per-SAP aggregate CIR and PIR shaper rates. When the active link is on a Gen-2- or Gen-3-based port, per-SAP aggregate CIR and PIR rates are both used to enforce shaper rates, except when the active link is on a Gen-3-based port and traffic is in the network egress direction. In this case, only the PIR portion of the per-SAP aggregate rate is used to enforce shaper rates.
In the following descriptions of LAG configuration, scheduler-mode, agg-rate, and cir-rate refer to SAP configuration, as shown below for an Epipe SAP. Similar commands exist for SAPs in other services as well as for egress traffic.
Note:
|
For information on traffic management for Gen-3 adapter cards and platforms, refer to the “QoS for Gen-3 Adapter Cards and Platforms” section in the 7705 SAR Quality of Service Guide.
For mix-and-match LAG configurations, the following behaviors apply.
In addition, the following items describe mix-and-match LAG configuration behavior (that is, how the LAG SAP settings are applied or ignored depending on the active member port).
Lastly, for LAG on access ports, the primary port configuration settings are applied to both the primary and secondary LAG ports. Therefore, in order to support unshaped SAPs when the primary port is a Gen-3-based port and the secondary port is a Gen-2-based port, configuring the unshaped-sap-cir on the Gen-3-based port is allowed, even though it does not apply to the Gen-3-based port. This is because unshaped-sap-cir is needed by the secondary Gen-2-based port when it becomes the active port. The full command is config>port>ethernet>access>egress> unshaped-sap-cir cir-rate.
The 7705 SAR allows all configurations on Gen-1, Gen-2, and Gen-3 ports, even if some or all of the configuration is not applicable to all the ports. The software uses only the settings that are applicable to the particular port and ignores those that are not applicable. Any change to the primary LAG member configuration propagates to all non-primary ports.
Table 13 lists the port commands that can be affected by LAG configuration, indicates the command’s applicability to Gen-1, Gen-2, and Gen-3 ports, and describes the LAG behavior for mixed LAG configuration.
Note: For LAG on network ports, the egress-rate, unshaped-if-cir, and network-queue policy can only be configured on the primary LAG port and this configuration is propagated to the other LAG members. |
CLI Command | Gen-1 Port | Gen-2 Port | Gen-2 Port on Module 1 | Gen-3 Port | Configuration Behavior |
unshaped-if-cir | Supported 2 | Supported 2 | Supported 2 | Supported 3 | Allowed on Gen-1, Gen-2, and Gen-3 hardware, but not on Fast Ethernet ports. All port members of the same LAG must have the same value. |
unshaped-sap-cir | N/A | Supported | Supported | N/A | Allowed on Gen-2 and Gen-3 hardware, but not on Gen-1 hardware. This means LAGs with Gen-1 members and Gen-2 or Gen-3 members do not allow the unshaped-sap-cir command to be configured to a non-zero value on Gen-2 or Gen-3 ports. LAGs with Gen-2 and Gen-3 members are allowed if all member ports have the same unshaped-sap-cir value. Change the value only on the primary member. The value is propagated to all other members. |
shaper-policy | N/A | Supported | Supported | Supported | Allowed on Gen-2 and Gen-3 hardware, but not on Gen-1 hardware. The same restrictions described above for the unshaped-sap-cir command for LAG members apply. |
cbs | Supported | Supported | Supported | Supported | Allowed on all hardware generations. All LAG members must have the same value. Change the value only on the primary member. The value is propagated to all other members. |
src-pause | Enable or disable | Enable or disable | Disable | Enable or disable | Allowed to change enable/disable on Gen-1, Gen-2, and Gen-3 hardware, except for a Gen-3 port on a 6-port SAR-M Ethernet Module, where only the no src-pause command is supported and cannot be changed. All LAG members must have same value. Change the value only on the primary member. The value is propagated to all other members. |
include-fcs | N/A | Enable or disable | Always enabled | Enable or disable | Allowed on Gen-2 and Gen-3 hardware, but not on Gen-1 hardware. The same restrictions described above for the unshaped-sap-cir command for LAG members apply. |
scheduler-mode (for port) | Profile or 4-priority | 16-priority | 16-priority | 4-priority | Allowed to configure per-port independently, whether the port is a standalone or an active/standby member. There is no propagation among ports within the same LAG. |
Notes:
As indicated in Table 13, each generation of adapter card uses its own configured scheduler mode, or uses the only command option available for Gen-2 and Gen-3 adapter cards, whereas Gen-1 adapter cards use their own adapter card configuration. For example, on a LAG where:
The 7705 SAR supports the application of BFD to monitor individual LAG link members in order to speed up the detection of link failures. When BFD is associated with an Ethernet LAG, BFD sessions are set up over each link member. These asynchronous independent sessions are referred to as micro-BFD sessions. When micro-BFD is configured, a link is not operational in the associated LAG until the associated micro-BFD session is fully established. The link member is taken out of the operational state in the LAG if the micro-BFD session fails.
Although ETH-EFM can be used on individual LAG links, EFM timers are limited to 100 ms. With micro-BFD, 10-ms timers are supported, which allows for much faster detection times. The micro-BFD sessions use the well-known destination UDP port 6784 over LAG links. The source MAC address is the local system MAC address for the LAG interface. The micro-BFD packets use the well-known destination MAC address 01:00:5e:90:00:01.
Table 14 shows the rules to configure the micro-BFD IP addresses. Table 15 shows the services supported with micro-BFD.
LAG and Associated Interface | Local IP Address | Remote IP Address |
Null encap LAG and interface | BFD IP must match the interface IP | Same subset as interface IP |
Dot1q LAG and zero VLAN interface | BFD IP must match the interface IP | Same subset as interface IP |
Dot1q LAG and non-zero VLAN interface or no interface | Any IP | Any IP |
Note:
|
LAG and Associated Interface | Network Interface | IES | VPRN | Epipe | Ipipe | VPLS |
Null encap LAG interface | ✓ | ✓ | ✓ | |||
Dot1q LAG and zero VLAN interface | ✓ | ✓ | ✓ | |||
Dot1q LAG and non-zero VLAN interface or no interface | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
This section provides micro-BFD configuration examples for null and dot1q encapsulation interface types.
Table 16 shows an example of configuring micro-BFD for network LAG using null encapsulation.
Local LAG Node Configuration | Remote LAG Node Configuration |
*A:7705:Dut-A# configure lag 10 *A:7705:Dut-A>config>lag# info ----------------------------------- description "NETWORK LAG - NULL ENCAP" port 1/2/1 port 1/3/1 lacp active administrative-key 32769 bfd family ipv4 local-ip-address 110.110.110.1 remote-ip-address 110.110.110.2 no shutdown exit exit no shutdown *A:7705:Dut-A# configure router interface "int-lag-10" *A:7705:Dut-A>config>router>if# info� ----------------------------------- address 110.110.110.1/24 port lag-10 no shutdown | *A:7705:Dut-A# /configure lag 10 *A:7705:Dut-A>config>lag# info ----------------------------------- description "NETWORK LAG - NULL ENCAP" port 1/4/1 port 1/6/1 lacp active administrative-key 32769 bfd family ipv4 local-ip-address 110.110.110.2 remote-ip-address 110.110.110.1 no shutdown exit exit no shutdown *A:7705:Dut-A# configure router interface "int-lag-10" *A:7705:Dut-A>config>router>if# info ----------------------------------- address 110.110.110.2/24 port lag-10 no shutdown |
Note:
|
Table 17 shows an example of configuring micro-BFD for network LAG using dot1q encapsulation with no interface.
Local LAG Node Configuration | Remote LAG Node Configuration |
*A:7705:Dut-A# configure lag 12 *A:7705:Dut-A>config>lag# info ----------------------------------- description "NETWORK LAG - DOT1Q ENCAP" encap-type dot1q port 1/2/2 port 1/3/2 bfd family ipv4 local-ip-address 120.120.120.11 remote-ip-address 120.120.120.12 no shutdown exit exit no shutdown | *A:7705:Dut-A# /configure lag 12 *A:7705:Dut-A>config>lag# info ----------------------------------- description "NETWORK LAG - DOT1Q ENCAP" encap-type dot1q port 1/4/2 port 1/6/2 bfd family ipv4 local-ip-address 120.120.120.12 remote-ip-address 120.120.120.11 no shutdown exit exit no shutdown |
Note:
|
Table 18 shows an example of configuring micro-BFD for network LAG using dot1q encapsulation with multiple non-zero VLAN interfaces.
Local LAG Node Configuration | Remote LAG Node Configuration |
*A:7705:Dut-A# configure lag 12 *A:7705:Dut-A>config>lag# info ----------------------------------- description "NETWORK LAG - DOT1Q ENCAP" encap-type dot1q port 1/2/2 port 1/3/2 bfd family ipv4 local-ip-address 120.120.120.11 remote-ip-address 120.120.120.12 no shutdown exitexitno shutdown | *A:7705:Dut-A# /configure lag 12 *A:7705:Dut-A>config>lag# info ----------------------------------- description "NETWORK LAG - DOT1Q ENCAP" encap-type dot1q port 1/4/2port 1/6/2bfd family ipv4 local-ip-address 120.120.120.12 remote-ip-address 120.120.120.11 no shutdown exitexitno shutdown |
*A:7705:Dut-A # configure router *A:7705:Dut-A>config>router# info ----------------------------------- echo "IP Configuration" #---------------------------------- interface "int-lag-12” address 1.2.3.4/24 port lag-12:999 no shutdown exit interface "int-lag-12-1" address 2.3.4.1/24 port lag-12:998 no shutdown exit interface "int-lag-12-2" address 3.4.1.1/24 port lag-12:997 no shutdown exit | *A:7705:Dut-A # configure router *A:7705:Dut-A>config>router# info ----------------------------------- echo "IP Configuration" #---------------------------------- interface "int-lag-12” address 1.2.3.4/24 port lag-12:999 no shutdown exit interface "int-lag-12-1" address 2.3.4.1/24 port lag-12:998 no shutdown exit interface "int-lag-12-2" address 3.4.1.1/24 port lag-12:997 no shutdown exit |
Note:
|
Table 19 shows an example of configuring micro-BFD for network LAG using dot1q encapsulation with a zero VLAN interface.
Local LAG Node Configuration | Remote LAG Node Configuration |
*A:7705:Dut-A# configure lag 12 *A:7705:Dut-A>config>lag# info ----------------------------------- description "NETWORK LAG - DOT1Q ENCAP" encap-type dot1q port 1/2/2 port 1/3/2 bfd family ipv4 local-ip-address 120.120.120.11 remote-ip-address 120.120.120.12 no shutdown exit exit no shutdown
*A:7705:Dut-A /configure router *A:7705:Dut-A>config>router# info ----------------------------------- #---------------------------------- echo "IP Configuration" #---------------------------------- interface "int-lag-12" address 120.120.120.11/24 port lag-12:0 no shutdown exit | *A:7705:Dut-A# configure lag 12 *A:7705:Dut-A>config>lag# info ----------------------------------- description "NETWORK LAG - DOT1Q ENCAP" encap-type dot1q port 1/4/2 port 1/6/2 bfd family ipv4 local-ip-address 120.120.120.12 remote-ip-address 120.120.120.11 no shutdown exit exit no shutdown
*A:7705:Dut-A /configure router *A:7705:Dut-A>config>router# info ----------------------------------- #---------------------------------- echo "IP Configuration" #---------------------------------- interface "int-lag-12" address 120.120.120.12/24 port lag-12:0 no shutdown exit |
Note:
|
If it is necessary to increase the available bandwidth for a logical link that exceeds the physical bandwidth or to add redundancy for a physical link, typically one of two methods is applied: LAG or ECMP. A system can also deploy both at the same time using ECMP of two or more LAGs and/or single links.
The 7705 SAR supports per-flow and per-service hashing, as described in the following sections:
Note: For general information on LAG, see LAG. For general information on ECMP, refer to the 7705 SAR Router Configuration Guide, “Static Routes, Dynamic Routes, and ECMP”. |
The 7705 SAR supports per-flow hashing for LAG and ECMP. Per-flow hashing uses information in a packet as an input to the hash function, ensuring that any given traffic flow maps to the same egress LAG port or ECMP path.
Depending on the type of traffic that needs to be distributed in an ECMP or LAG path, different variables are used as the input to the hashing algorithm that determines the selection of the next hop (ECMP) or port (LAG). The hashing result can be changed using the options described in Per-Service Hashing, LSR Hashing, Layer 4 Load Balancing, TEID Hashing for GTP-encapsulated Traffic, and Entropy Labels.
Table 20 summarizes the possible inputs to the hashing algorithm for ECMP and LAG.
Fragmented packets cannot use Layer 4 UDP/TCP ports or tunnel endpoint IDs (TEIDs). The datapath looks at IP source address and destination address only, even if configured to use Layer 4 UDP/TCP ports or TEID.
In Table 20, the hashing inputs in the Service ID column and the inputs in the other columns are mutually exclusive. Where checkmarks appear on both the per-service and per-flow sides of the table, refer to the table note in the Service ID column to determine when per-service hashing is used.
Traffic Type | Per- Service | Per-Flow | ||||||||
Service ID | System IPv4 Address 1 | Ingress Port 2 | Source and Destination | TEID 4 | Internal Multicast Group ID 5 | MPLS Label Stack | Entropy Label | |||
MAC Address | IP Address | UDP/TCP Port 3 | ||||||||
ECMP | ||||||||||
IPv4 routed | ✓ 6 | ✓ | ✓ | ✓ | ✓ | ✓ | ||||
IPv6 routed | ✓ 6 | ✓ | ✓ | ✓ | ✓ | ✓ | ||||
MPLS LSR | ✓ | ✓ | ✓ | ✓ | ✓ 9 | ✓ 9 | ||||
MPLS MVPN (LSR, eLER) | ||||||||||
VPLS | ✓ | |||||||||
Epipe | ✓ | |||||||||
Apipe, Cpipe, Fpipe, Ipipe, Hpipe | ✓ | |||||||||
LAG | ||||||||||
IPv4 routed | ✓ | ✓ | ✓ | ✓ | ✓ | |||||
IPv6 routed | ✓ | ✓ | ✓ | ✓ | ✓ | |||||
MPLS LSR | ✓ | ✓ | ✓ | ✓ | ✓ 9 | ✓ 9 | ||||
MPLS MVPN (LSR, eLER) | ✓ | ✓ | ✓ | ✓ | ✓ | |||||
VPLS | ✓ 10 | ✓ | ✓ | ✓ | ✓ | ✓ | ||||
Epipe | ✓ 10 | ✓ | ✓ | ✓ | ✓ | |||||
Apipe, Cpipe, Fpipe, Ipipe, Hpipe | ✓ |
Notes:
The 7705 SAR supports load balancing based on service ID, as shown in Table 20, The 7705 SAR uses the service ID as the input to the hash function. Per-service and per-flow hashing are mutually exclusive features.
For IPv4 and IPv6 routed traffic under ECMP operation, the service ID is used as the hashing input for Layer 3 traffic going to a Layer 3 spoke SDP interface. Otherwise, per-flow load balancing is used.
For Epipe and VPLS services under LAG operation, the per-service-hashing command and the l4-load-balancing and teid-load-balancing commands are mutually exclusive. Load balancing via per-service hashing is configured under the config>service> epipe>load-balancing and config>service>vpls> load-balancing contexts.
Note:
|
LSR hashing operates on the label stack and can also include hashing on the IP header if the packet is an IPv4 packet. The label-IP hashing algorithm can also include the Layer 4 header and the TEID field. The default hash is on the label stack only. IPv4 is the only IP hashing supported on a 7705 SAR LSR.
When a 7705 SAR is acting as an LSR, it considers a packet to be IP if the first nibble following the bottom of the label stack is 4 (IPv4). This allows the user to include an IP header in the hashing routine at an LSR in order to spray labeled IP packets over multiple equal-cost paths in ECMP in an LDP LSP and/or over multiple links of a LAG group in all types of LSPs.
Other LSR hashing options include label stack profile options on the significance of the bottom-of-stack label (VC label), the inclusion or exclusion of the ingress port, and the inclusion or exclusion of the system IP address.
Note: The global IF index is no longer a hash input for LSR ECMP load balancing. It has been replaced with the use-ingress-port configurable option in the lsr-load-balancing command. As well, the default treatment of the MPLS label stack has changed to focus on the bottom-of-stack label (VC label). In previous releases, all labels had equal influence. |
LSR load balancing is configured using the config>system>lsr-load-balancing or config>router>if>load-balancing>lsr-load-balancing command. Configuration at the router interface level overrides the system-level configuration for the specified interface.
If an ELI is found in the label stack, the entropy label is used as the hash result. Hashing continues based on the configuration of label-only (lbl-only), label-IP (lbl-ip), or label-IP with Layer 4 header and TEID (lbl-ip-l4-teid) options.
ECMP operation consists of an initial hash based on the system IP address, then on the global port number if the use-ingress-port option is enabled.
Each label in the stack is then hashed separately with the result of the previous hash, up to a maximum of 16 labels. The net result is used to select which LDP FEC next hop to send the packet to using a threshold hashing operation of the net result with the number of next hops. Threshold hashing is described in RFC 2992, Analysis of an Equal-Cost Multi-Path Algorithm.
If an ELI is found in the label stack, the entropy label replaces the MPLS label stack hashing result and hashing continues.
If the selected LDP FEC or LSP has its NHLFE programmed with a LAG interface, a second round of hashing is needed, using the net result of the first round of hashing as the hashing input.
In the first round of hashing for LSR label IP hashing, the algorithm parses down the label stack as described in LSR Label-only Hashing.
When the algorithm reaches the bottom of the stack, it checks the next nibble. If the nibble value is 4, the packet is assumed to be an IPv4 packet and the result of the label hash is fed into another hash along with the source and destination address fields in the IP packet header. If the nibble value is not 4, the algorithm will just use the label stack hash already calculated for the ECMP path selection.
The second round of hashing for LAG reuses the net result of the first round of hashing.
If the lbl-ip-l4-teid option is configured, the Layer 4 source and destination UDP or TCP port fields and the TEID field in the GTP header are included in the label-IP hashing calculation. See Layer 4 Load Balancing and TEID Hashing for GTP-encapsulated Traffic for more information.
The lsr-load-balancing command includes a bottom-of-stack option that determines the significance of the bottom-of-stack label (VC label) based on which label stack profile option is specified. The profiles are:
The use-ingress-port option, when enabled, specifies that the ingress port will be used by the hashing algorithm at the LSR. This option should be enabled for ingress LAG ports because packets with the same label stack can arrive on all ports of a LAG interface. In this case, using the ingress port in the hashing algorithm will result in better egress load balancing, especially for pseudowires.
The option should be disabled for LDP ECMP so that the ingress port is not used by the hashing algorithm. For ingress LDP ECMP, if the ingress port is used by the hashing algorithm, the hash distribution could be biased, especially for pseudowires.
The IP Layer 4 load-balancing option includes the TCP/UDP source and destination port numbers in addition to the source and destination IP addresses in per-flow hashing of IP packets. By including the Layer 4 information, a source address/destination address default hash flow can be subdivided into multiple finer-granularity flows if the ports used between a source address and destination address vary.
Layer 4 load balancing is configured at the system level using the config>system>l4-load-balancing command. It can also be configured at the router interface level or the service interface level (IES and VPRN). Configuration at the router interface or service interface level overrides the system-level configuration for the specified interface or service.
For LSR LDP ECMP, Layer 4 load balancing is configured using the lbl-ip-l4-teid option in the lsr-load-balancing command at the system level or router interface level. Configuration at the router interface level overrides the system-level configuration for the specified interface.
Layer 4 load balancing can also be configured at the service level for Epipe and VPLS services. Layer 4 load balancing at the service level is not impacted by Layer 4 load balancing at the system, router interface, or service interface levels.
GTP is the GPRS (general packet radio service) tunneling protocol. The tunnel endpoint identifier (TEID) is a field in the GTP header. TEID hashing can be enabled on Layer 3 interfaces. The hash algorithm identifies the GTP-U protocol by checking the UDP destination port (2152) of an IP packet to be hashed. If the value of the port matches, the packet is assumed to be GTP-U. For GTPv1 packets, the TEID value from the expected header location is then included in the hash. For GTPv2 packets, the TEID flag value in the expected header is additionally checked to verify whether the TEID is present. If the TEID is present, it is included in the hash algorithm inputs.
TEID load balancing is configured at the router interface level using the config> router>if>teid-load-balancing command. It can also be configured at the IES or VPRN service interface level.
For LSR LDP ECMP, TEID load balancing is configured using the lbl-ip-l4-teid option in the lsr-load-balancing command at the system level or router interface level. Configuration at the router interface level overrides the system-level configuration for the specified interface.
TEID load balancing can also be configured at the service level for Epipe and VPLS services. TEID load balancing at the service level is not impacted by TEID load balancing at the router interface or service interface levels.
The 7705 SAR supports MPLS entropy labels on RSVP-TE and SR-TE LSPs, as per RFC 6790. The entropy label provides greater granularity for load balancing on an LSR where load balancing is typically based on the MPLS label stack.
If an ELI is found in the label stack, the entropy label is used as the hash result and hashing continues based on the configuration of label-only (lbl-only) or label-IP (lbl-ip) options. For information on the behavior of LSR hashing when entropy label is enabled, see LSR Hashing.
To support entropy labels on RSVP-TE and SR-TE LSPs:
At the eLER, use the config>router>rsvp>entropy-label-capability command to enable entropy label capability on RSVP-TE LSPs.
At the iLER, use the entropy-label command to enable the insertion of the entropy label into the label stack. The command is found under the following services and protocols:
For details on entropy labels, refer to the “MPLS Entropy Labels” section in the 7705 SAR MPLS Guide.
SPI load balancing provides a mechanism to improve the hashing performance of IPSec encrypted traffic. IPSec-tunneled traffic transported over a LAG typically relies on IP header hashing only. For example, in LTE deployments, TEID hashing cannot be performed because of encryption, and the system performs IP-only tunnel-level hashing. Because each SPI in the IPSec header identifies a unique SA, and therefore a unique flow, these flows can be hashed individually without impacting packet ordering. In this way,
The 7705 SAR allows enabling SPI hashing per Layer 3 interface (this is the incoming interface for hash on system egress) or per Layer 2 VPLS service. When SPI hashing is enabled, an SPI value from the ESP/AH header is used in addition to any other IP hash input based on the per-flow hash configuration: source/destination IPv4/IPv6 addresses and Layer 4 source/destination ports in case NAT traversal is required and Layer 4 load balancing is enabled. If the ESP/AH header is not present in a packet received on a given interface, the SPI will not be part of the hash inputs and the packet is hashed as per other hashing configurations. SPI hashing is not used for fragmented traffic in order to ensure that first and subsequent fragments use the same hash inputs.
SPI hashing is supported for IPv4 and IPv6 tunnel unicast traffic.
This section contains information on the following topics:
The 7705 SAR supports SONET/SDH ports on the following adapter cards:
SONET/SDH ports can be clear channel (non-channelized) and channelized. The 4-port OC3/STM1 Clear Channel Adapter card supports only clear channel ports. The 2-port OC3/STM1 Channelized Adapter card supports channelized ports. The 4-port OC3/STM1 / 1-port OC12/STM4 Adapter card is a mixed-use adapter card that supports clear channel and channelized ports. The mda-mode command is used to configure the 4-port OC3/STM1 / 1-port OC12/STM4 Adapter card for 4-port or 1-port mode. See Configuring Cards for details.
Clear channel ports use the whole port—other than overhead bytes—as a single stream of bits. Channelized ports use various channel hierarchies to split the larger bandwidth into smaller channels, such as DS1, E1, DS3, or E3. Figure 11 and Figure 12 show the standards-based channel mapping for SONET and SDH, respectively. Channelized ports on the 2-port OC3/STM1 Channelized Adapter card and the 4-port OC3/STM1 / 1-port OC12/STM4 Adapter card support a subset of the standards-based mapping options, as shown in Table 21.
For SONET, the basic frame format unit is STS-1 (51.84 Mb/s), which is carried in the optical carrier level 1 (OC-1) signal, and three STS-1 frames can be carried in an STS-3 frame at the OC-3 level. For SDH, the basic frame format unit is STM-1 (155.52 Mb/s), which is carried in an OC-3 signal. SDH STM-1 using OC-3 and SONET STS-3 are functionally equivalent.
Figure 11 shows the SONET hierarchy at STS-12 (OC-12).
A SONET multiplexing structure allows several combinations of signal transportation. For example, at the STS-3 (OC-3) level:
Figure 12 shows the SDH hierarchy at STM-4 (OC-12).
An SDH multiplexing structure allows several combinations of signal transportation. For example, at the STM-1 (OC-3) level:
For example, the hierarchical possibilities for a single AU-4 are:
The 7705 SAR supports a subset of the standards-based channel mapping options. Table 21 shows path support on the 7705 SAR.
Note: When configuring a port for SDH framing, the 7705 SAR CLI uses SONET STS-n frame conventions. That is, SONET command syntax and nomenclature is used to configure both a SONET port and an SDH port. |
The 7705 SAR CLI always uses the SONET VT frame convention. For example, the same SONET CLI syntax and nomenclature would be used to configure both a VT1.5 and a VC11. The framing {sonet | sdh} command determines whether VTs or VCs are being configured. Use the show>port-tree port-id command to display the SONET/SDH path containers.
Path Type | Port Framing | Path Configuration | 2-port OC3/STM1 Channelized Adapter Card | 4-port OC3/STM1 / 1-port OC12/STM4 Adapter Card | |
4-port Mode | 1-port Mode | ||||
OC3 clear channel | SDH | STM1>AUG1>VC4 | Yes | ||
OC3 clear channel | SONET | OC3>STS3>STS3c SPE | Yes | ||
E1 | SDH | STM1>AUG1>VC4>TUG3>TUG2>VC12 | Yes | Yes | |
E1 | SDH | STM1>AUG1>VC3>TUG2>VC12 | Yes | Yes | |
E1 | SDH | STM1>AUG1>VC4>TUG3>VC3>DS3 | Yes |
| |
E1 | SDH | STM1>AUG1>VC3>DS3 | Yes |
| |
E1 | SONET | OC3>STS1 SPE>DS3 | Yes | ||
DS1 | SDH | STM1>AUG1>VC4>TUG3>TUG2>TU11>VC11 | Yes | Yes | |
DS1 | SDH | STM1>AUG1>VC3>TUG2>VC11 | Yes | Yes | |
DS1 | SDH | STM1>AUG1>VC4>TUG3>VC3>DS3 | Yes |
| |
DS1 | SDH | STM1>AUG1>VC3>DS3 | Yes |
| |
DS1 | SONET | OC3>STS1 SPE>VT GROUP>VT1.5 SPE | Yes | Yes | |
DS1 | SONET | OC3>STS1 SPE>DS3 | Yes | ||
OC12 clear channel | SDH | STM4>AUG4>VC4-C4 | Yes | ||
OC12 clear channel | SONET | OC12>STS12>STS12c SPE | Yes | ||
E1 using STS-3 | SDH | STM4>AUG4>AUG1>VC4>TUG3>TUG2>VC12 | Yes | ||
E1 using STS-1 | SDH | STM4>AUG4>AUG1>VC3>TUG2>VC12 | Yes | ||
DS1 using STS-3 | SDH | STM4>AUG4>AUG1>VC4>TUG3>TUG2>TU11>VC11 | Yes | ||
DS1 using STS-1 | SDH | STM4>AUG4>AUG1>VC3>TUG2>VC11 | Yes | ||
DS1 using STS-1 | SONET | OC12>STS12>STS1 SPE >VT GROUP >VT1.5 SPE | Yes |
When configuring a SONET/SDH port, users configure both SONET/SDH and TDM aspects of a channel. The CLI uses the sonet-sdh-index variable to identify a channel in order to match SONET/SDH parameters with TDM parameters for the channel.
A channelized port ID has one of the syntaxes shown in Table 22, as applicable to channelization and mapping options. In Table 22, the syntax contains port and path components, where the port is slot/mda/port and the path is the sonet-sdh-index. The sonet-sdh-index has one or more indexes (indicated by braces separated by a dot) and can have a high-level path label (indicated by bold text).
For example, in the highlighted row, port.sts1-{1 to 3} represents a SONET/SDH port divided into STS-1 (or STM-0) payloads identified as sts1-1, sts1-2, and sts1-3.
Port ID for Physical Port Speed | |||
Channel Speed | OC12/STM4 | OC3/STM1 | DS3/E3 |
SONET/SDH | |||
STS12/STM4 | port.sts12 | N/A | N/A |
STS3/STM1 | port.sts3-{1 to 4} | port.sts3 | N/A |
STS1/STM0 | port.sts1-{1 to 4}.{1 to 3} | port.sts1-{1 to 3} | N/A |
TUG3 | port.tug3-{1 to 4}.{1 to 3} | port.tug3-{1 to 3} | N/A |
TU3 | N/A | port.tu3-{1 to 3} | N/A |
VT1.5/VC1.1 1 | port.vt15-{1 to 4}.{1 to 3}.{1 to 4}.{1 to 7} | port.vt15-{1 to 3}.{1 to 4}.{1 to 7} | N/A |
VT2/VC12 1 | port.vt2-{1 to 4}.{1 to 3}.{1 to 3}.{1 to 7} | port.vt2-{1 to 3}.{1 to 3}.{1 to 7} | N/A |
TDM | |||
DS3/E3 | N/A | port.{1 to 3} | port |
DS1 in DS3 | N/A | port.{1 to 3}.{1 to 28} | port.{1 to 28} |
DS1 in VT2 | port.{1 to 4}.{1 to 3}.{1 to 3}.{1 to 7} | port.{1 to 3}.{1 to 3}.{1 to 7} | N/A |
DS1 in VT1.5 | port.{1 to 4}.{1 to 3}.{1 to 4}.{1 to 7} | port.{1 to 3}.{1 to 4}.{1 to 7} | N/A |
E1 in DS3 | N/A | port.{1 to 3}.{1 to 21} | port.{1 to 21} |
E1 in VT2 | port.{1 to 4}.{1 to 3}.{1 to 3}.{1 to 7} | port.{1 to 3}.{1 to 3}.{1 to 7} | N/A |
N*DS0 in DS1 in DS3 | N/A | port.{1 to 3}.{1 to 28}.{1 to 24} | port.{1 to 28}.{1 to 24} |
N*DS0 in DS1 in VT2 | port.{1 to 4}.{1 to 3}.{1 to 3}.{1 to 7}.{1 to 24} | port.{1 to 3}.{1 to 3}.{1 to 7}.{1 to 24} | N/A |
N*DS0 in DS1 in VT1.5 | port.{1 to 4}.{1 to 3}.{1 to 4}.{1 to 7}.{1 to 24} | port.{1 to 3}.{1 to 4}.{1 to 7}.{1 to 24} | N/A |
N*DS0 in E1 in DS3 | N/A | port.{1 to 3}.{1 to 21}.{2 to 32} | port.{1 to 21}.{2 to 32} |
N*DS0 in E1 in VT2 | port.{1 to 4}.{1 to 3}.{1 to 3}.{1 to 7}.{2 to 32} | port.{1 to 3}.{1 to 3}.{1 to 7}.{2 to 32} | N/A |
Note:
This section contains information on the following topics:
Automatic Protection Switching (APS) allows users to protect a SONET/SDH port or link with a backup (protection) facility of the same speed but from a different adapter card. APS provides protection against a port, signal, or adapter card failure. The 7705 SAR supports 1+1 APS protection in compliance with GR-253-CORE and ITU-T Recommendation G.841 to provide SONET/SDH carrier-grade reliability. All SONET/SDH paths and channels within a SONET/SDH port are protected.
When APS is enabled, the 7705 SAR constantly monitors the health of the APS links, APS ports, and APS-equipped adapter cards. If the signal on the active (working) port degrades or fails, the network proceeds through a predefined sequence of steps to transfer (or switch over) traffic processing to the protection port. This switchover is done very quickly to minimize traffic loss. Traffic is streamed from the protection port until the fault on the working port is cleared, at which time the traffic may optionally revert to the working port.
The 7705 SAR supports 1+1 single-chassis APS (SC-APS) and 1+1 multi-chassis APS (MC-APS). In an SC-APS group, both the working and protection circuit must be configured on the same node. In an MC-APS group, the working and protection circuits are configured on two separate nodes, providing protection from node failure in addition to protection from link and hardware failure.
Unidirectional and bidirectional modes are supported:
For SC-APS and MC-APS with MEF 8 services where the remote device performs source MAC validation, the MAC address of the channel group in each of the redundant interfaces may be configured to the same MAC address using the mac CLI command.
In an SC-APS group, both the working and protection circuits terminate on the same node. SC-APS is supported in unidirectional or bidirectional mode on:
SC-APS with TDM access is supported on DS3, DS1, E1, and DS0 (64 kb/s) channels.
The working and protection circuits of an SC-APS group must be on two ports on different adapter cards.
Figure 13 shows an SC-APS group with physical port and adapter card failure protection. Figure 14 shows a packet network using SC-APS.
MC-APS extends the functionality offered by SC-APS to include protection against 7705 SAR node failure. MC-APS is supported in bidirectional mode on:
MC-APS with TDM access is supported on DS3, DS1, E1, and DS0 (64 kb/s) channels. TDM SAP-to-SAP with MC-APS is not supported.
With MC-APS, the working circuit of an APS group can be configured on one 7705 SAR node while the protection circuit of the same APS group is configured on a different 7705 SAR node. The working and protection nodes are connected by an IP link that establishes an MC-APS signaling path between the nodes.
The working and protection circuits must have compatible configurations, such as the same speed, framing, and port type. The circuits in an APS group on both the working and protection nodes must also have the same group ID, but they can have different port descriptions. In order for MC-APS to function correctly, pseudowire redundancy must be configured on both the working and protection circuits. For more information, refer to 7705 SAR Services Guide. MC-APS with pseudowire redundancy also supports Inter-Chassis Backup (ICB); see MC-APS and Inter-Chassis Backup for more information.
The working and protection nodes can be different platforms, such as a 7705 SAR-8 Shelf V2 and a 7705 SAR-18. However, to prevent possible switchover performance issues, avoid mixing different platform types in the same MC-APS group. The 7705 SAR does not enforce configuration consistency between the working circuit and the protection circuit. Additionally, no service or network-specific configuration data is signaled or synchronized between the two routers.
An MC-APS signaling path is established using the IP link between the two routers by matching APS group IDs. A heartbeat protocol can also be used to add robustness. The signaling path verifies that one router is configured as the working circuit and the other is configured as the protection circuit. In case of a mismatch, an incompatible neighbor trap is generated. The protection router uses K1/K2 byte data, member circuit status, and the settings configured for the APS Tools Commands to select the working circuit. Changes in working circuit status are sent across the MC-APS signaling link from the working router to keep the protection router synchronized. External requests such as lockout, force, and manual switches are allowed only on the node with the protection circuit.
Figure 15 shows an MC-APS group with physical port, adapter card, and node protection. Figure 16 shows a packet network using MC-APS.
Inter-Chassis Backup (ICB) spoke SDPs are supported for use with Cpipe services in an MC-APS configuration. ICB improves switch times, provides additional protection in case of network failures, and reduces packet loss when an active endpoint is switched from a failed MC-APS node to the protection node. Figure 17 shows an MC-APS group with pseudowire redundancy and ICB protection.
If the active link on the access side fails, an MC-APS switchover is triggered and a pseudowire switchover occurs. A failure on the network side triggers a pseudowire switchover but not an MC-APS switchover. For detailed information on pseudowire redundancy with ICB protection, refer to the 7705 SAR Services Guide, “PW Redundancy and Inter-Chassis Backup”.
The APS protocol uses the K1 and K2 bytes of the SONET/SDH header to exchange commands and replies between the near end and far end.
The switch priority of a request is assigned by bits 1 through 4 of the K1 byte, as shown in Table 23.
Bits | Condition |
1111 | Lockout of Protection |
1110 | Forced Switch |
1101 | SF - High Priority (not used in 1+1 APS) |
1100 | SF - Low Priority |
1011 | SD - High Priority (not used in 1+1 APS) |
1010 | SD - Low Priority |
1001 | Not used |
1000 | Manual Switch |
0111 | Not used |
0110 | Wait-to-Restore |
0101 | Not used |
0100 | Exercise |
0011 | Not used |
0010 | Reverse Request |
0001 | Do Not Revert |
0000 | No Request |
In unidirectional mode, the K1 and K2 bytes are not used to coordinate switch action; however, the K1 byte is still used to inform the other end of the local action, and bit 5 of the K2 byte is set to 0 to indicate 1+1 APS mode (see Table 24).
In bidirectional mode, the highest-priority local request is compared to the remote request (received from the far-end node using an APS command), and whichever request has the greater priority is selected. The requests can be automatically initiated (such as Signal Failure or Signal Degrade), external (such as Lockout, Forced Switch, Request Switch), or state requests (such as Revert-Time timers).
The channels requesting the switch action are assigned by bits 5 through 8. Only channel number codes 0 and 1 are supported on the 7705 SAR. If channel 0 is selected, the condition bits show the received protection channel status. If channel 1 is selected, the condition bits shows the received working channel status.
The K2 byte is used to indicate bridging actions performed at the line termination equipment (LTE), the provisioned architecture, and mode of operation, as shown in Table 24.
Bits | Function | |
1 to 4 | — | Channel number codes |
5 | 0 | Provisioned for 1+1 mode |
1 | Provisioned for 1:n mode | |
6 to 8 | 111 | Line AIS |
110 | Line RDI | |
101 | Provisioned for bidirectional switching | |
100 | Provisioned for unidirectional switching | |
011 | Reserved for future use | |
010 | Reserved for future use | |
001 | Reserved for future use | |
000 | Reserved for future use |
Table 25 outlines the steps that the bidirectional APS process will go through during a typical automatic switching event. The example is read row by row, from left to right, to provide the complete process of the bidirectional switching event.
Status | APS Commands Sent in K1 and K2 Bytes on Protection Line | Action | ||
B to A | A to B | At Site B | At Site A | |
No failure (protection line is not in use) | “No request” | “No request” | No action | No action |
Working line degraded in direction A to B | “SD” on working channel 1 | “No request” | Failure detected, notify A and switch to protection line | No action |
Site A receives SD failure condition | Same | “Reverse request” | No action | Remote failure detected, acknowledge and switch to protection line |
Site B receives “Reverse request” | Same | Same | No action | No action |
1+1 APS provides revertive and non-revertive modes; non-revertive mode is the default option. In revertive mode, the activity is switched back to the working port after the working line has recovered from a failure (or the manual switch is cleared). In non-revertive mode, a switch to the protection line is maintained even after the working line has recovered from a failure (or the manual switch is cleared).
To prevent frequent automatic switches that result from intermittent failures, a revert-time is defined for revertive switching. The revert-time is configurable from 0 to 60 min in increments of 1 min; the default value is 5 min. In some scenarios, performance issues can occur if the revert-time is set to 0; therefore, it is recommended that the revert-time always be set to a value of 1 or higher. Any change in the revert-time value takes effect upon the next initiation of the wait-to-restore (WTR) timer. The change does not modify the duration of a WTR timer that has already been started. The WTR timer of a non-revertive switch can be assumed to be infinite.
If both working and protection lines fail, the line that has less-severe errors will be active. If there is signal degradation on both ports, the active port that failed last will stay active. If there is signal failure on both ports, the working port will always be active because signal failure on the protection line is a higher priority than on the working line.
The lockout protection command (tools>perform>aps>lockout) disables use of the protection line. Since the command has the highest priority, a failed working line using the protection line is switched back to itself even if it is in a fault condition. No switches to the protection line are allowed when the line is locked out. Refer to the 7705 SAR OAM and Diagnostics Guide, “Tools”, for information on the APS lockout command.
The request or manual switch of active to protection command (tools>perform>aps> request) switches the active line to use the protection line (by issuing a manual switch request) unless a request of equal or higher priority is already in effect. If the active line is already on the protection line, no action takes place. Refer to the 7705 SAR OAM and Diagnostics Guide, “Tools”, for information on the APS request command.
The request or manual switch of active to working command (tools>perform>aps> request) switches the active line back from the protection line to the working line (by issuing a manual switch request) unless a request of equal or higher priority is already in effect. If the active line is already on the working line, no action takes place. Refer to the 7705 SAR OAM and Diagnostics Guide, “Tools”, for information on the APS request command.
The command tools>perform>aps>force>working forces an activity switch away from the working line to the protection line unless a request of equal or higher priority is already in effect. When the forced switch of working to protection command is in effect, it may be overridden either by a lockout command or by a signal fault on the protection line. If the active line is already on the protection line, no action takes place. Refer to the 7705 SAR OAM and Diagnostics Guide, “Tools”, for information on the APS force command.
The command tools>perform>aps>force>protect forces an activity switch away from the protection line and back to the working line unless a request of equal or higher priority is already in effect. Refer to the 7705 SAR OAM and Diagnostics Guide, “Tools”, for information on the APS force command.
The exercise command (tools>perform>aps>exercise) is only supported in 1+1 APS bidirectional mode. The Exercise command exercises the protection line by sending an exercise request over the protection line to the far end and expecting a reverse request response back. The switch is not completed during the exercise routine. Refer to the 7705 SAR OAM and Diagnostics Guide, “Tools”, for information on the APS exercise command.
This failure indicates that the received K1 byte is either invalid or inconsistent. An invalid code defect occurs if the same K1 value is received for three consecutive frames and is either an unused code or irrelevant for the specific switching operation. An inconsistent code defect occurs when no 3 consecutive received K1 bytes of the last 12 frames are the same.
If the failure persists for 2.5 s, a Protection Switching Byte alarm is raised. When this failure is declared, the protection line is treated as if it were in the SF state. The received signal is then selected from the working line.
When the failure is absent for 10 s, the alarm is cleared and the SF state of the protection line is removed.
This alarm can only be raised by the active port operating in bidirectional mode.
This failure indicates that there is a channel mismatch between the transmitted K1 bytes and the received K2 bytes. A defect is declared when the received K2 channel number differs from the transmitted K1 channel number for more than 50 ms after 3 identical K1 bytes are sent. The monitoring for this condition is continuous, not just when the transmitted value of K1 changes.
If the failure persists for 2.5 s, a Channel Mismatch Failure alarm is raised. When this failure is declared, the protection line is treated as if it were in the SF state. The received signal is then selected from the working line.
When the failure is absent for 10 s, the alarm is cleared and the SF state of the protection line is removed.
This alarm can only be raised by the active port operating in bidirectional mode.
This failure can occur for two reasons. The first reason is that the received K2 byte indicates that 1:N protection switching is being used by the far end of the OC-N line, rather than 1+1 protection switching. The second reason is that the received K2 byte indicates that unidirectional mode is being used by the far end while the near end is using bidirectional mode. This defect is detected within 100 ms of receiving a K2 byte that indicates either of these conditions.
If the failure persists for 2.5 s, a Mode Mismatch Failure alarm is raised. When this failure is declared, if the defect indicates that the far end is configured for unidirectional mode, then the OC-N port reverts from its current bidirectional mode to unidirectional mode. However, the port continues to monitor the received K2 byte, and if the K2 byte indicates that the far end has switched to bidirectional mode, the OC-N port then reverts to bidirectional mode as well. The monitoring stops if the user explicitly reconfigures the local port to operate in unidirectional mode.
When the failure is absent for 10 s, the alarm is cleared, and the configured mode, which is 1+1 bidirectional, is used.
This alarm can only be raised by the active port operating in bidirectional mode.
This failure occurs when a K1 byte is received in three consecutive frames that indicates a signal fail (SF) at the far end of the protection line. This failure forces the received signal to be selected from the working line.
If the failure persists for 2.5 s, a Far-End Protection Line Failure alarm is raised. This alarm can only be raised by the active port operating in bidirectional mode. When the failure is absent for 10 s, the alarm is cleared.
This section contains information on the following topics:
T1/E1 Line Card Redundancy (LCR) uses redundant adapter cards to protect T1/E1 services in case of hardware failures. T1/E1 LCR provides protection against adapter card or node failures. When T1/E1 LCR is used in conjunction with pseudowire redundancy, the network path between the endpoints is also protected. Protection is provided specifically for Cpipe services at the clear channel level and at the channelized level.
When T1/E1 LCR is enabled, the 7705 SAR constantly monitors the health of the adapter cards. If the active (working) adapter card fails (for example, because a card has been removed or due to a bus error), the system proceeds through a predefined sequence of steps to transfer (or switch over) traffic processing to the protection MDA. This switchover is done very quickly to minimize traffic loss. Traffic is moved to the protection adapter card until the fault on the working adapter card is cleared, at which time the traffic may optionally revert to the working adapter card.
T1/E1 LCR is supported on the following cards on the 7705 SAR-8 Shelf V2 and the 7705 SAR-18:
T1/E1 LCR includes support for single-chassis LCR (SC-LCR) and multi-chassis LCR (MC-LCR). In an SC-LCR group, both the working and protection adapter cards must be configured on the same node. In an MC-LCR group, the working adapter card and protection adapter card are configured on two separate nodes, providing protection from node failure in addition to protection from adapter card hardware failure.
In an SC-LCR group, both the working and protection adapter cards are configured with the same LCR group ID on the same node. The working and protection adapter cards are required to be the same type.
SC-LCR is supported for TDM CES (Cpipes). SC-LCR with TDM access is supported on DS1, E1, and DS0 (64 kb/s) channels.
SC-LCR supports TDM SAP-to-SAP connections when both SAPs are configured as LCR SAPs.
SC-LCR also supports TDM SAP-to-spoke SDP connections over an MPLS network. In this configuration, the far-end connection may or may not be configured for LCR.
MC-LCR extends the functionality offered by SC-LCR to include protection against 7705 SAR node failure. With MC-LCR, the working adapter card of an LCR group is configured on one 7705 SAR node while the protection adapter card of the same LCR group is configured on a different 7705 SAR node. The working and protection nodes are connected by an IP link (directly or indirectly) that establishes a multi-chassis protocol (MCP) link between the nodes.
MC-LCR is supported for TDM CES (Cpipes). MC-LCR with TDM access is supported on DS1, E1, and DS0 (64 kb/s) channels.
MC-LCR supports TDM SAP-to-SAP connections when both LCR SAPs are configured using the same adapter card on each node.
MC-LCR also supports TDM SAP-to-spoke SDP connections over an MPLS network. In this configuration, the far-end connection may or may not be configured for LCR.
The working and protection adapter cards must be the same type and must have compatible configurations, such as the same speed, framing, and port type. The adapter cards in an LCR group on both the working and protection nodes must also have the same group ID. The LCR groups can have different descriptions. In order for MC-LCR to function correctly, pseudowire redundancy must be configured on both the working and protection adapter cards. For information about pseudowire redundancy, refer to the 7705 SAR Services Guide, “Pseudowire Redundancy”. MC-LCR with pseudowire redundancy also supports Inter-Chassis Backup (ICB); see MC-LCR and Inter-Chassis Backup for more information.
Note: The working and protection nodes can be different platforms, such as a 7705 SAR-8 Shelf V2 and a 7705 SAR-18. However, to prevent possible switchover performance issues, avoid mixing different adapter card types in the same MC-LCR group. The 7705 SAR does not enforce configuration consistency between the working adapter card and the protection adapter card. Additionally, no service or network-specific configuration data is signaled or synchronized between the two nodes. |
An MCP link can be established using the IP link between the two nodes by matching LCR group IDs. The signaling path verifies that one node is configured as the working adapter card and the other is configured as the protection adapter card. In case of a mismatch, an incompatible neighbor trap is generated. The protection node uses member adapter card status and the settings configured in the LCR Tools Commands to select the working adapter card. Changes in working adapter card status are sent across the MC-LCR signaling link from the working node to keep the protection node synchronized. External requests such as lockout and force switch are allowed only on the node with the protection adapter card.
ICB spoke SDPs are supported for use with Cpipe services in an MC-LCR configuration. ICB improves switch times, provides additional protection in case of network failures, and reduces packet loss when an active endpoint is switched from a failed MC-LCR node to the protection node.
If the active link on the access side fails, an MC-LCR switchover is triggered and a pseudowire switchover is subsequently triggered. A failure on the network side triggers a pseudowire switchover but not an MC-LCR switchover. For detailed information on pseudowire redundancy with ICB protection, refer to the 7705 SAR Services Guide, “PW Redundancy and Inter-Chassis Backup”.
T1/E1 LCR provides revertive and non-revertive modes; non-revertive mode is the default option. In revertive mode, the activity is switched back to the working adapter card after it has recovered from a failure. In non-revertive mode, a switch to the protection adapter card is maintained even after the working adapter card has recovered from a failure.
To prevent frequent automatic switches that result from intermittent failures, a revert-time is defined for revertive switching. The revert-time is configurable from 0 to 60 min in increments of 1 min; the default value is 5 min. In some scenarios, performance issues can occur if the revert-time is set to 0; therefore, it is recommended that the revert-time always be set to a value of 1 or higher. Any change in the revert-time value takes effect upon the next initiation of the wait-to-restore (WTR) timer. The change does not modify the duration of a WTR timer that has already been started. The WTR timer of a non-revertive switch can be assumed to be infinite.
The LCR tools commands can only be executed on the node used in an SC-LCR group or on the protection node of an MC-LCR group. The commands can not be executed on the working node of an MC-LCR group.
The tools>perform>lcr>force>working command forces activity away from the working adapter card to the protection adapter card so that the protection adapter card becomes active unless an internal request of equal or higher priority is already in effect. When this command is in effect, it can be overridden either by a tools>perform>lcr>lockout command or by a signal fault on the protection adapter card. If the protection adapter card is already the active adapter card, no action takes place. Refer to the 7705 SAR OAM and Diagnostics Guide, “Tools”, for information on the LCR force command.
The tools>perform>lcr>force>protect command forces activity away from the protection adapter card to the working adapter card so that the working adapter card becomes active unless an internal request of equal or higher priority is already in effect. Refer to the 7705 SAR OAM and Diagnostics Guide, “Tools”, for information on the LCR force command.
When a CSM or adapter card is installed in a preprovisioned slot, the system tests for discrepancies between the preprovisioned card and card type configurations and the types actually installed. Error messages are displayed if there are inconsistencies, and the card will not initialize. When the proper preprovisioned cards are installed into the appropriate chassis slot, then alarm, status, and performance details will be displayed on the CLI.
This section contains information on the following topics:
A microwave link allows a 7705 SAR-8 Shelf V2 or 7705 SAR-18 to be connected to a 9500 MPR-e radio node. The MPR-e is the zero-footprint (outdoor) microwave solution offered by Nokia that allows customers to migrate from TDM microwave to pure packet microwave. The following MPR-e radio variants are supported:
A microwave link is configured on a 7705 SAR-8 Shelf V2 or 7705 SAR-18 as a virtual port object (not as a physical port) using the CLI command mw-link-id (for more information on how to configure a microwave link, see Microwave Link Commands).
Note: Before a microwave link can be configured, the current 7705 SAR software package that includes the MPR-e radio software must be downloaded from OLCS to the 7705 SAR-8 Shelf V2 or 7705 SAR-18. See MPR-e Radio Software and Upgrade Management for more information. |
The supported microwave link types are 1+0 and 1+1 Hot Standby (HSB). To deploy an N+0 link (with N ≥ 2), multiple links of 1+0 can be configured separately.
A microwave link connection is made from ports 1 through 4 on a Packet Microwave Adapter card to an MPR-e radio using one of the methods described in the 7705 SAR Packet Microwave Adapter Card Installation Guide, “Delivering Data to an MPR-e Radio”. The radio can be configured in standalone mode to provide a basic microwave connection as described in Standalone Mode or in Single Network Element (Single NE) mode to provide the advanced networking capabilities described in Single NE Mode. The default configuration is Single NE mode.
When connected to an MPR-e radio, these ports, with microwave link configured, operate as Gigabit Ethernet ports and provide the same features as the other ports (ports 5 through 8), except for the following:
If a microwave link is not configured on ports 1 through 4, they provide all of the same features as the other Gigabit Ethernet ports (ports 5 through 8).
A microwave link from ports 1 through 4 on a Packet Microwave Adapter card to an MPR-e radio that is configured in standalone mode provides a basic microwave connection to the MPR-e radio. In standalone mode, each MPR-e radio that is connected to a 7705 SAR-8 Shelf V2 or 7705 SAR-18 is managed as a separate standalone NE by the MPT Craft Terminal (MCT) Element Manager.
A microwave link from ports 1 through 4 on a Packet Microwave Adapter card to an MPR-e radio that is configured in Single NE mode provides the following networking capabilities to the radio over the microwave link:
MWA allows the 7705 SAR-8 Shelf V2 or 7705 SAR-18 and the MPR-e radios to which it is connected to be integrated and managed as a Single NE. The following features are part of Single NE management:
The individual management and IP address of the MPR-e radios are no longer required for network management. When managing a microwave network (consisting of a 7705 SAR-8 Shelf V2 or 7705 SAR-18 that is connected to one or more MPR-e radios) using an element/network manager, only the IP address of the 7705 SAR-8 Shelf V2 or 7705 SAR-18 needs to be entered. This capability optimizes the microwave network’s IP addressing plan.
For an MPR-e configuration, the required MWA-specific parameters are configured on the 7705 SAR side using the CLI and the required non-MWA parameters are configured on the MPR-e side using the MCT.
The following MWA-specific parameters are configured on the 7705 SAR side:
The following parameters are configured on the MPR-e side:
Configuration done on the MPR-e side is collected in a configuration file; this file can be saved to a 7705 SAR-8 Shelf V2 or 7705 SAR-18 using the Commit button function on the MCT or an admin>save CLI command on the 7705 SAR-8 Shelf V2 or 7705 SAR-18.
An MPR-e radio generates alarms for fault conditions pertaining to the MPR-e hardware and to the microwave link over which it is connected. The alarms are sent to the 7705 SAR-8 Shelf V2 or 7705 SAR-18, which turns the alarm notifications into SNMP traps and log events. These log events are controlled in the same way as all other events on the 7705 SAR-8 Shelf V2 and 7705 SAR-18 and can be displayed using the show>log>event-control>mwmgr command. Refer to the 7705 SAR System Management Guide, “Event and Accounting Logs”, for more information.
The Single NE capability optimizes the MPR-e radio software installation and upgrade process. The MPR-e radio software is bundled with the 7705 SAR software as one package, there is no need to look for and download the MPR-e radio software separately. The 7705 SAR software package containing the MPR-e radio software can be downloaded from a directory on OLCS. The operator can copy the software package onto a compact flash or network store on the 7705 SAR-8 Shelf V2 or 7705 SAR-18.
Note: There are two TiMOS .zip files on OLCS that contain the current 7705 SAR software package; the file that contains the MPR-e radio software has the .MWA annotation in the filename. Only the MPR-e radio software that is bundled with this 7705 SAR software package is recognized as being valid by the 7705 SAR-8 Shelf V2 or 7705 SAR-18. |
An MPR-e radio’s database file is stored and backed up on a 7705 SAR-8 Shelf V2 or 7705 SAR-18. If an old MPR-e radio is replaced by a new one, the new MPR-e radio downloads the MPR-e radio software from the 7705 SAR-8 Shelf V2 or 7705 SAR-18, along with the backed-up database file of the old MPR-e radio. This means that the MPR-e radio does not need to be reconfigured after a radio hardware replacement.
A separate database file is required for each managed MPR-e radio. The user specifies the filename of the database file to be used during provisioning of the radio on the 7705 SAR-8 Shelf V2 or 7705 SAR-18 using the config>port>mw>radio> database CLI command.
The following MPR-e radio system information and microwave link information and statistics can be accessed through a CLI session on the 7705 SAR-8 Shelf V2 or 7705 SAR-18:
Note: Local/remote Rx power monitoring and local/remote Tx power monitoring are also known as Receive Signal Level (RSL) monitoring and Transmit Signal Level (TSL) monitoring, respectively. |
MPR-e radio reset control is provided on the 7705 SAR-8 Shelf V2 or 7705 SAR-18. During an MPR-e radio reset, the microwave link is brought down and an upper layer applications action is triggered, such as message rerouting and clock source switching by the System Synchronization Unit (SSU).
MPR-e radio mute control can be enabled through the CLI/SNMP or by using the MCT. The MCT and CLI are synchronized to show the current state of the MPR-e radio mute function.
Note: Administratively disabling the microwave link with which the MPR-e radio is associated (using the config>port>mw-link-id>shutdown command) causes the main and spare MPR-e radios to be muted. |
The microwave link Fast Fault Detection (FFD) capability allows a 7705 SAR-8 Shelf V2 or 7705 SAR-18 to directly detect MPR-e radio or microwave link faults using proprietary messaging. The following fault types are detected by FFD:
Note:
|
If microwave link faults are detected, an event is logged and the link is disabled. Some detected faults may be selectively suppressed using the suppress-faults command. When faults are suppressed, the event is still logged, but the microwave link is not disabled. Operators can suppress HBER faults, RSL threshold crossing faults, and/or RDI faults. By default, the system does not suppress faults for FFD.
MWA uses 1+1 HSB to protect against microwave link, MPR-e radio, and Packet Microwave Adapter card failures, as well as frequency channel selective fading. Additionally, hitless (errorless) switching provides zero packet loss if a switchover occurs from a main to a spare MPR-e radio.
The following are required for 1+1 HSB:
Note: An MPR-e radio that is connected to an odd-numbered port on the Packet Microwave Adapter card must be configured as the main radio. |
The following protection schemes make up 1+1 HSB:
These protection schemes are enabled using the config>port>mw>protection command, with the exception of Transmit Diversity Antenna, which is enabled via the MCT. They interwork with each other as described in the sections that follow.
EPS protects against MPR-e radio, MWA Gigabit Ethernet link, and Packet Microwave Adapter card failures. After the radio frames are processed by the active EPS MPR-e radio, the radio sends the Ethernet traffic down to the 7705 SAR-8 Shelf V2 or 7705 SAR-18. The standby EPS MPR-e radio does not send any Ethernet traffic down to the 7705 SAR-8 Shelf V2 or 7705 SAR-18.
The switching criteria for EPS are:
In a 1+1 HSB configuration, TPS protects against a microwave link transmission failure by ensuring that only one MPR-e radio at a time uses the antenna for signaling. The 7705 SAR-8 Shelf V2 or 7705 SAR-18 sends traffic to both the active and standby TPS MPR-e radios. Upon receiving the baseband traffic, both radios modulate it and up-convert it to signals. However, only the active TPS MPR-e radio transmits the RF signals; the standby TPS MPR-e radio suppresses the signals. When the active TPS MPR-e radio fails, standby radio becomes active and restores the microwave link channel.
The switching criteria for TPS are identical to EPS.
Note:
|
RPS is a hitless radio function that provides space diversity protection for the microwave channel. On the receive side, each MPR-e radio monitors the same radio frequency channel, with the main MPR-e radio being the active receiver by default. Both active and standby RPS MPR-e radios receive both streams of radio frames. The standby RPS MPR-e radio sends the stream of radio frames that it receives to the active EPS MPR-e radio.
Note: In order to provide space diversity (SD) for the two radio frequency channels, RPS requires that a separate antenna be mounted for each MPR-e radio. |
Figure 18 shows a typical application of 1+1 HSB with SD deployment. Only one microwave frequency channel is active and only the main MPR-e radio is transmitting data to the remote ends; the spare MPR-e radio is acting as a standby.
The TDA feature provides another layer of protection over a microwave link. The TDA configuration uses a main antenna mounted on one MPT-HLC or HLC plus radio and a diversity antenna mounted on another MPT-HLC or HLC plus radio. In combination with the 1+1 HSB radio configuration (redundant MPR-e radios), the traffic is transmitted on either the main antenna or the diversity antenna to achieve the Space Diversity (SD) receiver configuration.
TDA provides protection switching independent of TPS. TDA is capable of counter-acting either negative propagation conditions or permanent antenna failure.
The main antenna is the default main unit that controls the antenna traffic flow using the TDA algorithm. If the main unit fails, the TDA algorithm is no longer operational on the main unit; its transmission switches over to the diversity antenna.
The non-operation of the main antenna switch does not affect transmission, even while the TDA algorithm is being transmitted on the diversity antenna.
TDA configuration is done via the MCT. TDA status is available using the 7705 SAR CLI/SNMP and via the MCT. The CLI command that is used is show>mw>link. The status information includes the current TDA configuration, which antenna is active, and the active antenna position.
Figure 19 shows an example of a TDA application.
In a 1+1 HSB configuration, the communication path between the main (active) and spare (standby) MPR-e radios installed on a tower is set up using a tight cable.
Note: A tight cable is required with MPT-HC V2, MPT-XP, MPT-HLC, MPT-HLC plus, and MPT-QAM radios (1+ 1 HSB is not supported on MPT-MC radios). |
The following list defines the types of EPS, TPS, and RPS MPR-e radio switching operations that can be enabled using the tools>perform>mw>link command:
Note: TDA switching operation is enabled via the MCT. |
Refer to the 7705 SAR OAM and Diagnostics Guide, “Tools Command Reference”, “Tools Perform Commands”, for more information.
Revertive switching can also be configured for RPS and EPS/TPS (when revertive switching is configured for EPS, it is also applied to TPS; revertive switching for TPS cannot be configured separately). Revertive switching occurs when the MPR-e radio operation switches from the spare radio back to the main radio after a fault condition is cleared.
Depending on the type of Gigabit Ethernet microwave link used to connect the Packet Microwave Adapter card and an MPR-e radio, different frequency synchronization mechanisms can be used.
When using optical 1000Base-SX to connect the Packet Microwave Adapter card and an MPR-e radio, synchronous Ethernet and SSM are the frequency synchronization mechanisms that are used. SSM is used as the mechanism to detect a microwave link failure, including loss of frame and MPR-e radio hardware failure.
When using electrical 1000Base-T to connect the Packet Microwave Adapter card and an MPR-e radio, PCR is the frequency synchronization mechanism that is used (a copper SFP is mandatory on ports 3 and 4).
For more information on PCR, synchronous Ethernet, and SSM, refer to the 7705 SAR Basic System Configuration Guide, “Node Timing”.
An MPR-e radio that is connected to the 7705 SAR can automatically upload its received signal level (RSL) history file to the 7705 SAR host. The RSL file contains a history of radio attributes and alarms that radio operators can use to isolate and diagnose radio-layer problems that might exist in the network.
Up to 24 MPR-e radios can independently upload their RSL history file every 15 minutes when the rsl-history command is configured on the 7705 SAR for each radio. When uploaded, the file is stored on the 7705 SAR compact flash. Each RSL file can be up to 1 Mbyte and contain up to 10 000 lines. Each time a new file from a specific MPR-e radio is sent to the 7705 SAR, the new file overwrites the previous version for that radio. Once uploaded to the 7705 SAR, the operator can view the file in its raw format using the file>type command or FTP it to an external server.
Table 26 lists the attributes in the RSL history file.
Attribute | Description |
Time | Time of record |
LocTxPower | Local transmit power |
RemTxPower | Remote transmit power |
LocRxPower | Local received power |
RemRxPower | Remote received power |
LocDivRxPower | Local diversity received power (significant for diversity configuration only) |
RemDivRxPower | Remote diversity received power (significant for diversity configuration only) |
LocXPD | Local cross-polar discrimination (significant for XPIC configuration only) |
RemXPD | Remote cross-polar discrimination (significant for XPIC configuration only) |
LocMSE | Local mean squared error |
RemMSE | Remote mean squared error |
TxMod | Transmitter modulation |
RxMod | Receiver modulation |
LocEPS | Local equipment protection switching |
RemEPS | Remote equipment protection switching |
LocRPS | Local radio protection switching |
RemRPS | Remote radio protection switching |
LocTPS | Local transmit protection switching |
RemTPS | Remote transmit protection switching |
LocHBERAlm | Local high bit error rate alarm |
RemHBERAlm | Remote high bit error rate alarm |
LocEWAlm | Local early warning alarm |
RemEWAlm | Remote early warning alarm |
LocDemFailAlm | Local demodulation failure alarm |
RemDemFailAlm | Remote demodulation failure alarm |
The 7705 SAR supports custom alarms on Ethernet ports without the need to deploy a dry-contact alarm aggregator. Custom alarms can be created and assigned to any RJ-45 port; the port must be configured for 100Base-Tx operation with autonegotiation disabled. One alarm input can be configured for each port with the following:
Alarm inputs must be associated with an alarm in order for them to be triggered. Alarm inputs consist of an Ethernet LOS event caused by breaking contact loops between pins 1 and 3 or 2 and 6 on the Ethernet port. Breaking either loop will trigger the port alarm, and reconnecting the loops will clear the alarm.
For information on configuring the alarm inputs, see Configuring Auxiliary Alarm Card, Chassis, and Ethernet Port External Alarm Parameters.
The 7705 SAR supports network access control over client devices on an Ethernet network using the IEEE 802.1x standard. 802.1x is a standard for authenticating Ethernet devices before they can access the network. In the case of the 7705 SAR, authentication is performed using Extensible Authentication Protocol (EAP) over LAN (EAPOL).
802.1x provides protection against unauthorized access by forcing the device connected to the 7705 SAR to go through an authentication phase before it is able to send any non-EAP packets. Only EAPOL frames can be exchanged between the aggregation device (called the authenticator; for example, the 7705 SAR) and the customer device (called the supplicant) until authentication is successfully completed. The 7705 SAR enables the port after successful authentication. While the port is unauthenticated, the port will be “down” to all upper layer protocols or services.
A typical use for EAPOL would involve a 7705 SAR and some type of Ethernet device, such as a laptop, a set-top box, or a Node B. An authentication server would negotiate with the Ethernet device through the 7705 SAR (whose role is authenticator). For example, a technician using a laptop to gain access to his or her network at a cell site would have his or her laptop subject to the 802.1x access control, just as the Node B would. In every case, the Ethernet device connected to the 7705 SAR must negotiate for network access. Essentially, with EAPOL in use, any Ethernet device that connects to the 7705 SAR must negotiate for permission to send traffic through the 7705 SAR Ethernet port.
The 7705 SAR supports the following EAP methods: MD5, TLS, TTLS, and PEAPv0.
MAC authentication can be used to authenticate client devices that do not support EAP. For more information, see MAC Authentication.
This section describes the following:
The IEEE 802.1x standard defines three participants in an authentication conversation (see Figure 20):
The authentication exchange is carried out between the supplicant and the authentication server; the authenticator acts only as a bridge. The communication between the supplicant and the authenticator is done using EAPOL. The communication between the authenticator and the authentication server is done using the RADIUS protocol. The authenticator is therefore a RADIUS client, and the authentication server is a RADIUS server.
Figure 21 shows an example of the messages transmitted during an authenticator-initiated One Time Password (OTP) authentication process.
Note: OTP is one of many authentication mechanisms that are available for use between the supplicant and the authentication server. These authentication mechanisms (protocols) are transparent to the 7705 SAR. |
The authenticator initiates the procedure when the Ethernet port becomes operationally up by sending a special PDU called an EAP-Request/ID to the supplicant. The supplicant can also initiate the exchange by sending an EAPOL-start PDU if it does not receive the EAP-Request/ID frame during boot-up. The supplicant responds to the EAP-Request/ID with an EAP-Response/ID frame containing its identity (typically username + password).
After receiving the EAP-Response/ID frame, the authenticator encapsulates the identity information into a RADIUS Access Request packet, and sends it off to the configured RADIUS server. The RADIUS Access Request packet contains the following attributes:
The RADIUS server checks the supplied credentials using an authentication algorithm to verify the supplicant’s identity. If approved, the RADIUS server returns an Access Accept message to the authenticator. The authenticator notifies the supplicant with an EAP-Success message and puts the port in the authorized state.
If the supplicant sends an EAP-Logoff message, the authenticator puts the supplicant in an unauthorized state and continues searching for supplicants to authenticate.
After sending an EAP-Failure message, the authenticator puts the supplicant in an unauthorized state, waits for the number of seconds defined by the quiet-period timer, then continues searching for supplicants to authenticate.
The 7705 SAR conforms to the relevant sections of the 802.1X-2001 implementation.
The 7705 SAR supports port-based network access control for Ethernet ports only. Each Ethernet port can be configured to operate in one of three different modes, controlled by the port-control command:
The 802.1x authentication process is controlled by a number of configurable timers. There are two separate sets, one for the EAPOL message exchange and one for the RADIUS message exchange. Figure 22 shows an example of the timers.
EAPOL timers:
RADIUS timers:
The authenticator can also be configured to periodically trigger the authentication process automatically. This is controlled by the enable reauthentication and reauthentication period parameters. Re-auth-period indicates the time in seconds (since the last time that the authorization state was confirmed) before a new authentication process is started. The range of re-auth-period is 1 to 9000 s (the default is 3600 s). The port stays in an authorized state during the reauthentication process.
The 7705 SAR supports tunneling of untagged 802.1x frames received on a port for both Epipe and VPLS services using either null or default SAPs (for example1/1/1:0 or 1/1/1:*) when the port-control command is set to force-auth.
When tunneling is enabled on a port, untagged 802.1x frames are treated like user frames and are switched into Epipe or VPLS services that have a corresponding null SAP or default SAP on that port. If a port has a default SAP, other non-default SAPs could also be on the port. When received on a spoke SDP or mesh SDP, untagged 802.1x frames are tunneled by default. Untagged 802.1x frames received on other service types, or on network ports, are dropped.
802.1x tunneling must be enabled consistently across all ports in the LAG where 802.1x frames are expected. This is not enforced by the system.
Configuration of 802.1x network access control on the authenticator consists of two parts:
802.1x provides access to the port for any device, even if only a single client has been authenticated. Additionally, it can only be used to gain access to a predefined Service Access Point (SAP). It is not possible to dynamically select a service (such as a VPLS service) depending on the 802.1x authentication information.
The 7705 SAR supports the 802.1x EAP standard for authenticating Ethernet devices before they can access the network. However, if a client device does not support 802.1x EAP, MAC authentication can be used to prevent unauthorized traffic from being transmitted through the 7705 SAR.
802.1x EAP must be enabled for MAC authentication to be used, as MAC authentication is a fallback mechanism. To authenticate a port using MAC authentication, 802.1x authentication must first be configured on the 7705 SAR by enabling port-control auto, and then mac-auth must be configured on the 7705 SAR to enable MAC authentication.
When a port becomes operationally up with MAC authentication enabled, the following steps are performed by the 7705 SAR (as the authenticator):
Note: If it is known that the attached equipment does not support EAP, no mac-auth-wait can be configured so that MAC authentication can be used as soon as the port is operationally up. |
While the port is unauthenticated, the port will be “down” to all upper layer protocols or services.
The IEEE 802.1ab Link Layer Discovery Protocol (LLDP) allows stations that are attached to the same IEEE 802 LAN (emulation) to advertise information for the purpose of populating physical or logical topology and device discovery management information databases. In other words, IEEE 802.1ab Link Layer Discovery Protocol allows an LLDP agent to learn connectivity and management information from adjacent stations. The information obtained via this protocol is stored in standard MIBs which can be accessed via management protocols such as SNMP.
LAN emulation and logical topology is applicable to customer bridge scenarios (enterprise or carrier of carrier) connected to a provider network offering a transparent LAN emulation service to their customers. LAN emulation helps customers detect intermediate provider misconnections by offering a view of the customer topology where the provider service is represented as a LAN interconnecting customer bridges.
The IEEE 802.1ab standard defines a protocol that:
Network operators must be able to discover the topology information in order to detect and address network problems and inconsistencies in the configuration. Standards-based tools can address complex network scenarios where multiple devices from different vendors are interconnected using Ethernet interfaces.
The 7705 SAR platforms, cards, and modules support LLDP on all Ethernet datapath ports. On the 2-port 10GigE (Ethernet) Adapter card/module, LLDP is supported on the Ethernet ports, but not on the v-port. Each Ethernet port can be configured to run up to three LLDP sessions. Each session can have up to five peers and each peer can store up to three management addresses.The 7705 SAR can have a maximum of 720 peers configured.
Figure 24 shows the three scopes of LLDP that are supported on the 7705 SAR. The scopes are Nearest Bridge, Nearest non-TPMR Bridge, and Nearest Customer Bridge.
LLDP allows stations attached to an IEEE 802 LAN to advertise to other stations attached to the same LAN, the major capabilities provided by the system incorporating that station, the management address or addresses of the entity or entities that manage these capabilities, and the identification of the station's point of attachment to the LAN required by the management entity or entities.
The information distributed via this protocol is stored on the receiving device in a standard MIB, so that the information can be accessed by a Network Management System (NMS).
The LLDP protocol uses an LLDP agent entity that implements LLDP for a particular MAC service access point (MSAP) associated with a port.
LLDP does not contain a mechanism for soliciting specific information from other LLDP agents, nor does it provide a specific means of confirming the receipt of information. LLDP allows the transmitter and the receiver to be enabled separately; therefore, the local LLDP agent can be configured to transmit only, receive only, or both transmit and receive LLDP information.
LLDP agents transmit and receive LLDP Data Units (LLDPDUs). The LLDPDU contains an LLDP frame whose information fields are a sequence of variable-length information elements. Each element includes type, length, and value fields (known as TLVs).
Each LLDPDU contains four mandatory TLVs and can contain optional TLVs as selected by network management. Figure 25 shows the LLDPDU format.
The chassis ID TLV identifies the chassis containing the Ethernet port responsible for transmitting the LLDPDU. The port ID TLV identifies the Ethernet port responsible for transmitting the LLDPDU. The chassis ID and the port ID values are concatenated to form a logical identifier (the MSAP identifier) that is used by the recipient to identify the sending LLDP agent and associated port. Both the chassis ID and port ID values can be defined in a number of ways. Once selected, however, the chassis ID and port ID value combination remains the same as long as the particular port remains operable.
The Time To Live TLV indicates the number of seconds (from 0 to 65535) that the receiving LLDP agent should consider the information contained in the received LLDPDU to be valid. The Time To Live TLV is calculated by the formula tx-interval × tx-hold-multiplier. The associated information is automatically discarded by the receiving LLDP agent if the sender fails to update it before this time. A zero value indicates that any information pertaining to this LLDPDU identifier is to be discarded immediately. A TTL value of zero can be used, for example, to signal that the sending port has initiated a port shutdown procedure.
The End of LLDPDU TLV marks the end of the LLDPDU.
The implementation defaults to setting the port-id field in the LLDP OAMPDU to tx-local. This encodes the port-id field as ifindex (subtype 7) of the associated port, which is required to support some releases of the NSP NFM-P. The NSP NFM-P may use the ifindex value to properly build the Layer 2 topology network map. However, this numerical value is difficult to interpret or readily identify the LLDP peer when reading the CLI or MIB value without using the NSP NFM-P. Including the port-desc option as part of the tx-tlv configuration allows a Nokia remote peer supporting port-desc preferred display logic to display the value in the port description TLV instead of the port-id field value. This does not change the encoding of the port-id field. The port-id field value continues to represent the ifindex. In some environments, it may be important to select the specific port information that is carried in the port-id field. The operator has the ability to control the encoding of the port-id information and the associated subtype using the port-id-subtype option. Three options are supported for the port-id-subtype:
IPv6 (address subtype 2) and IPv4 (address subtype 1) LLDP system management addresses are supported.
SCADA systems are used in many strategic industry networks, such as utility and transportation, to monitor and maintain the networks from remote monitoring locations. SCADA systems use a master/slave architecture with a single master that supports multiple slave remote terminal units (RTUs).
Nokia addresses the needs of SCADA customers with the Integrated Services card. The Integrated Services card is a resource card that is capable of supporting software applications that specifically meet the requirements of TDM-based SCADA systems. The card is supported on the 7705 SAR-8 Shelf V2 and the 7705 SAR-18.
The Integrated Services card supports the following SCADA applications:
Only one application can be active on the card at a time.
The MDDB and PCM multidrop bridge applications feature similar architecture and functionality, with the main exception being that the MDDB application uses a serial RS-232, RS-530, or X.21 interface, while the PCM multidrop bridge application uses an E&M analog interface. The VCB application builds on the PCM architecture, using A-Law or Mu-Law encoding and an E&M analog interface.
The MDDB application provides a centralized digital bridging functionality that allows a SCADA bridge to be configured between a master and remote slaves. The bridge allows a single data message stream to be broadcast from a master to multiple slaves and allows a single slave to communicate back to the master.
In a SCADA network, the 7705 SAR provides the communications infrastructure to connect the central masters to multiple RTUs at remote locations, where the masters and RTUs communicate over serial RS-232, RS-530, or X.21 links (synchronous or asynchronous). The 7705 SAR-8 Shelf V2 or 7705 SAR-18 located at the master site contains the Integrated Services card, which provides the MDDB bridge functionality and acts as the MDDB master. Remote 7705 SAR nodes connected to RTUs are referred to as MDDB slaves.
For both master and slave applications, the 7705 SAR must be physically connected to the SCADA device by one of the following:
The 12-port Serial Data Interface card (version 1 and version 2) supports the RS-530/RS-422 interface with the use of an adapter cable that connects to a DB15 connector on the front of the X.21 distribution panel. There is no configuration specifically for the RS-530/RS-422 interface; configuration is done in X.21 mode and applies to the RS-530/RS-422 interface when it is physically enabled through hardware. The 12-port Serial Data Interface card, version 3, provides RS-530 interface capability without the need for an adapter cable. For information about 12-port Serial Data Interface card adapter cables, refer to the 7705 SAR Serial Data Interface Card Installation Guide.
The remote nodes are connected to the SCADA bridge over an IP/MPLS network.
An Integrated Services card supports up to 16 SCADA bridges. Each bridge supports 32 branches. Two branches (branch 1 and branch 2) are dedicated connections to the SCADA masters; the other 30 branches connect to the slaves. An MDDB SCADA bridge is created using the config>scada bridge-id command and a branch is created using the config>scada>branch branch-id command.
Note: Larger bridges can be built by cascading individual bridges internally within a single Integrated Services card and using the master output from one bridge as the slave input to another bridge. Larger bridges can be cascaded across multiple Integrated Services cards by using an RS-232, RS-530, or X.21 link. |
Figure 26 shows a typical SCADA MDDB network. A Cpipe SAP is configured for each master and slave branch in order to transmit data to the bridge. The RS-232/X.21 traffic is converted to a 64 kb/s Cpipe using high capacity multiplexing (HCM). The Integrated Services card terminates the Cpipe (the slaves send data back over the IP/MPLS network), recovers the data directly from the Cpipe as an HCM frame, and sends the data to the bridge.
The pulse code modulation (PCM) multidrop bridge application provides multidrop bridging for SCADA systems that use 4-wire analog modems to connect remote slaves to a master. Incoming analog signals from the master are converted to PCM (Mu-Law or A-Law) for transport between a remote slave and the master. The Integrated Services card broadcasts the master stream to all remote slaves. Only the addressed remote unit will respond to the broadcast and the response must be transported through the bridge back to the master via an E&M interface. If the network RTUs support two SCADA systems over the same interface by separating them into high-frequency and low-frequency bands, the PCM multidrop bridge always selects the two loudest branches to be passed through the bridge for communication with the master.
Note: E&M signaling transport through the bridge is not supported. |
Figure 27 shows a typical SCADA PCM multidrop bridge network.
The PCM multidrop bridge application uses Mu-Law and A-Law encoding; therefore, the modularity is different from MDDB modularity. Table 27 shows the modularity for a PCM multidrop bridge on the Integrated Services card.
Encoding Scheme | Number of Bridges per Integrated Services Card | Number of Branches per Bridge | Total Number of Branches per Integrated Services Card |
Mu-Law (North America) | 16 | 22 | 352 |
A-Law (rest of world) | 16 | 30 | 480 |
A PCM SCADA bridge is created using the config>scada bridge-id command and a branch is created using the config>scada>branch branch-id command.
Note: Larger bridges can be built by cascading individual bridges internally within a single Integrated Services card and using the master output from one bridge as the slave input to another bridge. Larger bridges can be cascaded across multiple Integrated Services cards by using an E&M link. |
The MDDB and PCM multidrop bridge applications support redundant masters, where both masters listen to all traffic that is being transmitted from the slaves but only the active master broadcasts data to the slaves.
There are two modes for master redundancy:
A condition may occur where a single slave continues to send data to the master after the normal response period has expired. This condition locks up the bridge so that no other slave can transmit data back to the master. To resolve this condition, the squelch command can be enabled on a bridge or on an individual slave or master branch. Squelch is enabled by configuring a timeout period that, once expired, raises an alarm and triggers the squelching function. A normal quiescent traffic pattern (all 1s for MDDB and low volume for PCM multidrop) is inserted towards the bridge. This blocks the problematic slave so that other slaves can continue to use the bridge.
In order to put the bridge into the normal state, it must be reset. This can be manually initiated by the operator with the squelch reset command, or it can occur automatically after a configured time if the squelch-recovery command is set to auto.
For MDDB, because different algorithms are needed to detect squelch conditions at low-speed and high-speed rates, interface speed selection is required. The interface speed is set at the bridge level.
The voice conference bridge (VCB) application provides a simultaneous communication path between two or more voice circuits. VCBs are deployed in a central location with remote devices connected to the bridge via the 7705 SAR over an IP/MPLS or TDM network. Inputs to the VCB are 4-wire E&M analog interfaces.
VCBs can be used as a conference bridge with any-to-any connectivity (all branches participate) or as a bridge in broadcast mode where one branch broadcasts to the other branches that are in listen-only mode.
The main VCB applications are:
The VCB application uses Mu-Law and A-Law encoding, similar to PCM. Table 28 shows the modularity for a VCB on the Integrated Services card.
Encoding Scheme | Number of Bridges per Integrated Services Card | Number of Branches per Bridge | Total Number of Branches per Integrated Services Card |
Mu-Law (North America) | 16 | 24 | 384 |
A-Law (rest of world) | 16 | 32 | 512 |
A VCB SCADA bridge is created using the config>scada bridge-id command and a branch is created using the config>scada>branch branch-id command.
Note: Larger bridges can be built by cascading individual bridges internally within a single Integrated Services card. Larger bridges can be cascaded across multiple Integrated Services cards by using an E&M link or a channel group encapsulated for cem (TDM). |
VCB can be configured in one of four applications. These applications are set at the card level. Each application uses a bridging algorithm that determines which branches control the management of the bridge and transmission of signals:
The 7705 SAR supports the VCB mute transmission output option on all VCB applications. By default, a branch transmission is broadcast to all other branches on the bridge. The mute output option blocks the transmission to a branch.
Each branch of the VCB has a SAP with an associated Cpipe that connects to an SDP or SAP. The operator can mute the output from a branch with the config>service>cpipe>sap>cem>mute-output command. When mute-output is enabled, nothing is transmitted out that branch of the VCB, meaning that none of the connected sites can hear the transmission.
For example, to configure a network where any remote site can initiate transmission but none of the remote sites can hear what is transmitted, only the central sites can listen, mute-output must be enabled on the SAPs of the branches on the Integrated Services cards at the central site toward the remote sites. Similarly, to configure a network where any central site can initiate transmission but only the remote sites can listen, mute-output must be enabled on the SAPs of the branches on the Integrated Services cards at the remote site toward the central sites.
Figure 28 shows an example where only the remote sites can listen to the transmission.
Figure 29 shows an example where only the central sites can listen to the transmission.
Gain is the increase or decrease in signal power or voltage that occurs in transmitting a signal from one point to another. The two types of gain are:
Gain is configured at the branch level.
The input gain defines the magnitude of the increase or decrease of the signal transmitted into the bridge. The input gain range is –16 to +9 dB in 1-dB increments (the default is 0 dB).
The output gain defines the magnitude of the increase or decrease of the signal received from the bridge. The output gain range is –16 to +9 dB in 1-dB increments (the default is 0 dB).
Serial transport over raw sockets provides the capability of transporting serial data, in the form of characters, over an IP transport service within a Layer 3 IP/MPLS service (IES or VPRN). A raw socket allows direct sending and receiving of IP packets without any protocol-specific transport layer formatting. For information about raw socket IP transport services, refer to the 7705 SAR Services Guide, Service Overview chapter, “Raw Socket IP Transport Service”.
The feature provides the functionality for a local host to listen to and open raw socket sessions from remote hosts, and for a remote host to initiate and open raw socket sessions to local hosts. The local and remote host functions support TCP or UDP sessions (but not both concurrently) over the IP transport service.
Raw sockets are supported on the following hardware:
Note:
|
Figure 30 shows an example of a raw socket application, where serial data is transferred between RTUs and a utility’s SCADA management system using an IP transport service across a Layer 3 service (IES or VPRN), that includes 7705 SAR-H or 7705 SAR-Hc and 7705 SAR-8 Shelf V2 or 7705 SAR-18 nodes.
A raw socket local host (acting as a server) at the 7705 SAR-H/SAR-Hc substation listens to TCP sessions that originate at the 7705 SAR-8 Shelf V2/SAR-18 central location network operations center (NOC). The 7705 SAR-8 Shelf V2/SAR-18 at the NOC is connected to two front-end processors (FEPs), one via a serial port and another via an Ethernet port. The serial port on the 7705 SAR-8 Shelf V2/SAR-18 is configured as a remote host (acting as a client) that initiates TCP/UDP sessions towards the RTU at the 7705 SAR-H/SAR-Hc substation when traffic is received from the FEP over the serial port. These TCP/UDP sessions are transported over the IP/MPLS network using IP transport service over an IES or VPRN service. The serial data that is transported over the TCP/UDP session and received at the 7705 SAR-H/SAR-Hc is then sent over the serial link towards the RTU. TCP/UDP sessions received from the FEP over the Ethernet port are transported over an IES or VPRN service (that is, there is no need for serial remote host configuration in this case).
Multiple FEPs can poll a single RTU. If multiple sessions attempt to transmit serial data on the serial port simultaneously, the 7705 SAR queues packets per session and ensures that all data for one session is sent out before processing another session’s data, ensuring that sessions do not overlap one another.
Note: A serial port can be concurrently configured as both a server (local host) and a client (remote host). This is accomplished with the local-host command configuration to support the server function and the remote-host command configuration to set up client sessions to far-end remote hosts. |
A raw socket IP transport interface can be configured for each RS-232 serial port on a node. This allows the serial port to receive TCP connections or UDP session packets from multiple remote hosts, or to create new sessions to remote hosts in order to send and receive serial data to and from those remote hosts.
There are port-level and service-level configuration requirements for a raw socket serial port to send and receive serial data in either server mode, client mode, or both.
Raw socket port-level configuration includes defining the end-of-packet checking parameters (idle-time, length, special character) and the inter-session delay for transmitting session data over the serial link. See Serial Commands for the required information.
At the service level, an IP transport subservice is created within an IES or VPRN service to associate the serial port with the respective IES or VPRN service. TCP/UDP encapsulated serial data is routed within the corresponding Layer 3 IES or VPRN service. The required configuration includes IP transport subservice local-host and remote-host configuration, TCP timers, and session control. Refer to the 7705 SAR Services Guide, “IES Raw Socket IP Transport Configuration Commands” and “VPRN Raw Socket IP Transport Configuration Commands” for the required information.
Figure 31 illustrates how raw socket packets are processed over a serial link.
Session data attempting to access the serial port is queued. One queue is maintained per session. The purpose of the session queue is to prevent two different flows of packets from interleaving out the serial port and creating unreadable messages. When data is being transmitted over the serial link for a session, any other session’s data is queued until the first session has emptied its queue. The next session’s data is transmitted over the serial link only after the inter-session-delay timer expires. Each session’s data is sent out in round-robin fashion.
When the local host receives a UDP packet from a remote host, it queues the packet and sends it over the serial link. The local host remembers the UDP session while there is still data to send from the serial link. If further packets are received for the same session, they are queued behind the already queued packet. After all the queued data has been sent over the serial link, the session is removed from the system. An associated UDP remote host for the serial link must be configured to have serial data sent back to the remote host from the serial port.
When a packet is received from the serial link based on end-of-packet (EOP) requirements, the data is copied and sent in a UDP packet to each configured remote host.
An open TCP session from a remote host to a raw socket’s local host is kept open until either the remote host terminates the session or the TCP inactivity timer expires. When a TCP session is open, all packets received from the remote host are queued for the raw socket serial link and sent over the serial link until no packets remain in the queue.
If multiple sessions are open towards the local host, and each is receiving data, each session’s data is queued and then sent over the serial link in round-robin fashion for each session until no packets remain. When a packet is received over the serial link, it is copied to each open TCP session and transmitted to the remote host.
A condition may occur where the end device connected to the serial port continues to send out a continuous stream of data after the normal response period has expired. This can prevent the far-end remote host or master equipment from receiving data from other end devices in the network. To resolve this condition, the squelch command can be used on the raw socket at the port level (it is disabled by default). This stops the socket from receiving any more data from the problematic device.
If the command is enabled, the 7705 SAR will monitor the serial port for a constant character stream. A configurable squelch delay period, using the squelch-delay command, is used to determine how long to measure the constant character stream before initiating the squelch function. If the squelch function is initiated, the port is considered locked up and an alarm is raised indicating the lock-up and that the squelching function has been triggered.
The serial port can be forced out of squelch and put back to normal, either manually using the squelch-reset command or automatically using the unsquelch-delay command. The unsquelch-delay command defines the time to wait after squelch is initiated before it is removed.
The following information describes provisioning guidelines and caveats.