相关协议
1) 802.1Q Virtual Bridged Local Area Networks
2) 802.1ad Provider Bridges
A Bridge can be logically subdivided into the following components:
• S-VLAN component
• C-VLAN component
Bridges are classified into VLAN Bridge:
CB: Customer Bridge or C-VLAN Bridge
PEB: Provider Edge Bridg
PCB: Provider Core Bridge or S-VLAN Bridge
Provider Core Bridge integrates only one S-VLAN component. It is capable of providing single service on a port.
Provider Edge Bridge integrates one S-VLAN component with zero or many C-VLAN components as well as integrates each C-VLAN (up to 4094 C-VLANs) individually with a different S-VLAN (up to 4094 S-VLANs).
================================
Bridge-Port-Type CB PEB PCB
--------------------------------------------------------
Customer Bridge Port (CBP) YES NO NO
Customer Edge Port (CEP) NO YES NO
Customer Network Port (CNP) NO YES YES
Provider Network Port (PNP) NO YES YES
================================
An aid to remember the functions of the Bridge Port Types:
• Customer ports (CEPs, CNPs) face the customer network and connect to a single customer.
• Provider ports (PNPs) face the provider network.
• Edge port (CEPs) are on C-VLAN components and recognize C-tags.
• Network ports (CNPs, PNPs) are on S-VLAN components and recognize S-tags.
Customer service Interface
A service provider can offer a customer one or more types of service interfaces, each providing different capabilities for service selection, priority selection, and service access protection. Some service interfaces are provided by the service provider operating systems that include C-VLAN components, or by customer operating systems that include S-VLAN components.
Access to a given service instance can be provided through different types of customer service interface.
1) CNP-Port Based (Port-based service interface)
Traffic on this port is considered to be a single service and is assumed to have no S-tags. The port-based CNP applies a single S-tag for all customer traffic at ingress. The port-based CNP strips out the S-tag on egress to the Customer Bridge.
2) CNP-STAG(S-tagged service interface)
The S-tagged service interface is provided by a Provider Bridge to allow the attached customer to select between, and to identify service instances using the S-VID associated with the transmitted and received frames. The traffic on this port may have S-tags used by customer equipment to differentiate services.
The customer-controlled provider edge bridge can provide C-Tagged service interfaces within the customer's own network. These customer-controlled Provider Bridges are connected to the provider-controlled bridges via CNP S-Tagged interfaces. The communication between the customer-controlled Provider Bridge and the connecting Provider Bridge is through SVLAN tag.
3) CEP(C-tagged service interface)
Configuring a port as Customer Edge Port results in creating a C-VLAN component. The C-VLAN component can be uniquely identified by the port number of the Customer Edge Port. A C-VLAN component in a Provider Edge Bridge integrates a single Customer Edge Port and many Provider Edge Ports.
Service instance selection is provided for C-tagged service interfaces by a C-VLAN component internal to a Provider Edge Bridge. The C-VLAN component uses the C-VID to direct frames to an internal Provider Edge Port supporting a specific service instance.
C-VID Registration Table
The CVID Registration table provides mapping between a Customer VLAN and Service VLAN. Many Customer VLANs can be mapped to a single service instance (Service VLAN). Mapping first a Customer VLAN to a Service VLAN results in creating a Provider Edge Port (PEP). Provider Edge Ports are logical ports that are used to connect the C-VLAN component to the S-VLAN component. Provider Edge Ports are uniquely identified by a Customer Edge Port and a Service VLAN ID.
This table provides the equivalent functionality of
1) Configuring the PVID of the internal Customer Network Port on the S-VLAN component;
2) Adding the corresponding Provider Edge Port on the C-VLAN component to the member set of the C-VLAN;
3) Adding the Provider Edge Port and/or Customer Edge Port to the untagged set of the C-VLAN (if it is desired that frames forwarded to that port are transmitted untagged for this C-VLAN).
举例:
CEP端口(5/2)加入到S-VID=6,7的S-VLAN。
从Customer侧过来的报文C-VID=1001,1002,2001,2002。
C-VID=1001,1002映射到S-VID=6;
C-VID=2001,2002映射到S-VID=7.
具体如下表:
=====================================
S-VLAN Port C-VLAN Untagged-PEP Untagged-CEP
-----------------------------------------------------------
6 Gi5/2 1001 False False
6 Gi5/2 1002 False False
7 Gi5/2 2001 False False
7 Gi5/2 2002 False False
=====================================
应当如下配置C-VID Registration Table。
输入:CEP端口号(5/2),C-VID(1001, 1002, 2001, 2002)
1) 配置S-VLAN Component上的CNP-Port Based的PVID;
CEP(5/2)内部生成2个PEP和2个CNP-Port Based。
2个CNP-Port Based的PVID分别设成6和7。
2) 把PEP加入到上述C-VLAN中;
Service VLAN-ID =6的PEP加入到C-VLAN=1001和1002的Member Set中。
Service VLAN-ID =7的PEP加入到C-VLAN=2001和2002的Member Set中。
结果如下:
----------------------------------------------------
Provider Edge Port configuration:
Port Gi5/2
Service VLAN-ID : 6
Port VLAN-ID : 1001
Port Gi5/2
Service VLAN-ID : 7
Port VLAN-ID : 2001
----------------------------------------------------
3) 设置PEP/CEP的端口Untagged属性 (true/false);
端口配置(Port Configuration)
a) PVID
Configuration of a PVID for each Port, to associate a VID with untagged and priority-tagged received frames
b) Default User Priority
An integer range 0-7 to be used for untagged frames received at the port;
c) Acceptable Frame Types
The Acceptable Frame for frames received at the port.
The permissible values for the parameter are as follows:
1) Admit only VLAN-Tagged frames;
2) Admit only Untagged and Priority-Tagged frames;
3) Admit all frames: all frames are accepted on the port;
CNP-Port Based只能配置为2)Admit only Untagged and Priority-Tagged
d) Ingress Filtering
The permissible values for the parameter are as follows:
1) Enabled: the port only accepts frames with VLAN IDs of which the port is already a member;
2) Disabled: the port accepts frames with any VLAN ID.
e) Priority Regeneration
输入:端口号,VID(说明每个VLAN需要1个设置)
输出:接受到的Priority (0-7)和转发的Priority的Mapping (0-7)。
• For CBP and CEP types, Ingress C-tag Priority is regenerated to the C-tag.
• For CNP and PNP types, Ingress S-tag Priority is regenerated to the Service VLAN Tag.(CNP-Port Based可以接受Priority-Tagged的SVLAN Frame.)
可以对每个PEP端口进行设置。
f) VID Translation Table
1) S-VID Translation Table is used for interconnecting two different provider networks, which provides a one-to-one bidirectional mapping between a local S-VID (used in data and protocol frames transmitted and received through this Customer Network Port or Provider Network Port) and a relay S-VID (used by the filtering and forwarding processes of the S-VLAN component in a Provider Bridge).
S-VLAN Translation Table is only applicable for PNP and CNP-STAG.
2) The Double Tag Swap feature is designed to enable the NE to swap (translate) the CVID and SVID of the traffic flowing in a Provider Bridge. Double tag VLAN ID translation can be enabled/disabled on PNP and CNP-STAGNP.
3) Customer VLAN Translation can be enabled/disabled on CEP and CBP.
CBP上要求Relay C-VLAN必须存在。(不存在则无法转发)
CNP-Port Based 上不支持VID Translation Table.(没有C-VLAN Component,但是接收到的frame里面只有CVID)
g) Priority Code Point Encoding Table
If the VLAN tag is a Service VLAN tag, then Table 6-3 and Table 6-4 shall be supported.
If the VLAN tag is a Customer VLAN tag, then the 8P0D row of each table shall be supported, and the remaining rows may be supported.
提供了一种利用3Bit的PCP来进行Priority和Drop Eligibility的设定。这样可以提供一种对CTAG和STAG都适用的设定方法。(CTAG不支持DEI,STAG支持DEI)
参照方法:
8P0D: Drop Eligibility不能Encoding在PCP中。(但是STAG可以利用DEI位进行设定)
7P1D: 支持7种Priority和1种Priority进行Drop Eligibility设定。
6P2D和5P3D以此类推。
举例:
4表示Priority=4,Drop Eligibility=false,4DE表示Priority=4,Drop Eligibility=true;
做Encoding的时候,{6P2D:P=4,D=false}的情况下,PCP设置为5;
{6P2D:P=4,D=true}的情况下,PCP设置为4。
做Decoding的时候,{6P2D ,PCP=5}的情况下,表示{P=4,D=false};
{6P2D ,PCP=4}的情况下,表示{P=4,D=true}。
h) Use_DEI
If the VLAN tag is a Service VLAN tag (S-TAG), the drop_eligible parameter may also be encoded in and decoded from the Drop Eligible Indicator (DEI) in the S-TAG. (Use_DEI can be set to only False on CEP ports.)
If the Use_DEI is True for the Port, the drop_eligible parameter is encoded in the DEI of transmitted frames, and the drop_eligible parameter shall be True for a received frame if the DEI is set in the S-TAG or the Priority Code Point Decoding Table indicates drop_eligible True for the received PCP value.
If the Use_DEI parameter is False, the DEI shall be transmitted as zero and ignored on receipt.
The default value of the Use_DEI parameter is False.
i) Member Port/Untagged Port
Static VLAN entries can be configured with the required number of member ports, untagged ports and forbidden ports.
• Member ports are permanently assigned to the egress list. Member ports represent the set of ports permanently assigned to the VLAN egress list. Frames belonging to the specified VLAN are forwarded on the ports in the egress list.
• Untagged ports transmit untagged frames. If the port type is not explicitly specified as untagged, then all ports are configured to be of tagged port type allowing transmission of frames with the specified VLAN tag. The untagged setting allows the port to transmit frames without a VLAN tag. This setting is used to configure a port connected to an end user device.
• Forbidden ports are not allowed for the VLAN. Alternatively, the forbidden setting prevents the port from participating in the specified VLAN activity and ensures that any dynamic requests for the port to join the VLAN are ignored.
所谓的Untagged Port和tagged Port不是讲述物理端口的状态,而是将是物理端口所拥有的某一个VID的状态,所以一个物理端口可以在某一个VID上是Untagged Port,在另一个VID上是tagged Port。
加入VLAN的时候,CEP和CNP-Port只能配置为Untagged(或者Forbidden)。(因为CEP和CNP-Port发出的报文不带STAG)
*Tag Control Information (TCI)
1) CTAG(802.1Q)
IEEE 802.1Q协议规定在目的MAC地址DA和源MAC地址SA之后,报文所属协议类型Type之前,封装4个字节的VLAN Tag,用以标识VLAN的相关信息。
VLAN Tag包含四个字段,分别是TPID(Tag Protocol Identifier,标签协议标识符)、PCP(Priority Code Point)、CFI(Canonical Format Indicator,标准格式指示位)和VLAN ID。
TPID用来判断本数据帧是否带有VLAN Tag,长度为16bit,缺省取值为0x8100。
Priority表示报文的优先级,长度为3bit。
CFI字段标识MAC地址在不同的传输介质中是否以标准格式进行封装,长度为1bit,取值为0表示MAC地址以标准格式进行封装,为1表示以非标准格式封装,缺省取值为0。
VLAN ID标识该报文所属VLAN的编号,长度为12bit,取值范围为0~4095。由于0和4095为协议保留取值,所以VLAN ID的取值范围为1~4094。
2) STAG(802.1ad)
The semantics and structure of the S-TAG is identical to that of the C-TAG, with the exception that bit 5 in octet 1, the Drop Eligible Indicator (DEI) bit, does not convey a CFI.
另外,STAG的TPID=0x88A8
3) L2 Protocol Tunneling(BPDU Tunneling)
为了在运营商网络中透明传输用户L2协议报文,在传统的QinQ Tunnel中是通过修改原协议报文的目的地址来实现的,但是边缘设备上对报文进行修改会加重设备负担。
在802.1ad中为C-VLAN及S-VLAN分配了不同的保留地址,在S-VLAN中处理C-VLAN中的协议报文和处理普通的数据报文一样,从而不需要Tunnel就可以透明传输用户二层协议报文。
Spanning Tree Protocol
Provider网络的STP操作和Customer网络的STP操作完全独立运行,相互不关联。
在Provider网络内部采用不同的Bridge Group Address(01-80-C2-00-00-08),对于用户的BPDU报文(01-80-C2-00-00-00)作为普通数据报文透传,不进行识别和处理。
GVRP
Provider网络的GVRP操作和Customer网络的GVRP的操作完全独立运行,相互不关联。
在Provider网络内部采用不同的Provider Bridge GVRP Address(01-80-C2-00-00-0D),对于用户GVRP报文(01-80-C2-00-00-21)以及其他的GARP保留地址作为普通数据报文透传,不进行识别和处理。
Bridge Group Address 01-80-C2-00-00-00
Provider Bridge Group Address 01-80-C2-00-00-08
Bridge GVRP Address 01-80-C2-00-00-21
Provider Bridge GVRP Address 01-80-C2-00-00-0D
GMRP Address 01-80-C2-00-00-20
IEEE 802.1X Authentication Address 01-80-C2-00-00-03
IEEE 802.3x Flow Control Address 01-80-C2-00-00-01
IEEE 802.3ad LACP and Marker Address 01-80-C2-00-00-02
IEEE 802.1AB Link Layer Discovery Protocol multicast address 01-80-C2-00-00-0E