RNEC N101 Lite- RAX711-L.pptx

RAISECOM UNIVERSITY
RNEC 101
CARRIER ETHERNET

2
CONTENT OVERVIEW
DAY
1
Session 1
• INTRODUCTION
• PRODUCT OVERVIEW
o RAX701
o RAX711-L
• CARRIER ETHERNET SERVICES REVIEW
o ETHERNET LINE (E-LINE)
 Ethernet Private Line (EPL)
 Ethernet Virtual Private Line (EVPL)
o ETHERNET LAN (E-LAN)
 Ethernet Private LAN (EP-LAN)
 Ethernet Virtual Private LAN (E-LAN)
• BASIC DEVICE MANAGEMENT
o USER MANAGEMENT
o IN-BAND/ OUT-BAND MANAGEMENT
o SW UPGRADE
o CONFIGURATION UPLOAD/DOWNLOAD
o DISASTER RECOVERY
o PORT MIRROR

3
CONTENT OVERVIEW
DAY
2
Session 1
 BASIC DEVICE SECURITY
o ACCESS CONTROL LISTS
o RESTRICTING DEVICE ACCESS
o PORT SECURITY
 SWITCHPORT CONFIGURATIONS
o ACCESS PORT
o TRUNK PORT
o QinQ PORT
 Basic QinQ
 Flexible QinQ
 QoS
o CLASS MAPS
o POLICY MAPS
o BANDWIDTH PROFILES
o COS REMARK
o DSCP REMARK

4
CONTENT OVERVIEW
DAY
3
Session 1
 ETHERNET CFM
o THEORY REVIEW
 Maintenance Domain
 Maintenance Association SA
 MEPs and MIPs
 Y.1731 SLA
o CFM CONFIGURATIONS
 SERVICE ACTIVATION TESTS
o RF2544
o Y.1564

5
CONTENT OVERVIEW
DAY
4
Session 1
 SCENARIO 1: DEDICATED ACCESS (POINT TO POINT)
 SCENARIO 2: INTERNET ACCESS
 SNMP MONITORING
o BASIC SNMP CONFIGURATION
o SNMP MONITORING
 RFC1213 MIB
 Performances OIDs
 Y.1731
 RFC2544
 Y.1564
 NVIEW REVIEW

8
PRODUCT OVERVIEW
RAX711 (B)
Carrier-Ethernet
IP/MPLS
MPLS-TP
Carrier-Ethernet
RAX711-R
iTN201-4GF-R
iTN201-2XG-R (10G)
MPLS-TP
Carrier-Ethernet
iTN201-4GF
iTN201-2XG (10G)
RAX711-L
RAX701
RAX711-C (10G)

9
PRODUCT OVERVIEW
• MEF2.0 Compliance
• Switching Capacity 6 Gbps
• 2 GE x NNI Ports (SFP), 1 GE x UNI Combo
• Internal wide range Power-Supply
• Extend Temp: -20c to 60c, Power Consumption <15w
43.6mm
Power Supply
Console
2x NNI
GbE SFP
1x UNI
Combo
1x RJ45
Outband Mgmt
COMPACT NID - RAX701

10
PRODUCT OVERVIEW
• MEF2.0 Compliance
• Switching Capacity 6 Gbps
• 2 GE x NNI Ports (SFP), 4 GE x UNI Combo
• Up to 4xE1’s ( CESoPSN/SAToP) , ordering option
• Redundant hot swappable power supply
• Extend Temp: -10c to 60c, Power Consumption <25w
Hot
Swappable
Dual PSU
CE & MPLS-TP NID RAX711-L

11
PRODUCT OVERVIEW
6xGE port
• 2x NNI SFP
• 4x UNI UTP
PSU- AC or DC
Redundant: AC/AC, DC/DC, AC/DC
6xGE port
• 2x NNI SFP
• 4x UNI Combo (UTP/SFP)
PSU- AC or DC
6xGE port
• 2x NNI SFP
• 4x UNI Combo (UTP/SFP)
• 4x E1 (CES)
PSU- AC or DC
RAX711-L CONFIGURATION OPTIONS

12
PRODUCT OVERVIEW
RAX-701 AND 711L ( SAME SW FEATURES)
• E-line/ELAN Carrier Ethernet Services
• Zero-Touch Configuration
• ELPS(ITU G.8031)
• ERPS (ITU G.8032) Protection
• MPLS-TP
• 8K MAC Address Table, 13k MTU
• Static Routing capabilities
• Y.1564 Generator and Reflector
• ETH OAM ( EFM/CFM/Y.1731)- Up to 64 monitored EVC’s
• E1 CES ( RAX-711L Only)
• SYNC-E ( RAX-711L Only)
• 1588-TC
• TWAMP Light (Generator and Reflector)

13
CARRIER ETHERNET SERVICES REVIEW

14
E-LINE
Point-to-Point EVC
CE
UNI
UNI
CE
CE
UNI CE
UNI
Multipoint EVC
CARRIER ETHERNET SERVICE TYPES
E-LAN
Rooted-Multipoint
EVC
Root
UNI
UNI
UNI
UNI
CE
CE
CE
CE
E-TREE
Service Provider 1
CE
UNI
UNI
CE
Service Provider 2
ENNI
E-ACCESS

15
E-Line create:
1. Ethernet Private Lines
2. Ethernet Virtual Private Lines
3. Internet Access
ETHERNET LINE

16
• Point-to-point connection that connects exactly two UNIs.
• Only two UNI connected can communicate with each other.
• Port-based service with single service (EVC) across dedicated UNIs providing site-to-site
connectivity.
• Most popular Ethernet service due to its simplicity.
• E-Line can replace TDM Private lines.
Point-to-Point EVCs
Carrier Ethernet Network
Storage
Service
Provider
UNI
CE
CE
UNI
ETHERNET PRIVATE LINE - EPL

17
• Enables multiple services (EVCs) delivered over single physical connection (UNI) to customer
premises
• Optimizes use of bandwidth and ports with Classes of Services (CoS)
• Support connectivity via Service Multiplexed UNI at hub site
• Replaces Frame Relay or ATM Layer 2 VPN services
Point-to-Point EVCs
Carrier Ethernet Network
CE
UNI
CE
UNI
CE
UNI
Hub Site
ETHERNET VIRTUAL PRIVATE LINE - EVPL

18
• Port-Based
• Each UNI is dedicated to the EP-LAN
service
• Example use: Transparent LAN
Multipoint-to-Multipoint
EVC
CE
UNI
UNI
UNI
CE
CE
EP-LAN
ETHERNET PRIVATE LAN EP-LAN

19
• VLAN-Aware
• Service Multiplexing allowed at UNI
• Example use : Internet access and
corporate VPN via one UNI
Multipoint-to-Multipoint EVC
Point-to-Point EVC
(EVPL)
ISP POP Internet
UNI
UNI
CE
CE
UNI
UNI
CE
CE
EVP-LAN
ETHERNET VIRTUAL PRIVATE LAN EVP-LAN

20
E-LAN:
• E-LAN services are appropriate when all UNIs need to generate traffic towards any other UNI, and all
UNIs belong to the same administrative domain.
• Traffic separation between different organizations sharing the service is not required
• All UNIs are designated as a root UNI.
E-Tree:
• E-Trees provide the separation between UNIs required to deliver a single service instance in which
different customers (each having a leaf UNI) connect to an ISP which has one or more root UNIs.
 Multiple root UNIs are permitted in E-Trees in order to support mirror sites (resiliency) and load
sharing configurations.
MULTIPOINT EVC (ELAN) vs ROOTED-MULTIPOINT EVC (E-TREE)

22
DEVICE MANAGEMENT
HOW TO ACCESS THE DEVICE
• Console Interface
 RJ45 to RS-232 Serial cable
 USB to RS-232 Serial Cable
• Telnet
 Raisecom#telnet 10.0.0.1 port 1
 IPv4 or Ipv6 Supported
 Port is an optional
• SSH
 Security Authentication over TCP
 Standard Port 22
Console Access
Telnet / SSH Session
Switch

23
DEVICE MANAGEMENT
IN-BAND / OUT-BAND MANAGEMENT
NETWORK
SITE A SITE B
IN-BAND MANAGEMENT
DCN
NETWORK
SITE A SITE B
OUT-BAND MANAGEMENT

24
DEVICE MANAGEMENT
IN-BAND MANAGEMENT
• Up to 15 IP Interfaces
• Only one VLAN per interface
Raisecom#conf t
Raisecom(config)#interface ip
<0-14> IP interface number
Raisecom(config)#interface ip 0
Raisecom(config-ip)#ip address 192.168.2.5 255.255.255.0
Raisecom(config-ip)#ip vlan 10
Raisecom(config-ip)exit
Raisecom(config)#
Raisecom(config)#show ip interface brief
IF Address NetMask Source Category
----------------------------------------------------------
0 192.168.2.5 128.0.0.0 assigned primary
Raisecom(config)#
• CoS can be assigned directly to Management traffic
• Management Traffic can be “double tagged”
Raisecom(config)#interface ip 0
Raisecom(config-ip)#ip management-traffic
cos Set COS for outer tag
mode Mode
tpid Set TPID for outer tag
Raisecom(config-ip)#ip management-traffic cos
<0-7> Cos value
Raisecom(config-ip)#$nt-traffic mode double-tagging inner-vlan
<1-4094> VLAN ID

25
DEVICE MANAGEMENT
OUT-BAND MANAGEMENT
• Management traffic sent to DCN Network without using any service port.
• No VLAN can be assigned to the traffic (must be done on DNC switch).
Raisecom#conf t
Raisecom(config)# management-port ip address 192.168.2.5 255.255.255.0
Raisecom(config)#
Raisecom(config)# show management-port ip-address
IF Address NetMask Source Catagory
----------------------------------------------------------
Raisecom(config)#

26
DEVICE MANAGEMENT
USER MANAGEMENT
Function Default Setting
Local User Information Username: Raisecom
Password: Raisecom
Privilege: 15
New User Privilege 15
New User Activation Status Activate
Enable Password raisecom
User Login Authentication Local-user password
Enable Login Authentication Mode Local-user password
• Raisecom# user name user-name password [cipher | simple] password
• Raisecom# user user-name privilege privilege-number-value (0-15)

27
DEVICE MANAGEMENT
USER MANAGEMENT
• Visitor
• Can execute ping, clear, & history
commands.
Level: 0 - 4
• Monitor User
• Can Execute show commands.
Level 5 -10
• Operator User
• Can Execute commands for service.
Level 11- 14
• Administer
• Can execute all commands.
Level 15
USER PRIVILEGE LEVELS

28
DEVICE MANAGEMENT
USER MANAGEMENT
• How to authorize user to use a command?
Step 1 Configure user login authentication mode
Step 2 Create a local user user1
Step 3 Configure user privilege
Step 4 Configure user service type
Step 5 Configure user command management (allow/disallow)
• User Profile
Raisecom#user login local-user
Raisecom#user name user1 password simple aaAA123@
Raisecom#user name user1 privilege 10
Raisecom#user user1 allow-exec mirror
• To disallow user to use a command
Raisecom#user user1 disallow-exec mirror

29
DEVICE MANAGEMENT
USER MANAGEMENT
Administer
Operator
Monitor
Visitor
Raisecom#show user table
Username Priority Server
-------------------------------------------------------
raisecom 15 Local
Raisecom# show user active
Username : raisecom
Priority : 15
Server IP : --
Terminal IP : 192.168.22.1
Login Type : telnet-1
Login Time : 2018-06-22,13:42:43
Current Login : Y
Raisecom# show terminal
Terminal State Time-out User IP
-------------------------------------------------------------------------------
console active 600sec LOCAL
*telnet-1 active 600sec raisecom 192.168.22.1 -
-

30
DEVICE MANAGEMENT
SOFTWARE UPGRADE
• The device supports Dual Software Image
• Software Image can be downloaded using FTP, SFTP and TFTP
• The download can be scheduled (Nview)
Raisecom#show version
Product Version: RAX711-L-4GC4E1-BL-S-AC/D-02 P200R002C32
Software Version: 5.4.66_20170406
RITP Version: 5.4
Bootstrap Version: BOOTROM_1.0.7
FPGA Version: fpga:1.4 fpga-ces:2.6
Hardware Version: A.00
System MacAddress: 000E.5E48.192F
Serial number: 123002021800S15817S0010G
RAX711-L-4GC4E1-BL-S with
128 M bytes DRAM
32 M bytes Flash Memory
2.366 M bytes Free Flash Memory
System uptime is 13 days, 0 hours, 49 minutes
VERIFY THE ACTUAL SW VERSION

31
DEVICE MANAGEMENT
SOFTWARE UPGRADE
Raisecom#show multi-system
Priority Name Version Size
----------------------------------------------------------
1* system1 5.4.66_20170406 10637066
2 system2 5.3.32_20150324 8309863
CHECK THE AVAILABLE SW VERSIONS
Raisecom#download system-boot ftp 10.10.10.10 ftp-user ftp-password system.z system1
ftp: Protocol to be used to download the new SW File
10.10.10.10: FTP/SFTP/TFTP Server
ftp-user and ftp-password: FTP Server User account and password
system.z : SW File name
System1: SW version to be replaced with the new SW File
DOWNLOAD A NEW SW VERSION
Raisecom#boot sequence
Please select the system file which boot priority is 1:
* system1 5.4.87_20170926
system2 5.4.87_20170804
Please input <1-2>:1
Boot order: system1 system2
Set successfully
CHOSE THE SW VERSION TO BE USED THE NEX BOOT

32
DEVICE MANAGEMENT
CONFIGURATION UPLOAD / DOWNLOAD
• Startup Config can be uploaded (backup) or downloaded (Restore)
• Running Configuration can be uploaded (backup)
• Config files can be downloaded using FTP, SFTP and TFTP
• The download can be scheduled (Nview)
Raisecom#download startup-config ftp 10.10.10.10 ftp-user ftp-password FILENAME
FILENAME : New configuration File name to be downloaded
DOWNLOAD A NEW CONFIG FILE TO STARTUP CONFIGURATION
Raisecom#upload running-config ftp 10.10.10.10 ftp-user ftp-password FILENAME
FILENAME : Name of the file where the running configuration will be copied.
UPLOAD RUNNING CONFIGURATION FILE

33
DEVICE MANAGEMENT
DISASTER RECOVERY – STOP CONFIGURATION LOADING
• When the device is starting, there is a way to prevent the actual config file (startup
config) is loaded to the running config and instead a blank config file is loaded.
• To do this, please press “S” (shift + c ) when prompted
• MANDATORY: Console access to the device is needed.
active static --
RAX711-TEST(config)#
RAX711-TEST(config-port)#switchport access vlan 100
Set successfully
RAX711-TEST(config-port)#
RAX711-TEST(config-port)#exit
RAX711-TEST(config)#show running-config interface uni 1
System current configuration in port mode:
!command in port_mode
!
interface uni 1
switchport access vlan 100
!
RAX711-TEST#wr
Saving current configuration..
Save current configuration successfully.
RAX711-TEST#
raisecom#
raisecom#hostname RAX711-TEST
Set successfully
RAX711-TEST#
RAX711-TEST#conf t
Configuration mode, one command input per times. End with CTRL-Z.
CONFIG-I:Configured from console ...
RAX711-TEST(config)#crea vl 100,200 active
Set successfully
RAX711-TEST(config)#show vlan
Switch Mode: --
VLAN Name State Status Priority Member-Ports
------------------------------------------------------------------------------
-----
100 VLAN0100 active static --
200 VLAN0200 active static --
TEST CONFIGURATIONS

34
DEVICE MANAGEMENT
DISASTER RECOVERY – STOP CONFIGURATION LOADING
STOP STARTUP CONFIGURATION LOADING
RAX711-TEST#reboot now
Rebooting ...1970-06-25,13:35:49 System-4-SYSTEM_REBOOT_INFO:[22]Reboot!
booting...
boot loader bootrom version 1.0.8
Compiled Jul 27 2016 15:33:30
Base Ethernet MAC address: 00:0e:5e:df:62:a7
Press SPACE to enter bootrom menu......
1. core/system.z
Uncompress start...
Loading image... 44960912
Uncompress success, device initialize,please wait...
Adding 51793 symbols for standalone.
Init system...
Updating FPGA......success.
DONE!
Init SNMP Factory Users....DONE!
Press <S> to stop Load Config... 2
############################################################
# #
# Welcome to Raisecom #
# #
# Press 'RETURN' to connect and config this system #
# #
############################################################
Raisecom Version RITP. on RAX711-L-4GC
1970-06-25,13:37:17 System-4-SYSTEM_BOOTING_INFO:[23]Booting!
Login:raisecom
Password:
raisecom#1970-06-25,13:37:39 User-5-LOGIN_SUCCESS:[23]The user 'raisecom' from
console login successful
raisecom#
raisecom#
raisecom#show vlan
Switch Mode: --
VLAN Name State Status Priority Member-Ports
------------------------------------------------------------------------------
-----
raisecom#
raisecom#
raisecom#show running-config interface uni 1
!
raisecom#

35
DEVICE MANAGEMENT
DISASTER RECOVERY – PASSWORD RECOVERY
• Sometimes the User or Enable Password is changed and the new password is lost.
• When this occurs, there is a way to erase the user table without losing the device configuration.
• To erase the user table, please go to the Bootrom mode (press space bar when prompted).
• On Bootroom mode: enter the hidden command CTRL + p and enter the password “20031211raisecomgao”
• The password can change depending on the product line.
• MANDATORY: Console access to the device is needed.
raisecom#show user table
--------------------------------------------
raisecom 15 Local
raisecom#
raisecom#user name admin password 12345678
Set successfully.
raisecom#
--------------------------------------------
admin 15 Local
raisecom 15 Local
raisecom#
raisecom#user name raisecom password 12345678
Set successfully.
raisecom#
Factory user table
Creating a new user (user admin)
Changing the default raisecom user password
New user table

36
DEVICE MANAGEMENT
DISASTER RECOVERY – PASSWORD RECOVERY
raisecom#reboot now
booting...
boot loader bootrom version 1.0.8
Compiled Jul 27 2016 15:33:30
Base Ethernet MAC address: 00:0e:5e:df:62:a7
Press SPACE to enter bootrom menu......
[Boot]: ?
? print this list
h print this list
b boot system
i modify network manage port ip address
m update microcode
r reboot system
ss switch system
u update system
ub update bootrom
ul update license
[Boot]: ^P
Do you want to delete current password file?<Y/N>y
Please input the password :20031211raisecomgao
delete the password file success.
[Boot]:
[Boot]: r
booting...
--------------------------------------------
raisecom 15 Local
raisecom#
Reboot the device
Press Space Bar
when Prompted
Bootrom Mode
Enter CTRL + P
Enter the password
Reboot the device
(enter command “r” )
User Table erased and taken t factory default

37
DEVICE MANAGEMENT
PORT MIRROR
Raisecom(config)#mirror { monitor-cpu | monitor-port interface-type interface-number }
Raisecom(config)#mirror source-port-list { both | egress | ingress } interface-type
interface-list
Raisecom(config)#mirror enable
Switch
UNI 4
NNI 1
Internet
UNI
1
Monitoring Port
Mirrored Traffic
Business Traffic
Source Port

39
BASIC DEVICE SECURITY
GENERAL SECURITY OVERVIEW
– RESTRICTING TRAFFIC
• Access Lists based on MAC Address
• Access Lists based on IP Address
Can be placed at:
– Physical Interface – Ingress
– Physical Interface – Egress
– VLAN
– RESTRICTING ACCESS
• Disable Telnet Access (Device or Port)
• SSH v2
• Authentication Mechanisms
– RADIUS
– TACACS
– PORT SECURITY
• Secure MAC-Address
– Limit number of MAC Address learned on a port
– Define an action in case of violation (Protect, Restrict, Shutdown)
1 2
Security doesn't
allow traffic on port 1

40
ACCESS CONTROL LISTs
 Several option available:
 Based on Mac Address: mac-access-list
 Based on IP Address: ip-access-list
 Access List Maps: More options to match traffic (CoS, Cvlan, Svlan, ethertype, etc)
 ACLs can be placed at a physical interface or vlan

41
Raisecom(config)#mac-access-list acl-id { deny|permit } [ protocol | arp | ip | rarp | any ]
{ source-mac-address mask | any } { destination mac-address mask | any }
Raisecom#config
Raisecom(config)#mac-access-list 1 permit any any 0180.C200.0000 FFFF.FFFF.FFFF
Raisecom(config)# mac-access-list 2 permit any any 0180.C200.000B FFFF.FFFF.FFFF
Raisecom(config)# filter mac-access-list all ingress uni 1
Raisecom(config)# filter enable
MAC ADDRESS ACCESS CONTROL LIST
 Up to 32 MAC Access List lines
 Each MAC ACL line has an ID
 Each line includes:
 ID
 Action (deny or permit)
 Protocol
 Source and Destination MAC addresses

42
Raisecom(config)#ip-access-list acl-id { deny |permit } { protocol-id | icmp | igmp | ip }
{ source-ip-address mask | any } { destination-ipaddress mask | any }
Raisecom#config
Raisecom(config)#ip-access-list 1 deny ip 192.168.1.1 255.255.255.0 192.168.1.100 255.255.255.0
Raisecom(config)# filter ip-access-list all ingress uni 1
Raisecom(config)# filter enable
IP ADDRESS ACCESS CONTROL LIST
 Up to 32 IP Access List lines
 Each IP ACL line has an ID
 Each line includes:
 ID
 Action (deny or permit)
 Protocol
 Source and Destination IP addresses

43
raisecom(config)#access-list-map 0 permit
raisecom(config-aclmap)#match
arp Address resolution protocol
cos CoS value
cvlan inner vlan
eapol EAPOL PAE/802.1x
ethertype An arbitrary EtherType
exp Label exp
flowcontrol 802.3x flow control packet
ip IP protocol
label Label
loopback Loopback
mac Mac address
pppoe PPP Over Ethernet Session Stage
pppoedisc PPP Over Ethernet Discovery Stage
second-label second Label
slowprotocol slow control packet
svlan outer vlan
user-define Match only packets on a user define ruler
x25 X.25 Level 3
x75 X.75 Internet
raisecom(config-aclmap)#
ACCESS LIST MAPS
 Up to 32 IP Access List maps
 Each Access list Map line has an ID
 There are more criteria to match traffic

44
RESTRICITING DEVICE ACCESS
The device access can be controlled or restricted:
 Telnet sessions can be restricted to an specific port
 Maximum number of telnet sessions customizable (0-10)
 Telnet can be disabled (and use only SSH)
Raisecom(config)#telnet-server
accept Request accept port configuration
close close
max-session Max sessions permit
Raisecom(config)#telnet-server accept
uni Uni port
nni Nni port
RAX711-L-4GC(135)(config)#
raisecom(config)# no telnet-server accept nni 1-2 uni 1-4
raisecom(config)# telnet-server accept nni 1
Raisecom(config)#telnet-server max-session
<0-10> Max session num
Raisecom(config)#telnet-server max-session 5
Raisecom(config)#ssh2 server
authentication Authentication
configuration
authentication-retries Authentication retry count
authentication-timeout Authentication timeout
configuration
port Listen port configuration
session Sessions configuration
Raisecom(config)#ssh2 server authentication
password Use local user-password authentication
public-key Configuration the public-key
rsa-key Use rsa-key authentication
Raisecom(config)#ssh2 server session 1
disable Disable session
enable Enable the session
Raisecom(config)#generate ssh-key
<512-2048> Ssh key length(bits), default is 512
bits
<cr>

45
PORT SECURITY
Raisecom(config)#interface uni 1
Raisecom(config-port)#switchport port-security violation
protect Protect mode
restrict Restrict mode
shutdown Shutdown mode
Raisecom(config-port)# mac-address-table threshold
<1-8191> Maximum number of mac addresses that can be learned for this port
Raisecom(config-port)#switchport port-security
To recover a failed port
Raisecom(config-port)#no port-security shutdown
Raisecom(config-port)#shutdown
Raisecom(config-port)#no shutdown
 Maximum number of Mac Addresses learned on an interface can de defined.
 If the MAC Threshold is reached, there are three possible actions:
 Protect: Discard the illegal traffic
 Restrict: Discard the illegal traffic and sends an alarm (SNMP trap) to the
Network Management System
 Shutdown: The port is shut down

47
SWITCHPORT CONFIGURATION
UNTAGGED TRAFFIC
Preamble SFD Dest.
MAC
Source
MAC
Ether-
Type
Payload/
Data
FCS
6 bytes
1 bytes 6 bytes 2 bytes 46-1500 bytes 4 bytes
7 bytes
ACCESS
PORT
ADD TAG
PORT
REMOVE TAG
Preamble SFD Dest.
MAC
Source
MAC
6 bytes
7 bytes
VLAN
TAG
Ether-
Type
Payload/
Data
FCS
4 bytes
TAGGED TRAFFIC
SWITCH
TAGGED TRAFFIC
TRUNK
PORT
PORT
ALLOWS/
REJECT
Preamble SFD Dest.
MAC
Source
MAC
6 bytes
7 bytes
VLAN
TAG
Ether-
Type
Payload/
Data
FCS
4 bytes
TAGGED TRAFFIC
SWITCH
4 bytes
Preamble SFD Dest.
MAC
Source
MAC
6 bytes
1 bytes 6 bytes 2 bytes 46-1500 bytes
7 bytes
VLAN
TAG
Ether-
Type
Payload
/Data
FCS
4 bytes
ALLOWS/
REJECT
ALLOWS/
REJECT
TAGGED TRAFFIC
QinQ
PORT
PORT
ALLOWS/
REJECT
4 bytes
DOUBE-TAGGED TRAFFIC
SWITCH
4 bytes
Preamble SFD Dest.
MAC
Source
MAC
6 bytes
7 bytes
VLAN
TAG
Ether-
Type
Payload
/Data
FCS
4 bytes
ADD
SVLAN
REMOVE
SVLAN
Preamble SFD Dest.
MAC
Source
MAC
6 bytes
7 bytes 4 bytes
SVLAN
TAG
CVLAN
TAG
Ether-
Type
Payload/
Data
FCS
PORT OPERATION MODES

48
ACCESS & TRUNK PORT
raisecom#conf t
raisecom(config)#interface uni 1
raisecom(config-port)#switchport access vlan 100
raisecom(config-port)#
raisecom(config-port)#sho run interface uni 1
!
interface uni 1
!
CONFIGURING AN ACCESS PORT

49
ACCESS & TRUNK PORT
raisecom(config)#
raisecom(config)#interface nni 1
raisecom(config-port)#switchport mode trunk
raisecom(config-port)#switchport trunk allowed vlan 100
raisecom(config-port)#sho run interface nni 1
!
interface nni 1
switchport trunk allowed vlan 100
switchport mode trunk
!
raisecom(config-port)#switchport trunk allowed vlan
add Add
all Allow forwarding all VLANs
remove Remove
{1-4094} VLAN list
raisecom(config-port)#show run interface nni 1
!
interface nni 1
switchport trunk allowed vlan 100,200
!
raisecom(config-port)#switchport trunk allowed vlan remove 200
!
interface nni 1
switchport trunk allowed vlan 100
!
CONFIGURING A TRUNK PORT
ADDING/REMOVING VLANS TO A TRUNK PORT

50
QinQ PORT
CONFIGURING A QinQ PORT – METHOD 1
raisecom(config)#
raisecom(config-port)#switchport qinq dot1q-tunnel
!
interface uni 1
switchport qinq dot1q-tunnel
!
CONFIGURING A QinQ PORT – METHOD 2
raisecom(config)#
raisecom(config-port)# switchport mode trunk
raisecom(config-port)# switchport trunk native vlan 100
!
interface uni 1
switchport trunk native vlan 100
!
CVLAN 1-4094 CVLAN 1-4094
NNI
UNI UNI
NNI NNI
NNI
SVLAN 100 CVLAN 1-4094 SVLAN 100 CVLAN 1-4094

51
SELECTIVE QinQ
CONFIGURING SWITCHPORT VLAN MAPPING FOR SELECTIVE QinQ
raisecom(config)#
raisecom(config-port)#switchport vlan-mapping
both Both directions
cvlan Based inner VLAN QinQ
egress Egress
ingress Ingress
raisecom(config)#
raisecom(config-port)#switchport vlan-mapping cvlan 100-200 add-outer 1000
raisecom(config-port)#switchport vlan-mapping cvlan 201-300 add-outer 2000
raisecom(config-port)#raisecom(config-port)#sho run interface uni 1
!
interface uni 1
switchport vlan-mapping cvlan 100-200 add-outer 1000
switchport vlan-mapping cvlan 201-300 add-outer 2000
!
SVLAN 1000 CVLAN 100-200
CVLAN 100 - 200
201 - 300
CVLAN 100 - 200
201 - 300
NNI
UNI
UNI
NNI
NNI
NNI
QinQ
QinQ

53
QUALITY OF SERVICE QoS
• QoS TRADITIONAL
• TRAFFIC CLASIFICATION
• Class Maps based on
• Scheduling
• SP
• WRR
• WRR+SP
• 8 queues per port
• Traffic Shaping
• Policy placed on port Ingress or Egress
• QoS ENHACEMENTS (MEF)
• Color Marking (3 color policing: color bind / color aware)
• Bandwidth Profiles
• Hierarchical Bandwidth Profiles (HCAR)
• IP / MAC (ACL)
• IPv6
• VLAN Id
• CVLAN (Inner)
• SVLAN (Outer)
• CVLAN + SVLAN
• COS / DSCP

54
CLASS MAPS
raisecom #conf t
raisecom(config)#class-map 10 match-all
raisecom(config-cmap)#match vlan 10
raisecom(config-cmap)#match cos 2
raisecom(config-cmap)#exit
raisecom(config)#
raisecom(config)#show class-map 10
Class Map match-all 10 (id 0)
Match cos 2
Match vlan 10
 Class Maps are used to classify traffic.
 Traffic can be classified based on:
 Mac Address
 IP Address
 Vlan
 CoS / DSCP
raisecom #conf t
raisecom(config-cmap)#match ip dscp 26
raisecom(config)#
Match ip dscp 26
raisecom #conf t
raisecom(config)mac-access-list 0 permit any any 0180.C200.0000 FFFF.FFFF.FFFF
raisecom(config-cmap)#match mac-access-list 0
raisecom(config)#
Match mac-access-list 0
CLASS MAP BASED ON VLAN / CoS
CLASS MAP BASED ON DSCP
CLASS MAP BASED ON MAC ADDRESS

55
POLICY MAPS
 Policy Maps are used to take an action on a previously classified traffic.
 Actions can be applied on a classified traffic:
 Limit Traffic rate (traffic policer must be defined previously)
 Change traffic attributes:
o Vlan (Inner / Outer Vlan)
o CoS / DSCP
 Policy Maps must be applied on a port (Ingress or Egress)
raisecom #conf t
raisecom(config)#policy-map 10
raisecom(config-pmap)#class-map 10
raisecom(config-pmap-c)#set cos 3
raisecom(config-pmap-c)#set vlan 100
raisecom(config-pmap-c)#exit
raisecom(config-pmap)#exit
raisecom(config)#show policy-map 10
Policy Map 10
Class-map 10
set cos 3
set vlan 100
raisecom(config)#service-policy 10 ingress uni 2
POLICY MAP USED TO CHANGE VLAN / CoS
raisecom #conf t
raisecom(config)#mls qos policer-profile 10M single
raisecom(traffic-policer)#cir 10000 cbs 12
raisecom(traffic-policer)#exit
raisecom(config)#
raisecom(config-pmap-c)#police 10M
Policy Map 20
Class-map 10
police 10M
POLICY MAP USED TO LIMIT TAFFIC RATE

56
BANDWIDTH PROFILES
UNI
EVC1
EVC2
EVC3
Bandwidth Profile EVC1
Bandwidth for each EVC: CIR + EIR
• CIR: Bandwidth that must be delivered
• EIR: Usable Excess Bandwidth. Not assured.
Parameters for Each Bandwidth Profile:
• CIR (Committed Information Rate)
• CBS (Committed Burst Size)
• EIR (Excess Information Rate)
• EBS: (Excess Burst Size)

57
BANDWIDTH PROFILES
MEF 10.2 has defined three ways in which bandwidth profiles can be applied:
– Ingress Bandwidth Profile Per UNI
– Ingress Bandwidth Profile Per EVC
– Ingress Bandwidth Profile Per CoS ID
UNI
EVC1
EVC2
EVC3
UNI
EVC1
EVC2
EVC3
Bandwidth Profile
Per UNI
UNI
EVC1
EVC2
Bandwidth Profile per COS ID 6
CE-VLAN COS 6
CE-VLAN COS 4
CE-VLAN COS 2
UNI BANDWIDTH PROFILE
EVC BANDWIDTH PROFILE
CE-VLAN CoS BANDWIDTH PROFILE

58
BANDWIDTH PROFILES
HCAR (HIERARCHYCAL COMMITTED ACCESS RATE):
 Ingress Bandwidth Profile Per UNI
 Ingress Bandwidth Profile Per EVC
 Ingress Bandwidth Profile Per CoS ID
UNI
EVC1
EVC2
EVC3
UNI
EVC1
EVC2
CE-VLAN COS 6
CE-VLAN COS 4
CE-VLAN COS 2
EVC BANDWIDTH
PROFILE
CE-VLAN CoS
BANDWIDTH
PROFILE
HIERARCHYCAL
BANDWIDTH PROFILE
HIERARCHYCAL
BANDWIDTH
PROFILE

59
BANDWIDTH PROFILES
COLOR MARKING
CONFORMANCE COLOR SERVICE FRAME
DELIVERY
CIR
CONFORMANT
Service Frames are
Green and delivered
per the performance
objectives specified in
the SLAs
EIR
CONFORMANT
Service Frames are
Yellow and may be
delivered but with no
performance
assurances.
NONE Service Frames are
Red and dropped

60
BANDWIDTH PROFILES
 Similar to rate limit command but includes latest MEF definitions regarding Traffic Color Marking (Green, Yellow, Red).
 Used on a port and can be combined with VLAN/CoS
 Used for HCAR (HIERARCHYCAL COMMITTED ACCESS RATE)
raisecom#conf t
raisecom(config)# bandwidth-profile 1 cir 10000 cbs 64
raisecom(config)# bandwidth ingress uni 1 vlan 10 1
raisecom#conf t
raisecom(config)# bandwidth ingress uni 1 vlan 10 coslist 1 1
raisecom(config)# bandwidth ingress uni 1 vlan 10 coslist 2 2
BANDWIDTH PROFILE PER PORT + VLAN + CoS
BANDWIDTH PROFILE PER PORT + VLAN
raisecom#conf t
raisecom(config)# bandwidth-profile 2 cir 20000 cbs 64 eir 10000 ebs 64
hierarchy-cos bandwidth-profile 1
bandwidth coslist 5 1
HIERARCHYCAL BANDWIDTH PROFILE PER PORT + VLAN + CoS

61
BANDWIDTH PROFILES
raisecom#conf t
raisecom(config)#hierarchy-cos bandwidth-profile 1
raisecom(config-hcos)#bandwidth coslist 5 2
raisecom(config-hcos)#exit
raisecom(config)# bandwidth ingress uni 1 vlan 10 1 hierarchy-cos 1
HIERARCHYCAL BANDWIDTH
PROFILE PER PORT + VLAN + CoS
raisecom#conf t
raisecom(config)# hierarchy-vlan bandwidth-profile 1
raisecom(config-hvlan)# bandwidth vlanlist 10 2
raisecom(config-hvlan)#exit
raisecom(config)#
raisecom(config)# bandwidth ingress uni 1 1 hierarchy-vlan 1
HIERARCHYCAL BANDWIDTH
PROFILE PER PORT + VLAN

62
CoS REMARK
 By default the CoS value is trusted on the ingress port.
 CoS can be remarked:
 All traffic marked with one single CoS value
 All traffic can remarked selectively based on the incoming CoS value
raisecom#conf t
raisecom(config)#mls qos mapping cos-to-local-priority 1
raisecom(cos-to-pri)#cos 0 to local-priority 5
raisecom(cos-to-pri)#cos 1 to local-priority 6
raisecom(cos-to-pri)#exit
raisecom(config)# mls qos mapping cos-remark 1
raisecom(cos-remark)#exit
raisecom(config)# interface nni 1
raisecom(config-port)# switchport trunk allowed vlan 300 confirm
raisecom(config-port)# mls qos cos-remark 1
raisecom(config-port)#exit
raisecom(config)# interface uni 1
raisecom(config-port)# mls qos cos-to-local-priority 1
raisecom(config-port)# exit
raisecom(config)#
SELECTIVE CoS REMARKING PORT CoS REMARKING
raisecom#conf t
raisecom(config)# interface nni 1
raisecom(config-port)# mls qos port-priority 3
raisecom(config)#

63
DSCP REMARK
 By default the DSCP value is not trusted on the ingress port.
 DSPC can be remarked:
 All traffic marked with one single DSCP value
 All traffic can remarked selectively based on the incoming DSCP value
raisecom#sho mls qos uni 1-4
Port Priority Trust-Mode Scheduler-Mode
-------------------------------------------------------------
uni 1 0 Cos SP
uni 2 0 Cos SP
uni 3 0 Cos SP
uni 4 0 Cos SP
raisecom#conf t
raisecom(config)#int uni 1
raisecom(config-port)#mls qos trust
cos Cos
dscp Dscp
inner-cos inner cos
ipp IP Precedence
port-priority Port-priority

64
DSCP REMARK
PORT DSCP REMARKING
raisecom #conf t
raisecom(config)#access-list-map 10 permit
raisecom(config-aclmap)#match ip dscp default
raisecom(config-aclmap)#exit
raisecom(config)#class-map 10 match-ny
raisecom(config-cmap)#match access-list-map 1
raisecom(config-pmap-c)#set ip dscp 33
raisecom(config)#service-policy 10 ingress uni 2
raisecom(config)#show access-list-map 10
access-list-map 10 permit
match ip dscp default
Class Map match-any 10 (id 3)
Match access-list-map 10
Policy Map 10
Class-map 10
set ip dscp 33
SELECTIVE DSCP REMARKING
raisecom #conf t
raisecom(config)#mls qos mapping dscp-mutation 1
raisecom(dscp-mutation)#dscp 10 to new-dscp 20
raisecom(dscp-mutation)#exit
raisecom(config)#
raisecom(config)# interface uni 1
raisecom(config-port)# mls qos trust dscp
raisecom(config-port)# mls qos dscp-mutation 1
raisecom(config)#

65
ETHERNET CONNECTIVITY FAULT MANAGEMENT
(IEEE 802.1ag)

66
ETHERNET OAM
Ethernet OAM is a set of functions designed to monitor network operation in order to detect network faults and measure its
performance:
– Link OAM
• Allows customer and service provider to monitor and diagnose the UNI connectivity via Link OAM (link level)
– Service OAM
• Allows customer and service provider to monitor and diagnose the UNI connectivity via Service OAM (end-to-end)
Metro IP/MPLS
or Transport
Network
PE Router
Metro Access Metro Edge/Core Metro Access
OS900
Service OAM
Link OAM Link OAM
Metro IP/MPLS
or Transport
Network
PE Router
EDD/NID
EDD/NID
ISCOM
2924GF-4C
ISCOM
2924GF-4C

67
IEEE 802.1ag
• Provides end-to-end Ethernet connectivity management – mechanisms to detect, verify, isolate and
report faults.
 Continuity Check Message (CCM)
 Loopback (LBM Loopback Message/LBR Loopback Response)
 Linktrace (LTM Link Trace Message/LTR Link Trace Response)
 RDI (Remote Default Indicator)
 ETH-AIS (Alarm Indication Signal)
 Lock
 Test
• Scalable to provide connectivity checking and fault detection across multiple networks and multiple
domains.
 Partitions the network into Domains to define responsibilities
of different stakeholders.
 Supports up to 8 Maintenance Domain levels.

68
MAINTENANCE DOMAIN
Maintenance Domains (MDs) are Ethernet networks or Sub-Networks, that is of interest to, or the
responsibility of, an administrative entity, such as the subscriber, the service provider, or an operator.
MDs are configured with Names and Levels, where the eight levels range from 0 to 7. A hierarchal
relationship exists between domains based on levels. The larger the domain, the higher the level
value. Recommended values of levels are as follows:
Customer Domain: Largest (e.g., 7)
Provider Domain: In between (e.g., 3)
Operator Domain: Smallest (e.g., 1)
Domains Cannot Overlap

69
MAINTENANCE ASSOCIATION / MAINTENANCE ENTITY GROUP
Defined as a "set of MEPs, all of which are configured with the same MAID (Maintenance Association
Identifier) and MD Level, each of which is configured with a MEPID unique within that MAID and MD
Level, and all of which are configured with the complete list of MEPIDs.”
• MEPs – MEG End points are provisioned components that can initiate and terminate SOAM frames/processes and
can also react to SOAM frames. MEPs exist at the edge of a domain, which define the boundary for the domain.
• Up MEP - If an OAM flow is being sent out of a specific port (UNI or ENNI) - such as with the UNI ME or the
ENNI ME - the MEP is referred to as a Down MEP. OAM flows from a Down MEP are always initiated through
the same port.
• Down MEP - If an OAM is being sent to a destination in the network - such as with the EVC ME - the MEP is
referred to as an Up MEP. The path taken by OAM flows from an Up MEP can change if the network topology
changes, e.g., due to the addition, removal, or failure of a path.
• MIPs – MEG Intermediary Points are provisioned components that can only react to SOAM frames (for example, to
support loopback or link trace). A MIP cannot initiate an SOAM process, but it can generate an SOAM frame in
response to a received SOAM frame. These points are internal to a domain, not at the boundary. SOAM frames
received from MEPs and other MIPs are cataloged and forwarded, all SOAM frames at a lower level are stopped
and dropped. MIPs are Passive points, respond only when triggered by SOAM trace route and loop-back
messages.

70
MAINTENANCE DOMAINS – MEPs - MIPs

71
CFM PROTOCOLS
• The Continuity Check Message (CCM) provides a means to detect connectivity failures in an MA. CCMs are multicast
messages. CCMs are confined to a domain (MD). These messages are unidirectional and do not solicit a response. Each
MEP transmits a periodic multicast Continuity Check Message inward towards the other MEPs.
• Sent Every 1s = Fault Management
• Sent Every 10s = Performance Monitoring
• Sent Every 3ms = Protection Switching
• Link Trace (LT) Link Trace messages otherwise known as Mac Trace Route are Multicast frames that a MEP transmits to
track the path (hop-by-hop) to a destination MEP which is similar in concept to User Datagram Protocol (UDP) Trace Route.
Each receiving MEP sends a Trace Route Reply directly to the Originating MEP, and regenerates the Trace Route Message.
• Loop-back (LB) Loop-back messages otherwise known as MAC ping are Unicast frames that a MEP transmits, they are
similar in concept to an Internet Control Message Protocol (ICMP) Echo (Ping) messages, sending Loopback to successive
MIPs can determine the location of a fault. Sending a high volume of Loopback Messages can test bandwidth, reliability, or
jitter of a service, which is similar to flood ping. A MEP can send a Loopback to any MEP or MIP in the service. Unlike
CCMs, Loop back messages are administratively initiated and stopped.

72
Y.1731 SLA
• ITU-T Y.1731 augments IEEE 802.1ag in defining capabilities to perform Performance Monitoring (PM) for
Ethernet services.
• It also provides additional Fault Management (FM) capabilities.
• Y.1731 defines the frame format and multicast addresses to be used for both PM and FM.
The following procedures and packet formats are defined in Y.1731:
• AIS (Alarm Indication Signal): Generated when an end-point detects loss of connectivity.
• Lock: Used to verify connectivity problems in out-of-service mode.
• Test: Used to test the connectivity out-of-service. It can be used as part of RFC 2544 or ITU-T
Y.1564 testing.
• Delay Measurements: Using DMM/DMR procedure.
• Loss Measurement: Using LMM/LMR procedure.
• Raisecom SLA tests look at the Delay and Loss characteristics of the service.

73
Y.1731 SLA
 MEP use unicast LB messages to measure – proactively/periodically – P2P service performance.
 Performance messages enable
– Latency, loss measurement (Two-Way)
– Jitter (Two-Way and One-Way)
 Separate PM Tests can be operated in parallel
 Loopback and PM messages used for performance measurement
 Configuration defined for remote MEP or MIP (MAC or remote ID MEP)
Metro Network
Site 2
Site 1
MEP
MEP
MIP
MEP
Delay, Jitter & loss
LBM
LBR

74
Y.1731 SLA
• End to end SLAs are critical for carrier grade Ethernet services
• Service availability, frame delay, frame delay variation and frame loss
• Both round trip and 1 way basis
• Standards provide tools for SLA measurement – 802.1ag, ITU Y.1731, ITU Y.1564
• Emerging technology – Ethernet demarcation devices required to measure end to end SLAs

75
Y.1731 SLA
• Based on Continuity Check Messages (CCM) in 802.1ag (CFM) and Y.1731
• Sent 1/Second – Fault Management
• Sent 10/Second – Performance Monitoring
• Sent 300/Second – Protection Switching
10/100BT
Demarcation
Device
Cust.
Eqpmnt.
Customer
Premise
Carrier Network
Carrier Edge
Switch
Carrier Edge
Switch
10/100BT
Demarcation
Device
Cust.
Eqpmnt.
Customer
Premise
CCM

76
Y.1731 SLA
The following PM parameters are measured:
– Frame Loss Ratio (FLR)
• Percentage of undelivered service frames, divided by the total number of service frames during a
time interval. The number of service frames not delivered is the difference between the number of
service frames sent to an ingress UNI and the number of service frames received at an egress UNI.
– Frame Delay (FD)
• Time taken by a frame to make the round-trip from the source node, through the destination node,
and back to the same source node. This time is measured from the start of transmission of the first
bit of the frame by a source node until the reception of the last bit of the frame by the same source
node.
– Frame Delay Variation (FDV) or Jitter
• Measure of the variations in the FD between a pair of service frames belonging to the same CoS
instance on a point-to-point Ethernet connection.
– Inter-arrival Jitter
• Estimate of the statistical variance of the PM data packet inter-arrival time, measured in timestamp
units and expressed as an unsigned integer, as defined in RFC1889.

77
Y.1731 SLA
– Complements SLA measurement by demarcation devices
– Centralized tool for collecting performance monitoring data and storing in a database
– Centrally stored data can be used for real-time reporting or monthly reports
– Service-oriented Key Performance Indicators (KPIs)
10/100BT
Demarcation
Device
Cust.
Eqpmnt.
Customer
Premise
Carrier Network
Carrier Edge
Switch
Carrier Edge
Switch
10/100BT
Demarcation
Device
Cust.
Eqpmnt.
Customer
Premise

78
CFM CONFIGURATIONS
CUSTOMER
SITE-A
CUSTOMER
SITE-B
NNI
NNI
Metro Ethernet Network
Provider MA = Domain Level 4
Customer MA = Domain Level 6
UNI UNI
PRACTICE TOPOLOGY

79
CFM CONFIGURATIONS – SITE A
raisecom(config)#
raisecom(config-port)#switchport trunk allowed vlan 100,200
raisecom(config-port)#ethernet cfm enable
raisecom(config-port)#show run interface nni 1
!
interface nni 1
ethernet cfm enable
!
raisecom(config)#
raisecom(config-port)#ethernet cfm enable
raisecom(config-port)#show run interface uni 1
!
interface uni 1
ethernet cfm enable
!
NNI PORT CONFIGURATION UNI PORT CONFIGURATION

80
CFM CONFIGURATIONS – SITE A
raisecom#conf t
raisecom(config)#ethernet cfm domain md-name Lvl4 level 4
raisecom(config)#ethernet cfm enable
CFM DOMAINS CONFIGURATION
raisecom(config)#
raisecom(config)#service Operator level 4
raisecom(config-service)#service vlan-list 200 primary-vlan 200
raisecom(config-service)# service remote-mep 22 nni 1
raisecom(config-service)# service mep down mpid 11 nni 1
raisecom(config-service)# service pm enable mep 11
raisecom(config-service)# service cc enable mep 11
raisecom(config-service)#exit
raisecom(config)#
PROVIDER MA CONFIGURATION
raisecom(config)#
raisecom(config)#service EVC100 level 6
raisecom(config-service)#service sdp nni 1
raisecom(config-service)#service remote-mep 2 uni 1
raisecom(config-service)#service mep up mpid 1 uni 1
raisecom(config-service)#service pm enable mep 1
raisecom(config-service)#service cc enable mep 1
raisecom(config)#
CUSTOMER MA CONFIGURATION

81
CFM CONFIGURATIONS – SITE B
raisecom(config)#
raisecom(config-port)#switchport trunk allowed vlan 100,200
!
interface nni 1
ethernet cfm enable
!
raisecom(config)#
!
interface uni 1
ethernet cfm enable
!
NNI PORT CONFIGURATION UNI PORT CONFIGURATION

82
CFM CONFIGURATIONS – SITE B
raisecom#conf t
raisecom(config)#ethernet cfm enable
CFM DOMAINS CONFIGURATION
raisecom(config)#
raisecom(config)#service Operator level 4
raisecom(config-service)# service remote-mep 11 nni 1
raisecom(config-service)# service mep down mpid 22 nni 1
raisecom(config-service)# service pm enable mep 22
raisecom(config-service)# service cc enable mep 22
raisecom(config)#
PROVIDER MA CONFIGURATION
raisecom(config)#
raisecom(config)#service EVC100 level 6
raisecom(config-service)#service sdp nni 1
raisecom(config-service)#service remote-mep 1 uni 1
raisecom(config-service)#service mep up mpid 2 uni 1
raisecom(config-service)#service pm enable mep 2
raisecom(config-service)#service cc enable mep 2
raisecom(config)#
CUSTOMER MA CONFIGURATION

83
CFM CONFIGURATIONS
VERIFYING CFM LOCAL MEPs
VERIFYING CFM REMOTE MEPs
SITE-A(config)#show ethernet cfm local-mp
Local mep configuration information:
Mpid Level Direction Port Cc-Status SendCCMs Trap-status Type Service
priority sdp
-----------------------------------------------------------------------------------------------
-------------------------------------
11 4 DOWN nni 1 Enable ------ macRemErr vlan 200
7 ---
1 6 UP uni 1 Enable ------ macRemErr vlan 100
SITE-A(config)#show ethernet cfm remote-mep
Maintenance Domain(MD) level:4
Maintenance Domain(MD) name: Lvl4
Mpid Service Primary Vlan IfState PortState Mac Address Source Age
-------------------------------------------------------------------------------------
22 Operator 200 Up Up 000E.5EDF.62A7 11 265(ms)
Maintenance Domain(MD) level:6
Maintenance Domain(MD) name: Lvl6
Mpid Service Primary Vlan IfState PortState Mac Address Source Age
-------------------------------------------------------------------------------------
2 EVC100 100 Down Up 000E.5EDF.62A7 1 644(ms)
SITE-A(config)#

84
CFM CONFIGURATIONS
CFM PING (LBM) REMOTE MEPs
SITE-A(config)#service Operator level 4
SITE-A(config-service)#ping mep 22
Type CTRL+C to abort
Sending 3 Ethernet CFM loopback messages to 000E.5EDF.62A7, timeout is 5 s:
Reply from MEP 22: time=17ms
Reply from MEP 22: time<1ms
------ PING Statistics ------
Success rate is 100 percent (3/3).
Ping statistics from 000E.5EDF.62A7:
Received loopback replys£º<3 /0 /0 > (In order/Out of order/Error)
SITE-A(config-service)#exit
SITE-A(config)#
SITE-A(config)#service EVC100 level 6
SITE-A(config-service)#ping mep 2
Type CTRL+C to abort
Sending 3 Ethernet CFM loopback messages to 000E.5EDF.62A7, timeout is 5 s:
------ PING Statistics ------
Success rate is 100 percent (3/3).
Ping statistics from 000E.5EDF.62A7:
Received loopback replys£º<3 /0 /0 > (In order/Out of order/Error)
SITE-A(config-service)#

85
CFM CONFIGURATIONS
CFM TRACE (LTM) REMOTE MEPs
SITE-A(config)#
SITE-A(config)#service Operator level 4
SITE-A(config-service)#traceroute mep 22
TTL: <64>
Tracing the route to 000E.5EDF.62A7 on level 4, service Operator.
Traceroute send via nni1.
----------------------------------------------------------------------------------------------
Hops HostMac IngressPort EgressPort IsForwarded RelayAction NextHop
----------------------------------------------------------------------------------------------
!1 000E.5EDF.6291 nni1 - No rlyHit 000E.5EDF.62A7
SITE-A(config-service)#exit
SITE-A(config)#
SITE-A(config)#service EVC100 level 6
SITE-A(config-service)#traceroute mep 2
TTL: <64>
Tracing the route to 000E.5EDF.62A7 on level 6, service EVC100.
Traceroute send via uni1.
----------------------------------------------------------------------------------------------
Hops HostMac IngressPort EgressPort IsForwarded RelayAction NextHop
----------------------------------------------------------------------------------------------
0 000E.5EDF.6291 uni1 nni1 Yes rlyMpdb 000E.5EDF.6291
!1 000E.5EDF.6291 nni1 - No rlyHit 000E.5EDF.62A7
SITE-A(config-service)#

86
SLA CONFIGURATIONS
SLA DEFINITION
SITE-A(config)#sla 1 y1731-jitter remote-mep 2 level 6 svlan 100 dm
SITE-A(config)#sla 2 y1731-pkt-loss remote-mep 2 level 6 svlan 100 packets 5
SITE-A(config)#sla 3 y1731-jitter remote-mep 22 level 4 svlan 200 dm
SITE-A(config)#sla 4 y1731-pkt-loss remote-mep 22 level 4 svlan 200 packets 5
RUNNING SLAs
SITE-A(config)#sla schedule 1 life forever

87
VERIFYING SLAs RESULTS
SITE-A(config)#show sla all result
------------------------------------------------------------------------
Operation <1>:
Schedule Status: Active
Be In Emergency Maintenance: NO
Send Frame Number: 4
Receive Frame Number: 4
------------------------------------------------------------------------
Info of Latest Test: TWO-WAY ONE-WAY(SD) ONE-WAY(DS)
------------------------------------------------------------------------
Delay Min(usec): 6 3 3
Delay Max(usec): 7 3 3
Delay Sum(usec): 26 13 13
Jitter Sum(usec): 2 < 1 < 1
------------------------------------------------------------------------
Operation <2>:
------------------------------------------------------------------------
Info of Latest Test: ONE-WAY(SD) ONE-WAY(DS)
------------------------------------------------------------------------
Loss Min(1/10000): 0 0
Loss Max(1/10000): 0 0
Loss Sum: 0 0
Lost of Test(1/10000): 0 0
------------------------------------------------------------------------
Operation <3>:
------------------------------------------------------------------------
Info of Latest Test: TWO-WAY ONE-WAY(SD) ONE-WAY(DS)
------------------------------------------------------------------------
Delay Min(usec): <= 1 <= 1 <= 1
Delay Max(usec): <= 1 <= 1 <= 1
Delay Sum(usec): 5 2 2
Jitter Sum(usec): < 1 < 1 < 1
------------------------------------------------------------------------
Operation <4>:
------------------------------------------------------------------------
Info of Latest Test: ONE-WAY(SD) ONE-WAY(DS)
------------------------------------------------------------------------
Loss Min(1/10000): 0 0
Loss Max(1/10000): 0 0
Loss Sum: 0 0
Lost of Test(1/10000): 0 0
SITE-A(config)#

89
SERVICE ACTIVATION TESTS
ACTIVE AND PASSIVE SERVICE TESTING
Testing
Framework
Out-of-Service In-Service
Active testing RFC 2544/Y.1564 SOAM
Passive testing n/a Network
Management
Element Info
 Generally there are two types of Testing (active & passive)
 Passive Testing = Monitoring
 No impact to Services
 Active Testing = Intrusive to Service
 Can be done In-Service with low frame rate
 Can be done Out-of-Service replacing Customer Traffic with Test Traffic

90
RFC2544 vs Y.1564
RFC2544 Y.156sam
Testing Method Sequential testing, tests can
not be run simultaneously
Tests run for all flows
simultaneously
Throughput The maximum rate at which
none of the offered frames are
dropped by the device
Maximum throughput must
respect CIR/EIR
Frame delay Latency measured on 1 frame
every 2 minutes
All flows simultaneously
Inter frame delay variation Not defined All flows simultaneously
Frame loss ratio FL measurement on lack of
resources only
FL measurement on lack of
resources and services quality
CoS support Not support Support
Bandwidth profile Extendable to CIR/EIR Confirms CIR/EIR/CBS/EBS

91
Y.1564 TEST
This test will eventually supersede RFC2544 tests as the standard test for service turn-up and activation.
The Y.156sam focuses on the following KPIs for service quality:
Bandwidth or Information rate (IR): This is a bit rate measure of available or consumed data communication
resources expressed in bits/second or multiples of it (kilobits/s, megabits/s, etc.).
Frame transfer delay (FTD): Also known as latency, this is a measurement of the time delay between the
transmission and the reception of a frame
Frame delay variations (FDV): Also known as packet jitter, this is a measurement of the variations in the time
delay between packet deliveries
Frame loss ratio (FLR): Typically expressed as a ratio, this is a measurement of the number of packets lost
over the total number of packets sent.
Availability (AVAIL): Typically expressed as a % of up time for link under test for example does the network
pass the 5 "9's" 99.999% up time.

92
Y.1564 TEST
• Traffic is generated for each service sequentially, first up to CIR, then up to CIR + EIR (if applicable)
and then over CIR + EIR
• Verifies that CIR and EIR are properly configured
• Verifies all parameters (pass/fail SAC thresholds for each Service Attribute)
CIR
CIR + EIR
CIR + EIR
+ 25%
1 to 60 sec
Performance
Unguaranteed
Verify
SAC
here
time
Throughput as
seen at output
of test function
Verify
Traffic Policing

93
RFC2544 CONFIGURATIONS
rfc2544 frame-loss 1 rate 25 frame-size 64
RFC2544 CONFIGURATION SITE A (SENDER)
rfc2544 enable
rfc2544 dmac 000E.5EDF.62A7
rfc2544 svlan vlanid 100
rfc2544 meg-level 6
rfc2544 throughput max-rate 25 min-rate 1 step 5 frame-loss 1000 duration 300 resolution 1 trial 1
rfc2544 latency max-rate 25 initial-rate 1 step 5 duration 300 trial 1
rfc2544 frame-loss duration 300 trial 1
rfc2544 throughput 1 frame-size 64
rfc2544 latency 1 frame-size 64
RFC2544 CONFIGURATION SITE A (SENDER) THROUGHPUT, LATENCY AND FRAME-LOSS FRAME SIZES TO BE TESTED
SITE-B#show version
Product Version: RAX711-L-4GC-AC/D-02
P200R002C40
RITP Version: 5.4
FPGA Version: fpga:2.3
System MacAddress: 000E.5EDF.62A7
Serial number: 123002020800B17925B0002G
DMAC ON SENDER CONFIG = SITE B (REFLECTOR) MAC ADDRESS

94
RFC2544 CONFIGURATIONS
SITE-B#conf t
SITE-B(config)#interface nni 1
SITE-B(config-port)#loopback smac 000E.5EDF.6292
SITE-B(config-port)#loopback
SITE-B(config-port)#
RFC2544 CONFIGURATION SITE B (REFLECTOR)
SITE-B(config-port)#show interface nni 1 loopback
Loopback configuration information:
-----------------------------------------
Port : nni 1
Loopback mode : Manual
Loopback status : Loopup
Loopback rule : Port
Loopback layer : no layer
Local MAC address : 000e.5edf.62a7
Local IP: 127.0.0.1
Local IPv6: ::1
DMAC swap : Enable
SMAC swap : Localmac
DIP swap : Enable
UDP port swap : Enable
DMAC : 0000.0000.0000
SMAC : 000e.5edf.6292
CVLAN : 0 CCOS:--
SVLAN : 0 SCOS:--
Source IP address:0.0.0.0
Destination IP address:0.0.0.0
Source IPv6 address:::
Destination IPv6 address:::
UDP-SPORT : -- UDP-DPORT:--
TCP-SPORT : -- TCP-DPORT:--
LSP LABEL : 0 PW LABEL:0
ETHERNET TYPE:0x0000
Loopback lasting time : forever
VERIFYING LOOPBACK STATUS
SITE-A(config)#show manufacture info
The product manufacture information:
Main board:
Vendor: RAISECOM
Product Name: RAX711-L-4GC-AC/D-02
Product Ver: A.00
Serial No.: 123002020800B17925B0001G
MAC Address: 00:0E:5E:DF:62:91
MAC2 Address: 00:0E:5E:DF:62:92
CES Address: 00:00:00:00:00:00
LOOPBACK SMAC ON REFLECTOR = SITE A (SENDER) MAC2 ADDRESS

95
RUNNING RFC2544 TEST
SITE-A(config)#rfc2544 schedule frame-loss all
SITE-A(config)#rfc2544 schedule latency all
SITE-A(config)#rfc2544 schedule throughput all
SITE-A(config)#show rfc2544 frame-loss-configuration
Function: Frame-loss
Duration(s): 300
Trial: 1
SITE-A(config)#show rfc2544 latency-configuration
Function: Latency
MaxSpeed(Mbps) : 25
InitialSpeed(Mbps): 1
StepSize(Mbps): 5
Duration(s): 300
Trial: 1
SITE-A(config)#show rfc2544 throughput-configuration
Function: Throughput
MaxSpeed(Mbps): 25
MinSpeed(Mbps): 1
StepSize(Mbps): 5
FrameLossRate(0.01%): 1000
Resolution(Mbps): 1
Duration(s): 300
Trial: 1
START RFC2544 TEST
VERIFYING RFC2544 CONFIGUIRATION

96
VERIFYING RFC2544 RESULTS
SITE-A#show rfc2544 frame-loss-result
TestID TrialIndex TxCount FrameLossRate(0.01%) FrameSize(Byte) ResultStatus
-------------------------------------------------------------------------------------
1 1 11160714 0 64 success
2 1 6334459 0 128 success
3 1 3396739 0 256 success
4 1 1762218 0 512 success
5 1 897988 0 1024 success
6 1 721153 0 1280 success
7 1 609557 0 1518 success
8 1 602506 0 1536 success
SITE-A#show rfc2544 latency-result
TestID TrialIndex TxCount MaxDelay(us) MinDelay(us) AvgDelay(us) MaxJitter(us) MinJitter(us) AvgJitter(us) FrameLossRate(0.01%) FrameSize(Byte) ResultStatus
--------------------------------------------------------------------------------------------------------------------------------------------------------------
1 1 11160714 4 2 2 1 0 0 0 64 success
2 1 6334459 6 3 3 3 0 0 0 128 success
3 1 3396739 7 4 4 3 0 0 0 256 success
4 1 1762218 7 6 6 0 0 0 0 512 success
5 1 897988 13 10 10 3 0 0 0 1024 success
6 1 721153 15 12 12 3 0 0 0 1280 success
7 1 609557 14 14 14 0 0 0 0 1518 success
8 1 602506 17 14 14 3 0 0 0 1536 success
SITE-A(config)#show rfc2544 throughput-result
TestID TrialIndex TxCount Throughput(Mbps) FrameSize(Byte) ResultStatus
----------------------------------------------------------------------------
1 1 11160714 25 64 success
2 1 6334459 25 128 success
3 1 3396739 25 256 success
4 1 1762218 25 512 success
5 1 897988 25 1024 success
6 1 721153 25 1280 success
7 1 609557 25 1518 success
8 1 602506 25 1536 success

97
Y.1564 CONFIGURATIONS
rcsam service 3 l2-eth
name 75M
uni uni 1
dmac 000E.5EDF.62A7
frame-size fix 1518
svlan 100 cos 3
cir 75000 cbs 32
traffic-policing rate 75000
latency-threshold 25
jitter-threshold 25
frame-loss-threshold 1000
performace-test cir 100
service enable
name 25M
uni uni 1
dmac 000E.5EDF.62A7
frame-size fix 1518
svlan 100 cos 1
cir 25000 cbs 32
jitter-threshold 15
service enable
name 50M
uni uni 1
dmac 000E.5EDF.62A7
frame-size fix 1518
svlan 100 cos 2
cir 50000 cbs 32
jitter-threshold 25
service enable
Y.1564 CONFIGURATION SITE A (SENDER)
SITE-B#show version
Product Version: RAX711-L-4GC-AC/D-02 P200R002C40
RITP Version: 5.4
FPGA Version: fpga:2.3
System MacAddress: 000E.5EDF.62A7
Serial number: 123002020800B17925B0002G
DMAC ON SENDER CONFIG = SITE B (REFLECTOR) MAC ADDRESS
(config)#rate-limit vlan 100 cos 1 uni 1 ingress cir 25000 cbs 32
RATE LIMIT ON UNI INTERFACE

98
Y.1564 CONFIGURATIONS
SITE-B#conf t
SITE-B(config)#interface nni 1
SITE-B(config-port)#loopback smac 000E.5EDF.6292
SITE-B(config-port)#loopback
Y.1564 CONFIGURATION SITE B (REFLECTOR)
SITE-B(config-port)#show interface nni 1 loopback
Loopback configuration information:
-----------------------------------------
Port : nni 1
Loopback mode : Manual
Loopback status : Loopup
Loopback rule : Port
Loopback layer : no layer
Local MAC address : 000e.5edf.62a7
Local IP: 127.0.0.1
Local IPv6: ::1
DMAC swap : Enable
SMAC swap : Localmac
DIP swap : Enable
UDP port swap : Enable
DMAC : 0000.0000.0000
SMAC : 000e.5edf.6292
CVLAN : 0 CCOS:--
SVLAN : 0 SCOS:--
Source IP address:0.0.0.0
Destination IP address:0.0.0.0
Source IPv6 address:::
Destination IPv6 address:::
UDP-SPORT : -- UDP-DPORT:--
TCP-SPORT : -- TCP-DPORT:--
LSP LABEL : 0 PW LABEL:0
ETHERNET TYPE:0x0000
Loopback lasting time : forever
VERIFYING LOOPBACK STATUS
SITE-A(config)#show manufacture info
The product manufacture information:
Main board:
Vendor: RAISECOM
Product Name: RAX711-L-4GC-AC/D-02
Product Ver: A.00
Serial No.: 123002020800B17925B0001G
MAC Address: 00:0E:5E:DF:62:91
MAC2 Address: 00:0E:5E:DF:62:92
CES Address: 00:00:00:00:00:00
LOOPBACK SMAC ON REFLECTOR = SITE A (SENDER) MAC2 ADDRESS

99
RUNNING Y.1564 TEST
SITE-A(config)#rcsam step-time 10
SITE-A(config)#rcsam performance-test duration 1
SITE-A(config)#rcsam service-identify type
vlan vlan
SITE-A(config)#rcsam service-identify type vlan
cos vlan cos
dscp vlan dscp
traffic-class vlan traffic-class
<cr>
SITE-A(config)#rcsam service-identify type vlan cos
SITE-A(config)#rcsam performance-test enable
SITE-A(config)#rcsam configuration-test enable
SITE-A(config)#rcsam test start
Set successfully.
SITE-A(config)#
RcSam: Starting rcSam test...
RcSam: Running Configuration Test...
RcSam: Running Performance Test...
RcSam: Test Completed!
SITE-A(config)

100
VERIFYING Y.1564 RESULTS
SITE-A(config)#show rcsam result detail
SITE-A(config)#sho rcsam result detail
Cofiguration Test Status : completed
Configuration Test Result : Pass
Duration(sec.) : 50
Service 1 : 25M
Test Result Avg.IR FLR(0.001%) FD(us) FDV(us) Avail FDR BER
(kbps) min mean max min mean max (%) (us)
--------------------------------------------------------------------------------------------------
CIR
STEP1 Pass 6208 0 28 28 28 0 0 0 100% 0 0
STEP2 Pass 12480 0 28 28 28 0 0 0 100% 0 0
STEP3 Pass 18688 0 28 28 28 0 0 0 100% 0 0
STEP4 Pass 24960 0 28 28 28 0 0 0 100% 0 0
EIR N/A --- --- --- --- --- --- --- --- --- --- ---
Tra-po Pass 24960 0 28 28 28 0 0 0 100% 0 0
Service 2 : 50M
--------------------------------------------------------------------------------------------------
CIR
STEP1 Pass 12480 0 28 28 28 0 0 0 100% 0 0
STEP2 Pass 24960 0 28 28 28 0 0 0 100% 0 0
STEP3 Pass 37440 0 28 28 28 0 0 0 100% 0 0
STEP4 Pass 49984 0 28 28 28 0 0 0 100% 0 0
EIR N/A --- --- --- --- --- --- --- --- --- --- ---
Tra-po Pass 49984 0 28 28 29 0 0 1 100% 1 0

101
VERIFYING Y.1564 RESULTS
Service 3 : 75M
--------------------------------------------------------------------------------------------------
CIR
STEP1 Pass 18688 0 28 28 28 0 0 0 100% 0 0
STEP2 Pass 37440 0 28 28 28 0 0 0 100% 0 0
STEP3 Pass 56192 0 28 28 28 0 0 0 100% 0 0
STEP4 Pass 74944 0 28 28 28 0 0 0 100% 0 0
EIR N/A --- --- --- --- --- --- --- --- --- --- ---
Tra-po Pass 74944 0 28 28 28 0 0 0 100% 0 0
Performance Test Status : completed
Performance Test Result : Pass
Duration(min.) : 3
Test Result Avg.IR(kbps) FLR(0.001%) FD(us) FDV(us) Avail FDR BER
min mean max min mean max min mean max min mean max (%) (us)
---------------------------------------------------------------------------------------------------------------------------------
service 1 Pass 24960 24960 24960 0 0 0 28 28 30 0 0 1 100% 2 0
service 2 Pass 49984 49984 49984 0 0 0 28 28 29 0 0 1 100% 1 0
service 3 Pass 74944 74944 74944 0 0 0 28 28 30 0 0 1 100% 2 0
SITE-A(config)#

103
SCENARIO 1 REVIEW
TOPOLOGY
DEDICATED ACCESS (POINT TO POINT)

104
SCENARIO 1 REVIEW
CONSIDERATIONS

105
SCENARIO 1 REVIEW
CONFIGURATIONS

107
DEVICE MONITORING
CONSIDERATIONS
INTERNET ACCESS

108
SCENARIO 2 REVIEW
TOPOLOGY
INTERNET ACCESS

109
SCENARIO 2 REVIEW
CONSIDERATIONS
INTERNET ACCESS

110
SCENARIO 1 REVIEW
CONFIGURATIONS
INTERNET ACCESS

RNEC N101 Lite- RAX711-L.pptx

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to RNEC N101 Lite- RAX711-L.pptx

Similar to RNEC N101 Lite- RAX711-L.pptx (20)

Recently uploaded

Recently uploaded (20)

RNEC N101 Lite- RAX711-L.pptx