IEEE 802.1ad Support on Provider Bridges

Available Languages

Download Options

  • PDF     (265.0 KB)
    View with Adobe Reader on a variety of devices
Updated:May 26, 2011

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

IEEE 802.1ad Support on Provider Bridges

Table Of Contents

IEEE 802.1ad Support on Provider Bridges

Finding Feature Information

Contents

Restrictions for IEEE 802.1ad Support on Provider Bridges

Information About IEEE 802.1ad Support on Provider Bridges

Service Provider Bridges

S-Bridge Component

C-Bridge Component

MAC Addresses for Layer 2 Protocols

IEEE 802.1ad Support on Provider Bridges Feature

Layer 2 PDU Destination MAC Addresses for Customer-Facing C-Bridge UNI Ports

Layer 2 PDU Destination MAC Addresses for Customer-Facing S-Bridge UNI Ports

How to Configure IEEE 802.1ad Support on Provider Bridges

Configuring a Switch Port to Process 802.1ad BPDUs

Configuring a Switch Port to Forward BPDUs

Configuring a Switch Port to Process BPDUs

Configuration Examples for IEEE 802.1ad Support on Provider Bridges

Example: Configuring an 802.1ad S-Bridge UNI

Example: Configuring an 802.1ad C-Bridge UNI

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Feature Information for IEEE 802.1ad Support on Provider Bridges

Glossary


IEEE 802.1ad Support on Provider Bridges

First Published: April 19, 2010
Last Updated: May 26, 2011

Service provider bridges (also called provider bridges) allow switches in a service provider network to transparently carry a customer's Layer 2 control frames, such as Spanning Tree Protocol (STP) bridge protocol data units (BPDUs) or Cisco Discovery Protocol frames, separate from the service provider's traffic and from other customer traffic in the service provider's network. User network interface (UNI) ports of a provider bridge interface with customer devices and have a specific set of requirements defined by the IEEE 802.1ad standard. These requirements enable provider bridges to have the same functionality as Layer 2 protocol tunneling (L2PT) and Q-in-Q (QnQ) bridges.

This document describes the IEEE 802.1ad implementation on Cisco switches using Layer 2 switch ports.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the "Feature Information for IEEE 802.1ad Support on Provider Bridges" section.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Contents

Restrictions for IEEE 802.1ad Support on Provider Bridges

Information About IEEE 802.1ad Support on Provider Bridges

How to Configure IEEE 802.1ad Support on Provider Bridges

Additional References

Additional References

Feature Information for IEEE 802.1ad Support on Provider Bridges

Glossary

Restrictions for IEEE 802.1ad Support on Provider Bridges

The IEEE 802.1ad Support on Provider Bridges feature is not supported on the Cisco ME3400 series switch.

Information About IEEE 802.1ad Support on Provider Bridges

Service Provider Bridges

MAC Addresses for Layer 2 Protocols

IEEE 802.1ad Support on Provider Bridges Feature

Service Provider Bridges

Provider bridges pass the network traffic of many customers, and each customer's traffic flow must be isolated from one another. For Layer 2 protocols within customer domains to function properly, geographically separated customer sites must appear to be connected via a LAN, and the provider network must be transparent.

The IEEE has reserved 33 Layer 2 MAC addresses for customer devices operating Layer 2 protocols. If a provider bridge uses these standard MAC addresses for its Layer 2 protocols, the customers' and service provider's Layer 2 traffic will be mixed together. Provider bridges solve this traffic-mixing issue by providing Layer 2 protocol data unit (PDU) tunneling for customers using a provider bridge (S-bridge) component and a provider edge bridge (C-bridge) component. Figure 1 shows the topology.

Figure 1 Layer 2 PDU Tunneling

S-Bridge Component

The S-bridge component is capable of inserting or removing a service provider VLAN (S-VLAN) for all traffic on a particular port. IEEE 802.1ad adds a new tag called a Service tag (S-tag) to all ingress frames from the customer to the service provider.

The VLAN in the S-tag is used for forwarding the traffic in the service provider network. Different customers use different S-VLANs, which results in each customer's traffic being isolated. In the S-tag, provider bridges use an Ethertype value different than the standard 802.1Q Ethertype value, and they do not understand the standard Ethertype. This difference makes customer traffic tagged with the standard Ethertype appear as untagged in the provider network so customer traffic is tunneled in the port VLAN of the provider port. 802.1ad service provider user network interfaces (S-UNIs) and network-network interfaces (NNIs) implement the S-bridge component.

For example, a VLAN tag has a VLAN ID of 1, the C-tag Ethertype value is 8100 0001, the S-tag Ethertype value is 88A8 0001, and the class of service (CoS) is zero.

C-tag S-tag

------------------------------------------------------- --------------------------------------------------

0x8100 | Priority bits | CFI | C-VLAN-ID 0x88A8 | Priority bits | 0 | S-VLAN-ID

------------------------------------------------------- --------------------------------------------------

C-Bridge Component

All C-VLANs entering on a UNI port in an S-bridge component are provided the same service (marked with the same S-VLAN). C-VLAN components are not supported, but a customer may want to tag a particular C-VLAN packet separately to differentiate between services. Provider bridges allow C-VLAN packet tagging with a provider edge bridge, called the C-bridge component of the provider bridge. C-bridge components are C-VLAN aware and can insert or remove a C-VLAN 802.1Q tag. The C-bridge UNI port is capable of identifying the customer 802.1Q tag and inserting or removing an S-tag on the packet on a per service instance or C-VLAN basis. A C-VLAN tagged service instance allows service instance selection and identification by C-VLAN. 801.1ad customer user network interfaces (C-UNIs) implement the C-component.

MAC Addresses for Layer 2 Protocols

Customers' Layer 2 PDUs received by a provider bridge are not forwarded, so Layer 2 protocols running in customer sites do not know the complete network topology. By using a different set of addresses for the Layer 2 protocols running in provider bridges, IEEE 802.1ad causes customers' Layer 2 PDUs entering the provider bridge to appear as unknown multicast traffic and forwards it on customer ports (on the same S-VLAN). Customers' Layer 2 protocols can then run transparently.

Table 1 shows the Layer 2 MAC addresses reserved for the C-VLAN component.

Table 1 Reserved Layer 2 MAC Addresses for the C-VLAN Component 

Assignment
Value

Bridge Group Address

01-80-C2-00-00-00

IEEE 802.3 Full Duplex PAUSE Operation

01-80-C2-00-00-01

IEEE 802.3 Slow_Protocols_Multicast_Address

01-80-C2-00-00-02

IEEE 802.1X PAE Address

01-80-C2-00-00-03

Provider Bridge Group Address

01-80-C2-00-00-08

Provider Bridge GVRP Address

01-80-C2-00-00-0D

IEEE 802.1AB Link Layer Discovery Protocol Multicast Address

01-80-C2-00-00-0E

Reserved for future standardization

01-80-C2-00-00-04

01-80-C2-00-00-05

01-80-C2-00-00-06

01-80-C2-00-00-07

01-80-C2-00-00-09

01-80-C2-00-00-0A

01-80-C2-00-00-0B

01-80-C2-00-00-0C

01-80-C2-00-00-0F


Table 2 shows the Layer 2 MAC addresses reserved for the S-VLAN component. These addresses are a subset of the C-VLAN component addresses, and the C-bridge does not forward the provider's BPDUs to a customer network.

Table 2 Reserved Layer 2 MAC Addresses for the S-VLAN Component 

Assignment
Value

IEEE 802.3 Full Duplex PAUSE Operation

01-80-C2-00-00-01

IEEE 802.3 Slow_Protocols_Multicast_Address

01-80-C2-00-00-02

IEEE 802.1X PAE Address

01-80-C2-00-00-03

Provider Bridge Group Address

01-80-C2-00-00-08

Reserved for future standardization

01-80-C2-00-00-04

01-80-C2-00-00-05

01-80-C2-00-00-06

01-80-C2-00-00-07

01-80-C2-00-00-09

01-80-C2-00-00-0A


IEEE 802.1ad Support on Provider Bridges Feature

The IEEE 802.1ad Support on Provider Bridges feature is implemented on switch ports and supports the following IEEE 802.1ad specified functions:

Operation of individual provider bridges

Configuration and management of individual provider bridges

Management of spanning tree and VLAN topologies within a provider network

In Cisco IOS Release 12.2(54)SE, the Cisco ME 3400E and Catalyst 3750 Metro switch platforms support this feature. The Cisco ME3400 switch platform does not support this feature.

Layer 2 PDU Destination MAC Addresses for Customer-Facing C-Bridge UNI Ports

Table 3 shows the Layer 2 PDU destination MAC addresses for customer-facing C-bridge UNI ports and how frames are processed.

Table 3 Layer 2 PDU Destination MAC Addresses for Customer-Facing C-Bridge UNI Ports 

MAC Address
Protocol
Significance on the C-Bridge UNI Port
Default Action

01-80-C2-00-00-00

Bridge Group Address (end-to-end BPDUs)

Data, BPDU
(based on the CLI configuration of the l2protocol command)

BPDU

01-80-C2-00-00-01

802.3X Pause Protocol

BPDU

MAC address processes

01-80-C2-00-00-02

Slow protocol address: 802.3ad LACP, 802.3ah OAM, Cisco Discovery Protocol, DTP, PagP, UDLD, VTP

BPDU

BPDU

01-80-C2-00-00-03

802.1x

BPDU

BPDU

01-80-C2-00-00-04

Reserved for future media access method

Drop

Drop

01-80-C2-00-00-05

Reserved for future media access method

Drop

Drop

01-80-C2-00-00-06

Reserved for future bridge use

Drop

Drop

01-80-C2-00-00-07

Ethernet Local Management Interface

BPDU

BPDU

01-80-C2-00-00-08

Provider STP (BPDU)

Drop

Drop

01-80-C2-00-00-09

Reserved for future bridge use

Drop

Drop

01-80-C2-00-00-0A

Reserved for future bridge use

Drop

Drop

01-80-C2-00-00-0B

Reserved for future S-bridge purposes

Drop

Drop

01-80-C2-00-00-0C

Reserved for future S-bridge purposes

Drop

Drop

01-80-C2-00-00-0D

Provider bridge GVRP address

Drop

Drop

01-80-C2-00-00-0E

802.1ab LLDP

Data, BPDU
(based on the CLI configuration of the l2protocol command)

BPDU

01-80-C2-00-00-0F

Reserved for future C- bridge or Q-bridge use

Drop

Drop

01-80-C2-00-00-10

All bridges address

BPDU

Peer

01-80-C2-00-00-20

GMRP

Data

Data

01-80-C2-00-00-21

GVRP

Data

Data

01-80-C2-00-00-22-2F

Other GARP addresses

Data

Data

01-00-0C-CC-CC-CC

Cisco's Cisco Discovery Protocol, DTP, PagP, UDLD, VTP (end-to-end)

Data, BPDU
(based on the CLI configuration of the l2protocol command)

BPDU

01-00-0C-CC-CC-CD

Cisco's PVST (end-to-end)

Data, BPDU
(based on the CLI configuration of the l2protocol command)

BPDU


Layer 2 PDU Destination MAC Addresses for Customer-Facing S-Bridge UNI Ports

If a port is operating as a customer-facing S-bridge UNI, the destination MAC addresses shown in Table 4 are used for defining the Layer 2 protocol PDU processing at the S-bridge UNI.

Table 4 shows the Layer 2 PDU destination MAC addresses for customer-facing S-bridge ports and how frames are processed.

Table 4 Layer 2 PDU Destination MAC Addresses for Customer-Facing S-Bridge UNI Ports 

MAC Address
Protocol
Significance on the S-Bridge UNI Port
Default Action

01-80-C2-00-00-00

Bridge Group Address (BPDUs)

Data, BPDU
(based on the CLI configuration of the l2protocol command)

Data

01-80-C2-00-00-01

802.3X Pause Protocol

BPDU

MAC address processes

01-80-C2-00-00-02

Slow protocol address: 802.3ad LACP, 802.3ah OAM

BPDU

BPDU

01-80-C2-00-00-03

802.1x

BPDU

BPDU

01-80-C2-00-00-04

Reserved for future media access method

Drop

Drop

01-80-C2-00-00-05

Reserved for future media access method

Drop

Drop

01-80-C2-00-00-06

Reserved for future bridge use

Drop

Drop

01-80-C2-00-00-07

Ethernet Local Management Interface

BPDU

BPDU
(drop on NNI)

01-80-C2-00-00-08

Provider STP (BPDU)

BPDU

BPDU

01-80-C2-00-00-09

Reserved for future bridge use

Drop

Drop

01-80-C2-00-00-0A

Reserved for future bridge use

Drop

Drop

01-80-C2-00-00-0B

Reserved for future S-bridge purposes

Data

Data

01-80-C2-00-00-0C

Reserved for future S-bridge purposes

Data

Data

01-80-C2-00-00-0D

Provider bridge GVRP address

Data

Data

01-80-C2-00-00-0E

802.1ab LLDP

Data, BPDU
(based on the CLI configuration of the l2protocol command)

Data

01-80-C2-00-00-0F

Reserved for future C- bridge or Q-bridge use

Data

Data

01-80-C2-00-00-10

All bridges address

Data

Data

01-80-C2-00-00-20

GMRP

Data

Data

01-80-C2-00-00-21

GVRP

Data

Data

01-80-C2-00-00-22-2F

Other GARP addresses

Data

Data

01-00-0C-CC-CC-CC

Cisco's Cisco Discovery Protocol, DTP, PagP, UDLD, VTP

Data, BPDU
(based on the CLI configuration of the l2protocol command)

Data

01-00-0C-CC-CC-CD

Cisco's PVST

Data, BPDU
(based on the CLI configuration of the l2protocol command)

Data


How to Configure IEEE 802.1ad Support on Provider Bridges

Configuring a Switch Port to Process 802.1ad BPDUs (required)

Configuring a Switch Port to Process 802.1ad BPDUs

In an 802.1ad network, the default behavior for Layer 2 PDUs on an interface depends on the 802.1ad interface type. If the interface type is an S-bridge UNI, all Layer 2 PDUs are tunneled. If the interface type is a C-bridge UNI, all Layer 2 PDUs are processed (peered)

PDU processing on the S-bridge UNI is the same as on an 802.1ad NNI. Both interface types have the same scope of MAC addresses. Perform the tasks in this section to configure one switch port to forward 802.1ad BPDUs end to end and another switch port to peer (process) BPDUs:

Configuring a Switch Port to Forward BPDUs

Configuring a Switch Port to Process BPDUs

Configuring a Switch Port to Forward BPDUs

Perform this task to configure a switch port to forward BPDUs.

SUMMARY STEPS

1. enable

2. configure terminal

3. interface type number

4. switchport access vlan vlan-id

5. ethernet dot1ad {nni | uni {c-port | s-port}}

6. l2protocol [peer | forward] [protocol]

7. end

 
Command or Action
Purpose

Step 1 

enable

Example:

Switch> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Switch# configure terminal

Enters global configuration mode.

Step 3  

interface type number
Example:

Switch(config)# interface gigabitethernet 0/2

Configures an interface.

Step 4 

switchport access vlan vlan-id

Example:

Switch(config-if)# switchport access vlan 500

Sets the VLAN when an interface is in access mode.

Step 5 

ethernet dot1ad {nni | uni {c-port | s-port}}

Example:

Switch(config-if)# ethernet dot1ad uni s-port

Configures a dot1ad NNI or UNI port.

Step 6 

l2protocol [peer | forward] [protocol]

Example:

Switch(config)# l2protocol forward vtp

Processes or forwards Layer 2 BPDUs.

In this example, only VTP PDUs will be forwarded.

Step 7 

end

Example:

Switch(config-if)# end

Switch#

Returns the CLI to privileged EXEC mode.

DETAILED STEPS

Configuring a Switch Port to Process BPDUs

Perform this task to configure a switch port to process BPDUs.

SUMMARY STEPS

1. enable

2. configure terminal

3. interface type number

4. switchport mode {access | trunk}

5. ethernet dot1ad {nni | uni {c-port | s-port}}

6. l2protocol [peer | forward] [protocol]

7. end

 
Command or Action
Purpose

Step 1 

enable

Example:

Switch> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Switch# configure terminal

Enters global configuration mode.

Step 3  

interface type number
Example:

Switch(config)# interface gigabitethernet 0/3

Configures an interface.

Step 4 

switchport mode {access | trunk}

Example:

Switch(config-if)# switchport mode trunk

Sets the interface type.

Step 5 

ethernet dot1ad {nni | uni {c-port | s-port}}

Example:

Switch(config-if)# ethernet dot1ad uni c-port

Configures a dot1ad NNI or UNI port.

Step 6 

l2protocol [peer | forward] [protocol]

Example:

Switch(config)# l2protocol peer vtp

Processes or forwards Layer 2 BPDUs.

In this example, only VTP PDUs will be processed.

Step 7 

end

Example:

Switch(config-if)# end

Switch#

Returns the CLI to privileged EXEC mode.

DETAILED STEPS

Configuration Examples for IEEE 802.1ad Support on Provider Bridges

Example: Configuring an 802.1ad S-Bridge UNI

Example: Configuring an 802.1ad C-Bridge UNI

Example: Configuring an 802.1ad S-Bridge UNI

The following example shows how to configure GigabitEthernet interface 0/2 of a PE as an 802.1ad S-bridge UNI. In this example, only Cisco Discovery Protocol PDUs will be forwarded (tunneled). Cisco Discovery Protocol PDUs will be forwarded between the PE and a customer device. 

Switch# configure terminal

Switch(config)# interface GigabitEthernet 0/2

Switch(config-if)# switchport access vlan 500

Switch(config-if)# ethernet dot1ad uni s-port

Switch(config-if)# l2protocol forward cdp

Example: Configuring an 802.1ad C-Bridge UNI

The following example shows how to configure interface GigabitEthernet 0/3 of a PE as an 802.1ad C-bridge UNI. In this example, only Cisco Discovery Protocol PDUs will be processed. 

Switch# configure terminal

Switch(config)# interface GigabitEthernet 0/3

Switch(config-if)# switchport mode trunk

Switch(config-if)# ethernet dot1ad uni c-port

Switch(config-if)# l2protocol peer cdp

Additional References

Related Documents

Related Topic
Document Title

Cisco IOS commands: master list of commands with complete command syntax, command mode, command history, defaults, usage guidelines, and examples

Cisco IOS Master Commands List, All Releases

Cisco IOS Carrier Ethernet commands: complete command syntax, command mode, command history, defaults, usage guidelines, and examples

Cisco IOS Carrier Ethernet Command Reference

Configuring Carrier Ethernet

Cisco IOS Carrier Ethernet Configuration Guide, Release 12.2SR


Standards

Standard
Title

IEEE 802.1ad

Provider Bridges


MIBs

MIB
MIBs Link

None

To locate and download MIBs for selected platforms, Cisco software releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs


RFCs

RFC
Title

None


Technical Assistance

Description
Link

The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html


Feature Information for IEEE 802.1ad Support on Provider Bridges

Table 5 lists the release history for this feature.

Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Note Table 5 lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Table 5 Feature Information for IEEE 802.1ad Support on Provider Bridges

Feature Name
Releases
Feature Information

802.1ad Support for Cat3K Switches

12.2(54)SE

The IEEE 802.1ad Support on Provider Bridges feature is the IEEE 802.1ad implementation on Cisco switches using Layer 2 switch ports.

In 12.2(54)SE, this feature was introduced on the Cisco ME 3400E and Catalyst 3750 Metro switch platforms.

The following commands were introduced or modified: ethernet dot1ad, l2protocol, show ethernet dot1ad.


Glossary

DTP—Dynamic Trunking Protocol

GARP—Generic Attribute Registration Protocol

GMRP—GARP Multicast Registration Protocol

GVRP—Generic VLAN Registration Protocol

LLDP—Link Layer Discovery Protocol

OAM—Operations, Administration, and Maintenance

PagP—Port Aggregation Protocol

PVST—Per-VLAN Spanning Tree

UDLD—UniDirectional Link Detection

VTP—VLAN Trunk Protocol

Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

© 2010-2011 Cisco Systems, Inc. All rights reserved.

Was this Document Helpful?

FeedbackFeedback

Contact Cisco