• CPE can carry traffic with 802.1P-marked provider-specific 802.1Q tags.

• Voice, video, and data services can be deployed at customer premises. This service combination offers a real-time channel dedicated to VoIP traffic and a second channel that delivers best-effort Internet service.

• All traffic is marked with an 802.1P marking which is implemented using VLAN-based service differentiation.

Note	Support for PVCs configured with Route-Bridge Encapsulation (RBE) was introduced with CSCtt22809.

VLAN-based service differentiation allows service providers to offer a range of broadband-enabled services and applications to end users. It supports IP connectivity applications that require real-time network performance and applications that use best-effort, or Internet-grade performance.

The original VLAN tag in an inbound packet is changed to the value configured by the bridge-dot1q encap command before the tag leaves the device. For example, if you enter the command bridge-dot1q encap 10, a VLAN tag of 70 in a packet inbound from the local network is changed to a value of 10 in the egress packet. Any 802.1P value is changed to 0, and frames without VLAN tags are sent out over ATM with an added VLAN header as shown in the figure in the “Transporting 802.1P Marked 802.1Q Tags” section.

From an Ethernet perspective, this service is carried over a dedicated VLAN from the hand-over point to the end-user premises. This VLAN-based service differentiation at the PVC level is shown in the figure below.

Figure 1. VLAN-Based Service Differentiation at PVC Level

The Ethernet VLAN used by the voice, video, and data services must be identified at the customer premises by an 802.1Q VLAN ID configured using the bridge-dot1q encap command. The VLAN is identified at the service provider’s end by a service-provider-assigned 802.1ad customer VLAN ID.

The bridge-dot1q encap command changes the local VLAN ID to the VLAN ID required by the service provider. The operation of this command is shown in the figure below.

Figure 2. Operation of the bridge-dot1q encap Command

The figures in the “Transporting 802.1P Marked 802.1Q Tags” section show the PDU data structure in greater detail.

An 802.1Q VLAN tag is inserted into the MAC Protocol Data Unit (PDU), and this PDU is sent to the Digital Subscriber Line Access Multiplexer (DSLAM). Incoming and outgoing PDU structures are shown in the two figures below.

The figure below shows the packet structure when the incoming Ethernet frames do not have a VLAN header.

Figure 3. Incoming and Outgoing Packet Structures When No Incoming VLAN ID Is Present

The figure below shows that a 4-byte VLAN header has been inserted in the outgoing packet, with an 802.1P value. The VLAN ID value is configured by the bridge-dot1q encap command.

The figure below shows the incoming packet structure when the incoming Ethernet packets contain a VLAN header.

Figure 4. Incoming and Outgoing Packet Structures When an Incoming VLAN ID Is Present

The outgoing packet structure is the same as in figure 1.

Note	The 802.1P priority that was configured earlier is changed to 0, and any VLAN ID that is configured is set to the ID configured by the bridge-dot1q encap command.

The CPE is connected to the DSLAM via an ATM interface that is configured as the bridging interface. The CPE establishes a PPP over Ethernet (PPPoE) session over the bridging ATM interface with the service provider. The VLAN and voice traffic enter customer devices via VLAN ports or a Switched Virtual Interface (SVI).

In the CPE, the packet is classified as data or voice traffic based on the VLAN ID, Differentiated Services Code Point (DSCP), protocol, source MAC address, or port. The packets are marked with the quality of service (QoS) group, and routed from VLAN via the Bridge Virtual Interface (BVI) to the ATM PVC bridging interface.

If the packet requires encapsulation, ATM provides the default VLAN ID. If there is a QoS service policy attached to the PVC, packets are classified against the QoS group. QoS marks the corresponding VLAN ID and 802.1P or class of service (CoS) value into the packet VLAN header. The QoS VLAN ID overwrites the default VLAN ID. If there is no service policy attached in PVC, the packets are sent out with the default VLAN ID and default CoS marking.

Packets returning from the service provider’s network and destined to the customer’s network carry VLAN tags. The ATM PVC interface removes the VLAN tag before passing it for further processing. These packets do not require classification or QoS marking.

Using PPPoE, the CPE device acts as a PPPoE Dialer client and gets the IP address dynamically from the service provider by using the Point-to-Point Protocol. The Dialer interface has to be configured and associated with the ATM PVC interface. The packets are sent out with the default VLAN ID as PPPoE supports only one VLAN ID per PVC. PPP control packets such as PPPoE Active Discovery Initiation (PADI), PPPoE Active Discovery Request (PADR), PPPoE Active Discovery Terminate (PADT) and keepalive packets are marked with higher priority CoS markings similar to the real-time traffic. The VLAN header has to be removed from the packet at the ingress interface (ATM PVC) when the packet returns.

Perform this task to configure the Preserve 802.1Q Tagging with 802.1P Marking over ATM PVCs for xDSL Uplinks feature.

Note	Only one bridge-dot1q encap vlan-id command can be configured under a PVC. Only one VLAN ID is allowed per session using PPPoE. The PPPoE session can be disconnected if the configured VLAN ID (set using the set vlan-inner or bridge-dot1q encap vlanid command) differs from the default VLAN ID.

1.    enable


2.    configure terminal


3.    class-map match-all egress


4.    match qos-group number


5.    class-map match-all ingress


6.    match input-interface name


7.    policy-map egress-policy


8.    class egress


9.    set cos-inner number


10.    set vlan-inner number


11.    exit


12.    exit


13.    policy-map ingress-policy


14.    class ingress


15.    set qos-group number


16.    exit


17.    exit


18.    Enter one of the following:

• interface atm interface-id point-to-point
• interface atm slot / 0 point-to-point
• interface atm slot/ port-adaptor/0 point-to-point

19.    bridge-group group-number


20.    pvc vpi/vci


21.    bridge-dot1q encap provider-vlan-id


22.    encapsulation aal5snap


23.    service-policy out egress-policy


24.    pppoe-client dial-pool-number number


25.    pppoe-client control-packets vlan cos number


26.    service-policy input ingress-policy


27.    end

Device> enable

Device# configure terminal

Device(config)# class-map match-all egress

Device(config)# match qos-group 101

Device(config)# class-map match-all ingress

Device(config)# match input-interface Vlan2

Device(config)# policy-map egress-policy

Device(config-pmap)# class egress

Device(config-pmap-c)# set cos-inner 5

Device(config-pmap-c)# set vlan-inner 333

Device(config-pmap-c)# exit

Device(config-pmap)# exit

Device(config)# policy-map ingress-policy

Device(config-pmap)# class ingress

Device(config-pmap-c)# set qos-group 101

Device(config-pmap-c)# exit

Device(config-pmap)# exit

Device(config)# interface atm0 point-to-point

Device(config)# interface atm 0/0 point-to-point

Device(config)# interface atm 0/1/0.1 point-to-point

Device(config-if)# bridge-group 1

Device(config-if)# pvc 9/117

device(config-if-atm-vc)# bridge-dot1q encap

Device(config-if-atm-vc)# encapsulation aal5snap

Device(config-if-atm-vc)# service-policy out egress-policy

Device(config-if-atm-vc)# pppoe-client dial-pool-number 1

Device(config-if-atm-vc)# pppoe-client control-packets vlan cos 6

Device(config-if-atm-vc)# service-policy input ingress-policy

Device(config-if-atm-vc)# end

To troubleshoot PPP sessions establishment, use the following commands:

• debug ppp authentication

• debug ppp negotiation

To troubleshoot the establishment of PPP sessions that are authenticated by a RADIUS or TACACS server, use the following commands:

• debug aaa authentication

• debug aaa authorization

Caution

Use debug commands with extreme caution because they are CPU-intensive and can seriously impact your network.

802.1ad—An amendment to IEEE 802.1Q that enables a service provider to offer bridged VLANs over its network.

802.1P—A 3-bit field within an Ethernet frame header added when using IEEE 802.1Q on an IEEE 802.1D network. It specifies a priority value from 0 and 7 that can be used by quality of service (QoS) disciplines to differentiate traffic.

802.1Q—A networking standard written by the IEEE 802.1 workgroup allowing multiple bridged networks to transparently share the same physical network link without leakage of information between networks. 802.1Q is commonly referred to as VLAN tagging.

AAL5SNAP—ATM Adaptation Layer 5 Subnetwork Protocol Access Protocol. A type of network encapsulation that supports multiplexing of two or more protocols over a virtual circuit.

ATM—Asynchronous Transfer Mode. The international standard for cell relay in which multiple service types (such as voice, video, or data) are conveyed in fixed-length (53-byte) cells. Fixed-length cells allow cell processing to occur in hardware, thereby reducing transit delays. ATM is designed to take advantage of high-speed transmission media, such as E3, SONET, and T3.

BVI—Bridge Group Virtual Interface. A logical Layer 3-only interface associated with a bridge group when integrated bridging and routing (IRB) is configured.

CPE—Customer premises equipment. Terminating equipment, such as terminals, telephones, and modems, supplied by the telephone company, installed at customer sites, and connected to the telephone company network. This term can also refer to any telephone equipment residing on the customer site.

CVLAN—Customer Virtual Local Area Network.

DSL—Digital subscriber line. A public network technology that delivers high bandwidth over conventional copper wiring at limited distances. There are four types of DSL: ADSL, HDSL, SDSL, and VDSL.

DSLAM—Digital subscriber line access multiplexer. A device that connects many digital subscriber lines to a network by multiplexing the DSL traffic onto one or more network trunk lines.

IRB—Integrated routing and bridging. Integrated Services Digital Network (ISDN) User Part. An upper-layer application supported by Signalling System 7 for connection setup and tear down.

NAT—Network Address Translation. A mechanism for reducing the need for globally unique IP addresses. NAT allows an organization with addresses that are not globally unique to connect to the Internet by translating those addresses into globally routable address space. Also known as Network Address Translator.

PVC—Permanent virtual circuit (or connection). A virtual circuit that is permanently established. PVCs save bandwidth associated with circuit establishment and tear down in situations where certain virtual circuits must exist all the time. In ATM terminology, this is called a permanent virtual connection.

VoIP—Voice over IP. The capability to carry normal telephony-style voice over an IP-based Internet with plain old telephone service (POTS) like functionality, reliability, and voice quality.