c hapter 5. b ridge mode configuration

DASAN NETWORKSGPON TRAINING

CHAPTER 5. BRIDGE MODE CONFIGURATION

www.dasannetworks.eu

1. Port numbering – V5812G


3. Port numbering – V8240

4. Port configuration – uplink COMBO port type

5. Basic port configuration

6. Communication on/between OLT port/s (Layer 2)

7. VLANs

8. Loop-detect feature

9. Port mirroring

10. Link aggregation – TRUNK/LACP (1)

11. Jumbo frame

12. Spanning tree

13. Rate-limiting on uplink ports

14. Storm control


Table of contents


Introduction

Bridge Configuration ModeIn Bridge Configuration mode, you can configure various Layer 2 functions such as VLAN, STP, LACP, etc.

To access this level, You should set on CLI:SWITCH login: adminPassword:SWITCH> enableSWITCH# configure terminalSWITCH(config)# bridgeSWITCH(bridge)#

The same is on all DASAN OLTs: V5812G|V5824G|V8240



OLT port numbering is as on the picture on the right. OLT contains 4 x GPON ports and 8 uplink COMBO ports. You can use an uplink port as an optical (1000Base-X, SFP) port or electrical (10/100/1000Base-T, RJ45) port, depending on the type of network it connected to.

By default all uplink ports are RJ45.

To check port status You can use below command:

SWITCH> enable

SWITCH# show port

SWITCH# show port PORT



OLT port numbering is as on the picture on the right. OLT contains 8 x GPON ports, 8 uplink 1G COMBO ports and 2 uplink 1G/10G ports (SFP/SFP+) . You can use an uplink port as an optical (1000Base-X, SFP) port or electrical (10/100/1000Base-T, RJ45) port, depending on the type of network it connected to.

By default all uplink 1G ports are RJ45.


SWITCH> enable

SWITCH# show port

SWITCH# show port PORT


3. Port numbering – V8240

When specifying the port number for SIU/NIU in the CLI, you can simply put the number in the form of SLOT/PORT


SWITCH> enable

SWITCH# show port

SWITCH# show port PORTs


4. Port configuration – uplink COMBO port type

EXAMPLE:SWITCH> enable

SWITCH# configure terminal

SWITCH(config)# bridge

SWITCH(bridge)# port medium 7,8,9 sfp

SWITCH (bridge)# show port medium


5. Basic port configuration (1)

To display status of switch ports , use the following

commands:

SWITCH(bridge)# show port

SWITCH(bridge)# show port status

SWITCH(bridge)# show port PORTs

SWITCH(bridge)# show port status PORTs


6. Communication on/between OLT port/s (Layer 2)

By default on Layer 2: Communication on the same GPON port is blocked (so

ONTs on the same GPON port CAN’T communicate each other)

Communication between different port is possible (so ONTs on different GPON port CAN communicate each other)

You can change this default scenario:

1. Enable communication on the same GPON port:

2. Disable communication between different GPON ports:

If You are using ARP inspection on the OLT, if You want to enable communication on the same GPON port, then You can not use port port-bridge feature.

You should use ARP ALIAS and define range of IP addresses which should communicate each other.:

SWITCH(config)# arp alias START-IP END-IP


7. VLANs (1)

The simplest implicit mapping rule is known as port-based VLAN. A frame is assigned to a VLAN based solely on the switch port on which the frame arrives. In the example depicted on picture on the right, frames arriving on ports 1 through 4 are assigned to VLAN 1, frame from ports 5 through 8 are assigned to VLAN 2, and frames from ports 9 through 12 are assigned to VLAN 3.

Stations within a given VLAN can freely communicate among themselves using either unicast or multicast addressing. No communication is possible at the Data Link layer be tween stations connected to ports that are members of different VLANs. Communication among devices in separate VLANs can be accomplished at higher layers of the architecture, for example, by using a Network layer router with connections to two or more VLANs.

Multicast traffic, or traffic destined for an unknown unicast address arriving on any port, will be flooded only to those ports that are part of the same VLAN. This provides the desired traffic isolation and bandwidth preservation. The use of port-based VLANs effectively partitions a single switch into multiple sub-switches, one for each VLAN.


7. VLANs (2)

Meaning of: unagged – port is working as CISCO access

port (untagged traffic when comes to this port obtain configured VLAN-ID)

tagged – CISCO trunk port

When we configure one or more tagged VLANs on the port, and another VLAN as untagged – then this VLAN (untagged) is working as CISCO Native VLAN.

With default configuration, all ports are on Default VLAN 1 as untagged. Please remember, that when You will set now port to another VLAN, than Default VLAN is automatically deleted from this port.

EXAMPLE:

SWITCH(bridge)# vlan create 100,200

SWITCH(bridge)# vlan add 100 1-4 tagged

SWITCH(bridge)# vlan add 200 8 untagged

SWITCH(bridge)# vlan description 200 IPTV


8. Loop-detect feature (1)

Loop Detection

The loop may occur when double paths are used for the link redundancy between switches and one sends unknown unicast or multicast packet that causes endless packet floating on the LAN like loop topology. That superfluous traffic eventually can result in network fault. It causes superfluous data transmission and network fault.

To prevent this, DASAN OLTs provides the loop detecting function. The loop detecting mechanism is as follows: The switch periodically sends the loop-detecting packet to all the ports with a certain interval, and then if receiving the loop-detecting packet on ONT LAN ports sent before, the switch performs a pre-defined behavior.

Because on one gpon port there is a lot of ONTs connected, please do not set to block OLT port when loop is detected (because it can affect all ONTs). You should use this feature only for sending LOOP-DETECT packets by OLT on specific ports. Other mechanism will be used to block ONLY ONT on which loop will be discovered (follow the instruction).

You must to enable interface of each VLAN, if You want OLT to send loop-detect packets on this VLAN:

SWITCH # configure terminalSWITCH(config)# interface 100SWITCH(config-if[100])# no

shutdown



OLT provide a feature which can automatically block ONT for specific interval time when it discovered a loop.

How it works:

1. OLT is sending loop-detect frames on gpon ports (including OLT MAC in frame source MAC)

2. IF this loop-detect frame will came to ONT LAN port (OLT will learn its own MAC address on the OLT) OLT discovered that there is a loop.

3. OLT SRCMAC monitor feature will automatically block this ONT for defined time.

SWITCH# configure terminal

SWITCH(config)# gpon

SWITCH(gpon)# gpon-olt 1

SWITCH(config-gpon-olt[1])#olt srcmac-monitor enable



Example configuration of automatic block ONT on which OLT discovered a loop on below scenarios:

loop created on one ONT loop created between two ONTs connected to the same GPON port loop created between two ONTs connected to the different GPON ports if loop will be created on ports behind NAT – then ONT will be automatically

deactivated

1. Create three VLANs: 100,200, 300:

SWITCH (config)# bridge

SWITCH (bridge)# vlan create 100,200,300

SWITCH (bridge)# vlan add 100,200,300 1-4 tagged

SWITCH(bridge)# exit

2. Enable VLAN interfaces

SWITCH(config)# interface 100

SWITCH(config-if[100])# no shutdown





SWITCH(config-if[300])# exit

3. Configure loop-detect on GPON ports


SWITCH(bridge)# loop-detect enable

SWITCH(bridge)# loop-detect 1-4

SWITCH(bridge)# loop-detect 1-4 timer 5

SWITCH(bridge)# loop-detect 1-4 period 5

SWITCH(bridge)# exit

4. Configure olt source mac monitorSWITCH (config)# gponSWITCH (gpon)# gpon-olt 1SWITCH(config-gpon-olt[1])#olt srcmac-monitor enable auto-onu-block expire-timeout 300 SWITCH (gpon)# gpon-olt 2SWITCH(config-gpon-olt[2])#olt srcmac-monitor enable auto-onu-block expire-timeout 300 SWITCH (gpon)# gpon-olt 3SWITCH(config-gpon-olt[3])#olt srcmac-monitor enable auto-onu-block expire-timeout 300 SWITCH (gpon)# gpon-olt 4SWITCH(config-gpon-olt[4])#olt srcmac-monitor enable auto-onu-block expire-timeout 300

5. Check ONT status:SWITCH(config-gpon-olt[4])# show onu block statusSWITCH(config-gpon-olt[4])# endSWITCH# show syslog local non-volataile reverse


9. Port mirroring (1)

Port mirroring is the function of monitoring a designated port. Here, one port to monitor is called monitor port and a port to be monitored is called mirrored port. Traffic transmitted from mirrored port are copied and sent to monitor port so that user can monitor network traffic.

The following is a network structure to analyze the traffic by port mirroring. It analyzes traffic on the switch and network status by configuring Mirrored port and Monitor port connecting the computer, that the watch program is installed, to the port configured as Monitor port.

To configure port mirroring, designate mirrored ports and monitor port. Then enable port mirroring function. Monitor port should be connected to the watch program installed PC. You can designate only one monitor port but many mirrored ports for one switch.


9. Port mirroring (2)

EXAMPLE:

SWITCH(bridge)# mirror monitor 7

SWITCH(bridge)# mirror add 1,12

SWITCH(bridge)# mirror enable

SWITCH(bridge)# show mirror



Link aggregation complying with IEEE 802.3ad bundles several physical ports together to one logical port so that you can get enlarged bandwidth.

DASAN OLTs supports two kinds of link aggregation as Port Trunk and LACP. There is a little difference in these two ways. In case of port trunking, it is quite troublesome to set the configuration manually and the rate to adjust to the network environment changes when connecting to the switch using logical port. On the other hand, in case of LACP, once you specify LACP member ports between the switches, the ports will be automatically aggregated by LACP without manually configuring the aggregated ports.


10. Link aggregation – TRUNK (2)

You should configure VLANs to the new created trunk, for V5812G: Trunk 0 -> port 13 Trunk 1 -> port 14 and so onfor V5824G: Trunk 0 -> port 19 Trunk 1 -> port 20 and so onfor V8240: Trunk 0 -> port t/1 Trunk 1 -> port t/2 and so on

EXAMPLE:

SWITCH(bridge)# trunk 0 5-6

SWITCH(bridge)# vlan add 100,200,400 13 tagged

SWITCH(bridge)# show trunk

SWITCH(bridge)# show vlan


10. Link aggregation – LACP (3)

Link Aggregation Control Protocol (LACP)

Link aggregation control protocol (LACP) is the function of using wider bandwidth by aggregating more than two ports as a logical port as previously stated port trunk function. If the aggregated port by port trunk is in different VLAN from the VLAN where the existing member port originally belongs to, it should be moved to VLAN where the existing member port belongs to. However, the integrated port configured by LACP is automatically added to appropriate VLAN.

More then one aggregator

If You are using more then one aggregator, You should configure different admin-key for ports belong to different aggregator.

So, e.g. when we have two aggregators (0 and 1).

Aggregator 0 should contain ports 5 and 6

Aggregator 1 should contain ports 7 and 8

V5812G and V8240:

SWITCH(bridge)# lacp aggregator 0


SWITCH(bridge)# lacp port 5-8

SWITCH(bridge)# lacp port admin-key 5-6 1


V5824G:



SWITCH(bridge)# lacp port 9-10 aggregator 0





10. Link aggregation – LACP (3)

EXAMPLE V5812G:

1. Configure VLAN on physical ports:

SWITCH(bridge)# vlan add 100, 400 5-6 tagged


2. Configure LACP Aggregators



SWITCH(bridge)# lacp port 5-8



EXAMPLE V5824G:

1. Configure VLAN on physical ports:



2. Configure LACP Aggregators








11. Jumbo frame

JUMBO FRAME:

The packet range that can be capable to accept is from 64 bytes to 1518 bytes. Therefore, packets not between these ranges will not be taken. However, the V5812G can accept jumbo frame larger than 1518 bytes through user’s configuration.

To configure frame-size up to 9216 bytes

on port 5 and 6, configure:


SWITCH(bridge)# jumbo-frame 5-6 9216


12. Spanning tree (1)

Spanning-Tree Protocol (STP)

The local area network (LAN), which is composed of double paths like token ring, has the advantage that it is possible to access in case of disconnection with one path. However, there is another problem called a loop when you always use the double paths. The loop may occur when double paths are used for the link redundancy between switches and one sends unknown unicast or multicast packet that causes endless packet floating on the LAN like loop topology. That superfluous traffic eventually can result in network fault. It causes superfluous data transmission and network fault.

The spanning-tree protocol (STP) is the function to prevent the loop in LAN with more than two paths and to utilize the double paths efficiently. It is defined in IEEE 802.1d. If the STP is configured in the system , there is no loop since it chooses more efficient path of them and blocks the other path. In other words, when SWITCH C in the below figure sends packet to SWITCH B, path 1 is chosen and path 2 is blocked.

Meanwhile, the rapid spanning-tree protocol (RSTP) defined in IEEE 802.1 dramatically reduces the time of network convergence on the spanning-tree protocol (STP). It is easy and fast to configure new protocol. The IEEE 802.1w also supports backward

compatibility with IEEE 802.1d. The DASAN OLTs provides STP, RSTP and MSTP. STP configuration is a bit different on OLT V5824G then in V5812G and V8240


12. Spanning tree (2) - RSTP

STP or RSTP is configured on network where Loop can be created. However, RSTP is more rapidly progressed than STP at the stage of reaching to the last topology.

Rapid Spanning-Tree Protocol (RSTP) EXAMPLE – V5812G | V8240

SWITCH(config)#bridge

SWITCH(bridge)# stp force-version rstp

SWITCH(bridge)# stp mst enable

Rapid Spanning-Tree Protocol (RSTP) EXAMPLE – V5824G


SWITCH(bridge)# spanning-tree

SWITCH(bridge)# spanning-tree mst

SWITCH(bridge)# spanning-tree mode rstp


12. Spanning tree (3) – Per VLAN Rapid Spanning-Tree Protocol (PVSTP)

PVSTP/PVRSTP

STP and RSPT are designed with one VLAN in the network. If a port becomes blocking state, the physical port itself is blocked. But PVSTP (Per VLAN Spanning Tree Protocol) and PVRSTP (Per VLAN Rapid Spanning Tree Protocol) maintains spanning tree instance for each VLAN in the network. Because PVSTP treats each VLAN as a separate network, it has the ability to load balance traffic by forwarding some VLANs on one trunk and other VLANs. PVRSTP provides the same functionality as PVSTP with enhancement.

Per VLAN Rapid Spanning-Tree Protocol (PVRSTP) EXAMPLE – V5812G | V8240



SWITCH(bridge)# vlan add 100,200 5-8 tagged

SWITCH(bridge)# stp force-version pvrstp

SWITCH(bridge)# stp pvst enable 100,200

SWITCH(bridge)# show stp pvst 100,200 all

Per VLAN Rapid Spanning-Tree Protocol (PVRSTP) EXAMPLE – V5824G



SWITCH(bridge)# vlan add 100,200 9-12 tagged

SWITCH(bridge)# spanning-tree

SWITCH(bridge)# spanning-tree mode rapid-pvst

SWITCH(bridge)# spanning-tree vlan 100,200

SWITCH(bridge)# show spanning-tree

In this example STP will work for VLANs 100 and 200 separately


12. Spanning tree (3) – Per VLAN Rapid Spanning-Tree Protocol (PVSTP)


13. Rate-limiting on uplink ports

Rate Limit

User can customize port bandwidth according to user’s environment. By this configuration, you can prevent a certain port to monopolize whole bandwidth so that all ports can use bandwidth equally. Egress and ingress can be configured both to be same and to be different.

DASAN OLTs (V5812G|V5824G|V8240) can apply the rate limit with 64 Kbps unit for GE port, and support: ingress policing egress shaping

Please note that rate-limiting behavior is per physical port (per VLAN on port is not supported). For the ingress rate limit, the flow control should be enabled on a specified port and also on device connected to this port.

EXAMPLESWITCH(config)#bridgeSWITCH(bridge)#port flow-control 8 onSWITCH(bridge)# rate-limit port 8 rate 102400 egress SWITCH(bridge)# rate-limit port 8 rate 102400 ingress dot3x


14. Storm control

Storm Control

DASAN OLTs (V5812G|V5824G|V8240) provides a storm control feature for mass broadcast, multicast, and destination lookup failure (DLF). Generally, wrong network configuration, hardware malfunction, virus and so on cause these kinds of mass packets. Packet storm occupies most of the bandwidth of the network, and that causes the network to become very.

EXAMPLESWITCH(config)#bridge

SWITCH(bridge)# storm-control broadcast 300 1-4

SWITCH(bridge)# storm-control broadcast 500 5-12

SWITCH(bridge)# storm-control multicast 100 1-4

SWITCH(bridge)# storm-control multicast 200 5-12

SWITCH(bridge)# storm-control dlf 50 1-4

SWITCH(bridge)# storm-control dlf 100 5-12

SWITCH(bridge)#show storm-control

Above configuration shows only example

values, they depends on size/traffic on Your

network.

THANK YOU


If You need help please contact: [email protected]

mailto:[email protected]

c hapter 5. b ridge mode configuration

Documents

port port slide

port switchbridge

port portbridge feature

rj45 port

sfp port

different port

port mirroring

port ports switchbridge