beautypg.com

Cisco OL-21636-01 User Manual

Page 296

background image

A-18

Cisco IP Solution Center L2VPN and Carrier Ethernet User Guide, 6.0

OL-21636-01

Appendix A Sample Configlets

EWS (EPL) (Point-to-Point, UNI Port Security, BPDU Tunneling)

Configlets

Comments

The N-PE is a 7600 with an OSM or SIP-600 module. Provisioning is the same as the ERS (EVPL)
example.

The U-PE is a generic Metro Ethernet (ME) switch.

PACL with one user-defined entry.

BPDUs (CDP, STP and VTP) are tunneled through the MPLS core.

Storm control is enabled for unicast, multicast, and broadcast.

U-PE

N-PE

system mtu 1522

!

vlan 775

exit

!

system mtu 1522

!

vlan 775

exit

!

interface FastEthernet1/0/19

no cdp enable

no keepalive

switchport

switchport access vlan 775

switchport mode dot1q-tunnel

switchport nonegotiate

switchport port-security maximum 34

switchport port-security aging time 32

switchport port-security violation shutdown

switchport port-security

l2protocol-tunnel cdp

l2protocol-tunnel stp

l2protocol-tunnel vtp

l2protocol-tunnel shutdown-threshold cdp 88

l2protocol-tunnel shutdown-threshold stp 99

l2protocol-tunnel shutdown-threshold vtp 56

l2protocol-tunnel drop-threshold cdp 56

l2protocol-tunnel drop-threshold stp 64

l2protocol-tunnel drop-threshold vtp 34

storm-control unicast level 34.0

storm-control broadcast level 23.0

storm-control multicast level 12.0

spanning-tree portfast

spanning-tree bpdufilter enable

mac access-group ISC-FastEthernet1/0/19 in

interface FastEthernet1/0/23

no ip address

switchport trunk allowed vlan

774-775,787-788

!

mac access-list extended

ISC-FastEthernet1/0/19

no permit any any

deny any host 3456.3456.1234

permit any any

vlan 775

exit

!

interface FastEthernet8/17

switchport trunk allowed vlan

1,451,653,659,766-768,772,773-775,878

!

interface Vlan775

no ip address

description L2VPN EWS

xconnect 99.99.8.99 89029 encapsulation

mpls

no shutdown