[c-nsp] transparent lan via asr9k and calix c7 (ftth olt)

Walter Keen walter.keen at rainierconnect.net
Thu Feb 13 18:36:40 EST 2014

On the Calix E7 solution with GPON ONT's, which is a little different than the C7, we have to enable TLS or transparent LAN ('PON TLAN' in the CMS gui) for the vlan that gets transported.
this is the feature, at least in the E7 GPON, that is required for CDP, and multicast traffic (most notably OSPF) to not be dropped.
All of our Calix GPON use is strictly providing layer 2 transport and not using their layer 3 features.  

I would guess that Calix would use the same terminology in the C7 as in the E7.

Walter Keen 
Network Engineer 

C 253.302.0194 
P 360.832.4024 

----- Original Message -----
From: "Lukas Tribus" <luky-37 at hotmail.com>
To: "Aaron" <aaron1 at gvtc.com>, cisco-nsp at puck.nether.net
Sent: Thursday, February 13, 2014 2:31:07 PM
Subject: Re: [c-nsp] transparent lan via asr9k and calix c7 (ftth olt)


> Perhaps someone out there can help.
> I have a FTTH scenario where I have asr9k as core box and Calix C7 and (2)
> subscriber sites wanting to be in the same transparent lan. Cisco 3750 at
> both customer prem. Both subscriber sites are on same c7, but I put one
> site in vlan 101 and other site in vlan 102 and flow them up northbound out
> of c7 gige uplinks into asr9k and l2vpn them together into a single
> bridge-domain.
> Connectivity.
> 3750-1 g1/0/1----- ont ----- c7 ------ g0/0/0/14.101 asr9k g0/0/0/4.102
> ------- (same c7 different gige link) ------ ont ------ g1/0/1 3750-2

Just to clarify: The 3750 switches need to "see" each other via STP, not
the customer behind the 3750?

If you just need STP transparency for your customer behind the 3750, you
can just enable "l2protocol-tunnel stp" on the customer facing ports of
the 3750 [1].

But I think you want the 3750 to see the other 3750 in CDP/VTP/STP.

In that  case, you need to work on the c7/ont clearly.

Really bad workaround on the 3750?

- move the fiber link from g1/0/1 to g1/0/3
- connect g1/0/1 to g1/0/2
- configure g1/0/2 in a QinQ VLAN <localQinQVlanid> with "l2protocol-tunnel stp"
- configure g1/0/3 as trunk and allow only vlan <localQinQVlanid>
- you may want to disable mac learning on vlan <localQinQVlanid>

[this is basically what the reverse-tunnel on the ASR9k does [2], but
the 3750 can only forward-tunnel, which is why we need a local
loop here]

Do the same thing on the other 3750. This way your 3750 will tunnel
the STP BPDUs across the network, masked with the gbpt mac, and you
will see them on the g1/0/1 link correctly.

> So I guess I/we could figure out how to make the vanilla stp bdpu's get
> through the c7/ont OR get the 3750 to recognize gbpt stp bpdu's.

Don't use the ASR9k to do the L2PT'ing. Do it on the 3750 if you really
can't get the c7/ont device to pass this trough.

This is a bad and crappy solution. YMMV.



[1] http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/12-2_55_se/configuration/guide/3750xscg/swtunnel.html#wp1005050
[2] http://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k_r4-2/lxvpn/command/reference/b_vpn_cr42asr9k/b_lxvpn_cr42asr9k_chapter_01.html#wp3160783664 		 	   		  
cisco-nsp mailing list  cisco-nsp at puck.nether.net
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list