[c-nsp] ASR920 Service Instance - when to 'rewrite ingress'
Lukas Tribus
luky-37 at hotmail.com
Fri Aug 21 11:22:27 EDT 2015
> Following up on this, I found that with the following configuration, I do not need to rewrite:
>
> interface GigabitEthernet0/0/6
> mtu 9216
> no ip address
> load-interval 30
> negotiation auto !
> service instance 243 ethernet
> description SI243
> encapsulation dot1q 243
> bridge-domain 243
> !
> end
> interface GigabitEthernet0/0/23
> mtu 9216
> no ip address
> load-interval 30
> negotiation auto
> service instance trunk 1 ethernet
> encapsulation dot1q 243
> bridge-domain 243
Right, but the packet will be double-tagged, with both S-Vlan and C-Vlan tag set
to 243. That's redundant (that bad kind of redundancy) and doesn't seem right.
> I tested this in the lab and rewriting is unnecessary - I can pass traffic just fine.
I wouldn't call it unnecessary. What I would call unnecessary is carrying the same
tag twice through your network.
It works because the configuration is the same on each side, but it would strongly
recommend to not use such a configuration.
> interface GigabitEthernet0/0/23
> mtu 9216
> no ip address
> load-interval 30
> negotiation auto
> service instance trunk 1 ethernet
> encapsulation dot1q 243,1958,1961,1969,1976,2305
> bridge-domain from-encapsulation
>
> Then rewrite is required, for some reason
This could be either a bug or a unsupported configuration (whatever). However best
practices would be to pop this tag, instead carrying it twice, which, as you confirmed
does indeed work.
> on both the 'local' interface (Gi0/0/6) and the core-facing interface (Gi0/0/23).
Obviously the configuration must match. You can't use 2 tags on one interface
and one tag on the other interface and expect it to work.
Let me recommend the following: configure a classic switchport trunk with those
vlans, and connect it to a sniffer (that is able to see multiple dot1q tags). Check
out what each configuration achieves. That should give you an aha effect about
the PoP and not PoP configurations.
Really the "rewrite" command isn't neither complicate nor bad. You are supposed
to use "rewrite" more often than not in the EVC world.
The only situation where you DON'T pop a tag is when you tunnel the C-Vlans
through a S-Vlan (QinQ). If you don't want to QinQ tunnel C-Vlan 243
in S-Vlan 243, then pop this tag.
Regards,
Lukas
More information about the cisco-nsp
mailing list