Open as PDF
Cisco IP Solution Center L2VPN and Carrier Ethernet User Guide, 6.0
Chapter 9 Creating a VPLS Policy
Defining an MPLS/EMS (EP-LAN) Policy with a CE
The name must be one token (no spaces allowed.) The limit for the VLAN name is 32 characters. The
name has to be unique. Two VLANs cannot share the same name.
Step 16 Enter the System MTU in bytes.
The maximum transmission unit (MTU) size is configurable and optional. ISC does not perform an
integrity check for this customized value. If a service request goes to the Failed Deploy state because
this size is not accepted, you must adjust the size until the service request is deployed. ISC supports,
ranges for different platforms, as specified below. The range is 1500 to 9216.
• For the 3750 and 3550 platforms, the MTU range is 1500-1546.
• For the 7600 ethernet port, the MTU size is always 9216. Even with the same platform and same
IOS release, different line cards support the MTU differently. For example, older line cards only take
an MTU size of 9216 and newer cards support 1500-9216. However, ISC uses 9216 in both cases.
• For the 7600 SVI (interface VLAN), the MTU size is 1500-9216.
Step 17 Check the Use Existing ACL Name check box if you want assign your own named access list to the port.
By default, this check box is not checked and ISC automatically assigns a MAC-based ACL on the
customer facing UNI port, based on values you enter in UNI MAC addresses (below).
Step 18 Enter a Port-Based ACL Name (if you checked the Use Existing ACL Name check box, as mentioned
in the previous step).
Note ISC does not create this ACL automatically. The ACL must already exist on the device, or be
added as part of a template, before the service request is deployed. Otherwise, deployment will
Step 19 Check the Disable CDP check box if you want to disable the Cisco Discover Protocol (CDP) on the UNI
Step 20 Check the UNI Port Security check box (see Figure 9-12) if you to want to provision port
security-related CLIs to the UNI port by controlling the MAC addresses that are allowed to go through
a. For Maximum Number of MAC address, enter the number of MAC addresses allowed for port
b. For Aging, enter the length of time the MAC address can stay on the port security table.
c. For Violation Action, choose what action will occur when a port security violation is detected:
• PROTECT—Drops packets with unknown source addresses until a sufficient number of secure
MAC addresses are removed to drop below the maximum value.
• RESTRICT—Drops packets with unknown source addresses until a sufficient number of secure
MAC addresses are removed to drop below the maximum value and causes the Security Violation
counter to increment.
• SHUTDOWN—Puts the interface into the error-disabled state immediately and sends an SNMP
d. In the Secure MAC Addresses field, enter one or more Ethernet MAC addresses.