A-18
Cisco IP Solution Center L2VPN and Carrier Ethernet User Guide, 6.0
OL-21636-01
Appendix A Sample Configlets
EWS (EPL) (Point-to-Point, UNI Port Security, BPDU Tunneling)
Configlets
Comments • The N-PE is a 7600 with an OSM or SIP-600 module. Provisioning is the same as the ERS (EVPL)
example.
• The U-PE is a generic Metro Ethernet (ME) switch.
• PACL with one user-defined entry.
• BPDUs (CDP, STP and VTP) are tunneled through the MPLS core.
• Storm control is enabled for unicast, multicast, and broadcast.
U-PE N-PE
system mtu 1522
!
vlan 775
exit
!
system mtu 1522
!
vlan 775
exit
!
interface FastEthernet1/0/19
no cdp enable
no keepalive
switchport
switchport access vlan 775
switchport mode dot1q-tunnel
switchport nonegotiate
switchport port-security maximum 34
switchport port-security aging time 32
switchport port-security violation shutdown
switchport port-security
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
l2protocol-tunnel shutdown-threshold cdp 88
l2protocol-tunnel shutdown-threshold stp 99
l2protocol-tunnel shutdown-threshold vtp 56
l2protocol-tunnel drop-threshold cdp 56
l2protocol-tunnel drop-threshold stp 64
l2protocol-tunnel drop-threshold vtp 34
storm-control unicast level 34.0
storm-control broadcast level 23.0
storm-control multicast level 12.0
spanning-tree portfast
spanning-tree bpdufilter enable
mac access-group ISC-FastEthernet1/0/19 in
interface FastEthernet1/0/23
no ip address
switchport trunk allowed vlan
774-775,787-788
!
mac access-list extended
ISC-FastEthernet1/0/19
no permit any any
deny any host 3456.3456.1234
permit any any
vlan 775
exit
!
interface FastEthernet8/17
switchport trunk allowed vlan
1,451,653,659,766-768,772,773-775,878
!
interface Vlan775
no ip address
description L2VPN EWS
xconnect 99.99.8.99 89029 encapsulation
mpls
no shutdown