Cisco OL-21636-01 User Manual

Page 212

Advertising
background image

9-20

Cisco IP Solution Center L2VPN and Carrier Ethernet User Guide, 6.0

OL-21636-01

Chapter 9 Creating a VPLS Policy

Defining an MPLS/EMS (EP-LAN) Policy without a CE

The maximum transmission unit (MTU) size is configurable and optional. ISC does not perform an
integrity check for this customized value. If a service request goes to the Failed Deploy state because
this size is not accepted, you must adjust the size until the service request is deployed. ISC supports,
ranges for different platforms, as specified below. The range is 1500 to 9216.

For the 3750 and 3550 platforms, the MTU range is 1500-1546.

For the 7600 ethernet port, the MTU size is always 9216. Even with the same platform and same
IOS release, different line cards support the MTU differently. For example, older line cards only take
an MTU size of 9216 and newer cards support 1500-9216. However, ISC uses 9216 in both cases.

For the 7600 SVI (interface VLAN), the MTU size is 1500-9216.

Step 17

Check the Use Existing ACL Name check box if you want assign your own named access list to the port.

By default, this check box is not checked and ISC automatically assigns a MAC-based ACL on the
customer facing UNI port, based on values you enter in UNI MAC addresses (below).

Step 18

Enter a Port-Based ACL Name (if you checked the Use Existing ACL Name check box, as mentioned
in the previous step).

Note

ISC does not create this ACL automatically. The ACL must already exist on the device, or be
added as part of a template, before the service request is deployed. Otherwise, deployment will
fail.

Step 19

Check the Disable CDP check box if you want to disable the Cisco Discover Protocol (CDP) on the UNI
port.

Step 20

Check the UNI Port Security check box (see

Figure 9-17

) if you to want to provision port

security-related CLIs to the UNI port by controlling the MAC addresses that are allowed to go through
the interface.

a.

For Maximum Number of MAC address, enter the number of MAC addresses allowed for port
security.

b.

For Aging, enter the length of time the MAC address can stay on the port security table.

c.

For Violation Action, choose what action will occur when a port security violation is detected:

PROTECT—Drops packets with unknown source addresses until a sufficient number of secure
MAC addresses are removed to drop below the maximum value.

RESTRICT—Drops packets with unknown source addresses until a sufficient number of secure
MAC addresses are removed to drop below the maximum value and causes the Security Violation
counter to increment.

SHUTDOWN—Puts the interface into the error-disabled state immediately and sends an SNMP
trap notification.

d.

In the Secure MAC Addresses field, enter one or more Ethernet MAC addresses.

Advertising