Contents
Introduction
This document describes Virtual Private LAN Service (VPLS) Label Switched Multicast (LSM) for the Aggregation Services Router (ASR) 9000 Series that run Cisco IOS® XR software.
Prerequisites
Regarding neural modeling we refer the reader to [Dayan and Abbott, 2001]. This will create a subdirectory lsm and lsm/csim 3. Start Matlab and change into the directory lsm 4. Run the Matlab script install.m. Also works for Mac OS X) and nmake (Microsoft Visual C++) for Windows (tested. The iSilo platform consists of the iSilo reader application (sold separately by iSilo), which can be installed on personal computers running Windows® or Mac OS as well as many handheld devices. Here is a list of Living Stream Ministry epublications for iSilo.
Requirements
There are no specific requirements for this document.
Components Used
This document is not restricted to specific software and hardware versions.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
VPLS Label Switched Multicast (LSM) Overview
VPLS emulates LAN services across a Multiprotocol Label Switching (MPLS) core. A full mesh of point-to-point (P2P) pseudowires (PWs) is set up between all of the Provider Edge (PE) routers that participate in a VPLS domain in order to provide VPLS emulation. Broadcast, multicast, and unknown unicast traffic is flooded in a VPLS domain to all PEs. Ingress replication is used in order to send that flooded traffic over each P2P PWs to all remote PE routers that are part of the same VPLS domain.
Drawbacks of Ingress Replication
- Ingress replication is bandwidth inefficient because the same packet might be sent multiple times over the same link for each P2P PW.
- Ingress replication can result in significant wasted link bandwidth when there is heavy broadcast and multicast VPLS traffic.
- Ingress replication is also resource-intensive because the ingress PE router bears the full burden of the replication.
VPLS LSM Features
VPLS is a widely-deployed service provider L2VPN technology that is also used for multicast transport. Although L2 technology allows snooping to be used in order to optimize replication of multicast traffic into L2 pseudowires, the core remains agnostic to multicast traffic. As a result, multiple copies of the same flow traverse core networks. In order to mitigate this inefficiency, pair LSM with VPLS in order to introduce LSM multicast trees over the core. In Cisco IOS-XR Software Release 5.1.0, Cisco ASR 9000 Series implement VPLS LSM with point-to-multipoint traffic engineering (P2MP-TE) inclusive trees. VPLS end points are automatically discovered and P2MP-TE trees are set up with the use of Resource Reservation Protocol Traffic Engineering (RSVP-TE) without operational intervention.
- VPLS LSM overcomes the drawbacks of ingress replication.
- The VPLS LSM solution employs P2MP LSPs in the MPLS core in order to carry broadcast, multicast, and unknown unicast traffic for a VPLS domain.
- P2MP LSPs allow replication in the MPLS network at the most optimal node and minimize the amount of packet replication in the network.
- The VPLS LSM solution only sends flooded VPLS traffic over P2MP LSPs.
- Unicast VPLS traffic is still sent over P2P PWs. Traffic sent over Access PWs continues to be sent with ingress replication.
- P2MP PWs are unidirectional as opposed to P2P PWs, which are bidirectional.
- The VPLS LSM solution involves the creation of a P2MP PW per VPLS domain in order to emulate a VPLS P2MP service for core PWs in the VPLS domain.
- VPLS LSM is supported in Cisco IOS XR Release 5.1.0 and later.
VPLS LSM Restrictions
- Cisco IOS-XR Release 5.1.0 VPLS LSM functionality supports only MPLS Traffic Engineering P2MP-TE trees set up with RSVP-TE.
- A P2MP PW can be signaled with the BGP protocol only in Cisco IOS-XR Release 5.1.0. In this first phase, the remote PEs that participate in the VPLS domain are auto-discovered with BGP Auto-Discovery (BGP-AD).
- Static LDP signaling is not supported in Cisco IOS XR Release 5.1.0.
Media Access Control (MAC) Learning
Lsm Reader For Mac
MAC learning on the Leaf PE for a frame that arrives on P2MP PW is done as if the frame is received on the P2P PW leading to the Root PE for that P2MP PW. In this image, MAC Learning on PE-2 for frames that arrive on the P2MP PW LSP rooted at PE-1 is done as if the frame arrived on the P2P PW between PE-1 and PE-2. The L2VPN control plane is responsible for programming the VPLS disposition information with P2P PW information for MAC learning on the P2MP LSP disposition.
Internet Group Management Protocol Snooping (IGMPSN) Support
Internet Group Management Protocol (IGMP) Snooping (IGMPSN) is supported on both the Head and Tail of the P2MP P-tree in a bridge domain that participates in VPLS LSM. This allows IGMPSN multicast traffic over a virtual forwarding instance (VFI) PWs to benefit from the resource optimization provided by P2MP LSPs. If IGMPSN is enabled in a bridge domain with one or more VFI PWs participating in VPLS LSM, all of the layer two (L2) multicast traffic is sent over the P2MP P-tree Head associated with the bridge domain. L2 multicast routes are used in order to forward traffic to local receivers, Ethernet Flow Points (EFPs), access PWs, and VFI PWs that do not participate in VPLS LSM.
When IGMPSN is enabled in a bridge domain that is a P2MP LSP tail, optimized disposition of L2 multicast traffic received on the P2MP LSP is done for local receivers (that is, Attachment Circuit (AC) Bridge Ports (BPs) and access PW BPs).
Note: Multicast Label Distribution Protocol (MLDP) Snooping is not supported in Cisco IOS XR Release 5.1.0.
Scale Supported
Cisco IOS XR Release 5.1.0 supports a maximum of 1000 P2MP Tunnels or 1000 P2MP PWs per Head/Tail router.
VPLS LSM Configuration
P2MP Auto Tunnel Configuration
MPLS TE Fast Reroute (FRR) Configuration
L2VPN Configuration
Sample Topology and Configuation
The P2MP tunnels are auto-discovered tunnels. Static P2MP tunnels are not supported.
Static tunnel configurations are not used. The auto P2MP tunnel configuration must be enabled on all of the PE routers and also on a P router if it acts as a bud node. A bud node is a midpoint and tailend router at the same time.
A sample topology with configuration is shown here. In this topology, P2MP PWs are created between the three PEs and a P router which acts as a bud node. All three PE routers act as Head (for ingress traffic) and Tail (for egress traffic).
PE1 Configuration
P Configuration
PE2 Configuration
PE3 Configuration
Verify - Show Commands
These show commands are useful in order to debug and verify the status of the P2MP PW and P2MP MPLS TE tunnels.
- show l2vpn bridge-domain
- show l2vpn bridge-domain detail
- show mpls traffic-eng tunnels p2mp
- show mpls forwarding labels <label> detail
- show mpls traffic-eng tunnels p2mp tabular
Here are some examples:
Troubleshoot VPLS LSM
Common Configuration Issues
The most common causes for P2MP problems in L2VPN are shown here.
- The BGP configuration for LSM is exactly the same as that for BGP-AD. Make sure to export/import l2vpn vpls-vpws address family routes by configuring address-family l2vpn vpls-vpws for BGP neighbors.
- There are MPLS and multicast configuration errors.
MPLS Traffic Engineering must be enabled on the interfaces where the P2MP PWs passes. - The L2VPN configuration for LSM in Cisco IOS XR Release 5.1.0 requires that you:
- Configure the VPN ID configuration for the VFI
- Configure multicast P2MP for the VFI. Confgure the transport protocol and signaling protocol, as in this example configuration:
- The LSM Head/Tail must be set properly. In Cisco IOS XR Release 5.1.0, each LSM tail is also a LSM Head and vice-versa. Because there is no explicit LSM capability exchange among routers, all routers in a LSM enabled bridge domain must participate in LSM.
L2VPN and L2FIB Show Commands and Troubleshoot
- The L2VPN manager process (l2vpn_mgr) communicates with the MPLS Traffic Engineering (TE) control process (te_control) and requests the tunnel creation. Ensure that the te_control and l2vpn_mgr processes are in the running state with these commands:
- show process l2vpn_mgr
- show process te_control
- Check that the l2vpn_mgr process has requested the tunnel creation. An entry for the tunnel should be in this show command:
- L2VPN has to receive the tunnel information from the te_control process. Verify that this show command has non-zero details such as tunnel-id, Ext.tunnel-id, tunnel-ifh, and p2mp-id:
- L2VPN must advertise the Provider Multicast Service Instance (PMSI) to all other PE routers. Check that l2vpn_mgr has sent the PMSI for the configured VFI. The event LSM Head: send PMSI should be present in the event history for the VFI.
- L2VPN on the other routers should receive the PMSI that has just been sent. Ensure that LSM Tail: PMSI received is shown in the event history on the receiving side:
- Each router is both an LSM Head and Tail and should send the PMSI and receive PMSIs from each of the other routers. The first router checked should receive PMSIs from each of the other nodes.
- The Layer Two Forwarding Information Base (L2FIB) must receive the HEAD information from L2VPN and must download them to the linecard.
- L2FIB must receive the TAIL information from L2VPN for each PW and must download them to the platform.
Python LSM Reader Python LSM ReaderThe pyLSM project was created to provide a simple interface in python to read the Zeiss LSM Confocale image.In this version, there is the introduction of a simple graphical interface to load and display the image.
- pylsm-0.1-r33.orig.tar.gz
- Charles Roduit
- Freeware (Free)
- 10 Kb
- Linux
LOMAC LSM is a Linux Security Module (LSM) based on the original LOMAC http://opensource.nailabs.com/lomac . LOMAC implements a simple form of Mandatory Access Control mechanism based on Bibas Low Water-Mark Access Control. ...
- lomac-lsm-2.6.7.tar.gz
- lomac-lsm
- Freeware (Free)
- 38 Kb
- BSD; Linux
The Realtime Linux Security Module (LSM) is a loadable extension for Linux 2.6kernels. It selectively grants realtime permissions to specific user groups or applications.
- realtime-lsm-0.8.7.tar.gz
- joq
- Freeware (Free)
- 10 Kb
- Linux
Image analysis software NIH Image extended to handle scanning microscope images Image SXM is a version of the public domain image analysis software NIH Image that has been extended to handle the loading, display and analysis of scanning microscope images. Image SXM supports SAM, SCM, SEM, SFM, SLM, SNOM, SPM and STM images from the following systems: Asylum Research, Burleigh Instruments, Digital Instruments NanoScope II, Digital Instruments NanoScope III/IV, DME Rasterscope, DME Surface Data File, Gatan .
- ImageSXM-168-1.hqx
- Steve Barrett
- Shareware ($)
- 4.04 Mb
- Mac OS X, Mac PPC, Mac OS X 10.4, Mac OS X 10.5
LSM is a replacement for you custom made logon scripts for Windows. You can configure different objects and add them to profiles. On the client side is an agent running which executes the profiles.
- setup.exe
- Talder
- Shareware ($)
- 29.69 Mb
- WinXP, Win Vista, Windows 7, Windows 7 x64
LSM-PKCS11 is a package intended to support the implementation of Lite Security Modules. LSM-PKCS11 is a project intended to support the implementation of Lite Security Modules. The targets of such implementations are PKIs (Public Keys Infrastructures) for intra-company and network applications, requiring a non-trivial security level but not so 'budgeted' to allow the acquisition of true (certified) HSMs, whose cost starts from as little as some thousands dollars.
- LSM-PKCS11-1.1.1.tar.gz
- Clizio Merli
- Freeware (Free)
- 2.61 Mb
- Linux
This application is a command line image conversion utility. It can read and write many image formats, extract ROI and meta-data stored in images. Accepted image formats are: BioRad PIC, TIFF, OME-TIFF, Metamorph STK (uncompressed and LZW compressed), Fluoview, Olympus Image Binary (OIB), Carl Zeiss LSM 5, PSIA TIFF, Nanoscope II/III, JPEG, PNG, BMP, IBW, OME, RAW and video: QuickTime, AVI, MPEG1/2/4, Flash, etc.
- imgcnv_win32_1-51.zip
- Dmitry Fedorov
- Freeware (Free)
- 3.73 Mb
- Win All
There are instructions on how to install TOMOYO Linux included in our extensive documentation. Please go to the Documentation page.TOMOYO Linux 1.
- ccs-tools-1.8.3-20110929.tar.gz
- Tetsuo Handa
- Freeware (Free)
- 194 Kb
- Linux
Nuso is a LSM enable kernel module which provide some security restrictions over a linux system. The main idea is to provide mandatory access control over system resources denying root to be *the God* over the system.
- Nus0
- Paolo Perego - The Sp0nge
- Freeware (Free)
- Windows
This project tries to implements MAC (FLASK architecture) on a standard Linux 2.6.x kernel using Linux security modules (LSM). The aim is to archive atleast TCSEC B1 level of security standard.This project is part of the Operating Systems course at IIIT-. ...
- LothLorien
- Bharath, Harsha K
- Freeware (Free)
- Windows
ESOSI (Employment of Secret-Sharing for Object Security in Intranets) offers a security solution for companies and authorities. It extends the eCryptfs file encryption system by adding Secret-Sharing, smartcard support and a Linux Security Module (LSM).
- ESOSI
- André Osterhues
- Freeware (Free)
- Windows
LSM (Local Software Manager) provides a way to manage software that installed into /usr/local. It does a snapshot before the installation and findout what files have installed. It builds and installs a RPM file of that software using software's ...
- lsm-1.0.tar.gz
- sonic.net
- Freeware (Free)
- 33 Kb
- BSD; Linux