Subscriber Policies for VPLS Network Interfaces Overview

The router associates a VPLS network interface, as it does a bridge group interface, with a default subscriber policy that enables intelligent flooding of packets within a VPLS domain. This section describes how subscriber policies work and explains some important considerations when you use subscriber policies for VPLS instances. The requirements and procedures for subscriber policies are the same whether you employ BGP or LDP signaling for VPLS.

Network Interface Types

VPLS instances, like bridge groups, support two types of network interfaces:

Default Subscriber Policies

Each network interface is associated with a default subscriber policy for that interface type. The subscriber policy is a set of forwarding and filtering rules that defines how the specified interface handles various packet or attribute types, as follows:

Table 113 lists the default values for each packet or attribute type defined in the policies for subscriber interfaces and trunk interfaces. The default subscriber policy differs in one way from the default trunk policy: broadcast packets and packets with unknown unicast destination addresses (DAs) are denied in the subscriber policy and permitted in the trunk policy.

Table 113: Default Subscriber Policies for VPLS Network Interfaces

Packet/Attribute Type

Default Subscriber Policy

Default Trunk Policy

ARP

Permit

Permit

Broadcast

Deny

Permit

IP

Permit

Permit

MPLS

Permit

Permit

Multicast

Permit

Permit

PPPoE

Permit

Permit

Relearn

Permit

Permit

Unicast (user-to-user)

Permit

Permit

Unknown unicast DA

Deny

Permit

Unknown protocol

Permit

Permit

Modifying Subscriber Policies

For a network interface configured as a subscriber (client) interface, you can modify the default subscriber policy to change the default permit or deny value for one or more of the packet or attribute types listed in Table 113.

You cannot, however, change the default trunk policy for a network interface configured as a trunk interface or for the VPLS virtual core interface. Trunk interfaces and the VPLS virtual core interface always use the default trunk policy, which forwards packets of all types and permits relearning.

Table 114 lists the commands that you can use to modify subscriber policies for subscriber (client) interfaces associated with either a VPLS instance or a standard bridge group.

Table 114: Commands to Configure Subscriber Policies

arp

pppoe

bridge subscriber-policy

relearn

broadcast

subscriber-policy

ip

unicast

mpls

unknown-destination

multicast

unknown-protocol

Considerations for VPLS Network Interfaces

When you configure network interfaces for a VPLS instance, you must ensure that the subscriber policy in effect for the interface is appropriate for your network configuration.

To ensure that the network interface permits relearning and forwards (permits) packets for all of the protocol types listed in Table 113, be sure to configure the network interface as a trunk (server) interface so that it always uses the default trunk policy. For example, the following commands associate a 10-Gigabit Ethernet interface with a VPLS instance named vplsBoston, and configure the interface as a trunk.

host1(config)#interface tenGigabitEthernet 4/0/1 host1(config-if)#bridge-group vplsBoston subscriber-trunk

If you configure a VPLS network interface as a subscriber (client) interface, use care if you modify the default subscriber policy in effect for that interface. For example, if you use the arp command to change the default value for ARP packets from permit (forward) to deny (filter or drop), make sure you also use the bridge address command to add the appropriate static (nonlearned) ARP entry to the forwarding table. If an ARP entry expires from the forwarding table and the subscriber policy is configured to deny ARP packets, the router cannot properly forward subsequent ARP packets.

For information about using these commands, see Configuring Secure Policies in the JunosE Link Layer Configuration Guide.

Related Documentation