Information About Connectivity Fault Management

Table 1. Feature History
Feature Name Release Information Description
Ethernet Connectivity Fault Management Support on Cisco IOS XE Catalyst SD-WAN Devices

Cisco IOS XE Catalyst SD-WAN Release 17.4.1a

Cisco vManage Release 20.4.1

The Ethernet Connectivity Fault Management functionality helps to monitor the Carrier Ethernet Network links.

Introduction to Ethernet CFM

Ethernet Connectivity Fault Management (CFM) is an end-to-end per-service-instance ethernet layer operation, administration, and management (OAM) protocol. It includes proactive connectivity monitoring, fault verification, and fault isolation for large ethernet metropolitan-area networks (MANs) and wide-area-networks (WANs). Service provider networks are large and complex and have a wide user base. OAM protocols help in isolating failures and responding to them in a timely manner.

How CFM Works in Cisco Catalyst SD-WAN

In a network where the provider edge routers and customer premise equipment (CPE) are connected through carrier ethernet network, it is necessary to monitor the links for any breakage. With the support for CFM on carrier ethernet networks, CFM messages are exchanged between provider edges and CPEs, and the CFM protocol ensures the provider edge is aware of any link failures in the network.

CFM in Cisco Catalyst SD-WAN is supported on these interface types:

  • VDSL interfaces

  • SHDSL interfaces

  • GigabitEthernet interfaces

The following components support the functioning of CFM on Cisco Catalyst SD-WAN.

Down Maintenance End Points

A maintenance domain is a management space for managing and administering a network. A domain is owned and operated by a single entity and defined by the set of ports internal to the domain and at its boundary. A maintenance association identifies a service that can be uniquely identified within the maintenance domain. The CFM protocol runs within a maintenance association.

A maintenance end point (MEP) is a demarcation point on an interface that participates in CFM within a maintenance domain. MEPs drop all lower-level frames and forward all higher-level frames. MEPs are defined per maintenance domain (level) and service (S-VLAN or ethernet virtual circuit (EVC)). They are at the edge of a domain and define the boundary and confine CFM messages within that boundary. MEPs can proactively transmit CFM continuity check messages (CCMs) and at the request of an administrator, transmit traceroute, and loopback messages.

A down MEP sends and receives CFM frames through the wire connected to the port on which the MEP is configured. For CFM frames coming from the relay side, the down MEP drops all lower-level frames and those that are at its level. For CFM frames coming from the wire side, the down MEP processes all frames at its level and drops lower-level frames, except for traffic going to the other lower level down MEP. The MEP transparently forwards all CFM frames at a higher level, regardless of whether they are received from the relay or through the wire.

In order to deploy down MEP per subinterface, you must first create a EVC+VLAN maintenance association, configure the VLAN id under the subinterface, and then configure down MEP under the parent interface of that subinterface.

Ethernet CFM and Ethernet OAM Interaction

Ethernet Virtual Circuit

An EVC as defined by the Metro Ethernet Forum is a port-level point-to-point or multipoint-to-multipoint Layer 2 circuit. EVC status can be used by an edge device either to find an alternative path into the service provider network or in some cases, to fall back to a backup path over Ethernet or over another alternative service such as asynchronous transfer mode (ATM).

OAM Manager

OAM manager is an infrastructure element that streamlines interaction between OAM protocols. The OAM manager requires two interworking OAM protocols, in this case, Ethernet CFM and Ethernet OAM. Interaction is unidirectional from the OAM manager to the CFM protocol and the only information exchanged is the user network interface (UNI) port status. Additional port status values available are:

  • REMOTE_EE—Remote excessive errors

  • LOCAL_EE—Local excessive errors

  • TEST—Either remote or local loopback

After CFM receives the port status, it communicates that status across the CFM domain.

SNMP Traps

MEPs generate two types of Simple Network Management Protocol (SNMP) traps: continuity check (CC) traps and cross-check traps.

Continuity check traps:

  • MEP up: Sent when a new MEP is discovered, the status of a remote port changes, or connectivity from a previously discovered MEP is restored after interruption.

  • MEP down: Sent when a timeout or last gasp event occurs.

  • Cross-connect: Sent when a service ID does not match the VLAN.

  • Loop: Sent when a MEP receives its own continuity check messages (CCM).

  • Configuration error: Sent when a MEP receives a continuity check with an overlapping MPID.

Cross check traps:

  • Service up: Sent when all expected remote MEPs are up in time.

  • MEP missing: Sent when an expected MEP is down.

  • Unknown MEP: Sent when a CCM is received from an unexpected MEP.

Restrictions for Configuring Ethernet CFM

  • You can configure CFM only through CLI on Cisco SD-WAN Manager. Therefore, you can access the CFM execution for link fault detection, verification and isolation in the SSH terminal of your device.

  • UP MEPs and maintenance intermediate points (MIPs) are not supported.

  • CFM trouble-shooting functionality such as, layer 2 traceroute and ping by CFM is not supported on Cisco SD-WAN Manager. This functionality can be executed only on the device.

Configure Ethernet CFM using Cisco SD-WAN Manager CLI Template

The following commands are used to configure Ethernet CFM.

  1. To enable CFM IEEE version of CFM:

    Device(config)# ethernet cfm ieee

  2. To enable CFM processing globally on the device:

    Device(config)# ethernet cfm global

  3. To enable caching of CFM data learned through traceroute messages:

    Device(config)# ethernet cfm traceroute cache

  4. To enable ethernet CFM syslog messages:

    Device(config)# ethernet cfm logging

  5. To enable SNMP trap generation for ethernet CFM continuity check events:

    Device(config)# snmp-server enable traps ethernet cfm cc

  6. To enable SNMP trap generation for ethernet CFM continuity check events in relation to the cross-check operation between statically configured MEPs and those learned via CCMs:

    csnmp-server enable traps ethernet cfm crosscheck

  7. To define an EVC and enter EVC configuration mode:

    Device(config)# ethernet evc evc-id

  8. To define a CFM maintenance domain at a particular maintenance level and enter ethernet CFM configuration mode:

    Device(config)# ethernet cfm domain domain-name level level-id

  9. To include the sender ID TLVs and the attributes containing type, length, and values for neighbor devices:

    Device(config)# sender-id chassis

  10. To configure a maintenance association within a maintenance domain and enter ethernet CFM service configuration mode:

    Device(config-ecfm)# service short-ma-name evc evc-name vlan vlanid direction down

  11. To configure offload sampling:

    Device(config)# offload sampling sample

  12. To enable the transmission of CCMs:

    Device(config-ecfm-srv)# continuity-check

  13. To configure the time period between CCMs transmission (the default interval is 10 seconds):

    Device(config-ecfm-srv)# continuity-check [interval cc-interval]

  14. To configure the MEP domain and ID on the interface:

    Device(config)# interface interface-name

    Device(config-if)# cfm mep domain domain-name mpid id service service-name

For a detailed explanation on the purpose of each command, see Configuring Ethernet CFM.

Example Configurations

The following configuration example shows you how to configure CFM per subinterface for EVC+VLAN maintenance association: 


config-transaction
 ethernet cfm ieee
 ethernet cfm global
 ethernet evc USER-SERVICE
 !
 ethernet cfm domain USER level 7
  service USER-SERVICE evc USER-SERVICE vlan 112 direction down
   continuity-check
   continuity-check interval 10s
   continuity-check loss-threshold 3
 !
 ethernet cfm logging 
 !
 interface GigabitEthernet0/0/1
  no ip address
  speed 100
  no negotiation auto
  ethernet cfm mep domain USER mpid 1562 service USER-SERVICE
   cos 2
 !
 interface GigabitEthernet0/0/1.112
  description NAME 2286884663
   encapsulation dot1Q 112
   ip address 192.0.2.1 255.255.255.0

The following configuration example shows you how to configure CFM per physical interface for port maintenance association: 


config-transaction
 ethernet cfm ieee
 ethernet cfm global
 ethernet cfm traceroute cache
 ethernet cfm domain USER level 1
  sender-id chassis
  service USER-SERVICE port
   continuity-check
   continuity-check interval 1m
   sender-id chassis
 !
 ethernet cfm logging
 !
 interface Ethernet0/1/0
  no ip address
  load-interval 30
  speed [10/100/1000]
  duplex [half/full]
  ethernet oam mode passive
  ethernet oam remote-loopback supported
  ethernet oam
  ethernet cfm mep domain USER mpid 101 service USER-SERVICE
   alarm notification all
 !
 interface Ethernet0/1/0.101
  encapsulation dot1Q 101
  pppoe enable group global
  pppoe-client dial-pool-number 1
  no cdp enable
  ethernet loopback permit external

You can use this configuration in the CLI template on Cisco SD-WAN Manager as well as the CLI Add-On template.

For information on CLI Add-On Templates on Cisco SD-WAN Manager, see Create a CLI Add-On Feature Template