Upload
h4harsh
View
217
Download
0
Embed Size (px)
Citation preview
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
1/57
Network Learning CentreProprietary & Confidential
11
MEN Part 2
50467565
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
2/57
Network Learning CentreProprietary & Confidential
22
Agenda
Day4
Module 4o L2 VPN
Module 5o VPLS
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
3/57
Network Learning CentreProprietary & Confidential
33
Module 4
L2 VPN
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
4/57
Network Learning CentreProprietary & Confidential
44Page 4
Traditional L2 VPN
Leased Line Main shortcoming provisioning is time consuming,
expensive and difficult to manage it
Virtual Circuit Comparing with LL lower time consuming, lower price Providing service on ATM or FR network while the
network need to be set up and maintained separately Low speed
Complicated configuration
Leased line is the earliest "First Mile" technology employed for broadband access.Seldom used for residential broadband access due to their high monthly rental cost,leased lines are most commonly used by medium and large businesses andorganizations to provide broadband access to their employees over a Local Area
Network.Traditional VPNs are based on Asynchronous Transfer Mode (ATM) or Frame Relay(FR), where different VPNs can share the network structure of carriers. However,traditional VPNs have the following disadvantages.
Dependence on special media (such as ATM or FR): for ATM-based or FR-basedVPNs, carriers must establish ATM networks or FR networks across the country,which is a waste of network construction.
Complicated VPN structure: when a site is added to an existing VPN, it is required tomodify the configuration of all edge nodes that access the VPN site, the configurationtask is heavy and complicated.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
5/57
Network Learning CentreProprietary & Confidential
55Page 5
What is MPLS L2 VPN
MPLS L3 VPN
MPLS L2 VPN
Tunnel Label Inner Label Layer3 Header Data
Tunnel Label VC Label Layer2 Header Data
VPN as we know it is virtual private network, using some tunnel technology totransmit customer data from one side to another side through the provider network.MPLS L3 VPN we have learned that when customer data transmitted from one PEto another PE, the data only covers layer 3 and above information, without the
information of layer 2.
We define a Layer 2 VPN as one where a Service Provider provides a layer 2network to the customer. Within the Service Provider's network, the layer 2 packetsare transported within tunnels, which could be MPLS Label-Switched Paths (LSPs)or GRE tunnels, if we choose MPLS, just means MPLS L2 VPN.
Compare with L3 VPN , L2 VPN have many advantages, later we will introduce it.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
6/57
Network Learning CentreProprietary & Confidential
66Page 6
MPLS L2 VPN Network Structure
PEPE
Tunnel
Pseudo Wires
CustomerSite
CustomerSite
CustomerSiteCustomer
Site
The basic principle of all MPLS L2VPN modes,except CCC, is the same as the above shown.
From this figure we know that L2 VPN network structure is same like L3 VPNnetwork structure, and the definition of PE, P, CE is the same. The public network tunnel also is MPLS LSP tunnel. While there have some differences, usually MPLSL2 VPN packets also have two labels but CCC, CCC only have the tunnel label, the
others have a inner label means VC label. As we know, in MPLS L3 VPN, innerlabel used to identify different route, while in L2 VPN, inner label used to identifythe CE.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
7/57
Network Learning CentreProprietary & Confidential
77Page 7
MPLS L2 VPN Characters
The service provider use MPLS network to provide Layer 2 services to the customer. It seems that CEs areconnected directly or connected through layer2 switchnetworks, such as ATM, FR, Ethernet switch networks.
Routing occurs between CE routers
PE sends VPN traffic across the service providersnetwork to the PE router connected via LSP tunnels.
From the network structure we know that CE connect to PE, as for CE to CE,provider network provide layer 2 connection service, it seems that CEs areconnected directly or connected through layer 2 switch networks.
As provider network works like a layer 2 switch network, it will not participatecustomers routing exchange, so routing occurs between CE routers. This isdifferent with MPLS L3 VPN.
When PE sending VPN traffic across providers network, it use the MPLS LSPtunnel, same as MPLS L3 VPN.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
8/57
Network Learning CentreProprietary & Confidential
88Page 8
Advantages of MPLS L2 VPN
High Scalability
Separation of Administrative Responsibilities
Routing Privacy and Security
Ease of Configuration
Native Multi protocol Support
Signaling Flexibility
Cost-efficient Migration from Traditional Layer 2 VPN
High Scalability
PE routers share between themselves only a small amount of information abouteach CE router. Therefore, each PE need only maintain a single entry from eachCE
Separation of Administrative Responsibilities
The Service Provider is responsible for Layer 2 connectivity, and the customeris responsible for Layer 3 connectivity. This separation of responsibility alsoisolates customer-generated faults from provider network.
Routing Privacy and Security
As the routing information of the user is not imported, PE cannot obtain andprocess the users VPN routing information
Ease of Configuration
As for traditional layer 2 VPN, if CE is full-meshed, there have N 2 problem, justfor each CE, need to configure N-1 PVCs to other CEs, even when add a newCE, not only you need to configure the connected PE, the other PEs connectedwith other CEs also need to be configured. While Kompella L2 VPN, byconfiguring excessive CE range, when adding a new CE, only need to configure
the connected PE, spare more configuration task.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
9/57
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
10/57
Network Learning CentreProprietary & Confidential
1010Page 10
L2 VPN Common Packet Structure
Tunnel LabelIngress PE to Egress PE switching label
VC LabelIdentify different VC in the same tunnel
Emulate VC Encapsulation (Control Word) 32-bit Control Word
demultiplexer Field
L2 PDU
(Emulated)
TunnelHeader
Connection
Controlprotocol
LDP BGP STATIC-LSP and so on VC labels negotiation, withdrawing and error notification
Emulated Circuitsthree layers encapsulation
In an MPLS network, it is possible to use control protocols to set up "emulated virtualcircuits" that carry the Protocol Data Units of layer 2 protocols across the network. Anumber of these emulated virtual circuits may be carried in a single tunnel. Thisrequires of course that the layer 2 PDUs be encapsulated. We can distinguish three
layers of this encapsulation: the "tunnel header", which contains the information needed to transport the PDUacross the MPLS network; this is header belongs to the tunneling protocol, e.g.,MPLS, GRE, L2TP.
the "demultiplexer field", which is used to distinguish individual emulated virtualcircuits within a single tunnel; this field must be understood by the tunneling protocolas well; it may be, e.g., an MPLS label or a GRE key field.
the "emulated VC encapsulation", which contains the information about the enclosedlayer 2 PDU which is necessary in order to properly emulate the corresponding layer 2protocol.
-Although different layer 2 protocols require different information to be carried in thisencapsulation, an attempt has been made to make the encapsulation as common aspossible for all layer 2 protocols.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
11/57
Network Learning CentreProprietary & Confidential
1111Page 11
PDU Structure
Encap type Control Word
ATM AAL5 Y
Ethernet N
Frame Relay Y
HDLC NPPP N
Tunnel Label(LDP or RSVP)
0 7 15 23 31
EXP 0 TTLVC Label(VC) EXP 1 TTL(Set to 2)
Rsvd Flags 0 0 Length Sequence Number
Layer-2 PDU
Tunnel Label /VC Label
Control Word
Layer-2 Protocol Data Unit
In most cases, it is not necessary to transport the layer 2 encapsulation across thenetwork; rather, the layer 2 header can be stripped at ingress PE, and reproduced ategress PE. This is done using information carried in the control word, as well asinformation that may already have been signaled from ingress PE to egress PE.
There are three requirements that may need to be satisfied when transporting layer 2
protocols over an MPLS backbone:1. Sequentiality may need to be preserved.
2. Small packets may need to be padded in order to be transmitted on amedium where the minimum transport unit is larger than the actual packetsize.
3. Control bits carried in the header of the layer 2 frame may need to betransported.
The control word defined here addresses all three of these requirements. For
some protocols this word is REQUIRED, and for others OPTIONAL. Forprotocols where the control word is OPTIONAL implementations MUSTsupport sending no control word, and MAY support sending a controlword.
In the control word the first 4 bits are reserved for future use. They MUST be set to 0when transmitting, and MUST be ignored upon receipt.
The next 4 bits provide space for carrying protocol specific flags. These are definedin the protocol-specific.
The next 2 bits MUST be set to 0 when transmitting. The next 6 bits provide alen th field which is used as follows: If the acket's len th defined as the len th
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
12/57
Network Learning CentreProprietary & Confidential
1212Page 12
1 CCC1 CCC
2 Martini2 Martini
3 SVC3 SVC
4 Kompella4 Kompella
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
13/57
Network Learning CentreProprietary & Confidential
1313Page 13
CCC (Circuit Cross Connect)
MPLS Network
Branch Office A
PE
PE
PE
Branch Office A Branch Office A
Tunnel Label Layer2 Header Data
Local Connection
RemoteConnection
Branch Office B
Headquarter B
Headquarter A
Only one level
An important application of MPLS is the "convergence" of Layer 2 networks,i.e., a means of transporting Layer 2 frames over an MPLS infrastructure. CCCis the first instantiation of this technology that was deployed in productionnetworks.
CCC Circuit Cross Connect is a static VC connected VPN, according to theconfiguration, PE map the received layer 2 packets to a static configured LSP,and then the packet forwarded through the provider network by MPLS to theother end, finally to the other CE.
CCC is different with other MPLS L2 VPN, CCC only have one level label andwith this label to execute label switching, so CCC occupy the static LSPmonopolistic, and as we know LSP is one way, so we need to configure twoLSPs. Because the LSP is monopolistic, it can not be used to other service such
as other MPLS L2 VPN connection or BGP/MPLS VPN or IP packetforwarding and so on. CCC VPN only need the provider network to supportMPLS is OK
CCC is apt for mini and simple topology MPLS network, all the LSP need to beconfigured manually. And it does not need signaling protocol. So the resourcecost is low, easy to understand but maintain is difficult.
CCC provide transparent layer 2 connection with two CEs, when transmittingthe packets only the layer 2 address is changed without other changes.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
14/57
Network Learning CentreProprietary & Confidential
1414Page 14
1 CCC1 CCC
2 Martini2 Martini
3 SVC3 SVC
4 Kompella4 Kompella
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
15/57
Network Learning CentreProprietary & Confidential
1515Page 15
Martini Network Structure
MPLS Network
PE
M P LS T u n n e l ( LS P )
M P L S T u n n
e l ( L S P )
PE
MP L
S T
unn
el
( L S P
)
Headquarter A
Outer Label VC Label
PE
VC Label distributed by LDP
Branch Office A
Branch Office A
Headquarter B
Branch Office B
Branch Office B
Layer2 Header Data
The Martini mode implements MPLS L2VPN by setting up a point-to-point link. Ittakes LDP as the signaling protocol to transfer Layer 2 information and VC labels.
Martini MPLS L2VPN adopts VC-type plus VC-ID to identify a VC between twoCEs.
VC-type: indicates the type of the VC, such as ATM, VLAN and PPP.
VC-ID: VC-ID of each VC in the same VC-type must be unique in the wholePE.
PEs connecting two CEs exchange VC labels through LDP, and bind thecorresponding CE by VC-ID.
Martini supports inter-AS L2VPN in multi-hop mode. But it does not support localconnection.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
16/57
Network Learning CentreProprietary & Confidential
1616Page 16
Draft for Martini
The Mode is based on two drafts from LuccaMartini. draft-martini-l2circuit-trans-mpls
VC label distribution, uses extended LDP
draft-martini-l2circuit-encap-mpls Different encapsulation mechanism for different
L2 circuit.
draft-martini-l2circuit-trans-mpls :
This document describes methods for transporting the Protocol Data Units (PDUs)of layer 2 protocols such as Frame Relay, ATM AAL5, Ethernet, and providing acircuit emulation service across an MPLS network.
draft-martini-l2circuit-encap-mpls :
This document describes methods for encapsulating the Protocol Data Units(PDUs) of layer 2 protocols such as Frame Relay, ATM, or Ethernet for transportacross an MPLS network. Although different layer 2 protocols require differentinformation to be carried in this encapsulation, an attempt has been made to makethe encapsulation as common as possible for all layer 2 protocols.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
17/57
Network Learning CentreProprietary & Confidential
1717Page 17
Martini Characters
VC ID is used to identify a VC,VC Type indicates theencapsulation type.
Martini Protocol extends LDP by adding VC FEC typeincluding VC ID and VC Type. One label is allocated for per VC FEC.VC label has only local meanings.
VC FEC and VC label is exchanged through targetedLDP session between two PEs.
Tunnel between PEs can be used commonly by differentVCs. Tunnel type can be LSP,TE tunnel or GRE tunnel.
Cant provide local connection.
The Martini mode implements MPLS L2VPN by setting up a point-to-point link. Ittakes LDP as the signaling protocol to transfer layer 2 information and VC labels.
Martini MPLS L2VPN adopts VC-Type + VC-ID to identify a VC between twoCEs.
VC-Type: indicates the type of the VC. For example, ATM, VLAN orPPP.
VC-ID: VC-ID of each VC in the same VC-TYPE must be unique in thewhole PE.
PEs connecting two CEs exchange VC labels through LDP, and bind thecorresponding CE by VC-ID.
After the LSP connecting the two PEs is successfully created, and the labelexchange and the binding with CE are finished, a VC is set up.
In order to exchange VC labels between PEs, Martini has extended LDP by addingthe FEC type in the VC FEC. Moreover, because the two PEs exchanging VClabels may not be connected directly, a remote LDP session must be set up totransfer the VC FEC and VC labels.
Martini supports inter-AS L2VPN in multi-hop mode. But it does not support localconnection. Why? Because VC type + VC ID is unique, one PE cant connect two
CEs with the same VC type and VC ID.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
18/57
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
19/57
Network Learning CentreProprietary & Confidential
1919Page 19
VC Status
An In Label is allocated when a LDP VC is configured. If the Local State is up i.e. if the interface is up
LDP Session is established
at least one tunnel to destination exists
then a mapping containing L2VPN Info like VC-ID, Interface typeand other Interface parameters are sent to the destination.
VC state is not up until it receives a mapping from the remote peer with matching VC ID, Interface type and parameters.
With this mapping we also receive the in-label of the remote VCwhich is out-label for the local LDP VC.
When the VC status will be UP, there should be local LDP VC is configured andlocal state and interface is UP, LDP session is established and a mapping messagefrom remote peer is received with matching VC ID encapsulation type andparameters, both sides do the same works, then the VC status will be UP.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
20/57
Network Learning CentreProprietary & Confidential
2020Page 20
Label Mapping
PE1 PE2
2. PE1 starts LDP sessionwith PE2 if one does notalready exist
CE1CE2
1.L2 transport routeentered on ingress PE
3. PE1 allocates VC labelFor new interface & bindsto configured VCID
4. PE1 sends label mappingMessage containing VC FECTLV & VC label TLV
5. PE2 receives VC FECTLV & VC label TLV thatMatches local VCID
PE2 repeats steps 1-5 sothat bi-directionallabel/VCID mappings areestablished
The VC label mapping procedures are as follows:
1. L2 transports routes to the ingress PE1
2. PE1 checks whether there have the LDP remote session with the other PE like
PE2, if not, sets up the remote session with PE2.
3. PE1 allocates a VC label for the new interface and bind it to the configured VCID.
4. PE1 sends out the label mapping message to the remote peer PE2.
5. PE2 receive the message and check matches of VC ID, if matched, keep themapping label. And also PE2 repeat the steps 1-5.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
21/57
Network Learning CentreProprietary & Confidential
2121Page 21
Label Withdrawing
PE1 PE2
CE1 CE2
If a PE route detects a condition that affects normalservice, it must withdraw the corresponding VC labelthrough the LDP signaling
Circuit status signaling PE port failure triggersGroup ID withdraw
LDP label withdraw VCID20 VC label 100
CE port/VC failuretriggers Labelwithdraw Msg
As mentioned before the Group ID field can be used to withdraw all VC labelsassociated with a particular group ID. This procedure is OPTIONAL, and if it isimplemented the LDP label withdraw message should be as follows: the VCinformation length field is set to 0, the VC ID field is not present, and the interface
paramenters field is not present. All LSRs implementing this design areREQUIRED to accept such a withdraw message, but are not required to send it.
The interface parameters field must not be present in any LDP VC label withdrawalmessage or release message. A wildcard release message must include only thegroup ID.A Label Release message initiated from the imposition router mustalways include the VC ID.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
22/57
Network Learning CentreProprietary & Confidential
2222Page 22
Questions
Martini provide local connection or not? Why?
As we know, two CEs which can set up the VPN connection need to be
the same encapsulation type and CE ID, then on PE the in and out VC
label is the same?
1. Not support, Because VC type + VC ID is unique, one PE cant connect twoCEs with the same VC type and VC ID.
2. Remember? In label is allocated by local PE, out label is allocated by remotePE, they are allocated independently. So usually it is not the same.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
23/57
Network Learning CentreProprietary & Confidential
2323Page 23
1 CCC1 CCC
2 Martini2 Martini
3 SVC3 SVC
4 Kompella4 Kompella
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
24/57
Network Learning CentreProprietary & Confidential
2424Page 24
SVC (Static Virtual Circuit)
Similar to Martini MPLS L2VPN, the onlydifference is In and Out VC Label is allocatedmanually.
Targeted LDP session between two PEs is notneeded for VC info exchange.
VC state only depends on the local state and thetunnel state between two PEs.
Tunnels are used to pass on the data packets
between the PEs.
SVC implements MPLS L2VPN through static configuration. SVC transfersL2VPN information without using the signaling protocols. But it requires themanual configuration of VC Label information.
While creating the static L2VC connection of SVC, you can specify the tunnel type(LDP LSP, CR LDP or GRE) to be used and load balancing through tunnelpolicies.
SVC supports inter-AS L2VPN in multi-hop mode but does not support localconnection.
Note:
The labels used by CCC and SVC range from 16 to 1023, that is, they are in thesame label space with those reserved for static LSP.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
25/57
Network Learning CentreProprietary & Confidential
2525Page 25
1 CCC1 CCC
2 Martini2 Martini
3 SVC3 SVC
4 Kompella4 Kompella
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
26/57
Network Learning CentreProprietary & Confidential
2626Page 26
Kompella Network Structure
MPLS Network
PE
M P LS T u n n e l ( LS P )
M P L S T u n n
e l ( L S P )
PE
MP L
S T
unn
el
( L S P
)
Headquarter A
Outer Label VC Label Layer2 Header Data
PE
l2VPN Instance info distributed by BGP
Brach Office A
Brach Office A
Headquarter B
Brach Office BBrach Office B
The Kompella mode realizes MPLS L2VPN by means of end-to-end (CE to CE) inthe MPLS network. It takes BGP as the signaling protocol to transfer Layer 2information and VC labels.
Kompella MPLS L2VPN is different from Martini in that it does not operate on theconnection between the CEs directly. It allocates different VPNs in the whole SPnetwork and encodes each CE in the VPN. Similar to BGP/MPLS VPN, KompellaMPLS L2VPN also uses VPN targets to identify different VPNs that make the VPNnetworking more flexible.
To connect two CEs, you need to configure local CE ID and remote CE ID on thePE.
Kompella supports both local and remote connections.
It supports inter-AS L2VPN in the following two modes:
Multi-hop mode: adopts routes with BGP label.
MP-EBGP mode: saves label block on the ASBR
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
27/57
Network Learning CentreProprietary & Confidential
2727Page 27
Draft for Kompella
Implemented through a draft from KeertiKompella. draft-kompella-l2vpn-l2vpn-01
Describes label distribution, uses BGP4
Continue to use Martini draft for encapsulation draft-martini-l2circuit-encap-mpls
draft-kompella-l2vpn-l2vpn-01.txt. this draft expiration date is July 2006.
This document offers a solution that preserves the advantages of a Layer 2 VPNwhile allowing the Service Provider to maintain and manage a single network forIP, IP VPNs and Layer 2 VPNs, and reducing the provisioning problemsignificantly. In particular, adding a site to an existing VPN in most cases requiresconfiguring just the Provider Edge router connected to the new site.
To ease the restriction that all sites within a single VPN connect via the same layer2 technology, this document proposes a limited form of layer 2 interworking,restricted to IP only as the layer 3 protocol.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
28/57
Network Learning CentreProprietary & Confidential
2828Page 28
Kompella Control Plane
PE1PE2
CE1CE2
MP-BGP
PE1 sends out theconfigured VPN info
to neighbors with
MP-BGP
PE2 receives theInformation and checks it
and calculate the VClabel with it
1. BGP version 4 is used as the auto-discovery and signaling protocol for Layer 2VPNs. In BGP, the Multiprotocol Extensions (MP-BGP) are used to carry L2-VPN signaling information. MP-BGP defines the format of two BGP attributes(MP_REACH_NLRI and MP_UNREACH_NLRI) that can be used to
announce and withdraw the announcement of reachability information. Weintroduce a new address family identifier (AFI) for L2-VPN [to be assigned byIANA, because it is a draft], a new subsequent address family identifier (SAFI)[to be assigned by IANA], and also a new NLRI format for carrying theindividual L2-VPN label-block information. One or more NLRIs will be carriedin the above-mentioned BGP attributes. L2VPN NLRIs must be accompaniedby one or more extended communities. the reuse of ROUTE TARGETextended community. Its usage is exactly the same as in the case of MPLS L3VPN, also RD.
2. Different site within the same VPN is identified by using CE ID, in the sameVPN, CE ID should be unique.
3. Each PE use the receiving l2vpn information to calculate the VC label.Different VC label is bound with PE-CE link, not like L3 VPN for route.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
29/57
Network Learning CentreProprietary & Confidential
2929Page 29
VPN Information Label Block
1000
1001
1002
1003
1004
1005
1006
1007
1008
PE Label Block
CE1 Label Block1LB=1000LR=3LO=0
CE2 Label Block1LB=1003LR=3LO=0
CE1 Label Block2LB=1006LR=3LO=3
PE chooses a Label Block. Label Base : Smallest Label
in Block Range : number of labels of
the block Offset: the sum of all the
previous label blocks range. A remote site with CE ID m will
connect to this CE with a labelselected from one of the labelblocks. block offset
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
30/57
Network Learning CentreProprietary & Confidential
3030Page 30
Label Block Structure
Length
Route Distingguisher
CE ID
Label-block Offset Label Base
Label Base
0 7 15 23 31
Variable TLVs
Circuit State Vector (CSV): variable TLV,used to identify the status of circuit.
One or more such NLRIs can be carried in a single MP_REACH_NLRI orMP_REACH_NLRI attribute. An L2VPN NLRI is uniquely identified by the RD,CE ID and the Label-block Offset. So an L2VPN NLRI carried inMP_UNREACH_NLRI attribute must contain only these 3 fields other than the
length field.
Length :
The Length field indicates the length in octets of the L2-VPN address information.
Route Distinguisher :
Has the same meaning as in MPLS L3 VPN.
CE ID, Label Base and Label offset please refer to previous slide.
Variable-TLVs:
L2VPN TLVs can be added to extend the information carried in the L2 VPN NLRI.In L2VPN TLVs, type is 1 octet, length is 2 octets and represents the size of thevalue field in bits.
A new sub-TLV (CSV) is introduced to carry the status of an L2VPN PVC betweena pair of PEs. This sub-TLV is a mandatory part of MP_REACH_NLRI.
The value field of this TLV is a bit-vector, each bit of which indicates the status of
the VC associated with the corresponding label in the label-block. Bit value 0
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
31/57
Network Learning CentreProprietary & Confidential
3131Page 31
Layer2-Info Extended Community
Extended Community type Encaps Type
Layer-2 MTU
0 7 15 23 31
Control Flags
Reserved
The extended community, Layer2-Info, Usedto carry layer 2 specific information in aVPN. This extended community must becarried as part of path attribute in all BGPupdate messages carrying L2VPN NLRIs.
Extended Community Type TBD( to be determined)
Encapsulation Type Identifies the layer 2 encapsulation, e.g., ATM, Frame Relayetc. The following encapsulation types are defined:
Value Encapsulation
0 Reserved
1 Frame Relay
2 ATM AAL5 VCC transport
3 ATM transparent cell transport
4 Ethernet VLAN
5 Ethernet
6 Cisco-HDLC
7 PPP
8 CEM [8]
9 ATM VCC cell transport
10 ATM VPC cell transport
11 MPLS
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
32/57
Network Learning CentreProprietary & Confidential
3232Page 32
VC Label Calculation-1
PE1 PE2
CE mCE k
L2VPNA (RD RT)CE mlabel-block : LmLm's block offset : LOmlabel-base : LBmlabel-range : LRm
L2VPNA (RD RT)CE klabel-block : LkLk's block offset : LOklabel-base : LBklabel-range : LRkMP-BGP
When a PE receives a Layer 2 VPN advertisement, it checks if the receivedVPN Target community matches any VPN that it is a member of.
Advertised PE1
VPN A
CE m
label-block Lm
Lm's block offset as LOm
label-base as LBm
label-range as LRmreceiving PE2 is a member of VPN A
the configured CE ID is k.
label-block Lk.
Lk's block offset LOk
label-base as LBk
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
33/57
Network Learning CentreProprietary & Confidential
3333Page 33
VC Label Calculation-2
Check the encapsulation type for VPN A, if does not match stop.(Note that for IP-only layer 2 interworking a separate encapsulationtype is defined).
Check if k = m. If so, issue an error: Stop. Search among all the label-blocks from m for one which satisfies
LOm
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
34/57
Network Learning CentreProprietary & Confidential
3434Page 34
VC Calculation Example
PE1 PE3
PE2
CE2
CE3CE1
102
103
201 203
301
302
2001 PayloadTunnel
1002 PayloadTunnel
3001 PayloadTunnel 1003 PayloadTunnel
3002 PayloadTunnel
2003 PayloadTunnel
I have:VPN : redCE-id: 1Label Base: 1000Label Range: 10
I have:VPN : redCE-id: 1Label Base: 1000Label Range: 10
I have:VPN : redCE-id: 2Label Base: 2000
Label Range: 10
I have:VPN : redCE-id: 2Label Base: 2000
Label Range: 10
I have:VPN : red
CE-id: 3Label Base: 3000Label Range: 10
I have:VPN : red
CE-id: 3Label Base: 3000Label Range: 10
For example: PE1s calculation
1.Check the encapsulation type
2.Check k=m or not.
3.Find a label block. [ Local block offset
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
35/57
Network Learning CentreProprietary & Confidential
3535Page 35
Kompella Summary
MP-BGP is used for signaling to transfer layer 2 NLRI and VC Label use CE-ID toidentify CE.
Label Block is allocated based on the CERange.
Advantages: Topology Auto-discovery; Support local
cross ; Inter-as support. Disadvantages
Implementation is complex; Venderswho support this are less; LabelWastage.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
36/57
Network Learning CentreProprietary & Confidential
3636Page 36
L2VPN Types
ModeIndex
Kompella Martini CCC SVC
Signaling BGP LDP NA NA
Tunnel Type GRE/LSP/
L2TPv3
GRE/LSP/
L2TPv3
Static LSP GRE/LSP/
L2TPv3
Tunnel Shared Shared Shared Exclusive Shared
EncapsulationType
ATM/FR/PPP/HDLC/ETH/VLAN
ATM/FR/PPP/
HDLC/ETH/
VLAN
ATM/FR/PPP/
HDLC/ETH/
VLAN
ATM/FR/PPP
/HDLC/ETH/
VLAN
Scalability High High Low Normal
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
37/57
Network Learning CentreProprietary & Confidential
3737Page 37
Layer 2 Interworking
As defined so far, all CE-PE connections for a given Layer 2 VPN mustuse the same layer 2 encapsulation, e.g., they must all be FrameRelay. This is often a burdensome restriction.
PE1 PE2
CE1CE2
FR LinkATM Link
Outer Label VC Label Layer3 Header Data
For Layer 2 interworking as defined here, when an IP packet arrives at a PE, itsLayer 2 address is noted, then all Layer 2 overhead is stripped, leaving just theIP packet. Then, a VPN label is added, and the packet is encapsulated in the PE-PE tunnel (as required by the tunnel technology). Finally, the packet is
forwarded. Note that the forwarding decision is made on the basis of the Layer 2information, not the IP header. At the egress, the VPN label determines to whichCE the packet must be sent, and over which virtual circuit; from this, the egressPE can also determine the Layer 2 encapsulation to place on the packet once theVPN label is stripped.
Notes:
In L2VPN interworking, L2VPN connection can only be established inKompella, Martini or CCC local connection mode, not in CCC remote
connection or SVC mode.
As for Huaweis device, the following interfaces used in L2VPN can beencapsulated with ip-interworking:
Interfaces and sub interfaces of Ethernet type
Interfaces and sub interfaces of Gigabit Ethernet type
Interfaces of Virtual-Ethernet type
Note that,
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
38/57
Network Learning CentreProprietary & Confidential
3838
Module 5
VPLS
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
39/57
Network Learning CentreProprietary & Confidential
3939Page 39
Basic concept of VPLS
VPLS is also known as Transparent LAN Service (TLS) and VirtualPrivate Switched Network service
VPLS provides L2 VPN service. By function, L2 VPN and L3 VPN aredifferent in whether L2 forwarding or L3 forwarding functions aresimulated on the public network
In VPLS, users are connected through a point-to-multipoint network,rather than the point-to-point connection service provided on thetraditional L2 VPN.
VPLS, in fact, is about creating a series of virtual switches on the PE to
be leased to users. Such virtual switches can be networked in thesame way as traditional switches. This way, the users can implementtheir own LAN connections through the WAN
VPLS OverviewVPLS Overview
VPLS is a L2 VPN technology based on MPLS and Ethernet technology. In thepast ten years, the Ethernet technology has seen rapid growth and found wideapplication. Its rate has increased from 10M to 100M and then to 1000M, while thedeployment costs become increasingly lower. The Ethernet technology has not onlyfound application with enterprise networks but also increasingly more application
with the operating networks, particularly MANs. Thanks to its high bandwidth andlow costs, the Ethernet is highly competitive. However, MAN Ethernet oftenprovides point-to-point services, and cannot provide services across the WAN. Thedevelopment of MPLS has enabled the wide application of the L2 VPN based onMPLS. However, other L2 VPNs except VPLS all provide only point-to-pointservices. To provide multipoint services similar to Ethernet on the MAN/WAN,VPLS has emerged at the right time.
VPLS provides services similar to LAN on the MPLS network. It allows users toaccess the network at the same time from multiple districted points to visit eachother, as if these points have been directly connected to a LAN. VPLS enables
users to expand their LANs to the MAN or even to WAN.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
40/57
Network Learning CentreProprietary & Confidential
4040Page 40
Basic concept of VPLS
VPLS StructureVPLS Structure
M P L S L S P
MP L
S L
S P
M P L S L S P
RR
RR
RRIP/MPLS network
B headquarters
PE
A branch 1
A branch 2A headquarters
B branch 1 B branch 2
PE
PE
CE
CEAttachmentCircuit
AttachmentCircuit
Pseudo-wire
Emulated Service
VirtualSwitchInstance
CEVirtualSwitchInstance
PE
CE
SS
SS
SS
SS
SS
SS
CE
CE
Pseudo Wire (PW): It is a virtual connection used to transmit frames between twoPEs in VPLS. PE establishes and maintains PWs through the use of signaling, andthe two PEs at two ends of a PW maintain PW state information.
Virtual Switch Instance (VSI): Every VSI can offer separate VPLS service. TheVSI implements Ethernet bridge function and terminates Pseudo Wire (PW). InCisco it is called as VFI (Virtual Forwarding Instance)
Virtual Circuit (VC): a logic single directional circuit between two nodes. A PW isconstitutes by two opposite directional VCs. A VC can be used as a singledirectional PW.
Attachment Circuit (AC): In L2VPN, CE accesses PE through AC. AC can beeither a physical link or a logical link. AC transmits frames between CE and PE.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
41/57
Network Learning CentreProprietary & Confidential
4141Page 41
Basic concept of VPLS
Pseudo Wire (PW): It is a virtual connection used to transmit framesbetween two PEs in VPLS
Virtual Switch Instance (VSI): Every VSI can offer separate VPLSservice. The VSI implements Ethernet bridge function and terminatesPseudo Wire (PW). In Cisco it is called as VFI (Virtual ForwardingInstance)
Virtual Circuit (VC): a logic single directional circuit between twonodes. A PW is constitutes by two opposite directional VCs. A VC canbe used as a single directional PW.
Attachment Circuit (AC): In L2VPN, CE accesses PE through AC. AC
can be either a physical link or a logical link. AC transmits framesbetween CE and PE .
VPLS Basic ConceptVPLS Basic Concept
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
42/57
Network Learning CentreProprietary & Confidential
4242Page 42
Working process of VPLS
Member relationship discovery (controlplane)PW creation and maintenance (controlplane)
Forwarding based on MAC addresses inVSI (data plane)
Working process of VPLSWorking process of VPLS
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
43/57
Network Learning CentreProprietary & Confidential
4343Page 43
Working process of VPLS
Member discovery: It is the process to find all other PEs in thesame VPLS. This can be implemented either through manualconfiguration or automatically by the use of some protocols. In thelater case, it is called auto discovery.Signaling mechanism: It is the process to use the signalingprotocol between the PEs of the same VPLS to establish, maintainand remove PW.
Huawei products support the use of the BGP or LDP to implementthe control plane of VPLS, referred to as Kompella VPLS andMartini VPLS respectively. Whereas, Cisco products support only
Martini.
Control PlaneControl Plane
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
44/57
Network Learning CentreProprietary & Confidential
4444Page 44
Working process of VPLS
Encapsulation: When receiving Ethernetframes from CE, PE sends them to PSN after encapsulation.
Forwarding: How to forward packets dependson the interface receiving the packets and thedestination MAC addresses of the packets .
Data PlaneData Plane
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
45/57
Network Learning CentreProprietary & Confidential
4545Page 45
Working process of VPLS
RR
RR
RR
VPLS Forwarding ModelVPLS Forwarding Model
RR
RR
RR RR
RR
RR
VSI1
VSI2
VSI1
VSI2
VSI1 VSI2
CEVLAN1
CEVLAN2
CEVLAN1
CEVLAN2
CEVLAN2
CEVLAN1
PE PE
PE
PE implements VPLS forwarding through the use of VSIs. Ethernet frames can beforwarded between two PEs through the fully-connected Ethernet emulated circuitor PW.
PEs in a VPLS must be fully connected, that is, there is a PW between any twoPEs. Then packets can be directly transmitted from ingress PE to egress PE,without forwarded by intermediate PEs. Therefore, loop is free between PEs, andSpanning Tree Protocol (STP) is unnecessary to run.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
46/57
Network Learning CentreProprietary & Confidential
4646Page 46
Working process of VPLS
Packet transport processPacket transport process
M P L S L S P
MP L
S L
S P M P L S L S P
RR
RR
RRIP/MPLS network
A branch 1
A branch 2
A headquarters
PE
PE
CE
CE
CEPE
SS
SS
SS
The VPLS tunnel, for the CE equipment, islike a L2 switch thathas no protocolstarted, as ittransparentlytransmitted thepackets of the users
According to the VPNs of the users, thePE encapsulates the PDUs with the VCLabels to distinguish different users inthe MPLS network. According to thedestination MACs of the users, thePSTN labels are encapsulated for
transmission to the destination PE:Obviously, the PE in the VPLS networkmust have the ability to learn the MACaddresses of the users
When the PE forwardsthe packets from theremote PE, it selectsthe home VPNs of thePDUs of the usersaccording to the VClabel, and it looks for the egress interfaces of the packets ac cordingto the destinationaddresses of the users,removing the VC Labeland sending the originalPDUs of the users tothe CE
User PDUVC IDLableMAC User PDU
VC IDLableMAC User PDU
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
47/57
Network Learning CentreProprietary & Confidential
4747Page 47
Martini VPLS
Using the LDP as signaling Using the TLV of the expanded standard LDP to carry the
information of VPLS FEC TLV of type 128 and type 129 added
Label allocation and reservation mode when PW isestablished DU (downstream unsolicited) used as the allocation
mode Liberal label retention used as the label retention mode
LDP connection used for exchanging VC signaling must beconfigured to be the Remote mode in Huawei routers
OverviewOverview
Martini VPLS: LDP used for signaling, and needing manual designation of variouspeers of the PE. Since full connections must be established between various PEs inthe same VPLS, whenever a new PE joins, all related PEs modify theconfiguration, which causes poor expandability. Since the PW is actually a point-to-point link, the LDP is more effective to be used for establishing, maintaining and
removing the PW.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
48/57
Network Learning CentreProprietary & Confidential
4848Page 48
Martini VPLS
Signaling processSignaling processPE1 PE2
Configuring VSI, anddesignatingthe PE2 as Peer Configuring VSI, and
designatingthe PE1 as Peer
Mapping Message
Mapping MessageInterface parametersmatch . PW UP
Interface parametersmatch . PW UP
Withdraw Message
Release MessageRemoving PWPW Down
Recycle labelPW Down
This slide shows a typical process where the LDP is used as the signaling for theestablishment and removal of the PW. When the PE1 is configured with one VSI(Virtual Switch Instance) and the PE2 has been designated as its peer, a label willbe assigned and the mapping message will be sent to PE2 if the LDP session hasalready been established between PE1 and PE2. After PE2 receives the mapping
message, it checks if the same VSI has been configured locally. If the same VSIhas been configured, and the VSI ID and encapsulation type are both the same, itmeans that the VSIs on these two PEs are within the same VPN. If the interfaceparameters are the same between them, the PW on the PE2 end has beenestablished. After PE1 receives the mapping message from PE2, it performs thesame check and processing.When PE1 no longer wants to forward the packets of PE2 (for example, the user cancels the designation of the PE2 as peer), it sends thewithdraw message to the PE2. After PE2 receives the withdraw message, itremoves the PW and responds with the release message. After PE1 receives therelease message, it releases the label and removes the PW.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
49/57
Network Learning CentreProprietary & Confidential
4949Page 49
Martini VPLS
RR RR
SS
Setup PWSetup PW
SS
IP MPLS Network
PE PE
CE CE
Vlan: 10 20 50 Vlan: 10 20 50
TrunkVLAN 10-50
TrunkVLAN 10-50
LSP
Remote Session
1.1.1.1
2.2.2.21.1.1.1
VCVC:111 in VLAN 10 VC:111 in VLAN 10
VC:222 in VLAN 20 VC:222 in VLAN 20
VC:555 in VLAN 50 VC:555 in VLAN 50.
.
.
2.2.2.2
Common LDP Neighbor still needs to be established between PE and P for theallocation of the MPLS labels of the public network.
Neighborhood relationship is established between PEs through the expanded LDP,and the TCP connection is directly used to send LDP messages to maintain theRemote LDP Session.
Through this LDP Session, the VPN control information is interacted, including theallocation of the PW labels (equivalent to the private labels in the L3VPN)PEcreates one VSI (Virtual Switch Instance) for each VPN. Each VSI has one ID.When the LDP negotiates for PW, the ID works as the tag of VPN
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
50/57
Network Learning CentreProprietary & Confidential
5050Page 50
Martini VPLS
Label allocationLabel allocation
To establish one VC, PE needs to allocate two layers of labels for it.
The outer layer label is the MPLS LSP label of the public network, asallocated by the LDP. Only with the outer layer label, packets can betransmitted on the public network.
The inner layer label is the VC label, as allocated through the negotiation of the remote LDP Session. PE allocates one label for each VC. PEdetermines the VC to which the packets belong according to the inner layer label, and then sends the packets to the right CE.
The VC can be up and the VPLS can start to work only when two layer
labels have been correctly allocated.
PW label allocation: PE allocates labels for the PW in the incoming direction, andidentifies it as Local-Labels. That of the PW in the outgoing direction is allocatedby the other party, and is identified as Remote-Label locally.
To establish one VC, PE needs to allocate two layers of labels for it.
The outer layer label is the MPLS LSP label of the public network, as allocated bythe LDP. Only with the outer layer label can packets be transmitted on the publicnetwork.
The inner layer label is the VC label, as allocated through the negotiation of theremote LDP Session established on the Loopback interface. PE allocates one labelfor each VC. How this is allocated is determined in advance by the PEs on bothends. PE determines the VC to which the packets belong according to the innerlayer label, and then sends the packets to the right CE.
The VC can be up and the VPLS can start to work only when two layer labels havebeen correctly allocated.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
51/57
Network Learning CentreProprietary & Confidential
5151Page 51
Martini VPLS
RR RR
SS
Packet forwardingPacket forwarding
SS
IP MPLS Network
PE PE
CE CE
Vlan: 10 20 50 Vlan: 10 20 50
TrunkVLAN 10-50Tag Payload
VC label Tag Payload
MPLS VC label Tag PayloadPrivate Label
Private LabelPublic Label
Start PE:
Each VSI is bound with a L3 vlan virtual interface connected to CE.
In packet forwarding, after a user packet is received, the VSI of the packet isselected according to the vlan of the physical port on the PE. Then, the ID of the
remote PE of the packet is found in the MAC table in the VSI according to thedestination MAC in the user packet, and label A of direction PW is foundaccording to the remote PE ID, and the label is encapsulated on the user packet.
If the MAC table of the VSI does not have the destination mac entry of the user, thepacket is sent as a broadcast packet. In other words, the packet is sent to all the PE-Peers of the VPN (in the VPN, the multicast packets of the user are processed inthe same way)
MPLS of the public network is looked up according to the ID of the remote PE,next the public network label is encapsulated, and then the Mac header of thepublic network is encapsulated
On the P equipment: SWAP,When the packet is propagated in the MPLS backbone network, all the Pequipments perform SWAP of the common public network label or perform PHPaccording to the LSP table.
End PE:
After a packet is forwarded to the end PE, the end PE views the label of the packetand finds the right VSI for the packet in the label table, and then the physical egressof the MAC is found in the MAC table of the VSI, and the label of the packet isPOPed. Finally the packet is forwarded from the appropriate physical port
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
52/57
Network Learning CentreProprietary & Confidential
5252Page 52
Key Technology
In the VPLS, the service provider network simulates the bridge
equipment, and the PE performs MAC address learning. To forward
packets, the PE must be able to associate the destination MAC address
with the PW. The PE learns the remote MAC address through the PW,
and learns the MAC address of direct access through the AC.
MAC address from the remote PE: recorded as MACLSR-ID of
the remote PE
MAC from the local CE: recorded as MACVSI corresponding
interface
MAC Address LearningMAC Address Learning
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
53/57
Network Learning CentreProprietary & Confidential
5353Page 53
Key Technology
RR
RR
RR
MAC Address Learning and FloodingMAC Address Learning and Flooding
SS
SS
SS
MAC A IP 1.1.1.2
ARP Broadcast
VSI MAC PORT
VPN1 A Vlan10,port1
VPN1 B PW1
VSI MAC PORT
VPN1 A PW2
VSI MAC PORT
VPN1 A PW1
VPN1 B Vlan10,port1MAC B IP 1.1.1.3
ARP Response
PW2
P W 2P W 1
I) Source MAC address learning
To forward packets, the PE needs to create the MAC forwarding table. It isdifferent from the BGP VPN in that the BGP VPN uses the route distributionmechanism to create the routing table, working on the control plane. TheVPLS uses the standard bridge learning function to create the forwardingtable, performed by the forwarding plane. The method for creating the MACforwarding table is MAC address learning, including learning the packetsfrom the user side and the packets from the PW. The outgoing interfaces of the MAC addresses learnt from the PW must be set to the correspondingoutgoing PW of the PW. The MAC address learning process consists of twoparts:
A. Remote MAC address learning associated with PW
Because the PW consists of one pair of unidirectional VC LSP (only when the VCLSP in both directions are both UP, the PW is deemed as UP), when anunknown MAC address is learnt from the VC LSP of the incoming direction,the PW must map the address MAC to the VC LSP of the outgoing direction.
B. Local MAC address learning of the port directly connected to the user
For a L2 packet submitted by the CE, the source MAC address in the packet mustbe learnt to the corresponding port of the VSI.
II) MAC address aging
The remote MAC addresses learnt by the PE must have an aging mechanism toremove the entries related to the VC label that are no longer used. When apacket is received, its appropriate aging timer is reset according to the sourceaddress. Similarly, the MAC addresses learnt in the local VSI must all
undergo the aging process.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
54/57
Network Learning CentreProprietary & Confidential
5454Page 54
Key Technology
Qualified PE learns MAC addresses according to MAC addresses of
Ethernet packets and VLAN tags, that is, based on everyVLAN of every VSI. In this mode, every VLAN forms itsown broadcast domain and has its own independent MACaddress range.
Unqualified PE learns MAC addresses according to MAC addresses of
Ethernet packets, that is, based on every VSI. In this mode,all VLANs share a broadcast domain and a MAC address
range. The MAC address of a VLAN must be unique, an dno overlapped address exists .
Two modes of MAC address learningTwo modes of MAC address learning
One feature of the Ethernet network is that for broadcast packets, multicast packetsor unicast packets with unknown destination MAC addresses, the Ethernet network sends them to all the other ports on the same Ethernet segment.
In VPLS, the service provider network stimulates network bridge devices and PEperforms MAC address learning. PE must associate destination MAC address withPW to forward packets. PE learns remote MAC addresses through PW and directly-connected MAC addresses through AC.
There are two modes of MAC address learning:
Qualify: PE learns MAC addresses according to MAC addresses of Ethernetpackets and VLAN tags, that is, based on every VLAN of every VSI. In this mode,every VLAN forms its own broadcast domain and has its own independent MACaddress range.
Unqualify: PE learns MAC addresses according to MAC addresses of Ethernetpackets, that is, based on every VSI. In this mode, all VLANs share a broadcastdomain and a MAC address range. The MAC address of a VLAN must be unique,and no overlapped address exists.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
55/57
Network Learning CentreProprietary & Confidential
5555Page 55
Key Technology
If PE receives broadcast sent by the local customer, PEforwards it to all other ports and PEs of the same VPLS.
If PE receives broadcast sent by remote PE, PE forwards it todirectly-connected VPLS customers, instead of other PEs.
For the packet whose destination MAC address is non-broadcast address, if PE does not learn such MAC address,then PE broadcasts this packet.
Broadcast Traffic ForwardingBroadcast Traffic Forwarding
If PE receives broadcast flows sent by the local customer, PE forwards it to allother ports and PEs of the same VPLS.
If PE receives broadcast flow sent by remote PE, PE forwards it to directly-connected VPLS customers, instead of other PEs.
For the packet whose destination MAC address is non-broadcast address, if PEdoes not learn such MAC address, then PE broadcasts this packet.
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
56/57
Network Learning CentreProprietary & Confidential
5656Page 56
Key Technology
802.1Q tag,Ethernet access: (also known as QinQ access) The PE of the
carrier ignores the 802.1Q tag in the user packets, and it selects their home
VPNs according to the QinQ VLAN. This mode requires intervention in the
VLAN planning of the user, and one PE allows the VLAN overlapping of
different CEs.
VLAN access: The carrier allocates a user with a VLAN for access, and all the
packets of the user must be placed with the tag of the VLAN and sent to the
PE. Otherwise, communication is impossible. This mode requires intervention
in the user VLAN planning, and one PE does not allow the VLAN overlapp ingof different CEs.
Packet Encapsulation on ACPacket Encapsulation on AC
8/14/2019 MEN Part 2- Day4 -Ver1_NoRestriction
57/57
Network Learning CentreProprietary & Confidential
5757
ThankYou