35
CETTM MTNL 1 MPLS L2 VPN MPLS L2 VPN MODULE ID: TMPLL2V001

Mpls l2 VPN Tmpll2v001

Embed Size (px)

DESCRIPTION

ICAO

Citation preview

  • CETTM MTNL

    1MPLS L2 VPN

    MPLS L2 VPN

    MODULE ID: TMPLL2V001

  • CETTM MTNL

    2MPLS L2 VPN

    MPLS L2 VPN

    MPLS L2 VPN is a technology trying to simulate an L2 network over MPLS network. Just as its name infers, it has following 2 features: It is L2 VPN technology It is MPLS-based

  • CETTM MTNL

    3MPLS L2 VPN

    Problems of Traditional L2 VPN Problems

    Too complex control information Too much configuration Jobs Total system has to share same L2 technology

    MPLS L2 VPN intends to solve all these questions by following technologies: Solution 1: Tunnel Technology Solution 2: Pre-provision Solution 3: IP Backbone

  • CETTM MTNL

    4MPLS L2 VPN

    Basic Scenarios of MPLS L2 VPN

    Provide better scalability and flexibility

    dlci:103

    dlci:102

    dlci:301

    dlci:302

    rt1

    rt2

    rt3

    dlci:201dlci:203dlci:504

    rt5

    rt4

    rt6

    dlci:506

    dlci:405

    dlci:406

    dlci:604

    dlci:605

    Tunnel

    Emulated Virtual Circuit

  • CETTM MTNL

    5MPLS L2 VPN

    Whats Tunnel?

    Tunnel just has the traditional meanings. Tunnel here just could be GRE or other tunnel. Certainly, two MPLS LSPs can do same job.

    x and y here indicate the data transported in the tunnel

    Label:17 Label:18

    Label:100Label:101

    in NHLFE

    101pop, send to up layer

    x push 17, send to B

    LFIB of A

    AB

    C

    in NHLFE

    100 Swap 101, send to A

    17 Swap 18, send to C

    LFIB of B

    in NHLFE

    y push 100, send to B

    18 pop, send to up layer

    LFIB of C

  • CETTM MTNL

    6MPLS L2 VPN

    Whats Emulated VC?

    Below scenarios illustrate how to connect 2 local Frame Relay DLCI by 2 MPLS LSP emulated VC in a MPLS tunnel. (Question: why we need tunnel?)

    17 18

    100101

    AB

    C

    in NHLFE

    100 Swap 101, send to A

    17 Swap 18, send to C

    LFIB of B in NHLFE

    A push 100, send to B

    18 pop, send to up layer

    LFIB of C

    dlci 150 dlci 250

    1000

    2000

    EVC LSP Tunnel LSP

    in NHLFE

    101 pop, send to up layer

    C push 17, send to B

    LFIB of A

    Dlci:150 push 1000, send to C

    2000 pop, send to dlci 150

    Dlci:250 push 2000, send to A

    1000 send to dlci 250

  • CETTM MTNL

    7MPLS L2 VPN

    How do these VCS and tunnels work? This is MPLS L2 VPN!

    in NHLFE

    101 pop, send to up layer

    C push 17, send to B

    LFIB of A

    in NHLFE

    100 Swap 101, send to A

    17 Swap 18, send to C

    LFIB of B in NHLFE

    A push 100, send to B

    18 pop, send to up layer

    LFIB of C

    Dlci:150 push 1000, send to C

    2000 pop, send to dlci 150

    Dlci:250 push 2000, send to A

    1000 send to dlci 250

    AB

    C

    150

    L2 frame

    100017 100018 250

  • CETTM MTNL

    8MPLS L2 VPN

    But MPLS L2 VPN is not only this!

    Following essential questions still havent been answered: How to transmit L2 data transmitted in the MPLS

    network according control information ? Whats the encapsulation? How to simulate different L2 network behaviours in

    MPLS network? How to establish all the control information?

    How to establish the tunnel? How to establish the EVC? Does it have to be L2?

  • CETTM MTNL

    9MPLS L2 VPN

    L2 Data Encapsulation

    L2 data transmitted in backbone has 3 parts of encapsulation: Tunnel Header

    It contains the information needed to transport the L2 PDU across backbone;

    Demultiplexer Field It is used to distinguish individual emulated virtual circuits

    within a single tunnel; Emulated VC Encapsulation

    It contains the information about the enclosed layer 2 PDU which is necessary in order to properly emulate the corresponding layer 2 protocol.

  • CETTM MTNL

    10MPLS L2 VPN

    Tunnel & Demultiplexer Encapsulation

    Tunnel here could be based on any tunnel encapsulation technology: MPLS, GRE, etc.

    MPLS label should be used be as demultiplexer field.

    Here is a typical encapsulation manner:

    EXPTunnel Label

    S

    TTL0 EXPEVC Label TTL1

    S

  • CETTM MTNL

    11MPLS L2 VPN

    Emulated VC Encapsulation Quotes from draft-martini-l2circuit-encap-

    mpls-04.txt In most cases, it is not necessary to transport the

    layer 2 encapsulation across the network; rather, the layer 2 header can be stripped at R1(the ingress edge router), and reproduced at R2(the egress edge router). This is done using information carried in the control word, as well as information that may already have been signalled from R1 to R2.

  • CETTM MTNL

    12MPLS L2 VPN

    Control Word Details

    Flags is protocol specific. The value of the length field, if non-zero, can be

    used to remove any padding. The sequence number could be used to guarantee

    ordered packet delivery

  • CETTM MTNL

    13MPLS L2 VPN

    Layer 2 Frame Encapsulation Layer 2 frames could be transmitted

    Frame Relay ATM AAL5 CPCS-SDU ATM Cell Ethernet VLAN Ethernet HDLC PPP

  • CETTM MTNL

    14MPLS L2 VPN

    L2 Data Flow Model

    What MPLS L2 VPN stipulate is L2 network, and all L2 network could be classified as: LAN: Ethernet, Ethernet with VLAN WAN: Frame Relay, ATM, HDLC, PPP,

    Ethernet (PTP), Ethernet with VLAN (PTP) So, all MPLS L2 VPN could be classified as:

    VPLS: Virtual Private LAN Service VPWS: Virtual Private Wire Service

  • CETTM MTNL

    15MPLS L2 VPN

    VPWS Scenarios

    VPWS provide simple connection services. CE must configure a VC to any site it is willing to

    communicate with.

    dlci:103

    dlci:301

    dlci:302CE1

    CE2

    CE3

    dlci:201

    dlci:203

    PE1

    PE2

    PE3

    Pdlci:102

  • CETTM MTNL

    16MPLS L2 VPN

    VPWS Data Forwarding InformationBefore L2 data forwarding happening, all equipment involved must

    have the forwarding information established

    CE1

    PE1

    PE2

    PCE2

    IP DLCI

    CE2 102

    IN

    102

    NHLFE

    push 1000; push 100, send to P

    IN

    101

    1000

    NHLFE

    pop; send to up layer

    pop; send DLCI 201

    100 swap 101, send to PE2

    IN NHLFE IP DLCI

    CE1 201

  • CETTM MTNL

    17MPLS L2 VPN

    VPWS Data Flow

    dlci:103

    dlci:301

    dlci:302CE1

    CE2

    CE3

    dlci:201

    dlci:203

    PE1

    PE2

    PE3

    1000100

    201

    tunneldemultiplexer

    control word

    P

    102

    dlci:102

    CE1 has to configure 2 address maps for communication with CE2 & CE3

  • CETTM MTNL

    18MPLS L2 VPN

    General Concept Basically, signaling here has relation with

    following three technologies: Tunnel Signaling VC Signaling VPN Topology Discovery

  • CETTM MTNL

    19MPLS L2 VPN

    Tunnel Signaling Tunnel Signaling is the technology used to

    establish tunnel. - MPLS Tunnel

    LDP/CR-LDP RSVP-TE

    Traditional Tunnel L2TP GRE IPSEC

    PE PE

    PE

    P

  • CETTM MTNL

    20MPLS L2 VPN

    VC Signaling VC signaling means the technology used to establish

    emulated VC between PEs. Major differences among different MPLS L2 VPN

    technologies lies in this point. Typical VPWS technologies

    Martini Solution (LDP) Kompella Solution (BGP) I bind vc1 with label1000

    P

    PE

    PE

    CE

    CE

    Dlci 190, name vc1

    Dlci 290, name vc1

    I bind vc1 with label2000

  • CETTM MTNL

    21MPLS L2 VPN

    Martini MPLS L2 VPN Martini L2 VPN is defined by following 2 drafts:

    draft-martini-l2circuit-encap-mpls-04 draft-martini-l2circuit-trans-mpls-08

    Martini solution is a VPWS technology: Tunnel Signaling Technology: LDP VC Signaling Technology: LDP Remote Peer

  • CETTM MTNL

    22MPLS L2 VPN

    Basic Thoughts of Martini Signaling Tunnel signaling - LDP is used to establish MPLS tunnels between PEs. (However, other tunnels also could be used) VC signaling - PE names each attached VC by a 32 bits : VC-ID. - LDP remote peer relationship is established between 2 PES, then it is used to distribute and maintain label & VC bindings

    PE1

    CE

    PE

    CEP

    VC- ID:1DLCI:100 DLCI:200

    VC-ID:1

    (1,1000;PE1)

    (1,2000;PE2)

  • CETTM MTNL

    23MPLS L2 VPN

    How Could LDP do it?

    A new LDP FEC TLV is defined:

    VC FEC

  • CETTM MTNL

    24MPLS L2 VPN

    Fields in VC FEC C = 1 means control word will present on this VC. VC Type: Frame Relay DLCI, ATM AAL5 VCC

    transport, ATM transparent cell transport, Ethernet VLAN, Ethernet, HDLC, PPP, CEM, ATM VCC cell transport, ATM VPC cell transport

    Group ID: An arbitrary 32 bit value which represents a group of VCs that is used to create groups in the VC space.

    VC ID: A non zero 32-bit connection ID that together with the VC type, identifies a particular VC.

    Interface parameters: This variable length field is used to provide interface specific parameters, such as interface MTU

  • CETTM MTNL

    25MPLS L2 VPN

    Signaling Details Tunnel Signaling : It could be based on any form

    of signaling technology.

    PE1 PE2

    CE1P

    DCLI 500

    CE2

    DCLI 600ab

    c

    d(PE1,100;a) (PE1,101;c)

    (PE2,200;d)(PE2,201;b)

    PE2 push 201, send to b 100 pop, send to up layer

    IN NHLFE

    PE1 push 101, send to c 200 pop, send to up layer

    IN NHLFE

    201 Swap 200, send to d 101 Swap 100, send to a

    IN NHLFE

    LDP Label Mapping

  • CETTM MTNL

    26MPLS L2 VPN

    Signaling Details VC Signaling

    LDP Remote Peer, Downstream Unsolicited label distribution

    PE1 PE2

    CE1P

    DCLI 500

    CE1

    DCLI 600ab

    c

    d

    PE2 push 201, send to b 100 pop, send to up layer

    IN NHLFEPE1 push 101, send to c 201 pop, send to up layer

    IN NHLFE

    201 Swap 200, send to d 101 Swap 100, send to a

    IN NHLFE

    (VC1,1000;PE1)

    (VC1,2000;PE2)

    dlci 600 push 1000, send to PE1 2000 pop, send to dlci 600

    dlci 500 push 2000, send to PE2 1000 pop, send to dlci 500

  • CETTM MTNL

    27MPLS L2 VPN

    Kompella MPLS L2VPN Solution

    Kompella solution is defined by following 2 drafts draft-martini-l2circuit-encap-mpls-04 draft-kompella-ppvpn-l2vpn-00.txt

    Kompella solution is a VPWS technology: Tunnel Signaling Technology: LDP VC Signaling Technology: BGP

    2 significant features Topology auto discovery Auto Configuration

  • CETTM MTNL

    28MPLS L2 VPN

    General Concept Kompella is a similar L2 VPN solution as Martini

    solution They share same tunnel technology. They are based on similar transporting encapsulation. Basic thoughts of VC signaling are same: establish a binding

    between 2 simplex LSP and a VC. Compared to Martini solution, Kompella solution

    provides 3 additional features Topology auto discovery. (Martini just provide point to point

    connection services) Automatic configuration. (Just plug CE and configure CE,

    then it will work) . Layer 2 interworking.

  • CETTM MTNL

    29MPLS L2 VPN

    Basic Thoughts of Kompella Signaling

    Signaling Protocols MBGP(BGP Multiprotocol Extensions): A

    series of extended communities are defined. They are used both for topology discovery and VC signaling

  • CETTM MTNL

    30MPLS L2 VPN

    Basic Thoughts of Kompella Signaling

    Basic thoughts of Kompella Signaling PE identify each attached CE with a CE-ID. CE-IDs are unique in the scope of one VPN. PE use MBGP to distribute bindings of each

    attached CE (say CEI) with a list of labels to all other PEs. Any other PE will pick one label in the list for the VC encapsulation when it want to forward traffic from one of its own attached CE to CEI.

    BGP extended community RT (Route Target) is used to distinguish different VPNs.

  • CETTM MTNL

    31MPLS L2 VPN

    Rough Overview: Data Flow

    A

    B

    C

    PEA PEB

    PEC

    CE:1

    CE:3

    CE:2

    IN NHLFE1-21-3

    10001001100150

    push 2000, push 201;Send From apush 3000, push 301;Send From apop, send from 2-1pop, send from 3-1

    pop, send to up layerpop, send to up layer

    IN NHLFE2-12-3

    20002001200250

    push 1000, push 101;Send From bpush 3001, push 351;Send From b

    pop, send from 1-2pop, send from 3-2

    pop, send to up layerpop, send to up layer

    IN NHLFE

    3-13-2

    30003001300350

    push 1001, push 151;Send From cpush 2001, push 251;Send From cpop, send from 1-3pop, send from 2-3

    pop, send to up layerpop, send to up layer

    2000201

    1->2

    1001151

    3->1

    3001351

    2->3

  • CETTM MTNL

    32MPLS L2 VPN

    How could BGP do this? A new AFI for L2-VPN, a new SAFI, and also a new

    NLRI format for carrying the individual L2-VPN label-block information are introduced to MBGP.

    L2VPN NLRIs MUST be accompanied by one or more extended communities. RT is one of them.

    RD is used to distinguish bindings belong to different VPNs.

    Example: Circuit Status Vector TLV.

  • CETTM MTNL

    33MPLS L2 VPN

    BGP Extended Communities for L2VPN

    Route Target It is used to construct VPN topology

    Layer2-Info Extended Community It is used to carry layer 2 specific information

    in a VPN

  • CETTM MTNL

    34MPLS L2 VPN

    L2 Interworking Kompella solution of MPLS L2 VPN could provide

    Layer 2 interworking, where there is no restriction on Layer 2, but Layer 3 must be IP.

    The idea is straight: only transport IP packets in the backbone. The encapsulation is:

  • CETTM MTNL

    35MPLS L2 VPN

    Summary

    MPLS L2 VPN - simulate an L2 network over MPLS

    Tunnel & Demultiplexer fields used for transport across MPLS domain

    Martini L2 VPN LDP for Tunnel signaling LDP remote peer for VC signaling

    Kompella L2 VPN LDP for Tunnel signaling BGP extended community for VC signaling

    Slide 1Slide 2Slide 3Slide 4Slide 5Slide 6Slide 7Slide 8Slide 9Slide 10Slide 11Slide 12Slide 13Slide 14Slide 15Slide 16Slide 17Slide 18Slide 19Slide 20Slide 21Slide 22Slide 23Slide 24Slide 25Slide 26Slide 27Slide 28Slide 29Slide 30Slide 31Slide 32Slide 33Slide 34Slide 35