Upload
nksnksnd
View
239
Download
3
Tags:
Embed Size (px)
DESCRIPTION
ICAO
Citation preview
CETTM MTNL
1MPLS L2 VPN
MPLS L2 VPN
MODULE ID: TMPLL2V001
CETTM MTNL
2MPLS L2 VPN
MPLS L2 VPN
MPLS L2 VPN is a technology trying to simulate an L2 network over MPLS network. Just as its name infers, it has following 2 features: It is L2 VPN technology It is MPLS-based
CETTM MTNL
3MPLS L2 VPN
Problems of Traditional L2 VPN Problems
Too complex control information Too much configuration Jobs Total system has to share same L2 technology
MPLS L2 VPN intends to solve all these questions by following technologies: Solution 1: Tunnel Technology Solution 2: Pre-provision Solution 3: IP Backbone
CETTM MTNL
4MPLS L2 VPN
Basic Scenarios of MPLS L2 VPN
Provide better scalability and flexibility
dlci:103
dlci:102
dlci:301
dlci:302
rt1
rt2
rt3
dlci:201dlci:203dlci:504
rt5
rt4
rt6
dlci:506
dlci:405
dlci:406
dlci:604
dlci:605
Tunnel
Emulated Virtual Circuit
CETTM MTNL
5MPLS L2 VPN
Whats Tunnel?
Tunnel just has the traditional meanings. Tunnel here just could be GRE or other tunnel. Certainly, two MPLS LSPs can do same job.
x and y here indicate the data transported in the tunnel
Label:17 Label:18
Label:100Label:101
in NHLFE
101pop, send to up layer
x push 17, send to B
LFIB of A
AB
C
in NHLFE
100 Swap 101, send to A
17 Swap 18, send to C
LFIB of B
in NHLFE
y push 100, send to B
18 pop, send to up layer
LFIB of C
CETTM MTNL
6MPLS L2 VPN
Whats Emulated VC?
Below scenarios illustrate how to connect 2 local Frame Relay DLCI by 2 MPLS LSP emulated VC in a MPLS tunnel. (Question: why we need tunnel?)
17 18
100101
AB
C
in NHLFE
100 Swap 101, send to A
17 Swap 18, send to C
LFIB of B in NHLFE
A push 100, send to B
18 pop, send to up layer
LFIB of C
dlci 150 dlci 250
1000
2000
EVC LSP Tunnel LSP
in NHLFE
101 pop, send to up layer
C push 17, send to B
LFIB of A
Dlci:150 push 1000, send to C
2000 pop, send to dlci 150
Dlci:250 push 2000, send to A
1000 send to dlci 250
CETTM MTNL
7MPLS L2 VPN
How do these VCS and tunnels work? This is MPLS L2 VPN!
in NHLFE
101 pop, send to up layer
C push 17, send to B
LFIB of A
in NHLFE
100 Swap 101, send to A
17 Swap 18, send to C
LFIB of B in NHLFE
A push 100, send to B
18 pop, send to up layer
LFIB of C
Dlci:150 push 1000, send to C
2000 pop, send to dlci 150
Dlci:250 push 2000, send to A
1000 send to dlci 250
AB
C
150
L2 frame
100017 100018 250
CETTM MTNL
8MPLS L2 VPN
But MPLS L2 VPN is not only this!
Following essential questions still havent been answered: How to transmit L2 data transmitted in the MPLS
network according control information ? Whats the encapsulation? How to simulate different L2 network behaviours in
MPLS network? How to establish all the control information?
How to establish the tunnel? How to establish the EVC? Does it have to be L2?
CETTM MTNL
9MPLS L2 VPN
L2 Data Encapsulation
L2 data transmitted in backbone has 3 parts of encapsulation: Tunnel Header
It contains the information needed to transport the L2 PDU across backbone;
Demultiplexer Field It is used to distinguish individual emulated virtual circuits
within a single tunnel; Emulated VC Encapsulation
It contains the information about the enclosed layer 2 PDU which is necessary in order to properly emulate the corresponding layer 2 protocol.
CETTM MTNL
10MPLS L2 VPN
Tunnel & Demultiplexer Encapsulation
Tunnel here could be based on any tunnel encapsulation technology: MPLS, GRE, etc.
MPLS label should be used be as demultiplexer field.
Here is a typical encapsulation manner:
EXPTunnel Label
S
TTL0 EXPEVC Label TTL1
S
CETTM MTNL
11MPLS L2 VPN
Emulated VC Encapsulation Quotes from draft-martini-l2circuit-encap-
mpls-04.txt In most cases, it is not necessary to transport the
layer 2 encapsulation across the network; rather, the layer 2 header can be stripped at R1(the ingress edge router), and reproduced at R2(the egress edge router). This is done using information carried in the control word, as well as information that may already have been signalled from R1 to R2.
CETTM MTNL
12MPLS L2 VPN
Control Word Details
Flags is protocol specific. The value of the length field, if non-zero, can be
used to remove any padding. The sequence number could be used to guarantee
ordered packet delivery
CETTM MTNL
13MPLS L2 VPN
Layer 2 Frame Encapsulation Layer 2 frames could be transmitted
Frame Relay ATM AAL5 CPCS-SDU ATM Cell Ethernet VLAN Ethernet HDLC PPP
CETTM MTNL
14MPLS L2 VPN
L2 Data Flow Model
What MPLS L2 VPN stipulate is L2 network, and all L2 network could be classified as: LAN: Ethernet, Ethernet with VLAN WAN: Frame Relay, ATM, HDLC, PPP,
Ethernet (PTP), Ethernet with VLAN (PTP) So, all MPLS L2 VPN could be classified as:
VPLS: Virtual Private LAN Service VPWS: Virtual Private Wire Service
CETTM MTNL
15MPLS L2 VPN
VPWS Scenarios
VPWS provide simple connection services. CE must configure a VC to any site it is willing to
communicate with.
dlci:103
dlci:301
dlci:302CE1
CE2
CE3
dlci:201
dlci:203
PE1
PE2
PE3
Pdlci:102
CETTM MTNL
16MPLS L2 VPN
VPWS Data Forwarding InformationBefore L2 data forwarding happening, all equipment involved must
have the forwarding information established
CE1
PE1
PE2
PCE2
IP DLCI
CE2 102
IN
102
NHLFE
push 1000; push 100, send to P
IN
101
1000
NHLFE
pop; send to up layer
pop; send DLCI 201
100 swap 101, send to PE2
IN NHLFE IP DLCI
CE1 201
CETTM MTNL
17MPLS L2 VPN
VPWS Data Flow
dlci:103
dlci:301
dlci:302CE1
CE2
CE3
dlci:201
dlci:203
PE1
PE2
PE3
1000100
201
tunneldemultiplexer
control word
P
102
dlci:102
CE1 has to configure 2 address maps for communication with CE2 & CE3
CETTM MTNL
18MPLS L2 VPN
General Concept Basically, signaling here has relation with
following three technologies: Tunnel Signaling VC Signaling VPN Topology Discovery
CETTM MTNL
19MPLS L2 VPN
Tunnel Signaling Tunnel Signaling is the technology used to
establish tunnel. - MPLS Tunnel
LDP/CR-LDP RSVP-TE
Traditional Tunnel L2TP GRE IPSEC
PE PE
PE
P
CETTM MTNL
20MPLS L2 VPN
VC Signaling VC signaling means the technology used to establish
emulated VC between PEs. Major differences among different MPLS L2 VPN
technologies lies in this point. Typical VPWS technologies
Martini Solution (LDP) Kompella Solution (BGP) I bind vc1 with label1000
P
PE
PE
CE
CE
Dlci 190, name vc1
Dlci 290, name vc1
I bind vc1 with label2000
CETTM MTNL
21MPLS L2 VPN
Martini MPLS L2 VPN Martini L2 VPN is defined by following 2 drafts:
draft-martini-l2circuit-encap-mpls-04 draft-martini-l2circuit-trans-mpls-08
Martini solution is a VPWS technology: Tunnel Signaling Technology: LDP VC Signaling Technology: LDP Remote Peer
CETTM MTNL
22MPLS L2 VPN
Basic Thoughts of Martini Signaling Tunnel signaling - LDP is used to establish MPLS tunnels between PEs. (However, other tunnels also could be used) VC signaling - PE names each attached VC by a 32 bits : VC-ID. - LDP remote peer relationship is established between 2 PES, then it is used to distribute and maintain label & VC bindings
PE1
CE
PE
CEP
VC- ID:1DLCI:100 DLCI:200
VC-ID:1
(1,1000;PE1)
(1,2000;PE2)
CETTM MTNL
23MPLS L2 VPN
How Could LDP do it?
A new LDP FEC TLV is defined:
VC FEC
CETTM MTNL
24MPLS L2 VPN
Fields in VC FEC C = 1 means control word will present on this VC. VC Type: Frame Relay DLCI, ATM AAL5 VCC
transport, ATM transparent cell transport, Ethernet VLAN, Ethernet, HDLC, PPP, CEM, ATM VCC cell transport, ATM VPC cell transport
Group ID: An arbitrary 32 bit value which represents a group of VCs that is used to create groups in the VC space.
VC ID: A non zero 32-bit connection ID that together with the VC type, identifies a particular VC.
Interface parameters: This variable length field is used to provide interface specific parameters, such as interface MTU
CETTM MTNL
25MPLS L2 VPN
Signaling Details Tunnel Signaling : It could be based on any form
of signaling technology.
PE1 PE2
CE1P
DCLI 500
CE2
DCLI 600ab
c
d(PE1,100;a) (PE1,101;c)
(PE2,200;d)(PE2,201;b)
PE2 push 201, send to b 100 pop, send to up layer
IN NHLFE
PE1 push 101, send to c 200 pop, send to up layer
IN NHLFE
201 Swap 200, send to d 101 Swap 100, send to a
IN NHLFE
LDP Label Mapping
CETTM MTNL
26MPLS L2 VPN
Signaling Details VC Signaling
LDP Remote Peer, Downstream Unsolicited label distribution
PE1 PE2
CE1P
DCLI 500
CE1
DCLI 600ab
c
d
PE2 push 201, send to b 100 pop, send to up layer
IN NHLFEPE1 push 101, send to c 201 pop, send to up layer
IN NHLFE
201 Swap 200, send to d 101 Swap 100, send to a
IN NHLFE
(VC1,1000;PE1)
(VC1,2000;PE2)
dlci 600 push 1000, send to PE1 2000 pop, send to dlci 600
dlci 500 push 2000, send to PE2 1000 pop, send to dlci 500
CETTM MTNL
27MPLS L2 VPN
Kompella MPLS L2VPN Solution
Kompella solution is defined by following 2 drafts draft-martini-l2circuit-encap-mpls-04 draft-kompella-ppvpn-l2vpn-00.txt
Kompella solution is a VPWS technology: Tunnel Signaling Technology: LDP VC Signaling Technology: BGP
2 significant features Topology auto discovery Auto Configuration
CETTM MTNL
28MPLS L2 VPN
General Concept Kompella is a similar L2 VPN solution as Martini
solution They share same tunnel technology. They are based on similar transporting encapsulation. Basic thoughts of VC signaling are same: establish a binding
between 2 simplex LSP and a VC. Compared to Martini solution, Kompella solution
provides 3 additional features Topology auto discovery. (Martini just provide point to point
connection services) Automatic configuration. (Just plug CE and configure CE,
then it will work) . Layer 2 interworking.
CETTM MTNL
29MPLS L2 VPN
Basic Thoughts of Kompella Signaling
Signaling Protocols MBGP(BGP Multiprotocol Extensions): A
series of extended communities are defined. They are used both for topology discovery and VC signaling
CETTM MTNL
30MPLS L2 VPN
Basic Thoughts of Kompella Signaling
Basic thoughts of Kompella Signaling PE identify each attached CE with a CE-ID. CE-IDs are unique in the scope of one VPN. PE use MBGP to distribute bindings of each
attached CE (say CEI) with a list of labels to all other PEs. Any other PE will pick one label in the list for the VC encapsulation when it want to forward traffic from one of its own attached CE to CEI.
BGP extended community RT (Route Target) is used to distinguish different VPNs.
CETTM MTNL
31MPLS L2 VPN
Rough Overview: Data Flow
A
B
C
PEA PEB
PEC
CE:1
CE:3
CE:2
IN NHLFE1-21-3
10001001100150
push 2000, push 201;Send From apush 3000, push 301;Send From apop, send from 2-1pop, send from 3-1
pop, send to up layerpop, send to up layer
IN NHLFE2-12-3
20002001200250
push 1000, push 101;Send From bpush 3001, push 351;Send From b
pop, send from 1-2pop, send from 3-2
pop, send to up layerpop, send to up layer
IN NHLFE
3-13-2
30003001300350
push 1001, push 151;Send From cpush 2001, push 251;Send From cpop, send from 1-3pop, send from 2-3
pop, send to up layerpop, send to up layer
2000201
1->2
1001151
3->1
3001351
2->3
CETTM MTNL
32MPLS L2 VPN
How could BGP do this? A new AFI for L2-VPN, a new SAFI, and also a new
NLRI format for carrying the individual L2-VPN label-block information are introduced to MBGP.
L2VPN NLRIs MUST be accompanied by one or more extended communities. RT is one of them.
RD is used to distinguish bindings belong to different VPNs.
Example: Circuit Status Vector TLV.
CETTM MTNL
33MPLS L2 VPN
BGP Extended Communities for L2VPN
Route Target It is used to construct VPN topology
Layer2-Info Extended Community It is used to carry layer 2 specific information
in a VPN
CETTM MTNL
34MPLS L2 VPN
L2 Interworking Kompella solution of MPLS L2 VPN could provide
Layer 2 interworking, where there is no restriction on Layer 2, but Layer 3 must be IP.
The idea is straight: only transport IP packets in the backbone. The encapsulation is:
CETTM MTNL
35MPLS L2 VPN
Summary
MPLS L2 VPN - simulate an L2 network over MPLS
Tunnel & Demultiplexer fields used for transport across MPLS domain
Martini L2 VPN LDP for Tunnel signaling LDP remote peer for VC signaling
Kompella L2 VPN LDP for Tunnel signaling BGP extended community for VC signaling
Slide 1Slide 2Slide 3Slide 4Slide 5Slide 6Slide 7Slide 8Slide 9Slide 10Slide 11Slide 12Slide 13Slide 14Slide 15Slide 16Slide 17Slide 18Slide 19Slide 20Slide 21Slide 22Slide 23Slide 24Slide 25Slide 26Slide 27Slide 28Slide 29Slide 30Slide 31Slide 32Slide 33Slide 34Slide 35