Professional Documents
Culture Documents
VPLS
Presentation_ID
Cisco Confidential
Agenda
VPLS Introduction
Pseudo Wire Refresher
VPLS Architecture
VPLS Configuration Example
VPLS Deployment
Summary
Presentation_ID
Cisco Confidential
Presentation_ID
Cisco Confidential
VPLS Introduction
Presentation_ID
Cisco Confidential
PE
PE
CE
CE
Presentation_ID
Cisco Confidential
Presentation_ID
Cisco Confidential
Presentation_ID
Cisco Confidential
ISOC
General
IAB
Internet
L2VPN
L3VPN
PWE3
IETF
Routing
Security
As of 2-Nov-2006
Presentation_ID
Formerly PPVPN
workgroup
MPLS
Transport
Cisco Confidential
Classification of VPNs
VPN
Network
Based
Layer 2
Layer 3
VPLS
IPLS
MPLS
VPN
Virtual
Router
Layer 3
IPSec
GRE
Ethernet (P2MP)
Ethernet (MP2MP)
VPWS
Frame Relay
PPP/HDLC
ATM/Cell Relay
Ethernet (P2P)
Presentation_ID
P2P
Frame Relay
ATM
Ethernet
CPE
Based
Cisco Confidential
L2VPN Models
L2VPN
MPLS
IP
Like-to-Like
Like-to-Like
Any-to-Any
Any-to-Any
Like-to-Like
Like-to-Like
VPWS
Point-to-Point
PPP
HDLC
FR
L2TPv3
Point-to-Point
PPP
HDLC
ATM
AAL5/Cell
Ethernet
Presentation_ID
VPLS/IPLS
Multipoint
Ethernet
Cisco Confidential
Ethernet
ATM
AAL5/Cell
FR
10
Defined in draft-ietf-l2vpn-ipls
Presentation_ID
Cisco Confidential
11
VPLS Components
Pseudo Wires within LSP
Attachment circuits
Port or VLAN mode
CE router
N-PE
N-PE
CE router
CE router
CE router
CE switch
CE switch
MPLS
Core
CE router
CE switch
Attachment CE
can be a switch or
router
N-PE
Presentation_ID
Cisco Confidential
12
Loop Prevention
Create full-mesh of Pseudo Wire VCs (EoMPLS)
Unidirectional LSP carries VCs between pair of N-PE Per
A VPLS use split horizon concepts to prevent loops
Presentation_ID
Cisco Confidential
13
Pseudo Wire
Refresher
Presentation_ID
Cisco Confidential
14
Presentation_ID
Cisco Confidential
15
CE
CE
Customer
Site
IP/MPLS
PW1
Attachment Circuit
PW2
Customer
Site
CE
PE1
PE2
Pseudo Wire
PDUs
CE
Customer
Site
Packet
Switched
Network (PSN)
IP or MPLS
Cisco Confidential
16
Presentation_ID
Cisco Confidential
17
0x0006 HDLC
0x0007 PPP
Presentation_ID
Cisco Confidential
18
Presentation_ID
Cisco Confidential
19
Customer
Site
CE
CE
Customer
Site
IP/MPLS
Customer
Site
CE
PE1
LSP created
using IGP+LDP
or RSVP-TE
PE2
CE
Customer
Site
Cisco Confidential
20
Layer 2
PDU
Presentation_ID
Cisco Confidential
Control
Word
PW
Label
Tunnel
Label
21
Tunnel Encaps
VC Label (VC)
PW Demux
Control Word 0 0 0 0
Reserved
EXP
TTL
EXP
TTL (set to 2)
Sequence Number
Layer-2 PDU
Tunnel Encapsulation
One or more MPLS labels associated with the tunnel
Defines the LSP from ingress to egress PE router
Can be derived from LDP+IGP, RSVP-TE, BGP IPv4+Label
Presentation_ID
Cisco Confidential
22
Ethernet PW Demultiplexer
0
1
2
3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Tunnel Label (LDP,RSVP,BGP)
Tunnel Encaps
VC Label (VC)
PW Demux
Control Word 0 0 0 0
Reserved
EXP
EXP
TTL
TTL (set to 2)
Sequence Number
Layer-2 PDU
VC Label
Inner label used by receiving PE to determine the following
Egress interface for L2PDU forwarding (Port based)
Egress VLAN used on the CE facing interface (VLAN
Based)
Presentation_ID
Cisco Confidential
23
EXP
TTL
VC Label (VC)
EXP
TTL (set to 2)
PW Demux
Control Word
0 0 0 0
Reserved
Sequence Number
Layer-2 PDU
Reserved
Seq number
Presentation_ID
Cisco Confidential
24
Lo0:
IP/MPLS
PW1
24LSP72 P2L2 PDU
P1 38
Customer
Site
CE
PE1
Label Pop
for Lo0:
Label 38
for Lo0:
Label 24
for Lo0:
LDP
Session
LDP
Session
LDP
Session
PE2
CE
Customer
Site
Presentation_ID
Cisco Confidential
25
VPLS Architecture
Presentation_ID
Cisco Confidential
26
VPLS Standards
Architecture allows IEEE 802.1 bridge behaviour in SP plus:
Autodiscovery of other N-PE in same VPLS instance
Signaling of PWs to interconnect VPLS instances
Loop avoidance & MAC Address withdrawal
draft-ietf-l2vpn-vpls-bgp
Uses BGP for signalling and autodiscovery
Presentation_ID
Cisco Confidential
27
Point-to-Point
Layer 2 VPN
Multipoint
Layer 2 VPN
Layer 3 VPN
Forwarding
Mechanism
Interface-Based/
Sub-Interface
Ethernet
Switching (VFI)
IP Routing
L2VPN
Discovery
DNS
Centralised
Radius Directory Services
Distributed
BGP
NMS/OSS
Signaling
Label Distribution
Protocol
Tunnel
Protocol
MPLS
Hardware
Cisco 7600
Presentation_ID
IP
Catalyst 6500
Cisco Confidential
Cisco 12000
28
DNS
Centralised
Radius Directory Services
Distributed
BGP
Label Distribution
Protocol
Signaling
Draft-ietf-l2vpn-vpls-ldp
Does not mandate an auto-discovery protocol
Can be BGP, Radius, DNS, or Directory based
Uses Directed LDP for label exchange (VC) and PW signaling
PWs signal control information as well (for example, circuit state)
Presentation_ID
Cisco Confidential
29
Data
SA
DA?
Cisco Confidential
30
PE1
CE
Adj
MAC 2
170
MAC 1
E0/0
Use VC
Label 170
PE2
Data
102
MAC1 MAC2
MAC1 MAC2
MAC2
PE2
Use VC
Label 102
E0/0
MAC Address
Send me frames
using Label 170
Directed LDP
Data
170
CE
E0/1
MAC Address
Adj
MAC 2
E0/1
MAC 1
102
PE2
Cisco Confidential
31
MPLS
MPLS
MA
Withd C
ra w a
l
MAC wal
dra
With
Cisco Confidential
32
PEs
MPLS
MPLS
Each PE has a P2MP view of all other PEs it sees it self as a root
bridge with split horizon loop protection
Full mesh topology obviates STP in the SP network
Customer STP is transparent to the SP / Customer BPDUs are
forwarded transparently
Presentation_ID
Cisco Confidential
33
PEs
MPLS
MPLS
VPLS
MPLS
MPLS
VPLSCore
Core
Presentation_ID
Cisco Confidential
34
VPLS Architectures
VPLS defines two Architectures
Direct Attachment (Flat)
Described in section 4 of Draft-ietf-l2vpn-vpls-ldp
Hierarchical or H-VPLS comprising of two access methods
Ethernet Edge (EE-H-VPLS) QinQ tunnels
MPLS Edge (ME-H-VPLS) - PWE3 Pseudo Wires
(EoMPLS)
Described in section 10 of Draft-ietf-l2vpn-vpls-ldp
Presentation_ID
Cisco Confidential
35
U-PE
Customer
MxUs
SP PoPs
N-PE
MPLS Core
N-PE
U-PE
CE
Cisco Confidential
36
No hierarchical scalability
VLAN and Port level support (no QinQ)
Potential signaling and packet replication overhead
Large amount of multicast replication over same physical
CPU overhead for replication
Presentation_ID
Cisco Confidential
37
N-PE
MPLS Core
Ethernet
(VLAN/Port
Data
MAC1 MAC2
Presentation_ID
Ethernet
(VLAN Port)
Data
CE
N-PE
Data
MAC1 MAC2
Cisco Confidential
VC
PE
MAC1 MAC2
Pseudo Wire
SP Core
38
Presentation_ID
MTU-s
PE-r
PE-rs
Cisco Confidential
39
Why H-VPLS?
VPLS
H-VPLS
PE
CE
PE
CE
CE
CE
PE-rs
PE
PE
PE
MTU-s
CE
CE
PE-rs
PE-rs
CE
PE
CE
PE
PE-rs
CE
PE-rs
CE
PE
PE-r
PE-rs
CE
CE
Presentation_ID
Cisco Confidential
40
CE
N-PE
PE-rs
802.1q
Access
QinQ
Tunnel
Data
Vlan
CE
2
CE
802.1q
Access
802.1q
Customer
Vlan Vlan
CE
SP
U-PE
MTU-s
QinQ
Tunnel
3
Presentation_ID
MPLS Core
MAC1 MAC2
Data
N-PE
PE-rs
MAC1 MAC2
Data
Cisco Confidential
Vlan
CE
QinQ
SP Edge
MAC1 MAC2
VC
PE
Pseudo Wire
SP Core
41
U-PE
MTU-s
N-PE
PE-rs
Presentation_ID
Cisco Confidential
42
Efficient
Access
U-PE
Multiservice
Core
P
Intelligent
Edge
N-PE
Efficient
Access
U-PE
Full
Service
CPE
Si
Metro A
10/100/
1000 Mbps
Metro C
PE-AGG
GE Ring
Si
Hub and
10/100/
Spoke
1000 Mbps
U-PE
N-PE
MPLS VPLS
Metro B
N-PE
DWDM/
CDWM
10/100/
1000 Mbps
P
RPR
N-PE
U-PE
Network Facing Provider Edge (N-PE)
Presentation_ID
Cisco Confidential
U-PE
10/100/
1000 Mbps
Metro D
43
CE
N-PE
PE-rs
MPLS Core
MPLS
Access
Data
2
MPLS
MPLSCore
Core
Vlan
CE
Data
MAC1 MAC2
3
Presentation_ID
Cisco Confidential
CE
802.1q
Access
MPLS
Pseudo
Wire
MPLS
Pseudo Wire
U-PE
PE-rs
MPLS
Access
802.1q
Access
N-PE
PE-rs
VC
Data
PE
Vlan
CE
MPLS PW
SP Edge
MAC1 MAC2
VC
PE
Pseudo Wire
SP Core
44
CE
CE
Broadcast
/Multicast
N-PE2
Pseudo Wire #1
1
VFI
N-PE3
Pseudo Wire #2
3
N-PE1
Bridging Function
(.1Q or QinQ)
Local Switching
Virtual
Forwarding
Interface
Pseudo Wires
Cisco Confidential
45
Split Horizon
disabled
U-PE
CE
Pseudo Wire #1
1
Pseudo Wire #3
3
VFI
N-PE2
Pseudo Wire #2
N-PE3
Unicast
N-PE1
Pseudo Wire
MPLS Based
NO Split Horizon
Virtual
Forwarding
Interface
Pseudo Wires
Cisco Confidential
46
Direct Attach
H-VPLS - MPLS PW
No hierarchical
scalability
More complicated
provisioning
Customer VLAN
cannot over lap
4K customer VLAN
limit in Ethernet
access domain
OSM/SIP-400/600 as U-PE
facing card on N-PE (for
7600)
High STP
reconvergence time
Presentation_ID
Cisco Confidential
47
Configuration
Examples
Presentation_ID
Cisco Confidential
48
Configuration Examples
Direct Attachment
Using a Router as a CE (VLAN Based)
Using a Switch as a CE (Port Based)
H-VPLS
Ethernet QinQ
EoMPLS Pseudo Wire (VLAN Based)
EoMPLS Pseudo Wire (Port Based)
Sample Output
Presentation_ID
Cisco Confidential
49
1.1.1.1
CE1
PE1
pos4/1
MPLS
MPLSCore
Core
PE2
CE2
pos4/3
gi3/0
VLAN100
2.2.2.2
gi4/4
pos3/0
pos3/1
VLAN100
PE3
gi4/2
3.3.3.3
CE2
VLAN100
Cisco Confidential
50
CE1
CE2
Subnet
192.168.20.0/24
VLAN100
CE2
VLAN100
VLAN100
Cisco Confidential
51
CE1
PE1
pos4/1
MPLS
MPLSCore
Core
PE2
CE2
pos4/3
gi3/0
VLAN100
2.2.2.2
gi4/4
pos3/0
pos3/1
VLAN100
PE3
gi4/2
3.3.3.3
CE2
VLAN100
Cisco Confidential
52
CE1
PE1
pos4/1
MPLS
MPLSCore
Core
gi3/0
pos3/0
3.3.3.3
VLAN100
CE2
pos4/3
gi4/4
VLAN100
Presentation_ID
PE2
2.2.2.2
Cisco Confidential
Interface
GigabitEthernet3/0VLAN100
pos3/1
switchport
switchport mode trunk
switchport
trunk encapsulation dot1q
PE3
gi4/2 switchport trunk allowed vlan 100
!
CE2
Interface vlan 100
no ip address
xconnect vfi VPLS-A
!
vlan 100
state active
53
Configuration Examples
Direct Attachment
Using a Router as a CE (VLAN Based)
Using a Switch as a CE (Port Based)
H-VPLS
Ethernet QinQ
EoMPLS Pseudo Wire (VLAN Based)
EoMPLS Pseudo Wire (Port Based)
Sample Output
Presentation_ID
Cisco Confidential
54
1.1.1.1
CE1
PE1
pos4/1
MPLS
MPLSCore
Core
gi3/0
pos3/0
3.3.3.3
All VLANs
CE2
pos4/3
gi4/4
All VLANs
Presentation_ID
PE2
2.2.2.2
Cisco Confidential
Interface
GigabitEthernet3/0
pos3/1
All VLANs
switchport
switchport mode dot1qtunnel
switchport
access vlan 100
PE3
gi4/2 l2protocol-tunnel stp
!
CE2
Interface vlan 100
no ip address
xconnect vfi VPLS-A
!
vlan 100
state active
55
Configuration Examples
Direct Attachment
Using a Router as a CE (VLAN Based)
Using a Switch as a CE (Port Based)
H-VPLS
Ethernet QinQ
EoMPLS Pseudo Wire (VLAN Based)
EoMPLS Pseudo Wire (Port Based)
Sample Output
Presentation_ID
Cisco Confidential
56
U-PE1
1.1.1.1
Cisco
3750ME
2.2.2.2
pos4/1
MPLS
MPLSCore
Core
Cisco
3750ME
pos4/3
gi3/0
gi4/4 gi1/1/1
pos3/0
N-PE1
CE1
U-PE2
pos3/1
CE1
gi4/2
CE2
U-PE3
CE1
Cisco 3750ME
fa1/0/1
N-PE2
N-PE3
3.3.3.3
CE2
4.4.4.4
CE2
Cisco Confidential
57
Configuration Examples
Direct Attachment
Using a Router as a CE (VLAN Based)
Using a Switch as a CE (Port Based)
H-VPLS
Ethernet QinQ
EoMPLS Pseudo Wire (VLAN Based)
EoMPLS Pseudo Wire (Port Based)
Sample Output
Presentation_ID
Cisco Confidential
58
1.1.1.1
2.2.2.2
pos4/1
MPLS
MPLSCore
Core
gi3/0
U-PE2
Cisco
3750ME
pos4/3
gi4/4 gi1/1/1
4.4.4.4
fa1/0/1
Interface GigabitEthernet4/4
switchport
pos3/0
pos3/1
N-PE1
N-PE2
switchport mode trunk
switchport trunk encapsulation dot1q
CE1
switchport trunk allowed vlan
N-PE3
3.3.3.3100
CE1
CE2
CE2
!
interface FastEthernet1/0/1
gi4/2
Interface vlan 100
switchport
CE2
no ip address
switchport access vlan 100
U-PE3
xconnect vfi VPLS-A
switchport
mode dot1q-tunnel
Cisco
3750ME
CE1
!
switchport trunk allow vlan 1-1005
vlan 100
!
state active
interface GigabitEthernet 1/1/1
switchport
switchport mode trunk
switchport allow vlan 1-1005
Presentation_ID
Cisco Confidential
59
Configuration Examples
Direct Attachment
Using a Router as a CE (VLAN Based)
Using a Switch as a CE (Port Based)
H-VPLS
Ethernet QinQ
EoMPLS Pseudo Wire (VLAN Based)
EoMPLS Pseudo Wire (Port Based)
Sample Output
Presentation_ID
Cisco Confidential
60
1.1.1.1
2.2.2.2
pos4/1
MPLS
MPLSCore
Core
gi3/0
U-PE2
Cisco
3750ME
pos4/3
gi4/4 gi1/1/1
4.4.4.4
fa1/0/1
Interface GigabitEthernet4/4
no switchport
pos3/0
pos3/1
N-PE1
N-PE2
ip address 156.50.20.1 255.255.255.252
CE1
mpls ip
!
N-PE3
3.3.3.3
interface FastEthernet1/0/1
CE1
CE2
CE2
l2 vfi VPLS-A manual
gi4/2
switchport
vpn id 56
switchport access vlan 500
CE2
neighbor 1.1.1.1 encapsulation
mpls
U-PE3
!
neighbor 3.3.3.3 encapsulation mpls
Cisco
3750ME vlan500
interface
CE1
neighbor 4.4.4.4 encaps mpls no-split
xconnect 2.2.2.2 56 encapsulation mpls
!
interface GigabitEthernet1/1/1
Ensures CE traffic passed on
no switchport
ip address 156.50.20.2 255.255.255.252
PW to/from U-PE
mpls ip
Presentation_ID
Cisco Confidential
61
Configuration Examples
Direct Attachment
Using a Router as a CE (VLAN Based)
Using a Switch as a CE (Port Based)
H-VPLS
Ethernet QinQ
EoMPLS Pseudo Wire (VLAN Based)
EoMPLS Pseudo Wire (Port Based)
Sample Output
Presentation_ID
Cisco Confidential
62
1.1.1.1
2.2.2.2
pos4/1
MPLS
MPLSCore
Core
gi3/0
U-PE2
Cisco
3750ME
pos4/3
gi4/4 gi1/1/1
4.4.4.4
fa1/0/1
Interface GigabitEthernet4/4
no switchport
pos3/0
pos3/1
N-PE1
N-PE2
ip address 156.50.20.1 255.255.255.252
CE1
mpls ip
!
N-PE3
3.3.3.3
interface FastEthernet1/0/1
CE1
CE2
CE2
l2 vfi PE1-VPLS-A manual
gi4/2
no switchport
vpn id 56
xconnect 2.2.2.2 56 encapsulation mpls
CE2
neighbor 1.1.1.1 encapsulation
mpls
U-PE3
!
neighbor 3.3.3.3 encapsulation mpls
Cisco
3750ME GigabitEthernet1/1/1
interface
CE1
neighbor 4.4.4.4 encaps mpls no-split
no switchport
ip address 156.50.20.2 255.255.255.252
mpls ip
Presentation_ID
Cisco Confidential
63
Configuration Examples
Direct Attachment
Using a Router as a CE (VLAN Based)
Using a Switch as a CE (Port Based)
H-VPLS
Ethernet QinQ
EoMPLS Pseudo Wire (VLAN Based)
EoMPLS Pseudo Wire (Port Based)
Sample Output
Presentation_ID
Cisco Confidential
64
show mpls l2 vc
U-PE1
1.1.1.1
Cisco
3750ME
2.2.2.2
pos4/1
MPLS
MPLSCore
Core
U-PE2
Cisco
3750ME
4.4.4.4
pos4/3
gi3/0
fa1/0/1
gi4/4 gi1/1/1
pos3/0
N-PE1
pos3/1
N-PE2
CE1
CE1
N-PE3
3.3.3.3
CE2
CE2
CE1
Presentation_ID
CE2
gi4/2
U-PE3
NPE-A#show mplsCisco
l2 vc
3750ME
Local intf
-------------
VFI VPLS-A
VFI
1.1.1.1
10
UP
VFI VPLS-A
VFI
3.3.3.3
10
UP
Cisco Confidential
VC ID
Status
65
U-PE1
1.1.1.1
Cisco
3750ME
Use VC
Label 19
pos4/1
MPLS
MPLSCore
Core
Use VC
Label 23
2.2.2.2
U-PE2
Cisco
3750ME
4.4.4.4
pos4/3
gi3/0
fa1/0/1
gi4/4 gi1/1/1
pos3/0
N-PE1
pos3/1
N-PE2
CE1
CE1
3.3.3.3
NPE-2#show
mpls l2 N-PE3
vc detail
CE2
gi4/2
CE2
CE2
CE1
Destination address:
U-PE3 1.1.1.1, VC ID: 10, VC status: up
3750ME
Tunnel label:Cisco
imp-null,
next hop 156.50.20.1
Cisco Confidential
66
Deployment Issues
Presentation_ID
Cisco Confidential
67
Deployment Issues
MTU Size
Broadcast Handling
Router or a Switch CPE?
Ramblings of an Engineer
A Sample Problem
Presentation_ID
Cisco Confidential
68
L2 Header
Presentation_ID
Tunnel Header
VC Header
Outer Label
(32-bits)
Inner Label
(32-bits)
Cisco Confidential
69
Edge
Transport
AToM
MPLS
Stack
MPLS
Header
Total
1500
14
4 [0]
1526
[1522]
1500
18
4 [0]
1530
[1526]
1500
14
4 [0]
1530
[1526]
Presentation_ID
Cisco Confidential
70
Pre
SFD
DA
SA
Type
TE
Tu
Vc
Cntrl
DA
SA
TPID
TCI
Type
Data
Control Word
VLAN ID Info
Cust Type
Cust Packet
MTU Sizing
Presentation_ID
Cisco Confidential
> 1500
4
FCS
EoMPLS VC Label
Carrier Source
MAC
Carrier Dest
MAC
Start of Frame
Delimter
Preamble
Presentation_ID
Cisco Confidential
72
Router as CE device
Single MAC Address exists (for interface of router)
No SPT interactions
Router controls broadcast issues (multicast still happens)
Presentation_ID
Cisco Confidential
73
Presentation_ID
Cisco Confidential
74
Presentation_ID
Cisco Confidential
75
An example
The OSPF designated router problem
Presentation_ID
Cisco Confidential
76
OSPF
Backup DR
(B)
Pseudo Wires
OSPF Neighbour
(C)
Router View
OSPF
Backup DR
(B)
Presentation_ID
OSPF Neighbour
(C)
Cisco Confidential
77
OSPF DR
(A)
Pseudo Wires
OSPF Neighbour
(C)
Cisco Confidential
78
Summary
Presentation_ID
Cisco Confidential
79
Summary
VPLS has its advantages and benefits
Non-IP protocols supported, customers do not have routing
interaction etc..
Presentation_ID
Cisco Confidential
80
Q&A
Presentation_ID
Cisco Confidential
81
Presentation_ID
Cisco Confidential
82