Understanding PBB - Knowledge Base

Understanding PBB - Knowledge Base
Page 1
Knowledge Base
Home
Search this site
Wiki
ARP BGP CEF Data Center GPON GRE ICMP IP Multica sting IPv6 IS-IS Juniper -JUNOS L2VPN LAN Link Aggreg ation LTE Notes MPLS NAT OAM OSPF PBB PPP QoS Securit y Traffic Engine ering VPLS VPN Attach ments
Understanding PBB
The Provider Backbone Bridges (PBB) standard (IEEE 802.1ah) was developed to address the limitations of Provider Bridges (PB) (IEEE standard 802.1ad). Before PBB can be understood, a quick review of 802.1ad or Q-in-Q technology is necessary.
IEEE 802.1ad (Q-in-Q)

Q-in-Q refers to doubling up of IEEE 802.1q. It is also known as VLAN stacking or double-tagging . Some service providers offer transparent LAN services that preserve and extend Customers' virtual LAN groupings across a MAN or WAN. To do this, they use Q-in-Q technology. This enables SP to use a single VLAN to securely transport most or all of a single customer's VLANs across their MAN or WAN backbone. In this case, the SP Edge switch adds an extra 802.1q tag to customer traffic. This tag assigns a unique VLAN ID number to each customer to keep each customers' VLAN traffic segregated and private. Thus, a single SP VLAN (aka S-VLAN) can carry traffic for a maximum of 4096 customer VLANs (C-VLANs). Since the VLAN ID field is 12-bits in 802.1q VLAN tag, a SP can support a maximum of 4096 customers/service instance. However, the SPs do not assign a unique VLAN ID number to each individual customer, otherwise, it would quickly consume all S-VLANs. Instead, the SP encapsulates multiple customers' C-VLANs into a single S-VLAN.
Limitations of Provider Bridged Networks (PBN): PBNs can supports a maximum of 4096 service instances per PBN. Service provider switches 802.1ad control their own bridges, but are also required to learn all customer end-station MAC addresses. As a SP supports more customers, the increased number of learned MAC addresses doesn't scale according to needs. When the number of entries exceeds the capacity permitted in the forwarding table, the forwarding table overflows and can potentially cause a broadcast storm in the provider network. Customer networks cannot be clearly separated from provider networks. A clear demarcation point determines what services are provisioned and how fault and performance management is performed for the services provided.
IEEE 802.1ah (PBB or MAC-in-MAC)

PBB (also known as MAC-in-MAC) is used by SPs to resolve these problems. PBB introduces a hierarchical network architecture with associated new frame formats which extend the work completed by Provider Bridges (IEEE 802.1ad). In PBB architecture, Customer networks (using 802.1q bridging) are aggregated into Provider Bridged networks (using 802.1ad). These, in turn, are aggregated into PBB networks which utilize the 802.1ah frame format. The frame format employs a MAC tunneling encapsulation scheme for tunneling customer Ethernet frames within provider Ethernet frames across the PBBN. A VLAN ID is used to segregate the backbone into broadcast domains and a new 24-bit service identifier (I-SID) is defined and used to associate a
https://sites.google.com/site/amitsciscozone/home/pbb/understanding-pbb
04/06/2013 21.36.20
Page 2
given Customer MAC frame with a provider service instance. There is a clear segregation between I-SIDs and B-VLANs which was missing in 802.1ad. PBB network (PBBN) has following benefits: Imposes no change to Ethernet switching process in the core bridges Supports Ethernet private line (E-Line), Ethernet Transparent (E-LAN) and Ethernet Tree (E-Tree) services Provides a clear demarcation point between the customer and provider domain Learns customer MAC addresses only through the backbone edge bridges (BEB) Supports upto 224 service instances Achieves additional PBBN scaling and interconnection using hierarchical and peer PBBN features
Definitions:
B-Component: A bridging component contained in a BEB that bridges in provider space (Backbone MAC addresses, B-VLAN). Backbone Core Bridge: An S-VLAN bridge used within the core of a PBBN. Backbone Edge Bridge: A backbone edge bridge positioned at the edge of PBBN that encapsulates customer frames for transmission across a PBBN. Backbone MAC address (B-MAC): An individual MAC address associated with a Provider Instance Port (PIP) and used in creating the MAC header of I-tagged frames transmitted across a PBBN. Backbone Service Instance: An instance of the MAC service in a PBBN provided between two or more Virtual Instance Ports (VIPs) in BEBs. Backbone Service Instance Identifier (I-SID): A 24-bit field of the backbone service instance tag (I-TAG) that identifies the backbone service instance of a frame. The I-SID defines the service instance that the frame should be "mapped to". Backbone Service Instance Tag (I-TAG): A tag with a Ethertype value allocated for IEEE 802.1q backbone service instance tag type. Backbone VLAN Tag (B-TAG): A field defined in IEEE 802.1ah provider MAC encapsulation header that conveys the backbone VLAN ID information. The format of the B-TAG is same as that of an IEEE 802.1ad S-TAG field. Customer Backbone Port (CBP): A BEB port that can receive and transmit I-tagged frames for multiple customers, and can assign B-VIDs (backbone VLAN IDs) and translate I-SID on the basis of the received I-SID. I-Component: A bridging component contained in a BEB that bridges in the Customer space (Customer MAC addresses, SVLAN). Provider Instance Port (PIP): The set of Virtual Instance Ports (VIPs) that are supported by a single instance. Service frame: A frame exchanged between a provider and a customer. Virtual Instance Port (VIP): A bridge port on an I-Component in BEB that provides access to a single backbone service instance.
04/06/2013 21.36.20
Page 3
A PBBN comprises of a set of BEBs interconnected by some or all of S-VLANs supported by a PB network. Each BEB provides interfaces that encapsulate (or verify encapsulation of) customer frames, thus allowing customer MAC addresses (C-MAC) and VLANs to be independent of backbone MAC addresses (B-MAC) and VLANs used to relay those frames across the backbone. The S-VLANs used to encapsulate customer frames are known as Backbone VLANs (B-VLANs). NOTE: The term customer may refer to a provider who is purchasing service from another provider. The first provider deploys a PBN within its domain. The second provider deploys a PBBN within its domain. In this case, the first provider is identified as a customer with respect to the second provider. The term customer may also refer to a PBBN provider communicating as a peer. In figure 2, the PB networks are considered customers of PBB network.
I-Component
An I-Component comprises an S-VLAN component on each Customer Network Ports supported by the use of a Service VLAN tag, and for each Virtual Instance Port configured on a Provider Instance Port supported by the use of both Service VLAN tag and a ITAG. An implementation of an I-Component shall Comprise a single S-VLAN component Recognise and use I-TAGs on one or more PIPs Support 1:1 mapping between S-VLAN IDs and I-SID values Support the termination of PBN spanning trees by inhibiting transmission of PBN BPDUs at a PIP
B-Component
A B-Component comprises an S-VLAN component on each Provider Network Ports supported by use of a S-VLAN tag, and on each Customer Backbone Ports supported by use of a S-VLAN tag and I-TAG. An implementation of B-Component shall Comprise a single S-VLAN component Recognise and use I-TAGs on one or more Customer Backbone Ports Terminate PBBN spanning tree by inhibiting transmission of PBBN BPDUs at a Customer Backbone Port
Each I-Component is responsible for encapsulating frame received from customers and assigning each frame to a backbone service instance. The backbone service instance consists of a set of BEBs that support a given customer's S-VLANs, and is uniquely identified within the PBBN by a I-SID. The customer frame is encapsulated by an I-TAG which includes the I-SID, and a set of source and destination backbone MAC addresses. The backbone MAC addresses identify the BEBs of the backbone service instance where the customer frame will enter and exit the PBBN. If the I-Component does not know which of the other BEBs provides connectivity to a given customer address, it uses a default encapsulating backbone MAC address that reaches all other BEBs in the backbone service instance. Each I-Component learns the association between customer source address received (encapsulated) from the backbone and backbone source MAC address, so subsequent frames to that address can be transmitted to the correct BEB. A single B-Component is responsible for relaying encapsulated customer frames to and from I-Components, either within the same BEB or externally connected, checking that ingress/egress is permitted for frames for that I-SID, translating the I-SID and using it to assign backbone address and VLAN identifiers for the PBBN, and relaying the frames to and from the Provider Network Ports (PNPs) that provide connectivity to the other bridges within and attached to the backbone. A B-Component performs the same functions when relaying frames to and from another B-Component when two PBBNs interconnect. The IComponent and B-Component may be in the same BEB or may be in different BEBs.
04/06/2013 21.36.20
Page 4
Types of Backbone Edge Bridges (BEBs)

There are 3 types of BEBs1. B - BEB: The B-BEB contains the B-Component of the MAC-in-MAC bridge. It validates the I-SIDs and maps the frames onto the backbone VLAN (B-VLAN). It also switches traffic based on the B-VLANs within the core bridge. 2. I - BEB: The I-BEB contains the I-Component of the MAC-in-MAC bridge. It performs B-MAC encapsulation and inserts the I-SIDs based on the S-TAG, C-TAG, or S-TAG/C-TAG pair. 3. IB - BEB: The IB-BEB contains one or more I-Components and a single B-Component interconnected via a LAN segment. The IB-BEB selects the B-MAC and inserts the I-SID based on the provider S-VLAN tag, the customer C-VLAN tag, or both S-TAG and C-TAG. It validates the I-SIDs and it transmits and receives frames on B-VLAN. NOTE: Cisco 7600 can act as an IB-BEB bridge. The IB-BEB bridge can offer to customers one or more types of service interfaces, each providing different capabilities for service selection, priority selection and service access protection. There are 3 basic types of customer service interfaces- Port based, Stagged and I-tagged.
1. Port-based Service Interface

The PBBN Port-based interface provides the same type of service to a customer as the PBN Port-based interface. A Port-based service interface is delivered on a Customer Network Port (CNP) provided by a BEB. A Port-based interface may attach to a CVLAN bridge, IEEE 802.1D bridge, a router or an end-station. The service provided by this interface forwards all frames without an S-TAG over the backbone on a single backbone service instance. All frames with an S-TAG that has a non-null VLAN ID are discarded by a Port-based service interface.
2. S-Tagged Service Interface

The S-tagged service interface maps a service instance from a PBN, identified by an S-VLAN ID, to a backbone service instance on a PBBN, identified by an I-SID. There are 2 types of S-tagged service interfaces - one performing one-to-one mapping of SVLAN IDs to I-SIDs, and another bundling S-VLAN IDs to I-SID. Frames that are mapped to the I-SID are carried over the PBBN while frames that are not mapped to an I-SID are not carried over the PBBN. A PBBN may provide as S-tagged service interface for attachment to customer PBNs. An S-tagged service interface is provided by a BEB over a Customer Network Port. The first variant of S-tagged service interface is one-to-one S-tagged interface which uses a one-to-one mapping between S-VLAN IDs and I-SIDs. This interface maps each S-VLAN IDs to a single I-SID for use over the PBBN. The one-to-one mapped interface does not carry the S-TAG over the PBBN. The DEI (Discard Eligible Indicator) and PCP (Priority Code Point) bits may be regenerated on ingress and are then carried in the I-DEI and I-PCP in I-TAG across the
04/06/2013 21.36.20
Page 5
PBBN. On egress, the S-TAG can be deduced from the I-TAG received over the PBBN - the I-SID is mapped to S-VLAN ID, the IDEI and I-PCP bits are regenerated and then carried in DEI and PCP bits respectively. The second S-tagged interface variation is bundling multiple S-VLAN IDs to a single I-SID for delivery over the PBBN. To allow the remote end to reconstruct the S-VLAN IDs, this interface variation will carry an S-TAG over the PBBN.
3. I-Tagged Service Interface

A PBBN may provide a native I-tagged service interface for attachment to another PBBN or for attachment to a customer's Provider Instance Port (PIP). An I-tagged interface can provide access to all the backbone service instances within the PBBN. Access to backbone service instances is controlled by configuration of Customer Backbone Ports (CBPs). Each I-SID delivered over the I-tagged interface by a customer identifies a service instance that will be carried over the PBBN. Service instances are carried over the PBBN inside a B-VLAN selected by the Customer Backbone Port. The customer must provide the B-DA MAC address for frames delivered to an I-tagged interface.
04/06/2013 21.36.20
Page 6
Figure 5 shows a customer network attached to a PBBN using an I-tagged interface. The customer network uses a BEB with an I-Component or B-Component connecting to the PBBN. The PBBN is composed of BEBs interfacing to the customer and BCBs in the core of PBBN used to forward frames between the BEBs. An I-tagged interface may be provided at a CBP of a BEB. In this interface, the I-SID provided over the interface within the I-TAG is mapped 1-1 to an I-SID within the PBBN.
Service Instance Segregation

Segregation of data frames associated with different instances of MAC service is achieved by supporting each service instance with a backbone service instance identified by an I-SID and ensuring thatNo service frames are transmitted through a CBP without an I-TAG No frame are accepted from any customer system without first being subject to service instance selection No frames are delivered to any customer system without explicit service instance identification Prior to transmission through a PNP of a BEB, service frames are received through either an I-Component's CNP or through a CBP. When a customer is attached to a CNP, the port is under the control of the backbone provider and is exclusively access by a single customer. In this case, the I-Component used to support the CNP is under the control of backbone provider and is attached to a CBP through a PIP that is also under the control of the backbone provider and may be shared by multiple customers. When the customer is attached to a CBP, the port is controlled by the backbone provider and is exclusively accessed by a single customer. All frames received through a CNP or CBP, must correspond to a service instance or instances that the customer is permitted to access. The BCBs and the B-Component of each BEB within the PBBN is controlled by the provider.
Service Instance Selection and Identification

Service instance selection is provided to the attached customer system by either Port-based, S-tagged or I-tagged interfaces. In the Port-based interface, only one backbone service instance is offered to the attached customer and the CNP of the IComponent is configured to accept only untagged or priority-tagged frames. In all S-tagged interfaces, the CNP of the IComponent is configured with an ingress filtering to service instances that the customer is permitted to use. In the I-tagged interfaces, the CBP of the B-Component is configured with the acceptable backbone service instances and I-SID values for use by the customer.
04/06/2013 21.36.20

NOTE: The means used by the backbone provider and a customer to determine the S-VLAN IDs and I-SIDs used by the customer to select and identify a given service instance is upto their discretion.
Page 7
PBBN Operation
In figure 2, for port-based service interface, the entire Customer LAN (C LAN) is treated as a single instance of MAC service. The BEBs extend the C LAN over the backbone by mapping all frames on a single backbone service instance identified by I-SID. The I-SID used is provisioned by the provider of the PBBN. The provider sets the I-SID on each BEB port attached to a C LAN that is part of the port-based service. The BEBs encapsulate the service frames with an I-TAG, B-TAG, B-SA and B-DA. During the encapsulation, any C-TAG delivered to the CNP is retained in the encapsulated frame. The BEBs then map the frames onto the B-VLAN with its B-VLAN ID contained in the B-TAG and which interconnects the BEBs provisioned for the service. These new frames are transmitted over the B-VLAN by the BEBs and BCBs that carry the B-VLAN. Since the initial octects of the data conveyed in each backbone frame comprise a B-TAG, the frames may be forwarded by BCBs of the PBBN until they reach the next BEB where the frames are decapsulated. During decapsulation, the B-DA, B-SA, B-TAG and I-TAG are stripped. The C-DA and C-SA from the I-TAG will become the DA and SA transmitted to the receiving C LAN. If the encapsulated frame contains a C-TAG, it becomes the outside tag as the frame is transmitted to the receiving C LAN. For S-tagged interfaces, each instance of MAC service is carried over the provider LAN on one or more S-VLANs. The BEBs preserve the S-VLAN over the backbone by mapping them onto I-SID and in the case of S-VLAN bundling, carrying the S-TAG. This operation is performed by the provider operating the PBBN by configuring the I-SID on each BEB attached to a provider LAN. The BEB maps S-VLAN ID to I-SID and encapsulates the original service frame with a new I-TAG, B-SA and B-DA. The BEB then maps the frame onto a B-VLAN, which interconnects BEBs. This new frame is transmitted over the B-VLAN by BEBs and BCBs. Since the initial octects of the data conveyed in each backbone frame comprise a B-TAG, the frames may be forwarded by BCBs of the PBBN until they reach the next BEB where the frames are decapsulated. For I-tagged interfaces, each instance of MAC service is identified by an I-SID value carried in an I-TAG. The BEB maps the frame onto a B-VLAN, which interconnects BEBs. This new frame is transmitted over the B-VLAN by BEBs and BCBs. Since the initial octects of the data conveyed in each backbone frame comprise a B-TAG, the frames may be forwarded by BCBs of the PBBN until they reach the next BEB where the frames are decapsulated. The following figure 6 shows different frame formats.
Backbone MAC addresses are used to identify destination BEB's PIP. These backbone MAC addresses are learned by each PBB bridge as frames are exchanged over B-VLAN. To perform encapsulation and decapsulation of service frames, BEBs use the connection identifier stored in the filtering database to correlate Customer MAC addresses to backbone MAC addresses. At startup, the BEBs have not learned the B-MACs or the C-MACs yet. When the B-MAC is unknown (or multicast or broadcast service frames) , the BEB encapsulates the service frames using default backbone destination address. It is also possible to carry unencapsulated S-VLAN traffic in the PBBN core by allocating some of the PBBN VLAN space to SVLANs. The B-VLAN determines the route that the frames will take and limits broadcasting within the backbone. The B-TAG is
04/06/2013 21.36.20
Page 8
added to the frame at CBP. The selection of B-VLAN used to form B-TAG is determined by the configuration of the CBP backbone service instance table. This table maps I-SIDs to B-VLAN IDs and is created as part of service provisioning.
Backbone Addressing
When customer frames enter a PBBN, they are encapsulated by the addition of backbone MAC addresses and creation of an ITAG. The encapsulation is the result of a PIP. The PIPs (more specifically, the VIPs of a PIP - all VIPs of a PIP share the same MAC address) represent the endpoints of a backbone service instance, and the backbone MAC addresses identify these endpoints. This encapsulation ensures that only I-Component learns the Customer MAC addresses, while B-Components and bridges in the PBBN core learn only backbone MAC addresses. The B-SA of an encapsulated frame identifies a PIP that performed the encapsulation. For a PIP that has an internal connection to a CBP in the same BEB, this can be any address that results in delivering received I-tagged frames to the I-Component, such as the bridge address of that I-Component. The B-DA of an encapsulated frame identifies the PIP(s) to which the frame should be delivered. The default value of the B-DA is the Backbone Service Instance Group address constructed by concatenating the 3-octect OUI
00-1E-83 with 3-octect I-SID,
and asserting the I/G bit in the first octect of the resultant value to signify a group MAC address. When the B-DA of a frame is a Backbone Service Instance Group address, the normal behaviour is to deliver the frame to all CBPs reachable within the B-VLAN to which the backbone service instance is mapped. Filtering based on I-SID by the egress CBP ensures that frames are not transmitted by CBPs that are not part of the backbone service instance.
Translating B-DAs at a CBP

In some case, when the B-DA is the Backbone Service Instance Group address, it may be advantageous that the CBP translate this to a different address. Examples where such translation may be useful are1. When a backbone service instance has only 2 endpoints within a PBBN, the Backbone Service Instance Group address may be translated at ingress CBP to the individual address of the engress CBP. 2. When multiple backbone service instances connect to the same set of CBPs, the ingress CBP may translate the Backbone Service Instance Group address to a single group address chosen for the set of backbone service instances.
Conclusion
The PBB approach limits the scope of the customer information, MAC addressing and topology, to the edges of the service provider network. The core remains focused on core functions and not on customer awareness. However, PBB faces somes serious challenges in SP network. It uses a traditional Ethernet connectionless model, which provides no consideration for networking tools that are important for SPs. For example, PBB lacks traffic engineering and carrier-grade resiliency. Moreover, PBB's reliance on Multiple Spanning Tree (MST) protocol or Rapid Spanning Tree Protocol (RSTP) for loop avoidance is a serious drawback as it could take few seconds to reconverge. Large scale carrier networks have removed STPs in order to scale and achieve improved recovery times. To circumvent STP limitations, the IEEE has developed an alternative topology discovery technology called Shortest Path Bridging (SPB or IEEE 802.1aq) for PB and PBB networks.
Comments
You do not have permission to add comments.
04/06/2013 21.36.20
Page 9
Sign in | Report Abuse | Print Page | Remove Access | Powered By
Google Sites
04/06/2013 21.36.20

Understanding PBB - Knowledge Base

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Understanding PBB - Knowledge Base

Uploaded by

Copyright:

Available Formats

Understanding PBB - Knowledge Base

Search this site

IEEE 802.1ad (Q-in-Q)

IEEE 802.1ah (PBB or MAC-in-MAC)