Professional Documents
Culture Documents
Metro-Ethernet VPLS TecPrimer WP
Metro-Ethernet VPLS TecPrimer WP
VPN Choices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Frame Relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
PE Router A ..............................................2
PE Router C ..............................................4
Conclusion .............................................6
List of Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
VPLS Technical Primer
VPN Choices VPLS offers a balance between point-to-point frame relay serv-
Today customers have a choice of subscribing to one of the ice on one hand, and outsourced routed services (e.g., VPRN)
following network-based VPN types to connect geographically on the other hand. In the case of VPLS, customers maintain
dispersed offices: complete control over their routing, and since all the customer
routers in the VPLS are part of the same subnet (LAN), the
Frame Relay result is a simplified IP addressing plan, especially when com-
Frame relay has been by far the most prevalent service pared to a mesh constructed from many separate point-to-point
offering to date. However, since the service provider simply connections. The service provider also benefits from reduced
offers site-to-site links, customers have to design, manage and complexity to manage the VPLS service since it has no
maintain their own WAN access equipment. These devices are awareness or participation in the customer’s IP addressing
typically routers that are configured and managed at every site space and routing. VPLS also offers some additional advantages:
by the customer. The customer designs their WAN architecture > A transparent, protocol independent service
around a hub-and-spoke or full-mesh topology, or a hybrid > LAN/WAN Ethernet interface on the customer router,
of the two. which reduces complexity and total cost of ownership
> No Layer 2 protocol conversion between LAN and WAN
IP-VPN (RFC2547bis) Services technologies
In the case of IP-VPN services based on border gateway protocol > No need to train personnel on WAN technologies such
(BGP)/MPLS, such as RFC2547bis, customers connect routers as frame relay since there is no need to design, manage,
at each site, but the service provider is responsible for routing configure and maintain separate WAN access equipment
between these sites. While this makes multisite connectivity > Complete customer control over their routing (unlike IP-VPNs),
easier, some customers are reluctant to relinquish control of a clear demarcation of functionality between service
their IP routing to the service provider. In addition, service provider and customer that makes troubleshooting easier
providers are hesitant to become involved with a customer’s > No need for the service provider to train technicians to
routing plan, as this could mean a customer care call to the deal with customer routing issues
service provider even though the problem is within the > Ability to add a new site without configuration of the
customer’s own network. service provider’s equipment or the customer equipment
at existing sites
A New Contender: VPLS > Faster provisioning, with potential for customer-
Virtual private LAN service (VPLS) and described in Internet- provisioned bandwidth-on-demand
Draft (I-D) draft-l2vpn-vpls-ldp-00.txt (formerly known as > Granular bandwidth from 64 Kb/s to 1 Gb/s (compared
draft-lasserre-vkompella [lasserre-vkompella]), is a class of to frame relay ‘step-function’ in DS1/DS3 multiples).
VPN that allows the connection of multiple sites in a single > Ability to offer VPLS combined with a managed customer
bridged domain over a provider managed IP/MPLS network. edge (CE) router as a fully managed alternative to IP-VPN
All customer sites in a VPLS instance appear to be on the services.
same LAN, regardless of their location. VPLS uses an Ethernet
interface as the customer handoff, simplifying the LAN/WAN The remainder of this discussion will focus on the details of
boundary and allowing for rapid and flexible service the VPLS solution as described in draft-l2vpn-vpls-ldp-00.txt.
provisioning.
A L C AT E L 1 >
VPLS Technical Primer
VPLS Over MPLS: Solution Overview on all LSPs to the participating PE routers for that service
The VPLS architecture proposed in [lasserre-vkompella] until the target station responds and the MAC address is
specifies use of a provider edge (PE) router that is capable of learned by the PE routers associated with that service.
learning, bridging and replication on a per-VPLS basis. The PE
routers that participate in the service are connected together VPLS Packet Walkthrough
by a full mesh of MPLS label switched path (LSP) tunnels. The following is a description of VPLS processing of a customer
Multiple VPLS services can be offered over the same set of packet sent from site A, which is connected to PE router A, to
LSP tunnels. Signaling specified in I-D draft-martini-12circuit- site C, which is connected to PE router C.
trans-mpls-11.txt ([martini-sig]) is used to negotiate a set of
ingress and egress virtual connection (VC) labels on a per- PE Router A
service basis. The VC labels are used by the PE routers for Customer packets arriving at PE router A are associated to
de-multiplexing traffic arriving from different VPLS services the appropriate VPLS service instance based on the combina-
over the same set of LSP tunnels. tion of the physical port and the IEEE 802.1Q tag (VLAN ID)
in the packet. PE router A learns the source MAC address in
MAC Learning and Packet Forwarding the packet and creates an entry in the FIB table that associates
PE routers learn the source MAC addresses of the traffic the MAC address to the access port on which it was received.
arriving on their access and network ports. Each PE router
maintains a forwarding information base (FIB) for each VPLS The destination MAC address in the packet is looked up in the
service instance and learned MAC addresses are populated in FIB table for the VPLS instance. There are two possibilities:
the FIB table of the service. All traffic is switched based on either the destination MAC address has already been learned
MAC addresses and forwarded between all participating PE (known MAC address) or the destination MAC address is not
routers using the LSP tunnels. Unknown packets (i.e., the yet learned (unknown MAC address).
destination MAC address has not been learned) are forwarded
PE D
B
VPLS Service 1
VPLS Service 2
PE A PE C
B B
B B
IP/MPLS
Network
B Virtual
B Bridge
PE B
> 2 A L C AT E L
VPLS Technical Primer
Pre-assigned and
Signaled by PE ‘C’
Apply VC and
Tunnel Labels
LSP Tunnel B
PE C
B IP/MPLS Network
PE A
Customer
Location A
LSP Tunnel B
PE B
Pre-assigned and
Signaled by PE ‘B’
A L C AT E L 3 >
VPLS Technical Primer
CE-d1/11
PE D
Customer Q Tags
or MPLS Labels MTU D1
CE-a1/4 PE A PE C CE-c1/4
MTU A1 MTU C1
IP/MPLS
CE-b1/11
Network
CE-b1/4 CE-c2/4
Hub VCs
MTU B1 PE B MTU C2
> 4 A L C AT E L
VPLS Technical Primer
H-VPLS offers the flexibility of utilizing different types of the local PE router, but does not require any signaling of
spoke connections - either an IEEE 802.1Q tagged connection other PE routers or MTU devices, thus greatly simplifying
or an MPLS LSP with [martini-sig] signaling. the provisioning process.
MTU D MTU H
MTU A MTU G
A L C AT E L 5 >
VPLS Technical Primer
Common VPLS Deployment Scenarios support from other vendors, as well as numerous U.S. and
Regardless of the VPN service utilized, most enterprise international service providers. Many service providers have
customers use routers at the LAN/WAN boundary. Although helped in development of the VPLS solution and have indicated
VPLS is a Layer 2 VPN service and allows the use of Layer 2 their intent to provide VPLS services as part of their VPN
switches as the CE device, most customers will use routers portfolio — an example would be Masergy, the first service
to interconnect their office LANs (just as they do for frame provider to offer a commercial VPLS service in the U.S. and
relay services). Europe. It should be noted that several large service providers
that today offer TLS over ATM networks will wish to migrate
The advantages to service providers offering VPLS primarily this service to a packet switched network service such as
as a router interconnect service are as follows: VPLS because of the advantages outlined above.
> Minimize MAC address exposure, improving scaling (router
= one MAC address per site, per service, Layer 2 switch = Conclusion
potentially hundreds of MAC addresses per site, per service) VPLS is one of the most exciting emerging VPN services.
> Improve customer separation, e.g., unnecessary broadcast It offers enterprise customers exactly what they need for
or multicast traffic from a badly designed customer LAN intersite connectivity: protocol transparency, scalable and
will be squelched by the CE router granular bandwidth from 64 Kb/s to 1 Gb/s, fast service acti-
vation and provisioning, and a simplified LAN/WAN boundary.
Service providers may decide to offer a Layer 2 switch inter- VPLS also enables service providers to deliver a scalable VPN
connect option for VPLS, in which case they could charge per service offering that can be combined with Internet access on
block of MAC addresses. This would allow smaller customer a consolidated IP/MPLS infrastructure, reducing OPEX. VPLS
offices to be connected using switches and larger offices to has received widespread industry support from both vendors
be connected using routers, with differentiated pricing. and service providers, products such as the Alcatel 7750 Service
Router (SR) are now available to enable scalable VPLS, and
Industry Support For VPLS providers are already beginning to offer commercial VPLS
Alcatel was the first to introduce the VPLS architecture and services to their enterprise customers.
solutions draft as an alternative VPN offering on IP/MPLS-
enabled networks. Since then, VPLS has received widespread
CE-d1/11
PE D
MTU D1
CE-a1/11 CE-c1/11
CE-a1/4 PE A PE C CE-c1/4
10.2.1.1 10.2.1.3
B B
MTU A1 MTU C1
CE-b1/11 IP/MPLS
Network
CE-b1/4 CE-c2/4
10.2.1.2
B
MTU C2
MTU B1
PE B
> 6 A L C AT E L
VPLS Technical Primer
List of Acronyms
BGP border gateway protocol
CAPEX capital expenditures
CE customer edge
FIB forwarding information base
H-VPLS hierarchical virtual private LAN service
I-D Internet-Draft
IETF Internet Engineering Task Force
IP Internet protocol
LSP label switched path
LSR label switched router
MPLS multiprotocol label switching
MTU multitenant unit
OPEX operational expenditures
PE provider edge
POP point of presence
PPVPN Provider Provisioned Virtual Private Network (IETF Task Force)
TLS transparent LAN service
VC virtual connection
VPLS virtual private LAN service
VPN virtual private network
Alcatel and the Alcatel logo are registered trademarks of Alcatel. All other trademarks
are the property of their respective owners. Alcatel assumes no responsibility for the
accuracy of the information presented, which is subject to change without notice.
© 11 2003 Alcatel. All rights reserved.
3CL 00469 0484 TQZZA Ed.01 17305