Virtual Private LAN Services

Virtual Private LAN Services

The most common feature in MPLS Technology is L3 VPN where CE Router is attached to SP (Service Provider) PE Router and PE Router do the necessary routing at their end and transport the customer Routes from one PE to another PE Router into Customers VRF. But some customer doesn’t want to involve SP to do the routing at their end and expect SP to provide end to end transport network where Customer will do the necessary routing of their traffic from one CE to another CE Router.

EVPL:  VPWS/EVPL (Virtual Private Wire Service / Ethernet Virtual Private Line) also called Point to Point Layer 2 Service

VPLS: VPLS (Virtual private LAN services) also called Point to Multipoint Ethernet Layer 2 service.

Virtual Private LAN Services

VPLS allows multiple Ethernet LANs from different customer sites to be connected together across the service provider (SP) network, so you can say single Ethernet LAN segment for that particular customer. Shows an SP network providing VPLS services in which multiple customer sites (belonging to particular customer) can communicate as if they are connected as a private Ethernet LAN segment. VPLS uses Multiprotocol Label Switching (MPLS) to offer multipoint Ethernet connectivity over a mesh of logical circuits or tunnels. VPLS enables carriers and SPs to offer managed Ethernet VPN services easily and cost effectively

  • Port mode— In port mode, the interface only sends and accepts untagged Ethernet packets.
  • 802.1Q VLAN or trunk mode— In this mode, the interface is configured as 802.1Q trunk, and it sends and receives only tagged Ethernet VLAN and native VLAN packets.
  • Dot1q tunnel mode— In this mode, an 802.1Q tunnel is configured and an access VLAN tag is added to the packet at the ingress tunnel interface and removed at the egress tunnel interface. Packets irrespective of being tagged or untagged are forwarded through the 802.1Q tunnel.
  • Pseudo wires— A pseudo wire is an emulated virtual circuit that connects two attachment circuits (AC) on two different PE routers across an MPLS-enabled provider network.
  • Signaling the Pseudo wire – A Targeted LDP session is established between PE Router signals the Pseudowire. LDP Signaling protocol setup & maintain the Pseudowire between PE routers. The main purpose of LDP is to advertise the VC label that is associated with Pseudowire, the job of VC label is to forward the frame to correct AC.
  • Auto-discovery— Auto-discovery is a mechanism that enables multiple PE routers participating in a VPLS domain to find each other. Auto-discovery, as a result, automates the creation of the LSP mesh. In the absence of auto-discovery, the SP must explicitly identify PEs that are part of a VPLS instance. Therefore, for every VPLS instance on a PE, the SP would have to configure the PE with addresses of all other PEs in that VPLS instance.
  • Virtual Switching Instance (VSI) or Virtual Forwarding Instance (VFI)- The VSI or VFI is a virtual Layer 2 forwarding entity that defines the VPLS domain membership and resembles virtual switches on PE routers. A VPLS domain consists of Ethernet interfaces or VLANs that belong to the same (virtual) LAN but are connected to multiple PE devices. For example, Customer A’s VPLS domain consists of Ethernet interfaces connected to Customer A’s CE routers at different sites. The VSI learns remote MAC addresses and is responsible for proper forwarding of the customer traffic to the appropriate end nodes. It is also responsible for guaranteeing that each VPLS domain is loop free. The VSI is responsible for several functions, namely MAC address management, dynamic learning of MAC addresses on physical ports and VCs, aging of MAC addresses, MAC address withdrawal, flooding, and data forwarding.

VPLS – Mac-address forwarding

The VPLS network for Customer is a full mesh of Ethernet pseudo wires. The VPLS instance per customer is assigned a unique Virtual Circuit Identifier (VCI). The emulated VC formed between the PE routers consists of bidirectional LSPs. MAC addresses are learned via the directed LDP label mappings between the PE routers:

  1. PE1 and PE2 have IGP reachability and can communicate via the LSP tunnel.PE1 allocates a local Label VCx1 for its attached circuit, and this label is propagated to PE2. PE2 allocates Label VCy2 and sends this VC label to PE1.

 

  1. A packet from CE1-A destined for CE2-A requires knowledge of the CE2-A MAC address, MAC-B. PE1 and PE2 do not have the information on the location of MAC-B (CE2-A) and MAC-A (CE1-A). Therefore, when the packet leaves CE1-A, the source MAC address is MAC-A, and, because CE1-A does not have knowledge of CE2-A (MAC-B), a broadcast is sent and relayed by PE1 to PE2 and PE3. PE1 sends a broadcast packet with the source MAC address of CE1-A (MAC-A) to other peers PE2 and PE3 in the VPLS domain. This broadcast packet is sent with the VC Label VCy2 to PE2, which was learned from PE2 during the formation of the directed LDP session between PE1 and PE2. Similarly, this broadcast packet is also sent with VC Label VCz3 to PE3.

 

  1. PE2 receives the packet from PE1 and associates the source MAC address MAC-A with the inner label (VC label) VCx2 and, therefore, concludes that the source MAC address MAC-A is behind PE1 network. Because VCx2 was initially assigned and propagated by PE2 to PE1 during the directed LDP session establishment, PE2 can now associate MAC-A with VCx2.

VPLS – Label Exchange – Core Backbone

 

At Ingress PE router receives a frame from a CE, it forwards the frame across the MPLS backbone to the egress LSR with two labels: the tunnel label & VC label.

MartiniVLL_detail_port_mode

 

  • The tunnel label is the top label in label stack also called LDP label & job is to tell all intermediate LSRs to which egress LSR the frame must be forwarded.
  • When Packet reached before egress PE router the tunnel/LDP label will be removed. The egress PE router then looks up VC label in LFIB strips of VC label and forwards the frame to correct AC.
  • The PE router builds a MAC table as any regular Ethernet switch. This MAC table forwards the Ethernet frames to & from physical Ethernet ports to pseudowire

Akshay Sharma

AKshay has a rich experience of 10+ years in data and telecom domains. He is working as a solution architect in a reputed Telecom in India from the last 5 yrs and has diversified experience in providing robust network solution to SMB and enterprise segment. His core expertise is in DSL broadband/IP/MPLS/Routing and switching with hands on multiple telecom equipment’s and had done multiple certifications into his long career.

You may also like...

3 Responses

  1. MontePPopiel says:

    Spot on with this write-up, I seriously feel this web site
    needs a great deal more attention. I’ll probably be
    back again to see through more, thank you for the info!

    Also visit my blog post MontePPopiel

  2. HarleyKDow says:

    I am going to right away grasp your feed as I are unable
    to find your email subscription hyperlink or e-newsletter service.
    Do you’ve any? Please allow me understand as a way
    that I may just subscribe. Thanks.

    Also visit my web page HarleyKDow

  3. MeganHBlanch says:

    WOW just what I was searching for. Came here by searching for blogroll

    Here is my web page – MeganHBlanch

Leave a Reply to MeganHBlanch Cancel reply

Your email address will not be published. Required fields are marked *

20 − 13 =

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>