420 likes | 748 Views
VPLS Principle. V1.1. Objectives. Understand the basics of mpls layer 2 VPN Understand VPLS principle. Contents. Basic Conception Of MPLS Layer 2 VPN VPLS Overview VPLS PE Functions VPLS Working Process. BGP MPLS/VPN feature.
E N D
VPLS Principle V1.1
Objectives • Understand the basics of mpls layer 2 VPN • Understand VPLS principle
Contents • Basic Conception Of MPLS Layer 2 VPN • VPLS Overview • VPLS PE Functions • VPLS Working Process
BGP MPLS/VPN feature • Establish tunnel on public network by LDP (Label distribution protocol) • Implement the following by using MBGP • detection and transmission of VPN route • Distribute inner layer label to implement address multiplexing • Implement route policy by using the extend attribute RT of BGP
Advantage of layer 3 MPLS VPN • Customer • Outsource WAN infrastructure • Transfer the route complexity to provider • Suitable for middle or small sized company which do not want to gain core route capability in the company • Provider • Do not need to maintain the route information among all the core network routers • Value added service(chance to gain profit)
Disadvantages of layer 3 MPLS VPN • Control based on policy adds burden to provider • Extensibility and management maybe problem to super network • Some customer hope to control their route hierarchy
Layer 2 MPLS VPN • Suitable for the access of big company • Features: • Regard the access network as a huge switch • Establish tunnel by using MPLS label • Do layer 2 switch in the whole network
Advantage of layer 2 MPLS VPN • Customer • Easy to implement on the current layer 2 structure • Can maintain control of the route • Support any layer 3 routing protocol • Provider • No extensibility problem due to storing too many customer VPN routes • Comparably simple than layer 3 MPLS VPN that use a lot of policy control
L2 MPLS VPN classification • VPWS:Virtual Private Wire Service point to point connection • VPLS:Virtual Private LAN Service point to multipoint connection
Contents • Basic Conception Of MPLS Layer 2 VPN • VPLS Overview • VPLS PE Functions • VPLS Working Process
Ethernet develop problem • Widely used LAN technology • Develop goal is to provide multipoint to multipoint Ethernet service without the limitation of geography space • Construct large scale Ethernet by switches • Instability of STP • Broadcast storm • Limited numbers of VLAN
By using Ethernet and MPLS to satisfy the need of Carrier and customer ,enabling the communication between customer’s networks in different place VPWS only provide point to point connection, but VPLS provide point to multipoint connection Function of VPLS Carrier’s backbone network
Establish LSP between PEs Green user and red user are in independent VPN Establish point to point layer 2 VC LSP in LSP tunnel CE can be switch or router Any upper layer protocol MPLS backbone network is like a LAN switch with high reliability and flexibility VPLS working principle
VPLS standards • VPLS standard is not decided yet, the widely used are: • Martini draft • Rather mature,and widely supported by manufactures • Support multiple protocols • Suitable to be used within AS • Need to be configured manually • Kompella draft • Use the same encapsulation as MARTINI • Can be configured automatically • Can be used between AS • Only support IP protocol
VFI—Distinguish VPN user CE2 • VFI(Virtual forwarding Instance) • create a VPLS instance on PE,different VPLS instances that have the same vc-id on different PE belong to one VPLS and can communicate with each other Carrier’s backbone network PE2 Fei_1/1 Fei_1/1 CE1 Fei_1/2 PE1 CE3 Vfi vpls_a Vcid=100 Peer=PE1 Int fei_1/1 fei_1/2 Vfi vpls_a Vcid=100 Peer=PE2 Int fei_1/1
VPLS PE VPLS PE VPLS PE router structure • PE include PW management and VPLS instance • PW management is responsible for establishing and maintaining the PW with other instances on different PE • VFI implement MAC learning and MAC switching. VPLS PE VPLS instance PW management
Contents • Basic Conception Of MPLS Layer 2 VPN • VPLS Overview • VPLS PE Functions • VPLS Working Process
establishing of PW is to exchange inner label or VC label which identifies VPLS between PE Martini draft make some extensions to LDP, add VC FEC type(128 type and 129 type) VPLS working process——establishing PW (Pseudo Wire) Carrier’s backbone network VPN1 VPN1 LSP VPN2 VPN2 Assign virtual link label by LDP
Service Provider MPLS Backbone Learn MAC address by broadcast Port 1 Port 1 MAC MAC PE2 PE1 XXX ZZZ VPLS - B VPLS PE3 MAC Port 1 - A YYY
MAC XXX Service Provider MPLS Backbone Learn MAC address by broadcast Port 1 Port 1 MAC PE2 PE1 ZZZ VPLS - B VPLS PE3 MAC Port 1 - A YYY
Learn MAC address by Unicast Port 1 Port 1 MAC MAC PE2 PE1 XXX ZZZ Service Provider MPLS Backbone VPLS - B VPLS PE3 MAC Port 1 - A YYY
Learn MAC address by Unicast Port 1 Port 1 PE2 MAC PE1 MAC XXX ZZZ Service Provider MPLS Backbone VPLS - B VPLS PE3 MAC Port 1 - A YYY
Learn MAC address by Unicast Port 1 Port 1 MAC MAC PE2 PE1 XXX ZZZ Service Provider MPLS Backbone VPLS - B VPLS PE3 MAC Port 1 - A YYY
Learn MAC address by Unicast Port 1 Port 1 MAC MAC PE2 PE1 XXX ZZZ Service Provider MPLS Backbone VPLS - B VPLS PE3 MAC Port 1 - A YYY
VPLS loop problem——Horizon split • Virtual forwarding instance on PE is like a layer 2 switch, but it doesn’t need to run STP like traditional L2 switch because MPLS L2 VPN use internal horizon split mechanism to avoid loop.
Contents • Basic Conception Of MPLS Layer 2 VPN • VPLS Overview • VPLS PE Functions • VPLS Working Process
Set VFI on PE,same VPLS has same vc-id in VFI Set interface on PE as layer 2 transparant transfer port Establish session to assign virtual link label by using extend LDP LDP LDP VPLS working process—create inner label Vfi vpn_a Vcid=100,peer=PE2 Int fei_1/1 Vfi vpn_a Vcid=100,peer=PE1 Int fei_3/2 Fei_1/2 Fei_3/1 Fei_1/1 Fei_3/2 Fei_2/1 Fei_2/2 PE1 P PE2 CE1 PE1: vcid=100 label:16 PE2: vcid=100 label:22 CE2
PE1: Lable 72 PE1: Lable 3 PE2: Lable 3 PE2: Lable 28 VPLS working process—create outside label • PE and equipment run routing protocol and establish LSP by using LDP Fei_1/2 Fei_3/1 Fei_1/1 Fei_3/2 Fei_2/1 Fei_2/2 P PE1 PE2 CE1 CE2
VPLS working process—form of label table • L2 label table and global label table formed on PE,global label table formed on P In-int vc-id Dest out-label Fei_3/2 100 PE1 16 In-int vc-id Dest out-label Fei_1/1 100 PE2 22 Dest out-label out-int PE2 28 fei_1/2 Dest out-label out-int PE1 72 fei_3/1 Fei_1/2 Fei_3/1 Fei_1/1 Fei_3/2 Fei_2/1 Fei_2/2 P PE1 PE2 In-int In-label Dest out-label out-int Fei_2/1 28 PE2 pop fei_2/2 Fei_2/2 72 PE1 pop fei_2/1 CE1 CE2
MAC peer-address outIntLab outExtLab outInt aaa local null null fei_1/1 Fei_1/2 Fei_3/1 Fei_1/1 Fei_3/2 Fei_2/1 Fei_2/2 P PE1 PE2 data S:aaa,D:ffff CE1 MAC:aaa CE2 MAC:bbb VPLS working process—data forwarding • CE1 wants to communicate with CE2,sending ARP • PE1 receives this packet,learn source MAC aaa and record it in VFI
PE send to all the VCs according to destination MAC of packet Search L2 label table and global label table to encapsulate packet In-int vc-id Dest out-label Fei_1/1 100 PE2 22 Dest out-label out-int PE2 28 fei_1/2 Fei_1/2 Fei_3/1 Fei_1/1 Fei_3/2 Fei_2/1 Fei_2/2 P PE1 PE2 data data S:aaa D:ffff S:aaa,D:ffff 22 CE1 MAC:aaa CE2 MAC:bbb 28 VPLS working process—data forwarding
P search label table to forward data and do Penultimate Hop Popping In-int In-label Dest out-label out-int Fei_2/1 28 PE2 pop fei_2/2 Fei_2/2 72 PE1 pop fei_2/1 Fei_1/2 Fei_3/1 Fei_1/1 Fei_3/2 Fei_2/1 Fei_2/2 P PE1 PE2 data data data S:aaa D:ffff S:aaa D:ffff S:aaa,D:ffff 22 22 CE1 MAC:aaa CE2 MAC:bbb 28 VPLS working process—data forwarding
PE2 learn source MAC and record it in VFI PE2 send packet to CE2 In-int vc-id Dest out-label Fei_3/2 100 PE1 16 MAC peer-address outIntLab outExtLab outInt aaa PE1 16 72 fei_3/1 Dest out-label out-int PE1 72 fei_3/1 Fei_1/2 Fei_3/1 Fei_1/1 Fei_3/2 Fei_2/1 Fei_2/2 P PE1 PE2 data data data S:aaa D:ffff S:aaa D:ffff data S:aaa,D:ffff 22 22 S:aaa,D:ffff CE1 MAC:aaa CE2 MAC:bbb 28 VPLS working process—data forwarding
CE2 send back ARP response to CE1 PE2 learn source MAC and record it in VFI VPLS working process—data forwarding MAC peer-address outIntLab outExtLab outInt aaa PE1 16 72 fei_3/1 bbb local null null fei_3/2 Fei_1/2 Fei_3/1 Fei_1/1 Fei_3/2 Fei_2/1 Fei_2/2 P PE1 PE2 data S:bbb,D:aaa CE1 MAC:aaa CE2 MAC:bbb
PE2 search and forward packet according to destination MAC VPLS working process—data forwarding MAC peer-address outIntLab outExtLab outInt aaa PE1 16 72 fei_3/1 bbb local null null fei_3/2 Fei_1/2 Fei_3/1 Fei_1/1 Fei_3/2 Fei_2/1 Fei_2/2 P PE1 PE2 data S:bbb D:aaa data 16 S:bbb,D:aaa CE1 MAC:aaa CE2 MAC:bbb 72
PE1 learn source MAC in packet and record it in VFI PE1 search and forward packet according to destination MAC In-int vc-id Dest out-label Fei_1/1 100 PE2 22 MAC peer-address outIntLab outExtLab outInt aaa local null null fei_1/1 bbb PE2 22 28 fei_1/2 Dest out-label out-int PE2 28 fei_1/2 Fei_1/2 Fei_3/1 Fei_1/1 Fei_3/2 Fei_2/1 Fei_2/2 P PE1 PE2 data data data S:bbb D:aaa S:bbb D:aaa data S:bbb,D:aaa 16 16 S:bbb,D:aaa CE1 MAC:aaa CE2 MAC:bbb 72 VPLS working process—data forwarding
Review • MPLS L2 VPN function • VPLS function • VFI function • MAC address learning process • VPLS working process
Question • How does VPLS solve the problem of loop?