Scribd
Upload
88 views18 pages

Layer 2 Vpns and Ethernet Services: Mpls & Qos Training Mpls & Qos Training

The document discusses layer 2 VPNs and Ethernet services over MPLS, including how virtual private wire service (VPWS) and virtual private LAN service (VPLS) create full mesh pseudowire connections between provider edge (PE) routers to emulate LAN connectivity over an MPLS core, as well as considerations for nonhierarchical and hierarchical VPLS architectures. It also covers key aspects of configuration and implementation such as MAC address learning, split-horizon loop prevention, and signaling protocols.

Uploaded by

hector_ninoska
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
88 views18 pages

Layer 2 Vpns and Ethernet Services: Mpls & Qos Training Mpls & Qos Training

The document discusses layer 2 VPNs and Ethernet services over MPLS, including how virtual private wire service (VPWS) and virtual private LAN service (VPLS) create full mesh pseudowire connections between provider edge (PE) routers to emulate LAN connectivity over an MPLS core, as well as considerations for nonhierarchical and hierarchical VPLS architectures. It also covers key aspects of configuration and implementation such as MAC address learning, split-horizon loop prevention, and signaling protocols.

Uploaded by

hector_ninoska
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 18

Layer 2 VPNs and Ethernet Services

MPLS & QoS Training


• Initial traffic across all PWs; MAC address is learned.
• Split-horizon forwarding is applied to avoid loops between PEs.
• Traffic is sent to relevant PWs (all or one).
• On PE failure, PWs go down and MACs are flushed.
• MAC learning process begins again.
Host B

Host A PE2
PE1

Host C

MPLS

PE3

MPLS & QoS Training


• Each PE has a point-to-multipoint view of all other PEs:
- Sees itself as a root bridge with split-horizon loop protection
• Full mesh topology obviates STP in the service provider network.
• Customer STP is transparent to the service provider:
- Customer BPDUs are forwarded transparently.

CEs

PEs
MPLS

Full mesh LDP


Ethernet PW to each peer

PE view

MPLS & QoS Training


Software feature for:
• Flooding and forwarding
- MAC table instances per customer (port or VLAN) for each PE
- Learning and forwarding process
- Flood unknowns, multicasts, and broadcasts to all other ports
• Address learning and aging
- LDP enhanced with additional MAC list TLV (label withdrawal)
- MAC timers refreshed with incoming frames
• Loop prevention
- Create full-mesh of PW VCs (EoMPLS)
- Split-horizon concept
- Customer STP BPDUs tunneled through the service provider cloud
• Implemented as VFI
- Bridge that connects attachment circuits to PWs
- VLAN extension

MPLS & QoS Training


Nonhierarchical
• Two architectures: CE1 MPLS core
N-PE1
- Nonhierarchical
VPLS
• Single PE (flat)
CE2
- Hierarchical (H-VPLS) N-PE2
• With Ethernet access
- 802.1ad (IEEE standard for QinQ) Hierarchical MPLS core

• With MPLS access CE1


U-PE1 N-PE1

• Two PE roles: 802.1ad VPLS


- Network-facing PE (N-PE) CE2
• VPLS termination U-PE2 N-PE2

• Layer 3 services CE1 U-PE1


N-PE1
- User-facing PE (U-PE)
• Customer UNI EoMPLS VPLS

CE1
U-PE2 N-PE2

MPLS & QoS Training


• Significant signaling overhead • Minimizes signaling overhead
• Full PW mesh from the edge • Full PW mesh among core
devices
• Node discovery and
provisioning extends end to end • Partitions node discovery
process
VPLS H-VPLS

PE CE
CE CE NPE
UPE
PE PE

CE
CE CE
PE PE
NPE NPE

CE
CE
PE PE
U-PE UPE

NPE
CE CE
NPE
CE CE
PE

MPLS & QoS Training


• 802.1ad is the IEEE standard for QinQ.
• 802.1ad outer EtherType: 0x88a8
• 802.1Q Ethertype: 0x8100

Full mesh of
802.3 802.1Q 802.1ad pseudowires

MPLS

NPE NPE
CEs Customer UPE
switches
DA SA Ethertype Outer VLAN DA SA Ethertype Inner VLAN PDU

DA SA Ethertype Inner VLAN PDU Inner EtherType


0x8100

802.1Q EtherType 0x8100 Outer EtherType: SP-applied VLAN (PE VLAN)


Customer-applied 0x88a8 (802.1ad) for customer isolation
VLAN tag (CE VLAN)
MPLS & QoS Training
• PW full mesh in core:
- Split-horizon for loop avoidance
• Hub and spoke access PW for access:
- Only one PW per UPE (per service instance) active at
a time

Full mesh of
802.3 802.1Q Single or redundant pseudo-wires pseudowires

Active pseudowire
MPLS
MPLS in edge in core
NPE
CEs Customer UPE
Inactive pseudowire
switches
NPEs
One or several redundant
pseudowires to NPE

MPLS & QoS Training


Flat VPLS H-VPLS

Pros • Simple provisioning • Suitable for large environments


• Reduced replication and signaling
overhead on NPEs
• Expansion affects new nodes only
Cons • Scalability limitation to small • More complicated provisioning
environments • More complex design and
• PE packet replication operations
• Directed LDP full mesh – • More expensive hardware for
n * (n-1)/2 sessions MPLS-based access
MPLS & QoS Training
• Requires special address family for MP-BGP neighbors
- address-family l2vpn vpls-vpws
• Available for VPLS and VPWS
• Two signaling methods: LDP and BGP
- Both methods use VLAN IDs, RDs, and RTs to limit discovery scope.

CE
PE PE

PW full mesh can be


CE
autodiscovered.
PE PE

CE CE
PE

PE
CE CE

MPLS & QoS Training


• Prepare MPLS infrastructure:
- PE routers must have a /32 address on their loopbacks.
- PE loopback addresses cannot be summarized in the core.
- Ensure MTU sizes in the core are large enough.
• Enable Layer 2 frame transport on both endpoint attachment circuits.
• Make sure MTU is the same on both endpoint interfaces.
• Configure bridge group and bridge domain.
• Assign interface(s) to the bridge domain.
• Configure VFI with statically defined PWs or neighbor autodiscovery.

MPLS & QoS Training


PE3 10.3.1.1
VLAN 10.1.1.1 PW: 6 VLAN CE2
CE1 tag 10
10.2.1.1
MPLS PW: 8 tag 10

PE1 PW: 4
PE2
PE1: PE2:
interface Loopback0 interface Loopback0
ipv4 address 10.1.1.1 255.255.255.255 ipv4 address 10.2.1.1 255.255.255.255
! !
interface GigabitEthernet0/0/0/0.10 interface GigabitEthernet0/0/0/0.10
l2transport l2transport
encapsulation dot1q 10 encapsulation dot1q 10
! !
l2vpn l2vpn
bridge group VPLS-group1 bridge group VPLS-group1
bridge-domain VPLS-domain1 bridge-domain VPLS-domain1
interface GigabitEthernet0/0/0/0.10 interface GigabitEthernet0/0/0/0.10
exit exit
vfi VPLS-vfi1 vfi VPLS-vfi1
neighbor 10.2.1.1 pw-id 4 neighbor 10.1.1.1 pw-id 4
neighbor 10.3.1.1 pw-id 6 neighbor 10.3.1.1 pw-id 8

MPLS & QoS Training


PE3 10.3.1.1
VLAN 10.1.1.1 PW: 6 VLAN CE2
CE1 tag 10
10.2.1.1
MPLS PW: 8 tag 30
VLAN
tag 99 PW: 4
PE1 PE2
PE1: PE2:
interface Loopback0 interface Loopback0
ipv4 address 10.1.1.1 255.255.255.255 ipv4 address 10.2.1.1 255.255.255.255
! !
interface GigabitEthernet0/0/0/0.10 interface GigabitEthernet0/0/0/0.30
l2transport l2transport
encapsulation dot1q 10 encapsulation dot1q 30
rewrite ingress tag translate 1-to-1 rewrite ingress tag translate 1-to-1
dot1q 99 symmetric dot1q 99 symmetric
! !
l2vpn l2vpn
bridge group VPLS-group1 bridge group VPLS-group3
bridge-domain VPLS-domain1 bridge-domain VPLS-domain3
interface GigabitEthernet0/0/0/0.10 interface GigabitEthernet0/0/0/0.30
exit exit
vfi VPLS-vfi1 vfi VPLS-vfi3
neighbor 10.2.1.1 pw-id 4 neighbor 10.1.1.1 pw-id 4
neighbor 10.3.1.1 pw-id 6 neighbor 10.3.1.1 pw-id 8

MPLS & QoS Training


PE3 10.3.1.1
Outer QinQ Outer QinQ
CE-SW1 VLAN 10 10.1.1.1
PW: 6 10.2.1.1 VLAN 30 CE-SW2
802.1Q
MPLS PW: 8 802.1Q
Fa0/1 Fa0/2 Fa0/1 Fa0/2
P-SW1 PE1 PW: 4 P-SW2
200
PE2
10 99 30
200 200 200 200

P-SW1: PE1:
interface FastEthernet0/1
description CE-SW interface Loopback0
switchport access vlan 10 ipv4 address 10.1.1.1 255.255.255.255
switchport mode dot1q-tunnel !
! interface GigabitEthernet0/0/0/0.10 l2transport
interface FastEthernet0/2 encapsulation dot1q 10 second-dot1q any
description N-PE rewrite ingress tag translate 1-to-1 dot1q 99
switchport mode trunk symmetric
!
l2vpn
bridge group VPLS-group1
bridge-domain VPLS-domain1
interface GigabitEthernet0/0/0/0.10
exit
vfi VPLS-vfi1
neighbor 10.2.1.1 pw-id 4
neighbor 10.3.1.1 pw-id 6
MPLS & QoS Training
RP/0/RSP0/CPU0:PE3# show l2vpn bridge-domain detail
Sat Nov 26 13:48:47.127 UTC
Bridge group: VPLS-group3, bridge-domain: VPLS-domain3, id: 1, state: up, ShgId: 0,
MSTi: 0
MAC learning: enabled
MAC withdraw: enabled
MAC withdraw for Access PW: enabled
Flooding:
Broadcast & Multicast: enabled
Unknown unicast: enabled
MAC aging time: 300 s, Type: inactivity
MAC limit: 4000, Action: none, Notification: syslog
MAC limit reached: no
MAC port down flush: enabled
MAC Secure: disabled, Logging: disabled
Split Horizon Group: none
Dynamic ARP Inspection: disabled, Logging: disabled
IP Source Guard: disabled, Logging: disabled
DHCPv4 snooping: disabled
IGMP Snooping profile: none
Bridge MTU: 1500
MIB cvplsConfigIndex: 2
Filter MAC addresses:
Create time: 26/11/2011 11:38:38 (02:10:08 ago)
No status change since creation
ACs: 1 (1 up), VFIs: 1, PWs: 1 (1 up), PBBs: 0 (0 up)
< to be continued>

MPLS & QoS Training


List of ACs:
AC: GigabitEthernet0/0/0/0.30, state is up
Type VLAN; Num Ranges: 1
VLAN ranges: [30, 30]
MTU 1504; XC ID 0x840001; interworking none
MAC learning: enabled
Flooding:
Broadcast & Multicast: enabled
Unknown unicast: enabled
MAC aging time: 300 s, Type: inactivity
MAC limit: 4000, Action: none, Notification: syslog
MAC limit reached: no
MAC port down flush: enabled
MAC Secure: disabled, Logging: disabled
Split Horizon Group: none
Dynamic ARP Inspection: disabled, Logging: disabled
IP Source Guard: disabled, Logging: disabled
DHCPv4 snooping: disabled
IGMP Snooping profile: none
Storm Control: disabled
Static MAC addresses:
Statistics:
packets: received 31686, sent 27420
bytes: received 2156476, sent 1911176
Storm control drop counters:
packets: broadcast 0, multicast 0, unknown unicast 0
bytes: broadcast 0, multicast 0, unknown unicast 0
<to be continued>

MPLS & QoS Training


List of Access PWs:
List of VFIs:
VFI VPLS-vfi3
PW: neighbor 10.7.1.1, PW ID 64500:10, state is up ( established )
PW class not set, XC ID 0xfffc0005
Encapsulation MPLS, Auto-discovered (BGP), protocol LDP
PW type Ethernet, control word disabled, interworking none
PW backup disable delay 0 sec
Sequencing not set

MPLS Local Remote


------------ ------------------------------ -------------------------
Label 30000 16002
BGP Peer ID 10.3.1.1 10.7.1.1
LDP ID 10.3.1.1 10.7.1.1
AII 10.3.1.1 10.7.1.1
AGI 64500:10 64500:10
Group ID 0x1 0x1
Interface VPLS-vfi3 VPLS-vfi7
MTU 1500 1500
Control word disabled disabled
PW type Ethernet Ethernet
VCCV CV type 0x2 0x2
(LSP ping verification) (LSP ping verification)
VCCV CC type 0x6 0x6
(router alert label) (router alert label)
(TTL expiry) (TTL expiry)
------------ ------------------------------ -------------------------
<output truncated>
MPLS & QoS Training
• VPLS neighbors can be configured manually or learned by the
autodiscovery process.
• VPLS is implemented using bridge groups, bridge domains, and VFIs.

MPLS & QoS Training

You might also like