Odc010005 Mpls l2 VPN Issue1 - 1

Internal
ODC010005 MPLS L2 VPN

ISSUE 1.1
www.huawei.com
HUAWEI TECHNOLOGIES CO., LTD.
All rights reserved
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
MPLS L2VPN provides layer 2 VPN services on the MPLS network. It allows the establishment of L2VPNs on different media including ATM, FR, VLAN, Ethernet and PPP. For users, the MPLS network is a layer 2 switching network and can be used to establish layer 2 connections between nodes. At the same time, the MPLS network can provide traditional IP services, MPLS L3VPN, traffic engineering and QoS.
All rights reserved
Page 1
References
l draft-kompella-l2vpn-l2vpn-01 l draft-martini-l2circuit-encap-mpls-10 l draft-martini-l2circuit-trans-mpls-17
All rights reserved
Page 2
Upon completion of this course, you will be able to: [ Providing a architectural overview to MPLS L2 VPN [ Giving a rough discussion to data flow of general MPLS L2 VPN [ Providing a general discussion to Martini and Kompella signaling method
All rights reserved
Page 3
Chapter 1 What is MPLS L2 VPN Chapter 2 VLL Chapter 3 Layer 2 Interworking
All rights reserved
Page 4
Traditional L2 VPN
l Leased Line
[ Main shortcoming long-time construction !expensive and difficult to manage it

l Virtual Circuit
[ Comparing with LL !lower time construction "lower price [ Providing service on ATM or FR network !while the network need to be set up and maintained separately [ Low speed [ Complicated configuration
All rights reserved
Page 5
What is MPLS L2 VPN

l MPLS L3 VPN
Tunnel Label Inner Label Layer3 Header Data
l MPLS L2 VPN
Tunnel Label
VC Label
Layer2 Header
Data
For CCC no VC Label
For Layer2 interworking no Layer 2 Header

All rights reserved Page 6
MPLS L2 VPN Network Structure
Customer Site
Tunnel
Customer Site
Pseudo Wires
PE
Customer Site
PE
Customer Site
l The basic principle of all MPLS L2VPN modes, except CCC, is the same as
the above shown.

HUAWEI TECHNOLOGIES CO., LTD. All rights reserved Page 7
MPLS L2 VPN Characters

l The service provider use MPLS network to provide Layer 2
services to the customer. It seems that CEs are connected directly or connected through layer2 switch networks, such as ATM, FR, Ethernet switch networks.
l Routing occurs between CE routers
l PE sends VPN traffic across the service provider s network to
the PE router connected via LSP tunnels.
All rights reserved
Page 8
Advantages of MPLS L2 VPN

l High Scalability l Separation of Administrative Responsibilities l Routing Privacy and Security l Ease of Configuration l Native Multi protocol Support l Signaling Flexibility l Cost-efficient Migration from Traditional Layer 2 VPN
All rights reserved
Page 9
All rights reserved
Page 10
VLL
l VLL=Virtual Leased Line l VLL provides layer 2 P2P connection between CEs. l Implementation method includes:
[ CCC [ Martini [ SVC [ Kompella
All rights reserved
Page 11
L2 VPN Common Packet Structure

Connection Control protocol
[ LDP
!
BGP
STATIC-LSP and so on
VC label s negotiation, withdrawing and error notification
"Emulated Circuits #three layers encapsulation [Tunnel Label

Tunnel Header !Ingress PE to Egress PE switching label !MPLS Label or GRE Tunnel
demultiplexer
Field L2 PDU (Emulated)
[VC Label
!Identify different VC in the same tunnel
[Emulate VC Encapsulation (Control Word)

! 32-bit Control Word
All rights reserved
Page 12
PDU Structure
0 7 Tunnel Label(LDP or RSVP) VC Label(VC) Rsvd Flags 0 0 Length Layer-2 PDU Tunnel Label /VC Label Control Word Layer-2 Protocol Data Unit 15 EXP EXP 0 1 23 TTL TTL(Set to 2) 31
Sequence Number
Encap type ATM AAL5! Ethernet Frame Relay HDLC PPP

Control Word Y N Y N N
All rights reserved Page 13
PDU Structure Example-FR

0 7 Tunnel Label(LDP or RSVP) VC Label(VC) Rsvd B F D C 0 0 Length Layer-2 PDU 15 EXP EXP 0 1 23 TTL TTL(Set to 2) 31
Sequence Number
Relay frame forwarded without Frame Relay header and FCS ! then control word is necessary.
lFrame
useful information as BECN"FECN" DE and C/R bits are carried through control flags
lThe
All rights reserved
Page 14
Chapter 2 VLL
Section 1 CCC Section 2 Martini Section 3 SVC Section 4 Kompella
All rights reserved
Page 15
CCC Network Structure

Tunnel Label Layer2 Header Data
Branch Office B
Only one level

Headquarter B
PE
Branch Office A
PE MPLS Network
Headquarter A
Remote Connection
PE
Branch Office A Branch Office A
Local Connection
All rights reserved
Page 16
Questions
l When local connection, there use Tunnel label or not?
l Each CE-CE there have two LSPs?
l When configuring LSP, we need to configure P router or not?
All rights reserved
Page 17
Chapter 2 VLL
All rights reserved
Page 18
Martini Network Structure

Outer Label VC Label Layer2 Header Data PE Headquarter A
Tun (L S n el P)
Branch Office A
MPLS Tunnel (LSP)
P LS
Branch Office B
PE
MP LS
MPLS Network
Tun
Branch Office A
n el
(L S
P)
PE
Headquarter B VC Label distributed by LDP
Branch Office B
All rights reserved
Page 19
Draft for Martini

l The Mode is based on two drafts from Lucca Martini.
[ draft-martini-l2circuit-trans-mpls ! VC label distribution, uses extended LDP [ draft-martini-l2circuit-encap-mpls ! Different encapsulation mechanism for different L2 circuit.
All rights reserved
Page 20
Martini Characters
l VC ID is used to identify a VC,VC Type indicates the
encapsulation type.
l Martini Protocol extends LDP by adding VC FEC type including
VC ID and VC Type. One label is allocated for per VC FEC.VC label has only local meanings.
l VC FEC and VC label is exchanged through targeted LDP
session between two PEs.

l Tunnel between PEs can be used commonly by different VCs.
Tunnel type can be LSP,TE tunnel or GRE tunnel.

l Can t provide local connection.
All rights reserved
Page 21
VC FEC Format
0 0 Label Message(0x0400) Message ID 0 0 FEC TLV(0x0010) VC TLV(0x80) c VC Type Group ID VC ID Interface Parameters 0 0 Generic Label(0x0200) Label Optional Parameters Length Length VC Info Length 15 Message Length 31
All rights reserved
Page 22
VC Status
l An In Label is allocated when a LDP VC is configured. l If the Local State is up i.e. l if the interface is up l LDP Session is established l at least one tunnel to destination exists l then a mapping containing L2VPN Info like VC-ID, Interface
type and other Interface parameters are sent to the destination.

l VC state is not up until it receives a mapping from the remote
peer with matching VC ID, Interface type and parameters.

l With this mapping we also receive the in-label of the remote
VC which is out-label for the local LDP VC.
All rights reserved
Page 23
Label Mapping
PE2 repeats steps 1-5 so that bi-directional label/VCID mappings are established
1.L2 transport route entered on ingress PE
CE1
2. PE1 starts LDP session with PE2 if one does not already exist
CE2
3. PE1 allocates VC label For new interface & binds To configured VCID
PE1
4. PE1 sends label mapping Message containing VC FEC TLV & VC label TLV
PE2
5. PE2 receives VC FEC TLV & VC label TLV that Matches local VCID
All rights reserved
Page 24
Label Withdrawing
l If a PE route detects a condition that affects normal service, it
must withdraw the corresponding VC label through the LDP signaling
CE1
CE2
CE port/VC failure triggers Label withdraw Msg
Circuit status signaling
PE1
LDP label withdraw VCID 20 VC label 100
PE2
PE port failure triggers Group ID withdraw
All rights reserved
Page 25
Martini Summary
l LDP is the signaling to exchange VC FEC and
VC Labels. VC ID is used to identify different L2VPN connection.

l Advantages:
[ Configuration is easy, it s industrial trend.

l Disadvantages:
[ Can not provide local connection.
All rights reserved
Page 26
Questions
l
Martini provide local connection or not? Why?
As we know, two CEs which can set up the VPN connection need to be the same encapsulation type and CE ID, then on PE the in and out VC label is the same?
All rights reserved
Page 27
Chapter 2 VLL
All rights reserved
Page 28
SVC
l SVC=Static Virtual Circuit l Similar with Martini MPLS L2VPN, the only difference is In and
Out VC Label is allocated manually. Targeted LDP session between two PEs is not needed for VC info exchange.
l VC state only depends on the local state and the tunnel state
between two PEs.

l Tunnels are used to pass on the data packets between the
PEs.
All rights reserved
Page 29
SVC Summary
l Similar with Martini MPLS L2VPN, the only
difference is In and Out VC Label is allocated manually. l Advantages: [ no signaling required. l Disadvantages: [ can not provide local cross function ; the number of SVC is strictly constrained by static label numbers.
All rights reserved
Page 30
Chapter 2 VLL
All rights reserved
Page 31
Kompella Network Structure

Outer Label VC Label Layer2 Header Data
Brach Office A
Headquarter A
PE
Headquarter B
P)
T P LS
un n
S e l (L
MPLS Tunnel (LSP)
PE
MP LS
MPLS Network
Tun
n el
Brach Office A
(L S
P)
PE
Brach Office B l2VPN Instance info distributed by BGP Brach Office B
All rights reserved
Page 32
Draft for Kompella

l Implemented through a draft from Keerti Kompella.
[ draft-kompella-l2vpn-l2vpn-01 ! Describes label distribution, uses BGP4

l Continue to use Martini draft for encapsulation
[ draft-martini-l2circuit-encap-mpls
All rights reserved
Page 33
Kompella Control Plane
CE1 CE2
PE2 receives the Information and checks it and calculate the VC label with it
PE1
PE1 sends out the configured VPN info to neighbors with MP-BGP
PE2 MP-BGP
All rights reserved
Page 34
VPN Information
Label Block
PE Label Block 1000 CE1 Label Block1 LB=1000 LR=3 LO=0 1001 1002 1003 CE2 Label Block1 LB=1003 LR=3 LO=0 1004 1005
l PE chooses a Label Block. l Label Base : Smallest Label in
Block
l Range : number of labels of the
block
l Offset: the sum of all the previous
label blocks range.

l A remote site with CE ID m will
connect to this CE with a label CE1 Label Block2 LB=1006 selected from one of the label LR=3 LO=3 blocks. block offset <= m < block Means m should be lower than the offset + label-range
total label range counts
1006 1007 1008
All rights reserved
Page 35
Label Block Structure

0 7 Length Route Distingguisher CE ID Label-block Offset Label Base Variable TLVs Label Base 15 23 31
l Circuit State Vector (CSV): variable TLV, used to identify the status of
circuit.
All rights reserved
Page 36
Layer2-Info Extended Community

0 7 Extended Community type Layer-2 MTU 15 Encaps Type Reserved 23 Control Flags 31
l The extended community, Layer2-Info, Used to carry layer 2 specific
information in a VPN. This extended community must be carried as part of path attribute in all BGP update messages carrying L2VPN NLRIs.
All rights reserved
Page 37
VC Label Calculation-1
CE m CE k
L2VPNA (RD RT) CE m label-block : Lm Lm's block offset : LOm label-base : LBm label-range : LRm
PE1 MP-BGP
PE2
L2VPNA (RD RT) CE k label-block : Lk Lk's block offset : LOk label-base : LBk label-range : LRk
All rights reserved
Page 38
VC Label Calculation-2
l Check the encapsulation type for VPN A, if does not match stop. (Note
that for IP-only layer 2 interworking a separate encapsulation type is defined).

l Check if k = m. If so, issue an error: Stop. l Search among all the label-blocks from m for one which satisfies LOm
<= k < LOm + LRm. If none found, stop. Otherwise let Lm be the label-block found.
l Search among all the label-blocks of k for one which satisfies LOk <=
m < LOk + LRk. If none found, stop. Otherwise let Lk be the labelblock found.
l The Interface bound with remote CE-m is identified based on the
configuration in remote CE. Then VC label for sending packets to CEm is (LBm + k - LOm) and The VC label on which to expect packets from CE-m is (LBk + m - LOk).
All rights reserved
Page 39
VC Calculation Example
II have: have: VPN VPN :: red red CE-id: CE-id: 2 2 Label Label Base: Base: 2000 2000 Label Range: Label Range: 10 10 CE2
201
203 PE2
Tunnel
1002
Payload
Tunnel
3002
Payload
Tunnel
2001 102
Payload
Tunnel
2003 302
Payload
CE1 103 PE1 Tunnel II have: have: VPN VPN :: red red CE-id: CE-id: 1 1 Label Base: Label Base: 1000 1000 Label Label Range: Range: 10 10 3001 Payload Tunnel 1003 PE3 Payload II have: have: VPN VPN :: red red CE-id: CE-id: 3 3 Label Label Base: Base: 3000 3000 Label Range: Label Range: 10 10 301
CE3
All rights reserved
Page 40
Kompella Summary
l MP-BGP is used for signaling to transfer layer
2 NLRI and VC Label!use CE-ID to identify CE.

l Label Block is allocated based on the CE
Range.
l Advantages:
[ Topology Auto-discovery; Support local cross ; Inter-as support.

l Disadvantages
[ Implementation is complex; Venders who support this are less; Label Wastage.
All rights reserved
Page 41
Questions
l
Does the static LSP used by CCC is the same with ordinary static LSP #
What s the relation between Martini and SVC #
What s the similarities and differences between Kompella and L3VPN #
All rights reserved
Page 42
L2VPN Characters Compare

Mode Index Signaling Tunnel Type BGP GRE/LSP/ L2TPv3 LDP GRE/LSP/ L2TPv3 NA Static LSP NA GRE/LSP/ L2TPv3 Kompella Martini CCC SVC
Tunnel Shared Encapsulation Type
Shared ATM/FR/PPP /HDLC/ETH/ VLAN
Shared ATM/FR/PPP/ HDLC/ETH/ VLAN
Exclusive ATM/FR/PPP/ HDLC/ETH/ VLAN Low
Shared ATM/FR/PPP /HDLC/ETH/ VLAN Normal
Scalability
High
High
All rights reserved
Page 43
All rights reserved
Page 44
Layer 2 Interworking
l As defined so far, all CE-PE connections for a given Layer 2
VPN must use the same layer 2 encapsulation, e.g., they must all be Frame Relay. This is often a burdensome restriction.
CE1 FR Link
ATM Link
CE2
PE1
Outer Label HUAWEI TECHNOLOGIES CO., LTD. VC Label
PE2
Layer3 Header
Data Page 45
All rights reserved
Summary
l The function of MPLS L2 VPN l Basic principles of MPLS L2 VPN l Signaling Method
All rights reserved
Page 46
Thank You
www.huawei.com

Odc010005 Mpls l2 VPN Issue1 - 1

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Odc010005 Mpls l2 VPN Issue1 - 1

Uploaded by

Copyright:

Available Formats

Internal

ODC010005 MPLS L2 VPN

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

Chapter 1 What is MPLS L2 VPN Chapter 2 VLL Chapter 3 Layer 2 Interworking

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

[ Main shortcoming long-time construction !expensive and difficult to manage it

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

What is MPLS L2 VPN

For CCC no VC Label

For Layer2 interworking no Layer 2 Header

HUAWEI TECHNOLOGIES CO., LTD.

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

MPLS L2 VPN Network Structure

the above shown.

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

MPLS L2 VPN Characters

l Routing occurs between CE routers

l PE sends VPN traffic across the service provider s network to

the PE router connected via LSP tunnels.

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

Advantages of MPLS L2 VPN

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

Chapter 1 What is MPLS L2 VPN Chapter 2 VLL Chapter 3 Layer 2 Interworking

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

[ CCC [ Martini [ SVC [ Kompella

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

L2 VPN Common Packet Structure

VC label s negotiation, withdrawing and error notification

"Emulated Circuits #three layers encapsulation [Tunnel Label

[Emulate VC Encapsulation (Control Word)

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

Encap type ATM AAL5! Ethernet Frame Relay HDLC PPP

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

PDU Structure Example-FR

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

HUAWEI TECHNOLOGIES CO., LTD.