Odc010017 Vpls Principle Issue1 - 0

Internal
ODC010017 VPLS Principle

ISSUE 1.0
www.huawei.com
HUAWEI TECHNOLOGIES CO., LTD.
All rights reserved
PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com
Virtual Private LAN Service (VPLS) is a service that connects multiple Ethernet LAN segments through the PSN (Packet Switched Network) to make them work like a LAN. This course describes the basic concept and implementation principles of VPLS.
All rights reserved
Page 2
References
l VRP5.30 Operation Manual l draft-ietf-l2vpn-vpls-ldp-05 l draft-ietf-l2vpn-vpls-bgp-01 l White Paper of VPLS
VPN volume
All rights reserved
Page 3
Upon completion of this course, you will be able to: [ Understand the basic concept of VPLS [ Understand the operating principles of VPLS [ Understand the principles of H-VPLS
All rights reserved
Page 4
Chapter 1 Basic concept of VPLS Chapter 2 Implementation principles of VPLS Chapter 3 H-VPLS
All rights reserved
Page 5
Basic concept of VPLS

VPLS Overview
l VPLS is also known as Transparent LAN Service (TLS) and
Virtual Private Switched Network service

l VPLS provides L2 VPN service. By function, L2 VPN and L3 VPN
are different in whether L2 forwarding or L3 forwarding functions are simulated on the public network
l In VPLS, users are connected through a point-to-multipoint
network, rather than the point-to-point connection service provided on the traditional L2 VPN.
l VPLS, in fact, is about creating a series of virtual switches on the
PE to be leased to users. Such virtual switches can be networked in the same way as traditional switches. This way, the users can implement their own LAN connections through the WAN
HUAWEI TECHNOLOGIES CO., LTD. All rights reserved Page 6

VPLS Structure
Emulated Service Pseudo-wire Attachment Circuit
Virtual Switch Instance
A branch 1
PE Attachment Circuit CE
CE PE
M PL
S LS P
R
CE MPLS LSP
B headquarters
S
A headquarters
PE
R
Virtual Switch Instance
IP/MPLS network
MP LS L SP
A branch 2
CE
S
PE
S
CE
B branch 1
R
CE
B branch 2
S
All rights reserved
Page 7

VPLS Basic Concept
l Pseudo Wire (PW): It is a virtual connection used to transmit
frames between two PEs in VPLS

l Virtual Switch Instance (VSI): Every VSI can offer separate VPLS
service. The VSI implements Ethernet bridge function and terminates Pseudo Wire (PW).
l Virtual Circuit (VC): a logic single directional circuit between two
nodes. A PW is constitutes by two opposite directional VCs. A VC can be used as a single directional PW.
l Attachment Circuit (AC): In L2VPN, CE accesses PE through AC.
AC can be either a physical link or a logical link. AC transmits frames between CE and PE.
All rights reserved
Page 9
Chapter 2 Implementation principles of VPLS

2.1 Basic working principle of VPLS 2.2 Martini VPLS 2.3 Kompella VPLS 2.4 Key Technology
All rights reserved
Page 10
Working process of VPLS

l Member relationship discovery (control plane) l PW creation and maintenance (control plane) l Forwarding based on MAC addresses in VSI (data plane)
All rights reserved
Page 11

Control Plane
l Member discovery: It is the process to find all other PEs in the
same VPLS. This can be implemented either through manual configuration or automatically by the use of some protocols. In the later case, it is called !auto discovery".
l Signaling mechanism: It is the process to use the signaling
protocol between the PEs of the same VPLS to establish, maintain and remove PW.
l Huawei products support the use of the BGP or LDP to implement
the control plane of VPLS, referred to as Kompella VPLS and Martini VPLS respectively.
All rights reserved
Page 12

Data Plane
l Encapsulation: When receiving Ethernet frames from CE, PE
sends them to PSN after encapsulation.

l Forwarding: How to forward packets depends on the interface
receiving the packets and the destination MAC addresses of the packets .
All rights reserved
Page 13

VPLS Forwarding Model
R R
CE VLAN1 PE
VSI1
VSI1
CE VLAN1 PE
R
VSI2
R VSI2
CE VLAN2
R
VSI1 VSI2
CE VLAN2
R
PE CE VLAN1
R
All rights reserved
CE VLAN2
Page 14

Packet transport process
MAC Lable VC ID User PDU
A branch 1
CE PE
CE
User PDU
MAC
Lable
VC ID
User PDU
PE
S LS P M PL
R
MPLS LSP
A headquarters The VPLS tunnel, for the CE equipment, is like a L2 switch that has no protocol started, as it transparently transmitted the packets of the users
R
MP
IP/MPLS network
LS L
SP users, the According to the VPNs of the PE encapsulates the PDUs with the VC Labels to distinguish different users in the MPLS network. According to the destination MACs of the users, the PSTN labels are encapsulated for transmission to the destination PE: Obviously, the PE in the VPLS network must have the ability to learn the MAC addresses of the users
PE
When the PE forwards the packets from the remote PE, it selects the home VPNs of the PDUs of the users according to the VC label, and it looks for the egress interfaces of the packets according CE to the destination addresses the users, Aof branch 2 removing the VC Label and sending the original PDUs ofS the users to the CE
All rights reserved
Page 15

All rights reserved
Page 16
Martini VPLS
Overview
l Using the LDP as signaling l Using the TLV of the expanded standard LDP to carry the
information of VPLS [ FEC TLV of type 128 and type 129 added
l Label allocation and reservation mode when PW is established
[ DU (downstream unsolicited) used as the allocation mode [ Liberal label retention used as the label retention mode
l LDP connection used for exchanging VC signaling must be
configured to be the Remote mode
All rights reserved
Page 17
Martini VPLS
Signaling process
PE1
Configuring VSI, and designating the PE2 as Peer Mapping Message Mapping Message Interface parameters match . PW UP Withdraw Message Removing PW PW Down
PE2
Configuring VSI, and designating the PE1 as Peer Interface parameters match . PW UP
Release Message Recycle label PW Down
All rights reserved
Page 18
Martini VPLS
Setup PW
VC:111 in VLAN 10 VC:222 in VLAN 20 VC:555 in VLAN 50
VC
. . .
VC:111 in VLAN 10 VC:222 in VLAN 20 VC:555 in VLAN 50
1.1.1.1
LSP IP MPLS Network 1.1.1.1 Remote Session 2.2.2.2 CE
Trunk VLAN 10-50
R PE
R PE
Trunk VLAN 10-50
S
Vlan:1020
CE
S
50
50
All rights reserved
Vlan:1020
Page 19
Martini VPLS
Label allocation
l To establish one VC, PE needs to allocate two layers of labels for it. l The outer layer label is the MPLS LSP label of the public network,
as allocated by the LDP. Only with the outer layer label can packets be transmitted on the public network.
l The inner layer label is the VC label, as allocated through the
negotiation of the remote LDP Session. PE allocates one label for each VC. PE determines the VC to which the packets belong according to the inner layer label, and then sends the packets to the right CE.
l The VC can be up and the VPLS can start to work only when two
layer labels have been correctly allocated.

Martini VPLS
Packet forwarding
Private Label VC label Tag Payload Public LabelPrivate Label MPLS VC label Tag Payload
R PE
Tag Payload
IP MPLS Network
R PE
Trunk VLAN 10-50
S
Vlan:1020
CE
CE
S
50
50
All rights reserved
Vlan:1020
Page 21

All rights reserved
Page 22
Kompella VPLS
Overview
l Using the BGP as signaling l Using the multiple protocol expansion (RFC2283) of the BGP to
transfer the VPLS member information [ MP-reach and MP-unreach attributes transfer the label information of the VPLS [ The interface parameter information is transferred in the expanded community attribute
l The VPN member relationship is determined by the RD (route
distinguish) and VPN-TARGET. Both the RD and VPN-TARGET are transferred in the expanded community attribute
Kompella VPLS
Signaling process
PE1
Configuring VSI, designating the PE2 as Bgp Peer, and enabling the VPLS address family
PE2
Configuring VSI, designating the PE1 as Bgp Peer, and enabling the VPLS address family
Update Message Update Message Interface parameters match . PW UP Update Message Interface parameters match . PW UP
Recycle label PW Down HUAWEI TECHNOLOGIES CO., LTD. All rights reserved Page 24
Removing PW PW Down
Kompella VPLS
PW setup and Label allocation
l Using the BGP as signaling, it can implement the auto discovery of
the VPLS members by configuring the VPN Targets

l The VPN-Target is used to uniquely identify one VPLS l The inner layer labels are allocated by configuring labels. When PE
is added or deleted, few additional operations are needed, providing good expandability
All rights reserved
Page 25
Kompella VPLS
Packet forwarding
Private Label VC label Tag Payload Public LabelPrivate Label MPLS VC label Tag Payload
R PE
Tag Payload
IP MPLS Network
R PE
Trunk VLAN 10-50
S
Vlan:1020
CE
CE
S
50
50
All rights reserved
Vlan:1020
Page 26
Kompella VPLS
Comparison with the Martini mode
Attribute Signaling
Kompella Mode Martini Mode
Capability requirement for the PE Whether auto discovery is supported Implementation complexity Expandability Label utilization Configuration work Cross-domain restriction
high yes high good low small small

All rights reserved Page 27
normal no low bad high big big

All rights reserved
Page 28
Key Technology
MAC Address Learning
l In the VPLS, the service provider network simulates the bridge
equipment, and the PE performs MAC address learning. To forward packets, the PE must be able to associate the destination MAC address with the PW. The PE learns the remote MAC address through the PW, and learns the MAC address of direct access through the AC. [ MAC address from the remote PE: recorded as MAC #LSR-ID of the remote PE [ MAC from the local CE: recorded as MAC #VSI corresponding interface
All rights reserved
Page 29
Key Technology
MAC Address Learning and Flooding
VSI VPN1 MAC A B PORT Vlan10,port1 PW1
ARP Broadcast
VPN1
PW2
S
MAC A IP 1.1.1.2
VSI VPN1 VPN1 MAC A B
R
PW 1
R
PW 2
VSI VPN1 MAC A
S
PORT PW2
PORT PW1 Vlan10,port1
ARP Response
S
MAC B IP 1.1.1.3
Key Technology
Two modes of MAC address learning
l Qualified
[ PE learns MAC addresses according to MAC addresses of Ethernet packets and VLAN tags, that is, based on every VLAN of every VSI. In this mode, every VLAN forms its own broadcast domain and has its own independent MAC address range.
l Unqualified
[ PE learns MAC addresses according to MAC addresses of Ethernet packets, that is, based on every VSI. In this mode, all VLANs share a broadcast domain and a MAC address range. The MAC address of a VLAN must be unique, and no overlapped address exists.
Key Technology
Broadcast Traffic Forwarding
l If PE receives broadcast flows sent by the local customer, PE
forwards it to all other ports and PEs of the same VPLS.

l If PE receives broadcast flow sent by remote PE, PE forwards it to
directly-connected VPLS customers, instead of other PEs.

l For the packet whose destination MAC address is non-broadcast
address, if PE does not learn such MAC address, then PE broadcasts this packet.
All rights reserved
Page 32
Key Technology
Packet Encapsulation on AC
l 802.1Q tag,Ethernet access: (also known as QinQ access) The PE
of the carrier ignores the 802.1Q tag in the user packets, and it selects their home VPNs according to the QinQ VLAN. This mode requires intervention in the VLAN planning of the user, and one PE allows the VLAN overlapping of different CEs.
l VLAN access: The carrier allocates a user with a VLAN for access,
and all the packets of the user must be placed with the tag of the VLAN and sent to the PE. Otherwise, communication is impossible. This mode requires intervention in the user VLAN planning, and one PE does not allow the VLAN overlapping of different CEs.
All rights reserved
Page 34
H-VPLS
Looping avoidance of VPLS
l Use the !full connection " and !horizontal cutting forwarding " to avoid
looping. [ !Horizontal cutting forwarding " means that the packets received from the PW on the public network side are no longer forwarded to other PWs, but can only be forwarded to the private network side. [ Full-connection LSP tunnels are established between PEs. For each VPLS service, n*(n-1)/2 PWs must be established between PEs. Through hierarchical connection, the number of PWs can be decreased to reduce the load of the PEs for processing signaling protocol and copying packets.
H-VPLS
Concept of H-VPLS
l To solve the full-connection problem of the VPLS, the Hierarchical
Virtual Private LAN Service (HVPLS) networking solution emerges.

l UPE: The equipment in direct connection to the CE is called the
Underlayer PE, UPE for short. UPE only needs to be connected to one PE of the basic VPLS full-connection network.
l SPE: The equipment connected to the UPE and inside the basic VPLS
full-connection network is known as the Superstratum PE, SPE for short. One SPE is connected to all the other equipments in the basic VPLS full-connection network.
l For the SPE, the UPE connected is like a CE. The PW established
between the UPE and the SPE will work as the AC of the SPE. The SPE needs to learn the site MAC addresses of all the UPE sides, and the MAC addresses of the UPE interfaces connected to the SPE.
H-VPLS
H-VPLS networking solution
CE CE SPE UPE SPE
S S
UPE
CE
R R
SPE
R R
SPE
CE
PW
H-VPLS
Backup mechanism and loop avoidance
l The UPE may have PW connection established to only one SPE.
However, to avoid single chain failure, it is recommended that dualhoming should be used from the UPE to the SPE.
l When VPLS data are transmitted between the UPE and the SPE, no
horizontal cutting principle is followed. To avoid looping, if all the UPEs are in dual-homing, the UPE will block one PW and set its status to backup, so that all the data are forwarded from the Active PW.
All rights reserved
Page 38
Summary
l Background of VPLS l Principle of VPLS l Principle of H-VPLS
Microsoft Excel Worksheet
All rights reserved
Page 39
Thank You
www.huawei.com

Odc010017 Vpls Principle Issue1 - 0

Diunggah oleh

Informasi Dokumen

Judul Asli

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Odc010017 Vpls Principle Issue1 - 0

Diunggah oleh

Hak Cipta:

Format Tersedia

Internal

ODC010017 VPLS Principle

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

Basic concept of VPLS

Virtual Private Switched Network service

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

Basic concept of VPLS

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

Basic concept of VPLS

frames between two PEs in VPLS

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

Chapter 2 Implementation principles of VPLS

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

Working process of VPLS

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

Working process of VPLS

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

Working process of VPLS

sends them to PSN after encapsulation.

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

Working process of VPLS

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

Working process of VPLS

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

Chapter 2 Implementation principles of VPLS

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

configured to be the Remote mode

HUAWEI TECHNOLOGIES CO., LTD.

All rights reserved

PDF created with FinePrint pdfFactory Pro trial version www.pdffactory.com

Release Message Recycle label PW Down

HUAWEI TECHNOLOGIES CO., LTD.