R E S E A R C H

W H I T E

P A P E R

VPN Services: Layer 2 or Layer 3?

Which Service is Preferred by Enterprises and Why?
This research paper focuses on enterprise requirements and opinions regarding Layer 2 and
Layer 3 networking services. Specifically, the services discussed in this report are Ethernet
(Layer 2) and IP (Layer 3). Additionally, VPNs based on these services are highlighted, including
VPLS (RFC 4762) and IP-VPNs (RFC 4364), both of which leverage an MPLS network. While
IP-VPNs are ubiquitous, VPLS (also described as carrier Ethernet VPNs) are just starting to
become available in certain markets.

Table of Contents
1

Report Background

VPN Overview

Layer 2 Ethernet

Comparing Layer 2 and Layer 3

Benefits of Layer 2 Ethernet VPN Services

Benefits of Layer 3 Services

Current Service Usage

Making the Decision: Why Enterprises Choose Layer 2 or Layer 3

Demarcation Point

Local Loop

Service Cloud

Future Service Plans

Views on Pricing Levels of Different VPNs

Differences Between Industry Verticals

Financial Services

Public Sector

10

Professional Services

10

Other Verticals

11

Summary

11

Research Methodology

12

Author

12

Acronyms

Report Background
The research presented here is derived
from direct interviews with more than
40 enterprises based in North America
and Europe. Figure 1 illustrates the
distribution of the vertical markets represented in this research report. The
enterprises interviewed would mostly
be considered large enterprises and so
the conclusions presented here should
only be considered representative of
this segment of the market. Additional
information on the research process is
presented at the end of this report.

VPN Overview

Figure 1. Vertical Markets Represented in this Research Report

Technology
4

Professional
9

Health
4

Financial
Services
10

Public
Sector
2

Consumer
Industrial
Historically, Layer 2 and Layer 3 VPNs
6
7
referred to frame relay and best-effort IPVPNs respectively. Frame relay allowed
enterprises to cost-effectively connect
multiple corporate locations together, compared to point-to-point private line services, and allowed
service providers to leverage cost efficiencies from statistical multiplexing. Early IP-VPNs, based on
IPSec and PPP (point-to-point tunneling protocol) allowed enterprises to more easily create multipoint data networks, and support remote locations and mobile employees, and they were cheaper
than frame relay. Both of these VPN services were effective at supporting multi-site data services,
but had limitations related to bandwidth scalability, provisioning simplicity and features.

As service providers upgraded their networks to incorporate next-generation technologies, MPLS

was used to bring networking efficiencies to their IP network and also to offer new services. These
MPLS networks were initially used to deliver IP-VPNs based on the RFC 2547bis standard. More
recently, service providers have started to upgrade their MPLS networks to support VPLS (Ethernet VPNs), with some service providers offering their customers a combination of both VPLS and
Premium IP-VPNs based on these MPLS networks.
As this research paper shows, there is some overlap with these next-generation Layer 2 and Layer 3
VPNs. These VPNs should not be considered mutually exclusive services, as many service providers
are using Ethernet access circuits to connect to IP-VPN clouds, and enterprises can use both types
of VPN services for their communications requirements.

Layer 2 Ethernet
Ethernet services, with an Ethernet hand-off and in some cases an Ethernet local loop, were launched
in the mid-1990s. These early Ethernet services were mostly point-to-point solutions delivered as an
extended bridged Ethernet solution. As such, LAN Ethernet technologies, such as spanning tree
protocol, were simply extended into a metro area environment, and so had limited reliability or
OA&M capabilities.
In early 2001, the Ethernet market started to take off as competitive service providers targeted and
attracted large enterprises with high-speed bridged Ethernet services. These services had low prices
compared with high-speed private line services but still had limited reliability or OA&M capabilities.

VPN Services: Layer 2 or Layer 3? | Research White Paper

Simultaneously, service providers with next-generation SONET / SDH networks started to support
Ethernet services, leveraging the underlying reliability of SONET / SDH. These types of Ethernet
services leveraged existing networks, but proved expensive for the best-effort Ethernet services that
most enterprises were willing to pay for.
More recently, service providers have focused on leveraging MPLS networks to deliver Ethernet
services. MPLS proved to be capable of supporting the QoS parameters and CoS queues that enterprises started demanding as they introduced VoIP and started migrating other business-critical data
services onto their Ethernet services. Point-to-point services based on the Martini encapsulation
technique were the services that were initially offered. Most recently, some service providers have
been upgrading their MPLS networks to support next-generation VPLS, with the ability to support
mesh VPN services.
As enterprise business practices have evolved, more and more business applications are considered
business critical. Enterprise requirements for QoS and the multiple service queues associated with
data services have intensified. By extension, service provider networks need to fulfill these enterprise requirements, and Layer 2 and Layer 3 VPNs delivered from an MPLS network is one unified
approach to meeting these needs.

Enterprises have complicated networking requirements and are faced with many
decisions on how to connect their corporate locations together. These networking
services can typically be viewed from three perspectives, including the enterprise
demarcation point, the local loop and the service core.

Comparing Layer 2 and Layer 3

For this research report, we looked at the impact of choosing either Layer 2 or Layer 3 VPN option
at three network service points:
Demarcation point (or enterprise / service provider hand-off)
Local loop or access circuit
Service cloud (the core network that connects local loops together)
These three service points are depicted in Figure 2.
Before discussing enterprise preferences for each network service point, the general benefits of Layer 2
Ethernet and Layer 3 services are detailed. Table 1 provides an overview of these benefits. For the
purposes of this paper, a Layer 2 Ethernet service1 is described as:
Having an Ethernet hand-off,
Having an Ethernet local loop (or a TDM-based local loop with rate limiting),
Allowing the enterprise to control networking and routing decisions end-to-end,
Supporting multiple application protocols, and
Having flexible and granular bandwidth.

 ote that an Ethernet service can have many different interpretations, exceptions to our list can exist, and there may be arguments against our parts of our list.
N
Many different connection mediums exist for Ethernet services, and therein is the diversity of interpretations.

VPN Services: Layer 2 or Layer 3? | Research White Paper

Figure 2. Enterprise Layer 2 and Layer 3 Networking Decisions

The Enterprise/Operator Demarcation Point (UNI)

The Operator Service Cloud

Customer A
FR UNI
Customer A

Frame
Relay

IP
VPN

IP
VPN

VPLS

VPLS

Customer B
Ethernet
Customer C

IP
VPN

ATM

VPLS

ATM UNI
Customer B
TDM

Multi-Service
Edge Routers

IP
VPN
VPLS

Ethernet Service
Switches/Routers

IP
VPN

IP
VPN

VPLS

VPLS

Ethernet UNI
Customer C

IP
VPN
VPLS

Ethernet

MTU Switch

The Local Loop or Access Connection

Table 1. Layer 2 and Layer 3 VPN Benefits for Enterprises

Ethernet Layer 2 Service Benefits

Layer 3 Service Benefits

Highly flexible, granular and scalable bandwidth

Almost ubiquitous availability globally

Simple troubleshooting

Service provider manages and maintains all circuits, and routing and networking changes

Enterprise maintains networking and routing decisions

Can be built by the enterprise

Easily add new locations to VPN

Transparent to underlying application protocols
Ubiquitous use for router ports

Benefits of Layer 2 Ethernet VPN Services

From an enterprise perspective, there are many benefits to using an Ethernet Layer 2 service:
Flexible, granular and scalable bandwidth, with the ability to easily change bandwidth levels up to
the port capacity. Using rate limiting, service bandwidth levels can easily be matched to the needs
and budgets of the enterprise. In comparison, frame relay, ATM and private lines rely on TDM
circuits, which have explicit bandwidth levels.
Simplified maintenance, with every IT organization understanding the Ethernet protocol, any IT
employee can troubleshoot Ethernet demarcation points. Equally, while every IT organization understands IP, this OSI Layer 3 protocol must rely on lower order protocols to move the packets across a
MAN or WAN. Where Ethernet is used for transport, the simplicity is maintained; however, when
frame relay, ATM or TDM are used at the demarcation point, the benefits do not follow through as
fewer IT employees understand these protocols. Using Ethernet at the demarcation point therefore
provides the simplest interface for enterprise IT organizations.

VPN Services: Layer 2 or Layer 3? | Research White Paper

Networking and routing control is maintained by the enterprise, which is typically preferred by
enterprises that want to ensure the security of their underlying packets. With this type of service,
the enterprise implements its end-to-end networking and routing decisions itself without having to
involve the service provider, and these decisions are therefore only known within the enterprise.
Additionally, although changes are usually not a common occurrence, this approach allows these
changes to be implemented faster.
Specifically with VPLS, enterprises can easily add new locations to the VPN, without having to
change the networking and routing configurations for all existing locations. When a new location
is connected to the VPLS instance, the new location can automatically communicate with every
existing location, and vice versa.
Protocol transparency, with the ability to transport all legacy application protocols, such as SNA,
DECnet, IP.X, and others. Ethernet, as an OSI Layer 2 protocol, can support any higher-order
protocol, making it an ideal method of supporting legacy application protocols that are still in use
at some enterprise. In comparison, IP is an OSI Layer 3 protocol, so it cannot support these legacy
application protocols, and can only support IP-based applications. Enterprises, however, are gradually moving away from these legacy application protocols to IP-based applications, so this benefit
will dissipate.
Universal availability of Ethernet ports on routers, with every router shipped having Ethernet ports.
There is no need for the enterprise to purchase expensive high-speed serial interfaces (i.e. TDM-based
ports) to support TDM-based local loop, or an additional CSU / DSU for a frame relay service. An
Ethernet handoff also simplifies the enterprises telecom closet, with reduced equipment, and by extension, reduces the power draw for the related equipment. These benefits would be minor considerations
for the enterprise.
Benefits of Layer 3 Services
From an enterprise perspective, the benefits of using a Layer 3 service include:
Ubiquitous availability, with most service providers globally offering Layer 3 VPN services, with
bandwidth starting at 56 Kb/s and scaling up to whatever the enterprise requires. In comparison,
Ethernet services and Layer 2 VPNs are for the most part available only in metro markets and in
only selected developed markets; getting an Ethernet demarcation in rural markets or developing
countries is either impossible or prohibitively expensive. With this ubiquitous availability, enterprises
can easily plan for and implement a network globally with the knowledge that local loop connections should be fairly straightforward.
Network and routing control is maintained by the service provider. In this scenario, the enterprise
has to simply list its routing and networking requirements and the service provider will implement
those decisions across the VPN. Enterprises who do not want to spend time and resources maintaining networking and routing decisions can shift that responsibility to the service provider by using
an IP-VPN.
Many equipment vendors ship equipment (firewalls, VPN dialers, IADs, etc.) that allow enterprises
to build Layer 3 VPNs themselves. Microsoft Windows even supports simple VPN connections, which
is very useful for remote and mobile workers. These VPNs are based on IPSec or SSL encryption,
and are not as complex as network-based VPNs, but are cheap, simple and quick to deploy.

VPN Services: Layer 2 or Layer 3? | Research White Paper

Current Service Usage

Having considered the various benefits for Layer 2 Ethernet or Layer 3 services, it is interesting
to take a look at what services the large enterprises in this study are currently using, and where.
Figures 3 and 4 detail the type of services used to connect to the small corporate locations of these
large organizations, and the large or core corporate locations of these same organizations.
Based on the charts from Figure 3, we can see that private line and frame relay services still dominate connections to the smaller corporate locations. The services cloud for the wide-area is correspondingly dominated by ATM or point-to-point private line connections but secondly by IP-VPNs.
In Figure 4, we can see that Ethernet and private line are the two services that enterprises use to
connect their large corporate locations together or to the Internet. As all organizations participating
in this research would be considered large organizations with large data bandwidth requirements, it
is not surprising the high bandwidth private line and Ethernet services are used, as opposed to low
bandwidth frame relay or xDSL.
Figure 3. Access and WAN Services Used to Connect Small Corporate Locations
Small Locations, Access Circuits

xDSL
12%

Small Locations, WAN Connections

Frame Relay
22%

Etherrnet,
Point-to-Point
20%

Private Line
41%
ATM
5%

ATM/
Private Line
47%

IP VPN
35%

Etherrnet,
Point-to-Point
18%

Figure 4. Services Used to Connect Large Corporate Locations

Existing Large Location Services

Private Line
33%

Ethernet
67%

VPN Services: Layer 2 or Layer 3? | Research White Paper

Making the Decision: Why Enterprises Choose Layer 2 or Layer 3

For the most part, enterprises understand and prefer the benefits of Ethernet, and would like all their
service provider demarcation points to be Ethernet ports. Beyond the demarcation point, preferences
are based on a number of factors, including service supply, budgets and application requirements.
Enterprise decisions can be viewed for the three network service points (demarcation point, local
loop, and service cloud). Decisions for each service point though are almost always based on business criteria, and not technology.
Demarcation Point
Enterprises almost universally preferred to have an Ethernet demarcation point (i.e. the enterprise /
service provider hand-off). With an Ethernet hand-off, enterprises can use an existing Ethernet port
on their router. Troubleshooting of the demarcation point is also simplified and the enterprise can
choose to take advantage of the flexible and granular bandwidth if the local loop is rate limited.
Local Loop
Generally, enterprises preferred to have an Ethernet local loop or access circuit. This preference
was based on the same advantages listed for the demarcation point, with the ability to allow the
enterprise to have flexible and granular bandwidth being particularly important. If the local loop
is delivered via a fiber connection, this bandwidth also becomes very scalable. Most enterprises
indicated that bandwidth requirements are growing strongly and are expected to continue growing;
having flexible, granular and scalable bandwidth will obviously best support this growth.
Service availability

Despite the advantages of an Ethernet local loop, local loop decisions are mostly decided by what
services are available. Although most service providers globally offer Ethernet services, these services
are not always available in all markets, or in all buildings within a market. As a result, enterprises
that prefer to have an Ethernet local loop may not be able to get one.
Ethernet services are still not as ubiquitous as frame relay or private line services, as most service
providers who offer Ethernet services are still building out the networks to support these services
(i.e. adding the necessary equipment in their points of presence).
Additionally, almost all Ethernet services globally are offered via fiber access local loops, while most
buildings do not have fiber access. Buildings that have fiber access are mostly located in central business
districts of cities, and the oft quoted metric that 10 percent of buildings have fiber access seems to
be quite accurate.
In most cases, access circuits to an IP-VPN are much more readily available, using xDSL and private
line services. Acquiring a frame relay or private line circuit at multiple corporate locations globally,
all connecting to an IP-VPN cloud is typically an easier solution for enterprises needing multipoint
corporate connectivity.
Service Cloud
As mentioned earlier, VPLS is just starting to be offered by service providers, and while there are
markets globally where this service can be acquired, this market is still in its infancy. Many enterprises have heard of VPLS, but indicated that either their service providers were not offering this
service, or had not been actively marketing it. VPLS network deployments continue to increase,
and this market will grow rapidly, as enterprises become more aware of the benefits of VPLS.

VPN Services: Layer 2 or Layer 3? | Research White Paper

Below is a list of the various issues that enterprises deal with when managing and maintaining their
communications network. Each issue will typically indicate a preference for Layer 2 Ethernet or IP-VPN;
many enterprises though may be faced with multiple issues, making their selection of either Ethernet
or IP-VPN more difficult.
The need for control

Enterprises that want to control their networking and routing decisions will prefer a Layer 2 Ethernet
service end-to-end. This approach lets the enterprise manage these decisions between their various
corporate locations. With the enterprise IT department in control, it has a much clearer handle on
the cause and effect of its decisions. In the increasingly regulated corporate environment, the ability of IT departments to document processes and data integrity is becoming critical, and a Layer 2
service provides that control.
Outsourcing control

Some IT departments are comfortable having the service provider implement the enterprises
networking and routing decisions. These companies prefer to focus their IT resources on core business issues and believe that having their service provider implement their networking and routing
decisions allows them to do this. With IT budgets stretched to the limit, decisions are being made
on what IT functions are core to the companys business and which IT functions can be outsourced.
IP-VPNs allow these enterprises to outsource a variety of IT functions to their service provider.
Specialized IT departments

Some IT departments at very large multinational companies have extensive technical knowledge,
especially for a variety of routing protocols. These companies demonstrated a high comfort for interworking at Layer 3 with their service providers (BGP), to implement their networking and routing
decisions (EIGRP). These types of enterprises are much smaller in number, but represent a portion
of the market that prefers IP-VPNs.
Site scalability

VPLS is defined at the PE (provider edge), creating a Layer 2 cloud between all PEs. The enterprise
connects its corporate locations to this VPLS cloud, or instance. With this infrastructure, adding a
new corporate location simply involves connecting to the existing cloud, as opposed to every other
existing corporate location, as in the case of an IP-VPN. Enterprises that are changing their corporate
locations regularly appreciate the ease of adding these new locations to their corporate network.
Historical issues

Most companies using IP-VPNs had designed and built these networks in the past couple of years,
with plans for these networks preceding the buildout by a few months. Enterprises that investigated
Ethernet VPNs two-to-three years ago indicated that these services were either very limited in
availability or non-existent, making Ethernet VPNs not an option for consideration.
As these contracts come up for renewal, the availability and capabilities of Ethernet VPNs will have
greatly increased from two to three years ago. It is therefore likely that some of these enterprises will
choose to switch some of their sites to an Ethernet VPN at that point.

VPN Services: Layer 2 or Layer 3? | Research White Paper

Future Service Plans

Based on these Layer 2 and Layer 3
preferences and on the increasing
availability of MPLS-based VPN services, enterprise plans for their future
service requirements will change. Figures 5 and 6 show the mix of services
that enterprises plan or would like to
use for their communications requirements in the next two years.
Based on the results in Figure 5, we
can see that enterprise plans or desires
are to significantly change the services
used to connect to their small corporate locations. The use of frame relay
has disappeared entirely while private
line use has decreased. In comparison,
the use of MPLS has increased significantly, including the introduction
of Ethernet access circuits to MPLSbased VPNs. Ethernet and xDSL
services have decreased somewhat,
also due to the increase in MPLSbased VPNs.
In comparison, enterprise plans for
large corporate locations are heavily
weighted to Layer 2 services. As mentioned in relation to existing services
used, these corporate locations have
large bandwidth requirements. Many
of the organizations that participated
in this research are already using
100 Mb/s and higher point-to-point
services, or DS3 / E3 and higher private
line services and these bandwidth
requirements are growing. These large
enterprises plan to continue to use
these types of services to support the
growing bandwidth requirements.

Figure 5. Planned or Desired Services Used to Connect Small

Corporate Locations
Planned Access Circuits, Small Locations

IP VPN, Ethernet
Access
17%

Private Line
23%

xDSL
6%

Ethernet
15%

Wireless
4%

IP VPN
35%

Figure 6. Planned or Desired Services Used to Connect Large

Corporate Locations
Planned Services, Large Locations

VPLS
11%

Private Line
26%

Ethernet
63%

Views on Pricing Levels of Different VPNs

Enterprises view Ethernet services as lower priced service in comparison with frame relay and private
lines. This perception has been created due to the fact that early Ethernet-based services were simply
best-effort bridged services, based on spanning tree protocol for resiliency. As bandwidth requirements
increase, Ethernet services will likely cost more than an E1 / T1 lease line or fractional frame relay
service, but on a per-megabit basis, these will still be significantly cheaper than the legacy services.

VPN Services: Layer 2 or Layer 3? | Research White Paper

As enterprises demanded QoS features and CoS queues, premium pricing compared to best-effort
Ethernet services has occurred. Equally, CoS queues for IP-VPNs have also resulted in premium
pricing compared with best-effort IP-VPNs. On a per-megabit basis, though, Ethernet services are
still priced below IP-VPN pricing levels, with service providers positioning IP-VPNs as a premium,
managed service.

Ethernet services are growing in availability, allowing enterprises to use them at

more of their locations.

Differences Between Industry Verticals

Generally, the research outcomes listed above were consistent across industry verticals. Some differences did emerge, though, as described below.
Financial Services
These companies mostly want to control their networking and routing decisions, at a minimum for
their core locations if not company-wide. Most of the companies in this vertical are networking their
core locations using Ethernet services; these locations included head offices, data centers, disasterrecovery sites, and in some cases, regional headquarters. For most of these companies, Ethernet
services have been used for more than a year or two, and so most of these services are point-to-point
bridged Ethernet connections over dedicated fiber. These sites have large bandwidth requirements
(a minimum of 100 Mb/s, but more often, GigE) and high security requirements, making Ethernet
connections ideal.
For the companies in this vertical that have smaller locations, such as branches for retail banks,
typically these locations are connected to an MPLS-based IP-VPN. These locations generally have
lower bandwidth requirements and are also generally in locations with limited fiber local loop availability, making IP-VPNs with private line or xDSL connections most efficient.
Retail banks however are a perfect example of an enterprise using both Layer 2 Ethernet and IP-VPN
services. The core locations of these companies are mostly networked using point-to-point high
capacity bridged Ethernet services, likely the only type of Ethernet service available when these
connections were built over the past few years. These companies would be ideal candidates for a
hybrid MPLS-based single network solution, with VPLS for the core locations and IP-VPNs for the
branches, as noted above.
Public Sector
Many public sector organizations, including municipalities and school boards, have built Ethernet
networks. As these organizations usually have most of their locations in a single metro area, the
likelihood of fiber local loops supporting Ethernet services is higher. A number of these organizations have also deployed their own fiber network, leveraging their own rights-of-way. As a result,
many of these organizations have high capacity Ethernet services to most or all of their locations,
typically in a hub-and-spoke architecture.

VPN Services: Layer 2 or Layer 3? | Research White Paper

Given the short distances of many connections between these locations, and the fact that most
of the connections are dedicated to the organization (i.e. un-shared), an Ethernet network was the
optimal solution. The Ethernet networks were significantly cheaper than any other solution, and as
an extension of each LAN, are easily managed as a single LAN. As an example, Figure 7 depicts a
municipalitys private fiber-based network.
Many hospital networks have built
similar networks. As with municipalities and school boards, hospital
networks would mostly be located
within a single metro area where fiber
access would be available. The catalyst
for these organizations building private
networks is to support imaging data
and an associated PACS application.
This application allows imaging data
from X-rays and scans to be stored
and accessed from any location that is
connected to the PACS application.
These images are tens-of-megabytes in
size and larger, requiring large amounts
of bandwidth to support the networking of these files.

Figure 7. A Private Fiber-Based Network

Professional Services
This vertical includes law firms, accounting and consulting companies, and printing companies.
These companies have most of their locations in central business areas of cities, and therefore are
more likely to have access to fiber connections. These types of companies typically are experiencing
strong growth in bandwidth requirements, due to increases in business-related email traffic, and a
growing reliance on sophisticated, graphically rich applications.
Many professional services organizations have implemented Ethernet-based services. Most of these services are bridged Ethernet solutions or other legacy architectures, and as their networking requirements
increase in complexity, we expect that these companies will implement VPLS or hybrid solutions.
Other Verticals
Most other verticals have typically only implemented Ethernet connections between their head office,
data centre and disaster recovery locations. The bandwidth requirements between these locations
are high, with 100 Mb/s Ethernet connections usually being the minimum. These connections are
also mostly point-to-point and so have mostly being built as bridged Ethernet connections over
dedicated fiber.
As many of these connections were built over the past few years, these companies have been able
to test Ethernet services and experience some of the benefits described above. As a result, many
of these companies are starting to explore the use of Layer 2 Ethernet services for other corporate
locations, particularly as contracts come up for renewal.

10

VPN Services: Layer 2 or Layer 3? | Research White Paper

Summary
Enterprises preferring Layer 2 VPN services can be generalized as having these main characteristics:
Fewer than 20 corporate locations
Bandwidth requirements for most of these locations of more than 10 Mb/s
Have sophisticated IT departments that want to maintain control of their networking and
routing decisions
Applications written with non-IP protocols, such as SNA, IP.X, etc.
Enterprises preferring Layer 3 VPN services can be generalized as having these characteristics:
More than 20 corporate locations
Bandwidth requirements for most of these locations of less than 10 Mb/s
Have IT departments that want to outsource the maintenance of their networking and
routing decisions
Mostly IP-based applications
Nevertheless, most enterprises do not fit these criteria exactly. Rather, they have a mix of core locations
and remote locations, a mix of locations requiring high bandwidth and low bandwidth, and a mix
of IT preferences regarding the control of networking. As a result, enterprises across many verticals
have been using Ethernet services for some of their corporate locations and IP-VPNs for other locations.
Given this scenario, a hybrid approach that uses a single MPLS network to implement both types
of VPNs will address most enterprise networking requirements.
As Layer 2 Ethernet access services and VPLS become more available, enterprises will increase
their use of both. Many enterprises indicated a preference for these services, and will likely replace
private line and frame relay as Ethernet options become available. We therefore expect spending
on Ethernet access and VPLS to increase going forward.
We also expect spending on IP-VPNs to grow, as there are distinct benefits for enterprises with these
services as well. As described above, most enterprises can leverage both the benefits of Layer 2 Ethernet
and Layer 3 at different parts of their network, and therefore a hybrid networking solution fits these
needs best. The growth in spending for these services will come at the expense of private line and
frame relay.

Research Methodology
This research report is based on direct interviews with more than 40 enterprises, specifically telecom
manager type personnel. These enterprises are based in North America and Europe, and for the most
part, would be considered large enterprises. The choice of questions asked and information gathered
were based on prior knowledge of MAN and WAN data networking requirements for more than
50 enterprises based in North America and Europe. The structure of the interviews focused on the
existing networking solutions used and plans for future solutions, and why these decisions were made.
The enterprises interviewed for this report broadly speaking represent seven industry verticals: Consumer
Goods, Financial Services, Industrial, Health, Professional Services, Public Sector, and Technology.

VPN Services: Layer 2 or Layer 3? | Research White Paper

11

Author
Brian Van Steen, CFA
Director, Solutions Marketing
brian.van_steen@alcatel-lucent.com

Acronyms

12

BGP

border gateway protocol

CoS

class of service

CSU

channel service unit

DSU

data service unit

EIGRP

enhanced interior gateway routing protocol

IAD

integrated access device

MPLS

multiprotocol label switching

OA&M

operations, administration and maintenance

OSI

Open Systems Interconnection

PACS

picture archiving and communications system

PE

provider edge

PPP

point-to-point protocol

QoS

quality of service

SSL

secure socket layer

UNI

user-network interface

VPLS

virtual private LAN service

VPN

virtual private network

VPN Services: Layer 2 or Layer 3? | Research White Paper

www.alcatel-lucent.com

Alcatel, Lucent, Alcatel-Lucent and the Alcatel-Lucent logo are trademarks of Alcatel-Lucent. All other
trademarks are the property of their respective owners. The information presented is subject to change
without notice. Alcatel-Lucent assumes no responsibility for inaccuracies contained herein.
2007 Alcatel-Lucent. All rights reserved. WLN1103070848 (10)