Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
VPLS
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 1
Agenda
VPLS Introduction
Pseudo Wire Refresher
VPLS Architecture
VPLS Configuration Example
VPLS Deployment
Summary
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 2
Do you want to date VPLS?
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 3
VPLS Introduction
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 4
Virtual Private LAN Service (VPLS)
VPLS defines an architecture allows MPLS networks offer
Layer 2 multipoint Ethernet Services
SP emulates an IEEE Ethernet bridge network (virtual)
Virtual Bridges linked with MPLS Pseudo Wires
Data Plane used is same as EoMPLS (point-to-point)
VPLS is an Architecture
PE PE
CE CE
CE
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 5
Virtual Private LAN Service
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 6
Why Provide A Layer 2 Service?
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 7
VPLS is defined in IETF
VPWS, VPLS, IPLS
Application
ISOC
General L2VPN
Formerly PPVPN
workgroup
IAB
L3VPN
Internet BGP/MPLS VPNs (RFC
4364 was 2547bis)
PWE3 IP VPNs using Virtual
IETF Routers (RFC 2764)
Ops and Mgmt CE based VPNs using
IPsec
Routing MPLS
Pseudo Wire Emulation
edge-to-edge
Forms the backbone
Security transport for VPLS
Transport
As of 2-Nov-2006
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 8
Classification of VPNs
VPN
Network CPE
Based Based
Ethernet (P2P)
ATM/Cell Relay
PPP/HDLC
Frame Relay
Ethernet (MP2MP)
Ethernet (P2MP)
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 9
L2VPN Models
L2VPN
MPLS IP
Like-to-Like
Like-to-Like
Any-to-Any
Any-to-Any Like-to-Like
Like-to-Like
VPWS VPLS/IPLS L2TPv3
Point-to-Point Multipoint Point-to-Point
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 10
IP LAN-Like Service (IPLS)
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 11
VPLS Components
CE router CE router
CE switch CE switch
MPLS
Core
N-PE
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 12
Virtual Switch Interface
Flooding / Forwarding
MAC table instances per customer (port/vlan) for each PE
VFI will participate in learning and forwarding process
Associate ports to MAC, flood unknowns to all other ports
Loop Prevention
Create full-mesh of Pseudo Wire VCs (EoMPLS)
Unidirectional LSP carries VCs between pair of N-PE Per
A VPLS use split horizon concepts to prevent loops
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 13
Pseudo Wire
Refresher
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 14
Pseudo Wires in VPLS
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 15
Pseudo Wire Reference Model (RFC 3916)
Emulated Service
Pseudo Wire
IP/MPLS
PW1
Attachment Circuit
PW2
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 16
Pseudo Wire Standards (Care for a Martini?)
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 17
MPLS PW Types (RFC 4446)
0x0001 Frame Relay DLCI ( Martini Mode ) 0x000E ATM AAL5 PDU VCC transport
0x0002 ATM AAL5 SDU VCC transport
0x000F Frame-Relay Port mode
0x0003 ATM transparent cell transport 0x0010 SONET/SDH Circ. Emu. over Packet
0x0004 Ethernet Tagged Mode (VLAN) 0x0011 Structure-agnostic E1 over Packet
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 18
VC Information Distribution (RFC 4447)
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 19
VC Distribution Mechanism using LDP
Directed LDP Session
Tunnel Label(s) gets to PE router
between PE1 and PE2
IP/MPLS
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 21
Ethernet PW Tunnel Encapsulation
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Layer-2 PDU
Tunnel Encapsulation
One or more MPLS labels associated with the tunnel
Defines the LSP from ingress to egress PE router
Can be derived from LDP+IGP, RSVP-TE, BGP IPv4+Label
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 22
Ethernet PW Demultiplexer
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Layer-2 PDU
VC Label
Inner label used by receiving PE to determine the following
Egress interface for L2PDU forwarding (Port based)
Egress VLAN used on the CE facing interface (VLAN
Based)
EXP can be set to the values received in the L2 frame
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 23
Ethernet PW Control Word
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Layer-2 PDU
Lo0:
IP/MPLS
PW1
P1 38
24LSP72 P2L2 PDU
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 25
VPLS Architecture
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 26
VPLS Standards
Architecture allows IEEE 802.1 bridge behaviour in SP plus:
Autodiscovery of other N-PE in same VPLS instance
Signaling of PWs to interconnect VPLS instances
Loop avoidance & MAC Address withdrawal
Two drafts have been approved by IETF L2VPN Working Group
draft-ietf-l2vpn-vpls-ldp
Uses LDP for signalling, agnostic on PE discovery method
Predominant support from carriers and vendors
Cisco supports this draft
draft-ietf-l2vpn-vpls-bgp
Uses BGP for signalling and autodiscovery
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 27
Cisco VPLS Building Blocks
Point-to-Point Multipoint
Layer 2 VPN Layer 3 VPN
Layer 2 VPN Layer 2 VPN
Tunnel
MPLS IP
Protocol
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 28
VPLS Auto-discovery & Signaling
Label Distribution
Signaling
Protocol
Draft-ietf-l2vpn-vpls-ldp
Does not mandate an auto-discovery protocol
Can be BGP, Radius, DNS, or Directory based
Uses Directed LDP for label exchange (VC) and PW signaling
PWs signal control information as well (for example, circuit state)
Cisco IOS supports Directed LDP for all VC signaling
Point-to-point Cisco IOS Any Transport over MPLS (AToM)
Multipoint Cisco IOS MPLS Virtual Private LAN Services
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 29
VPLS Flooding & Forwarding
Data SA DA?
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 30
MAC Address Learning and Forwarding
Send me frames Send me frames
Directed LDP
using Label 102 using Label 170
MAC1 MAC2
PE1 PE2
CE Use VC CE
Label 102
E0/0 Use VC E0/1
Label 170
MAC Address Adj MAC Address Adj
MAC 2 170 MAC 2 E0/1
PE2 102 MAC1 MAC2 Data
MAC 1 E0/0 MAC 1 102
Data MAC1 MAC2 170 PE2
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 31
MAC Address Withdrawal Message
Directed LDP
MAC wal
dra
With
X
l
rawa
MPLS
Withd C
MPLS
MA
Message speeds up convergence process
Otherwise PE relies on MAC Address Aging Timer
Upon failure PE removes locally learned MAC addresses
Send LDP Address Withdraw (RFC3036) to remote PEs in VPLS
(using the Directed LDP session)
New MAC List TLV is used to withdraw addresses
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 32
VPLS Topology PE View
CEs
PEs MPLS
MPLS
Full Mesh LDP
Ethernet PW to each peer
PE view
Each PE has a P2MP view of all other PEs it sees it self as a root
bridge with split horizon loop protection
Full mesh topology obviates STP in the SP network
Customer STP is transparent to the SP / Customer BPDUs are
forwarded transparently
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 33
VPLS Topology CE View
CEs
PEs MPLSMPLS
VPLS
MPLS VPLSCore
MPLS Core
Full Mesh LDP
Ethernet PW to each peer
PE view
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 34
VPLS Architectures
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 35
VPLS Functional Components
Customer SP PoPs Customer
MxUs MxUs
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 36
Directed attachment (Flat) Characteristics
No hierarchical scalability
VLAN and Port level support (no QinQ)
Potential signaling and packet replication overhead
Large amount of multicast replication over same physical
CPU overhead for replication
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 37
Direct Attachment VPLS (Flat Architecture)
CE N-PE MPLS Core N-PE CE
Ethernet Ethernet
(VLAN/Port Full Mesh PWs + LDP (VLAN Port)
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 38
Hierarchical VPLS (H-VPLS)
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 39
Why H-VPLS?
VPLS H-VPLS
PE
CE
CE CE PE-rs MTU-s
PE PE
CE
CE PE PE CE PE-rs PE-rs
CE
CE
PE PE
PE-rs PE-r
CE CE PE-rs PE-rs
CE
PE CE
Potential signaling overhead Minimizes signaling overhead
Full PW mesh from the Edge Full PW mesh among Core devices
Packet replication done at the Edge Packet replication done the Core
Node Discovery and Provisioning Partitions Node Discovery process
extends end to end
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 40
Ethernet Edge H-VPLS (EE-H-VPLS)
U-PE N-PE N-PE U-PE
CE MTU-s PE-rs MPLS Core PE-rs MTU-s CE
1 2
3
802.1q QinQ QinQ 802.1q
Access Tunnel Full Mesh PWs + LDP Tunnel Access
Vlan 802.1q
1 Data MAC1 MAC2
CE Customer
Vlan Vlan QinQ
2 Data MAC1 MAC2 SP Edge
CE SP
Vlan Pseudo Wire
3 Data MAC1 MAC2 VC PE
CE SP Core
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 41
Bridge Capability in EE-H-VPLS
U-PE N-PE
CE MTU-s PE-rs
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 42
Ethernet Edge Topologies
Si
MPLS MPLS
Acces Acces
s MPLS
MPLSCore
Core s
1 2
MPLS
802.1q MPLS 3 Pseudo 802.1q
Access Pseudo Wire Full Mesh PWs + LDP Wire Access
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 45
VFI and NO Split Horizon (ME-H-VPLS)
CE Split Horizon 1 1 1 1 1
disabled
Pseudo Wire #1 N-PE2
U-PE 1 2 1 2 1 3 3 3 3 3
CE Pseudo Wire #3 VFI
3 3 3 3 3 2 2 2 2 2
Pseudo Wire #2 N-PE3
Unicast
N-PE1
Virtual
Pseudo Wire Forwarding
MPLS Based Interface Pseudo Wires
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 46
VPLS Logical Topology Comparison
Direct Attach H-VPLS QinQ tunnel H-VPLS - MPLS PW
Pros Simple access via Simple access via Ethernet Fast L3 IGP convergence
Ethernet
Hierarchical support via MPLS TE FRR <50msec
QinQ at access
Hierarchical support via
Scalable customer VLANs MPLS PW at access
(4K x 4K)
4K customers supported per
Ethernet Access Domain
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 48
Configuration Examples
Direct Attachment
Using a Router as a CE (VLAN Based)
Using a Switch as a CE (Port Based)
H-VPLS
Ethernet QinQ
EoMPLS Pseudo Wire (VLAN Based)
EoMPLS Pseudo Wire (Port Based)
Sample Output
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 49
Direct Attachment Configuration (C7600)
1.1.1.1 2.2.2.2
PE1 PE2
CE1 MPLS
MPLSCore
Core CE2
pos4/1 pos4/3
gi3/0 gi4/4
VLAN100 pos3/0 pos3/1 VLAN100
PE3
gi4/2
3.3.3.3 CE2
VLAN100
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 50
Direct Attachment CE router
Configuration
interface GigabitEthernet 2/1.100 interface GigabitEthernet 1/3.100
encapsulation dot1q 100 encapsulation dot1q 100
ip address 192.168.20.1 ip address 192.168.20.2
CE1 CE2
Subnet
VLAN100 192.168.20.0/24 VLAN100
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 51
Direct Attachment VSI Configuration
l2 vfi VPLS-A manual l2 vfi VPLS-A manual
vpn id 56 vpn id 56
neighbor 2.2.2.2 encapsulation mpls neighbor 1.1.1.1 encapsulation mpls
neighbor 3.3.3.3 encapsulation mpls neighbor 3.3.3.3 encapsulation mpls
1.1.1.1 2.2.2.2
PE1 PE2
CE1 MPLS
MPLSCore
Core CE2
pos4/1 pos4/3
gi3/0 gi4/4
VLAN100 pos3/0 pos3/1 VLAN100
PE3
gi4/2
3.3.3.3 CE2
VLAN100
l2 vfi VPLS-A manual
vpn id 56
neighbor 2.2.2.2 encapsulation mpls
neighbor 1.1.1.1 encapsulation mpls
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 53
Configuration Examples
Direct Attachment
Using a Router as a CE (VLAN Based)
Using a Switch as a CE (Port Based)
H-VPLS
Ethernet QinQ
EoMPLS Pseudo Wire (VLAN Based)
EoMPLS Pseudo Wire (Port Based)
Sample Output
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 54
Direct Attachment CE switch (Port Based)
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 55
Configuration Examples
Direct Attachment
Using a Router as a CE (VLAN Based)
Using a Switch as a CE (Port Based)
H-VPLS
Ethernet QinQ
EoMPLS Pseudo Wire (VLAN Based)
EoMPLS Pseudo Wire (Port Based)
Sample Output
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 56
H-VPLS Configuration (C7600/3750ME)
CE2 U-PE3
Cisco 3750ME
CE1
U-PEs provide services to customer edge device
CE traffic then carried in QinQ or EoMPLS PW to N-PE
PW VSI mesh configuration is same as previous examples
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 57
Configuration Examples
Direct Attachment
Using a Router as a CE (VLAN Based)
Using a Switch as a CE (Port Based)
H-VPLS
Ethernet QinQ
EoMPLS Pseudo Wire (VLAN Based)
EoMPLS Pseudo Wire (Port Based)
Sample Output
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 58
H-VPLS QinQ Tunnel (Ethernet Edge)
U-PE carries all traffic from CE using QinQ
Outer tag is VLAN100, inner tags are customers
U-PE1 1.1.1.1 2.2.2.2
U-PE2
Cisco Cisco 4.4.4.4
3750ME MPLS
MPLSCore
Core
3750ME
pos4/1 pos4/3
gi3/0 gi4/4 gi1/1/1 fa1/0/1
Interface GigabitEthernet4/4
switchport pos3/0 pos3/1
N-PE1 N-PE2
switchport mode trunk
switchport trunk encapsulation dot1q CE1
switchport trunk allowed vlan
CE1 CE2 3.3.3.3100 N-PE3 CE2
! gi4/2 interface FastEthernet1/0/1
Interface vlan 100 switchport
no ip address CE2 U-PE3
switchport access vlan 100
xconnect vfi VPLS-A switchport
Cisco 3750ME mode dot1q-tunnel
!
CE1
switchport trunk allow vlan 1-1005
vlan 100 !
state active interface GigabitEthernet 1/1/1
switchport
switchport mode trunk
switchport allow vlan 1-1005
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 59
Configuration Examples
Direct Attachment
Using a Router as a CE (VLAN Based)
Using a Switch as a CE (Port Based)
H-VPLS
Ethernet QinQ
EoMPLS Pseudo Wire (VLAN Based)
EoMPLS Pseudo Wire (Port Based)
Sample Output
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 60
H-VPLS EoMPLS PW Edge (VLAN Based)
Direct Attachment
Using a Router as a CE (VLAN Based)
Using a Switch as a CE (Port Based)
H-VPLS
Ethernet QinQ
EoMPLS Pseudo Wire (VLAN Based)
EoMPLS Pseudo Wire (Port Based)
Sample Output
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 62
H-VPLS EoMPLS PW Edge (Port Based)
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 63
Configuration Examples
Direct Attachment
Using a Router as a CE (VLAN Based)
Using a Switch as a CE (Port Based)
H-VPLS
Ethernet QinQ
EoMPLS Pseudo Wire (VLAN Based)
EoMPLS Pseudo Wire (Port Based)
Sample Output
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 64
show mpls l2 vc
CE2 U-PE3
NPE-A#show mpls Cisco
l2 vc3750ME
CE1
Local intf Local circuit Dest address VC ID Status
------------- ------------- ------------- ------ ------
VFI VPLS-A VFI 1.1.1.1 10 UP
VFI VPLS-A VFI 3.3.3.3 10 UP
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 65
show mpls l2 vc detail
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 66
Deployment Issues
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 67
Deployment Issues
MTU Size
Broadcast Handling
Router or a Switch CPE?
Ramblings of an Engineer
A Sample Problem
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 68
Pseudo Wire Data Plane Overhead
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 69
Calculating Core MTU Requirements
MPLS MPLS
Edge Transport AToM Total
Stack Header
1526
EoMPLS Port Mode 1500 14 4 [0] 2 4
[1522]
1530
EoMPLS VLAN Mode 1500 18 4 [0] 2 4
[1526]
1530
EoMPLS Port w/ TE FRR 1500 14 4 [0] 3 4
[1526]
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 70
Beware the MTU It Can Get Real Big
Carrier Pseudowire Encapsulation Enterprise MPLS Frame
7 1 6 6 2 4 4 4 4 6 6 2 2 2 > 1500 4
Pre SFD DA SA Type TE Tu Vc Cntrl DA SA TPID TCI Type Data FCS
Preamble
MAC
Carrier Dest
VLAN ID Info
Cust Source MAC
EoMPLS VC Label
Control Word
Cust Type
MAC
MTU Sizing
Packet size can get very large in backhaul due to
multiple tags and labels
Data portion may
Ensure core and access Ethernet interfaces are be > 1500 if
configured with appropriate MTU size carrying MPLS
labels
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 71
Broadcast/Multicast/Unknown Unicast Handling
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 72
Switch or Router as CE device
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 73
VPLS Caveats (Ramblings of an Engineer)
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 74
VPLS Caveats (Ramblings of an Engineer)
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 75
A Common VPLS Problem
An example
The OSPF designated router problem
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 76
OSPF Designated Router Problem
VPLS View
Router A is the DR, Router B is the BDR
Router C sees both A and B via Pseudo Wires
OSPF DR
(A) Pseudo Wires
OSPF
Backup DR
(B) OSPF Neighbour
(C)
Router View
Router A, B and C behave like they are on a LAN
OSPF DR
(A)
OSPF
Backup DR
(B) OSPF Neighbour
(C)
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 78
Summary
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 79
Summary
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 80
Q&A
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 81
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 82