MPLS L2 VPN VPWS Principle

Objectives

n Understand the basics of mpls layer 2 VPN

n Understand VPWS principle

2
Contents

n Basic conception of MPLS layer 2 VPN

n VPWS principle

3
BGP/MPLS VPN feature

n Establish tunnel on public network by LDP (Label distribution

protocol)
n Implement the following function by using MP-BGP
l detection and transmission of VPN route
l Distribute inner layer label to implement address multiplexing
n Implement route policy by using the extend attribute RT of BGP

© ZTE All rights reserved 4

Advantage of layer 3 MPLS VPN

n Customer
l Outsource WAN infrastructure
l Transfer the route complexity to provider
l Suitable for middle or small sized company which does not want to
gain core route capability in the company
n Provider
l Do not need to maintain the route information among all the core
network routers
l Value added service（chance to gain profit）

© ZTE All rights reserved 5

Disadvantages of layer 3 MPLS VPN

n Control based on policy adds burden to provider

n Extensibility and management may bring problems to large
network
n Some customers hope to control their routes hierarchy

© ZTE All rights reserved 6

Layer 2 MPLS VPN

n Suitable for the access of big company

n Features：
l Regard the access network as a huge switch
l Establish tunnel by using MPLS label
l Do layer 2 switch in the whole network

© ZTE All rights reserved 7

Advantage of layer 2 MPLS VPN

n Customer
l Easy to implement on the current layer 2 structure
l Can maintain control of the route
l Support any layer 3 routing protocols

n Provider
l No extensibility problem due to storing too many customer VPN routes
l Comparably simpler than layer 3 MPLS VPN that uses a lot of policy control

© ZTE All rights reserved 8

L2 MPLS VPN classification

n VPWS：Virtual Private Wire Service

l point to point connection

n VPLS：Virtual Private LAN Service

l point to multipoint connection

© ZTE All rights reserved 9

Contents

n Basic conception of MPLS layer 2 VPN

n VPWS principle

10
VPWS Origin

n VPWS can provide L2 service in IP network By using MPLS L2

VPN . This enables the new Carriers method to provide different
services, such as IP service and traditional service in one IP
network.

© ZTE All rights reserved 11

VPWS

Carrier’s backbone ATM

network
ATM

Ethernet
Etherne
t

n VPWS is a point to point solution of layer 2 MPLS VPN

n Supported layer 2 technology include：FR、ATM AAL5 CPCS、
ATM transparent cell mode、Ethernet、Ethernet VLAN、HDLC、
PPP、SONET/SDH link simulation service
n The two ports on the two PEs that implement layer 2 transparent
transfer must be the same type

© ZTE All rights reserved 12

VPWS working principle

Carrier’s backbone
VPN1
network
CE1
VPN1 CE3

CE4

VPN2 CE2
VPN2

n By using Pseudo Wires to provide point to point connection

which is the same as the access circuit between two CEs
n Establish LSP between two PEs by LDP
n Establish point to point connection between two users by PW

© ZTE All rights reserved 13

VPN identity in VPWS
Fei_1/1 1.1.1.1 vc-id：100
Carrier’s backbone
network Fei_1/2 1.1.1.1 vc-id：200
PE1:1.1.1.1 PE2:1.1.1.2
Fei_1/1 VPN1
VPN1 Fei_1/1
Fei_1/2
Fei_1/1 1.1.1.2 vc-id：100 Fei_1/2

Fei_1/2 1.1.1.2 vc-id：200

VPN2
VPN2

n PW identity is combined of remote node address and vc-id

n vc-id：virtual circuit identity
n vc-id must be unique on local node, the same VPN interface on
remote node must have the same vc-id

© ZTE All rights reserved 14

VPWS label

Carrier’s backbone
network

VPN1 VPN1
LSP

VPN2
VPN2
Assign label to virtual link by LDP

n PE router defines the LSP tunnel to the other PE end across MPLS
network (outer label)
n Two PE routers need to run extended LDP to exchange virtual
link information and assign virtual link label (inner label)

© ZTE All rights reserved 15

VPWS working process—assign inner label

Fei_1/1 Fei_3/2
PE2 vcid=100 PE1 vcid=100
Fei_1/2 Fei_3/1
Fei_1/1 Fei_3/2
Fei_2/1 Fei_2/2
PE1 LDP P LDP PE2

CE1 PE1: PE2: CE2

vcid=100 label:16 vcid=100 label:22

n Define related interface on PE as the layer 2 transparent transfer

port and assign corresponding vc-id
n Assign virtual link label by using extended LDP to establish
session

© ZTE All rights reserved 16

VPWS working process—assign outer label

PE1: Lable 3 PE2: Lable 3

Fei_1/2 Fei_3/1
Fei_1/1 Fei_3/2
Fei_2/1 Fei_2/2
P
PE1 PE2
PE2: Lable 28 PE1: Lable 72
CE1 CE2

n PE and P run routing protocol and assign label by LDP to

establish LSP

© ZTE All rights reserved 17

VPWS working process—inner &outer label
table

In-int vc-id Dest out-label out-int In-int vc-id Dest out-label out-int
Fei_1/1 100 PE2 22 fei_1/2 Fei_3/2 100 PE1 16 fei_3/1

Dest out-label out-int Dest out-label out-int

PE2 28 fei_1/2 PE1 72 fei_3/1

Fei_1/2 Fei_3/1
Fei_1/1 Fei_3/2
Fei_2/1 Fei_2/2
P
PE1 PE2
In-int In-label Dest out-label out-int
CE1 Fei_2/1 28 PE2 pop fei_2/2 CE2
Fei_2/2 72 PE1 pop fei_2/1

n PEs have both of L2 inner label table and outer label table ， P
has outer label only
© ZTE All rights reserved 18
VPWS working process—data forwarding

In-int vc-id Dest out-label out-int In-int vc-id Dest out-label out-int
Fei_1/1 100 PE2 22 fei_1/2 Fei_3/2 100 PE1 16 fei_3/1

Dest out-label out-int data Dest out-label out-int

22 data
PE2 28 fei_1/2 PE1 72 fei_3/1
28 22
Fei_1/2 Fei_3/1
Fei_1/1 Fei_3/2
Fei_2/1 Fei_2/2
P
a PE1 PE2 da
dat In-int In-label Dest out-label out-int
ta
Fei_2/1 28 PE2 pop fei_2/2
CE1 Fei_2/2 72 PE1 pop fei_2/1 CE2

n When PE receives frame from layer 2 port ,it will match vc-id
n PE encapsulates two labels, one is inner label which is for the virtual link,
the other is outer label which is for the LSP
n Sending VPN data to the other side PE via LSP tunnel

© ZTE All rights reserved 19

Review

n MPLS L2 VPN function

n VPWS function
n Vcid conception
n VPWS working process

© ZTE All rights reserved 20

Question

n In VPWS, which kind of protocol generates inner label？What

about the outer label？

© ZTE All rights reserved 21

Thank you