VPLS (Virtual Private LAN Service) July 2003 Jangwoo Son Netmanias ( ㈜넷레퍼런스 ) (Tel: 556-9273, Fax: 556-9274) http://www.ne...
Contents <ul><li>Metro Ethernet Service 의 출현 </li></ul><ul><li>Metro Ethernet Service  현황 </li></ul><ul><li>Classifying Me...
개요  <ul><li>Network Segmentation: LAN/CPN, Access, Metro Core, WAN </li></ul><ul><li>User Segmentation: Enterprise, Reside...
Network Segmentation Core Router Long-haul DWDM Edge Router Optical Ethernet (EoDF)  NG-SONET(EOS) RPR(EORPR) Metro DWDM(E...
Before Metro Ethernet: Legacy Networks Metro 2.5Gbps (POS) GSR GES 동선 FLC STM-4 (2.5G) Edge Router (7500) ADM DSC (D/MUX) ...
Enterprise MAN: Before Metro Ethernet Metro 2.5Gbps (POS) GSR GES 동선 FLC STM-4 (2.5G) Edge Router (7500) ADM DSC (D/MUX) F...
Enterprise MAN service Metro 2.5Gbps (POS) GSR GES 동선 FLC STM-4 (2.5G) Edge Router (7500) ADM DSC (D/MUX) FLC DSC (D/MUX) ...
Enterprise MAN service: Low-Speed Metro 2.5Gbps (POS) GSR GES 동선 FLC STM-4 (2.5G) Edge Router (7500) ADM DSC (D/MUX) FLC D...
Enterprise MAN service: High-Cost Metro 2.5Gbps (POS) GSR GES 동선 FLC STM-4 (2.5G) Edge Router (7500) ADM DSC (D/MUX) FLC D...
New ESP (Ethernet Service Provider) 출현 MTU Metro 2.5Gbps (POS) GSR GES 동선 FLC STM-4 (2.5G) Edge Router (7500) ADM DSC (D/M...
Ethernet Evolution Optical Ethernet EoMPLS VPLS EoRPR NG-SONET(EoS) Metro DWDM Optical Ethernet EoMPLS VPLS RPR NG-SONET(E...
Trend,… Ethernet over … Metro Legacy Metro 가입자  T1, E1  가입자  Ethernet Dark fiber NG-SONET RPR MPLS/VPLS DWDM Internet acce...
국내의 경우 <ul><li>원래  Metro Ethernet 은  Enterprise 의  BW bottleneck 을 해소해주기 위한 기술로서 미국에서 시장에 처음 출현  (Telseon, Yipes, Cogent) ...
Residential: Before Metro Ethernet Metro 2.5Gbps (POS) GSR GES 동선 FLC STM-4 (2.5G) Edge Router (7500) ADM DSC (D/MUX) FLC ...
Residential: After Metro Ethernet Internet POP Dark fiber (from NTT) GSR Ethernet Sub_ring Main_ring Last-mile CO … ADSL E...
Residential: After Metro Ethernet GbE  IP DSLAM Ethernet Switch  Modem  IP STB [Samsung]  TV IP multicast (All channels)  ...
Delivering Video Services Over Ethernet  DSL DSL DSL DSL IP or L2TP Tunnel or ATM PVC IP/MPLS Backbone 7670 RSP  or BAS/IP...
Residential: After Metro Ethernet 2.5Gbps (POS) GSR GES RS38K Subscriber Aggregation 1GbE 100FX L2 10/100 … 동 동 L3 VDSL (2...
Enterprise MAN : After Metro Ethernet 2.5Gbps (POS) GSR GES 동선 FLC STM-4 (2.5G) Edge Router (7500) ADM DSC (D/MUX) FLC DSC...
Enterprise MAN : After Metro Ethernet CPE (L2 SW) CPE (L3 SW) Internet Cafe Enterprise M/C 100FX 210.10.1.0/24 210.10.2.0/...
국내의 경우 현재는 여기까지 도입됨.
Current MAN/WAN
Classifying Metro Ethernet Services Services Technology PTP Multipoint EVC E-Line E-LAN EPL ERS LAN Extension VPWS PW VPLS...
Classifying Metro Ethernet Services Metro Ethernet Service Connectivity within MEN PtP EVC ( VPWS , PW, ELS, VLL) MPtMP EV...
Multipoint Services <ul><li>VLAN-based  </li></ul><ul><li>EoMPLS </li></ul><ul><li>VPLS </li></ul>
Multipoint Service based on VLAN 1 CE1 CE CE2 CE CE3 VLAN 10 VLAN 20 Customer 1 Site 1 Customer 1 Site 2 Customer 1 Site 3...
Multipoint Service based on VLAN 1 CE1 CE CE2 CE CE3 VLAN 10 VLAN 20 Customer 1 Site 1 Customer 1 Site 2 Customer 1 Site 3...
Operation Lookup Table MAC  VLAN ID  VLAN type  Port A  10  port-based  1 -  10  tagged  3 -  20  port-based  2 -  20  tag...
Operation Lookup Table MAC  VLAN ID  VLAN type  Port A  10  port-based  1 B  10  tagged  3 -  20  port-based  2 -  20  tag...
Operation Lookup Table MAC  VLAN ID  VLAN type  Port A  10  port-based  1 B,C  10  tagged  3 -  20  port-based  2 -  20  t...
VLAN-based Multipoint service: VPLS/TLS Lookup Table MAC  VLAN ID  VLAN type  Port A  10  port-based  1 B,C  10  tagged  3...
Problem of VLAN-based VPLS <ul><li>VLAN space limitation: 4096 VLANs (VLAN ID=12bits) </li></ul><ul><li>MAC address limita...
EoMPLS (martini-draft) <ul><li>VLAN 의 확장성 한계 , MAC learning  한계 , QoS, BW  예약 ,  망복구 능력 등의 문제에 대한 대안으로써  Metro Ethernet 에 ...
EoMPLS Operation PE P P PE PE P Eth Eth Eth Port  VLAN ID  outgoing port  Tunnel Label  VC Label  1  -  3  25  10 2  100  ...
EoMPLS 의 장점 C D E CE1 CE CE2 CE CE3 Customer 1 Site 1 Customer 1 Site 2 Customer 1 Site 3 Customer 2 Site 1 Customer 2 Sit...
EoMPLS: Martini Signaling Eth-Frame PE1 PE2 Eth/10 VLAN/100 Eth/20 VLAN/200 Configuration Interface: Eth/20 VLAN/200 VC ID...
ERS service using EoMPLS CE PE P P PE PE Tagged VLAN 100 Tagged VLAN 101 Subnet 1 (192.182.10/24) HQ site Router One subne...
 
VPLS <ul><li>What is VPLS ? </li></ul><ul><ul><li>VPLS (Virtual Private LAN Service) is a class of VPN that allows the con...
CE2 CE1 PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 CE3 Eth30 Site 3 PE4 PE5 P M2 M1 M3 M4 VPLS Operation  P
CE2 CE1 PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 CE3 Eth30 Site 3 VCID 1000 vc label 102 VCID 1000 vc label 103 Martini-signa...
PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth/30 Site 3 VCID 1000 vc label ...
VPLS: Control Plane (3) CE2 CE1 PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 CE3 Eth30 Site 3 CE2 CE1 PE2 PE1 Eth20 Eth10 Site 1 ...
PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc lab...
PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc lab...
PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc lab...
PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc lab...
PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc lab...
PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc lab...
PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc lab...
PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc lab...
PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc lab...
PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc lab...
PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc lab...
PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc lab...
PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc lab...
PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc lab...
PE2 PE1 Eth20 Eth11 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc lab...
PE2 PE1 Eth20 Eth11 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc lab...
VPLS <ul><li>VPN 에 속한  Sites 와 연결되어 있는  PE Router 들간에  VCs full-mesh 를 생성한다 . </li></ul><ul><li>각  PE Router 에  VPN  정보를 등...
VPLS security <ul><li>PE 는  Unicast frame 은  MAC address 가 학습된 해당  Port 로만 포워딩한다 .  </li></ul><ul><li>Broadcast frame 은 동일...
PE2 PE1 Eth20 Eth11 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc lab...
Summary  <ul><li>Metro Ethernet Service 의 출현 </li></ul><ul><li>Metro Ethernet Service  현황 </li></ul><ul><li>Classifying Me...
Upcoming SlideShare
Loading in...5
×

Vpls

2,531

Published on

1 Comment
1 Like
Statistics
Notes
  • Can you post english version of this document?
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total Views
2,531
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
159
Comments
1
Likes
1
Embeds 0
No embeds

No notes for slide
  • Vpls

    1. 1. VPLS (Virtual Private LAN Service) July 2003 Jangwoo Son Netmanias ( ㈜넷레퍼런스 ) (Tel: 556-9273, Fax: 556-9274) http://www.netmanias.com, son@netmanias.com Presentation for NCA
    2. 2. Contents <ul><li>Metro Ethernet Service 의 출현 </li></ul><ul><li>Metro Ethernet Service 현황 </li></ul><ul><li>Classifying Metro Ethernet Services </li></ul><ul><li>Multipoint Services </li></ul><ul><ul><li>VLAN-based </li></ul></ul><ul><ul><li>EoMPLS (PTP) </li></ul></ul><ul><ul><li>VPLS </li></ul></ul>
    3. 3. 개요 <ul><li>Network Segmentation: LAN/CPN, Access, Metro Core, WAN </li></ul><ul><li>User Segmentation: Enterprise, Residential User </li></ul><ul><li>Trend 1: Metro Optical Ethernet </li></ul><ul><ul><li>Internet Access service </li></ul></ul><ul><ul><li>TLS (Transparent LAN Service) </li></ul></ul><ul><ul><li>2000 년초 태동 ->2001 년 (911 테러 , 국내 검토시작 ) -> 2002 년 ( 서비스도입 ) ->2003 년 ( 기업용 서비스 , vdsl) </li></ul></ul><ul><ul><li>Cannibalization </li></ul></ul><ul><ul><li>게임방 , 사이버 아파트 </li></ul></ul><ul><ul><li>차별화 상품 ( 드림라인 , HiG,…), 경쟁관계 (KT<-> 하나로 ) </li></ul></ul><ul><li>Trend 2: IP 와 방송의 융합 </li></ul><ul><ul><li>북미의 History: 위성방송 <->MSO<->Telco: 무한 경쟁화 </li></ul></ul><ul><ul><li>국내의 경우 : 거의 유사한 경로를 따라가고 있음 </li></ul></ul><ul><ul><li>Cable operator: CATV + Internet (+VoIP) -> 서비스 번들화 </li></ul></ul><ul><ul><li>Telco: IP 기반 방송 ( 다채널 B-TV, VoD) 서비스 진입중 , 문제점 (KT, 하나로 ) </li></ul></ul><ul><ul><li>2001 년 ( 검토시작 )->2002 년 , 2003 년 ( 시험 서비스 , 필드테스트중 )->2004 ? </li></ul></ul>
    4. 4. Network Segmentation Core Router Long-haul DWDM Edge Router Optical Ethernet (EoDF) NG-SONET(EOS) RPR(EORPR) Metro DWDM(EODL) SONET ATM SER Edge Core Optical Ethernet (EoDF) RPR(EORPR) NG-SONET(EOS) xDSL Cable Modem E-PON SER (MPLS, IPsec) Enterprise (Large, SME) (Single, MTU) 1. STU 2. MTU Residential 1. Home 2. MDU TDM/SONET ATM xDSL Cable Modem Optical Ethernet ATM E-PON Network Segmentation MTU: Multi-Tenant Unit MDU: Multi-Dwelling Unit (Apart) MPLS: Multi-Protocol Label Switching NG-SONET: Next-Generation SONET EoS: Ethernet over SONET/SDH PON: Passive Optical Network TDM: Time-Division Multiplexing DSL: Digital Subscriber Line EoDF: Ethernet over Dark Fiber RPR: Resilient Packet Ring ATM: Asynchronous Transfer Mode DWDM: Dense Wavelength Division Multiplexing Access Metro Distribution Core BB CP
    5. 5. Before Metro Ethernet: Legacy Networks Metro 2.5Gbps (POS) GSR GES 동선 FLC STM-4 (2.5G) Edge Router (7500) ADM DSC (D/MUX) FLC DSC (D/MUX) ADM CSU OC3 OC3/ OC12 Internet MTU STU ADSL (1.5M~8Mbps) DSLAM B-RAS DS3/ OC3 DS3/ OC3 Home CO( 수용국 ) POP( 주노드국 ) 수용국 수용국 ADM ADM LAN C LAN A LAN B SONET/SDH Access 동 ADSL (8Mbps) 8M ATM/STM OC3/12 DSLAM ATM SW FLC (RT) FLC (COT) ADM ADM OC48 B-RAS Core Router CO POP ATM SW Internet T1 T1 MDU CSU LAN D T1 T1 MDF SONET/SDH
    6. 6. Enterprise MAN: Before Metro Ethernet Metro 2.5Gbps (POS) GSR GES 동선 FLC STM-4 (2.5G) Edge Router (7500) ADM DSC (D/MUX) FLC DSC (D/MUX) ADM CSU OC3 OC3/ OC12 Internet MTU STU ADSL (1.5M~8Mbps) DSLAM B-RAS DS3/ OC3 DS3/ OC3 Home CO( 수용국 ) POP( 주노드국 ) 수용국 수용국 ADM ADM LAN C LAN A LAN B SONET/SDH Access 동 ADSL (8Mbps) 8M ATM/STM OC3/12 DSLAM ATM SW FLC (RT) FLC (COT) ADM ADM OC48 B-RAS Core Router CO POP ATM SW Internet T1 T1 MDU CSU LAN D T1 T1 MDF SONET/SDH
    7. 7. Enterprise MAN service Metro 2.5Gbps (POS) GSR GES 동선 FLC STM-4 (2.5G) Edge Router (7500) ADM DSC (D/MUX) FLC DSC (D/MUX) ADM CSU OC3 OC3/ OC12 Internet MTU STU ADSL (1.5M~8Mbps) DSLAM B-RAS DS3/ OC3 DS3/ OC3 CO( 수용국 ) POP( 주노드국 ) 수용국 수용국 ADM ADM LAN C LAN A LAN B SONET/SDH Access 동 ADSL (8Mbps) 8M ATM/STM OC3/12 DSLAM ATM SW FLC (RT) FLC (COT) ADM ADM OC48 B-RAS Core Router CO POP ATM SW Internet T1 T1 MDU CSU LAN D 256Kbps 256Kbps MDF SONET/SDH T1 (1.544Mbps) Internet Access Private Line Home
    8. 8. Enterprise MAN service: Low-Speed Metro 2.5Gbps (POS) GSR GES 동선 FLC STM-4 (2.5G) Edge Router (7500) ADM DSC (D/MUX) FLC DSC (D/MUX) ADM CSU OC3 OC3/ OC12 Internet MTU STU ADSL (1.5M~8Mbps) DSLAM B-RAS DS3/ OC3 DS3/ OC3 CO( 수용국 ) POP( 주노드국 ) 수용국 수용국 ADM ADM LAN C LAN A LAN B SONET/SDH Access 동 ADSL (8Mbps) 8M ATM/STM OC3/12 DSLAM ATM SW FLC (RT) FLC (COT) ADM ADM OC48 B-RAS Core Router CO POP ATM SW Internet T1 T1 MDU CSU LAN D 256Kbps 256Kbps MDF SONET/SDH T1 (1.544Mbps) Gbps Gbps Gbps Bottleneck Home
    9. 9. Enterprise MAN service: High-Cost Metro 2.5Gbps (POS) GSR GES 동선 FLC STM-4 (2.5G) Edge Router (7500) ADM DSC (D/MUX) FLC DSC (D/MUX) ADM CSU OC3 OC3/ OC12 Internet MTU STU ADSL (1.5M~8Mbps) DSLAM B-RAS DS3/ OC3 DS3/ OC3 CO( 수용국 ) POP( 주노드국 ) 수용국 수용국 ADM ADM LAN C LAN A LAN B SONET/SDH Access T1 T1 CSU LAN D T1 1.544 Mbps T1 (1.544Mbps) 64Kbps 28 STS-1 (45M) STS-N … OC-N … 24 1 1 1.544Mbps … STS-1 64Kbps 28 STS-1 STS-N … … 24 1 1 1.544Mbps … STS-1 TDM multiplexing/Circuit switching No Statistical multiplexing T1 1.544 Mbps High-Cost T1 1.544 Mbps T1 1.544 Mbps Home
    10. 10. New ESP (Ethernet Service Provider) 출현 MTU Metro 2.5Gbps (POS) GSR GES 동선 FLC STM-4 (2.5G) Edge Router (7500) ADM DSC (D/MUX) FLC DSC (D/MUX) ADM CSU OC3 OC3/ OC12 Internet MTU STU CO( 수용국 ) POP( 주노드국 ) 수용국 수용국 ADM ADM LAN C LAN A LAN B SONET/SDH T1 T1 CSU LAN D T1 T1 CO CO CO POP Internet GSR MTU MTU MTU GbE GbE Access MTU CO Telseon Yipes Cogent MTU MTU MTU GbE MTU
    11. 11. Ethernet Evolution Optical Ethernet EoMPLS VPLS EoRPR NG-SONET(EoS) Metro DWDM Optical Ethernet EoMPLS VPLS RPR NG-SONET(EoS) Metro DWDM IP ADSL IP VDSL Optical Ethernet EoRPR NG-SONET(EoS) Access Metro Distribution Metro Core Global Internet ATM SONET/SDH ATM SONET/SDH ATM ADSL T1/E1 FR ATM Global Internet Home MDU STU MTU Residential Enterprise
    12. 12. Trend,… Ethernet over … Metro Legacy Metro 가입자 T1, E1 가입자 Ethernet Dark fiber NG-SONET RPR MPLS/VPLS DWDM Internet access service Ethernet Private Line Service Transparent LAN Service
    13. 13. 국내의 경우 <ul><li>원래 Metro Ethernet 은 Enterprise 의 BW bottleneck 을 해소해주기 위한 기술로서 미국에서 시장에 처음 출현 (Telseon, Yipes, Cogent) </li></ul><ul><li>국내에서는 Residential Broadband Solution 과 게임방으로 Metro Ethernet 이 먼저 도입됨 . </li></ul><ul><li>2003 년부터 기업용 Metro Ethernet 서비스가 도입되기 시작하고 있음 . </li></ul>
    14. 14. Residential: Before Metro Ethernet Metro 2.5Gbps (POS) GSR GES 동선 FLC STM-4 (2.5G) Edge Router (7500) ADM DSC (D/MUX) FLC DSC (D/MUX) ADM CSU OC3 OC3/ OC12 Internet MTU STU ADSL (1.5M~8Mbps) DSLAM B-RAS DS3/ OC3 DS3/ OC3 Residential Home CO( 수용국 ) POP( 주노드국 ) CO 수용국 ADM ADM LAN C LAN A LAN B SONET/SDH Access 동 ADSL (8Mbps) 8M ATM/STM OC3/12 DSLAM ATM SW FLC (RT) FLC (COT) ADM ADM OC48 B-RAS Core Router CO POP ATM SW Internet T1 T1 MDU CSU LAN D T1 T1 MDF SONET/SDH DSLAM ADSL (1.5M~8Mbps) Ethernet ATM Ethernet
    15. 15. Residential: After Metro Ethernet Internet POP Dark fiber (from NTT) GSR Ethernet Sub_ring Main_ring Last-mile CO … ADSL Existing telephone line IP DSLAM Ethernet L3 switch CO … ADSL Existing telephone line IP DSLAM Ethernet L3 switch 100M 1G 1G 1G 1G 1G Yahoo!BB 十条 志村 落合 別館 北町 成増 南板橋 別館 練馬 赤羽 営業別館 巣鴨 板橋 王子 東京 大塚 池袋 東京 上野 九段 西新井 東京 荒川 駒込 第二 石神井 西練馬 東京 大泉 関町 杉並 高円寺 東京 野方 松沢 ビル 2 四谷 淀橋 新宿 西新宿 中野 牛込 東京 大久保 井草 荻窪 上北沢 東京 烏山 久我山 田端 尾久 白鬚 吉原 浅草 小石川 千住 蔵前 東京 浜町 墨田 本所 茅場兜 江東 竹の塚 梅島 東京 綾瀬 金町 亀有 向島 小岩 葛西 東京 城東 江戸川 東江 戸川 東京 深川 神田 駿河台 丸の内 大手町 FS 霞ケ関 東京 赤坂 代々木 東京 青山 芝 東京 三田 品川 目黒 本館 東渋谷 渋谷 世田谷 自由が丘 唐ヶ崎 東京 玉川 東京 瀬田 砧 狛江 成城 弦巻 田園 調布 矢口 雪ケ谷 池上 馬込 大森 蒲田 羽田 白金 大田支店 埠頭 大崎 別棟 荏原 葛飾 大崎
    16. 16. Residential: After Metro Ethernet GbE IP DSLAM Ethernet Switch Modem IP STB [Samsung] TV IP multicast (All channels) (IGMP) [Utstarcom] CH1 CH2 Ch3 CH1 CH1 CH2 Metro Core L3 Switch [Cisco] BBcableTV (HE) IP 방송 (19 channels) (2Mbps MPEG2) VoD (2Mbps MPEG2) MPEG2 Encoders [Harmonic] VoD Servers [sgi] Hub PC 암호화 암호화 Yahoo!BB Modem IP STB TV Hub PC Modem IP STB TV Hub PC
    17. 17. Delivering Video Services Over Ethernet DSL DSL DSL DSL IP or L2TP Tunnel or ATM PVC IP/MPLS Backbone 7670 RSP or BAS/IP Services 7300 / 7301 FENT & GELIM 7300 / 7301 FENT & GELIM Local content 7300 / 7301 FENT & GELIM 7300 / 7301 FENT & GELIM Ethernet Network Layer 2 ATM Network ISP OmniSwitch OmniSwitch OmniSwitch > Use an Ethernet Network to deliver video services > Reuses deployed equipment > Takes advantage of FE and GigE uplinks on DSLAM > OmniSwitch provides traffic classification, QoS and policy enforcement
    18. 18. Residential: After Metro Ethernet 2.5Gbps (POS) GSR GES RS38K Subscriber Aggregation 1GbE 100FX L2 10/100 … 동 동 L3 VDSL (20Mbps) 20M 100TX L3 1GbE 1GbE L3 SW 1GbE VoD server DSLAM B-RAS ADSL (1.5M~8Mbps) STM-4 (2.5G) Edge Router (7500) ADM DSC (D/MUX) ADM DS3/ OC3 DS3/ OC3 OC3/12 Kornet Core Home CO POP <ul><li>Legacy Service </li></ul><ul><li>Home: ADSL </li></ul>Ethernet VDSL 100FX L2 10/100 … 동 L3 L3 SW 동 VDSL (20Mbps) 20M 100TX L3 VDSL CO 1GbE Ethernet MDU 1GbE ADSL (1.5M~8Mbps) DSLAM ADM VDSL (20Mbps) ADSL (8Mbps) 2002 (85% adsl, Ethernet/vdsl 5%) 2003 (64% adsl, Ethernet/vdsl 33%) Curb IP DSLAM IP DSLAM IP DSLAM IP DSLAM
    19. 19. Enterprise MAN : After Metro Ethernet 2.5Gbps (POS) GSR GES 동선 FLC STM-4 (2.5G) Edge Router (7500) ADM DSC (D/MUX) FLC DSC (D/MUX) ADM CSU OC3 OC3/ OC12 Internet MTU STU POP( 주노드국 ) 수용국 수용국 ADM ADM LAN C LAN A LAN B SONET/SDH T1 T1 CSU LAN D T1 T1 CPE 100FX 1GbE 1GbE L3 L2 L2 Internet cafe RS38K 1GbE 100FX L3 L2 L2 CO CO MTU L3 L2 L2 CPE CPE ( 이중화 )
    20. 20. Enterprise MAN : After Metro Ethernet CPE (L2 SW) CPE (L3 SW) Internet Cafe Enterprise M/C 100FX 210.10.1.0/24 210.10.2.0/24 IP Convergence (Not STP/RSTP) IP Convergence (Not STP/RSTP) IP Convergence (Not STP/RSTP) L3 RS1000 RS3000 RS38K RS38K RS38K RS38K Dacom HiG Onse PBR (PBR) M/C 100FX Dacom 가입자 HiG 가입자 PBR (Policy-Based Routing) Policy = Source IP
    21. 21. 국내의 경우 현재는 여기까지 도입됨.
    22. 22. Current MAN/WAN
    23. 23. Classifying Metro Ethernet Services Services Technology PTP Multipoint EVC E-Line E-LAN EPL ERS LAN Extension VPWS PW VPLS TLS EWS ERS EMS ERMS Internet Retail Wholesale Transport Optical Ethernet EoMPLS VPLS RPR EoS DWDM Fiber UTP Copper line SONET EFM E-PON
    24. 24. Classifying Metro Ethernet Services Metro Ethernet Service Connectivity within MEN PtP EVC ( VPWS , PW, ELS, VLL) MPtMP EVC ( VPLS , E-LAN Service, TLS) EPL 서비스 (EWS) ERS 서비스 (ERS) LAN Extension 서비스 (EMS) ERMS 서비스 (ERMS) EVC1 EVC2 EVC3 CE CE CE CE CE UNI UNI UNI UNI UNI UNI EVC1 CE CE CE CE UNI UNI UNI CE UNI EVC1 EVC3 CE CE CE Multiplexed UNI UNI UNI ISP POP Router UNI EVC2 VLAN 1 VLAN 2 VLAN 3 EVC1 CE CE CE CE UNI UNI UNI CE Service Multiplexed UNI ISP POP Router EVC2 L2/3 L2/3 L3 L2/3 L3 A EVC A EVC Service Interface Physical port/ Logical port (VLAN) Private Line Service 에 해당 FR 서비스에 해당
    25. 25. Multipoint Services <ul><li>VLAN-based </li></ul><ul><li>EoMPLS </li></ul><ul><li>VPLS </li></ul>
    26. 26. Multipoint Service based on VLAN 1 CE1 CE CE2 CE CE3 VLAN 10 VLAN 20 Customer 1 Site 1 Customer 1 Site 2 Customer 1 Site 3 Customer 2 Site 1 Customer 2 Site 2 VLAN 10 VLAN 20 Ethernet VPN #10 Traffic VPN #10 Virtual Bridge VPN #20 Traffic VPN #20 Virtual Bridge Physical Connection Metro Core Metro Access
    27. 27. Multipoint Service based on VLAN 1 CE1 CE CE2 CE CE3 VLAN 10 VLAN 20 Customer 1 Site 1 Customer 1 Site 2 Customer 1 Site 3 Customer 2 Site 1 Customer 2 Site 2 VLAN 10 VLAN 20 Ethernet Metro Core Metro Access 1 2 3 2 3 6 4 5 1 2 1 Lookup Table MAC VLAN ID VLAN type Port - 10 port-based 1 - 10 tagged 3 - 20 port-based 2 - 20 tagged 3 Lookup Table MAC VLAN ID VLAN type Port - 10 port-based 4 - 10 tagged 6 - 20 port-based 5 - 20 tagged 6 Lookup Table MAC VLAN ID VLAN type Port - 10 tagged 1 - 10 tagged 2 - 10 tagged 3 - 20 tagged 1 - 20 tagged 3 Lookup Table MAC VLAN ID VLAN type Port - 10 port-based 2 - 10 tagged 1
    28. 28. Operation Lookup Table MAC VLAN ID VLAN type Port A 10 port-based 1 - 10 tagged 3 - 20 port-based 2 - 20 tagged 3 Lookup Table MAC VLAN ID VLAN type Port - 10 port-based 4 A 10 tagged 6 - 20 port-based 5 - 20 tagged 6 Lookup Table MAC VLAN ID VLAN type Port A 10 tagged 1 - 10 tagged 2 - 10 tagged 3 - 20 tagged 1 - 20 tagged 3 1 2 3 1 2 3 6 4 5 1 2 Lookup Table MAC VLAN ID VLAN type Port - 10 port-based 2 A 10 tagged 1 ARP ARP ARP ARP ARP 192.168.10.1 192.168.10.2 192.168.10.3 CE1 CE CE2 CE CE3 Customer 1 Site 1 Customer 1 Site 2 Customer 1 Site 3 Customer 2 Site 1 Customer 2 Site 2 A B C ARP 192.168.10.2 10 10 10
    29. 29. Operation Lookup Table MAC VLAN ID VLAN type Port A 10 port-based 1 B 10 tagged 3 - 20 port-based 2 - 20 tagged 3 Lookup Table MAC VLAN ID VLAN type Port B 10 port-based 4 A 10 tagged 6 - 20 port-based 5 - 20 tagged 6 Lookup Table MAC VLAN ID VLAN type Port A 10 tagged 1 B 10 tagged 2 - 10 tagged 3 - 20 tagged 1 - 20 tagged 2 1 2 3 1 2 3 6 4 5 1 2 Lookup Table MAC VLAN ID VLAN type Port - 10 port-based 2 A 10 tagged 1 Reply DA=A SA=B Reply DA=A SA=B Reply DA=A SA=B Reply DA=A SA=B 192.168.10.1 192.168.10.2 192.168.10.3 CE1 CE CE2 CE CE3 Customer 1 Site 1 Customer 1 Site 2 Customer 1 Site 3 Customer 2 Site 1 Customer 2 Site 2 A B 10 10
    30. 30. Operation Lookup Table MAC VLAN ID VLAN type Port A 10 port-based 1 B,C 10 tagged 3 - 20 port-based 2 - 20 tagged 3 Lookup Table MAC VLAN ID VLAN type Port B 10 port-based 4 A, C 10 tagged 6 - 20 port-based 5 - 20 tagged 6 Lookup Table MAC VLAN ID VLAN type Port A 10 tagged 1 B 10 tagged 2 C 10 tagged 3 - 20 tagged 1 - 20 tagged 2 1 2 3 1 2 3 6 4 5 1 2 Lookup Table MAC VLAN ID VLAN type Port C 10 port-based 2 A,B 10 tagged 1 이후는 Unicast ( 모든 MAC 이 학습됨 ) Multicast: Dest MAC 을 보고 그대로 포워딩 192.168.10.1 192.168.10.2 192.168.10.3 CE1 CE CE2 CE CE3 Customer 1 Site 1 Customer 1 Site 2 Customer 1 Site 3 Customer 2 Site 1 Customer 2 Site 2 A B C
    31. 31. VLAN-based Multipoint service: VPLS/TLS Lookup Table MAC VLAN ID VLAN type Port A 10 port-based 1 B,C 10 tagged 3 - 20 port-based 2 - 20 tagged 3 Lookup Table MAC VLAN ID VLAN type Port B 10 port-based 4 A, C 10 tagged 6 - 20 port-based 5 - 20 tagged 6 Lookup Table MAC VLAN ID VLAN type Port A 10 tagged 1 B 10 tagged 2 C 10 tagged 3 - 20 tagged 1 - 20 tagged 3 1 2 3 1 2 3 6 4 5 1 2 Lookup Table MAC VLAN ID VLAN type Port C 10 port-based 2 A,B 10 tagged 1 C D E 192.168.10.1 192.168.10.2 192.168.10.3 CE1 CE CE2 CE CE3 Customer 1 Site 1 Customer 1 Site 2 Customer 1 Site 3 Customer 2 Site 1 Customer 2 Site 2 A B MAC VLAN ID Port A 10 1 B 10 2 C 10 3 D 20 4 E 20 5 L2 Switch Lookup Table
    32. 32. Problem of VLAN-based VPLS <ul><li>VLAN space limitation: 4096 VLANs (VLAN ID=12bits) </li></ul><ul><li>MAC address limitation </li></ul><ul><li>No Bandwidth reservation in metro core (end-to-end) </li></ul><ul><li>No traffic engineering in metro core (STP Path) </li></ul><ul><li>Slow restoration time (STP, RSTP, EAPS) </li></ul>MAC VLAN type VLAN ID Port - tagged 100 1, 2 - tagged 200 1, 3 ……… . A 2 B 1 C 2 ……… . MAC A MAC F MAC B MAC C MAC M MAC N MAC G MAC H CPE Ingress Rate Limiting/Shaping 100 100 100 100 100 100 802.1q tagged VLAN 설정 A Broadcast Domain over Metro Ethernet Network = Secure Tunnel 제공 802.1p CoS 제공 = Classification, Marking, Priority queueing and scheduling ESP network
    33. 33. EoMPLS (martini-draft) <ul><li>VLAN 의 확장성 한계 , MAC learning 한계 , QoS, BW 예약 , 망복구 능력 등의 문제에 대한 대안으로써 Metro Ethernet 에 MPLS 를 도입함 . </li></ul><ul><li>Ingress LER (PE) 과 Egress LER (PE) 간에 두 개의 LSP (Label Switched Path) 를 설정 </li></ul><ul><ul><li>Tunnel LSP : 두 PEs 간에 MPLS frame 을 forwarding. Customer 구분없이 MPLS 망상에서 경로만 제공 . ATM 의 VP (Virtual Path) 개념 . Tunnel LSP 내에 여러 개의 VC(Virtual Circuit) 들이 전달됨 . </li></ul></ul><ul><ul><li>VC LSP : Egress LER 에서 Tunnel LSP 로 들어오는 패킷들이 어느 가입자의 패킷이며 , 또 어떻게 처리 ( 어느 outgoing interface 로 포워딩해주어야 하는 가 , 등 ) 해주어야 하는 가를 결정하기 위해서 Tunnel LSP 내에 VC LSP 가 정의된다 . ATM 의 VC 개념 . (for de-multiplexing senders.). VC label 은 LSR 에서는 안 보이고 Egress LER 에서만 보인다 . </li></ul></ul><ul><li>Metro Ethernet Network 의 Edge (LER) 에서 Ethernet frame 을 MPLS lsp 로 mapping </li></ul><ul><li>(not Routing) </li></ul>PE P P PE PE P Tunnel LSP VC LSP Ethernet Or VLAN Ethernet Or VLAN C D E CE1 CE CE2 CE CE3 Customer 1 Site 1 Customer 1 Site 2 Customer 1 Site 3 Customer 2 Site 1 Customer 2 Site 2 A B
    34. 34. EoMPLS Operation PE P P PE PE P Eth Eth Eth Port VLAN ID outgoing port Tunnel Label VC Label 1 - 3 25 10 2 100 3 25 20 1 2 L2 3 Incoming port VC Label outgoing port 1 10 5 1 20 6 Incoming port Tunnel Label outgoing port Tunnel Label 3 25 4 35 4 1 5 6 Forwarding table Forwarding table Forwarding table Eth Eth 10 25 Eth 10 35 Eth 10 17 Eth 20 25 Eth 20 35 Eth 20 17 C D E CE1 CE CE2 CE CE3 Customer 1 Site 1 Customer 1 Site 2 Customer 1 Site 3 Customer 2 Site 1 Customer 2 Site 2 A B
    35. 35. EoMPLS 의 장점 C D E CE1 CE CE2 CE CE3 Customer 1 Site 1 Customer 1 Site 2 Customer 1 Site 3 Customer 2 Site 1 Customer 2 Site 2 A B PE P P PE PE P Eth Eth Eth Eth Port VLAN ID outgoing port Tunnel Label VC label Label 1 - 3 25 10 2 100 3 25 20 1 2 L2 3 Incoming port VC Label outgoing port 1 10 5 1 20 6 Incoming port Tunnel Label outgoing port Tunnel Label 3 25 4 35 4 1 5 6 Forwarding table Forwarding table Forwarding table Metro ( 또는 WAN) core 의 LSR 들은 단지 Tunnel Label 값만 보고 MPLS frame 을 포워딩한다 . 따라서 Metro core 에서는 가입자측의 MAC address 를 학습할 필요가 없다 . Ingress LER 은 Ethernet 망에서 들어오는 Frame 을 {Physical port and 802.1q VLAN ID} 값만 참조하여 어느 VC-LSP 로 포워딩할 것인지를 판단한다 . 따라서 , Egress LER 쪽의 가입자의 MAC address 를 학습하지 않는다 . Egress LER 은 VC label 값만을 이용하여 포워딩 결정을 내린다 . 따라서 , 가입자측의 MAC address 를 학습하지 않아도 된다 . Eth 10 25 Eth 10 35 Eth 10 17 Eth 20 25 Eth 20 35 Eth 20 17
    36. 36. EoMPLS: Martini Signaling Eth-Frame PE1 PE2 Eth/10 VLAN/100 Eth/20 VLAN/200 Configuration Interface: Eth/20 VLAN/200 VC ID (=L2-FEC): 3001 Map Eth/20 VLAN/200 VCID 3001 VC label: 2000 Peer Router: 10.0.0.1 Targeted LDP Configuration Interface: Eth/10 VLAN/100 VC ID (=L2-FEC): 3001 Map Eth/10 VLAN/100 VCID 3001 VC label: 4000 Peer Router: 10.0.0.2 10.0.0.2 10.0.0.1 Label mapping msg (DU-LDP) VC FEC TLV VC Type = Ethernet VC ID = 3001 VC label TLV VC label = 2000 Eth-Frame 2000 100 L2H Eth-Frame Tunnel LSP A PW (2 VC lsps) setup ! Site 2 가 PE2 의 Ethernet port 20 에 VLAN ID 200 의 Ethernet circuit 에 붙어있다 . Site 2 로 보내려면 Label 2000 을 붙여서 보내라 Site 2 Site 1 CE1 CE2 Label mapping msg (DU-LDP) VC FEC TLV VC Type = Ethernet VC ID = 3001 VC label TLV VC label = 4000 vc2000 vc4000 VLAN/100 Eth/10 VLAN/200 Eth/20 PW = VLL 3001 VCID Eth/10 VLAN/100 VC label 4000 ? Eth/10 VLAN/100 Out In 3001 VCID Eth/10 VLAN/100 VC label 4000 2000 Eth/10 VLAN/100 Out In 3001 VCID Eth/20 VLAN/200 VC label 2000 ? Eth/20 VLAN/200 Out In 3001 VCID Eth/20 VLAN/200 VC label2000 4000 Eth/20 VLAN/200 Out In
    37. 37. ERS service using EoMPLS CE PE P P PE PE Tagged VLAN 100 Tagged VLAN 101 Subnet 1 (192.182.10/24) HQ site Router One subnet for each remote site Subnet 2 (192.182.20/24) CE (L2 SW) CE (L2 SW) PE 는 port # 와 VLAN ID 만을 가지고 어느 VC-LSP 로 포워딩할 것인지를 결정하기 떄문에 VLAN Tag 를 달고 들어오지 않으면 Site 2 로 포워딩할 지 Site 3 으로 포워딩할 지를 판단할 수 없다 . 따라서 , Site 1 의 CE 가 Site 별로 구분된 VLAN Tag 를 달아서 보내야 한다 . Site 2 와 Site 3 간의 통신을 위해서는 CE 가 반드시 라우터이어야 한다 .
    38. 39. VPLS <ul><li>What is VPLS ? </li></ul><ul><ul><li>VPLS (Virtual Private LAN Service) is a class of VPN that allows the connection of multiple sites in a single bridged domain over a provider managed MPLS network </li></ul></ul><ul><li>How it works ? </li></ul><ul><ul><li>Bridging capable PE routers are connected with a full mesh of MPLS LSP tunnels </li></ul></ul><ul><ul><li>Per-Service VC labels are negotiated using draft-Martini </li></ul></ul><ul><ul><li>Replicates unknown/broadcast traffic in a service domain </li></ul></ul><ul><ul><li>MAC learning over tunnel & access ports </li></ul></ul><ul><ul><li>Separate FIB per VPLS </li></ul></ul><ul><li>IETF draft-lasserre-vkompella-vpls-ppvpn-04.txt </li></ul><ul><li>Vendors: Cisco, Cosine, Force10, Foundry, Juniper, Laurel, Nortel, Riverstone, Timetra (Alcatel) </li></ul>
    39. 40. CE2 CE1 PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 CE3 Eth30 Site 3 PE4 PE5 P M2 M1 M3 M4 VPLS Operation P
    40. 41. CE2 CE1 PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 CE3 Eth30 Site 3 VCID 1000 vc label 102 VCID 1000 vc label 103 Martini-signaling (Targeted LDP/DU mode) 1. Operator 는 Site 1, 2, 3 이 연결되어 있는 PE1, PE2, PE3 간에 full-mesh 로 VPLS instance 를 하나 생성한다 . 이 VPLS instance 에는 하나의 unique VCID 가 할당된다 . 1.1 각 PE 는 Targeted LDP session 을 통해 downstream-unsolicited mode 로 vc-label 을 배포한다 . 즉 , VPLS 에 관한 label 값을 egress LER 이 할당하여 이를 ingress LER 에게 바로 배포한다 . Use vc-label 102 for VCID 1000 when sending to me ( 나한테 보낼 때 , vc-label 102 를 써서 보내 !) Use vc-label 103 for VCID 1000 when sending to me ( 나한테 보낼 때 , vc-label 103 를 써서 보내 !) VPLS: Control Plane (1)
    41. 42. PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth/30 Site 3 VCID 1000 vc label 102 VCID 1000 vc label 103 vc label 102 vc label 103 VC-lsp setup (created) 1.1 VPLS 1000 을 위한 vc-lsp 102 와 vc-lsp 103 생성됨 . VPLS: Control Plane (2) CE2 CE1 CE3 CE2 CE1 CE3
    42. 43. VPLS: Control Plane (3) CE2 CE1 PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 CE3 Eth30 Site 3 CE2 CE1 PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 CE3 Eth30 Site 3 VCID 1000 vc label 201 VCID 1000 vc label 203 vc label 102 vc label 103 VCID 1000 vc label 302 VCID 1000 vc label 301 vc label 201 vc label 301 vc label 302 vc label 203 Martini-signaling (Targeted LDP/DU mode) p1 p2 p3 p4 p5 p6 VCID 1000 Eth20, p1/vc-lsp102, p2/vc-lsp302 VCID 1000 Eth10, p3/vc-lsp201, p4/vc-lsp301 VCID 1000 Eth30, p5/vc-lsp103, p6/vc-lsp203 A VPLS (VCID=1000) is setup A VPLS for Customer A is setup between PE1, PE2 and PE3
    43. 44. PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc label 203 p1 p2 p3 p4 p5 p6 FIB for VPLS 1000 PE4 IP M2 M1 1. PE2 에 Port 20 을 통해 Ethernet frame 이 들어오면 , PE2 는 frame 이 들어온 물리적인 Port ( 또는 Port + VLAN ID) 를 통해 이 frame 이 VPLS 1000 에 속한 프레임을 알아낸다 . : Port or (Port + VLAN ID)  VPLS ID/FIB Data Plane M2 M1 M3 SA DA IP M2 M1 Ethernet frame Destination MAC address Source MAC address VPLS: Data Plane (1) CE2 CE1 CE3 Interface MAC P2/vc-lsp302 P1/vc-lsp102 Eth20
    44. 45. PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc label 203 p1 p2 p3 p4 p5 p6 PE4 IP M2 M1 1.1 Source MAC learning : PE2 는 도착한 프레임의 source MAC address 를 학습하여 SA=M2 를 VPLS 1000 의 FIB(Forwarding Information Base) 의 Eth20 에 등록한다 . FIB for VPLS 1000 VPLS: Data Plane (2) CE2 CE1 CE3 Interface MAC P2/vc-lsp302 P1/vc-lsp102 Eth20 M2 M2 M1 M3
    45. 46. PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc label 203 p1 p2 p3 p4 p5 p6 PE4 IP M2 M1 102 Tunnel Label L2H IP M2 M1 302 Tunnel Label L2H 1.2 Destination MAC lookup : VPLS 1000 의 FIB 를 lookup 한다 . Destination MAC = M1 이 FIB entry 에 없으면 ( 즉 , 학습이 되어 있지 않으면 -Unknown frame 이면 ), VPLS 1000 에 속한 모든 PE 로 프레임을 flooding 한다 . 즉 , 도착한 프레임을 복제 (replication) 하여 p1/vc-lsp102 를 통해 PE1 으로 , p2/vc-lsp 302 를 통해 PE3 로 전달한다 . ( 물론 PE4 로는 전달하지 않는다 .) 이때 vc-label 과 tunnel label 을 부착하여 전달한다 . FIB for VPLS 1000 IP M2 M1 IP M2 M1 102 Tunnel Label L2H VC Label (Demultiplexor) Tunnel Label Transport Header MPLS frame VPLS: Data Plane (3) CE2 CE1 CE3 Interface MAC P2/vc-lsp302 P1/vc-lsp102 Eth20 M2 M2 M1 M3
    46. 47. PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc label 203 p1 p2 p3 p4 p5 p6 PE4 IP M2 M1 102 Tunnel Label L2H IP M2 M1 302 Tunnel Label L2H 2. Core LSRs (P Routers): PW 상의 모든 LSR 들은 Outer label (Tunnel label) 값만 참조하여 해당 PE 까지 프레임을 전달한다 ( label swapping ). LSR 들은 Tunnel label 값만 참조하여 포워딩하기 때문에 현재 자기가 포워딩하고 있는 프레임들이 어느 VPLS 에 속한 프레임인지는 모른다 . FIB for VPLS 1000 VPLS: Data Plane (4) CE2 CE1 CE3 Interface MAC P2/vc-lsp302 P1/vc-lsp102 Eth20 M2 M2 M1 M3
    47. 48. PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc label 203 p1 p2 p3 p4 p5 p6 PE4 IP M2 M1 102 Tunnel Label L2H IP M2 M1 302 Tunnel Label L2H 3. PE1 (Egress LER): PE1 는 도착한 프레임의 vc-label 값을 참조하여 이 프레임이 어느 VPLS 에 속한 프레임인지를 알아낸다 ( 이 예에서는 VPLS 1000 에 속한 프레임임을 알게 된다 ). : vc-label lookup  VPLS ID/FIB FIB for VPLS 1000 VPLS: Data Plane (5) CE2 CE1 CE3 Interface MAC P4/vc-lsp301 P3/vc-lsp201 Eth10 M2 M1 M3
    48. 49. PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc label 203 p1 p2 p3 p4 p5 p6 PE4 IP M2 M1 102 Tunnel Label L2H IP M2 M1 302 Tunnel Label L2H 3.1 Source MAC learning : 도착한 MPLS 프레임의 label 를 제거 (POP) 하고 이더넷 프레임의 source MAC address 를 학습한다 . PE1 은 M2 가 vc-label 102 를 통해서 왔으므로 M2 가 PE2 뒤에 있음을 알게 된다 . 따라서 , M2 를 vc-label201 인터페이스에 학습시킨다 . PE3 도 동일한 동작을 수행한다 . FIB for VPLS 1000 FIB for VPLS 1000 VPLS: Data Plane (6) CE2 CE1 CE3 Interface MAC P4/vc-lsp301 P3/vc-lsp201 M2 Eth10 Interface MAC P6/vc-lsp203 M2 P5/vc-lsp103 Eth30 M2 M1 M3
    49. 50. PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc label 203 p1 p2 p3 p4 p5 p6 PE4 IP M2 M1 IP M2 M1 3.2 Destination MAC lookup : DA=M1 이 VPLS 1000 의 FIB 에 학습이 되어 있지 않으므로 VPLS 1000 에 속한 모든 Port 로 이더넷 프레임을 flooding 한다 ( 이 예에서는 Eth10 으로만 전달된다 ). 이 때 loop 방지를 위해 vc-lsp 에서온 프레임은 VPLS 에 속한 다른 vc-lsp 로 flooding 하지 않는다 . (split-horizon rule). 즉 , P4/vc-lsp301 로는 flooding 하지 않는다 . FIB for VPLS 1000 FIB for VPLS 1000 VPLS: Data Plane (7) CE2 CE1 CE3 Interface MAC P4/vc-lsp301 P3/vc-lsp201 M2 Eth10 Interface MAC P6/vc-lsp203 M2 P5/vc-lsp103 Eth30 M2 M1 M3
    50. 51. PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc label 203 p1 p2 p3 p4 p5 p6 PE4 4. M1 reply : Site 1 의 station 1 이 reply 를 하여 DA=M2, SA=M1 인 이더넷 프레임을 PE1 으로 전달한다 . FIB for VPLS 1000 FIB for VPLS 1000 IP M1 M2 VPLS: Data Plane (8) CE2 CE1 CE3 Interface MAC P4/vc-lsp301 P3/vc-lsp201 M2 Eth10 Interface MAC P6/vc-lsp203 M2 P5/vc-lsp103 Eth30 M2 M1 M3
    51. 52. PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc label 203 p1 p2 p3 p4 p5 p6 PE4 5. PE1 에 Port 10 을 통해 Ethernet frame 이 들어오면 , PE1 는 frame 이 들어온 물리적인 Port ( 또는 Port + VLAN ID) 를 통해 이 frame 이 VPLS 1000 에 속한 프레임을 알아낸다 . FIB for VPLS 1000 FIB for VPLS 1000 IP M1 M2 VPLS: Data Plane (9) CE2 CE1 CE3 Interface MAC P4/vc-lsp301 P3/vc-lsp201 M2 Eth10 Interface MAC P6/vc-lsp203 M2 P5/vc-lsp103 Eth30
    52. 53. PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc label 203 p1 p2 p3 p4 p5 p6 PE4 5.1 Source MAC learning : PE1 는 도착한 프레임의 source MAC address 를 학습하여 SA=M1 를 VPLS 1000 의 FIB(Forwarding Information Base) 의 Eth10 에 등록한다 . FIB for VPLS 1000 FIB for VPLS 1000 IP M1 M2 VPLS: Data Plane (10) CE2 CE1 CE3 Interface MAC P4/vc-lsp301 P3/vc-lsp201 M2 Eth10 M1 Interface MAC P6/vc-lsp203 M2 P5/vc-lsp103 Eth30 M2 M1 M3
    53. 54. PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc label 203 p1 p2 p3 p4 p5 p6 PE4 5.2 Destination MAC lookup : PE1 은 이더넷 프레임의 destination MAC address 를 VPLS 1000 의 FIB 에서 Lookup 한다 . M2 가 학습되어 있으므로 P3/vc-lsp201 을 통해 프레임을 전달한다 . FIB for VPLS 1000 FIB for VPLS 1000 IP M1 M2 IP M1 M2 201 Tunnel Label L2H VPLS: Data Plane (11) CE2 CE1 CE3 Interface MAC P4/vc-lsp301 P3/vc-lsp201 M2 Eth10 M1 Interface MAC P6/vc-lsp203 M2 P5/vc-lsp103 Eth30 M2 M1 M3
    54. 55. PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc label 203 p1 p2 p3 p4 p5 p6 PE4 6. PE2 는 SA=M1 을 학습하여 FIB entry(P1/vc-lsp102) 에 등록하고 , DA=M2 는 학습이 되어 있으므로 Eth20 port 를 통해 포워딩한다 . FIB for VPLS 1000 FIB for VPLS 1000 IP M1 M2 IP M1 M2 201 Tunnel Label L2H FIB for VPLS 1000 VPLS: Data Plane (12) CE2 CE1 CE3 Interface MAC P4/vc-lsp301 P3/vc-lsp201 M2 Eth10 M1 Interface MAC P6/vc-lsp203 M2 P5/vc-lsp103 Eth30 Interface MAC P2/vc-lsp302 P1/vc-lsp102 M1 Eth20 M2 M2 M1 M3
    55. 56. PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc label 203 p1 p2 p3 p4 p5 p6 PE4 7. 몇 번의 Unknown frame 들이 flooding 방식으로 오고 가면 , 각 PE 의 VPLS 1000 의 FIB table 은 아래와 같이 MAC entry 들이 등록되게 된다 . FIB for VPLS 1000 FIB for VPLS 1000 FIB for VPLS 1000 VPLS: Data Plane (13) CE2 CE1 CE3 Interface MAC P4/vc-lsp301 M3 P3/vc-lsp201 M2 Eth10 M1 Interface MAC P6/vc-lsp203 M2 P5/vc-lsp103 M1 Eth30 M3 Interface MAC P2/vc-lsp302 M3 P1/vc-lsp102 M1 Eth20 M2 M2 M1 M3
    56. 57. PE2 PE1 Eth20 Eth10 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc label 203 p1 p2 p3 p4 p5 p6 PE4 8. 이후의 프레임 전달 과정은 destination MAC address 가 모두 학습되어 있으므로 flooding 되지 않고 바로 unicast 로 포워딩 된다 . 몇 번의 Unknown frame 들이 flooding 방식으로 오고 가면 , 각 PE 의 VPLS 1000 의 FIB table 은 아래와 같이 MAC entry 들이 등록되게 된다 . FIB for VPLS 1000 FIB for VPLS 1000 FIB for VPLS 1000 IP M2 M3 302 Tunnel Label L2H IP M2 M3 IP M2 M3 VPLS: Data Plane (14) CE2 CE1 CE3 Interface MAC P4/vc-lsp301 M3 P3/vc-lsp201 M2 Eth10 M1 Interface MAC P6/vc-lsp203 M2 P5/vc-lsp103 M1 Eth30 M3 Interface MAC P2/vc-lsp302 M3 P1/vc-lsp102 M1 Eth20 M2 M2 M1 M3
    57. 58. PE2 PE1 Eth20 Eth11 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc label 203 p1 p2 p3 p4 p5 p6 FIB for VPLS 2000 FIB for VPLS 1000 FIB for VPLS 1000 Site 1 Eth21 Site 2 Eth10 vc label 12 vc label 21 M2 M1 M3 M5 M4 vc label 13 vc label 31 vc label 32 vc label 23 Site 3 M6 M7 FIB for VPLS 2000 FIB for VPLS 1000 FIB for VPLS 2000 VPLS: Data Plane (15) CE1 CE3 P4/vc-lsp31 M6 Interface MAC P4/vc-lsp31 M7 P3/vc-lsp21 M4 Eth11 M5 Interface MAC P6/vc-lsp203 M2 P5/vc-lsp103 M1 Eth30 M3 Interface MAC P2/vc-lsp302 M3 P1/vc-lsp102 M1 Eth20 M2 CE2 CE1 CE2 CE3 P2/vc-lsp32 M6 P2/vc-lsp32 M7 Interface MAC P1/vc-lsp12 M5 Eth21 M4 Interface MAC P4/vc-lsp301 M3 P3/vc-lsp201 M2 Eth10 M1 Eth31 M7 Interface MAC P6/vc-lsp23 M4 P5/vc-lsp13 M5 Eth31 M6
    58. 59. PE2 PE1 Eth20 Eth11 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc label 203 p1 p2 p3 p4 p5 p6 FIB for VPLS 2000 FIB for VPLS 1000 FIB for VPLS 1000 Site 1 Eth21 Site 2 Eth10 vc label 12 vc label 21 M2 M1 M3 M5 M4 vc label 13 vc label 31 vc label 32 vc label 23 Site 3 M6 M7 FIB for VPLS 2000 FIB for VPLS 1000 FIB for VPLS 2000 VPLS: Data Plane (16) CE1 CE3 P4/vc-lsp31 M6 Interface MAC P4/vc-lsp31 M7 P3/vc-lsp21 M4 Eth11 M5 Interface MAC P6/vc-lsp203 M2 P5/vc-lsp103 M1 Eth30 M3 Interface MAC P2/vc-lsp302 M3 P1/vc-lsp102 M1 Eth20 M2 IP M2 M1 102 Tunnel Label L2H IP M2 M1 CE2 CE2 CE1 CE1 P2/vc-lsp32 M6 P2/vc-lsp32 M7 Interface MAC P1/vc-lsp12 M5 Eth21 M4 Interface MAC P4/vc-lsp301 M3 P3/vc-lsp201 M2 Eth10 M1 Eth31 M7 Interface MAC P6/vc-lsp23 M4 P5/vc-lsp13 M5 Eth31 M6 IP M4 M5 IP M4 M5 12 Tunnel Label L2H IP M2 M1 IP M4 M5
    59. 60. VPLS <ul><li>VPN 에 속한 Sites 와 연결되어 있는 PE Router 들간에 VCs full-mesh 를 생성한다 . </li></ul><ul><li>각 PE Router 에 VPN 정보를 등록한다 . A VPN 에 속한 VCs 과 Ethernet port or VLAN ID 를 하나의 VPN ID 로 등록한다 . </li></ul><ul><li>PE Router 는 VPN 에 속한 MAC address( 자신쪽과 Egress 쪽 ) 를 학습한다 . </li></ul><ul><li>Source MAC address learning 과정은 802.1D 방식으로 수행되는 데 , 한 가지 차이점은 Ethernet frame 을 받은 Port 뿐만 아니라 Outbound VC-Label 값까지 학습한다는 점이다 . </li></ul><ul><li>초기에 Unknown frame 이 PE 라우터로 들어오면 VPN 에 속한 모든 PE 라우터로 Flooding 하고 이후 Destination MAC address 가 학습되면 해당 PE 로만 frame 을 포워딩한다 . </li></ul><ul><li>P 라우터는 Tunnel Label 을 이용해 Label swapping 방식으로 프레임을 스위칭하므로 MAC address learning 을 할 필요가 없다 . </li></ul><ul><li>PE 라우터는 모든 PE 에 연관된 MAC address 를 다 학습하는 것은 아니고 VPN 이 설정된 PE 에 연관된 MAC address 만 학습한다 . </li></ul><ul><li>PE 라우터는 통상적인 L2 Switch 와 달리 MPLS 망내에서 STP 를 돌리지 않는다 . 망 복구는 MPLS 의 Protection 능력을 이용한다 . </li></ul><ul><li>1 에서 언급한 바와 같이 , 하나의 VPN 에 속한 모든 PE 들간에는 VCs 이 Full-mesh 로 생성한다 . 즉 , 모든 PE 에서 다른 PE 로는 1HOP 으로 전달된다 . 이 때 Split-Horizon forwarding rule 을 적용하여 loop 를 방지한다 . </li></ul><ul><li>Split-Horizon forwarding rule: VC-to-another VC 포워딩을 금지 </li></ul>
    60. 61. VPLS security <ul><li>PE 는 Unicast frame 은 MAC address 가 학습된 해당 Port 로만 포워딩한다 . </li></ul><ul><li>Broadcast frame 은 동일 VPLS 에 속한 Port {Ethernet port, VLAN, VC-LSP} 로만 포워딩한다 . </li></ul><ul><li>P 라우터는 Tunnel label 만 인식하므로 가입자는 보이지 않음 </li></ul><ul><li>따라서 다른 Customer 의 사이트로 Access 는 불가능 </li></ul><ul><li>VLAN 기반 VPLS 나 MPLS 기반 VPLS 모두 각 가입자가 VLAN 또는 VLPS 별로 구분되며 서로 다른 VLAN 이나 VPLS 에 접근할 수 없기 때문에 보안 보장됨 . </li></ul><ul><li>이는 ATM 망에서 PVC 의 보안 개념과 동일함 . </li></ul>PE2 PE1 Eth20 Eth11 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc label 203 p1 p2 p3 p4 p5 p6 Site 1 Eth21 Site 2 Eth10 vc label 12 vc label 21 M2 M1 M3 M5 M4 vc label 13 vc label 31 vc label 32 vc label 23 Site 3 M6 M7 CE1 CE3 CE2 CE1 CE2 CE3
    61. 62. PE2 PE1 Eth20 Eth11 Site 1 Site 2 PE3 Eth30 Site 3 vc label 102 vc label 103 vc label 201 vc label 301 vc label 302 vc label 203 p1 p2 p3 p4 p5 p6 FIB for VPLS 2000 FIB for VPLS 1000 FIB for VPLS 1000 Site 1 Eth21 Site 2 Eth10 vc label 12 vc label 21 M2 M1 M3 M5 M4 vc label 13 vc label 31 vc label 32 vc label 23 Site 3 M6 M7 FIB for VPLS 2000 FIB for VPLS 1000 FIB for VPLS 2000 Dsniff: Generate MAC X, Y, … (155,000 MAC entry per minute) 1. SrcMAC Learning: X, Y, Z, … 2. Unknown MAC… “ Flooding” 1. SrcMAC Learning: X, Y, Z, … 2. Unknown MAC… “ Flooding” 1. SrcMAC Learning: X, Y, Z, … 2. Unknown MAC… “ Flooding” MAC attack CE1 CE3 P4/vc-lsp31 M6 Interface MAC P4/vc-lsp31 M7 P3/vc-lsp21 M4 Eth11 M5 Interface MAC P6/vc-lsp203 M2 X Y Z … P5/vc-lsp103 M1 Eth30 M3 Interface MAC P2/vc-lsp302 M3 P1/vc-lsp102 M1 Eth20 M2 X Y Z … CE2 CE1 CE2 CE3 P2/vc-lsp32 M6 P2/vc-lsp32 M7 Interface MAC P1/vc-lsp12 M5 Eth21 M4 Interface MAC P4/vc-lsp301 M3 P3/vc-lsp201 M2 X Y Z … Eth10 M1 Eth31 M7 Interface MAC P6/vc-lsp23 M4 P5/vc-lsp13 M5 Eth31 M6 X d y d z d
    62. 63. Summary <ul><li>Metro Ethernet Service 의 출현 </li></ul><ul><li>Metro Ethernet Service 현황 </li></ul><ul><li>Classifying Metro Ethernet Services </li></ul><ul><li>Multipoint Services </li></ul><ul><ul><li>VLAN-based </li></ul></ul><ul><ul><li>EoMPLS (PTP) </li></ul></ul><ul><ul><li>VPLS </li></ul></ul>
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×