IIR VPN London


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • IIR VPN London

    1. 1. Delivering Business and Technical Advantage to Service Providers Top 50 Companies to Watch
    2. 2. <ul><li>Making the Business Case for Layer 2 MPLS VPNs </li></ul><ul><li>K. ARVIND, Ph.D. </li></ul><ul><li>Founding & Consulting Engineer </li></ul><ul><li>[email_address] </li></ul>
    3. 3. Our Mission <ul><li>To enhance service provider networks with the quality of service features and availability attributes required to enable the transport of a wide range of network services over an IP based infrastructure without service level degradation. </li></ul>TN250G – Core Service Switch
    4. 4. The Business Case for Layer 2 MPLS VPNs <ul><li>$ $ </li></ul><ul><li>$ $ </li></ul>PROFIT$ FOLLOW THE MONEY CUT COSTS SQUEEZE VALUE OUT OF INVESTMENTS
    5. 5. Plan of the Presentation <ul><li>The VPN Landscape </li></ul><ul><li>The Case for MPLS L2VPNs </li></ul><ul><li>The Players </li></ul><ul><li>The Technology </li></ul>
    6. 6. The VPN Landscape <ul><li>What is a VPN? </li></ul><ul><li>What is an IP VPN? </li></ul><ul><li>What is a Layer 2 VPN? </li></ul><ul><li>What is a Layer 3 VPN? </li></ul><ul><li>What is an MPLS VPN? </li></ul><ul><li>What is a Layer 3 MPLS VPN? </li></ul><ul><li>What is a Layer 2 MPLS VPN? </li></ul>
    7. 7. VPN overview virtual (vûrch-l) adj. Existing in the mind, especially as a product of the imagination <ul><li>Site-to-Site (Intranet, Extranet), Remote Access </li></ul><ul><li>Private WAN overlaid on shared infrastructure </li></ul><ul><li>Isolation and Security </li></ul><ul><li>Encapsulation and Encryption </li></ul><ul><li>Frame Relay, ATM, IPSec, L2TP/PPTP, MPLS-based VPNs </li></ul>Sharing Cost
    8. 8. VPN: Overlay on shared infrastructure SERVICE PROVIDER NETWORK: SHARED INFRASTRUCTURE Customer 1 Site 1 Customer 1 Site 2 Customer 1 Site 3 Customer 2 Site 1 Customer 2 Site 2 Customer 2 Site 3 Customer 3 Site 1 Customer 3 Site 2 Customer 3 Site 3
    9. 9. IP VPNs <ul><li>VPN service based on IP infrastructure </li></ul><ul><li>IP backbone used as link layer technology </li></ul><ul><li>Isolation: IP Tunneling </li></ul><ul><ul><li>IP/IP, GRE, L2TP, IPSec, MPLS </li></ul></ul><ul><li>Security: </li></ul><ul><ul><li>IPSec Encryption </li></ul></ul><ul><ul><li>Isolation provided by VCs </li></ul></ul><ul><li>Layer 2 VPN or Layer 3 VPN </li></ul><ul><li>Only PPVPNs considered here </li></ul>
    10. 10. Layer 2 VPNs <ul><li>SP provides Layer 2 Connectivity </li></ul><ul><li>CE/PE interface is Layer 2 </li></ul><ul><li>PE device forwards data based on Layer 2 header </li></ul><ul><li>Layer 2 Transport Service </li></ul><ul><li>VPWS (p2p), VPLS (LAN) </li></ul><ul><li>Benefits: Multiprotocol, Disjoint Customer/Provider Routing </li></ul>
    11. 11. Layer 3 VPNs <ul><li>SP provides Layer 3 Connectivity </li></ul><ul><li>CE/PE interface is IP over any data link </li></ul><ul><li>PE device forwards packets based on IP header </li></ul><ul><li>Challenges: isolation of routing domains and overlapping address spaces </li></ul><ul><li>Benefits: No inter-site routing for customers, Data-link unaware </li></ul>
    12. 12. MPLS VPNs <ul><li>MPLS </li></ul><ul><ul><li>Connection-oriented flavor to IP </li></ul></ul><ul><ul><li>Layer 2 label switched path established using IP control protocols (OSPF, BGP, IS-IS, RSVP, LDP) </li></ul></ul><ul><ul><li>LSP <=> Tunnel through IP network </li></ul></ul><ul><ul><li>Label stacking: Multiplexing within tunnel (hierarchical tunnels) </li></ul></ul><ul><li>MPLS VPN - IP VPN built using LSPs </li></ul><ul><li>Isolation+Security via hierarchical LSPs </li></ul>
    13. 13. Layer 3 MPLS VPNs <ul><li>RFC2547bis aka BGP/MPLS VPNs </li></ul><ul><ul><li>MP-BGP used to distribute network reachability information between PE devices </li></ul></ul><ul><ul><li>BGP policies used to constrain distribution of reachability information to relevant devices. </li></ul></ul><ul><ul><li>PE maintains multiple VRFs - one per VPN </li></ul></ul><ul><ul><li>LDP/RSVP used to set up LSP tunnels </li></ul></ul><ul><ul><li>MP-BGP used to distribute inner label that identifies VPN </li></ul></ul><ul><li>Concerns: Complexity of BGP and its management, Scalability, Expensive PE devices </li></ul>
    14. 14. Layer 2 MPLS VPNs <ul><li>Martini (Luca Martini - Level 3) and Kompella (Kireeti Kompella - Juniper) drafts </li></ul><ul><li>Layer 2 VCs transported on MPLS LSPs via label stacking </li></ul><ul><li>Martini Encapsulation: FR, ATM, Ethernet, VLAN, PPP </li></ul><ul><li>Signaling </li></ul><ul><ul><li>Tunnel: RSVP-TE, LDP </li></ul></ul><ul><ul><li>VCs: </li></ul></ul><ul><ul><ul><li>Martini: LDP Targeted Sessions </li></ul></ul></ul><ul><ul><ul><li>Kompella: MP-BGP </li></ul></ul></ul>
    15. 15. The Case for MPLS L2VPNs <ul><li>Layer 2 VPNs - The Way to Go </li></ul><ul><li>FR thrives but Ethernet is knocking at the door </li></ul><ul><li>IP - Show me the money! </li></ul><ul><li>MPLS L2VPN - Have the cake and eat it too. </li></ul>
    16. 16. L2VPNs - The Way to Go! <ul><li>Multiprotocol </li></ul><ul><ul><li>IPX, SNA, AppleTalk, NetBios traffic </li></ul></ul><ul><ul><li>Revenue generating traffic </li></ul></ul><ul><li>Disjoint Routing and Addressing Domains </li></ul><ul><ul><li>More control and independence </li></ul></ul><ul><ul><li>Avoid interference between customer and provider networks </li></ul></ul><ul><li>FR/ATM VPNs have solid foothold: established, accepted, and trusted </li></ul><ul><ul><li>cost/benefit of switching to L3VPNs not attractive </li></ul></ul>
    17. 17. FR/ATM Dominates <ul><li>FR /ATM are cash cows </li></ul><ul><ul><li>Predominant access and VPN technology </li></ul></ul><ul><ul><li>Significant source of revenues and profits ( Vertical Systems Group: $18B worldwide carrier FR revenues FY02 ) </li></ul></ul><ul><ul><li>Demand continues to grow (IDC: 14% annual 2000-2005) </li></ul></ul><ul><li>FR has its problems </li></ul><ul><ul><li>Scalability issues because of ATM aggregation </li></ul></ul><ul><ul><li>Speed limitations DS0-DS3 </li></ul></ul><ul><ul><li>Granularity </li></ul></ul><ul><li>Ethernet - Emerging disruptive technology </li></ul>$ $
    18. 18. Ethernet - Looming in the Horizon <ul><li>Ubiquitous, cheap, high performance, popular </li></ul><ul><ul><li>95% of ALL enterprise traffic starts off and ends up as Ethernet </li></ul></ul><ul><ul><li>200 million Ethernet ports worldwide </li></ul></ul><ul><li>Leverages Ethernet’s benefits </li></ul><ul><ul><li>Lower overall costs: CPE, access charges, etc. </li></ul></ul><ul><ul><li>Increased capacity: 1M-10G </li></ul></ul><ul><ul><li>Improved flexibility: kbps quantization </li></ul></ul><ul><ul><li>Improved scalability: MPLS used for aggregation </li></ul></ul><ul><li>5x increase in Ethernet access services market </li></ul><ul><ul><li>WW Ethernet Service Market = $546.6M (FY02 - Pioneer Consulting) </li></ul></ul><ul><ul><li>WW FR+ATM market = $18B (FY02- Vertical Systems Group) </li></ul></ul><ul><ul><ul><li>$2.4B of which is high speed FR/ATM (DS3+) and is immediately addressable with Ethernet </li></ul></ul></ul><ul><li>Improved business and competitive posture </li></ul><ul><ul><li>Increased service revenue per access line </li></ul></ul><ul><ul><li>Able to attack market share leaders with new technical advantage </li></ul></ul><ul><ul><li>Able to defend against low cost – emerging competitors </li></ul></ul>
    19. 19. IP Services - A Money Pit <ul><li>No proven and profitable business model for IP services </li></ul><ul><ul><li>Undifferentiated services with no meaningful SLAs </li></ul></ul><ul><ul><li>Not many profitable ISPs </li></ul></ul><ul><li>Huge investments in core IP infrastructure - Lot of capacity, high performance equipment </li></ul><ul><li>Need a way to leverage IP infrastructure while retaining FR/ATM customer base </li></ul><ul><li>Layer 2 IP VPNs: Have your cake and eat it too </li></ul><ul><ul><li>Offer FR/ATM services </li></ul></ul><ul><ul><li>Migrate to Ethernet/MPLS seamlessly </li></ul></ul><ul><ul><li>Cut costs by consolidating on single infrastructure </li></ul></ul>
    20. 20. Layer 2 MPLS VPNs <ul><li>Any IP tunneling technology? </li></ul><ul><li>MPLS is the focus of attention </li></ul><ul><ul><li>ATM/FR like capabilities </li></ul></ul><ul><ul><li>Traffic Engineering </li></ul></ul><ul><ul><li>Bandwidth and QoS guarantees </li></ul></ul><ul><ul><li>Fast rerouting: Fast recovery </li></ul></ul><ul><li>MPLS targeted by Metro Ethernet providers </li></ul><ul><li>Competitive pricing of MPLS equipment </li></ul>
    21. 21. Why? <ul><li>Continue to milk the FR/ATM cash cow </li></ul><ul><li>Extract value out of IP infrastructure </li></ul><ul><li>Cut costs by consolidating FR/ATM services onto a common IP infrastructure </li></ul><ul><li>Stay on course for migration to IP-based next-generation network architectures </li></ul>
    22. 22. Who? <ul><li>Standards Groups </li></ul><ul><ul><li>IETF PWE3 </li></ul></ul><ul><ul><li>IETF PPVPN </li></ul></ul><ul><li>Service Providers </li></ul><ul><ul><li>SBC, Bell South, Sprint, Bell Canada, Level3, Cable & Wireless, Pacific Century Cyberworks, Storm Telecommunications, Intellispace, Telseon, Yipes </li></ul></ul><ul><li>Vendors </li></ul><ul><ul><li>Tenor, Laurel, Riverstone, TiMetra, Juniper, Cisco </li></ul></ul>
    23. 23. The Technology <ul><li>Architecture Overview </li></ul><ul><li>Terminology </li></ul><ul><li>Reference Model </li></ul><ul><li>Functions </li></ul><ul><ul><li>Configuration </li></ul></ul><ul><ul><li>Signaling: LDP (Martini), BGP (Kompella) </li></ul></ul><ul><ul><li>Encapsulation: Martini, Brayley, Fischer, Bryant, etc. </li></ul></ul><ul><ul><li>Aggregation and Transport: MPLS, RSVP-TE, LDP </li></ul></ul><ul><li>Services </li></ul><ul><ul><li>VPWS </li></ul></ul><ul><ul><li>VPLS </li></ul></ul>
    24. 24. Architecture: Terminology <ul><li>Provider : Service Provider </li></ul><ul><li>Customer : Client of VPN Services </li></ul><ul><li>PE : Provider Edge Device </li></ul><ul><li>CE : Customer Edge Device </li></ul><ul><li>P : Provider Interior Device </li></ul><ul><li>Attachment Circuit : Customer Access Circuit (CE <-> PE) </li></ul><ul><li>Pseudowire : Customer circuit as it is transported within the provider network (PE<->PE) </li></ul><ul><li>Tunnel : LSP used to aggregate and transport pseudowires </li></ul><ul><li>SOURCE: rfc2547bis, draft-ietf-ppvpn-l2framework-00 </li></ul>
    25. 25. L2VPN Reference Model SERVICE PROVIDER NETWORK PE PE PE PE PE PE P SITE 1 SITE 2 SITE 3 CE 1 CE 2 CE 3 Pseudowire1-3 Attachment circuits Attachment circuits Attachment circuits Pseudowire1-2 Pseudowire2-3
    26. 26. <ul><li>Configuration </li></ul><ul><ul><li>Martini Approach: Scaling issue </li></ul></ul><ul><ul><li>Kompella Approach: pre-provisioned attachment circuits </li></ul></ul><ul><li>Signaling: </li></ul><ul><ul><li>Martini Approach: LDP Extended Discovery </li></ul></ul><ul><ul><li>Kompella Approach: MP-BGP Extensions </li></ul></ul><ul><li>Forwarding </li></ul><ul><li>Encapsulation </li></ul><ul><li>Transport </li></ul><ul><li>draft-ietf-ppvpn-l2vpn-00.txt </li></ul>L2VPN Architecture: Functions
    27. 27. Configuration: Martini Approach interface sonet 3/1 encap frame-relay frame-relay interface dlci 43 mpls l2transport route 100 43 mtu 1500 ... DLCI VC ID PE2 IP address DLCI 43 SERVICE PROVIDER NETWORK CE 1 PE 1 PE 2 CE 2 DLCI 44 interface sonet 5/2 encap frame-relay frame-relay interface dlci 44 mpls l2transport route 100 44 mtu 1500 ... PE1 IP address VC ID DLCI
    28. 28. Configuration: Kompella Approach <ul><li>FR L2VPN </li></ul><ul><li>3 sites initially </li></ul><ul><li>Anticipate growth to 5 sites </li></ul>CE2 50 CE3 51 CE4 52 CE5 53 PE 1 CE 1 DLCIs CE1 60 CE3 61 CE4 62 CE5 63 PE 2 CE 2 DLCIs CE1 70 CE2 71 CE3 72 CE4 73 PE 3 CE 3 DLCIs CE1 80 CE2 81 CE3 82 CE5 83 PE 4 CE 4 DLCIs CE1 90 CE2 91 CE3 92 CE4 93 PE 5 CE 5 DLCIs Pre-provisioned DLCIs
    29. 29. Signaling <ul><li>Signaling: </li></ul><ul><ul><li>Set up, Tear down, Monitor Pseudowire </li></ul></ul><ul><ul><li>Exchange VC label </li></ul></ul><ul><ul><li>VC label (Inner Label): </li></ul></ul><ul><ul><ul><li>tunnel multiplexing, cross-connecting pseudowire and attachment circuit </li></ul></ul></ul><ul><ul><ul><li>MPLS per-platform label space </li></ul></ul></ul><ul><li>Two approaches: Martini and Kompella </li></ul>VC LABEL VC LABEL SERVICE PROVIDER NETWORK CE 1 PE 1 PE 2 CE 2 DLCI 43 DLCI 44 93 85
    30. 30. Martini Signaling <ul><li>Only edge devices are aware of pseudowire </li></ul><ul><li>LDP deployed in Extended Discovery Mode between PEs </li></ul><ul><li>New Forwarding Equivalence Class element - VC FEC </li></ul><ul><li>Downstream Unsolicited </li></ul><ul><li>Normal LDP message exchanges </li></ul><ul><ul><li>Label Mapping: Pseudowire setup </li></ul></ul><ul><ul><li>Label Withdraw, Label Release: Pseudowire tear down </li></ul></ul><ul><li>All pseudowires between 2 PEs share same LDP session </li></ul>Martini Virtual Circuit FEC VC Info Len VC TLV C VC Type Group ID VC ID Interface parameters ... ... SERVICE PROVIDER NETWORK CE 1 PE 1 PE 2 CE 2 Targeted LDP Session between PEs
    31. 31. Kompella Signaling <ul><li>Only edge devices are aware of pseudowire </li></ul><ul><li>Exchange blocks of preallocated labels over IBGP mesh </li></ul><ul><li>MP-BGP (RFC2858) extensions </li></ul><ul><ul><li>New BGP NLRI for L2VPN Information </li></ul></ul><ul><ul><li>New Extended Community for Layer 2 Info </li></ul></ul><ul><ul><li>New sub-TLV (Circuit Status Vector) </li></ul></ul><ul><li>All pseudowires between 2 PEs share same IBGP session </li></ul><ul><li>Advantages: </li></ul><ul><ul><li>PE devices typically run BGP4: not much additional burden </li></ul></ul>BGP L2VPN NLRI Length (2) Route Distinguisher (8) CE ID (2) Label-block Offset (2) Label Base (3) Variable TLVs (0..N) Ext. Community Type (2) Encaps Type (1) Cntrl Flags (1) Layer-2 MTU (2) Reserved (2) L2Info Ext Community draft-kompella-ppvpn-l2vpn-02.txt (Nov 2001) CE 4 PE 4 SERVICE PROVIDER NETWORK CE 1 PE 1 PE 2 CE 2 PE 3 CE 3 IBGP MESH
    32. 32. Forwarding <ul><li>Local CE -> Remote CE </li></ul><ul><li>Remote CE -> Local CE </li></ul><ul><li>Forwarding Table </li></ul><ul><ul><li>Attachment circuit only </li></ul></ul><ul><ul><li>Attachment circuit+L2 header (dynamic QoS) </li></ul></ul><ul><li>VPWS: point-to-point </li></ul><ul><li>VPLS: </li></ul><ul><ul><li>flooding </li></ul></ul><ul><ul><li>learning </li></ul></ul>CE PE Receive Layer 2 PDU on attachment circuit 1 Switch received PDU to proper pseudowire 2 Generate pseudowire encapsulation attach labels, and transmit on pseudowire 3 Receive encapsulated PDU from pseudowire 4 Switch encapsulated PDU received from pseudowire to proper attachment circuit 5 Regenerate appropriate Layer 2 encapsulation and transmit on attachment circuit 6
    33. 33. Encapsulation <ul><li>Need for pseudowire encapsulation </li></ul><ul><ul><li>Control information and payload need to be preserved </li></ul></ul><ul><ul><li>L2 protocol needs to be faithfully emulated (e.g., sequentiality, padding) </li></ul></ul><ul><li>Encapsulations galore! </li></ul><ul><ul><li>FR : Martini, Bryant, Kamapabhava </li></ul></ul><ul><ul><li>ATM : Martini, Brayley, Kolyeni, Fisher </li></ul></ul><ul><ul><li>Ethernet : Martini </li></ul></ul><ul><ul><li>PPP/HDLC : Martini </li></ul></ul><ul><li>The winner is … </li></ul><ul><ul><li>Martini Encapsulation </li></ul></ul><ul><ul><li>Momentum: mind share and vendor support </li></ul></ul><ul><ul><li>Deeply embedded in everyone’s minds: Layer 2 <=> Martini </li></ul></ul>
    34. 34. Martini Encapsulation <ul><ul><li>Attempts to keep encapsulation common for all data links: </li></ul></ul><ul><ul><ul><li>FR, ATM (AAL5 and Cell), Ethernet (native and VLAN ), HDLC, and PPP. </li></ul></ul></ul><ul><ul><li>Control word: </li></ul></ul><ul><ul><ul><li>Sequencing, Padding, Control bits from L2 header </li></ul></ul></ul><ul><ul><li>Inner Label: Defines demultiplexer field for MPLS environments </li></ul></ul>VC LABEL CONTROL WORD L2 PAYLOAD + PADDING Martini Encapsulation for MPLS Generic Control Word Format Frame Relay Flags ATM AAL5 Payload Service Flags FLAGS (10) LEN(6) SEQ NUMBER (16) RESV(4) B RESV(2) D C F RESV(4) F RESV(2) C I E
    35. 35. Encapsulation Example PE 2 pseudowire DA SA 8847h Tunnel Label VC Label Control Word FR PAYLOAD RES F B D C RES LENGTH SEQUENCE NUMBER Martini Encapsulation FLAG FR HEADER FR PAYLOAD FCS DLCI C/R EA DLCI F B D EA PE 1 CE 1 DLCI
    36. 36. Martini Encapsulation Drafts draft-martini-l2circuit-encap-mpls-04.txt (November 2001) FR : draft-martini-frame-encap-mpls-01.txt FR ATM : draft-martini-atm-encap-mpls-01.txt ATM Ethernet : draft-martini-ethernet-encap-mpls-01.txt Ethernet PPP/HDLC : draft-martini-ppp-hdlc-encap-mpls-01.txt PPP/HDLC
    37. 37. Alternative Encapsulations <ul><li>FR : </li></ul><ul><ul><li>draft-bryant-pwe3-fr-encap-01.txt </li></ul></ul><ul><ul><li>draft-kamapabhava-fr-pwe3-01.txt : merged into draft-martini-frame-encap-mpls-01.txt </li></ul></ul><ul><ul><li>Preserve order of control bits for efficient frame processing </li></ul></ul><ul><li>ATM : </li></ul><ul><ul><li>draft-koleyni-atm-over-mpls-04.txt </li></ul></ul><ul><ul><li>draft-brayley-pwe3-atm-service-00.txt </li></ul></ul><ul><ul><li>draft-fischer-pwe3-atm-service-03.txt </li></ul></ul><ul><ul><li>Differ in packaging efficiency and control word formats </li></ul></ul>
    38. 38. Fischer Vs Brayley <ul><li>Inputs to IETF PWE3 design team : </li></ul><ul><ul><li>draft-martini-l2circuit-encap-mpls : cell and AAL5 modes </li></ul></ul><ul><ul><li>draft-koleyni-atm-over-mpls : </li></ul></ul><ul><ul><ul><li>VPC, VCC, AAL5 services </li></ul></ul></ul><ul><ul><ul><li>Based on ATM Forum Spec ( af-aic-0178.000 ) </li></ul></ul></ul><ul><li>Outputs : </li></ul><ul><ul><li>draft-brayley-pwe3-atm-service : VPC, VCC, AAL5, Port mode </li></ul></ul><ul><ul><li>draft-fischer-pwe3-atm-service : VPC, VCC, AAL5 </li></ul></ul><ul><ul><li>Differences: </li></ul></ul><ul><ul><ul><li>Variable length control word (seq number, length optional) in Fischer </li></ul></ul></ul><ul><ul><ul><ul><li>Efficient (less overhead) - “extra OC-3 out of an OC-48”  </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Adds commplexity - difficult to implement  </li></ul></ul></ul></ul><ul><ul><ul><li>Brayley more closely aligned with other PWE3 work </li></ul></ul></ul><ul><ul><ul><li>Port mode in Brayley controversial: QoS issues </li></ul></ul></ul><ul><li>Status : </li></ul><ul><ul><li>draft-brayley merged into draft-martini-atm-encap-mpls-01.txt : port mode dropped </li></ul></ul><ul><ul><li>Momentum behind draft-martini-atm-encap-mpls-01.txt </li></ul></ul>
    39. 39. Transport <ul><li>Scaling Issues </li></ul><ul><ul><li>n 2 virtual circuits (full mesh), n = number of customer sites </li></ul></ul><ul><ul><li>Hierarchical aggregation: Common architectural construct used to deal with scaling </li></ul></ul><ul><ul><li>Tunnels </li></ul></ul><ul><ul><ul><li>Allow VCs to be aggregated and transported between PE nodes </li></ul></ul></ul><ul><ul><ul><li>N 2 tunnels between PE node, N = number of PE nodes, N << n </li></ul></ul></ul><ul><ul><ul><li>Multiplexing field for aggregation </li></ul></ul></ul><ul><ul><ul><ul><li>MPLS: label stacking and inner label </li></ul></ul></ul></ul><ul><ul><ul><ul><li>L2TP: tunnel-id and session-id fields </li></ul></ul></ul></ul><ul><ul><ul><ul><li>IPSec: Security Parameter Index (SPI) field </li></ul></ul></ul></ul><ul><ul><ul><ul><li>GRE: key field (intended for source authentication) </li></ul></ul></ul></ul><ul><li>Reduce complexity of P devices </li></ul><ul><ul><li>P devices switch tunnels without regard to what is in the tunnels </li></ul></ul><ul><li>QoS </li></ul>
    40. 40. MPLS Transport <ul><li>Multiprotocol Label Switching </li></ul><ul><li>LSRs (P Nodes) and LERs (PE nodes) </li></ul><ul><li>LSP established via label distribution </li></ul><ul><ul><li>RSVP (Traffic Engineered) RFC 3209 </li></ul></ul><ul><ul><ul><li>PATH, RESV, PTEAR, RTEAR, PERR, RERR </li></ul></ul></ul><ul><ul><li>LDP (IP Routed) RFC 3036 </li></ul></ul><ul><ul><ul><li>Label Request, Mapping, Withdraw, Release </li></ul></ul></ul><ul><li>Label operations: Push, Swap, Pop </li></ul><ul><li>Label stacking: Hierarchical LSPs RFC 3032 </li></ul><ul><li>VC Label and Tunnel Label </li></ul>
    41. 41. Layer 2 VPN Services <ul><li>VPWS </li></ul><ul><ul><li>Virtual Private Wire Service </li></ul></ul><ul><li>VPLS </li></ul><ul><ul><li>Virtual Private LAN Service </li></ul></ul><ul><li>IPLS </li></ul><ul><ul><li>IP over LAN Service </li></ul></ul>
    42. 42. Virtual Private Wire Service <ul><li>“ Virtual Leased Line” </li></ul><ul><li>Bi-directional Point-to-Point VC: FR, ATM, Ethernet, VLAN, etc. </li></ul><ul><li>Interworking: </li></ul><ul><ul><li>ATM/FR, Ethernet/ATM/FR </li></ul></ul><ul><ul><li>PE provides interworking functions </li></ul></ul><ul><ul><ul><li>LLC/SNAP to NLPID conversion </li></ul></ul></ul><ul><ul><ul><li>ARP mediation: mapping between ARP protocol variants ( draft-shah-ppvpn-arp-mediation-00.txt ) </li></ul></ul></ul><ul><ul><ul><li>OAM cell handling, FR XID exchanges, etc . </li></ul></ul></ul><ul><li>Virtual Private Line: VPWS with QoS (low latency, low jitter, guaranteed bandwidth) </li></ul>SERVICE PROVIDER NETWORK CE 1 PE 1 PE 2 CE 2 DLCI 43 DLCI 44
    43. 43. Ethernet-based VPN Services “Never bet against Ethernet” <ul><li>Ethernet Service Interworking </li></ul><ul><ul><li>PE-IWF - A PE Interworking node provides transparent interoperability of Ethernet Private Line services with existing Frame Relay & ATM sites for IP traffic (Tenor’s EASI). </li></ul></ul><ul><ul><li>Provides seamless migration to new high speed Ethernet services. </li></ul></ul><ul><ul><li>Allows service provider to market new services to existing customer base. </li></ul></ul><ul><li>Virtual Private LAN Service </li></ul><ul><ul><li>Customer sees VPN as an extended LAN </li></ul></ul>CE CE CE CE CE PE PE PE Ethernet Connected CE PE-IWF Frame Relay / ATM Network L2PE L2PE L2PE Frame ATM
    44. 44. Virtual Private LAN Service <ul><li>L2PE : </li></ul><ul><ul><li>Low cost Layer 2 Provider Edge Device </li></ul></ul><ul><ul><li>Essentially a bridge - with modifications to support interaction with PE </li></ul></ul><ul><li>Lasserre: VPLS ( draft-lasserre-vkompella-ppvpn-vpls-02.txt ) </li></ul><ul><ul><li>PE devices are LERs that also implement bridging functionality </li></ul></ul><ul><ul><li>Hierarchy (hub and spoke) for scaling </li></ul></ul><ul><ul><li>Martini signaling </li></ul></ul><ul><li>Kompella: DTLS ( draft- kompella-ppvpn-dtls-01.txt ) </li></ul><ul><ul><li>PE devices do MPLS, L2PE devices do bridging (decoupled TLS) </li></ul></ul><ul><ul><li>Hierarchy (full mesh) for decoupling and simplification </li></ul></ul><ul><ul><li>Kompella signaling </li></ul></ul>CE CE CE CE CE PE PE PE L2PE Ethernet Connected L2PE L2PE
    45. 45. IP over LAN Service <ul><li>IPLS: draft-rosen-heron-ppvpn-ipls-00.txt </li></ul><ul><li>Virtual Private LAN Service for IP Traffic only </li></ul><ul><li>Benefits : </li></ul><ul><ul><li>PE devices need not support bridging </li></ul></ul><ul><ul><ul><li>Existing devices may not support bridging </li></ul></ul></ul><ul><ul><ul><li>Addition of bridging functions: low performance or increased costs/mgmt burdens </li></ul></ul></ul><ul><ul><li>L2PE device not required </li></ul></ul><ul><ul><li>LAN service supported with software upgrade of existing PE devices </li></ul></ul><ul><li>Architecture: </li></ul><ul><ul><li>Discovery </li></ul></ul><ul><ul><li>Signaling: Extensions to Martini signaling </li></ul></ul><ul><ul><li>Proxy ARP </li></ul></ul><ul><ul><li>Forwarding </li></ul></ul>IP CE IP CE IP CE IP CE IP CE PE PE PE Ethernet Connected Ethernet Switch Ethernet Rptr
    46. 46. Conclusion <ul><li>Recap </li></ul><ul><li>Strong business case exists for MPLS L2VPN </li></ul><ul><li>Martini L2VPNs hold mind share and momentum </li></ul>