Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Juniper L2 MPLS VPN

8,546 views

Published on

Juniper L2 MPLS VPN

Published in: Technology
  • DOWNLOAD THAT BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { http://shorturl.at/mzUV6 } ......................................................................................................................... Download Full EPUB Ebook here { http://shorturl.at/mzUV6 } ......................................................................................................................... Download Full doc Ebook here { http://shorturl.at/mzUV6 } ......................................................................................................................... Download PDF EBOOK here { http://shorturl.at/mzUV6 } ......................................................................................................................... Download EPUB Ebook here { http://shorturl.at/mzUV6 } ......................................................................................................................... Download doc Ebook here { http://shorturl.at/mzUV6 } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book that can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer that is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story That Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money That the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths that Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Copas Url to Download eBook === http://bestadaododadj.justdied.com/2218920689-maths-ce1-guide-de-l-enseignant.html
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THAT BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download Full EPUB Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download Full doc Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download PDF EBOOK here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download EPUB Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download doc Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book that can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer that is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story That Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money That the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths that Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Get Now to Download eBook === http://ebookdfsrewsa.justdied.com/2017064041-1eres-lectures-ce1-disney-les-indestructibles-2-mes-premieres-lectures-hachette.html
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THAT BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download Full EPUB Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download Full doc Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download PDF EBOOK here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download EPUB Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download doc Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book that can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer that is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story That Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money That the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths that Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Juniper L2 MPLS VPN

  1. 1. L2 MPLS VPNs Hector Avalos Technical Director-Southern Europe [email_address]
  2. 2. Agenda: L2 MPLS VPNs <ul><li>VPNs Overview </li></ul><ul><li>Provider-provisioned L2 MPLS VPNs </li></ul><ul><ul><li>Taxonomy </li></ul></ul><ul><ul><li>Operational Model </li></ul></ul><ul><li>Conclusion </li></ul>
  3. 3. What is a VPN? <ul><li>A private network constructed over a shared infrastructure </li></ul><ul><li>Virtual: not a separate physical network </li></ul><ul><li>Private: separate addressing and routing </li></ul><ul><li>Network: a collection of devices that communicate </li></ul><ul><li>Policies are key — global connectivity is not the goal </li></ul>Shared Infrastructure Mobile Users and Telecommuters Remote Access Branch Office Corporate Headquarters Suppliers, Partners and Customers Intranet Extranet
  4. 4. Deploying VPNs in the 1990s <ul><li>Operational model </li></ul><ul><ul><li>PVCs overlay the shared infrastructure (ATM/Frame Relay) </li></ul></ul><ul><ul><li>Routing occurs at customer premise </li></ul></ul><ul><li>Benefits </li></ul><ul><ul><li>Mature technologies </li></ul></ul><ul><ul><li>Relatively “secure” </li></ul></ul><ul><ul><li>Service commitments (bandwidth, availability, and more) </li></ul></ul><ul><li>Limitations </li></ul><ul><ul><li>Scalability, provisioning and management </li></ul></ul><ul><ul><li>Not a fully integrated IP solution </li></ul></ul>Provider Frame Relay Network CPE CPE DLCI FR Switch DLCI DLCI FR Switch FR Switch
  5. 5. Traditional (Layer 2) VPNs Router Frame Relay/ ATM Switch
  6. 6. Improving Traditional Layer 2 VPNs <ul><li>Decouple edge (customer-facing) technology from core technology </li></ul><ul><li>Have a single network infrastructure for all desired services </li></ul><ul><ul><li>Internet </li></ul></ul><ul><ul><li>L3 MPLS VPNs </li></ul></ul><ul><ul><li>L2 MPLS VPNs </li></ul></ul><ul><li>Simplify provisioning </li></ul><ul><ul><li>Appropriate signaling mechanisms for VPN auto-provisioning </li></ul></ul>
  7. 7. VPN Classification Model <ul><li>Customer-managed VPN solutions (CPE-VPNs) </li></ul><ul><ul><li>Layer 2: L2TP and PPTP </li></ul></ul><ul><ul><li>Layer 3: IPSec </li></ul></ul><ul><li>Provider-provisioned VPN solutions (PP-VPNs) </li></ul><ul><ul><li>Layer 3: MPLS-Based VPNs (RFC 2547bis) </li></ul></ul><ul><ul><li>Layer 3: Non-MPLS-Based VPNs (Virtual Routers) </li></ul></ul><ul><ul><li>Layer2: MPLS VPNs </li></ul></ul>PE PE CPE CPE Subscriber Site 3 PP-VPN Subscriber Site 2 CPE PE VPN Tunnel VPN Tunnel VPN Tunnel CPE PE PE PE CPE CPE CPE-VPN VPN Tunnel Subscriber Site 1 Subscriber Site 3 Subscriber Site 2 VPN Tunnel Subscriber Site 1 VPN Tunnel
  8. 8. PP-VPNs: Layer 2 Classification <ul><li>Service Provider deliver s Layer 2 circuit IDs (DLCI, VP I/V CI, 802.1q vlan) to the customer </li></ul><ul><ul><li>One for each reachable site </li></ul></ul><ul><li>Customer maps their own routing architecture to the circuit mesh </li></ul><ul><li>Provider router maps the circuit ID to a L abel Switched Path (LSP) to traverse the provider core </li></ul><ul><li>Customer routes are transparent to provider routers </li></ul><ul><li>Provider-provisioned L2 MPLS VPN Internet drafts </li></ul><ul><ul><li>draft-kompella-mpls-l2vpn-02.txt </li></ul></ul><ul><ul><li>draft-martini-l2circuit-encap-mpls-01.txt </li></ul></ul>
  9. 9. Agenda: L2 MPLS VPNs <ul><li>Overview of VPNs </li></ul><ul><li>Provider-provisioned L2 MPLS VPNs </li></ul><ul><ul><li>Taxonomy </li></ul></ul><ul><ul><li>Operational Model </li></ul></ul><ul><li>Conclusion </li></ul>
  10. 10. Customer Edge Routers <ul><li>Customer Edge (CE) routers </li></ul><ul><ul><li>Router or switch device located at customer premises providing access to the service provider network </li></ul></ul><ul><ul><li>Layer 2 (FR, ATM, Ethernet) and Layer 3 (IP, IPX, SNA …) independence of the service provider network </li></ul></ul><ul><ul><li>CEs within a VPN, uses the same L2 technology to access the service provider network </li></ul></ul><ul><ul><li>Requires a sub-interface per CE it needs to interconnect to within the VPN </li></ul></ul><ul><ul><li>Maintains routing adjacencies with other CEs within the VPN </li></ul></ul>CE P P PE CE Customer Edge CE CE PE VPN A VPN A VPN B VPN B PE ATM FR ATM FR VPN Site
  11. 11. Provider Edge Routers <ul><li>Provider Edge (PE) routers </li></ul><ul><ul><li>Maintain site-specific VPN Forwarding Tables </li></ul></ul><ul><ul><li>Exchange VPN Connection Tables with other PE routers using MP-IBGP or LDP </li></ul></ul><ul><ul><li>Use MPLS LSPs to forward VPN traffic </li></ul></ul>CE P P PE CE CE CE PE VPN A VPN A VPN B VPN B PE Provider Edge ATM FR ATM FR
  12. 12. Provider Routers <ul><li>Provider (P) routers </li></ul><ul><ul><li>Forward data traffic transparently over established LSPs </li></ul></ul><ul><ul><li>Do not maintain VPN-specific forwarding information </li></ul></ul>CE P P PE CE CE CE PE VPN A VPN A VPN B VPN B PE Provider Routers ATM FR ATM FR
  13. 13. VPN Forwarding Tables ( VFT ) <ul><li>Each VFT is populated with: </li></ul><ul><ul><li>The forwarding information provisioned for the local CE sites </li></ul></ul><ul><ul><li>VPN Connection Tables received from other PEs via iBGP or LDP </li></ul></ul>P P P PE 2 VPN A Site 3 VPN A Site 1 VPN B Site2 VPN B Site 1 PE 1 PE 3 VPN A Site2 CE–A1 CE–B1 CE–A3 CE–A2 CE–B2 P A V FT is created for each site connected to the PE OSPF OSPF OSPF ATM ATM ATM
  14. 14. VPN Connection Tables ( VCT ) <ul><li>The VCT is a subset of information hold by the VFT </li></ul><ul><li>VCTs are distributed by the PEs via iBGP or LDP </li></ul>PE-2 CE- 4 PE-1 CE-2 CE- 2 CE-1 A V CT is distributed for each VPN site to PE s MP-i BGP session / LDP Site 1 Site 2 Site 1 Site 2 VFT VFT VFT VFT
  15. 15. L2 VPN Provisioning <ul><li>Provisioning the network </li></ul><ul><li>Provisioning the CEs </li></ul><ul><li>Provisioning the VPN (PEs) </li></ul><ul><li>VPN Connection Table Distribution </li></ul>Assumption: access technology is Frame Relay (other cases are similar)
  16. 16. Provisioning the Network <ul><li>PE-to-PE LSPs pre-established via </li></ul><ul><ul><li>RSVP-TE </li></ul></ul><ul><ul><li>LDP </li></ul></ul><ul><ul><li>LDP over RSPV-TE tunneling </li></ul></ul><ul><li>LSPs used for many services: IP, L2 VPN, L3 VPN, … </li></ul><ul><li>Provisioned independent of Layer 2 VPNs </li></ul>P P P PE 2 VPN A Site 3 VPN A Site 1 VPN B Site2 VPN B Site 1 PE 1 PE 3 VPN A Site2 CE–A1 CE–B1 CE–A3 CE–A2 CE–B2 P OSPF OSPF OSPF ATM ATM ATM
  17. 17. Provisioning Customer Sites <ul><li>List of DLCIs: one for each site, some spare for over-provisioning </li></ul><ul><li>DLCIs independently numbered at each site </li></ul><ul><li>LMI, inverse ARP and/or routing protocols for auto-discovery and learning addresses </li></ul><ul><li>No changes as VPN membership changes </li></ul><ul><ul><li>Until over-provisioning runs out </li></ul></ul>CE-4 Routing Table In Out DLCI 6 3 10/8 CE- 4 DLCIs 63 75 82 94 DLCI 75 20/8 DLCI 82 3 0/8 DLCI 94 -
  18. 18. Provisioning CE’s at the PE <ul><li>A VFT is provisioned at each PE for each CE </li></ul><ul><ul><li>VPN-ID : unique value within the service provider network </li></ul></ul><ul><ul><li>CE-ID : unique value in the context of a VPN </li></ul></ul><ul><ul><li>CE Range : maximum number of CEs that it can connect to </li></ul></ul><ul><ul><li>Sub-interface list : set of local sub-interface IDs assigned for the CE-PE connection </li></ul></ul>CE 4 VFT VPN ID CE ID RED VPN 4 CE Range 4 Sub-int IDs 63 75 82 94
  19. 19. Provisioning CE’s at the PE <ul><li>A VFT is provisioned at each PE for each CE </li></ul><ul><ul><li>VPN-ID : unique value within the service provider network </li></ul></ul><ul><ul><li>CE-ID : unique value in the context of a VPN </li></ul></ul><ul><ul><li>CE Range : maximum number of CEs that it can connect to </li></ul></ul><ul><ul><li>Sub-interface list : set of local sub-interface IDs assigned for the CE-PE connection </li></ul></ul><ul><ul><li>Label-base : Label assigned to the first sub-interface ID </li></ul></ul><ul><ul><ul><li>The PE reserves N contiguous labels, where N is the CE Range </li></ul></ul></ul>CE 4 VCT CE 4 VFT VPN ID CE ID RED VPN 4 CE Range 1000 4 Label Base Sub-int IDs 63 75 82 94
  20. 20. Provisioning CE’s at the PE <ul><li>PE-2 is configured with the CE4 VFT </li></ul>PE-2 CE- 4 PE-1 CE-2 CE- 2 CE-1 CE 4 VFT VPN ID CE ID RED VPN 4 CE Range Label base 4 Sub-int IDs 63 75 82 94 1000 1001 1002 1003 FR FR Site 1 Site 2 Site 1 Site 2 VFT VFT VFT VFT Label used by CE 1 to reach CE 4 1001 Label used by CE 2 to reach CE 4 1002 Label used by CE 0 to reach CE 4 1000 CE 4 ‘s DLCI to CE 0 63 CE 4 ‘s DLCI to CE 1 75 CE 4 ‘s DLCI to CE 2 82 CE 4 ‘s DLCI to CE 3 94 Label used by CE 3 to reach CE 4 1003
  21. 21. Distributing VCTs <ul><li>Key: signalling using LDP or MP-iBGP </li></ul><ul><ul><li>Auto-discovery of members </li></ul></ul><ul><ul><li>Auto-assignment of inter-member circuits </li></ul></ul><ul><ul><li>Flexible VPN topology </li></ul></ul><ul><li>O(N) configuration for the whole VPN </li></ul><ul><ul><li>Could be more for complex topologies </li></ul></ul><ul><li>O(1) configuration to add a site </li></ul><ul><ul><li>“ Overprovision” DLCIs (sub-interfaces) at customer sites </li></ul></ul>
  22. 22. Distributing VCTs <ul><li>PE-1 accepts PE-2’s CE 4 VCT </li></ul>PE-2 CE- 4 PE-1 CE-2 CE- 2 CE-1 FR FR MP-i BGP session / LDP Site 1 Site 2 Site 1 Site 2 VFT VFT VFT VFT Label used by CE 2 to reach CE 4 1002 CE 4 VCT update VPN ID CE ID RED VPN 4 CE Range Label base 4 1000 CE 4 VCT update VPN ID CE ID RED VPN 4 CE Range Label base 4 1000
  23. 23. Updating VFTs <ul><li>PE-1 update its CE 2 VFT </li></ul>PE-2 CE- 4 PE-1 CE-2 CE- 2 CE-1 FR DLCI 82 FR DLCI 414 5020 7500 9350 Site 1 Site 2 Site 1 Site 2 VFT VFT VFT VFT CE 2 VFT CE ID Inner Label Sub-int IDs Label used to reach CE 4 1002 107 209 265 414 1 2 3 4
  24. 24. Updating VFTs <ul><li>PE-1 update its CE 2 VFT </li></ul>PE-2 CE- 4 PE-1 CE-2 CE- 2 CE-1 CE 2 VFT CE ID Inner Label Sub-int IDs 107 209 265 414 1 2 3 4 5020 7500 9350 1002 Outer Label FR DLCI 82 FR DLCI 414 Site 1 Site 2 Site 1 Site 2 VFT VFT VFT VFT LSP to PE-2 500
  25. 25. Data Flow <ul><li>The CE-2 sends packets to the PE via the DLCI which connects to CE-4 (414) </li></ul>PE-2 CE-4 PE-1 CE-2 CE- 2 CE-1 DLCI 82 DLCI 414 Site 1 Site 2 Site 1 Site 2 VFT VFT VFT VFT packet DLCI 414
  26. 26. Data Flow <ul><li>The DLCI number is removed by the ingress PE </li></ul><ul><li>Two labels are derived from the VFT sub-interface lookup and “pushed” onto the packet </li></ul><ul><ul><li>Outer IGP label </li></ul></ul><ul><ul><ul><li>Identifies the LSP to egress PE router </li></ul></ul></ul><ul><ul><ul><li>Derived from core’s IGP and distributed by RSVP or LDP </li></ul></ul></ul><ul><ul><li>Inner site label </li></ul></ul><ul><ul><ul><li>Identifies outgoing sub-interface from egress PE to CE </li></ul></ul></ul><ul><ul><ul><li>Derived from MP-IBGP/LDP VCT distributed by egress PE </li></ul></ul></ul>PE-2 CP-4 PE-1 CE-2 CE- 2 CE-1 PE-1 1) Lookup DLCI in Red V FT 2) Push VPN label ( 1002 ) 3) Push IGP label ( 500 ) DLCI 82 Packet site label ( 1002 ) IGP label ( 500 ) Site 1 Site 2 Site 1 Site 2 VFT VFT VFT VFT
  27. 27. Data Flow <ul><li>After packets exit the ingress PE, the outer label is used to traverse the LSP </li></ul><ul><ul><li>P routers are not VPN-aware </li></ul></ul>PE-2 CPE-4 PE-1 CE-2 CE- 2 CE-1 Packet site label ( 1002 ) IGP label ( z ) DLCI 82 DLCI 414 Site 1 Site 2 10.1/16 Site 1 Site 2 VFT VFT VFT VFT
  28. 28. Data Flow <ul><li>The outer label is removed through penultimate hop popping (before reaching the egress PE) </li></ul>PE-2 CE-4 PE-1 CE-2 CE- 2 CE-1 Packet site label ( 1002 ) DLCI 82 DLCI 414 Site 1 Site 2 10.1/16 Site 1 Site 2 Penultimate Pop top label VFT VFT VFT VFT
  29. 29. Data Flow <ul><li>The inner label is removed at the egress PE </li></ul><ul><li>The egress PE does a label lookup to find the corresponding DLCI value </li></ul><ul><li>The native Frame Relay packet is sent to the corresponding outbound sub-interface </li></ul>PE-2 CE-4 PE-1 CE-2 CE- 2 CE-1 DLCI 82 DLCI 414 DLCI 82 Site 1 Site 2 Site 1 Site 2 VFT VFT VFT VFT packet
  30. 30. VPN Topologies <ul><li>Arbitrary topologies are possible: </li></ul><ul><ul><li>full mesh </li></ul></ul><ul><ul><li>hub-and-spoke </li></ul></ul><ul><li>BGP communities are used to configure VPN topologies when using BGP signaling </li></ul><ul><li>“Connectivity” parameter serves similar purpose in LDP signaling </li></ul>
  31. 31. Conclusions
  32. 32. A Range of VPN Solutions <ul><li>Each customer has different </li></ul><ul><ul><li>Security requirements </li></ul></ul><ul><ul><li>Staff expertise </li></ul></ul><ul><ul><li>Tolerance for outsourcing </li></ul></ul><ul><li>Customer networks vary by size and traffic volume </li></ul><ul><li>Providers also have different preferences concerning </li></ul><ul><ul><li>Extensive policy management </li></ul></ul><ul><ul><li>Inclusion of customer routes in backbone routers </li></ul></ul><ul><ul><li>Approaches to managed service </li></ul></ul>
  33. 33. MPLS-Based Layer 2 VPNs <ul><li>MPLS-based Layer 2 VPNs are identical to Layer 2 VPNs from customers’ perspective </li></ul><ul><ul><li>Familiar paradigm </li></ul></ul><ul><ul><li>Layer 3 independent </li></ul></ul><ul><ul><li>Provider not responsible for routing </li></ul></ul><ul><ul><li>No hacks for OSPF </li></ul></ul><ul><ul><li>Rely on SP only for connectivity </li></ul></ul><ul><li>MPLS transport in provider network </li></ul><ul><ul><li>Decouples edge and core Layer 2 technologies </li></ul></ul><ul><ul><li>Multiple services over single infrastructure </li></ul></ul><ul><ul><ul><li>Single network architecture for both Internet and VPN services </li></ul></ul></ul><ul><li>Label stacking </li></ul><ul><ul><li>Provision once, and use same LSP for multiple purposes </li></ul></ul><ul><li>Auto-provisioning VPN </li></ul>
  34. 34. MPLS-based Layer 2 VPNs: Advantages <ul><li>Subscriber </li></ul><ul><ul><li>Outsourced WAN infrastructure </li></ul></ul><ul><ul><li>Easy migration from existing Layer 2 fabric </li></ul></ul><ul><ul><li>Can maintain routing control, or opt for managed service </li></ul></ul><ul><ul><li>Supports any Layer 3 protocol </li></ul></ul><ul><ul><li>Supports multicast </li></ul></ul><ul><li>Provider </li></ul><ul><ul><li>Complements RFC 2547bis </li></ul></ul><ul><ul><ul><li>Operates over the same core, using the same outer LSP </li></ul></ul></ul><ul><ul><li>Existing Frame Relay and ATM VPNs can be collapsed onto a single IP/MPLS infrastructure </li></ul></ul><ul><ul><li>Label stacking allows multiple services over a single LSP </li></ul></ul><ul><ul><li>No scalability problems associated with storing numerous customer VPN routes </li></ul></ul><ul><ul><li>Simpler than the extensive policy-based configuration used with 2547 </li></ul></ul>
  35. 35. MPLS-based Layer 2 VPNs: Disadvantages <ul><li>Circuit type (ATM/FR) to each VPN site must be uniform </li></ul><ul><li>Managed network service required for provider revenue opportunity </li></ul><ul><li>Customer must have routing expertise (or opt for managed service) </li></ul>
  36. 36. Layer 2 MPLS-based VPNs Application <ul><li>Customer profile </li></ul><ul><ul><li>High degree of IP expertise </li></ul></ul><ul><ul><li>Desire to control their own routing infrastructure </li></ul></ul><ul><ul><li>Prefer to outsource tunneling </li></ul></ul><ul><ul><li>Large number of users and sites </li></ul></ul><ul><li>Provider profile </li></ul><ul><ul><li>MPLS deployed in the core </li></ul></ul><ul><ul><li>Migrating an existing ATM or Frame Relay network </li></ul></ul><ul><ul><li>Offers CPE managed service, or </li></ul></ul><ul><ul><li>Provisions only the layer 2 circuits at a premium cost </li></ul></ul><ul><li>Layer 2 MPLS-based VPNs are ideal for this customer profile </li></ul>
  37. 37. http://www.juniper.net Thank you!

×