MPLS VPN provides a way to extend private network connectivity over a shared public infrastructure in a secure manner. It utilizes MPLS to create virtual point-to-point connections between customer sites. There are two main types of MPLS VPNs - Layer 3 VPNs which use extensions to BGP to exchange routing information between customer edge routers and provider edge routers, and Layer 2 VPNs which extend customer layer 2 networks across the MPLS backbone by encapsulating layer 2 frames with labels.
Tutorial about MPLS Implementation with Cisco Router, this first of two chapter discuss about What is MPLS, Network Design, P, PE, and CE Router Description, Case Study of IP MPLS Implementation, IP and OSPF Routing Configuration
MPLS VPN is a family of methods for using multiprotocol label switching (MPLS) to create virtual private networks (VPNs). MPLS VPN is a flexible method to transport and route several types of network traffic using an MPLS backbone.
This slide contains concept about MPLS_VPNs specially L3_VPN protocol, according to the latest version of Cisco books(SP and R&S) and i taught it at IRAN TIC company.
In the next slide, i prepare title about MPLS L3_VPN Services and VPLS (MPLS L2_VPN)
Tutorial about MPLS Implementation with Cisco Router, this first of two chapter discuss about What is MPLS, Network Design, P, PE, and CE Router Description, Case Study of IP MPLS Implementation, IP and OSPF Routing Configuration
MPLS VPN is a family of methods for using multiprotocol label switching (MPLS) to create virtual private networks (VPNs). MPLS VPN is a flexible method to transport and route several types of network traffic using an MPLS backbone.
This slide contains concept about MPLS_VPNs specially L3_VPN protocol, according to the latest version of Cisco books(SP and R&S) and i taught it at IRAN TIC company.
In the next slide, i prepare title about MPLS L3_VPN Services and VPLS (MPLS L2_VPN)
Mobile Transport Evolution with Unified MPLSCisco Canada
Mobile Service Providers are seeing unprecedented challenges in relation to their Transport architectures with the 3GPP evolution towards IP based Node Bs, LTE (Long Term Evolution) and LTE-Advanced. This presentation will initially discuss the network migration trends and factors that are changing how mobile networks are evolving. A description is provided on Unified MPLS and the current issues that need to be fixed and how this architecture addresses this. A more detailed analysis will then examine the options available for transporting GSM/2G, UMTS/3G traffic and IP/Ethernet Node B deployments and some of factors that need consideration like scalability, resiliency and security. Finally, there is a detailed description of the LTE/LTE - A evolution and the feature requirements made on the transport network. There will be detailed analysis of different LTE models and also some technical enhancements and proposals considered for the implementation of LTE in a Unified MPLS environment.
This slide contains basic concept about MPLS and LDP protocol, according to the latest version of Cisco books(SP and R&S) and i taught it at IRAN TIC company.
i will prepare MPLS_VPN and MPLS_QoS and MPLS_TE later.
Overview of the MPLS backbone transmission technology.
MPLS (MultiProtocol Layer Switching) is a layer 2.5 technology that combines the virtues of IP routing and fast layer 2 packet switching.
IP packet forwarding is not suited for high-speed forwarding due to the need to evaluate multiple routes for each IP packet in order to find the optimal route, i.e. the route with the longest prefix match.
However, Internet Protocol routing provides global reachability through the IP address and through IP routing protocols like BGP or OSPF.
Layer 2 packet switching has complementary characteristics in that it does not provide global reachability through globally unique addresses but allows fast packet forwarding in hardware through the use of small and direct layer 2 lookup addresses.
MPLS combines IP routing and layer 2 switching by establishing layer 2 forwarding paths based on routes received through IP routing protocols like BGP or OSPF.
Thus the control plane of an MPLS capable device establishes layer 2 forwarding paths while the data plane then performs packet forwarding, often in hardware.
MPLS is not a layer 2 technology itself, i.e. it does not define a layer 2 protocol but rather makes use of existing layer 2 technologies like Ethernet, ATM or Frame Relay.
Demystifying EVPN in the data center: Part 1 in 2 episode seriesCumulus Networks
Network operators are slowly but surely embracing L3-based leaf-spine designs. However, either due to legacy applications or certain multi-tenancy requirements, the need for L2 across racks is still present. How do you solve the problem of providing L2 across multiple racks? EVPN is quickly emerging as the best answer to this question.
In this episode of our 2-part series on EVPN, we start with a discussion of the use cases, a review of the technologies EVPN competes with, and dive into an evaluation of the pros and cons of each.
For a recording of the live event, go to http://go.cumulusnetworks.com/l/32472/2017-09-22/95t27t
VRF (Virtual Routing and Forwarding) is a technology that allows multiple instances of a routing table to
co-exist within the same router at the same time. This increases functionality by allowing network paths
to be segmented without using multiple devices. Because traffic is automatically segregated, VRF also
increases network security and can eliminate the need for encryption and authentication. Internet
service providers (ISPs) often take advantage of VRF to create separate virtual private networks (VPNs)
for customers; thus the technology is also referred to as VPN routing and forwarding. Because the
routing instances are independent, the same or overlapping IP addresses can be used without
conflicting with each other.
Webinar topic: BGP tuning: Peer with loopback
Presenter: Achmad Mardiansyah
In this webinar, we discussed BGP tuning: peer with loopback. a loopback interface is a virtual interface, which is always ON and will not be affected by physical status. therefore it is very useful to use it as a peering parameter to ensure high availability of BGP peer.
Please share your feedback or webinar ideas here: http://bit.ly/glcfeedback
Check our schedule for future events: https://www.glcnetworks.com/en/schedule/
Follow our social media for updates: Facebook, Instagram, YouTube Channel, and telegram also discord
Recording is available on youtube:
https://youtu.be/tRW1xQDtH7w
Mobile Transport Evolution with Unified MPLSCisco Canada
Mobile Service Providers are seeing unprecedented challenges in relation to their Transport architectures with the 3GPP evolution towards IP based Node Bs, LTE (Long Term Evolution) and LTE-Advanced. This presentation will initially discuss the network migration trends and factors that are changing how mobile networks are evolving. A description is provided on Unified MPLS and the current issues that need to be fixed and how this architecture addresses this. A more detailed analysis will then examine the options available for transporting GSM/2G, UMTS/3G traffic and IP/Ethernet Node B deployments and some of factors that need consideration like scalability, resiliency and security. Finally, there is a detailed description of the LTE/LTE - A evolution and the feature requirements made on the transport network. There will be detailed analysis of different LTE models and also some technical enhancements and proposals considered for the implementation of LTE in a Unified MPLS environment.
This slide contains basic concept about MPLS and LDP protocol, according to the latest version of Cisco books(SP and R&S) and i taught it at IRAN TIC company.
i will prepare MPLS_VPN and MPLS_QoS and MPLS_TE later.
Overview of the MPLS backbone transmission technology.
MPLS (MultiProtocol Layer Switching) is a layer 2.5 technology that combines the virtues of IP routing and fast layer 2 packet switching.
IP packet forwarding is not suited for high-speed forwarding due to the need to evaluate multiple routes for each IP packet in order to find the optimal route, i.e. the route with the longest prefix match.
However, Internet Protocol routing provides global reachability through the IP address and through IP routing protocols like BGP or OSPF.
Layer 2 packet switching has complementary characteristics in that it does not provide global reachability through globally unique addresses but allows fast packet forwarding in hardware through the use of small and direct layer 2 lookup addresses.
MPLS combines IP routing and layer 2 switching by establishing layer 2 forwarding paths based on routes received through IP routing protocols like BGP or OSPF.
Thus the control plane of an MPLS capable device establishes layer 2 forwarding paths while the data plane then performs packet forwarding, often in hardware.
MPLS is not a layer 2 technology itself, i.e. it does not define a layer 2 protocol but rather makes use of existing layer 2 technologies like Ethernet, ATM or Frame Relay.
Demystifying EVPN in the data center: Part 1 in 2 episode seriesCumulus Networks
Network operators are slowly but surely embracing L3-based leaf-spine designs. However, either due to legacy applications or certain multi-tenancy requirements, the need for L2 across racks is still present. How do you solve the problem of providing L2 across multiple racks? EVPN is quickly emerging as the best answer to this question.
In this episode of our 2-part series on EVPN, we start with a discussion of the use cases, a review of the technologies EVPN competes with, and dive into an evaluation of the pros and cons of each.
For a recording of the live event, go to http://go.cumulusnetworks.com/l/32472/2017-09-22/95t27t
VRF (Virtual Routing and Forwarding) is a technology that allows multiple instances of a routing table to
co-exist within the same router at the same time. This increases functionality by allowing network paths
to be segmented without using multiple devices. Because traffic is automatically segregated, VRF also
increases network security and can eliminate the need for encryption and authentication. Internet
service providers (ISPs) often take advantage of VRF to create separate virtual private networks (VPNs)
for customers; thus the technology is also referred to as VPN routing and forwarding. Because the
routing instances are independent, the same or overlapping IP addresses can be used without
conflicting with each other.
Webinar topic: BGP tuning: Peer with loopback
Presenter: Achmad Mardiansyah
In this webinar, we discussed BGP tuning: peer with loopback. a loopback interface is a virtual interface, which is always ON and will not be affected by physical status. therefore it is very useful to use it as a peering parameter to ensure high availability of BGP peer.
Please share your feedback or webinar ideas here: http://bit.ly/glcfeedback
Check our schedule for future events: https://www.glcnetworks.com/en/schedule/
Follow our social media for updates: Facebook, Instagram, YouTube Channel, and telegram also discord
Recording is available on youtube:
https://youtu.be/tRW1xQDtH7w
Multi-Protocol Label Switching has become by far one of the most important Internet technologies of the last 15 years. From humble beginnings back in 1996-97, it is literally the defacto standard in a large majority of service provider networks today. This presentation, delivered to executives at MTNL, Mumbai (a large regional carrier in India), explains the key operational principles behind MPLS, and its significant applications.
Squire Technologies: Media Gateway Controller Presentation.
The SVI_MGC SS7 Media Gateway Controller enables SS7 on leading VoIP Media Gateways using industry based standards – MGCP, MEGACO H.248, SIGTRAN, SIP, SIP-I, SIP-T and H.323.
The SVI_MGC Media Gateway Controller enables clients to interface their VoIP networks to SS7 PSTN based telephone networks allowing the rapid launch of VoIP services, NAS Modem Dial-Up, distributed networks etc.
Overview of VPN protocols.
VPNs (Virtual Private Networks) are often viewed from the perspective of security with the goal of providing authentication and confidentiality.
However, the primary purpose of VPNs is to connect 2 topologically separated private networks over a public network (typically the Internet).
VPNs basically hook a network logically into another network so that both appear as one private local network.
Security is a possible add-on to VPNs. In many cases it makes perfectly sense to secure the VPNs communication over the unsecure public network.
VPN protocols typically employ a tunnel where data packets of the local network are encapsulated in an outer protocol for transmission over the public network.
The most important VPN protocols are IPSec, PPTP and L2TP. In recent years SSL/TLS based VPNs such as OpenVPN have gained widespread adoption.
International Journal of Engineering Research and Development (IJERD)IJERD Editor
call for paper 2012, hard copy of journal, research paper publishing, where to publish research paper,
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
This lesson describes the concept of VPN and introduces some VPN terminology.
Importance
This lesson is the foundation lesson for the MPLS VPN Curriculum.
Objectives
Upon completion of this lesson, the learner will be able to perform the following
tasks:
■ Describe the concept of VPN
■ Explain VPN terminology as defined by MPLS VPN architecture
Tech Talk by John Casey (CTO) CPLANE_NETWORKS : High Performance OpenStack Ne...nvirters
OpenStack is HOT! No doubt about it. A recent survey by The New Stack and The Linux Foundation shows OpenStack as the most popular open source project ahead of other hot projects like Docker and KVM. OpenStack is now taking its rightful place as the open source cloud solution for enterprises and service providers.
To date OpenStack networking has not yet achieved the performance, scalability and reliability that many large enterprises demand. CPLANE NETWORKS solves that problem by delivering secure multi-tenant virtual networking that overcomes the limitations of the standard Neutron networking service. By making all networking services local to the compute node and achieving near line-rate throughput, CPLANE NETWORKS Dynamic Virtual Networks (DVN) delivers mega-scale networking for the most demanding application environments.
In this session John Casey will cover the basics of DVN and explain how CPLANE NETWORKS achieves "at scale" network performance within and across data centers.
About John Casey
John Casey has over 20 years of deep technology leadership. His proven success with a variety of technical leadership roles in Telecom, Enterprise and Government and in software design and development provide the foundation for the system architecture and engineering team.
Previously John led worldwide deployment teams for both IBM’s Software Group and Narus, Inc. His work in large scale, high performance system design at Transarc Labs and Walker Interactive Systems brings leadership to the CPLANE NETWORKS product suite.
1. MPLS VPN
PLS VPN
V
Prepared by
Eng. Hussein M. Harb
MP
2. Agenda
• Why VPN
• VPN Definition
• VPN C t
Categories
i
PLS VPN
• VPN Implementations
V
• VPN Models
MP
• MPLS VPN Types
• L3 MPLS VPN
• L2 MPLS VPN
3. Why VPN?
• VPNs were developed initially to deal with security issues
of transmitting clear text data across a network
network.
• E
Examples of applications th t send t ffi i a clear t t
l f li ti that d traffic in l text
PLS VPN
format are Telnet, file transfers via FTP or TFTP.
V
• VPN - has attracted the attention of many organizations
looking to expand their networking capabilities, secure
MP
h i ffi d d h i
their traffic and reduce their costs.
4. VPN Definition
The most common definition of a VPN is:
A data network that utilizes a portion of a shared public
p p
PLS VPN
network to extend a customer's private network.
MP V
5. VPN Categories
There are three basic VPN categories:
h h b i i
• Intranet
PLS VPN
• Extranet
V
• Internet
MP
6. Intranet VPN
• An intranet VPN connects resources from the same company
across that company's infrastructure.
PLS VPN
MP V
An example of intranet VPN is the connections between
different l
diff locations within a company's i f
i i hi ' infrastructure, such as
h
VPNs between two offices
7. Extranet VPN
• An extranet VPN connects resources from one company to
another company, such as a business partner.
PLS VPN
MP V
An example of an extranet is a company that has
outsourced its help desk functions and sets up a VPN to
provide a secure connection from its corporate office to the
outsourcing company.
8. Internet
• An Internet VPN uses a public network as the backbone to
transport VPN traffic between devices.
PLS VPN
• As an example, you might use the Internet, which is a public
V
network, to connect two sites t th or h
t k t tt it together have t l
telecommuters
t
use their local ISPs to set up a VPN connection to the
corporate network (remote access connections).
p ( )
MP
9. VPN Components
The VPN realm consist of the following regions:
• Customer network:
Consisted of the routers at the various customer sites called
customer edge (CE) routers
routers.
PLS VPN
V
• Provider network:
SP devices to which the CE routers were directly attached
were called provider edge (PE) routers.
e e ca ed p o de ( ) oute s.
MP
SP network might consist of devices used for forwarding data
in the SP backbone called provider (P) routers.
10. VPN Implementations
There are many ways for the implementation of VPN such
as:
• GRE
PLS VPN
• IPsec
V
• PPTP
• L2TP
MP
• MPLS
11. MPLS VPN
• MPLS VPNs are enhancement to MPLS
• MPLS uses a virtual circuit (VC) across a private network to
emulate th VPN f ti
l t the function.
PLS VPN
V
• MPLS alone won't solve security problem; you'll have to
complement it with another VPN solution, such as IPsec over
MPLS
MPLS.
MP
• MPLS supports multiple protocols. In other words, you can
use MPLS to tag IP packets, Ethernet frames, IPX packets.
12. VPN Models
The VPN implementations can be classified
broadly into one of the following:
• Overlay model
PLS VPN
• Peer-to-peer model
MP V
13. Overlay model
• The provider did not participate in customer routing. It
provides the customer with transport of data using virtual
point-to-point links (PVC or SVC).
PLS VPN
MP V
14. Overlay model (Continue)
• The drawback of an Overlay model was the full mesh of
virtual circuits between all customer sites for optimal
connectivity. N sites need N(N-l )/2 circuits.
PLS VPN
• Overlay VPNs provides either Layer 1 (physical layer)
connectivity or a Layer 2 transport circuit between customer
y y p
V
sites for transportation of Layer 2 frames (Or cells) which was
traditionally implemented using either Frame Relay or ATM
it h
switches .
MP
15. Peer-to-peer model
• The peer-to-peer model was developed to overcome the
drawbacks of the Overlay model
• The service provider would actively participate in customer
routing
g
PLS VPN
MP V
16. Peer-to-peer model (Continue)
• Routing information is exchanged between the customer
routers and the SP routers.
• Th peer-to-peer model, consequently, d
The t d l tl does not require th
t i the
PLS VPN
creation of virtual circuits.
V
• Separation of customer-specific routing information is
achieved b i l
hi d by implementing packet fil
i k filters at the routers
h
MP
connecting to the customer network.
17. MPLS VPN Types
• BGP/MPLS VPNs (Layer 3 VPNs):
Use extensions to the existing routing protocol of the Internet
(BGP-4) to interconnect remote locations, also called RFC
2547bis VPNs.
PLS VPN
• Layer 2 MPLS VPNs:
V
Extends the customer’s Layer 2 connectivity across an MPLS
infrastructure. Commonly called Martini VPNs. An extension
MP
to L
Layer 2 VPN also supports Virtual Private LAN Services
VPNs l Vi lP i S i
(VPLS).
18. L3 MPLS VPN Architecture
• MPLS VPN is an implementation of the peer-to-peer model.
• The MPLS-based VPN model also accommodates customers
using-overlapping address spaces.
i l i dd
PLS VPN
V
• However, instead of deploying a dedicated PE router per
customer, customer traffic is isolated on the same PE router
providing connectivity f multiple customers.
idi i i for li l
MP
• The MPLS VPN backbone and customer sites exchange
Layer 3 customer routing information.
20. L3 MPLS VPN Routing Model
PLS VPN
MP V
• Th only requirement on the CE router is a routing protocol
The l i h i i l
or a static route that enables the router to exchange IPv4
routing information with the connected PE router.
21. L3 MPLS VPN Routing Model
PLS VPN
MP V
PE routers Perform the following tasks:
• The PE routers exchange IPv4 routes with connected CE
routers using individual routing protocol contexts.
• It must isolate customer traffic if more than one customer is
connected to the PE router.
22. L3 MPLS VPN Routing Model
PLS VPN
MP V
• M li
Multiprotocol BGP is configured b
l i fi d between PE routers to carry
customer routes.
23. L3 MPLS VPN Routing Model
PLS VPN
MP V
• P routers provide label switching between provider edge
routers and are unaware of VPN routes.
24. Virtual Routing and Forwarding Table (VRF)
PLS VPN
MP V
• Customer isolation is achieved on the PE router by the use of
virtual routing tables or instances
• The function of a VRF is similar to a global routing table,
except that it contains all routes pertaining to a specific VPN
versus the global routing table.
25. Virtual Routing and Forwarding Table (VRF)
PLS VPN
MP V
• The VRF also defines the connectivity requirements and
protocols f each customer site on a single PE router.
l for h i i l
• The VRF defines the interfaces on the local PE router that are
part of a specific VPN.
26. Route Distinguisher
PLS VPN
MP V
• The RD enable overlapping address spaces in connected
customer networks.
• Thus, a unique RD is configured per VRF on the PE router.
27. Route Distinguisher (Cont.)
• A RD is a 64-bit unique identifier that is prepended to the 32-
bit customer prefix or route learned from a CE router, which
makes it a unique 96-bit address called VPNv4 address that
can be transported between the PE routers in the MPLS
domain.
domain
PLS VPN
• A unique RD is configured per VRF on the PE router.
MP V
28. Route targets (RT)
PLS VPN
MP V
• When a VPN route learned from a CE router is injected into
VPNv4 BGP, a list of VPN route target extended community
attributes is associated with it.
29. Route targets (RT)
PLS VPN
MP V
• The export route target is appended to a customer prefix
when it is converted to a VPNv4 prefix by the PE router and
propagated in MP-BGP updates.
30. Route targets (RT)
PLS VPN
MP V
• The import route target is associated with each VRF and
identifies the VPN v4 routes to be imported into the VRF for
the specific customer.
31. L3 MPLS VPN Operation
• Phase 1: Propagation of VPN routes and distribution of
MPLS labels (Control Plane)
PLS VPN
• Phase 2: Packet forwarding (Data Plane)
MP V
32. Control Plane Operation
• Taking the next figure as an example Propagation of VPN
routes and distribution of MPLS labels takes place in three
different stages
PLS VPN
MP V
33. Stage 1
• Stage 1: PE routers receive IPv4 routing updates from CE
routers and populate these routes into the appropriate VRF
table.
PLS VPN
MP V
34. Stage 2
• Stage 2: PE routers export VPN routes from VRF tables into
MP-IBGP and propagate them with VPN label as VPNv4
routes via MP-IBGP to other remote PE routers.
PLS VPN
MP V
35. Stage 3
• Stage 3: The remote PE routers on receiving MP-IBGP
updates will import the incoming VPNv4 routes into their
respective VRF tables according to the import RTs. The
VPNv4 routes installed in VRF tables are then converted
back to IPv4 routes and propagated to the CE routers
routers.
PLS VPN
MP V
38. Example-Control Plane Operation
2. PE1-AS1 accepts and transforms the IPv4 route,
172.16.10.0/24, to a VPN v4 route by assigning an RD 1:100
and RT 1:100. It allocates a label V1 and rewrites the next-
hop attribute to the PE1-AS1 loopback0 IP address
10.10.10.101.
10 10 10 101
PLS VPN
MP V
39. Example-Control Plane Operation
2a. Edge LSR PE2-AS1 requests a label for the 10.10.10.101/32
prefix using LDP from LSR P2-AS1 then from P1-AS1 then
P2 AS1 P1 AS1
from Edge LSR PE1-AS1. Edge LSR PEl-AS1 allocates a
label of implicit-null and sends it to P1-AS1.
PLS VPN
MP V
40. Example-Control Plane Operation
2b. P1-AS1 uses the implicit-null label received from PE1-AS1
as its outbound label value, allocates a label (L1) to prefix
value
10.10.10.101/32, and sends this label value to P2-AS1 via
LDP.
PLS VPN
MP V
41. Example-Control Plane Operation
2c. P2-AS1 uses the label (L1) received from PI-AS1 as its
outbound label value allocates a label (L2) to prefix
value,
10.10.10.101/32, and sends this label value to PE2-AS1 via
LDP.
PLS VPN
MP V
42. Example-Control Plane Operation
3. PEl-AS1 has the VRF configured to accept routes with RT
1:100 and therefore translates the VPNv4 update to IPv4
and inserts the route in VRF A. It then propagates this
route to the CE2-A.
PLS VPN
MP V
43. Example-Data Plane Operation
1. CE2-A originates a data packet with the source address of
172.16.20.1 and destination of 172.16.10.1.
PLS VPN
MP V
44. Example-Data Plane Operation
2. PE2-AS1 receives the data packet and appends the VPN
label V1 and LDP label L2 and forwards the packet to P2-
P2
AS1.
PLS VPN
MP V
45. Example-Data Plane Operation
3. P2-AS1 receives the data packet destined to 172.16.10.1 and
swaps LDP label L2 with L1.
PLS VPN
MP V
46. Example-Data Plane Operation
4. P1-AS1 receives the data packet destined to 172.16.10.1 and
pops the top label. The resulting labeled packet with VPN
Label V1 is forwarded to PE1-AS1.
PLS VPN
MP V
47. Example-Data Plane Operation
5. PE1-AS1 pops the VPN label and forwards the data packet
to CE1-A where the 172.16.10.0 network is located.
CE1 A
PLS VPN
MP V
48. Layer 2 VPN
• Customers may desire to extend their current Layer 2
infrastructure (frame relay, ATM, Ethernet, VLANs, TDM,
( y, , , , ,
transparent LAN services, etc.).
PLS VPN
• IP-based Layer 3 VPNs will not satisfy any of these
V
requirements; instead, a Layer 2 solution is required.
MP
• MPLS-based Layer 2 VPNs prepends a label to a Layer 2
PDU and then forwarding the packet across the MPLS
backbone.
backbone
49. Layer 2 VPN Components
• The Martini draft builds on some fundamental concepts
associated with RFC 2547bis VPNs.
• Provider (P) routers still will not be aware of the VPNs. They
PLS VPN
will continue to forward packets over pre-established LSPs.
V
• Customer Edge (CE) routers will operate without any
MP
knowledge of the existence of MPLS VPNs.
• The PE routers do not participate in the routing algorithms of
the end-users, and there are no requirements for the
q
construction of VPN routing and forwarding tables (VRFs).
50. Martini VPNs (Point-Point Connectivity)
• The Martini drafts introduce the concept of Virtual Circuits
(VCs).
(VCs) An LSP acts as a tunnel carrying multiple VCs.
VCs
PLS VPN
• VCs are uni-directional, for bi-directional communication, a
pair of VCs – one in each direction – is needed.
MP V
51. L2 VPN Routing Information
• Tunnel LSPs between the PE routers could be created using
any protocol like RSVP/TE or LDP.
PLS VPN
MP V
52. L2 VPN Routing Information
• PE routers exchange the VC labels via LDP. Once the session
is established, VC ID data which includes the VC ID, the
Group ID, VC Type, the VC Interface Parameters and a
Control Word notification can be exchanged.
PLS VPN
MP V
53. L2 VPN Data Traffic
• The PE router encapsulates the subscriber layer-2 frame and
attaches two labels; the top (tunnel label) identifies the
destination of the remote PE router.
PLS VPN
MP V
54. L2 VPN Data Traffic
• The receiving PE router pops the tunnel label, uses the bottom
(or inner) label to deliver the packet to the correct end-user
(CE router) with the appropriate Layer 2 encapsulation based
on the VC label.
PLS VPN
MP V
55. VC Types
• Martini Virtual Circuit Encapsulation Types:
Frame Relay – Type 01
y yp
ATM AAL5 VCC – Type 02
ATM Transparent Cell Transport – Type 03
Ethernet VLAN – T
Eh Type 04
PLS VPN
Ethernet – Type 05
V
HDLC – Type 06
PPP – Type 07
CEM – Type 08
MP
ATM VCC Cell Transport – Type 09
ATM VPC Cell Transport – Type 10 or Hex. “0A”
56. Virtual Private LAN Services (VPLS)
• The Kompella draft specification creates a new VC type
specifically for Ethernet VPLS frames This is type eleven
frames.
(hex B).
PLS VPN
• Customer frames are switched based on their destination
V
MAC address
address.
MP
• VPN is established by creating a full mesh of VCs between the
PEs facing the sites that make the VPN.
57. Virtual Private LAN Services (VPLS)
• PE routers perform source MAC address learning just like a
normal transparent switch, except that they perform it on
switch
frames received over the VCs.
PLS VPN
• A PE router maintains a separate layer-2 forwarding table,
V
called Virt al Forwarding Instance (VFI), for each VPN that it
Virtual For arding (VFI)
carries.
MP
58. Virtual Private LAN Services (VPLS)
• PE router does not learn all the MAC addresses in all the
VPNs carried by the provider network. A PE router learns
MAC addresses related only to the VPNs that it carries. P
routers do not learn any MAC addresses, they just perform
label i hi
l b l switching.
PLS VPN
MP V