1 © 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk – VPLS – Feb 2002 VPLS/TLS/DTLS/VPSN. Robert Raszuk IOS Engineering – MPLS Development

  • View
    217

  • Download
    3

Embed Size (px)

Text of 1 © 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk – VPLS...

  • Slide 1
  • Slide 2
  • 1 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 VPLS/TLS/DTLS/VPSN. Robert Raszuk IOS Engineering MPLS Development raszuk@cisco.com Tokyo July 12 th 2002
  • Slide 3
  • 222 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 Prerequisites LDP/TE or any other core tunneling Basic knowledge of LAN/STP/VLANs P2p draft-martini-encap & signaling
  • Slide 4
  • 333 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 Agenda What is VPLS and all of those acronyms VPLS building blocks What draft talk about what services Summary
  • Slide 5
  • 444 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 What is VPLS and all of those acronyms VPLS = Virtual Private LAN Service TLS = Transparent LAN Service VPSN = Virtual Private Switched Network !!! Those above all mean the same thing = VPLS !!! DTLS = Decoupled TLS New: Ethernet Virtual Circuit Service (EVCS) New: Virtual Private Wire/WAN Service (VPWS)
  • Slide 6
  • 555 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 L2VPN Terminology Clarification L2VPNL2 TransportVPWSVPLS MPLS (AToM) L2TPv3MPLSL2TPv3MPLSQinQL2TPv3 - Ethernet- FR - ATM- PPP - HDLC - Ethernet- FR - ATM- PPP - HDLC - Ethernet
  • Slide 7
  • 666 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 L2VPN Terminology Clarification Basic L2 Transport:
  • Slide 8
  • 777 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 L2VPN Terminology Clarification VPWS:
  • Slide 9
  • 888 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 What is VPLS and all of those acronyms VPLS is a network service providing layer 2 multipoint connectivity between edge devices. From customer edge device point of view WAN or Metro infrastructure providing vpls service is not visible. Customer edge devices appear to each other as connected via single logical learning bridge with fully meshed ports.
  • Slide 10
  • 999 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 Agenda What is VPLS and all of those acronyms VPLS building blocks What draft talk about what services Summary
  • Slide 11
  • 10 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 VPLS building blocks Network elements VPLS edge device discovery Signaling (also called auto-configuration) Packets encapsulation MAC address learning & re-learning Flooding Decoupling Loop avoidance - STP
  • Slide 12
  • 11 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 VPLS building blocks Network elements providing two VPLS services: LAN-10a PE1 PE2 CE1 CE2 L2PE LAN-10c CE3 CE4 LAN-10d LAN-20b LAN-10b LAN-20a VPLS1: LAN10abcd VPLS2: LAN20ab CE2L2PE & CE4-PE2 are VLAN trunks L2PE-PE1 can be QinQ or VLANinMPLS VPLS aware devices
  • Slide 13
  • 12 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 VPLS building blocks VPLS Edge device discovery Distribution of configuration information indicating mapping of VPLS instances to VPLS edge devices Example: PE2 LAN-10c CE3 CE4 LAN-10d LAN-20b Hello Im PE1 I have VPLS 1 Site_ID 1 I have VPLS 2 Site_ID 5 Can be: BGP based DNS/Directory based NMS Partially LDP Manual PE1
  • Slide 14
  • 13 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 VPLS building blocks Discovery of peer PEs for a VPLS instance (for a given VPN). Two primary approaches: - Directory based approach such as DNS (draft-heinanen-dirldp-eth-vpns.txt) - BGP based approach (draft-ppvpn-bgpvpn-auto-01.txt) VPLS Edge device discovery
  • Slide 15
  • 14 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 VPLS building blocks LDP Autodiscovery Each Ethernet Attachment VC is Bound To A Name Resolved by Directory Lookup (e.g., DNS) Circuit Name Is Associated With A Set Of PE Addresses (e.g., DNS A Resource Records) acmecorp.tls.sbc.com10.1.1.110.2.2.2 10.3.3.3 Binding of of Circuit Name to Ethernet Attachment VC Causes Directory Query Reception of New VC over Targeted LDP Signaling Channel Causes Directory Query To Update List of PEs in Circuit Service Provider MPLS Network CE-1PE1 (7600) CE-2PE3 (7600) CE-3 PE2 (7600) Example pe1# config t pe1 (config)# interface ethernet 1/1 pe1 (config-if)# name acmecorp.tls.sbc.com pe2 (config)# interface ethernet 2/2 pe2 (config-if)# name acmecorp.tls.sbc.com Directory (Primary and Secondary)
  • Slide 16
  • 15 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 VPLS building blocks BGP Autodiscovery Each Attachment VC is Associated with an L2VPN Id (Site_id) Association Is Performed At Time of Attachment VC Provisioning BGP Updates Distribute To Be Defined L2VPN NLRIs Next Hop = PE Reporting the L2VPN, Route Target Contains VPN-Id Updates Filtered Based on VPN-Id Just reg ext community filtering BGP Updates Sent On Binding of Attachment VC BGP Withdrawal Sent on Removal of Binding VC Requires BGP Route Reflector or I-BGP Mesh Service Provider MPLS Network CE-1PE1 (7600) CE-2PE2 (7600) CE-3 PE2 (7600) BGP Route Reflector (Primary and Secondary)
  • Slide 17
  • 16 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 VPLS building blocks VPLS emulated VCs Signaling Distribution of labels as demultiplexors for packets between VPLSs arriving to PE/L2PE from core. Needed because a single PE-PE tunnel can be used for transport data from different VPLS instances Two main methods for signaling VPLS: 1. By using BGP (one draft) 2. By using LDP (all other drafts and Industry trend)
  • Slide 18
  • 17 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 VPLS building blocks Signaling emulated VCs by using BGP Can be used as a single protocol for combined discovery & signaling in full mesh topologies. PE2 LAN-10c CE3 CE4 LAN-10d LAN-20b For VPLS1/PE2 use (base 10, offset 0, length k) For VPLS2/PE2 use (base 20, offset 0, length j) I have VPLS1 Site_ID 1 & VPLS2 SIte ID 5 So I use the following VPLS VC labels to send to PE2 For VPLS1 10+1=11 & for VPLS 20+5=25 PE1 All needed information received by PE1 with single TCP IBGP session !
  • Slide 19
  • 18 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 VPLS building blocks Signaling emulated VCs by using BGP This trick with advertising label base and length allows to generate one NLRI for all other PE-s. Unique within a VPLS Site_ID added to the label base constitutes a VPLS VC label which in itself carries embedded information about the packets originator Why not just send labels simply because learning of MAC is done based on the VPLS VC label and it has to be known apriori what peer has send us a packet with a given MAC based on the VPLS VC label value.
  • Slide 20
  • 19 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 VPLS building blocks Signaling emulated VCs by using BGP If L2PEs are being used the advertised label blocks are per VPLS/L2PE pair For those who dont run BGP this is not an option Industry (IETF) does not follow this path so vendor interoperabilty is not possible Label blocks are getting fragmented at the Pes due to block pre-allocation requirement Delay in delivery of control information due to BGP nature and reflection (update generation + advert.) Non full mesh topologies require RT filtering on PEs
  • Slide 21
  • 20 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 VPLS building blocks Signaling emulated VCs by using LDP A separate directed LDP session required between each PE pair. Watch LDP sessions scalability numbers Multiple proposals (see draft section for details) General Industry direction for emulated VC setup scheme in all L2VPN applications: L2 p2p Transport, VPWS & VPLS ! Interoperability with number of vendors worldwide
  • Slide 22
  • 21 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 VPLS building blocks Packet encapsulation PE-s connected via full mesh of tunnels: GRE, MPLS(LDP/TE), L2TPv3 etc PE-PE tunnelsVPLS VCs Tunnel header/label VPLS VC Label Control Word Layer2 Frame Minus preamble Minus checksum VPLS VCs (aka emulated VCs) transported inside those PE-PE tunnels based on draft-martini- encaps.
  • Slide 23
  • 22 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 VPLS building blocks MAC address learning & re-learning VPLS visible from customer devices as a learning bridge with geographically distributed ports: LAN-10a PE1 PE2 CE1 CE2 L2PE LAN-10c CE3 CE4 LAN-10d LAN-20b LAN-10b LAN-20a PP1 LP1 LP2 LP1 LP2 PP1 00-10-A4-92-F2-12 00-10-A4-92-F2-11 PC1 PC2 00-10-A4-92-F2-12 - PP1 00-10-A4-92-F2-11 VC 2 L2PE 00-10-A4-92-F2-11 - PP1 00-10-A4-92-F2-12 VC to PE2 L2PEs VPLS1 FIBPE2s VPLS1 FIB
  • Slide 24
  • 23 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk VPLS Feb 2002 VPLS building blocks MAC address learning & re-learning Two modes for learning: qualified and unqualified In qualified learning we build FIB per VLAN per VPLS general agreement to have only one VLAN per VPLS In unqualified learning we build FIB per VPLS in other words per port Note that