Click here to load reader

Cisco IOS Virtual Private LAN Service (VPLS) Technical ... cisco... · PDF fileVirtual Private LAN Service (VPLS) Technical Deployment Overview ... Draft-ietf-l2vpn-vpls-ldp-01

  • View
    221

  • Download
    3

Embed Size (px)

Text of Cisco IOS Virtual Private LAN Service (VPLS) Technical ... cisco... · PDF fileVirtual...

  • 1 2004 Cisco Systems, Inc. All rights reserved.

    Cisco IOS MPLS Virtual Private LAN Service (VPLS) Technical Deployment Overview

    Enabling Innovative Services

  • 222 2004 Cisco Systems, Inc. All rights reserved.

    Agenda

    Introduction VPLS Technical Overview VPLS Architectures Deployment Scenarios Summary

  • 333 2004 Cisco Systems, Inc. All rights reserved.

    Introduction

    Presentation_ID 333 2003 Cisco Systems, Inc. All rights reserved.

  • 444 2004 Cisco Systems, Inc. All rights reserved.

    Metro Ethernet: Emerging Multiservice Access Opportunity

    100 MbpsEthernet

    RemoteWorker

    Ethernet-ConnectedBranch

    RemoteOffice 1

    RemoteOffice 2

    RegionalHeadquarters

    Ethernet-ConnectedBranch

    10 MbpsEthernetEthernet,SONET/SDH,

    RPR,DWDM/CWDM,

    MPLS/IPSubscriber

    STB

    Residential CPEMultitenant Unit (MTU)

    Basement Access Device

    Internet PSTN

    Web HostingWeb HostingDirectory ServicesDirectory Services

    Secure E-MailSecure E-Mail Mobile AccessMobile Access

    Hosted TelephonyHosted TelephonyVideoconferencingVideoconferencingStorage HostingStorage Hosting Business ContinuanceBusiness Continuance

    Unified MessagingUnified Messaging

    SPMetro Ethernet

    Network

  • 555 2004 Cisco Systems, Inc. All rights reserved.

    Metro Ethernet: Business Drivers*

    100 MbpsEthernet

    RemoteWorker

    Ethernet-ConnectedBranch

    RemoteOffice 1

    RemoteOffice 2

    RegionalHeadquarters

    Ethernet-ConnectedBranch

    10 MbpsEthernetEthernet,SONET/SDH,

    RPR,DWDM/CWDM,

    MPLS/IPSubscriber

    STB

    Residential CPEMulti-Tenant Unit

    (MTU) Basement Access Device

    Internet PSTN

    SPMetro Ethernet

    Network

    Service Provider Revenue Growth

    New, Differentiated Services Expanded Enterprise Penetration

    Cost Efficiencies Network Convergence Flexible Bandwidth ProvisioningBest Value for Increased Bandwidth

    Enterprise Business Demands

    Increased ProductivityPeer-to-Peer Applications

    Service ExpectationsScalable Bandwidth (from 1Mbps to 1Gbps)Customized ServicesMultipoint ConnectivityOperational Simplicity

    *Cisco VPLS Statement of Direction http://www.cisco.com/en/US/products/hw/routers/ps368/products_white_paper09186a00801df1df.shtml

  • 666 2004 Cisco Systems, Inc. All rights reserved.

    The Ethernet Advantage Connectionless, IP aware-operation Distributed intelligence Inexpensive, scalable bandwidth

    options L2 VPNs

    Point-to-point Multipoint

    L3 VPNs High speed transport enables

    innovative services and applications Storage, IP video conferencing

    Value added services IP Telephony IP video conferencing High speed, bBusiness class Internet Managed Security Managed Storage

  • 777 2004 Cisco Systems, Inc. All rights reserved.

    VPLS Overview for Metro Ethernet

    u-PE

    10/100/1000 Mpbs

    10/100/

    1000 Mpbs

    Metro D

    Hub &Spoke

    Metro C

    10/100/1000 Mpbs

    u-PESiSiGE Ring

    Metro Au-PE

    PE-AGG

    10/100/1000 Mpbs

    DWDM/CDWM

    Metro B

    u-PE

    P Pn-PE

    VPLS NetworkVPLS Network

    n-PE

    PP

    SONET/SDHRing

    n-PE

    C7600C7600

    C7600

    Delivers Ethernet-based multipoint L2 VPN service

    Enhances L2 VPN scalability (geographic sites & no. of customers)

    Leverages existing SP MPLS Core

    Supports operational speeds of GB to 10 GB

    On track for IETF standardization: Draft Lasserre-Kompella

    Uses familiar Ethernet user network interface

  • 888 2004 Cisco Systems, Inc. All rights reserved.

    VPLS Technical Overview

    Presentation_ID 888 2003 Cisco Systems, Inc. All rights reserved.

  • 999 2004 Cisco Systems, Inc. All rights reserved.

    Virtual Private LAN Services (VPLS)

    VPLS defines an architecture that delivers Ethernet Multipoint Services (EMS) over an MPLS network

    VPLS operation emulates an IEEE Ethernet bridge Two VPLS drafts in existance

    Draft-ietf-l2vpn-vpls-ldp-01 Ciscos Implementationdraft-ietf-l2vpn-vpls-bgp-01

    CE PE MPLSNetwork

    PE

    VPLS Is An Architecture

    CE

    CE

  • 101010 2004 Cisco Systems, Inc. All rights reserved.

    VPLS & H-VPLS

    H-VPLSTwo Tier HierarchyMPLS or Ethernet EdgeMPLS Core

    VPLS Direct AttachmentSingle Flat HierarchyMPLS to the Edge

    192.168.11.1/24

    192.168.11.2/24

    192.168.11.12/24

    192.168.11.11/24192.168.11.25/24

    MPLS EdgeMPLS Core

    PW

    n-PEPE-POP

    PE-rs

    u-PEPE-CLEMTU-s

    u-PEPE-CLEMTU-s

    n-PEPE-POP

    PE-rsGE

    Ethernet EdgePoint-to-Point or Ring

    VPLS

    H-VPLS

  • 111111 2004 Cisco Systems, Inc. All rights reserved.

    VPLS Components

    n-PE

    n-PE

    n-PE

    PW

    PW

    PW

    CE

    CE

    CE

    CE

    CE

    CE

    CE

    CE

    Tunn

    el L

    SPTunnel LSP

    Tunnel LSP

    Green VSIBlue VSI

    Red VSI

    Green VSIBlue VSI

    Red VSI

    Red VSIBlue VSI

    Legend

    CE - Customer Edge Devicen-PE - network facing-Provider EdgeVSI - Virtual Switch InstancePW - Pseudo-WireTunnel LSP - Tunnel Label Switch Path that

    provides PW transport

    Attachment Circuit

    Full Mesh of PWsbetween VSIs

    Directed LDP session between participating PEs

  • 121212 2004 Cisco Systems, Inc. All rights reserved.

    VPN & VPLS Desirable Characteristics

    Auto-discovery of VPN membershipReduces VPN configuration and errors associated with configuration

    Signaling of connections between PE devices associated with a VPN

    Forwarding of framesAToM uses Interface based forwardingVPLS uses IEEE 802.1q Ethernet Bridging techniques

    Loop preventionMPLS Core will use a full mesh of PWs and split-horizon forwardingH-VPLS edge domain may use IEEE 802.1s Spanning Tree, RPR, or SONET Protection

  • 131313 2004 Cisco Systems, Inc. All rights reserved.

    Cisco VPLS Building Blocks

    A Comprehensive Solution: Robust, Flexible, Scalable, Manageable

    Point-to-PointLayer 2 VPN

    Layer 2 VPN

    NMS/OSS

    MultipointLayer 2 VPN

    ForwardingMechanism

    TunnelProtocol

    Hardware

    Interface-Based/Sub-Interface

    Ethernet Switching (VFI)

    Cisco 7600 Catalyst 6500

    MPLS IP

    VPN Discovery

    Signaling

    CentralizedDNS Radius Directory Services

    DistributedBGP

    Label DistributionProtocol

    Layer 3 VPN

    IP Routing

  • 141414 2004 Cisco Systems, Inc. All rights reserved.

    VPLS Auto-discovery & Signaling

    VPN Discovery

    Signaling

    CentralizedDNS Radius Directory Services

    DistributedBGP

    Label DistributionProtocol

    Draft-ietf-l2vpn-vpls-ldp-01 does not mandate an auto-discovery protocolCan be BGP, Radius, DNS, AD based

    Draft-ietf-l2vpn-vpls-ldp-01 describes using Targeted LDP for Label exchange and PW signaling

    PWs signal other information such as Attachment Circuit State, Sequencing information, etcCisco IOS supports Targeted LDP for AToM and Virtual Private LAN Services

  • 151515 2004 Cisco Systems, Inc. All rights reserved.

    VPLS: Layer 2 Forwarding InstanceRequirements

    Flooding / Forwarding: MAC table instances per customer and per customer VLAN (L2-

    VRF idea) for each PE VSI will participate in learning, forwarding process Uses Ethernet VC-Type defined in pwe3-control-protocol-xx

    Address Learning / Aging: Self Learn Source MAC to port associations Refresh MAC timers with incoming frames New additional MAC TLV to LDP

    Loop Prevention: Create partial or full-mesh of EoMPLS VCs per VPLS Use split horizon concepts to prevent loops Announce EoMPLS VPLS VC tunnels

    A Virtual Switch MUST operate like a conventional L2 switch!

  • 161616 2004 Cisco Systems, Inc. All rights reserved.

    VPLS Overview:Flooding & Forwarding

    Flooding (Broadcast, Multicast, Unknown Unicast) Dynamic learning of MAC addresses on PHY and VCs Forwarding

    -Physical port-Virtual circuit

    ???

    Data SA ?

  • 171717 2004 Cisco Systems, Inc. All rights reserved.

    VPLS Overview:MAC Address Learning

    PE1 PE2VC Label 102 Tx

    Tx VC Label 201CECE

    Data MAC 1 MAC 2 201

    DataMAC 1 MAC 2102

    E0/0

    MAC 2 E0/1MAC Address Adj

    MAC 1 102MAC x xxx

    MAC 2 201MAC Address Adj

    MAC 1 E0/0MAC x xxx

    Broadcast, Multicast, and unknown Unicast are learned via the received label associations

    Two LSPs associated with an VC (Tx & Rx) If inbound or outbound LSP is down, then the entire

    circuit is considered down

    Send me traffic with Label 201Send me traffic Send me traffic with Label 201with Label 201

    Send me traffic with Label 102Send me traffic Send me traffic with Label 102with Label 102

    E0/1

  • 181818 2004 Cisco Systems, Inc. All rights reserved.

    VPLS Overview:MAC Address Withdrawal

    X

    LDP Address Withdrawal

    Primary link failure triggers notification message PE removes any locally learned MAC addresses and sends

    LDP address withdrawal (RFC3036) to remote PEs in VPLS New MAC TLV is used

  • 191919 2004 Cisco Systems, Inc. All rights reserved.

    VPLS Overview:Data Forwarding in Ethernet Edge H-VPLS

    Topology 2: L2VPN, Ethernet Virtual Circuit Service (Distributed PE)

    MPLS Network

    CE1 N-PEFull Mesh LDP

    U-PE N-PEQinQ

    7600s3550s

    .1Q

    CE4

    802.3

    401

    SA DAEther TypeSA DAEther Type

    Customer VLAN SP VLAN

    133 401 VC LabelData

    Customer frames / VLANs ar