Technical White Paper

for IP Leased Line

ContentsTechnical White Paper for IP Leased Line ..................................1

1 Preface .................................................................................2

1.1 Background of the IP Leased Line Technology.............................................2

1.2 Associated Technical Standards ..................................................................3

2 Technical Introduction...........................................................4

2.1 Layer 2 Circuit Emulation Technical Scheme ................................................4

2.2 Pseudo Wire Technical Scheme ...................................................................5

2.3 MPLS L3VPN Technical Scheme ..................................................................7

3 Key Technologies ..................................................................9

3.1 Leased Line Bearing Technology .................................................................9

3.2 End to End Quality Assurance for IP Leased Line Service..............................22

3.3 Visualized Deployment of IP Leased Line ....................................................24

3.4 IP SLA Visualized Report on the Quality of the Leased Line ..........................27

3.5 Visualized Detection of Leased Line Faults ..................................................29

3.6 Protection Technology of the Leased Line Services .....................................31

3.7 Traditional Leased Line Migration Technology .............................................34

4 Typical Application ................................................................36

4.1 Interconnection of Branches within an Enterprise .......................................36

4.2 Carrier Wholesale Service ...........................................................................38

4.3 Migration of the Traditional Leased Line .....................................................39

5 Conclusion ............................................................................41

6 References ............................................................................42

7 Acronyms and Abbreviations ................................................43

FiguresFigure 1-1 Revenue and development trend of the leased line of the enterprise ......2

Figure 2-1 Basic structure of the MPLS L2VPN .........................................................5

Figure 2-2 PWE3 basic transmission components ....................................................6

Figure 2-3 BGP/MPLS VPN model ...........................................................................8

Figure 3-1 VLL networking in the Martini mode ....................................................12

Figure 3-2 VLL networking in the Kempella mode .................................................13

Figure 3-3 Topology model of PW protection .......................................................15

Figure 3-4 MS-PW reference model ......................................................................16

Figure 3-5 Inter-AS BGP MPLS IP VPN Option A ....................................................18

Figure 3-6 Inter-AS BGP MPLS IP VPN Option B.....................................................19

Figure 3-7 Inter-AS BGP MPLS IP VPN Option C ....................................................20

Figure 3-8 Figure 12 Multicast VPN networking model .........................................22

Figure 3-9 VLAN HQoS service and bandwidth model ...........................................23

Figure 3-10 MPLS HQoS service and bandwidth model .........................................24

Figure 3-11 Deployment of the PWE3 service through the U2000 .........................25

Figure 3-13 Using a template to deploy services ...................................................26

Figure 3-12 Formulating a template ......................................................................26

Figure 3-14 Replicating services ............................................................................27

Figure 3-16 Creating an SLA monitoring instance .................................................28

Figure 3-15 U2520 monitoring center ..................................................................28

Figure 3-17 Checking the SLA detection result ......................................................29

Figure 3-18 Fault and alarm management ............................................................29

Figure 3-19 Presentation of the service topology ..................................................30

Figure 3-20 Test diagnosis ....................................................................................30

Figure 3-21 Scenario that the E-Trunk implements the redundant access at the

access side...........................................................................................................31

Figure 3-22 PW Redundancy in the CE dual-homing scenario ...............................32

Figure 3-23 PW redundancy in the scenario where the E-Trunk accesses the VPLS

network ...............................................................................................................33

Figure 4-1 Interconnection of branches in an enterprise in point-to-point mode ...36

Figure 4-2 Interconnection of branches in an enterprise in point-to-multipoint mode ........37

Figure 4-3 Interconnection of branches in an enterprise in point-to-multipoint mode ........38

Figure 4-4 Wholesale service ................................................................................38

Figure 4-5 ATM leased line migration ...................................................................39

Technical White Paper for IP Leased Line

KeywordsVPWS, VPLS, MPLS L3VPN, IP leased line OAM, ATM/TDM leased line migration, HQoS

AbstractThe ALL-IP service bearer technology has been widely recognized in the industry. The leased line service, as a high value-added service, attracts attention from carriers worldwide. More and more leading carriers worldwide adopt the IP technology to carry the leased line service. On the broadband MAN, more and more new leased line services are using the IP technology. At the same time, services carried over the traditional ATM/TDM leased line are migrating to the IP-based leased line. This document describes the background, development trend, implementation, key technology, and typical service scenarios of the IP leased line to explain the understandings and technical viewpoints of Huawei on the IP leased line service.

1

2

1 Preface

The leased line service has long been the most important value-added service for the carrier. With the development of the IP technology and changes of the requirement of the leased line service, carriers need to carry all services uniformly over the IP network. The enterprise leased line service also needs to be carried in an IP network. Through the IP bearer network, enterprise sites interconnection, service wholesale, and data migration from the traditional ATM/TDM network to the IP network can be implemented to provide the high-quality and high value-added leased line services.

1.1 Background of the IP Leased Line Technology

The Multi-protocol label switching (MPLS) technology implements high-speed data forwarding through the label over the IP network. Its value lies in that the feature of the connection mode can be used on the connectionless network and that multiple value-added mechanisms (such as the differentiated service, traffic engineering (TE), fault recovery, and path display) can be provided. This helps extend new applications flexibly and meets the new requirements. With these characteristics, the MPLS makes the high-quality and high-valued leased line services feasible.

The statistics indicate that the IP-based leased line services are ever increasing, and meanwhile the ATM/TDM-based traditional leased line services are decreasing. For details, see the following figure.

Figure 1-1 Revenue and development trend of the leased line of the enterprise

Enterprise Data Services Revenue, Worldwide

Source: Gartner ( June 2008 )Millions ofU.S.Dollars

120,000

100,000

80,000

60,000

40,000

20,000

2008 2009 2010 2011 2012

Ethernet WAN

IP-VPN

Legacy Packet

Leased Lines

EquipmentMarket Space

3

As shown in Figure 1-1, the IP leased line service in the enterprise data market is increasing rapidly, and the traditional ATM/TDM leased line service is decreasing very fast. In this case, carriers are all optimizing the existing network, that is, slowing down or stopping the traditional leased line service and promoting the MPLS-based IP leased line service. In the development of the MPSL-based IP leased line service, carriers, however, face a lot of troubles. During the service migration from the traditional leased line to the IP leased line, carriers need to protect the original investment, reuse the original ATM/TDM network transmission resources, and implement data migration on the network without affecting the user service. This document describes these issues in detail and also describes the smooth migration and the migration solution.

1.2 Associated Technical Standards

The MPLS-based IP leased line involves the MPLS basic protocols, VPWS, VPLS, MPLS L3VPN, ATM over PSN, and TDM over PSN. The associated standards are as follows:

RFC 2283-Multiprotocol Extensions for BGP-4• RFC 3107-Carrying Label Information in BGP-4• RFC 2547-BGP/MPLS VPNs• RFC 3985 - Pseudo Wire Emulation Edge-to-Edge• RFC 4553-Structure-Agnostic Time Division Multiplexing (TDM) • over Packet (SAToP)RFC 5086-Structure-Aware Time Division Multiplexed (TDM) Circuit • Emulation Service over Packet Switched Network (CESoPSN)

4

2 Technical Introduction

2.1 Layer 2 Circuit Emulation Technical Scheme

Principle

With the VPN service based on the MPLS network, carriers can provide the Layer 2 interconnection services based on different media on the same MPLS network, such as ATM, FR, VLAN, Ethernet, and PPP. The Layer 2 interconnection service is used to transmit the user Layer 2 data transparently on the MPLS network. From the perspective of the user, the MPLS network is a L3 switching network, and can set up Layer 2 connections between different nodes. The VLL mode and VPLS mode are mainly involved.

VLL

Virtual leased line (VLL) is the emulation of the traditional leased line. The IP network is used to emulate the leased line, providing the asymmetric point-to-point (PTP) interconnection service at a low cost. The VLL is a PTP virtual leased line technology, and can transmit all the user data transparently. From the perspective of users on the two ends of the virtual leased line, this virtual leased line is similar to the traditional leased line.

VPLS

Virtual private LAN service (VPLS) technology connects multiple Ethernet LAN network segments through the packet switched network (PSN) to make the network segments work as a LAN. The VPLS is also called transparent LAN service (TLS) or virtual private switched network service (VPSNS). Different from the ordinary L2VPN PTP service, the VPLS can help carriers provide the Ethernet-based point-to-multipoint (P2MP) service for the users through the MPLS network.

Service Element

The MPLS L2VPN contains three sections, AC, VC, and tunnel, as shown in the following figure.

5

Figure 2-1 Basic structure of the MPLS L2VPN

Attachment circuit (AC) is the access circuit. The AC is an independent link or circuit that connects the CE to the PE. The AC interface can be a physical interface or a logical interface. Attributes of the AC include interface parameters, such as the encapsulation type, maximum transmission unit (MTU), and specific link type.

Virtual circuit (VC) is a logical connection between two PE nodes.Network tunnel is used to transmit the user data transparently.

2.2 Pseudo Wire Technical Scheme

Principle

PWE3 is a bearer technology that implements the end-to-end Layer 2 service bearing. It is a PTP L2VPN. Between two PEs on the PSN, the PWE3 takes the LDP/RSVP-TE as a signaling, and emulates various Layer 2 services of the CE end through the tunnel (MPLS tunnel, GRE, L2TPv3, or other types of tunnels) to implement the transparent transmission of the Layer 2 data on the CE end on the PSN network. The Layer 2 services include Layer 2 data packet and bit stream.

Service Element

The basic transmission components and functions of the PWE3 network are as follows:

Attachment circuit (AC) is a link or virtual circuit that connects the CE and PE. All user packets on the AC need to be directly forwarded to the peer site, including Layer 2 and Layer 3 protocol packets.

Pseudo wire (PW) is a VC plus a tunnel. The tunnel can be LSP,

AC ACVC

PE PECE CEMPLSNetwork

Tunnel

6

L2TPv3, GRE, or TE. The virtual connection has direction. The virtual connection of the PWE3 is set up by the VC message transfer through the signaling (LDP or RSVP). The VC message and tunnel is managed to form a PW. For the PWE3 system, the PW is direct connection channel from the local AC to the remote AC to implement transparent transmission of the Layer 2 data.

Forwarders select the PW for forwarding the packet after the PE receives the data frame sent from the AC. The forwarder is actually the forwarding table of the PWE3.

Tunnels are used to bear the PW. One tunnel can bear multiple PWs. The tunnel is generally the MPLS tunnel. The tunnel is actually a direct connection channel from the local PE to the remote PE to implement transparent transmission of the data between PEs.

Encapsulation: The packet transmitted on the PW is encapsulated through the standard PW encapsulation format and technology. There are multiple encapsulation modes for the PWE3 packet on the PW, which are defined in the draft-itef-pwe3-iana-allocation-x.

Pseudo wire signaling is the basis of the PWE3. It is used to create and maintain the PW. Currently, the PW signaling protocols are mainly LDP and RSVP.

Quality of service (QoS): Based on the priority carried in the Layer 2 packet header, the packet is forwarded on the network according to the QoS priority. In this case, the MPLS QoS needs to be supported.

The following figure shows the location of the PWE3 basic transmission components on the network.

Figure 2-2 PWE3 basic transmission components

VPN1 Site 1

VPN2 Site 1

VPN1 Site 2

VPN2 Site 2

CPE PW

PW

PE-AGG

CPECPE

CPE

UPE NPE

Tunnel AC

7

The PWE3 provides a Layer 2 technology for the PTP transmission. With the PWE3, the user can access the IP network smoothly without changing the original access mode, and interconnection between different access modes can be also implemented, thus implementing the service interconnection between the traditional and IP leased line services.

2.3 MPLS L3VPN Technical Scheme

Principle

The BGP/MPLS IP VPN is a layer 3 virtual private network (L3VPN) technology. It uses the boarder gateway protocol (BGP) to advertise the VPN route information on the IP network of the carrier and forward the VPN packet on the IP network of the carrier.

Service Element

The basic model of the BGP/MPLS IP VPN contains CE, PE, and P.

Customer edge (CE) provides an interface for directly connecting to the network of the service provider (SP). The CE can be a router, a switch, or a host. Generally, the CE can not sense the existence of the VPN and need not support the MPLS.

Provide edge (PE) is an edge device of the SP and connected to the CE directly. On the MPLS network, all the processing of the VPN is performed on the PE, and therefore there is a high requirement on the PE performance.

Provide (P) is a backbone router on the SP network, and is not directly connected to the CE. The P device only needs to support MPLS forwarding, but does not maintain the VPN information.

The following figure shows the networking of a BGP/MPLS VPN.

8

Figure 2-3 BGP/MPLS VPN model

Site 1 and site 5 belong to VPN1. Site 2, site 3, and site 4 belong to VPN2.

The CE and PE are divided according to the management scope of the carrier and user. The PE is the boarder between the management scopes of the carrier and the user.

The CE is generally a router. After the adjacency relationship is set up between the CE and the PE that is directly connected to the CE, the CE advertises the VPN route of this node to the PE and learns the route to the remote VPN from the PE. The CE and PE exchange the route information by using the BGP/IGP and the static route can be also used.

VPN1 Site 1

VPN2 Site 1

VPN2 Site 2

VPN2 Site 3

VPN1 Site 2

CECE

CECE

PE

PE

PE

P P

PP

9

3 Key Technologies

3.1 Leased Line Bearing Technology

VPLS

In the P2MP leased line service, direct interconnection between sites is required. In addition, the correlation between the carriers needs to be minimized. Therefore, the VPLS is recommended to bear the service. In the case of leased line service carried by the VPLS, to provide P2MP Layer 2 communication service, the following issues need to be considered.

Prevention of the VPLS loop

On the Ethernet, to prevent the loop, the Layer 2 protocols such as STP, RRPP, and REP need to be enabled. Considering the minimum correlation between the user and carrier network, the IP protocol of the user network must not be used on the carrier network, but runs only between the devices on the user network. This prevents the loop on the user network.

In the VPLS, "full connection" and "spilt horizon" are used to prevent the loop. Each PE must create a tree to all the PE routers under this instance for a VPLS forwarding instance. Each PE router must support spilt horizon to prevent the loop. That is, the PE cannot forward packet between the PWs that have the same VPLS instance. Generally, in the same VPLS instance, the PEs are connected through the PW. Accordingly, spilt horizon means that the data packet received from the PW are not forwarded to other PWs but only forwarded to the AC.

The full connection and spilt horizon between PEs ensure that the VPLS forwarding is reachable and free of loops. When multiple CEs are connected to the PE, or different CEs connected to the same VPLS VPN are connected between each other, the VPLS cannot ensure that the loop does not occur. Therefore, various mechanisms are needed to prevent the loop.

User access mode

User access modes can be classified into the VLAN access and

10

Ethernet access modes. The meanings are as follows:

VLAN access: If the VLAN access mode is used, the frame header • of the packet that is transmitted from the CE to the PE or from the PE to the CE carries a VLAN tag. This VLAN tag is a service boarder identifier marked for differentiating the users. It is also called Provider Tag (P-Tag).

Ethernet access: If the Ethernet access mode is used, the frame • header of the packet that is transmitted from the CE to the PE or from the PE to the CE does not carry a P-Tag. If the VLAN tag is carried in the frame header, it is only the inner VLAN tag in the user packet, and is called U-Tag (user-tag). The U-Tag is carried in the packet before the packet is transmitted but is not added by the CE during packet transmission. It is used for the CE to differentiate the VLAN of the packet and is of no significance for the PE.

The user access mode in the actual scenario can be specified through the configured mode.

Hierarchical VPLS (H-VPLS)

The VPLS requires the full connection between the PEs. Therefore, the relation between the number of PWs of one VPLS instance and the number of PEs is the number of PWs = the number of PEs x (the number of PEs - 1)/2. In a large scale VPLS network, the number of PWs and the overhead of the PW signaling are both great. Therefore, network management and extension become complicated. To simplify the network management and improve the extensibility of the network, the H-VPLS networking is introduced.

The H-VPLS divides the PE into UPE and NPE. The UPE mainly functions as the MTU when the user accesses the VPN and is used to connect the CE and the SP network. The NPE is on the edge of the core of the VPLS network and provides the transparent transmission of the user packet on the core network. The UPE need not set up connections with all NPEs, but need to set up connections between NPEs. Through hierarchy, the H-VPLS reduces the number of PWs and the load of the PW signaling.

The advantages of the VPLS are as follows:

The VPLS uses the Ethernet port at the user network side, which •

11

simplifies the LAN/WAN boarder and supports the rapid and flexible service deployment.

The VPLS hands over the control and management rights of route • policies on the user network to the user, which simplifies the management of the carrier network.

All the user router CEs in the VPLS service are part of the same • subnet, which simplifies the IP addressing planning.

The VPLS service neither need to sense nor need to participate in • the IP addressing and routing.

VLL/PWE3

VLL

In the P2MP leased line service, direct interconnection between multiple sites is required. In addition, the correlation between the carriers needs to be minimized. Therefore, the VLL is recommended to bear the service. According to the protocols of setting up the VLL, two modes of VLLs are defined in the relevant standards:

Martini mode

This mode complies with RFC4762 specified by the IETF. In this mode, the LDP is used to transmit the signaling of the VC messages.

In the Martini mode, the LDP remote session is set up between the PEs. The PE allocates a VC label to each link of the CE, and transmits the VC label to the remote PE through the LSP set up using the LDP. In this case, a virtual link is set up on the LSP.

In this mode, an LSP between a pair of PEs on the carrier network can be shared to multiple virtual links. As shown in the following figure, site 1 and site 2 on VPN1 use the LSP1 and LSP2, site 1 and site 2 on VPN2 can also use LSP1 and LSP2.

12

Figure 3-1 VLL networking in the Martini mode

In the Martini mode, the PE on the carrier network needs to maintain a few VC labels and mapping information of the LSP. The P device needs not process any L2VPN information, and therefore the extensibility is good. In addition, when a new virtual link needs be set up, unidirectional virtual links only need to be configured on the PEs on the two ends. Therefore, network running is not affected.

The Martini mode is applicable to the Layer 2 connection, such as star connection.

Kompella mode

The Kompella mode complies with FRC4761. Through the setup of the IBGP session between the PEs, the sites of the L2VPN are detected automatically, and the VPN information is transmitted. The L2VPN information is transmitted between the PEs through the extended BGP.

In label allocation, the MPLS L2VPN uses the label block manner in the Kompella mode. The size of the label block is equal to the CE range (specified by the user) for the convenience of allocating labels to multiple connections. This mode allows the user to allocate some extra label to the VPN, which reduces the configuration workload during the VPN deployment and capacity expansion. In the Kompella mode, the vpn-target is used to differentiate the VPNs. This brings great flexibility to the VPN networking and is applicable to various VPN network topologies.

Different from the MPLS L2VPN in the Martini mode, in the Kompella mode, no operation is performed for the link between the CEs, but the SP network is divided into different VPNs. The CE is numbered within the VPN. When the connection needs to be set up between

VPN 1Site 1

VPN 1Site 2

VPN 2Site 2

VPN 2Site 1

VLAN 10

VLAN 20CE

CE

P P

PPE PE

PCE

CE

VCI601VCI605

VCI705VCI709

10011001

20032003

40664077

20012001

40

4066

4077664077

3099

3055

10011001

30

309999

30

305555

13

two CEs, the CE IDs of the local CE and the remote CE need only to be configured on the PE, and the virtual link ID allocated to the link of the local CE needs to be specified.

Figure 3-2 VLL networking in the Kempella mode

In Kempella mode, the VLL user can be reserved for configuration. When the L2VPN site needs to be added in the future, only the PE of the new site needs to be configured, and other PEs need not be configured. As shown in Figure 3-2, in the initial phase, the number of labels allocated to the CEs on the PEs is greater or equal to six, and the link to CE6 is bound in advance. In this case, when site 4 is added to CE6, only CE6 and other CEs bound to CE6 need to be added.

The advantages of the leased line service through the VLL are as follows:

High extensibility•

Overcoming the complexity of the extension on the traditional ATM or FR network, the MPLS VPN uses the label technology to reuse multiple virtual circuits on the same LSP. Therefore, the PE only needs to maintain information of one LSP, which greatly improves the extensibility of the system.

Clear administrative responsibility•

The MPLS L2VPN carrier provides the Layer 2 connectivity, and the customer provides the L3 connectivity. Route oscillation caused by the incorrect configuration of the user does not affect the stability of the carrier network.

Better security and confidentiality•

VOICE

VOICE

VLAN 10

VLAN 11

VLAN 12

CE

CE

CE

CE

CE

CE

CESite 0

Site 1

Site 4

Site 3

Site 2PE

P P

PP

14

The security and confidentiality equivalent to the ATM or RF VPN network are provided. The user maintains its own route information. Therefore, the carrier need not consider IP address overlay of each user, and also need not concerns about route information leakage to the private networks of other uses. This reduces the management workload of the carrier and also improves the security of the user information.

Supports from multiple network protocols•

The carrier provides only the Layer 2 connection. The customer can use any L3 protocol, such as IP, IPv6, IPX, and SNA.

Smooth evolution of the L2VPN•

The MPLS L2VPN is transparent to users. When the carrier upgrades the traditional L2VPN such as ATM and FR to the MPLS L2VPN, the users need not perform any reconfiguration. Except temporary data loss during the switchover, the user services are not affected.

PWE3

It is recommended that you deploy the PWE3 to carry services in the traditional leased line transition scenario. Sites with various media can be interconnected through PWE3. In deploying PWE3, you need to consider different networking modes:

Networking of Static-and-Dynamic Multi-Hop

The static-and-dynamic multi-hop PW indicates that a static PW is set up on one end and a dynamic PW is set up on the other end. The static PW and dynamic PW can be multi-hop PWs. They, however, cannot alternate between each other.

The processing of the PW on the U-PE and the S-PE is the same as the processing of the static PW or dynamic PW, but is different from the processing of the PW on the S-PE where the static PW and the dynamic PW meet.

On the S-PE where the static PW and the dynamic PW meet, for the dynamic PW, the static PW can be regarded as the AC of the dynamic PW; the status change of the static PW can be regarded as the status change of the AC of the dynamic PW. The parameters such as the PW

15

type and interface MTU need to be specified for signaling negotiation and these parameters must be the same as those configured for the CE interface of the static PW.

For the static PW, it is Up if a tunnel exists; for a dynamic PW, the remote PW is Up if a tunnel exists. If the type and the MTU of the remote PW have the same setting as the local ones, the dynamic PW is Up.

PW Protection

The PW protection indicates that when a PW fails, such as a PW tunnel is deleted, the traffic can be rapidly switched to another PW. The fast switching on the data plane thus can be implemented. As shown in the following figure:

Figure 3-3 Topology model of PW protection

To protect the PW, you need to do the following (in the case of the multi-hop):

Configure two PWs on two U-PEs respectively. The two PWs map • each other. Configure one PW (PW5) on one U-PE (U-PE1) as the secondary PW. Configure PWs on the S-PEs that are passed. The PWs configured on the S-PEs and on the U-PEs thus form multi-hop PWs, as shown in figure Figure 3-3.

Both the primary PW and the secondary PW need to negotiate • and process the signaling. This is the same as the processing of ordinary dynamic multi-hop PWs.

If the primary PW fails (for example, the LDP session is Down or • the tunnel is deleted), the secondary PW must be immediately

U-PE1 U-PE2S-PE

S-PE

PW1

Primary PW

Secondary PW

PW2

PW5 PW3

PW6 PW7

PW8

PW4

16

informed of the fault. If the secondary PW is Up, it upgrades to a primary PW.

MS-PW

Generally, a PW is a Single-Segment PW, referred to as an SS-PW. The SS-PW is applied to most bearer scenarios. But some scenarios have limitations and problems.

The service pressure on the core and the convergence node service • is great.

When the services traverse the PSN network with heterogeneous • media, the tunnel cannot be established in end to end mode.

When the inter-area services are required, the tunnel cannot be • established in end to end mode.

The capabilities of fast protection on many times of faults are low.•

The MS-PW can solve the above mentioned problems.

Figure 3-4 MS-PW reference model

NativeService(AC)

NativeService(AC)

Multi-Segment PseudowirePSN PSN

-Tunnel- -Tunnel-V V 1 2V V V V

CE1

TPE1 SPE1 TPE2

CE2PW.Seg’t1 PW.Seg’t3

PW.Seg’t2 PW.Seg’t4

Provider Edge 1 Provider Edge 2

PW switching point

Emulated Service

<

<

<

<

< <

>

>

>

>

17

The preceding figure shows the MS-PW reference model. T-PE1 and T-PE2 are respectively connected to CE1 and CE2 and provide the end-to-the-end Layer 2 service simulation for the CEs.

The MS-PW, traversing two or multiple PSN networks, is comprised of two or multiple PWs. When each PW is established on the tunnel of the PSN network, the switching of these PWs occurs on one or multiple S-PE nodes.

According to the way in which the PSN tunnel is established and the switching relationship is configured on the S-PE node, MS-PW can be set up in the following ways:

Statically configure the PW label and PW switching relationship on • each T-PE/S-PE.

Establish each PW dynamically and configure the PW switching • relationship statically on the S-PE node.

Establish the end-to-end MS-PW dynamically and the PW • switching on the S-PE node is automatically completed.

The configurations must support the mode 1 and mode 2 and can totally meet requirements for the MS-PW application. But the mode 3 only simplifies users' configurations and requires more protocol extensions. At present, the mode 3 has not become mature yet in the aspect of the standard. It remains at the stage of the private draft and the commercial products supporting the mode 3 have not been unveiled in the industry, in particular, in the extension for the PW reachable information advertisement.

BGP/MPLS IP VPN

Multiple sites are required to be directly interconnected for the scenario of the point-to-multipoint leased line services. If large scale interconnected sites faces the extension problem or the leased-line clients are not capable of maintaining the information about the Layer 3 network and the IP router, it is expected that carriers can maintain the information in place of the leased line clients and can also charge them for the value-added services. At this time it is recommended that you deploy the BGP MPLS IP VPN and provide the Layer 3 interconnection service between multiple sites. In this case, you need to consider the following:

18

Inter-AS VPN

In the actual networking, the sites of some leased line client at multiple branches may be connected to many carriers' network with different AS numbers or to multiple ASs of one carrier (for example, multiple sites of the leased line clients are located in different MANs and different WANs distribute different AS numbers). This application mode that the VPN spans multiple autonomous systems is called inter-AS VPN (Multi-AS BGP/MPLS VPN).

At present, there are three technological solutions to the above mentioned inter-AS problems:

VRF-TO-VRF (back-to-back mode)•

Figure 3-5 Inter-AS BGP MPLS IP VPN Option A

For an inter-As VPN client, the VPN-A needs to configure a same VPN in the PE-ASBR of the AS. As shown in the preceding figure, configure VPN-AS on the PE-ASBR-1 and the PE-ASBR-2, create a logic link (or a physical link) between the two ASBRs and then associate VPN-As with this link. In this networking, the ASBR, as a PE device, creates a same VPN on the PE and regards the peer ASBR as its own CE device. In this case, two ASs play the role as operating the MPLS VPN services in one AS. Specifically, advertise the VPN information in the AS to the ASBR (PE device), and advertise the VPN information to the remote ASBR (considered as the ASBR's CE device). After the VPN on the ASBR receives the VPN information (considered as another PE device of the AS), it advertises the information to the PE device of the VPN AS. Finally, the VPN is advertised to the CE device and then the VPN

PE-ASBR1 PE-ASBR2VPN-1

VPN-2

VPN-1 Site 1 VPN-1 Site 2VPN-2 Site 1 VPN-2 Site 2

VPN-2

VPN-1

AS-X AS-Y

CE CE CE CE

PE PE

19

routing information is exchanged between the two ASs.MP-EBGP (single-hop MP-EBGP mode)•

Figure 3-6 Inter-AS BGP MPLS IP VPN Option B

The MP-EBGP runs between two ASBRs and transmits all the VPN information of an AS to another AS. The transmitted information is about VPN routes and labels. When the MP-EBGP transmits the route, it changes the next hop of routes. According to the principle of the label distribution, when the next hop of an FEC is changed, the label must be replaced in the local ASBR. So when the ASBR receives the information about the VPN router of the AS and advertises the information, the ASBR must redistribute labels for the information about the VPN router. After the information is advertised with new labels, new and old labels form a switching operation of labels in the local ASBR.

The remote ASBR receives the information about the VPN route advertised through MP-EBGP, the information is saved in the local end and continues to be advertised to the PE device of the ASBR AS. When this ASBR advertises the route to MP-IBGP neighbors of the AS, it can choose not to change the next hop of the route or change the next hop of the route to itself. If the next hop of the route is changed, the ASBR also needs to redistribute the labels for the VPN routes and the switching operation of labels is formed in the local ASBR, as shown in the preceding principle of the label distribution.

PE-ASBR1 PE-ASBR2MP-eBGP

VPN-1 Site 1 VPN-1 Site 2VPN-2 Site 1 VPN-2 Site 2

AS-X AS-Y

CE CE CE CE

PE PE

20

MULTIHOP-EBGP (multi-hop MP-EBGP mode)•

PE-ASBR1 PE-ASBR2MP-eBGP

VPN-1 Site 1 VPN-1 Site 2VPN-2 Site 1 VPN-2 Site 2

AS-X AS-Y

CE CE CE CE

PE PE

In the MP-EBGP option, the information about the VPN route is saved and advertised through the ASBR routers between the AS. Many VPN routes bring great pressure to these ASBRs. When the traffic passes through multiple ASs, the ASBR in each AS saves the same VPN route. If the router in this option carries the ASBR forwarded by the public network IP at the same time, the demand on the device is higher. So in the MP-EBGP option, generally, for the ASBR which needs to carry the information about the VPN router, it is configured separately. It indicates that the ASBR is not required to function as the VPN ASBR and the ASBR of the public network at the same time. Actually, Option A and Option B are to relay VPN routes of an AS to another one through intermediate devices, which receive and advertise routes between the ASs. This means the intermediate devices have to support the VPN features. If the VPN is across multiple ASs, more intermediate devices are involved and affected. This principle contradicts the MPLS VPN principle that VPN information is transparent to devices except PEs.

So, the best solution is that in the case of the inter-AS, like the MPLS VPN of one AS, the VPN route is directly advertised but not saved and advertised through the intermediate device. Actually the BGP has this function that two different ASs can directly set the BGP connection and exchange the information about the route. This goes for the information about the VPN route. It indicates that the PE devices (RR) of two ASs can directly exchange the information about the VPN route. It is very easy to realize that through the MULTIHOP-EBGP. But

Figure 3-7 Inter-AS BGP MPLS IP VPN Option C

21

we only solve the problem related to the advertisement of the VPN information in this way. Another important problem that how to set a public network LSP between two PEs in different ASs remains to be solved (or LSP tunnel). This is also the problem to be solved dearly in the MULTIHOP-EBGP inter-AS VPN Option.

HoVPN•

To solve the scalability problem, the BGP/MPLS VPN must be changed from the plane model to the Layered model.

In the MPLS L3VPN field, Huawei launches the Hierarchy of VPN (HoVPN) solution. The functions of a PE router are distributed to multiple PEs playing different roles and forming a hierarchical architecture to fulfill the functions of a centralized PE.

The HoVPN imposes relatively high demand on the route capabilities and the forwarding performance of higher layer devices but low demand on those of lower layer devices. This conforms to the typical layered network model.

Multicast VPN

With the informatization and the multi-media technology applying to the normal operation and management in enterprises, the video telecommunication is a kind of very important application and value-added service. Carriers face a severe challenge concerning how to provide the leased line services that support the video application in the bandwidth MAN. It is recommended by Huawei to deploy the multicast VPN technology to provide the IP leased line services of the video application.

Multicast VPN is a technology that transmits multicast data between different sites in the MPLS/BGP VPN based on the encapsulation of the multicast protocol.

The multicast VPN scheme requires that the multicast function be supported by a service provider's backbone network (core network or public network). Running PIM instances in VPN instances on the PE router can implement multicast traffic and video stream transmission between sites in different VPNs over the MPLS backbone network.

22

VPN-1 Site 1

VPN-1 Site 2

VPN-2 Site 1

VPN-2 Site 2

NPE

CE

CE

CE

CEUPE

UPE

PE-AGG

PE-AGG

MulticastSource

MulticastSource

MulticastReceiver

MulticastReceiver

Figure 3-8 Figure 12 Multicast VPN networking model

With the multicast VPN technology developing constantly and becoming mature, Layer 2 or Layer 3 VPNs can be set up based on diverse technologies such as the traditional VPN based on the Layer 2 Tunneling Protocol (L2TP), Generic Routing Encapsulation (GRE) and IPSec protocol. As the VPN technology becomes mature, the VPN is widely used. Requirements of users for operating multicast services over the VPN have been put on the agenda.

3.2 End to End Quality Assurance for IP Leased Line Service

QoS technology for the access side: VLAN HQoS

When the leased line service is provided on a network, enterprises services generally enter the leased line by passing the CPE and then the UPE, and sub-interfaces are configured at the access side of the UPE to differentiate enterprises. When a leased line carries multiple service types of different enterprises at the same time, the lease line can identify the enterprises and services based on QinQ (the inner Q indicates the service type and the outer Q indicates the enterprise) or based on the single-layered Q (the single-layered Q indicates the enterprise and the 802.1P field of the single-layered Q indicates the service type). In addition, because multiple enterprise services share the link at the UPE access side, it is possible that different enterprise services and services of the same enterprise preempt bandwidth when the link is congested. To address the problem, you need to implement the VLAN HQoS, instead of the common Diffserv QoS, on the link

23

so that services of multiple enterprises do not preempt bandwidth and different services of the same enterprise are scheduled based on service priorities.

Five-level HQoS scheduling is provided for the bandwidth assurance and scheduling in the leased line service. To be specific, after being configured on the UPE, the VLAN HQoS independently assures the bandwidth for each enterprise, and provides the queue scheduling for the services of the same enterprise based on service priorities. For details, see the following figure.

NPE

Metro Core

NPE

NPENPE

UPECPE CPE

Port

Enterprise VPN A:SQ1 CIR 20M PIR:20M

Enterprise VPN B:SQ2 CIR 50M PIR:50M

Enterprise VPN C:SQ3 CIR 100M PIR:20M

FQ1-Voice-EF CIR 2M PIR 2M

FQ2-Video-AF3 CIR 2M PIR 5M

FQ3-Data-BE CIR 0 PIR 20M

FQ1-Voice-EF CIR 5M PIR 5M

FQ2-Video-AF3 CIR 10M PIR 10M

FQ3-Data-BE CIR 0 PIR 100M

FQ1-Voice-EF CIR 5M PIR 5M

FQ2-Video-AF3 CIR 5M PIR 10M

FQ3-Data-BE CIR 0 PIR 50M

UPE

Figure 3-9 VLAN HQoS service and bandwidth model

For technical details of VLNA HQoS, refer to the Technical White Paper for VLAN HQoS.

QoS technology for the network side: MPLS HQoS

When the leased line service is provided on the broadband MAN, various MPLS VPN technologies are usually used to transmit services between the UPE and the NPE. Because the link or LSP between the UPE and the NPE is shared by multiple VPNs and different enterprise services preempt bandwidth when the link is congested, bandwidth and priority scheduling cannot be guaranteed on the leased line from end to end. In this case, the MPLS HQoS technology is introduced to provide the mechanism of layered bandwidth assurance and priority

24

scheduling for the VPN interface at the network site, guarantee independent bandwidth for each VPN between the UPE and the NPE, and schedule services of different types in the same VPN based on service priorities. For details, see the following figure.

NPE

Metro Core

NPE

NPENPE

UPE

UPECPE CPE

LSP1( LDP )150M

LSP2( TE )100M

Port1 Port1

VPN1:20M( L3VPN )

VPN2:30M( VPLS )

VPN3:100M( MVPN )

VPN4:40M( L3VPN )

VPN5:60M( L3VPN )

Figure 3-10 MPLS HQoS service and bandwidth model

For details of MPLS HQoS, refer to the Technical White Paper for MPLS HQoS.

3.3 Visualized Deployment of IP Leased Line

At present, an IP leased line can be established by configuring multiple VPN instances on various devices of the carrier's network through command lines. This proposes a high requirement for the service deployment personnel on IP knowledge and skills. In addition, service deployment personnel have to manually implement and guarantee the service relationships between different devices in different sites manually, which is error prone and low efficient.

The Huawei U2000 supports the deployment of multiple VPN services such as VLL, VPLS, BGP MPLS IP VPN, and multicast VPN. The U2000 supports the one-stop service configuration without the need to switch windows and supports the creation and replication of services in batches, thus improving the efficiency of service deployment.

The following part describes how to use the U2000 to achieve the fast

25

and virtualized deployment of the leased line service. You can use the topology on the U2000 to fast deploy the PWE3 service. As shown in the following figure, after you select the source node, destination node, and the protection node through the physical topology, the primary and secondary PWs are generated automatically. Then, you can choose to configure certain QoS parameters based on the specific requirement and finish the service deployment.

Figure 3-11 Deployment of the PWE3 service through the U2000

The U2000 supports the template-based service deployment. You can formulate a template based on the specific user requirement and application scenario to make the configurations simpler, more efficient, and easier to learn.

26

Define a template

Figure 3-12 Formulating a template

Figure 3-13 Using a template to deploy services

Specify the access interfaces for multiple devices and configure IP addresses and other parameters

The U2000 supports the services replication function. By replicating and adjusting the existing function slightly, you can create new services. This measure can not only improve the efficiency of service deployment but also reduce the failure probability.

27

Figure 3-14 Replicating services

3.4 IP SLA Visualized Report on the Quality of the Leased Line

The IP leased line service needs to be based on the refined SLA management. The Huawei service quality management system, U2520, can provide comprehensive SLA monitoring for leased lines by monitoring the key performance indicators, and enhance the diagnosis efficiency by using diagnosis tools.

As shown in the following figure, the U2520 supports two detection modes, namely, external probe and internal probe.

External probe: provides a solution and end-to-end emulation and • detection with varied priorities in the scenario that CEs are not manageable.

Internal probe: detects the VPN operation status at the network • site, supports multiple OAM detection mechanisms such as Y.1731 for PW, VRF Ping, and LSP Ping, and enables the monitoring system to summarize and analyze the system performance based on the performance reference for the single node and the statistics of the MPLS QoS queue.

28

U2520 monitoring center

Enterprise1

Enterprise1

Enterprise1

Enterprise2

Enterprise2

Enterprise2

CE

CE

CE

CE

CE

CE

UPE

UPE

UPE

UPE

UPE

UPE

NPE

NPE

NPE

NPE

NPE

NPE

MetroNetwork

U2520 NEU100

U2520 NEU100

U2520 NEU100

IP/MPLSCore

BEAF1AF2AF3AF4EFCS6CS7

Figure 3-15 U2520 monitoring center

Based on user requirements, the U2520 can create an SLA monitoring instance tailored to the leased line service. By providing a flexible curve chart of the network performance, the U2520 facilitates users to learn the health status of the network. By analyzing the performance trend and displaying alarms when the quality threshold is exceeded, the U2520 prevents network faults in advance.

Figure 3-16 Creating an SLA monitoring instance

Customer

Monitored object

Monitoring period

Threshold of the indicator

Importance of the indicator

29

Figure 3-17 Checking the SLA detection result

Display the history of the selected indicator and support different data collection interval (day, week. Month, and year) and automatic update

3.5 Visualized Detection of Leased Line Faults

The U2000 provides easy network monitoring and alarming as well as fast fault location. Users can directly view alarms through the network topology, alarm windows, or slot layout of the network elements. The U2000 monitors the network operation status in a 7x24 manner, detects network faults and worsened situations in time, implements the real-time alarm monitoring and reporting, and informs the relevant personnel of the current network faults through SMS and emails. All these measures effectively guarantee the normal operation of the network.

Figure 3-18 Fault and alarm management

30

The U2000 monitors VPN services and provides the visualized topology views for the MPLS VPN, VPLS, and PWE3 services. In the views, resources occupied by current services, such as the operation status of interfaces, VRFs, PWs, and VSIs, are shown to facilitate users to fast locate faults. In addition, a user can also monitor all services of a key account by displaying these services on the same topology diagram.

Figure 3-19 Presentation of the service topology

The U2000 provides the test and diagnosis function. In this case, the U2000 enables users to test network connections and QoS and diagnose network faults according to the test result. The test and diagnosis function can be used to limit the fault diagnosis scope and shorten the period of fault location and rectification. Users can formulate a diagnosis task by specifying services or operating on the device nodes on the topology diagram.

Figure 3-20 Test diagnosis

Services are

interrupted

Check whether the conf igurat ions are incorrect.

Check forwarding entries of the IP layer

FindC h e c k w h i c h l a y e r becomes faulty.

31

3.6 Protection Technology of the Leased Line Services

Fault protection technology of the leased line services at the access side: E-trunk

Through the binding technology, multiple physical interfaces are bundled into a logical interface that is called a Trunk interface, and the bundled physical interfaces are called member interfaces.

The E-Trunk extends the Trunk concept, dividing a trunk of a CE into two sub-trunks to connect to two routers (the two routers are a pair of PEs backing up each other) , instead of establishing the trunk only across multiple interface boards on a router. The E-Trunk ensures not only the link-level reliability, but also the network-level reliability because the E-Trunk is connected to two systems. Note that in the E-trunk networking, the CE still uses the standard trunk without the need to support E-trunk. In other words, the access devices like the CE are transparent to the E-Trunk.

The E-Trunk control protocol is mainly applied to the link protection between the CE and the PEs and the link protection between the PEs when the CE accesses the VPLS, VLL or PWE3 network in dual-homing mode.

As shown in the following Figure 3-21, two routers are directly connected through three Ethernet interfaces. The three interfaces are bound to form an Eth-Trunk interface.

Eth1/0/0Eth1/0/1Eth2/0/0

Eth1/0/0Eth1/0/1Eth2/0/0

Eth-Trunk

Figure 3-21 Scenario that the E-Trunk implements the redundant access at the access side.

The E-Trunk supports the binding of interfaces including FE, GE and 10GE interfaces and supports both Layer 2 and Layer 3 features.

Advantages of the E-Trunk technology are as follows:

Increased bandwidth: The bandwidth of a trunk interface is the • total bandwidth of all member interfaces. Thus, the interface bandwidth can be increased by multiple folds in the E-Trunk mode.

Enhanced reliability: When the physical link connected to a member •

32

interface fails, traffic on the link is switched to another available link. This improves the reliability of the trunk link.

Load balancing: Load balancing can be implemented through • the E-Trunk interface. That is, an E-Trunk interface distributes traffic among its member interfaces and then transmits the traffic through the member links to the same destination. This prevents the network congestion that occurs when all traffic is transmitted through one path.

Saved IP addresses: If two devices are directly connected through • multiple links that have the same configuration, IP addresses of different network segments are required. After being bound through the E-Trunk, the multiple direct links can share the same IP address.

The E-Trunk solves the problem that member interfaces of a common trunk can only reside on the same router and improves the link reliability from the board-level to the device-level. This feature only needs to be supported by PEs rather than CEs.

Fault protection technology of the leased line services at the network side: PW redundancy

With the increasing number of applications of the L2VPN PW, the PW reliability becomes much more important, which involves the protection of AC links, routers, and links of the public network. PW redundancy is a reliability insurance technology. It determines the primary or secondary status of a PW through dynamic negotiation, which is determined by the MC-Trunk or MC-APS at the AC side. When a PW fails, it is switched to another one to ensure smooth traffic transmission.

There are mainly two PW redundancy solutions, as shown follows:3PE VLL (single CE dual-homing)•

CE1CE2

PE2( VLL )

PE3( VLL )PW1

PW2

Inter-chassis protocol

PE1( VLL )

Figure 3-22 PW Redundancy in the CE dual-homing scenario

33

CE1 is dual-homed to PE1 and PE2 in active and standby mode, and CE2 is single-homed to PE3.

PE1 and PE2 negotiate and obtain the active AC status and standby AC status through the technology such as MC-Trunk or MC-APS and inform PE3 of the active and standby status (PW Preferential Forwarding Status). Then, PE3 selects PW1 as the primary PW according to the primary and secondary status of PW1 and PW2.

When the switching of the primary and secondary PWs on CE1 occurs, no matter whether it is caused by a fault, the automatic switching, or the manual switching, PE1 and PE2 inform PE3 of the switching through the PW Preferential Forwarding Status field in the LDP Notification message.

Scenario in which the E-trunk accesses the VPLS•

CE1CE2

PE2( VPLS )

PE3( VPLS )PW1

PW2

MC-TRUNK

PE1( VPLS )

Figure 3-23 PW redundancy in the scenario where the E-Trunk accesses the VPLS network

CE1 is dual-homed to PE1 and PE2 in the active and standby mode and the CE2 is single-homed to PE3.

After the successful MC-trunk or MC-APS negotiation on PE1 and PE2, the primary and secondary PWs are determined. The physical status of the primary PW is Up and that of the secondary PW is Down. The VPLS modules of PE1 and PE2 ignore the physical status of AC interfaces after command configurations. The switching of the primary and secondary links on CE1 causes the physical status of AC interfaces on PE1 and PE2 to change. After receiving the information about the change in the physical status of interfaces, The VPLS modules trigger the MAC-withdraw messages to inform PE3 of clearing MAC addresses, thus implementing traffic switching.

Currently, PW redundancy is a mainstream solution of Huawei for the networks such as IP RAN and converged ME. The solution is reliable and traffic switching and protection meets the demand of clients.

34

PW redundancy is similar to VLL FRR, and what is different is that it can determine the primary and secondary PWs dynamically through the cooperation with the E-APS and the E-Trunk and no longer require the detection and association technology of Eth-OAM.

3.7 Traditional Leased Line Migration Technology

TDM-PWE3

TDM PWE3 is used to emulate and transparently transmit the TDM service over the PSN network. TDM PWE3 is mainly applied to wireless services and leased line services. 2G or 3G base stations or leased lines access the router through E1 or channelized STM-1 line, and then the router fragments the E1 signal, encapsulates the E1 signal to packets, and transmits the packets to the remote end through PWs over the MAN transfer network.

Huawei routers support TDM PWE3 services in structured emulation mode and unstructured emulation mode. The structured emulation mode refers to the Structure-aware TDM Circuit Emulation Service over Packet Switched Network (CESoPSN), whereas the unstructured emulation mode refers to the Structure-Agnostic TDM over Packet (SAToP).After enabling PWE3 on interfaces such as cSTM-1 POS interface, CT1 interface, and CE1 interface, you can use PWE3 to transmit traditional TDM services.

TDM PWE3 is obviously beneficial for carriers. It saves the expensive rent on TDM leased lines and facilitates the smooth evolution of the network. For leased line users, the voice access does not mean the high expensive rent to the carriers, thus greatly reducing the cost.

ATM-PWE3

ATM PWE3 is used to emulate and transparently transmit the ATM service over the PSN network., such as the MPLS network or the Ethernet network. There are five ATM service transparent transmission modes, namely, transparent transmission on port, 1to1 VPC, 1to1 VCC, nto1 VPC, and nto1 VCC.

Currently, on mobile carriers' R99/R4 networks, a great number of ATM switches are deployed on the convergence point to converge ports and bandwidths for 155 Mbit/s ATM and IMA interfaces of

35

NodeBs. With the changes in the entire industry chain, ATM switches are showing disadvantages in terms of costs and scalability. Along with the trend of All-IP on core networks and increasing use of the Ethernet technology on access-layer devices, the Ethernet+IP solution has become more appealing to customers than conventional service access and bearing solutions, in terms of both costs and resource usage. Therefore, for both service providers and users, the provision and bearing of ATM services need to be shifted to PSNs. ATM PWE3 is a well-developed solution to meet this need.

Mapping ATM QoS to IP QoS

At the edge of the ATM network, the router is responsible for the access to the IP network. Data is encapsulated in AAL5 frames such as IPoA, IPoEoA, and PPPoEoA. Such frames are decapsulated by the router and are forwarded to other types of interfaces, or are forwarded to the Ethernet interface as Layer 2 Ethernet frames.

The IP network and the ATM network can communicate based on the IPoA technology. IPoA, however, cannot make full use of all ATM functions, and it restricts the application of ATM in the case of fully-connected permanent virtual circuits (PVC).Therefore, the IP network with 10Gbit/s Ethernet interfaces cannot communicate with the ATM network. Otherwise, traffic congestion may occur and QoS cannot be ensured. To solve the problem, ATM QoS is introduced.

The ATM network possesses the QoS capability. With the transition from the ATM network to the IP/MPLS network, the QoS capability of the ATM network needs to be kept. ATM QoS enables ATM cells with higher precedence to be transferred with the same precedence in the IP network. Similarly, it enables IP packets with higher precedence to be transferred with the same precedence in the ATM network.

The greatest advantage of mapping ATM QoS to IP QoS is to make use of the QoS mechanism of the ATM network to support the multimedia service and allow the LAN to access the ATM network at the network layer. In this manner, the network bandwidth and performance are improved. To a certain extent, IP and ATM are complementary to each other. IP is widely applied and features low cost; although ATM is complicated and expensive, it can provide high bandwidth and QoS assurance, thus meeting user's service requirements.

36

4 Typical Application

4.1 Interconnection of Branches within an Enterprise

Interconnection of branches in an enterprise is a typical application of IP leased line. The purpose of this application is to provide the virtual leased line service for the enterprise by using the MPLS VPN technology on the MAN, connect branches to the headquarters, implement multiple applications in the process of enterprise informatization, and transmit enterprise data privately on the public network. According to the specific interconnection requirement, one of the following service transmission technologies can be adopted:1. VLL2. VPLS3. BGP/MPLS IP VPN

An enterprise can adopt the VLL technology in the following scenarios:

The branches are connected to the headquarters in point-to-point mode.• Branches do not need to be interconnected or need to be • interconnected through the headquarters.The enterprise is relatively large.• The enterprise is capable of maintaining the Layer 3 network and routes.• The enterprise hopes that its network is relatively separated from • the carrier's network.

CE CE

MPLS

PE PE

SITE-1 SITE-2

VLL networking diagram

Figure 4-1 Interconnection of branches in an enterprise in point-to-point mode

Take the following as an example to show the VLL application. An enterprise has multiple branches in different locations and needs to connect them to the headquarters in point-to-point mode. In this manner, carrier A can deploy VLLs on its MPLS backbone network to provide the transparent Layer 2 tunnel service for the enterprise, ensuring the security and privacy of the enterprise data transmitted on the public network.

37

An enterprise can adopt the VPLS technology in the following scenarios:

The enterprise is in a large scale and has a larger number of • geographically-dispersed branches.The headquarters and branched are interconnected in point-to-• multipoint mode.The enterprise is capable of maintaining the Layer 3 network and • routes.The enterprise hopes that its network is relatively separated from • the carrier's network.

CE CE

MPLS

PE

PE

PE

SITE-2 SITE-3

VPLS networking diagram

branch

CE

SITE-1

headquarters

branch

Figure 4-2 Interconnection of branches in an enterprise in point-to-multipoint mode

Take the following as an example to show the VPLS application. Carrier A provides the VPLS service on the MPLS backbone network for an enterprise. In this case, the enterprise seems to have its own LAN switches on the MPLS backbone network, which interconnect multiple sites of this enterprise, ensuring the security and privacy of the enterprise data transmitted on the public network.

The preceding MPLS-based Layer 2 leased line emulation technologies provide secured service transmission tunnels on the public network for enterprises. These technologies, however, are based on Layer 2, thus having poor expandability, hard to implement service change, and lack of security mechanisms. Therefore, the BGP/MPLS IP VPN technology is recommended.

The BGP/MPLS IP VPN is an L3VPN. It uses BGP to advertise VPN routes and MPLS to forward VPN packets on the carrier's backbone network.

38

CE CE

MPLS

PE

PE

PE

Enterprise-1

BGP/MPLS IP VPN networking diagram

branch

CE

headquarters

branch

CE CEbranch branch

CE

headquarters

Enterprise-2

Enterprise-2Enterprise-1

Enterprise-1

Enterprise-2

On the control plane, the BGP/MPLS IP VPN uses the Route Distinguisher (RD) and Route Target (RT) to identify routes and implement route isolation, and maintain different routing domains for different enterprises. On the forwarding plane, the BGP/MPLS IP VPN uses MPLS labels to forward data. In this manner, the virtual leased line service can be provided for enterprises on the public network.

4.2 Carrier Wholesale Service

The MPLS-based wholesale service, as an important service mode of IP leased line, is a value-added service for carriers. The operation mode of the wholesale service is that the medium- and small-sized SPs rent logical tunnels from the large carriers to transmit services and provide user access for final users.

Figure 4-3 Interconnection of branches in an enterprise in point-to-multipoint mode

SHDSL

DSLAMxDSL

LSW

CSG

MSCG

PE

PE

PE PE

PE PE

PE PE

RNC

headquarters

PE

NodeB

Small SP Network Small SP NetworkLarge SP Network

L2 PIPE

L2 PIPE

Wholesale service

Figure 4-4 Wholesale service

39

The wholesale SP needs to transparently transmit user data and ensure the QoS of the user data according to the signed SLA. In this service scenario, VLL is recommended to provide Layer 2 tunneling services, and the MPLS HQoS technology solely owned by Huawei is recommended to ensure the bandwidth provision and priority scheduling. In this manner, the SLA signed between the carrier and the user can be guaranteed.

4.3 Migration of the Traditional Leased Line

Many mainstream carriers use the ATM/TDM technologies to provide many leased line services. After constructing the MPLS-based broadband MAN, these carriers hop that the previous leased line services can be migrated, which better uses network resources, reduces the operation cost, and realizes smooth cutover of existing leased line users. Therefore, MPLS PWE3 is introduced. MPLS PWE3 is a key technology in MANs. Through MPLS PWE3, previous access modes can be well converged with the current IP backbone network. This reduces the repetitious network construction and saves the operation cost.

CE1

CE2

PE2

PE1

Shanghai branch

FR access

National backbone

Beijing branchATM access

Customer A

Figure 4-5 ATM leased line migration

The preceding figure shows a typical PWE3 application. A carrier establishes a national backbone network that provides the PWE3 service. Customer A has two branches, with one in Beijing and the other in Shanghai. The Beijing branch accesses the backbone network

40

of the carrier through ATM, and the Shanghai branch accesses the backbone network of the carrier through FR. The carrier can set up a PWE3 connection between the two access sites, PE1 in Beijing and PE2 in Shanghai. In this manner, the carrier can provide the point-to-point interconnection service for customer A over the backbone network, without changing the current access mode of the customer. Customer A does not need to modify the original intranet because of the simple and convenient VPWS/VLL solution. The carrier succeeds in smoothly migrating the previous access mode on the IP backbone network.

41

5 Conclusion

The MPLS IP leased line technology can be used to implement point-to-point and point-to-multipoint service interconnection, ensure high-standard services, and provide differentiated services and enhanced services. This technology is compatible with traditional leased line technologies, and can be used to smoothly migrate traditional ATM/TDM leased line services. This meets the requirement of carriers to transmit all services on the universal IP network, enhances service flexibility, and reduces the overall cost of the carriers. Therefore, the MPLS IP leased line technology becomes the best choice of carriers.

42

6 References

RFC 3916, Requirements for Pseudo-Wire Emulation Edge-to-Edge 1. (PWE3),IETFRFC 3985, Pseudo Wire Emulation Edge-to-Edge (PWE3) 2. Architecture,IETFRFC 4197, Requirements for Edge-to-Edge Emulation of Time 3. Division Multiplexed(TDM) Circuits over Packet Switching Networks,IETFRFC 4553, Structure-Agnostic Time Division Multiplexing (TDM) 4. over Packet (SAToP), IETFInternet Draft, “draft-ietf-pwe3-cesopsn-07“, IETF5. MEF8.0 , Metro Ethernet Forum 6. MFA 8.0.0, Emulation of TDM Circuits over MPLS Using Raw 7. Encapsulation Implementation Agreement, MFA

43

7 Acronyms and Abbreviations

Abbreviation/Acronym Full Spelling

CES Circuit Emulation Service

PWE3 Pseudo Wire Emulation Edge-to-Edge

PSN Packet –Switched Networks

TDM Time Division Multiplex

PDH Plesiochronous Digital Hierarchy

SDH Synchronous Digital Hierarchy

SONET Synchronous Optical Network

IETF Internet Engineering Task Force

PSTN Public Switched Telephone Network

CE Customer Edge

PE Provider Edge

AC Attachment Circuit

SAToP Structure-Agnostic TDM over Packet

CESoPSNCircuit Emulation Services over Packet Switch Network

CAS Channel Associated Signaling

CCS Common Channel Signaling

MEF Metro Ethernet Forum

MFAMPLS ForumFrame Relay ForumThe ATM Forum

ITU-TInternational Telecommunication Union - Telecommunication Standardization Sector

44

Huawei Technologies Co., Ltd.Address: Huawei Industrial Base

Bantian, LonggangShenzhen 518219People's Republic of China

Website: http://www.huawei.comEmail: support@huawei.com

Copyright © 2010 Huawei Technologies Co., Ltd. All rights reserved.No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd.

Trademarks and Permissions and other Huawei trademarks are the property of Huawei Technologies Co., Ltd.All other trademarks and trade names mentioned in this document are the property of their respective holders.

NoticeThe product, service, or feature that you purchase should be restricted by the Huawei commercial contract and the clauses in the contract. All or a part of products, services, or features described in this document may not be purchased or used. Every effort has been made in the preparation of this document to ensure the accuracy of the contents, but the statements, information, and recommendations in this document do not constitute a warranty of any kind, expressed or implied.The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure the accuracy of the contents, but the statements, information, and recommendations in this document do not constitute a warranty of any kind, expressed or implied.