VPLS for

Carrier Ethernet
Services
Tim McSweeney
Product Manager
Layer 2 VPNs & Network Access

Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Agenda - GARR
What Is Driving L2VPNs?
Foundations
MPLS and GMPLS
Pseudo Wires

VPLS Overview
Why Deploy VPLS?
VPLS in a Nutshell
Hierarchical VPLS and Autodiscovery
Manageability and Cisco Service Delivery Models

Customer Deployment Profiles

Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

What Is Driving L2VPNs?

The Ever Expanding Applications of Ethernet

Access

Aggregation

PSN

Aggregation

Access

Internet
VLAN 100
Termination

IP/MPLS
VLAN
200

VLAN 200
Transport

VPWS
Layer 3

Fast becoming the access technology of choice

Layer 2, Layer 3 and Internet services on a common port
Extends the reach of metro area Ethernet networks
Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

L2VPN Taxonomy
L2VPN Models
VPWS

Virtual Private Wire Service

Point
Point to
to Point
Point

VPLS

Virtual Private LAN Service

Point
Point to
to Multipoint
Multipoint
MPLS
MPLS Core
Core

L2TPv3

AToM

IP
IP Core
Core

Presentation_ID

MPLS
MPLS Core
Core

Ethernet
Ethernet

Ethernet
Ethernet

Frame
Frame Relay
Relay

Frame
Frame Relay
Relay

ATM
ATM (AAL5
(AAL5 &
& Cell)
Cell)

ATM
ATM (AAL5
(AAL5 &
& Cell)
Cell)

PPP
PPP &
& HDLC
HDLC

PPP
PPP &
& HDLC
HDLC

2006 Cisco Systems, Inc. All rights reserved.

Ethernet
Ethernet

Cisco Confidential

MPLS Operation Overview

3. Ingress Edge LSR
receives and
labels packets

Customer
Site A

4. LSR switches
packets using
label swapping

PE

5. Egress Edge LSR

removes label and
delivers packet

P
PE

1. Routing Protocols (OSPF, IS-IS)

establish reachability to
destination networks
Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Customer
Site B

2. Label Distribution Protocol (LDP)

establishes label-to-destination
network mappings
5

MPLS Encapsulation
One or More Labels Inserted into Packet Header
PPP Header
(Packet over SONET/SDH)

PPP Header

Label

Layer 2/L3 Packet

LAN MAC Label Header

MAC Header

Label

Layer 2/L3 Packet

0
1
2
3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

Label 20bits

EXP S

TTL-8bits

EXP = Class of Service: 3 Bits; S = Bottom of Stack; TTL = Time to Live

Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

MPLS VPN Security: Comparable to Frame

Relay and ATM
Miercom testing that proved
that MPLS VPNs met or
exceeded all of the security
characteristics of a comparable
Layer 2 VPN based on Frame
Relay or ATM
References
RFC 4381: Analysis of the
Security of BGP/MPLS IP Virtual
Private Networks (VPNs),
Feb 2006
Cisco white paper: Security of the
MPLS Architecture
http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/mxinf_
ds.pdf

Source: Cisco MPLS based VPNs: Equivalent to the security of Frame Relay and ATM, Miercom, March 2001,
http://www.miercom.com/_gfx/nav/acrobat.gif
Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

GMPLS Overview
GMPLS provides Unified Control Plane across different layers
GMPLS extends MPLS/MPLS-TE control plane
GMPLS extends these control planes to support ANY class of
interfaces (i.e. layers)
Provides Bi-directional LSPs

GMPLS supports 5 types of interfaces:

PSC - Packet Switching Capable: IP/MPLS
L2SC - Layer-2 Switching Capable: ATM, FR, Ethernet
TDM - Time-Division Multiplexing: SONET, SDH, G.709 ODUk
LSC - Wavelength Switching: Lambda, G.709 OCh
FSC - Fiber Switching

With MPLS-TE, GMPLS enables:

Connection Protection/Restoration capabilities
Separation between transmission, control and management plane
Network management using SNMP (dedicated MIB)
Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Network Hierarchy: GMPLS/MPLS Integration

GMPLS Network - OTN
MPLS Network

MPLS Network

G-PE1

PE1

G-PE2

PE2

GMPLS LSP
MPLS LSP

MPLS LSP
Ethernet
Frame

Ethernet
Frame

GMPLS LSP

MPLS
Layer

MPLS
Layer

MPLS
Layer

GMPLS
LSP
Stacks

GMPLS
LSP
Stacks

L1, L2, L3

GMPLS
connection
between PEs

MPLS
Layer

L1, L2, L3

MPLS LSP between customer networks over GMPLS

VPLS connection between customers PEs
Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

GMPLS/MPLS Integration
Cisco actively involved in private and
public interoperability (for example,

ISOCORE www.iscocore.com)
Main focus: IP/Optical integration proof of
concept and interoperability across
GMPLS/MPLS layers
Optical Dynamic GMPLS LSPs signalled
and advertised in the MPLS layer
L3VPNs, TE, VPLS, PW, Multicast services
running over the GMPLS LSP
If you are interested let us know!!!

GMPLS
available for
customer
evaluation on
Cisco routers
Cisco CRS-1
Cisco 12000
Cisco 7600

GMPLS deployment
Service providers in Japan have done
testing and ready for deployment
Typical services: L3VPN, TE, PW

Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

10

Pseudo Wires Enable VPLS, AToM, L2TPv3

Transport over non-Native
Backbones

Bridged
Ethernet
over
ATM

Co-existence with other

Encapsulations

CE

SP Network

Service
Interworking

EoMPLS
Pseudo Wire

Ethernet example
Ethernet VLAN
Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

CE
Cisco Confidential

11

Why Deploy VPLS?

Feature
Benefits
Overcomes distance limitations of
MPLS core network
Ethernet-switched networks
emulates a flat LAN segment
Offer Virtual Private LAN Services
Formerly called Transparent LAN
Services (TLS)

Extends Ethernet broadcast

capability across WAN
Point to Multipoint
Connectivity

Connects each customer site to many

or all other customer sites

Multipoint plug-and-play
provisioning

Adding, removing or relocating a CE

router requires configuring only the
directly attached PE router

A single CE-PE link transmits Ethernet

packets to multiple remote CE routers
Fewer connections required to get full
connectivity among customer sites
OpEx Savings

OpEx Savings
Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

12

VPLS Reference Model

PE

Customer
Site

PE

Customer
Site

MPLS

PE

Full Mesh of
Pseudowires

Attachment VCs are

Ethernet

Customer
Site

A full mesh of pseudo wires (PWs) is used to connect all

provider edge (PE) devices which support a given VPLS VPN
Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

13

VPLS and Hierarchical VPLS

192.168.11.25/24

VPLS

VPLS

192.168.11.11/24

192.168.11.1/24

- Single flat hierarchy

- MPLS to the EDGE
- MPLS Core

192.168.11.2/24

Hierarchical VPLS
- Two (or More) Tier
Hierarchy
- MPLS or Ethernet
at the Edge
- MPLS Core

H-VPLS
H-VPLS

u-PE
PE-CLE
MTU-s
GE

n-PE
PE-POP
PE-rs

n-PE
PE-POP
PE-rs

ETHERNET EDGE

u-PE
PE-CLE
MTU-s

PW

MPLS CORE

MPLS EDGE

Point-to-Point or Ring
Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

14

Flat VPLS Deployment Model:

Customers Attach Directly to VPLS Service
PE-1
CESITE1

PE-2

MPLS Network

CE-SITE2

PE-3
CE-SITE3

Description: Customers directly attach to VPLS service at Provider

Edge

Suitable for small customer implementations

Simple provisioning
Full mesh of directed LDP sessions required between participating PEs
VLAN and port level support (no QinQ)

Challenge: Limited scalability

Full mesh causes classic scaling issue N*(N-1)/2
Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

15

Hierarchical VPLS Deployment Model:

Hub-and-Spoke
Cisco
7600

Cisco
7600

VPLS/ MPLS
Cisco
7600

Cisco
7600

City 1
STP Domain
Q-in-Q 14

Cisco
7600
STP

STP
City 3
Q-in-Q 20 Domain

City 2
Q-in-Q 10 Domain

Description:
Customers attach to Regional Metro Ethernet networks
VPLS links the Metro Ethernet Regions
Benefit: Scales to support larger Ethernet deployments
Full mesh for core tier (hub) only
A Comprehensive Solution: Robust, Flexible, Scalable, Manageable
Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

16

VPLS Autodiscovery and Signaling

VPN
Discovery

Centralized DNS
Radius Directory Services

Distributed
BGP

Label Distribution
Protocol

Signaling

Autodiscovery: BGP is the

configuration agent
True autodiscovery of VPN members
(e.g., no need to explicitly list them)

Signaling: LDP sets up a

standard PW
PWs signal other information such as
attachment circuit state, sequencing
information, etc.

Autodiscovery
Configuration Steps
1. Establish BGP sessions &
activate it for the
L2VPN/VPLS address-family
2. Create VPLS instance &
associated interfaces to it
3. (Optional) Establish
import/export rules (or use
the default mode)

Cisco IOS supports targeted LDP for

AToM and VPLS
Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

17

Discovery & Signaling

Signaling & discovery are separable parts of L2VPN
establishment
Discovery (finding members of an L2VPN) is a point-tomultipoint task
Signaling (establishing the pseudowires) is a point-to-point
task

By separating the tasks, you can choose a suitable

protocol for each:
LDP, L2TPv3 for PW Signaling
BGP, RADIUS, etc. for Discovery

Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

18

LDP vs. BGP for PW Signaling

For VPLS scaling,
full mesh is not a
significant problem
LDP provides
lighter-weight
solution

LDP
Point-to-Point
Information Only

BGP
Broadcasts All
Information to
All Peers

No Policy

Complex Policy,
Often Changing
Information
Advertised
Can Have
Significant
Churn Due to
Broadcast

Mostly Idle

Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

19

Pseudowire Redundancy:
Protects from Key Potential Faults
Packet Switched
Network

PE2a

CE1

CE2a

PE1
Primary
Pseudowire
PE2b

Attachment
Circuit

Attachment
Circuits
CE2b

Redundant
Pseudowire

Protects from fault in four key areas

1
2
3
4

Presentation_ID

PSN failure due to end-to-end routing failure

PE failure due to HW or SW fault
Attachment circuit failure due to line break
CE failure due to HW or SW fault

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

20

Inter-Autonomous System Pseudowires

AS10
Provider A

AS20
Provider B

Inter-Autonomous System (Inter-AS) model: When a

pseudowire spans at least 2 different service provider or
administrative domains
Goal:
Extend end-to-end pseudowire deployment across multiple ASes
using VPLS
Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

21

Inter-Autonomous Systems:
Pseudowire Switching
Switch Points
AS10
Provider A

AS20
Provider B

Pseudowire switching interconnects pseudowires belonging to

different autonomous systems, thus providing an end-to-end path
Switch point refers to the ASBR where pseudowire switching
is performed
Achieved through inter-working of data and control planes
at the switch point
Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

22

Pseudowire Switching Model

attached-circuit 3
attached-circuit 1

pwvc 11

PE-1

PE-2

pwvc 111

AS 1

pwvc 151

PE-3

AS 2

pwvc 12

Pwvc 112

ASBR-1

ASBR-2 pwvc 152

PE-4

attached-circuit 4

attached-circuit 6

pseudo-wire

pseudo-wire

attached-circuit

pseudo-wire

L2 signalling (UNI)

LDP / L2TPv3

LDP/L2TPv3

LDP / L2TPv3

VPWS

VPWS

VPWS

attached-circuit
L2 signalling (UNI)

Pseudowires that comprise the end-to-end solution can be of the

same (VPLS-to-VPLS) or different types (VPLS-to-AToM)

Each pseudowire segment can independently employ draftmartini or L2TPv3 signaling and encapsulations
The ASBRs are responsible for "cross-connecting" the
pseudowire control channels and pseudowire data planes

Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

23

Manageability &
Cisco Service
Delivery Models

Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

24

Unified L2 VPN Management

Integrated network
management platform
to manage:
Metro Ethernet
Services (switched
as well as Ethernet
transport over MPLS
Core) services.
MPLS BGP VPN
services
AToM (ATM/FR
transport over
MPLS) services
DiffServ/IP/ MPLS
CoS treatment for
MPLS services
above

Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

25

Business Ethernet Services Architecture

Service

EoMPLS PW
EoMPLS PW

Port, 1:1 VLAN

Ethernet

MPLS-VPN

QinQ

Business
L3 VPN

Port, 1:1 VLAN

Port, 1:1 VLAN

Business
E-LAN

Ethernet UNI
MPLS NNI

EoMPLS Pseudowire
EoMPLS PW

VPLS

Ethernet UNI

H-VPLS

MPLS NNI

Port, 1:1 VLAN

Port, 1:1 VLAN

Business
E-LINE

Ethernet UNI
Port, 1:1 VLAN

MPLS NNI

Efficient
Access

Intelligent
Edge

Large Scale
Aggregation

Multiservice
Core

MSE
Access Node

Aggregation Node
E-MSE for MPLS NNI

Distribution Node
MSE

DSL, Ethernet
Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

MPLS / IP
Cisco Confidential

IP, MPLS

MPLS
26

VPLS Deployment
Profiles

Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

27

VPLS for Service Differentiation and Revenue

Growth
PCCW (Hong Kong)
Leading telecommunications
provider
Deployed VPLS on 28
C7600 Series routers &
Catalyst 3750-ME switches
PCCW Limited, the leading communications provider in Hong Kong, deployed a
combination of Cisco 7600 Series routers and Cisco Catalyst 3750 Metro Ethernet
switches to build its VPLS network. PCCW's VPLS architecture allowed it to
converge a number of different services into one network.
"PCCW is pleased to have deployed the Cisco VPLS Carrier Ethernet solution for
the provision of our next generation data services," said Larry Wong, Director of
Marketing and Products of Commercial Group, PCCW Limited based in Hong
Kong. "Cisco's VPLS Carrier Ethernet technology allows us to create service
differentiation and increase revenue growth in the enterprise and commercial
markets, as it enables flexible bandwidth utilization, service customization, multiple
connectivity, and high level of QoS and availability."
Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

28

VPLS for Scalable Ethernet Services

WebPartner
(Denmark)
VPLS-based
Ethernet
broadband
services
Cisco Catalyst
6500 series
switches

Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

29

VPLS Customer Deployment Profiles

SP (USA)
VPLS used to link 16 Metro Ethernet regions
Deployed 80 C7600 running VPLS

Financial (USA)
Deployed VPLS in November 2004
Provides integrated information and technology applications in the
global financial services industry

SP (Brasil)
Developing rollout of triple play services to the DSL and Metro
Ethernet market in the city of So Paulo
Network has independent Layer 2 aggregation domains
interconnected via pseudowires for customers that need to cross
domains
Will use TE and Pseudowire Redundancy on the inter-domain
connections
Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

30

VPLS Customer Deployment Profile

SP (North America)
Converting existing Layer 2 access and aggregation Metro
Ethernet service offering to complete VPLS
Objectives:
Minimize spanning tree domain
Unify routing scheme so VPLS endpoints and multicast video
share the same paths
Simplify troubleshooting by not having divide troubleshooting
between L2 and L3 expert teams
Unify QoS, routing, and convergence policies across all
services

Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

31

Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

32