networks - L2 VPNs

MPLS Layer 2 VPNs

Offers complete separation between provider and customer networks since there is no route exchange.
This is the same approach as overlay models (e.g. FR, ATM).
Carrier customer's layer 2 frames from one site to another transparently, and is hence independent of layer 3 protocols:
- can carry IPv4, IPv6, IPX, DECnet, etc.
Can provide:
- point-to-point connectivity.
- multi-point connectivity.

Martini draft uses "VC" concept:
- an LSP can carry multiple VCs.
- a VC acts like a circuit carrying customer layer 2 frames.
A VC is an LSP within the original tunnel LSP:
- the tunnel LSP provides the tunnel between two PE routers.
- a VC carries frames for a given customer only.
- VCs are uni-directional, so a pair is needed for bi-directional communications.
- the customer frame is encapsulated in two labels:

L2 Header – Label 1 – Label 2 – Optional Control Word – Tagged / Untagged Ethernet Payload

Label 1 is for the tunnel LSP

Label 2 is for the VC

Frames are sent between multiple customer sites within a VPN:
- sent only to the PE that connects to the target site (based on destination MAC).
- VPLS: Virtual Private LAN Services (draft Kompella).
Builds full mesh of VCs (x2 because of uni-directionality of VCs) between member PEs in a VPN:
- VPLS uses LDP (* see below) to exchange VC labels between PE routers.
VPN ID = 32 bits (?)
PE routers learn MAC addresses just like normal switches, but only on received frames over VCs:
- if CE → PE frame destination MAC is not known, then the frame is flooded over all VCs in that VPN.
PE routers maintain layer 2 forwading table: VFI = Virtual Forwarding Instance.
PE routers do not have to run STP because of split horizon:
- customer frames received on a VCs can only be forwarded to an attached customer CE router (i.e. not back over any VC).

BGP: draft Kireeti Kompella (Juniper

LDP: draft Vach Kompella (Alcatel-Lucent)