Cisco IOS®MPLS Virtual Private LAN Service (VPLS) Technical Deployment Overview
June 3, 2016 | Author: javier_marcuzzi | Category: N/A
Short Description
Download Cisco IOS®MPLS Virtual Private LAN Service (VPLS) Technical Deployment Overview...
Description
Cisco IOS® MPLS Virtual Private LAN Service (VPLS) Technical Deployment Overview Enabling Innovative Services
© 2004 Cisco Systems, Inc. All rights reserved.
1
Agenda • Introduction • VPLS Technical Overview • VPLS Architectures • Deployment Scenarios • Summary
© 2004 Cisco Systems, Inc. All rights reserved.
2
Introduction
Presentation_ID
© 2003 2004 Cisco Systems, Inc. All rights reserved.
3
Metro Ethernet: Emerging Multiservice Access Opportunity Hosted Videoconferencing Hosted Telephony Telephony Videoconferencing Storage Storage Hosting Hosting Business Business Continuance Continuance Directory Directory Services Services Unified Unified Messaging Messaging Web Web Hosting Hosting Mobile Access Mobile Access Secure Secure E-Mail E-Mail Internet
STB
PSTN
Residential CPE
Multitenant Unit (MTU) Basement Access Device
SP Metro Ethernet Network
100 Mbps Ethernet
Regional Headquarters
Remote Office 1
Ethernet, SONET/SDH, RPR, DWDM/CWDM, MPLS/IP
Remote Office 2
10 Mbps Ethernet
Subscriber © 2004 Cisco Systems, Inc. All rights reserved.
EthernetConnected Branch
EthernetConnected Branch Remote Worker 4
Metro Ethernet: Business Drivers* Enterprise • Business Demands Increased Productivity Peer-to-Peer Applications • Service Expectations Scalable Bandwidth (from 1Mbps to 1Gbps) Customized Services Multipoint Connectivity Operational Simplicity
Service Provider • Revenue Growth New, Differentiated Services Expanded Enterprise Penetration • Cost Efficiencies Network Convergence Flexible Bandwidth Provisioning Best Value for Increased Bandwidth STB
Internet Residential CPE
Multi-Tenant Unit (MTU) Basement Access Device 100 Mbps Ethernet
Regional Headquarters
PSTN Remote Office 1
SP Metro Ethernet Network Ethernet, SONET/SDH, RPR, DWDM/CWDM, MPLS/IP
EthernetConnected Branch Remote Office 2
10 Mbps Ethernet
Subscriber
EthernetConnected Branch Remote Worker
5 © 2004 Ciscohttp://www.cisco.com/en/US/products/hw/routers/ps368/products_white_paper09186a00801df1df.shtml Systems, Inc. All rights reserved. *Cisco VPLS Statement of Direction
The Ethernet Advantage • Connectionless, IP aware-operation • Distributed intelligence • Inexpensive, scalable bandwidth options • L2 VPNs • Point-to-point • Multipoint
• L3 VPNs • High speed transport enables innovative services and applications • Storage, IP video conferencing
• Value added services • IP Telephony • IP video conferencing • High speed, bBusiness class Internet • Managed Security • Managed Storage © 2004 Cisco Systems, Inc. All rights reserved.
6
VPLS Overview for Metro Ethernet Metro A
u-PE
10/100/ 1000 Mpbs
GE Ring
Metro C
PE-AGG Hub & Spoke
Si
P
n-PE
u-PE
C7600
P
n-PE
10/100/ 1000 Mpbs
P
C7600
SONET/SDH Ring
u-PE
u-PE
/ 00 s /1 pb 10 0 M 0 10
DWDM/ CDWM
n-PE
VPLS Network
C7600
Metro B
P
10/100/ 1000 Mpbs
Metro D
•Delivers Ethernet-based multipoint L2 VPN service •Enhances L2 VPN scalability (geographic sites & no. of customers) •Leverages existing SP MPLS Core •Supports operational speeds of GB to 10 GB •On track for IETF standardization: Draft Lasserre-Kompella •Uses familiar Ethernet © 2004 Cisco Systems, Inc. All rights user reserved. network interface
7
VPLS Technical Overview
Presentation_ID
© 2003 2004 Cisco Systems, Inc. All rights reserved.
8
Virtual Private LAN Services (VPLS) VPLS Is An Architecture CE
PE
PE
MPLS
CE
Network
CE
• VPLS defines an architecture that delivers Ethernet Multipoint Services (EMS) over an MPLS network • VPLS operation emulates an IEEE Ethernet bridge • Two VPLS drafts in existance Draft-ietf-l2vpn-vpls-ldp-01 Å Cisco’s Implementation draft-ietf-l2vpn-vpls-bgp-01 © 2004 Cisco Systems, Inc. All rights reserved.
9
VPLS & H-VPLS VPLS
192.168.11.25/24 192.168.11.11/24
• VPLS Direct Attachment Single Flat Hierarchy
192.168.11.1/24
MPLS to the Edge
192.168.11.2/24 192.168.11.12/24
• H-VPLS Two Tier Hierarchy
u-PE PE-CLE MTU-s GE
MPLS or Ethernet Edge
H-VPLS
u-PE PE-CLE MTU-s
n-PE PE-POP PE-rs
n-PE PE-POP PE-rs PW
MPLS Core
Ethernet Edge Point-to-Point or Ring
© 2004 Cisco Systems, Inc. All rights reserved.
MPLS Core
MPLS Edge 10
VPLS Components Attachment Circuit
n-PE
n-PE CE
CE PW PW
Tunnel LSP
CE
CE
PW
Blue VSI Green VSI CE
Full Mesh of PWs between VSIs
CE
n-PE
Legend CE n-PE VSI PW Tunnel LSP
Red VSI
Tu nn
Directed LDP session between participating PEs
SP
Green VSI
L el
Blue VSI
el L
nn Tu
Red VSI
CE
SP
CE
Blue VSI - Customer Edge Device - network facing-Provider Edge - Virtual Switch Instance - Pseudo-Wire - Tunnel Label Switch Path that provides PW transport © 2004 Cisco Systems, Inc. All rights reserved.
Red VSI
11
VPN & VPLS Desirable Characteristics • Auto-discovery of VPN membership Reduces VPN configuration and errors associated with configuration
• Signaling of connections between PE devices associated with a VPN • Forwarding of frames AToM uses Interface based forwarding VPLS uses IEEE 802.1q Ethernet Bridging techniques
• Loop prevention MPLS Core will use a full mesh of PWs and “split-horizon” forwarding H-VPLS edge domain may use IEEE 802.1s Spanning Tree, RPR, or SONET Protection
© 2004 Cisco Systems, Inc. All rights reserved.
12
Cisco VPLS Building Blocks Layer 2 VPN
Point-to-Point Layer 2 VPN
Multipoint Layer 2 VPN
Layer 3 VPN
Forwarding Mechanism
Interface-Based/ Sub-Interface
Ethernet Switching (VFI)
IP Routing
VPN Discovery Signaling
Tunnel Protocol Hardware
DNS
Centralized Radius Directory Services Label Distribution Protocol MPLS
IP
Cisco 7600
Catalyst 6500
Distributed BGP
NMS/ OSS
A Comprehensive Solution: Robust, Flexible, Scalable, Manageable © 2004 Cisco Systems, Inc. All rights reserved.
13
VPLS Auto-discovery & Signaling VPN Discovery Signaling
DNS
Centralized Radius Directory Services
Distributed BGP
Label Distribution Protocol
• Draft-ietf-l2vpn-vpls-ldp-01 does not mandate an auto-discovery protocol Can be BGP, Radius, DNS, AD based
• Draft-ietf-l2vpn-vpls-ldp-01 describes using Targeted LDP for Label exchange and PW signaling PWs signal other information such as Attachment Circuit State, Sequencing information, etc Cisco IOS supports Targeted LDP for AToM and Virtual Private LAN Services
© 2004 Cisco Systems, Inc. All rights reserved.
14
VPLS: Layer 2 Forwarding Instance Requirements A Virtual Switch MUST operate like a conventional L2 switch! Flooding / Forwarding: • MAC table instances per customer and per customer VLAN (L2VRF idea) for each PE • VSI will participate in learning, forwarding process • Uses Ethernet VC-Type defined in pwe3-control-protocol-xx
Address Learning / Aging: • Self Learn Source MAC to port associations • Refresh MAC timers with incoming frames • New additional MAC TLV to LDP
Loop Prevention: • Create partial or full-mesh of EoMPLS VCs per VPLS • Use “split horizon” concepts to prevent loops • Announce EoMPLS VPLS VC tunnels © 2004 Cisco Systems, Inc. All rights reserved.
15
VPLS Overview: Flooding & Forwarding ?
Data
SA
?
• Flooding (Broadcast, Multicast, Unknown Unicast) • Dynamic learning of MAC addresses on PHY and VCs • Forwarding -Physical port -Virtual circuit © 2004 Cisco Systems, Inc. All rights reserved.
16
VPLS Overview: MAC Address Learning 102
Send me traffic with Label 102
PE1
E0/0 Adj 201 E0/0 xxx
MAC 2
Data
MAC 1
MAC 2
Data PE2
VC Label 102 ÅTx Tx Æ VC Label 201
CE
MAC Address MAC 2 MAC 1 MAC x
MAC 1
Send me traffic with Label 201 CE
E0/1
201
MAC Address MAC 2 MAC 1 MAC x
Adj E0/1 102 xxx
• Broadcast, Multicast, and unknown Unicast are learned via the received label associations • Two LSPs associated with an VC (Tx & Rx) • If inbound or outbound LSP is down, then the entire circuit is considered down © 2004 Cisco Systems, Inc. All rights reserved.
17
VPLS Overview: MAC Address Withdrawal LDP Address Withdrawal
X
• Primary link failure triggers notification message • PE removes any locally learned MAC addresses and sends LDP address withdrawal (RFC3036) to remote PEs in VPLS • New MAC TLV is used © 2004 Cisco Systems, Inc. All rights reserved.
18
VPLS Overview: Data Forwarding in Ethernet Edge H-VPLS Topology 2: L2VPN, Ethernet Virtual Circuit Service (Distributed PE)
3550s .1Q
802.3
QinQ U-PE
CE1
133
Ether Type
Full Mesh LDP N-PE
401
Customer VLAN
Data
7600s
SA
N-PE
CE4
MPLS Network
SP VLAN
DA
401
Ether Type
SA
DA
VC Label
• Customer frames / VLANs are forwarded only • Service delimiters are local to PE .1q tags, VC-labels, RFC1483, etc.
• Allows for hierarchical design options © 2004 Cisco Systems, Inc. All rights reserved.
19
VPLS Overview: VPLS Loop Prevention CEs
PEs
MPLS Network
- LDP between VPLS members - EoMPLS PW to each peer
PE view
• Each PE has a P2MP view of all other PEs it sees it self as a root bridge, split horizon loop protection • Full mesh topology obviates STP requirements in the service provider network • Customer STP is transparent to the SP / customer BPDUs are forwarded transparently • Traffic received from the network will not be forwarded back to the network © 2004 Cisco Systems, Inc. All rights reserved.
20
VPLS Overview: VPLS Learning • Unqualified Single port assigned for all customer VLANs Single broadcast domain for all customer VLANs Single MAC address space (no overlap!)
• Qualified Each VLAN has its own VPLS instance A VLAN has its own broadcast space and MAC address space Customer MAC addresses MAY overlap One FIB per customer VLAN Broadcast domain limited to VLAN scope
© 2004 Cisco Systems, Inc. All rights reserved.
21
VPLS Architectures
Presentation_ID
© 2003 2004 Cisco Systems, Inc. All rights reserved.
22
VPLS & H-VPLS VPLS
192.168.11.25/24 192.168.11.11/24
• VPLS Single Flat Hierarchy MPLS to the Edge
192.168.11.1/24
192.168.11.2/24 192.168.11.12/24
• H-VPLS Two Tier Hierarchy
u-PE PE-CLE MTU-s GE
MPLS or Ethernet Edge
H-VPLS
u-PE PE-CLE MTU-s
n-PE PE-POP PE-rs
n-PE PE-POP PE-rs PW
MPLS Core
Ethernet Edge Point-to-Point or Ring
© 2004 Cisco Systems, Inc. All rights reserved.
MPLS Core
MPLS Edge 23
VPLS Overview: Illustrated – Direct Attachment (Flat) Address MAC 1 MAC 2 MAC 3
MAC 2
PE2
PE1, VCID 100 Address MAC 1 MAC 2 MAC 3
CE2
Tx / Rx 102 / 201 E1/1 303 / 203
Tx / Rx E0/0 201 / 102 301 / 103
Address MAC 1 MAC 2 MAC 3
MPLS Network
PE3
CE3 MAC 3
CE1 MAC 1
Tx / Rx 103 / 301 203 / 302 E0/1
PE1
• Port or P-VLAN based membership in the VSI in PEs • All packet replication occurs on PEs © 2004 Cisco Systems, Inc. All rights reserved.
24
VPLS: Configuration Example PE Æ PE Create a L2 VFI with a full mesh of participating VPLS PE nodes 1.1.1.1 / 32 PE-1
PE-2 2.2.2.2 / 32
l2 vfi PE1-VPLS-A manual
MPLS
vpn id 100
Network l2 vfi PE2-VPLS-A manual
neighbor 2.2.2.2 encapsulation mpls
vpn id 100
neighbor 3.3.3.3 encapsulation mpls !
neighbor 1.1.1.1 encapsulation mpls
Interface loopback 0
neighbor 3.3.3.3 encapsulation mpls
PE-3 3.3.3.3 / 32
ip address 1.1.1.1 255.255.255.255
l2 vfi PE3-VPLS-A manual vpn id 100
! Interface loopback 0 ip address 2.2.2.2 255.255.255.255
neighbor 1.1.1.1 encapsulation mpls neighbor 2.2.2.2 encapsulation mpls ! Interface loopback 0 ip address 3.3.3.3 255.255.255.255 © 2004 Cisco Systems, Inc. All rights reserved.
25
VPLS: Configuration Example PE Æ CE CE1
PE-1
PE-2
FE0/0
FE0/0
MPLS Network
Interface fastethernet0/0
PE-3
switchport
Interface fastethernet0/0 switchport
switchport mode dot1qtunnel switchport access vlan 100
switchport mode dot1qtunnel
FE0/1
! Interface vlan 100
CE1
no ip address xconnect vfi PE1-VPLS-A
CE1
switchport access vlan 100 ! Interface vlan 100 no ip address
Interface fastethernet0/1
!
switchport
vlan 100
switchport mode dot1qtunnel
state active
switchport access vlan 100
xconnect vfi PE2-VPLS-A ! vlan 100 state active
! Interface vlan 100 no ip address xconnect vfi PE3-VPLS-A …etc.
© 2004 Cisco Systems, Inc. All rights reserved.
26
VPLS: Sample Output VPLS1#show mpls l2 vc Local intf ------------Vi1 Vi1 Vi1 Vi1 Vi1
Local circuit Dest address VC ID Status -------------------- --------------- ---------- ---------VFI 22.22.22.22 100 DOWN VFI 22.22.22.22 200 UP VFI 33.33.33.33 100 UP VFI 44.44.44.44 100 UP VFI 44.44.44.44 200 UP
PE -1#show vfi PE1 -VPLS-A PE-1#show PE1-VPLS-A WORD VFI name PE -1#show vfi PE1 -VPLS-A PE-1#show PE1-VPLS-A VFI name: VPLSA, state: up Local attachment circuits: Vlan100 Neighbors connected via pseudowires: 2.2.2.2 3.3.3.3 © 2004 Cisco Systems, Inc. All rights reserved.
PE-1
PE-2 MPLS Network
PE-3
27
VPLS: Sample Output (Cont) VPLS1#show mpls l2transport vc vcid 200 detail Local interface: Vi1 up, line protocol up, VFI Destination address: 22.22.22.22, VC ID: 200, VC status: up Tunnel label: imp-null, next hop point2point Output interface: PO2/1, imposed label stack {16} MPLS VC labels: local 18, remote 16 Group ID: local 200, remote 200 MTU: local 1500, remote 1500 Remote interface description: Sequencing: receive disabled, send disabled VC statistics: packet totals: receive 0, send 0 byte totals: receive 0, send 0 packet drops: receive 0, send 0 …..cont…for all VPLS PWs sharing a common VC ID
PE-1
PE-2 MPLS Network
Use common AToM “show” commands
© 2004 Cisco Systems, Inc. All rights reserved.
PE-3
28
VPLS Architecture: Characteristics - Direct Attachment (Flat) Overview: • Okay for small customer implementations • Simple provisioning • Full mesh of directed LDP sessions required between participating PEs • VLAN and Port level support (no QinQ)
Drawbacks: • No hierarchical scalability • Scaling issues: PE packet replication Full mesh causes classic - N*(N-1) / 2 concerns
© 2004 Cisco Systems, Inc. All rights reserved.
29
VPLS & H-VPLS VPLS
192.168.11.25/24 192.168.11.11/24
• VPLS Single Flat Hierarchy MPLS to the Edge
192.168.11.1/24
192.168.11.2/24 192.168.11.12/24
• H-VPLS Two Tier Hierarchy
u-PE PE-CLE MTU-s GE
MPLS or Ethernet Edge
H-VPLS
u-PE PE-CLE MTU-s
n-PE PE-POP PE-rs
n-PE PE-POP PE-rs PW
MPLS Core
Ethernet Edge Point-to-Point or Ring
© 2004 Cisco Systems, Inc. All rights reserved.
MPLS Core
MPLS Edge 30
VPLS Architecture: Architecture – Ethernet Edge H-VPLS 3550s
.1Q
802.3
QinQ
CE2b
Full Mesh LDP n-PE
u-PE
CE1
CE2a
7600s
n-PE
101 102
CE4
MPLS Network 400 401
SP applied VLAN Tags for Customer isolation (PE-VLAN)
n-PE
VPLS functioning between participating PEs
Customer applied VLAN Tags for WG isolation (CEVLAN)
Dot1q Tunneling Data 401
Ether Type
SA
DA
102
Ether Type
SA
© 2004 Cisco Systems, Inc. All rights reserved.
DA 31
VPLS Architecture: Architecture – Ethernet Edge H-VPLS 3550s
.1Q
802.3
CE2b
QinQ
u-PE
CE1
CE2a
7600s
Full Mesh LDP n-PEPoP
101 102
n-PE
CE4
MPLS Network 400 401
SP applied VLAN Tags for Customer isolation (PE-VLAN) Customer applied VLAN Tags for WG isolation (CEVLAN)
Data 401
Ether Type
© 2004 Cisco Systems, Inc. All rights reserved.
n-PE PW – VC Label is imposed at VSI
SA DA 25
VPLS functioning between participating PEs
47 32
VPLS Architecture: Architecture – MPLS Edge H-VPLS L2VPN Router
.1Q
802.3
PE-CLE
CE1
AToM or L2TPv3
PSN CE2a
CE2b
PE-PoP
PE-PoP
CE4
MPLS Network
401
Ether Type
SA
DA
PE-PoP VPLS functioning between participating PEs
Customer applied VLAN Tags for WG isolation (CE-VLAN)
401
Full Mesh LDP
400
SP applied VC-Label & Tunnel LSP Label
Data
7600s
1000
33
© 2004 Cisco Systems, Inc. All rights reserved.
33
VPLS Architecture: Architecture – MPLS Edge H-VPLS L2VPN Router
.1Q
802.3
u-PE
CE1
AToM or L2TPv3
7600s Full Mesh LDP
n-PE
PSN CE2a
CE2b
n-PE
CE4
MPLS Network
400 401
AToM or L2TPv3 Header is now removed.
n-PE
PW – VC & Tunnel labels are imposed
Customer applied VLAN Tags for WG isolation (CE-VLAN)
Data
401
Ether Type
SA
© 2004 Cisco Systems, Inc. All rights reserved.
DA
25
VPLS functioning between participating PEs
47 34
VPLS Architecture: Characteristics – H-VPLS Benefits: • Best for larger scale deployment • Reduction in packet replication and signaling overhead on PEs • Full mesh for core tier (Hub) only • Attachment VCs “virtual switch ports” effected through Layer 2 tunneling mechanisms (AToM, L2TPv3, QinQ) • Expansion affects new nodes only (no re-configuring existing PEs) Drawbacks: • More complicated provisioning • MPLS Edge H-VPLS requires MPLS to u-PE Complex operational support Complex network design Expensive Hardware support © 2004 Cisco Systems, Inc. All rights reserved.
35
VPLS Deployment Scenarios
Presentation_ID
© 2003 2004 Cisco Systems, Inc. All rights reserved.
36
VPLS Deployment: SMB Connectivity SFO-PE
CE-SITE1
NYC-PE
MPLS Network
CE-SITE2
DFW-PE
CE-SITE3
• New Layer 2 multipoint service offering • Enterprise maintains routing and administrative autonomy • Layer 3 protocol independence • Full mesh between customer sites © 2004 Cisco Systems, Inc. All rights reserved.
37
VPLS Deployment: Layer 2 Multipoint Transit Provider CE-1
SP-A
Transit Provider Network
SP-A
VPLS LDP FRoMPLS
CE-1
• SP-As PEs appear back to back and packets are forwarded • No LDP or Route exchange with transit provider • Provides optimal traffic path to carrier’s PE © 2004 Cisco Systems, Inc. All rights reserved.
38
Summary
Presentation_ID
© 2003 2004 Cisco Systems, Inc. All rights reserved.
39
Phase I – Architecture Support Service Definitions Supported Topology 1: L2VPN, Transparent LAN Service (Non-distributed PE)
7600s Full Mesh LDP
dot1Q
802.3
PE-PoP
CE1
PE-PoP
CE4
MPLS Network
Topology 2: L2VPN, Ethernet Virtual Circuit Service (Distributed PE)
3550s .1Q
802.3 CE1
7600s QinQ
PE-CLE 101
© 2004 Cisco Systems, Inc. All rights reserved.
Full Mesh LDP PE-PoP
PE-PoP
CE4
MPLS Network 40
Ethernet Standards Development MEF Ethernet Service Defintion ITU-T Q3/SG13 L2PING & L2TRACE MEF UNI
IEEE 802.1ad
IETF VPLS
IEEE 802.1ad
MEF UNI MEF E-LMI
MEF E-LMI
Ethernet
MPLS
Ethernet
CE
CE
• IETF VPLS is a part of an overall Ethernet solution IEEE 802.1ad Provider Bridges ITU SG12 Ethernet OAM – L2TRACE & L2PING MEF Ethernet E-LMI, E-UNI and Ethernet Service Definitions © 2004 Cisco Systems, Inc. All rights reserved.
41
Cisco VPLS Summary •
Fills L2 multipoint VPN gap between customer requirements and existing L2VPN pointto-point technologies
•
Expands the service portfolio to for existing MPLS networks
•
Has wide-industry support for LDP-based VPLS implementations & wide coordination between Ethernet focused standards bodies (IETF, IEEE, MEF, ITU)
•
Cisco is actively driving development of standards and liaising between Forum’s to ensure the rapid development of standards and interoperable solutions Metro A
Metro D
CE
CE
CE
Metro E
PE
Metro B
C7600
PE
CE
VPLS
PE
Over Service Provider Network PE
C7600
C7600
Metro C
CE
PE C7600
CE
Metro F
C7600
© 2004 Cisco Systems, Inc. All rights reserved.
42
World-Class Customer Support •
2,000 Technical Support Professionals
•
1,600+ Support Engineers* (400 CCIEs) on 24x7
•
630+ Depots and 10,000 Field Engineers in 120 countries*
•
85,000+ Assisted cases/ month
•
321,000 Customer issues resolved/month
•
75% TAC Web resolved: of 25% assisted, 64% were web-initiated
•
98% Material availability
•
92% Orders submitted online, 55% “no touch”
•
60% Change orders submitted online
CustomerAdvocacy AdvocacyMission Mission Customer Acceleratecustomer customersuccess successwith withCisco Ciscothrough through Accelerate innovativeservices servicesand andworld-class world-classpeople, people,partners, partners, innovative process,and andtools. tools. process,
* Internal & Outsource Partners © 2004 Cisco Systems, Inc. All rights reserved.
43
Cisco leads in the MPLS Market Americas EMEA AsiaPac/Japan Some 200 Customers (MPLS Core & L2/L3 Edge)
EBT © 2004 Cisco Systems, Inc. All rights reserved.
Korea Telecom 44
Cisco IOS MPLS Smarter
The The foundation foundation for for more more services services and and more more revenues revenues
Enabling Innovative Faster
A A flexible flexible QoS QoS framework framework to to enable enable migration migration to to aa converged converged infrastructure infrastructure
Services
© 2004 Cisco Systems, Inc. All rights reserved.
Lasting
Extensibility Extensibility to to different different transports transports with with standards standards-based based open open architecture architecture for for investment investment protection protection 45 45
View more...
Comments
