Академический Документы
Профессиональный Документы
Культура Документы
Presentation_ID
Cisco Confidential
L2VPN Fundamentals
EoMPLS
EoMPLS Control and Forwarding Plane A simple EoMPLS Configuration Example
VPLS
Presentation_ID
Cisco Confidential
EoMPLS Overview
Tunnel label VC label Customer PDU
Customer PDU
Pseudowire
MPLS
PE
P
LDP Targeted LDP P LDP
Customer PDU
Attachment Circuit
Attachment Circuit
PE
CE
CE
MPLS in the core, normal LDP sessions per hop to exchange Tunnel label Targeted (AKA directed) LDP session between PEs to exchange VC (AKA PW label) label Tunnel label is used to forward packet from PE to PE VC label is used to identify L2VPN circuit Attachment Circuit (AC) Connection to CE, it could be a physical Ethernet port, a logical Ethernet port, and ATM PVC carrying Ethernet frames, etc Attachment circuit is mapped to EoMPLS PW. It can be 1:1 or N:1 mapping
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Emulated VC signaling is done via directed LDP session between PEs. Information like VC type, VC ID, interface parameter, etc are negotiated via VC signaling
For EoMPLS, it uses two VC types, VC type 4 (Ethernet VLAN) and VC type 5 (Ethernet). 7600 use VC type 5 by default, but can negotiate to VC type 4 per peers request
Presentation_ID
Cisco Confidential
TTL
0 0
Length L2 PDU
Sequence number
L2 Frame
Original customer Ethernet L2 PDUs are transported except the preamble, SFD and FCS. Customer VLAN id may or may not be transported depends on the VC type and if its used as service delimiter. If its VC type 4, service delimiter VLAN id is tunnelled. If its VC type 5, service delimiter VLAN id is not tunnelled
Presentation_ID
Cisco Confidential
CE gig4/48
PE-1
gig4/1
IP/MPLS cloud
ten1/0/0
PE-2
gig6/48
PE-2
PE1#sh mpl l2 bind 100 Destination Address: 10.1.1.2, VC ID: 100 Local Label: 25
Cbit: 0,
VC Type: Ethernet,
GroupID: 0
VC type 5 (Ethernet) CW (0) GroupID: 0 MTU (1500)
MTU: 1500, Interface Desc: n/a VCCV Capabilities: Type 2 Remote Label: 19 Cbit: 0, VC Type: Ethernet, MTU: 1500, Interface Desc: n/a VCCV Capabilities: Type 2
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Statistics Counters
Scalable EoMPLS
switchport
switchport trunk encap dot1q switchport trunk allow vlan 100 Interface vlan 100
10
PFC/DFC
Egress
Scalable EoMPLS Ingress SIP card (SIP400 and ES20) 16K with EVC config 12K with sub-interface config PW doesnt consume system VLAN resource
WAN based (or SVI based or SW) EoMPLS Egress SIP card
No Sub-interface or EVC
Cisco Confidential
Yes SVI
11
L2VPN Fundamentals
EoMPLS VPLS
Concept A simple VPLS example VPLS logical topology
Presentation_ID
Cisco Confidential
12
7600
SVI
SIP
pseudo port
MPLS
pseudo port SVI
VPLS is very similar to SVI based EoMPLS L2 bridging among attachment circuit ports and PW pseudo ports based on MAC address xconnect is configured under SVI Need SIP based card as MPLS uplink port Same EoMPLS data plane, like L2PDU handling etc Whats different?
13
VPLS Components
SVI
PW
AC
SVI
MPLS
SVI
Attachment Circuit (AC) Connection to CE, it could be a physical Ethernet port, a logical Ethernet port, and ATM PVC carrying Ethernet frames, etc. Virtual Circuit (Pseudo Wire) - Full Mesh of P-to-P PWs among participating PEs Virtual Forwarding Instance (VFI) A virtual L2 bridge instance that connects ACs to VCs (PWs) VFI to VLAN is 1-to-1 mapping. One VPLS instance create one L2 broadcast domain which include all the ACs and PWs. Packet is forwarded in this L2 broadcast domain just as regular L2 switch based on MAC address - MAC learning, forwarding, aging, etc is involved
Presentation_ID
Cisco Confidential
14
Since multiple PEs can participate into same L2VPN, it may need auto VPN membership discovery to simplify configuration. Manual membership configuration should be also supported
Presentation_ID
Cisco Confidential
15
DNS
Auto-discovery of VPN membership Reduces VPN configuration and errors associated with configuration. Draft-ietf-l2vpn-vpls-ldp-01 does not mandate an auto-discovery protocol. It can be BGP, Radius, DNS, AD based. 7600 use manual configuration. And support BGP based auto discovery from Barracuda release Signaling of connections between PE devices associated with a VPN. Same as EoMPLS, using directed LDP session to exchange VC information
Note, 7600 supports BGP based VPLS auto discovery. But this is only for VPN membership discovery, it still use directed LDP for EoMPLS signaling.
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential
16
PW
AC
SVI
MPLS
SVI
Flooding/Forwarding
Forwarding based on [VLAN, Destination MAC Address] Unknwon Ucast/Mcast/Broadcast Flood to all ports (IGMP/PIM snooping can be used to constrict multicast flooding. This is supported from Barracuda release)
MAC Learning/Aging/Limit
Dynamic learning based on Source MAC and VLAN Refresh aging timers with incoming packet MAC address table limit per VFI (VLAN)
17
PW
AC
SVI
MPLS
SVI
Customer STP is transparent to the SP / customer BPDUs are dropped or forwarded transparently. VPLS only tunnel BPDU, not participate STP VPLS use full mesh PW + split horizon to achieve redundancy and for loop prevention Full mesh PWs among all the participating PEs Split horizon - Traffic received from the network (PW) will not be forwarded back to the network (PW). Only forwarded to ACs. Exception for H-VPLS with split-horizon turn off
Presentation_ID
Cisco Confidential
18
10.0.2.1 / 32
SVI
N-PE2 10.0.2.2 / 32
SVI
CE2 1.1.1.2 2222.2222.2222
Gig 1/2
MPLS
Gig 6/2
l2 vfi full-vpls manual vpn id 1000 neighbor 10.0.2.2 encapsulation mpls neighbor 10.0.2.10 encapsulation mpls Interface loopback 0 ip address 10.0.2.1 255.255.255.255 Interface vlan 1000 xconnect vfi full-vpls Interface gig 1/2 switchport switchport trunk encap dot1q switchport trunk allow vlan 1000
N-PE10
Gig 1/2
SVI
10.0.2.10 / 32
l2 vfi full-vpls manual vpn id 1000 neighbor 10.0.2.1 encapsulation mpls neighbor 10.0.2.10 encapsulation mpls ! Interface loopback 0 ip address 10.0.2.2 255.255.255.255
Interface vlan 2000 VLAN ID doesnt need to match VPN ID. Its local PE significant no ip address xconnect vfi full-vpls
Interface gig 6/2 switchport switchport trunk encap dot1q switchport trunk allow vlan 2000
Presentation_ID
Cisco Confidential
19
10.0.2.2 10.0.2.10
1000 1000
7604-npe1#sh mac-add vlan 1000 Legend: * - primary entry age - seconds since last seen n/a - not available vlan mac address type learn age ports ------+----------------+--------+-----+----------+-------------------------* 1000 2222.2222.2221 dynamic Yes * 1000 2222.2222.2222 dynamic Yes * 1000 2222.2222.2223 dynamic Yes
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved.
0 Gi1/2 learn from local attachment circuit port 0 10.0.2.2, 1000 learn from PW, NPE2 0 10.0.2.10, 1000 learn from PW, NPE10
Cisco Confidential
20
Show mpls l2 vc
Show mpls l2 binding Show mpls l2 vc detail
7604-npe1#show mpls l2 vc Local intf Local circuit Dest address VC ID Status ------------- -------------------------- --------------- ---------- ---------VFI full-vpls VFI 10.0.2.2 1000 UP VFI full-vpls VFI 10.0.2.10 1000 UP
Presentation_ID
Cisco Confidential
21
IP / MPLS
IP / MPLS
CE
Service Provider Network
CE
.1Q
MPLS
.1Q
MPLS
Presentation_ID
Cisco Confidential
22
10.0.2.1 / 32
MPLS
N-PE2 10.0.2.2 / 32
SVI
CE2 1.1.1.2 2222.2222.2222
Gig 1/2
SVI
Gig 6/2
N-PE10
For Hub PE, both core and access facing port must be SIP based to support VPLS. For access PE neighbors, split-horizon is disabled
SVI
10.0.2.10 / 32
Gig 1/2
CE10 1.1.1.10 2222.2222.222a
MPLS
Frames from Split-Horizon(SH) PW cannot send to other SH PWs, but can be send to NoSplit-Horizon(NSH) PWs. Frames from NSH PWs can send to both SH and NSH PWs On the Hub PE, for frame switched from PW to PW, two stage EoMPLS label imposition/deposition operations are involved.
Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential
23
Presentation_ID
Cisco Confidential
VFI name: h-vpls, state: up, type: multipoint VPN ID: 999 Local attachment circuits: Vlan999 Neighbors connected via pseudowires: Peer Address VC ID S 10.0.2.4 999 N split-horizon is disabled for spoke PE 10.0.2.3 999 N 10.0.2.2 999 Y 10.0.2.1 999 Y
Presentation_ID
Cisco Confidential
25
26
Presentation_ID
Cisco Confidential
27