Layer 2 VPN

L2VPN Concepts:

Layer 2  VPN emulates the behavior of a local area network (LAN) across an internet protocol (IP) or MPLS-enabled IP network allowing Ethernet devices to communicate with each other as if they were connected to a common LAN segment.

Internet service providers (ISPs) would like to replace their Frame Relay (FR) or Asynchronous Transfer Mode (ATM) infrastructures with an IP infrastructure. Accordingly, there is a need for to provide standard ways of using an IP infrastructure to provide a serviceable L2 interface to customers, specifically, to provide standard ways of using an IP infrastructure to provide virtual circuits between pairs of customer sites.

Building a L2VPN system requires coordination between the ISP and the customer. The ISP provides L2 connectivity; the customer builds a network using data link resources obtained from the ISP. In an L2VPN service, the ISP does not require information about a customer’s network topology, policies, routing information, point-to-point links, or if the network has point-to-point links from other ISPs.

The ISP only requires Provider Edge (PE) routers with the following capabilities:

  • Encapsulation of L2 protocol data units (PDU) into layer 3 packets.
  • Inter-connection of any-to-any L2 transports.
  • Emulation of L2 quality-of-service (QoS) over a packet switch network.
  • Ease of configuration of the L2 service.
  • Support for different types of tunneling mechanisms (MPLS (learn MPLS basics) , L2TPv3, IPSec, GRE, and others)
  • L2VPN process databases include all information related to circuits and their connections.

Virtual Circuit Connection Verification on L2VPN:

Virtual Circuit Connection Verification (VCCV) is an L2VPN Operations, Administration, and Maintenance (OAM) feature that allows network operators to run IP-based provider edge (PE)-to-PE keep alive protocol across a specified pseudowire to ensure that the pseudowire data path forwarding does not contain any faults. The disposition PE receives VCCV packets on a control channel, which is associated with the specified pseudowire. The control channel type and connectivity verification type, which are used for VCCV, are negotiated when the pseudowire is established between the PEs for each direction.

Two types of packets can arrive at the disposition egress:

• Type 1—Specifies normal Ethernet over MPLS (EoMPLS) data packets.

• Type 2—Specifies VCCV packets.

Because each of the supported packets requires different handling, the disposition egress code is able to distinguish between these packets. The code checks the status of bit #28 in a control word, which is always present for VCCV packets but not necessary for data packets. Cisco IOS XR software supports Label Switched Path (LSP) VCCV type 1, which uses an inband control word if enabled during signaling. The VCCV echo reply is sent as IPv4 that is the reply mode is IPv4. The reply is forwarded as IP, MPLS, or a combination of both. VCCV pings counters that are counted in MPLS forwarding on the egress side. However, on the ingress side, they are sourced by the route processor (RP) and do not count as MPLS forwarding counters.

Ethernet over MPLS:

Ethernet over MPLS (EoMPLS) provides a tunneling mechanism for Ethernet traffic through an MPLS-enabled Layer 3 (L3) core and encapsulates Ethernet protocol data units (PDUs) inside MPLS packets (using label stacking) to forward them across the MPLS network.

Ethernet over MPLS is presented in the following:

  • EthernetPort Mode
  • VLAN Mode
  • QinQ Mode
  • QinAny Mode