l2tp. vpdns. pseudowires, atom. virtual private...

© 2009 Petr Grygarek, Advanced Computer Networks Technologies 1

L2 VPNs.L2 VPNs.

L2TP. VPDNs.L2TP. VPDNs.Pseudowires, AToM.Pseudowires, AToM.

Virtual Private LAN Services. Virtual Private LAN Services. Metro/Carrier Ethernet.Metro/Carrier Ethernet.

Petr GrygPetr Grygáárekrek

2© 2009 Petr Grygarek, Advanced Computer Networks Technologies

Layer 2 VPNsLayer 2 VPNs


Usages of L2 VPNsUsages of L2 VPNs• Server farms/clusters and other L2-dependent Server farms/clusters and other L2-dependent

applicationsapplications• redundancy and load-balancing implementations dependent redundancy and load-balancing implementations dependent

on L2 connectivity (single broadcast domain)on L2 connectivity (single broadcast domain)

• Virtual leased linesVirtual leased lines• Including potential L2 protocol conversion between Including potential L2 protocol conversion between

customer sites (“interworking”)customer sites (“interworking”)• e.g. Ethernet - Frame Relaye.g. Ethernet - Frame Relay

• Virtual Private LANs (multipoint)Virtual Private LANs (multipoint)• Overlay networks with customer routing separated Overlay networks with customer routing separated

from the ISP routingfrom the ISP routing


Comparison of L2 and L3 VPNs (1)Comparison of L2 and L3 VPNs (1)

• Information used by ISP to forward Information used by ISP to forward packets/frames (L3 or L2 headers)packets/frames (L3 or L2 headers)

• Level of customer's control of the routingLevel of customer's control of the routing• Customer routing may be integrated or independent Customer routing may be integrated or independent

on ISP routingon ISP routing


Comparison of L2 and L3 VPNs Comparison of L2 and L3 VPNs (2)(2)

• IP-specific (L3) or multiprotocol (L2)IP-specific (L3) or multiprotocol (L2)• GRE may help to carry L2 traffic over L3 tunnelsGRE may help to carry L2 traffic over L3 tunnels

• Access technologyAccess technology• any IP-based line (L3) or specific L2 technologyany IP-based line (L3) or specific L2 technology

Note that L3 VPN prevails todayNote that L3 VPN prevails today• 80% of ISPs' services80% of ISPs' services


L2VPN Services (1)L2VPN Services (1)• PseudowiresPseudowires

• P2P, Muxed or unmuxed UNIP2P, Muxed or unmuxed UNI• Muxed UNI allows to terminate multiple (separate) VCs on Muxed UNI allows to terminate multiple (separate) VCs on

the same physical interfacethe same physical interface• Muxed UNI possible if L2 framing differentiates between Muxed UNI possible if L2 framing differentiates between

traffic flowstraffic flows• 802.1q, FR, ATM802.1q, FR, ATM

• Various framing optionsVarious framing options• Ethernet (including 802.1q)Ethernet (including 802.1q)• Frame RelayFrame Relay• HDLC, PPPHDLC, PPP• ATM (AAL5 and Cell Relay)ATM (AAL5 and Cell Relay)


L2VPN Services (2)L2VPN Services (2)

• Virtual Private LAN Service (VPLS)Virtual Private LAN Service (VPLS)• Ethernet RelayEthernet Relay• Muxed or unmuxed UNIMuxed or unmuxed UNI

• With muxed UNI, user can connect to multiple VPLS With muxed UNI, user can connect to multiple VPLS instancesinstances

L2VPN service classification does not dictate how L2VPN service classification does not dictate how is the service implemented in the SP core network is the service implemented in the SP core network (EoMPLS, AToM, QinQ, ...)(EoMPLS, AToM, QinQ, ...)


Most Common Implementations of L2 Most Common Implementations of L2 VPN TunnelsVPN Tunnels

• EoMPLSEoMPLS• L2TPv3L2TPv3• GREGRE


EoMPLSEoMPLS

• Ethernet frames over MPLS LSPEthernet frames over MPLS LSP• Unidirectional virtual circuit service (P2P, P2MP)Unidirectional virtual circuit service (P2P, P2MP)

– No L2 destination MAC address lookupNo L2 destination MAC address lookup– No L2 address learningNo L2 address learning

• See http://www.google.cz/url?See http://www.google.cz/url?sa=t&source=web&cd=1&sqi=2&ved=0CBgQFjAA&url=http%3A%2Fsa=t&source=web&cd=1&sqi=2&ved=0CBgQFjAA&url=http%3A%2F%2F211.79.59.247%2FCourse%2FMPLS20050620%2Fslide%2F211.79.59.247%2FCourse%2FMPLS20050620%2Fslide%2FEOMPLS.PPT&rct=j&q=EoMPLS&ei=u_21TMmdFtHPjAe5ha29Aw&u%2FEOMPLS.PPT&rct=j&q=EoMPLS&ei=u_21TMmdFtHPjAe5ha29Aw&usg=AFQjCNEWVl2nIVvJoZnrsLtws9rswKhjHA&cad=rjasg=AFQjCNEWVl2nIVvJoZnrsLtws9rswKhjHA&cad=rja


Any Transport over MPLSAny Transport over MPLS(AToM)(AToM)

• SpecificationsSpecifications

• draft-martini-l2circuit-trans-mpls-07.txt: Transport of Layer 2 Frames over draft-martini-l2circuit-trans-mpls-07.txt: Transport of Layer 2 Frames over MPLSMPLS

• draft-martini-l2circuit-encap-mpls-03.txt: Encapsulation Methods for draft-martini-l2circuit-encap-mpls-03.txt: Encapsulation Methods for Transport of Layer 2 Frames over MPLSTransport of Layer 2 Frames over MPLS

• AToM Technical OverviewAToM Technical Overview

• http://www.informit.com/library/content.aspx?http://www.informit.com/library/content.aspx?b=Troubleshooting_VPNs&seqNum=61b=Troubleshooting_VPNs&seqNum=61


AToM Usages and AdvantagesAToM Usages and Advantages

• Provides traditional L2 connectivity using MPLS coreProvides traditional L2 connectivity using MPLS core• FR/ATM/HDLC/PPP circuitsFR/ATM/HDLC/PPP circuits• Transparent to usersTransparent to users

• All techniques of MPLS TE and MPLS QoS may be All techniques of MPLS TE and MPLS QoS may be applied to reach desirable characteristics of pseudowiresapplied to reach desirable characteristics of pseudowires• Allows the provisioning of QoS-aware virtual leased linesAllows the provisioning of QoS-aware virtual leased lines• 802.1p, FR DE and ATM CLP may be mapped to MPLS 802.1p, FR DE and ATM CLP may be mapped to MPLS

EXP bitsEXP bits


L2 Protocols Supported by AToML2 Protocols Supported by AToM• Ethernet (including 802.1q)Ethernet (including 802.1q)• ATM AAL5 PDUs + OAM cellsATM AAL5 PDUs + OAM cells• Frame Relay + LMIFrame Relay + LMI• ATM Cell RelayATM Cell Relay• PPPPPP• HDLCHDLC• Protocol InterworkingProtocol Interworking

• e.g. FR PVCs<->Ethernet VLANse.g. FR PVCs<->Ethernet VLANs• See example at See example at

http://www.debugall.co.uk/2009/08/03/frame-relay-to-http://www.debugall.co.uk/2009/08/03/frame-relay-to-vlan-interworking-atom/vlan-interworking-atom/


AToM OperationAToM Operation• Frames encapsulated with 2-level label stackFrames encapsulated with 2-level label stack

• Transport label identifies egress PETransport label identifies egress PE• VC label identifies outgoing interface on the egress PEVC label identifies outgoing interface on the egress PE

• Multiple VCs may exist between a pair of PEsMultiple VCs may exist between a pair of PEs

• Directed LDP session between PEs is used to Directed LDP session between PEs is used to distribute VC labelsdistribute VC labels• New LDP TLVs to signal Label-to-VCID mapping and VC New LDP TLVs to signal Label-to-VCID mapping and VC

type were definedtype were defined

• 2 unidirectional LSPs 2 unidirectional LSPs


AToM Control WordAToM Control Word• Carried after label(s) instead of the original L2 headerCarried after label(s) instead of the original L2 header

• Special bits of original L2 headersSpecial bits of original L2 headers• FECN, BECN and DE for Frame RelayFECN, BECN and DE for Frame Relay• CLP for ATMCLP for ATM

• L2 header is reconstructed on the egress PEL2 header is reconstructed on the egress PE• May carry sequence number to avoid out-of-order frame deliveryMay carry sequence number to avoid out-of-order frame delivery

• Out-of-order frames are discardedOut-of-order frames are discarded

• Mandatory for FR and ATM AAL5, optional for other Mandatory for FR and ATM AAL5, optional for other protocolsprotocols• PEs use new LDP TLV to negotiate whether Control Words will be PEs use new LDP TLV to negotiate whether Control Words will be

present present


Virtual Private LAN Service (VPLS)Virtual Private LAN Service (VPLS)

See also See also http://www.h3c.com/portal/Products___Solutions/Technology/MPLS/http://www.h3c.com/portal/Products___Solutions/Technology/MPLS/

VPLS/200701/195598_57_0.htmVPLS/200701/195598_57_0.htm


Virtual Private LANVirtual Private LAN• Ethernet-based any-to-any communication over IP/MPLS Ethernet-based any-to-any communication over IP/MPLS

corecore• Simulates single Ethernet broadcast domainSimulates single Ethernet broadcast domain

• virtual distributed switch that connects together customer's virtual distributed switch that connects together customer's geographically dispersed LANsgeographically dispersed LANs

• Simulates “real” Ethernet bridge over WANSimulates “real” Ethernet bridge over WAN• self-learning of MAC addresses, flooding of frames with self-learning of MAC addresses, flooding of frames with

unknown addresses+broadcasts (+multicasts), MAC address unknown addresses+broadcasts (+multicasts), MAC address withdrawal after topology change (new LDP TLV)withdrawal after topology change (new LDP TLV)

• Sites are connected by pseudowires (PW)Sites are connected by pseudowires (PW)• EoMPLS, L2TPv3EoMPLS, L2TPv3• Much faster convergence in case of failure (LSP rerouting) Much faster convergence in case of failure (LSP rerouting)

comparing with STPcomparing with STP


VPLS AdvantagesVPLS Advantages• For service providers:For service providers:

• May provide a new QoS-aware L2 service on the May provide a new QoS-aware L2 service on the existing MPLS coreexisting MPLS core

• Flexible bandwidth allocationFlexible bandwidth allocation• Compare with core composed from 100Mb/1 Gb/10Gbps Compare with core composed from 100Mb/1 Gb/10Gbps

Ethernet linksEthernet links

• For customers:For customers:• Simple and well-known Ethernet technologySimple and well-known Ethernet technology• The same technology in the carrier network and in The same technology in the carrier network and in

customer's LANcustomer's LAN


Implementaiton of Virtual Distributed Implementaiton of Virtual Distributed Ethernet Switch (1)Ethernet Switch (1)

• Related VFIs (Virtual Forwarding Instances) on PE Related VFIs (Virtual Forwarding Instances) on PE switches constitute broadcast domainswitches constitute broadcast domain• VFI is also called VSI (Virtual Switching Instance)VFI is also called VSI (Virtual Switching Instance)• Similar concept as VRFSimilar concept as VRF

• Full mesh of pseudowires between PE routersFull mesh of pseudowires between PE routers• PWs signalled using BGP or directed LDPPWs signalled using BGP or directed LDP


Implementaiton of Virtual Distributed Implementaiton of Virtual Distributed Ethernet Switch (2)Ethernet Switch (2)

• Control planeControl plane• Autodiscovery – finding other routers participating in Autodiscovery – finding other routers participating in

the same VPN – BGP onlythe same VPN – BGP only• BGP (RFC 4761)BGP (RFC 4761)• LDP (RFC 4762)LDP (RFC 4762)• Other autodiscovery protocols (DNS, ...)Other autodiscovery protocols (DNS, ...)

• Signalling – process of establishing pseudowires – Signalling – process of establishing pseudowires – BGP or LDPBGP or LDP


Pseudowire ImplementationPseudowire Implementation

• stack of two MPLS headersstack of two MPLS headers• Outer (transport) label identifies target PEOuter (transport) label identifies target PE• Inner label identifies pseudowireInner label identifies pseudowire

• PEs associate it with particular VPLS instance (Virtual PEs associate it with particular VPLS instance (Virtual Switching Instance)Switching Instance)

• A local switching table related to particular virtual distributed A local switching table related to particular virtual distributed switchswitch

• Multiple VSIs may exist on the same router Multiple VSIs may exist on the same router • customer separationcustomer separation


VPLS Forwarding Loop AvoidanceVPLS Forwarding Loop Avoidance

• A frame received from one PE is never A frame received from one PE is never forwarded to another PEforwarded to another PE• only to attachment circuits (to CEs)only to attachment circuits (to CEs)• analogy of Split Horizon ruleanalogy of Split Horizon rule• requires full mesh of PWsrequires full mesh of PWs

• Spanning Tree may be applied as an alternativeSpanning Tree may be applied as an alternative• not recommendednot recommended


Problems of VPLS ScalingProblems of VPLS Scaling• Full mesh of PWs between PEs is neededFull mesh of PWs between PEs is needed

• The same is true for control planeThe same is true for control plane• route reflector may help for signalling via IBGProute reflector may help for signalling via IBGP• static configuration of LDP directed sessions is always unscalablestatic configuration of LDP directed sessions is always unscalable

• Signalling and packet replication overheadSignalling and packet replication overhead• A solution is to establish a hierarchy, i.e. divide a A solution is to establish a hierarchy, i.e. divide a

VPLS VPN into 2 tiersVPLS VPN into 2 tiers• Multiple customers are aggregated in 2-nd level and Multiple customers are aggregated in 2-nd level and

connected to the same PE routerconnected to the same PE router

•


Hierarchical VPLSHierarchical VPLS


H-VPLS (1)H-VPLS (1)• 2-tier architecture 2-tier architecture

• analogical to a star topology of spoke switches connected to analogical to a star topology of spoke switches connected to a core switcha core switch

• High-performance core tierHigh-performance core tier• Limited number of PEsLimited number of PEs• Full mesh of virtual circuits Full mesh of virtual circuits • Packet replication and switching function occurs only in the Packet replication and switching function occurs only in the

corecore

• MPLS or (cheaper) QinQ Ethernet-based access tier in MPLS or (cheaper) QinQ Ethernet-based access tier in POPsPOPs• U-PE faces to the customerU-PE faces to the customer• N-PE faces to the coreN-PE faces to the core


H-VPLS (2)H-VPLS (2)

• 11stst layer of H-VPLS hierarchy can be also layer of H-VPLS hierarchy can be also implemented on MPLS cloudimplemented on MPLS cloud• pseudowires over MPLS coudpseudowires over MPLS coud• switching function only in N-PE routerswitching function only in N-PE router


H-VPLS AdvantagesH-VPLS Advantages

• Limited size of the PW full-mesh in the coreLimited size of the PW full-mesh in the core• Cheaper QinQ-based Metro Ethernet technology Cheaper QinQ-based Metro Ethernet technology

in POPs' access networksin POPs' access networks• Expansion of POP network does not require Expansion of POP network does not require

configuration change of core PEs configuration change of core PEs


802.1q and MPLS Tags in H-802.1q and MPLS Tags in H-VPLSVPLS

• Customer tagCustomer tag• Optional, for customers that needs to transport Optional, for customers that needs to transport

802.1q-tagged traffic802.1q-tagged traffic

• Service-provider tagService-provider tag• Appended by ingess QinQ access-layer Ethernet Appended by ingess QinQ access-layer Ethernet

switchswitch• Converted to (inner) MPLS tag on ingres core PE Converted to (inner) MPLS tag on ingres core PE

routerrouter• Identifies VFI on the target PE routerIdentifies VFI on the target PE router

• Transport tagTransport tag• Identifies egress core PE routerIdentifies egress core PE router


Cisco OTV: Alternative to VPLSCisco OTV: Alternative to VPLS• ““Overlay-Transport-Virtualization”Overlay-Transport-Virtualization”• VPLS is based on flooding of frames with VPLS is based on flooding of frames with

unknown destination MAC address and flooding-unknown destination MAC address and flooding-based address learningbased address learning• flooding is not desirable on WANflooding is not desirable on WAN

• Problem with maintenance of PW meshProblem with maintenance of PW mesh• Problem with head-end broadcast replicationProblem with head-end broadcast replication


OTV Principle (1)OTV Principle (1)• The solution is to decouple data plane and The solution is to decouple data plane and

control planecontrol plane• Proactive advertising of MAC address reachabilityProactive advertising of MAC address reachability

• uses well-known multicast groupuses well-known multicast group• Every PE registers to the groupEvery PE registers to the group• Keepalives sent by each edge devices are watched to Keepalives sent by each edge devices are watched to

be able to remove addresses behind failed PEbe able to remove addresses behind failed PE


OTV Principle (2) OTV Principle (2)

• ““Dynamic” tunellingDynamic” tunelling• No pre-defined L2 tunnelsNo pre-defined L2 tunnels• L2 frames over ANY transportL2 frames over ANY transport

• Most commonly IPMost commonly IP


Layer 2 Tunneling Protocol Layer 2 Tunneling Protocol (L2TP)(L2TP)


Layer 2 Tunneling Protocol Layer 2 Tunneling Protocol (L2TP)(L2TP)

• Encapsulates PPP frames into IPEncapsulates PPP frames into IP• Allows to decouple L2 termination point and PPP Allows to decouple L2 termination point and PPP

session termination pointsession termination point• i.e. extend the PPP session over IP backbonei.e. extend the PPP session over IP backbone• Allows remote client to communicate with access server as if Allows remote client to communicate with access server as if

it would be connected directlyit would be connected directly

• Useful for creation of VPDNsUseful for creation of VPDNs


• Connects remote client into private network Connects remote client into private network using shared infrastructureusing shared infrastructure

• L2TPv3 used most often to tunnel L2 traffic over L2TPv3 used most often to tunnel L2 traffic over IPIP• other L2 tunneling protocols may also apply (L2F, other L2 tunneling protocols may also apply (L2F,

PPTP, ...)PPTP, ...)

Virtual Private Dial-up Network Virtual Private Dial-up Network (VPDN)(VPDN)


Authentication and Session Authentication and Session Forwarding in VPDNsForwarding in VPDNs

• L2TP Tunnel termination point is derived from L2TP Tunnel termination point is derived from authentication responseauthentication response• implied by successfully authenticated user's domain implied by successfully authenticated user's domain

namename• passed to LAC as RADIUS attributepassed to LAC as RADIUS attribute

• ISP's AAA hands the semi-finished ISP's AAA hands the semi-finished authentication process to particular customer's authentication process to particular customer's AAA serverAAA server


L2TP DevicesL2TP Devices

• LAC - L2TP Access ConcentratorLAC - L2TP Access Concentrator• Terminates L2 connection from clientTerminates L2 connection from client• Originates L2TP tunnel to LNSOriginates L2TP tunnel to LNS

• LNS – L2TP Network ServerLNS – L2TP Network Server• Terminates PPP sessionTerminates PPP session


L2TPv3L2TPv3

• RFC 3931RFC 3931• Extension of “regular” L2TP that supports Extension of “regular” L2TP that supports

encapsulation of any L2 protocol frames into IPencapsulation of any L2 protocol frames into IP• Control plane provides session signallingControl plane provides session signalling• Data Plane provides tuneling of L2 framesData Plane provides tuneling of L2 frames


L2TPv3 Control Plane (1)L2TPv3 Control Plane (1)• AuthenticationAuthentication

• shared secret (CHAP)shared secret (CHAP)

• Negotiation of session parametersNegotiation of session parameters• Session JDs, Cookies, ...Session JDs, Cookies, ...

• Established by 3-way handshakeEstablished by 3-way handshake• Each end advertises its control connection IDEach end advertises its control connection ID• ReliableReliable

• inclusive acknowledgementsinclusive acknowledgements• keepaliveskeepalives• Hello and Circuit Status messagesHello and Circuit Status messages


L2TPv3 Control Plane (2)L2TPv3 Control Plane (2)

• Uses very simple header + AV pairsUses very simple header + AV pairs• Cookie: optional, cryptographically random number Cookie: optional, cryptographically random number

that extends the Session ID space to protect against that extends the Session ID space to protect against brute force attacksbrute force attacks


L2TPv3 Data PlaneL2TPv3 Data Plane• Session established by control channel Session established by control channel

• or by other control mechanism, including manual or by other control mechanism, including manual configurationconfiguration

• multiple sessions may be associated with single control multiple sessions may be associated with single control channelchannel

• Header contains Session IDHeader contains Session ID• + optional Cookie+ optional Cookie

• Data channel is NOT reliableData channel is NOT reliable• Seq # in header ensures only detection of out-of-order, Seq # in header ensures only detection of out-of-order,

duplicate or missing framesduplicate or missing frames


Metro EthernetMetro Ethernet(Carrier Ethernet)(Carrier Ethernet)


Metro Ethernet ForumMetro Ethernet Forum• Industry alliance Industry alliance

• manufacturers of ME provider devicesmanufacturers of ME provider devices

• DefinesDefines• L2 services delivered over native Ethernet-based L2 services delivered over native Ethernet-based

metro networks or other transport technologies (like metro networks or other transport technologies (like MPLS/IP)MPLS/IP)

• Technologies of carrier-class Ethernet-based transport Technologies of carrier-class Ethernet-based transport networksnetworks

• Architectures, Ethernet OAM extensionsArchitectures, Ethernet OAM extensions

• Develops technical specifications for Carrier Develops technical specifications for Carrier Ethernet implementations and interoperability Ethernet implementations and interoperability (MEF standards)(MEF standards)


Ethernet Operation, Administration, and Ethernet Operation, Administration, and ManagementManagement

• Necessary for provider-class Ethernet-based linksNecessary for provider-class Ethernet-based links• WAN links, Metro EthernetWAN links, Metro Ethernet

• Virtual Circuit Connectivity Verification, Label Virtual Circuit Connectivity Verification, Label Switched Path ping, performance verification,E-Switched Path ping, performance verification,E-LMI etc.LMI etc.

• See See http://www.cisco.com/en/US/prod/collateral/routers/ps368/prhttp://www.cisco.com/en/US/prod/collateral/routers/ps368/prod_white_paper0900aecd804a0266.htmlod_white_paper0900aecd804a0266.html for more details for more details


Metro Ethernet Network Metro Ethernet Network TerminologyTerminology

• User to Network Interface (UNI)User to Network Interface (UNI)• Demarcation point between CE device and MENDemarcation point between CE device and MEN• Uses standard 802.3 PHY and MACUses standard 802.3 PHY and MAC

• Ethernet Virtual Connection (EVC)Ethernet Virtual Connection (EVC)• Connects 2 or more subscriber UNIsConnects 2 or more subscriber UNIs• P2P or multipointP2P or multipoint

• BundlingBundling• 2 or more customer VLANs mapped into a single 2 or more customer VLANs mapped into a single

EVCEVC


Metro Ethernet Services Metro Ethernet Services ClassificationClassification

• P2P or multipoint serviceP2P or multipoint service• Multiplexed / non-multiplexed UNIMultiplexed / non-multiplexed UNI

2 x 2 service options give 4 services types in total2 x 2 service options give 4 services types in total


Metro Ethernet Service Types (1)Metro Ethernet Service Types (1)• E-Line - P2PE-Line - P2P

• Ethernet Private LineEthernet Private Line• Dedicated UNIs (single EVC per UNI)Dedicated UNIs (single EVC per UNI)

• Ethernet Virtual Private LineEthernet Virtual Private Line• Multiplexed UNIs allow customer to connect to multiple EVCs Multiplexed UNIs allow customer to connect to multiple EVCs

by a single physical lineby a single physical line• Replacement of FR and ATMReplacement of FR and ATM

• E-LAN - multipoint L2 VPNE-LAN - multipoint L2 VPN• Ethernet Private LAN ServiceEthernet Private LAN Service

• Dedicated UNIDedicated UNI

• Ethernet Virtual Private LAN ServiceEthernet Virtual Private LAN Service• Multiplexed UNIMultiplexed UNI


Metro Ethernet Service Types (2)Metro Ethernet Service Types (2)

• E-Tree – P2MP services (broadcasting)E-Tree – P2MP services (broadcasting)• Ethernet Private Tree ServiceEthernet Private Tree Service• Ethernet Virtual Private Tree ServiceEthernet Virtual Private Tree Service• Restrict communication between leavesRestrict communication between leaves


ME Service Framework (Service ME Service Framework (Service Attributes)Attributes)

• Characteristics of the service are defined by Characteristics of the service are defined by attributesattributes• Does not prescribe the way how the ME core Does not prescribe the way how the ME core

implements the desired behavior implements the desired behavior • Serves as contract specification between customer and Serves as contract specification between customer and

service providerservice provider

• UNI AttributesUNI Attributes• EVC AttributesEVC Attributes• L2 Control Processing AttributesL2 Control Processing Attributes


UNI Attributes (1)UNI Attributes (1)• UNI ID (arbitrary string)UNI ID (arbitrary string)• Speed (10/100/1000,...)Speed (10/100/1000,...)• Duplex modeDuplex mode• Service multiplexing Service multiplexing

• multipexed/dedicated UNImultipexed/dedicated UNI

• Ingress Bandwidth ProfileIngress Bandwidth Profile• Per-UNI, per-EVC, per-CoSPer-UNI, per-EVC, per-CoS• CIR, EIR, Bc, BeCIR, EIR, Bc, Be


UNI Attributes (2)UNI Attributes (2)

• CE-VLAN-ID to EVC mappingCE-VLAN-ID to EVC mapping• Customer's 802.1q tags may be either preserved, Customer's 802.1q tags may be either preserved,

rewritten or removedrewritten or removed• All VLANs may be bundled into one EVCAll VLANs may be bundled into one EVC


EVC AttributesEVC Attributes

• EVC ID (arbitrary string)EVC ID (arbitrary string)• EVC Type (E-Line/E-LAN)EVC Type (E-Line/E-LAN)• CE VLAN Preservation (Yes/No)CE VLAN Preservation (Yes/No)• CE CoS Preservation (Yes/No)CE CoS Preservation (Yes/No)• Unicast/Multicast/Broadcast frames deliveredUnicast/Multicast/Broadcast frames delivered• EVC Performance – QoS parametersEVC Performance – QoS parameters

• availability, delay, jitter, frame lossavailability, delay, jitter, frame loss


L2 Control Processing AttributesL2 Control Processing Attributes

• Define how L2 control protocols are tunneled Define how L2 control protocols are tunneled over MEN or interact with control protocols in over MEN or interact with control protocols in the MEN corethe MEN core• STP, 802.3x, LACP, 802.1x, GARP, proprietary STP, 802.3x, LACP, 802.1x, GARP, proprietary

protocols (PAgP, VTP, CDP, ...)protocols (PAgP, VTP, CDP, ...)

• Processing Options:Processing Options:• PassPass• DiscardDiscard• PeerPeer


Special Capabilities of Metro Special Capabilities of Metro Ethernet DevicesEthernet Devices

• Advanced manipulation with 802.1q headersAdvanced manipulation with 802.1q headers• push/pop/match+rewritepush/pop/match+rewrite• works with single tags or with sequences of tagsworks with single tags or with sequences of tags

• ME switches allow to divert a group of VLANs ME switches allow to divert a group of VLANs from a trunk to a specific port (Flexible QinQ)from a trunk to a specific port (Flexible QinQ)

• Ethernet OAMEthernet OAM

l2tp. vpdns. pseudowires, atom. virtual private...

Documents