Tag Archives: 4.1h

4.1.h Describe basic L2VPN — LAN services

  • 4.1.h [i] MPLS-VPLS general principals

VPLS is a technology that allows Multiprotocol Label Switching (MPLS) networks to offer Layer 2 Ethernet services. It provides multipoint Ethernet service as compared to Ethernet over MPLS (EoMPLS) that is point to point. VPLS emulates a virtual IEEE Ethernet bridge network . It uses flooding to communicate MAC address reachability information. VPLS can carry single VLAN within each instance. It supports MAC address aging and replicates broadcast and multicast traffic. A point to point Ethernet Virtual Circuit (EVC) connecting a pair of physical UNIs is also known as Ethernet Wire Service (EWS) or Ethernet Private Line (EPL). EPL provides VLAN transparency and control protocol tunneling are supplied by the implementation of 802.1Q-in-Q tag-stacking technology. Ethernet Virtual Private Line (EVPL) and EPL are also considered E-Line services.

Unlike Layer 3 VPN, there is no routing interaction between customer and service provider networks. ● Multipoint-to-multipoint configuration

● Forwarding of frames based on learned MAC addresses

● Uses virtual forwarding instance (VFI, like VLAN) for customer separation

VPLS Components:

● User-facing PE (U-PE): The U-PE is the device to which the functions needed to take forwarding or switching decisions at the ingress of the provider network.

● Network PE (N-PE): The N-PE is the device to which the signaling and control functions are allocated when a VPLS-PE is distributed across more than one box.

● Virtual switching instance (VSI): Virtual switching instance that serves one single VPLS A VSI performs standard LAN (that is, Ethernet) bridging functions, including forwarding done by a VSI based on MAC addresses and VLAN tags.

● Pseudowire (PW): PWE3 is a mechanism that emulates the essential attributes of a telecommunications service (such as a T1 leased line or Frame Relay) over a PSN.

● Attachment circuit (AC): The physical or virtual circuit attaching (AC) a CE to a PE. An attachment circuit may be, for example, a Frame Relay DLCI, an ATM VPI/ VCI, an Ethernet port, a VLAN, or an MPLS LSP. One or multiple ACs can belong to same VFI.

● VC (virtual circuit): Martini-based data encapsulation, tunnel label is used to reach remote PE, VC label is used to identify VFI. One or multiple VCs can belong to same VFI

Virtual Forwarding Instance (VFI):

● VFI creates L2 multipoint bridging among all ACs and VCs. It’s an L2 broadcast domain such as VLAN.

● Multiple VFIs can exist on the same PE box to separate user traffic such as VLANs.


Signaling uses LDP to establish and tear down PWs. Using LDP as the signaling VPLS control plane does not have inherent support of auto-discovery. Therefore , LDP -VPLS relies on manual configuration to identify all PE routers. MPLS in the core, normal LDP sessions per hop to exchange tunnel label or IGP label. Targeted or directed LDP session between PEs to exchange VC label. Tunnel label is used to forward packet from PE to PE VC label and is used to identify L2VPN circuit.

Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 4775-4779).  . Kindle Edition.



4.1.h Describe basic L2VPN — LAN services

4.1.h [ii] OTV general principals

overlay transport  virtualization

OTV is a “MAC address in or over IP” technique for supporting Layer 2 VPNs to extend LANs over any transport . The transport can be Layer 2 based, Layer 3 based, IP switched, label switched, or anything else as long as it can carry IP packets. By using the principles of MAC routing, OTV provides an overlay that enables Layer 2 connectivity between separate Layer 2 domains while keeping these domains independent and preserving the fault-isolation, resiliency, and load-balancing benefits of an IP-based interconnection.

The core principles on which OTV operates are the use of a control protocol to advertise MAC address reachability information (instead of using data plane learning) and packet switching of IP encapsulated Layer 2 traffic (instead of using circuit switching) for data forwarding. These features are a significant departure from the core mechanics of traditional Layer 2 VPNs. In traditional Layer 2 VPNs, a static mesh of circuits is maintained among all devices in the VPN to enable flooding of traffic and source-based learning of MAC addresses. This full mesh of circuits is an unrestricted flood domain on which all traffic is forwarded. Maintaining this full mesh of circuits severely limits the scalability of existing Layer 2 VPN approaches. At the same time, the lack of a control plane limits the extensibility of current Layer 2 VPN solutions to properly address the requirements for extending LANs across data centers.

OTV uses a control protocol to map MAC address destinations to IP next hops that are reachable through the network core. OTV can be thought of as MAC routing in which the destination is a MAC address, the next hop is an IP address, and traffic is encapsulated in IP so it can simply be carried to its MAC routing next hop over the core IP network. Thus a flow between source and destination host MAC addresses is translated in the overlay into an IP flow between the source and destination IP addresses of the relevant edge devices. This process is called encapsulation rather than tunneling as the encapsulation is imposed dynamically and tunnels are not maintained. Since traffic is IP forwarded, OTV is as efficient as the core IP network and will deliver optimal traffic load balancing, multicast traffic replication, and fast failover just like the core would. OTV also supports detection of multi-homing.

Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 4795-4800).  . Kindle Edition.

The transport can be Layer 2 based, Layer 3 based, IP switched, label switched, or anything else as long as it can carry IP packets.

OTV also supports detection of multi-homing.