VPLS Techno logy and Its App lications

Xu Minghai ,Mi Zhengkun

（College of Telecommunications and Information Engineering, Nanjing University of Posts and Telecommunications , Nanjing 210003, P. R. China ）

Abstract:Am ong all the metro Ethernet technologies,Virtual Private LAN Service（VPLS）,a Layer 2 Virtual Private Network（L2VPN）technology,has d rawn w ide attention due to its simp licity,re liability,and ease of use.VPLS can imp lement multipoint-to-mu ltipoint interconnection o f Local Area Networks（LAN）in the wide area.Its core elements inc lude the Label Distribution Protocol（LDP）based or Border Gateway Protocol（BGP）based Pseudowire（PW）setup and maintenance on the contro l p lane,Med ia Access Control（MAC）add ress learning on the data p lane,and PW encapsulation on the transport p lane.With hierarchical architecture,VPLS enab les c ross-dom ain Virtual Local Area Network（VLAN）services.Benefitting from its unique technical advantages,VPLS supports a wide variety of app lications inc lud ing L2VPN for VIP custom ers,municipa l comm unications infrastruc ture and personal d istributed services.

O ne of the im portantevolution trends for Ethernet is to use the Multi-Protocol LabelSw itching（MPLS）technology forMAN to carry Ethernetdata frames,so as to p rovide virtualEthernetservices that enab les interconnec tion of geog raphically dispersed LANs［1-2］.

IPand Ethernethave run neck and neck in the investment race ofg lobal telecom industry in recentyears,and EthernetoverMPLS（EoMPLS）outshines the restin grow th［3］.Furthermore,standards organizations such as IEEE,IETF,ITU-Tand Metro EthernetForum（MEF）have conducted an in-dep th research on Ethernetand its derivative technologies.

Provided by the PacketSw itching Network（PSN）,VirtualPrivate LAN Service（VPLS）aims to offerdedicated LAN interconnection service through Pseudow ire（PW）connec tion in p re-estab lished tunnels and falls into the category of Layer2 VirtualPrivate Network（L2VPN）.Theoretically,VPLS can use any type of tunnels,such as MPLS LabelSw itching Path（LSP）,Generic Routing Encapsulation（GRE）,Layer2 Tunneling Protocol（L2TP）and InternetProtocolSecurity（IPsec）extensions,among which the MPLS LSP ismostw idely used.As a significant technology of EoMPLS,VPLS integrates advantages of IP/MPLS,VirtualPrivate Network（VPN）and Ethernetsw itching,and supportsmultipoint-to-multipoint interconnection of LANs across w ide areas.For carriers,L2VPN is sim p le and transparent,and can lowernetwork com p lexity and enhance network interoperability.

This artic le focuses on VPLS technology thatadop ts MPLSLSPas the transport tunneland LabelDistribution Protocol（LDP）as the PW setup signaling,and its app lication.

1 VPLS Network Architecture and Core Technologies

1.1 VPLS Network Architecture

Figure 1 shows the basic network architecture of VPLS,which assumes that each of two corporate customers A and B has three b ranches thatare respec tively located in Areas 1,2 and 3.To interconnect LANs located in these three areas,the carrier configures three devices called Provider Edge（PE）devices respectively in Areas 1,2 and 3.Correspond ing ly,customers have devices d irectly connected w ith the carriernetworks in each LAN.These devices are called Customer Edge（CE）devices,which are connec ted w ith correspond ing PE 1,PE 2 and PE 3 through the AttachmentCircuits（AC）.The types ofAC are independentofVPLS and can be physical/logicalEthernet port,frame relay link,Asynchronous TransferMode（ATM）PermanentVirtual Connection（PVC）oreven Ethernet PW［4-5］.AllPEs interconnec t through LSPs.As shown in Figure 1,two PWs are setup in each LSP,serving customers A and B respectively.PW refers to a bid irectionalemulated point-to-point connection between two nodes,and consists of two unid irec tional LSPs.The carrier transports data streams among LANs in d ifferentareas overpub lic PSN through PE and interconnected PWs,and thus interconnec ts several geog raphically dispersed LANs as a sing le emulated LAN,known as a VPLS instance.The LAN in each area can be deemed as a network segmentof this emulated LAN.The IP/MPLS backbone networkmay consistofone or several interconnected domains and spans a w ide area,so the carrier can p rovide LAN interconnection service thatspans MAN orWAN by the use ofVPLS.From customers'perspective,VPLShelps to sim p lify networking and elim inates the need to change existing network architectures.

▲Figure 1. VPLS network architecture.

As shown in Figure 1,sim ilar to the function ofmultip lexer in a transm ission network,the tunnelbetween PEs carries the agg regated traffic flow ofseveral VPLS instances.The specific p rotocol adop ted for tunnelsetup is sub ject to the tunneling technology app lied,for examp le,in an MPLS network,the LDP can be adop ted for LSP setup.Equalto a demultip lexer,the PW in a LSP carries traffic flow ofa sing le VPLS instance.Each PW is assigned w ith a Pseudow ire Denotation（PWD）,which can be seen as a PW identifier.A VPLS instance can be im p lemented by setting up PW connections between PEs,which need to define related PW controlsignaling by extend ing the use of LSP setup signaling p rotocol.Upon the estab lishmentof VPLS instance,PE functions as an emulated Ethernetb ridge to forward Ethernet frames to corresponding PWs and then to the destination customer LAN,while these frames are transm itted to the PE from a LAN located in certain otherareas belonging to the same customer through AC so as to im p lement LAN interconnection across d ifferentareas.

VPLS p rimarily involves the follow ing three technologies:

（1）Controlp lane technology:PW controlsignaling is used to setup and maintain PW connections［6-8］,which is responsib le for PW setup and teardown,notification ofPW status changes,and PW p rotec tion.

（2）Data p lane technology:Itp rimarily involves the b ridging and forwarding function of PE,especially the MAC add ress learning.

（3）Transportp lane technology:It is PW encapsulation type of VPLS packets.

1.2 LDP-Based PW Setup

Figure 2 shows the network reference modelofPseudow ire Emulation Edge-to-Edge（PW3E）［9］.Forease of illustration,suppose PE 1 is an ing ress routerand PE 2 is an eg ress router.An MPLS LSP is estab lished between PE 1 and PE 2,and multip le PWs can be carried in the LSP;each PW corresponds to one AC between CEand PE;PW emulation transm its the originalservice carried on related ACs;the original service can be any of the types such as frame relay,ATM,Ethernetand IP.The PW connection is setup by adop ting app rop riate signaling p rotocolto realize negotiation between PE1 and PE2 and estab lish the bind ing of PWs and LSPs as wellas the binding of PWs and ACs on related ports.

If the PSN type is MPLS,LDP can be furtherused as the PW setup and maintenance signaling p rotocol.The core concep tof LDP is to estab lish bind ing between MPLS LSP labeland Forward ing Equivalence Class（FEC）.Therefore LDP can be used d irec tly to estab lish bind ing between PWs and LSPs as long as PWs are treated as one of FECs.

For the reasons above,the LDP extension defines two types ofPW FECs:PWid and generalized PWid.The parameter PWtype in PWid defines the PW type,and generally corresponds to originalservices thatare emulated in the PW3E network,such as frame relay,ATM,High-LevelData Link Control（HDLC）,Point-to-PointProtocol（PPP）and Synchronous DigitalHierarchy（SDH）.The parameter PWid specifies a PW of the type,that is,to locate ACs.For the same PW,identicalPWtype and PWid mustbe configured forboth PE 1 and PE 2.Apart from the parameter PWtype,the generalized PWid uses Attachment Group Indicator（AGI）,Source Attachment Individual Identifier（SAII）and TargetAttachment Ind ividual Identifier（TAII）to locate PW related ACs.Where the AGIind icates AC g roup,such as VPN and VLAN identification;the AIIis the Attachment Ind ividual Identifier,used to locate certain AC in the AC g roup;the SAIIand TAIIrespec tively indicate source（localend）and target（remote end）ACs.For VPLSapp lications,the AGI can be set to the VPLS identifier.PWs are meshed and are notused for forwarding,and AC can be located only by the VPLS identifier,so SAIIand TAIIare unnecessary and generally set to zero.

▲Figure 2. PW3E network reference model.

The LDP-based PW setup adop ts the unsolicited downstream labeldistribution mode and liberal labelretentionmode,that is,the eg ress router PE 2 voluntarily initiates PW setup p rocedure by send ing a LabelMapp ing Message（LMM）to the ingress router PE 1.The LMM contains two information elements:One elementis PW FEC,which can be PWid or generalized PWid;the otherelementis LSP label,which adop ts the 20-bit generalized labeldefined in MPLS to realize the bind ing ofMPLS LSPs and PWs.Upon receiving the LMM,PE 1 checkswhether the PW LSP in reverse d irection（PE 2→PE 1）is setup;ifnot,it sends an LMM to PE 2 to estab lish bidirectionalPW connection in a sim ilar way.If PE 1 fails to identify the PW FEC in the LMM,it returns a LabelRelease Message（LRM）to rejec t the request.

▲Figure 3. PW encapsulation format.

After PW setup,PEs can use LDP to exchange PW status,perform PW maintenance and inform other PEs to delete learned MAC add resses so as to speed up forward ing tab le convergence.

1.3 PW Encapsulation

In the PW encapsulation formatshown in Figure 3,PW payload refers to user Ethernet frames transm itted on the PW.The op tionalcontrolword contains a 16-bitsequence numberused by peer PE to checkwhether transm itted Ethernet frames are d isordered,repeated or lost.The need for the controlword in the encapsulation depends on the specific app lication requirementand is ind icated by the PW FEC in the LMM.The PWD is used for PW identification.The LSP label identifies MPLSLSPencapsulation.The link layerand physical layerof MPLS-based PSN are at the bottom.

Afteruser Ethernet frames reach PE through AC,PE first removes the header scramb ling sequence and frame check sequence,and then performs app rop riate p rocessing for possib le labels of Ethernet frames based on PW types.There are two PW types in VPLS app lication:EthernetPWs and Ethernet VLAN PWs.The specific PW type is ind icated in PW FEC.An EthernetPW hand les labels in raw mode,and its p rocessing rules are as follows:

（1）Ifuser Ethernet frames contain service-delim iting tag（which is used to identify services ofdifferentcustomers or services of the same customerw ith d ifferentQoSs）setby the carrier,for exam p le,VPLS instance identifier,ing ress PEwillremove the tag and egress PEmay ormay not re-insert service-delim iting tag depend ing on d ifferent requirements.

（2）Ifuser Ethernet frames contain customer-set tag,forexam p le,VLAN tag,PEw ill reserve the tag.

Therefore,raw user Ethernet frames are transm itted on EthernetPWs atall times.Foran EthernetVLAN PW operating in tagged mode,the p rocessing rules are as follows:

（1）Ifuser Ethernet frames contain service-delim iting tag setby the carrier,forexam p le,VLAN tag to ind icate a VPLS instance,PEw ill reserve the tag,but ifan identifierhas been specified during PW estab lishment,this identifiermustbe used to rep lace the existing VLAN tag.

（2）Ifuser Ethernet frames contain no service-delim iting tag,PEmustadd the tag specified during PW setup,and ifno tag is specified,PE needs to add an emp ty tag.

Therefore,user Ethernet frames transm itted on EthernetVLAN PWs always contain service-delim iting tags.

1.4 MAC Address Learning

PE functions as a VirtualSw itching Instance（VSI）on data p lane and needs to im p lement filtering,learning and forward ing functions as a b ridge.

·Filtering:To check and analyze transm itted Ethernet frames headers.

·Learning:To estab lish forward ing tab le entry by analyzing MAC add ress in frame header,thatis,to estab lish a binding relation between MAC add resses and PWs or ACs.

·Forward ing:To search in the forwarding tab lew ith the destination MAC add ress ofEthernet frames,and forward unicastEthernet frames to PWs or ACs bound to exsiting MAC add resses;to broadcastunicast frames w ith destination MAC add ress unknown orbroadcast frames to allPWs.

Themethod ofMAC add ress learning is described as follows:

（1）If there is no forward ing entry correspond ing to the source MAC add ress ofan Ethernet frame received by PE from AC,PEw illbind the MAC add ress w ith the AC so thatitcan forward any Ethernet frame to ACwhen its destination MAC add ressmatches the bound MAC add ress.

（2）If there is no forwarding entry corresponding to the source MAC add ress ofan Ethernet frame received by PE from PW,PEwillbind the MAC add resswith the PW so that itcan forward any Ethernet frame to PW when its destination MAC add ressmatches the bound MAC add ress.

（3）Each MAC add ress entry is set w ith an aging timer.Ifno Ethernet frame is transm itted using its bound MAC add ress until the timerexpires,this obsolete MAC add ress entryw illbe deleted,which is called add ress aging mechanism.

（4）In the case ofchange in PW or AC status,PE needs to re-operate the bridge learning mechanism.

One of the basic requirements for b ridge forward ing is to avoid loops.The Spanning Tree Protocol（STP）is used in Ethernet to avoid loops,butSTP has a d rawback ofslow convergence.To accelerate the convergence,VPLS adop ts the topology structure in which all PEs are fullymeshed to ensure network connectivity.The frame forward ing com p lies w ith the＂Sp lit-Horizon＂rule,thatis,no PE is allowed to forward frames received from PWs to other PEs through PWs to p revent routing loops.

2 Hierarchical VPLS

In the above-mentioned topology,all PEs are fullymeshed,fora VPLS instance,this equation exists:The numberof PWs=n×（n-1）/2;＂n＂refers to the numberof PEs.When the VPLS network is large in scale,a substantial amountofnetwork resources,signaling overhead and data frame dup licating/p rocessing overhead is required,thus restricting network scalability.Therefore,the Hierarchical VPLS（HVPLS）technology is introduced to divide a VPLSnetwork into two layers:access layerand core layer.Specifically speaking,the devices ataccess layer are c lose to customers;they converge traffic flow ofseveralcustomerareas（CEs）and send it to PE at the core layer through connected PWs,namely,spoke PWs,thus reducing the numberof meshed PWs at the core layer.

The HVPLS network,as shown in Figure 4,contains two types ofaccess layer devices:Multi-TenantUnit-sw itch（MTU-s）and Provider Edge-router（PE-r）.MTU-s,w ith built-in VSI,supports Layer2 sw itching as wellas bridge learning and frame dup lication func tions on allports.CE 1,CE 2 and CE 3 are three sites ofa certain VPLS instance.The VSIofMTU-s im p lements data interac tion among them w ithout send ing data to the core layer.The data stream from CE to peerend is sent to PE1-rs（rs stands for routing and sw itching）in the core layerafterbeing converged by VSI.MTU-s is capab le of sw itching,so only one PW is required for each VPLS instance.As shown in Figure 4,although each CE accesses MTU-s through two ACs,yetonly one spoke PW is required between MTU-s and PE1-rs.MTU-smay also connect w ith severalPEs atcore layer to imp rove reliability.PE-rsupports only routing function and is notcapab le ofbridging.So itis required to setup a PW to directly connect the PE-r to the core PE foreach access AC and data frames from AC w ill be routed to related PWs,so data stream between CE 4 and CE 5 or CE 6mustbe forwarded through PE3-rs.PE-rs devices at the core layerare fully meshed and are capab le ofboth routing and sw itching.The introduc tion of access layerdevices reduces the numberof fullymeshed PE-rs devices and thus enhances VPLS scalability.

Further,the above access layer structure in which access devices are connected to the core layer through spoke PWs can also be extended into Ethernetaccess network.Atp resent,a lotof Ethernetaccess networks support VPLS,and they identify VPLS instances by add ing VLAN tag setby the carriers.In this way,HVPLS is extended into a two-layernetwork consistof access-layer VPLS and core-layer VPLS.Usually both MTU-s and PE-rare called User PE（U-PE）,and PE-rs at the core layer is called Network PE（N-PE）.U-PEand N-PEare no longerd irectly connected through spoke PWs;instead,they are connected by access VPLS network based on IEEE 802.1ad（Q in Q）orMPLS technology.In this way,up to severalthousands ofVPLS customer sites can be converged to access the core network through access networks.Thus the core network of the same scale can p rovide VPLS services formore customers,which w illeffectively enhance VPLS scalability.

▲Figure 4. HVPLS network model.

3 Application of VPLS

The past few decades have w itnessed sw iftdevelopmentand w ide app lication ofEthernet technologies aswellas constantd rop ofEthernetdep loyment cost.As an extension from Ethernet to MAN/WAN,VPLS combines the advantages ofnetwork performance and network scale and offers new op tions for network and service operation.Carriers can flexib ly dep loy VPLS based on customer types and service attributes.Ow ing to its unique technical advantages,VPLS can be w idely app lied in such scenarios as L2VPN for VIP customers,VPLS-based metropolitan communication infrastructure and ind ividuald istributed services.

3.1 L2VPN for VIP Customers

This is themostused app lication of VPLS.Compared w ith L3VPN,VPLS features the follow ing technical advantages:

（1）The usernetwork is relatively independentof the carriernetwork.The latteroffers data isolation and transparent transm ission foruserdata,so as to ensure userdata security and avoid im pacts b roughtby the com p lexity of the carriernetwork.

（2）The im p lementation of Ethernet multipointservices in the MPLS network can com p lementEthernet technologies w ith the advantages ofMPLS technology.

（3）VPLS features technical simp licity/reliability,dep loyment flexibility,and excellentscalability.

Corporate customersmay have b ranches sp read across the whole p rovince,nation and even the g lobe,and therefore,itis a w ise choice to perform L2VPN connec tion ofallb ranches by use of VPLS/HVPLS.When a VPLS network is large（w ith a huge amountof geog raphically dispersed nodes）,HVPLS thatcombines BorderGateway Protocol（BGP）-based VPLS and LDP-based VPLS can be adop ted;BGP is used at the core layerwhile LDP is used at the access layer.

3.2 VPLS-Based Municipal Communications Infrastructure

An operab le and manageab lemunicipal communication network should become a componentofmunicipalinfrastruc ture like water,electricity and gas networks.Figure 5 shows the referencemodelof VPLS-based municipalcommunications infrastructure［10］.The business operation and operation supportsystem is responsib le for the construction,operation and maintenance of MPLS-/VPLS-based municipal communications infrastruc ture.The retail users sign service contracts w ith retail service p roviders.The retailservice p roviders pay traffic fees for the business operation and operation supportsystem.

◀Figure 5.Operation reference model of VPLS-based municipal communications infrastructure.

MPLS/VPLS-based municipal communications infrastruc turemay involvemultip le layers,forexam p le,subsc riber layer,access layer,d istribution layer,localcore layer,regionalcore layer,p rovideraccess layer and p rovider layer.The subscriber layer is responsib le foruseraccess.The access and d istribution layers converge user traffic.The localand regionalcore layers transm itconverged traffic on high-speed backbone links.The service p rovideraccesses to the core layer through the p rovider layerand p rovider access layer.MPLS/VPLS connec ts sw itches at the core layer（inc luding local and regionalcore layers）w ith p rovider-oriented sw itches.The network creates an VPLS instance foreach service,and specifies QoS levelby using the EXP field in the MPLS label.

3.3 Personal Distributed Services

Customer-centered communications mode w illbecome a p rom ising app lication along w ith social developmentand p rog ress,it interconnects PersonalArea Network（PAN）,Home Network（HN）and Office Network（ON）through MAN/WAN,so that users can controldevices and sessions ofall these subnets［11-14］.

In thismode,three ACs can be used to connectPAN,HN and ON gateways to MAN PE respec tively;PE c reates VPLS instances forusers,and connects the forwarders of VPLS instances through PWs.From users'perspective,the VPLS network functions as a＂d istributed＂Ethernetsw itch.By the use ofVPLS,users can conveniently controlsubnet devices and create sessions,and realize secure and reliab le communications anytime anywhere.

4 Conclusions

Bymaking fulluse ofalready dep loyed MPLS networks to p rovide LAN interconnection services for VIP customers and functioning as MAN infrastructure,VPLS has been considered to be one of the significant carrier-c lass Ethernet technologies w ith b road marketp rospec ts.VPLS can be furtherexp lored in the follow ing aspects:·Enhance VPLS reliability by adop ting redundancy and multi-hom ing mechanism;

·Imp rove VPLSnetwork resource utilization through effec tive resource controlw ith guaranteed QoS;

·Constructa service bearermodel foroverlay networks to enhance VPLS capabilities for carrying Value-Added Services（VASs）and converged services.

Finally,itmustbe noted thatVPLS and othermetro Ethernet technologies are com p lementary,and therefore an op timalresultcan be achieved only by making app rop riate selection and combination of these technologies based on ac tualcond itions.