Top Banner
MPLS L3-VPN & L2-VPN application issues
14

MPLS L3-VPN & L2-VPN application issues - TERENA6 MPLS Layer 2 VPN • The concept “ Define a Layer 2 VPN passing through juniper and cisco gear” • Using which ever implementation

Mar 09, 2020

Download

Documents

dariahiddleston
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: MPLS L3-VPN & L2-VPN application issues - TERENA6 MPLS Layer 2 VPN • The concept “ Define a Layer 2 VPN passing through juniper and cisco gear” • Using which ever implementation

MPLS L3-VPN & L2-VPN application issues

Page 2: MPLS L3-VPN & L2-VPN application issues - TERENA6 MPLS Layer 2 VPN • The concept “ Define a Layer 2 VPN passing through juniper and cisco gear” • Using which ever implementation

2

Topics revisited• MPLS VPN• Issues on L3 VPNs• Issues on L2 VPN• End-2-end provisioning mechanism

Page 3: MPLS L3-VPN & L2-VPN application issues - TERENA6 MPLS Layer 2 VPN • The concept “ Define a Layer 2 VPN passing through juniper and cisco gear” • Using which ever implementation

3

MPLS VPN• Separation between forwarding and

routing

• MPLS : technique with integrated approach between topology (routing) and forwarding

• MPLS VPNs: Definitions of isolated routing tables

Page 4: MPLS L3-VPN & L2-VPN application issues - TERENA6 MPLS Layer 2 VPN • The concept “ Define a Layer 2 VPN passing through juniper and cisco gear” • Using which ever implementation

4

MPLS L3 VPNs

• RFC 2547 – RFC 2547bis• Two label stacking• BGP-MP• route targets = VPN colors• Policies = Extended communities

• Hub and spoke• Full Mesh

Juniper - Cisco Interoperability.

Page 5: MPLS L3-VPN & L2-VPN application issues - TERENA6 MPLS Layer 2 VPN • The concept “ Define a Layer 2 VPN passing through juniper and cisco gear” • Using which ever implementation

5

MPLS L3 VPN• Internet access on L3 VPN

– OUTBOUND: ONE static route on PE with global gateway

– INBOUND: MULTIPLE Static routes on every PE for routes of each VPN sites.

• RFC 3107 Label information with BGP !!!– MPLS VPN—Inter-AS—IPv4 BGP Label Distribution – transport IPv4 routes with MPLS labels over a non

MPLS VPN service provider – NO need for any other label distribution protocol

between adjacent LSR – Is this End to End ? !!

Page 6: MPLS L3-VPN & L2-VPN application issues - TERENA6 MPLS Layer 2 VPN • The concept “ Define a Layer 2 VPN passing through juniper and cisco gear” • Using which ever implementation

6

MPLS Layer 2 VPN• The concept “ Define a Layer 2 VPN passing

through juniper and cisco gear”• Using which ever implementation available

(draft martini, kompella)• several drafts are under process at the IETF

for the standardization of VPN layer 2• Martini drafts

– draft-martini-l2circuit-encap-mpls-04.txt– draft-martini-l2circuit-trans-mpls-08.txt

• Kompella drafts – draft-kompella-ppvpn-l2vpn-01.txt

• L2TPv3 !!(without MPLS)• IP based interworking

– draft-shah-ppvpn-arp-mediation-00.txt

Page 7: MPLS L3-VPN & L2-VPN application issues - TERENA6 MPLS Layer 2 VPN • The concept “ Define a Layer 2 VPN passing through juniper and cisco gear” • Using which ever implementation

7

Juniper technology• Layer 2 over MPLS -CCC

– ATM interface• ATM PVC

– POS interfaces• Cisco-HDLC, PPP, Frame Relay

– Ethernet• VLAN (rewrite)

• TCC, VPLS

Page 8: MPLS L3-VPN & L2-VPN application issues - TERENA6 MPLS Layer 2 VPN • The concept “ Define a Layer 2 VPN passing through juniper and cisco gear” • Using which ever implementation

8

Cisco Technology• ATOM

– Any Transport Over MPLS • ATM Cell, • AAl5, • Frame Relay, • PPP, • HDLC, • Ethernet, • dot1q

Page 9: MPLS L3-VPN & L2-VPN application issues - TERENA6 MPLS Layer 2 VPN • The concept “ Define a Layer 2 VPN passing through juniper and cisco gear” • Using which ever implementation

9

Cisco – Juniper Interoperable• Cisco Conf interface GigabitEthernet0/1/1.200

encapsulation dot1Q 1000 ip address 195.251.25.165 255.255.255.252 xconnect 195.251.27.129 200 encapsulation mpls

• Juniper confinterfaces { ge-0/0/0 { vlan-tagging;

encapsulation vlan-ccc; unit 512 { encapsulation vlan-ccc; vlan-id 1000; } }

Page 10: MPLS L3-VPN & L2-VPN application issues - TERENA6 MPLS Layer 2 VPN • The concept “ Define a Layer 2 VPN passing through juniper and cisco gear” • Using which ever implementation

10

New experiments• Multiple site Layer 2 VPNs

– Need of Layer-2 device for passing traffic.– Ethernet switch

• Alternative VPLS service

Page 11: MPLS L3-VPN & L2-VPN application issues - TERENA6 MPLS Layer 2 VPN • The concept “ Define a Layer 2 VPN passing through juniper and cisco gear” • Using which ever implementation

11

New Capabilities• NREN establish p2p Backup Ethernet

connections• Set up a service to automatically

configure backup ports with VLAN configuration

• Based on Web services

Page 12: MPLS L3-VPN & L2-VPN application issues - TERENA6 MPLS Layer 2 VPN • The concept “ Define a Layer 2 VPN passing through juniper and cisco gear” • Using which ever implementation

12

Service Creation and ActivationHigh Level System Architecture

IP EdgeIP Edge

CoreCore

AccessAccess NRENNREN

Juniper

Subscriber Profile

Service Profile

Application Profile

CustomizedNetwork Profile

DNS/DHCP, Radius Server Integration

Subscribers & Services

Directory

Service CreationService

Acct’gRADIUS

CLI - XML

ServiceActivation

Engine

ServiceActivation

Engine

J2EE Web PortalServer Farm

LDAP

CORBA

Plug-in’s

RADIUS

Auth & Accting

OSS Integration

B2B Integration

CORBA

ASG - (SOAP)

Page 13: MPLS L3-VPN & L2-VPN application issues - TERENA6 MPLS Layer 2 VPN • The concept “ Define a Layer 2 VPN passing through juniper and cisco gear” • Using which ever implementation

13

Remote Service Activation ExampleA Simple Overlay B2B NREN Model

2) User A Subscribes to GEANT/NREN Service

Add User to Sub-Dbase2b)

1) GEANT/NREN Offers Services to NREN/User

2c) NREN / User Authenticates

Dynamic Service Activation via CLI/XML4)

Accounting /monitoring data provided to Provider

5)

OSS / ManagementOSS / ManagementCarrier/ Carrier/

Service ProviderService ProviderCampus UserCampus User

Web Application

Accounting /monitoring

Server

L2 VPN L2 VPN InternetworkInternetwork

3) NREN / User B Subscribes to GEANT/NREN Service & Activates the Service

Page 14: MPLS L3-VPN & L2-VPN application issues - TERENA6 MPLS Layer 2 VPN • The concept “ Define a Layer 2 VPN passing through juniper and cisco gear” • Using which ever implementation

14