You are previewing Layer 2 VPN Architectures.
O'Reilly logo
Layer 2 VPN Architectures

Book Description

A complete guide to understanding, designing, and deploying Layer 2 VPN technologies and pseudowire emulation applications

  • Evaluate market drivers for Layer 2 VPNs

  • Understand the architectural frame-work and choices for Layer 2 VPNs, including AToM and L2TPv3

  • Grasp the essentials of Layer 2 LAN and WAN technologies

  • Examine the theoretical and operational details of MPLS and LDP as they pertain to AToM

  • Understand the theoretical and operational details of Layer 2 protocols over L2TPv3 in IP networks

  • Learn about Layer 2 VPN bridged and routed interworking and Layer 2 local switching

  • Understand the operation and application of Virtual Private LAN Services (VPLS)

  • Learn about foundation and advanced AToM and L2TPv3 topics through an extensive collection of case studies 

  • The historical disconnect between legacy Layer 2 and Layer 3 VPN solutions has forced service providers to build, operate, and maintain separate infrastructures to accommodate various VPN access technologies. This costly proposition, however, is no longer necessary. As part of its new Unified VPN Suite, Cisco Systems® now offers next-generation Layer 2 VPN services like Layer 2 Tunneling Protocol version 3 (L2TPv3) and Any Transport over MPLS (AToM) that enable service providers to offer Frame Relay, ATM, Ethernet, and leased-line services over a common IP/MPLS core network. By unifying multiple network layers and providing an integrated set of software services and management tools over this infrastructure, the Cisco® Layer 2 VPN solution enables established carriers, IP-oriented ISP/CLECs, and large enterprise customers (LECs) to reach a broader set of potential VPN customers and offer truly global VPNs.

    Layer 2 VPN Architectures is a comprehensive guide to consolidating network infrastructures and extending VPN services. The book opens by discussing Layer 2 VPN applications utilizing both AToM and L2TPv3 protocols and comparing Layer 3 versus Layer 2 provider-provisioned VPNs. In addition to describing the concepts related to Layer 2 VPNs, this book provides an extensive collection of case studies that show you how these technologies and architectures work. The case studies include both AToM and L2TPv3 and reveal real-world service provider and enterprise design problems and solutions with hands-on configuration examples and implementation details. The case studies include all Layer 2 technologies transported using AToM and L2TPv3 pseudowires, including Ethernet, Ethernet VLAN, HDLC, PPP, Frame Relay, ATM AAL5 and ATM cells, and advanced topics relevant to Layer 2 VPN deployment, such as QoS and scalability.

    Table of Contents

    1. Copyright
      1. Dedications
    2. About the Authors
    3. About the Technical Reviewers
    4. Acknowledgments
    5. Icons Used in This Book
    6. Command Syntax Conventions
    7. Introduction
      1. Goals and Methods
      2. How This Book Is Organized
    8. I. Foundation
      1. 1. Understanding Layer 2 VPNs
        1. Understanding Traditional VPNs
          1. Legacy Layer 2 VPNs
          2. Layer 3 VPNs
          3. Challenges of Traditional VPNs
        2. Introducing Enhanced Layer 2 VPNs
        3. Summary
      2. 2. Pseudowire Emulation Framework and Standards
        1. Pseudowire Emulation Overview
          1. Network Reference Model
          2. Protocol Layer and System Architecture
            1. Native Service Processing
            2. Pseudowire Encapsulation Processing
          3. Transporting over the PSN
          4. Setting Up a Pseudowire
        2. Pseudowire Emulation Standardization
          1. IETF Working Groups
          2. Layer 2 VPN Architectures on Pseudowire Emulation
            1. draft-martini
            2. draft-kompella
          3. Other Layer 2 VPN Architectures
        3. Summary
      3. 3. Layer 2 VPN Architectures
        1. Legacy Layer 2 VPNs
          1. Frame Relay and ATM
          2. Data Link Switching
          3. Virtual Private Dial-Up Network
        2. Any Transport over MPLS Overview
          1. Using Label Stacking in AToM
          2. Layer 2 Protocols Supported by AToM
          3. Deciding Whether to Use AToM
            1. Existing Network Installation Base
            2. Advanced Network Services
            3. Interoperability
            4. Network Operation Complexity
        3. Layer 2 Tunnel Protocol Version 3 Overview
          1. L2TPv3 Operations
          2. Layer 2 Protocols Supported by L2TPv3
          3. Deciding Whether to Use L2TPv3
            1. Existing Network Installation Base
            2. Advanced Network Services
            3. Interoperability
            4. Network Operation Complexity
        4. Summary
    9. II. Layer 2 Protocol Primer
      1. 4. LAN Protocols
        1. Ethernet Background and Encapsulation Overview
        2. Metro Ethernet Overview
        3. Metro Ethernet Service Architectures
        4. Understanding Spanning Tree Protocol
          1. Spanning-Tree Operation Overview
          2. Drawbacks of a Spanning-Tree Implementation in Today’s Networks
        5. Pure Layer 2 Implementation
        6. 802.1q Tunneling
          1. 802.1. q and 802.1p Tagging
          2. Understanding How 802.1q Tunneling Works
          3. 802.1q Tunneling Guidelines and Restrictions
        7. Summary
      2. 5. WAN Data-Link Protocols
        1. Introducing HDLC Encapsulation
        2. Introducing PPP Encapsulation
        3. Understanding Frame Relay
          1. Encapsulation
          2. Frame Relay Link Management Interface Protocol
            1. Status Enquiry Message Frame
            2. Status Message Frame
            3. Update Status Message Frame
            4. Comparing Gang of Four LMI with Annex A and Annex D
          3. Managing Traffic
            1. Frame Relay Traffic Policing
            2. Frame Relay Traffic Shaping
        4. Understanding ATM
          1. Encapsulation
            1. ATM Adaptation Layer
            2. ATM Cell Structure
        5. ATM Management Protocols: ILMI and OAM
          1. Managing Traffic
            1. ATM Traffic Policing
              1. CBR.1 Traffic Policing
              2. VBR.1 Traffic Policing
              3. VBR.2 Traffic Policing
              4. VBR.3 Traffic Policing
              5. UBR.1 Traffic Policing
              6. UBR.2 Traffic Policing
            2. ATM Traffic Shaping
        6. Summary
    10. III. Any Transport over MPLS
      1. 6. Understanding Any Transport over MPLS
        1. Introducing the Label Distribution Protocol
          1. LDP Protocol Components
          2. Discovery Mechanisms
            1. LDP Basic Discovery
            2. LDP Extended Discovery
          3. Session Establishment
          4. Label Distribution and Management
            1. Label Binding
            2. LDP Advertisement Message
            3. Label Advertisement Mode
            4. Label Distribution Control Mode
            5. Label Retention Mode
          5. LDP Security
        2. Understanding AToM Operations
          1. Pseudowire Label Binding
          2. Establishing AToM Pseudowires
          3. Control Word Negotiation
          4. Using Sequence Numbers
          5. Pseudowire Encapsulation
            1. ATM
            2. Frame Relay
            3. HDLC
            4. PPP
            5. Ethernet
        3. Summary
      2. 7. LAN Protocols over MPLS Case Studies
        1. Understanding Ethernet over MPLS Technology
          1. EoMPLS Label Stack
            1. Packet Format
            2. MTU Size Requirements
          2. Supported VC Types
          3. Label Imposition
          4. Label Disposition
        2. EoMPLS Transport Case Studies
          1. Case Study 7-1: Router to Router—Port Based
            1. Configuring Port Transparency
            2. Verifying and Troubleshooting Port Transparency Operation
          2. Case Study 7-2: Router to Router—VLAN Based
            1. Configuring VLAN-Based EoMPLS on PE Routers
            2. Configuring VLAN-Based EoMPLS on CE Routers
            3. Verifying and Troubleshooting the Configuration
          3. Case Study 7-3: VLAN Rewrite
          4. Case Study 7-4: Switch to Switch—VLAN Based
            1. Configuring VLAN-Based EoMPLS on PEs
            2. Supervisor Engine 2-Based System Configuration
            3. SUP720-3BXL—Based System Configuration
            4. Configuring VLAN-Based EoMPLS on the CE Switches
            5. Verifying and Troubleshooting the Configuration
          5. Case Study 7-5: Switch to Switch—Port Based
            1. Configuring Port-Based EoMPLS on the SanFran Switch
            2. Configuring Port-Based EoMPLS on the NewYork Switch
          6. Case Study 7-6: VLAN Rewrite in Cisco 12000 Series Routers
            1. Verifying and Troubleshooting the Configuration
            2. Port VLAN ID Inconsistency Issue
          7. Case Study 7-7: Map to Pseudowire
        3. Common Troubleshooting Techniques
          1. Troubleshooting EoMPLS on Routers
          2. Debugging EoMPLS Operation on PE Routers
          3. Troubleshooting EoMPLS on Switches
        4. Summary
      3. 8. WAN Protocols over MPLS Case Studies
        1. Setting Up WAN over MPLS Pseudowires
          1. Control Plane
          2. Pseudowire Types Used
          3. Data Plane Encapsulation
          4. Usage of the Control Word
          5. MTU Requirements
        2. Introducing WAN Protocols over MPLS
          1. HDLC over MPLS
          2. PPP over MPLS
          3. Frame Relay over MPLS
          4. ATM over MPLS
            1. Encapsulations and Packet Format for AAL5 Transport
            2. Encapsulations and Packet Format for Cell Transport
        3. Configuring WAN Protocols over MPLS Case Studies
          1. Case Study 8-1: HDLC over MPLS
            1. Configuring HDLCoMPLS
            2. Verifying HDLCoMPLS
            3. Troubleshooting HDLCoMPLS
          2. Case Study 8-2: PPP over MPLS
            1. Configuring PPPoMPLS
            2. Verifying and Troubleshooting PPPoMPLS
          3. Case Study 8-3: Frame Relay DLCI over MPLS
            1. Configuring Frame Relay DLCI over MPLS
            2. Verifying and Troubleshooting Frame Relay DLCI over MPLS
          4. Case Study 8-4: ATM AAL5 SDU over MPLS
            1. Configuring AAL5oMPLS
            2. Verifying and Troubleshooting AAL5oMPLS
          5. Case Study 8-5: ATM Cell over MPLS
            1. Configuring CRoMPLS
            2. Verifying CRoMPLS
        4. Advanced WAN AToM Case Studies
          1. Case Study 8-6: Decoding LDP Label Mapping and Pseudowire ID FEC Elements
          2. Case Study 8-7: AToM Hardware Capabilities
          3. Case Study 8-8: Packed Cell Relay over MPLS
            1. Configuring Cell Packing
            2. Verifying Cell Packing Configuration and Operation
          4. Case Study 8-9: Understanding Different ATM Transfer Modes
            1. AAL5 CPCS-SDU Mode
            2. Single Cell Relay Mode
            3. Packed Cell Relay Mode
        5. Summary
      4. 9. Advanced AToM Case Studies
        1. Load Sharing
          1. Case Study 9-1: Unequal-Cost Multipath
          2. Case Study 9-2: Equal-Cost Multipath
        2. Preferred Path
          1. Case Study 9-3: Configuring Preferred Path Using IP Routing
          2. Case Study 9-4: Configuring a Preferred Path Using MPLS Traffic Engineering Tunnels
        3. Case Study 9-5: Protecting AToM Pseudowires with MPLS Traffic Engineering Fast Reroute
        4. Case Study 9-6: Configuring AToM Pseudowire over GRE Tunnel
        5. Pseudowire Emulation in Multi-AS Networks
          1. Case Study 9-7: Interconnecting Pseudowires with Dedicated Circuits
          2. Case Study 9-8: BGP IPv4 Label Distribution with IGP Redistribution
          3. Case Study 9-9: BGP IPv4 Label Distribution with IBGP Peering
        6. Case Study 9-10: Configuring LDP Authentication for Pseudowire Signaling
        7. Verifying Pseudowire Data Connectivity
          1. Case Study 9-11: Advertising the VCCV Capability
          2. Case Study 9-12: Verifying Data Plane Connectivity
        8. Quality of Service in AToM
          1. Case Study 9-13: Traffic Marking
          2. Case Study 9-14: Traffic Policing
          3. Case Study 9-15: Queuing and Shaping
          4. Case Study 9-16: Intermediate Markings
          5. Case Study 9-17: Layer 2–Specific Matching and Setting
            1. Ethernet over MPLS QoS
            2. Frame Relay over MPLS QoS
            3. ATM over MPLS QoS
        9. Summary
    11. IV. Layer 2 Tunneling Protocol Version 3
      1. 10. Understanding L2TPv3
        1. Universal Transport Interface: L2TPv3’s Predecessor
        2. Introducing L2TPv3
          1. L2TPv3 Data Encapsulation
            1. Packet-Switched Network Layer
            2. Demultiplexing Sublayer
            3. Encapsulation Sublayer
          2. L2TPv3 Control Connection
            1. Control Message Encapsulation
            2. L2TPv3 Control Channel Signaling
        3. Summary
      2. 11. LAN Protocols over L2TPv3 Case Studies
        1. Introducing the L2TPv3 Configuration Syntax
          1. xconnect Command Syntax
          2. pseudowire-class Command Syntax
          3. l2tp-class Command Syntax
        2. LAN Protocols over L2TPv3 Case Studies
          1. Case Study 11-1: Ethernet Port-to-Port Manual Session
            1. Ethernet Port-to-Port Manual Configuration
            2. Verifying Ethernet Port-to-Port Manual Session
            3. Ethernet Port-to-Port L2TPv3 Data Plane Details
          2. Case Study 11-2: Ethernet Port-to-Port Manual Session with Keepalive
            1. Ethernet Port-to-Port Manual Session with Keepalive Configuration
            2. Ethernet Port-to-Port Manual Session with Keepalive Verification
            3. Ethernet Port-to-Port Manual Session with Keepalive Control Plane Details
          3. Case Study 11-3: Ethernet Port-to-Port Dynamic Session
            1. Ethernet Port-to-Port Dynamic Configuration
            2. Ethernet Port-to-Port Dynamic Session Verification
            3. Ethernet Port-to-Port Dynamic Session Control Plane Details
          4. Case Study 11-4: Ethernet VLAN-to-VLAN Dynamic Session
            1. Ethernet VLAN-to-VLAN Dynamic Configuration
            2. Ethernet VLAN-to-VLAN Dynamic Session Verification
            3. Ethernet VLAN-to-VLAN Dynamic Session Control Plane Details
            4. Ethernet VLAN-to-VLAN Frame Encapsulation
        3. Summary
      3. 12. WAN Protocols over L2TPv3 Case Studies
        1. WAN Protocols over L2TPv3 Technology Overview
          1. Control Plane
          2. Data Plane
          3. Using the Layer 2-Specific Sublayer
          4. MTU Considerations
          5. HDLC and PPP over L2TPv3
          6. Frame Relay over L2TPv3
          7. ATM over L2TPv3
        2. Configuring WAN Protocols over L2TPv3 Case Studies
          1. Case Study 12-1: HDLC over L2TPv3 with Static Session
            1. Configuring HDLCoL2TPv3
            2. Verifying HDLCoL2TPv3
            3. Data Plane Details
          2. Case Study 12-2: PPP over L2TPv3 with Dynamic Session
            1. Configuring PPPoL2TPv3
            2. Verifying PPPoL2TPv3
            3. Control Plane Negotiation
            4. Data Plane Details
          3. Case Study 12-3: Frame Relay DLCI over L2TPv3 with Dynamic Session
            1. Configuring FRoL2TPv3
            2. Verifying FRoL2TPv3
            3. Data Plane Details
          4. Case Study 12-4: AAL5 SDU over L2TPv3 with Dynamic Session
            1. Configuring AAL5_SDUoL2TPv3 with Dynamic Session
            2. Verifying AAL5_SDUoL2TPv3
            3. Control Plane Details
            4. Data Plane Details
          5. Case Study 12-5: ATM Cell Relay over L2TPv3 with Dynamic Session
            1. Configuring ATM_CRoL2TPv3 with Dynamic Session
            2. Verifying ATM_CRoL2TPv3
            3. Cell Relay Details
        3. Summary
      4. 13. Advanced L2TPv3 Case Studies
        1. Case Study 13-1: L2TPv3 Path MTU Discovery
          1. The Problem: MTU and Fragmentation with L2TPv3
          2. The Solution: Path MTU Discovery
            1. Understanding PMTUD
            2. Implementing PMTUD
          3. Combining PMTUD with DF Bit
        2. Advanced ATM Transport over L2TPv3
          1. Case Study 13-2: ATM OAM Emulation
          2. Case Study 13-3: ATM Cell Packing
        3. Quality of Service
          1. Case Study 13-4: Traffic Marking
            1. ToS Setting
            2. ToS Reflection
            3. MQC IP Precedence or DSCP Setting
          2. Case Study 13-5: Traffic Policing
          3. Case Study 13-6: Queuing and Shaping
          4. Case Study 13-7: Layer 2-Specific Matching and Setting
        4. Summary
    12. V. Additional Layer 2 VPN Architectures
      1. 14. Layer 2 Interworking and Local Switching
        1. Layer 2 Interworking Technology Overview
          1. Bridged Interworking
          2. Routed Interworking
          3. Interworking MTU Considerations
        2. Layer 2 Interworking Case Studies
          1. Ethernet (Bridged) Interworking Case Studies
            1. Case Study 14-1: Ethernet-to-VLAN Using AToM
            2. Case Study 14-2: Ethernet-to-VLAN Using L2TPv3
            3. Case Study 14-3: ATM AAL5-to-VLAN Using AToM
            4. Ethernet-VLAN IW Switch Environment Considerations
          2. Routed Interworking
            1. Case Study 14-4: Frame Relay-to-VLAN Using AToM
            2. Case Study 14-5: Frame Relay-to-PPP Using L2TPv3
            3. Case Study 14-6: IP L2-Transport MTU Considerations
            4. Case Study 14-7: Frame Relay-to-ATM Interworking Best Practices
        3. Layer 2 Local Switching
          1. Case Study 14-8: Frame Relay-to-Frame Relay Local Switching
          2. Case Study 14-9: ATM-to-ATM Local Switching
          3. Case Study 14-10: Ethernet-to-Ethernet Local Switching
        4. Layer 2 Local Switching with Interworking
          1. Case Study 14-11: Ethernet-to-VLAN Local Switching
          2. Case Study 14-12: ATM Attachment Circuits and Local Switching
        5. Understanding Advanced Interworking and Local Switching
          1. connect Command
          2. Encapsulation
            1. Encapsulation 1: Ethernet-to-VLAN Local Switching Ethernet IW
            2. Encapsulation 2: Frame Relay-to-VLAN IP IW Using AToM
            3. Encapsulation 3: VLAN-to-Ethernet Bridged IW Using L2TPv3
            4. Encapsulation 4: Frame Relay-to-PPP IP-IW Using L2TPv3
        6. Summary
      2. 15. Virtual Private LAN Service
        1. Understanding VPLS Fundamentals
          1. Service Definitions
          2. Virtual Switch
          3. VPLS Forwarding and Flooding
          4. VPLS Signaling
        2. VPLS Deployment Models
          1. Basic Topologic Models
            1. Full Mesh
            2. Hub and Spoke
            3. Partial Mesh
          2. Hierarchical VPLS
            1. Hierarchical VPLS with MPLS Access Network
            2. Hierarchical VPLS with QinQ Access Network
          3. VPLS Redundancy
        3. VPLS Configuration Case Studies
          1. Case Study 15-1: Basic Configuration
            1. Configuring Attachment Circuit
              1. Configuring the Access Mode
              2. Configuring the Trunk Mode
              3. Configuring dot1q-tunnel Mode
            2. Configuring VFI
            3. Associating Attachment Circuits to the VFI
            4. Configuration Example
          2. Case Study 15-2: Per-VLAN MAC Address Limiting
          3. Case Study 15-3: Quality of Service
          4. Case Study 15-4: Layer 2 Protocol Tunneling
          5. Case Study 15-5: Multihoming
        4. Summary
    13. 1. L2TPv3 AVP Attribute Types