| 리포트 | 기술문서 | 테크-블로그 | 원샷 갤러리 | 링크드인 | 스폰서 컨텐츠 | 네트워크/통신 뉴스 | 인터넷자료실 | 자유게시판    한국 ICT 기업 총람 |

제품 검색

|

통신 방송 통계

 
 
 
섹션 5G 4G LTE C-RAN/Fronthaul Gigabit Internet IPTV/UHD IoT SDN/NFV Wi-Fi Video Streaming KT SK Telecom LG U+ OTT Network Protocol CDN YouTube Data Center
 

2023

5G 특화망

포탈

Private 5G/이음 5G

 포탈홈

  넷매니아즈 5G 특화망 분석글 (128)   5G 특화망 4가지 구축모델   산업계 5G 응용   산업분야별 5G 특화망 활용사례  [5G 특화망 벤더Samsung | HFR | Nokia | more
 

해외

  국가별 사설5G 주파수 [국가별 구축현황] 일본 | 독일 | 미국 | 프랑스 | 영국  [사설5G 사업자] Verizon | AT&T | DT | Telefonica | AWS | Microsoft | NTT동일본 | NTT Com    
 

국내

  5G 특화망 뉴스 | 국내 5G 특화망 구축 현황 | 국내 5G 특화망사업자 현황 (19개사) | 국내 자가구축사례 일람 | 국내 특화망 실증사업사례 일람 | 5G 특화망 정책
 
 

[5G 특화망 구축 사례] 한국식품산업클러스터 | 반월시화산단 삼성서울병원 | 롯데월드 | 한국수력원자력 | 해군본부 | 한국전력공사 | more  [이통사] KT

 
 
스폰서채널 |

 HFR의 5G 특화망 솔루션 (my5G)  Updated   | HFR 5G 특화망 뉴스HFR my5G 자료

  스폰서채널 서비스란?
Tutorial: VPLS
May 05, 2008 | By Cisco
코멘트 (0)
4
Thank you for visiting Netmanias! Please leave your comment if you have a question or suggestion.
Transcript
ID2Agenda
VPLSFundamentals
H-VPLSandDesign
VLANTranslating
VPLSL2ControlProtocolTunneling
RoutedVPLS
VPLSScalability
ID3What’sVPLS(
VirtualPrivateLANServices)
?
End-to-endarchitecturethatallowsIP/
MPLSnetworkstoprovidemultipointEthernetservices
VirtualmultipleinstancesofthisservicessharethesameSPphysicalinfrastructure
Privateeachinstanceoftheserviceisindependentandisolatedfromoneanother
LANservice
providesamultipointconnectivityamongtheparticipantendpointsacrossaMAN/
WANthatlookslikeaLANPEMPLSPECECECEPEVC(virtualcircuit)
ID4VPLSComponentsPEMPLSCEVFIVFIVFIAttachmentcircuitVFIVirtualcircuit
AC(AttachmentCircuit)
ConnecttoCEdevice,
itcouldbeEthernetphysicalorlogicalport,
ATMbridging(RFC1483),
FRbridging(RFC1490),
evenAToMpseudowire
OneormultipleACscanbelongtosameVFI
VC(VirtualCircuit)
EoMPLSdataencapsulation,
tunnellabelisusedtoreachremotePE,
VClabelisusedtoidentifyVFI
OneormultipleVCscanbelongtosameVFI
VFI(VirtualForwardingInstance)
AlsocalledVSI(VirtualSwitchingInstance)
VFIcreateL2multipointbridgingamongallACsandVCs
It’sL2broadcastdomainlikeVLAN
MultipleVFIcanexistonthesamePEboxtoseparateusertrafficlikeVLANVFIVFI
ID5
Multipoint-to-MultipointConfiguration
ForwardingofFramesbasedonLearnedMACaddresses
UsesaVirtualForwardingInstances(
VFI,
likeVLAN)
forcustomerseparationVPLSCustomerPerspectiveCE1CE3AllCEsappearconnectedonacommonvirtualswitchCE4CE2
ID6MultipointBridgingRequirements
Flooding/
Forwarding
Forwardingbasedon[
VLAN,
DestinationMACAddress]
UnknwonUcast/
Mcast/
Broadcast
Floodtoallports(
IGMPsnoopingcanbeusedtoconstrictmulticastflooding)
MACLearning/
Aging/
Withdrawal
DynamiclearningbasedonSourceMACandVLAN
Refreshagingtimerswithincomingpacket
MACwithdrawalupontopologychanges
LoopPrevention
SplitHorizontoavoidloop
SpanningTree(
possiblebutnotdesirable)
VPLSsimulateavirtualLANservice,
itMUSToperatelikeatraditionalL2LANswitchaswell
ID7ASimpleVPLSConfigurationExampleN-PEAMPLSN-PEBN-PECN-PE3interfaceLoopback0ipaddress6666255255255255!
DefineVPLSVFIl2vfiVPLS_
2000manualvpnid10
globalsignificantneighbor1111encapsulationmplsneighbor7777encapsulationmpls!
AttachVFItoVLANinterface!
VLANIDislocalPEsignificantinterfaceVlan2000xconnectvfiVPLS_
2000!
AttachmentcircuitconfiginterfaceGigabitEthernet5/
1switchportswitchporttrunkencapsulationdot1qswitchportmodetrunkN-PE4interfaceLoopback0ipaddress1111255255255255l2vfiVPLS_
2000manualvpnid10neighbor6666encapsulationmplsneighbor7777encapsulationmplsinterfaceVlan2000xconnectvfiVPLS_
2000!
AttachmentcircuitinterfaceGigabitEthernet5/
1switchportswitchporttrunkencapsulationdot1qswitchportmodetrunkN-PE1<
snip>
19320002000VLANtagTunnellabelVClabelVFIVFIVFI
ID8ToVClabel19ToVClabel23VFI“VPLS_
2000”VLAN2000VClabel23VClabel24ToVClabel24ToVClabel24VLAN20001QTrunkN-PEALo06666/
32VFI“VPLS_
2000”
VFI“VPLS_
2000”
VLAN2000VLAN20001QTrunkVLAN20001QTrunkVLAN2000ToVClabel20ToVClabel23VClabel19VClabel23VClabel20VClabel24N-PEBLo01111/
32N-PECLo07777/
32VPLSConfiguration/
VerificationNPE-A#
showmplsl2vcLocalintfLocalcircuitDestaddressVCIDStatus---------------------------------------------------
VFIVPLS_
2000VFI111110UPVFIVPLS_
2000VFI777710UPl2vfiVPLS_
2000manualvpnid10neighbor1111encapsulationmplsneighbor7777encapsulationmplsinterfaceVlan2000noipaddressxconnectvfiVPLS_
2000NPE-A#
showmplsl2vcdetailLocalinterface:
VFIVPLS_
2000upDestinationaddress:
1111,
VCID:
10,
VCstatus:
upTunnellabel:
imp-null,
nexthop1161161111Outputinterface:
GE8/
1,
imposedlabelstack{
19}
Createtime:
1d01h,
laststatuschangetime:
0:00
40:00:00
16Signalingprotocol:
LDP,
peer1111:
0upMPLSVClabels:
local23,
remote19NPE-A#
showmplsl2vcdetailLocalinterface:
VFIVPLS_
2000upDestinationaddress:
7777,
VCID:
10,
VCstatus:
upTunnellabel:
imp-null,
nexthop1671672227Outputinterface:
GE8/
4,
imposedlabelstack{
24}
Createtime:
1d01h,
laststatuschangetime:
1d00hSignalingprotocol:
LDP,
peer7777:
0upMPLSVClabels:
local24,
remote24
ID9CLI
MACLearningCheckingNPE-A#
shmac-addvlan2000
MACbasedforwardinginVPLSnetworkLegend:
*
-
primaryentryage-secondssincelastseenn/
a-notavailablevlanmacaddresstypelearnageports------+----------------------+------------+-----+----------+-------------------------
2000222222111111dynamicYes01111,11
fromNPE-B,
VC10*
2000222222333333dynamicYes0Gi5/
1
fromlocalACgig5/
12000222222444444dynamicYes07777,11
fromNPE-C,
VC10
ID10LoopPrevention
Split-horizonN-PE3MPLSN-PE4N-PE1HowtoavoidloopinVPLS(
multipointbridging)network?
Spanningtreeispossiblebutnotdesirable
VPLSusesplit-horizontoavoidloopPacketreceivedonVPLSVCcanonlybeforwardedtoACs,
nottheotherVPLSVCs(
H-VPLSisexception)
RequirefullmeshVCsamongallPEsVFIVFIVFI
ID11CLI
SplitHorizonCheckingNPE-A#
shvfiVPLS_
2000Legend:
RT=
Route-target,
S=
Split-horizon,Y=
Yes,
N=
NoVFIname:
vpls11,
state:
up,
type:multipointVPNID:
10Localattachmentcircuits:
Vlan2000Neighborsconnectedviapseudowires:
PeerAddressVCIDS111110Y777710Y
ID12VPLSDataPlaneandControlPlaneBGPbasedVPLSAutoDiscoveryDataPlane
AlthoughVPLSsimulatemultipointvirtualLANservice,
theindividualVCisstillpoint-
to-pointEoMPLS
Itusesthesamedataencapsulationaspoint-to-pointEoMPLSControlplane
SignalingSameasEoMPLS,
usingdirectedLDPsessiontoexchangeVCinformation
Auto-discoveryofVPNmembershipReducesVPNconfigurationanderrorsassociatedwithconfiguration
Draft-ietf-l2vpn-vpls-ldpdoesnotmandateanauto-discoveryprotocol
ItcanbeBGP,
Radius,
DNS,
ADbased
7600supportBGPbasedautodiscoveryfrom122(
33)SRBrelease,
basedondraft-ietf-l2vpn-signaling-xx
txt
ID13BGPBased“Auto-Discovery”MP_REACH-NLRIattributeinMP-iBGPUpdate(
w/
LDPsignaling)
1
AddressFamilyInfo:
AFI=1,SAFI=1282
Next-hopinfo:
PEloopbackaddr3
NLRI:
1
AddressFamilyInfo:
AFI=“l2vpn”,SAFI=“vpls”
2
Next-hopinfo:
PEloopbackaddr3
NLRI:
L3VPN:
RDcorrespondstoaVRF
RD+
loopbackaddrcanuniquelyidentifyaVRFVPLS:
RDcorrespondstoaVSI
RD+
loopbackaddrcanuniquelyidentifyaVSI
Length(2octets)
RD(8octets)
PE-id:
PEIPaddr(4octets)
Length
MPLSLabel
RD:IPv4addrl2vfiPE1-VPLS-Amanualvpnid100:
27bridge-domain4neighbor120003encapsulationmplsneighbor162002encapsulationmplsl2vfiPE1-VPLS-Aautomaticvpnid100:
27bridge-domain4L3VPNVPLS
ID14BGP-basedVPLSAutoDiscovery
ConfigurationExample!
BGPconfiguration(
N-PE3asexample)
routerbgp1nobgpdefaultipv4-unicastbgplog-neighbor-changesneighbor10001remote-as1neighbor10001update-sourceLoopback0neighbor10004remote-as1neighbor10004update-sourceLoopback0!
!address-familyl2vpnvplsneighbor10001activateneighbor10001send-communityextendedneighbor10004activateneighbor10004send-communityextendedexit-address-family!
!
VPLSVFIconfigl2vfivpls11autodiscoveryvpnid11Interfacevlan11xconnectvfivpls11!
ACconfig,
thesameasbeforeN-PE3MPLSNetworkN-PE4N-PE1VFIVFIVFI
ID15CLI
VPLSAutoDiscoveryCheckingNPE3#
showipbgpl2vpnvplsallsumBGProuteridentifier10003,
localASnumber1BGPtableversionis4,
mainroutingtableversion4<
snip>
NeighborVASMsgRcvdMsgSentTblVerInQOutQUp/
DownState/
PfxRcd1000141151640000:11:4011000441151540000:11:111NPE3#
shvfivpls11Legend:
RT=
Route-target,S=
Split-horizon,
Y=
Yes,N=
NoVFIname:
vpls11,
state:
up,
type:
multipointVPNID:
11,
VPLS-ID:
1:11RD:
1:11,
RT:
1:11Localattachmentcircuits:
Vlan11Neighborsconnectedviapseudowires:
PeerAddressVCIDDiscoveredRouterIDS100041110004Y100011110001Y
ID16BGP-basedVPLSAuto-DiscoverySummary
ThereisnoneedtocreateanexplicitlistofPEsandassociatethemwithagivenVPN
WhenaVPLSinstanceiscreatedby“l2vfi”
commandonthatPE,
thecorrespondingVPN-idisdistributedbythatPEviaMPiBGPupdatesandalltheotherPEswillbecomeawareofit
TheformatsforRDareBGP-ASN:VFI-VPN-ID(
default)
,
ASN:nnorIP-address:nnEachVSImusthaveanimportandexportRT
Bydefault,
theRTforeachVFIwillhavethesamevalueastheRD
AfterdistributionofPWrelatedparameters,thePWsaresetupthroughtargetedLDPsignaling
ID17H-VPLSandDesign
VPLSFundamentals
H-VPLSandDesign
VLANTranslating
VPLSL2ControlProtocolTunneling
RoutedVPLS
VPLSScalability
ID18WhyH-VPLS?
Potentialsignalingoverhead
FullPWmeshfromtheedge
Packetreplicationdoneattheedge
Nodediscoveryandprovisioningextendsend-to-end
Minimizessignalingoverhead
FullPWmeshamongcoredevicesonly
PacketreplicationdonethecoreonlyFlatVPLSH-VPLSVPLSSplit-horizonrequirefullmeshVPLSVCs
ID19FlatVPLS
EthernetaccesswithoutQinQEthernet
1QoraccessEthernet
1QoraccessFullMesh
Pseudowires
LDPSignaling
FullmeshofdirectedLDPsessionsrequiredbetweenparticipatingPEs
N*
(
N-1)
/
2;
N=
numberofPEnodes
Limitedscalability
PotentialsignalingandpacketreplicationoverheadSuitableforsmallernetworks,simpleprovisioning
CustomerVLANtagisusedasVPLSVFIservicedelimiterFlat
ID20H-VPLSwithEthernetAccessQinQ
1QQ-in-Q
1QQ-in-QFullMesh
Pseudowires
LDPSignaling
Bestforlargerscaledeployment
Reductioninpacketreplicationandsignalingoverhead
FullmeshforCoretier(
Hub)
only
Expansionaffectsnewnodesonly(
nore-configuringexistingPEs)
QinQframeinEthernetaccessnetwork
S-tagisusedasVPLSVFIservicedelimiter
Customertagisinvisible
EachEthernetaccessnetworkcanhave4Kcustomers,
4K*
4Kcustomervlans
ID21H-VPLSwithQinQAccessExampleN-PE3N-PE4U-PEConfiguration!
InterfaceconnectedtoCE!
It’sdot1q-tunnelportinterfaceGigabitEthernet2/
13switchportswitchportaccessvlan11switchportmodedot1q-tunnelspanning-treebpdufilterenable!
InterfaceconnectedtoN-PE!
It’sregulardot1qtrunkportinterfaceGigabitEthernet2/
47switchportswitchporttrunkencapsulationdot1qswitchportmodetrunkN-PE(3&
4)Configuration!
SameVPLSVFIconfigasflatVPLS!
Attachmentcircuithastwoconfigoptions!
Option1dot
1qtrunkifitconnectedtoU-PElikeN-PE3interfaceGigabitEthernet5/
1switchportswitchporttrunkencapsulationdot1qswitchportmodetrunk!
Option2dot1qtunnelifitconnectedtoCEdirectly,
likeN-PE4interfaceGigabitEthernet5/
1switchportswitchportaccessvlan11switchportmodedot1q-tunnelSpanning-treebpdufilterenableU-PE39311C-tagC-tagC-tagC-tagVFIVFIVFIN-PE1
ID22H-VPLSwithQinQ(
EVCCLI)
P1-AGDN1P1-AC1P1-CPE11QtrunkP2-AGP3-AGP3-AC1P3-CPE11QtrunkMPLSDN2VLAN1500VLAN1000VLAN1500VLAN1000SPVLAN2000SPVLAN2000QinQ
1QtrunkQinQ[
1000]
[
1500]
FlexibleQinQFlexibleQinQinterfaceFast1/
1switchaccessvlan2000switchmodedot1q-tunnell2protocol-tunnell2vfiCPE123manualvpnid123123neighxxxxencapmplsneighy
yy
yencapmplsinterfacevlan2000xconnectvfiCPE123interfgi2/
2serviceinstance7777ethernetencapdot1q2000bridge-domain2000shvfishxconnectallshmpl2l2vcshbridge-domain[
2000,1000]
[
2000,1500]
ID23H-VPLSwithMPLSAccess
1QMPLS
1QMPLSFullMesh
Pseudowires
LDPIP/
MPLSIP/
MPLS
ID24H-VPLSwithMPLSAccessExampleN-PE3N-PE4N-PE1U-PE3Configuration!
RegularEoMPLSconfigurationonU-PE!
Useport-modeinthisexampleinterfaceGigabitEthernet2/
13xconnect1000311encapmpls!
UplinkisMPLS/
IPtosupportEoMPLSinterfaceGigabitEthernet2/
47ipaddress100572255255255252mplsipU-PE384C-tagC-tagMPLSMPLSVFIVFIU-PE4MPLS7335VFIN-PE3Configuration!
DefineVPLSVFIl2vfivpls11manualvpnid11neighbor10001encapsulationmplsneighbor10004encapsulationmplsneighbor10007encapsul
tionmplsno-split-horizon!
AttachVFItoVLANinterfaceinterfaceVlan11xconnectvfivpls11!
AttachmentcircuitisspokePWforH-VPLSMPLSaccess!
DownlinkisMPLS/
IPconfigurationtosupportH-VPLSinterfaceGigabitEthernet4/
0/
1ipaddress100571255255255252mplsipC-tagC-tagC-tag
ID25CLI
H-VPLSwithMPLSAccessExampleNPE3#
shmplsl2vc11LocalintfLocalcircuitDestaddressVCIDStatus-------------------------------------------------------------------------
VFIvpls11VFI1000111UPVFIvpls11VFI1000411UPVFIvpls11VFI1000711UPNPE3#
shvfivpls11Legend:
RT=
Route-target,S=
Split-horizon,
Y=
Yes,N=
NoVFIname:
vpls11,
state:
up,
type:
multipointVPNID:
11Localattachmentcircuits:
Vlan11Neighborsconnectedviapseudowires:
PeerAddressVCIDS1000111Y1000411Y1000711N
ID26CLI
H-VPLSwithMPLSAccessExampleUPE3#
shmpll2vc11LocalintfLocalcircuitDestaddressVCIDStatus--------------------------------------------------------------------------
Gi2/
13Ethernet1000511UPNPE3#
shmac-addvlan11Legend:
*
-
primaryentryage-secondssincelastseenn/
a-notavailablevlanmacaddresstypelearnageports------+----------------+--------+-----+----------+--------------------------
11222222111111dynamicYes010001,1111222222333333dynamicYes010007,11
spokePW11222222444444dynamicYes010004,11
ID27H-VPLSwithMPLS(
EVCCLI)
P1-AGDN1P1-AC1P1-CPE1VLAN10001QtrunkP2-AGP3-AGP3-AC1P3-CPE1VLAN10001QtrunkMPLSDN2mplsipmplslabelprotocolldpmplsldprouter-idloop0shvlanshspannvlan…
shinterfacetrunkshiponshIprouteping…
shmplsinterfashmplsldpneigh“mplsip”
ontheinterf
shiponshiprouteping…
shmplsinterfashmplsldpneighVLAN1500VLAN1500SPVLAN2000SPVLAN2000QinQrouteduplinkinterfaceextensionIGP:
OSPFMPLSrouteddownlinkinterfaceOSPFtodownlinkMPLS
ID28ConfiguringH-VPLS
L2VFI(
manual)
P1-AGDN1P1-AC1P1-CPE11QtrunkP2-AGP3-AGP3-AC1P1-CPE11QtrunkMPLSDN2VLAN1500VLAN1000VLAN1500VLAN1000l2vfiCPE123manualvpnid123123neighxxxxencapmplsneighy
yyyencapmplsneighzzzzencapmplsno-split-horizoninterfacevlan2000xconnectvfiCPE123shvfishxconnectallshmac-address-tablevlan2000L2VFIPx-AG:
neighbours(
fullmesh)
Px-AC:
neighbour(
disablesplit-horizon!
)
MAClearningonVFI=
>
VLAN<
->
VFIinterfacevlan2000xconnectxxxx123123encapmplsshxconnectall
ID29ConfiguringH-VPLS
VPLSAutodiscoveryP1-AGDN1P1-AC1P1-CPE11QtrunkP2-AGP3-AGP3-AC1P1-CPE11QtrunkMPLSDN2VLAN1500VLAN1000VLAN1500VLAN1000routerbgp64512neighxxxxremote-as64512…address-familyl2vpnvplsneighxxxxactivateneighxxxxsend-community-extendedpseudowire-classPW-AG-AC1encapmplsl2vfiCPE123-AUTOautodiscoveryvpnid123123neighzzzzencappw-classPW-AG-AC1no-split-horizinterfacevlan2000xconnectvfiCPE123BGPpeeringwithRRVFIneighboursconfiguredautomaticallypseudowire-classPW-AC1-AGencapmplsinterfacevlan2000xconnectxxxx123123pw-classPW-
AC1-
AG
ID30H-VPLSwithMPLSAccessSplit-HorizonRuleN-PE3N-PE4N-PE1U-PE3MPLSMPLSVFIVFIU-PE4MPLSVFISplit-
horizonrule
Betweenno-split-horizonVCs
forwarding
Betweenno-split-horizonVCsandsplit-horizonVCs
forwarding
Betweensplit-horizonVCs
blocking
BetweenACsandVCs
forwarding
BetweenACs
forwarding
ID31H-VPLS/
VPLSTopologyComparisonFastL3IGPconvergenceMPLSTEandFRR(
50msecconvergencetime)
AdvancedMPLSQoSHierarchicalsupportviaspokePWataccess
SpokePEcanhaveQinQattachmentcircuitforadditionallevelofhierarchySameEthernetnetworkbenefitasflatVPLSHierarchicalsupportviaQinQataccessScalablecustomerVLANs(
4kx4k)
4kcustomerlimitperEthernetislandEthernetnetworkbenefit
simple,
highbandwidth,
cheap,
efficientlocalswitchingandbroadcast/
multicastdistributionProsMorecomplicatedprovisioningRequiresMPLStou-PE,
potentiallymoreexpensiveu-PEdeviceHighSTPre-convergencetime(
potentiallyimprovedbydifferentL2protocols)
Nothierarchical,
notscalableCustomerVLANcan’toverlap(
withexceptionofVLANtranslation)
4KcustomerVLANlimitinEthernetaccessdomainHighSTPre-
convergencetimeConsH-VPLS-
MPLSaccessH-VPLSEthernetaccesswithQinQFlatVPLSEthernetaccesswithoutQinQ
ID32VLANTRANSLATING
VPLSFundamentals
H-VPLSandDesign
VLANTranslating
VPLSL2ControlProtocolTunneling
RoutedVPLS
VPLSScalability
ID33FlexibleFrameMatchingCLI
Singletaggedframeencapsulationdot1q{
any|
“<vlan-id>
[
,
<vlan-id>
[
-<vlain-id>
]
]
”}
Vlantagcanbesingle,
multipleorrangeorany(
1-4096)
Doubletaggedframe(
onlylookupto2tagsifreceivemorethan2taggedframes)
encapsulationdot1q<vlan-id>
second-dot1q{
any|
“<vlan-id>
[
,
<vlan-id>
[
-<vlain-id>
]
]
”}
Firstvlantagmustbeunique,
secondvlantagcanbeany,
unique,
rangeormultiple
DefaulttagencapsulationdefaultMatchallframestaggedoruntaggedthatarenotmatchedbyothermorespecificserviceinstances
untaggedencapsulationuntaggedMatchnotaggedframes,
forexamplenativevlaninterfacegig1/
1/
1serviceinstance1ethernetencapsulation?
defaultcatch-allunconfiguredencapsulationdot1ad8021ad-
ProviderBridgesdot1qIEEE8021QVirtualLANorS-VLANpriority-taggedPrioritytaggedEFPuntaggedUntaggedencapsulation
ID34EncapsulationRewriteCLINPE1(
config-if-srv)
#
rewriteingresstagpop?
1Poptheoutermosttag
remove1tag2Poptwooutermosttags
remove2tagNPE1(config-if-srv)
#
rewriteingresstagpushdot1q10
addonetagNPE1(config-if-srv)
#
rewriteingresstagpushdot1q10second-dot1q20
addtwotagNPE1(
config-if-srv)
#
rewriteingresstagtranslate?
1-to-1Translate1-to-11-to-2Translate1-to-22-to-1Translate2-to-12-to-2Translate2-to-2interfacegig1/
1/
1serviceinstance1ethernetencapsulationdot1q10rewriteingresstag?
popPopthetagpushRewriteOperationofpushtranslateTranslateTag
ID35Switchport/
EVCServiceCommandsinterfaceGig1/1/1serviceinstance101ethernetCUSTOMER-1encapsulationdot1q101second2001,2002rewriteingresstagtranslatedot1q1-to-1second2001dot1q102bridge-domain100service-policyoutputHierarchical-QoSethernetlmice-vlanmap101!
interfaceVlan100ipaddress|
vrf|
vfiEVCCLI:
interfaceGig1/1100encapsulationdot1q100ipaddress|
vrf|
xconnectinterfaceGig1/1switchporttrunkallowedvlan100SwitchportorSubinterfaceCLI:
EncapsulationRewriteCLI
-
Symmetric
Encapsulation rewrite should be always symmetric, meaning whatever
rewrite on ingress direction should have the reverse rewrite on the
egress direction f or the same interf ace, same EF P
F or ex ample, if it remove outer vlan tag on ingress, then it need to add
the original vlan tag back on the egress direction A s the result, it
always need two lines of rewrite conf iguration, one f or rewrite ingress,
the other f or rewrite egress
T o mak e conf iguration simple and avoid misconf iguration, k eyword
“symmetric” is used mandatory, and “rewrite egress” C L I is block ed on
purpose
V alid conf iguration
ser i e inst n e et ernet
en s ti n t
re rite ingress t g symmetri
I nvalid conf iguration
Presentation
_
ID

CiscoConfidential
36
ser i e inst n e et ernet
en s ti n t
re rite ingress t g
re rite egress t g s t
ID37ConfiguringVLANTranslatingP1-AGMPLSVLAN1500VLAN1000FlaxibleQinQ
1Qtrunk
1Qtrunk
1QtrunkSPVLAN2000SPVLAN2500QinQtunnelFlexibleQinQ
1Qtrunk
1Qtrunk
1QtrunkQinQtunnelcSPVLAN2000VLAN1000[
2000,1000]
[
2500,1500]
PW456456interfacegi2/
3serviceinstance6666ethernetencapdot1q2500second-dot1q1500rewriteingresstagtranslate2-to-2dot1q2000second-dot1q1000symetricxconnectxxxx456456encapmplsQinQtunnelinterfacegi2/
2serviceinstance4444ethernetencapdot1q2000second-dot1q1000xconnectyy
y
y456456encapmpls[
2000,1000]
FlaxibleQinQP2-AGP1-AC1P2-AC1P2-AC2P1-CPE1P2-CPE1P2-CPE2
ID38VPLSL2PT
VPLSFundamentals
H-VPLSandDesign
VLANTranslating
VPLSL2ControlProtocolTunneling
RoutedVPLS
VPLSScalability
VPLSAttachm
entCircuit
M P L S
V
F
I
7 6 0 0
p
s
e
u
d
o
p
o
r
t
E
C1
p
s
e
u
d
o
p
o
r
t
E
E P

F or each V P L S instance, it can have multiple attachment circuits (A C s)
and multiple virtual circuits (V C s)  A C s and V C s are in the same L
2broadcast domain, pack et is f orwarded based on M A C address

A C couldbedifferenttype, lik eA T M (R F C 1 4 8 3 ) bridging, F R (R F C 1 4 9 0
)
bridging, native Ethernet switchport, native Ethernet EF P (EV C based
conf iguration)  L 2 P T apply to Ethernet A C only N ormally it’s S T P , C D
Pand V T P pack ets
Presentation
_
ID

CiscoConfidential
39
ID40L2PTonswitchportAttachmentCircuit
L2dot1qtrunkportoraccessportTotunnelSTPBPDU,
forPVSTmode,
STPneedtobedisabledperVLAN
OtherwisecustomerBPDUisprocessedandterminatedlocally
ForMSTmode,
BPDUissentthroughnativeVLAN,
STPneedtobedisabledfornativeVLAN
L2dot1q-tunnelportBydefault,
STP/
CDP/
VTPpacketisdropped
IfconfigureL2PT,
STP/
CDP/
VTPcontrolpacketistunneledthroughVPLSVCs!
L2controlprotocolpacketwillbetunneledoverVPLSVCaftertheL2PTconfigurationonattachmentcircuitportinterfacevlan20xconnectvfimyvpls
ACconfigurationinterfacegig1/
1switchportswitchportaccessvlan20switchportmodedot1q-tunnell2protocol-tunnelcdpl2protocol-tunnelstpl2protocol-tunnelvtpnocdpenablespanning-treebpdufilterenable!
Disablestpforvlan10inordertotunnelVLAN10BPDUoverVPLSVC
nospanning-treevlan10interfacevlan10xconnectvfimyvpls
ID41L2PTonEFPAttachmentCircuit
SIP-400/
ES20serviceinstancewithEthernet-MultipointBridgingBydefault,
L2PDUisdropped
With“l2protocolforward”configuration,
L2PDUisforwardedtransparentlyasdatainterfaceGigabitEthernet4/
1/
0serviceinstance11ethernetencapsulationdot1q11rewriteingresstagpop1symmetricl2protocolforwardbridge-domain11!
L2controlprotocolpacketwillbetunneledoverVPLSVCafterthe“l2protocolforward”configurationonattachmentcircuitinterfacevlan11xconnectvfimyvpls
ID42RoutedVPLS
VPLSFundamentals
H-VPLSandDesign
VPLSL2ControlProtocolTunneling
RoutedVPLS
VPLSScalability
VPLSResiliency
ID43RoutedPWASimpleExampleMPLSSVIinterfacevlan100xconnectvfimyvplsipaddress11122552552550SVIinterfacevlan100xconnectvfimyvplsipaddres
11112552552550internetSiteASiteBCanhavexconnectandL3configurationundersameVLANinterface,thusprovidebothL2andL3overpseudowire!
ID44RoutedPW(
VPLS)
What’sit?
MPLSVFISVIL3/
VRFVFI7600pseudoportpseudoportVFISwitchport
L2switchingamongL2switchportandL2pseuoport(
PW)
withMAClearning/
forwarding
L3routingviaSVIforbothL2switchportandL2pseuoport(
PW)
SameL3attributes(
IP,
Routing)
onSVIsinadditiontoaxconnectconfiguration
“RoutedPW”istheabilitytoL3routeinadditiontoL2bridgeframestoandfromPWinterfacevlan100xconnectvfimyvplsipaddress11112552552550interfa
evlan100xconnectvfimyvplsipaddress11122552552550VLAN100
ID45RoutedPW(
VPLS)
ApplicationScenario
PWTerminatedintoL3/
VRFMPLSL3VPNPWAggregationPE76007600receiveEoMPLSframefromPWAfterEoMPLSdecap’d,
itbecomenormalIPpacketIPpacketisL3routedintoL3VPNcloudviaSVISingleboxsolution!
SVIinterfacevlan100xconnectvfirvplsipvrfforwardingroutedpwipaddress11112552552550L2+
L3PEinterfacegig1/
11encapdot1q100xconnect10111100enmpls
ID46DistributionAggregationAggregationNetworkMPLS/
IPResidentialSTBSVISVIinterfacevlan10xconnect2222ipaddress101112552552550ippimsparse-modeinterfacevlan10xconnect1111ipaddress101122552552550ippimsparse-modeTV
MulticastpacketisL3routedfromsourceinterfaceintoPWSVIasnormal
AfterpacketisroutedintoPWVLAN,
packetwillbeforwardedatL2inthePWVLAN
Fromnow,
it’sregularL2EoMPLSpackethandlingandforwarding,
includingTE/
FRR
Multicastpacketiseomplsencap’dandMPLSlabelswitchedtoaggregationbox
EoMPLSpacketisreceivedatingressSIPcard
EoMPLSlabeldepositionbyingressSIP,
andbecomenormalIPmulticastpacket
MulticastpacketisL2bridgedtoPWSVIandL3routedintoBTVVLAN
MulticastpacketisL2switchedinBTVVLANtoDSLAMportsPhysicallinkfailureisprotectedbyTE/
FRR,
L3/
Multicastlayerisnotaware!
RoutedPW(
VPLS)
ApplicationScenario
MulticastL3RoutedoverRoutedVPLS
ID47VPLSScalability
VPLSFundamentals
H-VPLSandDesign
VPLSL2ControlProtocolTunneling
RoutedVPLS
VPLSScalability
VPLSResiliency
ID48What’syourconcern?
MACaddresstable?
VLANScale?
Maximumpoint-to-pointVPWSservice?
Maximumbridge-domainandVPLSinstance?
MaximumVPLSpeersperVPLSinstance?
Maximumattachmentcircuit?

L
ogicalInterfaceS
cale

P F C 3 / D F C 3 f orwarding engine identif ies a L ayer 3 interf ace as a
VLAN

A ny physical or logical (sub-interf ace) interf ace in “no shutdown”
state is getting an internal V L A N assigned

4 0 9 4 internal V L A N s are available
chain#sh platform hard capacity vlan
VLAN Resources
VLANs: 4094 total, 27 VTP, 5 extended, 64 internal, 3998 free
chain#

V L A N s allocated f rom 1 0 2 2 onward in ascending order
Presentation
_
ID

CiscoConfidential
49
AnE
xample…
chain#show vlan internal usage
VLAN Usage
111 GigabitEthernet1/16111

1006 online diag vlan0
1007 online diag vlan1
1008 online diag vlan2
1009 online diag vlan3
1010 online diag vlan4
1011 online diag vlan5
1012 PM vlan process (trunk tagging)
1013 Control Plane Protection
1014 L3 multicast partial shortcuts for VPN
0
1015 vrf_0_vlan
1016 Container0
1017 IPv6-mpls RSVD VLAN
1018 GigabitEthernet1/
3
1019 Egress internal vlan
1020 Multicast VPN 0 QOS vlan
1021 IPv6 Multicast Egress multicast
1022 GigabitEthernet5/
2
1023 GigabitEthernet2/0/
1
1024 GigabitEthernet2/0/
2
1025 GigabitEthernet2/0/2721

1044 ATM8/0/ima1
1045 CEM2/1/10

1070 POS9/1/
0
VLANsinVTP range
SpecialV
LA N sused
b y System
V L A N sa ssigned to
ro u ted
Interfa c es
Presentation
_
ID

CiscoConfidential
50
L3VPN
S
cale

U pto 1 k V R F saresupportedper 7 6 0 0

Each V R F tak es also at least one internal V L A N
VRF1-512
uses one VLAN
(
VPN
CAM!)
V R F
513-1024
usestw o V
LA N s(
R e-circulation)

T he total system L 3 V P N scale depends on
N
umber ofVR
Fs
N
umber ofP E-C Elinksper V R F
chain#sh platform hardware capacity pfc
L2 Forwarding Resources

VPN CAM usage: Total Used %Used
512 0 0%
chain#sh vlan in us | i vrf
1015 vrf_0_vlan
1059 vrf_7_vlan
1064 vrf_8_vlan
1065 vrf_10_vlan
1066 vrf_11_vlan
1067 vrf_12_vlan
1068 vrf_13_vlan
chain#
Presentation
_
ID

CiscoConfidential
51
Point-to
#NAME?
-
EoMPLS

O ne virtual circuit connect two U N I s

U N I can be on the same box or two box es

N o M A C learning or M A C based f orwarding are involved

S ub-interfacebased P W son 6 7 x x andES 2 0 cardsuse P F C
/
D F
Cbased EoM P L S which uses an internal V L A N
--> max imumof 4 k EoM P L S P W spersystem

S ub-Interfacebased P W son S
IP 4 0 0 orEV C based P W son
ES 2 0
/
S
IP 4 0 0 use“S calableEoM P L S ”whichdoesnotusean internalVLAN
--> max imumof 3 2 k EoM P L S P W spersystem
Presentation
_
ID

CiscoConfidential
52
Multipoint -
VPLS

I s a combination of an internal V L A N (bridge-domain) and a set ofPW sfor VPLS mesh

O ne V P L S V F I usesone internalV L A N

A tmax imum 4 k V F
Isper S ystem (thatmeansno L 3 V P N atthe
same time)

M ore than two U N I s, one or multiple V irtual C ircuits

M A C learning and M A C based f orwarding

B ridge-domain is tied to system wide resource lik e global V L A N ,
thus less scale

T ypically it has max imum peers per bridge-domain limit
Presentation
_
ID

CiscoConfidential
53
Aw
o
rdo
nMAC
AddressS
cale

C isco 7 6 0 0 P F C 3
/
D F C 3 performs M A C address learning inH W

M A C address table siz e
SU P
720-3B
and
3B X L -->
64k
R SP
720-3C
and
3C X L -->
96k

H as ef f iciency
SU P
720-3B
and
3B X L -->
32k
R SP
720-3C
and
3C X L -->
80k
chain#show module
Mod Ports Card Type Model Serial No
--------------------------------------------------------------------------

3 4 CEF720 4 port 10-Gigabit Ethernet WS-X6704-10GE SAL09316U29
4 8 CEF720 8 port 10GE with DFC WS-X6708-10GE SAL1103DYZ4
5 2 Route Switch Processor 720 (Active) RSP720-3CXL-GE JAE1139XVV4
“B”
P
re
s
e
n
ta
tio
n
_
ID
2
0
0
7
C
is
c
o
S
ys
te
m
s
,
In
c

A
llrig
h
ts
chain#sh plat ha capacity pfc
L2 Forwarding Resources
MAC Table usage:
re
s
e
rv
e
d

C
is
c
o
C
o
n
fid
e
n
tia
l
Module
3
4
5
Collisions
0
0
0
T l
65536
98304
98304
“C”
Used
150
150
150
%Used
1%
1%
1%
54
ID55MACScale
MAClearning/
limitingFeatureMAClearningcanbedisabled/
enabledperVLANpermodule(
DFC)
basis
Forexample,
ifVLANAonlyhavephysicalportsonModuleA,
thenotherDFCbasedmoduleandSUPdon’tneedtolearnMACforVLANAMAClimitingcanbeconfiguredperVLANorperinterfacetolimitthenumberofMACadd
esslearned7604-npe1(
config)#
macaddress-table?
aging-timeSetMACaddresstableentrymaximumagelearningEnableaMACtablelearningfeaturelimitEnterparametersformaclimitfeaturenotificationEn
bleaNotificationfeaturestaticstatickeywordsynchronizeSynchronizeMACaddresstableentriesinthesystem
8021ah(
MAC-in-MAC)
BasicallycustomerMACaddresswillonlyresideonthelocalPElinecard,
notintheL2VPNbackbone
Supportinfuturerelease
ID56ProviderBackboneBridgesMainIdeas/
Concepts
ServiceScalabilityDefineanew“ServiceInstanceIdentifier”
24*
Bitswide(
takingtheplaceoftheformer“VLAN”):I-TAG
DomainIsolation,
MAC-AddressScalabilityEncapsulateCustomerMAC-framesattheedgeofthenetworkintoa“ProviderMAC-Frame”:
NewMAC-HeaderwithB-TAG
“BackwardCompatibility”to8021adPacketheaderofProviderBackboneBridges(
PBB,
P8021ah)
andProviderBridges(
PB,
P8021ad)
lookthesame8021ahassumesexistingL2controlplanemechanismssuchasspanningtree
Howeverthesearenotrequired
8021ahtargetedforFinalizationDec2007FCSL2PDUC-TAGC-SAC-DAI-TAGB-TAGB-SAB-DAP8021ah(ProviderBackboneBridges)
EncapsulationExampleI-TAG:Contains24BitstoidentifyaserviceinstanceB-TAG:equalsS-TAGSecondMAC-HeaderNote:Stillunderdiscussion,
notfinalizedyet
VLAN
S
cale

Po
int-to -Po
int (
VPW S, E -LIN E , E W S/E R S, andso o n)
D oesn’t req uire global V L A N resource C an go much more beyond 4
Klimit
C urrently7 6 0 0 support 1 6 K localV L A N sperES 2 0 ,thus 1 6
KEoM
PLS
PW sperES20

M ultip o
int (
VPLS, L2 lo c alb
ridg
ing , E M S/E M R S, andso o n)
M ultipoint bridging create L 2 broadcast domain P ack et is f orwarded
based on M A C address
N eed global V L A N resource, max imum 4 K currently
Presentation
_
ID

CiscoConfidential
57
ID58VPLSScale
VPLSForwardingInstance(VFI)
sperboxVFIis1:1mappedtosystemVLANorbridge-domain
4KVFIislimitedbyglobalVLANresourceWith8021ah,
itcanmapmultipleI-SIDtosameB-VLAN(
VPLSInstance)tosolveVFIscalabilityissue
MaximumpeersperVFI60,
plantoincreaseto128/
255inthefuturerelease
MaximumVPLSVCsCodelimitis240K
Upto30Khasbeenofficiallytested
CombinationoftheabovelimitWhicheverlimitcomeatfirst,
itbecomebottleneck
Forexample,
wecansupportthosecombinations,
(
2KVFI,
15peersperVFI,
30KVCs)
,
(
500VFI,
60peersperVFI,
30KVCs)
,
(
4KVFI,
1peerperVFI,
4KVCs)
?

P
o
em
o
c
ija
k
eh
o
p
ik
a
z
us
e
s
p
us
tiue
n
iM
A
C
v
a b c d e fg
)
) ) )
) ) )
R
R
R
R
R
R
R
outer(conf
outer(conf
outer(conf
outer(conf
outer(conf
outer(conf
outer(conf
ig-if -srv) # x connect 1 0  0  0  0 2 encap …
ig-if ) # switchport trunk allowed …
ig-if ) # mpls ip
ig-if -srv) # bridge domain …
ig-if -srv) # encapsulation dot1 q …
ig-if ) # x connect vf i    
ig-if ) # l2 protocol-tunnel
VPLS?
Presentation
_
ID

CiscoConfidential
59
ID60QandA
ID61
View All (861)
4G (2) 4G Evolution (1) 5G (49) 5G 특화망 (10) 5g (1) 802.11 (1) 802.1X (1) ALTO (1) ANDSF (1) AT&T (2) Acceleration (1) Adobe HDS (3) Akamai (6) Amazon (3) Apple HLS (4) Authentication (1) BRAS (2) BT (1) Backbone (4) Backhaul (12) BitTorrent (1) Broadcasting (3) C-RAN (13) C-RAN/Fronthaul (12) CCN (4) CDN (52) CDNi (1) COLT (1) CORD (1) CPRI (2) Cache Control (1) Caching (5) Carrier Cloud (2) Carrier Ethernet (9) Channel Zapping (4) China Mobile (1) China Telecom (1) Cloud (10) Cloudfront (1) DASH (2) DCA (1) DHCP (3) DNS (1) DSA (1) Data Center (7) Dynamic Web Acceleration (1) EDGE (1) EPC (5) Edge (1) Energy (1) Ericsson (5) Ethernet (8) FEO (2) Fairness (1) Fronthaul (5) GiGAtopia (1) Gigabit Internet (2) Global CDN (1) Google (5) HLS (1) HTTP (1) HTTP Adaptive Streaming (18) HTTP Progressive Download (3) HTTP Streaming (1) HetNet (1) Hot-Lining (1) Hotspot 2.0 (2) Huawei (3) ICN (4) IP (1) IP Allocation (1) IP Routing (8) IPTV (15) Intel (1) Internet (1) Interoperability (2) IoST (1) IoT (14) KT (22) LG U+ (3) LTE (70) LTE MAC (1) LTE-A (2) Licensed CDN (1) M2M (3) MEC (5) MPLS (25) MVNO (1) Market (4) Metro Ethernet (7) Microsoft (2) Migration (1) Mobile (4) Mobile Backhaul (1) Mobile Broadcasting (1) Mobile CDN (2) Mobile IP (1) Mobile IPTV (3) Mobile Video (1) Mobile Web Perormance (1) Mobility (1) Multi-Screen (7) Multicast (7) NFC (1) NFV (2) NTT Docomo (2) Netflix (6) Network Protocol (31) Network Recovery (3) OAM (6) OTT (31) Ofcom (1) Offloading (2) OpenFlow (1) Operator CDN (14) Orange (1) P2P (4) PCC (1) Page Speed (1) Private 5G (13) Programmable (1) Protocol (7) Pseudowire (1) QoS (5) Router (1) SCAN (1) SD-WAN (1) SDN (15) SDN/NFV (15) SK Telecom (22) SON (1) SaMOG (1) Samsung (2) Security (6) Service Overlay (1) Silverlight (4) Small Cell (3) Smart Cell (1) Smart Grid (2) Smart Network (2) Supper Cell (1) Telefonica (1) Telstra (1) Terms (1) Traffic (2) Traffic Engineering (1) Transcoding (3) Transparent Cache (2) Transparent Caching (14) VLAN (2) VPLS (2) VPN (9) VRF (2) Vendor Product (2) Verizon (2) Video Optimization (4) Video Pacing (1) Video Streaming (14) Virtual Private Cloud (1) Virtualization (3) White Box (1) Wholesale CDN (4) Wi-Fi (13) WiBro(WiMAX) (4) Wireless Operator (5) YouTube (4) eMBMS (4) eNB (1) 망이용대가 (1) 망중립성 (1) 스마트 노드 (1) 이음 5G (3)

 

 

     
         
     

 

     
     

넷매니아즈 회원 가입 하기

2023년 6월 현재 넷매니아즈 회원은 55,000+분입니다.

 

넷매니아즈 회원 가입을 하시면,

► 넷매니아즈 신규 컨텐츠 발행 소식 등의 정보를

   이메일 뉴스레터로 발송해드립니다.

► 넷매니아즈의 모든 컨텐츠를 pdf 파일로 다운로드

   받으실 수 있습니다. 

     
     

 

     
         
     

 

 

비밀번호 확인
코멘트 작성시 등록하신 비밀번호를 입력하여주세요.
비밀번호