Chapter 6. Point-to-Point Layer 2 VPNs
In all of the MPLS services discussed in previous chapters, the entire service provider (SP) network acts like a distributed router from the perspective of the SP’s customer. These are Layer 3 (L3) MPLS services. The Ingress PE removes the original Layer 2 (L2) header and looks at the packet’s L3+ information. On its way out to the destination CE, the Egress PE pushes a new L2 header. Both the ingress and the egress PE have L3 addresses on the attachment circuits, which might rely on different L2 technologies.
On the other hand, in L2 services, the SP acts like a distributed switch, whose ports are the PEs’ attachment circuits. And there is no L2 global public service equivalent to the Internet, so all the L2 MPLS services are actually VPNs.
L2VPN in a Nutshell
Figure 6-1 has outer headers on top, and it compares the forwarding plane of L3 and L2 VPNs (with P1 performing PHP). This is an all-Ethernet example—both on the access circuits and on the underlying core links—so it does not provide the full picture. It conveys the main idea, though: the customer frame’s L2 information is preserved. This is not a hard statement: in reality, the user frame’s L2 header can actually change. For example, in Ethernet L2VPNs, it is a frequent practice to manipulate the frame’s VLAN tags at the Label Edge Routers (LERs); but key information like the source or destination MAC address is typically preserved—although it can be tunneled in certain L2VPN flavors. ...
Get MPLS in the SDN Era now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.