Está en la página 1de 49

CNG NGH MPLS VPN LP 2

www.ct-in.com.vn

Ni Dung
2

Tng quan dch v VPN lp 2 M hnh Pseudo-wire Kin trc dch v VPN lp 2 Cng ngh Ethernet over MPLS

www.ct-in.com.vn

November 20, 2013

Tng quan dch v VPN lp 2


www.ct-in.com.vn

Nhc im ca cng ngh MPLS L3VPN


4

Router bin phi cha bng nh tuyn ca khch hng. Ch c th chuyn c giao thc IP thng qua mng MPLS L3VPN. Khi mun nng cao kh nng cung cp dch v, phi u t nhiu Router.

www.ct-in.com.vn

November 20, 2013

M hnh dch v L2VPN hin ti


5

L2 VPN l m hnh dch v kt ni nhiu site khch hng s dng knh lp 2 hoc L2 Transport. Khch hng thng thch kt ni lp 2 qua mng WAN thay v lp 3.

ATM

Frame Relay

Frame-Relay
MPLS RPR Ethernet

DSL
Internet

FR v ATM l 2 cng ngh L2VPN ph bin.

www.ct-in.com.vn

November 20, 2013

Gii php Layer 2 VPN truyn thng


6

VPN c xy dng da trn ng thu bao ring t cc site ca khch hng n ISP. Cng ngh s dng:

ng dy ring. Frame Relay: phn tch khch hng trong mng ca ISP da trn knh o (PVC). ATM Khng can thip vo nh tuyn ca khch hng. Khch hng ch ng trong vic s dng cc cng ngh lp 3 (Routing, IP Address)
www.ct-in.com.vn November 20, 2013

c im:

L2VPN l g Mc ch ca nh cung cp dch v


7

ATM IP OCx

Frame Relay Dial

MPLS
Ethernet DSL

Dch v lp 2 v lp 3 s dng chung 1 h tng mng. Gim chi ph u t, vn hnh v cung cp dch v
www.ct-in.com.vn November 20, 2013

L2 Transport l g?
8

L c ch/giao thc vn chuyn dch v lp 2 qua h tng mng ring. L2 Transport kt ni im im gia cc knh L1/L2 (TDM, ATM, FR, Ethernet) qua mng truyn dn (IP hoc MPLS). L2TPv3 hoc MPLS

www.ct-in.com.vn

November 20, 2013

Gii php L2VPN nng cao


9

Gii php L2VPN nng cao nhm p ng yu cu tch hp mng lp 2 v dch v IP/MPLS trn nn VPN lp 3. c im ca gii php L2VPN nng cao

Cho php cc dch v VPN lp 2 truyn thng nh frame Relay c th thc hin trn h tng IP/MPLS. L2VPN c th cung cp mi trng truyn dn a giao thc (IP hoc non-IP) truyn qua 1 h tng mng duy nht. Bng nh tuyn ca khch hng khng lu trong mng ca nh cung cp dch v. ISP c coi nh l 1 switch kt ni gia 2 im ca khch hng.

www.ct-in.com.vn

November 20, 2013

Li ch chnh ca L2VPN vi cc gii php VPN khc


10

D dng thit k v trin khai: L2VPN da trn nn IP/MPLS, s n gin ca IP/MPLS gip gim thi gian pht trin v duy tr cc dch v VPN lp 2. Cung cp dch v mi thun tin: vi L2VPN, nh cung cp dch v c th d dng thay i gi cc, bn c nhiu bng thng v cht lng dch v tt hn ti cc khch hng lp 2 hin ti.

www.ct-in.com.vn

November 20, 2013

Li ch chnh ca L2VPN vi cc gii php VPN khc (tip)


11

Vi vic s dng kin trc L2VPN nng cao, ISP c th:


Gim chi ph cung cp dch v L2VPN thng qua li IP/MPLS mi.


M rng mng lp 2 hin ti m khng cn u t thm vo mng c. Gim chi ph u t (capex) v chi ph hot ng (Opex) bng vic cung c a dch v trn 1 nn mng thng nht. Vn chuyn c nhiu giao thc lp 2 v lp 3 khc nhau. Cu hnh n gin T qun l h thng Routing ca mnh. C nhiu la chn dch v hn.

i vi khch hng:

www.ct-in.com.vn

November 20, 2013

M hnh dch v L2 VPN


12

M hnh 1 mng L2VPN n gin s dng phng thc truyn dn L2TPv3


www.ct-in.com.vn November 20, 2013

Cc tnh nng ca L2VPN


13

Cu hnh n gin: ch cn cu hnh 2 im u cui, khng phi cu hnh hop-by-hop. i vi khch hng, vic chuyn dch v t cc dch v L2VPN c l khng phc tp. Khch hng chu trch nhim bng nh tuyn ca chnh mnh. Khng cn lu tr bng nh tuyn ca khch hng ti cc im u cui ca ISP. Trong trng hp xu nht, CE ch flap interface ca chnh n, khng nh hng ti hiu nng ca thit b Router bin.

www.ct-in.com.vn

November 20, 2013

C ch lm vic ca L2VPN
14

Pseudo-wire (PW)
Customer Site

IP/MPLS Backbone
PSN Tunnel

Customer Site

PE
Customer Site

IP/MPLS Core

PE
Customer Site

Emulated VC
Attachmen VC Attachmen VC

www.ct-in.com.vn

November 20, 2013

C ch lm vic ca L2VPN
15

PDU c ng gi ti Ingress PE router, c chuyn tip gia cc PE. Pseudowire data unit (PDU) bao gm tt c d liu v thng tin iu khin.

www.ct-in.com.vn

November 20, 2013

L2VPN v L2 Transport
16

L2 VPN v L2 Transport c lin kt cht ch vi nhau nhng khc nhau do 2 nhm lm vic (Working Group) ca IETF nh ngha

L2VPN = IETF L2VPN WG

L2 Transport = IETF PWE3

Chu trch nhim chun ha:


Chu trch nhim:

VPLS VPWS IP-only L2VPN

WG khng a ra giao thc mi, nhng cung cp cc yu cu v tnh nng cho vic m rng cc giao thc hin ti.

Xy dng cc chun cho vc ng gi v m phng cc PW: ng gi cc PDU dch v n ti cc cng logic u vo v vn chuyn chng qua ng hm, qun l khung thi gian, ...

www.ct-in.com.vn

November 20, 2013

Cc M hnh cung cp dch v ca L2 VPN


17

L2VPN

MPLS Network LSP based

IP Network L2TPv3 based

VPWS: Virtual Private Wire Services Point-to-Point Services

VPLS: Virtual Private LAN Services Multipoint Services

Frame Relay

ATM AAL5&CELL

PPP HDLC

Ethernet (ERS&EWWS)

Ethernet Multipoint Services (EMS)

VPWS Any to Any Point to Point Services

www.ct-in.com.vn

November 20, 2013

M hnh Pseudowire
www.ct-in.com.vn

Pseudowire Emulation
19

PW c xy dng t yu cu cung cp a dch v trn 1 nn tng h tng mng duy nht, nhm thay th cho cc mng dch v song song hin ti. PW l c ch ti to li c tnh ca cc knh dch v lp 1 v lp 2 nh Frame Relay hoc TDM qua mng chuyn mch gi (PSN). PW l 1 knh m phng c th mang cc PDU (Protocol data Units) gia cc thit b khch hng qua mng ca nh cung cp dch v.

www.ct-in.com.vn

November 20, 2013

M hnh tham kho


20

Mt hoc nhiu Attachment Circuit c s dng kt ni gia PE v CE. Pseudowire l knh o gia 2 PE lin kt 2 Attachment Circuit. Attachment Circuit c th l Etherne Port, Ethernet VLAN, PPP Session, Frame Relay Link v.v.
November 20, 2013

www.ct-in.com.vn

Kin trc ca Pseudowire


21

Bao gm 3 lp (layer)

PSN layer: ch ra thng tin v a ch mng ca PE (IPv4, IPv6, hoc MPLS header). Thit b mng s dng PSN xc nh ng dn cho cc gi tin Pseudowire.
Lp ng gi: bao gm cc lp con tch v ng gi Pseudowire. Payload layer: Mang cc gi thng tin di cc dng khc nhau. VD: c th l Frame Relay, ATM, Ethernet...

www.ct-in.com.vn

November 20, 2013

Kin trc ca Pseudowire


22

www.ct-in.com.vn

November 20, 2013

Thit lp Pseudowire
23

C th thit lp Pseudowire theo 3 cch:


Cu

hnh bng tay: Ngi qun tr s thit lp cc thng s cho PW hon ton bng tay. Giao thc bo hiu ng C ch t ng

www.ct-in.com.vn

November 20, 2013

Chun ha Pseudowire Emulation


24

IETF a ra cc nhm lm vic khc nhau a ra cc xut lin quan n PW:


Pseudowire Emulation Edge-to-Edge (PWE3) working group Layer 2 VPN working group Layer 2 Tunneling Protocol working group Draft-martini Draft-Kompella

Hai chun cho PW:


C 2 bn draft u p ng cu hi: lm th no hon thin vic xy dng PW qua mng chuyn mch gi, nhng gii php a ra hon ton khc nhau.
www.ct-in.com.vn November 20, 2013

Draft Martini
25

M t lm th no c th thit lp PW gia 2 attachment circuit gia 2 PE. S dng LDP lm giao thc qung b VC. nh ngha phn m rng Pseudowire cho LDP Cn thit lp knh o ti 2 u PE. Pseudowire c thit lp khi mi PE gi v nhn thng tin v nhn ca pseudowire. H tr cc dch v point-to-point lp 2: FR, ATM, Ethernet, VLAN, PPP, HDLC.
www.ct-in.com.vn November 20, 2013

Draft Kompella
26

S dng BGP lm giao thc bo hiu. Khi cn thm CE Router, khng cn cu hnh li cc PE Router c, ch cn cu hnh ti PE mi.

www.ct-in.com.vn

November 20, 2013

So snh
27

Network topology phc tp


Kh nng m rng

draft-martini Individual point-to-point pseudowires

draft-kompella Fully meshed point-to-point pseudowires

Kh nng ng dng
Signaling protocol Discovery protocol

Thp Km vi m hnh Full Mesh, bnh thng vi m hnh bt k. Cao, lm vic tt vi dch vj lp 1&2 High; works well on both Layer 2 and Layer 1 services LDP Khng h tr autodiscovery Wide vendor support

Cao Cao vi full-mesh Topology, km vi m hnh ty . Bnh thng, lm vic tt hn cc m hnh khc khi kt ni trc tip vi FR hoc ATM BGP BGP Limited vendor support

Support base

www.ct-in.com.vn

November 20, 2013

28

Kin trc dch v VPN lp 2


www.ct-in.com.vn

Kin trc dch v VPN lp 2


29

Kin trc dch v VPN truyn thng. Cng ngh AToM (Any Transport Over MPLS) Cng ngh L2TPv3

www.ct-in.com.vn

November 20, 2013

Cng ngh VPN lp 2 truyn thng


30

Cc cng ngh s dng cho dch v VPN lp 2 truyn thng:


Frame ATM

Relay

Data-link

switching (DLSw) Virtual private dial-up network (VPDN)

www.ct-in.com.vn

November 20, 2013

Cng ngh AToM


31

AToM l phng thc dng chuyn cc dng gi tin khc nhau qua mng MPLS Nguyn l chung ca n l xy dng hai kt ni o (VC) LSPgia hai im PE . Mt VC-LSP cho la lng i ra, VC cn li truyn lu lng vo. VC LSP c phn bit vi nhau bng cc nhn MPLS m c gn bng tay hoc thng qua giao thc LDP
www.ct-in.com.vn November 20, 2013

Cng ngh AToM


32

S dng 2 nhn MPLS


Nhn

pha trn dng chuyn mch trong mng MPLS Nhn pha di xc nh knh o tng ng.

www.ct-in.com.vn

November 20, 2013

Cng ngh AToM Cc thnh phn ca AToM


33

VC c thit lp gia 2 PE Router.

www.ct-in.com.vn

November 20, 2013

AToM Dch v gia Frame relay v ATM


34 IP/MPLS Backbone QoS enabled on Layer 2 characteristics like Frame Relay Discard Eligible (DE) & ATM Cell Loss Priority (CLP)

PE
Customer Site

PE
Pseudowire
Customer Site

PE

Frame Relay PVC

ATM VC Multiple pseudowires are carried over a single Tunnel LSP

www.ct-in.com.vn

November 20, 2013

Cng ngh AToM Cc giao thc h tr


35

AToM h tr mt di rng cc giao thc lp 2: PPP, HDLC, Ethernet, Frame Relay, ATM. PPP over MPLS: hot ng theo trng thi transparent. PE Router khng tham gia vo qu trnh trao i bn tin PPP. HDLC over MPLS: cho php truyn cc bn tin HDLC qua mng MPLS. Ethernet over MPLS (EoMPLS): phn chia Pseudowire theo

Untagged Ethernet frames: gi tin khng c VLAN. IEEE 802.1q tagged Ethernet VLAN frames: Gi tin phn chia theo VLAN
www.ct-in.com.vn November 20, 2013

Cng ngh AToM Cc giao thc h tr


36

Frame Relay over MPLS (FRoMPLS): PE Router chuyn cc frame FR da trn giao din u vo v gi tr DLCI. ATM over MPLS: phn chia Pseudowire theo hai dng:

ATM AAL5 ATM Cell

www.ct-in.com.vn

November 20, 2013

37

Cng ngh Ethernet over MPLS

www.ct-in.com.vn

November 20, 2013

Ti sao dng EoMPLS


38

Ethernet Service Provider Customer Site 1

Ethernet

Customer Site 2

?
Ethernet
Customer Site 1
www.ct-in.com.vn

Ethernet Customer Site 2


November 20, 2013

M hnh EoMPLS
39

EoMPLS

CE1

Ethernet

PE1
Service Provider MPLS Domain

Ethernet

CE2

Customer Site 1

PE2

Customer Site 2

Attachment Circuits

Attachment Circuits Attachment Circuits c th l interface vt l, interface vlan hoc EoMPLS Tunnel

Ethernet Customer Site 1

Ethernet

Customer Site 2
www.ct-in.com.vn November 20, 2013

Khi nim EoMPLS


40

c m t trong draft-martini. Cho php truyn ti frame Ethernet qua mng chuyn mch nhn MPLS. S dng knh o (Virtual Circuit) kt ni gia 2 PE. Thm 1 nhn cho VC vo sau nhn u tin.

www.ct-in.com.vn

November 20, 2013

M hnh EoMPLS
41

EoMPLS c th hot ng theo 2 m hnh:


Raw

mode (Port-tunneling mode): Ethernet frame c th c hoc khng c VLAN. VLAN mode: Mi frame u c VLAN, VLAN ny c ngha i vi c PE Router u vo v ra.

www.ct-in.com.vn

November 20, 2013

nh dng gi tin
42

Tunnel Header s dng cho vic chuyn mch trong mng MPLS. VC Header phn bit gia cc VC ti PE.
www.ct-in.com.vn November 20, 2013

Khi nim VC ID
43

Attachment Circuits 2

Attachment Circuits 2

Xconnect to PE2 VC ID = 2
CE1 PE 1

Xconnect to PE1 VC ID = 2
PE2 CE2

Customer Site 1

EoMPLS 2 EoMPLS 1 Service Provider MPLS Domain

Customer Site 2

Attachment Circuits 1

Attachment Circuits 1

Xconnect to PE2 VC ID = 1

Xconnect to PE1 VC ID = 1
November 20, 2013

www.ct-in.com.vn

Thit lp VC
44

Targeted LDP Session

PE1

P1
P2

P3

PE2
Company X

Company X

PE1 bt u phin LDP trc tip remote vi PE2 PE1 t gi tr nhn VC cc b v kt ni n vi VC ID c cu hnh ti giao din li vo LDP hoc TDP cn cu hnh gia PE v P. a ch Loopback cn dng cho LDP
www.ct-in.com.vn November 20, 2013

Thit lp VC
45

1 2

VC Label Mapping VC Label Mapping

PE1

P1

P2

P3

PE2
Company X

Company X

Hon i nhn VC sau khi thit lp PW.


www.ct-in.com.vn November 20, 2013

Chuyn tip lu lng


46

www.ct-in.com.vn

November 20, 2013

Chuyn tip lu lng


47

www.ct-in.com.vn

November 20, 2013

M hnh cung cp cc dch v VPN


48

Mng Metro ti cc tnh thnh ch cung cp dch v L2VPN. M hnh cung cp:
Dch

v L3VPN c phn cch ti PE Router trong mng IP Core ca VTN. Khch hng c to 1 kt ni L2VPN ln n PE Router.

www.ct-in.com.vn

November 20, 2013

M hnh cung cp MPLS L3VPN


49
VN2 IP VPN VN2 PE VN2 PE MP-BGP HQ

1q

Access PW CE

Access

Core PW

Core PW

PW Access Core Access

www.ct-in.com.vn

November 20, 2013

CE