Introduction To L2 Transport &

Tunneling Technologies
(aka L2VPN)

James Moffat
Consulting Systems Engineer
[email protected]
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 1
 Objectives

• Define what the leading drivers for L2VPN

over packet switched infrastructure are?
• Outline the IETF’s role in L2VPN evolution.
• Provide a technical review of emerging
L2VPN technologies for IP & MPLS cores.
• Demonstrate how application of L2VPNs is
meeting the challenges of Service
Providers.

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 2
 Agenda

• Why L2VPNs ?
• Pseudowire Overview
• Layer 2 Tunneling Protocol (L2TPv3)
• Any Transport over MPLS (AToM)
• Virtual Private LAN Services
• L2VPN Applications

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 3
 Realizing profitability on IP Networks…
Increasing the “Top Line”
Add Service Opportunities
• Services that Customers Need
• Content hosting, streaming media
• IP VPN services
• VoIP and multicast Video
• More Customers on existing solutions
Cost
Profitability

Revenue • CapEx:
CapEx:
• Investment protection
• Cost savings
• OpEx:
OpEx:
• Configuration and provisioning
• Network Architecture “streamline”
• Bandwidth efficiencies:
Reduce Operations Cost
Increasing the “Bottom Line”

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 4
 Current Major Access Methods

Vertical Systems Group 2001 URL://www.verticalsystems.com

55
Worldwide L2 Access
50 Market Forecasts*
45

40

35
Billions $US

30

25

20

15

10

0
YEAR 2001 2002 2003 2004

ATM 37% CAGR Frame Relay 19% CAGR Leased Line 2% CAGR

*NB. New and Emerging Access Methods e.g. Metro Ethernet, Broadband Wireless etc.
ACC-1000 not projected here but supported by Unified VPN
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 5
 VPN Deployments Today:
Technology & VPN Diversity

Access Different Access Technologies Access

Different Core Solutions
Only Partial Integration

IP/ IPsec MPLS or IP IP/ IPsec

FR/ATM FR/ATM
Broadband ATM Broadband

Ethernet SONET Ethernet

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 6
 Consolidated Core –
Supports…

Access Different Access Technologies Access

Complete Integration

IP/ IPsec IP/ IPsec

MPLS or IP

FR/ATM FR/ATM
Broadband Broadband

Ethernet Ethernet

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 7
 Summary of Benefits for L2VPNs

• New Service Opportunities

Virtual leased line Service
Offer “PVC like” Layer 2 based service
• Reduced Cost – Consolidate multiple core technologies
into a single packet-based infrastructure
• Simplify Services - Layer 2 transport provide options for
Service Providers who need to provide L2 connectivity and
maintain customer autonomy.
• Protect Existing Investments - Greenfield networks to
extend customer access to existing Layer 2 networks
without deploying an old-world infrastructure.
• Feature Support – Through the use of IOS features such
as IPsec, QoS and Traffic Engineering, L2 transport can be
tailored to meet customer requirements
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 8
 Agenda

• Why L2VPNs ?
• Pseudowire Overview
• Layer 2 Tunneling Protocol (L2TPv3)
• Any Transport over MPLS (AToM)
• Virtual Private LAN Services
• L2VPN Applications

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 9
 A brief word about L2 / L3 VPNs

Layer 3 VPNs Layer 2 VPNs

•Provider
Provider devices forward
•Provider
Provider devices forward
customer packets based
customer packets based
on Layer 3 information
on Layer 2 information
(e.g., IP)

•SP
SP involvement in •Tunnels,
Tunnels, circuits, LSPs,
routing MAC address

•MPLS/BGP
MPLS/BGP VPNs (RFC
2547), GRE, virtual •““pseudo-
pseudo-wire” concept
router approaches
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 10
 Pseudo Wire Reference Model

Customer Customer
Site Site
PSN Tunnel

Pseudo Wires PWES

PWES
PE PE

PWES PWES Customer

Customer
Site Site

Emulated Service
A pseudo-wire (PW) is a connection between two provider edge (PE) devices
which connects two pseudo-wire end-services (PWESs) of the same type

Service Types:
• Ethernet • HDLC
• 802.1Q (VLAN) • PPP
PWES
• ATM VC or VP • Frame Relay VC
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 11
 Pseudo Wire –
Basic Building Blocks

Control Scale through: Session Management, Error Notification,

Connection L2 Access management interworking, etc.
Required Components

This is the delivery header of the encapsulated packet.

Transport This can be a Label (MPLS) or an IP Header. (Typically
Component the IP address of the Loopback interface on Provider
Edge (PE) routers.

Tunneling A Unique identifier used to identify a particular circuit /

Component port on a given PE. (VC Label or VC ID)

The Layer 2 PDU that is the subject of transport (I.e.

L2 PDU traffic received from the Customer Edge router,
typically Ethernet, Frame Relay, HDLC frames,..etc.)

“Connectivity between PEs assumed; verified through ICMP or LSP ping.”

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 12
 What is an L2VPN?
IETF’s L2VPN Logical Context

• An L2VPN is comprised of switched

connections between subscriber
endpoints over a shared network.
Non-subscribers do not have SP Interconnection
Provider
access to those same endpoints. Edge

Remote Subscriber Location

SP Network

Provider
Edge
Pseudowire

FR Many subscriber
ATM
encapsulations
supportable
PPP HDLC
Ethernet
ACC-1000 Some L1 frame encapsulations are transportable under the framework of L2VPN. This
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. is acceptable since (unlike native L1) Frames can be dropped due to congestion. 13
 What is an L2VPN?
Pseudowire Abstraction Enables…

• Transport over non-Native Backbones

• Co-existence with other Encapsulations Bridged
• Service Interworking Ethernet
(i.e., swapping subscriber’s UNI encapsulation) over ATM

One Ethernet Example: SP Network CE

EoMPLS Pseudowire

Ethernet VLAN CE
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 14
 Pseudo Wire –
IETF Working Groups

Internet Area Transport Area

L2TPEXT L2VPN PWE3
L2TP(v2 & v3): VPLS, VPWS, IPLS: AToM:
- Extensions to RFC2661 - Solution Architectures - PWE3 Architecture
- Control Plane Operation - PE Discovery - PWE3 Requirements
- AVPs - Signaling (with PWE3) - LDP Control Channel
- Updated data plane - L2VPN OAM extensions - L2 Service Encap Specifics
- Relevant MIBs - Relevant MIBs - TDM, CES, etc.
- Relevant MIBs

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 15
 IETF Standardization Activity

• IETF working group PWE3

‘Pseudo Wire Emulation Edge to Edge’;
Requirements detailed in
• draft-ietf-pwe3-requirements
• draft-ietf-pwe3-framework
• Develop standards for the encapsulation & service
emulation of “pseudo wires”
Across a packet switched backbone
• Focused on Point-to-Point circuit emulation
PSN tunnel -> GRE, MPLS, L2TP
Service -> Ethernet, ATM, PPP, FR, HDLC and so on ..
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 16
 Pseudo Wire –
Cisco IETF Technology Adoption

• Layer 2 Transport
– L2TPv3
• draft-ietf-l2tpext-l2tp-base
– MPLS (P2P, formerly draft-martini)
• draft-ietf-pwe3-control-protocol
• draft-ietf-pwe3-[atm, frame-relay, ethernet, etc.]
• Layer 2 VPN (VPLS)
• draft-ietf-l2vpn-vpls-ldp
• No VPLS draft for native IP
• Auto-Provisioning
• draft-ietf-l2vpn-signaling (BGP auto-discovery)
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 17
 Service Offerings
L2VPN Transport Services

ATM Frame Relay Ethernet

VPWS VPLS
AAL5 over FR over Pseudowire Ethernet Relay Ethernet Multipoint
Pseudowire Service (ERS) Service (EMS)

Muxed UNI Muxed UNI Muxed UNI

Unmuxed
UNI
Cell Relay w/ packing
over Pseudowire Ethernet Relay
PPP/HDLC over Ethernet Wire Service
Pseudowire (EWS) Multipoint Service
(ERMS)
Muxed UNI

Muxed
Unmuxed UNI Unmuxed UNI
UNI
Other variants …

PPP/HDLC
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 18
 Agenda

• Why L2VPNs ?
• Pseudowire Overview
• Layer 2 Tunneling Protocol (L2TPv3)
• Any Transport over MPLS (AToM)
• Virtual Private LAN Services
• L2VPN Applications

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 19
 Layer 2 Tunneling Protocol version 3

L2TPv3
Frame Relay Frame Relay
ATM ATM
IP Core
Leased Line Leased Line
Ethernet Ethernet

• L2TPv3 for customers that ƒ A standards track open

prefer a native IP network architecture allows
extensibility to many
• Provides ability to transport transport types
layer 2 traffic across IP
packet-based core networks ƒ Efficient header for high
performance
• Based on a well-established decapsulation
lineage of protocols:
ƒ Configuration on the edge
• L2TPv2 and pre-standards routers (PEs) only!
Cisco innovation – Universal
Transport Interface (UTI)

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 20
 Layer-2 Transport over IP

Control
L2TP Control Connection
Connection Used for Session ID Negotiation, Withdrawal, Error Notification

‘Emulated Circuits’ have 3 layers of encapsulation

Transport Delivery Header (IPv4 Header)

Component to transport an L2 PDU from ingress to egress PE;
Comprised of IPv4 loopback addresses (DA, SA)
Demultiplexer field (L2TPv3 Header)
Tunneling
Component to identify individual circuits within a tunnel;
(4 byte Session ID + Optional 8 byte Cookie)
L2 Specific Sublayer + Payload (Layer 2 PDU)
L2 PDU Basic Priority & Sequence Support

ACC-1000
L2 Payload:ATM, HDLC, PPP, Ethernet, Frame Relay, etc.
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 21
 Layer-2 Transport over IP
L2TP Control Channel
Control
Connection Session ID Negotiation, Circuit/Session Status, Error Notification, etc.

0 15 31

Session ID (0x0000)

T L x x S x x x x x x x Version Length
12.0(23)S
Control Connection ID
Ns Nr

T – Set to 1, indicates this is a control message

L, S – For a control message, this must be set to 1 indicating the presence of Length &
Sequence fields
x – Reserved for future extensions.
Ver – Indicates which version of L2TP is in use. This field must be set to 3.
Length – Indicates the total size of the control message in octets, starting with the T bit.
Control Connection ID – A locally significant ID, it is the peer’s ID not it’s own.
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 22
 L2TP Control Connection Highlights

• Dynamic Sessions
L2TP Control Connection and sessions for each Pseudowire are setup
and torn down dynamically, no need to configure each individually.
• “In band” Data and Control Plane
If the Control Connection is active, the “IP path” between L2TP
Connection endpoints is likely good.
• Keepalive
Hello message provides periodic keepalive, dead-peer and path
detection for all sessions associated with a given Control Connection.
• Tunnel Authentication
Shared-secret tunnel authentication for Control Connection
• LMI Interworking - Circuit Status
Integration with various circuit LMI to provide circuit status updates
without tearing down L2TP session.
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 23
 Negotiating Circuit Identification –
VC Information Exchange

• Optional Control Connection provides scalable

session negotiation and reliable VC management
Keepalive (Hellos)
Tunnel authentication
• Session IDs are negotiated between L2TP Endpoints
Negotiated in L2TPv3 Control Messages (ICRQ, ICRP, ICCN),
and applied to L2TPv3 Data Messages
• Attribute Value Pairs (AVPs) are used to describe the
session and provide optional parameters
Described in draft-ietf-l2tpext-l2tp-base-10.txt

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 24
 L2TPv3 – Session Negotiation

IC[xx] messages are exchanged

for each new PW that is
CE1 provisioned. CE
1. Xconnected circuit
transitions to an active
4. PE2 replies to the
state
request from PE1 and
confirms the call should
be processed (ICRP)
5. Negotiated Session
PE1 PE2 IDs are now prepended
3. PE1 requests a call to to the PW and PDUs can
2. PE1 starts a control be forwarded.
be setup from connection with PE2 if one
PE2.(ICRQ,ICRN) doesn’t already exist.
(SCCRQ, SCCRP, SCCRN)

IPv4 Header L2TPv3 Header PDU

Bi-directional Session ID exchange initiated by

one of the LCCEs
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 25
L2TPv3 –
Data Messages
IPv4 Header L2TPv3 L2 PW Cntrl Layer 2 PDU
(20 Bytes) Header Encap (variable)

Session ID Session Cookie

(4 Bytes) (0 – 8 Bytes)

IPv4 Header - The delivery header for the Tunnel. Always destined for an LCCE.
L2TPv3 header – Consists of two parts; (1) Session ID used to uniquely identify the
correct Session on the Remote system, and (2) the Cookie used as an added measure of
session integrity between peers.
L2 PW Control Encapsulation - Sequence numbers, priority bits, and any additional flags
needed to support the L2 emulation for the given PW type. There is a default defined in the
L2TPv3 base specification, though this may vary among PW types if necessary.
Payload - Payload to be transported by L2TPv3. Typically the entire link-level frame.

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 26
 Default L2-Specific Sublayer

IPv4 Header L2TPv3 L2 PW Cntrl Layer 2 PDU

(20 Bytes) Header Encap (variable)

PS x x x x x x Sequence Number

PW emulation enhancements (optional):

(P)riority – Used to give higher priority to PW packets that shouldn’t be dropped
during congestion. This is not a hop-by-hop QoS bit. Per-hop QoS should
utilize IP ToS (DSCP) settings.
(S)equencing - Indicates the presence of sequence numbers and can be used in
services such as ATM / Frame-Relay, etc. (2^24 Looping Counter, includes 0)
(x) – Reserved
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 27
 L2TPv3 –
Highlights of IP Data Plane

• ICMP Data Plane Validation

Simple Ping validates data path (no T-LSP validation required)

• Path MTU
Leverage the Control Plane to communicate the data plane MTU
between LCCEs
Fragment IP packets before entering PW

• Time-to-Live
Control the scope of routable space for the L2TPv3 packets

• Type-of-Service (DSCP)
Set the Precedence bits of the encapsulating header
May ‘reflect’ the TOS bits from framed and tunneled IP payloads

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 28
 ATM Transport over L2TPv3

• Two main requirements for the transport of

ATM across an MPLS backbone
AAL5 encapsulated frames (RFC1483)
ATM cells (cell relay)
• Multiple modes of operation
AAL5 Transport – VC Mode
ATM Cell Relay – VC, VP, Port Mode
Cell Packing – VC / VP / Port Mode

ACC-1000 Note: Check L2VPN Roadmap for specific feature & platform support
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 29
 AAL5 Encapsulation Details
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
ATM-
ATM-Specific PS XX T G C U 0 0 Length Sequence number
Word

AAL5 CPCS-
CPCS-SDU

• Support AAL5 SDU Mode:

– Ingress port discards PAD and CPCS-PDU trailer
– Egress port rebuilds PAD and AAL5 trailer

• ATM-Specific Sublayer is Required (Similar to AToM)

• Control word flags encapsulate transport type, EFCI,
CLP, C/R bit
• OAM emulation and transparency
– Emulation terminates at the local PE
– Transparent passes OAM cells across the pseudowire
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 30
 Virtual Path –
Cell Relay Encapsulation Details
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
ATM-
ATM-Specific PS XX T G C U 0 0 Length Sequence number
Word

VPI VCI PTI C

ATM Cell Payload

• Each ATM VP maps to a single L2TPv3 Session

• Support for any ATM Adaptation Layer
• F4 / F5 OAM Cells are transported transparently
• ATM-Specific Sublayer and Sequence Number
• Cell Packing Capable
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 31
 ATM Transport over L2TPv3
OAM Cell Support and ILMI

• OAM emulation signaled via AVP (AAL5-SDU only)

• Pass (Transport) through supported for AAL5/CR/CP
• Emulation possible for AAL5-SDU only
• Emulation provides periodic loopback cells, AIS/RDI
generation
ILMI:
• Label withdrawal initiated if PVC goes down
• Remote CE notified via ILMI after label withdrawal

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 32
 Frame Relay Transport over L2TPv3

• Frame Relay Connection Types

Port Trunking (HDLC encap, like encaps req.)
DLCI-to-DLCI Switching

• Encapsulation Support
Cisco, IETF (RFC1490)
Does not require like encaps on both sides

• LMI Support
Cisco, ANSI, Q933a
¾ DLCI-to-DLCI, LMI types can differ
¾ Port-to-Port, LMI must be the same

ACC-1000
Note: Check L2VPN Roadmap for specific feature & platform support
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 33
 Frame Relay Encapsulation Details
DLCI to DLCI
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

Session ID

Cookie (Optional)

C E E
DLCI DLCI F B D Frame Relay Payload
R A A
0x7e
FCS

• Unique Session ID per DLCI

• Frame Relay PDUs are transported without the start
flag and Frame Check Sequence (FCS)
• Default L2-Specific sub-layer is optional
• BECN, FECN, DE & C/R bits are carried within the
original frame
• DLCI value is re-written, if necessary, on egress port
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 34
 Frame Relay Encapsulation Details
Port Mode
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

Session ID

Cookie (Optional)

C E E
DLCI DLCI F B D Frame Relay Payload
R A A
0x7e
FCS

• Used to trunk between switches carrying

multiple PVCs
• All DLCIs on the port use the same Session ID
• VCs are not individually visible
• The L2-Specific sub-layer is optional
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 35
 Frame Relay over MPLS
Link Management Interface

• For DLCI-to-DLCI mode:

PVC Status is conveyed with Set Link Info
(SLI) messages (Active, Inactive, Deleted)
Remote CE notified via LMI after label
withdrawal
• LMI frames transported transparently
for port mode

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 36
 Ethernet Transport over L2TPv3

• Two modes of operation

Port
VLAN
• Point-to-Point configuration
• ISL not supported

ACC-1000
Note: Check L2VPN Roadmap for specific feature & platform support
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 37
 Ethernet Encapsulation Details
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

Session ID

Cookie (Optional) 4Bytes Depicted

Ethernet Payload
0x7e
FCS
Discarded

• Frame are transported without preamble and FCS

• L2-Specific sub-layer is not required
• 802.1Q tag may be rewritten in VLAN mode
• PE port requires promiscuous mode for proper
operation
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 38
 PPP/HDLC Transport over L2TPv3

• Simplest PW model (transparent frame pass-

through)
• PEs do not participate in PPP negotiation
• ACs must have similar physical
characteristics (e.g. sync / async, PPP
Multilink)

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 39
 PPP/HDLC Encapsulation Details
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

Session ID

Cookie (Optional) 4 Byte Depicted

PPP / HDLC Payload

0x7e
FCS
Discarded

• HDLC frames transported without frame flags

and FCS
• PPP frames transported without frame flags,
media-specific framing info and FCS
• The L2-Specific sub-layer is optional, may be
used to ensure out-of-sequence detection
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 40
 L2TPv3 –
CLI Example
802.1Q VLAN over IP

pseudowire-class vlan-hi-priority
encapsulation l2tpv3
ip local interface Loopback0
ip pmtu
ip tos value 5
!
interface loopback 0
ip address 172.18.255.1 255.255.255.255
!
interface FastEthernet5/1.150
encapsulation dot1Q 150
xconnect 172.18.255.3 150150 pw-class vlan-hi-priority

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 41
 L2TPv3 –
Summary

• L2TPv3 is used for the point to point transparent

transport of Layer 2 PDUs across and native IP
cores.
• L2TPv3 uses control messages (ICRQ, ICRP, etc.) to
negotiate Session IDs and session specific AVPs
• L2TPv3 can use an optional L2-Specific sub-layer to
preserve ensure out-of-sequence detection and
discard
• L2TPv3 provides interworking with native service
management protocols to maintain VC status via
SLI messages (ex. LMI, ILMI, etc.)
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 42
 Agenda

• Why L2VPNs ?
• Pseudowire Overview
• Layer 2 Tunneling Protocol (L2TPv3)
• Any Transport over MPLS (AToM)
• Virtual Private LAN Services
• L2VPN Applications

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 43
 AToM
Any Transport Over MPLS

Layer 2 Transport for MPLS Networks

HDLC/PPP
Frame Relay
Ethernet
802.1Q
ATM AAL5 & Cell Relay
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 44
 Any Transport over MPLS (AToM)
AToM
Frame Relay Frame Relay
ATM ATM
MPLS Core
Leased Line Leased Line
Ethernet Ethernet

‰ Provides ability to transport layer 2 ‰ Designed for Any-to-Any

traffic across MPLS packet-based connectivity
core networks, extending the
richness of MPLS capabilities to L2 ‰ Service Provider does not
VPNs participate in customer routing

‰ A scalable architecture that supports ‰ Allows Service Providers to

the multiplexing of subscriber combine with Cisco IOS QoS and
connections MPLS Traffic Engineering to
provide “Virtual leased line” like
‰ A standards track open architecture services
allows extensibility to many transport
types
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 45
 Layer-2 Transport across MPLS
Control
• Two relevant drafts by Luca Martini Plane
¾ draft-ietf-pwe3-control-protocol
describes label distribution mechanisms for VC labels
ƒ draft-ietf-pwe3-atm-encap, draft-martini-ppp-hdlc-encap-mpls

Data ƒ draft-ietf-pwe3-ethernet-encap, draft-ietf-pwe3-frame-encap, etc.

Plane describes emulated VC encapsulation mechanisms

• Layer 2 Transport Options:

¾ Frame Relay
¾ ATM AAL5 & ATM Cell Relay
¾ Ethernet, 802.1q (VLAN)
¾ POS
¾ TDM, Cisco HDLC & PPP
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 46
 Layer-2 Transport across MPLS

Control
Directed LDP
Connection Used for VC-Label Negotiation, Withdrawal, Error Notification

‘Emulated Circuits’ have 3 layers of encapsulation

Transport Tunnel Header (Tunnel Label)
Component
to get PDU from ingress to egress PE;
MPLS LSP derived through LDP or RSVP-TE

Tunneling
Demultiplexer field (VC Label)
Component to identify individual circuits within a tunnel;
could be an MPLS label, L2TPv3 header, GRE Key, etc.
Emulated VC encapsulation (Control Word)
L2 PDU
(Emulated) information on enclosed Layer-2 PDU;
ACC-1000
implemented as a 32-bit control word
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 47
 AToM Control Connection Highlights

• Dynamic Sessions
– Directed LDP control connection negotiates VC-Labels dynamically
– Pseudowire are setup and torn down dynamically

• Reliable Control Plane

– TCP based control connection allows for guaranteed, sequenced
delivery of control messages
– LDP Hellos used for dead peer detection (targeted is a 45sec holdtime)

• LMI Interworking - Circuit Status

– Integration with native service circuit management provides a means
for circuit status updates without tearing down AToM pseudowire.

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 48
 Negotiating Circuit Identification –
VC Information Exchange
• VC labels are exchanged across a directed LDP
session between PE routers
Carried in Generic Label TLV within LDP Label Mapping
Message (RFC3036 -LDP)
• New LDP FEC element defined to carry VC
information
FEC element type ‘128 – Virtual Circuit FEC Element’;
Carried within LDP Label Mapping Message
• VC information exchanged using Downstream
Unsolicited label distribution procedures
Described in draft-martini-l2circuit-trans-mpls
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 49
 AToM – Label Mapping Exchange

PE2 repeats steps 1-5 so that

bi-directional label/VCID
CE1 mappings are establishedCE
1. L2 transport route
entered on ingress PE 4. PE1 sends label
mapping message
containing VC FEC
TLV & VC label TLV 5. PE2 receives VC
FEC TLV & VC label
3. PE1 allocates VC PE1 PE2 TLV that matches
label for new interface 2. PE1 starts LDP local VCID
& binds to configured session with PE2 if
VCID one does not already
exist

Tunnel Label VC Label PDU

Bi-directional Label / VCID mapping exchange

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 50
 VC Label Withdrawal Procedures
• If a PE router detects a condition that affects normal
service it MUST withdraw the corresponding VC
label
Through the use of LDP signalling
• A PE router may provide circuit status signalling
FR MUST through the use of LMI procedures; ATM SHOULD
PE Port Failure
through the use of ILMI procedures Triggers Group ID
LDP Label Withdraw withdrawal
VCID 320 VC Label 16
CE Port / VC
Failure Triggers
Circuit Status Layer-2 Label
Signalling PE1 PE2 Circuit Withdrawal Msg
MPLS

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 51
 Virtual Circuit FEC Element
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

VC TLV (0x80) C VC-

VC-type VC info length

Group ID

VC ID

Interface Parameters

C: Control Word (1 bit) – Control word present if bit set

VC-type (15 bits) - Type of VC e.g FR, ATM, VLAN, Ethernet, PPP, HDLC
VC info length (8 bits) – Length of VCID field and interface parameters
Group ID (32 bits) – Represents a groups of VCs. Can be used for mass label
withdrawal
VC ID (32 bits) – Connection identifier used in conjunction with the VC-type to
identify a particular VC
Interface Parameters (Variable) – Edge facing interface parameters, such as MTU
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 52
 VC Label Mapping –
Composition
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

0 Label Message (0x0400) Message Length

LDP Label Mapping Message
(Specified in RFC 3036)
Message ID

0 0 FEC TLV (0x0100) Length FEC TLV Header

(Specified in RFC 3036)
VC Info
VC TLV (0x80) 0 VC Type Length

Group ID
Virtual Circuit FEC Element
(Specified in draft-
draft-martini-
martini-l2circuit-
l2circuit-trans-
trans-mpls)
VC ID

I/F Parameters

Generic Label
0 0 (0x0200) Length Label TLV Header
(Specified in RFC 3036)
Label

Optional Parameters

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 53
 Layer-2 Transport Control Word
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

Tunnel Label Tunnel Label (LDP or RSVP) EXP 0 TTL

VC Label VC Label (VC) EXP 1 TTL (set to 2)

Control Word Rsvd FBDC 0 0 Length Sequence number

Flags Layer-
Layer-2 PDU

When transporting layer-2 protocols over an

IP or MPLS backbone: Control Word
Encap. Required
The sequence of the packets may need to be CR No
preserved;
AAL5 Yes
Small packets may need to be padded if the minimum Eth No
MTU of the medium is larger than actual packet size; FR Yes
HDLC No
Control bits carried in header of Layer-2 frame may
ACC-1000
need to be transported PPP No
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 54
 Highlights of AToM Data Plane

• MPLS-QoS
– Offer service differentiation through multi-class policies
– Set EXP bits in VC & Tunnel Labels based on ingress IP DSCP,
802.1p, FR-DE, ATM-CLP, etc.

• MPLS-TE
– Use MPLS-TE for bandwidth protection and enable “tight SLA”
– Use tunnel selection to choose which path traffic will traverse
– Fast Reroute (FRR) allows link and node protection for
pseudowires providing quick recovery times around network
failures

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 55
 ATM Transport over MPLS

• Two main requirements for the transport of

ATM across an MPLS backbone
AAL5 encapsulated frames (RFC1483)
ATM cells (cell relay)
• Multiple modes of operation
AAL5 Transport – VC Mode
Cell Relay – VC / VP / Port Mode
Cell Packing – VC / VP Mode

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 56
 AAL5 Encapsulation Details
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Control Word Rsvd T E C U 0 0 Length Sequence number

AAL5 CPCS-
CPCS-SDU

• AAL5 SDUs are encapsulated

• Control word is required
• Control word flags encapsulate transport
type, EFCI, CLP, C/R bit
• Service allows transport of OAM and RM cells

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 57
 Cell Relay Encapsulation Details
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Control Word Rsvd 0 0 0 0 0 0 Length Sequence number

VPI VCI PTI C

ATM Cell Payload

• Single cell is encapsulated

• Control word is optional
• Control word flags should be set to zero and
ignored

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 58
 Cell Packing Encapsulation Details
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Control Word Rsvd 0 0 0 0 0 0 Length Sequence number

VPI VCI PTI C

ATM Cell Payload

VPI VCI PTI C

ATM Cell Payload

• Multiple cells are packed per MPLS packet

• All cells must belong to the same VC / VP
• Packing controlled by max number of cells and timer
• Control word is optional
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 59
 ATM Transport over MPLS
OAM Cell Support and ILMI

• Transport supported for AAL5/CR/CP

• Always encapsulated in single packet
• Emulation possible for AAL5 transport
• Emulation provides periodic loopback cells,
AIS/RDI generation
• Label withdrawal initiated if PVC goes down
• Remote CE notified via LMI after label
withdrawal

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 60
 Frame Relay Transport over MPLS
Frame Relay Connection Types:
• Port to Port Switching (HDLC encap)
• DLCI-to-DLCI Switching
Encapsulation Support:
• Cisco, IETF (RFC1490)
• Does not require like encaps on both sides
LMI Support:
• Cisco, ANSI, Q933a
¾ DLCI-to-DLCI, LMI types can differ
¾ Port-to-Port, LMI must be the same
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 61
 Frame Relay Encapsulation Details
DLCI to DLCI
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Control Word Rsvd B F DC 0 0 Length Sequence number

Frame Relay Payload

• Frame Relay PDUs are transported without

header and FCS
• The control word is required
• BECN, FECN, DE & C/R bits are carried within
the control word
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 62
 Frame Relay Encapsulation Details
Port Mode
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Control Word Rsvd 0 0 0 0 0 0 Length Sequence number

Frame Relay Frame

• Frame Relay frames transported without

frame flags and FCS
• VCs are not individually visible
• The control word is optional
• Control word flags should be set to zero and
ignored
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 63
 Frame Relay over MPLS
Link Management Interface

• For DLCI-to-DLCI mode:

Label withdrawal initiated if PVC goes down
Remote CE notified via LMI after label
withdrawal
• LMI frames transported transparently for port
mode

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 64
 Ethernet Transport over MPLS

• Two modes of operation

Port
VLAN
• ISL not supported

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 65
 Ethernet Encapsulation Details
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Control Word Reserved Sequence number

Ethernet Frame

• Ethernet frames transported without

preamble and FCS
• Control word is optional
• 802.1Q tag may be rewritten in VLAN mode

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 66
 PPP/HDLC Transport over MPLS

• Simplest PW model (transparent frame pass-

through)
• PEs do not participate in PPP negotiation
• ACs must have similar physical
characteristics (e.g. sync /async, PPP
Multilink)

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 67
 PPP/HDLC Encapsulation Details
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Control Word Rsvd 0 0 0 0 0 0 Length Sequence number

PPP/HDLC Frame

• HDLC frames transported without frame flags and

FCS
• PPP frames transported without frame flags, media-
specific framing info and FCS
• The control word is optional
• Control word flags should be set to zero and ignored

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 68
 AToM –
CLI Example in 12.0(25)S
ATM Cell Relay over MPLS: VC Mode

mpls label protocol ldp

mpls ldp router-id loopback0 force
!
interface loopback 0
ip address 172.18.255.1 255.255.255.255
!
interface atm1/0
pvc 100/1 l2transport
encapsulation aal0 Å raw cell mode, no SAR
xconnect 172.18.255.3 100 encapsulation mpls

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 69
 AToM –
Summary

• AToM is used for the point-to-point transport of

Layer 2 PDUs across an MPLS enabled cores.
• AToM uses Directed LDP sessions to negotiate VC
Labels between participating peers
• AToM can use a Control Word to preserve relevant
information in transported PDUs (ex: BECN, FECN,
DE, C/R bits, etc.)
• AToM can interwork with native service
management protocols such as ILMI / LMI to
indicate local circuit status to remote peers

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 70
 Agenda

• Why L2VPNs ?
• Pseudowire Overview
• Layer 2 Tunneling Protocol (L2TPv3)
• Any Transport over MPLS (AToM)
• Virtual Private LAN Services
• L2VPN Applications

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 71
 What is VPLS ? Service or Architecture

VPLS is an end-to-end Service

PE PE
CE CE

MPLS
Network

Initial IETF drafts:

• treat PWs a logical ports of a switch
• do MAC address learning/forwarding on that logical port
• Run split horizon among the PWs to avoid STP over core

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 72
 VPLS Overview –
Building Blocks
Common VC ID
between PEs creates a
Virtual Switching MPLS enabled core
Instance forms Tunnel LSPs

PE PE
CE CE

MPLS

Full Mesh of directed

LDP sessions Attachment VCs are
exchange VC Labels Port Mode or VLAN ID

ACC-1000
CE
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 73
 VPLS –
L2 Forwarding Instance

• Requirements for this solution

MAC table instances per customer and per customer
VLAN (L2-VRF idea) for each PE
VSI will participate in learning, forwarding process
Create partial or full-mesh of EoMPLS VCs per VPLS
Usage of network “split horizon” to prevent loops
New additional VC-Type to draft-martini-trans
Announce EoMPLS VPLS VC tunnels
New additional MAC TLV to LDP

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 74
 VPLS Overview –
Flooding & Forwarding
?

Data SA ?

• Flooding (Broadcast, Multicast, Unknown Unicast)

• Dynamic learning of MAC addresses on PHY and VCs
• Forwarding:
- Physical Port
- Virtual Circuit

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 75
 VPLS Overview –
MAC Address Learning
Send me traffic 102 MAC 1 MAC 2 Data Send me traffic
with Label 102 with Label 201
PE1 PE2
CE VC Label 102 Tx CE
Tx VC Label 201
E0/0 E0/1

MAC Address Adj MAC Address Adj

MAC 2 201 MAC 2 E0/1
MAC 1 E0/0 Data MAC 1 MAC 2 201 MAC 1 102
MAC x xxx MAC x xxx

• Broadcast, Multicast, and unknown Unicast are

learned via the received label associations
• 2 LSPs associated with an VC (Tx & Rx)
• If inbound or outbound LSP is down the entire circuit
is considered down
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 76
 VPLS Overview –
L2 VPN Topology
CEs

PEs MPLS Network

- Full Mesh LDP

PE view - EoMPLS PW to each peer

• Each PE has a P2MP view of all other PEs it sees it

self as a root bridge, split horizon loop protection
• Full mesh topology obviates STP requirements in the
service provider network
• Customer STP is transparent to the SP / Customer
BPDUs are forwarded transparently
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 77
 VPLS Overview –
MAC Address Withdrawal
LDP Address Withdrawal

• Primary link failure triggers Notification Message

• PE removes any locally learned MAC addresses and
send LDP Address Withdrawal (RFC3036) to remote
PEs in VPLS
• New MAC TLV is used
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 78
 Agenda

• Why L2VPNs ?
• Pseudowire Overview
• Layer 2 Tunneling Protocol (L2TPv3)
• Any Transport over MPLS (AToM)
• Virtual Private LAN Services
• L2VPN Applications

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 79
 L2VPN Application –
Objectives

• Illustrate How L2VPNs are being utilized:

Operational Simplification through Network
Consolidation
Creative Cost Reduction for managed Services
Leveraging the PSN for New Services

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 80
 L2VPNs –
Network Consolidation
Provider Profile:
• Wireless services, updating internal infrastructure, no new
service creation

Problem:
• Next generation technology required build-out of new network
infrastructure
• Legacy services left too many overlapping networks to support,
maintain and operate.
• New high-speed network is underutilized

Q: How can the Service Provider consolidate legacy

systems by utilizing L2VPN technology?
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 81
 L2VPNs –
Pre - Network Consolidation
T1s T1s
HDLC HDLC
DS3 2G DS3

MSC MSC

DS3 2.5G DS3

MSC MSC
3G
OC-3 OC-3

MSC Regional National Regional MSC

ACC-1000 Switching Center Data Center Switching Center
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 82
 L2VPNs –
Post - Network Consolidation
Serial Connections DS3
terminated locally on
MPLS enabled Edge
Router

MSC MSC

DS3s OC-3s OC-3s DS3s

3G

MSC RSC RSC MSC

RSC
NDC

AToM PWs running

HDLC encap form
overlay for legacy
systems

MSC MPLS MSC

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved.
Domain 83
 Consolidation –
Migration Steps

• Establish base MPLS infrastructure

– Enable on P, PE routers
• Incorporate enhanced MPLS services
- Add MPLS TE Tunnels
- Add relevant QoS configurations
• Upgrade links & design
– Redundancy Considerations
– Capacity
• Migrate the MSCs to main uplinks
- Configure overlay network with AToM PWs
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 84
 Consolidation –
FRR Resiliency
CE1 FRR Link & Node Note: Only pw-class
Protection reference to MPLS-
FRR is depicted here.
PE2

PE1
P

PE1(Configuration): PE2(Configuration):
pseudowire-class HDLC_CEs pseudowire-class HDLC_CEs
encapsulation mpls encapsulation mpls
preferred-path interface Tunnel10 disable-.. preferred-path interface Tunnel10 disable-..
Serial1/0 Serial1/0.
encapsulation hdlc encapsulation hdlc
xconnect 1.0.0.1 100 pw-class HDLC_CEs xconnect 1.0.0.1 100 pw-class HDLC_CEs
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 85
 Consolidation –
Benefit Summary

• Leveraged new high speed network

• Reduced OPEX for multi-network
infrastructure
• Migration path for future L2 & L3 services
to external client base
• Enabled hardware migration for next
generation wireless gear

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 86
 L2VPNs –
Recurring Cost Reduction
Provider Profile:
• Tier 2 Service Provider, regulatory limitation prevents owning
copper last mile; ILEC leased. Providing Frame Relay, Leased
Line services

Problem:
• Recurring costs from ILEC make aggressive competition
impossible.
• Wireless bypass alone doesn’t allow existing customer’s
service protection
• Limited ability to expand.

Q: How can the Service Provider save local loop costs

without service disruption to existing customers?
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 87
 L2VPNs –
PRE - Recurring Cost Reduction
Customer Tier 1 SP Tier 2 SP Tier 1 SP Customer
CPE ATM/FR CPE
NTU NTU

DTE DTE

CPE NTU NTU CPE

Cust. Prem. Copper Access MGX Edge - FRSM Copper Access Cust. Prem.

• Nx64 TDM access provided from the ILEC

• Frame Relay encapsulation from the CPE to the MGX
• Frame Relay VCs mapped through Tier 2 SPs ATM Core

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 88
 L2VPNs –
Recurring Cost Reduction
Customer Tier 2 SP
CPE Wireless Access ATM/FR
U-PE

DTE
DCE

CPE
U-PE
Cust. Prem. MGX Edge - FRSM

L2TPv3 Tunnel
Frame Relay Encap

• L2TPv3 enables transparent Frame Relay service

• Simplifies management and reduces overhead
• Seamless ‘no-touch’ migration for the customer
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 89
 Cost Reduction –
Migration Steps

• IP enabled wireless access network deployed (out

of L2TPv3 scope)

• Swap SP1 NTUs for Cisco 1751 CPEs

– Clock Serial Interface for desired access speed
– Configure L2TPv3 FR trunking overlay on CPE
– Configure SAA responder to monitor access network

• Configure 7200 head end for PWs

– Configure channel-groups relevant to access speeds
– Configure L2TPv3 for FR trunking

• Configure SAA head end probe to Access

network response time monitoring
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 90
 Cost Reduction –
Configuration Example
RTR
1751 1.0.0.1

RTR#
1.0.0.27
rtr 1
7200 type jitter dest-ipaddr 1.0.0.27 /
1.0.0.1
dest-port 2020 request-data-size 1000

1751(Configuration): rtr schedule 1 life forever start-time now

pseudowire-class l2tpv3_1
7200(Configuration):
encapsulation l2tpv3
pseudowire-class l2tpv3_1
ip pmtu
encapsulation l2tpv3
sequencing
ip pmtu
Serial1/0
sequencing
encapsulation hdlc
Serial1/0
xconnect 1.0.0.1 100 pw-class l2tpv3_1
encapsulation hdlc
rtrACC-1000
responder
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved.
xconnect 1.0.0.1 100 pw-class l2tpv3_1 91
 Cost Reduction –
Benefit Summary

• Bypass the ILEC and reduce monthly recurring tail circuit

lease costs
– Leads to competitive pricing for Enterprise
• Enables transparent layer 2 service that supports frame
relay plus other WAN protocols, ie HDLC,PPP,802.1q etc
– No change to customer’s network required
– Frame relay flow control features still work ie FECN, BECN
– Supports both managed and unmanaged service
– Option to convert customer to ethernet without need for
additional router

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 92
 L2VPNs –
New Service Offering

Provider Profile:
• Tier 1 Service Provider with traditional voice & data
services.
Problem:
• Existing L3 data network is massively underutilized
• Upgrading legacy L2 ATM/FR network with switches
is undesirable.
• Would like to offer more competitive L2 options.
• Possibly migrate FR switches to IP backbone.
Q: How can the Service Provider take advantage of the
unused bandwidth on their existing L3 packet infrastructure?
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 93
 L2VPNs –
PRE - New Service Offering
Separate IP Core
ATM/FR
10%
3%

9%
8% 7% Europe

6%

11% 3%
12%
Asia

OC-192
OC-48
• Internet & IP-VPN traffic only OC-12

• Bandwidth glut on IP core

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved.
South America 94
 L2VPNs –
POST - New Service Offering
IP Core

FR

FR FRoL2TPv3
Europe

FR
Asia
FRoL2TPv3

OC-192
OC-48
• Resist purchasing legacy switches OC-12
• New L2 services offered cost effectively
• Drive up utilization on L3 network
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved.
South America 95
 New Service –
Preparation

• Global IP Infrastructure was Already Operational

• Update PE software to support L2TPv3 based
services (Frame Relay, Ethernet, HDLC/PPP)
• Configure QoS policies to reflect service strategy
– Configured for FR service models w / egress policing
– Subrate services for virtual leased line, TLS
• Start configuring L2TPv3 based L2VPN Services
– Configured PW classes with relevant ToS,
Sequencing and Path MTU discovery

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 96
 New Service –
QoS Configuration
7507

class-map match-all dlci200

match fr-dlci 200
policy-map vlan-hi-priority
class class-default
set ip precedence 5
policy-map Serial2-1-in
class dlci200
police cir 256000 bc 128000 be 256000 conform-action set-prec-transmit 5 exceed- /
action set-prec-transmit 0 violate-action drop
interface Serial2/0
frame-relay intf-type dce
service-policy input Serial2-1-in

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 97
 Consolidation –
Benefit Summary

• Leverage existing packet infrastructure to offer

new source of revenue
– $8M to Date
– 50+ Customers Online
• Utilize well-known native IP infrastructure
– Minimal OPEX expenditure for support
• Enterprise benefits:
– Reduces monthly WAN recurring costs
– Maintain well known Layer 2 service
– Future Layer 3 service opportunity

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 98
 L2VPN –
Summary

• Established why L2VPN technologies are

emerging as the new VPN options for PSNs
• Introduced IETF backed solutions for
addressing L2VPN market requirements
• Introduced some innovative ways Service
Providers are taking advantage of L2VPN
technologies.

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 99
Useful Links

CCO:
AToM:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s26/fsatom26.htm

L2TPv3:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s25/l2tpv325.htm

L2VPN Interworking:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s26/fsinterw.htm

ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 100
ACC-1000
8260_06_2003_X © 2003, Cisco Systems, Inc. All rights reserved. 101