VPLS removes complexity from networks

Editor's note: Click here for the RFID Tech Update.

Many network managers wish to connect their geographically dispersed locations with a protocol-transparent, any-to-any, full-mesh service. This is difficult for service providers to achieve with existing network architectures such as ATM and frame relay.

Virtual Private LAN Service (VPLS) has emerged to meet this need. A proposed IETF standard, VPLS is a class of VPN that supports the connection of multiple sites in a single bridged domain over a managed IP/Multi-protocol Label Switching (MPLS) network. All services in a VPLS appear to be on the same LAN, regardless of location. This removes complexity from enterprise networks, and lets carriers scale the networks.

A VPLS presents an Ethernet interface to customers, simplifying the LAN/WAN boundary for service providers and customers, and enabling rapid and flexible service provisioning, because the service bandwidth is not tied to the physical interface. A 100M bit/sec interface can support a service-level agreement with anywhere from 1M to 100M bit/sec of customer traffic, typically in increments of 1M bit/sec.

A VPLS uses edge routers that can learn, bridge and replicate on a per-VPLS basis. These routers are connected by a full mesh of MPLS label switched path (LSP) tunnels, enabling any-to-any connectivity. Multiple services can be carried within each LSP tunnel.

All services in a VPLS are identified by a unique virtual channel label, which is exchanged between each pair of edge routers.

Edge routers use these virtual channel labels to demultiplex traffic arriving from different VPLS nodes over the same LSP tunnel. Label switch routers in the path switch traffic based on the outer (transport) label, so the virtual channel label is only visible to the final edge router, where the service terminates.

As traffic arrives on access ports, edge routers collect customers' media access control (MAC) addresses. Each router populates the addresses in a forwarding information base, or table of MAC addresses, it maintains for each VPLS node. All customer traffic is switched according to MAC addresses, and forwarded across the service provider network using the appropriate LSP tunnels.

Because most companies use routers for their WAN connections, the edge routers in a VPLS are exposed only to a single MAC address at each customer location, thus each edge router can scale to support thousands of VPLS services.

In many situations, multiple customers in the same location wish to use a VPLS. Rather than have each customer use a separate physical connection into the nearest edge router, VPLS provides a hierarchical approach. A less-expensive multitenant unit switch is deployed at the customer premises and a spoke connection multiplexes traffic between the MTU switch and the edge router.

This spoke might use stacked IEEE 802.1q virtual LAN tags in which the outer tag identifies each customer and the inner tag identifies traffic within the customer's network. Alternatively, the spoke might use MPLS LSP and virtual channel labels, creating a point-to-point connection between the MTU switch and each edge router.