overview of provider backbone bridging and integration ... frame b-tagged frame b-da b-sa b-tag...

BRKSPG-2203

Overview of Provider Backbone Bridging and Integration Alternatives with Virtual Private LAN Service

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco PublicBRKSPG-2203 2

Agenda

Introduction

Principles of PBB Network Operation

PBB Bridge Model

PBB Resiliency and Protection Mechanisms

Challenges in (H-)VPLS

PBB Integration with (H-)VPLSVPLS

PBB in H-VPLS with Ethernet Access

PBB in H-VPLS with MPLS Access

Migration Options

Summary


About This Session

This session discusses Provider Backbone Bridging (PBB – IEEE 802.1ah) technology.

A primer of PBB is presented along with explanation of the principles of network operation.

Applicability of PBB to Carrier Ethernet service providers and integration with virtual private LAN service (VPLS) are discussed.

Interoperability scenarios of PBB with VPLS are covered with emphasis on how the combined solution addresses existing challenges in VPLS.


Introduction


Overview

Provider Backbone Bridging (PBB) defines an architecture & protocol that enables Service Providers to build large scalable Ethernet bridged networks.

Support up to 224 service instances per bridged domain

Provide customer MAC address hiding from SP core

Standardized in IEEE as Std. 802.1ah-2008.

Builds upon and extends Provider Bridging (IEEE 802.1ad, aka Q-in-Q).


Hierarchical Network Architecture

802.1QCustomer Bridges

802.1ahProvider Backbone Bridging Network (PBBN)

802.1adProvider Bridging Network (PBN)

H1 … H200

BEB2BEB1

BCB 1

BCB 2

BCB 3

BCB 4

CE1

CE2

PEB1 PEB2

PB1

H201 … H400

Backbone Edge Bridges (BEB)

Backbone Core Bridges (BCB)


Provider Backbone Bridge Taxonomy

802.1ad S-VLAN Bridge

Typical BEBfor 802.1ad to 802.1ah inter-connect (UNI)

Typical BEB for inter-provider interconnect (E-NNI)

For 802.1ad to 802.1ah interconnect & for hierarchical PBB networks


Operation at a Glance

PBB provides a ‘MAC tunneling’ scheme to transport Ethernet frames between BEBs.

BEBs are responsible for translating frames to/from new PBBformat.

All intelligence is on BEBs. BCBs are regular 802.1adProvider Bridges.

Allows upgrading from 802.1ad to 802.1ah by updating the edge nodes only.

BEB2BEB1

BCB 4

SiSiSiSiSiSi SiSiSiSiSiSi SiSiSiSiSiSi

SiSiSiSiSiSi

BCB 2BCB 3BCB 1

BEB3BEB4

Customer Frame Customer Frame

PBB-encapsulated Frame

PBB encapsulation / decapsulationPBB encapsulation / decapsulation


PBB Frame Format

Service Instance ScalabilityNew 24-bits Service Instance Identifier (I-SID) instead of 12-bits VLAN

Domain Isolation & MAC-Address ScalabilityEncapsulate Customer MAC frames at the edge of the network into Backbone MAC frames: New MAC header

Backwards Compatibility with IEEE 802.1adEthertype of B-VLAN is the same as 802.1ad S-VLAN (0x88a8)

PBB leverages existing L2 control plane mechanisms

PayloadC-TAGC-SAC-DAB-TAGB-SAB-DA

I-TAG: Contains 24 Bits toIdentify a Service Instance

B-TAG: same Ethertype as S-TagSecond MAC-Header

FCSS-TAGI-SID… .

Overview


PBB Frame Formats

I-Tagged Frame

B-Tagged Frame

S-Tag Data FCSC-TagB-DA B-SA B-Tag I-Tag

C-DA: Customer Destination AddressC-SA: Customer Source AddressFCS: Frame Check SequenceC-Tag: 802.1Q VLAN / Customer VLAN Tag – C-VLAN TagS-Tag: Service Provider VLAN Tag – S-VLAN Tag

C-SAC-DAI-PCP RES I-SIDI-DEI UCA

Bits 3 1 1 3 24 48 48

Priority Code Points

Drop Eligibility Indication

Use Customer AddressesReserved

Service Instance Identifier

S-Tag Data FCSC-TagB-DA B-SA I-Tag

B-DA: Backbone Destination AddressB-SA: Backbone Source AddressB-Tag: Backbone VLAN (B-VLAN) TagI-Tag: Service Instance (I-SID) Tag

EtherType: 0x88e7

EtherType: 0x88a8EtherType: 0x88e7

Variants


Principles of PBB Network Operation


Service Mapping and Bundling

S-VLANs from access mapped or bundled into I-SIDs on BEBs.

I-SID provides service identification in PBB network.Global in scope within a single operator’s network

I-SIDs bundled into B-VLANs for transport over PBB core.

B-VLAN defines transport topology in PBB network (e.g., a spanning-tree).

BCBs802.1ad

802.1ah

802.1ad

BEB

BEB BEB

BEB

I-SIDS-VLANB-VLAN


Addressing and BEB Identification

Each BEB uniquely identified by one or more unicast B-MAC addresses.

Additionally, a BEB may listen in to one or more B-MAC multicast group addresses

B-MAC addresses guaranteed to be unique within a provider’s network & may be administered by operator.

C-MAC Address

B-MAC Address

BCBs

802.1ad

802.1ah

802.1adBEB

BEB BEB

BEB

B1

B2 B3

B4C1

C2

C3

C4

802.1QCE

802.1QCE


MAC Address Learning

Backbone Edge Bridge (BEB):Learn and forward based on both Customer MAC (C-MAC) and Backbone MAC (B-MAC) addresses

Build a mapping of C-MAC to B-MAC addresses

Backbone Core Bridge (BCB):Learn and forward based on B-MAC addresses only

C-MAC Address Space

B-MAC Address Space

BCBs

802.1ad

802.1ah

802.1adBEB

BEB BEB

BEB


Bridge Forwarding Database (FDB) Identification

Backbone Edge Bridge (BEB):B-MAC Address Space: FDB selected based on B-VLAN

C-MAC Address Space:

For frames ingress from access, FDB selected based on S-VLAN

For frames ingress from core, FDB selected based on I-SID

Backbone Core Bridge (BCB):FDB selected based on B-VLAN

BCBs

802.1ad

802.1ah

802.1adBEB

BEB BEB

BEB

S-VLAN I-SID

B-VLAN


Network Packet Flow

Ingress BEB encapsulates frame with PBB headerB-MAC DA is set to egress BEB’s MAC address (learnt via reverse traffic)

B-MAC SA set to ingress BEB’s MAC address

I-SID determined based on S-VLAN & B-VLAN determined based on I-SID

Egress BEB strips off PBB encapsulation

C-MAC Address

B-MAC Address

802.1ad 802.1ah 802.1ad

Ingress BEB

BEB BEB

Egress BEB

B2 B3C1 C4

802.1Q CE

802.1Q CE

C4 C1 C-VLAN

C4 C1 B3 B2 C4 C1

DA SA

DA SA B-DA B-SA C-DA C-SA

S-VLAN C-VLAN S-VLAN C-VLANB-VLAN I-SID

C4 C1DA SA

S-VLAN C-VLAN

Known Unicast


Network Packet Flow

Ingress BEB encapsulates frame with PBB headerB-MAC DA is set to B-MAC multicast group address

B-MAC SA set to ingress BEB’s MAC address

I-SID determined based on S-VLAN & B-VLAN determined based on I-SID

One or multiple egress BEBs listen in to the group address

C-MAC Address

B-MAC Address

802.1ad 802.1ah 802.1adBEB BEB

B2 G3C1

802.1Q CE

802.1Q CEG3G3

C4

C4 C1 C-VLAN

C4 C1 G3 B2 C4 C1

DA SA

DA SA B-DA B-SA C-DA C-SA

S-VLAN C-VLAN S-VLAN C-VLANB-VLAN I-SID

C4 C1DA SA

S-VLAN C-VLAN

Ingress BEB

Egress BEB

Multicast, Broadcast and Unknown Unicast


Network Packet Flow

Default B-MAC multicast group address for customer multicast, broadcast and unknown unicast is the ‘Backbone Service Instance Group Address’:

Operator can override the default by administering multicast group addresses based on:

I-SID

I-SID + Customer multicast MAC DA

00-1E-83 I-SID

Backbone Service Instance Group address OUI

B-MAC Multicast Group Addresses


Service Interfaces

Map all untagged, C-VLAN tagged and priority tagged frames to a single S-VLAN / I-SID.

Allows connecting the following to PBB network:IEEE 802.1Q C-VLAN bridge

IEEE 802.1D Bridge (VLAN unaware)

Router

End-station

802.1ad 802.

1ah

BEB80

2.1Q

Port Mode

C-VLAN I-SID

802.1Q 802.1ad

802.1ah802.1ah

Port-Based Service Interface (UNI)


Service Interfaces

Port Mode: All S-VLANs on UNI mapped to single I-SID

S-VLAN Mode: Single S-VLAN on UNI mapped to single I-SID

Need not carry S-VLAN over PBB network

S-VLAN Bundle Mode: Group of S-VLANs on UNI mapped to single I-SID

802.1ad 802.

1ah

BEB

802.

1ad

802.1ad 802.

1ah

BEB

802.

1ad

802.1ad 802.

1ah

BEB80

2.1a

d

Port Mode S-VLAN Mode S-VLAN Bundle Mode

802.1Q 802.1ad

802.1ah

S-VLAN I-SID S-VLAN I-SID S-VLAN I-SID

802.1ah

S-Tagged Service Interface (UNI)


Service Interfaces

I-Tagged Service Interface used for inter-provider interconnect (E-NNI), supports:

Bundling I-SIDs into B-VIDs Allow independent provider topologies for same service

Translating I-SIDs Scope of I-SID limited to single provider

Translating B-MAC destination addresses Allow per-provider multicast group definition

802.

1ah

802.1ad 802.

1ah

BEBBEB

B-VLAN I-SID I-SID B-VLAN

I-Tagged Frames

802.1Q 802.1ad

802.1ah802.1ah

I-Tagged Service Interface (Inter-provider NNI)


Service Interfaces

C-VLAN Mode: Single C-VLAN on UNI mapped to single I-SID

Need not carry C-VLAN over PBB network

C-VLAN Bundle Mode: Group of C-VLANs on UNI mapped to single I-SID

Note: this is an extension beyond IEEE Std 802.1ah-2008

802.1ad 802.

1ah

BEB

802.

1Q

802.1ad 802.

1ah

BEB

802.

1QC-VLAN Mode C-VLAN Bundle Mode

C-VLAN I-SID C-VLAN I-SID

802.1Q 802.1ad

802.1ah802.1ah

C-Tagged Service Interface (UNI)


802.1ah Bridge Model


Reminder: Provider Backbone Bridge Taxonomy

802.1ad S-VLAN Bridge

Typical BEBfor 802.1ad to 802.1ah inter-connect (UNI)

Typical BEB for inter-provider interconnect (E-NNI)

For 802.1ad to 802.1ah interconnect & for hierarchical PBB networks

Focus


BEB Architecture

I-Component

802.1ah IB-BEB

802.1ad PBBCoreI-Component

B-Component

I-Component:Learns & forwards based on customer MAC addresses

Maintains a mapping table of C-MACs to B-MACs

Performs PBB encapsulation/decapsulation on PIP

B-Component:Learns and forwards based on Backbone MAC addresses

Push / pop B-VLAN on CBP

Customer Network Port (CNP)

Provider Instance Port (PIP)

Customer Backbone Port (CBP)

Provider Network Port (PNP)

IB-BEB Components


BEB Architecture

I-Component802.1ah IB-BEB


B-Component

Customer Network Port (CNP)

Provider Instance Port (PIP)

Customer Backbone Port (CBP)

Provider Network Port (PNP)

int gig 1/0service instance 1 ethernetencapsulation dot1q 20bridge-domain 100 c-mac

ethernet mac-tunnel virtual acme.combridge-domain 130 service instance 21 ethernetencapsulation i-sid 12000bridge-domain 100 c-mac

int gig 3/0service instance 30 ethernetencapsulation dot1q 130bridge-domain 130

ORint gig 3/0switchportswitchport mode trunkswitchport allowed vlan 130

int gig 1/0.1 l2transportencapsulation dot1q 20

int gig 3/0.1 l2transportencapsulation dot1q 130

l2vpnbridge group bg1bridge-domain 100 interface gig1/0.1pbb edge i-sid 12000 core-bridge 130

bridge-domain 130 interface gig3/0.1pbb core rewrite ingress tag push dot1q 130 symmetric

IOS CLI

IOS-XR CLI

IB-BEB Configuration


BEB Architecture

I-Component

802.1ah IB-BEB


B-Component

CNP:• Classify ingress frames based on S-VLAN & identify corresponding bridge-domain / I-SID

C-DA S-VLAN C-VLAN

S-VLAN C-VLANI-SID

B-VLAN I-SIDC-SA

B-DA B-SA C-DAC-SA

S-VLAN C-VLANC-DAC-SAB-DA B-SA

B-MAC: B1

B-MAC: B2

IB-BEB Packet Pipeline - Imposition


BEB Architecture

I-Component

802.1ah IB-BEB


B-Component


I-Component Relay: •Learn C-MAC SA• Lookup C-MAC DA & identify corresponding B-MAC DA

C-DA S-VLAN C-VLAN

S-VLAN C-VLANI-SID

B-VLAN I-SIDC-SA

B-DA B-SA C-DAC-SA


B-MAC: B1

B-MAC: B2



BEB Architecture

I-Component

802.1ah IB-BEB


B-Component


PIP:• Encapsulate customer frame with PBB encapsulation using B-MAC SA of the PIP

I-Component Relay: •Learn C-MAC SA• Lookup C-MAC DA & identify corresponding B-MAC DA

C-DA S-VLAN C-VLAN

S-VLAN C-VLANI-SID

B-VLAN I-SIDC-SA

B-DA B-SA C-DAC-SA


B-MAC: B1

B-MAC: B2



BEB Architecture

I-Component

802.1ah IB-BEB


B-Component



CBP:• Classify ingress frames based on I-SID• Push B-VLAN & identify corresponding bridge-domain• Optional: translate I-SID and B-MAC DA I-Component Relay:

•Learn C-MAC SA• Lookup C-MAC DA & identify corresponding B-MAC DA

C-DA S-VLAN C-VLAN

S-VLAN C-VLANI-SID

B-VLAN I-SIDC-SA

B-DA B-SA C-DAC-SA


B-MAC: B1

B-MAC: B2



BEB Architecture

I-Component

802.1ah IB-BEB


B-Component





B-Component Relay:• Learn B-MAC SA• Lookup B-MAC DA & identify egress PNP

C-DA S-VLAN C-VLAN

S-VLAN C-VLANI-SID

B-VLAN I-SIDC-SA

B-DA B-SA C-DAC-SA


B-MAC: B1

B-MAC: B2



BEB Architecture

I-Component

802.1ah IB-BEB


B-Component





B-Component Relay:• Learn B-MAC SA• Lookup B-MAC DA & identify egress PNP

PNP:• Filter egress frames based on B-VLAN. Forward non-filtered frames onto PBB core

C-DA S-VLAN C-VLAN

S-VLAN C-VLANI-SID

B-VLAN I-SIDC-SA

B-DA B-SA C-DAC-SA


B-MAC: B1

B-MAC: B2



BEB Architecture

I-Component

802.1ah IB-BEB


B-Component

PNP:• Classify ingress frames based on B-VLAN & identify bridge-domain

C-DA S-VLAN C-VLAN

S-VLAN C-VLANI-SID

B-VLAN I-SIDC-SA

B-DA B-SA C-DAC-SA


B-MAC: B1

B-MAC: B2



BEB Architecture

I-Component

802.1ah IB-BEB


B-Component

B-Component Relay:• Learn B-MAC SA• Lookup B-MAC DA & identify egress CBP


C-DA S-VLAN C-VLAN

S-VLAN C-VLANI-SID

B-VLAN I-SIDC-SA

B-DA B-SA C-DAC-SA


B-MAC: B1

B-MAC: B2

IB-BEB Packet Pipeline - Disposition


BEB Architecture

I-Component

802.1ah IB-BEB


B-Component

CBP:• Filter egress frames based on I-SID• Pop B-VLAN & forward to I-Component• Optional: translate I-SID and B-MAC DA B-Component Relay:

• Learn B-MAC SA• Lookup B-MAC DA & identify egress CBP


C-DA S-VLAN C-VLAN

S-VLAN C-VLANI-SID

B-VLAN I-SIDC-SA

B-DA B-SA C-DAC-SA


B-MAC: B1

B-MAC: B2



BEB Architecture

I-Component

802.1ah IB-BEB


B-Component

PIP:• Filter ingress frames whose B-MAC DA doesn’t match the PIP’s address.• Classify ingress frames based on I-SID and identify bridge-domain. • Decapsulate PBB header.

CBP:• Filter egress frames based on I-SID• Pop B-VLAN & forward to I-Component• Optional: translate I-SID and B-MAC DA B-Component Relay:

• Learn B-MAC SA• Lookup B-MAC DA & identify egress CBP


C-DA S-VLAN C-VLAN

S-VLAN C-VLANI-SID

B-VLAN I-SIDC-SA

B-DA B-SA C-DAC-SA


B-MAC: B1

B-MAC: B2



BEB Architecture

I-Component

802.1ah IB-BEB


B-Component


CBP:• Filter egress frames based on I-SID• Pop B-VLAN & forward to I-Component• Optional: translate I-SID and B-MAC DA

I-Component Relay: • Learn C-MAC SA / B-MAC SA association• Lookup C-MAC DA to identify egress CNP.



C-DA S-VLAN C-VLAN

S-VLAN C-VLANI-SID

B-VLAN I-SIDC-SA

B-DA B-SA C-DAC-SA


B-MAC: B1

B-MAC: B2



BEB Architecture

I-Component

802.1ah IB-BEB


B-Component

CNP:• Filter egress frames based on S-VLAN & forward non-filtered frames


CBP:• Filter egress frames based on I-SID• Pop B-VLAN & forward to I-Component• Optional: translate I-SID and B-MAC DA

I-Component Relay: • Learn C-MAC SA / B-MAC SA association• Lookup C-MAC DA to identify egress CNP.



C-DA S-VLAN C-VLAN

S-VLAN C-VLANI-SID

B-VLAN I-SIDC-SA

B-DA B-SA C-DAC-SA


B-MAC: B1

B-MAC: B2



BEB Architecture

I-BEBComprises I-Component onlyConnects to 802.1ad/802.1Q network over CNPConnects to B-BEB over PIP

B-BEBComprises B-Component onlyConnects to either I-BEB or another B-BEB over CBPConnects to Backbone Core Bridge over PNP

Note: Packet flows are identical to counterpart components in IB-BEB

802.1ah I-BEB

I-Component B-Component

802.1ah B-BEB

CNP PIPCBP PNP

PBBCore

To:

I-BEB or B-BEB

To:

B-BEB

802.1Q/ 802.1ad

I-BEB and B-BEB Components


Putting it All Together— an Example PBBN

I-BEB

B-BEB

IB-BEB

B-BEB

BCB

I-BEB

B-BEB

B-BEB

802.1adS-VLAN bridge

802.1QC-VLAN bridge

PBBNHierarchical PBBN

Peer PBBN

I-Tagged UNI

S-Tagged UNI

Port-based UNI

I-Tagged E-NNI

Provider NetworksCustomer Networks

Peer PBN I-BEB

B-BEB


PBB Resiliency and Protection Mechanisms


PBN to PBBN Resilient Interconnect Rules

BEB

BEB

BEB

BEB

PBBN

BEB

BEB

BEB

BEB

PBBN

PBN PBN

PBNPBN

1. Each PBN and PBBN runs an independent spanning-tree.

Spanning Tree

Spanning Tree

Spanning Tree Spanning

Tree

Spanning Tree

1

11

11

Spanning Tree 1

2

2. No PBN-to-PBN backdoors. Interconnect between PBNs is via PBBN always.

3

3. For PBN dual-homed to a PBBN, a data-frame passes in/out through a single interconnect point. (i.e. floods over interconnect are not perpetuated)

4S-VLAN 100

S-VLAN 100

4. If PBN connects to multiple PBBNs, an S-VLAN is connected to only one serving PBBN.


Service Interface Protection— Class I and II

Class I interconnect provides no resiliency.

Class II interconnect offers link redundancy.Leverages Link Aggregation as defined in IEEE 802.1AX-2008.

Desirable to have the load-balancing based on service-instance boundaries (i.e. active/standby mode, or S-VLAN/I-SID based load-balancing)

BEB

PBBNCustomer Network

BEB


Class I Class II

Note: BEB can be I-BEB, B-BEB or IB-BEB - i.e. applies to S-Tagged and I-Tagged service interfaces.


Service Interface Protection—Class III

Class III interconnect offers node and link protection by connecting multiple customer nodes to multiple BEBs.

Note: Each customer node is single-homed to exactly one BEB

Possible to use Class II interconnect for each link of Class III interface.

When applicable, protection mechanism for Class II interconnect takes precedence, before Class III protection kicks in.

BEB


CN1

Class III

CN2BEB


MST Access Gateway (MST-AG)

BEBs are configured to send static pre-configured BPDUs towards access.

One BEB advertises itself as root (lowest Bridge ID / Priority)

Second BEB advertises second lowest Bridge ID / Priority & with zero cost path to root.

Advantage: allows multiple access networks to be dual-homed to same pair of BEBs while maintaining control-plane separation between them.

Customer Network

BEB 1

BEB 2

Customer MSTPBBN MST

PB

PB

MST-AG Port

Root Advertisement

2nd best bridge advertisement

Setup

Refer to BRKSPG-2207 for more details on resiliency mechanisms.


MST Access Gateway (MST-AG)

Upon failure of primary uplink, Customer Network reacts by failing over to secondary uplink and inform BEB of failover via TCN.

BEB sends MRP-based MAC flush notification (MIRP1 or MVRP) over PBBN to remote BEBs to flush MAC address tables.

1: MIRP under standardization in IEEE draft 802.1Qbe

Customer Network

BEB 1

BEB 2

Customer MST

PB

PB

MST-AG Port

!I-SID MAC Flush Notification

BEB

BEB

TCN

Failover Operation


Multi-Chassis Link Aggregation Control Protocol (mLACP)

Dual-homed Device (DHD) runs standard IEEE 802.3ad LACPwith BEBs.

BEBs run Inter-chassis Communication Protocol (ICCP1) among them to synchronize state and appear as a single ‘Virtual LACPPeer’ to DHD.

Provides link and node redundancy for DHD.

Active/Standby Redundancy Model

ICCP

BEB 1

BEB 2

PBBN MST DHD

LACP

Virtual LACP Peer

1: Under Standardization in IETF - draft-ietf-pwe3-iccp

Setup


Multi-Chassis Link Aggregation Control Protocol (mLACP)

Upon failure of primary uplink, DHD & BEBs react by failing over to secondary uplink via LACP procedures.

BEB sends MRP-based MAC flush notification (MIRP or MVRP) over PBBN to remote BEBs to flush MAC address tables.

ICCP

BEB 1

BEB 2

DHD

LACP

Virtual LACP Peer

!

I-SID MAC Flush Notification

BEB

BEB

Failover Operation


Resilient Ethernet Protocol (REP)

BEBs run REP with the access ring, and MST with the PBBN.

REP supports per-VLAN load-sharing over the access ring.VLANs are mapped to an ‘instance’, where one instance runs clockwise and another counter-clockwise on the ring.

Advantage: REP supports fast restoration on failure.

Customer Network

BEB 1

BEB 2

PBBN MST

PB

PB

REP Segment Endpoint

PB PB

PBPB

REP

Setup


Resilient Ethernet Protocol (REP)

Upon failure of primary uplink, REP reacts by failing over the affected instance to the secondary segment termination point, and sends a MAC flush indication to BEB.

BEB sends MRP-based MAC flush notification (MIRP or MVRP) over PBBN to remote BEBs to flush MAC address tables.

Customer Network

BEB 1

BEB 2

PB

PB PB PB

PBPB

REP

!I-SID MAC Flush Notification

BEB

BEB

MAC flush

Failover Operation


Challenges in (H-)VPLS


Service Instance Scalability

In H-VPLS with 802.1ad (Q-in-Q) access, each bridged network is limited to 4094 service instances.

Limitation is due to 12-bits S-VLAN identifier space.

IP/MPLSCore 802.1ad802.1ad

CE1

CE2

CE4

CE3

PB1 PB2PE BPE A

4094 service instances


MAC Address Scalability

In VPLS / H-VPLS all PEs that perform MAC-layer bridging need to learn customer MAC addresses.

As number of customers increases, the number of these addresses grows significantly (hundreds of thousands or even millions).

When CE is a bridge (as opposed to router), PEs are exposed not only to CE MAC address but customer end-station addresses, compounding the effect.

IP/MPLSCore 802.1ad802.1ad

CE1

CE2

CE4

CE3

PB1 PB2PE BPE A

Customer MAC Address learning


Pseudowire Scalability

H-VPLS today requires dedicated spoke & full-mesh of pseudowires per service instance.

Due to possibility of overlapping customer MAC addresses

This is true even if two services happen to terminate over the same source and destination PEs.

Above translates to signaling overhead (e.g. with targeted LDP) and poses a scalability challenge.

IP/MPLSCore

MPLS Access

CE1

CE2

CE4

CE3

U-PE U-PEN-PEN-PE

MPLS Access


PBB Integration with (H-)VPLS


Status of Technology

PBB integration with (H-)VPLS is an emerging technology that addresses previously mentioned challenges in (H-)VPLS

PBB & (H-)VPLS Interoperability is actively being defined by Cisco and other contributors in IETF:

draft-ietf-l2vpn-pbb-vpls-interop

draft-ietf-l2vpn-pbb-vpls-pe-model


Interoperability Scenarios at a Glance

Topology Access Network

PE Service Interface BEB Functionality on

VPLS N/A S-Tagged/C-Tagged PE

H-VPLS Ethernet B-Tagged PE

H-VPLS MPLS S-Tagged/C-Tagged U-PE


int gig 1/0description UNI-CE1service instance 1 ethernetencapsulation dot1q 20bridge-domain 100 c-mac

!int gig2/0description UNI-CE2service instance 1 ethernetencapsulation dot1q 20bridge-domain 100 c-mac

!ethernet mac-tunnel virtual acme.combridge-domain 130service instance 21 ethernetencapsulation i-sid 12000bridge-domain 100 c-mac

!interface vlan 130xconnect vfi VPLS-130!l2vfi VPLS-130 manualneighbor <IP-PE-B> 200 pw-class mpls

VPLS

IP/MPLSCore

CE2

CE3

802.1Q or 802.1adService Interface

B-MAC: A1

PE BB-MAC: B1

PE A

H1

H4

IB-BEB IB-BEB

Configuration

CE1


VPLS

Incorporate IB-BEB functionality into the VPLS PE

Ingress PE encapsulates customer 802.1Q/802.1ad frames in PBBheader and then forwards on EoMPLS pseudowires (PWs).

Egress PE disposes of MPLS header then performs PBBdecapsulation and forwards customer frame over attachment circuit.

IP/MPLSCore

CE2

CE3

802.1Q or 802.1ad Service Interface

B-MAC: A1

PE BB-MAC: B1

PE A

H1

H4

C-DA

H4 H1

B1 A1

MPLS Encapsulation

S-DA S-VLAN C-VLAN Data FCS

C-DA

H4 H1

S-DAS-VLAN C-VLAN DataB-DA S-DA I-SIDB-VLAN

H4

IB-BEB IB-BEB

FCS

Packet Flow


VPLS

Single VPLS instance (i.e. full mesh of PWs) is used to multiplex many customer service instances

I-SID field in PBB encapsulation provides the service identification.

Single VFI for multiple customers is possible because B-MAC addresses are globally unique within a provider’s network

1 VPLS instance per B-VLAN

IP/MPLSCore

CE2

CE3

PE B

H1

H4PE A

S-VLANI-SID B-VLAN VPLS Instance

Service Multiplexing


VPLS

Reduce the number of PWs in the core by multiplexing many customer service instances over the same PW full-mesh.

Maintain a full-mesh per B-VLAN.

Many I-SIDs map to the same B-VLAN.

Advantages of PBB Integration


H-VPLS with Ethernet Access—B-Tagged Service Interface


IP/MPLSCore

802.1ah802.1ahCE1

CE2

CE4

CE3

BEB AB-MAC: A1

BEB BB-MAC: B1PE B

PE A

H1

H4

IB-BEB IB-BEB

BCB BCB

Configuration


!ethernet mac-tunnel virtual acme.combridge-domain 130 service instance 21 ethernetencapsulation i-sid 12000bridge-domain 100 c-mac

!int gig 3/0description CORE-FACINGdot1q tunneling ethertype 0x88a8service instance 30 ethernetencapsulation dot1q 130bridge-domain 130

int gig 1/0description ACCESS-FACINGdot1q tunneling ethertype 0x88a8service instance 1 ethernetencapsulation dot1q 130bridge-domain 130

!interface vlan 130xconnect vfi VPLS-130!l2vfi VPLS-130 manualneighbor <IP-PE-B> 20 pw-class mpls



IB-BEB functionality on aggregation switch connecting to CE (e.g. BEB A & BEB B).

H-VPLS access/aggregation network is PBB instead of 802.1ad /Q-in-Q.

VPLS PE connects to BCB over B-Tagged service interface

IP/MPLSCore

802.1ah802.1ahCE1

CE2

CE4

CE3


BEB AB-MAC: A1

BEB BB-MAC: B1PE B

PE A

H1

H4

IB-BEB IB-BEB

BCB BCB

C-DA

H4 H1


H4

B1 A1

MPLS Encapsulation C-DA

H4 H1

S-DAS-VLAN C-VLAN DataB-DA S-DA I-SIDB-VLAN FCS

H4

B1 A1

C-DA

H4 H1


Packet Flow



PE functions as per today’s VPLS (e.g. RFC4762), transparent to PBB encapsulation.

Treats B-VLAN as if it were S-VLAN (same EtherType)1:1 mapping of B-VLAN to VFI / VPLS instanceB-VLAN provides transparent multiplexing of customer services (i.e. I-SIDs) over the same VFI / VPLS instance

Applies to tightly-coupled service domainsSame I-SID space in all aggregation networksCongruent I-SID to B-VID bundling in all aggregation networks

IP/MPLSCore

802.1ah802.1ahCE1

CE2

CE4

CE3


BEB AB-MAC: A1

BEB BB-MAC: B1

PE BPE A

H1

H4

IB-BEB IB-BEB

BCB BCB

B-VLANVPLS InstanceVFI

VFI




Support up to 224 service instances per access network, compared to 4094 with 802.1ad access.

Reduce the number of PWs in the core by multiplexing many customer service instances over the same PW full-mesh.

Better MAC address scalability on the VPLS PE, by learning B-MAC addresses instead of C-MAC addresses.

Existing VPLS PE implementations can be used unchanged (i.e. PE upgrade not required)



H-VPLS with MPLS Access—BEB on U-PE

IP/MPLSCore

MPLS Access

MPLS Access

N-PE A N-PE B

U-PE AB-MAC: A1

CE 1CE3

CE2


U-PE BB-MAC: B1

H1

H4

IB-BEB IB-BEB

Configuration


!ethernet mac-tunnel virtual acme.combridge-domain 130service instance 21 ethernetencapsulation i-sid 12000bridge-domain 100 c-mac

!interface vlan 130xconnect <N-PE-A> 30 pw-class mpls!

l2 vfi VPLS-130 manual vpn id 130 neighbor <N-PE-B> 20 pw-class mplsneighbor <U-PE-A> 20 pw-class mpls no-split-horizon!interface vlan 130xconnect vfi VPLS-130!



IB-BEB functionality on U-PEs.U-PEs perform PBB encapsulation / decapsulation

U-PE provides 802.1Q or 802.1ad service interface to CE.

PBB over MPLS encapsulation in access and core.

IP/MPLSCore

MPLS Access

MPLS Access

N-PE A N-PE B

U-PE AB-MAC: A1

CE 1CE3

CE2


U-PE BB-MAC: B1

H1

H4

H4

B1 A1

MPLS Encapsulation C-DA

H4 H1


C-DA

H4 H1


IB-BEB IB-BEB

Packet Flow



One or more S-VLANs are mapped to an I-SID

One or more I-SIDs mapped into B-VLAN.

B-VLAN has a 1:1 mapping to VFI (spoke PW in this case).

Both spoke (access) PWs and PW full-mesh in the core multiplex several customer service instances.

IP/MPLSCore

MPLS Access

MPLS Access

N-PE A N-PE B

CE 1CE3

CE2802.1Q or 802.1adService InterfaceU-PE B

B-MAC: B1

H1

H4

IB-BEB IB-BEB

Spoke PWI-SID B-VLANS-VLAN




Reduce the number of PWs in the access and the core by multiplexing many customer service instances over the same PW full-mesh.

Better MAC address scalability on the N-PE, by learning B-MAC addresses instead of C-MAC addresses.

C-MAC address learning confined to U-PEs



PBB and VPLS Interoperability: Summary of Advantages

Topology Access Network

PE Service Interface

BEB Functionality on

Advantages

VPLS N/A S-Tagged/ C-Tagged

PE Reduce # of PWs in core

H-VPLS Ethernet B-Tagged PE Support up to 224 services per access network

Reduce # of PWs in core

Enhanced MAC address scalability on PE

No PE upgrade required

H-VPLS MPLS S-Tagged/ C-Tagged

U-PE Reduce # of PWs in access network

Reduce # of PWs in core

Enhanced MAC address scalability on N-PE


Migration Options


Overview

For Service Providers that already deployed VPLS, migrating to PBB-VPLS must not require a forklift upgrade.

Three migration options are explored next.


Option 1: 802.1ad over MPLS in Core

PE that connects new PBB-capable access network to core (e.g. PE C) terminates PBB encapsulation.

Advantage: No changes to existing access networks.

Disadvantage: Communication between two PBB-capable access networks requires PBB-to-802.1ad-to-PBB translation.

MPLSCore PBB / PBB-MPLS

Access802.1ad / MPLS Access

PE B PE C

PE ACE 1CE3

CE2

PE D

Terminate PBB

802.1ad 802.1ad over MPLS 802.1ahEthernet Access

MPLS Access802.1ad over MPLS

802.1ad over MPLS 802.1ah over MPLS


Option 2: PBB over MPLS in Core

PE that connects existing PBB-incapable access network to core (e.g. PE B) terminates PBB encapsulation.

Advantage: PW scalability in core, MAC address scalability on PBB capable PEs.

Disadvantage: Requires upgrade of PEs connecting existing access networks to the core.

PBB-MPLSCore PBB / PBB-MPLS

Access802.1ad / MPLS Access

PE B PE C

PE ACE 1CE3

CE2

PE D

Terminate PBB

802.1ad 802.1ah over MPLS 802.1ahEthernet Access


802.1ah over MPLS 802.1ah over MPLS


Option 3: Mixed Core

PE that connects new PBB-capable access network to core (e.g. PE C and PE F) decide whether or not to terminate PBB depending on capability of the far end access network.

Advantages: PW scalability in core, MAC address scalability on PBB capable PEs, no upgrade to existing networks.

MixedCore

PBB / PBB-MPLS Access

802.1ad / MPLS Access

PE B

PE C

PE ACE 1

CE3

CE2

PE D

Selectively Terminate PBB

802.1ah 802.1ah over MPLS 802.1ahEthernet Access

MPLS Access802.1ah over MPLS

802.1ah over MPLS 802.1ah over MPLS

CE 4

PBB / PBB-MPLS Access

802.1ah 802.1ad over MPLS 802.1ahEthernet Access


802.1ad over MPLS 802.1ah over MPLS

PE E PE F


Migration Options: Summary

Option Ethernet frame format over core

Pros Cons

1 802.1ad No upgrade for existing access networks

PBB-to-PBB access network communication requires double translation (to/from 802.1ad)

2 PBB PW scalability in core

MAC address scalability on PE of PBB access network

Requires upgrade of PEs in existing access networks

3 Mixed 802.1ad and PBB

PW scalability in core

MAC address scalability on PE of PBB access network

No upgrade for existing access networks


Summary


PBB—Summary

PBB is an IEEE technology that defines a MAC tunneling mechanism.

PBB addresses the issue of service instance scalability by defining a 24-bit service identification field (I-SID)

PBB solves the issue of MAC address scalability in service provider networks by confining customer MAC address learning to the edge and mapping C-MAC addresses to Backbone MAC addresses on BEBs.


PBB Integration with (H-)VPLS—Summary

PBB integration with (H-VPLS) allows SPs to leverage the advantages of both technologies.

Combined solution allows PEs to achieve better MAC address scalability.

Combined solution allows reduction of the number of PWs in the network.

Combined solution allows H-VPLS with native Ethernet access to scale beyond 4K service instances per bridged access network.


IEEE 802.1ahPlatform Support

Scalable Edge Services

Cisco 7600IOS 12.2(33)SREES+ linecards

CiscoASR 9000IOS-XR 3.9.1


Acronyms

AcronymB-BEB B-Component BEB

BCB Backbone Core Bridge

B-DA Backbone Destination Address

BEB Backbone Edge Bridge

B-MAC Backbone MAC Address

B-SA Backbone Source Address

B-Tag B-VLAN Tag

B-VLAN Backbone VLAN

C-DA Customer Destination Address

CE Customer Equipment (Edge)

C-MAC Customer MAC Address

C-SA Customer Source Address

C-Tag C-VLAN Tag

C-VLAN / CE-VLAN Customer VLAN

DA Destination MAC Address

EoMPLS Ethernet over MPLS

FCS Frame Check Sequence

H-VPLS Hierarchical VPLS

IB-BEB Combined I-Component & B-Component BEB

I-BEB I-Component BEB

IEEE Institute of Electrical and Electronics Engineers

AcronymIETF Internet Engineering Task Force

I-SID Instance Service Identifier (24 bits)

I-Tag I-SID Tag

LSM Label Switched Multicast

MAC Media Access Control

MPLS Multi-protocol Label Switching

N-PE Network-facing Provider Edge device

PB Provider Bridge

PBB Provider Backbone Bridge/Bridging

PBBN Provider Backbone Bridging Network

PBN Provider Bridging Network

PE Provider Edge device

PW Pseudowire

Q-in-Q VLAN tunneling using two 802.1Q tags

SA Source MAC Address

S-Tag S-VLAN Tag

S-VLAN Service VLAN (Provider VLAN)

UNI User to Network Interface

U-PE User-facing Provider Edge device

VFI Virtual Forwarding Instance

VLAN Virtual LAN

VPLS Virtual Private LAN Service


Complete Your Online Session Evaluation

Give us your feedback and you could win fabulous prizes. Winners announced daily.

Receive 20 Cisco Preferred Access points for each session evaluation you complete.

Complete your session evaluation online now (open a browser through our wireless network to access our portal) or visit one of the Internet stations throughout the Convention Center.

Don’t forget to activate your Cisco Live and Networkers Virtual account for access to all session materials, communities, and on-demand and live activities throughout the year. Activate your account at any internet station or visit www.ciscolivevirtual.com.

http://www.ciscolivevirtual.com/�


References

IEEE Standard 802.1ah-2008

draft-ietf-l2vpn-pbb-vpls-interop

draft-ietf-l2vpn-pbb-vpls-pe-model

draft-ietf-pwe3-iccp


Related Sessions

BRKSPG-2204: Building Carrier Ethernet Services Using Cisco Ethernet Virtual Circuit (EVC) Framework.

BRKSPG-2207: Redundancy Mechanisms for Carrier Ethernet and Layer 2 VPN Services.

overview of provider backbone bridging and integration ... frame b-tagged frame b-da b-sa b-tag...

Documents