EoMPLS requires that STP be enabled from site to site to provide a redundant path, so it is not a viable option for large-scale L2 extensions of bridge domains.
VPLS is a bridging technique that relies on PWs to interconnect point-to-multipoint virtu- al bridges. Because VPLS is natively built with an internal mechanism known as split horizon, the core network does not require STP to prevent L2 loops.
Figure 2-2 shows three remote sites connected via a multipath VPLS core network. Redundancy with VPLS, as shown in Figure 2-3, is difficult. In a single N-PE, split hori- zon prevents traffic from looping from one PW to another. However, with dual N-PEs per site, traffic can traverse the link between the dual N-PEs or via the aggregation switches, creating a loop.
The design goal is to maintain the link between aggregation switches in forwarding mode. At the same time, a goal is to block VPLS-associated traffic from traversing the inter-N-PE link within a data center, allowing only one N-PE to carry traffic to and from the VPLS cloud.
Even though a VPLS bridge is inherently protected against L2 loops, a loop-prevention protocol must still be used against local L2 loops in the access layer of the data centers where cluster nodes are connected. Therefore, for each solution described in this book, VPLS is deployed in conjunction with Embedded Event Manager (EEM) to ensure loop prevention in the core based on the full mesh of PWs and redundant N-PEs in each loca- tion. Edge node or edge link failure is protected against by using VPLS and EEM to cus- tomize the solution behavior based on network events as they occur.
An active/standby path-diversity protection mechanism is provided per VLAN using VPLS to ensure one L2 connection to VPLS at a time. This mechanism is known as VPLS with EEM in N-PE.
ptg
Path
Diversity
VPLS
Multipoint Bridging Active/ Standby
Local STP Local STP Local STP HA Cluster 1 Active Node HA Cluster 1 Standby Node HA Cluster 2 Active Node HA Cluster 2 Standby Node
ptg Agg
Agg N-PE N-PE
Agg
Agg N-PE
VPLS
N-PE
Figure 2-3 Redundant N-PEs within the data center.
H-VPLS Considerations
VPLS requires the creation of one VFI for each bridge domain that is to be extended across an L3 core network. Some organizations might require many VLANs to be extend- ed between geographically dispersed data centers. However, creating the hundreds of VFIs that would be required in this case is not practical.
One of the options for scaling VLAN transport via VPLS is to use additional 802.1Q encapsulation, which is known as QinQ. QinQ is the Cisco implementation of the IEEE 802.1ad standard and specifies how to double-tag a frame with an additional VLAN. A frame that enters an interface configured for QinQ encapsulation receives a core VLAN number. In QinQ encapsulation, the edge VLAN number is hidden, and frames are switched based on this core VLAN.
Figure 2-4 illustrates H-VPLS encapsulation. In the original Ethernet frame, the payload is tagged with the 802.1Q edge VLAN number and with the destination (DA) and source (SA) MAC addressees. To aggregate and hide the edge VLANs, QinQ inserts an addition- al 802.1Q core VLAN number, as shown in the QinQ frame. However, the DA of the incoming Ethernet frame is used for forwarding. In addition, VPLS adds the two labels that LDP provides. One label points toward the destination N-PE (core label), the other label identifies the PW, so it points to the correct VFI.
ptg
EEM
The Cisco IOS Embedded Event Manager (EEM) is a unique subsystem within Cisco IOS Software. EEM is a powerful and flexible tool to automate tasks and customize the behavior of Cisco IOS and the operation of the device. EEM consists of Event Detectors, the Event Manager, and an Event Manager Policy Engine.
You can use EEM to create and run programs or scripts directly on a router or switch. The scripts are called EEM policies and can be programmed with a simple command-line interface (CLI) or by using a scripting language called Tool Command Language (Tcl). Policies can be defined to take specific actions when the Cisco IOS Software recognizes certain events through the Event Detectors. The result is an extremely powerful set of tools to automate many network management tasks and direct the operation of Cisco IOS to increase availability, collect information, and notify external systems or personnel about critical events.
EEM helps businesses harness the network intelligence intrinsic to Cisco IOS Software and gives them the capability to customize behavior based on network events as they happen, respond to real-time events, automate tasks, create customer commands, and take local automated action based on conditions detected by Cisco IOS Software. EEM is a low-priority process within IOS. Therefore, it is important to consider this fact when using EEM on systems that are exposed to environments in which higher-priority processes might monopolize routers’ CPU resources. Care should be taken to protect the routers’ CPU from being hogged by higher-priority tasks such as broadcast storms. Recommended practice dictates allocating more time for low-priority processes using the IOS command process-max-time 50. In addition, control-plane policing (CoPP), storm control, and event dampening should also be deployed to prevent CPU hog.
Core Label PW Label Ethernet Header Ethernet Payload
Payload
DA SA L FCS
Preamble 802.1q
FCS’ Original Ethernet or VLAN Frame
QinQ Frame H-VPLS Frame Payload DA SA L FCS Preamble 802.1q 802.1q Figure 2-4 H-VPLS encapsulation.
ptg Note The Cisco document “Cisco IOS Embedded Event Manager Data Sheet” provides
detailed information about EEM, and is available at www. http://tinyurl.com/3hrdm7.
MPLS
Multiprotocol Label Switching (MPLS) combines the performance and capabilities of L2 (data link layer) switching with the proven scalability of L3 (network layer) routing. MPLS enables enterprises and service providers to build next-generation intelligent net- works that deliver a wide variety of advanced, value-added services over a single infra- structure. MPLS also makes it possible for enterprises and services providers to meet the challenges of explosive growth in network utilization while providing the opportunity to differentiate services, without sacrificing the existing network infrastructure. The MPLS architecture is flexible and can be employed in any combination of L2 technologies. This economical solution can be integrated seamlessly over any existing infrastructure, such as IP, Frame Relay, ATM, or Ethernet. Subscribers with differing access links can be aggre- gated on an MPLS edge without changing their current environments because MPLS is independent of access technologies.
Integration of MPLS application components, including L3 VPNs, L2 VPNs, TE, QoS, Generalized MPLS (GMPLS), and IPv6 enable the development of highly efficient, scala- ble, and secure networks that guarantee SLAs.
MPLS delivers highly scalable, differentiated, end-to-end IP services with simple configu- ration, management, and provisioning for providers and subscribers. By incorporating MPLS into their network architectures, service providers can save money, increase rev- enue and productivity, provide differentiated services, and gain competitive advantages.