MPLS And Ethernet VPN Services - TPx Communications
MPLS andEthernet VPNServicesTwo sides of the same coin
For many enterprises, particularly those with multiple locations,private carrier-grade networks are the preferred networkingsolution to get the data performance and security (peace ofmind) they need, along with the speed, flexibility and easeof-management they desire to achieve and sustain optimalbusiness performance. And those private network services areincreasingly based on Multiprotocol Label Switching (MPLS)and Carrier Ethernet Virtual Private Network (VPN) services. Infact, the purpose of this white paper is to provide:nnnAT THE LOCAL LEVEL,ETHERNET CAN BE PROVIDEDVIA COPPER, FIBER AND FIXEDWIRELESS ACCESS LINKS.nA basic understanding of MPLS and carrier-grade EthernetVPNs and their valueUnderstanding the difference between Layer 2 and Layer 3VPN servicesWhy not all MPLS or Ethernet VPN services are created equalA brief introduction to MPLS and Ethernet VPN solutionsfrom TPxMy goal is to fill in knowledge gaps so your organization canaccelerate to success.MPLS & CARRIER ETHERNET VPNSAND WHY THEY ARE POPULARFixed WirelessTDMWe have already explained why MPLS-based IP VPN ispopular in the previous paper, What You May NotKnow But Should About MPLS Virtual PrivateNetworks. To recap, most of us are by nowfamiliar with that big public IP network, theInternet. We also are all too familiar withCopperwhy it is called a “best effort” network,because it works when it works andFiberwhen it doesn’t, it’s just too bad. Thereis no such thing as Internet Quality ofService (QoS) and there are no serviceagreements that guarantee anything other than the access link,or on-ramp,to the Internet superhighway. And of course, there are allthose security breaches that we hear about every day such asnetwork intrusions and denial of service attacks that are madepossible by the fact that we are all connected to this one hugeglobal network.It is true that IP-VPNs that run over the public Internetcan protect your data from prying eyes, but at the cost ofencryption and the need to manage point-to-point ‘tunnels’and CPE (hardware) for every location that wants to connectto another location. All of that translates into overhead, bothnetwork and operating, which makes Internet-based IP VPNsuseful mainly for connecting remote employees or locations tothe corporate network.Because of the inconsistent performance and security risksthat are inherent to the Internet, most larger enterprises andmany of the smaller ones depend on private networkingservices to a large extent. These private network services,which in the previous decade were comprised of LeasedLines, Frame Relay and ATM services, have now shifted almostentirely to IP VPNs based on MPLS.The reason for this popularity is that MPLS VPNs provide thesecurity and control that enable guaranteed service qualitywhile keeping the flexibility of fully meshed or hub and spokenetworking that made VPNs so popular in the first place. Inshort, MPLS combines the best aspects of Layer 2 FrameRelay with Layer 3 IP services, such that it is sometimesreferred to as ‘Layer 2.5.’ Meanwhile, carrier-grade Ethernethas been emerging as an alternative to MPLS and has actuallybeen one of the fastest growing data network services over thepast few years.
IN THIS WAY, CARRIERETHERNET SERVICES HAVETAKEN ON CHARACTERISTICSSIMILAR TO MPLS, AND INFACT CERTAIN ETHERNET VPNSERVICES SUCH AS ETHERNETVIRTUAL PRIVATE LAN SERVICEAND ETHERNET VIRTUALPRIVATE WIRE SERVICE(EVPLS AND VPWS) RUN OVERTHE SAME MPLS NETWORKINFRASTRUCTURE. MPLS ANDETHERNET VPNS COULD THUSBE CONSIDERED TWO SIDESOF THE SAME COIN.ETHERNET VPN:FROM LAN TO WANMost of us are familiar with the Ethernet local area networks(LANs) that interconnect our office computers, servers andprinters. Although based on the same technology, carriergrade Ethernet has undergone considerable technologicalevolution and now bears little resemblance to its LAN rootsother than the basic frame and addressing formats. Today’sEthernet VPN services can support multiple classes of servicejust like MPLS and is deployed on fully redundant carrier-gradeswitching platforms. Although it has been mainly deployedas a Metropolitan area service, which led to the wide spreadacceptance of “Metro Ethernet,” Ethernet VPN services canextend nationally and even globally over fiber optic transportnetworks. At the local level, Ethernet can be provided viaCopper, Fiber and Fixed Wireless access links.The main difference between MPLS and Ethernet is thatEthernet is a Layer 2 technology that uses the Ethernet MACaddresses, which are embedded in every computer, to forwardtraffic. MPLS relies on the customer’s IP address list to forwardand route traffic from source to destination, with the additionof special “labels” that are used to make sure that eachcustomer’s VPNs are isolated from each other since they allshare the same infrastructure. Similarly, customer separationon carrier-grade Ethernet is enabled through numbered VLANlabels that are added by the service provider.STANDARDS & MORE STANDARDSIn the previous paper we noted that the Internet EngineeringTask Force (IETF) developed specifications for MPLSthat imposed circuit-like behavior onto what had been aconnectionless service. These ‘connections’ enable serviceproviders to offer multiple classes of service and also allowedthe network provider to rapidly reroute traffic around linkfailures as if they never happened.Likewise, Carrier Ethernet services have also been addressedby a number of standards groups including the ITEF, the IEEEand the Metro Ethernet Forum (MEF) for Layer 2 — the datalink layer which deals with framing, physical addressing, flowcontrol, error control, access control and media access control(MAC). In this way, Carrier Ethernet services have taken oncharacteristics similar to MPLS, and in fact certain EthernetVPN services such as Ethernet Virtual Private LAN Service andEthernet Virtual Private Wire service (EVPLS & VPWS) run overthe same MPLS network infrastructure. MPLS and EthernetVPNs could thus be considered two sides of the same coin.
CONSIDER THE OPTIONSEach option runs over an underlying MPLS infrastructure, butwhat you may not know is why each of these options is popular.Ethernet Virtual Private LAN Services (EVPL)REALITY IS, SOMEENTERPRISES WILL BEBEST SERVED BY A HYBRIDMPLS/EVPLS APPROACH;MPLS TO INTERCONNECT ALARGE NUMBER OF SMALLBRANCH OFFICES; EVPLS TOINTERCONNECT A SMALLERNUMBER OF CORPORATEHUBS AND DATACENTERSWITH HIGH BANDWIDTHOR LOW LATENCYREQUIREMENTS.We have already explained why MPLS-based IP VPNs arepopular. It is worth noting the attraction of the alternatives. Thereare many types of Ethernet VPNs; VPLS is one that sharesmany similarities, and a few differences, with MPLS. First, to acustomer, all E-VPNs look like a basic Layer 2 LAN (bridged)network, but extended over a geographically wide area. Itsattraction is to those companies with internal IT shops who areused to managing the routing functions of Layer 3. In contrast,MPLS services outsource IP routing to the service provider.Ethernet VPNs have no knowledge of the customer’s Layer 3 IPaddresses or routing tables, which some IT managers will preferfor its simplicity. It should be noted that EVPLS in particularoperates over the same carrier network infrastructure as MPLS,but that aspect is not visible to the customer. There are severalreasons why Ethernet VPN may be preferred to MPLS IP VPN:nnnnCustomer network managers deployed an extensive IP routednetwork with large IP address lists and wish to retain control.Customer network managers have security requirements thatprevent them from revealing their IP addressing and routingpolicies to a 3rd party.Businesses with a small number of high-bandwidth locationsmay prefer the simplicity of interconnecting those locations atLayer 2 (Ethernet).Conversely, enterprises with a large number of small bandwidthlocations, such as retailing or branch offices, will find thatMPLS scales more easily to large numbers of end-points.Reality is, some enterprises will be best served by a hybridMPLS/EVPLS approach; MPLS to interconnect a largenumber of small branch offices; EVPLS to interconnect asmaller number of corporate hubs and datacenters with highbandwidth or low latency requirements.Note: An EVPLS WAN acts as a single LAN subnet, so allcustomer routers connected to the VPLS WAN will appear tobe directly connected, or adjacent, to every other customerrouter. Depending on the routing protocols involved, somenetwork managers may wish to limit the number of routersattached to a single LAN subnet, which may impose a limit onscalability in large networks.Ethernet Private Line (EPL)Ethernet Private Line (EPL) offers a third VPN alternative toboth MPLS and E-VPLS, and of course to traditional TDMbased private line services. As the below chart shows it hasvirtually all of the features of EVPLS except that it is is point-topoint only. From a network perspective it is most efficient whenthe customer simply wants to connect two locations together.A good application for EPL is data mirroring between twodatacenters to perform server or storage array backups andsynchronization. These links are typically high-bandwidth andlow-latency requirements and so there is no reason to add thecomplexity of IP routing to this simple network topology.Knowing what your various options are for connecting yourvarious locations with secure and high-performance datanetworking solutions is important. Getting to where you wantto go depends on where you are and what you need. Thechart on the following page illustrates the capabilities availablefor connecting disparate locations over an MPLS network withIPVPN or through Ethernet services.
ETHERNET VIRTUAL PRIVATE LANTPxLocation AAN EVPL LOOKS LIKE A BASICLAYER 2 LAN (BRIDGED)NETWORK, BUT EXTENDEDMPLS Core NetworkOVER A GEOGRAPHICALLYWIDE AREA. ITS ATTRACTIONIS TO THOSE COMPANIESWITH INTERNAL IT SHOPSWHO ARE USED TOMANAGING THE ROUTINGHeadquartersLocation BFUNCTIONS OF LAYER 3.ETHERNET VPNS HAVENO KNOWLEDGE OF THECUSTOMER’S LAYER 3 IPADDRESSES OR ROUTINGTABLES, WHICH SOME ITMANAGERS WILL PREFERLocation DFOR ITS SIMPLICITY.User Network InterfaceLocation CCustomer EdgeProvider EdgeEthernet Virtual Circuit
MPLS & ETHERNET VPN SERVICESAll network solutionsare not created equalWhat you may not knowbut need to know is that,while MPLS and Ethernetare standardized — and thequality of experience (QoE)and performance of networkelements from leadingvendors such as Cisco,Juniper and others is welldocumented and certified —that does not mean that allMPLS or carrier Ethernet VPNservices and service providerexperiences are alike.AttributeMPLSEVPLSEPLProtocol(customer)Layer 3 - IP RoutingLayer 2 - EthernetLayer 2 - ddressingIPEthernet MACEthernet MACAddress tPoint to MultipointMultipointPoint to MultipointPoint to PointScaleHigh100s of endpointsMedium50 endpoints*Low2 endpoints201720181Mbps – 1Gbps20192020LowerBandwidth1Mbps – 1GbpsComplexityHigherMultiprotocolYesYesYesIP Routing MgmtService ProviderCustomerCustomerClasses ofServiceYes – Max 8Typically 3 - 6Yes – Max 8Typically 3 - 6Max – 8Typically 3 - 4QoSMPLS EXP/LabelIEEE 802.1p/qIEEE 802.1p/qCPERouterRouter or L2 SwitchRouter or L2 SwitchTypicalApplicationMany low-bandwdith branchoffice or retail sites connected tocorporate hub or datacenterSmall number of high-bandwidthend-points connecting corporatehubs or datacentersHigh bandwdth link connectingheadquarters or datacenter* EVPLS Scalability based on recommended number of router adjacencies in single OSPF area.Actual network size can vary by customer preference and routing protocols employed.1Mbps – 1GbpsLowest2021
TPX: ETHERNET ECOSYSTEMAT ITS BESTPRIVATE NETWORK VPNSCAN DELIVER PARTIALLY ORFULLY MESHED PRIVATE ANDSECURE COMMUNICATIONSAT LESS COST AND MOREEFFICIENCY, AND DO SOQUICKLY. IN FACT, TPXRECENTLY DEPLOYED A40-LOCATION SOLUTION INJUST 30 DAYS.Knowing what best practices are and what questions to askwhen considering transforming your networking capabilities isobviously important. That is why knowing about a company,TPx, and its VPN services is a case where knowledge is power,and understanding what is possible could be invaluable asyour company accelerates to IP.First, what you may not know, if you are a multi-locationenterprise in California and Nevada, is that TPx boasts thelargest MPLS and Ethernet capable broadband networkfootprint in region. The company has an extensive owned andoperated network in the aforementioned states and in Texas.Interconnection agreements with best in class partners enableseamless private networking across the U.S. and aroundthe world. Customers get one point of contact, i.e., moreresponsiveness and less hassle.With one of the densest access footprints in its operatingregion, TPx can provide Ethernet or MPLS VPNs over Copper,Fiber and Fixed Wireless, access links from hundreds ofcolocated central offices and wireless base stations in itsmulti-state area. And TPx has recently increased its maximumEthernet access speed to 200Mbps by bonding multiplecopper pairs to act as a single wire. The company can alsooffer Fiber Optic Ethernet access up to 1Gbps throughnetwork interconnections with the leading fiber providers in itsregion, through which it can also provide direct connections to24,000 buildings in its tri-state area.
Here’s what you need to know about the kinds of MPLS andEthernet VPN capabilities we provide that you should considerwhen evaluating services for your multi-location operations:nnnnnnnMPLS and Ethernet VPNs enable customers to reduce oreliminate the need for multiple firewalls through centralizationat a single site, reducing costs and administrative overhead.MPLS and Ethernet VPNs enable customers to reduce oreliminate the need for CPE-based encryption and tunnels atevery location, improving performance while cutting costs andadministrative overhead.Ethernet VPNS allows customers to preserve existing IPaddressing and routing systems which means less work onimplementation.MPLS outsources IP routing management to the serviceprovider, saving the customer the expense and time ofmanaging and maintaining a network of IP routers.With MPLS, EVPLS and EPL, customers get an equivalentlevel of security and performance as private line, ATM andframe relay services for fewer dollars.MPLS and Ethernet VPNs provide multiple classes of servicefor different types of applications ranging from real-time tobest effort.Network performance and quality of service is guaranteed byindustry-leading Service Level Agreements (SLAs).As noted, whether your business has multiple sites locally,nationally or internationally, private network VPNs can deliverpartially or fully meshed private and secure communications at lesscost and more efficiency, and do so quickly. In fact, TPx recentlydeployed a 40-location solution in just 30 days.The facts of the matter are that what you don’t know cancause you to make less than optimal decisions.TPx’s MPLS and Ethernet VPN services are known for their thereach, reliability, features, functionality, performance, security,customization and value that are becoming table stakes formulti-location enterprises of all sizes looking to accelerate theirmove to IP. And, TPx’s service and support organization hasalso earned praise from the company’s diverse customer baseof over 40,000 businesses.When it comes to decisions regarding MPLS and EthernetVPNs you have questions, and need answers so you canhave the peace of mind necessary for moving mission criticalbusiness processes and applications online where they canimprove business operations, the delivery of superior customerexperiences and sustainable value. The best advice is toask, compare and contrast and go with the company thatbest fits your unique needs. TPx not only has best in breedsolutions, but also gives you a yardstick for your decisions onaccelerating application performance via MPLS and Ethernet.
ABOUT TPXTPx is the premier managed services carrier that deliverscomprehensive communications solutions to 75,000 businesslocations nationwide. Businesses nationwide trust TPx tomanage their mission-critical network services. TPx’s awardwinning, enterprise-grade unified communications, managedIT, and network connectivity services empower companies tounleash productivity by streamlining processes, proactivelymonitoring systems, and staying current with rapidly-changingtechnology. TPx backs its services with a zealous commitmentto Customer Care, including a network uptime guarantee and24/7/365 live-answer technical support.Ready to move your business communicationsto the cloud? Call us at 800-399-4925.tpx.com
User Network Interface Customer Edge Provider Edge Ethernet Virtual Circuit Location D Location C Headquarters Location B Location A TPx MPLS Core Network ETHERNET VIRTUAL PRIVATE LAN AN EVPL LOOKS LIKE A BASIC LAYER 2 LAN (BRIDGED) NETWORK, BUT EXTENDED OVER A GEOGRAPHICALLY WIDE A
VPN Customer Connectivity—MPLS/VPN Design Choices Summary 11. Advanced MPLS/VPN Topologies Intranet and Extranet Integration Central Services Topology MPLS/VPN Hub-and-spoke Topology Summary 12. Advanced MPLS/VPN Topics MPLS/VPN: Scaling the Solution Routing Convergence Within an MPLS-enabled VPN Network Advertisement of Routes Across the .
MPLS VPN or VPN Tunnel VPN or Hybrid VPN MPLS VPN –AT&T VPN Network-based VPN where the VPN is defined by the capability of the MPLS network Connects sites via a private network using MPLS backbone. Attractive to businesses where Private Networking is most important Higher level of technical expertise required
MPLS-based VPN services: L3 MPLS VPN and L2 MPLS VPN. MPLS L2VPN has two modes: Virtual Private LAN Service (VPLS) and Virtual Leased Line (VLL). VLL applies to point-to-point networking scenarios, while VPLS supports point-to-multipoint and multipoint-to-multipoint networking. From users' point of view, the whole MPLS network is
slide series thatdescribe the Multiprotocol Label Switching (MPLS) concept . Layer-3 VPNs Layer-2 VPNs MPLS QoS MPLS TE MPLS OAM/MIBs End-to-end Services MPLS Network Services . §MPLS label forwarding and signaling mechanisms Network Infrastructure MPLS Signaling and Forwarding Layer-3 VPNs Layer-2 VPNs
MPLS L3 VPN Principle [201609] [01] APNIC Technical Workshop . Acknowledgement Cisco Systems. Course Outline MPLS L3 VPN Models L3 VPN Terminologies MPLS VPN Operation - Control Panel - Data Plane - Forwarding function Function of RD and RT Configuration Examples .
MPLS and VPN Architectures, Volume II, begins with a brief refresher of the MPLS VPN Architecture. Part II describes advanced MPLS VPN connectivity including the integration of service provider access technologies (dial, DSL, cable, Ethernet) and a variety of routing protocols (IS-IS, EIGRP, and OSPF), arming the reader with the knowledge of how to
SSL VPN Client for Windows/Mac OS ZyWALL 110 VPN Firewall ZyWALL 1100 VPN Firewall USG20W-VPN VPN Firewall ZyWALL 310 VPN Firewall. Datasheet ZyWALL 110/310/1100 and USG20(W)-VPN 5 Model ZyWALL 110 ZyWALL 310 ZyWALL 1100 USG20-VPN USG20W-VPN Prod
MPLS/VPN Configuration on IOS Platforms Overview This module covers MPLS/VPN configuration on Cisco IOS platforms. Upon completion of this module, the learner will be able to perform the following tasks: Configure Virtual Routing and Forwarding tables Configure Multi-protocol BGP in MPLS/VPN backbone Configure PE-CE routing protocols
