Tina-lamBy Tina Lam, Product Manager

MPLS based Layer 2 VPN has been around for over 10 years since the inception of IETF Pseuduowire Edge to Edge (PWE3) Working Group. Many drafts and standards have been added, since then, to address different applications and to improve scale and convergence in different topologies. L2VPN as a whole is widely deployed in both service providers and enterprises, from Ethernet services, to fixed and mobile convergence, to enterprise campus layer-2 transport.

Recently, one emerging driver that has been picking up a lot of momentum is to use L2VPN for Data Center Interconnect (DCI). Data centers are often situated in different locations, to be geo-redundant for the purpose of workload mobility and business continuity. At the same time the physical location of the data center has to be transparent to users and to applications. Hence the need for layer-2 connectivity between sites. While Ethernet over MPLS (EoMPLS) and Virtual Private LAN Service (VPLS) have been used for this purpose, DCI presents new requirements and challenges not fully addressed today.  To keep the data center always on, and to utilize all the resources and links as efficiently as possible, data centers need all-active redundancy and load balancing. The technology should be as simple as possible to provision and manage to optimize the operational expense. Data center is the heart of IT operation and therefore high performance is critical. To achieve that, you need optimal forwarding for both unicast and multicast traffic while preventing forwarding loops and frame duplication towards the hosts. Fast convergence is a must in order to minimize downtime and packet loss due to any network topology changes. Lastly, to meet the needs of massively scalable data centers where there may be millions of VMs and users, the solution needs to also provide MAC address scalability. Ethernet VPN (E-VPN) and Provider Backbone Bridging E-VPN (PBB-EVPN) are new solutions built from the ground up to address these needs, with PBB-EVPN differentiating on its ability to handle higher MAC scale scenarios.

Both E-VPN and PBB-EVPN are new drafts in the IETF L2VPN Working Group. While still relying on MPLS forwarding paradigm, they introduce a new solution for ethernet multipoint services, using Border Gateway Protocol (BGP) for distributing customer MAC address reachability information over an MPLS cloud.  In existing L2VPN solutions, MAC addresses are always learned in the data plane; i.e. MAC bridging.  In comparison, in E-VPN the learning of MAC addresses over the core is done via control-plane; i.e. MAC routing. Control-plane based learning brings flexible BGP based policy control similar to L3VPN now applied to MAC address. Customers can build any topology using Route Targets. A full mesh of pseudowires is no longer required, which is often a scalability concern in VPLS as the number of PEs increases. Another key feature of E-VPN is the multi-homing capability. In VPLS, there is a limited support of multi-homing with only active-standby or active-active per service dual homing supported. E-VPN, on the other hand supports both active-active per service and active-active per flow leading to better load balancing across peering PEs.  And it supports multi-homing device (MHD) and multi-homed network (MHN) topologies with two or more routers in the same redundancy group and they can be geographically disjointed.

PBB-EVPN takes a step further by combining Provider Backbone Bridging (PBB) and E-VPN functions in a single device.  PBB is defined by IEEE802.1ah, where MAC tunneling (MAC-in-MAC) is employed to improve service instance and MAC address scalability in Ethernet. Using PBB’s MAC-in-MAC encapsulation, PBB-EVPN separates customer MAC addresses (C-MACs) from backbone MAC addresses (B-MACs) spaces. In contrast to E-VPN, PBB-EVPN uses BGP to advertise B-MAC reachability, while data-plane learning is still used for remote C-MAC to remote B-MAC binding. As a result, the number of MAC addresses in provider backbone is now reduced to the number of PEs which is usually in hundreds, much smaller than the millions of customer MAC addresses typically in the large service provider networks. Should be there any MAC mobility in the access layer it will be completely transparent to BGP and instead be handled by re-learning of the moved C-MAC to a new B-MAC.

We have previewed E-VPN and PBB-EVPN with service providers from around the world and have received overwhelmingly positive responses. Their feedback points to flexible multi-homing capabilities as most attractive feature, while others also benefit from the scale provided by PBB-EVPN. Currently, we are planning early field trials with several of them as we speak.

Should you be interested to learn more about E-VPN and PBB-EVPN we’ll have a session on Wednesday June 26th at 08:00 EDT at Cisco Live next week, “BRKMPL-2333: E-VPN & PBB-EVPN: the Next Generation of MPLS-based L2VPN” which gives technical overview and deployment deep dive on the technology. Please join us there and learn how the technology can benefit your DCI strategy.