H-VPLS
VPLS requires a full mesh of PWs among all PEs in a VPLS instance. In a large-scale network, however, a full mesh of PWs causes very high PW signaling overhead and creates difficulties for network management and expansion. Hierarchical VPLS (H-VPLS) reduces the number of PWs by dividing a VPLS network into a backbone domain and edge domains.
Only static PWs and LDP PWs support H-VPLS.
In an H-VPLS:
An edge domain provides access for a user network to the backbone domain.
The Network Provider Edge (NPE) devices are fully meshed in the backbone domain. A PW between NPEs is referred to as an "N-PW."
A User facing-Provider Edge (UPE) device only establishes a PW with the neighboring NPE. A PW between a UPE and an NPE is referred to as a "U-PW."
H-VPLS access modes
Two access modes are available in H-VPLS: MPLS access and Ethernet access.
Figure 81: H-VPLS using MPLS access
As shown in Figure 81, in MPLS access mode, the edge domain is an MPLS network. The UPE creates a U-PW with NPE 1. The UPE does not create PWs to any remote PEs. After the UPE receives a packet from a CE, it adds the label assigned to the U-PW into the packet and then forwards the packet to NPE 1 through a public tunnel. NPE 1 maps the packet to the VSI that corresponds to the PW label, and searches the MAC address table of the VSI to forward the packet.
NOTE: A U-PW created on the NPE must have split horizon disabled because the NPE needs to forward packets between U-PW and N-PW. | ||
Figure 82: H-VPLS using Ethernet access
As shown in Figure 82, in Ethernet access mode, the edge domain is an Ethernet network. The UPE and NPE 1 establish a point-to-point Ethernet QinQ connection in between (enable QinQ on the UPE interfaces connecting CEs and configure VLAN access mode on NPE 1). After UPE receives a packet from a CE, it adds an outer VLAN tag into the packet and forwards the packet to NPE 1. NPE 1 regards the outer VLAN tag as the service provider VLAN tag. It maps the packet to the VSI that corresponds to the VLAN tag and then searches the MAC address table of the VSI to forward the packet.
UPE dual homing and PW redundancy
A single PW between a UPE and an NPE has a distinct drawback: once the PW fails, all customer sites connected to the UPE lose connectivity. You can connect a UPE to two NPEs to achieve U-PW redundancy.
In the H-VPLS using MPLS access as shown in Figure 83, the UPE is connected to two NPEs through primary and backup U-PWs. The UPE uses the primary U-PW to forward traffic. When the primary U-PW fails, it uses the backup U-PW to forward traffic.
Figure 83: UPE dual homing and redundancy in H-VPLS using MPLS access
The backup U-PW is used in the following scenarios:
The primary U-PW goes down because the tunnel that carries the primary U-PW is deleted or a fault detection mechanism such as BFD detects the tunnel failure.
The primary U-PW is deleted by the control plane. For example, the LDP session on the primary U-PW link is down, causing the primary U-PW to be deleted.
BFD detects a failure of the primary U-PW.
A primary and backup U-PW switchover is triggered by a command.
HP recommends executing the port bridge enable command on the NPE 1' interface connected to NPE 4 when the following conditions are met:
The MPLS network (edge domain)is configured with a fast switchover mechanism, for example, LDP FRR or MPLS TE FRR.
A primary tunnel is established over the link UPE—NPE 1, and a backup tunnel is established over the link UPE—NPE 4—NPE 1.
When the primary tunnel fails, traffic will be immediately switched to the backup tunnel. The failover time is so short that the U-PW switchover from primary to backup might not be triggered. In this scenario, NPE 1 needs to forward traffic received from NPE 4 to NPE 4, NPE 3, and NPE 2 in the backbone domain. To ensure correct forwarding, execute the port bridge enable command on the NPE 1' interface connected to NPE 4. Then, NPE 1 can send traffic received on the interface out of the interface itself.