Mpls Layer 2 Là Gì

  -  

On EX8200 và EX4500 switches, you can use MPLS-basedLayer 2 & Layer 3 virtual private networks (VPNs) or MPLS Layer2 circuits, allowing you to lớn securely connect geographically diversesites across an MPLS network. MPLS services can be used to connectvarious sites lớn a backbone network & to ensure better performancefor low-latency applications such as voice over IP (VoIP) & otherbusiness-critical functions.

Bạn đang xem: Mpls layer 2 là gì

A VPN uses a public telecommunications infrastructure, suchas the Internet, to lớn provide remote offices or individual users withsecure access khổng lồ their organization’s network. VPNs are designedkhổng lồ provide the same màn chơi of performance and security as privatelyowned or leased networks but without the attendant costs.


This topic describes:


MPLS-Based Layer 2 VPNs

In an MPLS-based Layer 2 VPN, traffic is forwarded by the customer’scustomer edge (CE) switch (or router) khổng lồ the service provider’sprovider edge (PE) switch in a Layer 2 format. It is carried by MPLSover the service provider’s network and then converted backlớn Layer 2 format at the receiving site.

On a Layer 2 VPN, routing occurs on the customer’s switches,typically on the CE switch. The CE switch connected lớn a service provideron a Layer 2 VPN must select the appropriate circuit on which to lớn sendtraffic. The PE switch receiving the traffic sends it across the serviceprovider’s network to lớn the PE switch connected to lớn the receivingsite. The PE switches bởi not store or process the customer’sroutes; the switches must be configured khổng lồ sover data khổng lồ the appropriatetunnel.

For a Layer 2 VPN, customers must configure their own switcheskhổng lồ carry all Layer 3 traffic. The service provider must detect onlyhow much traffic the Layer 2 VPN will need khổng lồ carry. The service provider’sswitches carry traffic between the customer’s sites using Layer2 VPN interfaces. The VPN topology is determined by policies configuredon the PE switches.

Customers must know only which VPN interfaces connect lớn whichof their own sites. Figure1 illustratesa full-mesh Layer 2 VPN in which each site has a VPN interface linkedto lớn each of the other customer sites. In a full-mesh topology betweenall three sites, each site requires two logical interfaces (one foreach of the other CE routers or switches), although only one physicalliên kết is needed khổng lồ connect each PE switch to each CE router or switch.

Figure 1: Layer 2 VPN Connecting CE Switches
*

Layer 2 Circuits

A Layer 2 circuit is a point-to-point Layer 2 connection thatuses MPLS or another tunneling công nghệ on the service provider’snetwork. A Layer 2 circuit is similar khổng lồ a circuit cross-connect (CCC),except that multiple Layer 2 circuits can be transported over a singlelabel-switched path (LSP) tunnel between two provider edge (PE) switches.In contrast, each CCC requires a dedicated LSP.

The Junos OS implementation of Layer 2 circuits supports onlythe remote form of a Layer 2 circuit; that is, a connection from alocal customer edge (CE) switch to a remote CE switch.

Packets are sent to the remote CE switch by means of an egressvirtual private network (VPN) label advertised by the remote PE switch.The VPN label transits over either an RSVPhường. or an LDPhường LSP.. (or othertype) tunnel lớn the remote PE switch connected to the remote CE switch.LDP is the signaling protocol used for advertising VPN labels.

Return traffic sent from the remote CE switch to lớn the local CEswitch uses an ingress VPN label advertised by the local PE switch.

MPLS-Based Layer 3 VPNs

In a Layer3VPN, the routing occurs on the service provider’s routers. Therefore,Layer3 VPNs require more configuration on the part of the serviceprovider, because the service provider’s PE routers must storeand process the customer’s routes.

In the JunosOS, Layer3 VPNs are based on RFC 4364, BGP/MPLSIPhường. Virtual Private Networks. This RFC defines a mechanismby which service providers can use their IP backbones khổng lồ provide Layer3VPN services khổng lồ their customers. The sites that biến hóa a Layer3VPN are connected over a provider’s existing public Internetbackbone.

VPNs based on RFC 4364 are also known as BGP/MPLSVPNs because BGP is used lớn distribute VPN routing information acrossthe provider’s backbone, and MPLS is used khổng lồ forward VPN trafficacross the backbone khổng lồ remote VPN sites.

Xem thêm: Ứng Dụng Hack Tiền Ch Play Game Online, Cách Hack Full Tiền Tất Cả Game Trên Ch Play

Customer networks,because they are private, can use either public addresses or privateaddresses, as defined in RFC1918, AddressAllocation for Private Internets. When customer networksthat use private addresses connect khổng lồ the public Internet infrastructure,the private addresses might overlap with the private addresses usedby other network users. BGP/MPLS VPNs solve this problem by prefixinga VPN identifier to each address from a particular VPN site, therebycreating an address that is quality both within the VPN and withinthe public Internet.

In addition, each VPN has itsown VPN-specific routing table that contains the routing informationfor that VPN only. Two different VPNs can use overlapping addresses.Each route within a VPN is assigned an MPLS label (for example, MPLS-ARCH,MPLS-BGPhường., or MPLS-ENCAPS). When BGPhường. distributes a VPN route, it alsodistributes an MPLS label for that route. Before a customer data packettravels across the service provider’s backbone, it is encapsulatedalong with the MPLS label that corresponds to the route within thecustomer’s VPN that is the best match based on the packet’sdestination address. This MPLS packet is further encapsulated withanother MPLS label or with an IP, so that it gets tunneled acrossthe backbone to lớn the egress provider edge (PE) switch. Thus, the backbonecore switches bởi vì not need khổng lồ know the VPN routes.

Comparing an MPLS-Based Layer 2 VPN và an MPLS-Based Layer 3 VPN

The differences between Layer 2 VPNsvà Laer 3 VPNS are summarized in Table1

Table 1: Comparing an MPLS-Based Layer 2 VPN and an MPLS-Based Layer3 VPN

Layer 2 VPNLayer 3 VPN

Customer sites appear to lớn be on the same LAN even if geographicallydispersed.

Service provider’s technical expertise ensures efficientsite-to-site routing.

Service providers can provide additional value-added servicesthrough network convergence that encompasses voice, đoạn phim, and data.

The service provider does not require information about thecustomer’s network topology, policies, routing information,etc.

The customer has complete control over policies và routing.

Customers must chia sẻ information about their network topology.

The service provider determines the policies and routing.

The CE switch forwards traffic khổng lồ the service provider’sPE switch in Layer 2 format.

Xem thêm: Gameguardian 101 - Tải Về Game Bóng Đá Hay Nhất 2021 Cho Android

The customer’s CE switch must be configured to lớn use BGPor OSPF khổng lồ communicate with the service provider’s PE switchto carry IP prefixes across the network. Other protocol packets arenot supported.