Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Understanding VLAN Manipulation (Normalization and VLAN Mapping) on Ethernet Services

    To effectively manage Ethernet frames that are transported across bridge domains and VPLS routing instances, frames are processed and, if necessary, translated to provide the required VLAN tags. When the customer sites participating in a VPLS domain send traffic of different tag heights (untaggged, single tagged, or dual tagged packets) across a service, Internet service providers (ISPs) need to provide a network environment to transport traffic of different tag heights. The Connectivity Services Director application supports VLAN manipulation on VPLS services. VLAN manipulation allows transport of traffic with different tag heights between different customer access sites while preserving the customer traffic profiles that are transported over an MPLS core. You can also use VLAN manipulation for the following purposes:

    • Specify different normalized values for outer and inner VLAN tags while troubleshooting packet captures to identify wrong inner/ outer VLAN tag configuration issues.

    • Simplify provisioning across a BGP/LDP scenario because VLAN tag manipulation is performed on customer facing interfaces only.

    • Simplify the process for troubleshooting predetermined tag values.

    • Enable end-to-end communication between clients employing different VLAN topologies.

    • Provide ISPs the flexibility to enforce their own QoS policies through metro area and core networks because customer traffic classification is not impacted.

    Note: To support all access types (port-based [untagged], single-tag, and dual-tag) in a VPLS instance, we recommend that normalization is based on a two-tag operation. However, when only port-based or single-tag access is required, normalizing traffic to a single tag might be sufficient.

    For Ethernet services and Ethernet services with flexible VLAN tagging (asymmetric tag height), the type of VLAN manipulation applied depends on the type of device sending and receiving packets. MX Series devices can use VLAN mapping or normalization to translate VLANs tags. M Series devices use only VLAN mapping to translate VLAN tags.

    VLAN Translation (Normalization) for VPLS Services

    A packet received on a physical port is only accepted for processing if the VLAN tags of the received packet match the VLAN tags associated with one of the logical interfaces configured on the physical port. The VLAN tags of the received packet are translated only if they are different than the normalized VLAN tags. For the translation case, the VLAN identifier tags specify the normalized VLAN.

    The VLAN tags of a received packet are compared with the normalized VLAN tags specified with either the vlan-id or vlan-tags statements. If the VLAN tags of the received packet are different from the normalized VLAN tags, then appropriate VLAN tag operations (such as push-push, pop-pop, pop-swap, swap-swap, swap, and others) are implicitly made to convert the received VLAN tags to the normalized VLAN tags. Then, the source MAC address of a received packet is learned based on the normalized VLAN configuration. For output packets, if the VLAN tags associated with an egress logical interface do not match the normalized VLAN tags within the packet, then appropriate VLAN tag operations (such as push-push, pop-pop, pop-swap, swap-swap, swap, and others) are implicitly made to convert the normalized VLAN tags to the VLAN tags for the egress logical interface. For more information about these operations, see the Junos OS Routing Protocols Configuration Guide.

    VLAN Mapping for VPLS Services

    For Ethernet services and Ethernet services with flexible VLAN tagging (asymmetric tag depth), the Connectivity Services Director application uses the VLAN configuration data that you specified in the service order to apply the appropriate VLAN tags to the input and output VLAN maps for the ingress and egress logical interfaces, respectively. The following steps outline the process of bridging a packet received over a Layer 2 logical interface when a normalizing VLAN identifier (vlan-id number or vlan-tags statement) is specified for a bridge domain or VPLS routing instance:

    1. When a packet is received on a physical port, it is accepted only if the VLAN identifier of the packet matches the VLAN identifier of one of the logical interfaces configured on that port.
    2. The VLAN tags of the received packet are then compared with the normalizing VLAN identifier. If the VLAN tags of the packet are different from the normalizing VLAN identifier, the VLAN tags are rewritten, as described in Table 1.
    3. If the source MAC address of the received packed is not present in the source MAC table, it is learned based on the normalizing VLAN identifier.
    4. The packet is then forwarded toward one or more outbound Layer 2 logical interfaces based on the destination MAC address. A packet with a known unicast destination MAC address is forwarded only to one outbound logical interface. For each outbound Layer 2 logical interface, the normalized VLAN identifier configured for the bridge domain or VPLS routing instance is compared with the VLANs tags that are configured on that logical interface. If the VLAN tags associated with an outbound logical interface do not match the normalizing VLAN identifier that is configured for the bridge domain or VPLS routing instance, the VLAN tags are rewritten, as described in Table 2.

    Table 1 and Table 2 show how VLAN tags are applied when traffic is sent to and from the bridge domain, depending on how the VLAN IDs and VLAN tags (inner and outer) are configured for the bridge domain and on how VLAN identifiers are configured for the logical interfaces in a bridge domain or VPLS routing instance. Depending on the configuration of the Ethernet services that you create in Connectivity Services Director, the following rewrite operations are performed on VLAN tags:

    • pop—Remove the VLAN tag from the top of the VLAN tag stack.

    • pop/pop—Remove both the outer and inner VLAN tags of the frame.

    • pop/swap—Remove the outer VLAN tag of the frame and replace the inner VLAN tag of the frame.

    • swap—Replace the inner VLAN tag of the frame.

    • push—Add a new VLAN tag to the top of the VLAN stack.

    • push/push—Push two VLAN tags in front of the frame.

    • swap/push—Replace the VLAN tag of the frame and add a new VLAN tag to the top of the VLAN stack.

    • swap/swap—Replace both the outer and inner VLAN tags of the frame.

    No operation means that the VLAN tags of the inbound or outbound packet are not translated for the specified output logical interface or input logical interface. NA means not applicable.

    Table 1: VLAN Tag Rewrite Operations at UNI Ingress for Ethernet Services

    VLAN Identifier of Logical Interfacevlan-id nonevlan-id 200vlan-id allvlan tags outer 100, inner 300

    none

    no operation

    push 200

    NA

    push 100, push 300

    200

    pop 200

    no operation

    no operation

    swap 200 to 300, push 100

    1000

    pop 1000

    swap 1000 to 200,

    no operation

    swap 1000 to 300, push 100

    vlan-tags outer 2000, inner 300

    pop 2000, pop 300

    pop 2000, swap 300 to 200

    pop 200

    swap 2000 to 100

    vlan-id range 10-100

    NA

    NA

    no operation

    NA

    vlan-tags outer 200, inner range 10-100

    NA

    NA

    pop 200

    NA

    Table 2: VLAN Tag Rewrite Operations at UNI Egress for Ethernet Services

    VLAN Identifier of Logical Interfacevlan-id nonevlan-id 200vlan-id allvlan tags outer 100, inner 300

    none

    no operation

    pop 200

    NA

    pop 100, pop 300

    200

    push 200

    no operation

    no operation

    pop 200, swap 300 to 200

    1000

    push 1000

    swap 200 to 1000

    no operation

    pop 100, swap 300 to 1000

    vlan-tags outer 2000, inner 300

    push 2000, push 300

    swap 200 to 300, push 3000

    push 2000

    swap 100 to 2000

    vlan-id range 10-100

    NA

    NA

    no operation

    NA

    vlan-tags outer 200, inner range 10-100

    NA

    NA

    push 200

    NA

    Sample VLAN Configuration on MX Series and M Series PE Routers

    MX Series devices can use VLAN mapping or normalization to translate VLANs tags. M Series devices use only VLAN mapping to translate VLAN tags. The following sample configurations show the VLAN and VPLS routing-instance configurations for an MX960 PE interface and M320 PE interface.

    MX960 PE Interface ConfigurationM320 PE Interface Configuration
    interfaces {			
    	ge-0/0/0 {
       	unit 1 {    
                encapsulation vlan-vpls;
                vlan-tags outer 5 inner 5;
    ##normalizing the inner and outer tags towards the core with Push/Push operations##           
    	family vpls
    		}
    			}
    				}
       
    interfaces {			
    	ge-1/1/1 {
       	unit 1 {    
                encapsulation vlan-vpls;
                vlan-tags outer 22 inner 2;
    ## Q-in-Q tags configured on the PE interface ##         
    input-vlan-map {
    swap-swap;
    ##normalizing the inner and outer tags towards the core by swapping both tags##
    		vlan-id 2;
    		inner-vlan-id 1;
    		}
    	output-vlan-map swap-swap; 
    ## Put the original tags back for the packets towards the VPLS CE ##		
    		family vpls
    	}
    		}
    			}
       

    Modified: 2015-09-21