VPWS Overview

VPWS L2VPNs employ layer 2 services over MPLS to build a topology of point-to-point connections that connect end customer sites in a VPN. These L2VPNs provide an alternative to private networks that have been provisioned by means of dedicated leased lines or by means of layer 2 virtual circuits that employ ATM or Frame Relay. The service provisioned with these L2VPNs is known as Virtual Private Wire Service (VPWS). VPWS L2VPNs are sometimes called Kompella L2VPNs. You configure a VPWS instance on each associated edge router for each VPWS L2VPN.

Traditional VPNs over layer 2 circuits require the provisioning and maintenance of separate networks for IP and for VPN services. In contrast, VPWS enables the sharing of a provider’s core network infrastructure between IP and L2VPN services, reducing the cost of providing those services.

VPWS also uses BGP as the signaling protocol, and consequently has a simpler design and requires less provisioning overhead than traditional VPNs over layer 2 circuits. BGP signaling also enables autodiscovery of L2VPN peers. VPWS is similar to BGP/MPLS VPNs and VPLS in many respects, because all three types of services employ BGP for signaling.

VPWS creates pseudowires that emulate layer 2 circuits. A virtual private LAN service (VPLS) network is similar to VPWS, but provides point-to-multipoint traffic forwarding in contrast to the VPWS L2VPN’s point-to-point traffic forwarding.

VPWS provides the same services as layer 2 over MPLS except for CE-side load-balancing. The main differences between the VPWS and L2 over MPLS services are signaling, autodiscovery, and configuration.

A VPWS L2VPN can have either a full-mesh or a hub-and-spoke topology. The tunneling mechanism in the core network typically is MPLS. However, VPWS can also use other tunneling protocols, such as GRE. VPWS is similar to Martini layer 2 services over MPLS, and employs a similar encapsulation scheme for forwarding traffic.

Figure 133 illustrates an example of a simple VPWS L2VPN topology.

Figure 133: VPWS Sample Topology

VPWS Sample Topology

In this example, the service provider offers VPWS services to Customer A and Customer B. Customer A wants to create a full mesh of point-to-point links between Westford and Bangalore. Customer B needs only a single point-to-point link between Westford and Sunnyvale. The service provider uses BGP and MPLS signaling in the core, and creates a set of unidirectional pseudowires at each provider edge (PE) router to separately cross-connect each customer’s layer 2 circuits.

In order to provision this service, the provider configures two VPWS L2VPNs, L2VPN A and L2VPN B. An encapsulation type is configured for each VPWS L2VPN. All interfaces in a given VPWS L2VPN must be configured with the VPWS L2VPN’s encapsulation type. The layer 2 interfaces that connect the PE router and CE device pairs are configured to be members of the corresponding VPWS L2VPN, L2VPN A or L2VPN B.

Local and remote site information for the interfaces identifies the cross-connect. Local cross-connects are supported when the interfaces that are connected belong to two different sites configured in the same VPWS instance and on the same PE router.

BGP advertises reachability for the VPNs. The BGP configuration is similar to that used for other VPN services, such as layer 3 VPNs and VPLS. MPLS is configured to set up base LSPs to the remote PE routers similarly to the other VPN services.

Related Documentation