190Configuring MPLS L2VPNThis chapter describes how to configure MPLS L2VPN.The S5500-28SC-HI and S5500-52SC-HI switches do not support MPLS L2VPN.MPLS L2VPN overviewMPLS L2VPN is an MPLS-based Layer 2 VPN technology. It uses MPLS to establish Layer 2 connectionsbetween network nodes.Using MPLS L2VPN, carriers can transparently transport Layer 2 data of different data link layerprotocols (including ATM, FR, VLAN, Ethernet, and PPP) over a single MPLS or IP backbone.From the perspective of users, the MPLS or IP backbone network is a Layer 2 switched network. Forexample, when two Ethernet networks are connected through MPLS L2VPN over an MPLS or IP backbone,Ethernet users cannot sense the existence of the MPLS or IP backbone. They feel like they are connecteddirectly through an Ethernet.MPLS L2VPN can provide both point-to-point connections and point-to-multipoint connections. Thischapter describes only the MPLS L2VPN technologies that provide point-to-point connections. Forinformation about the MPLS L2VPN technologies that provide point-to-multipoint connections, see"Configuring VPLS."MPLS L2VPN has the following advantages:• High scalability—MPLS L2VPN establishes only Layer 2 connections. It does not maintain therouting information of users. This greatly reduces the load of provider edge (PE) devices and eventhe load of the whole service provider network, enabling carriers to support more VPNs and toservice more users.• Guaranteed reliability and VPN routing security—MPLS L2VPN neither tries to obtain norprocesses the routing information of users, guaranteeing the security of user VPN routinginformation.• Support for multiple network layer protocols—Such as IP, IPX, and SNA.Basic concepts of MPLS L2VPN• Customer edge device—A CE device is a customer network device directly connected to the serviceprovider network. It can be a network device (such as a router or a switch) or a host. It cannot"sense" the existence of any VPN, neither does it need to support MPLS.• Provider edge device—A PE device is a service provider network device connected to one or moreCEs. It provides VPN access by mapping and forwarding packets from user networks to publicnetwork tunnels and from public network tunnels to user networks.On an MPLS network, all VPN processing occurs on PEs.• Attachment circuit—An AC is a link between a CE and a PE.• Virtual circuit—A VC is also called a Pseudowire (PW). It is a virtual bidirectional connection thatconnects the ACs on two PEs. An MPLS VC comprises a pair of LSPs in opposite directions.• Tunnel—A tunnel (or public tunnel) is a connection that carries VCs across the MPLS or IP backbone.It can be an LSP tunnel, MPLS TE tunnel, or a GRE tunnel.
