[j-nsp] Application of L2 VPN in Real World Scenario

sthaug at nethelp.no sthaug at nethelp.no
Wed Jul 16 10:16:03 EDT 2008


> I have to jump in, since I am also interested :-)
> 
> My question is, what do you think the cost/benefit of L2VPN over VPLS?
> It seems that L2VPN is restricted to point-to-point and there is a
> separate vrf (and a routing table) for each link, while VPLS maintains
> a single vrf and routing table. Have you guys thought about using
> VPLS? Or is there any problems with it? Maybe scalability?

Can't really comment the (Juniper proprietary) L2VPN. However, we use
both Martini tunnels (L2circuit in Juniper terminology) and VPLS. The
two technologies are quite different:

- L2circuit (and L2VPN) give you a point-to-point link. You can think
about the technology as a pipe where packets are inserted at one end
and come out at the other end. No MAC address learning is necessary.
Troubleshooting is fairly simple (no need to go looking for specific MAC
addresses and where they originate). Scaling is fairly good - we have
M7i routers with more than 2000 L2circuits.  You need to watch your FEB
memory utilization, though.

- VPLS give you a layer 2 multipoint network - in effect you are making
your network look like a large LAN. MAC address learning is necessary,
and only the MX boxes are able to do this in hardware. Replication of
broadcast/multicast/unknown unicast traffic is at the *source*, which
has the potential to melt down your network (e.g. one 100 Mbps stream
replicated to 20 different PE routers gives you 2 Gbps of traffic from
your ingress router towards your network core). Both the technology
and the troubleshooting is significantly more complex than L2circuit/
L2VPN.

I don't want to give the impression that VPLS is all gloom and doom.
Juniper has done a reasonable job of making the technology stable,
especially in later JunOS versions, and P2MP LSPs help significantly
with the ingress replication problem. However, L2 point-to-point is
still a significantly simpler technology no matter how you look at it.

Steinar Haug, Nethelp consulting, sthaug at nethelp.no


More information about the juniper-nsp mailing list