VPLS Functions

Background

A characteristic of the Ethernet is that a port sends unicast packets with unknown destination MAC addresses, broadcast packets, and multicast packets to all other ports on the Ethernet. As an Ethernet-based technology, VPLS emulates an Ethernet bridge for user networks. To forward packets on a VPLS network, PEs must establish MAC address tables and forward packets based on MAC addresses or MAC addresses and VLAN tags.

Related Concepts

• MAC address learning

  Table 1 describes MAC address learning modes.

  Table 1 MAC address learning modes

  MAC Address Learning Mode	Description	Characteristic
  Qualified	A PE learns the MAC addresses and VLAN tags of received Ethernet frames. In this mode, each user VLAN is an independent broadcast domain and has an independent MAC address space.	The broadcast domain is confined to each user VLAN. Qualified learning can result in large forwarding information base (FIB) table sizes, because the logical MAC address is now a VLAN tag + MAC address.
  Unqualified	A PE learns only the MAC addresses of Ethernet frames. In this mode, all user VLANs share the same broadcast domain and MAC address space. The MAC address of each user VLAN must be unique.	If an AC interface is associated with multiple user VLANs, this AC interface must be a physical interface bound to a unique VSI.

• MAC address aging

  An aging mechanism removes MAC entries that a PE no longer needs. If a MAC entry is not updated within a specified period of time, this entry will be aged.

Implementation

PEs establish MAC address tables based on dynamic MAC address learning and associates destination MAC addresses with PWs. Table 2 describes the MAC address learning process.

Unqualified MAC address learning is similar to qualified MAC address learning. The major difference is that unqualified MAC address learning is based on the key set of VSI IDs and MAC addresses whereas qualified MAC address learning is based on the key set of VSI IDs, MAC addresses, and VLAN IDs.

Figure 1 shows the process of MAC address learning and flooding on a PE. PC1 and PC2 both belong to VLAN10. When PC1 pings IP address 1.1.1.2, PC1 does not know the MAC address corresponding to this IP address and advertises an ARP Request packet. The following uses the unqualified mode as an example to describe the specific MAC address learning process.

Figure 1 MAC address learning process

1. After receiving the ARP Request packet sent by PC1 from Port1 that connects to CE1, PE1 adds the MAC address of PC1 to its own MAC address table, as shown in the blue section of the MAC entry.
2. PE1 advertises the ARP Request packet to its other ports (PW1 and PW2 can be viewed as ports).
3. After receiving the ARP Request packet from PW1, PE2 adds the MAC address of PC1 to its own MAC address table, as shown in the blue section of the MAC entry.
4. Based on split horizon, PE2 sends the ARP Request packet to only the port connecting to CE2 (as indicated by the blue dashed line), but not to PW1. This ensures that only PC2 receives the ARP Request packet. VPLS split horizon ensures that packets received from public network PWs are forwarded to only private networks, not to other public network PWs.
5. After PC2 receives the ARP Request packet and finds that it is the destination of this packet, PC2 sends an ARP Reply packet to PC1 (as indicated by the green dashed line).
6. After receiving the ARP Reply packet from PC2, PE2 adds the MAC address of PC2 to its own MAC address table, as shown in the green section of the MAC entry. The destination MAC address of the ARP Reply packet is the MAC address of PC1 (MAC A). After searching its MAC address table, PE2 sends the ARP Reply packet to PE1 over PW1.
7. After receiving the ARP Reply packet from PE2, PE1 adds the MAC address of PC2 to its own MAC address table, as shown in the green section of the MAC entry. After searching its MAC address table, PE1 sends the ARP Reply packet to PC1 through Port1.
8. After receiving the ARP Reply packet from PC2, PC1 completes MAC address learning.
9. While advertising the ARP Request packet to PW1, PE1 also advertises the ARP Request packet to PE3 over PW2. After receiving the ARP Request packet from PW2, PE3 adds the MAC address of PC1 to its own MAC address table, as shown in the blue section of the MAC entry. Based on split horizon, PE3 sends the ARP Request packet to only PC3. Because PC3 is not the destination of the ARP Request packet, PC3 does not send any ARP Reply packet.

Derivative Functions

Traffic Restriction

Processing of Unknown Packets

After receiving a packet, if a VSI cannot find a MAC entry that matches the destination address of the packet in its MAC address table, the packet is considered an unknown packet.

Unknown packets can be unknown unicast or multicast packets. Unknown packets are dropped, locally processed, or broadcast based on network security requirements. Similar to Ethernet, a VPLS network broadcasts unknown packets by default.

In broadcast mode, a VPLS network processes unknown packets in the following ways:

• After receiving an unknown packet from an AC interface in a VSI, a PE floods the packet to all its AC interfaces that connect to local CEs and remote PEs in the VSI.
• After receiving an unknown packet from a PW in a VSI, a PE floods the packet to all its AC interfaces that connect to local CEs, but not to remote PEs.

PEs can be configured to learn the MAC addresses of unknown unicast packets when dropping these packets. This function prevents the access of unauthorized users and enables PEs to identify the sources of unknown unicast packets.

Limit on the Number of Learned MAC Addresses

After the number of MAC entries or MAC address learning time reaches the set threshold, a device forwards or drops newly received packets and decides whether to report an alarm to the network management system (NMS).

This function applies to networks with relatively fixed users but insufficient security, such as residential access networks and enterprise intranets without security management.