PPVPN Working Group Loa Andersson
Internet-Draft Utfors AB
Expiration Date: August 2002
22 February, 2002
Parameters and related metrics to compare PPVPN Layer 2 solutions
<draft-andersson-ppvpn-metrics-00.txt>
Status of this Memo
This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026 [1].
Internet-Drafts are working documents of the Internet Engineering Task
Force (IETF), its areas, and its working groups. Note that other groups
may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference material
or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
For potential updates to the above required-text see:
http://www.ietf.org/ietf/1id-guidelines.txt
Summary for Sub-IP related Internet Drafts
RELATED DOCUMENTS:
See the reference section.
WHERE DOES IT FIT IN THE PICTURE OF THE SUB-IP WORK
This ID is intended for the PPVPN WG.
WHY IS IT TARGETED AT THIS WG(s)
INTERNET-DRAFT draft-andersson-ppvpn-terminolgy-00.txt 22 February,
2002
Andersson Expires August 2002 [Page 2]
PPVPN deals with provider provisioned VPNs. This document describes
metrics for Layer 2 Provider Provisioned Virtual Private Network
services, a class of Provider Provisioned Virtual Private Networks
services.
JUSTIFICATION
This document describes some parameters and related metrics which could
be used for classifying solutions in the Layer 2 space and, possibly,
for evaluating commonalities and differences, pros and cons of the
functional options specific to each solution.
As complementary result, the document aims to provide input to the PPVPN
WG for further definition of a limited set of candidate solutions in the
Layer 2 solution space, promoting commonalities and convergence among
solutions in respect of the key service requirements.
The parameters and related metrics under consideration are inspired from
the appropriate service requirement drafts ([9], etc.) and are then
relevant for evaluating the L2 solutions against significant
requirements for customers and service providers. In this perspective,
the metrics will be also aligned with the PPVPN Applicability Statement
Guidelines document [10] and will provide input for each candidate
solution-specific Layer 2 Applicability Statement.
The extension of this document to Layer 3 VPNs in a further version has
to be evaluated.
Abstract
PPVPN deals with provider provisioned VPNs. This document describes
metrics for Virtual Private Networks, to be used in comparing solutions
proposal and later when comparing new proposals to the existing.
Conventions used in this document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC-2119 [3].
Contents
1. Introduction...................................................... 3
2. Metrics........................................................... 4
2.1 Service....................................................... 4
INTERNET-DRAFT draft-andersson-ppvpn-metrics-00.txt Feb 2002
Andersson Expires August 2002 [Page 3]
2.1.1 L3-VPN............................................... 4
2.1.2 Virtual Private Wire (VPW)........................... 5
2.1.3 Virtual Private LAN Service (VPLS)................... 5
2.2 Provisioning............................................... 5
2.2.1 Static............................................... 5
2.2.2 Automatic............................................ 5
2.3 Discovery.................................................. 5
2.3.1 BGP.................................................. 5
2.3.2 Directory based...................................... 6
2.4 VPN Signaling.............................................. 6
2.4.1 L2TP................................................. 6
2.4.2 RSVP-TE.............................................. 6
2.4.3 LDP.................................................. 6
2.4.4 BGP.................................................. 7
2.5 Coupling................................................... 7
2.5.1 Coupled.............................................. 7
2.5.2 De-coupled........................................... 7
3. Reference tree.................................................... 7
3.1 Tree....................................................... 8
4. Non-metrics...................................................... 10
4.1 Tunnel technology......................................... 10
4.2 Security.................................................. 10
1. Introduction
The provider provisioned VPN solutions has attracted a great deal of
interest and several solutions has been proposed. There is clearly a
need for an organized way of comparing the solutions and elements in the
solutions. This document proposes such a method; it is based on some
generic elements that have to be present/solved by every VPN. This
version of the draft is very much focused on the L2 VPNs, and that is
natural since it comes out of a L2 VPN design team effort. The L3 parts
of this document is included to only show the potential to include a
more extensive treatment of L3 VPNs in the future.
Concepts and terminology in this document are according to [4].
INTERNET-DRAFT draft-andersson-ppvpn-metrics-00.txt Feb 2002
Andersson Expires August 2002 [Page 4]
2. Metrics
When implementing customer VPNs in a provider network a certain set of
issues has to be considered, e.g. [9], other references to be provided
in later version of this document, other requirement documents,
Applicability Statement Guidelines document:
- Scaling, e.g. number of nodes per VPN, number of nodes per site or
number of VPN per network
- SLA enforcements
- inter-domain reachability
- provisioning
- flexibility
- integration and migration from existing infrastructure and services
- value-add services
- cost
- etc.
In deciding which solution to be implemented in a given situation the
relevant metrics for each of the parameters below could be considered.
2.1 Service
Currently we see three different types of provider provisioned VPN
services. A framework for L3-VPNs is found in [5] and a framework for
L2-VPNs is a planned document for the PPVPN WG.
2.1.1 L3-VPN
A L3 VPN is an IP routed network, where addresses could be either from
the public or private address space. Being a routed service it will
scale based on how many routes the PEs are able to handle in their VRFs.
Scaling properties are very good for L3VPN, and is not in general
dependent on standards or specification, but rather on the networking
equipment or network(s) it is implemented.
More detailed treatment of L3 VPNs are for future versions of this
document.
INTERNET-DRAFT draft-andersson-ppvpn-metrics-00.txt Feb 2002
Andersson Expires August 2002 [Page 5]
2.1.2 Virtual Private Wire (VPW)
A VPW is a VPN service that supplies a L2 point-to-point service. Being
a point-to-point service where there are very few scaling issues with
the service as such. Scaling issues might arise from the number of end-
points that can be supported on a particular PE.
2.1.3 Virtual Private LAN Service (VPLS)
A VPLS is an L2 service that in all respects emulates LAN across a Wide
Area Network (WAN). Thus it also has all the scaling characteristics of
a LAN. Other scaling issues might arise from the number of end-points
that can be supported on a particular PE.
2.2 Provisioning
To limit the effort that a service provider needs to spend on
provisioning the customer VPNs are critical.
2.2.1 Static
We say that a VPN is static configured if all information ¡ attachment
circuits, tunnels, routing/forwarding information, QoS parameters, etc.
¡ are manually configured.
2.2.2 Automatic
In an automatic configured network it is possible to enter configuration
parameters on one single spot, e.g. the PE.
2.3 Discovery
Discovery involves discovering e.g. VPNs and VPN end-points, in such a
way that they may be connected to the VPN. The most important parameter
in comparing different discovery mechanisms is the time it takes from
that the information is configured until all nodes that need to know it
has that information.
2.3.1 BGP
A basic function in BGP is to advertise information BGP speaking peers.
In VPN solutions MP-BGP is used to distribute information that is used
in a PE to map traffic from an attachment circuit to a PE-to-PE tunnel
and which de-multiplexor to use, and vice versa.
INTERNET-DRAFT draft-andersson-ppvpn-metrics-00.txt Feb 2002
Andersson Expires August 2002 [Page 6]
The scaling issues in using BGP as discovery protocol are few. The
number of VPNs in a network, the number of hosts per site, the number of
sites per VPN and number of VPN instances per PE is not in any way
limited by the use of BGP.
2.3.2 Directory based
In a directory based solution the information needed by a PE to set up
tunnels and de-multiplexors are configured in a directory, the PEs
supporting a particular VPN then can and go look up the information
needed to establish the connectivity and other configuration information
needed for that VPN.
Note: For a future treatment of L3 VPNs discovery by means of Multicast
IGP has to be added.
2.4 VPN Signaling
VPN Signaling involves distributing information between PEs so the PE
can take a local decision on setting up tunnels and de-multiplexors
correctly for the sites connected to the PE.
2.4.1 L2TP
Extension to L2TP to make is possible to signal information between PEs
for establishing de-multiplexors has been presented in [6].
2.4.2 RSVP-TE
RSVP-TE (RSVP Tunnel Extensions) is a protocol that was developed to set
up LSPs with certain constraints, e.g. bandwidth and/or explicit routes.
There are proposals to use RSVP-TE in situations where only a few VPNs
are present and where QoS parameters are important.
2.4.3 LDP
Label Distribution Protocol (LDP) is a protocol that has been developed
to distribute MPLS labels within a domain. LDP has no method defined for
carrying explicit routes or QoS information.
The targeted LDP makes it possible to communicate between two non-
adjacent LSRs to set up de-multiplexors between PEs. LDP has a reliable
delivery mechanism since it is based on TCP.
Main benefit by using LDP is that it is readily available in almost any
MPLS enabled IP network.
INTERNET-DRAFT draft-andersson-ppvpn-metrics-00.txt Feb 2002
Andersson Expires August 2002 [Page 7]
In the context of provider provisioned VPNs there are few scaling issues
with LDP, LDP has however not a method to carry information across AS
borders.
2.4.4 BGP
BGP is a protocol that in the context of VPNs is used both for discovery
and to signal necessary information (e.g. de-multiplexors) to set up
end-to-end connectivity across the core network tunnels. For signalling
purposes it is the Multi-Protocol extensions to BGP (MP-BGP) that is
used. BGP has a reliable delivery mechanism since it is based on TCP.
Main benefits by using BGP are that it has become a common denominator
in networks that run MPLS based VPNs and that it by its nature is
possible to use for Inter-Domain areas.
In the context of provider provisioned VPNs there are few scaling issues
with MP-BGP.
2.5 Coupling
The concept of "coupling" relates to L2 VPNs and how the functionality
needed for the service is allocated relative to the PEs; it describes
how MAC-learning and signalling functions are distributed across
different devices.
2.5.1 Coupled
In a coupled situation all functions are located on the same physical
device.
2.5.2 De-coupled
In a de-coupled situation functions are distributed across at least two
different physical devices.
De-coupled solutions are found in [7] and [8].
3. Reference tree
By using the parameters discussed in section 2 it is possible to create
a decision tree that can be used to classify the existing VPN proposals.
By traversing the tree from top to bottom a short hand description of
the solution is created and could easily be compared with other
solutions.
INTERNET-DRAFT draft-andersson-ppvpn-metrics-00.txt Feb 2002
Andersson Expires August 2002 [Page 8]
3.1 Tree
INTERNET-DRAFT draft-andersson-ppvpn-metrics-00.txt Feb 2002
Andersson Expires August 2002 [Page 9]
Type of Service L3VPN VPW VPLS
| | | | | |
| +-------------------+-+-------+ | |
| | | | | |
+-----------+ +-----+-+-------+--------+ |
| +-+-----+ | |
| | | +-----+ | +-------+
| | | || |
v v v vv v
Provisioning Static Automatic
| | | |
| +--------------+ | |
| | | |
| | | |
| | | |
| +--------------+-+ |
| | | |
v v v v
Discovery BGP Directory based
|||| | | | |
+----------+||+----------------+-+-+-+-+
| || | | | | |
| |+-----------+ | | | | |
|+----------+------------+-----+ | | | |
|| |+-----------+-------+ | | |
|| || |+--------+ | |
|| || || | |
vv vv vv v v
Signalling L2TP RSVP-TE LDP BGP
| | | | | | ||
| +---------+-+----------+-+------+ ||
| | | | | | ||
+--------+ | +----------+ +---+ | ||
| | | | | | ||
| | +---------+-+---+--+--+|
| | | | | | | |
| | |+--------+ +---+--+--+|
| | || | | ||
| | || | | ||
v v vv v v vv
Coupling Coupled De-Coupled
Note: The L3 branch is in the tree for further study only.
INTERNET-DRAFT draft-andersson-ppvpn-metrics-00.txt Feb 2002
Andersson Expires August 2002 [Page 10]
4. Non-metrics
4.1 Tunnel technology
Most VPNs are implemented by means of a set of tunnels between the PEs
of that service. Tunnel technology and the methods to signal the set up
of the tunnel are outside the scope of this document. The establisment
of the tunnel is viewed as inherent to the network; it is even
conceivable that different "legs" of the VPN might use different tunnel
technologies.
4.2 Security
VPN technologies supply a traffic separation between customer and
customer services. This is the same level of traffic separation that
e.g. is supplied by traditional WAN technology based VPNs. Further
security mechanisms, e.g. encryption is outside the scope of this
document.
Acknowledgements
This document is the outcome of discussions within the PPVPN L2 VPN
design team. The design team includes M Lassere, V Kopella, J Heinanen,
K Kompella, E Rosen, M Borden, L Andersson, P Menezes, H Ould-Brahim and
W Augustyn.
Authors' Contact
Loa Andersson
Utfors AB
R
sundavgen 12, PO Box 525
SE-169 29 Solna, Sweden
phone: +46 8 5270 5038
loa.andersson@utfors.se
References
[1] Bradner, S. "The Internet Standards Process -- Revision 3", frc
2026, October 1996.
[2] Kompella, K. et.al "Decoupled Virtual Private LAN Services"
draft-kompella-ppvpn-dtls-01.txt, Work in progress, Internet
Draft, November 2001.
INTERNET-DRAFT draft-andersson-ppvpn-metrics-00.txt Feb 2002
Andersson Expires August 2002 [Page 11]
[3] Bradner, S. "Key words for use in RFCs to Indicate Requirement
Levels", rfc 2119, March 1997.
[4] Andersson, L. and Madsen T. "VPN Terminology", draft-andersson-
ppvpn-terminology-00.txt", Work in Progress, Internet Draft,
February 2002.
[5] Callon, R. et.al. "A Framework for Layer 3 Provider Provisioned
Virtual Private Networks", <draft-ietf-ppvpn-framework-04.txt>,
Work in Progress, Internet Draft, February 2002.
[6] Elwin, E. and Gowda, N. "L2TP Extensions for PPVPN", <draft-
elwin-l2tpext-ppvpn-00.txt>, Work in Progress, Internet draft,
November 2001.
[7] Kompella, K et.al "Decoupled Virtual Private LAN Services"
draft-kompella-ppvpn-dtls-01.txt, Work in progress, Internet
Draft, November 2001.
[8] Ould-Brahim, H et.al "VPLS/LPE L2VPNs: Virtual Private LAN
Services using Logical PE Architecture" draft-ouldbrahim-l2vpn-
lpe-01.txt, Work in Progress, Internet Draft, November 2001.
[9] Augustyn, W. et al "draft-augustyn-vpls-requirements-02.txt"
Work in progress, Internet Draft, February 2002
[10] Sumimoto, J. et al "draft-sumimoto-ppvpn-applicability-
guidelines-02.txt" Work in progress, Internet Draft, February
2002
This document expires on 8 August 2002.
INTERNET-DRAFT draft-andersson-ppvpn-metrics-00.txt Feb 2002