L2VPN redundancy with ethernet access domain
First Claim
1. A method of providing redundancy for Virtual Private Network (VPN) service with an Ethernet access network, the method comprising:
- establishing a dedicated pseudowire (PW) connection across a Layer 2 VPN (L2VPN) core network between first and second network-facing provider edge (n-PE) devices associated with the Ethernet access network, the dedicated PW being in addition to a full mesh of PWs associated with a customer Virtual Private Local Area Network service (VPLS) instance, the full mesh of PWs being used for transport of customer data packet traffic across the L2VPN core network, the dedicated PW being for provider Bridge Protocol Data Unit (BPDU) traffic only, the first and second n-PE devices not running a Spanning Tree Protocol (STP);
receiving a BPDU at an input interface of the first n-PE device;
relaying the BPDU on the dedicated pseudowire, by the first n-PE device, to the second n-PE device without processing the BPDU by the first n-PE device such that the first and second n-PE devices and L2VPN core network appear as a single Local Area Network (LAN) segment to aggregation devices of the Ethernet access network connected to the first and second n-PE devices.
1 Assignment
0 Petitions
Accused Products
Abstract
Redundancy for Virtual Private Network (VPN) service with an Ethernet access network is provided by a full-mesh of dedicated pseudowires connected among the network-facing provider edge (n-PE) devices, each of which is associated with the same Ethernet access network. A provider Bridge Protocol Data Unit (BPDU) generated by a provider bridge node in the Ethernet access network and received at an input interface of one n-PE device is relayed (without being processed) to all other n-PEs associated with that access network over the full-mesh of dedicated pseudowires. It is emphasized that this abstract is provided to comply with the rules requiring an abstract that will allow a searcher or other reader to quickly ascertain the subject matter of the technical disclosure. It is submitted with the understanding that it will not be used to interpret or limit the scope or meaning of the claims.
112 Citations
23 Claims
-
1. A method of providing redundancy for Virtual Private Network (VPN) service with an Ethernet access network, the method comprising:
-
establishing a dedicated pseudowire (PW) connection across a Layer 2 VPN (L2VPN) core network between first and second network-facing provider edge (n-PE) devices associated with the Ethernet access network, the dedicated PW being in addition to a full mesh of PWs associated with a customer Virtual Private Local Area Network service (VPLS) instance, the full mesh of PWs being used for transport of customer data packet traffic across the L2VPN core network, the dedicated PW being for provider Bridge Protocol Data Unit (BPDU) traffic only, the first and second n-PE devices not running a Spanning Tree Protocol (STP); receiving a BPDU at an input interface of the first n-PE device; relaying the BPDU on the dedicated pseudowire, by the first n-PE device, to the second n-PE device without processing the BPDU by the first n-PE device such that the first and second n-PE devices and L2VPN core network appear as a single Local Area Network (LAN) segment to aggregation devices of the Ethernet access network connected to the first and second n-PE devices.
-
-
2. The method of claim 1 wherein further comprising:
-
detecting a link failure between a user-facing provider edge (u-PE) device of the Ethernet access network and the second n-PE device; and re-routing customer data traffic away from the second n-PE device and through the first n-PE device.
-
-
3. The method of claim 1 wherein further comprising:
-
detecting a Ethernet link failure between a provider bridge (Agg-PE) device of the Ethernet access network and the second n-PE device; and re-routing customer data traffic away from the second n-PE device and through the first n-PE device.
-
-
4. The method of claim 1 wherein further comprising:
-
detecting a node failure in a customer data traffic path that includes the second n-PE device; and re-routing customer data traffic away from the second n-PE device and through the first n-PE device.
-
-
5. The method of claim 1 wherein the dedicated PW comprises a VPLS instance that is separate from the customer VPLS instance.
-
6. The method of claim 1 wherein the L2VPN core network comprises a Multi-Protocol Label Switching (MPLS)/Internet Protocol (IP) core network.
-
7. The method of claim 1 wherein the first and second n-PE devices comprise non-spanning tree protocol (STP) compatible routers.
-
8. A method of providing Layer 2 Virtual Private Network (L2VPN) redundancy to a customer, the method comprising:
-
establishing a full mesh of pseudowires (PWs) between a plurality of network-facing provider edge (n-PE) devices connected to an Ethernet access network, the PWs being used for transport of customer data packet traffic across a Multi-Protocol Label Switching (MPLS)/Internet Protocol (IP) core network dedicated for Bridge Protocol Data Unit (BPDU) traffic; establishing a dedicated PW between first and second redundant n-PE devices, the dedicated PW being for provider Bridge Protocol Data Unit BPDU traffic only, the first and second redundant n-PE devices not running a Spanning Tree Protocol (STP); generating a BPDU according to a Spanning Tree Protocol (STP) by a bridge node of the Ethernet access network; receiving the BPDU at an input interface of the first redundant n-PE device; relaying the BPDU, by the first redundant n-PE device, to a second redundant n-PE device associated with the Ethernet access network without processing the BPDU by the first redundant n-PE device.
-
-
9. The method of claim 8 wherein the first and second redundant n-PE devices and MPLS/IP core network appear as a single Local Area Network (LAN) segment to the bridge node of the Ethernet access network.
-
10. The method of claim 8 wherein further comprising:
-
detecting an Ethernet link failure between a user-facing provider edge (u-PE) device of the Ethernet access network and the second redundant n-PE device; and re-routing customer data traffic away from the second redundant n-PE device and through another n-PE device.
-
-
11. The method of claim 8 wherein further comprising:
-
detecting a Ethernet link failure between a provider bridge (Agg-PE) device of the Ethernet access network and a n-PE device; and re-routing customer data traffic away from the n-PE device and through another n-PE device having an Ethernet connection with the Agg-PE device.
-
-
12. The method of claim 8 wherein further comprising:
-
detecting a node failure in a customer data traffic path that includes the second redundant n-PE device; and re-routing customer data traffic away from the second redundant n-PE device and through the first redundant n-PE device.
-
-
13. The method of claim 8 wherein the bridge node comprises an intermediate provider bridge utilized to connect a user-facing provider edge (u-PE) device with one of the plurality of n-PE devices.
-
14. The method of claim 8 wherein the bridge node comprises a spanning-tree protocol (STP) instance.
-
15. A system for providing Virtual Private Network (VPN) service to a customer comprising:
-
an Ethernet access network that includes a user-facing provider edge (u-PE) device connected with a customer edge (CE) device, and one or more bridges; first and second network-facing provider edge (n-PE) devices associated with the Ethernet access network, each of the first and second n-PE devices lacking spanning-tree protocol (STP) functionality, the one or more bridges providing connectivity between the u-PE with the first and second n-PE devices; a full mesh of pseudowires (PWs) associated with a customer Virtual Private LAN service (VPLS) instance, the full mesh of PWs being used for transport of customer data packet traffic across a L2VPN core network; and an additional pseudowire (PW) dedicated exclusively to provider Bridge Protocol Data Unit (BPDU) traffic between the first and second n-PE devices, wherein both the first and second n-PE devices are configured to relay a BPDU received at an input interface directly to an output interface for forwarding to the other n-PE device without processing the BPDU by the first n-PE device such that the first and second n-PE devices and L2VPN core network appear as a single LAN segment to the one or more bridges of the Ethernet access network connected to the first and second n-PE devices.
-
-
16. The system of claim 15 wherein the Ethernet access network is configured with a hub-and-spoke topology.
-
17. The system of claim 15 wherein STP running on the one or more bridges functions in response to a node or link failure associated with the second n-PE device by re-routing customer data traffic through the first n-PE device.
-
18. The method of claim 15 wherein the dedicated PW comprises a VPLS instance that is separate from the customer VPLS instance.
-
19. The method of claim 15 wherein the L2VPN core network comprises a Multi-Protocol Label Switching (MPLS)/Internet Protocol (IP) core network.
-
20. A provider edge (PE) device for connection to a service provider (SP) network and an Ethernet access network comprising:
-
input and output interfaces; means for relaying a Bridge Protocol Data Unit (BPDU) received from a bridge device of the Ethernet access network at the input interface directly to the output interface without processing the BPDU according to a spanning-tree protocol, the output interface being connected to a redundant PE device via a dedicated pseudowire (PW) across a Layer 2 Virtual Private Network (L2VPN) core network, the dedicated PW being in addition to a full mesh of PWs associated with a customer Virtual Private Local Area Network service (VPLS) instance, the full mesh of PWs being used for transport of customer data packet traffic across the L2VPN core network, the dedicated PW being for provider BPDU traffic only, both the PE device and the redundant PE device not running a Spanning Tree Protocol (STP), the PE device, the redundant PE device, and the L2VPN core network appearing as a single Local Area Network (LAN) segment to the bridge device.
-
-
21. The PE device of claim 20 wherein the PE device comprises a router.
-
22. The PE device of claim 20 further comprises a dedicated Virtual Switch Instance (VSI) for BPDU traffic.
-
23. A computer readable memory encoded with a computer program product for configuring a network-facing provider edge (n-PE) device that lacks spanning tree protocol functionality, when executed the computer program product being operable to:
-
relay a Bridge Protocol Data Unit (BPDU) received from a bridge device of an Ethernet access network at an input interface of the n-PE directly to the output interface of the n-PE without processing of the BPDU; and forward the BPDU to a second n-PE device on a dedicated pseudowire (PW) connected to the output interface, the dedicated PW being connected to the second n-PE device across a Multi-Protocol Label Switching (MPLS)/Internet Protocol (IP) core network, the dedicated PW being in addition to a full mesh of PWs associated with a customer Virtual Private Local Area Network service (VPLS) instance, the full mesh of PWs being used for transport of customer data packet traffic across the L2VPN core network, the dedicated PW being for provider BPDU traffic only, the n-PE device, the second n-PE, and the MPLS/IP core network appearing as a single Local Area Network (LAN) segment to the bridge device.
-
Specification