How do Ethernet networks identify and segregate streams of customer data as they are transported through a metro or regional network? How do service providers deploy Virtual LAN services, allowing the cost-effective provision of Ethernet services over transport networks? In this post, I look at current solutions and their limitations, and describe some new technologies designed to enhance this market segment.
Current Solutions
Ethernet access and optical platforms use VLAN tagging based on the frame formats defined in IEEE standard 802.1ad (known as Provider Bridging, or Q-in-Q) to tag frames received on customer ports. 802.1ad, which was standardised in 2005, specifies C-tags and S-tags, which can be applied independently or together to allow local area networks to be extended across metro and regional transport networks. Each tag is a 4-byte header which is inserted into the Ethernet frame between the existing customer MAC addresses and the Ethertype field. By introducing the extra level of tagging provided by the S-tag, up to 4,094 customer LANs can be aggregated together into a higher-speed Ethernet stream.
Network Scaling Issues
Provider Bridging is widely used in the telecommunications industry, but suffers from some limitations. These include:
- Insufficient numbers of service identifiers (VLANs)
- A flat addressing scheme which fails to isolate MAC addresses from different customers.
Several Ethernet encapsulation technologies have emerged in the last few years, which aim to overcome these limitations and provide new facilities required by network operators:
- Provider Backbone Bridging (IEEE 802.1ah)
- Provider Backbone Bridging – Traffic Engineering (IEEE 802.1Qay)
- MPLS-TP
- TRILL
- Provider Link State Bridging (802.1aq)
Provider Backbone Bridging
IEEE standard 802.1ah, also known as MAC-in-MAC, was approved in 2008. It encapsulates the incoming customer frame by adding new destination and source MAC addresses and one or two new tags. The I-tag includes a 24-bit service identifier (I-SID) which addresses the need for service identifier scalability voiced by service providers. It also includes 8 priority levels and a drop eligibility flag similar to that defined in 802.1ad. By adding new backbone MAC addresses at the front of the frame, 802.1ah provides isolation of customer MAC addresses from the core of the backbone network. This is important because MAC address duplication in customer networks can cause serious issues in Carrier Ethernet networks – even though each customer is responsible for avoiding MAC address duplication inside its network, two different customers could interfere with each others’ traffic if the same MAC address was to be found in each of their networks.
In addition to the I-tag, 802.1ah can add a B-tag immediately following the backbone MAC addresses. This tag has a 12-bit VLAN identifier and is fully compatible with existing 802.1ad bridges, as the B-tag uses the same format as the existing S-tag. This feature allows 802.1ah Backbone Edge Bridges to be deployed at the edge of a network core comprising 802.1ad bridges, yielding benefits of scale without obsoleting the existing network core.
Another major use of 802.1ah Backbone Edge Bridges is to reduce the number of MAC addresses which need to be learnt in the network core. MAC address table size is a major problem for existing VPLS networks, and employing 802.1ah encapsulation at the boundary with an attached access network is very effective in dealing with this problem.
PBB-TE
IEEE standard 802.1Qay (approved in 2009) seeks to provide traffic engineering features. Originally a Nortel and BT initiative (PBT), it has lost a lot of support in the market following BT's abandonment of the scheme and Nortel’s decline.
PBB-TE uses the same packet formats as 802.1ah and nominally the same data plane forwarding functions. However it is very different from bridging because it is a connection-oriented scheme. No packet is forwarded on the backbone unless the forwarding table in each bridge contains a specific entry for that TESI (Traffic-Engineering Service Instance). Thus, the normal flooding rules used in bridges to ensure packets reach their destinations are suspended for PBB-TE. The advantages of traffic engineering are that bandwidth guarantees can be provided for defined traffic streams as they pass through a network. On the other hand, it is more complicated than traditional bridging and requires extensive network management or control plane support to set up paths for traffic. Traffic Engineering features may not even be required in access networks.
In my next post, I'll examine some more technologies in this area: MPLS-TP, TRILL and Provider Link State Bridging.