Layer 2 VPN (VPLS) Overview

vpls architecture

What is VPLS?

Nokia VPLS is a Multipoint-to-Multipoint Layer 2 VPN Service that connects multiple branches of a Customer, in a single logical switched architecture over Service Provider IP/MPLS network. Service Provider IP/MPLS network is our transit network here. Different brances of a customer, pass through this IP/MPLS network and this Layer 2 VPN infrastructure seems to the customer as their branches are connected to a single company switch.


VPLS (L2 VPN) = Logical Switched Architecture



You can also check Nokia VPLS Configuration and Cisco VPLS Configuration on



This IP/MPLS network also provides the ISP to use this Layer 2 VPN infrastructure times and times for different customers. Different customer branches communicate with their own branches over Service Provider IP/MPLS network. And there is no conflict. This is the key point of Virtual Private LAN Service architecture (Layer 2 VPN).


In the following lessons, we will How to Configure VPLS and other key lessons like VPLS Topologies, MAC Learning and Labelling. Now, let’s continue to basic of this Nokia VPN Service.




With Nokia Virtual Private LAN Service solution, customers provide a cheap and effective way to communicate their branches. They can easily add new brances to their logical switched L2 VPN network. They do not need to know WAN devices. All the transport responsibility is in ISP. Customer is only responsible with its own part. And this is strcitly determined. Customer provide its own routing. Remember, they only buy a “logical switched architecture” from the ISP.


You can see the Logical view of VPLS below:


Alcatel-Lucent, Logical View of VPLS
Logical View of Virtual Private LAN Service
From the customer perspective, with Layer 2 VPN, the sites of customer are like, connected to an Ethernet Switch in its own LAN. So, in this Nokia L2 VPN Service, Switching is the main point.


You can see Layer 2 VPN from the customer perspective below:


Alcatel-Lucent, Customer View of VPLS
Customer View of Layer 2 VPN
By using Virtual Private LAN Service, there can be many private LANs in the Service Provider MPLS Network. Each of these LANs (VPLSes) are unaware eachother.


Every process is like in an Ethernet Switch in Virtual Private LAN Service architecture. Like ethernet switches, MAC addresses are important because of the fact that Virtual Private LAN Service works on Layer 2. MAC Address Learning and the forwarding process is done according to the tables in which MAC-address and port information is kept. This table is Forwarding Database(FDB). The traffic is switched according to the Forwarding Databases(FDB).


MAC Learning is done like the same mechanism of swithces, by storing the source MAC address of the packets. Think about this, as a mini switch in the main Servis Router. This mini switch sends the packets to its destination if it knows its Destination MAC Address. If not, it forwards the traffic through all the ports. This is flooding mechanism like in Ethernet Switches.


Alcatel-Lucent, Customer View of Layer 2 VPN

 FDB(MAC Table) of VPLS


In Layer 2 VPN Architecture, all the nodes are connected via pseudowires as fully mesh. Each Virtual Private LAN Service has a specific VC-ID or Pseudowire ID and this differentiate one VPN Service to other VPN Services.


For each VPLS n * (n-1) / 2 pseudowire is required for full mesh connection.


Full mesh requirement is for normal L2 VPN Architecture. For Hierarchical Virtual Private LAN Service (H-VPLS) there is no such requirement. We will talk about H-VPLS, in another lesson. You can also check Hierarchical VPLS (H-VPLS) to learn more about it.


Here, we have talked about basic overview of Virtual Private LAN Service. In the following lessons, we will talk about Virtual Private LAN Service Topologies, VPLS MAC Learning, VPLS Labelling and VPLS Configurations detailly.

Lesson tags: vpn services, vpls, l2 vpn
Back to: JNCIE > VPN

Leave a Reply

Your email address will not be published. Required fields are marked *