Layer 2 VPN (VPLS)

vpls architecture

Layer 2 VPN, VPLS (Virtual Private LAN Service)

VPLS is a Multipoint-to-Multipoint Layer 2 VPN Service that connects multiple branches of a Customer, in a single logical switched architecture over Service Provider IP/MPLS network. Service Provider IP/MPLS network is our transit network here. Different brances of a customer, pass through this IP/MPLS network and this Layer 2 VPN infrastructure seems to the customer as their branches are connected to a single company switch.

VPLS (L2 VPN) = Logical Switched Architecture
This IP/MPLS network also provides the ISP to use this Layer 2 VPN (VPLS) infrastructure times and times for different customers. Different customer branches communicate with their own branches over Service Provider IP/MPLS network. And there is no conflict. This is the key point of VPLS architecture.


With VPLS solution, customers provide a cheap and effective way to communicate their branches. They can easily add new brances to their logical switched L2 VPN (VPLS) network. They do not need to know WAN devices. All the transport responsibility is in ISP. Customer is only responsible with its own part. And this is strcitly determined. Customer provide its own routing. Remember, they only buy a “logical switched architecture” from the ISP.

You can see the logical view of VPLS below:

Alcatel-Lucent, Logical View of VPLS

Logical View of VPLS
From the customer perspective, with VPLS the sites of customer are like, connected to an Ethernet Switch in its own LAN. So, in this L2VPN Service, Switching is the main point.

You can see VPLS from the customer perspective below:

Alcatel-Lucent, Customer View of VPLS

Customer View of VPLS
By using VPLS (Virtual Private LAN Service), there can be many private LANs in the Service Provider MPLS Network. Each of these LANs (VPLSes) are unaware eachother.

Every process is like in an Ethernet Switch in VPLS architecture. Like ethernet switches, MAC addresses are important because of the fact that VPLS works on Layer 2. MAC address learning and the forwarding process is done according to the tables in which MAC-address and port information is kept. This table is Forwarding Database(FDB). The traffic is switched according to the Forwarding Databases(FDB).

MAC learning is done like the same mechanism of swithces, by storing the source MAC address of the packets. Think about this, as a mini switch in the main Servis Router. This mini switch sends the packets to its destination if it knows its Destination MAC Address. If not, it forwards the traffic through all the ports. This is flooding mechanism like in Ethernet Switches.

Alcatel-Lucent, Customer View of VPLS
FDB(MAC Table) of VPLS

In VPLS, architecture, all the nodes are connected via pseudowires as fully mesh. Each VPLS has a specific VC-ID or Pseudowire ID and this differentiate the VPLS from the other VPLSes.

For each VPLS n * (n-1) / 2 pseudowire is required for full mesh connection.

Full mesh requirement is for normal VPLS architecture. For Hierarchical VPLS (H-VPLS) there is no such requirement.We will talk about H-VPLS, in other article.

Lesson tags: l2 vpn, vpls, vpn services
Back to: JNCIP > Layer 2 VPN