VPLS (Virtual Private LAN Service) - Emulation of a LAN via an IP/MPLS network

Ethernet is a LAN connection technology, widely used in MANs and access technologies, and increasingly in backhaul networks, as its cost is very competitive with other technologies. Among VPN technologies, Virtual Private LAN Service (VPLS) belongs to the Level 2 VPN family.

Many networks need to connect their geographically dispersed sites. VPLS has emerged to meet this need, enabling the connection of multiple customer sites in a single bridge domain over an IP/MPLS network. A LAN is thus emulated, delivering a broadcast domain enabling Layer 2 functionalities such as learning and frame forwarding based on Ethernet MAC addresses. From the customer service point of view, all sites belonging to the same VPLS are seen as belonging to the same LAN.

LAN technology handles broadcast, multicast and unicast frames to unknown destinations, but MPLS technology is not natively capable of fulfilling this service, so new extensions are defined with the appearance of new functions on the VPLS PE router: MAC address learning, flooding (including the replication function) and MAC aging. Each PE router maintains a table of MAC addresses per VPLS, called a VSI (Virtual Switching Instance). Each VSI is linked by a complete mesh of MPLS tunnels, known as pseudowires.

In VPLS, there are two main different and non-compatible methods for implementing the VPLS control plane: T-LDP and MP-BGP. Both establish, delete and maintain pseudowires linking MAC address tables on a per-customer basis (VSI).

To solve scaling issues (in terms of the signaling to be implemented on VPLS routers), architectures such as BGP auto-discovery, hub & spoke connectivity or hierarchical VPLS simplify these aspects.

In addition, mechanisms have been developed to improve VPLS operation in areas such as resilience, supervision and security, and techniques have been developed to enable VPLS to be used in cross-domain or cross-AS contexts.