Designing and Deploying L2TPv3-Based Layer 2 VPNs

Layer 2 VPNs (L2VPN) can be used to provide site-to-site Layer 2 connectivity. As discussed in Chapter 1, "What Is a Virtual Private Network?" L2VPNs can be built using technologies and protocols such as the Layer Two Tunneling Protocol version 3 (L2TPv3, RFC3931) and Any Transport over MPLS (AToM) and can fall into three categories:

• Virtual Private Wire Service (VPWS) This type of L2VPN provides point-to-point MAN or WAN transport for Layer 2 protocols and connections such as Ethernet, High-Level Data Link Control (HDLC), PPP, Frame Relay, and ATM.
• Virtual Private LAN Service (VPLS) A VPLS provides multipoint Ethernet connectivity.
• IP-only Private LAN Service (IPLS) This is a newer type of L2VPN, and it provides multipoint IP-only connectivity.

A common question asked about L2VPNs (including L2TPv3-based L2VPNs) is why they might be preferred over Layer 3 site-to-site VPNs and when their deployment might be suitable.

L2TPv3 pseudowire (emulated circuit)-based L2VPNs are typically deployed by service providers in order to consolidate legacy and newer IP network infrastructure and offer newer Ethernet-based WAN connectivity to their customers. Figure 2-1 illustrates an L2TPv3-based L2VPN. Figure 2-1 shows L2TPv3 sessions over an IP backbone network between service Provider Edge (PE) routers: London.PE, Birmingham.PE, and Amsterdam.PE. The L2TPv3 sessions in Figure 2-1 are transporting the following Layer 2 protocol connections:

• An Ethernet connection between Customer Edge (CE) routers mjlnet.London.PE and mjlnet.Birmingham.CE
• A Frame Relay connection between CE routers cisco.Birmingham.CE and cisco.Amsterdam.CE
• A PPP connection between CE routers vectorit.London.CE and vectorit.Amsterdam.CE

Figure 2-1. L2TPv3-Based L2VPN