Layer 2 Protocol Tunneling

Layer 2 protocol tunneling (L2PT) is achieved by encapsulating the PDUs at the ingress PE device before transmitting them over the service provider network. The encapsulation prevents the PDUs from being processed by the switches in the SP network. At the egress PE device, the encapsulated packets are de-encapsulated, and transmitted to the CE device.

The encapsulation used for different types of networks is as follows:
  • VLAN (Virtual LAN)/VMAN – The Destination Address (DA) MAC of the Layer 2 PDU is changed to the L2PT DA MAC. The switch shall also add any VLAN tags that may be required to the Layer 2 PDU before transmitting over the SP network.
  • VPLS/VPWS – The DA MAC of the Layer 2 PDU is changed to L2PT DA MAC. The Layer 2 PDU is then treated like any other data packet by the MPLS (Multiprotocol Label Switching) stack. The MPLS stack shall add the labels and L2 headers as per its configuration to the Layer 2 PDU before transmitting over the SP network.
Tunneling is configured on a service by specifying a tunneling action for each interface of the service. The possible actions are:
  • Tunnel – Configuring an interface of a service to tunnel for a protocol enables the interface to tunnel PDUs of the configured protocol that are received by the underlying port of the interface. Any PDUs that are received in its native format are tunneled instead of processing locally by the switch. Any PDUs of the protocol that are received in its encapsulated format are dropped by the switch (receiving an encapsulated packet on an interface configured to tunnel is considered proof of network misconfiguration, or loops).
  • Encapsulate/Decapsulate – Configuring an interface of a service to encapsulate or de-encapsulate for a protocol enables the interface to transmit and receive PDUs of that protocol in its encapsulated format. Native PDUs of the protocol may still be received by the underlying port of the interface, but they will not be tunneled and instead are processed locally by the switch.
  • None – Configuring an interface of a service to none for protocol marks the interface as not participating in tunneling for that protocol. Native PDUs of the protocol that are received on the underlying port of the interface shall either be processed locally by the switch or be tunneled by another service which is configured to tunnel that protocol. Encapsulated PDUs that are received on the interface are treated like any other L2 packet.
An operator can specify a CoS (Class of Service) value for the tunneled PDUs. This can be useful since some L2 protocols may have a higher priority than others (for example, STP (Spanning Tree Protocol) may be considered higher priority than LLDP (Link Layer Discovery Protocol)). If a CoS value is specified for a protocol for which tunneling is enabled, the switch will transmit the encapsulated PDUs for that protocol with the operator specified CoS towards the network. The CoS value specified by the operator is transmitted on the SP network as follows:
  • VLAN/VMAN – The CoS value is written to the PRI bits of the outermost VLAN tag if available.
  • VPLS/VPWS – The CoS value is written to the EXP bits of the outermost MPLS label. The action taken by the switch for PDUs of a protocol is as described in the following table.
Click to expand in new window

L2 PDU Actions

Ingress Action Egress Action Switch Action
None or Encap/Decap NA Process locally
Tunnel None Discard PDU at egress
Tunnel Tunnel Tx PDU natively
Tunnel Encap/Decap Tx PDU encapsulated

The action taken by the switch for encapsulated PDUs for a protocol is as described in the following table.

Click to expand in new window

L2 Encapsulated PDU Actions

Service has at least one I/F with tunnel action Ingress Action Egress Action Switch Action
No None or Encap/Decap None or Encap/Decap Forward
Yes None or Tunnel NA Discard packet at ingress
Yes Encap/Decap None Discard packet at egress
Yes Encap/Decap Tunnel Tx PDU natively
Yes Encap/Decap Encap/Decap Tx PDU encapsulated