Internet Engineering Task Force (IETF)                          E. Rosen
Request for Comments: 6074                                      B. Davie
Category: Standards Track                            Cisco Systems, Inc.
ISSN: 2070-1721                                               V. Radoaca
                                                          Alcatel-Lucent
                                                                  W. Luo
                                                            January 2011
        
Internet Engineering Task Force (IETF)                          E. Rosen
Request for Comments: 6074                                      B. Davie
Category: Standards Track                            Cisco Systems, Inc.
ISSN: 2070-1721                                               V. Radoaca
                                                          Alcatel-Lucent
                                                                  W. Luo
                                                            January 2011
        

Provisioning, Auto-Discovery, and Signaling in Layer 2 Virtual Private Networks (L2VPNs)

第2层虚拟专用网络(L2VPN)中的资源调配、自动发现和信令

Abstract

摘要

Provider Provisioned Layer 2 Virtual Private Networks (L2VPNs) may have different "provisioning models", i.e., models for what information needs to be configured in what entities. Once configured, the provisioning information is distributed by a "discovery process". When the discovery process is complete, a signaling protocol is automatically invoked to set up the mesh of pseudowires (PWs) that form the (virtual) backbone of the L2VPN. This document specifies a number of L2VPN provisioning models, and further specifies the semantic structure of the endpoint identifiers required by each model. It discusses the distribution of these identifiers by the discovery process, especially when discovery is based on the Border Gateway Protocol (BGP). It then specifies how the endpoint identifiers are carried in the two signaling protocols that are used to set up PWs, the Label Distribution Protocol (LDP), and the Layer 2 Tunneling Protocol version 3 (L2TPv3).

提供商配置的第2层虚拟专用网络(L2VPN)可能具有不同的“配置模型”,即需要在哪些实体中配置哪些信息的模型。配置后,配置信息将通过“发现过程”分发。发现过程完成后,将自动调用信令协议,以建立形成L2VPN(虚拟)主干的伪线网(PW)。本文档指定了许多L2VPN配置模型,并进一步指定了每个模型所需的端点标识符的语义结构。它讨论了发现过程中这些标识符的分布,特别是在发现基于边界网关协议(BGP)时。然后,它指定如何在用于设置PWs的两个信令协议(标签分发协议(LDP)和第2层隧道协议版本3(L2TPv3))中携带端点标识符。

Status of This Memo

关于下段备忘

This is an Internet Standards Track document.

这是一份互联网标准跟踪文件。

This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.

本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。有关互联网标准的更多信息,请参见RFC 5741第2节。

Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6074.

有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc6074.

Copyright Notice

版权公告

Copyright (c) 2011 IETF Trust and the persons identified as the document authors. All rights reserved.

版权所有(c)2011 IETF信托基金和确定为文件作者的人员。版权所有。

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.

本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。

This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November 10, 2008. The person(s) controlling the copyright in some of this material may not have granted the IETF Trust the right to allow modifications of such material outside the IETF Standards Process. Without obtaining an adequate license from the person(s) controlling the copyright in such materials, this document may not be modified outside the IETF Standards Process, and derivative works of it may not be created outside the IETF Standards Process, except to format it for publication as an RFC or to translate it into languages other than English.

本文件可能包含2008年11月10日之前发布或公开的IETF文件或IETF贡献中的材料。控制某些材料版权的人员可能未授予IETF信托允许在IETF标准流程之外修改此类材料的权利。在未从控制此类材料版权的人员处获得充分许可的情况下,不得在IETF标准流程之外修改本文件,也不得在IETF标准流程之外创建其衍生作品,除了将其格式化以RFC形式发布或将其翻译成英语以外的其他语言。

Table of Contents

目录

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  4
   2.  Signaling Protocol Framework . . . . . . . . . . . . . . . . .  5
     2.1.  Endpoint Identification  . . . . . . . . . . . . . . . . .  5
     2.2.  Creating a Single Bidirectional Pseudowire . . . . . . . .  7
     2.3.  Attachment Identifiers and Forwarders  . . . . . . . . . .  7
   3.  Applications . . . . . . . . . . . . . . . . . . . . . . . . .  9
     3.1.  Individual Point-to-Point Pseudowires  . . . . . . . . . .  9
       3.1.1.  Provisioning Models  . . . . . . . . . . . . . . . . .  9
         3.1.1.1.  Double-Sided Provisioning  . . . . . . . . . . . .  9
         3.1.1.2.  Single-Sided Provisioning with Discovery . . . . .  9
       3.1.2.  Signaling  . . . . . . . . . . . . . . . . . . . . . . 10
     3.2.  Virtual Private LAN Service  . . . . . . . . . . . . . . . 11
       3.2.1.  Provisioning . . . . . . . . . . . . . . . . . . . . . 11
       3.2.2.  Auto-Discovery . . . . . . . . . . . . . . . . . . . . 12
         3.2.2.1.  BGP-Based Auto-Discovery . . . . . . . . . . . . . 12
       3.2.3.  Signaling  . . . . . . . . . . . . . . . . . . . . . . 14
       3.2.4.  Pseudowires as VPLS Attachment Circuits  . . . . . . . 15
     3.3.  Colored Pools: Full Mesh of Point-to-Point Pseudowires . . 15
       3.3.1.  Provisioning . . . . . . . . . . . . . . . . . . . . . 15
       3.3.2.  Auto-Discovery . . . . . . . . . . . . . . . . . . . . 16
         3.3.2.1.  BGP-Based Auto-Discovery . . . . . . . . . . . . . 16
       3.3.3.  Signaling  . . . . . . . . . . . . . . . . . . . . . . 18
     3.4.  Colored Pools: Partial Mesh  . . . . . . . . . . . . . . . 19
     3.5.  Distributed VPLS . . . . . . . . . . . . . . . . . . . . . 19
       3.5.1.  Signaling  . . . . . . . . . . . . . . . . . . . . . . 21
       3.5.2.  Provisioning and Discovery . . . . . . . . . . . . . . 23
       3.5.3.  Non-Distributed VPLS as a Sub-Case . . . . . . . . . . 23
       3.5.4.  Splicing and the Data Plane  . . . . . . . . . . . . . 24
   4.  Inter-AS Operation . . . . . . . . . . . . . . . . . . . . . . 24
     4.1.  Multihop EBGP Redistribution of L2VPN NLRIs  . . . . . . . 24
     4.2.  EBGP Redistribution of L2VPN NLRIs with Multi-Segment
           Pseudowires  . . . . . . . . . . . . . . . . . . . . . . . 25
     4.3.  Inter-Provider Application of Distributed VPLS
           Signaling  . . . . . . . . . . . . . . . . . . . . . . . . 26
     4.4.  RT and RD Assignment Considerations  . . . . . . . . . . . 27
   5.  Security Considerations  . . . . . . . . . . . . . . . . . . . 28
   6.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 28
   7.  BGP-AD and VPLS-BGP Interoperability . . . . . . . . . . . . . 29
   8.  Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . 30
   9.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 30
     9.1.  Normative References . . . . . . . . . . . . . . . . . . . 30
     9.2.  Informative References . . . . . . . . . . . . . . . . . . 31
        
   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  4
   2.  Signaling Protocol Framework . . . . . . . . . . . . . . . . .  5
     2.1.  Endpoint Identification  . . . . . . . . . . . . . . . . .  5
     2.2.  Creating a Single Bidirectional Pseudowire . . . . . . . .  7
     2.3.  Attachment Identifiers and Forwarders  . . . . . . . . . .  7
   3.  Applications . . . . . . . . . . . . . . . . . . . . . . . . .  9
     3.1.  Individual Point-to-Point Pseudowires  . . . . . . . . . .  9
       3.1.1.  Provisioning Models  . . . . . . . . . . . . . . . . .  9
         3.1.1.1.  Double-Sided Provisioning  . . . . . . . . . . . .  9
         3.1.1.2.  Single-Sided Provisioning with Discovery . . . . .  9
       3.1.2.  Signaling  . . . . . . . . . . . . . . . . . . . . . . 10
     3.2.  Virtual Private LAN Service  . . . . . . . . . . . . . . . 11
       3.2.1.  Provisioning . . . . . . . . . . . . . . . . . . . . . 11
       3.2.2.  Auto-Discovery . . . . . . . . . . . . . . . . . . . . 12
         3.2.2.1.  BGP-Based Auto-Discovery . . . . . . . . . . . . . 12
       3.2.3.  Signaling  . . . . . . . . . . . . . . . . . . . . . . 14
       3.2.4.  Pseudowires as VPLS Attachment Circuits  . . . . . . . 15
     3.3.  Colored Pools: Full Mesh of Point-to-Point Pseudowires . . 15
       3.3.1.  Provisioning . . . . . . . . . . . . . . . . . . . . . 15
       3.3.2.  Auto-Discovery . . . . . . . . . . . . . . . . . . . . 16
         3.3.2.1.  BGP-Based Auto-Discovery . . . . . . . . . . . . . 16
       3.3.3.  Signaling  . . . . . . . . . . . . . . . . . . . . . . 18
     3.4.  Colored Pools: Partial Mesh  . . . . . . . . . . . . . . . 19
     3.5.  Distributed VPLS . . . . . . . . . . . . . . . . . . . . . 19
       3.5.1.  Signaling  . . . . . . . . . . . . . . . . . . . . . . 21
       3.5.2.  Provisioning and Discovery . . . . . . . . . . . . . . 23
       3.5.3.  Non-Distributed VPLS as a Sub-Case . . . . . . . . . . 23
       3.5.4.  Splicing and the Data Plane  . . . . . . . . . . . . . 24
   4.  Inter-AS Operation . . . . . . . . . . . . . . . . . . . . . . 24
     4.1.  Multihop EBGP Redistribution of L2VPN NLRIs  . . . . . . . 24
     4.2.  EBGP Redistribution of L2VPN NLRIs with Multi-Segment
           Pseudowires  . . . . . . . . . . . . . . . . . . . . . . . 25
     4.3.  Inter-Provider Application of Distributed VPLS
           Signaling  . . . . . . . . . . . . . . . . . . . . . . . . 26
     4.4.  RT and RD Assignment Considerations  . . . . . . . . . . . 27
   5.  Security Considerations  . . . . . . . . . . . . . . . . . . . 28
   6.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 28
   7.  BGP-AD and VPLS-BGP Interoperability . . . . . . . . . . . . . 29
   8.  Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . 30
   9.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 30
     9.1.  Normative References . . . . . . . . . . . . . . . . . . . 30
     9.2.  Informative References . . . . . . . . . . . . . . . . . . 31
        
1. Introduction
1. 介绍

[RFC4664] describes a number of different ways in which sets of pseudowires may be combined together into "Provider Provisioned Layer 2 VPNs" (L2 PPVPNs, or L2VPNs), resulting in a number of different kinds of L2VPN. Different kinds of L2VPN may have different "provisioning models", i.e., different models for what information needs to be configured in what entities. Once configured, the provisioning information is distributed by a "discovery process", and once the information is discovered, the signaling protocol is automatically invoked to set up the required pseudowires. The semantics of the endpoint identifiers that the signaling protocol uses for a particular type of L2VPN are determined by the provisioning model. That is, different kinds of L2VPN, with different provisioning models, require different kinds of endpoint identifiers. This document specifies a number of L2VPN provisioning models and specifies the semantic structure of the endpoint identifiers required for each provisioning model.

[RFC4664]描述了一系列不同的方式,通过这些方式,可以将多组伪线组合成“提供商提供的第2层VPN”(L2 PPVPN或L2VPN),从而产生多种不同类型的L2VPN。不同种类的L2VPN可能具有不同的“配置模型”,即,需要在哪些实体中配置哪些信息的不同模型。配置后,通过“发现过程”分发供应信息,发现信息后,自动调用信令协议以设置所需的伪线。信令协议用于特定类型L2VPN的端点标识符的语义由供应模型确定。也就是说,具有不同配置模型的不同类型的L2VPN需要不同类型的端点标识符。本文档指定了许多L2VPN配置模型,并指定了每个配置模型所需的端点标识符的语义结构。

Either LDP (as specified in [RFC5036] and extended in [RFC4447]) or L2TP version 3 (as specified in [RFC3931] and extended in [RFC4667]) can be used as signaling protocols to set up and maintain PWs [RFC3985]. Any protocol that sets up connections must provide a way for each endpoint of the connection to identify the other; each PW signaling protocol thus provides a way to identify the PW endpoints. Since each signaling protocol needs to support all the different kinds of L2VPN and provisioning models, the signaling protocol must have a very general way of representing endpoint identifiers, and it is necessary to specify rules for encoding each particular kind of endpoint identifier into the relevant fields of each signaling protocol. This document specifies how to encode the endpoint identifiers of each provisioning model into the LDP and L2TPv3 signaling protocols.

LDP(如[RFC5036]中规定并在[RFC4447]中扩展)或L2TP版本3(如[RFC3931]中规定并在[RFC4667]中扩展)均可用作建立和维护PWs[RFC3985]的信令协议。任何建立连接的协议都必须为连接的每个端点提供一种识别另一个端点的方法;因此,每个PW信令协议提供了一种识别PW端点的方法。由于每个信令协议需要支持所有不同类型的L2VPN和供应模型,信令协议必须具有表示端点标识符的非常通用的方式,并且有必要指定用于将每种特定类型的端点标识符编码到每个信令协议的相关字段中的规则。本文档指定了如何将每个供应模型的端点标识符编码到LDP和L2TPv3信令协议中。

We make free use of terminology from [RFC3985], [RFC4026], [RFC4664], and [RFC5659] -- in particular, the terms "Attachment Circuit", "pseudowire", "PE" (provider edge), "CE" (customer edge), and "multi-segment pseudowire".

我们免费使用[RFC3985]、[RFC4026]、[RFC4664]和[RFC5659]中的术语,尤其是术语“连接电路”、“伪线”、“PE”(提供商边缘)、“CE”(客户边缘)和“多段伪线”。

Section 2 provides an overview of the relevant aspects of [RFC4447] and [RFC4667].

第2节概述了[RFC4447]和[RFC4667]的相关方面。

Section 3 details various provisioning models and relates them to the signaling process and to the discovery process. The way in which the signaling mechanisms can be integrated with BGP-based auto-discovery is covered in some detail.

第3节详细介绍了各种供应模型,并将其与信令过程和发现过程相关联。信令机制可以与基于BGP的自动发现相集成的方式将进行详细介绍。

Section 4 explains how the procedures for discovery and signaling can be applied in a multi-AS environment and outlines several options for the establishment of multi-AS L2VPNs.

第4节解释了如何在多AS环境中应用发现和信令过程,并概述了建立多AS L2VPN的几种选项。

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]

本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照[RFC2119]中所述进行解释

2. Signaling Protocol Framework
2. 信令协议框架
2.1. Endpoint Identification
2.1. 端点识别

Per [RFC4664], a pseudowire can be thought of as a relationship between a pair of "Forwarders". In simple instances of Virtual Private Wire Service (VPWS), a Forwarder binds a pseudowire to a single Attachment Circuit, such that frames received on the one are sent on the other, and vice versa. In Virtual Private LAN Service (VPLS), a Forwarder binds a set of pseudowires to a set of Attachment Circuits; when a frame is received from any member of that set, a MAC (Media Access Control) address table is consulted (and various 802.1d procedures executed) to determine the member or members of that set on which the frame is to be transmitted. In more complex scenarios, Forwarders may bind PWs to PWs, thereby "splicing" two PWs together; this is needed, e.g., to support distributed VPLS and some inter-AS scenarios.

根据[RFC4664],可以将伪线视为一对“转发器”之间的关系。在虚拟专用线服务(VPWS)的简单实例中,转发器将伪线绑定到单个连接电路,以便在一个电路上接收的帧在另一个电路上发送,反之亦然。在虚拟专用LAN服务(VPLS)中,转发器将一组伪线绑定到一组连接电路;当从该组的任何成员接收到帧时,将参考MAC(媒体访问控制)地址表(并执行各种802.1d过程),以确定要在其上传输帧的该组的一个或多个成员。在更复杂的场景中,转发器可能会将PWs绑定到PWs,从而将两个PW“拼接”在一起;这是必需的,例如,支持分布式VPL和一些AS间场景。

In simple VPWS, where a Forwarder binds exactly one PW to exactly one Attachment Circuit, a Forwarder can be identified by identifying its Attachment Circuit. In simple VPLS, a Forwarder can be identified by identifying its PE device and its VPN.

在简单的VPWS中,转发器将恰好一个PW绑定到恰好一个连接电路,可以通过标识其连接电路来识别转发器。在简单的VPLS中,可以通过识别其PE设备和VPN来识别转发器。

To set up a PW between a pair of Forwarders, the signaling protocol must allow the Forwarder at one endpoint to identify the Forwarder at the other. In [RFC4447], the term "Attachment Identifier", or "AI", is used to refer to a quantity whose purpose is to identify a Forwarder. In [RFC4667], the term "Forwarder Identifier" is used for the same purpose. In the context of this document, "Attachment Identifier" and "Forwarder Identifier" are used interchangeably.

要在一对转发器之间建立PW,信令协议必须允许一个端点的转发器识别另一个端点的转发器。在[RFC4447]中,术语“附件标识符”或“AI”用于指用于识别转运商的数量。在[RFC4667]中,术语“转发器标识符”用于相同目的。在本文件的上下文中,“附件标识符”和“转发商标识符”可互换使用。

[RFC4447] specifies two Forwarding Equivalence Class (FEC) elements that can be used when setting up pseudowires, the PWid FEC element, and the Generalized ID FEC element. The PWid FEC element carries only one Forwarder identifier; it can be thus be used only when both forwarders have the same identifier, and when that identifier can be coded as a 32-bit quantity. The Generalized ID FEC element carries two Forwarder identifiers, one for each of the two Forwarders being

[RFC4447]指定两个转发等价类(FEC)元素,即PWid FEC元素和通用ID FEC元素,可在设置伪线时使用。PWid FEC元素仅携带一个转发器标识符;因此,只有当两个转发器具有相同的标识符,并且该标识符可以编码为32位数量时,才可以使用它。广义ID FEC元素携带两个转发器标识符,两个转发器中的每一个都有一个

connected. Each identifier is known as an Attachment Identifier, and a signaling message carries both a "Source Attachment Identifier" (SAI) and a "Target Attachment Identifier" (TAI).

有联系的。每个标识符称为附件标识符,信令消息同时携带“源附件标识符”(SAI)和“目标附件标识符”(TAI)。

The Generalized ID FEC element also provides some additional structuring of the identifiers. It is assumed that the SAI and TAI will sometimes have a common part, called the "Attachment Group Identifier" (AGI), such that the SAI and TAI can each be thought of as the concatenation of the AGI with an "Attachment Individual Identifier" (AII). So the pair of identifiers is encoded into three fields: AGI, Source AII (SAII), and Target AII (TAII). The SAI is the concatenation of the AGI and the SAII, while the TAI is the concatenation of the AGI and the TAII.

广义ID FEC元素还提供标识符的一些附加结构。假设SAI和TAI有时会有一个公共部分,称为“附件组标识符”(AGI),这样SAI和TAI可以分别被认为是AGI与“附件个人标识符”(AII)的串联。因此,这对标识符被编码为三个字段:AGI、源AII(SAII)和目标AII(TAII)。SAI是AGI和SAII的串联,而TAI是AGI和TAII的串联。

Similarly, [RFC4667] allows using one or two Forwarder Identifiers to set up pseudowires. If only the target Forwarder Identifier is used in L2TP signaling messages, both the source and target Forwarders are assumed to have the same value. If both the source and target Forwarder Identifiers are carried in L2TP signaling messages, each Forwarder uses a locally significant identifier value.

类似地,[RFC4667]允许使用一个或两个转发器标识符来设置伪线。如果L2TP信令消息中仅使用目标转发器标识符,则假定源转发器和目标转发器具有相同的值。如果L2TP信令消息中同时携带源和目标转发器标识符,则每个转发器使用本地有效的标识符值。

The Forwarder Identifier in [RFC4667] is an equivalent term to Attachment Identifier in [RFC4447]. A Forwarder Identifier also consists of an Attachment Group Identifier and an Attachment Individual Identifier. Unlike the Generalized ID FEC element, the AGI and AII are carried in distinct L2TP Attribute-Value Pairs (AVPs). The AGI is encoded in the AGI AVP, and the SAII and TAII are encoded in the Local End ID AVP and the Remote End ID AVP, respectively. The source Forwarder Identifier is the concatenation of the AGI and SAII, while the target Forwarder Identifier is the concatenation of the AGI and TAII.

[RFC4667]中的转发器标识符等同于[RFC4447]中的附件标识符。转发器标识符还包括附件组标识符和附件个人标识符。与通用ID FEC元素不同,AGI和AII在不同的L2TP属性值对(AVP)中进行。AGI编码在AGI AVP中,SAII和TAII分别编码在本地端ID AVP和远程端ID AVP中。源转发器标识符是AGI和SAII的串联,而目标转发器标识符是AGI和TAII的串联。

In applications that group sets of PWs into "Layer 2 Virtual Private Networks", the AGI can be thought of as a "VPN Identifier".

在将PW分组到“第2层虚拟专用网络”的应用程序中,AGI可以被视为“VPN标识符”。

It should be noted that while different forwarders support different applications, the type of application (e.g., VPLS vs. VPWS) cannot necessarily be inferred from the forwarders' identifiers. A router receiving a signaling message with a particular TAI will have to be able to determine which of its local forwarders is identified by that TAI, and to determine the application provided by that forwarder. But other nodes may not be able to infer the application simply by inspection of the signaling messages.

应该注意的是,虽然不同的转发器支持不同的应用程序,但应用程序的类型(例如,VPLS与VPWS)不一定能从转发器的标识符中推断出来。接收具有特定TAI的信令消息的路由器必须能够确定其本地转发器中的哪个由该TAI识别,并确定该转发器提供的应用程序。但是其他节点可能无法简单地通过检查信令消息来推断应用程序。

In this document, some further structure of the AGI and AII is proposed for certain L2VPN applications. We note that [RFC4447] defines a TLV structure for AGI and AII fields. Thus, an operator who chooses to use the AII structure defined here could also make use

在本文中,针对某些L2VPN应用提出了AGI和AII的进一步结构。我们注意到[RFC4447]为AGI和AII字段定义了TLV结构。因此,选择使用此处定义的AII结构的操作员也可以使用

of different AGI or AII types if he also wanted to use a different structure for these identifiers for some other application. For example, the long prefix type of [RFC5003] could be used to enable the communication of administrative information, perhaps combined with information learned during auto-discovery.

如果他还想为其他应用程序的这些标识符使用不同的结构,则使用不同的AGI或AII类型。例如,[RFC5003]的长前缀类型可用于启用管理信息的通信,可能与自动发现期间学习的信息相结合。

2.2. Creating a Single Bidirectional Pseudowire
2.2. 创建单个双向伪线

In any form of LDP-based signaling, each PW endpoint must initiate the creation of a unidirectional LSP. A PW is a pair of such LSPs. In most of the L2VPN provisioning models, the two endpoints of a given PW can simultaneously initiate the signaling for it. They must therefore have some way of determining when a given pair of LSPs are intended to be associated together as a single PW.

在任何形式的基于LDP的信令中,每个PW端点必须发起单向LSP的创建。PW是一对这样的LSP。在大多数L2VPN配置模型中,给定PW的两个端点可以同时为其启动信令。因此,它们必须有某种方法来确定何时将给定的一对LSP作为单个PW关联在一起。

The way in which this association is done is different for the various different L2VPN services and provisioning models. The details appear in later sections.

对于各种不同的L2VPN服务和配置模型,执行此关联的方式是不同的。详细信息将在后面的部分中显示。

L2TP signaling inherently establishes a bidirectional session that carries a PW between two PW endpoints. The two endpoints can also simultaneously initiate the signaling for a given PW. It is possible that two PWs can be established for a pair of Forwarders.

L2TP信令固有地建立了一个双向会话,该会话在两个PW端点之间承载PW。两个端点还可以同时启动给定PW的信令。可以为一对转发器建立两个PWs。

In order to avoid setting up duplicated pseudowires between two Forwarders, each PE must be able to independently detect such a pseudowire tie. The procedures of detecting a pseudowire tie are described in [RFC4667].

为了避免在两个转发器之间设置重复的伪线,每个PE必须能够独立检测此类伪线接头。[RFC4667]中描述了检测假导线扎带的步骤。

2.3. Attachment Identifiers and Forwarders
2.3. 附件标识符和转发器

Every Forwarder in a PE must be associated with an Attachment Identifier (AI), either through configuration or through some algorithm. The Attachment Identifier must be unique in the context of the PE router in which the Forwarder resides. The combination <PE router, AI> must be globally unique.

PE中的每个转发器必须通过配置或某种算法与附件标识符(AI)相关联。附件标识符在转发器所在的PE路由器的上下文中必须是唯一的。组合<PE路由器,AI>必须是全局唯一的。

As specified in [RFC4447], the Attachment Identifier may consist of an Attachment Group Identifier (AGI) plus an Attachment Individual Identifier (AII). In the context of this document, an AGI may be thought of as a VPN-ID, or some attribute that is shared by all the Attachment Circuits that are allowed to be connected.

如[RFC4447]所述,附件标识符可由附件组标识符(AGI)加上附件个人标识符(AII)组成。在本文档的上下文中,AGI可被视为VPN-ID,或被允许连接的所有连接电路共享的某些属性。

It is sometimes helpful to consider a set of attachment circuits at a single PE to belong to a common "pool". For example, a set of attachment circuits that connect a single CE to a given PE may be considered a pool. The use of pools is described in detail in Section 3.3.

有时在单个PE上考虑一组连接电路属于一个共同的“池”是有帮助的。例如,将单个CE连接到给定PE的一组连接电路可被视为池。池的使用在第3.3节中有详细说明。

The details for how to construct the AGI and AII fields identifying the pseudowire endpoints in particular provisioning models are discussed later in this document.

本文档后面将讨论如何构造AGI和AII字段来标识特定配置模型中的伪线端点的详细信息。

We can now consider an LSP for one direction of a pseudowire to be identified by:

现在我们可以考虑一个伪线的一个方向的LSP来标识:

   o  <PE1, <AGI, AII1>, PE2, <AGI, AII2>>
        
   o  <PE1, <AGI, AII1>, PE2, <AGI, AII2>>
        

and the LSP in the opposite direction of the pseudowire will be identified by:

伪线相反方向的LSP将通过以下方式识别:

   o  <PE2, <AGI, AII2>, PE1, <AGI, AII1>>
        
   o  <PE2, <AGI, AII2>, PE1, <AGI, AII1>>
        

A pseudowire is a pair of such LSPs. In the case of using L2TP signaling, these refer to the two directions of an L2TP session.

伪线是一对这样的LSP。在使用L2TP信令的情况下,这些是指L2TP会话的两个方向。

When a signaling message is sent from PE1 to PE2, and PE1 needs to refer to an Attachment Identifier that has been configured on one of its own Attachment Circuits (or pools), the Attachment Identifier is called a "Source Attachment Identifier". If PE1 needs to refer to an Attachment Identifier that has been configured on one of PE2's Attachment Circuits (or pools), the Attachment Identifier is called a "Target Attachment Identifier". (So an SAI at one endpoint is a TAI at the remote endpoint, and vice versa.)

当信令消息从PE1发送到PE2,并且PE1需要参考在其自身的一个附件电路(或池)上配置的附件标识符时,附件标识符被称为“源附件标识符”。如果PE1需要引用已在PE2的一个连接电路(或池)上配置的连接标识符,则该连接标识符称为“目标连接标识符”。(因此,一个端点处的SAI是远程端点处的TAI,反之亦然。)

In the signaling protocol, we define encodings for the following three fields:

在信令协议中,我们为以下三个字段定义编码:

o Attachment Group Identifier (AGI)

o 附件组标识符(AGI)

o Source Attachment Individual Identifier (SAII)

o 源附件个人标识符(SAII)

o Target Attachment Individual Identifier (TAII)

o 目标附件个人标识符(TAII)

If the AGI is non-null, then the SAI consists of the AGI together with the SAII, and the TAI consists of the TAII together with the AGI. If the AGI is null, then the SAII and TAII are the SAI and TAI, respectively.

如果AGI不为空,则SAI由AGI和SAII组成,TAI由TAII和AGI组成。如果AGI为空,则SAII和TAII分别为SAI和TAI。

The intention is that the PE that receives an LDP Label Mapping message or an L2TP Incoming Call Request (ICRQ) message containing a TAI will be able to map that TAI uniquely to one of its Attachment Circuits (or pools). The way in which a PE maps a TAI to an Attachment Circuit (or pool) should be a local matter (including the choice of whether to use some or all of the bytes in the TAI for the mapping). So as far as the signaling procedures are concerned, the TAI is really just an arbitrary string of bytes, a "cookie".

其目的是,接收包含TAI的LDP标签映射消息或L2TP入局呼叫请求(ICRQ)消息的PE将能够将该TAI唯一地映射到其一个连接电路(或池)。PE将TAI映射到连接电路(或池)的方式应该是本地事务(包括选择是否使用TAI中的部分或全部字节进行映射)。因此,就信令过程而言,TAI实际上只是一个任意字节串,一个“cookie”。

3. Applications
3. 应用

In this section, we specify the way in which the pseudowire signaling using the notion of source and target Forwarder is applied for a number of different applications. For some of the applications, we specify the way in which different provisioning models can be used. However, this is not meant to be an exhaustive list of the applications, or an exhaustive list of the provisioning models that can be applied to each application.

在本节中,我们将指定使用源和目标转发器概念的伪线信令应用于许多不同应用的方式。对于某些应用程序,我们指定了使用不同资源调配模型的方式。然而,这并不是应用程序的详尽列表,也不是可以应用于每个应用程序的配置模型的详尽列表。

3.1. Individual Point-to-Point Pseudowires
3.1. 单个点对点伪导线

The signaling specified in this document can be used to set up individually provisioned point-to-point pseudowires. In this application, each Forwarder binds a single PW to a single Attachment Circuit. Each PE must be provisioned with the necessary set of Attachment Circuits, and then certain parameters must be provisioned for each Attachment Circuit.

本文档中指定的信令可用于设置单独配置的点到点伪线。在此应用中,每个转发器将单个PW绑定到单个连接电路。每个PE必须配备必要的连接电路组,然后必须为每个连接电路配备某些参数。

3.1.1. Provisioning Models
3.1.1. 供应模型
3.1.1.1. Double-Sided Provisioning
3.1.1.1. 双边供应

In this model, the Attachment Circuit must be provisioned with a local name, a remote PE address, and a remote name. During signaling, the local name is sent as the SAII, the remote name as the TAII, and the AGI is null. If two Attachment Circuits are to be connected by a PW, the local name of each must be the remote name of the other.

在此模型中,附件电路必须配置本地名称、远程PE地址和远程名称。在信令期间,本地名称作为SAII发送,远程名称作为TAII发送,AGI为空。如果两个连接电路通过PW连接,则每个连接电路的本地名称必须是另一个连接电路的远程名称。

Note that if the local name and the remote name are the same, the PWid FEC element can be used instead of the Generalized ID FEC element in the LDP-based signaling.

注意,如果本地名称和远程名称相同,则在基于LDP的信令中可以使用PWid FEC元素代替通用ID FEC元素。

With L2TP signaling, the local name is sent in Local End ID AVP, and the remote name in Remote End ID AVP. The AGI AVP is optional. If present, it contains a zero-length AGI value. If the local name and the remote name are the same, Local End ID AVP can be omitted from L2TP signaling messages.

通过L2TP信令,本地名称在本地端ID AVP中发送,远程名称在远程端ID AVP中发送。AGI AVP是可选的。如果存在,它包含一个零长度AGI值。如果本地名称和远程名称相同,则可以从L2TP信令消息中省略本地端ID AVP。

3.1.1.2. Single-Sided Provisioning with Discovery
3.1.1.2. 具有发现功能的单边资源调配

In this model, each Attachment Circuit must be provisioned with a local name. The local name consists of a VPN-ID (signaled as the AGI) and an Attachment Individual Identifier that is unique relative to the AGI. If two Attachment Circuits are to be connected by a PW, only one of them needs to be provisioned with a remote name (which of

在此模型中,必须为每个连接回路提供本地名称。本地名称由VPN-ID(标记为AGI)和相对于AGI唯一的附件个人标识符组成。如果两个连接电路由PW连接,则只需为其中一个提供远程名称(以下哪一个

course is the local name of the other Attachment Circuit). Neither needs to be provisioned with the address of the remote PE, but both must have the same VPN-ID.

course是另一个附件回路的本地名称)。两者都不需要设置远程PE的地址,但两者必须具有相同的VPN-ID。

As part of an auto-discovery procedure, each PE advertises its <VPN-id, local AII> pairs. Each PE compares its local <VPN-id, remote AII> pairs with the <VPN-id, local AII> pairs advertised by the other PEs. If PE1 has a local <VPN-id, remote AII> pair with value <V, fred>, and PE2 has a local <VPN-id, local AII> pair with value <V, fred>, PE1 will thus be able to discover that it needs to connect to PE2. When signaling, it will use "fred" as the TAII, and will use V as the AGI. PE1's local name for the Attachment Circuit is sent as the SAII.

作为自动发现过程的一部分,每个PE公布其<VPN id,local AII>对。每个PE将其本地<VPN id,远程AII>对与其他PE公布的<VPN id,本地AII>对进行比较。如果PE1有一个值为<V,fred>的本地<VPN id,远程AII>对,而PE2有一个值为<V,fred>的本地<VPN id,本地AII>对,那么PE1将能够发现它需要连接到PE2。发信号时,它将使用“fred”作为TAII,并将使用V作为AGI。附件回路的PE1本地名称作为SAII发送。

The primary benefit of this provisioning model when compared to Double-Sided Provisioning is that it enables one to move an Attachment Circuit from one PE to another without having to reconfigure the remote endpoint. However, compared to the approach described in Section 3.3 below, it imposes a greater burden on the discovery mechanism, because each Attachment Circuit's name must be advertised individually (i.e., there is no aggregation of Attachment Circuit names in this simple scheme).

与双边资源调配相比,此资源调配模型的主要优点是,它允许用户将连接电路从一个PE移动到另一个PE,而无需重新配置远程端点。然而,与下面第3.3节中描述的方法相比,它对发现机制施加了更大的负担,因为每个附件电路的名称必须单独公布(即,在这个简单方案中没有附件电路名称的聚合)。

3.1.2. Signaling
3.1.2. 信号

The LDP-based signaling follows the procedures specified in [RFC4447]. That is, one PE (PE1) sends a Label Mapping message to another PE (PE2) to establish an LSP in one direction. If that message is processed successfully, and there is not yet an LSP for the pseudowire in the opposite (PE1->PE2) direction, then PE2 sends a Label Mapping message to PE1.

基于LDP的信令遵循[RFC4447]中规定的程序。也就是说,一个PE(PE1)向另一个PE(PE2)发送标签映射消息,以在一个方向上建立LSP。如果该消息处理成功,并且伪线在相反(PE1->PE2)方向上还没有LSP,则PE2向PE1发送标签映射消息。

In addition to the procedures of [RFC4447], when a PE receives a Label Mapping message, and the TAI identifies a particular Attachment Circuit that is configured to be bound to a point-to-point PW, then the following checks must be made.

除了[RFC4447]的程序外,当PE接收到标签映射消息,并且TAI识别配置为绑定到点对点PW的特定连接电路时,必须进行以下检查。

If the Attachment Circuit is already bound to a pseudowire (including the case where only one of the two LSPs currently exists), and the remote endpoint is not PE1, then PE2 sends a Label Release message to PE1, with a Status Code meaning "Attachment Circuit bound to different PE", and the processing of the Mapping message is complete.

如果连接电路已经绑定到伪线(包括当前仅存在两个LSP中的一个的情况),并且远程端点不是PE1,则PE2向PE1发送标签释放消息,状态代码表示“连接电路绑定到不同的PE”,并且映射消息的处理完成。

If the Attachment Circuit is already bound to a pseudowire (including the case where only one of the two LSPs currently exists), but the AI at PE1 is different than that specified in the AGI/SAII fields of the Mapping message then PE2 sends a Label Release message to PE1, with a

如果连接电路已经绑定到伪线(包括当前仅存在两个LSP中的一个的情况),但PE1处的AI不同于映射消息的AGI/SAII字段中指定的AI,则PE2向PE1发送标签释放消息,其中带有

Status Code meaning "Attachment Circuit bound to different remote Attachment Circuit", and the processing of the Mapping message is complete.

状态代码表示“连接电路绑定到不同的远程连接电路”,映射消息的处理完成。

Similarly, with the L2TP-based signaling, when a PE receives an ICRQ message, and the TAI identifies a particular Attachment Circuit that is configured to be bound to a point-to-point PW, it performs the following checks.

类似地,对于基于L2TP的信令,当PE接收到ICRQ消息,并且TAI识别配置为绑定到点到点PW的特定连接电路时,它执行以下检查。

If the Attachment Circuit is already bound to a pseudowire, and the remote endpoint is not PE1, then PE2 sends a Call Disconnect Notify (CDN) message to PE1, with a Status Code meaning "Attachment Circuit bound to different PE", and the processing of the ICRQ message is complete.

如果连接电路已绑定到伪线,且远程端点不是PE1,则PE2向PE1发送呼叫断开通知(CDN)消息,状态代码表示“连接电路绑定到不同的PE”,ICRQ消息的处理完成。

If the Attachment Circuit is already bound to a pseudowire, but the pseudowire is bound to a Forwarder on PE1 with the AI different than that specified in the SAI fields of the ICRQ message, then PE2 sends a CDN message to PE1, with a Status Code meaning "Attachment Circuit bound to different remote Attachment Circuit", and the processing of the ICRQ message is complete.

如果连接电路已绑定到伪线,但伪线绑定到PE1上的转发器,AI不同于ICRQ消息SAI字段中指定的AI,则PE2向PE1发送CDN消息,状态代码表示“连接电路绑定到不同的远程连接电路”,ICRQ报文处理完成。

These errors could occur as the result of misconfigurations.

这些错误可能是由于配置错误造成的。

3.2. Virtual Private LAN Service
3.2. 虚拟专用局域网服务

In the VPLS application [RFC4762], the Attachment Circuits can be thought of as LAN interfaces that attach to "virtual LAN switches", or, in the terminology of [RFC4664], "Virtual Switching Instances" (VSIs). Each Forwarder is a VSI that attaches to a number of PWs and a number of Attachment Circuits. The VPLS service requires that a single pseudowire be created between each pair of VSIs that are in the same VPLS. Each PE device may have multiple VSIs, where each VSI belongs to a different VPLS.

在VPLS应用程序[RFC4762]中,可以将连接电路视为连接到“虚拟LAN交换机”的LAN接口,或者用[RFC4664]的术语称为“虚拟交换实例”(VSI)。每个转发器是一个连接到多个PW和多个连接电路的VSI。VPLS服务要求在同一VPLS中的每对VSI之间创建一条伪线。每个PE设备可以有多个VSI,其中每个VSI属于不同的VPL。

3.2.1. Provisioning
3.2.1. 供应

Each VPLS must have a globally unique identifier, which in [RFC4762] is referred to as the VPLS identifier (or VPLS-id). Every VSI must be configured with the VPLS-id of the VPLS to which it belongs.

每个VPLS必须具有全局唯一标识符,在[RFC4762]中称为VPLS标识符(或VPLS id)。每个VSI必须配置其所属VPLS的VPLS id。

Each VSI must also have a unique identifier, which we call a VSI-ID. This can be formed automatically by concatenating its VPLS-id with an IP address of its PE router. (Note that the PE address here is used only as a form of unique identifier; a service provider could choose to use some other numbering scheme if that was desired, as long as

每个VSI还必须有一个唯一的标识符,我们称之为VSI-ID。这可以通过将其VPLS ID与其PE路由器的IP地址连接起来自动形成。(请注意,此处的PE地址仅用作唯一标识符的形式;如果需要,服务提供商可以选择使用其他编号方案,只要

each VSI is assigned an identifier that is unique within the VPLS instance. See Section 4.4 for a discussion of the assignment of identifiers in the case of multiple providers.)

每个VSI都分配了一个标识符,该标识符在VPLS实例中是唯一的。关于多个供应商情况下标识符分配的讨论,请参见第4.4节。)

3.2.2. Auto-Discovery
3.2.2. 自动发现
3.2.2.1. BGP-Based Auto-Discovery
3.2.2.1. 基于BGP的自动发现

This section specifies how BGP can be used to discover the information necessary to build VPLS instances.

本节指定如何使用BGP发现构建VPLS实例所需的信息。

When BGP-based auto-discovery is used for VPLS, the AFI/SAFI (Address Family Identifier / Subsequent Address Family Identifier) [RFC4760] will be:

当基于BGP的自动发现用于VPL时,AFI/SAFI(地址族标识符/后续地址族标识符)[RFC4760]将:

o An AFI (25) for L2VPN. (This is the same for all L2VPN schemes.)

o 用于L2VPN的AFI(25)。(这与所有L2VPN方案相同。)

o A SAFI (65) specifically for an L2VPN service whose pseudowires are set up using the procedures described in the current document.

o 专门用于L2VPN服务的SAFI(65),其伪线是使用当前文档中描述的步骤设置的。

See Section 6 for further discussion of AFI/SAFI assignment.

有关AFI/SAFI分配的进一步讨论,请参见第6节。

In order to use BGP-based auto-discovery, there must be at least one globally unique identifier associated with a VPLS, and each such identifier must be encodable as an 8-byte Route Distinguisher (RD). Any method of assigning one or more unique identifiers to a VPLS and encoding each of them as an RD (using the encoding techniques of [RFC4364]) will do.

为了使用基于BGP的自动发现,必须至少有一个全局唯一标识符与VPLS关联,并且每个此类标识符必须可编码为8字节路由识别器(RD)。将一个或多个唯一标识符分配给VPL并将其编码为RD(使用[RFC4364]的编码技术)的任何方法都可以。

Each VSI needs to have a unique identifier that is encodable as a BGP Network Layer Reachability Information (NLRI). This is formed by prepending the RD (from the previous paragraph) to an IP address of the PE containing the VSI. Note that the role of this address is simply as a readily available unique identifier for the VSIs within a VPN; it does not need to be globally routable, but it must be unique within the VPLS instance. An alternate scheme to assign unique identifiers to each VSI within a VPLS instance (e.g., numbering the VSIs of a single VPN from 1 to n) could be used if desired.

每个VSI都需要有一个可编码为BGP网络层可达性信息(NLRI)的唯一标识符。这是通过将RD(上一段)前置到包含VSI的PE的IP地址而形成的。请注意,该地址的作用只是作为VPN内VSI的一个随时可用的唯一标识符;它不需要全局可路由,但在VPLS实例中必须是唯一的。如果需要,可以使用另一种方案为VPLS实例中的每个VSI分配唯一标识符(例如,将单个VPN的VSI编号为1到n)。

When using the procedures described in this document, it is necessary to assign a single, globally unique VPLS-id to each VPLS instance [RFC4762]. This VPLS-id must be encodable as a BGP Extended Community [RFC4360]. As described in Section 6, two Extended Community subtypes are defined by this document for this purpose. The Extended Community MUST be transitive.

使用本文档中描述的过程时,需要为每个VPLS实例分配一个全局唯一的VPLS id[RFC4762]。此VPLS id必须可编码为BGP扩展社区[RFC4360]。如第6节所述,本文件为此定义了两个扩展社区子类型。扩展社区必须是可传递的。

The first Extended Community subtype is a Two-octet AS Specific Extended Community. The second Extended Community subtype is an IPv4 Address Specific Extended Community. The encoding of such Communities is defined in [RFC4360]. These encodings ensure that a service provider can allocate a VPLS-id without risk of collision with another provider. However, note that coordination of VPLS-ids among providers is necessary for inter-provider L2VPNs, as described in Section 4.4.

第一个扩展社区子类型是作为特定扩展社区的两个八位组。第二个扩展社区子类型是IPv4地址特定的扩展社区。[RFC4360]中定义了此类社区的编码。这些编码确保服务提供商可以分配VPLS id,而不会与其他提供商发生冲突。但是,请注意,如第4.4节所述,供应商间L2VPN需要协调供应商间的VPLS ID。

Each VSI also needs to be associated with one or more Route Target (RT) Extended Communities. These control the distribution of the NLRI, and hence will control the formation of the overlay topology of pseudowires that constitutes a particular VPLS.

每个VSI还需要与一个或多个路由目标(RT)扩展社区相关联。这些控制NLRI的分布,因此将控制构成特定VPL的伪线重叠拓扑的形成。

Auto-discovery proceeds by having each PE distribute, via BGP, the NLRI for each of its VSIs, with itself as the BGP next hop, and with the appropriate RT for each such NLRI. Typically, each PE would be a client of a small set of BGP route reflectors, which would redistribute this information to the other clients.

自动发现通过让每个PE通过BGP为其每个VSI分发NLRI,将其自身作为BGP下一跳,并为每个此类NLRI分发适当的RT来进行。通常,每个PE都是一小组BGP路由反射器的客户端,这些反射器将把这些信息重新分发给其他客户端。

If a PE receives a BGP update from which any of the elements specified above is absent, the update should be ignored.

如果PE接收到BGP更新,但上面指定的任何元素都不存在,则应忽略该更新。

If a PE has a VSI with a particular RT, it can then import all the NLRIs that have that same RT, and from the BGP next hop attribute of these NLRI it will learn the IP addresses of the other PE routers which have VSIs with the same RT. The considerations in Section 4.3.3 of [RFC4364] on the use of route reflectors apply.

如果PE具有具有特定RT的VSI,则可以导入具有相同RT的所有NLRI,并从这些NLRI的BGP next hop属性中学习具有相同RT的VSI的其他PE路由器的IP地址。[RFC4364]第4.3.3节中关于使用路由反射器的注意事项适用。

If a particular VPLS is meant to be a single fully connected LAN, all its VSIs will have the same RT, in which case the RT could be (though it need not be) an encoding of the VPN-id. A VSI can be placed in multiple VPLSes by assigning it multiple RTs.

如果一个特定的VPLS是一个完全连接的LAN,那么它的所有VSI都将具有相同的RT,在这种情况下,RT可以(尽管不需要)是VPN-id的编码。通过为VSI分配多个RT,可以将VSI放置在多个VPLSE中。

Note that hierarchical VPLS can be set up by assigning multiple RTs to some of the VSIs; the RT mechanism allows one to have complete control over the pseudowire overlay that constitutes the VPLS topology.

请注意,可以通过将多个RTs分配给某些VSI来设置分层VPL;RT机制允许用户完全控制构成VPLS拓扑的伪线覆盖。

If Distributed VPLS (described in Section 3.5) is deployed, only the Network-facing PEs (N-PEs) participate in BGP-based auto-discovery. This means that an N-PE would need to advertise reachability to each of the VSIs that it supports, including those located in User-facing PEs (U-PEs) to which it is connected. To create a unique identifier for each such VSI, an IP address of each U-PE combined with the RD for the VPLS instance could be used.

如果部署分布式VPL(如第3.5节所述),则只有面向网络的PEs(N-PEs)参与基于BGP的自动发现。这意味着N-PE需要向其支持的每个VSI(包括位于其所连接的面向用户的PE(U-PE)中的VSI)公布可达性。要为每个此类VSI创建唯一标识符,可以使用每个U-PE的IP地址以及VPLS实例的RD。

In summary, the BGP advertisement for a particular VSI at a given PE will contain:

总之,给定PE处特定VSI的BGP公告将包含:

o an NLRI of AFI = L2VPN, SAFI = VPLS, encoded as RD:PE_addr

o AFI=L2VPN、SAFI=VPLS的NLRI,编码为RD:PE_addr

o a BGP next hop equal to the loopback address of the PE

o BGP下一跳等于PE的环回地址

o an Extended Community Attribute containing the VPLS-id

o 包含VPLS id的扩展社区属性

o an Extended Community Attribute containing one or more RTs.

o 包含一个或多个RTs的扩展社区属性。

See Section 6 for discussion of the AFI and SAFI values. The format for the NLRI encoding is:

有关AFI和SAFI值的讨论,请参见第6节。NLRI编码的格式为:

        +------------------------------------+
        |  Length (2 octets)                 |
        +------------------------------------+
        |  Route Distinguisher (8 octets)    |
        +------------------------------------+
        |  PE_addr (4 octets)                |
        +------------------------------------+
        
        +------------------------------------+
        |  Length (2 octets)                 |
        +------------------------------------+
        |  Route Distinguisher (8 octets)    |
        +------------------------------------+
        |  PE_addr (4 octets)                |
        +------------------------------------+
        

Note that this advertisement is quite similar to the NLRI format defined in [RFC4761], the main difference being that [RFC4761] also includes a label block in the NLRI. Interoperability between the VPLS scheme defined here and that defined in [RFC4761] is beyond the scope of this document.

请注意,此广告与[RFC4761]中定义的NLRI格式非常相似,主要区别在于[RFC4761]还包括NLRI中的标签块。此处定义的VPLS方案与[RFC4761]中定义的VPLS方案之间的互操作性超出了本文件的范围。

3.2.3. Signaling
3.2.3. 信号

It is necessary to create Attachment Identifiers that identify the VSIs. In the preceding section, a VSI-ID was encoded as RD:PE_addr, and the VPLS-id was carried in a BGP Extended Community. For signaling purposes, this information is encoded as follows. We encode the VPLS-id in the AGI field, and place the PE_addr (or, more precisely, the VSI-ID that was contained in the NLRI in BGP, minus the RD) in the TAII field. The combination of AGI and TAII is sufficient to fully specify the VSI to which this pseudowire is to be connected, in both single AS and inter-AS environments. The SAII MUST be set to the PE_addr of the sending PE (or, more precisely, the VSI-ID, without the RD, of the VSI associated with this VPLS in the sending PE) to enable signaling of the reverse half of the PW if needed.

有必要创建标识VSI的附件标识符。在上一节中,VSI-ID编码为RD:PE_addr,VPLS ID携带在BGP扩展社区中。出于信令目的,该信息编码如下。我们在AGI字段中编码VPLS id,并将PE_addr(或者更准确地说,BGP中NLRI中包含的VSI-id,减去RD)放置在TAII字段中。AGI和TAII的组合足以在单AS和AS间环境中完全指定此伪线要连接到的VSI。SAII必须设置为发送PE的PE_addr(或者更准确地说,与发送PE中的该VPLS相关联的VSI的VSI-ID,不带RD),以便在需要时启用PW的反向一半的信令。

The structure of the AGI and AII fields for the Generalized ID FEC in LDP is defined in [RFC4447]. The AGI field in this case consists of a Type of 1, a length field of value 8, and the 8 bytes of the

LDP中广义ID FEC的AGI和AII字段的结构在[RFC4447]中定义。本例中的AGI字段由1类型、值为8的长度字段和

VPLS-id. The AIIs consist of a Type of 1, a length field of value 4, followed by the 4-byte PE address (or other 4-byte identifier). See Section 6 for discussion of the AGI and AII Type assignment.

VPLS-id。AIIs由类型1、长度字段值4和4字节PE地址(或其他4字节标识符)组成。有关AGI和AII类型分配的讨论,请参见第6节。

The encoding of the AGI and AII in L2TP is specified in [RFC4667].

L2TP中AGI和AII的编码在[RFC4667]中规定。

Note that it is not possible using this technique to set up more than one PW per pair of VSIs.

请注意,使用此技术不可能为每对VSI设置多个PW。

3.2.4. Pseudowires as VPLS Attachment Circuits
3.2.4. 虚拟线作为VPLS连接电路

It is also possible using this technique to set up a PW that attaches at one endpoint to a VSI, but at the other endpoint only to an Attachment Circuit. There may be more than one PW terminating on a given VSI, which must somehow be distinguished, so each PW must have an SAII that is unique relative to the VSI-ID.

也可以使用此技术设置PW,该PW在一端连接到VSI,但在另一端仅连接到连接电路。在给定的VSI上可能有多个PW终止,必须以某种方式加以区分,因此每个PW必须具有相对于VSI-ID唯一的SAII。

3.3. Colored Pools: Full Mesh of Point-to-Point Pseudowires
3.3. 彩色池:点对点伪线的完整网格

The "Colored Pools" model of operation provides an automated way to deliver VPWS. In this model, each PE may contain several pools of Attachment Circuits, each pool associated with a particular VPN. A PE may contain multiple pools per VPN, as each pool may correspond to a particular CE device. It may be desired to create one pseudowire between each pair of pools that are in the same VPN; the result would be to create a full mesh of CE-CE Virtual Circuits for each VPN.

“有色池”运营模式提供了一种自动交付VPW的方式。在此模型中,每个PE可能包含多个连接电路池,每个池与特定VPN关联。每个VPN的PE可能包含多个池,因为每个池可能对应于特定的CE设备。可能需要在同一VPN中的每对池之间创建一条伪线;结果是为每个VPN创建一个完整的CE-CE虚拟电路网格。

3.3.1. Provisioning
3.3.1. 供应

Each pool is configured, and associated with:

每个池都已配置,并与以下各项关联:

o a set of Attachment Circuits;

o 一组连接电路;

o a "color", which can be thought of as a VPN-id of some sort;

o 一种“颜色”,可以被认为是某种VPN id;

o a relative pool identifier, which is unique relative to the color.

o 相对池标识符,相对于颜色是唯一的。

[Note: depending on the technology used for Attachment Circuits (ACs), it may or may not be necessary to provision these circuits as well. For example, if the ACs are frame relay circuits, there may be some separate provisioning system to set up such circuits. Alternatively, "provisioning" an AC may be as simple as allocating an unused VLAN ID on an interface and communicating the choice to the customer. These issues are independent of the procedures described in this document.]

[注:根据用于连接电路(ACs)的技术,可能需要也可能不需要设置这些电路。例如,如果ACs是帧中继电路,则可能有一些单独的设置系统来设置此类电路。或者,“设置”AC可以简单到在接口上分配一个未使用的VLAN ID并将选择告知客户。这些问题与本文档中描述的过程无关。]

The pool identifier and color, taken together, constitute a globally unique identifier for the pool. Thus, if there are n pools of a given color, their pool identifiers can be (though they do not need to be) the numbers 1-n.

池标识符和颜色一起构成池的全局唯一标识符。因此,如果有n个给定颜色的池,则它们的池标识符可以是(尽管不需要是)数字1-n。

The semantics are that a pseudowire will be created between every pair of pools that have the same color, where each such pseudowire will be bound to one Attachment Circuit from each of the two pools.

语义是,将在具有相同颜色的每对池之间创建一条伪线,其中每一条此类伪线将绑定到两个池中每一个池的一个连接电路。

If each pool is a set of Attachment Circuits leading to a single CE device, then the Layer 2 connectivity among the CEs is controlled by the way the colors are assigned to the pools. To create a full mesh, the "color" would just be a VPN-id.

如果每个池是一组连接到单个CE设备的连接电路,则通过将颜色分配给池的方式控制CE之间的第2层连接。要创建完整的网格,“颜色”将只是一个VPN-id。

Optionally, a particular Attachment Circuit may be configured with the relative pool identifier of a remote pool. Then, that Attachment Circuit would be bound to a particular pseudowire only if that pseudowire's remote endpoint is the pool with that relative pool identifier. With this option, the same pairs of Attachment Circuits will always be bound via pseudowires.

可选地,可以使用远程池的相对池标识符配置特定连接电路。然后,只有当伪线的远程端点是具有该相对池标识符的池时,该连接电路才会绑定到特定的伪线。使用此选项,相同的连接电路对将始终通过伪导线绑定。

3.3.2. Auto-Discovery
3.3.2. 自动发现
3.3.2.1. BGP-Based Auto-Discovery
3.3.2.1. 基于BGP的自动发现

This section specifies how BGP can be used to discover the information necessary to build VPWS instances.

本节指定如何使用BGP发现构建VPWS实例所需的信息。

When BGP-based auto-discovery is used for VPWS, the AFI/SAFI will be:

当基于BGP的自动发现用于VPW时,AFI/SAFI将:

o An AFI specified by IANA for L2VPN. (This is the same for all L2VPN schemes.)

o IANA为L2VPN指定的AFI。(这与所有L2VPN方案相同。)

o A SAFI specified by IANA specifically for an L2VPN service whose pseudowires are set up using the procedures described in the current document.

o IANA专门为L2VPN服务指定的SAFI,其伪线是使用当前文档中描述的过程设置的。

See Section 6 for further discussion of AFI/SAFI assignment.

有关AFI/SAFI分配的进一步讨论,请参见第6节。

In order to use BGP-based auto-discovery, there must be one or more unique identifiers associated with a particular VPWS instance. Each identifier must be encodable as an RD (Route Distinguisher). The globally unique identifier of a pool must be encodable as NLRI; the pool identifier, which we define to be a 4-byte quantity, is appended to the RD to create the NLRI.

为了使用基于BGP的自动发现,必须有一个或多个与特定VPWS实例关联的唯一标识符。每个标识符必须可编码为RD(路由标识符)。池的全局唯一标识符必须可编码为NLRI;池标识符(我们定义为4字节的数量)被附加到RD以创建NLRI。

When using the procedures described in this document, it is necessary to assign a single, globally unique identifier to each VPWS instance.

使用本文档中描述的过程时,需要为每个VPWS实例分配一个全局唯一的标识符。

This identifier must be encodable as a BGP Extended Community [RFC4360]. As described in Section 6, two Extended Community subtypes are defined by this document for this purpose. The Extended Community MUST be transitive.

此标识符必须可编码为BGP扩展社区[RFC4360]。如第6节所述,本文件为此定义了两个扩展社区子类型。扩展社区必须是可传递的。

The first Extended Community subtype is a Two-octet AS Specific Extended Community. The second Extended Community subtype is an IPv4 Address Specific Extended Community. The encoding of such Communities is defined in [RFC4360]. These encodings ensure that a service provider can allocate a VPWS identifier without risk of collision with another provider. However, note that co-ordination of VPWS identifiers among providers is necessary for inter-provider L2VPNs, as described in Section 4.4.

第一个扩展社区子类型是作为特定扩展社区的两个八位组。第二个扩展社区子类型是IPv4地址特定的扩展社区。[RFC4360]中定义了此类社区的编码。这些编码确保服务提供商可以分配VPWS标识符,而不会与其他提供商发生冲突。但是,请注意,如第4.4节所述,供应商间L2VPN需要协调供应商之间的VPWS标识符。

Each pool must also be associated with an RT (route target), which may also be an encoding of the color. If the desired topology is a full mesh of pseudowires, all pools may have the same RT. See Section 3.4 for a discussion of other topologies.

每个池还必须与RT(路由目标)关联,RT也可以是颜色编码。如果所需拓扑是伪导线的完整网格,则所有池可能具有相同的RT。有关其他拓扑的讨论,请参阅第3.4节。

Auto-discovery proceeds by having each PE distribute, via BGP, the NLRI for each of its pools, with itself as the BGP next hop, and with the RT that encodes the pool's color. If a given PE has a pool with a particular color (RT), it must receive, via BGP, all NLRI with that same color (RT). Typically, each PE would be a client of a small set of BGP route reflectors, which would redistribute this information to the other clients.

自动发现通过让每个PE通过BGP为其每个池分发NLRI,将其自身作为BGP下一跳,并使用对池的颜色进行编码的RT来进行。如果给定PE有一个具有特定颜色(RT)的池,则它必须通过BGP接收具有相同颜色(RT)的所有NLRI。通常,每个PE都是一小组BGP路由反射器的客户端,这些反射器将把这些信息重新分发给其他客户端。

If a PE receives a BGP update from which any of the elements specified above is absent, the update should be ignored.

如果PE接收到BGP更新,但上面指定的任何元素都不存在,则应忽略该更新。

If a PE has a pool with a particular color, it can then receive all the NLRI that have that same color, and from the BGP next hop attribute of these NLRI will learn the IP addresses of the other PE routers that have pools switches with the same color. It also learns the unique identifier of each such remote pool, as this is encoded in the NLRI. The remote pool's relative identifier can be extracted from the NLRI and used in the signaling, as specified below.

如果一个PE有一个具有特定颜色的池,那么它可以接收具有相同颜色的所有NLRI,并且从这些NLRI的BGP next hop属性将了解具有相同颜色的池交换机的其他PE路由器的IP地址。它还学习每个这样的远程池的唯一标识符,因为这是在NLRI中编码的。远程池的相对标识符可以从NLRI中提取并在信令中使用,如下所述。

In summary, the BGP advertisement for a particular pool of attachment circuits at a given PE will contain:

总之,给定PE处特定连接电路池的BGP公告将包含:

o an NLRI of AFI = L2VPN, SAFI = VPLS, encoded as RD:pool_num;

o AFI=L2VPN、SAFI=VPLS的NLRI,编码为RD:pool_num;

o a BGP next hop equal to the loopback address of the PE;

o BGP下一跳等于PE的环回地址;

o an Extended Community Attribute containing the VPWS identifier;

o 包含VPWS标识符的扩展社区属性;

o an Extended Community Attribute containing one or more RTs.

o 包含一个或多个RTs的扩展社区属性。

See Section 6 for discussion of the AFI and SAFI values.

有关AFI和SAFI值的讨论,请参见第6节。

3.3.3. Signaling
3.3.3. 信号

The LDP-based signaling follows the procedures specified in [RFC4447]. That is, one PE (PE1) sends a Label Mapping message to another PE (PE2) to establish an LSP in one direction. The address of PE2 is the next-hop address learned via BGP as described above. If the message is processed successfully, and there is not yet an LSP for the pseudowire in the opposite (PE1->PE2) direction, then PE2 sends a Label Mapping message to PE1. Similarly, the L2TPv3-based signaling follows the procedures of [RFC4667]. Additional details on the use of these signaling protocols follow.

基于LDP的信令遵循[RFC4447]中规定的程序。也就是说,一个PE(PE1)向另一个PE(PE2)发送标签映射消息,以在一个方向上建立LSP。PE2的地址是如上所述通过BGP学习的下一跳地址。如果消息处理成功,并且伪线在相反(PE1->PE2)方向上还没有LSP,则PE2向PE1发送标签映射消息。类似地,基于L2TPv3的信令遵循[RFC4667]的过程。以下是关于使用这些信令协议的更多详细信息。

When a PE sends a Label Mapping message or an ICRQ message to set up a PW between two pools, it encodes the VPWS identifier (as distributed in the Extended Community Attribute by BGP) as the AGI, the local pool's relative identifier as the SAII, and the remote pool's relative identifier as the TAII.

当PE发送标签映射消息或ICRQ消息以在两个池之间建立PW时,它将VPWS标识符(由BGP在扩展社区属性中分发)编码为AGI,将本地池的相对标识符编码为SAII,将远程池的相对标识符编码为TAII。

The structure of the AGI and AII fields for the Generalized ID FEC in LDP is defined in [RFC4447]. The AGI field in this case consists of a Type of 1, a length field of value 8, and the 8 bytes of the VPWS identifier. The TAII consists of a Type of 1, a length field of value 4, followed by the 4-byte remote pool number. The SAII consists of a Type of 1, a length field of value 4, followed by the 4-byte local pool number. See Section 6 for discussion of the AGI and AII Type assignment. Note that the VPLS and VPWS procedures defined in this document can make use of the same AGI Type (1) and the same AII Type (1).

LDP中广义ID FEC的AGI和AII字段的结构在[RFC4447]中定义。本例中的AGI字段由类型1、长度字段值8和VPWS标识符的8个字节组成。TAII由1类型、值为4的长度字段和4字节的远程池号组成。SAII由1类型、值为4的长度字段以及后跟4字节本地池号组成。有关AGI和AII类型分配的讨论,请参见第6节。请注意,本文档中定义的VPLS和VPWS过程可以使用相同的AGI类型(1)和相同的AII类型(1)。

The encoding of the AGI and AII in L2TP is specified in [RFC4667].

L2TP中AGI和AII的编码在[RFC4667]中规定。

When PE2 receives a Label Mapping message or an ICRQ message from PE1, and the TAI identifies a pool, and there is already a pseudowire connecting an Attachment Circuit in that pool to an Attachment Circuit at PE1, and the AI at PE1 of that pseudowire is the same as the SAI of the Label Mapping or ICRQ message, then PE2 sends a Label Release or CDN message to PE1, with a Status Code meaning "Attachment Circuit already bound to remote Attachment Circuit". This prevents the creation of multiple pseudowires between a given pair of pools.

当PE2从PE1接收标签映射消息或ICRQ消息,并且TAI识别池,并且已经存在将该池中的连接电路连接到PE1处的连接电路的伪线,并且该伪线在PE1处的AI与标签映射或ICRQ消息的SAI相同时,然后,PE2向PE1发送标签释放或CDN消息,状态代码表示“附件电路已绑定到远程附件电路”。这可以防止在给定的一对池之间创建多个伪线。

Note that the signaling itself only identifies the remote pool to which the pseudowire is to lead, not the remote Attachment Circuit that is to be bound to the pseudowire. However, the remote PE may examine the SAII field to determine which Attachment Circuit should be bound to the pseudowire.

请注意,信令本身仅标识伪线要引导到的远程池,而不是要绑定到伪线的远程连接电路。然而,远程PE可检查SAII字段,以确定哪个连接电路应绑定到伪线。

3.4. Colored Pools: Partial Mesh
3.4. 彩色池:部分网格

The procedures for creating a partial mesh of pseudowires among a set of colored pools are substantially the same as those for creating a full mesh, with the following exceptions:

在一组彩色池中创建伪线的部分网格的过程与创建完整网格的过程基本相同,但以下情况除外:

o Each pool is optionally configured with a set of "import RTs" and "export RTs";

o 每个池可以选择配置一组“导入RTs”和“导出RTs”;

o During BGP-based auto-discovery, the pool color is still encoded in the RD, but if the pool is configured with a set of "export RTs", these are encoded in the RTs of the BGP Update messages INSTEAD of the color;

o 在基于BGP的自动发现期间,池颜色仍在RD中编码,但如果池配置了一组“导出RTs”,则这些将在BGP更新消息的RTs中编码,而不是在颜色中编码;

o If a pool has a particular "import RT" value X, it will create a PW to every other pool that has X as one of its "export RTs". The signaling messages and procedures themselves are as in Section 3.3.3.

o 如果一个池有一个特定的“导入RT”值X,它将为每个其他池创建一个PW,该池将X作为其“导出RT”之一。信令消息和程序本身如第3.3.3节所示。

As a simple example, consider the task of building a hub-and-spoke topology with a single hub. One pool, the "hub" pool, is configured with an export RT of RT_hub and an import RT of RT_spoke. All other pools (the spokes) are configured with an export RT of RT_spoke and an import RT of RT_hub. Thus, the hub pool will connect to the spokes, and vice-versa, but the spoke pools will not connect to each other.

作为一个简单的例子,考虑构建具有单个集线器的中心和轮辐拓扑的任务。一个池,即“集线器”池,配置为RT_hub的导出RT和RT_spoke的导入RT。所有其他池(辐条)都配置有RT_辐条的导出RT和RT_集线器的导入RT。因此,集线器池将连接到辐条,反之亦然,但辐条池不会彼此连接。

3.5. Distributed VPLS
3.5. 分布式VPLS

In Distributed VPLS ([RFC4664]), the VPLS functionality of a PE router is divided among two systems: a U-PE and an N-PE. The U-PE sits between the user and the N-PE. VSI functionality (e.g., MAC address learning and bridging) is performed on the U-PE. A number of U-PEs attach to an N-PE. For each VPLS supported by a U-PE, the U-PE maintains a pseudowire to each of the other U-PEs in the same VPLS. However, the U-PEs do not maintain signaling control connections with each other. Rather, each U-PE has only a single signaling connection, to its N-PE. In essence, each U-PE-to-U-PE pseudowire is composed of three pseudowires spliced together: one from U-PE to N-PE, one from N-PE to N-PE, and one from N-PE to U-PE. In the terminology of [RFC5659], the N-PEs perform the pseudowire switching function to establish multi-segment PWs from U-PE to U-PE.

在分布式VPLS([RFC4664])中,PE路由器的VPLS功能分为两个系统:U-PE和N-PE。U-PE位于用户和N-PE之间。VSI功能(例如MAC地址学习和桥接)在U-PE上执行。许多U-PE连接到N-PE。对于U-PE支持的每个VPL,U-PE维护一条到同一VPL中其他每个U-PE的伪线。然而,U-PEs彼此之间不保持信令控制连接。相反,每个U-PE只有一个到其N-PE的信令连接。本质上,每个U-PE-to-U-PE伪线由三条拼接在一起的伪线组成:一条从U-PE到N-PE,一条从N-PE到N-PE,还有一条从N-PE到U-PE。在[RFC5659]的术语中,N-PE执行伪线切换功能,以建立从U-PE到U-PE的多段PW。

Consider, for example, the following topology:

例如,考虑以下拓扑:

           U-PE A-----|             |----U-PE C
                      |             |
                      |             |
                    N-PE E--------N-PE F
                      |             |
                      |             |
           U-PE B-----|             |-----U-PE D
        
           U-PE A-----|             |----U-PE C
                      |             |
                      |             |
                    N-PE E--------N-PE F
                      |             |
                      |             |
           U-PE B-----|             |-----U-PE D
        

where the four U-PEs are in a common VPLS. We now illustrate how PWs get spliced together in the above topology in order to establish the necessary PWs from U-PE A to the other U-PEs.

其中四个U-PE位于公共VPL中。现在,我们将说明如何在上述拓扑中将PW拼接在一起,以便建立从U-PE A到其他U-PE的必要PW。

There are three PWs from A to E. Call these A-E/1, A-E/2, and A-E/3. In order to connect A properly to the other U-PEs, there must be two PWs from E to F (call these E-F/1 and E-F/2), one PW from E to B (E-B/1), one from F to C (F-C/1), and one from F to D (F-D/1).

从A到E有三个PW。分别称为A-E/1、A-E/2和A-E/3。为了将A正确连接到其他U-PE,必须有两个PW从E到F(称为E-F/1和E-F/2),一个PW从E到B(E-B/1),一个PW从F到C(F-C/1),以及一个PW从F到D(F-D/1)。

The N-PEs must then splice these pseudowires together to get the equivalent of what the non-distributed VPLS signaling mechanism would provide:

然后,N-PEs必须将这些伪线拼接在一起,以获得非分布式VPLS信令机制将提供的等效物:

o PW from A to B: A-E/1 gets spliced to E-B/1.

o 从A到B的PW:A-E/1被拼接到E-B/1。

o PW from A to C: A-E/2 gets spliced to E-F/1 gets spliced to F-C/1.

o 从A到C的PW:A-E/2拼接到E-F/1拼接到F-C/1。

o PW from A to D: A-E/3 gets spliced to E-F/2 gets spliced to F-D/1.

o 从A到D的PW:A-E/3拼接到E-F/2拼接到F-D/1。

It doesn't matter which PWs get spliced together, as long as the result is one from A to each of B, C, and D.

哪一个PW拼接在一起并不重要,只要结果是从A到B、C和D各一个。

Similarly, there are additional PWs that must get spliced together to properly interconnect U-PE B with U-PEs C and D, and to interconnect U-PE C with U-PE D.

类似地,还有一些额外的PW必须拼接在一起,以正确地将U-PE B与U-PE C和D互连,并将U-PE C与U-PE D互连。

The following figure illustrates the PWs from A to C and from B to D. For clarity of the figure, the other four PWs are not shown.

下图显示了从A到C和从B到D的PW。为清晰起见,未显示其他四个PW。

                      splicing points
                       |           |
                       V           V
      A-C PW    <-----><-----------><------>
        
                      splicing points
                       |           |
                       V           V
      A-C PW    <-----><-----------><------>
        
           U-PE A-----|             |----U-PE C
                      |             |
                      |             |
                    N-PE E--------N-PE F
                      |             |
                      |             |
           U-PE B-----|             |-----U-PE D
        
           U-PE A-----|             |----U-PE C
                      |             |
                      |             |
                    N-PE E--------N-PE F
                      |             |
                      |             |
           U-PE B-----|             |-----U-PE D
        
      B-D PW    <-----><-----------><------>
                       ^           ^
                       |           |
                      splicing points
        
      B-D PW    <-----><-----------><------>
                       ^           ^
                       |           |
                      splicing points
        

One can see that distributed VPLS does not reduce the number of pseudowires per U-PE, but it does reduce the number of control connections per U-PE. Whether this is worthwhile depends, of course, on what the bottleneck is.

可以看出,分布式VPL并没有减少每个U-PE的伪线数量,但它确实减少了每个U-PE的控制连接数量。当然,这是否值得,取决于瓶颈是什么。

3.5.1. Signaling
3.5.1. 信号

The signaling to support Distributed VPLS can be done with the mechanisms described in this document. However, the procedures for VPLS (Section 3.2.3) need some additional machinery to ensure that the appropriate number of PWs are established between the various N-PEs and U-PEs, and among the N-PEs.

支持分布式VPL的信令可以通过本文档中描述的机制来完成。然而,VPL程序(第3.2.3节)需要一些额外的机械,以确保在各种N-PE和U-PE之间以及N-PE之间建立适当数量的PW。

At a given N-PE, the directly attached U-PEs in a given VPLS can be numbered from 1 to n. This number identifies the U-PE relative to a particular VPN-id and a particular N-PE. (That is, to uniquely identify the U-PE, the N-PE, the VPN-id, and the U-PE number must be known.)

在给定的N-PE中,在给定的VPLS中直接连接的U-PE可以从1到N进行编号。此编号标识相对于特定VPN id和特定N-PE的U-PE。(也就是说,要唯一标识U-PE,必须知道N-PE、VPN id和U-PE编号。)

As a result of configuration/discovery, each U-PE must be given a list of <j, IP address> pairs. Each element in this list tells the U-PE to set up j PWs to the specified IP address. When the U-PE signals to the N-PE, it sets the AGI to the proper-VPN-id, and sets the SAII to the PW number, and sets the TAII to null.

作为配置/发现的结果,必须为每个U-PE提供<j,IP地址>对的列表。此列表中的每个元素都告诉U-PE将j PWs设置为指定的IP地址。当U-PE向N-PE发送信号时,它将AGI设置为正确的VPN id,将SAII设置为PW编号,并将TAII设置为null。

In the above example, U-PE A would be told <3, E>, telling it to set up 3 PWs to E. When signaling, A would set the AGI to the proper VPN-id, and would set the SAII to 1, 2, or 3, depending on which of the three PWs it is signaling.

在上面的示例中,U-PE A将被告知<3,E>,告诉它设置3个PW到E。在发信号时,A将AGI设置为正确的VPN id,并将SAII设置为1、2或3,具体取决于它正在发信号的三个PW中的哪一个。

As a result of configuration/discovery, each N-PE must be given the following information for each VPLS:

作为配置/发现的结果,每个N-PE必须为每个VPL提供以下信息:

o A "Local" list: {<j, IP address>}, where each element tells it to set up j PWs to the locally attached U-PE at the specified address. The number of elements in this list will be n, the number of locally attached U-PEs in this VPLS. In the above example, E would be given the local list: {<3, A>, <3, B>}, telling it to set up 3 PWs to A and 3 to B.

o 一个“本地”列表:{<j,IP地址>},其中每个元素告诉它在指定的地址将j PWs设置到本地连接的U-PE。该列表中的元件数量为n,即该VPLS中本地连接的U-PE数量。在上面的例子中,E将被给予本地列表:{<3,A>,<3,B>},告诉它设置3个pw到A和3到B。

o A local numbering, relative to the particular VPLS and the particular N-PE, of its U-PEs. In the above example, E could be told that U-PE A is 1, and U-PE B is 2.

o 相对于特定VPL和特定N-PE,其U-PE的本地编号。在上面的例子中,可以告诉E U-PE A是1,U-PE B是2。

o A "Remote" list: {<IP address, k>}, telling it to set up k PWs, for each U-PE, to the specified IP address. Each of these IP addresses identifies an N-PE, and k specifies the number of U-PEs at the N-PE that are in the VPLS. In the above example, E would be given the remote list: {<2, F>}. Since N-PE E has 2 U-PEs, this tells it to set up 4 PWs to N-PE F, 2 for each of its E's U-PEs.

o 一个“远程”列表:{<IP地址,k>},告诉它为每个U-PE设置k个PWs到指定的IP地址。每个IP地址标识一个N-PE,k指定VPLS中N-PE上的U-PE数量。在上面的示例中,E将被赋予远程列表:{<2,F>}。因为N-PE E有2个U-PE,这告诉它要为N-PE F设置4个PW,每个E的U-PE设置2个PW。

The signaling of a PW from N-PE to U-PE is based on the local list and the local numbering of U-PEs. When signaling a particular PW from an N-PE to a U-PE, the AGI is set to the proper VPN-id, and SAII is set to null, and the TAII is set to the PW number (relative to that particular VPLS and U-PE). In the above example, when E signals to A, it would set the TAII to be 1, 2, or 3, respectively, for the 3 PWs it must set up to A. It would similarly signal 3 PWs to B.

从N-PE到U-PE的PW信令基于本地列表和U-PE的本地编号。当从N-PE向U-PE发送特定PW信号时,AGI设置为正确的VPN id,SAII设置为null,TAII设置为PW编号(相对于该特定VPL和U-PE)。在上面的示例中,当E向A发送信号时,对于必须设置为A的3个PWs,它将分别将TAII设置为1、2或3。它将类似地向B发送3个PWs的信号。

The LSP signaled from U-PE to N-PE is associated with an LSP from N-PE to U-PE in the usual manner. A PW between a U-PE and an N-PE is known as a "U-PW".

从U-PE发信号到N-PE的LSP以通常方式与从N-PE到U-PE的LSP相关联。U-PE和N-PE之间的PW称为“U-PW”。

The signaling of the appropriate set of PWs from N-PE to N-PE is based on the remote list. The PWs between the N-PEs can all be considered equivalent. As long as the correct total number of PWs are established, the N-PEs can splice these PWs to appropriate U-PWs. The signaling of the correct number of PWs from N-PE to N-PE is based on the remote list. The remote list specifies the number of PWs to set up, per local U-PE, to a particular remote N-PE.

从N-PE到N-PE的适当PW集的信令基于远程列表。N-PEs之间的PWs都可以认为是等效的。只要确定了正确的PW总数,N-PEs就可以将这些PW拼接到适当的U-PW上。从N-PE到N-PE的正确PW数的信令基于远程列表。远程列表指定每个本地U-PE要设置到特定远程N-PE的PW数。

When signaling a particular PW from an N-PE to an N-PE, the AGI is set to the appropriate VPN-id. The TAII identifies the remote N-PE, as in the non-distributed case, i.e., it contains an IP address of the remote N-PE. If there are n such PWs, they are distinguished by the setting of the SAII. In order to allow multiple different SAII values in a single VPLS, the sending N-PE needs to have as many VSI-IDs as it has U-PEs. As noted above in Section 3.2.2, this may be achieved by using an IP address of each attached U-PE, for example. A PW between two N-PEs is known as an "N-PW".

当从N-PE向N-PE发送特定PW的信令时,AGI被设置为适当的VPN-id。TAII识别远程N-PE,如在非分布式情况下,即它包含远程N-PE的IP地址。如果有n个这样的PW,则通过SAII的设置来区分它们。为了在单个VPL中允许多个不同的SAII值,发送N-PE需要具有与其U-PE相同的VSI ID。如上文第3.2.2节所述,这可以通过使用每个连接的U-PE的IP地址来实现,例如。两个N-PE之间的PW称为“N-PW”。

Each U-PW must be "spliced" to an N-PW. This is based on the remote list. If the remote list contains an element <i, F>, then i U-PWs from each local U-PE must be spliced to i N-PWs from the remote N-PE F. It does not matter which U-PWs are spliced to which N-PWs, as long as this constraint is met.

每个U-PW必须“拼接”到N-PW。这是基于远程列表的。如果远程列表包含一个元素<i,F>,则来自每个本地U-PE的i U-PW必须拼接到来自远程N-PE F的i N-PW。只要满足此约束,将哪个U-PW拼接到哪个N-PW并不重要。

If an N-PE has more than one local U-PE for a given VPLS, it must also ensure that a U-PW from each such U-PE is spliced to a U-PW from each of the other U-PEs.

如果一个N-PE对于一个给定的VPL有多个本地U-PE,它还必须确保每个此类U-PE的U-PW拼接到每个其他U-PE的U-PW。

3.5.2. Provisioning and Discovery
3.5.2. 资源调配和发现

Every N-PE must be provisioned with the set of VPLS instances it supports, a VPN-id for each one, and a list of local U-PEs for each such VPLS. As part of the discovery procedure, the N-PE advertises the number of U-PEs for each VPLS. See Section 3.2.2 for details.

必须为每个N-PE提供其支持的VPLS实例集、每个实例的VPN id以及每个此类VPL的本地U-PE列表。作为发现过程的一部分,N-PE为每个VPL公布U-PE的数量。详见第3.2.2节。

Auto-discovery (e.g., BGP-based) can be used to discover all the other N-PEs in the VPLS, and for each, the number of U-PEs local to that N-PE. From this, one can compute the total number of U-PEs in the VPLS. This information is sufficient to enable one to compute the local list and the remote list for each N-PE.

自动发现(例如,基于BGP)可用于发现VPL中的所有其他N-PE,以及每个N-PE的本地U-PE数量。由此,可以计算VPL中U-PE的总数。该信息足以使人们计算每个N-PE的本地列表和远程列表。

3.5.3. Non-Distributed VPLS as a Sub-Case
3.5.3. 作为子案例的非分布式VPLS

A PE that is providing "non-distributed VPLS" (i.e., a PE that performs both the U-PE and N-PE functions) can interoperate with N-PE/U-PE pairs that are providing distributed VPLS. The "non-distributed PE" simply advertises, in the discovery procedure, that it has one local U-PE per VPLS. And of course, the non-distributed PE does no PW switching.

提供“非分布式VPL”的PE(即,同时执行U-PE和N-PE功能的PE)可以与提供分布式VPL的N-PE/U-PE对进行互操作。“非分布式PE”只是在发现过程中宣传,它每个VPL有一个本地U-PE。当然,非分布式PE没有PW切换。

If every PE in a VPLS is providing non-distributed VPLS, and thus every PE is advertising itself as an N-PE with one local U-PE, the resultant signaling is exactly the same as that specified in Section 3.2.3 above.

如果VPLS中的每个PE都在提供非分布式VPLS,因此每个PE都在用一个本地U-PE作为N-PE宣传自己,则产生的信令与上面第3.2.3节中规定的信令完全相同。

3.5.4. Splicing and the Data Plane
3.5.4. 拼接与数据平面

Splicing two PWs together is quite straightforward in the MPLS data plane, as moving a packet from one PW directly to another is just a 'label replace' operation on the PW label. When a PW consists of two or more PWs spliced together, it is assumed that the data will go to the node where the splicing is being done, i.e., that the data path will pass through the nodes that participate in PW signaling.

在MPLS数据平面中将两个PW拼接在一起非常简单,因为将数据包从一个PW直接移动到另一个PW只是PW标签上的“标签替换”操作。当PW由拼接在一起的两个或多个PW组成时,假设数据将到达正在进行拼接的节点,即,数据路径将通过参与PW信令的节点。

Further details on splicing are discussed in [RFC6073].

[RFC6073]中讨论了有关拼接的更多详细信息。

4. Inter-AS Operation
4. 内部AS操作

The provisioning, auto-discovery, and signaling mechanisms described above can all be applied in an inter-AS environment. As in [RFC4364], there are a number of options for inter-AS operation.

上述供应、自动发现和信令机制都可以应用于AS间环境。与[RFC4364]一样,As间操作有许多选项。

4.1. Multihop EBGP Redistribution of L2VPN NLRIs
4.1. L2VPN NLRIs的多跳EBGP重分发

This option is most like option (c) in [RFC4364]. That is, we use multihop External BGP (EBGP) redistribution of L2VPN NLRIs between source and destination ASes, with EBGP redistribution of labeled IPv4 or IPv6 routes from AS to neighboring AS.

此选项与[RFC4364]中的选项(c)最为相似。也就是说,我们在源和目标ASE之间使用L2VPN NLRIs的多跳外部BGP(EBGP)再分配,并使用EBGP再分配从AS到相邻AS的标记IPv4或IPv6路由。

An Autonomous System Border Router (ASBR) must maintain labeled IPv4 /32 (or IPv6 /128) routes to the PE routers within its AS. It uses EBGP to distribute these routes to other ASes, and sets itself as the BGP next hop for these routes. ASBRs in any transit ASes will also have to use EBGP to pass along the labeled /32 (or /128) routes. This results in the creation of a set of label switched paths from all ingress PE routers to all egress PE routers. Now, PE routers in different ASes can establish multi-hop EBGP connections to each other and can exchange L2VPN NLRIs over those connections. Following such exchanges, a pair of PEs in different ASes could establish an LDP session to signal PWs between each other.

自治系统边界路由器(ASBR)必须在其AS内维护到PE路由器的标记为IPv4/32(或IPv6/128)的路由。它使用EBGP将这些路由分配给其他ASE,并将自身设置为这些路由的BGP下一跳。任何运输ASE中的ASBR也必须使用EBGP沿标记的/32(或/128)路线通过。这导致创建一组从所有入口PE路由器到所有出口PE路由器的标签交换路径。现在,不同ASE中的PE路由器可以彼此建立多跳EBGP连接,并可以通过这些连接交换L2VPN NLRI。在这样的交换之后,不同ASE中的一对PE可以建立LDP会话以在彼此之间发送PWs信号。

For VPLS, the BGP advertisement and PW signaling are exactly as described in Section 3.2. As a result of the multihop EBGP session that exists between source and destination AS, the PEs in one AS that have VSIs of a certain VPLS will discover the PEs in another AS that have VSIs of the same VPLS. These PEs will then be able to establish the appropriate PW signaling protocol session and establish the full mesh of VSI-VSI pseudowires to build the VPLS as described in Section 3.2.3.

对于VPLS,BGP广告和PW信令完全如第3.2节所述。由于源和目标As之间存在多跳EBGP会话,一个As中具有特定VPL的VSI的PE将发现另一个As中具有相同VPL的VSI的PE。然后,这些PEs将能够建立适当的PW信令协议会话,并建立VSI-VSI伪线的完整网格,以构建VPL,如第3.2.3节所述。

For VPWS, the BGP advertisement and PW signaling are exactly as described in Section 3.3. As a result of the multihop EBGP session that exists between source and destination AS, the PEs in one AS that

对于VPW,BGP广告和PW信令完全如第3.3节所述。由于源和目标As之间存在多跳EBGP会话,因此一个As中的PE

have pools of a certain color (VPN) will discover PEs in another AS that have pools of the same color. These PEs will then be able to establish the appropriate PW signaling protocol session and establish the full mesh of pseudowires as described in Section 3.2.3. A partial mesh can similarly be established using the procedures of Section 3.4.

具有特定颜色的池(VPN)将在另一个具有相同颜色池的池中发现PE。然后,这些PEs将能够建立适当的PW信令协议会话,并建立第3.2.3节所述的完整伪线网。类似地,可以使用第3.4节中的程序建立部分网格。

As in Layer 3 VPNs, building an L2VPN that spans the networks of more than one provider requires some co-ordination in the use of RTs and RDs. This subject is discussed in more detail in Section 4.4.

与第3层VPN一样,构建跨越多个提供商网络的L2VPN需要在RTs和RDs的使用方面进行一些协调。第4.4节详细讨论了该主题。

4.2. EBGP Redistribution of L2VPN NLRIs with Multi-Segment Pseudowires
4.2. 采用多段伪线的L2VPN NLRIs的EBGP再分配

A possible drawback of the approach of the previous section is that it creates PW signaling sessions among all the PEs of a given L2VPN (VPLS or VPWS). This means a potentially large number of LDP or L2TPv3 sessions will cross the AS boundary and that these sessions connect to many devices within an AS. In the case where the ASes belong to different providers, one might imagine that providers would like to have fewer signaling sessions crossing the AS boundary and that the entities that terminate the sessions could be restricted to a smaller set of devices. Furthermore, by forcing the LDP or L2TPv3 signaling sessions to terminate on a small set of ASBRs, a provider could use standard authentication procedures on a small set of inter-provider sessions. These concerns motivate the approach described here.

上一节方法的一个可能缺点是,它在给定L2VPN(VPLS或VPWS)的所有PE之间创建PW信令会话。这意味着潜在的大量LDP或L2TPv3会话将跨越AS边界,并且这些会话将连接到AS内的许多设备。在ase属于不同提供商的情况下,可以想象提供商希望具有较少的跨越AS边界的信令会话,并且终止会话的实体可以被限制为较小的设备集。此外,通过强制LDP或L2TPv3信令会话在一小组asbr上终止,提供商可以在一小组提供商间会话上使用标准认证过程。这些关注点推动了这里描述的方法。

[RFC6073] describes an approach to "switching" packets from one pseudowire to another at a particular node. This approach allows an end-to-end, multi-segment pseudowire to be constructed out of several pseudowire segments, without maintaining an end-to-end control connection. We can use this approach to produce an inter-AS solution that more closely resembles option (b) in [RFC4364].

[RFC6073]描述了在特定节点将数据包从一个伪线“交换”到另一个伪线的方法。这种方法允许使用多个伪导线段构建端到端、多段伪导线,而无需保持端到端控制连接。我们可以使用这种方法生成一个更类似于[RFC4364]中选项(b)的内部AS解决方案。

In this model, we use EBGP redistribution of L2VPN NLRI from AS to neighboring AS. First, the PE routers use Internal BGP (IBGP) to redistribute L2VPN NLRI either to an ASBR, or to a route reflector of which an ASBR is a client. The ASBR then uses EBGP to redistribute those L2VPN NLRI to an ASBR in another AS, which in turn distributes them to the PE routers in that AS, or perhaps to another ASBR which in turn distributes them, and so on.

在这个模型中,我们使用了L2VPN NLRI从AS到相邻AS的EBGP再分配。首先,PE路由器使用内部BGP(IBGP)将L2VPN NLRI重新分配给ASBR或ASBR作为客户端的路由反射器。ASBR然后使用EBGP将这些L2VPN NLRI重新分配给另一个AS中的ASBR,后者将它们分配给该AS中的PE路由器,或者可能分配给另一个ASBR,后者将它们依次分配,依此类推。

In this case, a PE can learn the address of an ASBR through which it could reach another PE to which it wishes to establish a PW. That is, a local PE will receive a BGP advertisement containing L2VPN NLRI corresponding to an L2VPN instance in which the local PE has some attached members. The BGP next-hop for that L2VPN NLRI will be an ASBR of the local AS. Then, rather than building a control

在这种情况下,PE可以了解ASBR的地址,通过该地址可以联系到希望建立PW的另一个PE。也就是说,本地PE将接收包含L2VPN NLRI的BGP播发,该L2VPN NLRI对应于本地PE具有一些附加成员的L2VPN实例。该L2VPN NLRI的BGP下一跳将是本地AS的ASBR。然后,而不是构建控件

connection all the way to the remote PE, it builds one only to the ASBR. A pseudowire segment can now be established from the PE to the ASBR. The ASBR in turn can establish a PW to the ASBR of the next AS, and splice that PW to the PW from the PE as described in Section 3.5.4 and [RFC6073]. Repeating the process at each ASBR leads to a sequence of PW segments that, when spliced together, connect the two PEs.

一路连接到远程PE,它只构建一个到ASBR的连接。现在可以建立从PE到ASBR的伪导线段。ASBR反过来可以建立一个PW到下一个AS的ASBR,并按照第3.5.4节和[RFC6073]所述将该PW从PE拼接到PW。在每个ASBR上重复该过程会产生一系列PW段,当拼接在一起时,连接两个PE。

Note that in the approach just described, the local PE may never learn the IP address of the remote PE. It learns the L2VPN NLRI advertised by the remote PE, which need not contain the remote PE address, and it learns the IP address of the ASBR that is the BGP next hop for that NLRI.

注意,在刚才描述的方法中,本地PE可能永远不会了解远程PE的IP地址。它学习远程PE播发的L2VPN NLRI,该NLRI不需要包含远程PE地址,并学习ASBR的IP地址,该ASBR是该NLRI的BGP下一跳。

When this approach is used for VPLS, or for full-mesh VPWS, it leads to a full mesh of pseudowires among the PEs, just as in the previous section, but it does not require a full mesh of control connections (LDP or L2TPv3 sessions). Instead, the control connections within a single AS run among all the PEs of that AS and the ASBRs of the AS. A single control connection between the ASBRs of adjacent ASes can be used to support however many AS-to-AS pseudowire segments are needed.

当此方法用于VPL或全网格VPW时,它会在PEs之间形成全网格的伪线,正如前一节所述,但不需要控制连接(LDP或L2TPv3会话)的全网格。相反,单个AS中的控制连接在该AS的所有PE和AS的ASBR之间运行。相邻ASE的ASBR之间的单个控制连接可用于支持所需的多个伪导线段。

Note that the procedures described here will result in the splicing points (PW Switching PEs (S-PEs) in the terminology of [RFC5659]) being co-located with the ASBRs. It is of course possible to have multiple ASBR-ASBR connections between a given pair of ASes. In this case, a given PE could choose among the available ASBRs based on a range of criteria, such as IGP metric, local configuration, etc., analogous to choosing an exit point in normal IP routing. The use of multiple ASBRs would lead to greater resiliency (at the timescale of BGP routing convergence) since a PE could select a new ASBR in the event of the failure of the one currently in use.

注意,此处描述的程序将导致拼接点(PW开关PE(S-PEs)(术语为[RFC5659])与ASBR位于同一位置。当然,在给定的ASE对之间可能有多个ASBR-ASBR连接。在这种情况下,给定的PE可以基于一系列标准(例如IGP度量、本地配置等)在可用的ASBR中进行选择,类似于在正常IP路由中选择出口点。使用多个ASBR将导致更大的弹性(在BGP路由聚合的时间尺度上),因为PE可以在当前使用的ASBR出现故障的情况下选择新的ASBR。

As in layer 3 VPNs, building an L2VPN that spans the networks of more than one provider requires some co-ordination in the use of RTs and RDs. This subject is discussed in more detail in Section 4.4.

与第3层VPN一样,构建跨越多个提供商网络的L2VPN需要在RTs和RDs的使用方面进行一些协调。第4.4节详细讨论了该主题。

4.3. Inter-Provider Application of Distributed VPLS Signaling
4.3. 分布式VPLS信令的跨提供商应用

An alternative approach to inter-provider VPLS can be derived from the Distributed VPLS approach described above. Consider the following topology:

提供商间VPLS的替代方法可以从上述分布式VPLS方法派生。考虑下面的拓扑结构:

   PE A --- Network 1 ----- Border ----- Border ----- Network 2 --- PE B
                            Router 12    Router 21       |
                                                         |
                                                        PE C
        
   PE A --- Network 1 ----- Border ----- Border ----- Network 2 --- PE B
                            Router 12    Router 21       |
                                                         |
                                                        PE C
        

where A, B, and C are PEs in a common VPLS, but Networks 1 and 2 are networks of different service providers. Border Router 12 is Network 1's border router to network 2, and Border Router 21 is Network 2's border router to Network 1. We suppose further that the PEs are not "distributed", i.e, that each provides both the U-PE and N-PE functions.

其中A、B和C是公共VPL中的PE,但网络1和2是不同服务提供商的网络。边界路由器12是网络1到网络2的边界路由器,边界路由器21是网络2到网络1的边界路由器。我们进一步假设PEs不是“分布式的”,即每个PEs同时提供U-PE和N-PE功能。

In this topology, one needs two inter-provider pseudowires: A-B and A-C.

在此拓扑中,需要两条提供者间伪线:A-B和A-C。

Suppose a service provider decides, for whatever reason, that it does not want each of its PEs to have a control connection to any PEs in the other network. Rather, it wants the inter-provider control connections to run only between the two border routers.

假设服务提供商出于任何原因决定不希望其每个PE与另一个网络中的任何PE建立控制连接。相反,它希望提供者间控制连接仅在两个边界路由器之间运行。

This can be achieved using the techniques of Section 3.5, where the PEs behave like U-PEs, and the BRs behave like N-PEs. In the example topology, PE A would behave like a U-PE that is locally attached to BR12; PEs B and C would be have like U-PEs that are locally attached to BR21; and the two BRs would behave like N-PEs.

这可以使用第3.5节的技术实现,其中PEs的行为类似于U-PEs,BRs的行为类似于N-PEs。在示例拓扑中,PE A的行为类似于本地连接到BR12的U-PE;PEs B和C类似于局部连接到BR21的U-PEs;这两个BR的行为就像N-PEs。

As a result, the PW from A to B would consist of three segments: A-BR12, BR12-BR21, and BR21-B. The border routers would have to splice the corresponding segments together.

因此,从a到B的PW将由三个段组成:a-BR12、BR12-BR21和BR21-B。边界路由器必须将相应的段拼接在一起。

This requires the PEs within a VPLS to be numbered from 1-n (relative to that VPLS) within a given network.

这要求VPLS中的PE在给定网络中从1-n(相对于该VPLS)开始编号。

4.4. RT and RD Assignment Considerations
4.4. RT和RD分配注意事项

We note that, in order for any of the inter-AS procedures described above to work correctly, the two ASes must use RTs and RDs consistently, just as in Layer 3 VPNs [RFC4364]. The structure of RTs and RDs is such that there is not a great risk of accidental collisions. The main challenge is that it is necessary for the operator of one AS to know what RT or RTs have been chosen in another AS for any VPN that has sites in both ASes. As in Layer 3 VPNs, there are many ways to make this work, but all require some co-operation among the providers. For example, provider A may tag all the NLRI for a given VPN with a single RT, say RT_A, and provider B can then configure the PEs that connect to sites of that VPN to import NLRI that contains that RT. Provider B can choose a different RT, RT_B, tag all NLRI for this VPN with that RT, and then provider A can import NLRI with that RT at the appropriate PEs. However, this does require both providers to communicate their choice of RTs for each VPN. Alternatively, both providers could agree to use a common RT for a given VPN. In any case, communication of RTs between the

我们注意到,为了使上述任何AS间过程正常工作,两个ASE必须一致地使用RTs和RDs,就像在第3层VPN中一样[RFC4364]。RTs和RDs的结构使得意外碰撞的风险不大。主要的挑战是,一个AS的运营商有必要知道在另一个AS中选择了什么RT或RTs,以及在两个AS中都有站点的任何VPN。与第3层VPN一样,有许多方法可以实现这一点,但都需要提供商之间的合作。例如,提供商A可以使用单个RT标记给定VPN的所有NLRI,例如RT_A,提供商B可以配置连接到该VPN站点的PE以导入包含该RT的NLRI。提供商B可以选择不同的RT,RT_B,使用该RT标记该VPN的所有NLRI,然后提供者A可以在适当的PEs处导入NLRI和RT。但是,这确实需要两个提供商为每个VPN传达他们选择的RTs。或者,两个提供商可以同意对给定VPN使用公共RT。在任何情况下,RTs之间的通信

providers is essential. As in Layer 3 VPNs, providers may configure RT filtering to ensure that only coordinated RT values are allowed across the AS boundary.

供应商至关重要。与第3层VPN一样,提供商可以配置RT过滤,以确保仅允许协调的RT值跨越As边界。

Note that a single VPN identifier (carried in a BGP Extended Community) is required for each VPLS or VPWS instance. The encoding rules for these identifiers [RFC4360] ensure that collisions do not occur with other providers. However, for a single VPLS or VPWS instance that spans the networks of two or more providers, one provider will need to allocate the identifier and communicate this choice to the other provider(s), who must use the same value for sites in the same VPLS or VPWS instance.

请注意,每个VPLS或VPWS实例都需要一个VPN标识符(在BGP扩展社区中携带)。这些标识符的编码规则[RFC4360]确保不会与其他提供程序发生冲突。但是,对于跨越两个或多个提供商网络的单个VPLS或VPWS实例,一个提供商将需要分配标识符并将此选择传达给另一个提供商,后者必须对同一VPLS或VPWS实例中的站点使用相同的值。

5. Security Considerations
5. 安全考虑

This document describes a number of different L2VPN provisioning models, and specifies the endpoint identifiers that are required to support each of the provisioning models. It also specifies how those endpoint identifiers are mapped into fields of auto-discovery protocols and signaling protocols.

本文档描述了许多不同的L2VPN配置模型,并指定了支持每个配置模型所需的端点标识符。它还指定如何将这些端点标识符映射到自动发现协议和信令协议的字段中。

The security considerations related to the signaling protocols are discussed in the relevant protocol specifications ([RFC5036], [RFC4447], [RFC3931], and [RFC4667]).

相关协议规范([RFC5036]、[RFC4447]、[RFC3931]和[RFC4667])中讨论了与信令协议相关的安全注意事项。

The security considerations related to BGP-based auto-discovery, including inter-AS issues, are discussed in [RFC4364]. L2VPNs that use BGP-based auto-discovery may automate setup of security mechanisms as well. Specification of automated security mechanisms are outside the scope of this document, but are recommended as a future work item.

[RFC4364]中讨论了与基于BGP的自动发现相关的安全注意事项,包括AS间问题。使用基于BGP的自动发现的L2VPN也可以自动设置安全机制。自动化安全机制的规范不在本文档的范围内,但建议作为未来的工作项。

The security considerations related to the particular kind of L2VPN service being supported are discussed in [RFC4664], [RFC4665], and [RFC4762].

[RFC4664]、[RFC4665]和[RFC4762]中讨论了与所支持的特定类型L2VPN服务相关的安全注意事项。

The way in which endpoint identifiers are mapped into protocol fields does not create any additional security issues.

端点标识符映射到协议字段的方式不会产生任何额外的安全问题。

6. IANA Considerations
6. IANA考虑

IANA has assigned an AFI and a SAFI for L2VPN NLRI. Both the AFI and SAFI are the same as the values assigned for [RFC4761]. That is, the AFI is 25 (L2VPN) and the SAFI is 65 (already allocated for VPLS). The same AFI and SAFI are used for both VPLS and VPWS auto-discovery as described in this document.

IANA已为L2VPN NLRI分配了AFI和SAFI。AFI和SAFI与为[RFC4761]分配的值相同。也就是说,AFI为25(L2VPN),SAFI为65(已分配给VPL)。如本文档所述,相同的AFI和SAFI用于VPLS和VPWS自动发现。

[RFC4446] defines registries for "Attachment Group Identifier (AGI) Type" and "Attachment Individual Identifier (AII) Type". Type 1 in each registry has been assigned to the AGI and AII formats defined in this document.

[RFC4446]定义“附件组标识符(AGI)类型”和“附件个人标识符(AII)类型”的注册表。每个注册表中的类型1已分配给本文档中定义的AGI和AII格式。

IANA has assigned two new LDP status codes. IANA already maintains a registry of name "STATUS CODE NAME SPACE" defined by [RFC5036]. The following values have been assigned:

IANA分配了两个新的LDP状态码。IANA已经维护了由[RFC5036]定义的名称“状态代码名称空间”的注册表。已指定以下值:

0x00000030 Attachment Circuit bound to different PE

0x00000030连接电路绑定到不同的PE

0x0000002D Attachment Circuit bound to different remote Attachment Circuit

0x0000002D连接电路绑定到不同的远程连接电路

Two new L2TP Result Codes have been registered for the CDN message. IANA already maintains a registry of L2TP Result Code Values for the CDN message, defined by [RFC3438]. The following values have been assigned:

已为CDN消息注册了两个新的L2TP结果代码。IANA已经为CDN消息维护了L2TP结果代码值的注册表,由[RFC3438]定义。已指定以下值:

27: Attachment Circuit bound to different PE

27:连接电路绑定到不同的PE

28: Attachment Circuit bound to different remote Attachment Circuit

28:连接电路绑定到不同的远程连接电路

[RFC4360] defines a registry entitled "Two-octet AS Specific Extended Community". IANA has assigned a value in this registry from the "transitive" range (0x0000-0x00FF). The value is as follows:

[RFC4360]定义了一个名为“两个八位字节作为特定扩展社区”的注册表。IANA已在此注册表中从“可传递”范围(0x0000-0x00FF)分配了一个值。该值如下所示:

o 0x000A Two-octet AS specific Layer 2 VPN Identifier

o 0x000A两个八位组作为特定的第2层VPN标识符

[RFC4360] defines a registry entitled "IPv4 Address Specific Extended Community". IANA has assigned a value in this registry from the "transitive" range (0x0100-0x01FF). The value is as follows:

[RFC4360]定义了一个名为“IPv4地址特定扩展社区”的注册表。IANA已在此注册表中从“可传递”范围(0x0100-0x01FF)分配了一个值。该值如下所示:

o 0x010A Layer 2 VPN Identifier

o 0x010A第2层VPN标识符

7. BGP-AD and VPLS-BGP Interoperability
7. BGP-AD和VPLS-BGP互操作性

Both BGP-AD and VPLS-BGP [RFC4761] use the same AFI/SAFI. In order for both BGP-AD and VPLS-BGP to co-exist, the NLRI length must be used as a demultiplexer.

BGP-AD和VPLS-BGP[RFC4761]都使用相同的AFI/SAFI。为了使BGP-AD和VPLS-BGP共存,NLRI长度必须用作解复用器。

The BGP-AD NLRI has an NLRI length of 12 bytes, containing only an 8-byte RD and a 4-byte VSI-ID. VPLS-BGP [RFC4761] uses a 17-byte NLRI length. Therefore, implementations of BGP-AD must ignore NLRI that are greater than 12 bytes.

BGP-AD NLRI的NLRI长度为12字节,仅包含8字节RD和4字节VSI-ID。VPLS-BGP[RFC4761]使用17字节NLRI长度。因此,BGP-AD的实现必须忽略大于12字节的NLRI。

8. Acknowledgments
8. 致谢

Thanks to Dan Tappan, Ted Qian, Ali Sajassi, Skip Booth, Luca Martini, Dave McDysan, Francois Le Faucheur, Russ Gardo, Keyur Patel, Sam Henderson, and Matthew Bocci for their comments, criticisms, and helpful suggestions.

感谢Dan Tappan、Ted Qian、Ali Sajassi、Skip Booth、Luca Martini、Dave McDysan、Francois Le Faucheur、Russ Gardo、Keyur Patel、Sam Henderson和Matthew Bocci的评论、批评和有益建议。

Thanks to Tissa Senevirathne, Hamid Ould-Brahim, and Yakov Rekhter for discussing the auto-discovery issues.

感谢Tissa Senevirathne、Hamid Ould Brahim和Yakov Rekhter讨论汽车发现问题。

Thanks to Vach Kompella for a continuing discussion of the proper semantics of the generalized identifiers.

感谢Vach Kompella继续讨论广义标识符的正确语义。

9. References
9. 工具书类
9.1. Normative References
9.1. 规范性引用文件

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.

[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。

[RFC3438] Townsley, W., "Layer Two Tunneling Protocol (L2TP) Internet Assigned Numbers Authority (IANA) Considerations Update", BCP 68, RFC 3438, December 2002.

[RFC3438]汤斯利,W.“第二层隧道协议(L2TP)互联网分配号码管理局(IANA)注意事项更新”,BCP 68,RFC 3438,2002年12月。

[RFC3931] Lau, J., Townsley, M., and I. Goyret, "Layer Two Tunneling Protocol - Version 3 (L2TPv3)", RFC 3931, March 2005.

[RFC3931]Lau,J.,Townsley,M.,和I.Goyret,“第二层隧道协议-版本3(L2TPv3)”,RFC 39312005年3月。

[RFC4360] Sangli, S., Tappan, D., and Y. Rekhter, "BGP Extended Communities Attribute", RFC 4360, February 2006.

[RFC4360]Sangli,S.,Tappan,D.和Y.Rekhter,“BGP扩展社区属性”,RFC 4360,2006年2月。

[RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private Networks (VPNs)", RFC 4364, February 2006.

[RFC4364]Rosen,E.和Y.Rekhter,“BGP/MPLS IP虚拟专用网络(VPN)”,RFC 4364,2006年2月。

[RFC4447] Martini, L., Rosen, E., El-Aawar, N., Smith, T., and G. Heron, "Pseudowire Setup and Maintenance Using the Label Distribution Protocol (LDP)", RFC 4447, April 2006.

[RFC4447]Martini,L.,Rosen,E.,El Aawar,N.,Smith,T.,和G.Heron,“使用标签分发协议(LDP)的伪线设置和维护”,RFC 4447,2006年4月。

[RFC4667] Luo, W., "Layer 2 Virtual Private Network (L2VPN) Extensions for Layer 2 Tunneling Protocol (L2TP)", RFC 4667, September 2006.

[RFC4667]Luo,W.“第二层隧道协议(L2TP)的第二层虚拟专用网络(L2VPN)扩展”,RFC 4667,2006年9月。

[RFC4760] Bates, T., Chandra, R., Katz, D., and Y. Rekhter, "Multiprotocol Extensions for BGP-4", RFC 4760, January 2007.

[RFC4760]Bates,T.,Chandra,R.,Katz,D.,和Y.Rekhter,“BGP-4的多协议扩展”,RFC 4760,2007年1月。

[RFC5036] Andersson, L., Minei, I., and B. Thomas, "LDP Specification", RFC 5036, October 2007.

[RFC5036]Andersson,L.,Minei,I.,和B.Thomas,“LDP规范”,RFC 5036,2007年10月。

[RFC6073] Martini, L., Metz, C., Nadeau, T., Bocci, M., and M. Aissaoui, "Segmented Pseudowire", RFC 6073, January 2011.

[RFC6073]Martini,L.,Metz,C.,Nadeau,T.,Bocci,M.和M.Aissaoui,“分段伪线”,RFC 60732011年1月。

9.2. Informative References
9.2. 资料性引用

[RFC3985] Bryant, S. and P. Pate, "Pseudo Wire Emulation Edge-to-Edge (PWE3) Architecture", RFC 3985, March 2005.

[RFC3985]Bryant,S.和P.Pate,“伪线仿真边到边(PWE3)架构”,RFC 39852005年3月。

[RFC4026] Andersson, L. and T. Madsen, "Provider Provisioned Virtual Private Network (VPN) Terminology", RFC 4026, March 2005.

[RFC4026]Andersson,L.和T.Madsen,“提供商提供的虚拟专用网络(VPN)术语”,RFC 4026,2005年3月。

[RFC4446] Martini, L., "IANA Allocations for Pseudowire Edge to Edge Emulation (PWE3)", BCP 116, RFC 4446, April 2006.

[RFC4446]Martini,L.,“伪线边到边仿真(PWE3)的IANA分配”,BCP 116,RFC 4446,2006年4月。

[RFC4664] Andersson, L. and E. Rosen, "Framework for Layer 2 Virtual Private Networks (L2VPNs)", RFC 4664, September 2006.

[RFC4664]Andersson,L.和E.Rosen,“第二层虚拟专用网络(L2VPN)框架”,RFC 4664,2006年9月。

[RFC4665] Augustyn, W. and Y. Serbest, "Service Requirements for Layer 2 Provider-Provisioned Virtual Private Networks", RFC 4665, September 2006.

[RFC4665]Augustyn,W.和Y.Serbest,“第2层提供商提供的虚拟专用网络的服务要求”,RFC 46652006年9月。

[RFC4761] Kompella, K. and Y. Rekhter, "Virtual Private LAN Service (VPLS) Using BGP for Auto-Discovery and Signaling", RFC 4761, January 2007.

[RFC4761]Kompella,K.和Y.Rekhter,“使用BGP进行自动发现和信令的虚拟专用LAN服务(VPLS)”,RFC 4761,2007年1月。

[RFC4762] Lasserre, M. and V. Kompella, "Virtual Private LAN Service (VPLS) Using Label Distribution Protocol (LDP) Signaling", RFC 4762, January 2007.

[RFC4762]Lasserre,M.和V.Kompella,“使用标签分发协议(LDP)信令的虚拟专用LAN服务(VPLS)”,RFC 4762,2007年1月。

[RFC5003] Metz, C., Martini, L., Balus, F., and J. Sugimoto, "Attachment Individual Identifier (AII) Types for Aggregation", RFC 5003, September 2007.

[RFC5003]Metz,C.,Martini,L.,Balus,F.,和J.Sugimoto,“聚合的附件个人标识符(AII)类型”,RFC 5003,2007年9月。

[RFC5659] Bocci, M. and S. Bryant, "An Architecture for Multi-Segment Pseudowire Emulation Edge-to-Edge", RFC 5659, October 2009.

[RFC5659]Bocci,M.和S.Bryant,“多段伪线边到边仿真的体系结构”,RFC 5659,2009年10月。

Authors' Addresses

作者地址

Eric Rosen Cisco Systems, Inc. 1414 Mass. Ave. Boxborough, MA 01719 USA

Eric Rosen Cisco Systems,Inc.1414马萨诸塞州。美国马萨诸塞州博克斯伯勒大道01719号

   EMail: erosen@cisco.com
        
   EMail: erosen@cisco.com
        

Bruce Davie Cisco Systems, Inc. 1414 Mass. Ave. Boxborough, MA 01719 USA

布鲁斯·戴维斯思科系统公司,马萨诸塞州1414年。美国马萨诸塞州博克斯伯勒大道01719号

   EMail: bsd@cisco.com
        
   EMail: bsd@cisco.com
        

Vasile Radoaca Alcatel-Lucent Think Park Tower 6F 2-1-1 Osaki, Tokyo, 141-6006 Japan

Vasile Radoaca Alcatel-Lucent Think Park Tower 6F 2-1-1大阪,东京,141-6006

   EMail: vasile.radoaca@alcatel-lucent.com
        
   EMail: vasile.radoaca@alcatel-lucent.com
        

Wei Luo

罗伟

   EMail: luo@weiluo.net
        
   EMail: luo@weiluo.net