MetroEthernet - VLAN design considerations
MetroEthernet is a technology that is used by ISPs to deliver interconnectivity between remote sites. Within the framework of MetroEthernet, there are various technologies that are used to deliver the separation of customer networks over the ISP's infrastructure. Metro Ethernet is a type of Wide Area Network service that leverages Ethernet as its transmission protocol.
It is possible to use VLANs within the Metro Ethernet infrastructure of the ISP to interconnect multiple customer sites. It is natively part of Ethernet so there is no restriction to using it. However, there are some good reasons not to use VLANs that have primarily to do with scalability, reliability, and security.
One issue, in particular, is that you can have only up to 4096 unique VLAN IDs based on the 12-bit VLAN ID field in the VLAN tag. Many ISPs will have more customers than the VLAN ID can provide.
Some technologies such as 802.1q, also known as QinQ help to resolve this, by assigning a single ISP VLAN to a customer, and that customer can tunnel all of their own VLANs through that single ISP VLAN. However, even with QinQ, scalability is still an issue.
It is best practice to use one of the following technologies:
Typically Virtual Private LAN Service (VPLS), Virtual Private Wire Service (VPWS), and xconnect are preferred over simple VLANs for Metro Ethernet. Where each one will be used depends upon the ISPs backbone equipment but also on customer requirements and the desired level of service and security. Here is a brief description of how you would use each of these other technologies:
VPLS provides a point-to-multipoint Layer 2 VPN service delivering a virtualized Ethernet Switching service across an IP/MPLS network. It is suitable for customers who require a seamless, transparent LAN service between multiple sites. VPLS is more scalable than VLANs and supports advanced features like QoS.
VPWS is a point-to-point Layer 2 VPN service that emulates a virtual leased line or virtual private circuit between customer sites. It is suitable for customers who require a dedicated, point-to-point connection between two sites. VPWS is simpler to implement than VPLS but doesn’t provide the full Ethernet switching functionality.
Xconnect, which can be either over L2TPv3 or MPLS, is a point-to-point Layer 2 tunneling mechanism that can be used to transport customer traffic between two sites. It can be used with either L2TPv3 or MPLS as the underlying transport technology. Xconnect is a more basic service than VPLS or VPWS and may be suitable for customers who require a simple, point-to-point Layer 2 connectivity service.