Business customers of Internet service providers (ISPs) desire transparent tunneling of port aggregation protocol (PAgP) packets through the use of Layer 2 protocol tunneling (L2PT) techniques. This need arises from the need to connect ports of a same Etherchannel between different edge switches of the ISP network to increase availability. Such functionality would allow emulation of point-to-point connection of Etherchannel ports through an ISP network without dedicated lines, thus maximizing network usage.
However, current applications lack flexibility. For example, tunneling of link aggregation control protocol (LACP), and unidirectional link detection (UDLD) is not supported. In typical ISP networks, the point-to-point nature of the protocol semantics of UDLD, PAgP and LACP present L2PT requirements that are not supported by prior-art L2PT frameworks that are designed for handling multicast types of protocols, such as spanning tree protocol (STP).
L2PT is built on top of ISP access VLAN tagging schemes. ISP access VLAN tagging enables ISPs to segregate traffic to and from different customers in the ISP's infrastructure while the customers may appear to be on the same VLANs. Interfaces on the customer networks directed toward the ISP are typically configured as 802.1Q trunks and the interfaces on the edge switches towards the customer networks are typically configured as non-trunking interfaces to create an asymmetric link. Asymmetric links on the ISP side are configured with access VLANs that are unique to each customer.
Typically, the frames coming out from the customer networks are 802.1Q tagged with appropriate VLAN information. Each tag is preserved when the frame enters the edge switches in the ISP cloud. Upon exiting the edge switches into the ISP cloud, the frame is double-tagged with outer tag identifying the customer's access VLAN and the inner VLAN identifying the VLAN of the incoming traffic. The core switches inside the ISP infrastructure forward the traffic as normal Ethernet-tagged frames. Upon exiting the edge switch from the ISP towards the customer networks, the outer tag is stripped and the frame is sent out as regular 802.1Q tagged frame so that the original VLAN numbers in the customer networks are recovered. If traffic coming out of the customer network is not tagged, such as in the case of native VLAN frames, then these packets are bridged or routed as if they were normal packets. These packets entering the ISP infrastructure have only a single tag, which is a customer-specific access VLAN tag.
The above concept can be extended in a hierarchical manner, with border switches performing the double-tagging and the innermost switches in the ISP infrastructure performing the multiple tagging. The amount of multiple tagging that can be supported depends on the maximum length of the Ethernet frame that the hardware can handle.
L2PT allows switches on the inbound side of the ISP infrastructure to encapsulate protocol packets with a special MAC address and send them across the ISP infrastructure. Edge switches on the outbound side of the ISP infrastructure decapsulate the protocol packets and send them to a customer network. Core switches inside the ISP infrastructure forward these packets as normal packets without performing any processing on the packets. Thus, the ISP infrastructure is transparent to the customer network.
When Layer 2 protocol packets enter the tunnel port on the inbound switch, the destination MAC address of the L2 protocol packet is replaced with tunnel MAC (0100.0ccd.cdd0) and forwarded to all trunk ports. These packets also are double-tagged with an outer tag being the customer's access VLAN tag and the inner tag being the customer-specific VLAN tag. The core switches forward these packets to all the ports in the same metro VLAN without performing any processing on the packets. The edge switches on the outbound side restore the proper L2 protocol MAC and forward them to tunnel ports in the same metro VLAN. Thus, the L2 protocol packets are kept intact and delivered to other side of the customer network across the ISP infrastructure.
Referring to FIG. 1, Corp A and Corp X are connected to access VLANs R and G, respectively, and asymmetric links are created towards the networks in Site1. The Layer 2 protocol packets (for example LACP packets) coming into S1 from Corp A in Site 1 are forwarded into the ISP infrastructure as double-tagged packets with a destination MAC address set to the tunnel MAC address. These double-tagged packets have the outer VLAN tag as R and the inner tag as (for example) 100. When these double-tagged frames reaches S3, the outer VLAN tag R is removed, the tunnel MAC address is replaced with the respective Layer 2 protocol MAC and the frames are sent out to Corp A on Site 2 as single-tagged frames (i.e. with a tag reading VLAN 100).
The ISP access VLAN tagging scheme also can be enabled in access ports. In such an application, the encapsulation and de-encapsulation behavior are the same as above, except that these packets in the ISP aren't double-tagged. The single tag is customer-specific access VLAN tag.