Computer networks are utilized for providing collaborative environments allowing users to share and exchange information across multiple computer systems. A computer network typically includes a number of entities interconnected over a communications media. An entity may include any device, such as a computer, that transmits or receives data frames over the communications media. A common type of computer network is a local area network (LAN) which typically refers to a privately owned network within a single building or campus. LANs typically employ a data communication protocol (LAN standard), such as Ethernet, that defines the functions performed by data link and physical layers of a communications architecture (e.g., a protocol stack).
Traditionally, Ethernet has been used in enterprise LANs, while traditional interoffice connections were typically via frame relay or asynchronous transfer mode (ATM). Following a hub and spoke model, the data centers reside in one main office and all the remote branches connect in to them. This required all remote branches' communication to be routed via the hub node. As the size of LANs increased forming metropolitan area networks (MANs) and wide area networks (WANs) requiring point-to-multipoint access, it became apparent that frame relay and ATM were not able to provide that kind of multipoint layer 2 service without a complicated mesh topology.
One option that has been implemented is to use a layer 3 virtual private network (VPN) to interconnect the remote branch offices. However, layer 3 VPNs require substantial overhead. VPNs require knowledge of the customer routing topology and also an expensive edge router. Furthermore, security conscious customers do not like the idea of exposing their internal routing infrastructure to their service providers.
The Internet Engineering Task Force (IETF) drafted the virtual private LAN service (VPLS) to provide point-to-multipoint services over a Multiprotocol Label Switching (MPLS) transport network. As VPLS services mature, service providers are deploying services that could scale to previously unforeseen levels. Service providers no longer need visibility into the customer's routing topology, and customers are able to run just about any protocol they want. This is welcomed by customers who operate different protocols on their network and desire interoffice connectivity.
While VPLS provides customers with most of the functionality they need, it does not address service providers who do not have an MPLS-based core network. As a result, the use end-to-end Ethernet-based layer 2 networks have been proposed. While the Institute of the Electrical and Electronics Engineers (IEEE) 802.1ad standard addressed MAN requirements, the ongoing IEEE 802.1ah standard is what will fulfill this new requirement to replace an MPLS core network. However, it does not preclude interoperability with a VPLS network.
Layer 2 networks are also subject to address space limitations'. While IEEE 802.1ad offers more services than VPLS services, they are not able to scale much and are limited to 4095 IEEE 802.1ad service instances, e.g., virtual LANs (VLANs). MANs are widely used by service providers for providing a large number of VLANs to a large number of customers over a single provider backbone bridge network (PBBN). MAN adopts LAN technology and applies it to wide area use. Under IEEE 802.1ad, VLAN tag space is limited to 4096, limiting a service provider to 4096 VLANs. IEEE 802.1ah provides for expanding VLAN tag space in a PBBN, potentially providing millions of VLANs. Specifically, IEEE 802.1ah will specify a mechanism to encapsulate the whole customer payload data into a new Ethernet frame that carries an additional multiplexer field called the I-TAG after the provider backbone VLAN tag (B-VLAN).
Since the PBBN is Ethernet-based, flooded traffic, such as broadcast, unknown multicasts and unknown unicast, are common. The potential to detrimentally impact the performance of the PBBN increases as the number of VLANs grows beyond that supported by IEEE 802.1ad. Thus, there is a need to restrict floods in the PBBN.
Currently, there are multiple mechanisms available to restrict floods in a layer 2 network. One such mechanism is source learning based on traffic. The source MAC address and ingress port are learned in the layer 2 table and used to forward traffic in the reverse direction to the correct egress port. VLANs can also be used to constrain broadcast and flooded traffic. Although PBBN networks can be pruned based on the B-VLAN, there is no mechanism to prune the PBBN based on the B-VLAN and the I-TAG. The lack of such a pruning protocol causes traffic to reach PBBN edge nodes even if it is not required at that node.
Another mechanism for restricting floods is to leverage a network management system (NMS) to identify spurious traffic and provision the mapping of the I-TAG to a B-VLAN that runs to only the edge nodes which require that service instance. However, this requires the NMS to continuously monitor floods on the B-VLANs to make an informed decision on which service instances are causing the spurious floods or broadcasts. When supporting millions of service instances, this could become very intensive processing for the NMS system, significantly decreasing the bandwidth the PBBN as well as the processing speed of the NMS system.