One application for multi-protocol label switching (MPLS) is the implementation of Layer 2 virtual private networks (VPN) using MPLS tunneling. Referring to FIG. 1, a typical wide area network (WAN) includes customer edge (CE) devices 100, 104, 108, and 112, and provider edge (PE) devices 116, 120 and 124. In general, an edge device is a device, e.g., a router, that sits on the edge of a network cloud such as the Internet or a private network. The customer edge devices connect a customer to a provider network using a data link technology, such as frame relay, while the provider edge devices reside on the edge of the provider network and aggregate connections from the customer sites. In many traditional configurations, the CE “devices” 100, 104, 108, and 112 are actually groups of homogeneous CE devices—i.e., multiple CE devices that are connected to their PE device using the same data link or data link type—that share the same edge of their connected PE device.
Each CE device 100, 104, 108, and 112 communicates with its connected PE device 116, 120, and 124 using a data link 128, 132, 136, or 144. In the illustrated network, data link 128 is a gigabit Ethernet data link connecting CE device 100 to PE device 116, data link 144 is a gigabit Ethernet data link connecting CE device 112 to PE device 116, data link 132 is an ATM data link connecting CE device 104 to PE device 120, and data link 136 is a frame relay data link connecting CE device 108 to PE device 124. The WAN of FIG. 1 is a heterogeneous network in that the CE devices in the WAN communicate with their associated PE devices using different data link layer protocols.
Each CE device may be said to be “local” to the PE device it is attached to, and “remote” to the other PE devices in the WAN. For example, CE devices 100 and 112 are local to PE device 116 and remote to PE devices 120 and 124. Similarly, CE device 104 is local to PE device 120 and remote to PE devices 116 and 124.
The PE devices 116, 120, and 124 may communicate with each other through a network cloud 140 using various methods based on Border Gateway Protocol (BGP), Label Distribution Protocol (LDP), Layer 2 Tunneling Protocol (L2TP), etc. For example, using BGP through the cloud 140, the PE devices 116, 120, and 124 may exchange information that describes the blocks of Layer 2 virtual circuits connected to each PE device. After this exchange of information and/or through configuration, each PE device is aware of the CE devices that belong to its own virtual private network (VPN) and the identifiers for the data links that connect those CE devices.
In operation, for example, when CE device 100 transmits information to CE device 104 across their VPN, CE device 100 first transmits its frame of information to its connected PE device 116. The PE device 116 reads the Layer 2 header in the frame to identify the destination CE device 104. The PE device 116 removes the Layer 2 header from the frame and concatenates the raw IP packet with a VPN label that identifies the destination CE device 104 and its associated PE device, i.e., PE device 120. Then, the PE device 116 transmits the data using an MPLS tunnel through the network cloud 140 to the destination CE device's attached PE device 120. The PE device 120 receives this information and removes the VPN identifier from the packet. The PE device 120 prepends a Layer 2 header that identifies the destination CE device 104 to the packet before transmitting it to the destination CE device 104 over the data link 132.
This MPLS-based Layer 2 VPN is scalable, in that a new CE device may be added to the WAN by physically connecting the CE device to an existing PE device, and then manually reconfiguring the PE device. However, it fails to provide a mechanism whereby the PE device would automatically configure itself and its peer PE devices to add the new CE device to the network. Such a mechanism is desirable in that it reduces the amount of human intervention required to add a new CE device to the network. Moreover, this VPN does not provide a mechanism for satisfying control messages, such as address resolution messages (e.g., an ARP request), sent from one CE device using one type of data link (e.g., a frame relay link) that is attempting to discover the address of a second CE device across the VPN that uses a different type of data link (e.g., an ATM link).