Data communication networks may include various computers, servers, nodes, routers, switches, bridges, hubs, proxies, and other network devices coupled together and configured to pass data to one another. These devices will be referred to herein as “network elements.” Data is communicated through the data communication network by passing protocol data units, such as data frames, packets, cells, or segments, between the network elements by utilizing one or more communication links. A particular protocol data unit may be handled by multiple network elements and cross multiple communication links as it travels between its source and its destination over the network.
The various network elements on the communication network communicate with each other using predefined sets of rules, referred to herein as protocols. Different protocols are used to govern different aspects of the communication, such as how signals should be formed for transmission between network elements, various aspects of what the protocol data units should look like, how packets should be handled or routed through the network by the network elements, and how information associated with routing information should be exchanged between the network elements.
Enterprise consolidation and security considerations are drivers that demand that networks be virtualized. Virtualization of a network enables a virtual network to be created over the physical network so that traffic may be maintained private to the subset of users and nodes that form part of the virtual network. Layer 2 (i.e. Ethernet) Virtual Local Area Network (VLAN) and Layer 3 (Internet Protocol) based VPNs are functionalities that support network virtualization. There are many types of VPNs, such as MPLS based VPNs (established using IETF RFC 4364/2547), Virtual Private LAN Service (VPLS), Pseudowire, and IP-Security (IP-SEC) based VPNs. Other types of VPNs exist as well and this list is not intended to be exhaustive. While all of these VPNs have particular merit and applicability, each requires a special underlying infrastructure to support the VPN.
One common VPN technology is based on RFC 2547, which has now been superseded by IETF RFC 4364. This standard was developed to enable VPNs to be deployed on an MPLS network. VPNs based on this standard have been extensively deployed and thus the manner in which they operate is well known. Unfortunately, the MPLS infrastructure, which has its own signaling and control plane protocols, has proved expensive to implement and maintain. To alleviate some of the complication of this VPN solution, related U.S. patent application Ser. No. 11/935,563, filed Nov. 6, 2007, entitled “Supporting BGP Based IP-VPN in a Routed Network”, proposed to use the VPN infrastructure of RFC 2547 in connection with IP encapsulation rather than in connection with an MPLS network. As described in that application, the basic manner in which the PE nodes create the Virtual Routing and Forwarding tables, i.e. import route target/export route target attributes remain the same. However, rather than advertising an MPLS service label, the nodes export an IP service address that is to be used to forward traffic on the IP network. Thus, the VPN solution is able to be used over any IP network and is not limited to use on an MPLS network. Since the basic infrastructure for this IP based VPN solution is based on FC 4364/2547 control plane concepts using MP-iBGP extensions, only the VPN end-points are required to support this functionality. The nodes in the middle of the IP network operate as normal IP routers and, hence, are agnostic to the fact that a VPN is being implemented.
This previous extension of RFC 2547/4364 enables a layer 3, i.e. IP layer, VPN to be built on an IP network. There are also instances where customers would like to have layer 2 VPN rather than a layer 3 VPN. Accordingly, it would be advantageous to provide a L2 VPN solution that is easy to deploy into existing networks and does not require an MPLS infrastructure.