L2 VPLS General


Virtual Private LAN Emulation is a L2 VPN technology based on MPLS which provides multipoint services.


  • VPLS is a LAN type of service provided to CEs over MPLS backbone. Most services are provided by the PE.
  • VPLS is basically a full mesh pseduwires with split horizon forwarding and source MAC address learning.
    • Each PE has to have a PW to another PE part of the same VPLS instance. A frame can't be send to intermediate PE or out the incoming PW.
  • Using Cisco's terminology the Bridge Domain connects to a Virtual Forwarding Instance which interconnects all of the pseudowires. Together all of these components create a Virtual Switching Instance.

Forwarding Plane

  • Each participating PE that has is a member of the same VPLS, has to have a full mesh of pseudowires. Basically a frame can't be send to one intermediate PE and have that PE forwarding it to another PE (think about iBGP route distribution as an analogy). It has to be send directly.
  • MAC entries can be entered statically or learned dynamically.
  • Learning is done using MAC Address Source-Based Learning. After a certain timer they expire unless updated.



MAC Address Aging

MAC Address Limit

  • Since each PE needs to learn about the client MAC addresses, VPLS bridges have a limit on the number that can be used for forwarding.
  • In Cisco IOS-XR the default limit is 4000 (range 1-512,000).
  • There are three actions that can be taken when the limit is reached:
    • Limit Flood: discard any new MAC addresses.
    • Limit no-flood: discard new MAC addresses plus flooding of unknown unicast is disabled.
    • Limit shutdown: disable forwarding MAC addresses.

MAC Address Withdrawal

  • To improve convergence, VPLS can withdrawal MAC addresses from the domain. LDP Address Withdrawal message is used with a list of MAC addresses to withdraw.
  • By default this feature is enabled on IOS XR.

Control Plan


  • VPLS Autodiscovery eliminates the need to create manual VPLS neighbors. It allows for PE router to discover each other part of the same VPLS domain.
  • Discovery uses BGP protocol.
  • Without having autodiscovery, the PW would have to be manually created to each PE.


  • Signaling is used to create the pseudowires between already discovered PEs.
  • Signaling can use LDP or BGP protocols.
  • When using BGP, the NLRI has takes care of both autodiscovery and signaling. Extended communities are also applied. See below:
    • NLRI:
      • Length (2 bytes)
      • RD (8 bytes)
      • L2VPN Router ID (4 bytes)
    • Ext Community:
      • VPLS-ID (8 bytes)
      • Route Target (8 bytes)
  • When using LDP, targeted LDP session is used to exchange the label values associated with PWs.
    • FEC 129 is used for signaling.
    • It includes: VPLS ID, Target Attachment Individual Identifier (TAII) and Source Attachment Individual Identifier (SAII). Also the inner PW label.


rating: 0+x
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License