SHDS (Short Haul Data Services) are distant dependent. On the flip side, a Virtual Leased Line is available as point to point, multipoint or any to any on a Global basis.
Short Haul Data Service
If you have sites that are within a relatively close geographic range (up to 25 – 35 kilometres) and you have higher bandwidth or privacy requirements, SHDS should be a primary consideration. SHDS typically uses dedicated fibre to reach each of your attached sites and the bandwidth is designated solely to you.
When you subscribe to a SHDS, the carrier’s network provides either point-to-point or multipoint bridging services to your company. Unlike VLLs and optical services, SHDS is commonly delivered as a purely bridged service. Whereas a multipoint VLL uses the concept of virtual bridges across an MPLS core, SHDS typically uses IEEE 802.1-compliant bridging end-to-end using “QinQ” tagging (sometimes referred to as VLAN stacking) where your company is assigned its own 802.1Q tag to deliver your Ethernet frames transparently through the service provider network (known as an S-tag). You are then free to use your own VLAN tags (known as C-tags) to keep your own Layer 2 traffic separate and isolated from each other.
SHDS is ideal for connecting multiple regional campus networks together. From the customer perspective, SHDS is operationally no different than having all of your campuses directly connected to each other with physical cables. Since the bandwidth is dedicated to you and the geographic proximity is close, you will not have latency considerations that are present with technologies like VLLs that can connect sites across far-reaching distances. Likewise, since SHDS is normally a bridged service, failover times are quicker and your service provider may even offer options like link bonding which both increases bandwidth and redundancy for your network.
Optical Services
Optical services generally have a longer available geographic reach as compared to SHDS, though they are still normally delivered within geopolitical boundaries such as a single country or continent. Optical services provide the customer with dedicated point-to-point bandwidth, though not in an end-to-end dedicated fibre as is the case with SHDS. Optical services are normally transmitted through the carrier network as a single wavelength among many in Dense Wavelength Division Multiplexing (DWDM) circuits.
DWDM is a different kind of multiplexing than what is used for MPLS-based VLLs. With MPLS, all customer traffic is divided into packets with each individual packet getting the full bandwidth of the carrier backbone links as they are transmitted. First, one customer’s packet is transmitted, then another and so on. With DWDM, multiple customers’ traffic traverses the backbone links simultaneously as separate dedicated wavelengths. This means your traffic is always given the full bandwidth of the individual wavelength, which is typically 10 Gbps or more and cannot be usurped by another customer’s traffic.
When you subscribe to an Ethernet optical service, the service provider gives you a regular Ethernet handoff which is then multiplexed with other customers on the carrier-side. The Ethernet handoff expects normal Layer 2 Ethernet frames which the service provider transmits unmodified to the other end of the link. Optical services can also be offered as Layer 1 and in various other Layer 2 formats such as Fibre Channel for SAN extension.
In the previous few decades, before Ethernet services became ubiquitous, leased lines using serial-based technologies were the most popular because they were based on and interoperated with the global Public-Switched Telephone Network (PSTN) which used circuit-switching technologies. When you purchased a serial leased line, your traffic would have inevitably been aggregated with other customers into larger, faster backbone connections at some point, but the amount of bandwidth you leased from the carrier was still completely dedicated to you end-to-end.
VLLs are named as such because the bandwidth is no longer dedicated just to you as the end customer. That doesn’t mean you won’t get the full bandwidth that is leased to you from the carrier, it just means that in the carrier backbone, they are using packet switching with statistical multiplexing to serve more customers with the same amount of aggregate bandwidth. If all customers used all of their leased bandwidth at the same time, this model would not work. In reality, this model works well for carriers because while backbone links are typically oversubscribed, they are also closely monitored for bandwidth utilisation so that customer traffic is not impacted. In addition, VLLs are almost always backed with a Service Level Agreement (SLA) which guarantees a particular level of performance and uptime. If the carrier does not meet the SLA, financial restitution may be sought.
To provide Ethernet services using VLLs, carriers typically use Multi-Protocol Label Switching (MPLS) in their core network. This enables the previously-mentioned statistical multiplexing ability where multiple customers can have their traffic carried simultaneously over the same shared carrier backbone network. A carrier’s core network also has other service-enhancing capabilities such as link and node protection with fast reroute, which means if a link or even an entire router fails, the fault is detected and traffic is routed around the failure extremely quick, typically faster than 50 milliseconds.
One of the biggest advantages of VLLs is that they have a global reach. Since the Ethernet traffic is ultimately encapsulated into label-switched packets, interoperability between different carriers can be achieved very easily through various inter-provider agreements. VLLs provide a performance level that is adequate for most user applications and use cases and can cost-effectively provide globe-spanning connectivity for your business.
Virtual Leased Lines: Point-to-Point
One of the simplest services a carrier can provide is a point-to-point VLL (also known as a pseudowire). With this type of connection, you are given what amounts to a virtual extended Ethernet cable where the devices on each end of the connection appear to be directly connected to each other. Whatever Ethernet-framed data goes in one side of the link comes out of the other side, depending on the exact features the service provider enables in the pseudowire.
Within the Ethernet point-to-point framework, a service provider can control what types of Ethernet frames are allowed to traverse the VLLs. Some providers dictate that the Ethernet frames it receives from your Customer Premises Equipment (CPE) must not carry any VLAN tags while others dictate that frames must be received with a particular tag. Different carriers may or may not additionally place additional restrictions on Layer 2 control frames, such as Spanning Tree Protocol (STP) Bridge Protocol Data Units (BPDUs) or device recognition protocols like Cisco Discovery Protocol (CDP) and Link-Layer Discovery Protocol (LLDP). Still others provide a “raw” service where any properly-formatted Ethernet frame is carried as long as it is under the specified Maximum Transmission Unit (MTU). These different kinds of restrictions allow carriers to produce various revenue-generating feature sets.
One of the most common use cases for point-to-point virtual leased lines is for a lower-cost Datacentre Interconnect (DCI) where multiple datacentre VLANs reside in two separate physical locations. Since the same IP subnets can be used in both places and the two datacentres appear as a single logical entity to the rest of your network, you can do things like Virtual Machine (VM) mobility and use both datacentres simultaneously in an active/active fashion.
However, like all point-to-point Layer 2 connections, you must take into consideration possible failures that could occur and the latency that is incurred, especially when your two sites are very distant. Many applications that connect at Layer 2 are expecting a certain maximum latency threshold and start misbehaving if that threshold is crossed, particularly control plane traffic like routing and bridging protocols. If you do not take these constraints into serious consideration, you run the risk of a single failure bringing down both datacentres.
Virtual Leased Lines: Multipoint
When you have more than two geographically separated sites requiring direct connectivity at Layer 2, you need a multipoint solution. With a multipoint Layer 2 solution that uses Ethernet, the carrier’s network appears to your CPE devices as a single switch in the middle of your devices. That is, each of your CPE devices will see each other at Layer 2 and can reach each other directly through the carrier’s backbone.
Like with point-to-point VLLs, the service provider can offer different services by dictating VLAN tags, allowing raw Ethernet frames and permitting or denying Layer 2 control plane traffic like BPDUs across their network. Also like with point-to-point VLLs, multipoint VLLs typically use MPLS across the carrier backbone. Multipoint Ethernet VLLs are usually delivered using one of two different underlying technologies: Virtual Private LAN Service (VPLS) or Ethernet Virtual Private Network (EVPN).
VPLS was developed first and is implemented as a full mesh of point-to-point pseudowires in the service provider’s network. This is transparent to you, as the customer, but it means that the multipoint Ethernet service is delivered in the data plane, which has a couple of implications and restrictions. With VPLS, each Provider Edge (PE) router implements a “virtual bridge” whereby broadcast, unknown unicast, and multicast frames (so-called “BUM” traffic) must be flooded to all other sites whenever the local bridge does not know where the destination endpoint resides. VPLS further has a limitation where dual-homed CPEs must use active/standby links and cannot use both together simultaneously.
EVPN is newer and is the replacement for VPLS. Whereas VPLS maintains Layer 2 reachability through the data plane, EVPN does this through the control plane by using BGP to enable “MAC routing”. That is, the MAC addresses residing at each site are carried in BGP which enables new service-enhancing features such as the ability to have active/active links for dual-homed CPEs, true MAC mobility and Integrated Routing and Bridging (IRB). IRB allows the service provider network to act as the default gateway for the VLAN.
EVPN has “gateway synchronisation” capability whereby each nearest PE router acts as the local gateway so that traffic from each site does not have to be backhauled to a single location when IP routing is performed. In the DCI scenario, if all of your connected sites have multiple IP subnets present at each of the sites, you no longer have to designate a router at one of the sites to serve as the gateway. The service provider’s PE router can perform this function for each connected site, and traffic is routed locally instead of requiring a double transit across the carrier’s core and back in order to reach the gateway.
VPLS is still the most common multipoint Ethernet L2VPN solution due to the heavy investment in existing networking equipment, but over time EVPN will replace it due to the new features it offers as well as the dramatic improvement in scalability. With VPLS, every PE router must know about every MAC address in every attached site. This is why some VPLS providers limit the number of MAC addresses they will learn from the customer. With EVPN, no longer does each PE require maintaining a complete list of MAC addresses, which enhances scalability.
Comparing your Ethernet options?
As you consider different kinds of Ethernet services, each have their own strengths, weaknesses and applicability to particular use cases. While you can make the majority of use cases work across nearly all of the different kinds of available Ethernet services, some use cases are better suited for particular kinds of Ethernet services. We dedicated the largest portion of this article to VLLs because they are both the most common and most cost-effective. However, when you have both shorter physical distances to cover, stricter latency requirements and higher bandwidth needs, SHDS and optical services might suit your business needs more effectively.
SHDS offers multipoint capabilities and dedicated bandwidth, while subscribing to an optical service may provide even higher levels of dedicated bandwidth, though is typically offered as a point-to-point service exclusively. SHDS is better suited for connecting multiple campus networks together in relatively close-proximity, whereas an optical service may serve better for DCI needs. VLLs effectively cover both use cases, though with lower bandwidth and higher latency considerations.