Managed Ethernet access is available in a variety of different forms, each of which is designed for different capabilities and respective price points. When you subscribe to a managed Ethernet service, you sign an agreement with one or more service providers to establish Layer 2 connectivity between your sites.
Virtual leased lines (VLLs, also known as pseudowires) are point to point Layer 2 connections that are considered virtual because they are multiplexed over one or more carrier networks using Multi Protocol Label Switching (MPLS).
This means that unlike with dedicated short haul fibre service, traffic within the carrier networks between your sites is not dedicated to you and is shared among multiple customers. MPLS encapsulation serves as a tunnelling mechanism in order to maintain strict privacy between your traffic and the network traffic of other subscribers.
In addition, when you purchase a VLL service there is normally a service level agreement (SLA) in place that guarantees specific performance from the VLL such as a guaranteed level of throughput. Depending on your contract and the QoS configuration placed on the carrier equipment, you might be able to utilise more than your contracted bandwidth limit if it is available, but you will always be guaranteed a minimum throughput level.
Virtual Private LAN Service (VPLS) uses similar underlying technology as VLLs except VPLS is offered as a multipoint service which makes all of your sites appear as if they were connected to the same logical Ethernet switch.
With VLLs, there is no MAC learning and whatever enters one end of the connection will be delivered to the other end, as long as it is a valid Ethernet frame. With VPLS, the carrier network learns the MAC addresses at each of your sites so that it can emulate a traditional bridge and forward frames as appropriate between your sites. This saves bandwidth across the carrier network and optimises traffic between your locations.
The dedicated fibre option is usually a little more expensive than VLLs and VPLS because the entire portion of bandwidth is dedicated solely to your connection and is not shared among other customers.
This requires dedicated resources within the carrier network, which usually leads to slightly higher prices, though it usually accompanies improved levels of service and better guarantees. This option is very popular for connecting regional data centres together.
While an MPLS Layer 2 VPN service can be marketed as a Layer 2 Ethernet WAN, the primary difference between these two services is in how the traffic is transported across the carrier backbone network. Layer 2 Ethernet WAN is normally transported as regular Ethernet frames across the entire network from ingress to egress. This can be done through one or more levels of bridging or through optical multiplexing. In either case, the bandwidth is dedicated to you.
Layer 2 MPLS, on the other hand, has a Layer 2 Ethernet ingress and egress when connecting to the customer premises equipment (CPE), but is encapsulated in IP/MPLS packets within the carrier core network. The greatest advantage of carrying traffic in this manner is that it is easier to connect globally across different service provider networks. This extends the Layer 2 reachability between your locations further than a Layer 2 service like dedicated short haul fibre is capable of.
One of the biggest advantages of subscribing to a Layer 2 service as opposed to Layer 3 is that you retain more control over how your individual sites are connected. This is particularly true if you are subscribed to a multipoint Layer 2 Ethernet service like VPLS. For example, you could design a full mesh or hub and spoke topology across the Layer 2 network whereas routing over Layer 3 services is typically only point to point.
With a traditional MPLS Layer 3 VPN service, your CPE peers with the carrier’s provider edge (PE) router with a routing protocol such as BGP and the carrier participates in and controls the routing between your sites. In most cases, the carrier dictates which routing protocol you must use. You may want to use something like Open Shortest Path First (OSPF), but they only support BGP. With a Layer 2 service, you have full control over which routing protocols you use because it is transparent to the service provider. With a Layer 3 service, you must work with the carrier to design the routing topology, which may or may not be a default full mesh. With a Layer 2 service, the design is completely under your control and can be modified whenever you wish without carrier involvement.
When purchasing a Layer 2 managed WAN service, the service provider typically installs a small device at each of your participating sites so they can manage the service. The equipment could be as simple as an ONT (optical network terminal) that provides a copper or fibre Ethernet handoff, or it could be more advanced such as a managed switch or even a carrier-class router.
Each of these different devices provides the carrier with different levels of manageability and service offerings. In the case of connectivity within a colocation facility, it is typical to have just a copper or fibre cross-connect delivered to your company’s equipment since the service provider has their own equipment installed elsewhere in the facility.
Layer 2 and Layer 3 WAN services have different and sometimes overlapping use cases. It is not uncommon to subscribe to both Layer 2 and Layer 3 services from the same service provider. For example, you may have weighed the risks and carefully designed a Layer 2 DCI to provide the same IP subnets at multiple sites and you use a Layer 2 Ethernet WAN service for this. At the same time, perhaps the carrier offers a shared private or extranet service that you must access over a Layer 3 VPN WAN service such as MPLS. This is a common delivery model with IP telephony service providers (ITSPs) where SIP trunks and call centre functionality is delivered to multiple isolated customers through a shared private network.
As more enterprise network environments begin to place workloads within public cloud offerings like Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform, sometimes it makes sense to utilise a private Layer 3 backhaul service into the cloud environment through your service provider. Frequently larger carriers have private peering agreements with major cloud players and can offer improved performance and lower network latency by connecting to the cloud environment privately through the carrier. This almost always requires subscribing to a Layer 3 service, whether you peer with the provider using a dynamic routing protocol or just use static routing.
Request our award winning resources, the step-by-step IT Managers Mindmap and our free WAN procurement workshop hosted by Techtarget.com writer Robert Sturt.
Everything an IT Manager needs to buy WAN services. Our Mindmap has been developed to define the key areas your team must consider when buying SD WAN, MPLS and VPLS.
Our free workshop, hosted at your office, is an ideal way to build on your knowledge. An interactive version of the Mindmap, Robert Sturt will walk you through the latest thoughts and considerations.
WAN / SIP / TRADITIONAL TELEPHONY / LAN / WIRELESS / CALL RECORDING / MERAKI
DATA CENTRE / SERVERS / VIRTUALISATION / STORAGE / DATA MIGRATION / BACKUP / CONTENT FILTERING / SECURITY AND PCI COMPLIANCE
BT COMPUTE IAAS / PRIVATE CLOUD IAAS / OFFICE 365 INTEGRATION / DESKTOP VIRTUALISATION / MICROSOFT AZURE
MPLS / VPLS / ETHERFLOW ETHERNET / BTNET LEASED LINE / CLOUD / SECURITY
24/7 SERVICE DESK / TECHNICAL EXPERTS / ITIL3 PROCESSES / ISO27001 SECURITY / ISO20000 ITSM / EVENT MANAGEMENT / IL3 / GPG13 SERVICES / 3RD PARTY MANAGEMENT