VPLS: Is it Hot or is it Not?

June 19th, 2008 | by Bostjan Sustar |

Many people regard Virtual Private LAN Services (VPLS) as the ultimate of MPLS features for providing any-to-any connectivity to VPN sites where minimum signaling is required between customer and provider. I agree that this nifty feature can come in handy in some specific situations, but it is important to define the VPN requirements clearly and understand VPLS limitations completely in order to use this technology properly. In simple terms, VPLS is useful if and only if the following condition is met: a single broadcast domain is required in three or more sites (but not too many). How often is that the case? Not often! In all other cases, a simple Layer 3 MPLS VPN probably will suffice; if a single broadcast domain is required in two sites, a simple point-to-point Layer 2 MPLS VPN will do (i.e., Ethernet over MPLS [EoMPLS]).

These are the main dangers with VPLS:

  • Broadcast storms can occur due to too many hosts in a single broadcast domain (e.g., 100 sites with 100 hosts each results in 10.000 hosts in a single subnet), or a “misbehaving” host generating a broadcast flood.
  • Many VPLS-based VPNs on a single PE router require the router to do a lot of packet replication for broadcasts, whereas no packet replication is required in an L3 MPLS VPN.
  • A large number of sites in a VPLS-based VPN requires a full mesh of directed LDP sessions.
  • MTU issues can arise if the MPLS backbone cannot support MTUs larger than 1530. (No fragmentation, PMTUD or manual MTU setting can be used in L2 MPLS VPNs to mitigate this issue.)
  • Scalability and manageability are impaired when using either VPLS-LDP or VPLS-BGP (see details).

My recommendation is that customers and providers use the following VPN services (in this order):

  1. Layer 3 MPLS VPN should be the default VPN service.
  2. Point-to-point Layer 2 MPLS VPN (i.e., EoMPLS) should be used where a single broadcast domain (i.e., the same IP subnet) is required in two sites.
  3. VPLS should be used where a single broadcast domain (i.e., the same IP subnet) is required in three or more sites.

  1. One Response to “VPLS: Is it Hot or is it Not?”

  2. By mvgoylen on May 8, 2009 | Reply

    Great explanation, this is what I have been looking for. Thanks a lot.

You must be logged in to post a comment.