RAD is a global leader for telecom access solutions. As an industry pioneer for over 40 years, RAD reliably supplies worldwide communications service providers and critical infrastructure operators with best-of-breed Ethernet access devices, industrial IoT gateways, 5G xHaul, and Operational WAN solutions. Offering always-on connectivity from anywhere, along with data-driven, AI-powered actionable insights, RAD is distinguished for its supply-chain stability, which outsteps the market in delivery times. Founded in 1981, RAD serves as the anchor of the $1.6 billion RAD Group, an umbrella of independent companies that develop diverse networking and data communications solutions.

Contact Us

This information will be used according to our Privacy Policy

Scroll to top of page

You are here


Ethernet over Internet: Reaching Your Customers Wherever They Are

Sep 23, 2019

Layer 2 VPNs have been in our lives for a few decades now. Whatever the underlying technology used (VPLS, VPWS etc.), it is always based on a group of customer premises equipment (CPE) devices connected over fiber to an underlying MPLS/IP backbone via a group of Provider Edge (PE) routers. These work as adaptation functions that tunnel emulated Ethernet services (also referred to as Ethernet Pseudowires) across the MPLS/IP backbone.

There are various well known Ethernet services defined by the MEF: E-LINE, E-LAN, E-TREE etc. Each one emulates a different L2 functionality and fits a different use case.

Figure 1: Legacy L2-VPN solution

Figure 1: Legacy L2-VPN solution

Carrier Ethernet services still major revenue generators
Despite the hype over recent developments related to SDN/NFV/SD-WAN and so on, Carrier Ethernet is still a major source of revenue for CSPs. It is also the motivation for much of the recent developments and MEF definitions. This is a mature market, yet it clearly keeps growing.

EAD Market

Figure 2: Carrier Ethernet Services Still Major Revenue Generator


In addition, this market is being challenged from many directions. Looking at the service provider’s competitive landscape, we see small city carriers appear and disappear, trying to bring in low cost services. Competition is fierce over each customer, existing or new, which is partly why prices-per-byte are in decline.

With a large variety of alternatives, customers are demanding instant connectivity, and many alternative OTT service providers (Amazon, Google, Facebook…) also take their (large) share of the overall revenue pie.

So, how can service providers improve their ability to compete? The answer to that is two-fold:

  1. Improving Time to Service deployment – by increasing network automation and using easy-to-install alternative lines. More importantly, however, is maximizing service uptime for business customers and connecting to them wherever they are!
  2. Lowering operational costs – by avoiding the use of expensive leased lines and reducing technician dependency for the installation phase.

Bridging fiber gaps with L2TPv3
The main tactic for CSPs to retain their existing customers is, by far, allowing them to connect to existing L2 VPN services, even from remote locations where fiber isn’t available, using an internet connection.

The underlying solution is simple. Since L2 VPNs are all about distributing or tunneling Ethernet PWEs (e.g., over an MPLS backbone), extending these services over the public internet requires an Ethernet tunneling over IP solution such as L2TPv3.

L2TPv3 is supported by many existing PE routers and allows tunneling of Ethernet PWEs over any underlay IP network, much in the same way it is done over an MPLS backbone. Furthermore, L2TPv3 provides a secure and reliable control channel between the two end-points, allowing them to negotiate the establishment of new services (Ethernet PWEs) and exchange required information, including monitoring information to check on the health and status of the connection. This greatly simplifies the operational effort and shortens the time required to set up such services. What’s more, as L2TPv3 can run over IPsec (transport and tunnel mode), it can be made fully secured and well-suited for the public internet.

The service extension model
The first use case that we will address here is the lack of fiber to connect the CPE at the remote location to the PE.

In such cases, Ethernet PWEs over an L2TPv3 tunnel (with or without IPsec) can be established over a cellular LTE network up to the MPLS PE, replacing the missing fiber connection. Each Ethernet service will be carried as a separate PWE mapped, at the PE, to a pre-defined VLAN that is recognized as an existing service by the existing L2 VPN.

Needless to say that the typical traffic bandwidth offered by the cellular network (or internet network in general) today is far more limited than a real fiber connection. Thus, it might very well be that only a portion of the required Ethernet services could be supported (on top of the CPE management that is always required). Nevertheless, with the appearance of 5G, the bandwidth will grow to match, and even top, the  bandwidth provided by wirelines.

Figure 3: the “lack of fiber” use-case


Figure 3: the “lack of fiber” use-case

The service backup model
The second use case I would like to address here is service backup. Here, the remote CPE is already connected, over fiber, to the L2 VPN PE. However, the CSP would still need to manage the CPE and possibly continue to run customer critical services, should the fiber connection go down temporarily.

Using the same L2TPv3 over LTE principals as before, Ethernet PWEs can now be transported over the backup L2TPv3 tunnel should the primary fiber connection fail. Again, as in the previous use case, the alternative link’s bandwidth might be limited so only a portion of the overall services (CPE management + most critical customer traffic) could be accommodated in protection mode.


Figure 4: the service backup use-case

Figure 4: the service backup use-case

ZTP (Zero Touch Provisioning)
I previously dedicated a four-part blog post to Off-Net ZTP over public networks. The underlying guiding principal was that any CPE that is connected over a public internet connection, beyond the control of the SP, needs to support Off-Net ZTP to simplify its initial installation and reduce service set up time.

This is also very true here for the service extension use case mainly since the CPE is required to automatically download configuration, establish the L2TPv3 tunnel and connect itself to the existing L2 VPN. Thus, on first CPE boot, the device should automatically retrieve its configuration from an internet located ZTP bootstrap server rather than be manually staged.

Key takeaways
Higher air interface data rates available today allow CSPs to enhance their L2 VPN offering by using these networks to either connect customers to their L2 VPNs where a fiber connection does not yet exist, or use it as a cost-effective backup to an existing fiber connection. This trend will intensify even further with the introduction of 5G networks and the data rates (and other features) they will bring.

Check out RAD’s solution for Carrier Ethernet demarcation with LTE and/or broadband connectivity here.


< Blog Home


About RAD's Blog

We’ll be blogging on a wide range of hot topics affecting service providers and critical infrastructure network operators. Our resident experts will be discussing vCPE, Cyber Security, 5G, Industrial IoT and much, much more.

Related Posts

  • Feb 21, 2024
    RAD Anterix CBRS


    The difference between CBRS, Anterix and how they are used in Private LTE/5G networks by utilities

  • Feb 14, 2024
    Layer 2 vs Layer 3 Switching


    This blog explains about Layer 2 and Layer 3 switching, including the OSI networking model, Ethernet protocols, and the role of routers and switches in network segmentation. Dive into the benefits and applications of both Layer 2 and Layer 3 switches, and discover how to choose the right one for your network's size, complexity, and traffic patterns.

  • Nov 21, 2023
     Secure SCADA Substation Automation

    This blog explains why SCADA systems are vital for secure and reliable monitoring and control of power systems. RAD's solution ensures encrypted end-to-end SCADA communications with redundancy, cybersecurity features, and edge computing capabilities, contributing to the efficient and secure operation of power grids in the increasingly digitized landscape.


What would you like to do?