MPLS is the core of the service provider. The connection from one PE router to another PE router will be via MPLS where you have an internal traffic routing protocol like OSPF and has a label that is handled by LDP or TDP and indirectly connected BGP protocols between two devices PE all over the network.
Now let's see what is the difference between L2 VPN MPLS and L3 VPN MPLS?
L3 VPN MPLS:
In the case of L3 VPNs, the service is provided to the clients by the service provider which creates a VRF for each client or per L3 VPN. This means that the client sends the traffic in the form of packets over a CE router with a BGP protocol connection, net routing is done on the edges of the MPLS network where there is a PE-CE connection in order to connect to other sites of customers around the world. For L3 VPN think of it as a big distributed router.
L2 VPN MPLS:
In the case of L2 VPN, it could be an Ethernet cable across client sites where the routing will be managed by the client. It means that the routing information is not shared with the service provider and there is a tunneling between the PE router to another PE router in order to communicate from one site to another. L2 VPN think of it as a big distributes Ethernet switch.
Some clients in enterprise network do not want to share routing information so they use L2 MPLS instead of L3 MPLS but many clients use L3 MPLS it is always secure too.
