Professional Documents
Culture Documents
MPLS
MPLS . , MPLS-VPN; - -, , , , ,
-, . - , , , MPLS.
1 2 , ,
, , - .
1.
1.1.
1.2.
1.3.
2.
2.1.
2.2.
2.2.1.
2.2.1.1.
2.2.2 .
2.2.2.1.
2.2.2.2.
2.3.
2.3.1.
2.3.2
2.3.3.
2.3.4.
2.3.5.
2.4.
2.4.1.
2.4.2.
2.5.
3.
3.1.
3.2.
3.3.
3.3.1.
3.3.2.
3.3.3.
3.3.4.
3.4.
3.4.1.
3.4.2.
3.4.2.1.
3.4.2.2.
3.4.3.
3.5.
3.5.1.
3.5.2.
3.5.2.1.
3.5.2.2.
3.5.2.3.
3.6.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3
, . . . . . . . . . . . . . . . . . . . .3
-, ,
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
Cisco . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
MPLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
MPLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8
VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10
(Peer Model) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11
MPLS-VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11
MPLS-VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12
MBGP . . . . . . . . . . . . . . . . . . . . . . . . . .13
/ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
VRF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14
- P- . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14
MPLS-VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15
MPLS-VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15
MPLS-VPN Hub-and-Spoke . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
MPLS-VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
- / . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18
VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
() . . . . . . . . . . . . . . . . . . . . . . . . . .19
. . . . . . . . . . . . . . . . . . . . .20
. . . . . . . . . . . . . . . . . . . .21
MPLS-VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
CE- . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
MPLS (P + PE) . . . . . . . . . . . . . . . . . . . . . .22
P PE VRF . . . . . . . . . . . . . . . . . . . . . . . .22
P PE . . . . . . . . . . . . . . . . . .23
: Extranet Multiple VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24
CE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24
( ) . . . . . . . . . . . . . . . . . . . . . . .25
( ) . . . . . . . . . . . . . . . . . . . . . . . . . .26
- . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27
3.6.1.
3.6.2.
3.6.3.
3.7.
3.7.1.
3.7.2.
3.7.3.
3.7.4.
3.7.5.
3.7.6.
3.7.7.
3.8.
3.8.1.
3.8.2.
4.
4.1.
4.2.
4.3.
4.4.
4.5.
4.6.
4.7.
4.8.
4.9.
5.
5.1.
5.2.
5.3.
5.4.
5.5.
5.6.
5.6.1.
5.6.2.
5.6.3.
-
( ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27
-
( ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28
- . . . . . . . . . . .29
(QoS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29
IP Precedence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30
Committed Access Rate (CAR) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30
Weighted Random Early Detection (WRED) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31
Weighted Fair Queuing (WFQ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32
Class Based Weighted Fair Queuing (CBWFQ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33
WFQ IP Precedence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33
Modified Deficit Round Robin (MDRR) GSR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34
. . . . . . . . . . . . . . . . . . . . . . . . .35
MPLS Diff-Serv (
GB TE) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36
MPLS-VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37
( ISDN) . . . . . . . . . . . . . . .37
DSL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39
(BBFW) . . . . . . . . . . . . . . . . . .39
Frame Relay/ATM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40
CoS/QoS PE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40
(CE PE) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41
RIPv2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41
IS-IS OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41
MP-BGP4 ( BGP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42
BGP (BGP Route Reflectors) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42
(Customer Equipment CE) . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43
VPN Solutions Center ( VPN) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46
(Fault Management) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46
. MPLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47
1.
,
IP-
-
. -, ,
( ), ,
(
),
.
, - , , , .
,
.
, ,
(),
. ,
,
,
.
(VPN)
. -
VPN. ,
(e-commerce), , -
. , -
.
1.1. ,
-
,
(VPN), ,
(.
1 2). 1 Yankee Group, 2
Infonetics.
VPN.
1: Yankee Group VPN
2: Infonetics VPN
( . )
VPN
VPN
, Infonetics ( 2000 )
MPLS -,
VPN. , 2004 - 9,1 . , MPLS
, 83% MPLS
2001 (. 3).
Web-
MPLS
, , -, VPN , , .
VPN
, , 2 3. VPN 3
-
. VPN ,
,
( IP) 2.
VPN , , ,
.
,
VPN , Frame Relay ATM.
VPN 2. IP- 3 -
() ,
,
. , .
-
, - IP . , ,
IP-,
. IP-.
VPN
. , ,
- VPN,
,
. ,
,
. ,
, - VPN ,
.
- MPLS
MPLS-VPN
VPN
IP. -
.
, (QoS)
MPLS, (connectionless features),
VPN . ,
(, IPSec),
, .
1.2. -,
,
, -,
,
MPLS ,
. - MPLS , .
, - ,
, ,
.
, , MPLS (fast re-route).
MPLS ,
. :
MPLS, , -
.
,
VPNSC (Cisco VPN Solutions Center),
,
VPN 2.
MPLS
ATM (IP+ATM), PNNI
MPLS, .
,
.
MPLS, QoS . , ,
.
MPLS-VPN
, :
;
( CAR);
VRF ;
(CoS), ..
;
VRF;
VPN;
PECE.
-
:
-
MPLS 75% Frame Relay DLCI;
MPLS , . .
1.3. Cisco
Cisco Managed MPLS-VPN
Solutions -,
VPN,
.
MPLS
ATM
IP. MPLS IP ATM PNNI VCI/VPI. (Label Distribution Protocol), ,
VPI/VCI ATM,
ATM
(Label Switch Routers LSR). -
, , MPLS , ,
, , SONET/SDH, DWDM
.
ATM, MPLS ATM
( LSR) ,
,
(
VC-merge).
MPLS
,
5.
, , MPLS.
A, , .
(core network)
P- ( P
). MPLS P- (Label Switch Routers LSR). , ATM, ATM
MPLS,
3, . P- -
(),
MPLS.
, (Label Distribution Protocol).
(VPN) BGP-, -.
PE- ( PE )
MPLS (MPLS core) , . CE-
(CE ) PE- MPLS-VPN. PE- BGP VPN. , PE- ,
. PE-
Route-Reflector (RR). RR- , PE-.
. PE- .
5. MPLS
iBGP
VPNA
2.2.0.0
VPNA
2.5.0.0
CE
VPNB
1.2.0.0
VPNA
2.1.0.0
CE
PE
PE
CE
VPN
2.6.0.0
VPNB
1.3.0.0
CE
PE
VPNB
1.1.0.0
CE
PE
CE
MPLS PE
VRF ( VPN)
VPN. VRF
,
VPN. MPLS- , VPN
(Route Distinguisher RD),
CE. (RD) PE-, P- ,
.
,
P-,
, CE-.
. PE- , VRF,
VPN,
CE. VRF
(import policy), , PE
, (export policy), , .
2. MPLS
, VPNA VPNB. ,
MPLS-VPN,
, , .
MPLS ,
IP VPN. MPLS -
, IP VPN
, . MPLS - IP VPN
, ( Frame
Relay ATM WAN)
( ).
PE-
MPLS, ,
.
, LDP ,
P- ,
. MPLS , .
VRF, MPLS-
VPN. , ,
VPN. , BGP,
OSPF RIPv2. 4 VPNA, 2.0.0.0
A. , 2.2.0.0,
VPN.
. -
MPLS
.
, .
, ,
. . ,
. , (,
), ,
.
. - -
6. MPLS
MPSL: (forwarding)
1. (, OSPF, IGPR)
2. LDP ,
5. LSR
3. LSR
,
3
4. LSR
,
8
IP-. , .
2.1. MPLS
, MPLS,
-, .
6.
1.
. IP+ATM,
-. , OSPF
IS-IS.
2. (Label
Distribution Protocol LDP)
, . (Label Switched Paths
LSP)
.
MPLS ATM PVC, VCI/VPI.
3.
Label Switch Router (LSR), , 3- (,
QoS ).
(policies), LSR , , .
4. LSR, ,
,
( ) .
.
5. LSR,
,
.
LSR MPLS 3- .
LSR IP-. ,
.
(,
-
); MPLS . MPLS
(policy mechanisms),
IP. ,
. IP- MPLS
, .
,
.
2. LSR , , 4 9
0.
MPLS, 7, (MPLS forwarding tables).
2.2. VPN
In
Lbl
Address
Prefix
128.89
171.69
Out
Int
1
1
Out
Lbl
4
5
In
Lbl
4
8
5
IN
I/F
2
1
2
Address
Prefix
128.89
128.89
171.69
Out
Int
0
0
1
Out
Lbl
9
10
7
In
Lbl
9
10
IN
I/F
1
1
Address
Prefix
128.89
128.89
Out
Int
0
0
Out
Lbl
LSR
1
128.89.25.4 Data
2
4 128.89.25.4 Data
9 128.89.25.4 Data
MPLS-VPN ,
VPN,
. , , ,
.
2.2.1.
-
WAN IP-.
- IGP-
. , - (private network
backbone).
LSR
LSR
3. 9 ,
, 0. , IP
.
0
128.89.25.4 Data
1
LSR
1.
LSR, , 128.89. LSR
4,
1.
, ,
.
-
. ,
, (VPN).
VPN ,
, ,
.
. Frame Relay ATM . -
, -, . , , .
IP-, , IPSec GRE.
- ( ). , ,
. .
10
-, ,
, , . ,
, . , -.
, IP-
, .
,
. . .
2.2.1.1.
, ,
(meshed network). ,
,
, .
(meshed), ,
, () ,
()
. ( -), ,
, , .
(fully
meshed), , .
(
),
. , IP-
.
2.2.2. (Peer Model)
, VPN, . -,
, . VPN -.
VPN C
,
.
C1 ()
C2, , (
). , (CE), (PE).
CE-
. - CE-. CE- PE- - P-. PE- - CE-.
.
CE-
,
. ,
IP- ,
Frame Relay, CE-.
IP-.
. .
2.2.2.1.
:
, - VPN,
,
VPN. , VPN.
-,
CE-.
. CE- .
.
, , ISP.
, -.
- ,
.
,
P-.
C-. . ,
,
.
IP- -
, P- .
. CE- (
IPSec). ,
CE-.
,
CE- , .
, -, . , .
2.3. MPLS-VPN
2.2.2.2.
, ,
:
-
.
IP- (, , ), . IP-
, P-
.
() . -- (ISP)
,
IP VPN
, - , ,
(QoS) ,
, , IP- (VC-meshed networks).
, VPN, IP, . , IP- , VPN , . . , IP,
11
TCP/IP.
12
E-.
VPN , (, SNA,
).
. , VPN- (VPN-aware), , . MPLS , VPN-. - VPN
.
.
PE-.
, PE- .
, MPLS
. MPLS ,
, Frame Relay ATM
. VPN
, MPLS VPN,
IP- VPN.
- - ,
.
2.3.1. MPLS-VPN
MPLS-VPN MPLS
, BGP . , IP- . , .
, -
. ,
VPN IP- .
- (IP forwarding). PE
CE (forwarding table), , CE-.
CE- PE- ( ),
,
CE-, . , ,
, CE (
, ).
VPN (.. VPN
), .
C-
P-. - PE- P-.
. , CE ( -
-).
C- ; CE-, ,
, , External BGP PE- . EBGP OSPF,
RIP II . C- (IGP) P-.
,
VPN P-, .
2.3.2. MBGP
- IPv4 C- VPN-IPv4. VPN-IPv4 12 . 8 (Route Dis-tinguisher RD). 4 IPv4.
- C-
IP- C-, PE-, C-, IPv4 VPNIPv4 ( RD). , C-
IPv4, VPN-IPv4
. P- , , C-,
VPN-IPv4.
, C-
P-.
, ,
VPN,
,
VPN-IPv4 .
-
IP- -. ,
-
BGP4 , IBGP- .
,
.
, -
.
VPN - BGP,
, VPN-IPv4, .
MPLS-VPN
PE-. VPN
. ,
VPN.
VPN-IPv4 C-
( BGP) PE-, C-. PE-, C-, .
,
PE-, VPN,
P-.
VPN, PE.
2.3.3. /
MPLS-VPN PE-
(forwarding table)
C-, . ,
C-. IBGP PE,
C-.
PE-
IP- -.
VPN B FIB, iBGP
(PE2)
: + .
P-
. PE-
,
VPN/CE .
, CE-.
,
PE-,
P--
13
. P- VPN IP-.
P- .
PE-,
. PE-
( ), (
P-) PE-. P- ,
IP-. P- C.
VPN-IPv4. , P- MPLS-VPN
LSR, .
14
, P-, PE-. ,
PE-,
( ),
. PE- IP-, .
MPLS-VPN
P-
VPN
, P-.
VPN, VPN
. ,
, VPN.
,
, .
,
P- .
2.3.4. VRF
PE- (route/forwarding
tables VRF).
, PE-. IP- ,
A, (forwarding table)
, , -
(forwarding table) .
VPN, VRF
. , CE1
VPNA VPNB. VRF
PE1
VPNA VPNB. , 1
VRF. PE VRF , . ,
,
VRF.
VRF PE , , PE. , , -.
,
, . ,
, ( ), .
2.3.5 - P-
P- P- PE-. P- .
MPLS.
MPLS-VPN - , VPN .
P-
IGP- (,
IS-IS OSPF) , , PE-.
PE- IP-/32
IGP. MPLS , , PE-.
PE CE,
VRF .
CE, PE-,
CE .
CE,
PE, (BGP Next Hop), ,
BGP next-hop . .
IGP (IBGP OSPF)
BGP, . ,
BGP, . ( BGP IGP, ).
MPLS
CE
MPLS. ,
P- PE- MPLS, IP-
, PE-.
P- ( PE-), PE-,
MPLS PE-. PE-
CE. , CE IP-, MPLS.
VPN ,
, ,
:
P- ( ) ;
P- ( ) ,
IP.
, VPN , .
2.4. MPLS-VPN
, MPLS-VPN. ,
. Huband-Spoke (. ).
2.4.1. MPLS-VPN
MPLS-VPN , VPN, CE- PE- ( LSR), , P- ( LSR). 8
MPLS-VPN.
8 CE- -
8. MPLS-VPN
VPN A/ 2
VPN B/ 2
10.2/16
VPN B/ 1
10.1/16
CEB1
10.2/16
CEA2
CEB2
P1
PE2
P2
PE3
PE1
CEA1
10.1/16
VPN A/ 1
CEA3
VPN A/ 3
10.3/16
CEB3
10.4/16
VPN B/ 3
15
9. MLS-VPN Hub-and-Spoke
VPN A
1
Site-1
CE1
PE1
BGP/RIPv2
3
CE3-Hub
VPN A
PE3
CE3-Spoke
2 CE2
PE2
16
-. CE- .
PE-
-
EBGP. CEA1 PE1 . CEA1 PE1
( IP-, ). PE-
CE EBGP,
OSPF, RIPv2 .
LSR (PE-) CE-,
VPN
VPN. , 8, PE2 VPNA/Site 2 (CEA2), VPNB/Site 1
Site 2 (CEB1 CEB2). PE2 MPLS
VPN A B VPN-Ipv4 VRF .
MPLS-VPN (meshed topology). CEA1 VPN A/Site 3,
PE1. PE1 P3. P3
PE3. PE3
MPLS, IP- CEA3. CEA3 , .
,
, , , .
2.4.2. MPLS-VPN Hub-and-Spoke
MPLS-VPN Hub-and-Spoke.
MPLS-VPN , -
BGP/RIPv2
Hub-and-Spoke.
(spokes)
(hub). ,
VPN . Huband-Spoke MPLS-VPN 9.
CE3-Hub.
, , 2
1, -, CE3-Hub,
-
1.
CE2 PE2, PE1
1.
9
Hub-and-Spoke. VPN ,
. , - ,
Hub-and-Spoke.
.
Huband-Spoke MPLS-VPN.
2.5. MPLS-VPN
, , , MPLS-VPN , Frame Relay ATM.
MPLS-VPN
BGP IP-.
BGP- . ,
community. VPN , VPN BGP Route
Distinguisher (RD). RD
,
. VPN
. VPN MPLS BGP FIB (Forwarding
Information Base) VPN VPN, .
,
VPN . RD, VPN. , RD. Cisco
MPLS-VPN .
Interior Gateway
Protocol (IGP), OSPF IS-IS.
PE
-, LDP .
() PE-
LDP,
BGP. Community BGP , . BGP PE, ,
FIB PE, VPN.
,
. , IP- .
VPN .
MPLS-VPN , ,
VPN , () PE-.
IP- (forwarding table) VPN.
VPN . ,
.
VPN, .
3.
MPLS-VPN MPLS-VPN, - .
MPLS-VPN
.
:
Intranet VPN .
Extranet VPN .
VPN
CE, P PE.
.
-.
(QoS) .
.
3.1. - /
MPLS, (..
-), 10.
MPLS
(Edge LSR),
(Core LSR). LSR
.
10 -
17
10. MPLS-VPN
CE
PE
PE
LSR
LSR
LSR
LSR
CE
LSR
LSR
LSR
LSR
LDP
( )
18
( )
MPLS-VPN.
MPLS - ( ).
MPLS-VPN
Edge LSR, VPN-MPLS, PE.
(CE-)
IP- ( ) , , MPLS.
, PE
. -, .
PE LSR.
MPLS-VPN LSR P-. P-
( )
-.
3.2. VPN
Intranet VPN VPN MPLS.
. (). ,
. IP-
, , .
11 . (VPN Route/Forwarding VRF)
11. ()
CE
3
CE
2
CE
1
. , , VRF.
VFR , -.
VRF
.
VRF 1 A C1 (C1a, C1b ).
VRF 2 B
C2 (C2a, C2b).
3.3. VPN
, VRF / , route-target. ,
VRF 1 A
C2b 2 B, VRF 2 B
C1a 1 A.
3.3.1.
() / VRF . IP-, IP- , VRF.
3.3.2. ()
, ,
,
() ,
.
13 -
12 , 1
2, ,
A B. , : 1
A 2 B. ,
12.
2
B
VRF
VRF
2
A
1
B
VRF
1
A
/
19
13.
2
B
VRF
VRF
2
A
1
B
VRF
1
A
/
20
C. 1 A
2 B, (NAT), C1A
C2B .
MPLS PE-
VRF,
( ,
CE-).
3.3.3.
14 .
(NAT gate-
way), VRF
Intranet VPN. VRF,
NAT, . Ct1 VRF 2
B, Ct2 VRF
1 .
NAT.
NAT
NAT.
, .
3.3.4.
2
B
14.
VRF
NAT
VRF
2
A
VRF
1
A
/
1
B
15 . Extranet/NAT Intranet/nonNAT , PE-.
CE- ,
, VRF,
. -
VRF
, .
,
CE NAT, , . , C.
, ,
,
2
B
15.
VRF
21
VRF
2
A
VRF
1
B
1
A
/
VRF ( ,
).
, - . - CE-
CE-
(end-to-end) NAT.
15 : 1
A (C1A) 2 B (C2B),
(NAT).
C1A C2B,
, Ct1, . C2B , , C1A , Ct2.
Extranet_overlapping_nat13
. , , NAT- x.
3.4. MPLS-VPN
3.4.1. CE-
-
, . , - CE, CE ( )
.
.
VRF, VPN_Network_Management,
16. VRF CE
VRF 1
VRF 2
VRF 3
VRF
()
22
CE-. - (
)
VRF. , VRF - ( ),
CE-.
VRF CE- .
CE-. 16 VRF.
CE- ,
, -.
3.4.2. MPLS
(P + PE)
, P- PE- VPN Solutions Center.
CE-, PE- VRF, (Global Routing Table).
PE.
P- PE- VRF,
.
3.4.2.1. P PE
VRF
P- PE- VRF 17.
loopback P PE , VRF. -
17. VRF PE
VRF
()
MPLS ,
VRF ,
MPLS, , .
18. PE-
(Global Routing Table)
3.4.2.2. P PE
, .
,
VRF.
. 18.
()
MCE, PE-, non-MPLS-VPN MPLSVPN . MPLSVPN Extranet Multiple VPN. VPN VRF
(Out of Band)
, MPLS-VPN
,
MPLS-VPN (In-Band)
VPN
VPN
(In-Band)
, VPN
, VRF VPN
CE
VPN 1
VPN
VPN
CE
VPN 2
PE
:
MPLS
PE
(staged)
PE
CE
Netflow Collector
PE
VPN 2
MPLS-VPN
CE
MCE
LAN
,
VPN 1
VPN SC IP Manager
23
CE, VPN
Solutions Center. non-MPLS-VPN MCE Netflow
Collector PE-. CE Extranet Multiple VPN, non-MPLS-VPN link PE.
MCE MPE MPLS-VPN . ,
.
VPN Solutions Center
,
MCE, PE-
VPN
.
24
3.5.
MPLS-VPN ,
IP- , -.
.
, VPN . :
(), ;
(DNS, web, web-,
);
(, ).
3.5.1.
IP, . ,
, VRF. , . , MPLS-VPN, , -
.
, -
,
. -, ,
.
, (NAT)
.
3.5.2.
(RFC 1918), VPN
- . ,
- , .
, VPN (
).
CISCO
(Network Address Translation NAT), IOS.
, . :
(Service Access at
the CE);
(Service Access at a
Gateway) -.
3.5.2.1. CE
NAT ,
-, .
NAT CE.
20 NAT, CE
. , (), ,
. ,
- (ISP)
(ASP).
VRF C,
VRF, . VRF,
,
Intranet VPN.
VRF CT.
, P1 P3 VRF
, .
, CT VRF, , (ASP) .
, , 20. CE
C VPN , CE-
( ) IP-
PE.
C1 - P1, CE- C1 C1T, PE-, VRF, P1.
, CE .
, CE
, Hub-andSpoke. Hub-and-Spoke -, - , .
3.5.2.2.
( )
-
.
. ,
. ,
. -
25
21. ( )
26
( VRF ),
. ,
VRF,
PE- .
,
,
(service gateway router).
VRF . ,
, . ,
. .
21 ,
, Service
Gateway 1.
.
(A, B, C), , VRF (Public
Service 1 Public Service 2).
PE-. IP-.
-
. PE-, VRF ,
, .
3.5.2.3
( )
, , .
(service gateway)
VRF . VRF , . ,
. , , (service
gateway), , (
, ).
, , (routetarget),
VRF. , VRF
.
VRF , . ,
.
22 (service gateway),
,
, VRF, ,
VRF . 2
P2, P2 (route-target). 1
P1 A,
P1 A.
(service gateway),
, VRF Cxt . . Cxt VRF (P1 P2),
.
VRF PE-I
(P1 P2), . A, B C 22. ( )
MPLS-VPN.
3.6. -
3.6.1. - (
)
, .
, - . - ( ).
IP-, (NAT)
, NAT .
, .
23 . I -
27
23. - NAT
28
VRF ,
, , Internet Gateway.
VRF - PE-I.
Internet Gateway IP-,
(Cx -> Cxt),
. .
, ,
, ,
, .
, , ,
. -
, , , 23.
3.6.2. - (
)
- (..
)
, .
(double NAT). CE- , .
(
) .
24. - NAT
24.
4 , 2, (Internet
NAT Gateway) . ,
4 ,
. C2T. -.
, (NAT
Gateway), C2T
4 , .
3.6.3. -
VRF,
(Internet
Gateway).
. :
MPLS , .
BGP . , BGP . P-
BGP.
, , ,
VRF.
loopback-
Internet Gateway. , global. .
, CE.
BGP.
,
, , -.
3.7. (QoS)
QoS , -
, ,
. QoS 3 , . , QoS (,
) IP VPN , (Service Level Agreements SLA).
MPLS QoS
, , . MPLS
. , IP Precedence, Type-of-Service (ToS)
DiffServ. QoS Cisco IP+ATM
MPLS. QoS . QoS , .
QoS,
MPLS
VPN.
VPN QoS -
IP- . QoS VPN (Layer 3 CoS). , - :
premium , mission-critical , , besteffort. - , ,
. , ,
.
QoS , . QoS , Cisco LSR LSR .
, -
29
. , ,
. -, -
LSR (PE),
,
. ,
, ,
, . , . -, ,
, (CoS), . -, , , .
.
VPN.
30
(Type-of-Service), (CoS)
, 25. MPLS-VPN
.
(
).
1 IP Precedence.
. Weighted Random Early Detect (drop precedence), , , 25. IP Precedence
IPv4
TOS (1 )
IP Precedence
Committed Access Rate (CAR)
Weighted Random Early Detection (WRED)
Weighted Fair Queuing (WFQ)
Class-Based Weighted Fair Queuing (CBWFQ)
Modified Deficit Round Robin (M-DRR)
3.7.1. IP Precedence
IP Precedence
(precedence bits) IPv4.
3 IP Precedence
( ).
(IP Precedence) ,
.
3.7.2. Committed Access Rate (CAR)
Committed Access Rate
1. , IP Precedence
IP Precedence
,
, IP (VoIP),
4
5
2,3
web-/
IP-
0,1
Cisco, QoS
(edge). CAR
.
(policies) , ,
.
CAR
. ,
, , / .. CAR , . ,
(IP Precedence), IP (IP access control lists),
MAC-. CAR
,
.
, (PVC) Frame
Relay ATM, ,
(CIR, PCR .), ,
. , CAR
,
.
Ethernet ,
(policing/shaping), ,
2.
10M Ethernet, 512 /,
.
,
DSL. (CE)
DOCSIS.
:
CE ( / PE);
PE ( / ,
CE-).
CE, PE--
. CAR CE , CE ,
PE .
CAR
:
, .
( )
. , , .
(normal burst size),
, , ,
.
, .
, ,
,
,
. CAR .
.
( ) CAR . ,
2 3.
3.7.3. Weighted Random Early Detection (WRED)
WRED , . , .
WRED
.
. WRED , , , , .. .
WRED :
;
, ;
,
,
;
, -
31
.
(
).
. ,
10% , 25% 40%. , , - , .
2.
,
( 64 ). , ,
75%
. 25%
, .
,
.
32
WRED
. , .
WRED .
, .
, , -
( = 0) ( ,
).
WRED 26.
(1292 ) 10%. , 5. , ( ) , .
, ,
.
.
3.7.4. Weighted Fair Queuing (WFQ)
(WFQ) ,
,
. WFQ , : , ,
.
WFQ , -
26. WRED
Prec 5
Prec 4
Prec 3
Prec 2
Prec O
Prec 1
. , , . .
WFQ . .
WFQ ,
,
E1 (2,048 /) .
, WFQ
. WFQ
(TDM),
, - . WFQ QoS IP Precedence
(QoS).
, WFQ . WFQ ,
,
. WFQ
, TCP
(slowstart features). WFQ
.
3.7.5. Class Based Weighted Fair Queuing (CBWFQ)
(CBWFQ) . , CBWFQ
.
, ,
, .
CBWFQ
. ,
QoS ,
35% OC3. 27 , CBWFQ:
;
;
.
, -
. , , -
.
,
.
,
, ()
.
,
.
.
3.7.6. WFQ IP Precedence
WFQ IP Precedence.
,
IP- , .
,
. WFQ , .
.
-
33
. , (..,
).
3.7.7. Modified Deficit Round Robin (MDRR) GSR
GSR
, Modified Deficit Round Robin (MDRR).
,
CBWFQ.
34
MDRR CoS/
MPLS. , IP Precedence PE , , , CoS,
MPLS. CoS
Transparency ( CoS) MPLS CoS.
, IP Precedence . IP-
CoS .
Round Robin,
.
,
. GSR
MDRR ( 0 6)
. MDRR
,
(CoS). MDRR ( ) : 0-1-2-34-5-6-0-1-2-3-4-5-6 ... - -
,
, , 36 . ,
.
, . .
,
- . . , .
: ,
, .
.
, . 1 ,
MTU. OC3/STM-1 4470 .
512 . 2 , .
3.8.
MPLS. MPLS Traffic Engineering (TE) - , 2, Frame Relay ATM. 3 , IP--
2. MDRR
20,00%
4470
30,00%
6705
50,00%
14
11175
. 3 ,
.
IP , . , ,
.
MPLS:
.
MPLS 3- , IP- ,
;
;
, ..
, () . MPLS
, , ..;
, ,
.
-
28.
.
, .
MPLS
. MPLS Traffic
Engineering, . . , MPLS Traffic
Engineering ,
.
,
(Traffic Engineering Service Restoration), MPLS
(MPLS Routing for Resource Reservation
RRR) MPLS. ,
Link State Routing Protocols (IS-IS, OSPF)
Distance Vector Routing
Protocols (RIP, EIGRP).
3.8.1.
MPLS .
(Link Protection
Fast ReRoute).
35
Fast ReRoute (FRR).
FRR
. FRR ,
SONET/SDH ( 50 ).
, LSP , ,
(head-end-router). , .
FRR, . , TE .
36
28 Fast ReRoute.
R6 R5 Fast ReRoute. R6 , ,
TE
{R2,R3,R4} R5. ,
, , , .
.
, , , .
LSP.
3.8.2. MPLS Diff-Serv
(
GB TE)
Diff-Serv.
MPLS Traffic Engineering
.
. (drafts) IETF:
a) Diff-Serv-Aware Traffic
Engineering;
b) RSVP-TE CR-LDP
Diff-Serv-Aware Traffic Engineering;
c) OSPF Diff-Serv-Aware
Traffic Engineering;
d) IS-IS Diff-Serv-Aware
Traffic Engineering.
Cisco MPLS . MPLS
, .
MPLS Diff-Serv-Aware Traffic Engineering (explicit routing), IP .
.
,
. ,
,
.
MPLS Diff-Serv-Aware Traffic Engineering
: MPLS, OSPF, ISIS Resource Reservation Protocol (RSVP). RSVP
,
RSVP. RSVP (edge routers)
unicast, . RSVP
4. MPLS-VPN
Cisco VPN . , -
. PE-,
MPLS-VPN
29. MPLS-VPN
37
. , PE-CE, MPLS-VPN.
4.1. (
ISDN)
30. MPLS L2TP
POP MPLS-VPN.
PPP,
(,
ISDN).
, PPP -
38
,
PPP Ethernet PPP
ATM. Cisco
6400 PE-.
MPLS CPE. (bridged) CPE Cisco 6400
MPLS RD.
VCI/VPI.
MPLS RD.
PPP web- (dashboard). PPP,
(username). UAC ,
, MPLS-VPN,
.
Cisco 6400 UAC
VPN.
4.2. DSL
(DSL)
, .
,
DSL
VPN.
DSL ,
(CPE), , .
31. PPPoX DSL MPLS-VPN, SSG
web- ,
Cisco 6400 UAC, (web
dashboard server). URL , .
MPLS-VPN.
, , -
.
MPLS-VPN.
/ (HFC),
4.3.
32. MPLS-VPN
DOCSIS SID
Hub
MPLS
ITSP
ISP
CATV
HFC
PE
PE
VPN
Cust. HQ
MS
ISP
39
.
uBR7200 PE-.
4.4.
(BBFW)
33 BBFW MPLS-VPN.
33. DOCSIS SID => MPLS-VPN
, Cisco 7200
Cisco 7500. -
Cisco 3600.
40
4.6. CoS/QoS PE
34 CoS/QoS
- -
CoS.
CoS PE- :
PE , ;
,
, ,
;
PE
( : , ,
..);
;
WRED ;
WRED,
.
4.7.
(CE PE)
,
CE PE
. ,
, PE .
-
VPN (VPN Routing
and Forwarding table VRF), .
,
PE/CE.
MPLS :
;
RIPv2;
eBGP;
OSPF.
VRF.
, address families (
). VRF, .
, , PE CE, IGP, . , IGP ,
PE/CE VRF. EIGRP
(WAN)
RIPv2 PE/CE,
VRF.
,
(Customer Edge) - MPLS.
IOS. MPLS, . PE/CE ( ) ,
IGP .
(stub site), IP- .
, . CE-
,
MPLS. PE- VRF, .
, PE
,
,
IP-
PE LAN. , (LAN),
PE VRF.
RIPv2
RIPv2 ,
.
MPLS VRF. , RIPv2 CIDR ,
IP ( RIPv1 ).
RIPv2 - , RIPv2 , ,
(link state), OSPF.
4.8.
PE-PE P-P , .
P-P IS-IS OSPF.
PE-PE MP-BGP.
IS-IS OSPF
IS-IS/OSPF IGP, IP- LSR (P PE). LDP VPN (BGP4).
IS-IS OSPF
IGP . IS-IS OSPF
(link state)
RRR. - , EIRGP, RRR.
(global routing
table GRT) P- PE.
41
35. BGP
42
(fully meshed),
,
BGP.
PE ,
PE, BGP. BGP
PE.
, , PE , . ,
VRF,
. ,
, PE,
PE.
5.2.
5.1.
Cisco VPN Solutions Center MPLS SLA, - MPLSVPN .
,
MPLS-VPN.
QoS .
(wizards), .
(scheduler) .
VPN (hub-and-spoke
full-mesh).
IP-VPN
.
,
VPN .
(SLA)
SLA VPN.
API , ,
OSS (Operations
Support Systems).
43
, (GSR)
Cisco.
Cisco IOS
.
5.3.
VPN
VPN
(wizards).
VPN .
web- -
44
36. VPN
, .
.
, .
.
VPN .
VPN
QoS.
5.4.
(Provisioning). Cisco VPN
Solutions Center , .
37:
VPN
Solutions Center
45
, VPN . , .
Cisco IOS,
.
(Scheduling).
,
, .
(Activation). Cisco IOS.
, .
- (Post-activation
testing). ,
. ,
,
(site-to-site ping test) VPN.
,
.
(Usage). Cisco NetFlow, VPN Solutions Center VPN
. NetFlow , IP- . ,
, .
SLA
. VPN Solutions Center
SLA, (round-trip time),
Cisco.
.
QoS. VPN Solutions Center QoS -
5.5.
VPN Solutions Center API
CSM. , API
, ,
(Belle Systems IMS), (Cisco
Info Center) (Concord eHealth). ,
Info Center , , . , VPN Solutions Center
API.
5.6.
46
5.6.1. (Fault Management)
VPN Solutions Center Cisco Info Center
A. MPLS
Border Router
( )
. IBGP
PE PE EBGP
- .
CEF
CE-
. .
(PE-) .
, .
Edge LSR
, .
LSR, , MPLS, Edge LSR.
Label ()
, LSR
. MPLS
.
Label Switching
( )
(labels tags).
MPLS (incoming label) (outgoing label).
LDP
, , . LSP
.
,
.
MPLS
Label Switching).
NLRI
(Network Layer
Reachability Information).
VPN-IPv4 . : <label, length, prefix> (,
, ).
P-
, ..
MPLS-VPN. P-
P-.
, P-
PE-. P-
LSR.
(Multi-Protocol
47
PE-
.
. CE- . PE- Ipv4
12- VPN-Ipv4. PE- Edge LSR.
, VPN (64 ).
RD -
.
. .
(.. -),
.
, MPLS-VPN.
VPN-IPV4
, . VRF
IP-, , , , , , . () VRF.
VRF ForwardingTable
( VRF)
,
. CEF. VPN
CEF.
48
-,
P-.
:
CCIE,
-
Cisco Systems
113054 ,
., 52
. 1, 4-
.: +7 (095) 961 14 10
: +7 (095) 961 14 69
World Wide Web: www.cisco.com
World Wide Web: www.cisco.ru
Cisco Systems has more than 200 offices in the following countries. Addresses, phone numbers, and fax numbers are listed on the
Cisco Connection Online Web site at http://www.cisco.com.
//www.cisco.ru.
Argentina Australia Austria Belgium Brazil Canada Chile China Colombia Costa Rica Croatia Czech Republic Denmark
Dubai, UAE Finland France Germany Greece Hong Kong Hungary India Indonesia Ireland Israel Italy Japan Korea Luxemburg
Malaysia Mexico The Netherlands New Zealand Norway Peru Philippines Poland Portugal Puerto Rico Romania Russia Saudi Arabia
Singapore Slovakia Slovenia South Africa Spain Sweden Switzerland Taiwan Thailand Turkey United Kingdom United States Venezuela
Copyright 2001 Cisco Systems Inc. All rights reserved. Printed in Russia. Cisco Systems logos are registered trademarks of Cisco Systems, Inc. in the U.S. and certain other countries. All other trademarks mentioned in this document are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any of its resellers.