Multi-Protocol Label Switching (MPLS)

Benny Sumitro PT Datacomm Diangraha

MPLS
MPLS =Multi-Protocol and Label Switching Multi-Protocol = transport any payloads Label Switching = switches packets instead of routes packets Referred as Layer 2.5 Original purpose is to provide faster protocols to forward packets but now is for trafficengineering

MPLS Terminology
iLER: Ingress Label Edge Router eLER: Egress Label Edge Router LSR: Label Switch Router PE: Provider Edge Router P: Provide (Core) Router CE: Customer Edge Router

MPLS Label Operation

Label Switched Path (LSP)

A sequence of label operation LSP is unidirectional and end-to-end (from iLER to eLER) Can be referred as transport tunnel

MPLS Header Format

Size of 4 bytes

MPLS Label
20 bits in value Possible range from 0 1,048,575 Used for switching and routing packets

EXP bit
Length = 3 bits Use for Class of Service (CoS) Referred as Traffic Class (TC) Field

S bit
Indicate the bottom of stack label Value = 1 if the label is at the bottom Value = 0 if else

TTL bit
Consist of 8 bits value up to 255 Act as Time To Live similar with IP TTL Value = 0, discard packet

MPLS Label Type

MPLS Transport Label
MPLS label which defines the end or the destination of packets (eLER)

MPLS Service Label

MPLS label which defines service association on packets or data

MPLS Transport Label Signaling Protocol

MPLS Service Label Signaling Protocol

MPLS Special Label

MPLS Label 0
IPv4 Explicit Null: advertise to Penultimate Hop router to send MPLS label so Egress can extract information from the label (i.e. QoS EXP bit)

MPLS Label 1
Router Alert: use for OAM purpose, identify that underlying data must be sent to control plane for processing

MPLS Label 2
IPv6 Explicit Null

MPLS Label 3
Implicit Null: advertise to Penultimate Hop router to strip the MPLS label before sending to Egress

LABEL DISTRIBUTION PROTOCOL (LDP)

Label Distribution Protocol (LDP)

Functions:
Distributing Transport Tunnel Label via Link LDP Distributing Service Tunnel Label via Targeted LDP

Link LDP

Create between all adjacent LDP routers Form and distribute transport label Create full mesh transport tunnel Relies on IGP for operation and convergence

LDP Basic Configuration

Activate interface in LDP configuration System IP Address is needed for LDP operation
config>router>ldp# interface-parameters interface torouter config>router# interface system address 10.10.10.10/32 config>router>mpls# interface system config>router>mpls# interface torouter

LDP Overview
Hello message to 224.0.0.2 and UDP port 646 Hello timer is negotiated when establishing the peer 3x Hello timer = dead neighbor After adjacency established, TCP connection 646 is used for establishing LDP session with the transport address

LDP Session

Frame mode = 1 LDP session per router Cell mode = 1 LDP session per interface Since only 1 LDP session per router, System IP address is used for transport address* (troubleshooting for LDP adjacency establishment)

ALU Default Label Advertisement

LDP verification
show router ldp binding show router ldp binding active show router fib show router tunnel-table oam lsp-ping prefix x.x.x.x oam lsp-trace prefix x.x.x.x

Various Knobs on LDP

ECMP Export Import Policy Aggregate Prefix Match

Targeted LDP
Link LDP is for transport tunnel to reach eLER Targeted LDP is for service tunnel used by eLER for de-multiplexing service

Targeted LDP Overview

Targeted LDP Operation

Configuring Targeted LDP

Automatic by SDP config Manual

Verifying Targeted LDP Sessions

LDP Authentication
To avoid TCP spoofing (since targeted LDP use TCP connection to establish session), authentication between peer must be enabled

RESOURCE RESERVATION PROTOCOL (RSVP)

RSVP-TE Characteristic
Downstream On Demand mode of distribution
LSP are only signaled when explicitly requested

Ordered Control
Label distribution process follows a hierarchical order

Conservative Label Retention

Labels are cleared if not needed

Path and Reservation messages used to signal LSP Session states maintained on all routers along the path of an LSP

RSVP Messages
PATH Message RESV Message PATH TEAR Message RESV TEAR Message PATH ERROR Message RESV ERROR Message

LSP Path
RSVP-TE LSP path can be more than 1 (primary and secondary) but only 1 can carry the data Each LSP need to be defined the LSP Path (either loosely or strict hop) If no hop is defined, RSVP will consult to IGP to determine the best path toward eLER

Verifying LSP
show mpls lsp (originating) show rsvp session originate show rsvp session transit show rsvp session terminate oam lsp-ping lsp-name oam lsp-trace lsp-name

TRAFFIC ENGINEERING

Need for TE
Optimize resource usage for redundant links Administratively define paths based on various constraint (bandwidth, link, etc) Avoid potential congestion points and packet drops in the network Solution: RSVP-TE

RSVP-TE constraints
Bandwidth Reservation Information Administrative Groups (link colors) Hop Limit TE Metric Explicit Route (strict and loose hops) Shared Risk Link Group (SRLG)

Bandwidth Reservation
Feature in MPLS TE to add bandwidth constraint in the signaled LSP Bandwidth reservations are done in control plane only Actual traffic that pass the LSP is not controlled and need QoS enforcement to guarantee the traffic

Dynamic Path Calculation with Bandwidth Constraints

Administrative Groups (Link Color)

Hop Limit

TE Metric

Shared Risk Link Group (SRLG)

IGP TE Extensions
To able distribute information regarding the link color or TE metric or SRLG, IGP-TE extensions are needed IGP-TE extension use either OSPF-TE or ISIS-TE On ALU, TE Extensions must be explicitly configured by: configure router ospf traffic-engineering or configure router isis traffic-engineering

OSPF-TE Extensions Opaque LSA Support

Enhancements defined in RFC 2370: The OSPF Opaque LSA Option 3 Opaque LSA Types were defined: Type 9, 10 and 11 The difference is in their flooding scope Opaque LSAs provide a generalized mechanism to allow for the future extensibility of OSPF The exact use of the Opaque LSAs is not defined in the RFC

Type 10 Opaque LSA Area Local LSA

Traffic Engineering Database

Contents of IGP LSDB vs Contents of TED

ISIS-TE Extensions
Defined in RFC 3784 Enabled by configuration configure router isis traffic-engineering TE extended TLV is carried within the same link state PDU along with standard IGP TLV Command: show router isis database [level 1/2] detail for showing TE information

Constrained-Based Shortest Path First (CSPF)

Used to make path calculations with additional administrative constraints Enabled on a per LSP basis (disabled by default) How the algorithm basically works:
Prune the links that do not meet the specified constraints Use the standard SPF algorithm to calculate the LSP path

RSVP is responsible for signaling after path calculation

Explicit Route Object (ERO)

ERO Example

Admin Groups Configuration

TE Metric Configuration

RSVP-TE Path Definition

Path definition contains list of nodes that LSP must traverse Path can be:
Loose: hops that are downstream node but does not need to be immediate next-hop Strict: hops that must be immediate next-hop

If CSPF enabled:
Calculates the intermediate hops to reach loose hop Checks if strict hop is valid

Fully Loose Hop Configuration

Fully Loose Hop LSP Example

Verification

Fully Strict Path Configuration

Fully Strict Path Example

Verification

Mix of Loose and Strict Hops Config

Mix of Loose and Strict Example

TE Metric Config

TE Metric Example

LSP Path Failures Scenario

Failure Case 1 Invalid Strict First Hop

Failure Case 2A Incorrect Hop (CSPF NOT Enabled)

Failure Case 2A CLI Display

Failure Case 2B Incorrect Hop (CSPF Enabled)

Failure Case 2B CLI Display

Failure Case 3A Strict Hop Link Failure (CSPF NOT Enabled)

Failure Case 3B Strict Hop Link Failure (CSPF Enabled)

Failure Case 4A Admin Group Include Statement

Failure Case 4A CSPF View

Failure Case 4B Admin Group Exclude Statement

Failure Case 4B CSPF View

Using CSPF to Check TE Availability

tools perform router mpls cspf to destination [constraints]

Example:

Bandwidth Reservations Recap

An LSP can be configured with a bandwidth constraint at the Head-End router If enabled, CSPF checks the TED at the Head-End to find an available path with sufficient unreserved bandwidth Bandwidth request is signaled in the RSVP PATH message Each router along the path also checks if the requested bandwidth is available on the egress interface The bandwidth-check operation is called CAC (Connection Admission Control)

The Need for CAC

Even though with CSPF, sometimes signaling and LSP establishment can be conflicted and LSP cannot be established due to insufficient bandwidth CAC address this issue by calculating necessary bandwidth and will send CAC failure error if no bandwidth is available

Connection Admission Control During PATH Message Flow

Bandwidth Reservation During RESV Message Flow

Example LSP Setup Failure due to CAC Error

CAC Error CLI Display

Example Successful LSP Setup with CSPF

RSVP-TE Bandwidth Reservation Styles

Shared Explicit (SE): Bandwidth can be shared on the common link. The total reservation is the maximum reservation made by either LSP path. This is the default ALU Fixed Filter (FF): The total reservation is the sum of all individual LSP path bandwidth reservations

Example Shared Explicit (SE) Style Bandwidth Reservation

Example Fixed Filter (FF) Style Bandwidth Reservation

LDP over RSVP

Scalability issue in Flat IGP network IGP is split into areas to introduce hierarchy and increase scalability with the cost of TE boundary in one area (no TE across the network) LDP over RSVP is the solution for this problem

TE based LSP in each area

T-LDP Stitching Solution

LDP over RSVP Stack

Configuring T-LDP with Tunneling Option

Example of T-LDP

Enabling LDP-over-RSVP in IGP

Verifying LDP over RSVP

LDP-over-RSVP Resiliency

MPLS RSVP Resiliency

Secondary LSP Path Fast Reroute

Secondary LSP Path

Secondary LSP Path could be up to 7 paths but only 1 primary will be available and used Primary LSP is always preferred and signaled first Secondary LSP Path
Standby LSP path Non-Standby LSP path

Fast Reroute
A sub 50ms failover after link failure detected Automatic lsp protection establishment FRR can be 2 methods:
One-to-One backup Facility backup

FRR can only protect primary LSP

Fast Reroute One-to-One Protection Model

Fast Reroute Facility Protection Model

FRR Protection Types

Fast Reroute Node Protection Model

Fast Reroute Link Protection Model

Fast Reroute Router Roles

PLR and MP

Fast Reroute and CSPF Requirement

Fast Reroute Configuration

Fast Reroute Configuration

Assignment
Refresh LSP Reduction capability (function and config) - LDP Type of TLV defined in OSPF LSA RSVP Type of TLV defined in ISIS TLV RSVP IGP TE Update Trigger RSVP Make-Before-Break LSP RSVP Least Fill Bandwidth Reservation RSVP LSP Soft Preemption (Setup and Hold Priorities) RSVP

Assignment
Diffserv-TE Reservation RSVP IGP Shortcuts MPLS