Tim Hieu Ve MPLS VPN Va Cai Dat Thuc Nghiem

B GIO DC V O TO
TRNG I HC S PHM K THUT TP. H CH MINH

KHOA CNG NGH THNG TIN
KHA LUN TT NGHIP

TM HIU V MPLS VPN V CI T
THC NGHIM
SINH VIN THC HIN
MSSV
: NG NH THNG
: 05110139
SINH VIN THC HIN : L DIN TM

MSSV
: 05110119
GIO VIN HNG DN : KS. HUNH NGUYN CHNH
TP. H CH MINH 2010
I HC S PHM K THUT TP.H CH MINH CNG HA X HI CH NGHA VIT NAM

KHOA CNG NGH THNG TIN
c lp T do Hnh phc
NHIM V THC HIN KHA LUN TT NGHIP

H tn SV: Ng nh Thng
MSSV:05110139
H tn SV: L Din Tm
MSSV:05110119
Chuyn ngnh: Mng my tnh v vin thng.

Tn ti: Tm hiu v MPLS VPN v ci t thc nghim.
Ni dung thc hin:

L thuyt:
Gii thiu v cng ngh VPN.
Tm hiu v cng ngh chuyn mch nhn a giao thc - MPLS: khi nim, li ch,
v cch hot ng ca MPLS.
Tm hiu v MPLS VPN: cc thnh phn, cch hot ng.
Thc hnh:
Cu hnh MPLS VPN trn sn phm ca cisco
Thi gian thc hin: 10/09/09 31/12/09
Ch k ca SV: .............................................................................................................
Ch k ca SV: .............................................................................................................
TP.HCM, Ngy. thng. Nm 2010
TRNG KHOA CNTT
GING VIN HNG DN
(K v ghi r h tn)
(K v ghi r h tn)
NHN XT CA GIO VIN HNG DN

.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
Tp. H Ch Minh, ngy thng nm 2010
Gio vin hng dn
KS. Hunh Nguyn Chnh
ii
NHN XT CA GIO VIN PHN BIN

.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
Gio vin phn bin
ThS. inh Cng oan
iii
NHN XT CA HI NG PHN BIN

.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
.......................................................................................................................................
Hi ng phn bin
LI CM N
iv
LI CM N
Nhm em xin chn thnh cm n thy Hunh Nguyn Chnh hng dn

nhm thc hin ti. Thy nhc nh v theo st hng dn trong qu trnh thc
hin ti. Thy cung cp cc ti liu v gii p cc thc mc, cc sai st ca
nhm. Xin cm n thy nhit tnh gip trong qu trnh nhm thc hnh. Xin
chn thnh cm n thy.
Xin cm n cc nhm khc gip nhm trong qu trnh thc hin ti,
cc bn nhn xt, nh gi gp rt nhiu, bn cnh cc bn cn gip ti
liu tham kho v ng vin nhm trong qu trnh thc hin.
Chng em cng xin chn thnh gi li cm n n tt c nhng thy c trong
Khoa Cng Ngh Thng Tin gip v ng gp kin cho chng em trong
sut qu trnh thc hin ti.
Xin chn thnh cm n!
Nhm thc hin
MC LC
MC LC
NHN XT CA GIO VIN HNG DN ........................................................ I
NHN XT CA GIO VIN PHN BIN .......................................................... II
NHN XT CA HI NG PHN BIN ..........................................................III
LI CM N .......................................................................................................... IV
DANH MC HNH MINH HA .......................................................................... VIII
DANH SCH T VIT TT ................................................................................. XI
PHN M U .................................................................................................... - 1 1. Tnh cp thit ca ti .................................................................................. - 2 2. Mc tiu ca ti .......................................................................................... - 3 3. i tng nghin cu ..................................................................................... - 3 4. Phng php nghin cu ................................................................................ - 3 5. Phm vi nghin cu ........................................................................................ - 3 6. ngha thc tin ca ti ............................................................................ - 3 PHN NI DUNG ................................................................................................ - 4 CHNG 1. GII THIU V CNG NGH VPN ............................................ - 5 1.1 VPN l g? ..................................................................................................... - 5 1.2 Phn loi VPN .............................................................................................. - 6 1.2.1 VPN cho cc nh doanh nghip ............................................................. - 6 1.2.1.1 Remote access VPN ......................................................................... - 6 1.2.1.2 Sitetosite VPN .............................................................................. - 7 1.2.2 VPN i vi cc nh cung cp dch v .................................................. - 8 1.2.2.1 M hnh overlay VPN ...................................................................... - 8 1.2.2.2 M hnh Peer-to-peer VPN .............................................................. - 9 1.3 Tng kt chng ......................................................................................... - 11 CHNG 2. CHUYN MCH NHN A GIAO THC MPLS ................. - 12 2.1 S lc v cng ngh IP v cng ngh ATM............................................. - 12 -
MC LC
vi
2.1.1 Cng ngh IP ........................................................................................ - 12 2.1.2 Cng ngh ATM ................................................................................... - 12 2.2 Khi nim c bn v MPLS ........................................................................ - 14 2.2.1 Li ch ca MPLS ................................................................................ - 14 2.2.2 Mt s ng dng ca MPLS................................................................. - 15 2.3 Cc thnh phn trong MPLS....................................................................... - 16 2.3.1 Nhn ..................................................................................................... - 16 2.3.2 Ngn xp nhn ...................................................................................... - 17 2.3.3 Lp chuyn tip tng ng FEC ...................................................... - 18 2.3.4 ng chuyn mch nhn LSP ............................................................ - 18 2.3.5 C s d liu nhn LIB ........................................................................ - 19 2.3.6 Topo mng MPLS ................................................................................ - 19 2.3.7 Thnh phn c bn ca MPLS ............................................................. - 20 2.3.7.1 Thit b LSR ................................................................................... - 20 2.3.7.2 Thit b LER .................................................................................. - 20 2.4 Giao thc phn phi nhn LDP .................................................................. - 20 2.4.1 Qu trnh khm ph lng ging LSR .................................................... - 21 2.4.2 Cc kiu phn phi nhn ...................................................................... - 22 2.5 Cu trc MPLS ........................................................................................... - 23 2.5.1 Mt phng iu khin ........................................................................... - 25 2.5.2 Mt phng d liu................................................................................. - 26 2.5.3 Cc thnh phn bn trong mt phng iu khin v mt phng d liu- 26
2.6 Cc giao thc nh tuyn ............................................................................ - 28 2.6.1 Giao thc nh tuyn OSPF.................................................................. - 28 2.6.2 Giao thc nh tuyn EIGRP................................................................ - 29 2.6.3 Giao thc nh tuyn BGP ................................................................... - 29 2.7 Phng thc hot ng ca MPLS ............................................................. - 30 2.8 Tng kt chng ......................................................................................... - 37 -
MC LC
vii
CHNG 3. MPLS VPN .................................................................................... - 38 3.1 MPLS VPN l g? ....................................................................................... - 38 3.2 Li ch ca MPLS VPN .............................................................................. - 39 3.3 Cc thnh phn trong MPLS VPN.............................................................. - 40 3.3.1 Virtual Routing and Forwarding Table (VRF) ..................................... - 40 3.3.2 Multiprotocol BGP (MP-BGP) ............................................................ - 41 3.3.3 Route Distinguisher (RD) ..................................................................... - 41 3.3.4 Route Targets (RT) ............................................................................... - 43 3.4 Cch hot ng MPLS VPN ....................................................................... - 44 3.5 Hot ng ca mt phng iu khin MPLS VPN ..................................... - 45 3.6 Hot ng ca mt phng d liu MPLS VPN........................................... - 47 3.7 So snh VPN truyn thng v MPLS VPN ................................................ - 48 3.7.1 VPN truyn thng ................................................................................. - 48 3.7.2 MPLS VPN........................................................................................... - 50 3.8 Tng kt chng ......................................................................................... - 51 CHNG 4. THC NGHIM ........................................................................... - 52 4.1 Cu hnh ...................................................................................................... - 53 4.2 Thng tin nh tuyn ................................................................................... - 63 4.3 Kim tra ...................................................................................................... - 66 PHN KT LUN .............................................................................................. - 71 TI LIU THAM KHO .................................................................................... - 74 -
DANH MC HNH MINH HA
viii
DANH MC HNH MINH HA
Hnh 1.1 M hnh remote access VPN ................................................................... - 6 Hnh 1.2 M hnh Site-to-site VPN ....................................................................... - 7 Hnh 1.3 M hnh overlay VPN ............................................................................. - 8 Hnh 1.4 M hnh peer-to-peer VPN ..................................................................... - 9 Hnh 1.5 M hnh shared-router v dedicated-router ........................................... - 11 Hnh 2.1 M hnh chuyn tip gi tin trong IP .................................................... - 12 Hnh 2.2 M hnh ATM ....................................................................................... - 13 Hnh 2.3 Khi nim v MPLS .............................................................................. - 14 Hnh 2.4 Cu trc mo u MPLS ....................................................................... - 16 Hnh 2.5 Nhn MPLS ........................................................................................... - 16 Hnh 2.6 Nhn ca stack ...................................................................................... - 18 Hnh 2.7 Topo mng MPLS ................................................................................. - 19 Hnh 2.8 Qu trnh khm ph lng ging bng LDP ............................................ - 22 Hnh 2.9 Qu trnh trao i thng tin nhn trong LDP ........................................ - 22 Hnh 2.10 Mt phng iu khin v mt phng d liu ....................................... - 24 Hnh 2.11 Cc modul iu khin MPLS .............................................................. - 25 Hnh 2.12 Cc thnh phn MPLS trong mt phng iu khin v mt phng d liu.
.............................................................................................................................. - 28 Hnh 2.13 nh tuyn, chuyn mch, chuyn tip ............................................... - 31 Hnh 2.14 Mng MPLS ........................................................................................ - 32 Hnh 2.15 Qu trnh xy dng bng routing table ............................................... - 33 Hnh 2.16 Qu trnh gn nhn ca router B ......................................................... - 33 Hnh 2.17 Qu trnh phn phi nhn ca router B ............................................... - 34 Hnh 2.18 Qu trnh to bng LIB ....................................................................... - 34 Hnh 2.19 Qu trnh phn phi nhn ca router C ............................................... - 35 Hnh 2.20 Qu trnh to bng LFIB ..................................................................... - 35 -
DANH MC HNH MINH HA
ix
Hnh 2.21 Qu trnh kim gn nhn ti ingress LSR ........................................... - 36 Hnh 2.22 Qu trnh hon i nhn ...................................................................... - 36 Hnh 2.23 Qu trnh tho nhn ti egress LSR .................................................... - 37 Hnh 3.1 M hnh MPLS VPN ............................................................................. - 38 Hnh 3.2 Bng VRF.............................................................................................. - 40 Hnh 3.3 Gi tr RD .............................................................................................. - 41 Hnh 3.4 Qu trnh gn RD .................................................................................. - 42 Hnh 3.5 Qu trnh tho RD ................................................................................. - 42 Hnh 3.6 Hot ng ca MPLS lp 3 ................................................................... - 44 Hnh 3.7 Hot ng ca MPLS lp 2 ................................................................... - 45 Hnh 3.8 Mt phng iu khin MPLS VPN ....................................................... - 45 Hnh 3.9 Mt phng d liu MPLS VPN ............................................................. - 47 Hnh 3.10 M hnh VPN truyn thng ................................................................. - 48 Hnh 3.11 MPLS VPN ......................................................................................... - 50 Hnh 4.1 M hnh thc nghim MPLS VPN ....................................................... - 52 Hnh 4.2 Thng tin nh tuyn ca A1 ................................................................. - 63 Hnh 4.3 Thng tin nh tuyn ca A2 ................................................................. - 63 Hnh 4.4 Thng tin nh tuyn ca B1 ................................................................. - 64 Hnh 4.5 Thng tin nh tuyn ca B2 ................................................................. - 64 Hnh 4.6 Thng tin nh tuyn ca PE01 ............................................................. - 65 Hnh 4.7 Thng tin nh tuyn ca PE02 ............................................................. - 65 Hnh 4.8 Thng tin nh tuyn ca P ................................................................... - 66 Hnh 4.9 show mpls ldp bindings PE01 ............................................................... - 66 Hnh 4.10 show mpls ldp bindings P ................................................................... - 67 Hnh 4.11 show mpls ldp bindings PE02 ............................................................. - 67 Hnh 4.12 bng LFIB trn PE01 .......................................................................... - 67 Hnh 4.13 bng LFIB trn P ................................................................................. - 68 Hnh 4.14 bng LFIB trn PE02 .......................................................................... - 68 Hnh 4.15 bng nh tuyn vrf A1 trn PE01 ...................................................... - 68 -
DANH MC HNH MINH HA
Hnh 4.16 bng nh tuyn vrf A2 trn PE02 ..................................................... - 69 Hnh 4.17 bng nh tuyn vrf B1 trn PE01 ...................................................... - 69 Hnh 4.18 bng nh tuyn vrf B2 trn PE02 ...................................................... - 70 Hnh 4.19 A1 ping A2 .......................................................................................... - 70 Hnh 4.20 B1 ping B2 .......................................................................................... - 70 Hnh 4.21 A1 ping B2 .......................................................................................... - 70 -
DANH SCH T VIT TT
DANH SCH T VIT TT

T vit tt
T ting Anh
AS
Autonomous system
ATM
Asynchronous Transfer Mode
BGP
Border Gateway Protocol
B-ISDN
Broadband Integrated Services Digital Network
CE
customer edge
CEF
Cisco Express Forwarding
CIDR
Classless Interdomain Routing
CLP
Cell Loss Priority
CPE
Customer Premise Equipment
CSR
Cell switch router
DLCI
data link connection identifier
DoS
Denial of Service
eBGP
External Border Gateway Protocol
EGP
Exterior Gateway Protocol
EIGRP
Enhanced Interior Gateway Routing Protocol
FEC
Fowarding Equivalent Class
FIB
Forwarding Information Base
xi
DANH SCH T VIT TT
FR
Frame Relay
GFC
Generic Flow Control
HDLC
High Level Data Link Control
HEC
Header error check
iBGP
Internal Border Gateway Protocol
ICMP
Internet Control Message Protocol
IGP
Interior Gateway Protocol
IP
Internet Protocol
IPSec
Internet protocol security
IPv4
Internet protocol v4
ISDN
Integrated Services Digital Network
ISP
Internet Service Providers
LDP
Label Distribute Protocol
LERs
Label Edge Router
LFIB
Label Forwarding Information Base
LIB
Label Information Base
LSP
Label Switched Path
LSRs
Label Switch Router
MED
Media Endpoint Discovery
xii
DANH SCH T VIT TT
MP-BGP
Multiprotocol BGP
MPLS
Multiprotocol Label Switching
MTU
Maximum Transmission Unit
NBMA
Non-Broadcast Multiple Access
NGN
Next Generation Network
OSI
Open Systems Interconnection
OSPF
Open Shortest Path First
PE
provider edge
PPP
Point to Point Protocol
PT
Payload Type
PVC
permanent virtual circuit
QoS
Quality of service
RD
Route Distinguisher
RIB
Routing Information Base
RT
Route Targets
SP
Service Provider
SDN
Software Defined Networks
SVC
Switch virtual circuit
TCP
Transport Control Protocol
xiii
DANH SCH T VIT TT
TTL
Time To Live
UDP
User Datagrame Protocol
VC
Virtual channel
VCI
Virtual Channel Identifier
VLSM
Variable Length Subnet Mask
VPI
Virtual Path Identifier
VPDN
Virtual private dial-up network
VPN
Virtual Private Network
VRF
Virtual Routing and Forwarding Table
WAN
Wide Area Network
xiv
-1-
A
PHN M U
Phn m u
-2-
1. Tnh cp thit ca ti
Hin nay vi tc pht trin chng mt ca Internet v li ch to ln do vic
p dng cng ngh thng tin vo mi lnh vc, c bit l trong lnh vc vn phng,
qun l th mng ring o dng nh l th khng th thiu i vi cc cng ty.
T nhu cu truy cp d liu ca cng ty t xa, n vic to mi quan h vi khch
hng, gip h c th khai thc mt phn ngun ti nguyn ca mnh m vn m
bo tnh bo mt cn thit cho thng tin.
VPN truyn thng da trn cng ngh ATM, Frame Relay v IP gp khng it
nh c i m nh kh nng qun l, tnh bo mt, cht lng dch v. H u qua la co
th m t lu l ng, m t k t n i , th m chi giam c tinh cua ma ng . Ngoi ra cn phi
k n cac chi ph khng nho dnh cho vic thu dch v vin thng kt ni
mng.
Gn y, Cng ngh chuyn mch nhn a giao thc - MPLS c cc hng
cung cp dch v quan tm c bit bi kh nng vt tri trong vic cung cp dch
v cht lng cao qua mng IP, bi tnh n gin, hiu qu v quan trng nht l
kh nng trin khai VPN.
Vi u im chuy n ti p lu l ng nhanh , kh nng linh hot , n gian , i u
khi n phn lu ng v phu c vu linh hoa t cac dich
vu inh
tuy n , t n du ng c ng
truy n giup giam chi phi . Cng ngh MPLS ang dn thay th cc cng ngh truyn
thng khc nh IP v ATM.
MPLS VPN gii quyt c nhng hn ch ca cc mng VPN truyn thng
da trn cng ngh ATM, Frame Relay v IP nh tit kim thi gian, gim chi ph
lp t v c bo mt cao cho doanh nghip. Do vy vic tm hiu v ng dng
VPN trn nn MPLS c xem la v n cp thit gip doanh nghip c th d
dng tip cn vi cng ngh mi ny v t c th ng dng vo vic pht trin
ca doanh nghip mnh cng vi s i ln ca ngnh mng vin thng quc t.
Phn m u
-3-
2. Mc tiu ca ti
Mc tiu ca ti l:
Tm hiu v MPLS VPN v p dng MPLS VPN ci t thc nghim.
Gip cho ngi c c nhng khi nim c bn v MPLS v t c th
xy dng mt mng MPLS VPN n gin.
3. i tng nghin cu
Tm hiu v trin khai MPLS VPN.
4. Phng php nghin cu
Khi thc hin ti ny, nhm nghin cu dng cc phng php sau:
Phng php phn tch ti liu: dng tm hiu thng tin v ngha ca
cc khi nim lin quan n MPLS v VPN. Thng qua phng tin l
Internet tm ti liu phc v cho ti.
Phng php thc nghim: da trn m hnh trin khai thc nghim,
nhm thc hnh cu hnh MPLS VPN. Qua b sung kin thc l
thuyt cho tng phn.
5. Phm vi nghin cu
Do tnh cht ca ti v iu kin thc t nn nhm nghin cu ch tin
hnh nghin cu cc vn lin quan n VPN trong MPLS v trin khai trn
m hnh thc nghim.
6. ngha thc tin ca ti
Vic tm hiu v MPLS VPN gip cho cc nh cung cp dch v c th
trin khai v ng dng trong thc t ng thi khc phc c nhng nhc
im ca cc mng VPN truyn thng.
-4-
B
PHN NI DUNG
Chng 1. Gii thiu v cng ngh VPN
-5-
CHNG 1. GII THIU V CNG NGH VPN
1.1 VPN l g?
VPN l cng ngh cho php kt ni cc thnh phn ca mt mng ring
(private network) thng qua h tng mng cng cng (Internet). VPN hot ng
da trn k thut tunneling: gi tin trc khi c chuyn i trn VPN s c
m ha v c t bn trong mt gi tin c th chuyn i c trn mng cng
cng. Gi tin c truyn i n u bn kia ca kt ni VPN. Ti im n
bn kia ca kt ni VPN, gi tin b m ha s c ly ra t trong gi tin
ca mng cng cng v c gii m.
Cc giai on pht trin ca VPN:
Th h VPN th nht do AT&T pht trin c tn l SDN.
Th h th 2 l ISND v X25.
Th h th 3 l Frame relay v ATM.
V th h hin nay, th h th 4 l VPN trn nn mng IP.
Th h tip theo s l VPN trn nn mng MPLS.
VPN gm cc vng sau:
Mng khch hng (Customer network): gm cc router ti cc site khch
hng khc nhau. Cc router kt ni cc site c nhn vi mng ca nh
cung cp c gi l cc router bin pha khch hng CE.
Mng nh cung cp (Provider network): c dng cung cp cc kt
ni point-to-point qua h tng mng ca nh cung cp dch v. Cc thit
b ca nh cung cp dch v m ni trc tip vi CE router c gi l
router bin pha nh cung cp PE. Mng ca nh cung cp cn c cc
thit b dng chuyn tip d liu trong mng trc (SP backbone) c
gi l cc router nh cung cp (P- provider).
-6-
1.2 Phn loi VPN

Phn loi VPN bao gm:
VPN cho cc nh doanh nghip
VPN i vi cc nh cung cp dch v
1.2.1 VPN cho cc nh doanh nghip
1.2.1.1 Remote access VPN
VPN truy cp t xa hay mng ring o quay s - VPDN uc trin
khai, thit k cho nhng khch hng ring l xa nh nhng khch
hng i ng hay nhng khch hng truy cp v tuyn. Trc y, cc
t chc, tp on h tr cho nhng khch hng t xa theo nhng h
thng quay s. y khng phi l mt gii php kinh t, c bit khi
mt ngi gi li theo ng truyn quc t. Vi s ra i ca VPN
truy cp t xa, mt khch hng di ng gi in ni ht cho nh cung
cp dch v Internet (ISP) truy cp vo mng tp on ca h ch vi
mt my tnh c nhn c kt ni Internet cho d h ang bt k
u. VPN truy cp t xa l s m rng nhng mng quay s truyn
thng. Trong h thng ny, phn mm PC cung cp mt kt ni an ton,
nh mt ng hm cho t chc. Bi v nhng ngi s dng ch thc
hin cc cuc gi ni ht nn chi ph gim.
Hnh 1.1 M hnh remote access VPN
-7-
1.2.1.2 Sitetosite VPN

VPN site-to-site c trin khai cho cc kt ni gia cc vng khc
nhau ca mt tp on hay t chc. Ni cch khc mng mt a
im, v tr c ni kt vi mng mt v tr khc s dng mt VPN.
Truc y, mt kt ni gia cc v tr ny l knh thu ring hay Frame
relay. Tuy nhin, ngy nay hu ht cc t chc, on th, tp on u
s dng Internet, vi vic s dng truy cp Internet, VPN site-to-site c
th thay th knh thu ring truyn thng v Frame relay. VPN site-tosite l s m rng v k tha c chn lc mng WAN. Hai v d s
dng VPN site-to-site l VPN Intranet v VPN Extranet. VPN Intranet
c th xem l nhng kt ni gia cc v tr trong cng mt t chc,
ngi dng truy cp cc v tr ny t b hn ch hn so vi VPN
Extranet. VPN Extranet c th xem nh nhng kt ni gia mt t chc
v i tc kinh doanh ca n, ngi dng truy cp gia cc v tr ny
c cc bn qun l cht ch ti cc v tr ca mnh.
Hnh 1.2 M hnh Site-to-site VPN
-8-
1.2.2 VPN i vi cc nh cung cp dch v

Da trn s tham gia ca nh cung cp dch v trong vic nh tuyn
cho khch hng, VPN c th chia thnh hai loi m hnh:
M hnh overlay VPN
M hnh Peer-to-peer VPN
1.2.2.1 M hnh overlay VPN
Hnh 1.3 M hnh overlay VPN
Khi Frame relay v ATM cung cp cho khch hng cc mng ring,
nh cung cp khng th tham gia vo vic nh tuyn khch hng. Cc
nh cung cp dch v ch vn chuyn d liu qua cc kt ni o. Nh
vy, nh cung cp ch cung cp cho khch hng kt ni o ti lp 2.
l m hnh Overlay.
Nu mch o l c nh, sn sng cho khch hng s dng mi lc
th c gi l mch o c nh PVC. Nu mch o c thit lp theo
yu cu (on-demand) th c gi l mch o chuyn i SVC.
Hn ch chnh ca m hnh Overlay l cc mch o ca cc site
khch hng kt ni dng full mesh. Nu c N site khch hng th tng
s lng mch o cn thit N(N-1)/2.
-9-
Overlay VPN c thc thi bi SP cung cp cc kt ni layer 1

(physical) hay mch chuyn vn lp 2 (Data link dng d liu frame
hoc cell) gia cc site khch hng bng cch s dng cc thit b
Frame relay hay ATM Switch. Do , SP khng th nhn bit c vic
nh tuyn khch hng.
Overlay VPN cn thc thi cc dch v qua layer 3 vi cc giao thc
to ng hm nh GRE, IPSec Tuy nhin, d trong trng hp no
th mng ca nh cung cp vn trong sut vi khch hng, v cc giao
thc nh tuyn chy trc tip gia cc router ca khch hng.
1.2.2.2 M hnh Peer-to-peer VPN
Hnh 1.4 M hnh peer-to-peer VPN
M hnh peer-to-peer khc phc nhng nhc im ca m hnh

Overlay v cung cp cho khch hng c ch vn chuyn ti u qua SP
backbone, v nh cung cp dch v bit m hnh mng khch hng v do
c th thit lp nh tuyn ti u cho cc nh tuyn ca h.
Nh cung cp dch v tham gia vo vic nh tuyn ca khch hng.
Thng tin nh tuyn ca khch hng c qung b qua mng ca nh
cung cp dch v. Mng ca nh cung cp dch v xc nh ng i ti
u t mt site khch hng n mt site khc.
- 10 -
Vic pht hin cc thng tin nh tuyn ring ca khch hng bng
cch thc hin lc gi (packet) ti cc router kt ni vi mng khch
hng.
Peer-to-peer VPN chia lm 2 loi:
Shared-router
Router dng chung, tc l khch hng VPN chia s cng router bin
mng nh cung cp PE. phng php ny, nhiu khch hng c th
kt ni n cng router PE.
Trn router PE phi cu hnh access-list cho mi interface PE-CE
m bo chc chn s cch ly gia cc khch hng VPN, ngn
chn VPN ca khch hng ny thc hin cc tn cng t chi dch v
DoS vo VPN ca khch hng khc. Nh cung cp dch v chia mi
phn trong khng gian a ch ca n cho khch hng v qun l vic
lc gi tin trn Router PE.
Dedicated-router
L phng php m khch hng VPN c router PE dnh ring. Trong
phng php ny, mi khch hng VPN phi c router PE dnh ring
v do ch truy cp n cc nh tuyn trong bng nh tuyn ca
router PE . M hnh Dedicated-router s dng cc giao thc nh
tuyn to ra bng nh tuyn trn mt VPN trn Router PE. Bng
nh tuyn ch c cc nh tuyn c qung b bi khch hng VPN
kt ni n chng, kt qu l to ra s cch ly gia cc VPN.
- 11 -
Hnh 1.5 M hnh shared-router v dedicated-router

Nhc im ca m hnh peer-to-peer:
Khng gian a ch cc khch hng khng c trng nhau.
a ch khch hng do nh cung cp kim sot.
1.3 Tng kt chng
Chng ny trnh by tng quan v cng ngh VPN.Trong VPN bao
gm VPN dnh cho cc doanh nghip v VPN dnh cho cc nh cung cp dch
v. Da trn s tham gia ca nh cung cp dch v trong vic nh tuyn cho
khch hng, c hai loi m hnh c bn l: overlay VPN v peer-to-peer VPN,
mi m hnh u c nhng u v nhc im nht nh. MPLS VPN kt hp
c u im ca 2 m hnh overlay VPN v peer-to-peer VPN ng thi k
tha c nhng u im ca cng ngh MPLS vi nhng th mnh v mt bo
mt, tnh mm do khi trin khai, cht lng ng truyn... v c bit l u
th v gi c.
Chng 2. Chuyn mch nhn a giao thc - MPLS
CHNG 2. CHUYN MCH NHN A GIAO THC MPLS
2.1 S lc v cng ngh IP v cng ngh ATM

2.1.1 Cng ngh IP
IP l thnh phn chnh ca kin trc ca mng Internet. Trong kin trc
ny, IP ng vai tr lp 3 v n nh ngha c cu nh s, c cu chuyn
tin, c cu nh tuyn v cc chc nng iu khin mc thp (ICMP). Gi
tin IP gm a ch ca bn nhn, a ch l mt s duy nht trong ton mng
v mang y thng tin cn cho vic chuyn gi tin ti ch.
u im ni bt ca giao thc TCP/IP l kh nng nh tuyn v truyn
gi tin mt cch ht sc mm do, linh hot. Nhng IP khng m bo cht
lng dch v v tc truyn tin theo yu cu.
Hnh 2.1 M hnh chuyn tip gi tin trong IP

2.1.2 Cng ngh ATM
ATM l mt k thut truyn tin tc cao. ATM nhn thng tin
nhiu dng khc nhau nh thoi, s liu, video v ct ra thnh nhiu phn
nho gi l t bo (cell). Cc t bo ny sau c truyn qua cc kt ni
o VC. V ATM c th h tr thoi, s liu v video vi cht lng dch v
trn nhiu cng ngh bng rng khc nhau nn n c coi l cng ngh
chuyn mch hng u.
- 12 -
- 13 -
Cng ngh ATM c th mnh u vit v tc truyn tin cao, m bo

thi gian thc v cht lng dch v theo yu cu nh trc. Nhng ATM
cng c nhc im l tn bng thng ( do chia gi tin thnh cc gi nho
53 byte), lng ph ng truyn, kch thc gi tin nho b hn ch tc dng
khi tc truyn vt l tng nhiu.
Hnh 2.2 M hnh ATM

Tm li: Bn cnh nhng u im ca cng ngh IP v cng ngh ATM
cn c nhng nhc im ca n. Chnh v vy cng ngh chuyn mch nhn
a giao thc (MPLS) c xut ti cc gi tin trn cc knh o v khc
phc c cc vn m mng ngy nay ang phi i mt, l tc , kh
nng m rng cp mng, qun l cht lng, qun l bng thng da trn
ng trc v c th hot ng vi cc mng Frame relay v ch truyn ti
khng ng b (ATM) hin nay p ng cc nhu cu dch v ca ngi s
dng mng. Cng ngh MPLS kt hp nhng u im ca IP ( mm do, kh
nng m rng) v ca ATM (tc cao, QoS, iu khin lung).
- 14 -
2.2 Khi nim c bn v MPLS

Cng ngh Chuyn mch nhn a giao thc - MPLS l kt qu pht trin
ca nhiu cng ngh chuyn mch IP (IP switching) s dng c ch hon i
nhn nh ca ATM tng tc truyn gi tin m khng cn thay i cc
giao thc nh tuyn ca IP.
tng khi a ra MPLS l: nh tuyn bin, chuyn mch li
Hnh 2.3 Khi nim v MPLS
2.2.1 Li ch ca MPLS
MPLS l phng php ci tin cho vic chuyn tip cc gi tin IP trn
mng bng cch thm vo nhn (label). MPLS kt hp cc u im ca k
thut chuyn mch (switching) ca lp 2 v k thut nh tuyn (routing)
lp 3. Do s dng nhn quyt nh chng tip theo trong mng nn router
t lm vic hn v hot ng gn ging nh switch.
MPLS h tr mi giao thc lp 2, trin khai hiu qu cc dch v IP
trn mt mng chuyn mch IP. MPLS h tr vic to ra cc tuyn khc
nhau gia ngun v ch trn mt ng trc Internet. Bng vic tch hp
MPLS vo kin trc mng, cc ISP c th gim chi ph, tng li nhun,
cung cp nhiu hiu qu khc nhau v t c hiu qu cnh tranh cao.
- 15 -
Kh nng m rng n gin.

Tng cht lng mng, c th trin khai cc chc nng nh tuyn m
cc cng ngh trc khng th thc hin c nh nh tuyn hin (explicit
routing), iu khin lp.
Tch hp gia IP v ATM cho php tn dng ton b cc thit b hin
ti trn mng.
Tch bit n v iu khin vi n v chuyn mch cho php MPLS h
tr ng thi MPLS v B-ISDN. Vic b sung cc chc nng mi sau khi
trin khai mng MPLS ch cn thay i phn mm iu khin.
2.2.2 Mt s ng dng ca MPLS
Internet c ba nhm ng dng chnh: voice, data, video vi cc yu cu
khc nhau.
Voice yu cu tr thp, cho php tht thot d liu tng hiu
qu.
Video cho php tht thot d liu mc chp nhn c, mang tnh
thi gian thc (realtime).
Data yu cu bo mt v chnh xc cao. MPLS gip khai thc ti
nguyn mng t hiu qu cao.
Mt s ng dng ang c trin khai l:
MPLS VPN: nh cung cp dch v s dng c s h tng mng
cng cng c sn thc thi cc kt ni gia cc site khch hng.
MPLS Traggic Engineer: Cung cp kh nng thit lp mt hoc
nhiu ng i iu khin lu lng mng v cc c trng thc
thi cho mt loi lu lng.
MPLS QoS (Quality of service): Dng QoS cc nh cung cp dch
v c th cung cp nhiu loi dch v vi s m bo ti a v QoS
cho khch hng.
- 16 -
2.3 Cc thnh phn trong MPLS

2.3.1 Nhn
Nhn l mt thc th c di ngn, c nh v khng c cu trc bn
trong. Nhn khng trc tip m ho thng tin ca mo u lp mng nh
a ch lp mng. Nhn c gn vo mt gi tin c th s i din cho mt
FEC m gi tin c n nh.
Dng ca nhn ph thuc vo phng tin truyn m gi tin c ng
gi. V d cc gi ATM (t bo) s dng gi tr VPI/VCI nh nhn, Frame
relay s dng DLCI lm nhn. i vi cc phng tin gc khng c cu
trc nhn, mt on m c chn thm s dng cho nhn. Khun
dng on m 4 byte c cu trc nh sau:
Ti
Nhn (20)
Mo u
IP
m
MPLS
COS(3)
S(1)
Mo u lp
2
TTL(8)
Hnh 2.4 Cu trc mo u MPLS

MPLS nh ngha mt tiu c di 32 bit v c to nn ti LSR
vo. N phi c t ngay sau tiu lp 2 bt k v trc mt tiu lp
3, y l IP v c s dng bi LSR li vo xc nh mt FEC, lp
ny s c xt li trong vn to nhn. Sau cc nhn c x l bi
LSR chuyn tip.
Hnh 2.5 Nhn MPLS
- 17 -
Khun dng v tiu MPLS c ch ra trong hnh 2.4. N bao gm

cc trng sau:
Nhn: Gi tr 20 bit, gi tr ny cha nhn MPLS.
EXP (3 bit): dnh cho thc nghim, c th dng cc bit EXP tng
t nh cc bit u tin.
S: bit ngn xp, s dng xp xp a nhn.
TTL: Thi gian sng, 8 bit, t ra mt gii hn m cc gi MPLS c
th i qua.
i vi cc khung PPP hay Ethernet gi tr nhn dng giao thc P-ID
(hoc Ethertype) c chn thm vo mo u khung tng ng thng
bo khung l MPLS unicast hay multicast.
2.3.2 Ngn xp nhn
L k thut s dng trong vic ng gi IP. N cho php mt gi c th
mang nhiu hn mt nhn. N c cung cp bi vic a vo mt nhn
mi (mc 2) bn trn nhn tn ti (mc 1), gi c chuyn tip qua
mng da trn c s cc nhn mc 2, sau khi qua mng ny th nhn mc
2 b loi ra v vic chuyn tip ny hot ng da trn cc nhn mc 1.
Nhn trn cng (top) ng sau header lp 2, cn nhn cui (bottom)
ng trc header lp 3.
Ti mi hop router ch x l nhn trn cng ca stack.
Chuyn mch nhn c thit k co dn cc mng ln v MPLS h
tr chuyn mch nhn vi hot ng phn cp, hot ng phn cp ny da
trn kh nng ca MPLS c th mang nhiu hn mt nhn trong gi. Ngn
xp nhn cho php thit k cc LSR trao i thng tin vi nhau v hnh
ng ny ging nh vic to ng vin node to ra mt min mng
rng ln v cc LSR khc. C th ni rng cc LSR ny l cc node bn
trong mt min v khng lin quan n ng vin node. Vic x l mt
gi nhn c hon thnh c lp vi tng mc ca s phn cp.
- 18 -
Ch rng trong stack nhn th nhn cui lun c gi tr S l 1, cc

nhn cn li S l 0.
Hnh 2.6 Nhn ca stack
2.3.3 Lp chuyn tip tng ng FEC

L mt nhm cc gi IP:
C cng mt ng i trn mng MPLS.
C cng x l ging nhau ti bt k LSR no.
Trong nh tuyn truyn thng, mt gi c gn ti mt FEC ti mi
hop. Cn trong MPLS ch gn mt ln ti LSR ng vo. Trong MPLS cc
gi tin n vi cc prefix khc nhau c th gp chung mt FEC, bi v qu
trnh chuyn tip gi trong min MPLS ch cn c vo LSR ng vo gn
ti FEC cho vic xc nh LSP, cn cc LSR cn li da vo nhn
chuyn gi. Vi nh tuyn IP, gi c chuyn da vo IP nn ti mi hop
gi u c gn ti mt FEC xc nh ng dn.
2.3.4 ng chuyn mch nhn LSP
L tuyn to ra t u vo n u ra ca mng MPLS dng chuyn
tip gi ca mt FEC no s dng c ch chuyn i nhn (labelswapping forwarding).
- 19 -
2.3.5 C s d liu nhn LIB

L bng kt ni trong LSR c cha cc gi tr nhn/FEC c gn vo
cng ra cng nh thng tin v ng gi phng tin truyn.
2.3.6 Topo mng MPLS
Min MPLS (MPLS domain) l mt tp k tip cc nt hot ng nh
tuyn v chuyn tip MPLS. Min MPLS c th chia thnh Li MPLS
(MPLS Core) v Bin MPLS (MPLS Edge).
Hnh 2.7 Topo mng MPLS

Khi mt gi tin IP i qua min MPLS, n i theo mt tuyn c xc
nh ph thuc vo FEC m n c n nh khi i vo min. Tuyn ny
gi l ng chuyn mch nhn LSP. LSP ch mt chiu, tc l cn hai
LSP cho mt truyn thng song cng.
Cc nt c kh nng chy giao thc MPLS v chuyn tip cc gi tin
gc IP c gi l b nh tuyn chuyn mch nhn LSR.
LSR li vo (Ingress LSR) x l lu lng i vo min MPLS.
LSR chuyn tip (Transit LSR) x l lu lng bn trong min
MPLS.
LSR li ra (Egress LSR) x l lu lng ri khoi min MPLS.
LSR bin (Edge LSR) thng c s dng nh l tn chung cho c
LSR li vo v LSR li ra.
- 20 -
2.3.7 Thnh phn c bn ca MPLS

Cc thit b tham gia trong mt mng MPLS c th c phn loi
thnh cc b nh tuyn bin nhn LER v cc b nh tuyn chuyn mch
nhn LSR.
2.3.7.1 Thit b LSR
Thnh phn quan trng nht ca mng MPLS l thit b nh tuyn
chuyn mch nhn LSR. Thit b ny thc hin chc nng chuyn tip
gi tin trong phm vi mng MPLS bng th tc phn phi nhn.
2.3.7.2 Thit b LER
LER l mt thit b hot ng ti bin ca mng truy nhp v mng
MPLS. Cc LER h tr cc cng c kt ni ti cc mng khng
ging nhau (nh Frame Relay, ATM, v Ethernet ) v chuyn tip lu
lng ny vo mng MPLS sau khi thit lp LSP, bng vic s dng
cc giao thc bo hiu nhn ti li vo v phn b lu lng tr li
mng truy nhp ti li ra. LER ng vai tr quan trng trong vic ch
nh v hu nhn, khi lu lng vo trong hay ra khoi mng MPLS.
LER l ni xy ra vic gn nhn cho cc gi tin trc khi vo mng
MPLS.
Cc thit b bin khc vi cc thit b li ch l: ngoi vic phi
chuyn tip lu lng n cn phi thc hin vic giao tip vi cc mng
khc.
2.4 Giao thc phn phi nhn LDP
Giao thc phn phi nhn LDP l giao thc trao i thng tin nhn gia cc
LSR.
Cung cp k thut gip cho cc LSR c kt ni trc tip nhn ra nhau
v thit lp lin kt c ch khm ph (discovery mechanism).
- 21 -
C 4 loi bn tin:
Bn tin Discovery: thng bo v duy tr s c mt ca mt
LSR trong mng.
Bn tin Adjency: c nhim v khi to, duy tr v kt thc
nhng phin kt ni gia cc LSR.
Bn tin Label advertisement: thc hin vic thng bo, a ra
yu cu, hy bo v gii phng thng tin nhn.
Bn tin Notification: c s dng thng bo li.
Thit lp kt ni TCP trao i cc bn tin (ngoi tr bn tin
Discovery).
Cc bn tin l tp hp nhng thnh phn c cu trc < type, length,
value>.
2.4.1 Qu trnh khm ph lng ging LSR
Giao thc ny hot ng trn kt ni UDP v c th c xem l giai
on nhn bit nhau ca hai LSR trc khi chng thit lp kt ni TCP.
Mt LSR s qung b bn tin hello ti tt c LSR kt ni trc tip vi n
trn mt cng UDP mc nh theo mt chu k nht nh. Tt c cc LSR
u lng nghe bn tin hello ny trn cng UDP. Nh LSR bit c a
ch ca tt c cc LSR kt ni trc tip vi n. Sau khi bit c a ch ca
mt LSR no , mt kt ni TCP s c thit lp gia hai LSR ny. Ngay
c khi khng kt ni trc tip vi nhau th LSR vn c th gi nh k bn
tin hello n cng UDP mc nh ca mt a ch IP xc nh. V LSR nhn
cng c th gi li bn tin hello cho LSR gi thit lp kt ni TCP.
- 22 -
Hnh 2.8 Qu trnh khm ph lng ging bng LDP

2.4.2 Cc kiu phn phi nhn
Trong mt min MPLS, mt nhn gn ti mt a ch ch c phn
phi ti cc lng ging ngc dng sau khi thit lp session. Vic kt ni
gia mng c th vi nhn cc b v mt nhn trm k (nhn t router xui
dng) c lu tr trong LFIB v LIB. MPLS dng cc phng thc phn
phi nhn nh sau:
Phn phi nhn theo yu cu.
Phn phi nhn khng theo yu cu.
Hnh 2.9 Qu trnh trao i thng tin nhn trong LDP
- 23 -
2.5 Cu trc MPLS

C hai c ch hot ng trong MPLS l:
C ch Frame Mode
C ch ny c s dng vi cc mng IP thng thng, trong c ch ny
nhn ca MPLS l nhn thc s c thit k v gn cho cc gi tin, trong mt
phng iu khin s m nhim vai tr gn nhn v phn phi nhn cho cc
nh tuyn gia cc router chy MPLS, v trong c ch ny cc router s kt ni
trc tip vi nhau qua 1 giao din Frame mode nh l PPP, cc router s s
dng a ch IP thun ty trao i thng tin cho nhau nh l: thng tin v
nhn v bng nh tuyn routing table.
Cn vi mng ATM hay Frame relay chng khng c cc kt ni trc tip
gia cc interface, ngha l khng th dng a ch IP thun ty trao i
thng tin cho nhau, v vy ta phi thit lp cc knh o gia chng (PVC).
C ch cell mode.
Thut ng ny dng khi c mt mng gm cc ATM LSR dng MPLS
trong mt phng iu khin trao i thng tin VPI/VCI thay v dng bo hiu
ATM. Trong kiu t bo, nhn l trng VPI/VCI ca t bo. Sau khi trao i
nhn trong mt phng iu khin, mt phng chuyn tip, router ng vo
(ingress router) phn tch gi thnh cc t bo ATM, dng gi tr VCI/CPI
tng ng trao i trong mt phng iu khin v truyn t bo i. Cc ATM
LSR pha trong hot ng nh chuyn mch ATM chng chuyn tip mt t
bo da trn VPI/VCI vo v thng tin cng ra tng ng. Cui cng, router
ng ra (egress router) sp xp li cc t bo thnh mt gi.
- 24 -
Trong :
GFC : iu khin lung chung.
VPI : nhn dng ng o.
VCI : nhn dng knh o.
PT : ch th kiu trng tin.
CLP : chc nng ch th u tin hu bo t bo.
HEC : kim tra li tiu .
MPLS chia thnh 2 mt phng: mt phng iu khin MPLS ( Control plane )
v mt phng chuyn tip MPLS hay cn gi l mt phng d liu (Data plane).
Hnh 2.10 Mt phng iu khin v mt phng d liu
- 25 -
2.5.1 Mt phng iu khin

Thc hin chc nng lin quan n vic nhn bit kh nng c th i
n c cc mng ch. Mt phng iu khin cha tt c thng tin nh
tuyn lp 3 nhm trao i thng tin c th i c n mng ch.
V d in hnh v chc nng ca mt phng iu khin thng l trao
i thng tin ca cc giao thc nh tuyn nh OSPF v BGP, cc giao
thc c th p ng cho vic trao i thng tin nhn gia cc router lng
ging vi nhau trong mt phng iu khin thng qua cc giao thc phn
phi nhn.
Cc modul iu khin MPLS gm:
nh tuyn Unicast (Unicast Routing).
nh tuyn Multicast (Multicast Routing).
K thut lu lng (Traffic engineering).
Mng ring o (Virtual private network).
Cht lng dch v (Quality of service).
Hnh 2.11 Cc modul iu khin MPLS
- 26 -
2.5.2 Mt phng d liu

Thc hin chc nng lin quan n chuyn tip gi d liu.
Cc gi ny va c th l gi IP lp 3 hoc l gi IP c gn
nhn.Thng tin trong mt phng d liu, chng hn nh gi tr nhn thng
c ly t mt phng iu khin. Vic trao i thng tin gia cc router
lng ging, to ra cc nh x ca cc mng ch n cc nhn trong mt
phng iu khin, thng s dng chuyn cc gi gn nhn trong mt
phng d liu.
2.5.3 Cc thnh phn bn trong mt phng iu khin v mt phng d
liu
2.5.3.1 Chuyn mch CEF
CEF l mt s thit lp ca Cisco da trn MPLS, s dng cc dch
v ca n hot ng trn router Cisco. L iu kin tin quyt thc
hin MPLS, CEF cung cp c ch chuyn mch c quyn c dng
trn cc router Cisco nhm lm tng tnh n gin v kh nng thc thi
chuyn mch IPv4 ca mt router.
2.5.3.2 C s thng tin chuyn tip FIB
CEF s dng FIB chuyn tip cc gi tin n ch, l bn sao
ca ni dung bng nh tuyn IP, cha nh x mt mt gia bng FIB
v cc mc trong bng nh tuyn.
Khi CEF c dng trn router, router duy tr ti thiu mt FIB,
cha mt nh x ca cc mng ch trong bng nh tuyn n cc hop
k thch hp c kt ni trc tip.
FIB nm trong mt phng d liu, dng chuyn tip cc gi bi
router.
- 27 -
2.5.3.3 C s thng tin nhn LIB v c s thng tin chuyn tip nhn
LFIB
Ngoi FIB cn c hai cu trc khc c xy dng trn router,
l LIB v LFIB.
Cc giao thc phn phi c s dng gia cc router lng ging
trong min MPLS nhm p ng cho vic to ra cc mc trong LIB v
LFIB:
LIB nm trong mt phng iu khin v thng c dng bi
giao thc phn phi nhn. Cc nhn hop k c nhn t cc
Downstream, cn cc nhn cc b c to ra bi giao thc
phn phi nhn.
LFIB nm trong mt phng d liu, cha mt nh x t nhn
cc b n nhn hop k.
2.5.3.4 C s thng tin nh tuyn RIB
Thng tin v cc mng ch c kh nng i n c ly t cc
giao thc nh tuyn cha trong c s thng tin nh tuyn RIB hoc
bng nh tuyn. Bng nh tuyn cung cp thng tin cho mt FIB. LIB
s dng thng tin t giao thc phn phi nhn, v khi LIB kt hp cng
vi cc thng tin ly t FIB s to ra c s thng tin chuyn tip nhn
LFIB.
- 28 -
Hnh 2.12 Cc thnh phn MPLS trong mt phng iu khin v mt phng d liu.
2.6 Cc giao thc nh tuyn

2.6.1 Giao thc nh tuyn OSPF
OSPF l mt giao thc nh tuyn dng link-state hot ng trong mt
h t tr tm ra ng i ngn nht u tin, s dng thut ton Dijkstra
Shortest Path First (SPF) xy dng bng nh tuyn.
u im:
OSPF p ng c nhu cu cho cc mng ln.
C thi gian hi t ngn.
H tr CIDR v VLSM.
Kch thc mng thch hp cho tt c cc mng t va n ln.
S dng bng thng hiu qu.
Chn ng da trn chi ph thp nht.
Cu hnh OSPF:
Router(config)#router ospf process-id
Router(config-router)#network address wildcast-mask area
area-id
- 29 -
2.6.2 Giao thc nh tuyn EIGRP

EIGRP l mt giao thc nh tuyn lai (hybrid routing), n va mang
nhng c im ca distance vector va mang mt s c im ca linkstate.
u im:
EIGRP hi t nhanh v tiu tn t bng thng.
EIGRP h tr VLSM v CIDR nn s dng hiu qu khng gian a
ch.
Cu hnh EIGRP:
Router(config)#router eigrp autonomous-system
Router(config-router)#network network-number
2.6.3 Giao thc nh tuyn BGP
Giao thc ny c thit k kt ni cc AS, khng kt ni cc
subnets vi mt AS. Mt AS l mt nhm cc router cng chia s mt chnh
sch v hot ng trong cng mt min nht nh. Mi AS c nh danh
bi mt s v c cung cp bi mt nh cung cp AS hoc bi cc ISPs.
Con s ny c chia ra lm hai loi: Public c gi tr t 1 n 64511,
privite c gi tr t 64512 n 65535.
BGP l mt giao thc nh tuyn dng path-vector v vic chn ng
i tt nht thng thng da vo mt tp hp cc thuc tnh (attribute).
BGP s dng kt ni TCP trong mi vic thng tin lin lc (to kt ni
TCP 179).
BGP c th s dng gia cc router trong cng mt AS v khc AS.
Khi BGP c dng trong cng mt AS th c gi l iBGP, cn dng
kt ni cc AS khc nhau th gi l eBGP.
- 30 -
Cu hnh BGP
Router(config)#router bgp as-number
Router(config-router)#neighbor {ip address/peer-group-name} remoteas as-number
Router(config-router)#neighbor {ip address/peer-group-name} updatesource interface-type interface-number
Router(config-router)#address-family vpnv4
Router(config-router-af)#neighbor {ip address/peer-group-name}
activate
Router(config-router)# neighbor {ip address/peer-group-name} sendcommunity {extended/both}
Router(config-router)# neighbor {ip address/peer-group-name} nexthop-self
2.7 Phng thc hot ng ca MPLS
Khi mt gi tin vo mng MPLS, cc b nh tuyn chuyn mch nhn
khng thc hin chuyn tip theo tng gi m thc hin phn loi gi tin vo
trong cc lp tng ng chuyn tip FEC, sau cc nhn c nh x vo
trong cc FEC. Mt giao thc phn b nhn LDP c xc nh v chc nng
ca n l n nh v phn b cc rng buc FEC/nhn cho cc b nh tuyn
chuyn mch nhn LSR. Khi LDP hon thnh nhim v ca n, mt ng dn
chuyn mch nhn LSP c xy dng t ng vo ti ng ra. Khi cc gi vo
mng, LSR ng vo kim tra nhiu trng trong tiu gi xc nh xem gi
thuc v FEC no. Nu c mt rng buc nhn/FEC th LSR ng vo gn
nhn cho gi v chuyn tip n ti ng ra tng ng. Sau gi c hon i
nhn qua mng cho n khi n n LSR ng ra, lc nhn b loi bo v gi
c x l ti lp 3. V vy qu trnh chuyn tip gi tin din ra nhanh hn so
vi vic chuyn tip da vo nh tuyn IP.
- 31 -
Ngoi ra MPLS cn c c ch Fast reroute. Do MPLS l cng ngh chuyn

mch hng kt ni, kh nng b nh hng bi li ng truyn thng cao
hn cc cng ngh khc. Trong khi , cc dch v tch hp m MPLS phi h
tr li yu cu dung lng cao. Do vy, kh nng phc hi ca MPLS m bo
kh nng cung cp dch v ca mng khng ph thuc vo c cu khi phc li
ca lp vt l bn di.
Mt phng iu khin qun l tp cc tuyn m mt gi c th s dng,
trong m hnh ny mt gi i vo thit b mng qua giao din u vo, c x
l bi mt thit b m n ch x l thng tin v gi a ra quyt nh logic.
Quyt nh logic ny c thng tin c cung cp t mt phng iu khin cha
cc tuyn, cho cc thng tin v gi c cp nht ti thit b khc chuyn
tip gi thng qua giao din u ra ti ch ca gi tin .
Cc lp trn
Mt phng iu
khin
Mt phng
chuyn tip
Duy tr tuyn
nh tuyn
La chn cng ra
Nhn gi u vo
Chuyn mch
Nhn gi u ra
Cc cng u vo
Cc cng u ra
Lin mng
Hnh 2.13 nh tuyn, chuyn mch, chuyn tip
- 32 -
Gi s ta c mt mng n gin nh sau trong Router A l Ingress router

(router bin ng vo), Router C l Egress router (router bin ng ra).
Hnh 2.14 Mng MPLS

y s trnh by cch cc router xy dng bng FIB v LFIB cho Network X
l mng m cn truyn d liu n.
Phng thc gn v phn tn nhn gm nhng bc nh sau:
Bc 1: Giao thc nh tuyn (OSPF hay EIGRP ) xy dng bng
routing table.
Bc 2: Cc LSR ln lt gn 1 nhn cho mt IP ch trong bng routing
table mt cch c lp.
Bc 3: LSR ln lt phn tn nhn cho tt c cc router LSR k cn.
Bc 4: Tt c cc LSR xy dng cc bng LIB, LFIB, FIB da trn
nhn nhn c.
- 33 -
u tin cc router s dng cc giao thc nh tuyn nh OSPF hay

EIGRP tm ng i cho gi tin ging nh mng IP thng thng v xy
dng nn bng routing table cho mi router trong mng. Gi s, y router A
mun n mng X th phi qua router B, B chnh l Next-hop ca router A
n mng X.
Hnh 2.15 Qu trnh xy dng bng routing table
Sau khi bng routing table hnh thnh, cc router s gn nhn cho cc
ch n m c trong bng routing table ca n, v d y router B s gn
nhn bng 25 cho mng X, ngha l nhng nhn vo c gi tr 25 router B s
chuyn n n mng X.
Hnh 2.16 Qu trnh gn nhn ca router B
- 34 -
Router B phn tn nhn 25 cho tt c cc router LSR k cn n vi ngha

Nu bn mun n X th hy gn nhn 25 ri gi n ti, cng lc bng
tra LIB hnh thnh trong router B v c entry nh hnh 2.17.
Hnh 2.17 Qu trnh phn phi nhn ca router B
Cc router LSR nhn c nhn t router lng ging s cp nht vo bng

LIB, ring vi router bin (Edge LSRs) s cp nht vo bng LIB v c FIB ca
n.
Hnh 2.18 Qu trnh to bng LIB
- 35 -
Cng ging nh B, router C s gn nhn l 47 cho Network X v s qung

b nhn ny cho cc router k cn, C khng qung b cho router D v D khng
chy MPLS.
Hnh 2.19 Qu trnh phn phi nhn ca router C
Cng lc router C hnh thnh 2 bng tra LIB v LFIB c cc entry nh

hnh 2.19. Sau khi nhn c qung b ca router C, router B s thm nhn 47
va nhn c vo trong bng tra FIB v LIB ng thi xy dng bng tra
LFIB c cc entry nh hnh 2.20, router E ch thm nhn 47 vo trong LIB v
FIB.
Hnh 2.20 Qu trnh to bng LFIB
- 36 -
Nh vy ta c c ng i t bin router A n mng cn n l mng

X, hay ni cch khc mt LSP hnh thnh. By gi gi tin c th truyn theo
ng ny ti ch nh sau: Mt gi tin IP t mng IP n router bin Ingress,
router A s thc hin tra bng FIB ca n tm ra next hop cho gi tin ny,
y A s gn nhn 25 cho gi tin ny theo entry c trong bng FIB ca n v s
gi ti next hop l router B n mng X.
Hnh 2.21 Qu trnh kim gn nhn ti ingress LSR
Gi tin vi nhn 25 c truyn n cho router B, router B s tra bng

LFIB ca n v tm ra gi tr nhn ng ra cho gi tin c nhn ng vo 25 l 47,
router B s swap nhn thnh 47 v truyn cho next hop l router C.
Hnh 2.22 Qu trnh hon i nhn
- 37 -
Gi tin vi nhn 47 c truyn n router C, router C s tra bng LFIB

ca n v tm ra hot ng tip theo cho gi tin c nhn vo 47 l s pop nhn
ra khoi gi tin v truyn cho next hop l router D, nh vy gi tin n D l gi
tin IP bnh thng khng nhn.
Hnh 2.23 Qu trnh tho nhn ti egress LSR
Gi tin IP ny n D, router D s tra bng routing table ca n v truyn

cho mng X.
2.8 Tng kt chng
Qua chng ny ta c th bit c cc thnh phn v cch hot ng ca MPLS.
Nm c u v nhc im ca MPLS, v ti sao MPLS s c trin khai rng
ri. S dng MPLS ta c th d dng m rng mng li mng m khng cn phi
cu hnh router li, chi ph cho s m rng t,
MPLS c kh nng linh hot v chuyn mch tc cao da trn s kt hp ca IP
v ATM. C th ni mng MPLS hin nay ang l s la chn tt nht cho cc nh
qun tr mng. MPLS c cc modul: MPLS VPN, MPLS QoS, MPLS TE,.. Trong
MPLS VPN l mt trong nhng vn quan trng khi truyn d liu gia cc
mng, n thay th cho mng VPN truyn thng.
Chng 3. MPLS VPN
- 38 -
CHNG 3. MPLS VPN

3.1 MPLS VPN l g?
Hnh 3.1 M hnh MPLS VPN
MPLS VPN kt hp nhng c im tt nht ca Overlay VPN v peer-to-peer

VPN:
Cc router PE tham gia vo qu trnh nh tuyn ca khch hng
(customer), ti u vic nh tuyn gia cc site ca khch hng.
Cc router PE s dng cc bng nh tuyn o (virtual routing table) cho
tng khch hng nhm cung cp kh nng kt ni vo mng ca nh cung
cp cho nhiu khch hng.
Cc khch hng c th s dng a ch IP trng nhau (overlap addresses)
MPLS VPN backbone v cc site khch hng trao i thng tin nh
tuyn lp 3.
Chng 3. MPLS VPN
- 39 -
MPLS VPN gm cc vng sau:

Mng khch hng: thng l min iu khin ca khch hng gm cc
thit b hay cc router tri rng trn nhiu site ca cng mt khch hng.
Cc router CE l nhng router trong mng khch hng giao tip vi mng
ca nh cung cp.
Mng ca nh cung cp: l min thuc iu khin ca nh cung cp gm
cc router bin (edge) v li (core) kt ni cc site thuc vo cc
khch hng trong mt h tng mng chia s. Cc router PE l cc router
trong mng ca nh cung cp giao tip vi router bin ca khch hng.
Cc router P l router trong li ca mng, giao tip vi cc router li
khc hoc router bin ca nh cung cp.
Trong mng MPLS VPN, router li cung cp chuyn mch nhn gia cc
router bin ca nh cung cp v khng bit n cc tuyn VPN. Cc router CE
trong mng khch hng khng nhn bit c cc router li, do cu trc
mng ni b ca mng nh cung cp trong sut i vi khch hng.
3.2 Li ch ca MPLS VPN
Chi ph thp, tc n nh, p ng c yu cu v bo mt thng tin,
n gin trong vic qun l v d dng trong vic chuyn i.
Gim thiu chi ph so vi cc cng ngh tng ng trong vic qun l, xy
dng, trin khai trong mt mng din rng.
Tnh n nh v kh nng m rng: p ng nhu cu m rng mt cch
nhanh chng, c th kt ni nhanh chng vi cc mng khc.
Thch ng vi nhiu loi cng ngh khc nhau v khng thay th h thng
mng hin ti ca khch hng. Vi kh nng h tr nhiu loi cng ngh khc
nhau do MPLS c th h tr nhiu kiu truy cp khc nhau nh Frame relay,
IP, lm gim thiu chi ph cho khch hng hoc c th tn dng thit b mng
sn c.
An ton mng: vi tnh nng m ha v to ng hm ca cng ngh VPN
gip MPLS t c mc an ton cao nh trong mi trng mng ring.
Chng 3. MPLS VPN
- 40 -
Cht lng dch v: m bo phn bit th t u tin cho cc lai d liu

khc nhau nh: s liu, hnh nh, m thanh.
3.3 Cc thnh phn trong MPLS VPN
3.3.1 Virtual Routing and Forwarding Table (VRF)
Khch hng c phn bit trn router PE bng cc bng nh tuyn o
(virtual routing tables) hoc cc instance, cn c gi l VRF (virtual
routing and forwarding tables/instances).
Chc nng ca VRF ging nh mt bn nh tuyn ton cc, ngoi tr
vic n cha mi tuyn lin quan n mt VPN c th.
VRF cha mt bng nh tuyn IP tng ng vi bng nh tuyn IP
ton cc, mt bng CEF, lit k cc cng giao tip tham gia vo VRF, v
mt tp hp cc nguyn tc xc nh giao thc nh tuyn trao i vi cc
router CE (routing protocol contexts). VRF cn cha cc nh danh VPN
(VPN identifier) nh thng tin thnh vin VPN (RD v RT).
Hnh 3.2 Bng VRF
Chng 3. MPLS VPN
- 41 -
3.3.2 Multiprotocol BGP (MP-BGP)

MP-BGP chy gia cc router bin nh cung cp trao i thng tin
cc tuyn VPNv4. MP-BGP l m rng ca giao thc BGP hin ti. a ch
VPNv4 khch hng l mt a ch 12 byte, kt hp ca a ch IPv4 v RD.
8 byte u l RD; 4 byte tip theo l a ch IPv4.
Mt phin lm vic MP-BGP gia cc PE trong mt BGP AS c gi
l MP-iBGP session v km theo cc nguyn tc thc thi ca iBGP lin
quan n thuc tnh ca BGP (BGP attributes). Nu VPN m rng ra khoi
phm vi mt AS, cc VPNv4 s trao i gia cc AS ti bin bng MPeBGP session.
3.3.3 Route Distinguisher (RD)
RD l mt nh danh 64-bit duy nht. Gii quyt trng a ch IP ca cc
khch hng bng cch ghp thm 64-bit vo IPv4 to thnh a ch VPNv4
(96 bit). Do ch duy nht mt RD c cu hnh cho mt VRF trn router
PE. Cc a ch VPNv4 c trao i gia cc router PE qua BGP.
RD c th c hai nh dng: dng a ch IP hoc ch s AS
Hnh 3.3 Gi tr RD
Chng 3. MPLS VPN
- 42 -
u tin router PE-1 ghp thm 64-bit RD vo gi tin IPv4 to thnh

a ch VPNv4 v thng qua giao thc MP-BGP chuyn gi tin n router
PE-2
Hnh 3.4 Qu trnh gn RD
Ti router PE-2 gi tin c bo RD khoi VPNv4 thnh IPv4
Hnh 3.5 Qu trnh tho RD
Chng 3. MPLS VPN
- 43 -
3.3.4 Route Targets (RT)

Route targets (RT) l nhng nh danh dng trong min MPLS VPN
khi trin khai MPLS VPN nhm xc nh thnh vin VPN ca cc tuyn
c hc t cc site c th. RT c thc thi bi cc BGP community m
rng s dng 16 bit cao ca BGP extended community (64 bit) m ha vi
mt gi tr tng ng vi thnh vin VPN ca site c th. Khi mt tuyn
VPN hc t mt CE chn vo VPNv4 BGP, mt danh sch cc thuc tnh
community m rng cho VPN router target c kt hp vi n.
RT c km theo nh tuyn c gi l export RT v c cu
hnh ring bit cho mi VRF ti router PE. Export RT dng xc
nh thnh vin VPN v c kt hp vi mi VRF. Export RT
c ni thm vo a ch khch hng khi chuyn thnh a ch
VPNv4 bi PE v qung b trong cc cp nht MP-BGP.
Import RT kt hp vi mi VRF v xc nh cc tuyn VPNv4
c thm vo VRF cho khch hng c th. nh dng ca RT
ging nh gi tr RD.
Khi thc thi cc cu trc mng VPN phc tp (nh: extranet VPN,
Internet access VPNs, network management VPN,) s dng cng ngh
MPLS VPN th RT gi vai tr nng ct. Mt a ch mng c th c kt
hp vi mt hoc nhiu export RT khi qung b qua mng MPLS VPN.
Nh vy, RT c th kt hp vi nhiu site thnh vin ca nhiu VPN.
Chng 3. MPLS VPN
- 44 -
3.4 Cch hot ng MPLS VPN

S dng d liu MPLS VPN lp 3 :
Hnh 3.6 Hot ng ca MPLS lp 3
Khi vn chuyn trong mng MPLS VPN, mt gi IP c gn hai nhn sau:

Nhn PE c s dng bi cc router li (P router) vn chuyn gi tin trong
mng MPLS; nhn VPN c s dng bi cc router bin ca mng MPLS (PE
router) a gi tin n ng router ca khch hng. Khi khch hng s dng
VPN lp 3 ca nh cung cp dch v MPLS, cc thit b nh tuyn ca nh
cung cp dch v v khch hng trao i vi nhau cc thng tin nh tuyn,
hoc c cu hnh nh tuyn tnh qua li. Cc thit b nh tuyn ti cc vn
phng ca mt cng ty phi s dng cc subnet khc nhau.
Chng 3. MPLS VPN
- 45 -
S dng d liu MPLS VPN lp 2 :
Hnh 3.7 Hot ng ca MPLS lp 2
Trong mng MPLS VPN lp 2, mt frame (d liu ca tng 2) c gn hai

nhn: nhn L1 c s dng bi cc router li ( router P) vn chuyn cc
frame trong mng MPLS v nhn VC1 c s dng bi cc PE router a
cc frame n ng router ca khch hng. Khi khch hng s dng dch v
VPN lp 2, cc thit b mng dng kt ni cc vn phng khc nhau ca mt
n v c cng mt subnet. Thit b nh tuyn ca nh cung cp dch v v
khch hng khng trao i thng tin nh tuyn (routing protocols) vi nhau.
3.5 Hot ng ca mt phng iu khin MPLS VPN
Mt phng iu khin trong MPLS VPN cha mi thng tin nh tuyn lp
3 v cc tin trnh trao i thng tin ca cc IP prefix c gn v phn phi
nhn bng LDP.
Hnh 3.8 Mt phng iu khin MPLS VPN
Chng 3. MPLS VPN
- 46 -
Cc bc hot ng ca mt phng iu khin MPLS VPN: Mi router PE

qung co a ch loopback ca n: PE1 qung co 1.1.1.1/32 v PE2 qung co
2.2.2.2/32. LDP dng phn phi thng tin gn nhn gia cc router chy
MPLS. Trn mi router PE, LFIB cha mt nhn gn vi a ch loopback ca
router PE khc. Khi PE1 chuyn tip gi t 2.2.2.2 trn PE2, n s gn thm
nhn 20 cho gi v khi PE2 chuyn tip mt gi t 1.1.1.1, n s t nhn 10
cho gi. nh tuyn v chuyn tip VPN c to trn PE1 v PE2, gi l
VPNA. PE1 dng giao tip S0/0 trong VPN ny v PE2 dng giao tip S0/1.
OSPF chy gia cc PE1v CE1; PE2 v CE2. Khi PE1 nhn tuyn ng ti
mng 10.1.1.0 t CE1, router t n trong bng nh tuyn ca VPNA. Lc ny,
n gn nhn (5) cho prefix. Khi PE2 nhn tuyn ng ti mng 10.1.2.0 t
CE2, n t vo bng nh tuyn ca VPNA. Lc ny nhn (6) c gn cho
prefix. PE1 sau gi cp nht MP-iBGP a giao thc ti PE2 qung co mng
10.1.1.0. Cp nht cng cha nhn (5) m PE1 gn cho prefix 10.1.1.0, v PE2
gn thm vo bt k gi no ti mng 10.1.1.0 trc khi n chuyn tip gi. Khi
PE1 qung co tuyn, n t a ch BGP chng k l 1.1.1.1/32, l a ch
loopback ca n. PE2 sau gi cp nht iBGP a giao thc cho PE1 qung
co mng 10.1.2.0. Cp nht cng cha nhn (6), m PE2 gn cho prefix
10.1.2.0 v PE1 phi gn thm vo cc gi ti mng 10.1.2.0 trc khi chuyn
tip n. Khi PE2 qung co tuyn ng, n t a ch BGP chng k l
2.2.2.2/32 l a ch loopback ca n. PE1 a prefix 10.1.2.0 vo bng nh
tuyn ca VPNA v PE2 a prefix 10.1.1.0 vo bng nh tuyn ca VPNA.
Chng 3. MPLS VPN
- 47 -
3.6 Hot ng ca mt phng d liu MPLS VPN

Mt phng d liu thc hin chc nng chuyn tip cc gi IP c gn
nhn n trm k v ch.
Vic chuyn tip trong mng MPLS VPN i hoi phi dng chng nhn
(label stack).
Nhn trn (top lable) c gn v hon i (swap) chuyn tip gi d
liu i trong li MPLS. Nhn th hai (nhn VPN) c kt hp vi VRF
router PE chuyn tip gi n cc CE. Hnh 3.9 m t cc bc trong chuyn
tip d liu khch hng ca mt phng d liu t mt site khch hng CE2-A
ti CE1-A trong h tng mng ca SP.
Hnh 3.9 Mt phng d liu MPLS VPN
Sau y l nhng bc trong vic chuyn tip ca mt phng d liu minh

ha cho hnh 3.9: CE1 by gi gi mt gi ti my 10.1.2.1. Gi c chuyn
tip ti PE1. PE1 t nhn trong cho gi l 6. Sau n xem xt ch ti trong
bng nh tuyn ca VPNA. N xc nh rng a ch IP chng k l 2.2.2.2. N
xem trong LFIB ca n xc nh nhn ra no. Lc ny, PE1 t nhn ngoi
cho gi l 20 v chuyn ra cng giao tip hng ti PE2. Nhn ngoi l 20 v
nhn trong l 6. Khi PE2 nhn gi nhn, n g bo nhn ngoi 20 v kim tra
Chng 3. MPLS VPN
- 48 -
nhn trong. Nhn trong (6) cho router bit giao tip no n s chuyn tip gi ra.
Gi sau c chuyn ti CE2.
3.7 So snh VPN truyn thng v MPLS VPN

3.7.1 VPN truyn thng
Hnh 3.10 M hnh VPN truyn thng
Hn ch u tin v cng l d nhn thy nht IPSec l lm gim

hiu nng ca mng. Khi xt ng i ca mt gi tin c gi t my tnh
A trong mng A n my tnh B trong mng B. Gi tin t my tnh A s
c gi n CPE A. CPE-A s kim tra gi tin xem liu n c cn thit
phi chuyn n CPEB hay khng. Trong mt mi trng mng khng c
VPN th gi tin s c truyn ngay n CPE-B. Tuy nhin, vi giao thc
IPSec, CPE-A phi thc hin mt s thao tc trc khi gi gi tin i. u
tin, gi tin c m ha, sau ng gi vo cc gi IP, hot ng ny
tiu tn thi gian v gy tr cho gi tin. Tip theo gi tin s c a vo
trong mng ca nh cung cp dch v. Lc ny, nu gi tin mi c to
thnh c kch thc ln hn kch thc ti a cho php truyn (MTU) trn
bt c mt lin kt no gia CPE-A v CPE-B th gi tin s cn phi c
phn mnh thnh hai hay nhiu gi tin nho hn. iu ny ch xy ra trong
trng hp bit DF (Don't Fragment) khng c thit lp, cn trong trng
hp bit DF c thit lp th gi tin s b mt v mt bn tin ICMP s c
gi li pha pht. Khi gi tin n c CPE-B, n s c m gi v gii
Chng 3. MPLS VPN
- 49 -
m, hai hot ng ny tip tc lm tr gi tin trong mng. Cui cng, CPEB s chuyn tip gi tin n my tnh B.
Thi gian tr trong mng s ph thuc vo phc tp v tc x l
ca cc CPE. Cc thit b CPE cht lng thp thng phi thc hin hu
ht cc chc nng IPSec bng phn mm khin tr trong mng ln. Cc thit
b CPE vi kh nng thc hin cc chc nng IPSec bng phn cng c th
tng tc x l gi tin ln rt nhiu nhng chi ph cho cc thit b ny l
rt t. iu ny dn n chi ph trin khai mt mng IPSec VPN l rt tn
km.
Cc cng ngh IP VPN khc hin c, nh IPSec, L2TP, L2F v GRE
tt c u hot ng tt vi cu hnh mng sao (hubandspoke). Tuy
nhin, mng ngy nay cn lin lc nhiu chiu (anytoany). h tr iu
ny s dng Frame relay hay giao thc ng hm th cn phi c cu hnh
dng kt ni y (full mesh) cc PVC hay ng hm gia cc vng l
thnh vin. Mng khng th cung cp v qun l mt cu hnh y (full
mesh topology) s dng cc cng ngh truyn thng vi hng ngn hay
chc ngn VPN.
Mt im chng ta cn phi cn nhc khi trin khai cc mng VPN
l cc thit b CPE. Mi nh cung cp cn phi chc chn rng tt c cc
CPE s hot ng tng thch vi nhau. Gii php n gin v hiu qu
nht l s dng cng mt loi CPE trong mi vng, tuy nhin, iu ny
khng phi bao gi cng thc hin c do nhiu yu t khc nhau. Tuy
ngy nay s tng thch khng phi l mt vn ln nhng n vn cn
phi c quan tm khi hoch nh mt gii php mng IPSec VPN.
Chng 3. MPLS VPN
- 50 -
3.7.2 MPLS VPN
Hnh 3.11 MPLS VPN
Cc mng MPLS VPN khng s dng hot ng ng gi v m ha

gi tin t c mc bo mt cao. MPLS VPN s dng bng chuyn
tip v cc nhn to nn tnh bo mt cho mng VPN. Kin trc mng
loi ny s dng cc tuyn mng xc nh phn phi cc dch v VPN,
v cc c ch x l thng minh ca MPLS VPN lc ny nm hon ton
trong phn li ca mng.
Mi VPN c kt hp vi mt bng nh tuyn - chuyn tip VPN
(VRF) ring bit. VRF cung cp cc thng tin v mi quan h trong VPN
ca mt site khch hng khi c ni vi PE router. i vi mi VRF,
thng tin s dng chuyn tip cc gi tin c lu trong cc bng nh
tuyn IP v bng CEF. Cc bng ny c duy tr ring l cho tng VRF
nn n ngn chn c hin tng thng tin b chuyn tip ra ngoi mng
VPN cng nh ngn chn cc gi tin bn ngoi mng VPN chuyn tip vo
cc router bn trong mng VPN. y chnh l c ch bo mt ca MPLS
VPN. Bn trong mi mt MPLS VPN, c th kt ni bt k hai im no
vi nhau v cc site c th gi thng tin trc tip cho nhau m khng cn
thng qua site trung tm.
Chng 3. MPLS VPN
- 51 -
Cc CE khng i hoi chc nng VPN v h tr IPSec. iu ny c

ngha l khch hng khng phi chi ph qu cao cho cc thit b CE.
Tr trong mng c gi mc thp nht v cc gi tin lu chuyn
trong mng khng phi thng qua cc hot ng nh ng gi v m ha.
S d khng cn chc nng m ha l v MPLS VPN to nn mt mng
ring.
Vic to mt mng y (full mesh) VPN l hon ton n gin v
cc MPLS VPN khng s dng c ch to ng hm. V vy, cu hnh
mc nh cho cc mng MPLS VPN l full mesh, trong cc site c ni
trc tip vi PE v vy cc site bt k c th trao i thng tin vi nhau
trong VPN.
Hot ng khai thc v bo dng cng n gin hn trong mng
MPLS-VPN.
3.8 Tng kt chng
Ngy nay, cng ngh thng tin ngy cng pht trin, d liu truyn qua mng
rt l ln v nhu cu bo mt d liu lun i km. la chn mt gii php thch
hp, sao cho p ng c nhu cu cng vic, m phi m bo c tnh bo mt,
linh ng v c gi thnh hp l th khng phi l mt vn n gin.
Cc vn nan gii trn s c gii quyt bng gii php VPN. V vy, Qua
chng ny c th nm r cc thnh phn v cch hot ng ca MPLS VPN.
MPLS VPN gip qu trnh truyn d liu nhanh, an ton. Trong mang MPLS VPN
router li ca nh cung cp dch v khng bit n nh tuyn VPN ca khch hng,
d dng cho vic m rng quy m mng.
Chng 4. Thc nghim
- 52 -
CHNG 4. THC NGHIM

Ci t m hnh MPLS VPN n gin
Hnh 4.1 M hnh thc nghim MPLS VPN

M t yu cu:
Cu hnh MPLS domain gia PE01, P, PE02
Cu hnh BGP AS 1 gia PE01, PE02
Trn PE01 to vrf A1, B1 tng ng vi mi router A1, B1
Trn PE02 to vrf A2, B2 tng ng vi mi router A2, B2
Cu hnh:
Site A1 c th kt ni vi site A2, site B2
Site A2 ch c th kt ni c ti site A1
Site B1 ch c th kt ni c vi site B2
Site B2 c th kt ni c vi site B1, A1
Chng 4. Thc nghim
4.1 Cu hnh
4.1.1 Cu hnh router A1:
hostname A1
!
ip cef
ip audit po max-events 100
!
interface Loopback0
ip address 10.10.10.10 255.255.255.0
!
interface Serial1/0
ip address 192.168.1.2 255.255.255.0
serial restart-delay 0
!
router rip
version 2
network 10.0.0.0
network 192.168.1.0
no auto-summary
!
End
4.1.2 Cu hnh router B1:
hostname B1
!
ip cef
!
interface Loopback0
- 53 -
Chng 4. Thc nghim
ip address 20.20.20.20 255.255.255.0

!
interface Serial1/0
ip address 192.168.2.2 255.255.255.0
!
router rip
version 2
network 20.0.0.0
network 192.168.2.0
no auto-summary
!
End
4.1.3 Cu hnh router PE01:
hostname PE01
!
ip vrf A1
rd 1:100
route-target export 1:100
route-target import 1:100
!
ip vrf B1
rd 1:200
!
ip cef
- 54 -
Chng 4. Thc nghim
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface Serial1/0
ip vrf forwarding A1
ip address 192.168.1.1 255.255.255.0
!
interface Serial1/1
ip vrf forwarding B1
ip address 192.168.2.1 255.255.255.0
!
interface Serial1/2
ip address 192.168.3.1 255.255.255.0
mpls label protocol ldp
tag-switching ip
!
router eigrp 100
network 1.0.0.0
network 192.168.3.0
no auto-summary
!
router rip
version 2
!
address-family ipv4 vrf B1
- 55 -
Chng 4. Thc nghim
redistribute bgp 1 metric transparent

network 192.168.2.0
no auto-summary
exit-address-family
!
address-family ipv4 vrf A1
network 192.168.1.0
no auto-summary
exit-address-family
!
router bgp 1
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 1
neighbor 2.2.2.2 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 next-hop-self
neighbor 2.2.2.2 send-community both
exit-address-family
!
redistribute rip
no auto-summary
no synchronization
exit-address-family
- 56 -
Chng 4. Thc nghim
!
redistribute rip
no auto-summary
no synchronization
exit-address-family
!
End
4.1.4 Cu hnh router P:
hostname P
!
ip cef
!
interface Loopback0
ip address 3.3.3.3 255.255.255.0
!
interface Serial1/0
ip address 192.168.3.2 255.255.255.0
tag-switching ip
!
interface Serial1/1
ip address 192.168.4.1 255.255.255.0
tag-switching ip
- 57 -
Chng 4. Thc nghim
!
router eigrp 100
network 3.0.0.0
network 192.168.3.0
network 192.168.4.0
no auto-summary
!
End
4.1.5 Cu hnh router PE02:
hostname PE02
!
ip vrf A2
rd 1:100
!
ip vrf B2
rd 1:200
!
ip cef
!
interface Loopback0
ip address 2.2.2.2 255.255.255.0
!
interface Serial1/0
- 58 -
Chng 4. Thc nghim
ip address 192.168.4.2 255.255.255.0

tag-switching ip
!
interface Serial1/1
ip vrf forwarding A2
ip address 192.168.5.1 255.255.255.0
!
interface Serial1/2
ip vrf forwarding B2
ip address 192.168.6.1 255.255.255.0
!
router eigrp 100
network 2.0.0.0
network 192.168.4.0
no auto-summary
!
router rip
version 2
!
network 192.168.6.0
no auto-summary
exit-address-family
!
- 59 -
Chng 4. Thc nghim

network 192.168.5.0
no auto-summary
exit-address-family
!
router bgp 1
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 1
neighbor 1.1.1.1 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 next-hop-self
neighbor 1.1.1.1 send-community both
exit-address-family
!
redistribute rip
no auto-summary
no synchronization
exit-address-family
!
redistribute rip
no auto-summary
no synchronization
- 60 -
Chng 4. Thc nghim
exit-address-family
!
End
4.1.6 Cu hnh router A2:
hostname A2
!
ip cef
!
interface Loopback0
ip address 30.30.30.30 255.255.255.0
!
interface Serial1/0
ip address 192.168.5.2 255.255.255.0
!
router rip
version 2
network 30.0.0.0
network 192.168.5.0
no auto-summary
!
End
- 61 -
Chng 4. Thc nghim
4.1.7 Cu hnh router B2:

hostname B2
!
ip cef
!
interface Loopback0
ip address 40.40.40.40 255.255.255.0
!
interface Serial1/0
ip address 192.168.6.2 255.255.255.0
!
router rip
version 2
network 40.0.0.0
network 192.168.6.0
no auto-summary
!
End
- 62 -
Chng 4. Thc nghim
- 63 -
4.2 Thng tin nh tuyn

4.2.1 Thng tin nh tuyn ca A1
Hnh 4.2 Thng tin nh tuyn ca A1
4.2.2 Thng tin nh tuyn ca A2
Hnh 4.3 Thng tin nh tuyn ca A2
Chng 4. Thc nghim
- 64 -
4.2.3 Thng tin nh tuyn ca B1
Hnh 4.4 Thng tin nh tuyn ca B1
4.2.4 Thng tin nh tuyn ca B2
Hnh 4.5 Thng tin nh tuyn ca B2
Chng 4. Thc nghim
- 65 -
4.2.5 Thng tin nh tuyn ca PE01
Hnh 4.6 Thng tin nh tuyn ca PE01
4.2.6 Thng tin nh tuyn ca PE02
Hnh 4.7 Thng tin nh tuyn ca PE02
Chng 4. Thc nghim
- 66 -
4.2.7 Thng tin nh tuyn ca P
Hnh 4.8 Thng tin nh tuyn ca P
4.3 Kim tra

Kim tra LDP nhn mt nhn ca nhng mng con v cc interface
loopback ca cc router core cha
Hnh 4.9 show mpls ldp bindings PE01
Chng 4. Thc nghim
- 67 -
Hnh 4.10 show mpls ldp bindings P
Hnh 4.11 show mpls ldp bindings PE02
Bng LFIB
Hnh 4.12 bng LFIB trn PE01
Chng 4. Thc nghim
- 68 -
Hnh 4.13 bng LFIB trn P
Hnh 4.14 bng LFIB trn PE02
Bng nh tuyn vrf
Hnh 4.15 bng nh tuyn vrf A1 trn PE01
Chng 4. Thc nghim
- 69 -
Hnh 4.16 bng nh tuyn vrf A2 trn PE02
Hnh 4.17 bng nh tuyn vrf B1 trn PE01
Chng 4. Thc nghim
- 70 -
Hnh 4.18 bng nh tuyn vrf B2 trn PE02

Ping kim tra xem cc mng thng vi nhau cha
Hnh 4.19 A1 ping A2
Hnh 4.20 B1 ping B2
Hnh 4.21 A1 ping B2
- 71 -
C
PHN KT LUN
Phn kt lun
Theo nhng yu cu ca kha lun tt nghip, th ti t c nhng ni

dung c bn lin quan n vn MPLS VPN. u tin l gip ngi c c c
ci nhn tng quan v VPN, ng thi lun vn cng gii thiu v cng ngh mi
ang c a chung hin nay l MPLS, mt cng ngh kt hp gia nh tuyn tt
mng bin v chuyn gi nhanh trong mng li. Mt trong s nhng ng dng
quan trng ca MPLS l MPLS VPN. Lun vn i su vo nghin cu MPLS VPN
gip cho vic bo mt thng tin gia cc site ca khch hng khi truyn qua mng.
Vic trin khai MPLS VPN kt hp c u im ca 2 m hnh overlay VPN
v peer-to-peer VPN ng thi k tha c nhng u im ca cng ngh MPLS.
Vi nhng th mnh v mt bo mt, tnh mm do khi trin khai, cht lng
ng truyn... v c bit l u th v gi c.
Vi mng ring o da trn MPLS cc doanh nghip, t chc hon ton c th
t c cc mc tiu ca mnh nh: iu khin nhiu hn trn h tng mng, c
c dch v hiu nng v tin cy tt hn, cung cp a lp dch v ti ngi s
dng, m rng an ton, m bo hiu nng p ng theo yu cu ca ng dng, h
tr hi t a cng ngh v a kiu lu lng trn cng mt mng n. Nh u im
vt tri ca cht lng dch v qua mng IP v l phng n trin khai VPN mi
khc phc c nhiu vn m cc cng ngh ra i trc n cha gii quyt
c, MPLS thc s l mt la chn hiu qu trong trin khai h tng thng tin
doanh nghip.
Hng m rng ca lun vn: MPLS VPN l mt ti rt hay v rng ln.
Ngoi nhng vn cp trong lun vn, cn rt nhiu nhng vn khc v
MPLS nh: cht lng dch v, iu khin lu lng, chuyn mch bc song a
giao thc MLS, p dng tng chuyn mch nhn vo chuyn mch quang, khi
cc bc sng quang nh l nhn. Nhng vn trn cng l hng m rng
ti ca nhm em.
Trong thi gian lm lun vn nhm em c gng tm hiu ti lun vn ca
mnh. Tuy nhin, do trnh cn hn ch nhm em mi ch tm hiu c mt phn
nho ca cng ngh MPLS l MPLS VPN. V vy, lun vn ny s khng th trnh
- 72 -
Phn kt lun
khoi thiu st v hn ch, nhm em mong nhn c mi kin ng gp ca cc

thy c v cc bn quan tm n vn ny. Xin trn trng cm n!
- 73 -
TI LIU THAM KHO
TI LIU THAM KHO
[1]. TS.Trn Cng Hng, chuyn mch nhn a giao thc MPLS, nh xut bn
thng tin v truyn thng, 7/2009
[2]. Brian Morgan v Neil Lovering, CCNP ISCW Ofcial Exam Certication
Guide, Cisco Press
[3]. Jim CCIE #2069 Guichard v Ivan CCIE #1354 Pepelnjak, MPLS and VPN
Architectures, Cisco Press
[4]. Dng Vn Ton, MPLS Lab Guide Version 1.0 (MPLS - Multiprotocol Label
Switching), vnexperts, 9/2008
[5]. ng Quang Minh, CCNA labpro, nh xut bn tr, 2008
[6]. Munther Louis Antoun, mpls vpn configuration and design guide
[7]. Trn Th T Quyn, Chuyn mch nhn a giao thc
[9]. http://www.vnpro.org/forum
[10]. http://my.opera.com/huyhung.hanu/blog/
[11].http://ties.itu.int/ftp/public/itut/ahtmpls/readandwrite/doc_exchange/0802_gene
va/wd16-mpls-data-and-control-plane.txt
[12]. http://www.tapchibcvt.gov.vn
- 74 -

Tim Hieu Ve MPLS VPN Va Cai Dat Thuc Nghiem

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Tim Hieu Ve MPLS VPN Va Cai Dat Thuc Nghiem

Uploaded by

Copyright:

Available Formats

B GIO DC V O TO

TRNG I HC S PHM K THUT TP. H CH MINH

KHA LUN TT NGHIP

SINH VIN THC HIN : L DIN TM

GIO VIN HNG DN : KS. HUNH NGUYN CHNH

TP. H CH MINH 2010

I HC S PHM K THUT TP.H CH MINH CNG HA X HI CH NGHA VIT NAM

NHIM V THC HIN KHA LUN TT NGHIP

Chuyn ngnh: Mng my tnh v vin thng.

Ni dung thc hin:

GING VIN HNG DN

NHN XT CA GIO VIN HNG DN

KS. Hunh Nguyn Chnh

NHN XT CA GIO VIN PHN BIN

ThS. inh Cng oan

NHN XT CA HI NG PHN BIN

Nhm em xin chn thnh cm n thy Hunh Nguyn Chnh hng dn

DANH MC HNH MINH HA

DANH MC HNH MINH HA

DANH MC HNH MINH HA

DANH MC HNH MINH HA

DANH SCH T VIT TT

DANH SCH T VIT TT

Asynchronous Transfer Mode

Border Gateway Protocol

Broadband Integrated Services Digital Network

Cisco Express Forwarding

Classless Interdomain Routing

Cell Loss Priority

Customer Premise Equipment

Cell switch router

data link connection identifier

External Border Gateway Protocol

Exterior Gateway Protocol

Enhanced Interior Gateway Routing Protocol

Fowarding Equivalent Class

Forwarding Information Base

DANH SCH T VIT TT

Generic Flow Control

High Level Data Link Control

Header error check

Internal Border Gateway Protocol

Internet Control Message Protocol

Interior Gateway Protocol

Internet protocol security

Integrated Services Digital Network

Internet Service Providers

Label Distribute Protocol

Label Edge Router

Label Forwarding Information Base

Label Information Base

Label Switched Path

Label Switch Router

Media Endpoint Discovery

DANH SCH T VIT TT

Multiprotocol Label Switching

Maximum Transmission Unit

Non-Broadcast Multiple Access

Next Generation Network

Open Systems Interconnection

Open Shortest Path First

Point to Point Protocol

permanent virtual circuit

Routing Information Base