Professional Documents
Culture Documents
net/publication/3200064
CITATIONS READS
20 90
4 authors, including:
Piotr Pacyna
AGH University of Science and Technology in Kraków
45 PUBLICATIONS 247 CITATIONS
SEE PROFILE
Some of the authors of this publication are also working on these related projects:
All content following this page was uploaded by Isaias Martinez-Yelmo on 18 November 2012.
site L2VPN. This is the context where P2MP (ERO). Thus, each branch will have its own
LSPs may save bandwidth for the SP at the cost identifier (S2L-ID) that is associated with its A fundamental
of a significant increase of forwarding state in own ERO, as explained before. The purpose of
functionality required
core routers. As we shall review, experts have the route objects is the following:
surrendered to the evidence that only an intelli- • ERO: This object defines the main branch of a to take advantage of
gent aggregation of multiple VPNs into the same tree or subtree in a P2MP MPLS tree when multicast in the
multicast/broadcast tree can yield important used in an RSVP-TE Path message. It contains
bandwidth savings at a reasonable cost. How this the source routed LSP path from a source network core is the
partition and assignment of VPNs to trees should node to the leaf, and the distance from the ability to set up and
be made is an open research issue, given the router sending the object to the leaf. An ERO
use point-to-
diversity of topologies, traffic, and sites of differ- object is represented by ERO [R1, R2, …, Rn],
ent VPNs and backbone networks. On the other where Rn is the nth router in the path. multipoint label-
hand, high-rate flows may justify the setup of • Secondary ERO (SERO): This object signals based forwarding
group-membership-aware multicast trees to avoid the secondary branches of a P2MP tree when
traffic in nodes not leading to group receivers. used in an RSVP-TE Path message. Since entries. There are
The rest of this article is organized as follows. each node is aware of building a tree with a two protocols
We describe how to build P2MP trees in an set of EROs, there is no need to include the
defined by the IETF
MPLS network suitable for arbitrary aggregation whole path from the root to the target leaf
of VPN trees. We present the problem of how to in each SERO object. This implicit sharing to build LSPs in
bundle and share multipoint LSPs in a scalable of subpaths to nodes gives a certain level of MPLS networks:
way and the techniques being developed in the compression. A SERO object is described by
Internet Engineering Task Force (IETF) for this SERO [R1, R2, …, Rn]. RSVP-TE and LDP.
purpose. We explore the trade-off of state vs. Apart from the ERO and SERO there are
bandwidth in the particular multicast VPN con- also a record route object (RRO) and a sec-
text. We draw a few practical conclusions and ondary RRO (SRRO), which are used for route
suggest directions for future work. recording purposes [4]. An example of the sig-
naling procedure with the use of ERO and
SERO objects is shown in Fig. 1. Router A is
SIGNALING POINT-TO-MULTIPOINT the root of the P2MP tree and has to send a
Path message with objects that specify the
MPLS LSPS branches to the three leaves C, E, and F. One
A fundamental functionality required to take path is chosen as primary (B-D-F in Fig. 1), and
advantage of multicast in the network core is the the others stem from this to build the tree. Once
ability to set up and use P2MP label-based for- the P2MP tree has been signaled from the root
warding entries. There are two protocols defined to the leaves, the tree is traversed back hop by
by the IETF to build LSPs in MPLS networks: hop from the leaves to the root by Resv mes-
Resource Reservation Protocol with Traffic sages, as depicted in the figure.
Engineering (RSVP-TE) and Label Distribution Branching nodes just add forwarding entries
Protocol (LDP). Both can be extended to sup- (output interface and label) for the same P2MP-
port P2MP LSPs [2–4]. ID. It is foreseen that multipoint LSPs can also
RSVP-TE builds the P2MP trees from the take advantage of multipoint/broadcast capabili-
root to the leaves, whereas LDP builds the trees ty at the link layer, if available.
from the leaves to the root. In the case of IP In the example, multicast MPLS frames could
multicast trees, LDP is intended to build the be sent by router D and shared by routers E and
LSP following the IP multicast routing protocol. F if both have configured the same label for the
However, since all the solutions developed for tree. This could be achieved by allowing
scalable VPN multicast services are based on upstream routers to assign labels as in GMPLS
traffic engineered multi-VPN tree sharing, [5]. This point is being standardized [6, 7].
RSVP-TE is a more suitable tree setup protocol Finally, it should be recalled that all RSVP-
for this purpose. In fact, RSVP-TE indeed allows TE signaling must be periodically refreshed
a tree to be constructed from a root router to a according to RSVP’s softstate design in order to
given set of leaf routers — in our case, the set of keep the tree up. A more detailed explanation of
provider edge (PE) routers serving the sites of this process can be found in [4].
all the VPNs that have been selected to share
the tree. This makes the LSP tree setup more
versatile but also more complex as the signaling MULTICAST AND
has to deal with explicit subtree descriptions. MPLS-BASED VPNS
Let us briefly describe P2MP trees set up in
an MPLS network using RSVP-TE as proposed One of the important applications contexts of
in RFC 4875 [4]. If a P2MP tree needs to be P2MP LSPs is the delivery of the MPLS-based
configured using RSVP-TE, it has to be explicit- VPN service. There are two main VPN services
ly defined from the root by means of a Path being designed at the IETF supported by an IP
message. This Path message contains a Session MPLS networks: L3VPN supplying a routed ser-
object with a tree identifier for each P2MP vice [8] and L2VPN that, when it emulates the
(P2MP-ID) tree and the explicit routes for the full multicast/broadcast capability characteristic
branches of each tree. Thus, the specification of of the broadcast multiple access segment, is
a tree in RSVP-TE is based on a set of sec- called virtual private LAN service (VPLS) [9].
ondary route objects (SROs), one per leaf, that The way they work is conceptually similar.
describe the branches stemming from the prima- Both try to keep the state in core routers bound-
ry path defined by an explicit route object ed by tunneling multiple VPNs on shared LSPs,
1
A 1 0 B C
E
outLabel outifaces 2
8 1
inLabel inifaces outLabel outifaces
3 1
8 0
4 2
0 1
Path(P2MP-ID, {S2L-ID=F, ERO[B, D, F]},
{S2L-ID=E, SERO[D, E]}, {S2L-ID=C, SERO[B, C]}) D F
Resv(P2MP-ID, L=7)
Resv(P2MP-ID, L=7)
Resv(P2MP-ID, L=4)
Resv(P2MP-ID, L=3)
Resv(P2MP-ID, L=8)
and both try to cope with identical scalability ported transparently through the network core)
problems using P2MP-based multicast. Conse- between the involved PEs. How this VPN-specif-
quently, the respective working groups have sug- ic information is conveyed depends on the sort of
gested parallel approaches, and the concepts VPN, layer 2 or 3. In the case of L3VPN it sim-
explained here are valid for both types of VPNs. ply consists of another MPLS label pushed by the
ingress PE before sending it over the generic car-
BGP MPLS-BASED VPNS rier LSP; this label is previously agreed on by
In a BGP MPLS-VPN the SP network is made both endpoints of the LSP. In the case of L2VPN
up with a number of label switching routers it requires additional encapsulation information
(LSRs), identified as provider (P) for core LSRs to enable the multiplexing of different L2 tech-
and PE for routers interfacing with customer nologies. Once the VPN and the origin of the
edge (CE) devices (a router or switch located at incoming PDUs is properly identified at the
user premises) (Fig. 2). egress PE, its forwarding must be based on its
If the MPLS network is configured for full particular private forwarding table. To construct
mesh connectivity between PEs, a set of possibly these private tables, routing (L3VPN) or bridging
merging LSPs are supposed to have been auto- (L2VPN) information of a given VPN is dis-
matically established from any PE to any other tributed only to the PEs involved in the forward-
PE in the network following the shortest paths ing. One option to control this exchange is the
with the help of LDP. A key idea of the MPLS Border Gateway Protocol (BGP). This is a more
concept is that the egress PE for a packet, or Eth- natural solution for L3VPN [8], as BGP was
ernet frame in the case of L2VPN, is implicitly designed to deliver route information rather than
determined by the label the ingress PE sets on it, labeled LAN connectivity information. For exam-
and the forwarding is based on that outer label all ple, in RFC 4364, private routing information is
the way to the egress irrespective of its content. exchanged by PEs, by means of i-BGP, complete-
MPLS-based unicast VPN scalability is achieved ly isolated from other VPNs’ routing schemes
by tunneling all VPN traffic into preexisting LSPs. thanks to a Route-Distinguisher attribute, and its
Edge routers make use of these LSPs to traverse distribution and use is controlled by filtering on
the core by means of label stacking, and reach the the Extended Community attribute.
target egress PE irrespective of the VPN to which
the traffic belongs. This way, the addition of a MULTICAST SERVICE FOR VPNS
new VPN or a new VPN site does not imply an The extension of the existing L3VPN and L2VPN
increase of forwarding state in the core, only at architectures to multicast has been addressed by
the involved edge routers. Thus, VPN-specific the respective IETF working groups in [9, 10],
forwarding information is required only at PEs. keeping a similar position on the management of
Furthermore, all VPN-specific information multicast VPN traffic. The main issue is that,
carried by the MPLS frame is tunneled (trans- unlike in unicast VPNs, the implementation of
An effort to take
advantage of the
CE
P2MP functionality
for the VPN service is
underway at the
CE IETF. The pragmatic
VPN A
approach to deal
CE CE
VPN B
with the question is
P VPN B PE
PE to design procedures
PE
CE
DWDM
that can be either
VPN A PE Provider
P router
FTTx, xDSL
driven by the routing
ROOT
Inifc Label Operation Outifc
State and bandwidth saving zone
due to multicast forwarding 3 0 3 pop() -
20 IP 2 push(10) 1
IP 0 1 01
0 0 - 20
5 push(50) 0
20
IP 0 Inifc Label Operation Outifc
Inifc Label Operation Outifc Core routers (CRs)
swap(20) 1
1 1 swap(2) 0 2 0 10
swap(60) 2
60
1
Inifc Label Operation Outifc
20
2
IP
20
IP
20 swap(50) 1
IP
20
0 20 swap(40) 2
swap(30) 3
0 0
50
1 3
bandwidth waste due routers (DR)
20
2
1
2 IP
0
20
to tree aggregation
4
IP
20
20
IP
30
IP
0 0
IP
IP
IP
IP
VPN sites
VPN A site VPN B site VPN A site VPN B site VPN A site VPN B site VPN A site VPN B site
been performed in the core (at the P level). This routers’ capacity is not straightforward because
assumption is based on the observation of the the available scalability studies provide figures Although the actual
physical setup of links and nodes of a typical VPN for P2P TE LSPs [13], not for P2MP. It is not
SP, as described in Fig. 2. SPs usually have one or realistic to account for a multipoint forwarding topology of the
two P nodes per metropolitan area network entry n times with the same cost as a unicast network under study
(MAN) and tens of PEs located in districts within one. It requires more switching resources and has an impact on
the metropolitan area (often in local exchange almost n times faster memory. In this work a
premises). The idea is that, since wide area net- conservative cost equivalence of one P2MP for- the state-bandwidth
work (WAN) links are more expensive to main- warding entry to n P2P entries is adopted. tradeoff and on the
tain, the primary aggregation criterion should As an example, according to [13] practical
dictate to macroscopically bundle VPNs that are limits for TE P2P LSPs on a GSR Cisco-family resulting aggregation
in the best match sets of cities. Then, in order to router are 600 MPLS tunnel headends, up to gain, a generic
obtain conservative results and be less dependent 10,000 tunnel midpoints, with up to 5000 tailends topology has to be
on a concrete topology and VPN site distribution, per interface.
we have assumed that no intelligent allocation of Therefore, the number of headends is the first studied for a better
VPNs to aggregates is performed at PE level. In direct limiting factor on the amount of shared presentation of the
other words, VPN sites are randomly allocated to trees that can originate from a router. However,
PEs, and VPNs are randomly allocated to one of as shown later, tunnel midpoint limits may also methodology first.
the manually arranged aggregates according to a be reached at DRs for high-density VPNs.
uniform distribution. This yields an overestima- Although this technological limitation can be
tion that can be considered an upper bound for solved by adding more DRs to the network, it is
the required resources in a given scenario. important for proper network planning to under-
Although the actual topology of the network stand the way midpoint forwarding state behaves.
under study has an impact on the state-band- In particular, state reduction due to VPN
width trade-off and the resulting aggregation aggregation can reduce the cost of investment in
gain, a generic topology has to be studied for the additional router.
better presentation of the methodology first.
Individual case studies can be elaborated for BANDWIDTH SAVINGS
specific topologies with the use of the methodol- The overall bandwidth consumption can be com-
ogy presented in the article, and possibly with puted analytically and compared to the P2P case.
refinements or constraints specific for a particu- Assuming that the multicast and broadcast traf-
lar setup. Hence, the proposed analysis of band- fic of all VPNs is the same and normalized to 1,
width consumption and forwarding state can be the bandwidth consumed by unicast LSPs by the
based on a sample topology shown in Fig. 3. topology in Fig. 3 to support the multicast and
Larger networks would expand to the right and broadcast traffic of the VPNs is given by
left by increasing the degree of core nodes and
replication. The method is universal, and can be log 2 ( N )
BWLSP = K ⋅ N ⋅ M ⋅ 2 + M ∑ 2i −1 ⋅ (2i − 1) . (1)
adopted to study other topologies as well.
i =1
In Fig. 3 the unused redundant links, such as
backup links between the PEs and the core net- Equation 1 reflects the cost of replication of
work, are not depicted. The figure represents a a single packet originated at one of the leaves in
single tree shared by several VPNs in which only the topology in Fig. 3 and sending it to all other
VPNs A and B are shown. Hence, all the PEs leaves across the P2P VPNs. The first addend in
send VPN traffic to the root via a P2P LSP that is Eq. 1 is the cost of distribution over the DR-PE
replicated over the tree. Horizontal links represent links. The second addend is the cost of reaching
direct level local connectivity which is used for DRs.
analysis of the unicast traffic distribution. The net- On the other hand, if a P2MP tree is used to
work has a backbone of WAN core routers, which distribute the multipoint traffic for each VPN,
enhance the coverage by means of distribution the total bandwidth consumption is
routers (DRs) that provide service to a set of PE
log 2 ( N )
routers. According to a real MPLS network cited BWmLSP = K ⋅ 1 + log 2 ( N ) + ∑ 2i + M ⋅ N .
(2)
in [12], WAN connectivity and traffic distribution i =1
are usually performed by the same node, except in
large metropolitan areas. Nevertheless, in order to The addend 1 + log2 (N) is the cost of send-
keep the reference network homogeneous, DRs ing the packet from the PE to the root of the
are present in all subtrees, as either WAN core P2MP tree. The addend Σilog =1
2(N) 2i is the cost of
routers or PEs. Finally, the CE routers or switches distributing the traffic from the root to the DRs.
are served by PEs over point-to-point links. Finally, the addend M * N is the cost of dis-
In the example, the network is supposed to have tributing the traffic along all the PEs that have a
N DRs. Each DR supports L PEs. K VPNs are VPN site attached.
being served, with an average of M (M < L) sites per As VPN aggregation is performed, the only
DR. Each site of every VPN is connected to a PE. changing summand in Eq. 2 is the last one, which
At this point it is necessary to decide how mul- becomes Z * N, where Z(Z ≥ M) stands for the
ticast forwarding entries are accounted for and new average number of leaves that depend on a
how to measure used bandwidth for both a distri- DR in a P2MP LSP after allocating uniformly
bution based on unicast and multicast/broadcast. the K VPN trees into W shared trees (W ≤ K).
The increase of bandwidth usage comes from the
ACCOUNTING FOR FORWARDING STATE fact that when VPN A has no site in a PE where
The way multipoint forwarding entries have to another VPN B sharing the tree has a site, A
be accounted for and compared to current traffic over that DR-PE link is also considered
1.4
300000
250000
1.2
Red lines:bandwidth of P2P LSPs
200.000 Blue lines: Bandwidth of P2MP LSPs
1
150000
0.8
100.000
0.6
75000
0.4
50000
0.2
0
0 20 40 60 80 100 0 20 40 60 80 100
% of VPN trees set up (W/K*100) % of trees used in relation with the number of VPNs
useless. In this situation DRs support W * Z for- The amount of bandwidth consumed by P2P
warding entries. It must be noted that M ≤ Z ≤ L. LSPs for various densities of sites is shown in
red in Fig. 4a. The intersection point between
SIMULATION RESULTS the bandwidth consumed by P2P LSPs (red lines)
In order to estimate the benefits of deploying a and by P2MP trees (blue lines) of the same den-
shared tree, a simulation was run on a network sity of sites gives the minimum percentage of
supporting 1000 VPNs. The number of DR leaves trees that makes P2MP LSPs more effective than
was N = 8, and there were 20 PEs per DR. VPNs P2P LSPs. For instance, for a density of sites =
were allocated randomly to the pre-established 0.1, the amount of shared trees should be at
shared trees, and a number of VPN sites were uni- least 20 percent of the number of VPNs. Thus,
formly assigned to PEs. Since this latter variable is 100 percent means that there are no sharing
quite relevant, an additional parameter called den- trees (i.e., there is one tree per VPN).
sity of sites was introduced to denote the fraction The cost in terms in forwarding entries, esti-
of PEs that have at least one site of a given VPN mated as previously discussed, at DRs is shown
attached. It is assumed that all VPNs have the in Fig. 4b. The graphic shows that for high den-
same density. The value of W ranged from 1 (a sities, the state space savings obtained due to
single shared tree for all the VPNs) to 1000 (a aggregation is larger than at low densities. Fur-
P2MP tree per VPN). On each iteration, the value thermore, regarding absolute values, it can be
of Z is calculated by randomly grouping different seen that forwarding states at DRs should be
VPNs to a shared tree and obtaining all the PEs checked carefully when designing multicast-sup-
that belong to any of the grouped VPNs in a DR. porting MPLS VPNs. Anyway, we recall that the
Matlab 7.0 was used to perform this simple task. aggregation of VPNs was performed randomly.
The results are shown in Fig. 4. In Fig. 4a, A more intelligent aggregation of VPNs should
bandwidth consumed by shared trees is plotted provide better results in saved bandwidth and
in blue for different tree sharing rates of the required forwarding entries. The graphic shows
served VPNs, showing the values for different almost a linear growth of the cost for high densi-
density of sites. It can be observed the way VPN ties, but also important savings in bandwidth
aggregation increases bandwidth consumption even with fairly small densities. As a conse-
with respect to the reference value defined when quence, it can be concluded that the deployment
a single tree per VPN is used. of aggregated multicast in VPNs is effective in a
For the same number of shared trees, better wide range of conditions even if the level of
performance is obtained when the density of aggregation imposed by the constrained nodes’
sites is higher because the probability of being memory is high.
attached to the same PEs increases. Further-
more, if the density of sites grows, the benefit of
including new shared trees is less significant
CONCLUSIONS AND FUTURE WORK
because with a few trees the consumed band- This article has reviewed the current practical
width is near the optimal value. approaches to a scalable implementation of multi-
cast VPN service over an IP-MPLS multiservice fic Engineering (RSVPTE) Extensions,” RFC 3473, Jan.
2003, updated by RFCs 4003, 4201, 4420; http://www.
network using P2MP trees. These proposals are ietf.org/rfc/rfc3473.txt The fraction of
based on the aggregation of traffic into shared trees [6] R. Aggarwal, Y. Rekhter, and E. Rosen, “MPLS Upstream
to manage the forwarding state vs. bandwidth sav- Label Assignment and Context Specific Label Space,”
multipoint-capable
ing trade-off when P2MP trees are used in MPLS. internet draft draft-ietf-mpls-upstream-label-02.txt, optical switches in a
Mar. 2007, work in progress.
The work presented also illustrates the nature [7] R. Aggarwal and J. L. L. Roux, “MPLS Upstream Label network and
of this problem and shows how MPLS traffic Assignment for RSVP-TE,” Internet draft draft-ietf-mpls-
engineering LSP trees can be used to alleviate it. rsvp-upstream- 01.txt, Mar. 2007, work in progress. wavelength assign-
The amount of wasted bandwidth depends heavily [8] E. Rosen and Y. Rekhter, “BGP/MPLS IP Virtual Private
Networks (VPNs),” RFC 4364, Feb. 2006; http://www.
ment constraints to
on the specific scenario and on intelligent assign- ietf.org/rfc/rfc4364.txt
ment of VPNs to shared trees for a target distri- construct light trees
[9] R. Aggarwal, Y. Kamite, and L. Fang, “Multicast in
bution of VPN sites over provider edges. The VPLS,” Internet draft draft-ietf-l2vpn-vpls-mcast-01.txt, will drive the
proposed methodology allows us to study the Mar. 2007, work in progress.
[10] E. C. Rosen and R. Aggarwal, “Multicast in MPLS/BGP distribution of VPNs
effect of aggregation by random shared tree allo- IP VPNs,” Internet draft draft-ietf-l3vpn-2547bis-mcast-
cation on a representative exemplary VPN net- 04.txt, Apr. 2007, iwork in progress.
bundles to trees. This
work model that should maintain most [11] G. Apostolopoulos and I. Ciurea, “Reducing the For- long-term issue is
characteristics of a production network. This anal- warding State Requirements of Point-to-Multipoint
ysis provides a practical upper bound on the cost Trees Using MPLS Multicast,” ISCC 2005 Proc., June one of the research
2005, pp. 713–18.
of P2MP MPLS trees and implied bandwidth sav- [12] E. Osborne and A. Simha, Traffic Engineering with topics under study
ings at different tree sharing rates for a target MPLS, ser. Networking Technology, Cisco Press, 2002;
within the IST
network size. This conservative estimate of http://www.ciscopress.com/bookstore/product.asp?isbn
=1587050315&rl=1 e-Photon/One project.
resources allows us to quantify the effect of aggre- [13] Cisco, “MPLS Traffic Engineering (TE) Scalability
gation and understand its behavior at different Enhancements,” 2003; http://www.cisco.com/univercd/
densities in order to provide guidance for MPLS cc/td/doc/product/software/ios120/120newft/120limit/12
VPN network design. 0st/120st14/scalable.htm
Many issues remain open. Today the alloca-
tion of a VPN to a shared tree is performed by BIOGRAPHIES
hand by setting the same root for VPN multicast ISAIAS MARTINEZ-YELMO [S ’04] (imyelmo@it.uc3m.es) received
trees that hold many common leaves (PEs). an M.Sc. in telecommunication engineering in 2003 from
Intelligent engineering of multicast traffic is University Carlos III de Madrid (UC3M) and an M.Sc. in
telematics in 2007 from University Carlos III de Madrid and
required to automatically perform this process, University Politecnica de Catalua, both in Spain. He is a
and the next few years will probably provide research and teaching assistant in telematics engineering
research results on methods and software tools. and Ph.D. student in telematics at University Carlos III de
Finally, adaptation to the implementation-spe- Madrid since 2004. His research activities are focused on
NGN networks and peer-to-peer overlay networks.
cific features of future optical multipoint-capable
optical switches and, after that, to the delivery of DAVID LARRABEITI [M ’96] (dlarra@it.uc3m.es) is a full profes-
multipoint labeled optical burst switching capa- sor of switching and networking architectures at UC3M. He
bilities is another area of future research. The got his M.Sc. and Ph.D. in telecommunications engineering
from University Politecnica de Madrid in 1991 and 1996,
fraction of multipoint-capable optical switches in respectively. From 1998 to 2006 he was an associate pro-
a network and wavelength assignment constraints fessor at UC3M and led a number of international research
to construct light trees will drive the distribution projects. His research interests include the design of the
of VPNs bundles to trees. This long-term issue is future Internet infrastructure, ultra-broadband multimedia
transport, and traffic engineering over IP-MPLS backbones.
one of the research topics under study within the At UC3M he is responsible for the e-Photon/ONe+ network
IST e-Photon/One project. of excellence on Optical Networking.