Fundamentos - MPLS - Presentacion PDF

Introduction to MPLS
BRKRST-1101
BRKRST-1101 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 1
Goals of This Session
Understand history and business drivers for MPLS

Learn about MPLS customer and market segments
Understand the p
problems MPLS is addressing
g
Understand benefits of deploying MPLS
Understand the major MPLS technology components
Learn the basics of MPLS technology
Understand typical applications of MPLS
Agenda
Introduction
MPLS Network Components
MPLS VPNs
MPLS Layer-3 VPNs
MPLS Layer-2 VPNs
MPLS QoS
MPLS Traffic Engineering
g g
MPLS Management
Summary
Introduction
The Business Drivers for MPLS
Why Multi Protocol Label Switching?
SP/carrier perspective
Reduce costs (CAPEX); consolidate networks
Consolidated network for multiple Layer-2/3 services
Support increasingly stringent SLAs
Handle increasing scale/complexity of IP-based services
Enterprise/end-user
/ perspective
Campus/LAN
N d ffor network
Need t k segmentation
t ti (users,
( applications,
li ti etc.)
t )
WAN connectivity (connecting enterprise networks)
Need for easier configuration of site-to-site
site to site WAN connectivity
What Is MPLS Technology?
It’s all about labels…

Use the best of both worlds
Layer-2 (ATM/FR): efficient forwarding and traffic engineering
L
Layer-3
3 (IP)
(IP): flflexible
ibl and
d scalable
l bl
MPLS forwarding plane
Use of labels for forwarding Layer-2/3 data traffic
Labeled packets are being switched instead of routed
Leverage layer-2 forwarding efficiency
MPLS control/signaling plane
Use of existing IP control protocols extensions + new protocols
to exchange label information
Leverage layer-3 control protocol flexibility and scalability
Evolution of MPLS
Evolved from tag switching in 1996 to full IETF

standard,
t d d covering i over 130 RFC RFCs
Key application initially were Layer-3 VPNs, followed by
Traffic Engineering
g g ((TE),), and Layer-2
y VPNs
MPLS Group Large Scale
MPLS VPN
Formally Chartered Deployment
Deployed
by IETF Cisco Ships AToM
MPLS TE
Cisco Calls a Cisco Ships Interprovider
BOF at IETF to MPLS (Tag TE Layer 2 Capabilities
Standardize Switching) Deployed Interworking
Tag Switching MPLS OAM
Bandwidth
Protection
1996 1997 1998 1999 2000 2001 2002 2003 2004+

Time
MPLS Customer Distribution
Total Cisco MPLS Customer Count Well Over 400
MPLS Customer Segments Geographic Customer Distribution

Japan
AsiaPac 2%
9%
Government
12%
Emerging European
Markets Markets
Service Provider 20% 42%
45%
Enterprise
43%
US and Canada
27%
Source: MPLS Tracker and Various Other Internal Cisco

Databases, Based on 2008 Data.
MPLS Enterprise Customer Segments
30
25 Financials, Transportation,
p and System
y
Integrators are currently biggest
e Customer Base
enterprise customer segments for MPLS

20
% of Tottal MPLS Enterprise
15
25
10 20
13 13
5 10
9
7
3 3 3
2 2
1 1 1 1 1
0
h
er
t
or
n
al
re
l
gy
IT
t
l
se
M
en
ia
ai
en
rc
tio
rin
at
nc
tic
id
at
ca
nc
et
er
en
al
m
ea
er
nm
ta
ov
C
ra
tu
gr
eu
R
lth
En
rn
na
in
ef
om
es
or
ac
su
te
Pr
er
te
ac
ta
ea
D
Fi
sp
uf
In
gl
ov
In
er
m
nt
I
H
n/
an
an
on
em
nt
G
ar
te
io
/E
Tr
on
Ph
at
st
ia
uc
Sy
ed
Ed
Enterprise Customer Segments M

Source: MPLS Tracker and Various Other Internal Cisco
Databases, Based on 2008 Data.
Enterprise MPLS Customers
Two types of enterprise customers for MPLS

technology
MPLS indirectly used as subscribed WAN service
Enterprise subscribes to WAN connectivity data service offered
by external service provider
Data connectivity
y service implemented
p by
y service p
provider via
MPLS VPN technology (e.g., layer-2 and layer-3 VPNs)
VPN service can be managed or unmanaged
MPLS used as part of self managed network

Enterprise deploys MPLS in it’s own network
E t
Enterprise
i manages it’
it’s own MPLS
MPLS-based
b d network
t k
Enterprise MPLS Drivers
Network segmentation
Network virtualization
Distributed application virtualization
Network realignment/migration
Consolidation of (multiple) legacy networks
Staged network consolidation after company merger/acquisition
Network optimization
Full-mesh and hub-and-spoke connectivity
Traffic Engineering (TE) for bandwidth protection
Business Drivers
Example Companies
Market Segment Business Drivers
and Organizations
Secure integration of
Investment/retail banks
external network of acquired
Financials Financial service firm
providers
Increased network reliability
Leverage common network
Transportation Airports infrastructure for multiple
airport
i t tenants
t t
Federal government Need for secure and cost

Government effective connectivity
Local State government between state agencies
MPLS Technology Framework
End-to-end Services
Layer-3 VPNs Layer-2 VPNs
MPLS Network Services
MPLS QoS MPLS TE MPLS OAM/MIBs
Core MPLS
MPLS Signaling
g g and Forwarding
g
Network Infrastructure
MPLS Technology Components
Basic Building Blocks of MPLS
MPLS Forwarding and Signaling
MPLS Label Forwarding and Signaling
Mechanisms
Layer-3 VPNs Layer-2 VPNs
Core MPLS
MPLS Signaling
g g and Forwarding
g
Basic Building Blocks
The big picture

MPLS-enabled network devices
Label Switched Paths (LSPs)
The internals
MPLS labels
Processing of MPLS labels
Exchange of label mapping information
F
Forwarding
di off labeled
l b l d packets
k t
Other related protocols and protocols to exchange label

information
Between MPLS-enabled devices
MPLS Network Overview
MPLS Domain
P P
CE PE PE CE
CE CE
PE P P PE
Label switched traffic
P (Provider)
(P id ) router
t = llabel
b l switching
it hi router
t = core router
t (LSR)
Switches MPLS-labeled packets
PE (Provider Edge) router = edge router (LSR)
I
Imposes and
d removes MPLS llabels
b l
CE (Customer Edge) router
Connects customer network to MPLS network
MPLS Label and Label Encapsulation
MPLS Label
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Label # – 20bits EXP S TTL-8bits
COS/EXP = Class of Service: 3 Bits; S = Bottom of Stack; TTL = Time to Live
MPLS Label Encapsulation

PPP Header
PPP Header Label Layer 2/L3 Packet
(Packet over SONET/SDH)
One or More Labels Appended to the Packet

(Between L2/L3 packet header and link layer header)
LAN MAC Label Header MAC Header Label Layer 2/L3 Packet
MPLS Label Operations
Label Imposition (Push) Label Swap Label Swap Label Disposition (PoP)
L1 L1 L2 L2 L3 L3
L2/L3 Packet
P P
CE PE PE CE
CE CE
PE P P PE
Label imposition (Push)

By ingress PE router; classify and label packets
Label swapping or switching

By P router; forward packets using labels; indicates service class and destination
Label disposition (PoP)

By egress PE router; remove label and forward original packet to destination CE
Forwarding Equivalence Class
Mechanism to map ingress layer-2/3 packets onto a Label
Switched Path (LSP) by ingress PE router
Part of label imposition (Push) operation
Variety of FEC mappings possible

IP prefix/host address
Groups of addresses/sites (VPN x)
Used for L3VPNs
Layer 2 circuit ID (ATM, FR, PPP, HDLC, Ethernet)
Used for Pseudowires (L2VPNs)
A bridge/switch instance (VSI)
Used for VPLS (L2VPNs)
Tunnel interface
Used for MPLS traffic engineering (TE)
Label Distribution Protocol
MPLS nodes need to exchange label information with each other
Ingress PE node (push operation)
Needs to know what label to use for a given FEC to send packet to neighbor
Core P node (swap operation)
Needs to know what label to use for swap operation for incoming
labeled packets
Egress PE node (pop operation)
Needs to tell upstream neighbor what label to use for specific FEC type LDP
used for exchange of label (mapping) information
Label Distribution Protocol (LDP)

Defined in RFC 3035 and RFC3036; updated by RFC5036
LDP is a superset of the Cisco-specific Tag Distribution Protocol
Note that,
that in addition LDP
LDP, also other protocols are being used for
label information exchange
Will be discussed later
For your
reference
Some More LDP Details only
Assigns, distributes, and installs (in forwarding) labels for

prefixes advertised by unicast routing protocols
OSPF, IS-IS, EIGRP, etc.
Also used for Pseudowire/PW (VC) signaling
Used for L2VPN control plane signaling
Uses UDP (port 646) for session discovery and TCP (port
646) for exchange of LDP messages
LDP operations
LDP Peer Discovery
LDP Session
S i E Establishment
t bli h t
MPLS Label Allocation, Distribution, and Updating MPLS forwarding
Information repositories used by LDP
LIB: Label Information Database (read/write)
RIB: Routing Information Database/routing table (read-only)
LDP Operations
LDP startup
MPLS Node A MPLS Node B
Local labels assigned LDP Control Plane
to RIB prefixes and Session Setup

stored in LIB RIB RIB
LIB LIB
Peer discovery and Label Binding
Exchange
session setup
Exchange of MPLS
l b l bi
label bindings
di LDP Interactions
I t
with
ti
MPLS Forwarding
Programming of
g
MPLS forwarding MPLS MPLS
Forwarding Forwarding
Based on LIB info CEF/MFI CEF/MFI
CEF/MFI updates
MPLS Control and Forwarding Plane
MPLS control plane
Routing
Used for distributing labels RIB Routing Updates/
and building label-switched Process Adjacencies
paths (LSPs)
Typically supported by LDP;
Label Binding
also supported via RSVP LIB MPLS Updates/
and BGP Process Adjacencies
Labels define destination
and service
MPLS forwarding plane
Used for label imposition,
swapping, and disposition MFI FIB
Independent of type of
control plane MPLS Traffic IP Traffic
Forwarding Forwarding
Labels separate forwarding
from IP address-based routing
IP Packet Forwarding Example
FIB
FIB FIB Address
I/F
Prefix
Address Address
I/F I/F
Prefix Prefix 128.89 0
128.89 1 128.89 0 171.69 1
171.69 1 171.69 1 …
… …
128.89
0
0 128.89.25.4 Data
1 128.89.25.4 Data
1
128.89.25.4 Data 128.89.25.4 Data
171 69
171.69
Packets Forwarded
Based on IP Address
(via RIB lookup)
Step 1: IP Routing (IGP) Convergence
MFI/FIB MFI/FIB MFI/FIB
In Address Out Out In Address Out Out In Address Out Out
Label Prefix I’face Label Label Prefix I’face Label Label Prefix I’face Label
128.89 1 128.89 0 128.89 0
171.69 1 171.69 1
… … … … … …
0 128.89
0
1
You Can Reach 128.89 Thru Me

You Can Reach 128.89 and 1
171 69 Thru Me
171.69
Routing Updates
You Can Reach 171.69 Thru Me 171 69
171.69
(OSPF EIGRP,
(OSPF, EIGRP …))
Step 2a: LDP Assigns Local Labels
- 128.89 1 4 128.89 0 9 128.89 0 -
- 171.69 1 5 171.69 1
… … … … … … … … … … … …
0 128.89
0
1
171 69
171.69
Step 2b: LDP Assigns Remote Labels
- 128.89 1 4 4 128.89 0 9 9 128.89 0 -
- 171.69 1 5 5 171.69 1 7
… … … … … … … … … … … …
0 128.89
0
1
Use Label 9 for 128.89

Use Label 4 for 128.89 and 1
Use Label 5 for 171
171.69
69
Label Distribution
Use Label 7 for 171.69 171 69
171.69
P t
Protocoll (LDP)
(Downstream Allocation)
Step 3: Forwarding MPLS Packets
- 128.89 1 4 4 128.89 0 9 9 128.89 0 -
- 171.69 1 5 5 171.69 1 7
… … … … … … … … … … … …
0 128.89
0
128.89.25.4 Data
1
9 128.89.25.4 Data
128.89.25.4 Data 4 128.89.25.4 Data 1
Label Switch Forwards

171 69
171.69
Based on Label
Summary Steps For MPLS Forwarding
Each node maintains IP routing information via IGP

IP routing table (RIB) and IP forwarding table (FIB)
LDP leverages IGP routing information

LDP label mapping exchange (between MPLS nodes)
takes place after IGP has converged
LDP depends on IGP convergence
Label binding information stored in LIB
O
Once LDP h has received
i d remote
t llabel
b l bi
binding
di
information MPLS forwarding is updated
Label bindings are received from remote LDP peers
MPLS forwarding via MFI
MPLS Network Protocols
MP-iBGP
OSPF, IS-IS,
P EIGRP, EIGRP P
CE PE PE CE
LDP, RSVP
CE CE
PE P P PE
IGP: OSPF, EIGRP, IS-IS on core facing and core links

RSVP and/or LDP on core and/or core facing links
MP-iBGP on PE devices (for MPLS services)
Label Stacking
More than one label can be used for MPLS packet encapsulation
Creation of a label stack
Recap: labels correspond to Forwarding Equivalence Class (FEC)

Each label in stack used for different purposes
Outer label always used for switching MPLS packets in network

Remaining inner labels used to specific services/FECs, etc.
Last label in stack marked with EOS bit
Outer Label
Allows building services such as TE Label
MPLS VPNs; LDP + VPN label LDP Label
Traffic engineering (FRR): LDP + TE label VPN Label
VPNs over TE core: LDP + TE + VPN label
Layer 2/3
I
Inner Label
L b l
Any transport over MPLS: LDP + PW label Packet Header
MPLS Core Architecture Summary
1a. Existing Routing Protocols (e.g. OSPF, IS-IS)
Establish Reachability to Destination Networks
1b. LDP Establishes
1b E t bli h Label
L b l to
t Destination
D ti ti 4. Edge LSR at
4
Network Mappings Egress Removes
Label and Delivers
Packet
2. Ingress Edge LSR Receives Packet,

Performs Layer 3 Value
Value-Added
Added
Services, and “Labels” Packets 3. LSR Switches Packets
Using Label Swapping
Summary
MPLS uses labels to forward traffic

More than one label can be used for traffic
encapsulation; multiple labels make up a label stack
Traffic is encapsulated with label(s) at ingress and at
egress labels are removed in MPLS network
MPLS network
t k consists
i t off PE router
t att ingress/egress
i /
and P routers in the core
MPLS control plane used for signaling label mapping
information to set up end-to-end Label Switched Paths
MPLS forwarding plane used for label imposition
(PUSH), swapping, and disposition (POP) operation
MPLS VPNs
Overview
End-to-End Data Connectivity Services Across
MPLS Networks (from PE to PE)
End-to-end Services
La er 3 VPNs
Layer-3 La er 2 VPNs
Layer-2
3 MPLS Signaling and Forwarding
What Is a Virtual Private Network?
VPN is a set of sites or groups which are allowed to communicate
with each other in a secure way
Typically over a shared public or private network infrastructure
VPN is defined by a set of administrative policies
Policies established by VPN customers themselves (DIY)
Policies implemented by VPN service provider (managed/unmanaged)
Different inter-site connectivity schemes possible
Ranging from complete to partial mesh, hub-and-spoke
Sites may be either within the same or in different organizations
VPN can be either intranet or extranet
Site may be in more than one VPN
VPNs may overlap
Not all sites have to be connected to the same service provider
VPN can span multiple providers
MPLS VPN Example
PE-CE PE-CE
Link Link
P P
CE PE PE CE
VPN
CE CE
PE P P PE
PE-CE
PE CE link
Connect customer network to SP network; layer-2 or layer-3
VPN
Dedicated secure connectivity over shared infrastructure
MPLS VPN Benefits
SP/carrier perspective
Reduce costs (CAPEX)
Leverage same network for multiple services and customers
Mi t llegacy networks
Migrate t k onto
t single
i l converged
d network
t k
Reduce costs (OPEX)
Easier service enablement; only edge node configuration
Enterprise/end-user perspective
Enables site/campus network segmentation
Allows for dedicated connectivity for users, applications, etc.
Enables easier setup of WAN connectivity
Easier configuration of site-to-site WAN connectivity (for
L3VPN and VPLS); only one WAN connection needed
MPLS VPN Options
MPLS VPN Models
Layer-2
y VPNs Layer-3
y VPNs
CPE connected to PE via IP-based connection
(over any layer-2 type)
Point-to-Point Multi-Point Static routing
g
Layer-2
L 2 VPN
VPNs Layer-2
L 2 VPN
VPNs PE-CE routing protocol; eBGP, OSPF, IS-IS
CEs peer with PE router
CPE connected to CPE connected to
PE via p2p Layer-2 PE via Ethernet PE routers maintain customer-specific routing
connection (FR, connection (VLAN) tables and exchange customer=specific routing
ATM) information
CEs peer with each
CEs peer with each other via Layer-3 VPN provider’s PE routers are part of
other (IP routing) fully/partial mesh customer routing
via p2p layer-2 VPN Layer-2 VPN
connection connection
CE-CE routing; no CE-CE routing; no
SP involvement SP involvement
MPLS Layer-3 VPNs
Technology Overview and Applications
MPLS L3 VPN Overview
Customer router (CE) has a IP peering connection with

PE/edge router in MPLS network
IP routing/forwarding across PE-CE link
MPLS VPN network responsible for distributing routing

information to remote VPN sites
MPLS VPN part of customer IP routing domain
MPLS VPNs enable full-mesh, hub-and-spoke, and

hybrid connectivity among connected CE sites
MPLS VPN service enablement in MPLS networks only
requires VPN configuration at edge/PE nodes
Connectivity in core automatically established via BGP signaling
MPLS L3 VPN Technology Components
PE-CE link
Can be any type of layer-2 connection (e.g., FR, Ethernet)
CE configured to route IP traffic to/from adjacent PE router
Variety of routing options; static routes, eBGP, OSPF, IS-IS
MPLS L3VPN control plane

Separation of customer routing via virtual VPN routing table
In PE router: customer I/Fs connected to virtual routing table
B t
Between PE routers:
t customer
t routes
t exchanged
h d via
i BGP
MPLS L3VPN forwarding plane

Separation of customer VPN traffic via additional VPN label
VPN label used by receiving PE to identify VPN routing table
Virtual Routing and Forwarding Instance
CE
VPN 1 VRF Green
PE
CE MPLS Backbone IGP
VPN 2
VRF Blue
Virtual Routing and Forwarding Instance (VRF)

Typically one VRF created for each customer VPN
on PE router
VRF associated with one or more customer interfaces
VRF has its own instance of routing table (RIB) and
forwarding table (CEF)
VRF has its own instance for PE-CE configured
routing protocols
VPN Route Distribution
VPN Route Exchange
Customer Customer
Route BGP RR Route
E h
Exchange E h
Exchange
P P
CE PE PE CE
VRF VRF
VPN 1
CE CE
VRF VRF
VPN 2
PE P P PE
Label switched traffic MP-iBGP Session
Full mesh of BGP sessions among all PE routers

Multi-Protocol BGP extensions (MP-iBGP)
Typically BGP Route Reflector (RR) used for improved scalability
VPN Control Plane Processing
BGP advertisement:
VPN-IPv4 Addr = RD:16.1/16
BGP Next-Hop = PE1
Route Target = 100:1
eBGP: Label=42
Label 42 eBGP:
16.1/16 No VPN Routes 16.1/16
IP Subnet P in core (P) nodes P IP Subnet
CE1 PE1 PE2 CE2
VRF
VPN 1 VRF
ip vrf Green
RD 1:100
route-target export 1:100
route-target import 1:100
Make Customer Routes Unique: Processing Steps:
Route Distinguisher (RD): 8-byte field, VRF 1. CE1 redistribute IPv4 route to PE1 via
parameters; unique value assigned by a eBGP.
provider to each VPN to make different VPN
routes unique 2. PE1 allocates VPN label for prefix learnt
from CE1to create unique VPNv4 route
VPNv4 address: RD+VPN IP prefix
Selective Distribute Customer Routes: 3. PE1 redistributes VPNv4 route into MP-
iBGP, it sets itself as a next hop and
Route Target (RT): 8-byte field, VRF relays VPN site routes to PE2
parameter unique value to define the
parameter,
import/export rules for VPNv4 routes 4. PE2 receives VPNv4 route and, via
processing in local VRF (green), it
MP-iBGP: advertises VPNv4*
prefixes + labels redistributes original IPv4 route to CE2.
VPN Forwarding Plane Processing
IGP VPNv4 IGP VPNv4 IGP VPNv4
IPv4 Label C Label IPv4 Label B Label IPv4 Label A Label IPv4 IPv4
IPv4 P1 P2 IPv4
CE1 Packet PE1 PE2 Packet
CE2
VRF
VPN 1 VRF
ip vrf Green
RD 1:100
route-target export 1:100
route-target import 1:100
Processing Steps:
1. CE2 forwards IPv4 packet to PE2.
2. PE2 imposes pre-allocated
pre allocated VPN label (learned via MP-IBGP)
MP IBGP) to IPv4 packet
received from CE2.
3. PE2 imposes outer IGP label (learned via LDP) and forwards labeled packet to
next-hop P-router P2.
4. P-routers P1 and P2 swap outer IGP label and forward label packet to PE1.
5. Router PE1 strips VPN label and forwards IPv4 packet to CE1.
Use Case 1: Traffic Separation
Requirement: Need to ensure data separation between Aerospace,
Cosmetics and Financial Services,
Services while leveraging a shared
infrastructure
Solution: Create MPLS VPN for each group
Remote Site 1
Central site - HQ VRF instances
created for each
group at the edge
Financial Cosmetics
Services
Aerospace Cosmetics Financial Services
VPN_Fin
VPN_Fin
VPN_Cos
VPN_Cos
VPN_Aero
MPLS Backbone
Remote Site 3 Remote Site 2
VPN_Aero
VPN_Cos
VPN_Fin
VPN Aero
VPN_Aero
Aerospace Financial
Cosmetics Aerospace
Services
Use Case 2: Network Integration
Requirement: Need to handle acquired (or divested) companies
Solution: Create MPLS VPN for each acquired company till
appropriate security policies are established
Central site - HQ Remote Site 1 & Acquired

Acquired Company
Company’s Site 2 maybe in
Site 1
the same physical location for
reduced access costs
Aerospace Cosmetics Financial Services

VPN_Acq
VRF instances Acquired Company
VPN_Fin
added for each Site 2
VPN_Cos
site of Acquired
VPN_Aero Company
VPN_Acq
Remote Site 2
MPLS Backbone Remote Site 1
VPN_Cos
VPN_Aero
VPN_Fin
VPN_Fin
Aerospace Financial Financial Cosmetics

Services Services
Use Case 3: Shared Access to Services
Requirement: To resell information (based on raw data) to other
companies
Solution: Enterprise needs to become an “Information Provider”.
Solution set similar to Service Providers—MPLS VPNs
Company “A”
A Company “B” B and Company “A”A
VRF instances Site 1 Site 2 maybe in the same physical
created for each location for reduced access costs
“subscriber”
“Information Provider XYZ”
company
Company “B”
VPN_A
VPN_A
VPN_B
MPLS Backbone VPN_B
Company “A”
VPN_A
Site 2
Company “A”A and Company “B” B access

“Information Provider XYZ” for analysis, reports, trends, etc.
Use Case 4: Simplify Hub Site Design
Requirement: To ease the scale and design of head-end site
Solution: Implement MPLS Layer 3 VPNs, which reduces the
number of routing peers of the central site
Without MPLS With MPLS
Central Site Central Site
Central site has high
number of routing Central site has
peers – creates a a single routing
complicated peer – enhancing
headend design head-end design
MPLS Backbone
Remote Sites Remote Sites
For your
reference
Enterprise Network Architecture only
Access
Distribution
Core
Internet
For your
reference
Enterprise Network Segmentation only
End-to-end
Distribution Core
C
Connectivity
ti it
VRF lite configured on VRF lite configured on
Device Separation: VRF
VRF-lite + 802.1Q distribution nodes core nodes
Data Path Separation:
VLANs VLAN mapping
pp g onto 802.1Q VLAN ID
802 1Q VLAN ID
802.1Q
VRFs mapping onto VRFs
VRF lite configured on

VRF-lite + GRE distribution nodes Core nodes forward IP End-to-end GRE tunnels
packets (GRE IP between distribution
tunnels VRFs associated with Packets)) nodes
GRE tunnels
End-to-end label
Layer-3 MPLS Distribution nodes
Core nodes forward switched paths (LSPs)
configured as PE routers
VPNs MPLS packets (via LFIB) between distribution
with VRF(s)
nodes (PE routers)
For your
reference
Option 1: VRF
VRF-lite
lite + 802.1Q only
Layer-2 access
No BGP or MPLS
L2
VRF-lite configured on core v v
and distribution nodes
MPLS labels substituted by
Layerr 3
802.1q tags end-to-end v v
Every link is a 802.1Q trunk

Many-to-many model v v
Restricted scalability v Multi-VRF
Typical for department VPN1 v v
L2
inter-connectivity VPN2
802 1Q
802.1Q
For your
reference
Option 2: VRF
VRF-lite
lite + GRE only
L2 access
No BGP or MPLS
L2
VRF-lite only configured v v
on distribution nodes
VLANs associated with
Layerr 3
end-to-end GRE tunnels
Many-to-One model
Restricted scalability
Typical for user
user-specific
specific v Multi-VRF
VPN connectivity VPN1 v v
L2
VPN2
GRE
For your
reference
Option 3: Layer-3
Layer 3 MPLS VPNs only
L2 access
Distribution nodes configured
L2
as PE routers with VRFs v v
MP-iBGP
MP iBGP between
distribution nodes
MPLS
MPLS packet forwarding
by core nodes
S
Many-to-nany model
High
g scalability
y
v VRF
VPN1 v v
L2
VPN2
MPLS Layer-3
Layer 3 VPN Summary
Provide layer-3 connectivity among CE sites via IP

peering (across PE-CE link)
Implemented via VRFs on edge/PE nodes providing
customer route and forwarding segmentation
BGP used for control plane to exchange customer VPN
(VPNv4) routes between PE routers
MPLS VPNs enable full-mesh, hub-and-spoke, and
hybrid IP connectivity among connected CE sites
L3 VPNs for enterprise network segmentation can also
be implemented via VRFs + GRE tunnels or VLANs
MPLS Layer-2
y VPNs
L2VPN Options
L2VPN Models
VPWS VPLS
Virtual Private Wire Service Virtual Private LAN Service
Point to Point Point to Multipoint
p
MPLS Core
L2TPv3 AToM Ethernet
IP Core MPLS Core
Ethernet Ethernet MPLS Layer-2

y VPNs
Frame Relay Frame Relay
ATM (AAL5 and Cell) ATM (AAL5 and Cell)
PPP and HDLC PPP and HDLC Any Transport over MPLS: AToM
Layer-2
Layer 2 VPN Overview
Any Transport over MPLS Architecture
Based on IETF’s Pseudo-Wire (PW) reference model
PW is a connection (tunnel) between 2 PE devices, which
connects 2 PW end-services
PW connects 2 Attachment Circuits (ACs)
Bi-directional (for p2p connections)
Use of PW/VC label for encapsulation
Customer2 Customer2
Site1 PWES PSN Tunnel PWES Site2
Pseudo Wires
Pseudo-Wires
Customer1 PE PE Customer1
Site1 Site2
PWES PWES
Emulated Layer-2 Service
AToM Technology Components
PE-CE link
Referred to as Attachment Circuit (AC)
Can be any type of layer-2 connection (e.g., FR, Ethernet)
AToM Control Plane

Targeted LDP (Label Distribution Protocol) session
Virtual Connection (VC)-label negotiation, withdrawal, error notification
AToM
AT M Forwarding
F di Plane
Pl
2 labels used for encapsulation + control word
Outer tunnel (LDP) label
To get from ingress to egress PE using MPLS LSP
Inner de-multiplexer (VC) label
To identifyy L2 circuit (p
(packet)) encapsulated
p within tunnel label
Control word
Replaces layer-2 header at ingress; used to rebuild layer-2 header at egress
AToM Control Plane Processing
4 Label Mapping Messages
5 5
3 LDP session
2 2
P P
CE1 PE1 PE2 CE2
Layer-2 Layer-2
Connection Connection
Processing Steps (for both P1 and P2):

1. CE1 and CE2 are connected to PE routers via layer-2 connections
2. Via CLI, a new virtual circuit cross-connect is configured, connecting
customer interface to manually provided VC ID with target remote PE
3. New targeted LDP session between PE routers established, in case one
d
does nott already
l d exist
i t
4. PE binds VC label with customer layer-2 interface and sends label-
mapping message to remote PE over LDP session
5. Remote PE receives LDP label binding message and matches VC ID
with local configured cross-connect
AToM Forwarding Plane Processing
Tunnel VC Tunnel VC Tunnel VC
L2 Label C Label L2 Label B Label L2 Label A Label L2 L2
Layer-2 P1 P2 Layer-2
CE1 Packet PE1 PE2 Packet
CE2
Processing Steps:
1. CE2 forwards layer-2 packet to PE2.
2. PE2 imposes VC (inner) label to layer-2 packet received from CE2 and
optionally a control word as well (not shown).
3. PE2 imposes tunnel outer label and forwards packet to P2.
4. P2 and P1 router forwards packet using outer (tunnel) label.
5. Router PE2 strips tunnel label and, based on VC label, layer-2 packet is
forwarded to customer interface to CE1, after VC label is removed
In case control word is used, new layer-2 header is generated first.
Use Case: L2 Network Interconnect
Requirement: Need to create connectivity between remote customer
sites currently interconnected via Frame Relay WAN connectivity
sites, connectivity.
Only point-to-point connectivity required.
Solution: Interconnect AToM PW between sites, enabling
transparent Frame Relay WAN connectivity.
VC1 – Connects DLCI 101
to DLCI 201
Directed LDP
Label Exchange for VC1 – Label 10
PE2
PE1 101 10 50 101 10 90
DLCI 201
DLCI 101
Neighbor
N i hb LDP–
LDP Neighbor
N i hb LDP–
LDP
CPE Router, Label 50 Label 90 CPE Router,
FRAD FRAD
MPLS
Backbone
Virtual Private LAN Service Overview
Site1 PE1 PE2 Site2

CE CE
MPLS
WAN
Site3
CE
Architecture for Ethernet Multipoint Services (EMS)

over MPLS
Emulates IEEE Ethernet bridge; VPLS network acts like
a virtual switch that emulates conventional L2 bridge
Fully meshed or hub-spoke topologies supported
VPLS Technology Components
PE-CE link
Referred to as Attachment Circuit (AC)
Ethernet VCs are either port mode or VLAN ID
VPLS Control Plane

Full mesh of targeted LDP sessions
Virtual Connection (VC)-label negotiation, withdrawal, error
notification
VPLS Forwarding Plane

Virtual Switching Instance: VSI or VFI (Virtual Forwarding
Instance)
VPN ID: Unique value for each VPLS instance
PWs for interconnection of related VSI instances
VPLS Overview
Full Mesh of Targeted-LDP Sessions
c a ge VC
Exchange C Labels
abe s
Attachment Circuit
n-PE n-PE
CE CE
PW
Tunnel LSP PW
CE CE
PW
CE CE
Red VSI Red VSI
Blue VSI Directed LDP Blue VSI
G
Green VSI S
Session
i Between
B t Green VSI
Participating PEs CE
Full Mesh of PWs
Between VSIs
Use Case: VPLS Network Interconnect
Requirement: Need to create full-mesh connectivity between
separate metro networks.
networks
Solution: Use VPLS to create transparent bridge layer-2 Ethernet
connectivity between ethernet networks.
Customer A1 Customer A1
CE11 PE1 PE2

L2 Metro L2 Metro CE12
Ethernet Ethernet
CE21 Carrier A Metro
M t Carrier A CE22
Backbone
Provider QinQ
VPLS VPN Name: VPLS

VPLS-
CarrierA
PE3 CE13
VPN ID: 1100
VCID: 1234
Metro Customer A1
Ethernet
Each PE points to other peer
Carrier
C i A CE23
PE’s loopback address
Layer-2
Layer 2 VPN Summary
Enables transport of any Layer-2 traffic over

MPLS network
Two types of L2 VPNs; AToM for point-to-point and
VPLS point
point-to-multipoint
to multipoint layer
layer-2
2 connectivity
Layer-2 VPN forwarding based on Pseudo Wires (PW),
which use VC label for L2 packet encapsulation
LDP used for PW signaling
AToM PWs suited for implementing transparent point-

point
to-point connectivity between Layer-2 circuits
AToM PWs suited for implementing transparent point-
to-multipoint connectivity between Ethernet links/sites
MPLS QoS
Q
MPLS Qos Support for Traffic Marking and
Classification to Enable Differentiated Services
3 Layer-3
y VPNs 3 Layer-2
y VPNs
Why MPLS QoS?
Typically different traffic types (packets) sent over

MPLS networks
E.g., Web HTTP, VoIP, FTP, etc.
Not all application traffic types/flows are the same …

Some require low latency to work correctly; e.g., VoIP
MPLS QQoS S used d ffor traffic

ffi prioritization
i i i i to guarantee
minimal traffic loss and delay for high priority traffic
Involves packet classification and queuing
MPLS leverages mostly existing IP QoS architecture

Based on Differentiated Services (DiffServ) model; defines per-
per
hop behavior based on IP Type of Service (ToS) field
MPLS QoS Operations
MPLS EXP bits used for packet classification and

prioritization instead of IP Type of Service (ToS) field
DSCP values mapped into EXP bits at ingress PE router
Most providers provide 3
3–5
5 service classes
Different DSCP <-> EXP mapping schemes
Uniform mode
mode, pipe mode
mode, and short pipe mode
MPLS DiffServ Marking IP DiffServ Marking

in Experimental Bits
EXP DSCP
Layer-2
Layer 2 Header MPLS Header Layer 3 Header
For your
reference
MPLS Uniform Mode only
End-to-end behavior: original IP DSCP value not preserved

At ingress PE, IP DSCP value copied in EXP value
EXP value changed in the MPLS core
At egress PE, EXP value copied back into IP DSCP value
CE CE
PE P P PE
MPLS MPLS
EXP 3 EXP 2
MPLS MPLS MPLS
EXP 3 EXP 3 EXP 2
IP IP IP IP IP IP
DSCP DSCP DSCP DSCP DSCP DSCP
3 3 3 3 2 2
For your
reference
MPLS Pipe Mode only
End-to-end behavior: original IP DSCP is preserved

At ingress PE, EXP value set based on ingress classification
EXP changed in the MPLS core
At egress PE, EXP value not copied back into IP DSCP value
CE CE
PE P P PE
MPLS MPLS MPLS

EXP 3 EXP 2 EXP 2
MPLS MPLS MPLS MPLS
EXP 3 EXP 3 EXP 3 EXP 2
IP IP IP IP IP IP
3 3 3 3 3 3
For your
reference
MPLS Short Pipe Mode only
End-to-end behavior: original IP DSCP is preserved

At ingress PE, EXP value set based on ingress classification
EXP changed in the MPLS core
At egress PE, original IP DSCP value used for QoS processing
CE CE
PE P P PE
MPLS MPLS
EXP 3 EXP 2
MPLS MPLS MPLS
EXP 3 EXP 3 EXP 2
IP IP IP IP IP IP
3 3 3 3 3 3
MPLS QoS Summary
MPLS QoS used for MPLS packet-specific marking and

classification
Based on EXP bits
Different schemes for mapping between IP

(ToS/DSCP) and MPLS packet (EXP) classification
At ingress and egress PE router
MPLS pipe mode mostly used; preserves end-to-end IP QoS
Enables traffic prioritization to guarantee minimal traffic

loss and delay for high priority traffic
Useful when packet loss and delay guarantees must be provided
f high
for hi h priority
i it ttraffic
ffi across MPLS network
t k
MPLS Traffic Engineering
g g
Traffic Engineering Capabilities for Bandwidth
Management and Network Failure Protection
3 Layer-3
y VPNs 3 Layer-2
y VPNs
3 MPLS QoS MPLS TE MPLS OAM/MIBs
Why Traffic Engineering?
Congestion in the network due to changing

t ffi patterns
traffic tt
Election news, online trading, major sports events
Better utilization of available bandwidth
Route on the non-shortest path
Route around failed links/nodes
Fast rerouting around failures, transparently to users
Like SONET APS (Automatic Protection Switching)
Build new services—virtual
services virtual leased line services
VoIP toll-bypass applications, point-to-point bandwidth
guarantees
Capacity planning
TE improves aggregate availability of the network
The Problem with Shortest-Path
Shortest Path
IP (Mostly) Uses Destination-Based Least-
Cost Routing Alternate Path Under Utilized
Node Next-Hop
Next Hop Cost Some links are DS3,
DS3 some are OC
OC-3
3
B B 10
Router A has 40M of traffic for
C C 10
router F, 40M of traffic for router G
D C 20
E B 20 Massive (44%) packet loss at router
F B 30 B→router E!
G B 30
Changing to A->C->D->E won’t help
Router B Router F
OC-3 OC-3
Router A Router E
DS3
Router G
OC-3
OC-3 DS3
Router C
DS3 Router D
How MPLS TE Solves the Problem
Router A sees all links
Node Next-Hop
Next Hop Cost
B B 10 Router A computes paths on
C C 10 properties other than just
D C 20 shortest cost; creation of 2
E B 20 t
tunnels
l
F Tunnel 0 30
G Tunnel 1 30 No link oversubscribed!
Router B Router F
OC-3 OC-3
Router A Router E
DS3
Router G
OC-3
OC-3 DS3
Router C
DS3 Router D
How MPLS TE Works
Link information distribution*
Head end
ISIS-TE
IP/MPLS OSPF-TE
Path calculation (CSPF)*

(CSPF)
Path setup (RSVP-TE)
Forwarding traffic
down tunnel
Auto-route
Static
Mid-point Tail end PBR
CBTS/PBTS
TE LSP
Forwarding adjacency
Tunnel select
* Optional
For your
reference
Link Information Distribution only
Additional link characteristics

Interface address IP/MPLS
Neighbor address
Physical bandwidth
Maximum reservable bandwidth
Unreserved bandwidth
(at eight priorities)
TE metric
ti
Administrative group (attribute flags)
IS-IS or OSPF flood link

information TE
Topology
TE nodes build a topology database
database
Not required if using off-line
path computation
BRKRST-1101 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public http://www.cisco.com/go/mpls 85
Path Calculation
Find shortest
path to R8
with 8Mbps TE nodes can perform
IP/MPLS constraint based routing
constraint-based
R1
Constraints and topology
15 3
5 R8 database as input to path
10
computation
t ti
10 8
10
Shortest-path-first algorithm
10
ignores links not meeting
constraints
TE
Tunnel can be signaled once a
Topology path is found
p
database
Not required if using offline
path computation
n Link
Li k with
ith insufficient
i ffi i t bandwidth
b d idth
n Link with sufficient bandwidth
For your
reference
TE LSP Signaling only
Tunnel signaled with TE

extensions to RSVP
Soft state maintained with Head end IP/MPLS
downstream PATH messages
S
Soft
f state maintained with
upstream RESV messages
New RSVP objects L=16
RESV Tail end
LABEL_REQUEST (PATH)
LABEL (RESV) PATH
EXPLICIT_ROUTE
RECORD_ROUTE (PATH/RESV) Input Out Label,
SESSION_ATTRIBUTE (PATH) Label Interface
17 16, 0
TE LSP
LFIB populated using
RSVP labels allocated by
RESV messages
MPLS TE FRR
FRR—Link
Link Protection
Router A Router B Router D Router E
Router X Router Y
Router C
Primary tunnel: A → B → D → E
Backup tunnel: B → C → D (preprovisioned)
Recovery = ~ 50 ms
*Actual Time Varies—Well Below 50 ms in Lab Tests,
Can Also Be Higher
Use Case 1: Tactical TE Deployment
Requirement: Need to handle scattered congestion points
in the network
Solution: Deploy MPLS TE on only those nodes that face
congestion
MPLS Traffic Engineering Bulk of Traffic Flow
Tunnel Relieves Congestion Points e.g. Internet Download
Internet
Service Provider
Backbone
Oversubscribed
Shortest Links
Use Case 2: 1-Hop
1 Hop Tunnel Deployment
Requirement: Need protection only—minimize packet loss lots of
bandwidth in the core
Solution: Deploy MPLS fast reroute for less than 50ms failover time
with 1-hop primary TE tunnels and backup tunnel for each
Service Provider
Backbone
VPN Site A Primary 1-Hop TE Tunnel

VPN Site B
Backup Tunnel
Physical Links
MPLS TE Summary
MPLS TE can be used to implement traffic engineering
to enable enhanced network availability,
availability utilization
utilization, and
performance
Enhanced network availability can be implemented via
MPLS TE Fast Re-Route (FRR)
Link, node, and path protection
Automatically route around failed links/nodes; like SONET APS
Better network bandwidth utilization can be implemented
via creation of MPLS TE tunnels using explicit routes
Route on the non-shortest path
MPLS TE can be used for capacity planning by creation
of bandwidth-specific tunnels with explicit paths through
the network
Bandwidth management across links and end-to-end paths
MPLS Management
g
MPLS Management Using SNMP MPLS MIB and
MPLS OAM Capabilities
3 Layer-3 VPNs 3 Layer-2 VPNs
3 MPLS QoS 3 MPLS TE MPLS OAM/MIBs
3 MPLS Signaling
g g and Forwarding
g
What’s
What s Needed for MPLS management?
What’s needed beyond the basic MPLS CLI?
CLI used for basic configuration and trouble shooting (show commands)
Traditional management tools:

MIBs to provide management information for SNMP
management applications (e.g., HPOV)
MIB cou
counters,
te s, Trap
ap notifications,
ot cat o s, etc
etc.
New management tools:

MPLS OAM -> for reactive trouble shooting
g
Ping and trace capabilities of MPLS label switched paths
Automated MPLS OAM -> for proactive trouble shooting

Automated LSP ping/trace via Auto IP SLA
For your
reference
MPLS Operations Lifecycle only
Build and plan the network

Capacity planning and resource
One-time Strategic Operations
monitoring
Exte
sed Operatiions
Monitor the network
ernal-Focus
Network Service
Node/link failure detection Configuration
and Planning
Configuration
and Planning
May impact multiple services
sed Operatio
ernal-Focus
Provision new services and
maintain existing services Network
Monitoring
Service
Monitoring
Edge/service node configuration Inte
ons
Monitor service Ongoing Tactical Operations
End-to-end monitoring
g
Linked to customer SLAs
MPLS MIBs and OAM
Management Feature Key Functionality
MPLS-LDP-STD-MIB LDP session status Trap notifications
MPLS MIBs MPLS-L3VPN-STD-MIB VRF max-route Trap notifications
MPLS-TE-STD-MIB TE Tunnel status Trap notifications
MPLS LSP Ping/Trace for LDP-based Validate end-to-end connectivity of LDP-

LSPs signaled
g LSPs
MPLS OAM Validate end-to-end connectivity of TE

MPLS LSP Ping/Trace for TE tunnels
tunnels
Discovery of all available equal cost LSP

LSP Multipath
p (ECMP)
( ) Tree Trace
paths between PEs
LDP Event Monitoring Using LDP Traps
Interface Shutdown (E1/0 on PE1) LDP Session Down (PE1 – P01)
Time = t: Received SNMPv2c Trap from pe1: Time = t: Received SNMPv2c Trap from pe1:
sysUpTimeInstance = 8159606 sysUpTimeInstance = 8159606
snmpTrapOID.0 = mplsLdpSessionDown snmpTrapOID.0 = mplsLdpSessionDown
mplsLdpSessionState.<index> = nonexistent(1) mplsLdpSessionState.<index> = nonexistent(1)
mplsLdpSessionDiscontinuityTime.<index> = 8159605
mplsLdpSessionStatsUnknownMesTypeErrors.<index>
i i = 0
mplsLdpSessionStatsUnknownMesTypeErrors.<index> = 0
mplsLdpSessionStatsUnknownTlvErrors.<index> = 0
ifIndex.5 = 5
ifIndex.5 = 5
Interface goes down LDP session goes down
Time = t+1: Received SNMPv2c Trap from pe1:
sysUpTimeInstance = 8159906 Time = t+1: Received SNMPv2c Trap from p01:
snmpTrapOID 0 = linkDown
snmpTrapOID.0 sysUpTimeInstance = 8160579
ifIndex.5 = 5 snmpTrapOID.0 = mplsLdpSessionDown
ifDescr.5 = Ethernet1/0 mplsLdpSessionState.<index> = nonexistent(1)
PE1
ifType.5 = ethernetCsmacd(6)
locIfReason.5 = administratively down
PE1
P1 P1
Time = t+2:LDP
Received
session SNMPv2c Trap from p01: ifIndex 5 = 5
ifIndex.5 LDP session
sysUpTimeInstance = 8160579
snmpTrapOID.0 = mplsLdpSessionDown
mplsLdpSessionState.<index> = nonexistent(1)
ifIndex.5 = 5
Validation of PE
PE-PE
PE MPLS Connectivity
Connectivity of LSP path(s) between PE routers can be

validated using LSP ping (ping mpls command via CLI)
pe1>ping mpls ipv4 10.1.2.249/32
Sending 5, 100-byte MPLS Echos to 10.1.2.249/32,
timeout is 2 seconds, send interval is 0 msec:
Codes: '!' - success, 'Q' - request not sent, '.' - timeout,

'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed
PE1 request, 'm' - unsupported tlvs, 'N' - no label
PE2entry,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
P1 P2
'R' - transit router, 'I' - unknown upstream index,
'X' - unknown return code
code, 'x' - return code 0
Type escape sequence to abort.

!!!!!
Success rate is 100 p
percent (
(5/5),
/ ), round-trip
p min/avg/max
/ g/ = 284/294/300
/ / ms
Automated MPLS OAM
Automatic MPLS OAM probes between PE routers
Automatic discovery of PE targets via BGP next-hop discovery
Automatic discovery of all available LSP paths for PE targets via LSP
multi-path trace
Scheduled LSP pings to verify LSP path connectivity
3 consecutive LSP ping failures result in SNMP Trap notification
PE1 - MPLS OAM Probe PE3
PE2 - MPLS OAM Probe
PE3 - MPLS OAM Probe
P1 P2
PE1 PE2
MPLS Management Summary
MPLS management operations include MPLS node and

service configuration, and monitoring
In addition to CLI, SNMP MIBs and OAM capabilities
are available for MPLS management
MPLS MIBs provide LDP, VPN, and TE management
information, which can be collected by SNMP tools
MIB counters, Trap notifications
Advanced MPLS management capabilities can be

implemented via MPLS OAM
LSP path discovery and connectivity validation
Proactive monitoring via automated MPLS OAM
Summaryy
Final Notes and Wrap Up
Summary and Key Takeaways
It’s all about labels…
Label-based forwarding and IP protocol extensions for label exchange
Best of both worlds…L2-type forwarding and L3 control plane
Key
K application
li ti off MPLS iis tto iimplement
l t VPN services
i
Secure and scalable layer 2 and 3 VPN connectivity
MPLS supports advanced traffic engineering capabilities

QoS, bandwidth control, and failure protection
MPLS is a mature technology

gy with widespread
p deployments
p y
Both SP and enterprise networks
Two types of MPLS users

Indirect (subscriber): MPLS used as transport for subscribed service
Direct (DIY): MPLS implemented in (own) SP or enterprise network
For your
reference
MPLS Applications only
Service Enterprise Data Data center EWAN

Providers Center interconnects Edge
L2/L3VPN s
L2/L3VPN’s
Key Features
s
VPN’s VPN’s / VRF’s VPN’s / VRF’s

TE/FRR
TE/FRR VRF-Aware Security VRF Aware Security
QoS
High Availability High Availability High Availability
High Availability
Hosted Data centers

Departmental
cations
Data center segmentation Disaster Recovery

interconnect Service multiplexing Internet Access
Vmotion support
Security
Applic
Segmentation for IT Branch Connectivity

Mergers, Acquisitions, Branch Interconnects
Mergers, spinoffs
Acquisitions, spinoffs
• Network Consolidation – Merging Multiple parallel network into a shared infrastructure

• Network segmentation – By user groups or business function
• • Service and policy centralization – Security policies and appliances at a central location
•
• New applications readiness – Converged multi-service
multi service network
•
• Increased network security – User groups segmentation with VPNs
•
•
Consider MPLS When…
There’s a need for network segmentation

Segmented connectivity for specific locations, users,
applications, etc.
Full mesh and hub
Full-mesh hub-and-spoke
and spoke connectivity
There’s a need for network realignment/migration

Consolidation of (multiple) legacy networks
Staged network consolidation after company merger/acquisition
There’s
There s a need for optimized network availability and
performance
Node/link protection, pro-active connectivity validation
Bandwidth traffic engineering and QoS traffic prioritization
Q and A
Cisco Live 2009 MPLS Sessions
More MPLS Topics Covered in Following Sessions:

BRKRST-2102 Deploying IP/MPLS VPNs
p y g MPLS Traffic Engineering
BRKRST-2104 Deploying g g
BRKRST-2105 Inter-AS MPLS Solutions
BRKRST-3101
BRKRST 3101 Advanced Topics and Future Directions
in MPLS
Lab: Enabling
g MPLS in Enterprise
p
Terminology Reference
Terminology Description
AC Attachment Circuit
Circuit. An AC Is a Point
Point-to-Point,
to Point Layer 2 Circuit Between a CE and a PE
PE.
AS Autonomous System (a Domain)
CoS Class of Service
ECMP Equal Cost Multipath
IGP Interior Gateway Protocol
LAN Local Area Network
LDP Label Distribution Protocol, RFC 3036.
LER Label Edge Router
Router. An Edge LSR Interconnects MPLS and non-MPLS Domains
Domains.
LFIB Labeled Forwarding Information Base
LSP Label Switched Path
LSR Label Switching Router
NLRI Network Layer Reachability Information
P Router An Interior LSR in the Service Provider's Autonomous System
An LER in the Service Provider Administrative Domain that Interconnects the Customer
PE Router
Network and the Backbone Network.
PSN Tunnel Packet Switching Tunnel
Terminology Reference
Terminology Description
A Pseudo
Pseudo-Wire
Wire Is a Bidirectional “Tunnel"
Tunnel" Between Two Features on a
Pseudo-Wire
Switching Path.
PWE3 Pseudo-Wire End-to-End Emulation
QoS Quality of Service
RD R t Distinguisher
Route Di ti i h
RIB Routing Information Base
RR Route Reflector
RT Route Target
RSVP-TE Resource Reservation Protocol based Traffic Engineering
VPN Virtual Private Network
VFI Virtual Forwarding Instance
VLAN Virtual Local Area Network
VPLS Virtual Private LAN Service
VPWS Virtual Private WAN Service
VRF Virtual Route Forwarding Instance
VSI Virtual Switching Instance
Recommended Reading
Continue your Cisco Live

learning experience with further
reading from Cisco Press
Check the Recommended
Reading flyer for suggested
books
Available Onsite at the Cisco Company Store

Further Reading
http://www.cisco.com/go/mpls
http://www.ciscopress.com
MPLS and VPN Architectures—
Jim Guichard, Ivan Papelnjak—Cisco Press®
Traffic Engineering with MPLS—
Ei O
Eric Osborne,
b Aj
Ajay Si
Simha—Cisco
h Ci P
Press
Layer 2 VPN Architectures—
Wei Luo
Luo, Carlos Pignataro
Pignataro, Dmitry Bokotey
Bokotey,
Anthony Chan—Cisco Press
MPLS QoS—Santiago
QoS Santiago Alvarez-Cisco
Alvarez Cisco Press
Complete Your Online
Session Evaluation
Give us your feedback and you
could win fabulous prizes
prizes.
Winners announced daily.
Receive 20 Passport points for
each session evaluation you
complete.
Complete your session evaluation
online now ((open a browser
through our wireless network to
access our portal) or visit one of
the Internet stations throughout
the Convention Center.
Don’t forget
f to activate your
Cisco Live Virtual account for access to
all session material, communities, and
on-demand and live activities throughout
the
h year. AActivate
i your account at the
h
Cisco booth in the World of Solutions or visit
www.ciscolive.com.

Fundamentos - MPLS - Presentacion PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Fundamentos - MPLS - Presentacion PDF

Uploaded by

Copyright:

Available Formats

Introduction to MPLS

 Understand history and business drivers for MPLS

 It’s all about labels…

 Evolved from tag switching in 1996 to full IETF

1996 1997 1998 1999 2000 2001 2002 2003 2004+

MPLS Customer Segments Geographic Customer Distribution

Source: MPLS Tracker and Various Other Internal Cisco

enterprise customer segments for MPLS

Enterprise Customer Segments M

 Two types of enterprise customers for MPLS

 MPLS used as part of self managed network

Federal government Need for secure and cost

Layer-3 VPNs Layer-2 VPNs

MPLS Network Services

MPLS QoS MPLS TE MPLS OAM/MIBs

Layer-3 VPNs Layer-2 VPNs

MPLS QoS MPLS TE MPLS OAM/MIBs

 The big picture

 Other related protocols and protocols to exchange label

Label switched traffic

Label # – 20bits EXP S TTL-8bits

COS/EXP = Class of Service: 3 Bits; S = Bottom of Stack; TTL = Time to Live

MPLS Label Encapsulation

One or More Labels Appended to the Packet

 Label imposition (Push)

 Label swapping or switching

 Label disposition (PoP)

 Variety of FEC mappings possible

 Label Distribution Protocol (LDP)

 Assigns, distributes, and installs (in forwarding) labels for

to RIB prefixes and Session Setup

128.89 1 128.89 0 171.69 1

You Can Reach 128.89 Thru Me

Use Label 9 for 128.89

Label Switch Forwards

 Each node maintains IP routing information via IGP

 LDP leverages IGP routing information

Label switched traffic

 IGP: OSPF, EIGRP, IS-IS on core facing and core links

 Recap: labels correspond to Forwarding Equivalence Class (FEC)

 Outer label always used for switching MPLS packets in network

2. Ingress Edge LSR Receives Packet,

 MPLS uses labels to forward traffic

MPLS QoS MPLS TE MPLS OAM/MIBs

3 MPLS Signaling and Forwarding

Label switched traffic

 Customer router (CE) has a IP peering connection with

 MPLS VPN network responsible for distributing routing

 MPLS VPNs enable full-mesh, hub-and-spoke, and

 MPLS L3VPN control plane

 MPLS L3VPN forwarding plane

 Virtual Routing and Forwarding Instance (VRF)

Label switched traffic MP-iBGP Session

 Full mesh of BGP sessions among all PE routers

Central site - HQ Remote Site 1 & Acquired

Aerospace Cosmetics Financial Services

Aerospace Financial Financial Cosmetics

MPLS Backbone VPN_B

Company “A”A and Company “B” B access

Remote Sites Remote Sites

VRF lite configured on

 Every link is a 802.1Q trunk

 Restricted scalability v Multi-VRF

Understand history and business drivers for MPLS

It’s all about labels…

Evolved from tag switching in 1996 to full IETF

Two types of enterprise customers for MPLS

MPLS used as part of self managed network

The big picture

Other related protocols and protocols to exchange label

Label imposition (Push)

Label swapping or switching

Label disposition (PoP)

Variety of FEC mappings possible

Label Distribution Protocol (LDP)

Assigns, distributes, and installs (in forwarding) labels for

Each node maintains IP routing information via IGP

LDP leverages IGP routing information

IGP: OSPF, EIGRP, IS-IS on core facing and core links

Recap: labels correspond to Forwarding Equivalence Class (FEC)

Outer label always used for switching MPLS packets in network

MPLS uses labels to forward traffic

Customer router (CE) has a IP peering connection with

MPLS VPN network responsible for distributing routing

MPLS VPNs enable full-mesh, hub-and-spoke, and

MPLS L3VPN control plane

MPLS L3VPN forwarding plane

Virtual Routing and Forwarding Instance (VRF)

Full mesh of BGP sessions among all PE routers

Every link is a 802.1Q trunk

Restricted scalability v Multi-VRF

Typical for department VPN1 v v

Provide layer-3 connectivity among CE sites via IP

AToM Control Plane

Architecture for Ethernet Multipoint Services (EMS)

VPLS Control Plane

VPLS Forwarding Plane

Enables transport of any Layer-2 traffic over

AToM PWs suited for implementing transparent point-

Typically different traffic types (packets) sent over

Not all application traffic types/flows are the same …

MPLS QQoS S used d ffor traffic

MPLS leverages mostly existing IP QoS architecture

MPLS EXP bits used for packet classification and

End-to-end behavior: original IP DSCP value not preserved

End-to-end behavior: original IP DSCP is preserved

End-to-end behavior: original IP DSCP is preserved

MPLS QoS used for MPLS packet-specific marking and

Different schemes for mapping between IP

Enables traffic prioritization to guarantee minimal traffic

Congestion in the network due to changing

Path calculation (CSPF)*

Additional link characteristics

IS-IS or OSPF flood link

Tunnel signaled with TE

Automated MPLS OAM -> for proactive trouble shooting

Build and plan the network

Connectivity of LSP path(s) between PE routers can be

MPLS management operations include MPLS node and

Advanced MPLS management capabilities can be

MPLS supports advanced traffic engineering capabilities

MPLS is a mature technology

Two types of MPLS users

There’s a need for network segmentation

There’s a need for network realignment/migration