Professional Documents
Culture Documents
MPLS
MPLS
Santanu Dasgupta
santanu@cisco.com
Goals of this Session
Network
NetworkInfrastructure
Infrastructure
Introduction
MPLS Network Components Core MPLS
MPLS VPNs
End-to-end MPLS
MPLS Layer-3 VPNs Services
MPLS Layer-2 VPNs
MPLS QoS
MPLS Network
MPLS Traffic Engineering Services
MPLS Management
Summary
Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
Why Multi Protocol Label Switching?
SP/Carrier perspective
Reduce costs (CAPEX); consolidate networks
Consolidated network for multiple Layer-2/3 services
Support increasingly stringent SLAs
Handle increasing scale/complexity of IP-based services
Enterprise/end-user perspective
Campus/LAN
Need for network segmentation (users, applications,
etc.)
WAN connectivity (connecting enterprise networks)
Need for easier configuration of site-to-site WAN
connectivity
L2/L3VPN’s
Key Features
Core MPLS
Network Infrastructure
Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
MPLS Forwarding and Signaling
Core MPLS
Network Infrastructure
P P
CE PE PE CE
CE CE
PE P P PE
LAN MAC Label Header MAC Header Label Layer 2/L3 Packet
L1 L1 L2 L2 L3 L3
L2/L3 Packet
P P
CE PE PE CE
CE CE
PE P P PE
Exchange of
MPLS label LDP Interactions
bindings with
MPLS Forwarding
Programming of
MPLS forwarding MPLS
Forwarding
MPLS
Forwarding
CEF/MFI CEF/MFI
Based on LIB info
CEF/MFI updates
171.69 1 171.69 1 …
… …
128.89
0
0 128.89.25.4 Data
1 128.89.25.4 Data
1
128.89.25.4 Data 128.89.25.4 Data
171.69
Packets Forwarded
Based on IP Address
(via RIB lookup)
© 2010 Cisco and/or its affiliates. All rights reserved. 23
Step 1: IP Routing (IGP) Convergence
MFI/FIB MFI/FIB MFI/FIB
In Address Out Out In Address Out Out In Address Out Out
Label Prefix I’face Label Label Prefix I’face Label Label Prefix I’face Label
128.89 1 128.89 0 128.89 0
171.69 1 171.69 1
… … … … … …
0 128.89
0
1
Routing Updates
You Can Reach 171.69 Thru Me 171.69
(OSPF, EIGRP, …)
0 128.89
0
1
171.69
0 128.89
0
1
Label Distribution
Use Label 7 for 171.69 171.69
Protocol (LDP)
(Downstream Allocation)
© 2010 Cisco and/or its affiliates. All rights reserved. 26
Step 3: Forwarding MPLS Packets
MFI/FIB MFI/FIB MFI/FIB
In Address Out Out In Address Out Out In Address Out Out
Label Prefix I’face Label Label Prefix I’face Label Label Prefix I’face Label
- 128.89 1 4 4 128.89 0 9 9 128.89 0 -
- 171.69 1 5 5 171.69 1 7
… … … … … … … … … … … …
0 128.89
0
128.89.25.4 Data
1
9 128.89.25.4 Data
128.89.25.4 Data 4 128.89.25.4 Data 1
OSPF, IS-IS,
P EIGRP, EIGRP P
CE PE PE CE
LDP, RSVP
CE CE
PE P P PE
More than one label can be used for MPLS packet encapsulation
Creation of a label stack
Recap: labels correspond to Forwarding Equivalence Class
(FEC)
Each label in stack used for different purposes
Outer label always used for switching MPLS packets in network
Remaining inner labels used to specific services/FECs, etc.
Last label in stack marked with EOS bit
Outer Label
Allows building services such as
MPLS VPNs; LDP + VPN label TE Label
Traffic engineering (FRR): LDP + TE label LDP Label
VPNs over TE core: LDP + TE + VPN label VPN Label
Any transport over MPLS: LDP + PW label Layer 2/3
Inner Label
Packet Header
Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
MPLS Technology Framework
End-to-end data connectivity services across MPLS
networks (from PE to PE)
End-to-end Services
Network Infrastructure
P P
CE PE PE CE
VPN
CE CE
PE P P PE
PE-CE link
Connect customer network to SP network; layer-2 or layer-3
VPN
Dedicated secure connectivity over shared infrastructure
SP/Carrier perspective
Reduce costs (CAPEX)
Leverage same network for multiple services and
customers
Migrate legacy networks onto single converged network
Reduce costs (OPEX)
Easier service enablement; only edge node configuration
Enterprise/end-user perspective
Enables site/campus network segmentation
Allows for dedicated connectivity for users, applications,
etc.
Enables easier setup of WAN connectivity
Easier configuration of site-to-site WAN connectivity (for
L3VPN and VPLS); only one WAN connection needed
Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
MPLS L3 VPN Overview
PE-CE link
Can be any type of layer-2 connection (e.g., FR, Ethernet)
CE configured to route IP traffic to/from adjacent PE router
Variety of routing options; static routes, eBGP, OSPF, IS-IS
CE
VPN 1 VRF Green
PE
CE MPLS Backbone IGP
VPN 2
VRF Blue
P P
CE PE PE CE
VRF VRF
VPN 1
CE CE
VRF VRF
VPN 2
PE P P PE
ip vrf Green
RD 1:100
route-target export 1:100
route-target import 1:100
IPv4 P1 P2 IPv4
CE1 Packet PE1 PE2 Packet
CE2
VRF
VPN 1 VRF
ip vrf Green
RD 1:100
route-target export 1:100
route-target import 1:100
Processing Steps:
1. CE2 forwards IPv4 packet to PE2.
2. PE2 imposes pre-allocated VPN label (learned via MP-IBGP) to IPv4 packet
received from CE2.
3. PE2 imposes outer IGP label (learned via LDP) and forwards labeled packet
to next-hop P-router P2.
4. P-routers P1 and P2 swap outer IGP label and forward label packet to PE1.
5. Router PE1 strips VPN label and forwards IPv4 packet to CE1.
Remote Site 1
Central site - HQ VRF instances
created for each
group at the edge
Financial Cosmetics
Services
Aerospace Cosmetics Financial Services
VPN_Fin
VPN_Fin
VPN_Cos
VPN_Cos
VPN_Aero
MPLS Backbone
Remote Site 3 Remote Site 2
VPN_Aero
VPN_Cos
VPN_Fin
VPN_Aero
Aerospace Financial
Cosmetics Aerospace
Services
MPLS Backbone
Access
Distribution
Core
Internet
End-to-end
Distribution Core
Connectivity
End-to-end label
Distribution nodes
Layer-3 MPLS configured as PE routers
Core nodes forward switched paths (LSPs)
VPNs MPLS packets (via LFIB) between distribution
with VRF(s)
nodes (PE routers)
Layer-2 access
No BGP or MPLS
L2
VRF-lite configured on core and
distribution nodes v v
Layer 3
v v
Every link is a 802.1Q trunk
Many-to-Many model
Restricted scalability v v
v Multi-VRF
Typical for department
inter-connectivity VPN1 v v
L2
VPN2
802.1Q
L2 access
No BGP or MPLS
L2
VRF-lite only configured on
distribution nodes v v
Layer 3
Many-to-One model
Restricted scalability
Typical for user-specific VPN
connectivity v Multi-VRF
VPN1 v v
L2
VPN2
GRE
L2 access
Distribution nodes configured as
L2
PE routers with VRFs
MP-iBGP between distribution v v
nodes
MPLS packet forwarding by core
MPLS
nodes
Many-to-Many model
High scalability
v VRF
VPN1 v v
L2
VPN2
Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
L2VPN Options
L2VPN Models
VPWS VPLS
Virtual Private Wire Service Virtual Private LAN Service
Point to Point Point to Multipoint
MPLS Core
PE Router
Pseudo Wire
Many Subscriber
FR Encapsulations
ATM
Supportable
PPP HDLC
Ethernet
© 2010 Cisco and/or its affiliates. All rights reserved. 55
Any Transport over MPLS Architecture
Based on IETF’s Pseudo-Wire (PW) Reference Model
PW is a connection (tunnel) between 2 PE Devices, which
connects 2 PW End-Services
PW connects 2 Attachment Circuits (ACs)
Bi-directional (for p2p connections)
Use of PW/VC label for encapsulation
Customer2 Customer2
Site1 PWES PSN Tunnel PWES Site2
Pseudo-Wires
Customer1 PE PE Customer1
Site1 Site2
PWES PWES
3 LDP session
2 2
P P
CE1 PE1 PE2 CE2
Layer-2 Layer-2
Connection Connection
Layer-2 P1 P2 Layer-2
CE1 Packet PE1 PE2 Packet
CE2
Processing Steps:
1. CE2 forwards layer-2 packet to PE2.
2. PE2 imposes VC (inner) label to layer-2 packet received from
CE2 and optionally a control word as well (not shown).
3. PE2 imposes Tunnel outer label and forwards packet to P2.
4. P2 and P1 router forwards packet using outer (tunnel) label.
5. Router PE2 strips Tunnel label and, based on VC label, layer-2
packet is forwarded to customer interface to CE1, after VC label
is removed
In case control word is used, new layer-2 header is generated first.
PE2
PE1 101 10 50 101 10 90
DLCI 201
DLCI 101
MPLS
WAN
Site3
CE
n-PE n-PE
CE CE
PW
Tunnel LSP PW
CE CE
PW
CE CE
Red VSI Red VSI
Blue VSI Directed LDP Blue VSI
Green VSI Session Between Green VSI
CE
Participating PEs Full Mesh of PWs
Between VSIs
Customer A1 Customer A1
Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 66
MPLS Technology Framework
Network Infrastructure
EXP DSCP
CE CE
PE P P PE
MPLS MPLS
EXP 3 EXP 2
MPLS MPLS MPLS
EXP 3 EXP 3 EXP 2
IP IP IP IP IP IP
DSCP DSCP DSCP DSCP DSCP DSCP
3 3 3 3 2 2
CE CE
PE P P PE
CE CE
PE P P PE
MPLS MPLS
EXP 3 EXP 2
MPLS MPLS MPLS
EXP 3 EXP 3 EXP 2
IP IP IP IP IP IP
DSCP DSCP DSCP DSCP DSCP DSCP
3 3 3 3 3 3
Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 74
MPLS Technology Framework
Traffic engineering capabilities for bandwidth
management and network failure protection
Network Infrastructure
Node Next-Hop Cost Some links are DS3, some are OC-3
B B 10
Router A has 40M of traffic for
C C 10
router F, 40M of traffic for router G
D C 20
E B 20 Massive (44%) packet loss at router
F B 30 B→router E!
G B 30
Changing to A->C->D->E won’t help
Router B Router F
OC-3 OC-3
Router A Router E
DS3
Router G
OC-3
OC-3 DS3
Router B Router F
OC-3 OC-3
Router A Router E
DS3
Router G
OC-3
OC-3 40 Mb DS3
* Optional
© 2010 Cisco and/or its affiliates. All rights reserved. 79
For your
reference
Link Information Distribution only
RECORD_ROUTE (PATH/RESV)
SESSION_ATTRIBUTE (PATH)
Input Out Label,
LFIB populated using Label Interface
RSVP labels allocated by RESV 17 16, 0
TE LSP
messages
Router X Router Y
Router C
Primary tunnel: A → B → D → E
Backup tunnel: B → C → D (preprovisioned)
Recovery = ~ 50 ms
*Actual Time Varies—Well Below 50 ms in Lab Tests, Can Also Be Higher
Internet
Service Provider
Backbone
Oversubscribed
Shortest Links
Service Provider
Backbone
Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 87
MPLS Technology Framework
Network Infrastructure
Time = t: Received SNMPv2c Trap from pe1: Time = t: Received SNMPv2c Trap from pe1:
sysUpTimeInstance = 8159606 sysUpTimeInstance = 8159606
snmpTrapOID.0 = mplsLdpSessionDown
snmpTrapOID.0 = mplsLdpSessionDown
mplsLdpSessionState.<index> = nonexistent(1)
mplsLdpSessionState.<index> = nonexistent(1)
mplsLdpSessionDiscontinuityTime.<index> = 8159605
mplsLdpSessionDiscontinuityTime.<index> = 8159605
mplsLdpSessionStatsUnknownMesTypeErrors.<index> = 0
mplsLdpSessionStatsUnknownTlvErrors.<index> = 0 mplsLdpSessionStatsUnknownMesTypeErrors.<index> = 0
ifIndex.5 = 5 mplsLdpSessionStatsUnknownTlvErrors.<index> = 0
Interface goes down LDP session goes down
ifIndex.5 = 5
Time = t+1: Received SNMPv2c Trap from pe1:
sysUpTimeInstance = 8159906
Time = t+1: Received SNMPv2c Trap from p01:
snmpTrapOID.0 = linkDown
sysUpTimeInstance = 8160579
ifIndex.5 = 5
PE1
ifDescr.5 = Ethernet1/0 PE1
snmpTrapOID.0 = mplsLdpSessionDown
mplsLdpSessionState.<index> = nonexistent(1)
mplsLdpSessionDiscontinuityTime.<index> = 8160579
mplsLdpSessionStatsUnknownMesTypeErrors.<index> = 0
mplsLdpSessionStatsUnknownTlvErrors.<index> = 0
ifIndex.5 = 5
P1 P2
PE1 PE2
Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 96
Summary and Key Takeaways
It’s all about labels …
Label-based forwarding and IP protocol extensions for label exchange
Best of both worlds … L2-type forwarding and L3 control plane
L2/L3VPN’s
Key Features
Presentation_ID © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 100
© 2010 Cisco and/or its affiliates. All rights reserved. 101