Está en la página 1de 31

MC LC DANH MC HNH V ................................................................................................................................3 DANH MC VIT TT ..............................................................................................................................4 LI NI U ...............................................................................................................................................7 Chng I: Tng quan v cng ngh MPLS ................................................................................................8 1.1.

Gii thiu v chuyn mch a giao thc ..............................................................................................8 1.2. Lch s pht trin v cc u im ca MPLS ......................................................................................8 1.2.1. Cc li ch ca MPLS ...................................................................................................................9 1.2.2. c im vt tri ca MPLS so vi m hnh IP over ATM...........................................................9 1.2.3. BGP - Free Core .........................................................................................................................10 1.2.4 Lung lu lng quang ................................................................................................................11 1.3: Cng Ngh Chuyn Mch MPLS ...........................................................................................................12 1.3.1 Cu trc ca nt MPLS...................................................................................................................12 1.3.1.1 Mt phng chuyn tip (Forwarding plane) ............................................................................12 1.3.1.2 Mt phng iu khin (Control Plane) ....................................................................................17 1.3.2 Phn t v chc nng ca chng trong MPLS ...............................................................................18 1.3.2.1 LSR (label switch Router) .......................................................................................................18 1.3.2.2 LSP (label switch Path)............................................................................................................18 1.3.2.3 FEC (Forwarding Equivalence Class).....................................................................................18 1.3.3 Cc giao thc s dng trong MPLS.................................................................................................18 1.3.3.1 Phn phi nhn .........................................................................................................................18 Chng II: Mng MPLS - VPN.................................................................................................................20 2.1.mng ring o VPN.............................................................................................................................20 2.1.1 Lch s pht trin ca VPN .................................................................................................................. 20 2.1.2 Phn loi ..........................................................................................................................................20 2.1.3 Cc giao thc s dng trong mng ring o ...................................................................................21 2.1.3.1 IP Security .................................................................................................................................21 2.1.3.2 Giao thc ng hm im-im PPTP ...................................................................................21 2.1.3.3 Giao thc ng hm lp 2 L2TP ............................................................................................22 2.2: Mng MPLS-VPN................................................................................................................................23 2.2.1 Cc m hnh MPLS VPN...............................................................................................................23 2.2.1.1 M hnh V3VPN ........................................................................................................................23 1

2.2.1.2 M hnh L2VPN ........................................................................................................................24 2.2.2 Hot ng ca MPLS VPN .......................................................................................................25 2.2.2.1 Truyn thng tin nh tuyn ..................................................................................................25 2.2.2.2 a ch VPN IP ..................................................................................................................25 2.2.2.3 Chuyn tip gi tin VPN........................................................................................................28 TNG KT .................................................................................................................................................30 Mng vin thng th h sau TS. Nguyn Qu Minh Hin ............................................................31 Cng ngh chuyn mch MPLS - ThS. Hong Trng Minh ...........................................................31

DANH MC HNH V

Chng I
Hnh 1.1. Mng li MPLS BGP free............................................................................................................10 Hnh 1.2. Non-Fully Meshed Overlay ATM Network ..................................................................................11

Chng II

DANH MC VIT TT

ASIC
ATM AToM BGP CE CEF CoS CQ CR DSCP DS-TE E-LSR FEC FTP GRE HDLC IETF IGP I-LSR IntServ IP IS-IS LAN

Application Specific Intergrated Circuits Asynchnorous Tranfer Mode Any Transport over MPLS Border Gateway Protocol Custome Edge Cisco Express Forwarding Class of Service Custom Queue Constraint-based routing DiffServ Code Point DiffServ-aware MPLS Traffic Engineering Egress LER Forwarding Equivalency Class File Tranfer Protocol Generic Routing Encapsulation High Data Link Control Internet Engineering Task Force Interior Gateway Protocol Ingress LSR Integrated Services Internet Protocol Intermediate System to Intermediate System Protocol Local Area Network

Mch tch hp chuyn dng Truyn dn khng ng b Truyn ti qua MPLS Giao thc cng bin Bin pha khch hng Chuyn tip nhanh ca Cisco Cp dch v Hng i ty nh tuyn rng buc Dch v khc bit M im dch v khc bit Cng ngh iu khin lung MPLS quan tm ti DiffiServ LER bin ra Lp chuyn tip tng ng Giao thc truyn file ng gi nh tuyn chung iu khin kt ni d liu tc cao y ban t vn k thut Internet Giao thc nh tuyn trong phm vi min LSR bin vo Dch v tch hp Giao thc Internet Giao thc h thng trung gian ti h thng trung gian Mng a phng
4

DiffServ Differentiated Services

LDP LER LFIB LIB LSP LSR MAC MPLS MPBGP OSPF OUI PE PPP PQ PVC QoS RD RFC RSVP RT SLA SP SVC TCP TDP TE TTL UDP UNI

Label Distribution Protocol Label Edge Router Label Forwarding Information Base Label Information Base Label Switch Path Label Switch Router Media Access Control Multiprotool Label Switching MPLS - border gateway Protocol Open Shortest Path First Organizationally Unique Identifier Provider Edge Point-to-Point Protocol Priority Queue Permanent Virtual Circuit Quanlity of Service Route Distinguisher Request for comment Resource Reservation Protocol Route Targets Service Level Agreements Service Provider Switch Virtual Connection Tranmission Control Protocol Tag Distribution Protocol Traffic Engineering Time To Live User Datagram Protocol User-to-Network Interface

Giao thc phn phi nhn B nh tuyn nhn bin ra C s thng tin chuyn tip nhn Bng c s d liu nhn Tuyn chuyn mch nhn B nh tuyn chuyn mch nhn iu khin truy nhp mi trng Chuyn mch nhn a giao thc a giao thc cong bin Giao thc OSPF Nhn dng duy nht to chc Bin nh cung cp Giao thc im - im Hng i u tin Mch o c nh Cht lng dch v B phn bit tuyn Cc ti liu chun do IETF a ra Giao thc dnh sn ti nguyn Tuyn ch Tha thun cp dch v Nh cung cp Chuyn mch kt ni o Giao thc iu khin truyn dn Giao thc phn phi tag K thut iu khin lu lng Thi gian sng Giao thc UDP Giao din ngi dng ti mng
5

VC VCI VoATM VoIP VP VPI VPN

Virtual Channel Virtual Channel Identifier Voice over ATM Voice over IP Virtual Path Virtual Packet Indentifier Virtual Pravite network

Knh o nh danh knh o Thoi qua ATM Thoi qua IP Tuyn o nh danh gi o Mng ring o

LI NI U
Cng vi s pht trin ca t nc, nhng nm gn y cc ngnh kinh t quc dn u pht trin mnh m, v ngnh cng nghip vin thng cng khng l ngoi l. S ngi s dng cc dch v mng tng ng k, theo d on con s ny ang tng theo hm m. Ngy cng c nhiu cc dch v mi v cht lng dch v cng c yu cu cao hn. ng trc tnh hnh ny, cc vn v mng bt u bc l, cc nh cung cp mng v cc nh cung cp dch v cng c nhiu n lc nng cp cng nh xy dng h tng mng mi. Nhiu cng ngh mng v cng ngh chuyn mch c pht trin, trong s chng ta phi k n cng ngh chuyn mch nhn a giao thc MPLS. Cng ngh MPLS ( Multi Protocol Label Switching) c t chc quc t IETF chnh thc a ra vo cui nm 1997, pht trin nhanh chng trn ton cu. Cng ngh mng ring o MPLS VPN a ra mt tng khc bit hon ton so vi cng ngh truyn thng, n gin ha qu trnh to ng hm trong mng ring o bng c ch gn nhn gi tin (Label) trn thit b mng ca nh cung cp. Thay v phi t thit lp, qun tr, v u t nhng thit b t tin, MPLS VPN s gip doanh nghip giao trch nhim ny cho nh cung cp n v c y nng lc, thit b v cng ngh bo mt tt hn nhiu cho mng ca doanh nghip. Theo nh gi ca Din n cng ngh Ovum nm 2005, MPLS VPN l cng ngh nhiu tim nng, ang bc vo giai on pht trin mnh m nh nhng tnh nng u vit hn hn nhng cng ngh truyn thng. MPLS VPN v ang dn thay th hon ton cc cng ngh mng truyn thng lc hu v l tin tin ti mt h thng mng bng rng Mng th h mi NGN ( Next Generation Network).

Tng quan v mng ring o VPN

Chng I: Tng quan v cng ngh MPLS


1.1. Gii thiu v chuyn mch a giao thc
MPLS (Multiprotocol label switching) l mt cng ngh kt hp c im tt nht gia nh tuyn lp ba v chuyn mch lp hai cho php chuyn ti cc gi rt nhanh trong mng li (core) v nh tuyn tt mng bin (edge) bng cch da vo nhn (label). MPLS l mt phng php ci tin vic chuyn tip gi trn mng bng cch gn nhn vo mi gi IP, t bo ATM, hoc frame lp hai. Phng php chuyn mch nhn gip cc Router v cc b chuyn mch MPLS-enable ATM quyt nh theo ni dung nhn tt hn vic nh tuyn phc tp theo a ch IP ch. MPLS cho php cc ISP cung cp nhiu dch v khc nhau m khng cn phi b i c s h tng sn c. Cu trc MPLS c tnh mm do trong bt k s phi hp vi cng ngh lp hai no. MPLS h tr mi giao thc lp hai, trin khai hiu qu cc dch v IP trn mt mng chuyn mch IP. MPLS h tr vic to ra cc tuyn khc nhau gia ngun v ch trn mt ng trc Internet. Bng vic tch hp MPLS vo kin trc mng, cc ISP c th gim chi ph, tng li nhun, cung cp nhiu hiu qu khc nhau v t c hiu qu cnh tranh cao. c im mng MPLS: - Khng c MPLS API, cng khng c thnh phn giao thc pha host. - MPLS ch nm trn cc router. - MPLS l giao thc c lp nn c th hot ng cng vi giao thc khc IP nh IPX, ATM, Frame Relay,... - MPLS gip n gin ho qu trnh nh tuyn v lm tng tnh linh ng ca cc tng trung gian. 1.2. Lch s pht trin v cc u im ca MPLS Cc giao thc trc MPLS: Trc MPLS, giao thc WAN ph bin nht l ATM v Frame relay. Nhng mng WAN c chi ph hiu qu c xy dng t nhiu giao thc khc nhau. Cng vi vic bng n mng Internet, IP tr thnh giao thc ph bin nht. IP khp mi ni. VPN c to ra qua nhng giao thc WAN ny. Khch hng thu nhng kt ni ATM v kt ni Frame relay hoc s dng knh truyn s liu (knh thu ring) v xy dng mng ring ca h trn . Bi v nhng b nh tuyn ca nh cung cp cung cp dch v lp 2 ti b nh tuyn lp 3 ca khch hng. Nhng kiu mng nh vy c gi l mng overlay. Hin nay mng Overlay vn c s dng nhng rt nhiu khch hng bt u s dng dch v MPLS VPN.

Tng quan v mng ring o VPN 1.2.1. Cc li ch ca MPLS Nhng li ch ca vic s dng MPLS trong mng bao gm: Vic s dng h tng mng thng nht u im vt tri so vi m hnh IP over ATM Giao thc cng bin (BGP) - li t do M hnh peer to peer cho MPLS VPN Chuyn lu lng quang iu khin lu lng

1.2.2. c im vt tri ca MPLS so vi m hnh IP over ATM S tch hp: MPLS xc nhp tnh nng ca IP v ATM ch khng xp chng lp IP trn ATM. tin cy cao hn: Vi c s h tng ATM, MPLS c th kt hphiu qu vi nhiu giao thc nh tuyn IP over ATM thit lp mt mng li (mesh) dch v cng cng gia cc router xung quanh mt m my ATM. Trc tip thc thi cc loi dch v: MPLS s dng hng i v b m ca ATM cung cp nhiu loi dch v khc nhau. N h tr quyn u tin IP v cp dch v CoS trn chuyn mch ATM m khng cn chuyn i phc tp sang cc lp ATM Forum Service. H tr hiu qu cho Mulicast v RSVP: Khc vi MPLS, xp lp IP trn ATM ny sinh nhiu bt li, c bit trong vic h tr cc dch v IP nh IP muticast v RSVP (giao thc dnh trc ti nguyn). MPLS h tr cc dch v ny, k tha thi gian v cng vic theo cc chun v khuyn khch to nn nh x xp x ca cc c trng IP & ATM S o lng v qun l VPN: MPLS c th tnh c cc dch v IPVPN v rt d qun l cc dch v VPN quan trng cung cp cc mng IP ring trong c s h tng ca n. Khi mt ISP cung cp dch v VPN h tr nhiu VPN ring trn mt c s h tng n.Vi mt ng trc MPLS, thng tin VPN ch c x l ti mt im ra vo. Cc gi mang nhn MPLS i qua mt ng trc v n im ra ng ca n. Kt hp MPLS vi MP- BGP (a giao thc cng bin) to ra cc dch v VNP da trn nn MPLS (MPLS-based VNP) d qun l hn vi s iu hnh chuyn tip qun l pha VNP v cc thnh vin VNP, dch v MPSL-based VNP cn c th m rng h tr hng trm nghn VPN. Gim ti trn mng li: Cc dch v VPN hng dn cch MPLS h tr mi thng tin nh tuyn phn cp. Hn na, c th tch ri cc nh tuyn Internet khi li mng cung cp dch v. Ging nh d liu VPN, MPSL ch cho php truy sut bng nh tuyn Internet ti im ra vo ca mng. Vi MPSL, k thut lu lng truyn bin ca AS c gn nhn lin kt vi im tng ng. S tch ri ca nh tuyn ni khi nh
9

Tng quan v mng ring o VPN tuyn Internet y cng gip hn ch li, n nh v tng tnh bo mt. Kh nng iu khin lu lng: MPLS cung cp cc kh nng iu khin lu lng sng dng hiu qu ti nguyn mng. K thut lu lng gip chuyn ti t cc phn qu ti sang cc phn cn ri ca mng da vo im ch, loi lu lng, ti, thi gian,... 1.2.3. BGP - Free Core Khi mng IP ca nh cung cp dch v phi chuyn tip lu lng, mi b nh tuyn phi tm kim a ch ch ca gi. Nu nhng gi c gi ti ch nm ngoi mng ca nh cung cp ny, nhng tin t IP ngoi phi c th hin trong bng nh tuyn ca mi b nh tuyn. BGP mang tin t ngoi nh l tin t ca khch hng hay tin t Internet. C ngha l tt c cc b nh tuyn trong mng nh cung cp dch v phi chy BGP. Tuy nhin, MPLS cho php chuyn tip nhng gi da trn tm kim nhn hn l tm kim a ch IP. MPLS cho php mt nhn c kt hp vi mt b nh tuyn vo hn l vi a ch IP ch ca gi. Mt b nh tuyn ti bin ca mng MPLS vn cn xem xt (look at) a ch IP ch ca gi v do vn cn phi chy BGP. Mi tin t BGP trn nhng b nh tuyn MPLS ra c mt a ch IP bc nhy tip theo BGP kt hp vi n. a ch IP bc nhy tip theo BGP l mt a ch IP ca b nh tuyn MPLS vo. Nhn kt hp vi gi IP l nhn m kt hp vi a ch IP bc nhy tip theo BGP. Bi v tt c cc b nh tuyn li chuyn tip gi da trn nhn MPLS c gn m kt hp vi a ch IP bc nhy tip theo BGP, mi a ch IP bc nhy tip theo BGP ca b nh tuyn MPLS vo phi c tt c nhng b nh tuyn li bit n. Bt k giao thc nh tuyn cong trong (nh giao thc OSPF hoc IS-IS) c th thc hin nhim v ny.

Hnh 1.1. Mng li MPLS BGP free


10

Tng quan v mng ring o VPN Hin nay tt c cc b nh tuyn trong mng li ang thc hin chuyn tip nhng gi c gn nhn, khng phi tm kim a ch IP, do chng ta phn no b bt c cc gnh nng chy BGP. 1.2.4 Lung lu lng quang V chuyn mch ATM hoc Frame Relay ch n thun Lp 2, nhng b nh tuyn kt ni qua chng bi cc knh o c to ra gia chng. i vi bt k mt b nh tuyn chuyn lu lng trc tip ti mt b nh tuyn khc ti bin, mt knh o s c to ra thang gia chng. Vic to ra nhng knh o bng tay ny hng nhm chn. Trong bt k trng hp ny, nu yu cu kt ni any - to - any gia cc site, cn thit phi c mesh y ca nhng knh o gia cc site, iu ny lm tng tnh cng knh mng v tng chi ph. Nu cc site ch kt ni vi nhau nh hnh 1.2 lu lng t CE1 ti CE3 phi i qua CE2 trc:

Hnh 1.2. Non-Fully Meshed Overlay ATM Network

Kt qu l lu lng qua mng ng trc ATM hai ln v i ng vng qua b nh tuyn CE2. Khi s dng MPLS VPN nh a ra trong phn trc, lu lng trc tip - do ti u - gia tt c cc kt cui khch hng. i vi lu lng di chuyn ti u gia cc kt cui trong trng hp ca m hnh overlay VPN, tt c cc kt cui phi c kt ni vi nhau, do yu cu c thit k dng mesh y ca cc ng kt ni hoc cc knh o.

11

Tng quan v mng ring o VPN

1.3: Cng Ngh Chuyn Mch MPLS


1.3.1 Cu trc ca nt MPLS Mt nt ca MPLS c hai mt phng: mt phng chuyn tip MPLS v mt phng iu khin MPLS. Nt MPLS c th thc hin nh tuyn lp ba hoc chuyn mch lp hai. Hnh sau m t cu trc c bn ca mt nt MPLS

Hnh 1.3 Cu trc mt nt MPLS

1.3.1.1 Mt phng chuyn tip (Forwarding plane) Mt phng chuyn tip c trch nhim chuyn tip gi da trn gi tr cha trong nhn. Mt phng chuyn tip s dng mt cs t hng tin chuyn tip nhn LFIB chuyn tip cc gi. Thut ton m c s dng bi phn t chuyn tip chuyn mch nhn s dng thng tin cha trong LFIB nh l cc thng tin cha trong gi tr nhn. Mi nt MPLS c hai bng lin quan n vic chuyn tip l: c s thng tin nhn LIB v LFIB. LIB cha tt ccc nhn c nt MPLS cc b nh du v nh x ca cc nhn ny n cc nhn c nhn t lng ging (MPLS neighbor) ca n. LFIB s dng mt tp con cc nhn cha trong LIB thc hin chuyn tip gi. Nhn MPLS Mt nhn MPLS l mt trng 32 bit c nh vi cu trc xc nh. Nhn c dng xc nh mt FEC. i vi ATM, nhn c t c hoc l trng VCI hoc l VPI ca mo u ATM. Tuy nhin, nu l khung trong Frame Relay, nhn li c t trng DLCI ca mo u Frame Relay.

12

Tng quan v mng ring o VPN

Hnh 1.4 Cu trc ca nhn MPLS

Vic h tr cho mo u m yu cu b nh tuyn gi c mt ng dn ch cho b nh tuyn nhn bit rng khung ny cha mt mo u chn thm. Cc k thut khc nhau s dng cc cch khc nhau. Ethernet s dng gi tr ethertype 0x8848 v 0x8847 ch s c mt ca mo u chn thm. Gi tr Ethertype 0x8847 c s dng ch ra rng mt khung ang mang gi unicast MPLS, v gi tr ethertype 0x8848 ch ra rng khung ang mang gi multicast MPLS. Token ring v FDDI cng sdng gi tr loi ny nh l mt phn ca mo u SNAP. PPP s dng mt Chng trnh iu khin mng c chnh sa (NCP Network Control Program) c bit n nh l giao thc iu khin MPLS (MPLS CP) v nh du tt c nhng gi cha mt mo u chn thm vi 0x8281 trong trng giao thc PPP. Frame Relay s dng ID giao thc lp mng SNAP (NLP ID NetworkLayer Protocol) v m u SNAP c nh du vi gi tr dng 0x8847 theo ch ra khung ang mang mo u chn thm. ATM s dng mo u SNAP vi gi tr ethertype dang 0x8847 v 0x8848. Nhn MPLS cha cc trng sau: Trng nhn (label field): 20 bit u l gi tr ca nhn. Gi tr ny nm trong khon t 0 n 220-1 hoc 1048575. Tuy nhin, 16 gi tr u tin khng c dng s dng; n c s dng vi nhng ngha c bit. Cc bit t20 n 22 l 3 bit thc nghim(EXP experimental). Nhng bit ny ch c s dng trong cht lng ca dch v(QoS); khi cc gi MPLS xp hng c th dng cc bit EXP tng t nh cc bit IP u tin (IP Precedence). Ch : Nhng bit c t tn l thc nghim l c l do lch s. Trong qu kh, khng ai bit cch s dng nhng bit ny.

13

Tng quan v mng ring o VPN Trng ngn xp(stack field): 1 bit, bit 23 l bit cui ca ngn xp. Bit ny s c lp l 1 khi y l nhn cui cng ca ngn xp, cn i vi cc nhn khc n l 0 (bit BoS). Chng nhn l s tp trung ca nhng nhn m c t pha trn ca gi. Chng nhn c th ch gm 1 nhn, hoc nhiu nhn. S lng cc nhn ( y l trng 32 bit) m ta c th tm thy trong ngn xp l v hn, mc d ta t khi nhn thy mt ngn xp c bn nhn hoc hn. Trng TTL: Bit th24 n 31 l 8 bit s dng lm bit thi gian sng (Time to live TTL). Nhng TTL ny c chc nng ging nh TTL trong IP header. N c tng ln 1 sau mi bc nhy, v chc nng chnh ca n l trnh mt gi b mc kt trong vng lp nh tuyn. Nu vng nh tuyn xy ra v khng c TTL, th vng lp gi l mi mi. Nu TTL ca mt nhn v 0 th gi s b loi b. Cc loi nhn c bit Untagged: gi MPLS n c chuyn thnh mt gi IP v chuyn tip n ch. N c dng trong thc thi MPLS VPN. Nhn Implicit-null hay POP: Nhn ny c gn khi nhn trn (top label) ca gi MPLS n b bc ra v gi MPLS hay IP c chuyn tip ti trm k xui dng. Gi tr ca nhn ny l 3 (trng nhn 20 bit). Nhn ny c dng trong mng MPLS cho nhng trm k cui. Nhn Explicit-null: c gn gi gi tr EXP cho nhn trn (top label) ca gi n. Nhn trn c hon i vi gi tr 0 v chuyn tip nh mt gi MPLS ti trm k xui dng. Nhn ny s dng khi thc hin QoS vi MPLS. Nhn Aggregate: Vi nhn ny, khi gi MPLS n n bbc tt c nhn trong chng nhn ra tr thnh mt gi IP v thc hin tra cu trong FIB xc nh giao tip ng ra cho n.

Hnh 1.5 Cc loi nhn c bit

14

Tng quan v mng ring o VPN Ngn xp nhn Nhng b nh tuyn MPLS tt (capable) cn nhiu hn 1 nhn trn mi gi nh tuyn gi ny trong mng MPLS. Vic ny c thc hin bi vic t nhn trong mt ngn xp. Nhn u tin trong ngn xp c gi l nhn nh v nhn cui cng c gi l nhn y. gia ta c th c nhiu nhn.

Hnh 1.6 Ngn xp nhn

Nhng ng dng thc t ca MPLS cn nhiu hn 1 nhn trong ngn xp nhn chuyn tip nhng gi c gn nhn. Hai v d ng dng ca MPLS l MPLS VPN v AToM. C hai ng dng trn ca MPLS u t hai nhn rong ngn xp. Trong cc gi MPLS c bn, nhn trn cng xut hin ngay sau mo u lp kt ni, v nhn cui cng xut hin ngay trc mo u lp mng. Gi chuyn tip c thc hin cng vi vic s dng gi tr nhn ca nhn trn cng trong ngn xp. Tuyn IP unicast khng s dng ngn xp nhn, nhng MPLS VPN v iu khin lu lng li s dng ngn xp nhn. M ha MPLS Ngn xp t trc gi lp 3 trc header ca giao thc vn chuyn, nhng sau header ca lp 2. Ngn xp MPLS thng c gi l header m bi v tr ca n. C nhiu kiu ng gi m lp 2 c th p ng hoc lin kt c c s h tr ca Cisco IOS nh: PPP, HDLC, Ethernet ... Git hit rng giao thc truyn ti l IPv4, v phng thc ng gi ng link l PPP, lu trnhn hin nay l sau header PPP nhng trc header IPv4. Bi v ngn xp nhn trong khung Lp 2 c t trc header ca Lp 3 hoc nhng giao thc truyn ti khc, ta c th c nhng gi tr mi trong trng giao thc lp kt ni d liu, nhng gi tr ny chra c phn tip theo ca header lp 2 s l gi c dn nhn MPLS. Trng giao thc lp kt ni d liu l mt gi tr ch ra loi ti m khung lp 2 truyn i. Bng 2-1 ch ra tn v gi tr i vi trng nhn dng giao thc (Protocol Identifier PI) trong header lp 2 i vi cc loi ng gi lp 2 khc nhau.

15

Tng quan v mng ring o VPN

Bng 1.1 Gi tr xc nh giao thc MPLS cho cc dng ng gi lp 2

C s thng tin chuyn tip nhn (LFIB) LFIB c duy tr bi mt nt MPLS cha mt chui cc entry (mc nhp).Nh hnh di y, mi ng nhp vo cha mt nhn ti v mt hoc vi mc ph. LFIB c lp bng cha cc gi tr trong nhn ti.

Hnh 1.7 Cu trc ca LFIB

Mt nt MPLS c th duy tr mt bng chuyn tip n, mt bng chuyn tip trn mi giao din ca n hoc l kt hp c hai. Trong trng hp c nhiu bng chuyn tip, chuyn tip gi c thc hin bi gi tr ca nhn ti cng nh giao din vo m gi n.
16

Tng quan v mng ring o VPN Thut ton chuyn tip gi Chuyn mch nhn s dng thut ton chuyn tip da trn vic trao i nhn. Nt MPLS m duy tr mt LFIB n ly gi tr nhn tt rng nhn tm thy trong gi ti v sd ng gi tr ny nh ch s trong LFIB. Sau khi mt nhn ti match (khp) c tm thy, nt MPLS thay th nhn ny trong gi vi mt nhn ra t mc ph v gi gi qua giao din ra c th ti nt tip c th theo bi mc ph. Nu mc ph ch ra mt hng i ra, nt MPLS t gi trong hng i c th. Nu nt MPLS duy tr nhiu LFIB cho mi giao din ca n, n s dng giao din vt l ni gi n chn mt LFIB c th phc v chuyn tip gi. Thng thng, thut ton chuyn tip s dng nhiu loi thut ton c huyn tip unicast, multicast v gi unicast vi bit ToS c thit lp. Tuy nhin, MPLS ch s dng mt thut ton chuyn tip da trn trao i nhn. Mt nt MPLS c th ly ra tt c thng tin n cn chuyn tip nhn cng nh xc nh ti nguyn dnh ring cn thit bng vic truy nhp b nh n. Tra cu tc cao v kh nng chuyn tip lm cho chuyn mch nhn (label switching) thnh k thut chuyn mch c tnh thc thi cao. MPLS cng c th c s dng vn chuyn giao thc Lp 3 khc nh IPv6, IPX hoc Apple Talk tIPv4. c tnh ny gip MPLS c th tng thch tt vi vic chuyn i cc mng t IPv4 sang IPv6. 1.3.1.2 Mt phng iu khin (Control Plane) Mt phng iu khin MPLS chu trch nhim to ra v lu tr LFIB. Tt c cc nt MPLS phi chy mt giao thc nh tuyn IP trao i thng tin nh tuyn IP vi cc nt MPLS khc trong mng. Cc nt MPLS enable ATM s dng mt b iu khin nhn (LSC Label Switch Controller) nhrouter 7200, 7500 hoc dng mt m un x l tuyn (RMP Route Processor Module) tham gia x l nh tuyn IP. Nhng nhn trao i vi cc nt MPLS lin k c s dng xy dng LFIB. MPLS s dng mt m hnh chuyn tip da trn trao i nhn m c th c kt ni vi mt phm vi cc module iu khin khc nhau. Mi module iu khin chu trch nhim nh du, phn phi mt tp cc nhn, cng nh chu trch nhim d tr thng tin iu khin khc c lin quan. Cc giao thc cng nh tuyn trong phm vi min IGP c dng xc nhn khnng n c, s lin kt v nh x gia FEC v a ch trm k(next-hop address). Thng tin lin kt nhn ch c phn phi gia cc router ni trc tip vi nhau bng cch dng giao thc phn phi LDP. Cc m un iu khin MPLS gm: nh tuyn Unicast (Unicast Routing) nh tuyn Multicast (Multicast Routing) K thut lu lng (Traffic Engineer) Mng ring o (VPN Virtual private Network) Cht lng dch v(QoS Quality of Service)

17

Tng quan v mng ring o VPN

Hnh 1.8 Cc thnh phn mt phng d liu v mt phng iu khin ca MPLS

1.3.2 Phn t v chc nng ca chng trong MPLS 1.3.2.1 LSR (label switch Router) Thnh phn c bn ca mng MPLS l thit b nh tuyn chuyn mch nhn LSR. Thit b ny thc hin chc nng chuyn tip gi thng tin trong phm vi mng MPLS bng th tc phn phi nhn. l kh nng cn thit hiu c nhn MPLS, nhn v truyn gi c gn nhn trn ng lin kt d liu. 1.3.2.2 LSP (label switch Path) ng chuyn mch nhn l mt tp hp cc LSR m chuyn mch mt gi c nhn qua mng MPLS hoc mt phn ca mng MPLS. Vc bn, LSP l mt ng dn qua mng MPLS hoc mt phn mng m gi i qua. LSR u tin ca LSP l mt LSR vo, ngc li LSR cui cng ca LSP l mt LSR ra. Tt ccc LSR gia LSR vo v ra chnh l cc LSR trung gian. 1.3.2.3 FEC (Forwarding Equivalence Class) Lp chuyn tip tng ng (FEC) l mt nhm hoc lung cc gi c chuyn tip dc theo cng mt tuyn v c xl theo cng mt cch chuyn tip. Tt c cc gi cng thuc mt FEC s c nhn ging nhau. Tuy nhin, khng phi tt c cc gi c cng nhn u thuc cng mt FEC, bi v gi tr EXP ca chng c th khc nhau; phng thc chuyn tip khc nhau v n c th ph thuc vo FEC khc nhau. 1.3.3 Cc giao thc s dng trong MPLS 1.3.3.1 Phn phi nhn Nhn u tin c gn trn mt LRS vo v nhn ny s thuc mt LSP. Tuyn i ca gi qua mng MPLS c quy nh (bound) bi mt LSP. S thay i chnh trong qu trnh chuyn tip l nhn trn cng trong ngn xp nhn c trao i ti mi bc
18

Tng quan v mng ring o VPN nhy. LSR vo sgn mt hoc nhiu nhn ln gi. LSR trung gian sthc hin vic trao i nhn trn cng (nhn i vo) ca gi nhn c (gi c gn nhn) vi mt nhn khc (nhn i ra) v truyn gi trn ng kt ni ra. LSR ra ca LSP s ly ton b nhn ca LSP ny v chuyn tip gi. Giao thc phn phi nhn c nhm nghin cu MPLS ca IETF xy dng v ban hnh di tn RFC 3036. Phin bn mi nht c cng b nm 2001 a ra nhng nh ngha v nguyn tc hot ng ca giao thc LDP. Giao thc phn phi nhn c s dng trong qu trnh gn nhn cho cc gi thng tin yu cu. Giao thc LDP l giao thc iu khin tch bit c cc LSR s dng trao i v iu phi qu trnh gn nhn/FEC. Giao thc ny l tp hp cc thtc trao i cc bn tin cho php cc LSR s dng gi tr nhn thuc FEC nht nh truyn cc gi thng tin.

Hnh 1.9 Quan h gia LDP vi cc giao thc khc

Giao thc truyn ti tin cy Vic quyt nh s dng TCP truyn cc bn tin LDP l mt vn cn xem xt. Yu cu v tin cy l rt cn thit: nu vic lin kt nhn hay yu cu lin kt nhn c truyn mt cch khng tin cy th lu lng cng khng c chuyn mch theo nhn. Mt vn quan trng na l th t cc bn tin phi bo m ng. Nh vy liu vic s dng TCP truyn LDP c bo m hay khng v c nn xy dng lun chc nng truyn ti ny trong bn thn LDP hay khng? Thit k mt giao thc truyn ti tin cy l mt vn nan gii. c rt nhiu c gng ci thin TCP nhm lm tng tin cy ca giao thc truyn ti. Tuy nhin vn hin nay vn cha r rng v TCP vn c s dng cho truyn ti LDP.
19

Tng quan v mng ring o VPN Chng II: Mng MPLS - VPN 2.1 Mng ring o VPN VPN l mt cch m phng mng ring trn mt mng cng cng nh Internet. N c gi l o bi v n ph thuc vo vic s dng cc kt ni o, l nhng kt ni tm thi gm cc gi c nh tuyn trn nhiu my tnh trn Internet theo mt cu trc c bit. Cc kt ni o m bo an ninh c thit lp gia cc my tnh, gia cc mng, gia mng v my tnh. 2.1.1 Lch s pht trin ca VPN VPN khng phi l cng ngh mi. Khi nin u tin v VPN c AT&T a ra khong cui thp nn 80. VPN c bit n nh l mng c nh ngha bng phn mm (software defined network -SDN). SDN l mng WAN vi khong cch xa n c thit lp dnh ring cho ngi dng. SDN da vo c s d liu truy nhp phn loi truy nhp vo mng gn hoc t xa. Da vo thng tin gi d liu s c nh tuyn ti ch thng qua c s h tng cho mch cng cng. Th h th 2 ca VPN cng xut hin vi s ra i ca X25 v ISDN vo u thp k 90 .Trong mt thi gian giao thc X25 qua mng ISDN c thit lp nh l mt giao thc ca VPN, tuy nhin t l sai s trong qu trnh truyn dn vt qu s cho php. Do th h th 2 ca VPN nhanh chng b lng qun trong mt thi gian ngn. Sau th th h th 2 th trng VPN b chm li cho n khi cng ngh Frame Relay v cng ngh ATM ra i th h th 3 ca VPN da trn 2 cng ngh ny.Nhng cng ngh ny da trn khi nin chuyn mch knh o. Trong thi gian gn y thng mi in t tr thnh mt phng thc thng mi hu hiu, nhng yu cu ca ngi s dng VPN cng r rng hn. Ngi dng mong mun mt gii php m c th d dng c thc hin, thay i, qun tr, c kh nng truy cp ton cu v c kh nng cung cp bo mt mc cao, t u cui n u cui .Th h gn y ca VPN l IP-VPN p ng c tt c nhng yu cu ny bng cch s dng cng ngh ng hm. 2.1.2 Phn loi C ba loi ph bin hin nay l VPN truy cp t xa (Remote-Access ) v VPN imni-im (site-to-site) v Firewall-Based VPNs Remote Access VPN m t vic cc ngi dng xa s dng cc phn mm VPN truy cp vo mng Intranet ca cng ty thng qua gateway hoc VPN concentrator (bn cht l mt server). V l do ny, gii php ny thng c gi l client/server. Trong

20

Tng quan v mng ring o VPN gii php ny, cc ngi dng thng thng s dng cc cng ngh WAN truyn thng to li cc tunnel v mng HO ca h. VPN im-ni-im l vic s dng mt m dnh cho nhiu ngi kt ni nhiu im c nh vi nhau thng qua mt mng cng cng nh Internet. Loi ny c th da trn Intranet hoc Extranet. Firewall-based VPN l gii php trong doanh nghip s qun l firewall v t trin khai VPN hoc nh cung cp dch v s cung cp cc tnh nng firewall nng cao h tr VPN. 2.1.3 Cc giao thc s dng trong mng ring o 2.1.3.1 IP Security c pht trin bi IETF, IPSec l tiu chun m truyn thng tin an ton xc nhn ngi s dng h thng mng cng cng. y l giao thc hot ng lp mng, cung cp cc dch v bo mt, nhn thc, ton vn d liu v iu khin truy cp. N l mt tp hp cc tiu chun m lm vic cng nhau gia cc phn thit b. IPSec cho php thit lp mt ng ngm bo mt gia hai mng ring v nhn thc hai u ca ng ngm ny. Cc thit b gia hai u ng ngm c th l mt cp host, hoc mt cp cng bo mt (c th l router, firewall, b tp trung VPN) hoc mt cp thit b gm mt host v mt cng bo mt. ng ngm ng vai tr nh mt knh truyn bo mt v cc gi d c th truyn mt cch an ton thng qua ng hm. Cc gi tin truyn trong ng ngm c khun dng ging nh cc gi tin bnh thng khc v khng lm thay i cc thit b, kin trc cng nh nhng ng dng hin c trn mng trung gian, qua cho php gim ng k chi ph trin khai v qun l. Hot ng ca IPSec mc c bn i hi phi c cc phn chnh sau: - Lin kt bo mt SA (Security Association) - Xc thc tiu AH(Authentication Header) - Bc gi bo mt ti ESP (Encapsulating Security Payload) - Ch lm vic 2.1.3.2 Giao thc ng hm im-im PPTP c pht trin bi Microsoft, 3COM v Ascend Communications. N c xut thay th cho IPSec. PPTP thi hnh phn lp 2 (Data Link) trong m hnh OSI v thng c s dng trong truyn thng tin h iu hnh Windows.

21

Tng quan v mng ring o VPN Giao thc ng hm im - im PPTP c xy dng da trn chc nng ca PPP, cung cp kh nng quay s truy cp t xa, to ra mt ng hm bo mt thng qua Internet n site ch. PPTP s dng phin bn giao thc GRE ng v tch gi PPP.

Hnh 2.1 Kin trc ca PPTP

Sau khi PPP thit lp kt ni, PPTP s dng cc quy lut ng gi ca PPP ng cc gi truyn trong ng hm. Sau khi ng hm c thit lp th d liu ngi dng c truyn gia client v my ch PPTP. Cc gi PPTP cha cc gi d liu IP. Cc gi d liu c ng gi bi tiu GRE, s dng s ID ca Host cho iu khin truy cp, ACK cho gim st tc d liu truyn trong ng hm. 2.1.3.3 Giao thc ng hm lp 2 L2TP c pht trin bi h thng Cisco nhm thay th IPSec. Tin thn ca n l Layer 2 Forwarding (L2F), c pht trin truyn thng tin an ton trn mng Internet nhng b thay th bi L2TP v LT2P c kh nng m ha d liu tt hn v c kh nng giao tip vi Windown. L2TP l s phi hp ca L2F) v PPTP. Thng c s dng m ha cc khung Point-to-Point Protocol (PPP) gi trn cc mng X.25, FR, v ATM. L2TP c th c s dng lm giao thc ng hm cho mng VPN im-niim v VPN truy cp t xa. Trn thc t, L2TP c th to ra mt ng hm gia my khch v router, NAS v router, router v router.

22

2.2: Mng MPLS-VPN


2.2.1 Cc m hnh MPLS VPN Hin nay c hai m hnh trin khai mng ring o trn nn MPLS ph bin l mng ring o lp 3 (L3VPN) v mng ring o lp 2 (L2VPN). Sau y s gii thiu nhng c im chnh ca hai m hnh ny. 2.2.1.1 M hnh V3VPN Kin trc mng ring o L3VPN c chia thnh hai lp, tng ng vi cc lp 3 v lp 2 trong m hnh OSI. L3VPN da trn RFC 2547 bits, m rng mt s c tnh c bn ca giao thc cng bin BGP (Border Gateway Protocol) v tp trung vo hng a giao thc ca BGP nhm phn b cc thng tin nh tuyn qua mng li ca nh cung cp dch v cng nh l chuyn tip cc lu lng VPN qua mng li. Trong kin trc L3VPN, cc b nh tuyn khch hng ca nh cung cp c coi l cc phn t ngang hng. B nh tuyn bin khch hng CE cung cp thng tin nh tuyn ti b nh tuyn bin nh cung cp PE. PE lu cc thng tin nh tuyn trong bng nh tuyn v chuyn tip o VRF. Mi khon mc ca VRF tng ng vi mt mng khch hng v hon ton bit lp vi cc mng khch hng khc.
Gi IP VPN A CE PE CE Bng VRF VPN A Bng VRF VPN B Bng nh tuyn P PE P PE CE Bng VRF VPN B VPN B Bng nh tuyn Nhn LSP Nhn VRF Gi IP Gi IP VPN B

CE VPN A Bng VRF VPN A Bng nh tuyn

Mng MPLS cung cp dch v

Hnh 2.2 M hnh MPLS L3VPN

Cc gi tin IP qua min MPLS c gn hai loi nhn, bao gm nhn MPLS ch th ng dn chuyn mch nhn LSP v nhn ch th nh tuyn/chuyn tip o VRF. Ngn xp nhn c thip lp cha cc nhn trn. Cc b nh tuyn P ca nh cung cp x
23

l nhn LSP chuyn tip cc gi tin qua min MPLS. Nhn VRF ch c x l ti thit b nh tuyn bin PE ni vi b nh tuyn khch hng. M hnh L3VPN c u im l khng gian a ch khch hng c qun l bi nh khai thc, v nh vy n cho php n gin ha vic trin khai kt ni vi nh cung cp. Ngoi ra, L3VPN cn cung cp kh nng nh tuyn ng phn phi cc thng tin nh tuyn vi cc b VPN. Tuy nhin, L3VPN ch h tr cc lu lng IP hoc lu lng ng gi vo gi tin IP. ng thi, vic tn ti hai bng nh tuyn ti cc thit b bin mng cng l mt vn phc tp trong iu hnh v nh hng ti kh nng m rng cc h thng thit b. 2.2.1.2 M hnh L2VPN M hnh mng ring o lp 2 c pht trin sau v cc tiu chun vn trong giai on hon thin. Cch tip cn L2VPN hng ti vic thit lp cc ng hm qua mng MPLS x l cc kiu lu lng khc nhau nh Ethernet, FR, ATM, v PPP/HDLC. C hai dng L2VPN c bn l: - im ti im: Tng t nh trong cng ngh ATM v FR, nhm thit lp cc ng dn chuyn mch o qua mng. - im ti a im: H tr cc cu hnh mt li v phn cp. Trong nhng nm gn y, dch v LAN o da trn m hnh L2VPN a im s dng cng ngh truy nhp Ethernet c trin khai rng ri. Gii php ny cho php lin kt cc mng Ethernet qua h tng MPLS trn c s nhn dng lp hai, v vy gim c phc tp ca cc b nh tuyn lp ba. Trong m hnh L2VPN cc b nh tuyn CE v PE khng nht thit phi c coi l ngang hng thay vo , ch cn tn ti kt ni lp hai gia cc b nh tuyn ny.
Gi L2 VPN A CE PE CE P PE CE Nhn LSP Nhn VC T iu khin Gi L2 Gi L2 VPN B

VPN B

CE VPN A

PE

Mng MPLS cung cp dch v

Hnh 2.3 M hnh MPLS L2VPN


24

L2VPN xc nh kh nng tm kim qua mt phng d liu bng a ch hc c t cc b nh tuyn ln cn. L2VPN s dng ngn xp nhn tng t nh trong L3VPN. Nhn MPLS bn ngoi c s dng xc nh ng dn cho lu lng qua min MPLS, cn nhn knh o VC nhn dng cc mng LAN o, VPN hoc kt ni ti cc im cui. Mt trng nhn ty chn s dng iu khin ng cc kt ni lp hai c t trong cng ngn xp st vi trng d liu. L2VPN c u im quan trng nht l cho php cc giao thc lp cao c truyn trong sut i vi MPLS. N c th hot ng trn hu ht cc cng ngh lp hai gm ATM, FR, Ethernet v m ra kh nng tch hp cc mng phi kt ni IP vi cc mng hng kt ni. Ngoi ra, trong gii php ny ngi s dng u cui khng cn phi cu hnh nh tuyn cho cc b nh tuyn khch hng CE. 2.2.2 Hot ng ca MPLS VPN 2.2.2.1 Truyn thng tin nh tuyn Cc b nh tuyn PE cn phi trao i thng tin trong cc bng nh tuyn o m bo vic nh tuyn d liu gia cc site khch hng ni vi nhng b nh tuyn ny. Bi ton t ra l phi c mt giao thc nh tuyn truyn thng tin tt c cc tuyn khch hng dc theo mng nh cung cp m vn duy tr c khng gian a ch c lp gia cc khch hng khc nhau. Mt gii php c xut trn c s s dng giao thc nh tuyn ring cho mi khch hng. Cc b nh tuyn PE c th c kt ni thng qua cc ng hm im im (v giao thc nh tuyn cho mi khch hng s hot ng gia cc b nh tuyn PE) hoc l b nh tuyn P ca nh cung cp c th tham gia vo qu trnh nh tuyn ca khch hng. Mt gii php khc da trn vic trin khai mt giao thc nh tuyn trao i thng tin ca tt c cc tuyn khch hng dc theo mng nh cung cp dch v. R rng gii php ny c u im hn nhng b nh tuyn P vn phi tham gia vo nh tuyn khch hng do vn khng gii quyt c vn m rng. V vy, gii php ti u hn l vic truyn thng tin nh tuyn khch hng s do mt giao thc nh tuyn gia cc b nh tuyn PE iu hnh, cn cc b nh tuyn P khng tham gia vo qu trnh nh tuyn ny. 2.2.2.2 a ch VPN IP Vi vic trin khai giao thc nh tuyn BGP trao i tt c cc tuyn ca khch hng gia cc b nh tuyn PE t ra mt vn l lm th no m BGP c th truyn nhng tin t xc nh thuc v cc khch hng khc nhau gia cc b nh tuyn PE.

25

BGP s dng a ch IP chn mt ng i gia tt c cc ng c th i n ch. Do , BGP khng th lm vic ng nu khch hng s dng cng khng gian a ch. Ch c mt gii php gii quyt vn ny l m rng tin t a ch IP ca khch hng vi mc ch lm cho a ch ny tr nn duy nht ngay c khi c s trng lp a ch. Ngoi ra, phi m bo rng chnh sch s dng chn mt ng nh tuyn no trong s cc tuyn c BGP s dng ch c th c trong mt bng VRF duy nht. Vic m rng tin t a ch IP ca khch hng VPN dn n mt khi nim mi l a ch VPN IP. a ch VPN IP c to ra bng cch ghp hai phn c di khng i l trng phn bit tuyn (Route Distinguisher) v a ch IP c s ( hnh 4.3).
64bit 32bit

Trng phn bit tuyn

a ch IP

a ch VPN - v4
Hnh 2.4 a ch VPN Ipv4

Yu t phn bit thuc v trng a phn bit tuyn khi mng khch hng c cng a ch IP. Trng ny c cu trc cho php mi nh cung cp dch v VPN t to ra mt gi tr nhn dng cho tuyn m khng s b trng vi gi tr tng t s dng bi nh cung cp dch v khc. Trng phn bit tuyn bao gm ba loi nh ch ra trn hnh 4.4
0
Kiu 0x00

15 16
S h thng t tr ASN S gn ca nh qun tr mng cc b a. Kiu 2 octet ASN v 4 octet gn bi nh qun tr mng cc b

31

0
Kiu 0x00 a ch IP

15 16
a ch IP S gn

31

b. Kiu 4 octet a ch IP v 2 octet gn

0
Kiu 0x00 S gn ca nh qun tr mng cc b

15 16
S gn ca nh qun tr mng cc b S gn

31

c. Kiu 4 octet gn bi nh qun tr mng cc b v 2 octet gn

Hnh 2.5 Khun dng trng phn bit tuyn.


26

Trng s h t tr ASN (Autonomous System Number) cha gi tr s i din cho h thng ca nh cung cp dch v VPN. Trng s gn (Assigned Nember) do mi nh cung cp dch v mng VPN t qun. Trong hu ht cc trng hp, nh cung cp dch v n nh mt gi tr trng s gn cho mt mng VPN, tuy nhin i khi cng c th gn nhiu gi tr cho mt mng VPN. Hai mng VPN do mt nh cung cp dch v qun l s khng s dng chung mt s gn, v s h t tr ASN cng l duy nht trong mng ton cu. i vi giao thc BGP th vic qun l cc tuyn ng vi a ch VPN IP khng khc g vic qun l tuyn ng vi a ch IP c s. Kh nng h tr a giao thc ca MP BGP lm cho n c th qun l tuyn ng vi nhiu h a ch khc nhau. Mt im quan trng cn lu l cu trc a ch VPN IP cng nh cu trc ca trng phn bit tuyn ng vi a ch VPN IP l hon ton m i vi BGP. BGP ch so snh phn mo u ca hai a ch VPN IP ch n khng quan tm n cu trc ca chng. V vy trong trng hp ny, BGP khng cn h tr thm cc giao thc ph m ch s dng nhng c tnh sn c. Cc c tnh m giao thc BGP s dng cho MPLS VPN nh: c tnh cng ng (Community), nh tuyn lc da trn cng ng hay s dng tuyn d phng. Cc c tnh trn c p dng i vi cc tuyn ng vi a ch VPN IP cng ging nh cc tuyn ng vi a ch IP thng thng. a ch VPN IP ch hon ton gii hn trong nh cung cp dch v, v cc khch hng VPN (c th l cc thit b ca khch hng) khng c khi nim g v n. a ch VPN IP ch c nhn bit v gn b nh tuyn bin ca nh cung cp PE. i vi mi kt ni VPN, b nh tuyn PE c cu hnh ng vi mt gi tr ca trng phn bit tuyn. Khi PE nhn c mt tuyn t CE kt ni trc tip ti n th n cn xc nh CE thuc VPN no trc khi chuyn thng tin v tuyn ny cho BGP ca nh cung cp dch v. B nh tuyn PE s chuyn a ch IP c s ca tuyn thnh a ch VPN IP bng cch s dng trng phn bit tuyn t cho VPN . Mt cch tng t khi PE nhn mt tuyn t BGP ca nh cung cp dch v, n s chuyn thng tin a ch VPN IP ca tuyn thnh thng tin a ch IP c s. Nh ta bit, BGPv4 hin nay ch c th thc hin c vi cc a ch Ipv4. Khi , vic truyn thng tin tuyn ca khch hng dc theo mng MPLS VPN s c thc hin nh sau: - B nh tuyn CE gi cp nht nh tuyn Ipv4 n b nh tuyn PE. - B nh tuyn PE sau thm trng phn bit tuyn (64bit) vo trng a ch Ipv4 (32bit) m n nhn, kt qu l to ra a ch VPN IPv4 96bit duy nht. - a ch VPN Ipv4 ny c truyn thng qua phin MP iBGP n cc b nh tuyn PE khc. - B nh tuyn PE nhn s loi b trng phn bit tuyn t a ch VPN Ipv4 to thnh a ch Ipv4 nh ban u m CE u xa gi.
27

- a ch Ipv4 ny c chuyn tip n b nh tuyn CE khc trong bn cp nht nh tuyn Ipv4. Mt im quan trng cn nhn mnh l a ch VPN IP ch c s l trong cc giao thc nh tuyn ch khng c ti trong phn mo u ca gi IP. V vy VPN IP khng th s dng mt cch trc tip chuyn tip gi. Nhim v chuyn tip cc gi c thc hin da trn MPLS v s trnh by phn sau. 2.2.2.3 Chuyn tip gi tin VPN Cc yu t cn thit m bo cho s hot ng ca MPLS VPN bao gm giao thc nh tuyn v phng thc truyn gi tin qua mng MPLS trong khi vn m bo c tnh cht ca VPN. Vi cc tuyn khch hng c truyn dc theo mng ng trc MPLS VPN lu lng gia cc b nh tuyn CE v PE mc nh l lu lng ca cc gi tin IP. B nh tuyn khch hng CE h tr cc giao thc nh tuyn IP chun v khng tham gia vo MPLS VPN, b nh tuyn PE ch phi chuyn gi tin IP nhn c t b nh tuyn khch hng n cc b nh tuyn PE khc. R rng l gii php ny rt kh thc hin bi v b nh tuyn P khng bit r v cc tuyn ca khch hng, v v th mt s yu cu cht lng dch v s kh c kh nng p ng. Phng php khc c v kh quan hn l s dng ng dn chuyn mch nhn LSP gia cc b nh tuyn PE chuyn tip cc gi tin IP theo gi tr nhn gn vo chng (hnh 4.5)

MPLS VPN Backbone


CE Router IP L1 IP L2 IP L3 CE Router

IP

Ingress PE

P Router

P Router

Egress - PE

IP

CE Router

CE Router

Hnh 2.6 S dng nhn chuyn tip gi tin VPN

Trong phng php ny, gi tin IP ca khch hng c gn mt nhn ng k cho b nh tuyn PE u ra (Egress). Cc b nh tuyn li khng cn bit a ch IP ca khch hng, v ch c gi tin no c gn nhn s c chuyn n b nh tuyn PE u ra. Cc b nh tuyn li ch thc hin cc hot ng chuyn tip v phn phi gi tin
28

khch hng n b nh tuyn PE u ra. Tuy nhin, ti b nh tuyn PE u ra, gi tin IP ca khch hng khng c thng tin no v VPN hay l VRF b nh tuyn c th thc hin kim tra VRF, do n c th b mt. Mt phng php ti u hn c th c la chn chuyn tip cc gi tin l s dng ngn xp nhn (Hnh 4.6)

MPLS VPN Backbone


CE Router IP V L1 IP V L2 IP V L3 CE Router

IP

Ingress PE

P Router

P Router

Egress - PE

IP

CE Router

CE Router

Hnh 2.7 S dng ngn xp nhn chuyn tip gi tin VPN

Ngn xp nhn MPLS c s dng ch th cho b nh tuyn PE u ra bit phi lm g vi gi tin VPN. Ngn xp nhn bao gm hai nhn xp chng ln nhau gi l nhn bn trong (inner label) v nhn bn ngoi (outer label). Khi gi tin vo mng, b nh tuyn PE u vo gn hai loi nhn ny vo gi tin IP. Nhn trn cng trong ngn xp l ca ng dn chuyn mch nhn (cn gi l LDP), m bo cho gi tin c truyn qua mng MPLS VPN ng trc n b nh tuyn PE u ra. MPLS s dng ngn nhn ngoi chuyn tip gi tin t b nh tuyn PE u vo qua mng li. mi b nh tuyn P nhn ny c s dng chuyn tip gi tin, n chnh l ch s trong bng chuyn tip ca b nh tuyn. Cc b nh tuyn P chuyn tip gi tin dc theo LSP theo phng php hon i nhn v khng bao gi kim tra nhn bn trong hoc a ch ch IP ca gi tin. Khi gi tin n PE u ra, b nh tuyn ny thc hin tch b nhn ngoi ri x l nhn trong. Nhn trong l nhn c b nh tuyn PE ng k cho mi VRF, v PE s s dng n quyt nh VRF no m gi tin thuc v. Ni cch khc, nhn trong quyt nh CE no gi tin s c gi n. Theo mc nh, b nh tuyn PE u ra thc hin tm kim trong bng chuyn tip VRF s dng a ch IP ch ca gi tin. Sau , n chuyn tip gi IP khng nhn n site khch hng thch hp. Bn thn cc nhn bn trong c lin lc gia cc PE trong cc bn tin cp nht m rng MP iBGP. Nhn th hai trong ngn xp nhn cn c s dng ch trc tip n giao din u ra ti khch hng. Trong trng hp ny, b nh
29

tuyn PE u ra ch thc hin kim tra nhn trn gi tin VPN. Tnh hung ny thng c dng khi b nh tuyn CE l bc k tip ca tuyn VPN v nhn ny c th ch n mt VRF n nht. B nh tuyn PE u ra thc hin kim tra nhn trc tm c VRF ch, sau mi thc hin kim tra a ch IP trong VRF.

TNG KT
Trong nhng nm gn y, cng ngh chuyn mch nhn a giao thc MPLS c rt nhiu quc gia la chn xy dng v pht trin h thng mng vin thng ca mnh. Mt trong nhng ng dng in hnh ca MPLS l dch v mng ring o MPLS VPN. Dch v ny gp phn rt ln vo s pht trin nhanh chng ca MPLS v m ra nhiu kh nng ng dng mi. Chng ny trnh by v cc m hnh trin khai MPLS VPN ti lp hai v lp ba, nhng k thut then cht trong MPLS VPN nh truyn thng tin nh tuyn, a ch VPN IP v hot ng chuyn tip gi tin VPN. Ngoi ra, trong ni dung ca chng ny cng cp n mt s vn lin quan n kha cnh bo mt v cht lng dch v trong MPLS VPN. Cui chng c a ra mt s phn tch v so snh cc c im ni bt ca hai gii php VPN da trn IPSec v MPLS. C th ni, vic trin khai cng ngh VPN trn nn MPLS ha hn nhiu thun li mi v chc chn s l gii php l tng cho mng ring o trong tng lai.

30

TI LIU THAM KHO


Mng vin thng th h sau TS. Nguyn Qu Minh Hin Cng ngh chuyn mch MPLS - ThS. Hong Trng Minh

Vnpro.org trn cc din n: nhatnghe.com, vnpro.org,

Cc bi bo, bi vit vntelecom.org.

31