Documentos de Académico
Documentos de Profesional
Documentos de Cultura
MPLS:
Multi-Protocol Label
Switching
Ing. Jos Patio Snchez
IP
The first defined and used
protocol
De facto the only protocol for
global Internet working
but there are disadvantages
IP Routing disadvantages
Connectionless
Each router has to make independent
forwarding decisions based on the IPaddress
Large IP Header (at least 20 bytes)
Routing in Network Layer
- Slower than Switching
Usually designed to obtain shortest
path
- Do not take into account additional
metrics
ATM
connection oriented
fast packet switching with fixed length
packets (cells)
integration of different traffic types (voice,
data, video)
but there are also disadvantages
ATM disadvantages
Complex
Expensive
Not widely adopted
Motivation (cont.)
Idea: Combine the forwarding algorithm used in
ATM with IP.
MPLS Basics
Multi Protocol Label Switching is arranged
between Layer 2 and Layer 3
MPLS concept
Packet forwarding is done based on Labels.
Labels are assigned when the packet
enters into the network.
Labels are on top of the packet.
MPLS nodes forward packets/cells based
on the label value (not on the IP
information).
MPLS concept
MPLS allows:
Packet classification only where the packet
enters the network.
The packet classification is encoded as a
label.
In the core, packets are forwarded without
having to re-classify them.
No further packet analysis
Label swapping
IP
IP
IP Forwarding
#L1
IP
#L2
LABEL SWITCHING
IP
#L3
IP
IP Forwarding
In
label
Out
label
3
4
128.89.10.
x
179.69.x.x
1
1
In
label
Out
label
3
4
5
7
128.89.10.
x
179.69.x.x
1
2
1
R1
128.89.10.
128.89.10.x
12
Label Table
R3
Advertises
binding
<5, 128.89.10.x>
R2
198.168.7.
6
Advertises
bindings
<3, 128.89.10.x>
<4, 179.69.x.x>
Advertises
binding
<7, 179.69.x.x>
179.69.x.x
R4
179.69.42.
311
Out
label
3
4
128.89.10.
x
179.69.x.x
1
1
In
label
Out
label
3
3
4
5
7
128.89.10.
x
179.69.x.x
Swap
Label
3
R1
3
Packet arrives
DA=128.89.10.
25
Pop
labe
l
1
2
128.89.10.
12
128.89.10.
x
R3
5
R2
Push
Label
198.168.7.
6
179.69.x.x
R4
R3
Forwar
d
packet
179.69.42.
312
Stack
The stack is the collection of labels that
are found on top of the packet.
The stack can consist of just one label, or
it might have more.
The number of labels (that is, the 32-bit
field) that you can find in the stack is
limitless, although you should seldom see
a stack that consists of four or more
labels.
Label Stack
MPLS-capable routers might need more than one
label on top of the packet to route that packet
through the MPLS network. This is done by packing
the labels into a stack. The first label in the stack
is called the top label, and the last label is called
the bottom label. In between, you can have any
number of labels.
Label
IETF has also defined a new protocol known
as the Label Distribution Protocol (LDP) for
explicit signaling and management
Extensions to the base LDP protocol have also
been defined to support explicit routing based
on QoS requirements.
Forward Equivalence
Class - FEC
A Forwarding Equivalence Class
(FEC) is a group or flow of packets
that are forwarded along the
same path and are treated the
same
with
regard
to
the
forwarding treatment. All packets
belonging to the same FEC have
the same label.
Forward Equivalence
Class - FEC
However, not all packets that have
the same label belong to the same
FEC, because their EXP values might
differ; the forwarding treatment
could be different, and they could
belong to a different FEC. The router
that decides which packets belong
to which FEC is the ingress LSR. This
is logical because the ingress LSR
classifies and labels the packets.
Examples of FECs
Packets with Layer 3 destination IP addresses
matching a certain prefix
Multicast packets belonging to a certain group
Packets with the same forwarding treatment, based
on the precedence or IP DiffServ Code Point (DSCP)
field
Layer 2 frames carried across an MPLS network
received on one VC or (sub)interface on the ingress
LSR and transmitted on one VC or (sub)interface on
the egress LSR
Packets with Layer 3 destination IP addresses that
belong to a set of Border Gateway Protocol (BGP)
prefixes, all with the same BGP next hop
Forwarding
Equivalence Classes
LSR
LER
LSR
LER
LSP
IP1
IP2
IP1
IP1 #L1
IP1 #L2
IP1 #L3
IP2 #L1
IP2 #L2
IP2 #L3
Packets
Packets are
are destined
destined for
for different
different address
address prefixes,
prefixes,
but
but can
can be
be
mapped
mapped to
to common
common path
path
IP2
FEC = A subset of packets that are all treated the same way by a router
The concept of FECs provides for a great deal of flexibility and scalability
In conventional routing, a packet is assigned to a FEC at each hop (i.e. L3
look-up), in MPLS it is only done once at the network ingress
Forwarding of Labeled
Packets
Label Operation
The possible label operations are
swap, push, and pop.
Label Operation
Neighbor discovery
Basic and extended discovery
MPLS Architecture
Control Plane
OSPF: 10.0.0.0/8
LDP: 10.0.0.0/8
Label 17
OSPF
LDP
OSPF: 10.0.0.0/8
LDP: 10.0.0.0/8
Label 4
Data Plane
Labeled packet
Label 17
LFIB
417
Labeled packet
Label 4
Control Plane
Routing Protocol
IP Routing Table
Exchange of
labels
Incoming
IP packets
Incoming
labeled packets
LDP
Data Plane
IP Forwarding Table
Label Forwarding Table
Outgoing
IP packets
Outgoing
labeled packets
10.0.0.0/8 1.2.3.4
RT:
10.0.0.0/8 1.2.3.4
OSPF: 10.0.0.0/8
LIB:
Data Plane
10.1.1.1
L=5 10.1.1.1
FIB:
LFIB:
10.0.0.0/8 1.2.3.4
10.1.1.1
OSPF:
10.0.0.0/8 1.2.3.4
RT:
10.0.0.0/8 1.2.3.4
LIB:
OSPF: 10.0.0.0/8
Data Plane
10.1.1.1
L=5 10.1.1.1
FIB:
LFIB:
L=3 10.1.1.1
L=5 L=3
L=3 10.1.1.1
Label Allocation in a
Packet-Mode MPLS
Environment
Routing table of B
Network Next-hop
X
C
A
FIB on A
Network Next hop Label
X
B
Routing table of C
Network Next-hop
X
D
Routing table of E
Network Next-hop
X
C
D
Network X
Allocating Labels
Routing table of B
Network Next-hop
X
C
Router
Router B
B assigns
assigns label
label 25
25 to
to
destination
destination X.
X.
D
Network X
B
Label
25
LFIB on B
Action Next hop
EC
pop
LIB on B
Network
LSR label
X
local
25
Router
Router B
B assigns
assigns label
label 25
25 to
to
destination
destination X.
X.
C
Outgoing
Outgoing action
action is
is pop,
pop, as
as B
B
Network
has
for
has received
received no
no label
label
for XX
X
from
from C.
C.
Local
Local label
label is
is stored
stored in
in LIB.
LIB.
Label Distribution
LIB on B
Network
LSR label
X
local
25
X = 25
X = 25
B
X
=
25
D
Network X
Receiving Label
Advertisement
LIB on A
Network
LSR label
X
B
25
LIB on C
Network
LSR label
X
B
25
X = 25
A
FIB on A
Network Next hop Label
X
B
25
X = 25
B
25
D
Network X
LIB on E
Network
LSR label
X
B
25
Interim Packet
Propagation
Label
Label lookup
lookup is
is performed
performed
in
in LFIB:
LFIB: label
label is
is removed.
removed.
Label
25
IP: X
Lab: 25
LFIB on B
Action Next hop
pop
C
FIB on A
Network Next hop Label
X
B
25
IP: X
IP
IP lookup
lookup is
is performed
performed in
in
FIB:
FIB: packet
packet is
is labeled.
labeled.
X = 47
A
C
47
D
Router
Router C
C assigns
assigns label
label
Network
47
47 to
to destination
destination X.
X. X
Label
47
LFIB on C
Action Next hop
pop
D
Receiving Label
Advertisement
FIB on B
Network Next hop Label
X
C
47
LIB on B
Network
LSR label
X
local
25
C
47
X = 47
A
FIB on E
Network Next hop
X
C
E
Label
47
C
47
D
Network X
LIB on E
Network
LSR label
X
B
25
C
47
Populating LFIB
FIB on B
Network Next hop Label
X
C
47
LIB on B
Network
LSR label
X
local
25
C
47
X = 47
A
Label
25
B
LFIB on B
Action Next hop
47
C
C
47
D
Network X
Ingress LSR
IP: X
Label
25
Lab: 25
LFIB on B
Action Next hop
47
C
FIB on A
Network Next hop Label
X
B
25
Egress LSR
Lab: 47
Label
47
IP
IP lookup
lookup is
is performed
performed in
in
the
the FIB,
FIB, packet
packet is
is labeled.
labeled.
Label
Label lookup
lookup is
is performed
performed
in
in the
the LFIB,
LFIB, label
label is
is removed.
removed.
IP: X
LFIB on C
Action Next hop
pop
D
Per-Platform Label
Allocation
X = 25
A
B
X=
Label
25
25
LFIB on B
Action Next hop
75
D
D
Network X
Label
25
X = 25
AA
BB
25
:
b
La
LFIB on B
Action Next hop
75
D
Lab: 47
DD
N e tw o rk X
X
Network
A
A third-party
third-party router
router can
can still
still send
send
packets
packets toward
toward network
network X,
X, even
even though
though
the
the label
label was
was not
not announced
announced to
to it.
it.
Benefits:
Smaller LFIB
Quicker label
exchange
Drawbacks:
Insecureany neighbor
LSR can send packets
with any label in the
LFIB
What Is a VPN?
A data network that utilizes a portion
of a shared public network to extend
a customer's private network
What Is a VPN?
Flexible inter-site connectivity
Ranging from complete to partial
mesh
Sites may be either within the
same or in different organizations
VPN can be either intranet or extranet
Site may be in more than one VPN
VPNs may overlap
Not all sites have to be connected
to the same service provider
VPN can span multiple providers
VPN-C
VPN-A
Site-2
Site-3
VPN-B
Why VPN?
VPNs were developed initially to deal with
security issues of transmitting clear text data
across a network.
Examples of applications that send traffic in a
clear text format are Telnet, file transfers via FTP
or TFTP.
VPN has attracted the attention of many
organizations looking to expand their networking
capabilities, secure their traffic and reduce their
costs.
VPN Categories
There are 3 basic VPN categories:
Intranet
Extranet
Internet
Intranet VPN
Extranet VPN
Internet
An Internet VPN uses a public network
as the backbone to transport VPN
traffic between devices.
As an example, you might use the
Internet, which is a public network, to
connect two sites together or have
telecommuters use their local ISPs to
set up a VPN connection to the
corporate network remote access
connections).
VPN Components
The VPN realm consist of the following
regions:
Customer network: Consisted of the
routers at the various customer sites
called customer edge (CE) routers
VPN Implementations
There are many ways for the
implementation of VPN such as:
GRE
Ipsec
L2TP
MPLS
MPLS VPN
MPLS VPNs are enhancement to MPLS
MPLS uses a virtual circuit (VC) across
a private network to emulate the VPN
function.
MPLS alone won't solve security
problem; you'll have to complement it
with another VPN solution, such as
IPsec over MPLS
MPLS supports multiple protocols. In
other words, you can use MPLS to tag
IP packets, Ethernet frames, IPX
packets.
VPN Models
The VPN implementations can be
classified broadly into one of the
following:
Overlay model
Peer-to-peer model
Overlay model
The provider did not participate in
customer routing. It provides the
customer with transport of data using
virtual point-to-point links (PVC or SVC).
Overlay model
The drawback of an Overlay model was
the full mesh of virtual circuits between
all
customer
sites
for
optimal
connectivity. N sites need N(N-1)/2
circuits.
Overlay VPNs provides either Layer 1
(physical layer) connectivity or a Layer 2
transport circuit between customer sites
for transportation of Layer 2 frames (or
cells)
which
was
traditionally
implemented using either Frame Relay or
ATM switches .
Peer-to-peer model
The peer-to-peer model was developed to
overcome the drawbacks of the Overlay
model
The service provider would actively
participate in customer routing
Peer-to-peer model
Routing
information
is
exchanged
between the customer routers and the SP
routers.
The peer-to-peer model, consequently,
does not require the creation of virtual
circuits.
Separation of customer-specific routing
information is achieved by implementing
packet filters at the routers connecting to
the customer network.
Route Distinguisher
A RD is a 64-bit unique identifier that is
prepended to the 32- bit customer prefix or
route learned from a CE router, which makes it
a unique 96-bit address called VPNv4 address
that can be transported between the PE
routers in the MPLS domain.
A unique RD is configured per VRF on the PE
router.