Mpls concepts. Time to Certify

MPLS Introduction

Time to Certify
Nov 2011. Version 1.0

This MPLS Introduction Training is a courtesy of

TIME TO CERTIFY
“YOUR ONLINE RESOURCE FOR IT CERTIFICATION”

info@timetocertify.com

Copyright Time to Certify. All rights reserved.

MPLS Introduction

§  What is MPLS and how does it work
§  MPLS Labels and Label Switched Paths
§  MPLS Forwarding
§  MPLS Label Distribution Protocol (LDP)
§  MPLS Virtual Private Networks (VPNs)
§  MPLS Layer 2 VPNs
§  MPLS Layer 3 VPNs

Page § 3 Copyright Time to Certify. All rights reserved.

What is MPLS?

§  MPLS = Multi Protocol Label Switching
§  MPLS is a technology that tags traffic with “Labels” being used for fast
switching of packets through the network based on a simplified header
§  Originally created to simplify traditional forwarding mechanisms such IP
Routing
§  Slow mechanisms that required CPU consumption and lookups into the Routing Tables

§  Providing the benefit of additional functionality:
§  Virtual Private Networks
§  Traffic Engineering

§  Hardware evolution has made the fast switching (original motivation for
MPLS) not so relevant but additional services provided are still beneficial
§  Runs on top of a variety of Layer 2 technologies such as ATM, FR, PPP,
POS, Ethernet


MPLS Operation (1)

§  MPLS adds a Label to the Layer 2 frame structure and uses it for
switching packets in a fast fashion within the transport network
§  Key elements in a MPLS network are as follows:
§  Provider Edge (PE) router: Adds the MPLS label to the Layer 2 frame
§  Provider (P) router: Switches traffic according to the MPLS label
§  Customer Equipment (CE): Injects traffic into the MPLS network

P P

PE PE CE
CE

P P


MPLS Operation (2)
At PE (Ingress Edge): At PE (Egress Edge):
Classify Traffic Remove Labels
P P Forward Packets
Add Label

CE PE PE CE

P P
At P (Core):
Forward using MPLS labels
(as opposed to IP addresses)
•  Label Indicates:
–  Destination (at IP layer): Each IP destination network has a
different label which has local significance: label for a destination
network changes in each hop.
–  Service Class: QoS treatment over the network.

MPLS Label
•  Label is added after the Layer 2 MAC header

MAC Header LABEL Layer 2 Frame /Layer 3 Packet

T
Label EXP O
S TTL
20 3 1 8
•  Label = 20 bits. Used for fast switching
•  TOS/EXP = Class of Service, 3 bits
•  S = Bottom of Stack, 1 bit
•  TTL = Time to Live, 8 bits

•  Label can be added to the following Layer 2 Technologies:
Ethernet, ATM, Frame Relay or PPP


MPLS. Label Switched Path

§ LSP = Label Switched Path
§  Path through the different P routers from ingress PE router to egress PR
router
§  Traffic mapped into LSP based on (at the ingress of an MPLS network):
§  IP Prefix/host address
§  Layer 2 Circuits (ATM, FR, PPP, HDLC, Ethernet)
§  Groups of addresses/sites—VPN x
§  A Bridge/switch instance—VSI
§  Tunnel interface—Traffic Engineering
§  Labels have local significance (among two routers)
§  Labels are being distributed using a LDP (Label Distribution
Protocol)


MPLS. Traditional Routing operation (non-MPLS)
Interface E0
172.15.0.25
Router A Interface E1
Interface E0
192.168.1.1 10.125.1.1

Interface E1 Interface E0
10.125.1.2 172.15.0.1

192.168.1.15 Routing Table (Router A) Routing Table (Router B)
Net Interface Next Hop Interface Net Interface Next Hop Interface
192.168.1.0 E0 Connected 172.15.0.0 E0 Connected
10.0.0.0 E1 Connected 10.0.0.0 E1 Connected
175.15.0.0 E1 10.125.1.2 192.168.1.0 E1 10.125.1.1

1 3 5
S:192.168.1.15 S:192.168.1.15 S:192.168.1.15
D:172.15.0.25 D:172.15.0.25 D:172.15.0.25
2 4
Assemble IP Packet Routing Table Lookup Routing Table Lookup
Destination Address: 172.15.0.0 ?? à 172.15.0.0 ?? à
172.15.0.25 Use E1 Use E0
Next Hop Address: 10.125.1.2 Host is directly connected

•  Routing Performed based on Destination IP
•  Requires Routing Table Look up

MPLS. Label based switching Interface E0
172.15.0.25

Interface E0 Router A Interface E1 Router B
Interface E0
192.168.1.25 10.125.1.1
192.168.1.1
Interface E1 Interface E0 PE
10.125.1.2 172.15.0.1

PE
In Label Network Interface Out Label In Label Network Interface Out Label
22 192.168.1.0 E0 2 32 192.168.1.0 E0 22
1 172.15.0.0 E1 21 21 172.15.0.0 E0 31

2 4 6
LABEL 1 LABEL 21 LABEL 31
S:192.168.1.15 S:192.168.1.15 S:192.168.1.15
D:172.15.0.25 D:172.15.0.25 D:172.15.0.25

1 7
3 5
Ingress Lookup Lookup Egress
In Label 21 à
PE In Label 1 à
Out Label 31, Interface E0 PE
Out Label 21, Interface E1
Adds Removes
MPLS Label MPLS Label
•  Fast Forwarding performed based on label
•  Very efficiently implemented in hardware Time to Certify. All rights reserved.
Copyright

Label Distribution Protocol (LDP)
Router A Router B Router C
PE P PE
E1
E0 E1 E0
E1 E0 NET
128.89.x.x

Use label Use label
4 9
for 128.89 for 128.89

In Label Network Interface Out Label
9 192.168.1.0 E0 --

4 192.168.1.0 E0 9

11 -- 192.168.1.0 E0 4

•  Label assigned by upstream router and distributed using LDP
Protocol
•  LDP requires an routing protocol to get information about existing
networks

MPLS FEC (Forwarding Equivalence Class)

§  FEC = Forwarding Equivalence Class
§  Subset of traffic that has specific forwarding requirements
§  Forwarding path
§  Forwarding treatment (priority, QoS, etc)
§  Label Information Base (LIB) contains the FECs to Label Mapping. It is router
specific

§  FEC usually corresponds to destination IP subnet
§  Obtained by means of static routing / routing protocol
§  Routing Protocols (IGPs) are used to obtain the IP Subnets existing in the
network that will constitute the FECs

§  FEC make use of LDP protocol
§  FECs and corresponding labels are communicated to adjacent routers by means
of a Label Distribution Protocol (LDP)


MPLS. Label Information Base (LIB) and IGP Routing
Control Information
IP Routing Interchange
Plane Protocol
IGP
IP Static IP Routing
Routes Table Label
Binding
MPLS Routing Interchange
Control LDP

Incoming IP IP Forwarding Outgoing IP
Packets Table Packets
Incoming Outgoing
Label Forwarding
labeled Table
labeled
Packets Data Plane Packets
13

MPLS all together (1)

1 OSPF – Discovery of Network Topology

2 LDP – Label Assignment and Discovery
PE P PE
E1
E0 E1 E0
E1 E0 NET
128.89.x.x

14 -- 192.168.1.0 E0 4 9 192.168.1.0 E0 --

4 192.168.1.0 E0 9

3 MPLS – Packet Forwarding based on labels


MPLS all together (2)
PE P PE
E1
E0 E1 E0
E1 E0 NET
128.89.x.x

15 -- 128.89 E0 4 9 128,89 E0 --

4 128.89 E0 9

1.  OSPF runs in the Network
2.  Router B learns about 128.89.x.x over OSPF
3.  Router B forwards to Router A the label to be used when sending packets to
128.89.x.x (Label 4) using LDP
4.  Router A sends packets to Router B for a destination host in 128.89 using
the LDP label provided by Router B (Label 4)
5.  Router B will forward the packets to Router C only based on incoming label
and will switch the label to the one provided by Router C for this network
(Label 9)

MPLS. Virtual Private Networks

§  VPN = Virtual Private Network
§  VPN is a set of sites which are allowed to communicate with each
other
§  VPN is defined by a set of administrative policies determining
§  Connectivity: Which site can connect to each site
§  QoS characteristics of traffic among sites

§  Two types of VPNs
§  L2 VPNs. Provide end to end connectivity at Layer 2 among sites
§  L3 VPNs. Provide end to end connectivity at Layer 3 among sites

16 Copyright Time to Certify. All rights reserved.

MPLS. VPNs and MPLS Labels
VPN
Label
Frame IP or
Header
L1 L2
L2 Header Payload
S=0 S=1
Next End
Hop of
Label Labels

•  Membership to a VPN is indicated by adding an extra MPLS
Label.
–  New Label is know as the VPN ID
•  The S bit is set to 0 in the first label and set to 1 in the second
one to indicate no more labels have been added to the layer 2
frame
–  A number of labels can be added to carry VPNs on top of VPNs. Only
the last one sets the S bit to 1

MPLS. L2 VPN vs L3 VPN (1)

§ Layer 2 VPNs
§  Customer End points (CEs) appear as connected at layer 2
§  IP Routing among sites is responsibility of the CEs as the network
acts as a layer 2 transparent carrier
§  Routing protocol must be configured among CE routers
§  Multiple logical connections are established from each end point of
the VPN into each of the other end points where connectivity at layer 2
must be established
§  Mesh of connections


MPLS. L2 VPN vs L3 VPN (2)

§ Layer 3 VPNs
§  Customer End points (CEs) peer with provider edge (PE) routers
§  Single peering relationship using a routing protocol
§  Provider network is responsible for distributing IP routing information to VPN
sites
§  Using MP-BGP
§  Separation of routing tables among VPNs
§  Isolation of traffic in different VPNs
§  Possibility of overlapping IPs
§  Different Virtual Routing Functions in each PE for each VPN
§  A routing function is a virtual router

In Layer 3 VPNs, multiple networks with isolated routing can be
established between different locations


MPLS. Layer 2 VPNs

•  Layer 2 VPNs are used to transport any type of L2 traffic across
a shared infrastructure

•  Two main flavors of L2 VPNs:
–  VPLS (Virtual Private LAN Service): Applications requiring multipoint
or broadcast access. Emulation of Ethernet Network connecting multiple
sites
–  VPWS (Virtual Pseudo Wire Service): L2 point to point emulation

•  Two main VPWS technologies:
–  Any Transport over MPLS (AToM). Uses MPLS to provide L2 services
–  L2TPv3 (L2 Transport Protocol): Emulation of VPNs over non-MPLS
enabled networks (pure IP)


MPLS. Layer 2 VPN Types

L2VPN
VPWS VPLS
Point to Point Multipoint

AToM
L2TPv3
Any Transport over MPLS

Frame- ATM PPP Ethernet
relay AAL5 & CELL HDLC (ERS & EWS) Ethernet


MPLS. Layer 2 VPN. Any Transport over MPLS (AToM)

•  AToM provides L2 circuit emulation over MPLS

•  Encapsulation format is defined in a standard known as “Draft
Martini”
–  Historical IETF Draft (2001). “Encapsulation Methods for
Transport of Layer 2 Frames Over MPLS”
–  Draft became RFC 4906 “Transport of Layer 2 Frames Over
MPLS”
–  Name comes from the lead author of the RFC:
Luca Martini
Cisco Systems, Inc.
EMail: lmartini@cisco.com


MPLS. Layer 2 VPN. Any Transport Over MPLS (AToM)
Attachment Attachment
Virtual Emulated Virtual Circuit (Emulated VC) Virtual
Circuit Circuit

Attachment Tunnel Attachment
VC VC
LSP

CE Pseudo CE
P
Wire
PE PE

CE CE

MPLS
Network Virtual
Circuit
•  Circuits at each side of the MPLS network are connected at Layer 2
by an LSP tunnel know as pseudo-wire
•  Attachment circuits can be Ethernet, Frame Relay, ATM, etc.

MPLS. L2 VPN. Any Transport Over MPLS (AToM)
•  Transport of L2 frames over MPLS is build around two concepts:
–  Tunnel LSP: LSP between two PE routers acting as end points
for the devices willing to communicate at Layer 2. Every tunnel
has a tunnel label (external MPLS label)
–  Virtual Circuit (VC): Communication circuit over a LSP tunnel:
Every VC has its VC label (internal MPLS Label)

Virtual
Circuit FR Circuit
FR Circuit
PE PE

ATM Circuit ATM Circuit

Ethernet
Ethernet
801.Q Ethernet
801.Q Ethernet
Tunnel


MPLS. Layer 2 VPN. Any Transport Over MPLS (AToM)

•  When AToM is used to transport Ethernet frames is known as
EoMPLS (Ethernet over MPLS)

•  EoMPLS is a mechanism for establishing Layer 2 VPNs


MPLS. Layer 2 VPNs. Control/Data Plane Operation

Control Plane

2a 2b 2c
LDP 10.10.10.101/32 10.10.10.101/32
10.10.10.101/32
Label: L1 Label: L2 Label: L3

10.10.10.101/32 10.10.10.101/32 10.10.10.101/32
IGP

10.10.10.101 1 1 1
PE1 P1 P2 PE2
172.16.10/24 172.16.20.0/24
.2 .1 .1 .2 .5 .6 .7 .8 .1 .2

172.16.1.0/24 10.10.10.0/30 10.10.10.4/30 10.10.10.8/30 172.16.2.0/24 CE2
CE1
Customer A L1 L2 L3 Customer A
Ethernet
Site 1 Ethernet Site 2
Frame VC1 VC1 VC1 Frame

Ethernet Ethernet Ethernet
Frame Frame Frame
Data Plane Note: Frame Format
corresponds to Draft Martini


MPLS. Layer 2 VPN. Point to Point Services (VPWS)

PE PE CE
CE

•  Set of point to point circuits (Pseudo Wires – PSW) established within
the MPLS cloud
•  Mapping into PSW:
–  EWS (Ethernet Wire Service): Mapping based on port
–  ERS (Ethernet Relay Service): Mapping based on VLAN ID. Interface PE-CE is a
trunk
•  Multipoint topologies emulated by multiple PWSs


MPLS. Layer 2 VPN Multipoint Services (VPLS)

MAC 2
MAC 1 MPLS Network
PE PE CE
CE 201

102
301 302
Address Tx/Rx Address Tx/Rx
MAC1 Ethernet 203 MAC1 102/201
MAC2 201/102 103 MAC2 Ethernet
MAC3 301/103 PE MAC3 302/203

Address Tx/Rx
MAC1 103/301
MAC 3 CE MAC2 203/302
MAC3 Ethernet

§  MPLS network behaves as a switch for CEs
§  Mapping at PE into VPLS circuit based on physical port or VLAN ID
§  Full Multipoint topologies (made of individual “circuits”)
§  PE Routers are aware of all MAC addresses in the VPLS domain

MPLS. Layer 3 VPN. Architecture

CE P CE
Customer A P
Customer A
Site 1 PE Site 2
PE

CE CE
Customer B P P Customer B
Site 1 Site 2
•  L3 VPN provides isolation for traffic coming from different customers
crossing a shared infrastructure (MPLS net)
•  Isolation provides further benefits
–  Security
–  IP Address overlapping capabilities
•  Two planes:
–  Control Plane: Layer 3 reachability information interchange + Label Distribution
–  Data Plane: Labeling of unlabeled traffic (PE) + Forwarding of labeled traffic (P)


MPLS. Layer 3 VPN. PE Isolation of Traffic

•  Routing and Traffic Isolation is achieved by means of different routing
instances at the PE
–  Routing Instance = Routing Context = Virtual Routing & Forwarding Table (VRF)
–  Each router instance is only aware of the subnets belonging to a specific VPN à
ISOLATION of VPNs
–  Default Routing Instance
–  Traffic not mapped into a VRF is processed by the default routing instance.
–  Known as Global Routing Table (GRT)
•  Once traffic goes into a LSP, the P routers treat it according to the FEC
specific policies
•  In a Layer 3 VPN, routing among sites is transparently provided by the
MPLS network to the customer
–  PEs are aware of all the networks belonging to a specific VPN/VRF
–  Routing information is exchanged among PEs by means of MP-BGP (Multi
Protocol BGP)
•  PE becomes aware of the routes existing on each customer site by
means of a routing protocol running between CE and PE


MPLS. Layer 3 VPN. Routing Instances

CE CE Customer A
Customer A Global Routing Global Routing
Site 1 Table (GRT) Table (GRT) Site 2
Net 1 Net 2

CE to PE Interface Customer A VRF MPLS Network Customer A VRF CE to PE Interface
Customer Routes Net1 Net1 Customer Routes
Interchange Net2 MP-BGP Route Net2 Interchange
Interchange -  Static Routing
-  Static Routing
-  Routing Protocol -  Routing Protocol
(RIP, OSPF, EIGRP, Customer B VRF Customer B VRF (RIP, OSPF, EIGRP,
BGP) Net 3 Net 1, Net 3 Net 3 BGP)
Net 4 Net 4
PE Router Net 2, Net 4 PE Router
CE CE Customer B
Customer B Site 2
Site 1 Net 4
Net 3


MPLS. Layer 3 VPN. Route Distinguisher

•  L3 VPNs allow for IP overlapping (two VPNs using the same IP Space)
as VPNs are being handled by different Routing contexts

•  Route Distinguisher = RD is a 64 bits identifier prepended to any IPv4
route used to identify the VPN the route belongs to
–  Unique RD is configured per VPN/VRF
–  RD Format: Autonomous System (AS) Number : VPN Identifier. Example: 1:200

•  Route Target = RT is a 64 bit identifier used as part of the MP-BGP
Attributes (Extended Community) to signify which routes should be
exported/imported into a specific VRF
–  Export Route Target à Routes Target attribute on exported routes (multiple
possible)
–  Import Route Target à Routes to be imported from MP-BGP Updates
–  Route targets are used to have a site belonging to multiple VPNs. Also known as
route leaking


MPLS. Layer 3 VPN. MP-BGP Operation

1:100:172.2.16.0/24
RT:1:100
VPN LABEL: V1
NH: 10.10.10.101
Customer A 4 1:101:192.168.10.0/24 Customer A
Site 1 RT:1:101
VPN LABEL: V2 Site 2
NH: 10.10.10.101
CE MP-BGP MP-BGP CE

3 5
Customer A VRF Routing Table VRF A
RD: 1:100 MPLS Network Customer A VRF 172.2.16.0
172.2.17.0
Export RT:1:100 RD: 1:100 172.2.17.0
Import RT:1:100
MP-BGP Route 6
Interchange Routing Table VRF B
1 2
Customer B VRF
Routing Table VRF B
192.168.10.0
Customer B VRF 192.168.11.0
RD: 1:101 192.168.11.0
Export RT:1:101 RD: 1:100 172.2.16.0
Import RT:1:100
Import RT:1:101
PE Router PE Router

Loopback IP: CE
CE 10.10.10.101
Customer B
Customer B Site 2
Site 1

MPLS. Layer 3 VPN. MP-BGP Updates

Routing Protocol CE-PE
Routing information is propagated from the CE to the PE routers by means of the
1 routing protocol running on the CE to PE interface (RIP, OSPF, BGP, EIGRP)

PE Router
2 Routes get injected into the specific VRF/Routing Context
3 Routes get forwarded to the MP-BGP process according to the export RT
MP-BGP
4 Routing update is being propagated through MP-BGP (iBGP) to update the
neighbor PEs. Routes contain the RT attribute (extended community)
PE Router
5 Routes get populated into the right VRFs/Routing Context according to the import
RT criteria
6 VRF Routing table gets updated


MPLS. Layer 3 VPN. Control Plane Protocols

Customer A Customer A
Site 1 PE P PE Site 2
CE CE

IGP/LDP IGP/LDP

IGP/ MP-BGP IGP/
BGP BGP
Static Static


MPLS. Layer 3 VPN. Control Plane Operation

1:100:172.16.10.0/24

MP-BGP
RT 1:100
NH: 10.10.10.101 4
VPN Label: V1

CE to PE
Static/
3 6
IGP/BGP 172.16.10.0/24 172.16.10.0/24

2a 2b 2c
LDP 10.10.10.101/32 10.10.10.101/32
10.10.10.101/32
Label: L1 Label: L2 Label: L3

IGP
10.10.10.101/32 10.10.10.101/32 10.10.10.101/32 5
10.10.10.101 Routing Table VRF A
1 P1 1 P2 1 Prefix Next Hop
172.16.10/24 PE PE 172.16.10.0/24 10.10.10.101

CE CE
VRF A VRF A
Customer A RD 1:100
Export RT 1:100
RD 1:100 Customer A
Export RT 1:100
Site 1 Import RT 1:100 Import RT 1:100 Site 2


MPLS. Layer 3 VPN. Control Plane Operation (1)

Intra MPLS Cloud IGP
Routing information about IP addresses reachable within the MPLS cloud gets
1 propagated
LDP
2a PE assigns to 10.10.10.101/32 an Implicit-Null Label and propagates it
using LDP (penultimate hop popping)
2b P1 assigns L1 to 10.10.10.101/32 and distributes this label using LDP
2c P2 assigns L2 to 10.10.10.101/32 and distributes this label using LDP
CE to PE Interface (static/IGP/BGP)

3 172.16.10.0/24 network is made known to PE router (static/IGP/BGP)
MP-BGP
4 MP-BGP propagates the route to 172.16.10.0 using the following attributes:
NEXT-HOP (NH): 10.10.10.101 (IP address of PE Router)
Route Target (RT): 1:100 (as configured)
VPN Label: Assigned by PE to the VPN

MPLS. Layer 3 VPN. Control Plane Operation (2)

MP-BGP (continuation)

5 VRF A routing table gets updated
CE to PE Interface (static/IGP/BGP)
6 PE updates CE by means of the IGP protocol running in the CE to PE interface

Note 1:
NH, RT and VPN Label are not attributes per se but fields on
MP_REACH_NLRI MP-BGP attribute


MPLS. Layer 3 VPN. Control Plane Operation. RTs/LIBs

Label Label
Information Information
Base PE1 Base PE2 Label Information Base PE2
In L Out L In L Out L Prefix Out L
L1 L2 L2 L3 10.10.10.101/32 L3
L2 L1 L3 L2

Routing Table CE2
10.10.10.101 Prefix Next Hop
172.16.10.0/24 172.16.2.1
PE1 P1 P2 PE2
172.16.10/24 172.16.20.0/24
.2 .1 .1 .2 .5 .6 .7 .8 .1 .2

172.16.1.0/24 10.10.10.0/30 10.10.10.4/30 10.10.10.8/30 172.16.2.0/24 CE2
CE1
Customer A Routing Table VRF A Routing Table GRT + VRF A Customer A
Prefix Next Hop
Site 2
Prefix Next Hop
172.16.10.0/24 172.16.1.2 10.10.10.101/32 10.10.10.7 GRT Site 2
172.16.10.0/24 10.10.10.101 VRF A

Routing Table P1 Routing Table P2
Prefix Next Hop Prefix Next Hop
10.10.10.101/32 10.10.10.1 10.10.10.101/32 10.10.10.5


MPLS. Layer 3 VPN. Data Plane Operation
Label Information Base PE2
Prefix Out L
Label Label 10.10.10.101/32 L3
Information Information
Base PE1 Base PE2 Routing Table GRT + VRF A
Routing Table VRF A In L Out L In L Out L Prefix Next Hop
Prefix Next Hop L1 L2 L2 L3 10.10.10.101/32 10.10.10.7 GRT
172.16.10.0/24 172.16.1.2 L2 L1 L3 L2 172.16.10.0/24 10.10.10.101 VRF A

L1 L2 L3
V1 V1 V1
IP Packet IP Packet IP Packet

IP Packet Destination IP: Destination IP: Destination IP: IP Packet
172.16.10.5 172.16.10.5 172.16.10.5
Destination IP: 10.10.10.101 Destination IP:
172.16.10.5 172.16.10.5
PE1 P1 P2 PE2

CE CE
Customer A
VRF A
RD 1:100
VRF A
RD 1:100
Customer A
Site 1
Export RT 1:100
Import RT 1:100
Export RT 1:100
Import RT 1:100
Site 2


MPLS. The real horse power of MPLS

•  FEC = Subset of Traffic characterized by:
•  Forwarding Path
•  Forwarding Treatment
•  MPLS has powerful mechanisms for influencing the FECs and
therefore the paths and treatment that traffic is exposed to.

MPLS Multicast MPLS MPLS
MPLS
Routing Routing Traffic Quality of
VPNs
Control Control Engineering Service

Label Information Base


Mpls concepts. Time to Certify

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Mpls concepts. Time to Certify

Similar to Mpls concepts. Time to Certify (20)

Recently uploaded

Recently uploaded (20)

Mpls concepts. Time to Certify