bnl mpls intro services

8/2/2019 BNL MPLS Intro Services

1/118

1Intro to MPLS AT Seminar 2004, Cisco Systems, Inc. All rights reserved.

MPLS Basics and In-Depth

BNL UpdateJune 29, 2004

Overview of MPLS Fundamentals, Basic Operation,and In-Depth overview of Service Capabilities

Craig HillEmail: [email protected] SE IP Core

Federal Area


2/118

22MPLS Intro and Services Update 2004, Cisco Systems, Inc. All rights reserved. 2

MPLS Brief Overview and In-depth Session

MPLS Overview

This session will provide the fundamentals for understanding MPLStechnology basics. The discussion will include MPLS evolution,terminology, functions of labels, label format, label distribution, as well asencapsulations and basic operation of an MPLS-enabled network. Ciscoproducts supporting MPLS will also be briefly covered.

MPLS In-Depth

Difficulty understanding what advantages MPLS can offer and "why"network architects would consider implementing MPLS into the core oftheir network?

This section will provide in-depth answers to these questions and explainthe advantages and "Services" MPLS can offer Federal customers who areeither looking to build an MPLS enabled core or utilize a service offeringthat is MPLS enabled. Services discussed will include VPN, Layer-2transport, QoS, and IPv6 transport among others.


3/118


Agenda

MPLS History

Technology Basics

Operation Examples

Cisco Product OverviewCisco Products Supporting MPLS


4/118


Evolution of MPLS

Origins from Tag Switching

Proposed in IETFLater combined with ideas from otherproposals from IBM (ARIS), Toshiba (CSR)

1996 1997 1998 1999 2000 2001

Time

Cisco Calls aBOF at IETF to

StandardizeTag Switching

Traffic EngineeringDeployed

MPLS VPNDeployed

Large ScaleDeployments

Cisco ShipsMPLS (Tag

Switching)

Cisco ShipsMPLS TE

MPLS CroupFormally Chartered

by IETF

2004

AToM, VPLS,

DS-TE Deployed


5/118


Why MPLS?

Integrate best of Layer 2 and Layer 3

-Intelligence of IP Routing

- performance of high-speed

switching-Legacy service transport

-QoS

-VPN Semantics

-Link layers include:-Ethernet, PoS, ATM, FR

Note: MPLS and IP could be optimal solution for overall IPServices Architecture.


6/118


MPLS as a Foundation for ValueAdded Services

VPNs

MPLS

Traffic

Engineering

IP+ATM

Network Infrastructure

IP+Optical

GMPLS

AnyTransport

Over MPLS


7/1187Intro to MPLS AT Seminar 2004, Cisco Systems, Inc. All rights reserved.

MPLS Technology Basics


8/11888MPLS Intro and Services Update 2004, Cisco Systems, Inc. All rights reserved. 8


IP Routing

Labels

Control and Forwarding Plane Separation

Label Distribution

MPLS Environment Label-based Forwarding



IP Routing

171.69

Packets ForwardedBased on IP Address

Data

AddressPrefix

128.89

171.69

1

1

I/F

AddressPrefix

128.89

171.69

0

1

01

I/F

128.890

1

128.89.25.4 Data

AddressPrefix

128.89 0

I/F

Data Data128.89.25.4128.89.25.4

128.89.25.4

Route Update




IP Routing

Labels


Label Distribution




Encapsulations

Label HeaderPPP Header Layer 3 HeaderPPP Header

(Packet over SONET/SDH)

Label Header Layer 3 Header* LAN MAC Label Header

Label HeaderFrame Relay Layer 3 HeaderFrame Relay Label Header

MAC Header

* LAN MAC Label Header also used for MPLS packets over an ATMForum PVC SNAP Header. (Ethertype = 0x8847/8848)



Label Header for Packet Media

Can be used over Ethernet, 802.3, or PPP links

Uses two new Ethertypes/PPP PIDs (in MAC hdr)

Contains everything needed at forwarding time

One word per label

Label = 20 bits COS/EXP = Class of Service, 3 bitsS = Bottom of Stack, 1 bit TTL = Time to Live, 8 bits

0 1 2 30 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

Tag COS S TTL

MTU beyond 1518 for Ethernet can be accounted for when adding labels by the mpls

mtu command.



Label Stacking

Arrange labels in a stack

Inner labels can be used to designate services/FECs, etc.

E.g. VPNs, fast re-route, alternate forwarding

Outer label used to route/switch the MPLS packets in

the network(e.g. for VPN, outer label used for forwarding to remote PEs and bottomlabel for differentiating VPN at remote PE).

Allows building services such as:MPLS VPNs

Traffic engineering and fast re-route

VPNs over traffic engineered core

Any transport over MPLSInner Label

Outer Label

IP Header

TE Label

IGP Label

VPN Label




IP Routing

Labels


Label Distribution




Control and Forward Plane Separation

LFIB

RoutingProcess

MPLSProcess

RIB

LIB

FIB

Route

Updates/

Adjacency

Label Bind

Updates/

Adjacency

IP TrafficMPLS Traffic

Control Plane

Data Plane




IP Routing

Labels


Label Distribution




Label Distribution Protocol (LDP)

Defined in RFC 3036 and 3037

Used to distribute labels in a MPLS network

Forwarding Equivalence Class (FEC)

How packets are mapped to LSPs (LabelSwitched Paths)

Advertise labels per FEC

Reach destination a.b.c.d with label x (per IPL3DA in RIB)

Neighbor discovery

UDP and TCP Ports

UDP port for LDP Hello messages = 646

TCP port for establishing LDP session connections = 646



TDP and LDP

Tag Distribution Protocol

Pre-cursor to LDP

Used for Cisco tag switching

TDP and LDP supported on the same box

Per neighbor/link basisPer target basis



RSVP and Label Distribution

Used in MPLS Traffic Engineering

Additions to base RSVP signaling protocol Leverage the admission control mechanism

of RSVP

Label requests are sent in PATH messagesand binding is done with RESV messages

Note: CR-LDP is another option for label distribution, but is no longer used or implemented


20/118


BGP-Based Label Distribution

Used in the context of MPLS VPNs Need multi-protocol extensions to BGP

Referred to at M-BGP

Uses AFI/SAFI

Extension to the BGP protocol in order to carry routing information about

other protocolsMulticast

MPLS

IPv6

VPN-IPv4

Labeled IPv6 unicast (6PE)VPN-IPv6 (6VPE)

Exchange of Multi-Protocol NLRI must be negotiated at session set up Utilizes BGP Capabilities Advertisement negotiation procedures

VPN edge routers need to be BGP peers

Label mapping info carried as part of NLRI (Network Layer Reachability

Information)


21/118



IP Routing

Labels


Label Distribution



22/118


General Context

In Core:

Forward using labels(as opposed to IP addr)

Label indicates service

class and destination

Label SwitchRouter (LSR)

Label DistributionProtocol (LDP/TDP,RSVP,BGP)

Edge LabelSwitch Router

At Edge(ingress):

Classify packets

Label them

At Edge(egress):

Remove Label

(PE) Provider Edge

(P) Provider

(CE) Customer Edge

(PE) Provider Edge


23/118


Operation

Traditional routing

Each router holds entire routing table and forwards tonext hop (destination based routing); routes on L3Destination address

MPLS combines L3 routing with label swappingand forwarding

MPLS Forwarding

Label imposed at ingress (ingress to label-switchedportion of network) router. Generally, all forwardingdecisions then made on label only no routing tablelookups but TFIB table lookups.

Tag stripped at egress


24/118



IP Routing

Labels


Label Distribution



25/118


MPLS Example: Routing Information

128.89

1

01

0

Routing Updates(OSPF, EIGRP, )

You Can Reach 128.89 and171.69 Thru Me

You Can Reach 171.69 ThruMe

You Can Reach 128.89 ThruMe

InLabel

AddressPrefix

128.89

171.69

1

1

OutIface

OutLabel

InLabel

AddressPrefix

128.89

171.69

0

1

OutIface

OutLabel

InLabel

AddressPrefix

128.89 0

OutIface

OutLabel

171.69


26/118


MPLS Example: Assigning Labels

128.89

1

01

0

Label DistributionProtocol (LDP)

(downstream allocation)

Use Label 4 for 128.89 andUse Label 5 for 171.69

Use Label 7 for 171.69

InLabel

AddressPrefix

128.89

171.69

1

1

OutIface

OutLabel

InLabel

AddressPrefix

128.89

171.69

0

1

OutIface

OutLabel

InLabel

AddressPrefix

128.89 0

OutIface

OutLabel

-9

9

7

4

5

4

5

-

-

171.69

Use Label 9 for 128.89


27/118


InLabel

AddressPrefix

128.89

171.69

1

1

OutIface

OutLabel

4

5

-

-

MPLS Example: Forwarding Packets

Label Switch ForwardsBased on Label

InLabel

AddressPrefix

128.89

171.69

0

1

OutIface

OutLabel

9

7

4

5

InLabel

AddressPrefix

128.89 0

OutIface

OutLabel

-9

Data 128.89.25.4 Data

128.89.25.4 Data

128.89

1

01

0

128.89.25.4 4

9

MPLS networkegress point

128.89.25.4 Data


28/118


Cisco Products SupportingMPLS


29/118


Cisco Platforms Supporting MPLS(in a Single Slide)

Important: Some features are dependent on product model, interface modules (i.e. Line

Cards & Port Adapters), and/or require a software feature license.

2691

3631

3640

3660

3725

3745

7200 7300

7400

7500

10000

10700

12000 12000-PRP

AS5350

IGX 8400-URM/RPM-RP/XF

Catalyst 6K/7600 SUP2/MSFC2

Cisco 7600 SUP720-3BXL

Platforms shown were derived forsupporting MPLS-VPN and LDP.

Some lower-end platforms supportseveral basic MPLS CE features

Multi-VRF CE (aka VRF-Lite). Theseinclude:

3550 (Requires EMI)

2600 Series Routers

Cisco 7600 Supports L2/L3 MPLSFeatures w/ MSFC2/PFC2

New SUP720-3bXL processor,primary choice for MPLS functionin Catalyst 6500/Cisco 7600

Platform Support

Notes


30/118


MPLS In-DepthOverview of MPLS Services and Applications

currently being Deployed


31/118


Agenda

MPLS Drivers

- Reasons for deploying MPLS

MPLS Applications

- MPLS VPN Layer-3

- Detailed Overview

- IOS Examples

- MPLS Layer-2 Transport- PWE3/AToM

- Application Example

- MPLS Traffic Engineering

- Fast-ReRoute for Bandwidth Protection

- MPLS QoS

- Diffserv over MPLS- Diffserv TE (DS-TE)

- Guaranteed Bandwidth Service Applications

-Useful Implementations Combining Multiple MPLS Services

-IP version 6 (IPv6) Transport Methods over MPLS

- 6PE/6VPE (IPv6 Edge and VPN Support)

Useful URLs (Reference Information)


32/118


Why MPLS? - Major Drivers

Provide IP VPN Services

Scalable IP VPN service Build once and sell many

Managed Central Services Building value add services andoffering them across VPNs (i.e. Multicast, Address Mgmt)

Managing traffic on the network using MPLS TrafficEngineering

Providing tighter SLA/QoS (Guaranteed B/W Services)

Protecting bandwidth - Bandwidth Protection Services are enablingService Providers to look at alternate approaches to SONET APS

Integrating Layer 2 & Layer 3 Infrastructure

Layer 2 services such as Frame Relay and ATM over MPLS

Mimic layer 2 services over a highly scalable layer 3 infrastructure


33/118


Customer Deployment

We are now up to 225+ (Total SP+Enterprise)deployed customers in production networks

Some case studies Documented

Very large deployments include a single customer requiring:

30K CEs, ~1000 PEs

MPLS VPNs continues to be majoritydeployments

AToM is the majority in the recent deployments

TE Catching on fast

Simple mechanism unequal cost load balancing

QoS Service offering in the MPLS Services


34/118


MPLS Applications


35/118


MPLS Layer 3 VPNs


36/118


Virtual Networks

Virtual Private Networks Virtual Dialup Networks Virtual LANs

Overlay VPN Peer-to-Peer VPN

Layer-2 VPN Layer-3 VPN Access lists(Shared router)

Split routing(Dedicated router)

MPLS/VPN

X.25 F/R ATM GRE IPSec

Virtual Network Models


37/118


Overlay Network

Provider sells a circuit service

Customers purchases circuits toconnect sites, runs IP

N sites, (N*(N-1))/2 circuits forfull meshexpensive

The big scalability issuehere is routing peersN sites, each site has N-1 peers

Hub and spoke is popular,suffers from the same N-1number of routing peers

Hub and spoke with static routesis simpler, still buying N-1circuits from hub to spokes

Spokes distant from hubs couldmean lots of long-haul circuits

Provider(FR, ATM, etc.)


38/118


Peer Network

Provider sells an MPLS-VPN service

Customers purchases circuits toconnect sites, runs IP

N sites, N circuits into provider

Access circuits can be any media

at any point (FE, POS, ATM, T1,dial, etc.)

Full mesh connectivity without fullmesh of L2 circuits

Hub and spoke is also easy to build

Spokes distant from hubs connectto their local providers POP, loweraccess charge because ofproviders size

The Internet is a large peer network

Provider(MPLS-VPN)


39/118


MPLS L3 VPNs using BGP (RFC2547)

End user perspectiveVirtual Private IP service

Simple routing just point default to provider

Full site-site connectivity without the usual drawbacks(routing complexity, scaling, configuration, cost)

Major benefit for provider scalability

VPN B VPN CVPN BVPN C

VPN AVPN A

VPN BVPN C

VPN AVPN C

VPN B

VPN A

VPN B

VPN C


40/118


MPLS VPN Topology

VPN A/Site 1

VPN C/Site 2

VPN A/Site 2

VPN B/Site 2

VPN B/Site 1

VPN C/Site 1

CEA1

CEB3

CEA3

CEA2

CE1B1

CE2B1PE1

PE2

PE3

P1

P2

P3

16.1/16

12.1/16

16.2/16

11.1/16 11.2/16RIP

Static

RIP

RIP

BGP

Static

RIP

BGP

12.2/16

CEB2

VPN Routing and Forwarding


41/118


VPN Routing and ForwardingInstance (VRF)

PE routers maintain separate routing tables

Global routing table

Contains all PE and P routes (perhaps BGP)

Populated by the VPN backbone IGPVRF (VPN routing and forwarding)

Routing and forwarding table associated with one or moredirectly connected sites (CE routers)

VRF is associated with any type of interface, whetherlogical or physical (e.g. sub/virtual/tunnel)

Interfaces may share the same VRF if the connected sitesshare the same routing information

Not virtual routers, just virtual routing and forwarding


42/118


PE Router Global Routing Table Output

PE2#sh ip route

Gateway of last resort is not set

C 192.168.1.0/24 is directly connected, Ethernet0/0

192.168.100.0/32 is subnetted, 3 subnets

O 192.168.100.1 [110/11] via 192.168.1.1, 00:04:27, Ethernet0/0C 192.168.100.2 is directly connected, Loopback0

O 192.168.100.3 [110/11] via 192.168.1.3, 00:04:27, Ethernet0/0

CE2 PE2

192.168.100.2 192.168.100.1

PE1OSPF

Routes from PE1s Global Routing Table


43/118


PE Router VRF Routing Table Output

PE2#sh ip route vrf RED

Routing Table: RED

Gateway of last resort is 192.168.100.1 to network 0.0.0.0

172.16.0.0/16 is variably subnetted, 8 subnets, 3 masks

C 172.16.25.0/30 is directly connected, Serial4/0

C 172.16.25.2/32 is directly connected, Serial4/0

B 172.16.20.0/24 [20/0] via 172.16.25.2, 00:07:04

10.0.0.0/24 is subnetted, 1 subnets

B 10.0.0.0 [200/307200] via 192.168.100.1, 00:06:28

B* 0.0.0.0/0 [200/0] via 192.168.100.1, 00:07:03

CE2 PE2172.16.25.2

172.16.25.1

PE1iBGP VPNv4

Routes from PE110.0.0.0/24

172.16.20.0/24

Virtual Routing and


44/118


Virtual Routing andForwarding Instances

Define a unique VRF forinterface 0

Define a unique VRF forinterface 1

Packets will never gobetween int. 0 and 1

Uses VPNv4 to exchangeVRF routing informationbetween PEs

No MPLS yet

VPN-A

VPN-A

CEVPN-B

VRF for VPN-A

VRF for VPN-B

CE

146.12.7.0/24

195.12.2.0/24

0

1

Global RoutingTable

VPN RoutingTable

PE


45/118


CE

iBGP Domain

Customer-1

VPN1Customer-2

CE

MPLS Domain

PE

Separate Physical Links

Separate router per Customer/VPN

VRF Route Population

VRF is populated locally through PE and CE routing protocol exchangeRIP Version 2, OSPF, BGP-4, EIGRP, & Static routing

connected is also supported (i.e. Default-gateway is PE)

Separate routing context for each VRF

routing protocol context (BGP-4 & RIP V2)

separate process (OSPF)

eBGP, EIGRP,OSPF, RIPv2,Static


46/118


Carrying VPN Routes in BGP

VRFs by themselves arent all that useful

Need some way to get the VRF routinginformation off the PE and to other Pes

This is done with BGP


47/118


Additions to BGP to Carry MPLS-VPN Info

RD: Route Distinguisher

VPNv4 address family

RT: Route Target

Label

!


48/118


Route Distinguisher

To differentiate 10.0.0.0/8 in VPN-A from10.0.0.0/8 in VPN-B

64-bit quantity

Configured as ASN:YY or IPADDR:YYAlmost everybody uses ASN

Purely to make a route unique

Unique route is now RD:Ipaddr (96 bits) plus a mask onthe IPAddr portion

So customers dont see each others routes

!ip vrf redrd 1:1route-target export 1:1route-target import 1:1

!


49/118


Route Target

To control policy about who sees what routes 64-bit quantity (2 bytes type, 6 bytes value)

Carried as an extended community

Typically written as ASN:YY Each VRF imports and exports one or

more RTs

Exported RTs are carried in VPNv4 BGP

Imported RTs are local to the box

A PE that imports an RT installs that route in itsrouting table

!ip vrf redrd 1:1route-target export 1:1route-target import 1:1


50/118


VPNv4

In BGP for IP, 32-bit address + mask makes a uniqueannouncement

In BGP for MPLS-VPN, (64-bit RD + 32-bit address) + 32-bitmask makes a unique announcement

Since the route encoding is different, need a differentaddress family in BGP

VPNv4 = VPN routes for IPv4

As opposed to IPv4 or IPv6 or multicast-RPF, etc

VPNv4 announcement carries a label with the route

If you want to reach this unique address, get me packets with thislabel on them


51/118


MPLS Layer-3 VPNOperation Example


52/118


Service Provider Network

PE-1 PE-2

CE CE

PE routers translate into VPN-V4 route

Assigns an RD, SOO (if configured) and RT based on configurationRe-writes Next-Hop attribute (to PE loopback)

Assigns a label based on VRF and/or interface

Sends MP-BGP update to all PE neighbors

BGP, OSPF, RIPv2 update

149.27.2.0/24,NH=CE-1

VPN-v4 update:RD:1:27:149.27.2.0/24,Next-hop=PE-1RT=VPN-A

Label=(28)

VRF Population of MP-BGP

ParisLondon


53/118


Service Provider Network

PE-1 PE-2

CE CE

BGP, OSPF, RIPv2 update

149.27.2.0/24,NH=CE-1

Receiving PE routers translate to IPv4

Insert the route into the VRF identified by the RTattribute (based on PE configuration)

The label associated to the VPN-V4 address will be set onpackets forwarded towards the destination

VPN-v4 update:RD:1:27:149.27.2.0/24,Next-hop=PE-1

RT=VPN-A

Label=(28)

VPN-v4 update is translatedinto IPv4 address and putinto VRF VPN-A as RT=VPN-A and optionally advertisedto any attached sites

VRF Population of MP-BGP

ParisLondon


54/118


MPLS/VPN Packet Forwarding

Between PE and CE, regular IP packets (currently)

Within the provider networklabel stack

Outer label: get this packet to the egress PE

Inner label: get this packet to the egress CE

MPLS nodes forward packets based on TOP label!!!

any subsequent labels are ignored

Penultimate Hop Popping procedures used one hop prior

to egress PE router (shown in example)


55/118


In Label FEC Out Label

- 197.26.15.1/32 41

Paris

149.27.2.27

PE-1

London149.27.2.0/24

Ingress PE receives normal IP packets

PE router performs IP Longest Match from VPNFIB, finds iBGP next-hop and imposes a stack oflabels

149.27.2.272841

VPN-A VRF149.27.2.0/24,

NH=197.26.15.1Label=(28)



56/118



41 197.26.15.1/32 POP

Paris

149.27.2.27

PE-1

London149.27.2.0/24

149.27.2.272841

VPN-A VRF149.27.2.0/24,

NH=197.26.15.1Label=(28)

149.27.2.2728


28(V) 149.27.2.0/24 -

VPN-A VRF149.27.2.0/24,

NH=Paris

149.27.2.27

Penultimate PE router removes the IGP label

Penultimate Hop Popping procedures (implicit-null label)

Egress PE router uses the VPN label to select whichVPN/CE to forward the packet to

VPN label is removed and the packet is routed toward the

VPN site



57/118


Things to Note

Core does not run VPNv4 BGP!Same principle can be used to run a BGP-free corefor an IP network

CE does not know its in an MPLS-VPN

Outer label is from LDP/RSVP

Getting packet to egress PE is mutually independent toMPLS-VPN

Inner label is from BGP

Inner label is there so the egress PE can have the samenetwork in multiple VRFs


58/118


CE

iBGP Domain

Customer-1

VPN1Customer-2

CE

MPLS Domain

PE

Separate Physical Links

Separate router per Customer/VPN

VRF Route Population

VRF is populated locally through PE and CE routing protocol exchange

RIP Version 2, OSPF, BGP-4, EIGRP, & Static routing

connected is also supported (i.e. Default-gateway is PE)

Separate routing context for each VRF

routing protocol context (BGP-4 & RIP V2)

separate process (OSPF)

eBGP, EIGRP,OSPF, RIPv2,Static


59/118


Each VRF separation on the PE is extended to the CE

Separation is maintained via layer-2 transport that support logical separation (e.g. 802.1Q,FR/ATM VCs

CE router must be capable of supporting VRFs

CE is not required to support MPLS labels

Routing protocol options from CE-PE remain the same (e.g. BGP, RIPv2, OSPF, EIGRP, static)

iBGP Domain

Routing Updates

Multi-VRF CE (VRF-lite)

VPN2

VPN1VPN1

CE

MPLS Domain

PE

Single Physical Link

Logical Link per VRFLayer-2 must support logical separation

802.1q, FR/ATM VCs

Single router supporting

Multiple VRF Instances

NO Labels Required


60/118


Customers Connecting to a Layer-3 VPN Service

What routing protocol is supported by the carrier (CE-PE)?

What address space do they allow for CE-PE subnet?

What layer-2 transport is required/supported from CE-PE?

Do they provide a QoS SLA?

Concerning QoS, do they require DSCP or ToS settings from the CEto their PE?

Do they manipulate DSCP/ToS based on congestion in theirnetwork?

What other services do they have on their roadmap of Service

Offerings (Example: IPv6, IP Multicast, Tighter QoS SLA offering,other??)

Understand the resiliency in the core

Do they offer LEC diversification or bypass?

Validating Cisco MPLS Based IP-VPN


61/118


Validating Cisco MPLS Based IP VPNas a Secure Network

Security

Miercom independent testingconfirmed Cisco MPLS VPN issecure: Customers network topology is not

revealed to the outside world

Customers can maintain ownaddressing plans and the freedomto use either public or privateaddress space

Attackers cannot gain access into

VPNs or Service Providers network Impossible for attacker to insert

spoofed label into a Cisco MPLSnetwork and thus gain access to aVPN or the MPLS core

RED-Glascow

2611100.200.200.104

3.4.4.4

10.4.4.4

SER 5/0:0100.200.104.1

POS 1/0100.200.106.2

T1 FRdlci 102

eBGP AS72T1 FR

dlci 104RIP v2

Ser 3/0100.200.102.1

SiSi

SiSi

SER 1/0:0100.200.104.2

ATM2/0/0

100.200.111.1

SER 1/0/1:0100.200.110.1

POS 2/1/0100.200.112.2

3.5.5.5

RED-Dover

1750100.200.200.109

10.3.3.3

T1 FRdlci 109RIP v2

T1 FRdlci 110

Static

10.3.3.3

DOVER

7505

100.200.200.112

ATM1/0100.200.111.2

Ser 0100.200.109.2

BLUE-Dover

2611100.200.200.110

YELLOW-Dover

3640100.200.200.111

Ser 1/0100.200.110.2

Ser 5/0:0100.200.101.1

BLUE-Oxford

1750100.200.200.101

Ser 0100.200.101.2

T1 FRdlci 101

OSPF

10.4.4.4

pvc 0/11eBGP AS71

BLUE-Glascow

3640100.200.200.105

SER 1/0/0:0100.200.109.1

ATM1/0100.200.105.2

10.5.5.5

ATM 1/0100.200.105.1

pvc 1/1OS PF

OC3 POS

GLASCOW

7206

100.200.200.106

OXFORD

7206

100.200.200.103

LONDON

GSR12008

100.200.200.107

POS 1/0100.200.103.1

POS 1/1100.200.106.1

POS 1/0100.200.112.1

POS 2/0100.200.110.1

OC3 POSOC3 POS

YELLOW-Oxford

3640100.200.200.102

Ser 0/0100.200.102.2

SiSi

POS 2/0100.200.103.2

Test Network Topology

http://mier.com/reports/cisco/MPLS-VPNs.pdf

Managed Shared Services Are The Future


62/118


Managed Shared Services Are The Futureof Centralized Services

CentralizedServices

Co-LocationCentralized

HostingServices

CentralizedApplication

Services

L2/L3

Connectivity

DataCenterSpace

L2/L3

ConnectivityFor VPNs

Basic

Hosting

Managed

Security

ManagedNetworkServices

Platform

Services

E-Comm

App Mgmt

Business

Logic

Customer

Relation

Value Added Services

VPN Aware NAT

IP Address Management

VPN AwareHSRP/VRRP

Cisco IOS - Key enabler to Centralized Add-on Services in MPLS-VPNs

Multicast VPN

VPN Select


63/118


mVPN : Concept & Fundamentals

Receiver 4

B1

D

F

CE

A

CE

CE

High bandwidth

multicast source

Receiver 3

Receiver 2

C

CE

CE

MPLS VPN

Core

CE

Receiver 1

E

PE

BPE

PE

E

PEA

PED

C

Join highbandwidth source

Join highbandwidth source

The MPLS Core forms aDefault MDT for a givenCustomer

Customer CE devicesjoins the MPLS Corethrough providers PEdevices

Data-MDT is formed forthis High-Bandwidthsource

A High-bandwidth sourcefor that customer startssending traffic

Interested receivers 1 & 2

join that High Bandwidthsource

CE

DataMDT

For HighBandwidth

traffic only.

DefaultMDT

For lowBandwidth &

controltraffic only.

B2

SanFrancisco

Los

Angeles

Dallas

New York


64/118


MPLS Layer-2 Transport

Pseudo Wire


65/118


Layer 2 Transport L2TPv3

draft-ietf-l2tpext-l2tp-base-07.txt

draft-ietf-l2tpext-l2tpmib-base-01.txt

MPLS (P2P, formerly draft-martini)

draft-ietf-pwe3-control-protocol-01.txt

draft-ietf-pwe3-[atm, frame-relay, ethernet, etc.]

Layer 2 VPN (VPLS)

draft-lasserre-vkompella-ppvpn-vpls-02.txt

Auto-Provisioning

draft-ietf-ppvpn-bgpvpn-auto-02.txt (BGP auto-discovery)

Cisco IETF Technology Adoption


66/118


Layer 2 Transport for MPLS Networks

HDLC/PPP

Frame Relay

Ethernet (802.1Q)

ATM AAL5 & Cell Relay

AToMAny Transport Over MPLS


67/118


Motivation for AToM

Protect existing investment while building packet core

Frame Relay and ATM

Non-IP protocols SNA, IPX

Trunk customer traffic

Trunk customers IGP across the provider backbone

Especially when the customer is connecting over disparate media

Provider devices forward customer packets based on Layer 2information

Circuits (ATM/FR), MAC address

CPE-based Tunnels (e.g. IPSEC) analogous to circuitsPossibility of a new service (VPLS emulated LAN)

Good fit for customers that either

Simply want connectivity

Have non-IP protocols

AToM


68/118


VC Information Exchange

VC labels are exchanged across a directed LDPsession between PE routers

Carried in Generic Label TLV within LDP Label Mapping

Message (RFC3036 -LDP)

New LDP FEC element defined to carry VCinformation

FEC element type 128 Virtual Circuit FEC Element;

Carried within LDP Label Mapping Message

VC information exchanged using DownstreamUnsolicited label distribution procedures

Described in draft-martini-l2circuit-trans-mpls

AToM


69/118


PE2PE1

CECE1

Bi-directional Label/VCID mapping exchange

Label Mapping Exchange

PE2 repeats steps 1-5 so that bi-directional label/VCID mappingsare established

1. L2 transport routeentered on ingress PE

2. PE1 starts LDPsession with PE2 ifone does not alreadyexist

3. PE1 allocates VClabel for new interface& binds to configuredVCID

4. PE1 sends labelmapping messagecontaining VC FEC

TLV & VC label TLV 5. PE2 receives VCFEC TLV & VC labelTLV that matcheslocal VCID

Tunnel Label VC Label PDU


70/118


Layer 2 Integration ATM/FR over MPLS

PE

MPLSBackbone

PE

ATM/FR

CPE Router

ATM/FR

CPE Router

Virtual Circuits

Any Transport overMPLS (AToM)

Tunnel

Cells/frames withlabels

Virtual Leased Line

Two different requirements for

the transport of ATM across anMPLS backbone

- Transport of AAL5 encapsulatedframes (RFC1483);

- Transport of ATM cells (cell relay)

AToM FR will support DLCI to DLCI switching

Both local and distributed connectivity;

PE will act as DCE or NNI Interface;

Different encapsulation may be used on both ends of

the PVC e.g Cisco encapsulation on one end and

IETF (RFC 1490) encapsulation on the other end

QoS Options, Mapping: L2IPEXP


71/118


Layer 2 Integration - Ethernet over MPLS

Port-mode

Allows a frame coming into an interface to be packed into an MPLS packet

VLAN-mode

Forwards frames from a SRC 802.1Q VLAN to a DST 802.1Q VLAN

PE PE

MPLS Network

PE PE

EnterpriseLAN

ISP 1

EnterpriseLAN

PE PE

ISP 2

ISP A

ISP 3

ISP B

ISP C

EthernetSegment

EthernetSegment


72/118


PPP/HDLC over MPLS

End to End PPP/HDLC Session

PPP/HDLC over MPLS

Customer Edge

Customer Edge

MPLS Network

Broadband Access

DSL

Cable

BBFWContent CacheDNS, AAA

End to End PPP SessionRemote Hosting& Backhaul

Example:


73/118


PE1PE2

P

L0: 192.168.100.10/32 L0: 192.168.100.12/32

L0: 192.168.100.11/32

2.0/24 4.0/24

3.0/24

.1

.1

.1

.2

.2

.2

192.168.0.0/24 FE

FE

FE

ATM KG ATM KG

OC-3OC-3

7505 7200

7507PVC0/200

PVC0/200

7505-AToM-PE#sh atm vc

VCD / Peak Avg/Min BurstInterface Name VPI VCI Type Encaps Kbps Kbps Cells Sts

2/0/0.100 4 0 100 PVC AAL0 149760 N/A UP

Pseudo-wire LSP

interface ATM2/0/0no ip address

no atm ilmi-keepalive

no atm enable-ilmi-trap!

!

interface ATM2/0/0.200 point-to-point

no atm enable-ilmi-trap

pvc 0/200 l2transport

encapsulation aal0

xconnect 192.168.100.12 200 encapsulation mpls

interface ATM2/0/0no ip address

no atm ilmi-keepalive

no atm enable-ilmi-trap!

!

interface ATM2/0/0.200 point-to-point

no atm enable-ilmi-trap

pvc 0/200 l2transport

encapsulation aal0

xconnect 192.168.100.10 200 encapsulation mpls

pATM KG connection over ATM Cell Relay (AToM)


74/118


MPLS AToM show Output

7200-AToM-PE# show mpls l2 vc

Local intf Local circuit Dest address VC ID Status

------------- -------------------- --------------- ---------- ----------

AT4/0 ATM VPC CELL 0 192.168.100.10 200 UP

7200-AToM-PE# show mpls l2 vc detail

Local interface: AT2/0/0 up, line protocol up, ATM VPC CELL 0

Destination address: 192.168.100.10, VC ID: 200, VC status: up

Preferred path: not configured

Default path: active

Tunnel label: imp-null, next hop point2point

Output interface: Tu200, imposed label stack {16}

Create time: 23:16:48, last status change time: 16:53:49

Signaling protocol: LDP, peer 192.168.100.12:0 up

MPLS VC labels: local 16, remote 16

Group ID: local 0, remote 0

MTU: local n/a, remote n/a

Remote interface description:

Sequencing: receive disabled, send disabled

VC statistics:

packet totals: receive 9693985, send 777914411

byte totals: receive 581639100, send 3725191700

packet drops: receive 0, send 0

Building on the theme One Network Any


75/118


g yAccess

Any to Any connectivity (Future)Interworking between disparate transports

Use AToM control plane to do service interworking

Frame Relay to ATM

Frame Relay to EthernetEthernet to ATMFrame Relay to HDLC/PPPEthernet to POS..

Frame RelayATMEthernetPPP

Cisco HDLC

Frame RelayATMEthernetPPPCisco HDLC

MPLS

VPLS Building Blocks


76/118


Common VC ID

between PEs creates aVirtual Switching

Instance

Based on:draft-lasserre-vkompella-ppvpn-vpls-02.txt

PE PE

MPLS

MPLS enabled coreforms Tunnel LSPs

CE

Attachment VCs arePort Mode or VLAN ID

CE

CE

Full Mesh of directedLDP sessions

exchange VC Labels


77/118


MPLS Traffic Engineering

Bandwidth Protectionusing

MPLS Traffic Engineeringwith

Fast ReRoute (FRR)


78/118


Traffic Engineering - Theory

MPLS-TE was designed to move traffic along a path other

than the IGP shortest path

Bring ATM/FR traffic engineering abilities to an IP network

Avoid full IGP mesh and n(n 1)/2 flooding

Bandwidth-aware connection setup

Fast ReRoute (FRR) is emerging as another application ofMPLS-TE

Bandwidth Protection: Allows for tighter control onbandwidth packet loss, delay & jitter

Minimal packet loss (msec) when a link goes downCan be used in conjunction with MPLS-TE for primary paths,can also be used in standalone

Provide Virtual Leased Lines DS-TE + QoS

Intelligent network infrastructure for better bandwidth guarantees

(DS-TE, Online Bandwidth Protection, Voice VPNs etc)

S


79/118


Router F

The Problem with Shortest-Path

Changing to A->C->D->Ewont help

Router C Router D

Router G

Router A

Router B

Node Next-Hop Cost

B 10B

F 30B

C 10CD 20CE 20B

G 30B

OC-3

OC-3

DS3

DS3

DS3OC-3

OC-3

Some links are DS3, some

are OC-3 Router A has 40Mb of traffic for

Route F, 40Mb of traffic forRouter G

Massive (44%) packet loss at

Router B->Router E!

Router E

P h C l l i


80/118


Node Next-Hop Cost

B 10B

F 30Tunnel 0

C 10CD 20CE 20B

G 30Tunnel 1

Router F

Path Calculation

PCALC takes bandwidth, otherconstraints into account

Link state protocol advertisesunreserved capacity

Constraints (required bandwidth andpolicy) are specified for a TE trunk

End result: Bandwidth used moreefficiently!

OC-3

OC-3

DS3

DS3

DS3OC-3

Router C

Router E

Router D

Router G

Router A

Router B

OC-3

F di T ffi D T l


81/118


Forwarding Traffic Down a Tunnel

There are three ways traffic can beforwarded down a TE tunnel

Auto-route

Static routes

Policy routing

With the first two, MPLS-TE gets youunequal cost load balancing

F t R R t


82/118


Fast ReRoute

FRR: A mechanism to minimize packet lossduring a failure

Pre-provision protection tunnels that carry trafficwhen a protected resource (link/node) goesdown

Use MPLS-TE to signal the FRR protectiontunnels, taking advantage of the fact that MPLS-TE traffic doesnt have to follow the IGP shortestpath

Used as a mechanism (along with DS-TE) fortight SLA offerings for Guaranteed BandwidthServices

Li k P t ti *


83/118


Link Protection*

Primary Tunnel: A -> B -> D -> E

BackUp Tunnel: B -> C -> D (Pre-provisioned)

Recovery = ~50ms

Router D

Router C

Router A Router B Router E

Router YRouter X

*Introduced in 12.0(11)ST

N d P t ti


84/118


Node Protection

Primary Tunnel: A -> B -> D -> E -> F

BackUp Tunnel: B -> C -> E (Pre-provisioned)

Recovery = ~100ms

Router E

Router C

Router A Router B Router F

Router YRouter X

Router D

Introduced in 12.0(22)S

St d di ti IETF


85/118


Standardization - IETF

MPLS Working GroupFast Reroute Extensions:

draft-ietf-mpls-rsvp-lsp-fastreroute-01.txt

Fast Reroute MIB:

draft-ietf-mpls-fastreroute-mib-01.txt

IETF Drafts

Bandwidth Protection

draft-vasseur-mpls-backup-computation-01.txt

Path Computation (eg. Inter-AS)

draft-vasseur-mpls-computation-rsvp-02.txt


86/118


MPLS QoS

DiffS MPLS


87/118


DiffServ over MPLS

MPLS doesnt define a new QoSarchitecture

Most of the work on MPLS QoS hasfocused on supporting current IP QoSarchitectures

Same traffic conditioning and Per-Hopbehaviors as defined by DiffServ



88/118


Label 20 bitsEXP Experimental Field, 3 bitsS Bottom of Stack, 1 BitTTL Time to Live, 8 Bits

0 1 2 30 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

Label EXP S TTL


Can be used over other layer-2 technologies

Contains all information needed at forwarding time

One 32-bit word per label

EXP field size limitation by standards

Diff Serv Support Over MPLS


89/118


E-LSPLDP/RSVP LDP/RSVP

EF

AF1

Diff-Serv Support Over MPLS

Diff-Serv is supported today over MPLS

RFC3270

Neither more nor less than plain old Diff-Serv

Example above illustrates support of EF and AF1 on

single E-LSPEF (Expedited Forwarding) and AF1 (Assured Forwarding) packetstravel on single LSP (single label) but are enqueued in differentqueues (different EXP values)

DiffServ MPLS QoS Implementation


90/118


DiffServ MPLS QoS Implementation

EnterpriseLAN PE

CE

EnterpriseLAN

MPLS Core

CE

PE

CE OutFR TSLLQ

WREDFRF.12cRTP

PE OutLLQ

WREDP - PLLQWRED

PE - P

LLQWRED

P - PE

LLQWRED

PE InPolice

Mark

Notes:-Traffic Classified by EXP- Core is MPLS Frame-mode- LLQ on MPLS packets- WRED based on EXP

- No need for inbound policyin Core-LLQ for Min B/W guarantee-Unmanaged CE exampleshown

P P

FR LinkFR Link

Relationship betweenMPLS TE and MPLS Diff Serv


91/118


MPLS TE and MPLS Diff-Serv

Diff-Serv specified independently of Routing/PathComputation

MPLS Diff-Serv (RFC3270) specified independently ofRouting/Path Computation

MPLS TE designed as tool to improve backbone efficiency

independently of QoS:MPLS TE compute routes for aggregates across all Classes

MPLS TE performs admission control over global bandwidth pool for allClasses (i.e., unaware of bandwidth allocated to each queue)

MPLS TE and MPLS Diff-Serv:

can run simultaneously

can provide their own benefit (ie TE distributes aggregate load, Diff-Servprovides differentiation)

are unaware of each other (TE cannot provide its benefit ona per class basis such as CAC and constraint based routing)

MPLS TE with Best Effort Network


92/118


MPLS TE with Best Effort Network

Find Route and Set-Up Tunnel for20 Mb/s (Aggregate) From POP1to POP4

Find Route and Set-Up Tunnel for

10 Mb/s (Aggregate) From POP2to POP4

CORE

POP 4

POP

POPPOP

POP 2

POP 1

MPLS TE with DiffServ Network


93/118


CORE

POP 4

POP

POPPOP

POP 2

POP 1

MPLS TE with DiffServ Network





DiffServ aware Traffic Engineering (DS-TE)


94/118


DiffServ aware Traffic Engineering (DS-TE)

DS-TE is more than MPLS TE + MPLS DiffServ DS-TE makes MPLS TE aware of DiffServ:

DS-TE establishes separate tunnels for different classes

DS-TE takes into account the bandwidth available to each

class (e.g. to queue)DS-TE takes into account separate engineering constraintsfor each class

e.g. I want to limit Voice traffic to 70% of link max, but Idont mind having up to 100% of BE traffic.

e.g I want overbook ratio of 1 for voice but 3 for BE

DS-TE ensures specific QoS level of each DiffServ classis achieved

DS-TE Configuration ExampleTunnel Midpoint


95/118


Tunnel Midpoint

!

class-map match-all PREMIUMmatch mpls experimental 5

!

class-map match-all BUSINESS

match mpls experimental 3 4

!

policy-map OUT-POLICY

class GOLD

priority 16384

class SILVER

bandwidth 65536

random-detect

class class-default

random-detect

!

interface POS1/0ip address 10.150.1.1 255.255.255.0

ip rsvp bandwidth 155000 155000 sub-pool 16384

service-policy output OUT-POLICY

mpls traffic-eng tunnels

mpls ip

!

Data PlaneBandwidthAllocation

Control Plane

Bandwidth

Allocation

BandwidthAllocation

MPLS DS TE with DiffServ Network


96/118


CORE

POP 4

POP

POPPOP

POP 1

MPLS DS-TE with DiffServ Network


5 Mb/sof EFFrom POP1 to POP4


3 Mb/sof EFFrom POP2 to POP4

Find Route and Set-UpTunnel for 15 Mb/s of BEFrom POP1 to POP4

Find Route and Set-Up Tunnel for7 Mb/s of BEFrom POP2 to POP4

POP 2


97/118


MPLS QoS Applicationsfor Multi-Service

MPLS QoS Applications for Multi-Service


98/118


MPLS QoS Applications for Multi-Service

MPLS QoS GeneralMPLS Diffserv

MPLS TE

MPLS FRR (applies to strict QoS)

Diffserv-TE (DS-TE)

Combination = Guaranteed Bandwidth Services

ApplicationsVoice Trunking over TE

Virtual Leased Line Services

Solution 1: Toll Bypass with VoiceNetwork


99/118


Network

PE

PBX withPacket

Interface

PBX withPacket

Interface

PSTN Traditional TDM

Network

TraditionalPhone

TraditionalPhone

Toll Bypass

QoS on PERouter

SolutionRequirements

MappingTraffic toTunnels

TE or

DS-TE

QoS onCoreRouters

PETE Tunnel

+ + +

FRR Protection ofTunnel

Solution 2: Toll Bypass withVoice/Data Converged Network


100/118


Voice/Data Converged Network

PE

CE

PSTN Traditional TDM

Network

EnterpriseLAN

EnterpriseLAN

Toll Bypass

QoS on PERouter

SolutionRequirements

MappingTraffic toTunnels

TE or

DS-TE

QoS onCoreRouters

CE

QoS on CERouter

PETE Tunnel

PBX withCircuitEmulationInterface

+ + + +

FRR Protection ofTunnel

Solution 3: Virtual Leased LinesATM Networks Using AToM


101/118


ATM Networks Using AToM

PE

MPLSBackbone

PE

ATM

CPE Router

ATM

CPE Router

ATM Virtual Circuits

Any Transport overMPLS (AToM)

Tunnel

DS-TE TunnelVirtual Leased Line(DS-TE + QoS)

TE Tunnel Selection for AToM Attachment VCs

Two different requirements forthe transport of ATM across anMPLS backbone

Transport of AAL5 encapsulatedframes (RFC1483);

Transport of ATM cells (cell relay)

Future QoS Mapping: L2IPEXPFRR Protection of Tunnel

DS- TE - Standardization - IETF


102/118


DS- TE - Standardization - IETF

Standardization effort initiated by Cisco mid 2000

Now major work item of TEWG with broad support from SPs &vendors

DS-TE Requirements: on its way to RFC (IETF Last Call)

draft-ietf-tewg-diff-te-reqts-06.txt

DS-TE Protocol Extensions: Working Group document

Draft-ietf-tewg-diff-te-proto-02.txt

Consensus on protocol extensions

Selection of Bandwidth Constraints model still under discussion Uses the Russian Dolls Bandwidth Constraint Model


103/118


IPv6 over MPLS

(6PE/6VPE)

MPLS as a Foundation for Services


104/118


MPLS as a Foundation for Services

VPNs

MPLS

TrafficEngineering

QoS/TightSLAs

Network Infrastructure

GMPLS AnyTransportOver MPLS

IPv6overMPLS

6PE

6VPE

IPv6 Edge Router (6PE) over MPLS


105/118


IPv6 Edge Router (6PE) over MPLS

144.254.0.0

2001:0421::

2001:0420::

P P

PP 6PE

6PE IPv4

IPv6

IPv6

192.76.170.0

134.95.0.0

2001:0621::

IPv4

6PE

6PEIPv4

IPv6

2001:0620::

IPv6

MP-iBGP sessions

v6

v6

v6

v6

v4

v4

v4

Many Carriers, large ISP and Mobile SP have invested on MPLSinfrastructure

Core devices may be ATM switches, GSR or other vendors routersLeverages MPLS features, eg. MPLS/VPN, TE, CoS,...

Multiple implementations options to integrate IPv6IPv6 on CE, IPv6 over AToM, IPv6 Edge router (6PE), native IPv6 MPLS6PE allows the SP to offer IPv6 at lower cost and risk

OC48/192

IPv6 VPN Provider Edge Router: 6VPE


106/118


P

P

P

PV6 and v4

v4

V6 and V4

v4

V6 and v4MP-iBGP sessions

CE

CE

6VPE

6VPE 6VPE

6VPE 192.254.10.02001:0421::

2001:0420::

192.76.10.0

145.95.0.0

2001:0621::

2001:0620::

CE

IPv6 VPN Provider Edge Router: 6VPE

IPv4MPLS

V6 and v4

145.96.0.0

Dual Stack IPv4-IPv6 routersDual Stack IPv4-IPv6 routers

For VPN customers (RFC 2547bis), IPv6 VPN service is exactly the same as IPv4 VPN

service IPv6 packets transported from 6VPE to 6VPE inside IPv4 LSPs (IPv4 Core)

For ISP offering MPLS/VPN for IPv4 that wish to add IPv6 services as well

- No modification on the MPLS core

- Support both IPv4 and IPv6 VPNs concurrently on the same interfaces

- Configuration and operations of IPv6 VPNs exactly like IPv4 VPNs

Generalized MPLS (GMPLS)


107/118


Generalized MPLS (GMPLS)

Reduces the multiple layers into a single, integrated,control layer

Extends MPLS control plane to address optical layer

constraints and attributes Leverages IP layer management simplicity and

distributed intelligence

Provides sophisticated traffic engineering capabilitiesfor resource management and control

UCP GMPLS Phase 4Integrated IP+Optical Intelligence


108/118


Integrated IP+Optical Intelligence

IP+Optical

GMPLS-Based Standard NNI

Single MPLS and GMPLSIP+Optical Control Plane

Concurrent Peer and UNI

Overlay Operation Topology Visibility for

Coordinated Routing andRestoration

Advanced Smart BW Services

Client

MetroMulti-Service

OTN

MetroMulti-Service

OTN

Router Router

UNI

NNI NNI

NNINNI

Management Plane

GMPLS Enabled Control Plane

Summary


109/118


Summary

MPLS is much more than label switching

MPLS allows an IP infrastructure to be ServiceEnabled

Allows the SP/Enterprise to offer multiple Servicesacross a single infrastructure

AToM allows layer-2 transport across an MPLSinfrastructure

Combining TE, TE-FRR, and DS-TE, allows very tight

SLAs offerings with high-availability for low-latencyapplications (e.g. Voice and Virtual Leased Line)

MPLS Services will continue to evolve and allow theintegration of more Services across a singleinfrastructure


110/118


MPLS Further Reading

Further Reading - Books


111/118


Further Reading Books

BooksMPLS: Technology and Applicationsby Bruce S. Davie, Yakov Rekhter ISBN: 1558606564

Traffic Engineering with MPLSby Eric Osborne, Ajay Simha ISBN: 1587050315

MPLS and VPN Architectures, Volume Iby Ivan Pepelnjak, Jim Guichard ISBN: 1587050811

MPLS and VPN Architectures, Volume IIby Ivan Pepelnjak, Jim Guichard, Jeff Apcar ISBN: 1587051125

Advanced MPLS Design and Implementationby Vivek Alwayn ISBN: 158705020X

MPLS Links


112/118


MPLS Links

Link to MPLS Home Page (CCO):

http://www.cisco.com/warp/public/732/Tech/mpls/

MPLS Technical Documents (CCO):

http://www.cisco.com/warp/public/732/Tech/mpls/mpls_techdoc.shtml

Link to Tunnel Builder Home Page:

http://www.cisco.com/warp/public/732/Tech/mpls/tb/

Link to MPLS Working Group Page (IETF):

http://www.ietf.org/html.charters/mpls-charter.html

Select MPLS RFCs
http://www.cisco.com/warp/public/732/Tech/mpls/http://www.cisco.com/warp/public/732/Tech/mpls/mpls_techdoc.shtmlhttp://www.cisco.com/warp/public/732/Tech/mpls/tb/http://www.ietf.org/html.charters/mpls-charter.htmlhttp://www.ietf.org/html.charters/mpls-charter.htmlhttp://www.ietf.org/html.charters/mpls-charter.htmlhttp://www.ietf.org/html.charters/mpls-charter.htmlhttp://www.cisco.com/warp/public/732/Tech/mpls/tb/http://www.cisco.com/warp/public/732/Tech/mpls/mpls_techdoc.shtmlhttp://www.cisco.com/warp/public/732/Tech/mpls/


113/118


Select MPLS RFCs

Requirements for Traffic Engineering over MPLS (RFC 2702)

Multiprotocol Label Switching Architecture (RFC 3031)

MPLS Label Stack Encoding (RFC 3032)

MPLS using LDP and ATM VC Switching (RFC 3035)LDP Specification (RFC 3036)

Carrying Label Information in BGP-4 (RFC 3107)

RSVP-TE: Extensions to RSVP for LSP Tunnels (RFC 3209)

MPLS Support of Differentiated Services (RFC 3270)MPLS/BGP VPNs (RFC 2547 Informational, de factostandard)

All but the first have one or more Cisco co-authors

MPLS Links


114/118


S s

Link to MPLS Home Page (CCO):

http://www.cisco.com/warp/public/732/Tech/mpls/

MPLS Technical Documents (CCO):

http://www.cisco.com/warp/public/732/Tech/mpls/mpls_techdoc.shtml

Link to Tunnel Builder Home Page:

http://www.cisco.com/warp/public/732/Tech/mpls/tb/

Link to MPLS Working Group Page (IETF):

http://www.ietf.org/html.charters/mpls-charter.html
http://www.cisco.com/warp/public/732/Tech/mpls/http://www.cisco.com/warp/public/732/Tech/mpls/mpls_techdoc.shtmlhttp://www.cisco.com/warp/public/732/Tech/mpls/tb/http://www.ietf.org/html.charters/mpls-charter.htmlhttp://www.ietf.org/html.charters/mpls-charter.htmlhttp://www.ietf.org/html.charters/mpls-charter.htmlhttp://www.ietf.org/html.charters/mpls-charter.htmlhttp://www.cisco.com/warp/public/732/Tech/mpls/tb/http://www.cisco.com/warp/public/732/Tech/mpls/mpls_techdoc.shtmlhttp://www.cisco.com/warp/public/732/Tech/mpls/


116/118


Backup Slides

Terminology, 1/2


117/118


gy,

RRRoute ReflectorA router (usually not involved in packet forwarding) that distributes BGP routeswithin a providers network

PEProvider Edge routerThe interface between the customer and the MPLS-VPN network; only PEs (andmaybe RRs) know anything about MPLS-VPN routes

PProvider routerA router in the core of the MPLS-VPN network, speaks LDP/RSVP but not VPNv4

CECustomer Edge routerThe customer router which connects to the PE; does not know anything aboutlabels, only IP (most of the time)

LDPLabel Distribution Protocol

Distributes labels with a providers network that mirror the IGP, one way to getfrom one PE to another

LSPLabel Switched PathThe chain of labels that are swapped at each hop to get from one PE to another

Terminology, 2/2


118/118

gy,

VPNVirtual Private NetworkA network deployed on top of another network, where the two networks areseparate and never communicate

VRFVirtual Routing and Forwarding instance

Mechanism in IOS used to build per-interface RIB and FIB

VPNv4Address family used in BGP to carry MPLS-VPN routes

RD

Route Distinguisher, used to uniquely identify the same network/mask fromdifferent VRFs (i.e., 10.0.0.0/8 from VPN A and 10.0.0.0/8 from VPN B)

RT

Route Target, used to control import and export policies, to build arbitrary VPNtopologies for customers