BNL MPLS Intro Services

MPLS Basics and In-Depth
Overview of MPLS Fundamentals, Basic Operation, and In-Depth overview of Service Capabilities
BNL Update June 29, 2004 Craig Hill Email: crhill@cisco.com Consulting SE IP Core Federal Area
Intro to MPLS AT Seminar
2004, Cisco Systems, Inc. All rights reserved.
MPLS Brief Overview and In-depth Session

MPLS Overview This session will provide the fundamentals for understanding MPLS technology basics. The discussion will include MPLS evolution, terminology, functions of labels, label format, label distribution, as well as encapsulations and basic operation of an MPLS-enabled network. Cisco products supporting MPLS will also be briefly covered. MPLS In-Depth
Difficulty understanding what advantages MPLS can offer and "why" network architects would consider implementing MPLS into the core of their network? This section will provide in-depth answers to these questions and explain the advantages and "Services" MPLS can offer Federal customers who are either looking to build an MPLS enabled core or utilize a service offering that is MPLS enabled. Services discussed will include VPN, Layer-2 transport, QoS, and IPv6 transport among others.
MPLS Intro and Services Update
Agenda
MPLS History Technology Basics
Operation Examples
Cisco Product Overview
Cisco Products Supporting MPLS
Evolution of MPLS
Origins from Tag Switching Proposed in IETFLater combined with ideas from other proposals from IBM (ARIS), Toshiba (CSR)
AToM, VPLS, DS-TE Deployed Cisco Calls a BOF at IETF to Standardize Tag Switching MPLS Croup Formally Chartered by IETF Cisco Ships MPLS (Tag Switching) Cisco Ships MPLS TE MPLS VPN Deployed
Traffic Engineering Deployed

Large Scale Deployments
Time
1996
1997
1998
1999
2000
2001
2004
4
Why MPLS?
Integrate best of Layer 2 and Layer 3
-Intelligence of IP Routing - performance of high-speed switching -Legacy service transport -QoS -VPN Semantics
-Link layers include:

-Ethernet, PoS, ATM, FR
Note: MPLS and IP could be optimal solution for overall IP Services Architecture.
MPLS as a Foundation for Value Added Services
VPNs
Traffic Engineering
IP+ATM
IP+Optical GMPLS
Any Transport Over MPLS
MPLS
Network Infrastructure
MPLS Technology Basics

IP Routing
Labels Control and Forwarding Plane Separation
Label Distribution
MPLS Environment
Label-based Forwarding
IP Routing
Address Prefix I/F 1 1 Address Prefix I/F 0 1

Address Prefix
I/F 0
128.89
171.69
128.89
171.69
128.89
Route Update
0 1 128.89
128.89.25.4 Data
1
128.89.25.4 Data
128.89.25.4 Data
128.89.25.4 Data
Packets Forwarded Based on IP Address
171.69

IP Routing
Label Distribution
MPLS Environment
10
Encapsulations
Frame Relay Label Header PPP Header (Packet over SONET/SDH) * LAN MAC Label Header
Frame Relay
Label Header
Layer 3 Header
PPP Header
Label Header
Layer 3 Header
MAC Header
Label Header
Layer 3 Header
* LAN MAC Label Header also used for MPLS packets over an ATM Forum PVC SNAP Header. (Ethertype = 0x8847/8848)
11
Label Header for Packet Media

0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Tag
COS S
TTL
Label = 20 bits S = Bottom of Stack, 1 bit
COS/EXP = Class of Service, 3 bits TTL = Time to Live, 8 bits
Can be used over Ethernet, 802.3, or PPP links Uses two new Ethertypes/PPP PIDs (in MAC hdr) Contains everything needed at forwarding time One word per label
MTU beyond 1518 for Ethernet can be accounted for when adding labels by the mpls mtu command.
12
Label Stacking
Arrange labels in a stack Inner labels can be used to designate services/FECs, etc.
E.g. VPNs, fast re-route, alternate forwarding
Outer label used to route/switch the MPLS packets in the network

(e.g. for VPN, outer label used for forwarding to remote PEs and bottom label for differentiating VPN at remote PE). Outer Label
Allows building services such as:

MPLS VPNs Traffic engineering and fast re-route
TE Label
IGP Label VPN Label Inner Label IP Header
VPNs over traffic engineered core

Any transport over MPLS
13

IP Routing
Label Distribution
MPLS Environment
14
Control and Forward Plane Separation

RIB Routing Process
Route Updates/
Adjacency
Control Plane
LIB
MPLS Process
Label Bind Updates/ Adjacency
Data Plane
LFIB
FIB
MPLS Traffic
IP Traffic
15

IP Routing
Label Distribution
MPLS Environment
16
Label Distribution Protocol (LDP)

Defined in RFC 3036 and 3037 Used to distribute labels in a MPLS network Forwarding Equivalence Class (FEC)
How packets are mapped to LSPs (Label Switched Paths)
Advertise labels per FEC

Reach destination a.b.c.d with label x (per IPL3DA in RIB)
Neighbor discovery
UDP and TCP Ports UDP port for LDP Hello messages = 646 TCP port for establishing LDP session connections = 646
17
TDP and LDP

Tag Distribution Protocol
Pre-cursor to LDP
Used for Cisco tag switching
TDP and LDP supported on the same box

Per neighbor/link basis Per target basis
18
RSVP and Label Distribution
Used in MPLS Traffic Engineering Additions to base RSVP signaling protocol Leverage the admission control mechanism of RSVP Label requests are sent in PATH messages and binding is done with RESV messages
Note: CR-LDP is another option for label distribution, but is no longer used or implemented
19
BGP-Based Label Distribution

Used in the context of MPLS VPNs Need multi-protocol extensions to BGP
Referred to at M-BGP Uses AFI/SAFI
Extension to the BGP protocol in order to carry routing information about other protocols
Multicast
MPLS IPv6 VPN-IPv4 Labeled IPv6 unicast (6PE)
VPN-IPv6 (6VPE)
Exchange of Multi-Protocol NLRI must be negotiated at session set up
Utilizes BGP Capabilities Advertisement negotiation procedures

VPN edge routers need to be BGP peers Label mapping info carried as part of NLRI (Network Layer Reachability Information)
20

IP Routing
Label Distribution
MPLS Environment
21
General Context
At Edge (ingress):
Classify packets Label them
(CE) Customer Edge
In Core:
Forward using labels (as opposed to IP addr) Label indicates service class and destination
Edge Label Switch Router (PE) Provider Edge
Label Switch Router (LSR) (P) Provider
Label Distribution Protocol (LDP/TDP, RSVP,BGP)
At Edge (egress):
Remove Label (PE) Provider Edge
22
Operation
Traditional routing
Each router holds entire routing table and forwards to next hop (destination based routing); routes on L3 Destination address
MPLS combines L3 routing with label swapping and forwarding MPLS Forwarding
Label imposed at ingress (ingress to label-switched portion of network) router. Generally, all forwarding decisions then made on label only no routing table lookups but TFIB table lookups.
Tag stripped at egress

23

IP Routing
Label Distribution
MPLS Environment
24
MPLS Example: Routing Information

Out In Address Out Iface Label Label Prefix Out In Address Out Iface Label Label Prefix Out In Address Out Iface Label Label Prefix
128.89 171.69
1 1
128.89 171.69
0 1
128.89
0 1 0
128.89
You Can Reach 128.89 Thru Me You Can Reach 128.89 and 171.69 Thru Me
1
Routing Updates (OSPF, EIGRP, )

You Can Reach 171.69 Thru Me

171.69
25
MPLS Example: Assigning Labels

Out In Address Out Label Iface Label Prefix Out In Address Out Label Iface Label Prefix Out In Address Out Label Iface Label Prefix
128.89 171.69
1 1
4 5
4 5
128.89 171.69
0 1
9 7
128.89
0 1
128.89
Use Label 9 for 128.89 Use Label 4 for 128.89 and Use Label 5 for 171.69
1
Label Distribution Protocol (LDP)

(downstream allocation)
171.69
Use Label 7 for 171.69

26
MPLS Example: Forwarding Packets

Out In Address Out Label Iface Label Prefix Out In Address Out Label Iface Label Prefix Out In Address Out Label Iface Label Prefix
128.89
171.69
1 1
4 5
4
5
128.89 171.69
0 1
9 7
128.89
MPLS network egress point 1 0
128.89 Data
128.89.25.4
9
1
128.89.25.4
Data
128.89.25.4 Data
128.89.25.4
Data
Label Switch Forwards Based on Label
27
Cisco Products Supporting MPLS
28
Cisco Platforms Supporting MPLS

(in a Single Slide)
Platform Support
2691 Notes 3631 Platforms shown were derived for 3640 supporting MPLS-VPN and LDP. 3660 Some lower-end platforms support 3725 several basic MPLS CE features 3745 Multi-VRF CE (aka VRF-Lite). These 7200 include: 7300 3550 (Requires EMI) 7400 7500 2600 Series Routers 10000 Cisco 7600 Supports L2/L3 MPLS 10700 Features w/ MSFC2/PFC2 12000 New SUP720-3bXL processor, 12000-PRP primary choice for MPLS function AS5350 in Catalyst 6500/Cisco 7600 IGX 8400-URM/RPM-RP/XF Catalyst 6K/7600 SUP2/MSFC2 Cisco 7600 SUP720-3BXL Important: Some features are dependent on product model, interface modules (i.e. Line Cards & Port Adapters), and/or require a software feature license.
29
MPLS In-Depth
Overview of MPLS Services and Applications currently being Deployed
30
Agenda
MPLS Drivers
- Reasons for deploying MPLS
MPLS Applications
- MPLS VPN Layer-3 - Detailed Overview - IOS Examples - MPLS Layer-2 Transport - PWE3/AToM - Application Example - MPLS Traffic Engineering - Fast-ReRoute for Bandwidth Protection - MPLS QoS - Diffserv over MPLS - Diffserv TE (DS-TE) - Guaranteed Bandwidth Service Applications -Useful Implementations Combining Multiple MPLS Services -IP version 6 (IPv6) Transport Methods over MPLS - 6PE/6VPE (IPv6 Edge and VPN Support)
Useful URLs (Reference Information)

31
Why MPLS? - Major Drivers

Provide IP VPN Services
Scalable IP VPN service Build once and sell many Managed Central Services Building value add services and offering them across VPNs (i.e. Multicast, Address Mgmt)
Managing traffic on the network using MPLS Traffic Engineering

Providing tighter SLA/QoS (Guaranteed B/W Services)
Protecting bandwidth - Bandwidth Protection Services are enabling

Service Providers to look at alternate approaches to SONET APS
Integrating Layer 2 & Layer 3 Infrastructure

Layer 2 services such as Frame Relay and ATM over MPLS
Mimic layer 2 services over a highly scalable layer 3 infrastructure
32
Customer Deployment
We are now up to 225+ (Total SP+Enterprise) deployed customers in production networks
Some case studies Documented Very large deployments include a single customer requiring: 30K CEs, ~1000 PEs
MPLS VPNs continues to be majority deployments AToM is the majority in the recent deployments TE Catching on fast
Simple mechanism unequal cost load balancing
QoS Service offering in the MPLS Services

33
MPLS Applications
34
MPLS Layer 3 VPNs
35
Virtual Network Models

Virtual Networks
Virtual Private Networks
Virtual Dialup Networks
Virtual LANs
Overlay VPN
Peer-to-Peer VPN
Layer-2 VPN
Layer-3 VPN
Access lists (Shared router)
Split routing (Dedicated router)
MPLS/VPN
X.25
F/R ATM
GRE
IPSec
36
Overlay Network
Provider sells a circuit service
Customers purchases circuits to connect sites, runs IP

N sites, (N*(N-1))/2 circuits for full meshexpensive The big scalability issue here is routing peers N sites, each site has N-1 peers Hub and spoke is popular, suffers from the same N-1 number of routing peers Hub and spoke with static routes is simpler, still buying N-1 circuits from hub to spokes Spokes distant from hubs could mean lots of long-haul circuits
Provider (FR, ATM, etc.)
37
Peer Network
Provider sells an MPLS-VPN service

Customers purchases circuits to connect sites, runs IP N sites, N circuits into provider Access circuits can be any media at any point (FE, POS, ATM, T1, dial, etc.) Full mesh connectivity without full mesh of L2 circuits Hub and spoke is also easy to build
Provider (MPLS-VPN)
Spokes distant from hubs connect to their local providers POP, lower access charge because of providers size
The Internet is a large peer network
38
MPLS L3 VPNs using BGP (RFC2547)

End user perspective
Virtual Private IP service Simple routing just point default to provider Full site-site connectivity without the usual drawbacks (routing complexity, scaling, configuration, cost)
Major benefit for provider scalability

VPN B VPN A VPN C VPN C VPN B VPN A VPN A
VPN A VPN C VPN B
VPN B VPN C VPN C VPN B

39
MPLS VPN Topology

VPN B/Site 1
11.1/16
CE B1
2
CEA2 CE1B1 RIP P1 Static
12.1/16
VPN C/Site 2
CEB2 RIP
11.2/16
RIP
PE1
BGP
PE2 P2 RIP
VPN B/Site 2
CEA3
Static CEA1 P3 CEB3
16.2/16
BGP PE3
VPN A/Site 2
VPN C/Site 1
40
16.1/16
VPN A/Site 1
12.2/16
VPN Routing and Forwarding Instance (VRF)

PE routers maintain separate routing tables
Global routing table
Contains all PE and P routes (perhaps BGP)

Populated by the VPN backbone IGP VRF (VPN routing and forwarding) Routing and forwarding table associated with one or more directly connected sites (CE routers) VRF is associated with any type of interface, whether logical or physical (e.g. sub/virtual/tunnel) Interfaces may share the same VRF if the connected sites share the same routing information Not virtual routers, just virtual routing and forwarding
41
PE Router Global Routing Table Output

PE2#sh ip route
Gateway of last resort is not set
192.168.1.0/24 is directly connected, Ethernet0/0 192.168.100.0/32 is subnetted, 3 subnets
O C O
192.168.100.1 [110/11] via 192.168.1.1, 00:04:27, Ethernet0/0 192.168.100.2 is directly connected, Loopback0 192.168.100.3 [110/11] via 192.168.1.3, 00:04:27, Ethernet0/0
Routes from PE1s Global Routing Table 192.168.100.2 192.168.100.1 OSPF
CE2
PE2
PE1
42
PE Router VRF Routing Table Output

PE2#sh ip route vrf RED Routing Table: RED
Gateway of last resort is 192.168.100.1 to network 0.0.0.0
172.16.0.0/16 is variably subnetted, 8 subnets, 3 masks C C B 172.16.25.0/30 is directly connected, Serial4/0 172.16.25.2/32 is directly connected, Serial4/0 172.16.20.0/24 [20/0] via 172.16.25.2, 00:07:04 10.0.0.0/24 is subnetted, 1 subnets B 10.0.0.0 [200/307200] via 192.168.100.1, 00:06:28
B* 0.0.0.0/0 [200/0] via 192.168.100.1, 00:07:03
Routes from PE1 172.16.20.0/24
CE2
PE2
172.16.25.2 172.16.25.1
iBGP VPNv4
PE1
10.0.0.0/24
43
Virtual Routing and Forwarding Instances

Define a unique VRF for interface 0 Define a unique VRF for interface 1 Packets will never go between int. 0 and 1 Uses VPNv4 to exchange VRF routing information between PEs No MPLS yet
VPN Routing Table
195.12.2.0/24 VPN-A CE
VRF for VPN-A
VPN-A
0 1
VRF for VPN-B
PE
VPN-B
CE 146.12.7.0/24
Global Routing Table
44
VRF Route Population

Separate Physical Links
VPN1 Customer-2 CE CE Customer-1

eBGP, EIGRP,OSPF, RIPv2,Static
MPLS Domain
PE
iBGP Domain
Separate router per Customer/VPN
VRF is populated locally through PE and CE routing protocol exchange RIP Version 2, OSPF, BGP-4, EIGRP, & Static routing connected is also supported (i.e. Default-gateway is PE) Separate routing context for each VRF routing protocol context (BGP-4 & RIP V2) separate process (OSPF)
45
Carrying VPN Routes in BGP
VRFs by themselves arent all that useful
Need some way to get the VRF routing information off the PE and to other Pes
This is done with BGP
46
Additions to BGP to Carry MPLS-VPN Info
RD: Route Distinguisher
VPNv4 address family

RT: Route Target
Label
47
Route Distinguisher
To differentiate 10.0.0.0/8 in VPN-A from 10.0.0.0/8 in VPN-B 64-bit quantity Configured as ASN:YY or IPADDR:YY
Almost everybody uses ASN
! ip vrf red rd 1:1 route-target export 1:1 route-target import 1:1
Purely to make a route unique

Unique route is now RD:Ipaddr (96 bits) plus a mask on the IPAddr portion
So customers dont see each others routes
48
Route Target
! ip vrf red rd 1:1 route-target export 1:1 route-target import 1:1
To control policy about who sees what routes 64-bit quantity (2 bytes type, 6 bytes value) Carried as an extended community Typically written as ASN:YY Each VRF imports and exports one or more RTs
Exported RTs are carried in VPNv4 BGP Imported RTs are local to the box
A PE that imports an RT installs that route in its routing table

49
VPNv4
In BGP for IP, 32-bit address + mask makes a unique announcement
In BGP for MPLS-VPN, (64-bit RD + 32-bit address) + 32-bit mask makes a unique announcement
Since the route encoding is different, need a different address family in BGP
VPNv4 = VPN routes for IPv4

As opposed to IPv4 or IPv6 or multicast-RPF, etc
VPNv4 announcement carries a label with the route

If you want to reach this unique address, get me packets with this label on them
50
MPLS Layer-3 VPN

Operation Example
51
VRF Population of MP-BGP

Paris
CE
VPN-v4 update: RD:1:27:149.27.2.0/24, Next-hop=PE-1 RT=VPN-A Label=(28)
London
CE
BGP, OSPF, RIPv2 update 149.27.2.0/24,NH=CE-1
PE-1
PE-2
Service Provider Network
PE routers translate into VPN-V4 route

Assigns an RD, SOO (if configured) and RT based on configuration Re-writes Next-Hop attribute (to PE loopback) Assigns a label based on VRF and/or interface Sends MP-BGP update to all PE neighbors
52
VRF Population of MP-BGP

Paris
CE
VPN-v4 update is translated into IPv4 address and put into VRF VPN-A as RT=VPNA and optionally advertised to any attached sites
London
CE
BGP, OSPF, RIPv2 update 149.27.2.0/24,NH=CE-1
PE-1
VPN-v4 update: RD:1:27:149.27.2.0/24, Next-hop=PE-1 RT=VPN-A Label=(28)
PE-2
Service Provider Network
Receiving PE routers translate to IPv4

Insert the route into the VRF identified by the RT attribute (based on PE configuration)
The label associated to the VPN-V4 address will be set on packets forwarded towards the destination
53
MPLS/VPN Packet Forwarding

Between PE and CE, regular IP packets (currently) Within the provider networklabel stack
Outer label: get this packet to the egress PE Inner label: get this packet to the egress CE
MPLS nodes forward packets based on TOP label!!!

any subsequent labels are ignored
Penultimate Hop Popping procedures used one hop prior to egress PE router (shown in example)
54

In Label FEC 197.26.15.1/32 Out Label 41
PE-1
41 28 149.27.2.27
VPN-A VRF 149.27.2.0/24, NH=197.26.15.1 Label=(28)

149.27.2.27
Paris 149.27.2.0/24
London
Ingress PE receives normal IP packets PE router performs IP Longest Match from VPN FIB, finds iBGP next-hop and imposes a stack of labels <IGP, VPN>
55

In Label 28(V) FEC 149.27.2.0/24 Out Label In Label 41 FEC 197.26.15.1/32 Out Label POP
VPN-A VRF 149.27.2.0/24, NH=Paris
PE-1
28 149.27.2.27 41 28 149.27.2.27
VPN-A VRF 149.27.2.0/24, NH=197.26.15.1 Label=(28)

149.27.2.27
149.27.2.27
Paris 149.27.2.0/24
London
Penultimate PE router removes the IGP label

Penultimate Hop Popping procedures (implicit-null label)
Egress PE router uses the VPN label to select which VPN/CE to forward the packet to VPN label is removed and the packet is routed toward the VPN site
56
Things to Note
Core does not run VPNv4 BGP!
Same principle can be used to run a BGP-free core for an IP network
CE does not know its in an MPLS-VPN Outer label is from LDP/RSVP

Getting packet to egress PE is mutually independent to MPLS-VPN
Inner label is from BGP

Inner label is there so the egress PE can have the same network in multiple VRFs
57
VRF Route Population

Separate Physical Links
VPN1 Customer-2 CE CE Customer-1

eBGP, EIGRP,OSPF, RIPv2,Static
MPLS Domain
PE
iBGP Domain
Separate router per Customer/VPN
VRF is populated locally through PE and CE routing protocol exchange RIP Version 2, OSPF, BGP-4, EIGRP, & Static routing connected is also supported (i.e. Default-gateway is PE)
Separate routing context for each VRF routing protocol context (BGP-4 & RIP V2)
separate process (OSPF)

58
Multi-VRF CE (VRF-lite)
VPN1 VPN1
Single Physical Link Logical Link per VRF Layer-2 must support logical separation 802.1q, FR/ATM VCs
NO Labels Required
MPLS Domain
VPN2
CE
Routing Updates
PE
iBGP Domain
Single router supporting Multiple VRF Instances
Each VRF separation on the PE is extended to the CE

Separation is maintained via layer-2 transport that support logical separation (e.g. 802.1Q, FR/ATM VCs CE router must be capable of supporting VRFs CE is not required to support MPLS labels Routing protocol options from CE-PE remain the same (e.g. BGP, RIPv2, OSPF, EIGRP, static)
59
Customers Connecting to a Layer-3 VPN Service

What routing protocol is supported by the carrier (CE-PE)?
What address space do they allow for CE-PE subnet? What layer-2 transport is required/supported from CE-PE? Do they provide a QoS SLA?
Concerning QoS, do they require DSCP or ToS settings from the CE to their PE?
Do they manipulate DSCP/ToS based on congestion in their network? What other services do they have on their roadmap of Service Offerings (Example: IPv6, IP Multicast, Tighter QoS SLA offering, other??) Understand the resiliency in the core Do they offer LEC diversification or bypass?
60
Validating Cisco MPLS Based IP-VPN as a Secure Network

Miercom independent testing confirmed Cisco MPLS VPN is secure:
revealed to the outside world
POS 2/0 100.200.110.1 POS 1/1 100.200.106.1
LONDON GSR12008 100.200.200.107

POS 1/0 100.200.103.1 OC3 POS
OC3 POS
Customers network topology is not

Customers can maintain own
addressing plans and the freedom to use either public or private address space
POS 1/0 100.200.106.2 SER 5/0:0 100.200.104.1
GLASCOW 7206 100.200.200.106

ATM 1/0 100.200.105.1
POS 1/0 100.200.112.1 OC3 POS
OXFORD 7206 100.200.200.103

Ser 5/0:0 100.200.101.1
POS 2/0 100.200.103.2 Ser 3/0 100.200.102.1
Si
DOVER 7505 100.200.200.112

SER 1/0/1:0 100.200.110.1
Si
Si
T1 FR dlci 104 RIP v2 SER 1/0:0 100.200.104.2
pvc 1/1 OS PF ATM1/0 100.200.105.2
POS 2/1/0 100.200.112.2 T1 FR dlci 101 OSPF Ser 0 100.200.101.2 T1 FR dlci 102 eBGP AS72
ATM2/0/0 100.200.111.1
SER 1/0/0:0 100.200.109.1 T1 FR dlci 109 RIP v2 Ser 0 100.200.109.2 Ser 1/0 100.200.110.2
Ser 0/0 100.200.102.2
10.5.5.5
T1 FR dlci 110 Static
pvc 0/11 eBGP AS71 ATM1/0 100.200.111.2 10.4.4.4
3.4.4.4
BLUE-Glascow
3640 100.200.200.105
RED-Glascow
2611 100.200.200.104
BLUE-Oxford BLUE-Dover
2611 100.200.200.110 10.3.3.3 3.5.5.5 10.3.3.3 1750 100.200.200.101
10.4.4.4
Attackers cannot gain access into Impossible for attacker to insert
RED-Dover
1750 100.200.200.109
YELLOW-Dover
3640 100.200.200.111
YELLOW-Oxford
3640 100.200.200.102
VPNs or Service Providers network spoofed label into a Cisco MPLS network and thus gain access to a VPN or the MPLS core
Test Network Topology

Security
http://mier.com/reports/cisco/MPLS-VPNs.pdf
61
Managed Shared Services Are The Future of Centralized Services

Cisco IOS - Key enabler to Centralized Add-on Services in MPLS-VPNs
Centralized Services
Co-Location
Centralized Hosting Services

Managed Security Managed Network Services Platform Services E-Comm App Mgmt
Centralized Application Services

Business Logic Customer Relation
L2/L3 L2/L3 Connectivity Connectivity For VPNs
Data Center Space
Basic Hosting
Multicast VPN
IP Address Management
VPN Aware NAT

VPN Aware HSRP/VRRP VPN Select
Value Added Services

62
mVPN : Concept & Fundamentals

Receiver 4
Join high bandwidth source
CE
A
New York
CE
B1
San Francisco
CE
B2
Receiver 1
CE
E
Customer CE devices joins the MPLS Core through providers PE devices The MPLS Core forms a Default MDT for a given Customer
CE A High-bandwidth source
F
A B
PE PE
E
PE Default MDT
For low Bandwidth & control traffic only. Los Angeles
MPLS VPN Core
Data MDT
D C
For High Bandwidth traffic only.
for that customer starts sending traffic Interested receivers 1 & 2 join that High Bandwidth source Data-MDT is formed for this High-Bandwidth source
PE PE
Receiver 3
CE
D
Dallas
CE
High bandwidth multicast source

Join high bandwidth source
Receiver 2
63
MPLS Layer-2 Transport
64
Pseudo Wire Cisco IETF Technology Adoption

Layer 2 Transport
L2TPv3
draft-ietf-l2tpext-l2tp-base-07.txt draft-ietf-l2tpext-l2tpmib-base-01.txt MPLS (P2P, formerly draft-martini) draft-ietf-pwe3-control-protocol-01.txt draft-ietf-pwe3-[atm, frame-relay, ethernet, etc.]
Layer 2 VPN (VPLS)

draft-lasserre-vkompella-ppvpn-vpls-02.txt
Auto-Provisioning
draft-ietf-ppvpn-bgpvpn-auto-02.txt (BGP auto-discovery)
65
Any Transport Over MPLS
AToM
Layer 2 Transport for MPLS Networks

HDLC/PPP Frame Relay Ethernet (802.1Q) ATM AAL5 & Cell Relay
66
Motivation for AToM

Protect existing investment while building packet core
Frame Relay and ATM Non-IP protocols SNA, IPX
Trunk customer traffic

Trunk customers IGP across the provider backbone Especially when the customer is connecting over disparate media
Provider devices forward customer packets based on Layer 2 information

Circuits (ATM/FR), MAC address CPE-based Tunnels (e.g. IPSEC) analogous to circuits Possibility of a new service (VPLS emulated LAN)
Good fit for customers that either

Simply want connectivity Have non-IP protocols
67
AToM VC Information Exchange

VC labels are exchanged across a directed LDP session between PE routers
Carried in Generic Label TLV within LDP Label Mapping Message (RFC3036 -LDP)
New LDP FEC element defined to carry VC information

FEC element type 128 Virtual Circuit FEC Element; Carried within LDP Label Mapping Message
VC information exchanged using Downstream Unsolicited label distribution procedures

Described in draft-martini-l2circuit-trans-mpls
68
AToM Label Mapping Exchange
CE1
1. L2 transport route entered on ingress PE 4. PE1 sends label mapping message containing VC FEC TLV & VC label TLV
PE2 repeats steps 1-5 so that bidirectional label/VCID mappings CE are established
3. PE1 allocates VC label for new interface & binds to configured VCID
PE1
2. PE1 starts LDP session with PE2 if one does not already exist
PE2
5. PE2 receives VC FEC TLV & VC label TLV that matches local VCID
Tunnel Label
VC Label
PDU
Bi-directional Label/VCID mapping exchange

69
Layer 2 Integration ATM/FR over MPLS

Two different requirements for the transport of ATM across an MPLS backbone
- Transport of AAL5 encapsulated frames (RFC1483); - Transport of ATM cells (cell relay)
QoS Options, Mapping: L2IPEXP Any Transport over MPLS (AToM) Tunnel MPLS Backbone Cells/frames with labels
PE Virtual Leased Line
PE
ATM/FR
ATM/FR Virtual Circuits
AToM FR will support DLCI to DLCI switching

CPE Router
Both local and distributed connectivity; PE will act as DCE or NNI Interface; Different encapsulation may be used on both ends of the PVC e.g Cisco encapsulation on one end and IETF (RFC 1490) encapsulation on the other end
CPE Router
70
Layer 2 Integration - Ethernet over MPLS

Ethernet Segment ISP C Enterprise LAN
MPLS Network
ISP A
PE
PE PE
ISP B
ISP 2
PE
ISP 1 PE ISP 3 PE Ethernet Segment Enterprise LAN
Port-mode Allows a frame coming into an interface to be packed into an MPLS packet VLAN-mode Forwards frames from a SRC 802.1Q VLAN to a DST 802.1Q VLAN
71
PPP/HDLC over MPLS

DSL Cable BBFW
End to End PPP Session Remote Hosting & Backhaul
Content Cache DNS, AAA
Broadband Access
MPLS Network
Customer Edge Customer Edge
PPP/HDLC over MPLS
End to End PPP/HDLC Session
72
Example: ATM KG connection over ATM Cell Relay (AToM)

7505-AToM-PE#sh atm vc VCD / Interface Name 2/0/0.100 4 VPI 0 VCI Type 100 PVC Encaps AAL0 Peak Avg/Min Burst Kbps Kbps Cells Sts 149760 N/A UP
ATM KG
L0: 192.168.100.11/32
ATM KG
OC-3
.2
P
2.0/24
OC-3
.1
PVC 0/200
7507
192.168.0.0/24
FE
4.0/24
FE
.2 .2
PE1
7505
.1 .1
FE
PVC 0/200
PE2
7200
L0: 192.168.100.12/32
Pseudo-wire LSP
L0: 192.168.100.10/32
3.0/24
interface ATM2/0/0 no ip address no atm ilmi-keepalive no atm enable-ilmi-trap! ! interface ATM2/0/0.200 point-to-point no atm enable-ilmi-trap pvc 0/200 l2transport encapsulation aal0 xconnect 192.168.100.12 200 encapsulation mpls
interface ATM2/0/0 no ip address no atm ilmi-keepalive no atm enable-ilmi-trap! ! interface ATM2/0/0.200 point-to-point no atm enable-ilmi-trap pvc 0/200 l2transport encapsulation aal0 xconnect 192.168.100.10 200 encapsulation mpls
73
MPLS AToM show Output

7200-AToM-PE# show mpls l2 vc Local intf Local circuit Dest address --------------VC ID ---------200 Status ---------UP 7200-AToM-PE# show mpls l2 vc detail Local interface: AT2/0/0 up, line protocol up, ATM VPC CELL 0 Destination address: 192.168.100.10, VC ID: 200, VC status: up
------------- -------------------AT4/0 ATM VPC CELL 0
192.168.100.10
Preferred path: not configured

Default path: active Tunnel label: imp-null, next hop point2point Output interface: Tu200, imposed label stack {16} Create time: 23:16:48, last status change time: 16:53:49 Signaling protocol: LDP, peer 192.168.100.12:0 up MPLS VC labels: local 16, remote 16 Group ID: local 0, remote 0 MTU: local n/a, remote n/a Remote interface description: Sequencing: receive disabled, send disabled VC statistics: packet totals: receive 9693985, send 777914411
byte totals: receive 581639100, send 3725191700

packet drops: receive 0, send 0
74
Building on the theme One Network Any Access

Any to Any connectivity (Future)
Interworking between disparate transports Use AToM control plane to do service interworking
Frame Relay to ATM Frame Relay to Ethernet Ethernet to ATM Frame Relay to HDLC/PPP Ethernet to POS . . MPLS
Frame Relay ATM Ethernet PPP Cisco HDLC
Frame Relay ATM Ethernet PPP Cisco HDLC

75
VPLS Building Blocks

Based on:
draft-lasserre-vkompella-ppvpn-vpls-02.txt
Common VC ID between PEs creates a Virtual Switching Instance
MPLS enabled core forms Tunnel LSPs
PE
PE
CE
MPLS
CE
Full Mesh of directed LDP sessions exchange VC Labels
Attachment VCs are Port Mode or VLAN ID
CE
76
MPLS Traffic Engineering

Bandwidth Protection using MPLS Traffic Engineering with Fast ReRoute (FRR)
77
Traffic Engineering - Theory

MPLS-TE was designed to move traffic along a path other than the IGP shortest path
Bring ATM/FR traffic engineering abilities to an IP network Avoid full IGP mesh and n(n 1)/2 flooding Bandwidth-aware connection setup
Fast ReRoute (FRR) is emerging as another application of MPLS-TE Bandwidth Protection: Allows for tighter control on bandwidth packet loss, delay & jitter
Minimal packet loss (msec) when a link goes down Can be used in conjunction with MPLS-TE for primary paths, can also be used in standalone
Provide Virtual Leased Lines DS-TE + QoS

Intelligent network infrastructure for better bandwidth guarantees (DS-TE, Online Bandwidth Protection, Voice VPNs etc)
78
The Problem with Shortest-Path

Some links are DS3, some are OC-3
Node B C D E F G Next-Hop B C C B B B Cost 10 10 20 20 30 30
Router A has 40Mb of traffic for Route F, 40Mb of traffic for Router G Massive (44%) packet loss at Router B->Router E! Changing to A->C->D->E wont help
Router F Router E
Router B
Router A
OC-3 DS3
OC-3
Router G
OC-3
Router C
DS3 DS3
Router D
OC-3
79
Path Calculation
PCALC takes bandwidth, other constraints into account
Node B C D E F G Next-Hop B C C B Tunnel 0 Tunnel 1 Cost 10 10 20 20 30 30
Link state protocol advertises unreserved capacity Constraints (required bandwidth and policy) are specified for a TE trunk
Router B
End result: Bandwidth used more efficiently!

Router F Router E
Router A
OC-3 DS3
OC-3
Router G
OC-3
Router C
DS3 DS3
Router D
OC-3
80
Forwarding Traffic Down a Tunnel

There are three ways traffic can be forwarded down a TE tunnel
Auto-route Static routes Policy routing
With the first two, MPLS-TE gets you unequal cost load balancing
81
Fast ReRoute
FRR: A mechanism to minimize packet loss during a failure Pre-provision protection tunnels that carry traffic when a protected resource (link/node) goes down Use MPLS-TE to signal the FRR protection tunnels, taking advantage of the fact that MPLSTE traffic doesnt have to follow the IGP shortest path Used as a mechanism (along with DS-TE) for tight SLA offerings for Guaranteed Bandwidth Services
82
Link Protection*
Router A Router B Router D Router E
Router X Router C
Router Y
Primary Tunnel: A -> B -> D -> E BackUp Tunnel: B -> C -> D (Pre-provisioned) Recovery = ~50ms
*Introduced in 12.0(11)ST
83 MPLS Intro and Services Update
Node Protection
Router A Router B Router D Router E Router F
Router X Router C
Router Y
Primary Tunnel: A -> B -> D -> E -> F BackUp Tunnel: B -> C -> E (Pre-provisioned) Recovery = ~100ms
Introduced in 12.0(22)S
84
Standardization - IETF
MPLS Working Group
Fast Reroute Extensions:
draft-ietf-mpls-rsvp-lsp-fastreroute-01.txt Fast Reroute MIB: draft-ietf-mpls-fastreroute-mib-01.txt
IETF Drafts
Bandwidth Protection draft-vasseur-mpls-backup-computation-01.txt
Path Computation (eg. Inter-AS)

draft-vasseur-mpls-computation-rsvp-02.txt
85
MPLS QoS
86
DiffServ over MPLS
MPLS doesnt define a new QoS architecture Most of the work on MPLS QoS has focused on supporting current IP QoS architectures Same traffic conditioning and Per-Hop behaviors as defined by DiffServ
87
Label Header for Packet Media

0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Label
EXP S
TTL
Label EXP S TTL
20 bits Experimental Field, 3 bits Bottom of Stack, 1 Bit Time to Live, 8 Bits
Can be used over other layer-2 technologies Contains all information needed at forwarding time
One 32-bit word per label

EXP field size limitation by standards
88
Diff-Serv Support Over MPLS

LDP/RSVP LDP/RSVP
E-LSP
AF1 EF
Diff-Serv is supported today over MPLS

RFC3270 Neither more nor less than plain old Diff-Serv
Example above illustrates support of EF and AF1 on single E-LSP

EF (Expedited Forwarding) and AF1 (Assured Forwarding) packets travel on single LSP (single label) but are enqueued in different queues (different EXP values)
89
DiffServ MPLS QoS Implementation

CE CE
FR Link
MPLS Core
FR Link
Enterprise LAN
Enterprise LAN
PE P P PE
CE Out FR TS LLQ WRED FRF.12 cRTP
PE In Police Mark
PE - P LLQ WRED
P-P LLQ WRED
P - PE LLQ WRED
PE Out LLQ WRED
Notes: -Traffic Classified by EXP - Core is MPLS Frame-mode - LLQ on MPLS packets - WRED based on EXP - No need for inbound policy in Core -LLQ for Min B/W guarantee -Unmanaged CE example shown
90
Relationship between MPLS TE and MPLS Diff-Serv

Diff-Serv specified independently of Routing/Path Computation MPLS Diff-Serv (RFC3270) specified independently of Routing/Path Computation MPLS TE designed as tool to improve backbone efficiency independently of QoS:
MPLS TE compute routes for aggregates across all Classes MPLS TE performs admission control over global bandwidth pool for all Classes (i.e., unaware of bandwidth allocated to each queue)
MPLS TE and MPLS Diff-Serv:

can run simultaneously can provide their own benefit (ie TE distributes aggregate load, Diff-Serv provides differentiation)
are unaware of each other (TE cannot provide its benefit on

a per class basis such as CAC and constraint based routing)
91
MPLS TE with Best Effort Network

Find Route and Set-Up Tunnel for 20 Mb/s (Aggregate) From POP1 to POP4 Find Route and Set-Up Tunnel for 10 Mb/s (Aggregate) From POP2 to POP4
POP 1
CORE
POP 4
POP 2
POP
POP
POP
92
MPLS TE with DiffServ Network

Find Route and Set-Up Tunnel for 20 Mb/s (Aggregate) From POP1 to POP4 Find Route and Set-Up Tunnel for 10 Mb/s (Aggregate) From POP2 to POP4
POP 1
CORE
POP 4
POP 2
POP
POP
POP
93
DiffServ aware Traffic Engineering (DS-TE)

DS-TE is more than MPLS TE + MPLS DiffServ
DS-TE makes MPLS TE aware of DiffServ:

DS-TE establishes separate tunnels for different classes DS-TE takes into account the bandwidth available to each class (e.g. to queue) DS-TE takes into account separate engineering constraints for each class e.g. I want to limit Voice traffic to 70% of link max, but I dont mind having up to 100% of BE traffic. e.g I want overbook ratio of 1 for voice but 3 for BE
DS-TE ensures specific QoS level of each DiffServ class is achieved

94
DS-TE Configuration Example Tunnel Midpoint

Data Plane
Bandwidth Allocation
! class-map match-all PREMIUM match mpls experimental 5 ! class-map match-all BUSINESS match mpls experimental 3 4 ! policy-map OUT-POLICY class GOLD priority 16384 class SILVER bandwidth 65536 Bandwidth random-detect Allocation class class-default random-detect ! interface POS1/0 ip address 10.150.1.1 255.255.255.0 ip rsvp bandwidth 155000 155000 sub-pool 16384 service-policy output OUT-POLICY mpls traffic-eng tunnels mpls ip !
Control Plane
Bandwidth Allocation
95
MPLS DS-TE with DiffServ Network

Find Route and Set-Up Tunnel for 5 Mb/s of EF From POP1 to POP4 Find Route and Set-Up Tunnel for 3 Mb/s of EF From POP2 to POP4
POP 1
CORE
POP 4
POP 2
POP
POP
Find Route and Set-Up Tunnel for 15 Mb/s of BE From POP1 to POP4 Find Route and Set-Up Tunnel for 7 Mb/s of BE From POP2 to POP4
POP
96
MPLS QoS Applications for Multi-Service
97
MPLS QoS Applications for Multi-Service

MPLS QoS General
MPLS Diffserv MPLS TE MPLS FRR (applies to strict QoS) Diffserv-TE (DS-TE)
Combination = Guaranteed Bandwidth Services

Applications Voice Trunking over TE Virtual Leased Line Services
98
Solution 1: Toll Bypass with Voice Network
PSTN Traditional TDM Network
FRR Protection of Tunnel Traditional Phone PBX with Packet Interface PBX with Packet Interface Traditional Phone
Toll Bypass
PE
TE Tunnel
PE
Solution Requirements
QoS on PE Router
Mapping Traffic to Tunnels
QoS on Core Routers
TE or DS-TE
99
Solution 2: Toll Bypass with Voice/Data Converged Network
PBX with Circuit Emulation Interface
PSTN Traditional TDM Network
CE
FRR Protection of Tunnel
CE
Enterprise LAN PE
Toll Bypass
Enterprise LAN PE
TE Tunnel
Solution Requirements
QoS on CE Router
QoS on PE Router
Mapping Traffic to Tunnels
QoS on Core Routers
TE or DS-TE
100
Solution 3: Virtual Leased Lines ATM Networks Using AToM

Two different requirements for the transport of ATM across an MPLS backbone
Transport of AAL5 encapsulated frames (RFC1483); Transport of ATM cells (cell relay)
Future QoS Mapping: L2IPEXP FRR Protection of Tunnel Any Transport over MPLS (AToM) Tunnel MPLS Backbone
PE Virtual Leased Line (DS-TE + QoS)
DS-TE Tunnel
PE
ATM
ATM ATM Virtual Circuits
CPE Router
CPE Router
TE Tunnel Selection for AToM Attachment VCs

101
DS- TE - Standardization - IETF

Standardization effort initiated by Cisco mid 2000 Now major work item of TEWG with broad support from SPs & vendors
DS-TE Requirements: on its way to RFC (IETF Last Call)

draft-ietf-tewg-diff-te-reqts-06.txt
DS-TE Protocol Extensions: Working Group document

Draft-ietf-tewg-diff-te-proto-02.txt
Consensus on protocol extensions

Selection of Bandwidth Constraints model still under discussion
Uses the Russian Dolls Bandwidth Constraint Model
102
IPv6 over MPLS
(6PE/6VPE)
103
MPLS as a Foundation for Services

6VPE 6PE IPv6 over MPLS QoS/ Tight SLAs Any Transport Over MPLS
VPNs
Traffic Engineering
GMPLS
MPLS
Network Infrastructure
104
IPv6 Edge Router (6PE) over MPLS

2001:0620:: 134.95.0.0 2001:0621:: v6 IPv6 v4 IPv4 v6 IPv6 192.76.170.0 v4 6PE IPv4 6PE P P P P 6PE IPv4 6PE
MP-iBGP sessions
IPv6
v6 v6 IPv6
2001:0420:: 2001:0421::
OC48/192
v4 144.254.0.0
Many Carriers, large ISP and Mobile SP have invested on MPLS infrastructure Core devices may be ATM switches, GSR or other vendors routers
Leverages MPLS features, eg. MPLS/VPN, TE, CoS,...
Multiple implementations options to integrate IPv6

IPv6 on CE, IPv6 over AToM, IPv6 Edge router (6PE), native IPv6 MPLS 6PE allows the SP to offer IPv6 at lower cost and risk
105
IPv6 VPN Provider Edge Router: 6VPE

2001:0620:: 145.95.0.0 V6 and V4
MP-iBGP sessions
2001:0420:: V6 and v4 145.96.0.0

2001:0421:: 6VPE V6 and v4 192.254.10.0 Dual Stack IPv4-IPv6 routers
6VPE
Dual Stack IPv4-IPv6 routers 2001:0621:: CE 192.76.10.0 V6 and v4
P
6VPE
IPv4 MPLS
P
6VPE
v4 CE
v4 CE
For VPN customers (RFC 2547bis), IPv6 VPN service is exactly the same as IPv4 VPN service
IPv6 packets transported from 6VPE to 6VPE inside IPv4 LSPs (IPv4 Core) For ISP offering MPLS/VPN for IPv4 that wish to add IPv6 services as well
- No modification on the MPLS core - Support both IPv4 and IPv6 VPNs concurrently on the same interfaces
- Configuration and operations of IPv6 VPNs exactly like IPv4 VPNs

106
Generalized MPLS (GMPLS)
Reduces the multiple layers into a single, integrated, control layer Extends MPLS control plane to address optical layer constraints and attributes Leverages IP layer management simplicity and distributed intelligence Provides sophisticated traffic engineering capabilities for resource management and control
107
UCP GMPLS Phase 4 Integrated IP+Optical Intelligence

GMPLS-Based Standard NNI Single MPLS and GMPLS IP+Optical Control Plane Concurrent Peer and UNI Overlay Operation Topology Visibility for Coordinated Routing and Restoration Advanced Smart BW Services
Router
NNI
IP+Optical
Router
NNI
Management Plane
Client
UNI
Metro Multi-Service OTN
NNI
NNI
Metro Multi-Service OTN
GMPLS Enabled Control Plane

108
Summary
MPLS is much more than label switching MPLS allows an IP infrastructure to be Service Enabled Allows the SP/Enterprise to offer multiple Services across a single infrastructure AToM allows layer-2 transport across an MPLS infrastructure Combining TE, TE-FRR, and DS-TE, allows very tight SLAs offerings with high-availability for low-latency applications (e.g. Voice and Virtual Leased Line) MPLS Services will continue to evolve and allow the integration of more Services across a single infrastructure
109
MPLS Further Reading
110
Further Reading - Books
Books
MPLS: Technology and Applications by Bruce S. Davie, Yakov Rekhter ISBN: 1558606564 Traffic Engineering with MPLS by Eric Osborne, Ajay Simha ISBN: 1587050315 MPLS and VPN Architectures, Volume I by Ivan Pepelnjak, Jim Guichard ISBN: 1587050811 MPLS and VPN Architectures, Volume II by Ivan Pepelnjak, Jim Guichard, Jeff Apcar Advanced MPLS Design and Implementation by Vivek Alwayn ISBN: 158705020X ISBN: 1587051125
111
MPLS Links
Link to MPLS Home Page (CCO):
http://www.cisco.com/warp/public/732/Tech/mpls/
MPLS Technical Documents (CCO): http://www.cisco.com/warp/public/732/Tech/mpls/mpls_techdoc.shtml Link to Tunnel Builder Home Page:
http://www.cisco.com/warp/public/732/Tech/mpls/tb/
Link to MPLS Working Group Page (IETF): http://www.ietf.org/html.charters/mpls-charter.html
112
Select MPLS RFCs

Requirements for Traffic Engineering over MPLS (RFC 2702) Multiprotocol Label Switching Architecture (RFC 3031) MPLS Label Stack Encoding (RFC 3032)
MPLS using LDP and ATM VC Switching (RFC 3035)

LDP Specification (RFC 3036) Carrying Label Information in BGP-4 (RFC 3107) RSVP-TE: Extensions to RSVP for LSP Tunnels (RFC 3209) MPLS Support of Differentiated Services (RFC 3270) MPLS/BGP VPNs (RFC 2547 Informational, de facto standard)
All but the first have one or more Cisco co-authors
113
MPLS Links
Link to MPLS Home Page (CCO):
http://www.cisco.com/warp/public/732/Tech/mpls/
MPLS Technical Documents (CCO): http://www.cisco.com/warp/public/732/Tech/mpls/mpls_techdoc.shtml Link to Tunnel Builder Home Page:
http://www.cisco.com/warp/public/732/Tech/mpls/tb/
Link to MPLS Working Group Page (IETF): http://www.ietf.org/html.charters/mpls-charter.html
114
Presentation_ID MPLS Intro and Services Update
115
Backup Slides
116
Terminology, 1/2
RRRoute Reflector
A router (usually not involved in packet forwarding) that distributes BGP routes within a providers network
PEProvider Edge router

The interface between the customer and the MPLS-VPN network; only PEs (and maybe RRs) know anything about MPLS-VPN routes
PProvider router
A router in the core of the MPLS-VPN network, speaks LDP/RSVP but not VPNv4
CECustomer Edge router

The customer router which connects to the PE; does not know anything about labels, only IP (most of the time)
LDPLabel Distribution Protocol

Distributes labels with a providers network that mirror the IGP, one way to get from one PE to another
LSPLabel Switched Path

The chain of labels that are swapped at each hop to get from one PE to another
117
Terminology, 2/2
VPNVirtual Private Network
A network deployed on top of another network, where the two networks are separate and never communicate
VRFVirtual Routing and Forwarding instance

Mechanism in IOS used to build per-interface RIB and FIB
VPNv4
Address family used in BGP to carry MPLS-VPN routes
RD
Route Distinguisher, used to uniquely identify the same network/mask from different VRFs (i.e., 10.0.0.0/8 from VPN A and 10.0.0.0/8 from VPN B)
RT
Route Target, used to control import and export policies, to build arbitrary VPN topologies for customers
118

BNL MPLS Intro Services

Transféré par

Informations du document

Description originale:

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

BNL MPLS Intro Services

Transféré par

Droits d'auteur :

Formats disponibles

MPLS Basics and In-Depth

MPLS Brief Overview and In-depth Session

MPLS Intro and Services Update

2004, Cisco Systems, Inc. All rights reserved.

MPLS History Technology Basics

MPLS Intro and Services Update

2004, Cisco Systems, Inc. All rights reserved.

Traffic Engineering Deployed

MPLS Intro and Services Update

2004, Cisco Systems, Inc. All rights reserved.

-Link layers include:

MPLS as a Foundation for Value Added Services

Any Transport Over MPLS

MPLS Intro and Services Update

2004, Cisco Systems, Inc. All rights reserved.

MPLS Technology Basics

Intro to MPLS AT Seminar

2004, Cisco Systems, Inc. All rights reserved.

MPLS Technology Basics

MPLS Intro and Services Update

2004, Cisco Systems, Inc. All rights reserved.

Packets Forwarded Based on IP Address

MPLS Intro and Services Update

2004, Cisco Systems, Inc. All rights reserved.

MPLS Technology Basics

MPLS Intro and Services Update

2004, Cisco Systems, Inc. All rights reserved.

MPLS Intro and Services Update

2004, Cisco Systems, Inc. All rights reserved.

Label Header for Packet Media

Label = 20 bits S = Bottom of Stack, 1 bit

COS/EXP = Class of Service, 3 bits TTL = Time to Live, 8 bits

Outer label used to route/switch the MPLS packets in the network

Allows building services such as:

VPNs over traffic engineered core

MPLS Intro and Services Update

2004, Cisco Systems, Inc. All rights reserved.

MPLS Technology Basics

MPLS Intro and Services Update

2004, Cisco Systems, Inc. All rights reserved.

Control and Forward Plane Separation

Label Bind Updates/ Adjacency

MPLS Intro and Services Update

2004, Cisco Systems, Inc. All rights reserved.

MPLS Technology Basics

MPLS Intro and Services Update

2004, Cisco Systems, Inc. All rights reserved.

Label Distribution Protocol (LDP)

Advertise labels per FEC

MPLS Intro and Services Update

2004, Cisco Systems, Inc. All rights reserved.

TDP and LDP

Used for Cisco tag switching

TDP and LDP supported on the same box

MPLS Intro and Services Update

2004, Cisco Systems, Inc. All rights reserved.

RSVP and Label Distribution

MPLS Intro and Services Update

2004, Cisco Systems, Inc. All rights reserved.

BGP-Based Label Distribution

Exchange of Multi-Protocol NLRI must be negotiated at session set up

Utilizes BGP Capabilities Advertisement negotiation procedures

MPLS Technology Basics