Mpls introduction
Download
1 / 155

MPLS Introduction - PowerPoint PPT Presentation


  • 106 Views
  • Uploaded on

MPLS Introduction. Agenda. Introduction to MPLS LDP MPLS VPN Monitoring MPLS. MPLS Concept. At Edge: Classify packets Label them. In Core: Forward using labels (as opposed to IP addr) Label indicates service class and destination. Edge Label Switch Router (ATM Switch or Router).

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' MPLS Introduction' - ashanti


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Mpls introduction

MPLS Introduction


Agenda
Agenda

  • Introduction to MPLS

  • LDP

  • MPLS VPN

  • Monitoring MPLS


Mpls concept
MPLS Concept

  • At Edge:

    • Classify packets

    • Label them

  • In Core:

    Forward using labels (as opposed to IP addr)

    Label indicates service class and destination

Edge Label Switch Router(ATM Switch or Router)

Label Switch Router (LSR)

  • Router

  • ATM switch + Tag Switch Controller

Label Distribution Protocol (LDP)


Mpls concept1
MPLS concept

  • MPLS: Multi Protocol Label Switching

  • Packet forwarding is done based on Labels.

  • Labels are assigned when the packet enters into the network.

  • Labels are on top of the packet.

  • MPLS nodes forward packets/cells based on the label value (not on the IP information).


Mpls concept2
MPLS concept

  • MPLS allows:

    • Packet classification only where the packet

    • enters the network.

    • The packet classification is encoded as a label.

    • In the core, packets are forwarded without

    • having to re-classify them.

      • - No further packet analysis

      • - Label swapping


Mpls operation

1a. Existing routing protocols (e.g. OSPF, IS-IS) establish reachability to destination networks.

4. Edge LSR at egress removes(POP) label and delivers packet.

1b. Label Distribution Protocol (LDP)

establishes label to destination network mappings.

2. Ingress Edge LSR receives packet, performs Layer 3 value-added services, and labels(PUSH) packets.

3. LSR switches packets using label swapping(SWAP) .

MPLS Operation


Label switch path lsp
Label Switch Path (LSP)

IGP domain with a label distribution protocol

IGP domain with a label distribution protocol

LSP follows IGP shortest path

LSP diverges from IGP shortest path

  • LSPs are derived from IGP routing information

  • LSPs may diverge from IGP shortest path

  • LSPs are unidirectional

    • Return traffic takes another LSP


Encapsulations
Encapsulations

ATM Cell Header

GFC

VPI

VCI

PTI

CLP

HEC

DATA

Label

PPP Header

(Packet over SONET/SDH)

PPP Header

Label Header

Layer 3 Header

LAN MAC Label Header

MAC Header

Label Header

Layer 3 Header


Label header
Label Header

0 1 2 3

  • Header= 4 bytes, Label = 20 bits.

  • Can be used over Ethernet, 802.3, or PPP links

  • Contains everything needed at forwarding time

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

Label

EXP

S

TTL

Label = 20 bits EXP = Class of Service, 3 bits

S = Bottom of Stack, 1 bit TTL = Time to Live, 8 bits


Loops and ttl
Loops and TTL

  • In IP networks TTL is used to prevent packets to travel indefinitely in the network

  • MPLS may use same mechanism as IP, but not on all encapsulations

    • TTL is present in the label header for PPP and LAN headers (shim headers)

    • ATM cell header does not have TTL


Loops and ttl1
Loops and TTL

Label = 25

Label = 21

Label = 39

IP packetTTL = 6

IP packetTTL = 6

IP packetTTL = 6

LSR-1

LSR-3

LSR-2

IP packetTTL = 10

LSR-6

LSR-6 --> 25Hops=4

IP packetTTL = 6

IGP domain with a label distribution protocol

Egress

LSR-5

LSR-4

  • TTL is decremented prior to enter the non-TTL capable LSP

    • If TTL is 0 the packet is discarded at the ingress point

  • TTL is examined at the LSP exit


  • Label assignment and distribution
    Label Assignment and Distribution

    • Labels have link-local significance:

      • Each LSR binds his own label mappings

  • Each LSR assign labels to his FECs

  • Labels are assigned and exchanged

    between adjacent neighboring LSR


  • Label assignment and distribution1
    Label Assignment and Distribution

    Upstream and Downstream LSRs

    • Rtr-C is the downstream neighbor of Rtr-B for destination 171.68.10/24

    • Rtr-B is the downstream neighbor of Rtr-A for destination 171.68.10/24

    • LSRs know their downstream neighbors through the IP routing protocol

      • Next-hop address is the downstream neighbor

    171.68.40/24

    171.68.10/24

    Rtr-A

    Rtr-B

    Rtr-C


    Unsolicited downstream distribution

    Use label 40 for destination 171.68.10/24

    Use label 30 for destination 171.68.10/24

    In

    I/F

    In

    I/F

    In

    I/F

    In

    Lab

    In

    Lab

    In

    Lab

    Address

    Prefix

    Address

    Prefix

    Address

    Prefix

    Out

    I/F

    Out

    I/F

    Out

    I/F

    Out

    Lab

    Out

    Lab

    Out

    Lab

    0

    0

    0

    40

    30

    -

    171.68.10

    171.68.10

    171.68.10

    1

    1

    1

    30

    -

    40

    Next-Hop

    Next-Hop

    Next-Hop

    ...

    ...

    ...

    ...

    ...

    ...

    ...

    ...

    ...

    ...

    ...

    ...

    ...

    ...

    ...

    Unsolicited Downstream Distribution

    • LSRs distribute labels to the upstream neighbors

    171.68.40/24

    171.68.10/24

    Rtr-A

    Rtr-B

    Rtr-C

    IGP derived routes


    On demand downstream distribution

    Use label 30 for destination 171.68.10/24

    Use label 40 for destination 171.68.10/24

    Request label for destination 171.68.10/24

    Request label for destination 171.68.10/24

    On-Demand Downstream Distribution

    171.68.10/24

    171.68.40/24

    Rtr-A

    Rtr-B

    Rtr-C

    • Upstream LSRs request labels to downstream neighbors

    • Downstream LSRs distribute labels upon request


    Label retention modes
    Label Retention Modes

    • Liberal retention mode

      • LSR retains labels from all neighbors

        • Improve convergence time, when next-hop is again available after IP convergence

        • Require more memory and label space

    • Conservative retention mode

      • LSR retains labels only from next-hops neighbors

        • LSR discards all labels for FECs without next-hop

        • Free memory and label space


    Label distribution modes
    Label Distribution Modes

    • Independent LSP control

      • LSR binds a Label to a FEC independently, whether or not the LSR has received a Label the next-hop for the FEC

      • The LSR then advertises the Label to its neighbor

    • Ordered LSP control

      • LSR only binds and advertise a label for a particular FEC if:

        • it is the egress LSR for that FEC or

        • it has already received a label binding from its next-hop


    Router example forwarding packets
    Router Example: Forwarding Packets

    Address

    Prefix

    Address

    Prefix

    Address

    Prefix

    I/F

    I/F

    I/F

    128.89

    128.89

    128.89

    1

    0

    0

    171.69

    1

    171.69

    1

    128.89

    0

    0

    1

    128.89.25.4

    Data

    0

    128.89.25.4

    Data

    1

    128.89.25.4

    Data

    128.89.25.4

    Data

    Packets Forwarded Based on IP Address

    171.69


    Mpls example routing information
    MPLS Example: Routing Information

    Out

    I’face

    OutLabel

    Out

    I’face

    OutLabel

    Out

    I’face

    OutLabel

    In

    Label

    Address

    Prefix

    In

    Label

    Address

    Prefix

    In

    Label

    Address

    Prefix

    128.89

    1

    128.89

    0

    128.89

    0

    171.69

    1

    171.69

    1

    128.89

    0

    0

    1

    You Can Reach 128.89 Thru Me

    You Can Reach 128.89 and 171.69 Thru Me

    1

    Routing Updates (OSPF, EIGRP, …)

    171.69

    You Can Reach 171.69 Thru Me


    Mpls example assigning labels
    MPLS Example: Assigning Labels

    Out

    I’face

    Out

    I’face

    Out

    I’face

    In

    Label

    Address

    Prefix

    In

    Label

    Address

    Prefix

    In

    Label

    Address

    Prefix

    OutLabel

    OutLabel

    OutLabel

    -

    128.89

    1

    4

    4

    128.89

    0

    9

    9

    128.89

    0

    -

    -

    171.69

    1

    5

    5

    171.69

    1

    7

    128.89

    0

    0

    1

    Use Label 9 for 128.89

    Use Label 4 for 128.89 and Use Label 5 for 171.69

    1

    Label Distribution Protocol (LDP)

    (downstream allocation)

    171.69

    Use Label 7 for 171.69


    Mpls example forwarding packets
    MPLS Example: Forwarding Packets

    Out

    I’face

    Out

    I’face

    Out

    I’face

    In

    Label

    Address

    Prefix

    In

    Label

    Address

    Prefix

    In

    Label

    Address

    Prefix

    OutLabel

    OutLabel

    OutLabel

    -

    128.89

    1

    4

    4

    128.89

    0

    9

    9

    128.89

    0

    -

    -

    171.69

    1

    5

    5

    171.69

    1

    7

    128.89

    0

    0

    1

    128.89.25.4

    Data

    9

    128.89.25.4

    Data

    1

    128.89.25.4

    Data

    4

    128.89.25.4

    Data

    Label Switch Forwards Based on Label


    Agenda1
    Agenda

    • Introduction to MPLS

    • LDP

    • MPLS VPN

    • Monitoring MPLS


    Mpls unicast ip routing
    MPLS Unicast IP Routing

    • MPLS introduces a new field that is used for forwarding decisions.

    • Although labels are locally significant, they have to be advertised to directly reachable peers.

      • One option would be to include this parameter into existing IP routing protocols.

      • The other option is to create a new protocol to exchange labels.

    • The second option has been used because there are too many existing IP routing protocols that would have to be modified to carry labels.


    Label distribution protocol
    Label Distribution Protocol

    • Defined in RFC 3036 and 3037

    • Used to distribute labels in a MPLS network

    • Forwarding equivalence class

      • How packets are mapped to LSPs (Label Switched Paths)

    • Advertise labels per FEC

      • Reach destination a.b.c.d with label x

    • Neighbor discovery

      • Basic and extended discovery


    Mpls unicast ip routing architecture
    MPLS Unicast IP Routing Architecture

    LSR

    Control plane

    Exchange of

    routing information

    Routing protocol

    IP routing table

    Exchange of

    labels

    Label distribution protocol

    Data plane

    Incoming

    IP packets

    Outgoing

    IP packets

    IP forwarding table

    Incoming

    labeled packets

    Outgoing

    labeled packets

    Label forwarding table


    Mpls unicast ip routing example

    10.1.1.1

    10.0.0.0/8  1.2.3.4

    10.1.1.1

    L=5 10.1.1.1

    MPLS Unicast IP Routing: Example

    LSR

    Control plane

    OSPF: 10.0.0.0/8

    OSPF:

    10.0.0.0/8  1.2.3.4

    10.0.0.0/8  1.2.3.4

    RT:

    LIB:

    Data plane

    FIB:

    LFIB:


    Mpls unicast ip routing example1

    10.1.1.1

    10.0.0.0/8  1.2.3.4

    , L=3

    L=3 10.1.1.1

    L=3 10.1.1.1

    L=5 10.1.1.1

    L=5  L=3

    MPLS Unicast IP Routing: Example

    LSR

    Control plane

    OSPF: 10.0.0.0/8

    OSPF:

    10.0.0.0/8  1.2.3.4

    RT:

    10.0.0.0/8  1.2.3.4

    LDP: 10.0.0.0/8, L=5

    LIB:

    10.0.0.0/8  Next-hop L=3, Local L=5

    LDP: 10.0.0.0/8, L=3

    Data plane

    FIB:

    LFIB:


    Label allocation in packet mode mpls environment
    Label Allocation in Packet-Mode MPLS Environment

    Label allocation and distribution in packet-mode MPLS environment follows these steps:

    • 1. IP routing protocols build the IP routing table.

    • 2. Each LSR assigns a label to every destination in the IP routing table independently.

    • 3. LSRs announce their assigned labels to all other LSRs.

    • 4. Every LSR builds its LIB, LFIB data structures based on received labels.


    Building the ip routing table
    Building the IP Routing Table

    • IP routing protocols are used to build IP routing tables on all LSRs.

    • Forwarding tables (FIB) are built based on IP routing tables with no labeling information.


    Allocating labels
    Allocating Labels

    Router B assigns label 25 to destination X.

    • Every LSR allocates a label for every destination in the IP routing table.

    • Labels have local significance.

    • Label allocations are asynchronous.


    Lib and lfib set up

    Outgoing action is POP as B has received no label for X from C.

    Local label is stored in LIB.

    LIB and LFIB Set-up

    Router B assigns label 25 to destination X.

    LIB and LFIB structures have to be initialized on the LSR allocating the label.


    Label distribution

    X = 25 C.

    X = 25

    X = 25

    Label Distribution

    The allocated label is advertised to all neighbor LSRs, regardless of whether the neighbors are upstream or downstream LSRs for the destination.


    Receiving label advertisement
    Receiving Label Advertisement C.

    X = 25

    X = 25

    X = 25

    • Every LSR stores the received label in its LIB.

    • Edge LSRs that receive the label from their next-hop also store the label information in the FIB.


    Interim packet propagation

    Label lookup is performed in LFIB, label is removed. C.

    A

    B

    C

    E

    IP lookup is performed in FIB, packet is labeled.

    Interim Packet Propagation

    IP: X

    Lab: 25

    IP: X

    Forwarded IP packets are labeled only on the path segments where the labels have already been assigned.


    Further label allocation

    X = 47 C.

    X = 47

    Further Label Allocation

    Router C assigns label 47 to destination X.

    Every LSR will eventually assign a label for every destination.


    Receiving label advertisement1

    X = 47 C.

    X = 47

    Receiving Label Advertisement

    • Every LSR stores received information in its LIB.

    • LSRs that receive their label from their next-hop LSR will also populate the IP forwarding table (FIB).


    Populating lfib

    X = 47 C.

    X = 47

    Populating LFIB

    • Router B has already assigned label to X and created an entry in LFIB.

    • Outgoing label is inserted in LFIB after the label is received from the next-hop LSR.

    LFIB on B

    Label

    Action

    Next hop

    25

    47

    C


    Packet propagation across mpls network

    Label lookup is performed in LFIB, label is switched. C.

    Ingress LSR

    Egress LSR

    A

    B

    C

    E

    IP lookup is performed in FIB, packet is labeled.

    Label lookup is performed in LFIB, label is removed.

    Packet Propagation Across MPLS Network

    IP: X

    Lab: 25

    Lab: 47

    IP: X


    Steady state description

    Convergence in Packet-mode MPLS C.

    Steady State Description

    • After the LSRs have exchanged the labels, LIB, LFIB and FIB data structures are completely populated.


    Link failure actions
    Link Failure Actions C.

    • Routing protocol neighbors and LDP neighbors are lost after a link failure.

    • Entries are removed from various data structures.


    Routing protocol convergence
    Routing Protocol Convergence C.

    Routing protocols rebuild the IP routing table and the IP forwarding table.


    Mpls convergence
    MPLS Convergence C.

    LFIB and labeling information in FIB are rebuilt immediately after the routing protocol convergence, based on labels stored in LIB.


    Mpls convergence after a link failure
    MPLS Convergence After a Link Failure C.

    • MPLS convergence in packet-mode MPLS does not impact the overall convergence time.

    • MPLS convergence occurs immediately after the routing protocol convergence, based on labels already stored in LIB.


    Link recovery actions
    Link Recovery Actions C.

    • Routing protocol neighbors are discovered after link recovery.


    Ip routing convergence after link recovery

    C C.

    pop

    C

    IP Routing Convergence After Link Recovery

    C

    • IP routing protocols rebuild the IP routing table.

    • FIB and LFIB are also rebuilt, but the label information might be lacking.


    Mpls convergence after a link recovery
    MPLS Convergence After a Link Recovery C.

    • Routing protocol convergence optimizes the forwarding path after a link recovery.

    • LIB might not contain the label from the new next-hop by the time the IP convergence is complete.

    • End-to-end MPLS connectivity might be intermittently broken after link recovery.

    • Use MPLS Traffic Engineering for make-before-break recovery.


    Ldp session establishment
    LDP Session Establishment C.

    • LDP and TDP use a similar process to establish a session:

      • Hello messages are periodically sent on all interfaces enabled for MPLS.

      • If there is another router on that interface it will respond by trying to establish a session with the source of the hello messages.

    • UDP is used for hello messages. It is targeted at “all routers on this subnet”multicast address (224.0.0.2).

    • TCP is used to establish the session.

    • Both TCP and UDP use well-known LDP port number 646 (711 for TDP).


    Ldp neighbor discovery
    LDP Neighbor Discovery C.

    UDP: Hello

    (1.0.0.2:1064  224.0.0.2:646)

    UDP: Hello

    (1.0.0.2:1065  224.0.0.2:646)

    UDP: Hello

    (1.0.0.2:1066  224.0.0.2:646)

    • LDP Session is established from the router with higher IP address.

    MPLS_B

    1.0.0.2

    TCP (1.0.0.2:1043 1.0.0.1:646)

    UDP: Hello

    (1.0.0.1:1050  224.0.0.2:646)

    TCP (1.0.0.4:1066 1.0.0.2:646)

    UDP: Hello

    (1.0.0.1:1051  224.0.0.2:646)

    NO_MPLS_C

    UDP: Hello

    (1.0.0.1:1052  224.0.0.2:646)

    MPLS_A

    1.0.0.3

    1.0.0.1

    TCP (1.0.0.4:1065 1.0.0.1:646)

    UDP: Hello

    (1.0.0.4:1033  224.0.0.2:646)

    UDP: Hello

    (1.0.0.4:1034  224.0.0.2:646)

    UDP: Hello

    (1.0.0.4:1035  224.0.0.2:646)

    MPLS_D

    1.0.0.4


    Ldp session negotiation
    LDP Session Negotiation C.

    MPLS_A

    • Peers first exchange initialization messages.

    • The session is ready to exchange label mappings after receiving the first keepalive.

    MPLS_B

    Establish TCP session

    1.0.0.1

    1.0.0.2

    Initialization message

    Initialization message

    Keepalive

    Keepalive


    Double lookup scenario

    18 C.

    17

    19

    10.1.1.1

    10.1.1.1

    10.1.1.1

    FIB

    10/8  NH, 17

    FIB

    10/8  NH, 18

    FIB

    10/8  NH

    FIB

    10/8  NH, 19

    10.1.1.1

    LFIB

    35  17

    LFIB

    17  18

    LFIB

    19  untagged

    LFIB

    18  19

    Double Lookup Scenario

    MPLS Domain

    • Double lookup is not an optimal way of forwarding labeled packets.

    • A label can be removed one hop earlier.

    10.0.0.0/8

    L=17

    10.0.0.0/8

    L=18

    10.0.0.0/8

    L=19

    10.0.0.0/8

    Double lookup is needed:

    1. LFIB: remove the label.

    2. FIB: forward the IP packet based on IP next-hop address.


    Penultimate hop popping

    17 C.

    18

    10.1.1.1

    10.1.1.1

    FIB

    10/8  NH, 17

    FIB

    10/8  NH, 18

    FIB

    10/8  NH, 19

    FIB

    10/8  NH

    10.1.1.1

    10.1.1.1

    LFIB

    17  18

    LFIB

    18  pop

    LFIB

    35  17

    LFIB

    Penultimate Hop Popping

    Pop or implicit null label is adveritsed.

    MPLS Domain

    • A label is removed on the router before the last hop within an MPLS domain.

    10.0.0.0/8

    L=17

    10.0.0.0/8

    L=18

    10.0.0.0/8

    L=pop

    10.0.0.0/8

    One single lookup.


    Penultimate hop popping1
    Penultimate Hop Popping C.

    • Penultimate hop popping optimizes MPLS performace (one less LFIB lookup).

    • PHP does not work on ATM (VPI/VCI cannot be removed).

    • Pop or implicit null label uses value 3 when being advertised to a neighbor.


    Ldp messages
    LDP Messages C.

    • Discovery messages

      • Used to discover and maintain the presence of new peers

      • Hello packets (UDP) sent to all-routers multicast address

      • Once neighbor is discovered, the LDP session is established over TCP


    Ldp messages1
    LDP Messages C.

    • Session messages

      • Establish, maintain and terminate LDP sessions

    • Advertisement messages

      • Create, modify, delete label mappings

    • Notification messages

      • Error signalling


    Agenda2
    Agenda C.

    • Introduction to MPLS

    • LDP

    • MPLS VPN

    • Monitoring MPLS


    What is a vpn
    What Is a VPN? C.

    • VPN is a set of sites which are allowed to communicate with each other.

    • VPN is defined by a set of administrative policies

      • Policies determine both connectivity and QoS among sites.

      • Policies established by VPN customers.

      • Policies could be implemented completely by VPN service providers.

        • Using BGP/MPLS VPN mechanisms


    What is a vpn cont
    What Is a VPN? (Cont.) C.

    • Flexible inter-site connectivity

      • Ranging from complete to partial mesh

    • Sites may be either within the same or in different organizations

      • VPN can be either intranet or extranet

    • Site may be in more than one VPN

      • VPNs may overlap

    • Not all sites have to be connected to the same service provider

      • VPN can span multiple providers


    Ip vpn taxonomy
    IP VPN Taxonomy C.

    IP VPNs

    DIAL

    DEDICATED

    Client-

    Initiated

    NAS-

    Initiated

    IP Tunnel

    Virtual

    Circuit

    Network-Based VPNs

    Security

    Appliance

    Router

    FR

    ATM

    RFC 2547

    Virtual

    Router


    Mpls vpn terminology
    MPLS-VPN Terminology C.

    • Provider Network (P-Network)

      • The backbone under control of a Service Provider

  • Customer Network (C-Network)

    • Network under customer control

  • CE router

    • Customer Edge router. Part of the C-network and interfaces to a PE router


  • Mpls vpn terminology1
    MPLS-VPN Terminology C.

    • Site

      • Set of (sub)networks part of the C-network and co-located

      • A site is connected to the VPN backbone through one or more PE/CE links

  • PE router

    • Provider Edge router. Part of the P-Network and interfaces to CE routers

  • P router

    • Provider (core) router, without knowledge of VPN


  • Mpls vpn terminology2
    MPLS-VPN Terminology C.

    • Route-Target

      • 64 bits identifying routers that should receive the route

  • Route Distinguisher

    • Attributes of each route used to uniquely identify prefixes among VPNs (64 bits)

    • VRF based (not VPN based)

  • VPN-IPv4 addresses

    • Address including the 64 bits Route Distinguisher and the 32 bits IP address


  • Mpls vpn terminology3
    MPLS-VPN Terminology C.

    • VRF

      • VPN Routing and Forwarding Instance

      • Routing table and FIB table

      • Populated by routing protocol contexts

  • VPN-Aware network

    • A provider backbone where MPLS-VPN is deployed


  • Mpls vpn connection model
    MPLS VPN Connection Model C.

    • A VPN is a collection of sites sharing a common routing information (routing table)

    • A site can be part of different VPNs

    • A VPN has to be seen as a community of interest (or Closed User Group)

    • Multiple Routing/Forwarding instances (VRF) on PE routers


    Mpls vpn connection model1

    Site-4 C.

    Site-1

    Site-2

    Site-3

    VPN-C

    VPN-A

    VPN-B

    MPLS VPN Connection Model

    • A site belonging to different VPNs may or MAY NOT be used as a transit point between VPNs

    • If two or more VPNs have a common site, address space must be unique among these VPNs


    Mpls vpn connection model2
    MPLS VPN Connection Model C.

    • The VPN backbone is composed by MPLS LSRs

      • PE routers (edge LSRs)

      • P routers (core LSRs)

    • PE routers are faced to CE routers and distribute VPN information through MP-BGP to other PE routers

      • VPN-IPv4 addresses, Extended Community, Label

  • P routers do not run BGP and do not have any VPN knowledge


  • Mpls vpn connection model3

    VPN_A C.

    10.2.0.0

    CE

    VPN_B

    10.2.0.0

    PE

    CE

    VPN_A

    11.6.0.0

    CE

    PE

    VPN_B

    CE

    10.1.0.0

    MPLS VPN Connection Model

    iBGP sessions

    VPN_A

    11.5.0.0

    CE

    VPN_A

    10.1.0.0

    P

    P

    PE

    CE

    P

    P

    VPN_B

    PE

    CE

    10.3.0.0

    • P routers (LSRs) are in the core of the MPLS cloud

    • PE routers use MPLS with the core and plain IP with CE routers

    • P and PE routers share a common IGP

    • PE router are MP-iBGP fully meshed


    Mpls vpn connection model4

    CE C.

    PE

    CE

    Site-2

    Site-1

    MPLS VPN Connection Model

    • EBGP,OSPF, RIPv2,Static

    • PE and CE routers exchange routing information through:

      • EBGP, OSPF , RIPv2, Static routing

    • CE router run standard routing software


    Mpls vpn connection model5

    Site-2 C.

    Site-1

    MPLS VPN Connection Model

    CE

    PE

    • EBGP,OSPF, RIPv2,Static

    CE

    • VPN Backbone IGP (OSPF, ISIS)

    • PE routers maintain separate routing tables

      • The global routing table

        • With all PE and P routesPopulated by the VPN backbone IGP (ISIS or OSPF)

      • VRF (VPN Routing and Forwarding)

        • Routing and Forwarding table associated with one or more directly connected sites (CEs)

        • VRF are associated to (sub/virtual/tunnel)interfaces

        • Interfaces may share the same VRF if the connected sites may share the same routing information


    Mpls vpn connection model6

    Site-2 C.

    Site-1

    MPLS VPN Connection Model

    CE

    PE

    • VPN Backbone IGP

    • EBGP,OSPF, RIPv2,Static

    CE

    • The routes the PE receives from CE routers are installed in the appropriate VRF

    • The routes the PE receives through the backbone IGP are installed in the global routing table

    • By using separate VRFs, addresses need NOT to be unique among VPNs


    Mpls vpn connection model7
    MPLS VPN Connection Model C.

    • The Global Routing Table is populated by IGP protocols.

    • In PE routers it may contain the BGP Internet routes (standard BGP-4 routes)

    • BGP-4 (IPv4) routes go into global routing table

    • MP-BGP (VPN-IPv4) routes go into VRFs


    Mpls vpn connection model8
    MPLS VPN Connection Model C.

    P

    P

    PE

    PE

    • VPN Backbone IGP

    P

    P

    iBGP session

    • PE and P routers share a common IGP (ISIS or OSPF)

    • PEs establish MP-iBGP sessions between them

    • PEs use MP-BGP to exchange routing information related to the connected sites and VPNs

      • VPN-IPv4 addresses, Extended Community, Label


    Mpls vpn connection model9

    Site-2 C.

    Site-1

    MPLS VPN Connection Model

    VPN-IPv4 update is translated into IPv4 address (Net1) put into VRF green since RT=Green and advertised to CE-2

    P

    P

    PE-2

    PE-1

    CE-2

    • VPN Backbone IGP

    BGP,RIPv2 update for Net1,Next-Hop=CE-1

    P

    P

    VPN-IPv4 update:RD:Net1, Next-hop=PE-1SOO=Site1, RT=Green, Label=(intCE1)

    CE-1

    • PE routers receive IPv4 updates (EBGP, RIPv2, Static…)

    • PE routers translate into VPN-IPv4

      • Assign a SOO and RT based on configuration

      • Re-write Next-Hop attribute

      • Assign a label based on VRF and/or interface

      • Send MP-iBGP update to all PE neighbors


    Mpls vpn connection model10

    Site-2 C.

    Site-1

    MPLS VPN Connection Model

    VPN-IPv4 update is translated into IPv4 address (Net1) put into VRF green since RT=Green and advertised to CE-2

    P

    P

    PE-2

    PE-1

    CE-2

    • VPN Backbone IGP

    BGP,OSPF, RIPv2 update for Net1Next-Hop=CE-1

    P

    P

    VPN-IPv4 update:RD:Net1, Next-hop=PE-1SOO=Site1, RT=Green, Label=(intCE1)

    CE-1

    • Receiving PEs translate to IPv4

      • Insert the route into the VRF identified by the RT attribute (based on PE configuration)

    • The label associated to the VPN-IPv4 address will be set on packet forwarded towards the destination


    Mpls vpn connection model11
    MPLS VPN Connection Model C.

    • Route distribution to sites is driven by the Site of Origin (SOO) and Route-target attributes

      • BGP Extended Community attribute

  • A route is installed in the site VRF corresponding to the Route-target attribute

    • Driven by PE configuration

  • A PE which connects sites belonging to multiple VPNs will install the route into the site VRF if the Route-target attribute contains one or more VPNs to which the site is associated


  • Mpls vpn connection model mp bgp update
    MPLS VPN Connection Model C.MP-BGP Update

    • VPN-IPV4 address

      • Route Distinguisher

        • 64 bits

        • Makes the IPv4 route globally unique

        • RD is configured in the PE for each VRF

        • RD may or may not be related to a site or a VPN

      • IPv4 address (32bits)

    • Extended Community attribute (64 bits)

      • Site of Origin (SOO): identifies the originating site

      • Route-target (RT): identifies the set of sites the route has to be advertised to


    Mpls vpn connection model mp bgp update1
    MPLS VPN Connection Model C.MP-BGP Update

    • Any other standard BGP attribute

      • Local PreferenceMEDNext-hopAS_PATHStandard Community...

    • A Label identifying:

      • The outgoing interface

      • The VRF where a lookup has to be done

      • The BGP label will be the second label in the label stack of packets travelling in the core


    Mpls vpn connection model mp bgp update extended community
    MPLS VPN Connection Model C.MP-BGP Update - Extended community

    • BGP extended community attribute

      • Structured, to support multiple applications

      • 64 bits for increased range

  • General form

    • <16bits type>:<ASN>:<32 bit number>

      • Registered AS number

    • <16bits type>:<IP address>:<16 bit number>

      • Registered IP address


  • Mpls vpn connection model mp bgp update extended community1
    MPLS VPN Connection Model C.MP-BGP Update - Extended community

    • The Extended Community is used to:

      • Identify one or more routers where the route has been originated (site)

        • Site of Origin (SOO)

      • Selects sites which should receive the route

        • Route-Target


    Mpls vpn connection model mp bgp update2
    MPLS VPN Connection Model C.MP-BGP Update

    • The Label can be assigned only by the router which address is the Next-Hop attribute

      • PE routers re-write the Next-Hop with their own address (loopback interface address)

        • “Next-Hop-Self” BGP command towards iBGP neighborsLoopback addresses are advertised into the backbone IGP

    • PE addresses used as BGP Next-Hop must be uniquely known in the backbone IGP

      • No summarisation of loopback addresses in the core


    Mpls forwarding packet forwarding
    MPLS Forwarding C.Packet forwarding

    • PE and P routers have BGP next-hop reachability through the backbone IGP

    • Labels are distributed through LDP (hop-by-hop) corresponding to BGP Next-Hops

    • Label Stack is used for packet forwarding

      • Top label indicates BGP Next-Hop (interior label)

      • Second level label indicates outgoing interface or VRF (exterior label)


    Mpls forwarding penultimate hop popping

    PE2 receives the packets with the label corresponding to the outgoing interface (VRF)

    One single lookup

    Label is popped and packet sent to IP neighbor

    P routers switch the packets based on the IGP label (label on top of the stack)

    Penultimate Hop Popping

    P2 is the penultimate hop for the BGP next-hop

    P2 remove the top label

    This has been requested through LDP by PE2

    IP

    packet

    IGP Label(PE2)VPN Label

    IGP Label(PE2)VPN Label

    IP

    packet

    IP

    packet

    IP

    packet

    VPN Label

    IP

    packet

    PE1 receives IP packet

    Lookup is done on site VRF

    BGP route with Next-Hop and Label is found

    BGP next-hop (PE2) is reachable through IGP route with associated label

    MPLS ForwardingPenultimate Hop Popping

    CE1

    PE1

    CE2

    P1

    P2

    PE2

    CE3


    Packet forwarding example 1

    VPN_A outgoing interface (VRF)

    10.2.0.0

    CE

    VPN_B

    10.2.0.0

    PE2

    CE

    VPN_A

    11.6.0.0

    Data

    CE

    PE1

    VPN_B

    CE

    10.1.0.0

    Packet Forwarding Example 1

    VPN_A

    11.5.0.0

    CE

    VPN_A

    P

    P

    10.1.0.0

    PE

    CE

    T8T2

    Data

    P

    P

    VPN_B

    CE

    10.3.0.0

    <RD_B,10.1> , iBGP next hop PE1

    <RD_B,10.2> , iBGP next hop PE2

    <RD_B,10.3> , iBGP next hop PE3

    <RD_A,11.6> , iBGP next hop PE1

    <RD_A,10.1> , iBGP next hop PE4

    <RD_A,10.4> , iBGP next hop PE4

    <RD_A,10.2> , iBGP next hop PE2

    <RD_B,10.2> , iBGP NH= PE2 , T2 T8

    T1 T7

    T2 T8

    T3 T9

    T4 T7

    T5 TB

    T6TB

    T7 T8

    • Ingress PE receives normal IP Packets from CE router

    • PE router does “IP Longest Match” from VPN_B FIB , find iBGP next hop PE2 and impose a stack of labels: exterior Label T2+ Interior LabelT8


    Packet forwarding example 1 cont

    VPN_A outgoing interface (VRF)

    10.2.0.0

    CE

    VPN_B

    T2

    Data

    10.2.0.0

    PE2

    CE

    VPN_A

    11.6.0.0

    CE

    PE1

    VPN_B

    CE

    10.1.0.0

    Packet Forwarding Example 1 (cont.)

    VPN_A

    11.5.0.0

    CE

    Data

    T2

    Data

    TB

    VPN_A

    P

    P

    10.1.0.0

    PE

    CE

    TAT2

    Data

    T8

    T2

    Data

    P

    P

    VPN_B

    CE

    10.3.0.0

    in /

    out

    T7

    T8

    T9

    Ta

    Tb

    Tu

    Tw

    Tx

    Ty

    Tz

    T8,TA

    • All Subsequent P routers do switch the packet Solely on Interior Label

    • Egress PE router, removes Interior Label

    • Egress PE uses Exterior Label to select which VPN/CEto forward the packet to.

    • Exterior Label is removed and packet routed to CE router


    Packet forwarding example 2

    A outgoing interface (VRF)

    12

    130.130.10.1

    B

    12

    130.130.11.3

    Packet Forwarding Example 2

    • In VPN 12, host 130.130.10.1 sends a packet with destination 130.130.11.3

    • Customer sites are attached to ProviderEdge (PE) routers A & B.


    Packet forwarding example 2 cont

    1. outgoing interface (VRF)Packet arrives on VPN 12

    link on PE router A.

    A

    12

    2. PE router A selects the correct VPN forwarding table based on the links’ VPN ID (12).

    VPN-ID

    VPN SiteAddress

    VPN SiteLabel

    Provider EdgeRouter Address

    PELabel

    12

    130.130.10.0/24

    26

    172.68.1.11/32

    42

    12

    130.130.11.0/24

    989

    172.68.1.2/32

    101

    ...

    ...

    ...

    ...

    ...

    Packet Forwarding Example 2 (cont.)


    Packet forwarding example 2 cont1

    A outgoing interface (VRF)

    12

    101

    989

    130.130.11.3

    Rest of IP packet

    4. PE router A adds two labels to the packet: one identifying the destination PE, and one identifying the destination VPN site.

    VPN-ID

    VPN SiteAddress

    VPN SiteLabel

    Provider EdgeRouter Address

    PELabel

    12

    130.130.10.0/24

    26

    172.68.1.11/32

    42

    12

    130.130.11.0/24

    989

    172.68.1.2/32

    101

    ...

    ...

    ...

    ...

    ...

    Packet Forwarding Example 2 (cont.)

    3. PE router A matches the incoming packet’s destination address with VPN 12’s forwarding table.


    Packet forwarding example 2 cont2

    A outgoing interface (VRF)

    B

    5. Packet is label-switched from PE router A to PE B based on the top label, using normal MPLS.

    The network core knows nothing about VPNs and sites: it only knows how to get packets from A to B using MPLS.

    Packet Forwarding Example 2 (cont.)


    Packet forwarding example 2 cont3

    B outgoing interface (VRF)

    12

    130.130.11.3

    6. PE router B identifies the correct site in VPN 12 from the inner label.

    7. PE router B removes the labels and forwards the IP packet to the correct VPN 12 site.

    Packet Forwarding Example 2 (cont.)


    Mpls vpn mechanisms vrf and multiple routing instances
    MPLS VPN mechanisms outgoing interface (VRF)VRF and Multiple Routing Instances

    • VRF: VPN Routing and Forwarding Instance

      • VRF Routing Protocol Context

      • VRF Routing Tables

      • VRF CEF Forwarding Tables


    Mpls vpn mechanisms vrf and multiple routing instances1
    MPLS VPN mechanisms outgoing interface (VRF)VRF and Multiple Routing Instances

    • VRF Routing table contains routes which should be available to a particular set of sites

    • Analogous to standard IOS routing table, supports the same set of mechanisms

    • Interfaces (sites) are assigned to VRFs

      • One VRF per interface (sub-interface, tunnel or virtual-template)

      • Possible many interfaces per VRF


    Mpls vpn mechanisms vrf and multiple routing instances2

    Static outgoing interface (VRF)

    BGP

    RIP

    Routing processes

    Routing contexts

    VRF Routing tables

    VRF Forwarding tables

    MPLS VPN mechanismsVRF and Multiple Routing Instances

    • Routing processes run within specific routing contexts

    • Populate specific VPN routing table and FIBs (VRF)

    • Interfaces are assigned to VRFs


    Mpls vpn mechanisms vrf and multiple routing instances3

    Site-1 outgoing interface (VRF)

    Site-2

    Site-4

    Site-3

    Site-1

    Site-2

    Site-3

    Site-4

    VPN-C

    VPN-A

    VPN-B

    MPLS VPN mechanismsVRF and Multiple Routing Instances

    Logical view

    Multihop MP-iBGP

    P

    P

    Routing view

    PE

    PE

    VRFfor site-1

    Site-1 routesSite-2 routes

    VRFfor site-2

    Site-1 routesSite-2 routesSite-3 routes

    VRFfor site-3

    Site-2 routesSite-3routesSite-4 routes

    VRFfor site-4

    Site-3 routesSite-4 routes


    Mpls vpn topologies

    VPN_A outgoing interface (VRF)

    10.2.0.0

    CE

    VPN_B

    10.2.0.0

    PE

    CE

    VPN_A

    11.6.0.0

    CE

    PE

    VPN_B

    CE

    10.1.0.0

    MPLS VPN Topologies

    iBGP sessions

    VPN_A

    11.5.0.0

    CE

    VPN_A

    10.1.0.0

    P

    P

    PE

    CE

    P

    P

    VPN_B

    PE

    CE

    10.3.0.0

    • VPN-IPv4 address are propagated together with the associated label in BGP Multiprotocol extension

    • Extended Community attribute (route-target) is associated to each VPN-IPv4 address, to populate the site VRF


    Mpls vpn topologies vpn sites with optimal intra vpn routing
    MPLS VPN Topologies outgoing interface (VRF)VPN sites with optimal intra-VPN routing

    • Each site has full routing knowledge of all other sites (of same VPN)

    • Each CE announces his own address space

    • MP-BGP VPN-IPv4 updates are propagated between PEs

    • Routing is optimal in the backbone

      • Each route has the BGP Next-Hop closest to the destination

    • No site is used as central point for connectivity


    Mpls vpn topologies vpn sites with optimal intra vpn routing1

    Site-3 outgoing interface (VRF)

    N3

    Site-1

    EBGP/RIP/Static

    N2,NH=CE2

    MPLS VPN TopologiesVPN sites with optimal intra-VPN routing

    EBGP/RIP/Static

    N3NH=CE3

    Routing Table on CE3

    N1, PE3N2, PE3N3, Local

    VRFfor site-3

    N1,NH=PE1N2,NH=PE2N3,NH=CE3

    IntCE3

    PE3

    VPN-IPv4 updates exchanged between PEs

    RD:N1, NH=PE1,Label=IntCE1, RT=BlueRD:N2, NH=PE2,Label=IntCE2, RT=BlueRD:N3, NH=PE3,Label=IntCE3, RT=Blue

    PE1

    IntCE2

    VRFfor site-1

    N1,NH=CE1N2,NH=PE2N3,NH=PE3

    VRFfor site-2

    N1,NH=PE1N2,NH=CE2N3,NH=PE3

    Site-2

    PE2

    N2

    IntCE1

    Routing Table on CE2

    N1,NH=PE2N2,LocalN3,NH=PE2

    EBGP/RIP/Static

    Routing Table on CE1

    N1, LocalN2, PE1N3, PE1

    N1NH=CE1

    N1


    Mpls vpn topologies vpn sites with hub spoke routing
    MPLS VPN Topologies outgoing interface (VRF)VPN sites with Hub & Spoke routing

    • One central site has full routing knowledge of all other sites (of same VPN)

      • Hub-Site

    • Other sites will send traffic to Hub-Site for any destination

      • Spoke-Sites

    • Hub-Site is the central transit point between Spoke-Sites

      • Use of central services at Hub-Site


    Mpls vpn topologies vpn sites with hub spoke routing1

    Site-2 outgoing interface (VRF)

    Site-1

    N1

    N2

    MPLS VPN TopologiesVPN sites with Hub & Spoke routing

    VPN-IPv4 update advertised by PE1RD:N1, NH=PE1,Label=IntCE1, RT=Hub

    IntCE1 VRF(Import RT=Spoke)(Export RT=Hub)

    N1,NH=CE1 (exported)N2,NH=PE3 (imported)N3,NH=PE3 (imported

    BGP/RIPv2

    IntCE3-Hub VRF(Import RT=Hub)

    N1,NH=PE1N2,NH=PE2

    CE1

    Site-3

    PE1

    CE3-Hub

    IntCE3-Spoke VRF(Export RT=Spoke)

    N1,NH=CE3-SpokeN2,NH=CE3-SpokeN3,NH=CE3-Spoke

    N3

    PE3

    IntCE2 VRF(Import RT=Spoke)(Export RT=Hub)

    N1,NH=PE3 (imported)N2,NH=CE2 (exported)N3,NH=PE3 (imported)

    CE3-Spoke

    PE2

    CE2

    BGP/RIPv2

    VPN-IPv4 updates advertised by PE3

    RD:N1, NH=PE3,Label=IntCE3-Spoke, RT=SpokeRD:N2, NH=PE3,Label=IntCE3-Spoke, RT=SpokeRD:N3, NH=PE3,Label=IntCE3-Spoke, RT=Spoke

    VPN-IPv4 update advertised by PE2RD:N2, NH=PE2,Label=IntCE2, RT=Hub

    • Routes are imported/exported into VRFs based on RT value of the VPN-IPv4 updates

    • PE3 uses 2 (sub)interfaces with two different VRFs


    Mpls vpn topologies vpn sites with hub spoke routing2

    Site-2 outgoing interface (VRF)

    Site-1

    N1

    N2

    MPLS VPN TopologiesVPN sites with Hub & Spoke routing

    IntCE1 VRF(Import RT=Spoke)(Export RT=Hub)

    N1,NH=CE1 (exported)N2,NH=PE3 (imported)N3,NH=PE3 (imported

    IntCE3-Hub VRF(Import RT=Hub)

    N1,NH=PE1N2,NH=PE2

    BGP/RIPv2

    CE1

    Site-3

    PE1

    CE3-Hub

    N3

    PE3

    IntCE3-Spoke VRF(Export RT=Spoke)

    N1,NH=CE3-SpokeN2,NH=CE3-SpokeN3,NH=CE3-Spoke

    CE3-Spoke

    PE2

    CE2

    BGP/RIPv2

    IntCE2 VRF(Import RT=Spoke)(Export RT=Hub)

    N1,NH=PE3 (imported)N2,NH=CE2 (exported)N3,NH=PE3 (imported)

    • Traffic from one spoke to another will travel across the hub site

    • Hub site may host central services

      • Security, NAT, centralised Internet access


    Mpls vpn internet routing
    MPLS VPN Internet Routing outgoing interface (VRF)

    • In a VPN, sites may need to have Internet connectivity

    • Connectivity to the Internet means:

      • Being able to reach Internet destinations

      • Being able to be reachable from any Internet source

    • The Internet routing table is treated separately

    • In the VPN backbone the Internet routes are in the Global routing table of PE routers

    • Labels are not assigned to external (BGP) routes


    Mpls vpn internet routing vrf specific default route
    MPLS VPN Internet routing outgoing interface (VRF)VRF specific default route

    • A default route is installed into the site VRF and pointing to a Internet Gateway

    • The default route is NOT part of any VPN

      • A single label is used for packets forwarded according to the default route

      • The label is the IGP label corresponding to the IP address of the Internet gateway

        • Known in the IGP


    Mpls vpn internet routing vrf specific default route1
    MPLS VPN Internet routing outgoing interface (VRF)VRF specific default route

    • PE router originates CE routes for the Internet

      • Customer (site) routes are known in the site VRF

        • Not in the global table

      • The PE/CE interface is NOT known in the global table. However:

        • A static route for customer routes and pointing to the PE/CE interface is installed in the global table

      • This static route is redistributed into BGP-4 global table and advertised to the Internet Gateway

    • The Internet gateway knows customer routes and with the PE address as next-hop


    Mpls vpn internet routing vrf specific default route2
    MPLS VPN Internet routing outgoing interface (VRF)VRF specific default route

    • The Internet Gateway specified in the default route (into the VRF) need NOT to be directly connected

    • Different Internet gateways can be used for different VRFs

    • Using default route for Internet routing does NOT allow any other default route for intra-VPN routing

      • As in any other routing scheme


    Mpls vpn internet routing vrf specific default route3

    Site-1 outgoing interface (VRF)

    MPLS VPN Internet routing VRF specific default route

    192.168.1.1

    ip vrf VPN-A

    rd 100:1

    route-target both 100:1

    !

    Interface Serial0

    ip address 192.168.10.1 255.255.255.0

    ip vrf forwarding VPN-A

    !

    Router bgp 100

    no bgp default ipv4-unicast

    network 171.68.0.0 mask 255.255.0.0

    neighbor 192.168.1.1 remote 100

    neighbor 192.168.1.1 activate

    neighbor 192.168.1.1 next-hop-self

    neighbor 192.168.1.1 update-source loopback0

    !

    address-family ipv4 vrf VPN-A

    neighbor 192.168.10.2 remote-as 65502

    neighbor 192.168.10.2 activate

    exit-address-family

    !

    address-family vpnv4

    neighbor 192.168.1.2 activate

    exit-address-family

    !

    ip route 171.68.0.0 255.255.0.0 Serial0

    ip route vrf VPN-A 0.0.0.0 0.0.0.0 192.168.1.1 global

    BGP-4

    • Internet

    PE-IG

    MP-BGP

    PE

    192.168.1.2

    PE

    Serial0

    Network 171.68.0.0/16

    Site-2


    Mpls vpn internet routing vrf specific default route4

    Site-1 outgoing interface (VRF)

    Label = 3

    IP packetD=cisco.com

    MPLS VPN Internet routing VRF specific default route

    192.168.1.1

    IP packetD=cisco.com

    • Internet

    PE-IG

    Global Table and LFIB

    192.168.1.1/32 Label=3

    192.168.1.2/32 Label=5

    ...

    192.168.1.2

    PE

    Site-2 VRF

    0.0.0.0/0 192.168.1.1 (global)

    Site-1 routesSite-2 routes

    PE

    Serial0

    IP packetD=cisco.com

    Network 171.68.0.0/16

    Site-2


    Mpls vpn internet routing vrf specific default route5
    MPLS VPN Internet routing outgoing interface (VRF)VRF specific default route

    • PE routers need not to hold the Internet table

    • PE routers will use BGP-4 sessions to originate customer routes

    • Packet forwarding is done with a single label identifying the Internet Gateway IP address

      • More labels if Traffic Engineering is used


    Mpls vpn internet routing separated sub interfaces
    MPLS VPN Internet Routing outgoing interface (VRF)Separated (sub)interfaces

    • If CE wishes to receive and announce routes from/to the Internet

      • A dedicated BGP session is used over a separate (sub) interface

      • The PE imports CE routes into the global routing table and advertise them to the Internet

        • The interface is not part of any VPN and does not use any VRF

      • Default route or Internet routes are exported to the CE

        • PE needs to have Internet routing table


    Mpls vpn internet routing separated sub interfaces1
    MPLS VPN Internet Routing outgoing interface (VRF)Separated (sub)interfaces

    • The PE uses separate (sub)interfaces with the CE

      • One (sub)interface for VPN routing

        • associated to a VRFCan be a tunnel interface

      • One (sub)interface for Internet routing

        • Associated to the global routing table


    Mpls vpn internet routing separated sub interfaces2

    Site-1 outgoing interface (VRF)

    MPLS VPN Internet RoutingSeparated (sub)interfaces

    ip vrf VPN-A

    rd 100:1

    route-target both 100:1

    !

    Interface Serial0

    no ip address

    !

    Interface Serial0.1

    ip address 192.168.10.1 255.255.255.0

    ip vrf forwarding VPN-A

    !

    Interface Serial0.2

    ip address 171.68.10.1 255.255.255.0

    !

    Router bgp 100

    no bgp default ipv4-unicast

    neighbor 192.168.1.1 remote 100

    neighbor 192.168.1.1 activate

    neighbor 192.168.1.1 next-hop-self

    neighbor 192.168.1.1 update-source loopback0

    neighbor 171.68.10.2 remote 502

    !

    address-family ipv4 vrf VPN-A

    neighbor 192.168.10.2 remote-as 502

    neighbor 192.168.10.2 activate

    exit-address-family

    !

    address-family vpnv4

    neighbor 192.168.1.2 activate

    exit-address-family

    192.168.1.1

    BGP-4

    • Internet

    PE-IG

    PE

    MP-BGP

    192.168.1.2

    PE

    Serial0.1

    Serial0.2

    BGP-4

    Network 171.68.0.0/16

    Site-2


    Mpls vpn internet routing separated sub interfaces3

    Site-1 outgoing interface (VRF)

    Label = 3

    IP packetD=cisco.com

    MPLS VPN Internet RoutingSeparated (sub)interfaces

    192.168.1.1

    IP packetD=cisco.com

    • Internet

    PE-IG

    PE Global Table

    Internet routes ---> 192.168.1.1

    192.168.1.1, Label=3

    192.168.1.2

    PE

    PE

    Serial0.1

    Serial0.2

    IP packetD=cisco.com

    Serial0.1

    Serial0.2

    CE routing table

    Site-2 routes ----> Serial0.1

    Internet routes ---> Serial0.2

    Network 171.68.0.0/16

    Site-2


    Scaling
    Scaling outgoing interface (VRF)

    • Existing BGP techniques can be used to scale the route distribution: route reflectors

    • Each edge router needs only the information for the VPNs it supports

      • Directly connected VPNs

  • RRs are used to distribute VPN routing information


  • Mpls vpn scaling bgp

    Route Reflectors outgoing interface (VRF)

    VPN_A

    VPN_A

    10.2.0.0

    RR

    RR

    11.5.0.0

    CE

    CE

    VPN_B

    VPN_A

    P

    P

    PE

    CE

    10.1.0.0

    10.2.0.0

    PE2

    CE

    VPN_A

    P

    P

    11.6.0.0

    CE

    VPN_B

    PE

    CE

    10.3.0.0

    PE1

    VPN_B

    CE

    10.1.0.0

    MPLS-VPNScaling BGP

    • Route Reflectors may be partitioned

      Each RR store routes for a set of VPNs

    • Thus, no BGP router needs to store ALL VPNs information

    • PEs will peer to RRs according to the VPNs they directly connect


    Mpls vpn scaling bgp updates filtering
    MPLS-VPN Scaling outgoing interface (VRF)BGP updates filtering

    iBGP full mesh between PEs results in flooding all VPNs routes to all PEs

    Scaling problems when large amount of routes. In addition PEs need only routes for attached VRFs

    Therefore each PE will discard any VPN-IPv4 route that hasn’t a route-target configured to be imported in any of the attached VRFs

    This reduces significantly the amount of information each PE has to store

    Volume of BGP table is equivalent of volume of attached VRFs (nothing more)


    Mpls vpn scaling bgp updates filtering1
    MPLS-VPN Scaling outgoing interface (VRF)BGP updates filtering

    VPN-IPv4 update:RD:Net1, Next-hop=PE-XSOO=Site1, RT=Green, Label=XYZ

    • Import RT=yellow

    PE

    • VRFs for VPNsyellowgreen

    VPN-IPv4 update:RD:Net1, Next-hop=PE-XSOO=Site1, RT=Red, Label=XYZ

    • MP-iBGP sessions

    • Import RT=green

    Each VRF has an import and export policy configured

    Policies use route-target attribute (extended community)

    PE receives MP-iBGP updates for VPN-IPv4 routes

    If route-target is equal to any of the import values configured in the PE, the update is accepted

    Otherwise it is silently discarded


    Mpls vpn scaling route refresh
    MPLS-VPN Scaling outgoing interface (VRF)Route Refresh

    VPN-IPv4 update:RD:Net1, Next-hop=PE-XSOO=Site1, RT=Green, Label=XYZ

    2. PE issue a Route-Refresh to all neighbors in order to ask for re-transmission

    • Import RT=yellow

    PE

    VPN-IPv4 update:RD:Net1, Next-hop=PE-XSOO=Site1, RT=Red, Label=XYZ

    • Import RT=green

    1. PE doesn’t have red routes (previously filtered out)

    • Import RT=red

    3. Neighbors re-send updates and “red” route-target is now accepted

    Policy may change in the PE if VRF modifications are done

    • New VRFs, removal of VRFs

      However, the PE may not have stored routing information which become useful after a change

      PE request a re-transmission of updates to neighbors

  • Route-Refresh


  • Mpls vpn scaling outbound route filters orf
    MPLS-VPN Scaling outgoing interface (VRF)Outbound Route Filters - ORF

    VPN-IPv4 update:RD:Net1, Next-hop=PE-XSOO=Site1, RT=Green, Label=XYZ

    2. PE issue a ORF message to all neighbors in order not to receive red routes

    • Import RT=yellow

    PE

    VPN-IPv4 update:RD:Net1, Next-hop=PE-XSOO=Site1, RT=Red, Label=XYZ

    • Import RT=green

    1. PE doesn’t need red routes

    3. Neighbors dynamically configure the outbound filter and send updates accordingly

    PE router will discard update with unused route-target

    Optimization requires these updates NOT to be sent

    Outbound Route Filter (ORF) allows a router to tell its neighbors which filter to use prior to propagate BGP updates


    Mpls vpn configuration
    MPLS VPN - Configuration outgoing interface (VRF)

    • VPN knowledge is on PE routers

    • PE router have to be configured for

      • VRF and Route Distinguisher

      • VRF import/export policies (based on Route-target)

      • Routing protocol used with CEs

      • MP-BGP between PE routers

      • BGP for Internet routers

        • With other PE routers

        • With CE routers


    Mpls vpn configuration vrf and route distinguisher
    MPLS VPN - Configuration outgoing interface (VRF)VRF and Route Distinguisher

    • RD is configured on PE routers (for each VRF)

    • VRFs are associated to RDs in each PE

    • Common (good) practice is to use the same RD for the same VPN in all PEs

      • But not mandatory

    • VRF configuration command

      • ip vrf <vrf-symbolic-name>rd <route-distinguisher-value>route-target import <community>route-target export <community>


    Cli vrf configuration

    Site-2 outgoing interface (VRF)

    Site-1

    Site-4

    Site-3

    Site-1

    Site-2

    Site-3

    Site-4

    VPN-C

    VPN-A

    VPN-B

    CLI - VRF configuration

    ip vrf site1

    rd 100:1

    route-target export 100:1

    route-target import 100:1

    ip vrf site2

    rd 100:2

    route-target export 100:2

    route-target import 100:2

    route-target import 100:1

    route-target export 100:1

    ip vrf site3

    rd 100:3

    route-target export 100:2

    route-target import 100:2

    route-target import 100:3

    route-target export 100:3

    ip vrf site-4

    rd 100:4

    route-target export 100:3

    route-target import 100:3

    Multihop MP-iBGP

    P

    P

    PE1

    PE2

    VRFfor site-3(100:3)

    Site-2 routesSite-3 routesSite-4 routes

    VRFfor site-4(100:4)

    Site-3 routesSite-4 routes

    VRFfor site-1(100:1)

    Site-1 routesSite-2 routes

    VRFfor site-2(100:2)

    Site-1 routesSite-2 routesSite-3 routes


    Mpls vpn configuration pe ce routing protocols
    MPLS VPN - Configuration outgoing interface (VRF)PE/CE routing protocols

    • PE/CE may use BGP, RIPv2 or Static routes

    • A routing context is used for each VRF

    • Routing contexts are defined within the routing protocol instance

      • Address-family router sub-command

      • Router ripversion 2address-family ipv4 vrf <vrf-symbolic-name> …

      • any common router sub-command …


    Mpls vpn configuration pe ce routing protocols1
    MPLS VPN - Configuration outgoing interface (VRF)PE/CE routing protocols

    • BGP uses same “address-family” command

      • Router BGP <asn>...address-family ipv4 vrf <vrf-symbolic-name>… any common router BGP sub-command…

  • Static routes are configured per VRF

    • ip route vrf <vrf-symbolic-name> …


  • Mpls vpn configuration pe router commands
    MPLS VPN - Configuration outgoing interface (VRF)PE router commands

    • All show commands are VRF based

      • Show ip route vrf <vrf-symbolic-name> ...

      • Show ip protocol vrf <vrf-symbolic-name>

      • Show ip cef <vrf-symbolic-name> …

  • PING and Telnet commands are VRF based

    • telnet /vrf <vrf-symbolic-name>

    • ping vrf <vrf-symbolic-name>


  • Mpls vpn configuration pe ce routing protocols2

    Site-4 outgoing interface (VRF)

    Site-1

    Site-3

    Site-2

    Site-1

    Site-2

    Site-3

    Site-4

    VPN-C

    VPN-A

    VPN-B

    MPLS VPN - ConfigurationPE/CE routing protocols

    ip vrf site1

    rd 100:1

    route-target export 100:12

    route-target import 100:12

    ip vrf site2

    rd 100:2

    route-target export 100:12

    route-target import 100:12

    route-target import 100:23

    route-target export 100:23

    !

    interface Serial3/6

    ip vrf forwarding site1

    ip address 192.168.61.6 255.255.255.0

    encapsulation ppp

    !

    interface Serial3/7

    ip vrf forwarding site2

    ip address 192.168.62.6 255.255.255.0

    encapsulation ppp

    ip vrf site3

    rd 100:3

    route-target export 100:23

    route-target import 100:23

    route-target import 100:34

    route-target export 100:34

    ip vrf site-4

    rd 100:4

    route-target export 100:34

    route-target import 100:34

    !

    interface Serial4/6

    ip vrf forwarding site3

    ip address 192.168.73.7 255.255.255.0

    encapsulation ppp

    !

    interface Serial4/7

    ip vrf forwarding site4

    ip address 192.168.74.7 255.255.255.0

    encapsulation ppp

    Multihop MP-iBGP

    P

    P

    PE1

    PE2

    VRFfor site-2(100:2)

    Site-1 routesSite-2 routesSite-3 routes

    VRFfor site-3(100:3)

    Site-2 routesSite-3 routesSite-4 routes

    VRFfor site-4(100:4)

    Site-3 routesSite-4 routes

    VRFfor site-1(100:1)

    Site-1 routesSite-2 routes


    Mpls vpn configuration pe ce routing protocols3

    Site-4 outgoing interface (VRF)

    Site-1

    Site-3

    Site-2

    Site-1

    Site-2

    Site-3

    Site-4

    VPN-C

    VPN-A

    VPN-B

    MPLS VPN - ConfigurationPE/CE routing protocols

    router bgp 100

    no bgp default ipv4-unicast

    neighbor 6.6.6.6 remote-as 100

    neighbor 6.6.6.6 update-source Loop0

    !

    address-family ipv4 vrf site4

    neighbor 192.168.74.4 remote-as 65504

    neighbor 192.168.74.4 activate

    exit-address-family

    !

    address-family ipv4 vrf site3

    neighbor 192.168.73.3 remote-as 65503

    neighbor 192.168.73.3 activate

    exit-address-family

    !

    address-family vpnv4

    neighbor 6.6.6.6 activate

    neighbor 6.6.6.6 next-hop-self

    exit-address-family

    router bgp 100

    no bgp default ipv4-unicast

    neighbor 7.7.7.7 remote-as 100

    neighbor 7.7.7.7 update-source Loop0

    !

    address-family ipv4 vrf site2

    neighbor 192.168.62.2 remote-as 65502

    neighbor 192.168.62.2 activate

    exit-address-family

    !

    address-family ipv4 vrf site1

    neighbor 192.168.61.1 remote-as 65501

    neighbor 192.168.61.1 activate

    exit-address-family

    !

    address-family vpnv4

    neighbor 7.7.7.7 activate

    neighbor 7.7.7.7 next-hop-self

    exit-address-family

    Multihop MP-iBGP

    P

    P

    PE1

    PE2

    VRFfor site-2(100:2)

    Site-1 routesSite-2 routesSite-3 routes

    VRFfor site-3(100:2)

    Site-2 routesSite-3 routesSite-4 routes

    VRFfor site-4(100:3)

    Site-3 routesSite-4 routes

    VRFfor site-1(100:1)

    Site-1 routesSite-2 routes


    Summary
    Summary outgoing interface (VRF)

    • Supports large scale VPN services

    • Increases value add by the VPN Service Provider

    • Decreases Service Provider’s cost of providing VPN services

    • Mechanisms are general enough to enable VPN Service Provider to support a wide range of VPN customers

    • See RFC2547


    Point to point connections vs bgp mpls vpns routing peering

    Point-to-point connections vs BGP/MPLS VPNs: routing peering

    CE

    PE

    Routing peering

    Amount of routing peering maintained by CE is O(1) - CE peers only with directly attached PE

    • independent of the total number of sites within a VPN

      scales to VPNs with large number of sites (100s - 1000s sites per VPN)

    All other sites

    Site


    Point to point connections vs bgp mpls vpns provisioning
    Point-to-point connections vs BGP/MPLS VPNs: provisioning router to maintain

    New

    Site

    CE

    PE

    Amount of configuration changes needed to add a new site (new CE) is O(1):

    • need to configure only the directly attached PE

    • independent of the total number of sites within a VPN

    All other sites

    New

    Site

    Config

    change

    Config

    change

    Mesh of point-to-point connections requires O(n) configuration changes (where n is the number of sites) when adding a new site


    Agenda3
    Agenda router to maintain

    • Introduction to MPLS

    • LDP

    • MPLS VPN

    • Monitoring MPLS


    Basic mpls monitoring commands

    router(config)# router to maintain

    show tag-switching tdp parameters

    • Displays TDP parameters on the local router.

    router(config)#

    router(config)#

    show tag-switching interface

    show mpls interface 12.1(3)T

    show tag-switching tdp discovery

    • Displays MPLS status on individual interfaces.

    • Displays all discovered TDP neighbors.

    Basic MPLS Monitoring Commands


    S how t ag switching tdp parameters
    s router to maintain how tag-switchingtdp parameters

    Router#show tag-switching tdp parameters

    Protocol version: 1

    No tag pool for downstream tag distribution

    Session hold time: 180 sec; keep alive interval: 60 sec

    Discovery hello: holdtime: 15 sec; interval: 5 sec

    Discovery directed hello: holdtime: 180 sec; interval: 5 sec


    Show tag switching interface
    show tag-switching interface router to maintain

    Router#show tag-switching interface detail

    Interface Serial1/0.1:

    IP tagging enabled

    TSP Tunnel tagging not enabled

    Tagging operational

    MTU = 1500

    Interface Serial1/0.2:

    IP tagging enabled

    TSP Tunnel tagging not enabled

    Tagging operational

    MTU = 1500


    Show tag switching tdp discovery
    show tag-switching tdp discovery router to maintain

    Router#show tag-switching tdp discovery

    Local TDP Identifier:

    192.168.3.102:0

    TDP Discovery Sources:

    Interfaces:

    Serial1/0.1: xmit/recv

    TDP Id: 192.168.3.101:0

    Serial1/0.2: xmit/recv

    TDP Id: 192.168.3.100:0


    More tdp monitoring commands

    router(config)# router to maintain

    show tag-switching tdp neighbor

    • Displays individual TDP neighbors.

    router(config)#

    router(config)#

    show tag-switching tdp neighbor detail

    show tag-switching tdp bindings

    • Displays more details about TDP neighbors.

    • Displays Tag Information Base (TIB).

    More TDP Monitoring Commands


    Show tag tdp neighbor
    show tag tdp neighbor router to maintain

    Router#show tag-switching tdp neighborsPeer TDP Ident: 192.168.3.100:0; Local TDP Ident 192.168.3.102:0

    TCP connection: 192.168.3.100.711 - 192.168.3.102.11000

    State: Oper; PIEs sent/rcvd: 55/53; ; Downstream

    Up time: 00:43:26

    TDP discovery sources:

    Serial1/0.2

    Addresses bound to peer TDP Ident:

    192.168.3.10 192.168.3.14 192.168.3.100


    Show tag tdp neighbor detail
    show tag tdp neighbor detail router to maintain

    Router#show tag-switching tdp neighbors detailPeer TDP Ident: 192.168.3.100:0; Local TDP Ident 192.168.3.102:0

    TCP connection: 192.168.3.100.711 - 192.168.3.102.11000

    State: Oper; PIEs sent/rcvd: 55/54; ; Downstream; Last TIB

    rev sent 26

    UID: 1; Up time: 00:44:01

    TDP discovery sources:

    Serial1/0.2; holdtime: 15000 ms, hello interval: 5000 ms

    Addresses bound to peer TDP Ident:

    192.168.3.10 192.168.3.14 192.168.3.100

    Peer holdtime: 180000 ms; KA interval: 60000 ms; Peer state:

    estab


    Show tag tdp bindings
    show tag tdp bindings router to maintain

    Router#show tag tdp bindings tib entry: 192.168.3.1/32, rev 9

    local binding: tag: 28

    remote binding: tsr: 19.16.3.3:0, tag: 28

    tib entry: 192.168.3.2/32, rev 8

    local binding: tag: 27

    remote binding: tsr: 19.16.3.3:0, tag: 27

    tib entry: 192.168.3.3/32, rev 7

    local binding: tag: 26

    remote binding: tsr: 19.16.3.3:0, tag: imp-null(1)

    tib entry: 192.168.3.10/32, rev 6

    local binding: tag: imp-null(1)

    remote binding: tsr: 19.16.3.3:0, tag: 26


    Monitoring label switching

    router(config)# router to maintain

    show tag-switching forwarding-table

    show mpls forwarding-table

    • Displays contents of Label Forwarding Information Base.

    router(config)#

    show ip cef detail

    • Displays label(s) attached to a packet during label imposition on edge LSR.

    Monitoring Label Switching


    Monitoring label switching monitoring lfib
    Monitoring Label Switching router to maintain Monitoring LFIB

    Router#show tag-switching forwarding-table ?

    A.B.C.D Destination prefix

    detail Detailed information

    interface Match outgoing interface

    next-hop Match next hop neighbor

    tags Match tag values

    tsp-tunnel TSP Tunnel id

    | Output modifiers

    <cr>


    S how t ag switching f orwarding table
    s router to maintain how tag-switchingforwarding-table

    Router#show tag-switching forwarding-table detailLocal Outgoing Prefix Bytes tag Outgoing Next Hop

    tag tag or VC or Tunnel Id switched interface

    26 Untagged 192.168.3.3/32 0 Se1/0.3 point2point

    MAC/Encaps=0/0, MTU=1504, Tag Stack{}

    27 Pop tag 192.168.3.4/32 0 Se0/0.4 point2point

    MAC/Encaps=4/4, MTU=1504, Tag Stack{}

    20618847

    28 29 192.168.3.4/32 0 Se1/0.3 point2point

    MAC/Encaps=4/8, MTU=1500, Tag Stack{29}

    18718847 0001D000


    S how ip cef detail
    s router to maintain how ip cef detail

    Router#show ip cef 192.168.20.0 detail

    192.168.20.0/24, version 23, cached adjacency to Serial1/0.2

    0 packets, 0 bytes

    tag information set

    local tag: 33

    fast tag rewrite with Se1/0.2, point2point, tags imposed: {32}

    via 192.168.3.10, Serial1/0.2, 0 dependencies

    next hop 192.168.3.10, Serial1/0.2

    valid cached adjacency

    tag rewrite with Se1/0.2, point2point, tags imposed: {32}


    Debugging label switching and tdp

    router(config)# router to maintain

    debug tag-switching tdp ...

    • Debugs TDP adjacencies, session establishment, and label bindings exchange.

    router(config)#

    router(config)#

    debug tag-switching tfib ...

    debug mpls lfib … 12.1(3)T

    debug tag-switching packets [ interface ]

    debug mpls packets [ interface ] 12.1(3)T

    • Debugs Tag Forwarding Information Base events: label creations, removals, rewrites.

    • Debugs labeled packets switched by the router.

    • Disables fast or distributed tag switching.

    Debugging Label Switching and TDP


    Common frame mode mpls symptoms
    Common Frame-Mode MPLS Symptoms router to maintain

    • TDP/LDP session does not start.

    • Labels are not allocated or distributed.

    • Packets are not labeled although the labels have been distributed.

    • MPLS intermittently breaks after an interface failure.

    • Large packets are not propagated across the network.


    Tdp session startup issues 1 4
    TDP Session Startup Issues: 1/4 router to maintain

    Symptom

    • TDP neighbors are not discovered.

      • show tag tdp discovery does not display expected TDP neighbors.

        Diagnosis

    • MPLS is not enabled on adjacent router.

      Verification

    • Verify with show tag interface on the adjacent router.


    Tdp session startup issues 2 4
    TDP Session Startup Issues: 2/4 router to maintain

    Symptom

    • TDP neighbors are not discovered.

      Diagnosis

    • Label distribution protocol mismatch - TDP on one end, LDP on the other end.

      Verification

    • Verify with show tag interface detail on both routers.


    Tdp session startup issues 3 4
    TDP Session Startup Issues: 3/4 router to maintain

    Symptom

    • TDP neighbors are not discovered.

      Diagnosis

    • Packet filter drops TDP/LDP neighbor discovery packets.

      Verification

    • Verify access-list presence with show ip interface.

    • Verify access-list contents with show access-list.


    Tdp session startup issues 4 4
    TDP Session Startup Issues: 4/4 router to maintain

    Symptom

    • TDP neighbors discovered, TDP session is not established.

      • show tdp neighbor does not display a neighbor in Oper state.

        Diagnosis

    • Connectivity between loopback interfaces is broken - TDP session is usually established between loopback interfaces of adjacent LSRs.

      Verification

    • Verify connectivity with extendedpingcommand.


    Label allocation issues
    Label Allocation Issues router to maintain

    Symptom

    • Labels are not allocated for local routes.

      • show tag-switching forwarding-tabledoes not display any labels

        Diagnosis

    • CEF is not enabled.

      Verification

    • Verify with show ip cef.


    Label distribution issues
    Label Distribution Issues router to maintain

    Symptom

    • Labels are allocated, but not distributed.

      • show tag-switching tdp bindings on adjacent LSR does not display labels from this LSR

        Diagnosis

    • Problems with conditional label distribution.

      Verification

    • Debug label distribution with debug tag tdp advertisement.

    • Examine the neighbor TDP router IDP with show tag tdp discovery.

    • Verify that the neighbor TDP router ID is matched by the access list specified in tag advertise command.


    Packet labeling
    Packet Labeling router to maintain

    Symptom

    • Labels are distributed, packets are not labeled.

      • show interface statistic does not labeled packets being sent

        Diagnosis

    • CEF is not enabled on input interface (potentially due to conflicting feature being configured).

      Verification

    • Verify with show cef interface.


    S how cef interface
    s router to maintain how cef interface

    Router#show cef interface

    Serial1/0.1 is up (if_number 15)

    Internet address is 192.168.3.5/30

    ICMP redirects are always sent

    Per packet loadbalancing is disabled

    IP unicast RPF check is disabled

    Inbound access list is not set

    Outbound access list is not set

    IP policy routing is disabled

    Interface is marked as point to point interface

    Hardware idb is Serial1/0

    Fast switching type 5, interface type 64

    IP CEF switching enabled

    IP CEF VPN Fast switching turbo vector

    Input fast flags 0x1000, Output fast flags 0x0

    ifindex 3(3)

    Slot 1 Slot unit 0 VC -1

    Transmit limit accumulator 0x0 (0x0)

    IP MTU 1500


    Intermittent mpls failures after interface failure
    Intermittent MPLS Failures after Interface Failure router to maintain

    Symptom

    • Overall MPLS connectivity in a router intermittently breaks after an interface failure.

      Diagnosis

    • IP address of a physical interface is used for TDP/LDP identifier. Configure a loopback interface on the router.

      Verification

    • Verify local TDP identifier with show tag-switching tdp neighbors.


    Packet propagation
    Packet Propagation router to maintain

    Symptom

    • Large packets are not propagated across the network.

      • Extended ping with varying packet sizes fails for packet sizes close to 1500

    • In some cases, MPLS might work, but MPLS/VPN will fail.

      Diagnosis

    • Tag MTU issues or switches with no support for jumbo frames in the forwarding path.

      Verification

    • Trace the forwarding path; identify all LAN segments in the path.

    • Verify Tag MTU setting on routers attached to LAN segments.

    • Check for low-end switches in the transit path.


    Summary1
    Summary router to maintain

    After completing this lesson, you will be able to perform the following tasks:

    • Describe procedures for monitoring MPLS on IOS platforms.

    • List the debugging commands associated with label switching, LDP and TDP.

    • Identify common configuration or design errors.

    • Use the available debugging commands in real-life troubleshooting scenarios.


    Customer reference

    Customer Reference router to maintain


    Cisco s mpls is proven 1 5 0 deployments today
    Cisco’s MPLS Is Proven router to maintain 150+ Deployments Today

    Americas

    EMEA

    APT/Japan


    Thank you

    Thank you. router to maintain


    ad