1 / 92

Introduction MPLS – Technology & Services

Introduction MPLS – Technology & Services. Agenda. Background and business case Technology basics What is MPLS? Where is it used? Label Distribution in MPLS Networks LDP, RSVP, BGP Building MPLS based Services IP+ATM Integration VPNs Traffic Engineering (FRR & Protection)

tracy
Download Presentation

Introduction MPLS – Technology & Services

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IntroductionMPLS – Technology & Services

  2. Agenda • Background and business case • Technology basics • What is MPLS? Where is it used? • Label Distribution in MPLS Networks • LDP, RSVP, BGP • Building MPLS based Services • IP+ATM Integration • VPNs • Traffic Engineering (FRR & Protection) • Conclusions

  3. Evolution of MPLS • From Tag Switching • Proposed in IETF – Later combined with other proposals from IBM (ARIS), Toshiba (CSR) MPLS Croup Formally Chartered by IETF Cisco Ships MPLS TE Traffic Engineering Deployed Cisco Calls aBOF at IETF to Standardize Tag Switching Cisco Ships MPLS (Tag Switching) MPLS VPN Deployed Large Scale Deployment 1996 1997 1998 1999 2000 2001 Time

  4. MPLS-Key Drivers

  5. Provider Provisioned VPNs Traffic Engineering IP+ATM IP+Optical GMPLS Any Transport Over MPLS MPLS Network Infrastructure MPLS as a Foundation for Value Added Services

  6. US VPN Spending Infonetics VPN Spend Projections in ($US millions Yankee Group Predictions for VPN Spending ($US millions)

  7. New Applications for VPN Source: Infonetics April 2000

  8. The Service Provider Challenge • Generate New services • Protect Existing Infrastructure – ATM/FR • Combine Private Data Services with Internet Services • Move into rapid deployment

  9. Technology Specifics

  10. MPLS Concepts • MPLS: Multi Protocol Label Switching • MPLS is a layer 2+ switching • MPLS forwarding is done in the same way as in ATM switches • Packet forwarding is done based on Labels

  11. LSRs and Labels • LSR: Label Switch Router • Edge-LSR: LSRs that do label imposition and disposition

  12. IGP domain with a label distribution protocol LSRs and Labels • An IP routing protocol is used within the routing domain (e.g.:OSPF, i-ISIS) • A label distribution protocol is used to distribute address/label mappings between adjacent neighbors • The ingress LSR receives IP packets, performs packet classification, assign a label, and forward the labelled packet into the MPLS network • Core LSRs switch packets/cells based on the label value • The egress LSR removes the label before forwarding the IP packet outside the MPLS network

  13. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 Label | Exp|S| TTL LSRs and Labels • Uses new Ethertypes/PPP PIDs/SNAP values/etc • More than one Label is allowed -> Label Stack • MPLS LSRs always forward packets based on the value of the label at the top of the stack Label = 20 bits Exp = Experimental, 3 bits S = Bottom of stack, 1bit TTL = Time to live, 8 bits

  14. LSRs and Labels Label Label PPP Header(Packet over SONET/SDH) PPP Header Shim Header Layer 3 Header Ethernet Ethernet Hdr Shim Header Layer 3 Header Frame Relay FR Hdr Shim Header Layer 3 Header GFC VPI VCI PTI CLP HEC DATA ATM Cell Header Subsequent cells GFC VPI VCI PTI CLP HEC DATA

  15. Label Assignment and Distribution • Labels have link-local significance Each LSR binds his own label mappings • Each LSR assign labels to his FECs • Labels are assigned and exchanged between adjacent neighboring LSR • Applications may require non-adjacent neighbors

  16. Label Assignment and Distribution • Rtr-C is the downstream neighbor of Rtr-B for destination 171.68.10/24 • Rtr-B is the downstream neighbor of Rtr-A for destination 171.68.10/24 • LSRs know their downstream neighbors through the IP routing protocol • Next-hop address is the downstream neighbor Upstream and Downstream LSRs 171.68.40/24 171.68.10/24 Rtr-A Rtr-B Rtr-C

  17. Use label 30 for destination 171.68.10/24 Use label 40 for destination 171.68.10/24 In I/F In I/F In I/F In Lab In Lab In Lab Address Prefix Address Prefix Address Prefix Out I/F Out I/F Out I/F Out Lab Out Lab Out Lab 0 0 0 - 40 30 171.68.10 171.68.10 171.68.10 1 1 1 40 - 30 Next-Hop Next-Hop Next-Hop ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... Label Assignment and Distribution • LSRs distribute labels to the upstream neighbors Unsolicited Downstream Distribution 171.68.40/24 171.68.10/24 Rtr-A Rtr-B Rtr-C IGP derived routes

  18. Use label 30 for destination 171.68.10/24 Use label 40 for destination 171.68.10/24 Request label for destination 171.68.10/24 Request label for destination 171.68.10/24 Label Assignment and Distribution On-Demand Downstream Distribution 171.68.10/24 171.68.40/24 Rtr-A Rtr-B Rtr-C • Upstream LSRs request labels to downstream neighbors • Downstream LSRs distribute labels upon request

  19. Label Assignment and Distribution Label Retention Modes • Liberal retention mode • LSR retains labels from all neighbors Improve convergence time, when next-hop is again available after IP convergence Require more memory and label space • Conservative retention mode • LSR retains labels only from next-hops neighbors LSR discards all labels for FECs without next-hop Free memory and label space

  20. Label Assignment and Distribution Label Distribution Modes • Independent LSP control LSR binds a Label to a FEC independently, whether or not the LSR has received a Label the next-hop for the FEC The LSR then advertises the Label to its neighbor • Ordered LSP control LSR only binds and advertise a label for a particular FEC if: it is the egress LSR for that FEC or it has already received a label binding from its next-hop

  21. Label Assignment and Distribution Several protocols for label exchange • LDP Maps unicast IP destinations into labels • RSVP, CR-LDP Used in traffic engineering • BGP External labels (VPN) • PIM For multicast states label mapping

  22. Label Switch Path (LSP) IGP domain with a label distribution protocol IGP domain with a label distribution protocol LSP follows IGP shortest path LSP diverges from IGP shortest path • LSPs are derived from IGP routing information • LSPs may diverge from IGP shortest path LSP tunnels (explicit routing) with TE • LSPs are unidirectional Return traffic takes another LSP

  23. Label Switch Path (LSP) Penultimate Hop Popping • The label at the top of the stack is removed (popped) by the upstream neighbor of the egress LSR • The egress LSR requests the “popping” through the label distribution protocol • Egress LSR advertises implicit-null label • The egress LSR will not have to do a lookup and remove itself the label • One lookup is saved in the egress LSR

  24. Address Prefix and mask Next-Hop Interface In I/F In I/F In Lab In Lab Address Prefix Address Prefix Out I/F Out I/F Out Lab Out Lab Serial1 171.68.10/24 171.68.9.1 0 0 4 - 171.68/16 171.68/16 2 1 4 pop Next-Hop Next-Hop 171.68.44/24 171.68.12.1 Serial2 ... ... ... ... ... ... ... ... ... ... 171.68/16 ... Null Label Switch Path (LSP) Penultimate Hop Popping • Summary route for 171.68/16 • Summary route for 171.68/16 0 0 1 1 171.68.44/24 • Use label 4 for FEC 171.68/16 • Use label “implicit-null” for FEC 171.68/16 171.68.10/24 Egress LSR summarises morespecific routes and advertises a label for the new FEC Summary route is propagate through the IGP and label is assigned by each LSR Egress LSR needs to do an IP lookup for finding more specific route Egress LSR need NOT receive a labelled packet

  25. Loops and TTL • In IP networks TTL is used to prevent packets to travel indefinitely in the network • MPLS may use same mechanism as IP, but not on all encapsulations • TTL is present in the label header for PPP and LAN headers (shim headers) • ATM cell header does not have TTL

  26. Loops and TTL • LSRs using ATM do not have TTL capability • Some suggested options: - hop-count object in LDP - Path Vector object in LDP

  27. Loops and TTL Label = 25 Label = 21 Label = 39 IP packetTTL = 6 IP packetTTL = 6 IP packetTTL = 6 LSR-1 LSR-3 LSR-2 IP packetTTL = 10 LSR-6 LSR-6 --> 25Hops=4 IP packetTTL = 6 IGP domain with a label distribution protocol Egress LSR-5 LSR-4 • TTL is decremented prior to enter the non-TTL capable LSP • If TTL is 0 the packet is discarded at the ingress point • TTL is examined at the LSP exit

  28. Label Distribution Protocol • Defined in RFC 3035 and 3036 • Used to distribute Labels in a MPLS network • Forwarding Equivalence Class • How packets are mapped to LSPs (Label Switched Paths) • Advertise Labels per FEC • Reach destination a.b.c.d with label x • Neighbor discovery • Basic and Extended Discovery

  29. LDP Concepts • Label Distribution Protocol • Labels map to FECs for Unicast Destination Prefix • LDP works between adjacent/non-adjacent peers • LDP sessions are established between peers

  30. LDP Messages • Discovery messages • Used to discover and maintain the presence of new peers • Hello packets (UDP) sent to all-routers multicast address • Once neighbor is discovered, the LDP session is established over TCP

  31. LDP Messages • Session messages • Establish, maintain and terminate LDP sessions • Advertisement messages • Create, modify, delete label mappings • Notification messages • Error signalling

  32. Label Distribution Protocol • Label Merge • Done by default for packet networks – unique label advertised per FEC • Requires VC merge for ATM networks

  33. TDP & LDP • Tag Distribution Protocol • Pre-cursor to LDP • Used for Cisco Tag Switching • TDP and LDP supported on the same box • Per neighbor/link basis • Per target basis

  34. RSVP & Label Distribution • Used in MPLS Traffic Engineering • Additions to RSVP signaling protocol • Leverage the admission control mechanism of RSVP • Label requests are sent in PATH messages and binding is done with RESV messages • EXPLICT-ROUTE object defines the path over which setup messages should be routed • Using RSVP has several advantages • Traffic Engineering, Shared Explicit, FRR

  35. MPLS Example: Forwarding Packets In label Address Prefix Out I’face Out label In label Address Prefix Out I’face Out label In label Address Prefix Out I’face Out label - 128.89 1 4 4 128.89 0 9 9 128.89 0 - - 171.69 1 5 5 171.69 1 7 ... ... ... ... ... ... ... ... ... ... ... ... 128.89 0 0 128.89.25.4 Data 1 9 128.89.25.4 Data 1 128.89.25.4 Data 4 128.89.25.4 Data Label Switch forwards based on label 171.69

  36. Label Stacking • IGP Labels – Used for routing packets • BGP Labels – Used for assigning end users/communities • RSVP Labels – Used for TE tunnels • If more than one service is used • Then multiple labels are required – TE and FRR • In some cases a single service requires the use of multiple labels - VPNs

  37. Label Stacking – how? • Arrange Labels in a stack • Inner labels can be used to designate services/FECs etc • E.g VPNs, Fast Re-route • Outer label used to route/switch the MPLS packets in the network • Allows building services such as • MPLS VPNs – Basic & Advanced - CSC • Traffic Engineering and Fast Re-route • VPNs over Traffic Engineered core • Any Transport over MPLS Outer Label TE Label IGP Label VPN Label IP Header Inner Label

  38. Day in the life of a Packet Address Prefix and mask Next-Hop Interface In I/F In I/F In I/F In Lab In Lab In Lab Address Prefix Address Prefix Address Prefix Out I/F Out I/F Out I/F Out Lab Out Lab Out Lab Serial1 171.68.10/24 171.68.9.1 0 0 0 4 - 7 171.68/16 171.68/16 171.68/16 2 1 1 7 4 pop Next-Hop Next-Hop Next-Hop 171.68.44/24 171.68.12.1 Serial2 ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 171.68/16 ... Null P P 1 1 2 PE 0 PE 0 0 • Use label “implicit-null” for FEC 171.68/16 0 • Use label 4 for FEC 171.68/16 • Use label 7 for FEC 171.68/16 171.68.44/24 • Summary route for 171.68/16 • Summary route for 171.68/16 CE 171.68.10/24 Summary route is propagate through the IGP and label is assigned by each LSR Egress LSR summarises morespecific routes and advertises a label for the new FEC Egress LSR needs to do an IP lookup for finding more specific route

  39. Day in the life of a Packet - Basic Layout

  40. Day in the life of a Packet - Database Layout

  41. Day in the life of a Packet

  42. Day in the life of a Packet

  43. MPLS based services

  44. Provider Provisioned VPNs

  45. Categories • BGP MPLS VPNs – RFC 2547 • Supported by Cisco • Virtual Routers – • Alternative proposal – relies on logical partitioning of the physical box • Requires the use of Multicast/broadcast for better convergence

  46. VPN A Site 3 Corp B Site 3 Corp A Site 1 MPLS Based IP-VPN Architecture • Scalable VPNs • IP QoS and traffic engineering • Easy to manage and No VC provisioning required • Provides a level of Security equivalent to Frame-relay and ATM • Supports the deployment of new value-added applications • Customer IP address freedom VPN Membership- Based on Logical Port VPN A Site 2 MPLS Network Corp BSite 2 MPLS VPN Renault MPLS VPN Bankcorp Corp B Site 1 Traffic Separation at Layer 3 Each VPN has Unique RD

  47. Cust A Cust A A ---- --- ---- A ---- --- ---- B ---- --- ---- Cust A B ---- --- ---- MPLS Network Cust B Cust B Using Labels to Build an IP VPN • The network distributes labels to each VPN • only labels for other VPN members are distributed • each VPN is provisioned automatically by IP routing • Privacy and QoS of ATM without tunnels or encryption • each network is as secure as a Frame Relay connection • One mechanism (labels) for QoS and VPNs - no tradeoffs

  48. MPLS-based VPNs enables content hosting inside the network “flat” cost curve transport independent easy grouping of users and services enables QoS inside the VPNs Overlay VPN pushes content outside the network costs scale exponentially transport dependent groups endpoints, not groups complex overlay with QoS, tunnels, IP Service Provider Benefits of MPLS-based VPNs Multicast VPN A VPN B VPN C VPN C Hosting VPN B Intranet VPN A VoIP Extranet VPN A VPN B VPN C VPN C VPN A VPN B

  49. Security Validating Cisco MPLS Based IP-VPN as a Secure Network Miercom independent testing confirmed Cisco MPLS VPN is secure: • Customers network topology is not revealed to the outside world • Customers can maintain own addressing plans and the freedom to use either public or private address space • Attackers cannot gain access into VPNs or Service Provider’s network • Impossible for attacker to insert “spoofed” label into a Cisco MPLS network and thus gain access to a VPN or the MPLS core Test Network Topology

  50. BGP/MPLS VPN - Summary • Supports large scale VPN service • Increases value add by the VPN Service Provider • Decreases Service Provider cost of providing VPN services • Mechanisms are general enough to enable VPN Service Provider to support a wide range of VPN customers

More Related