ee11--e2 (cfa)e2 (cfa)210.212.144.213/course_material/e1e2/cfa/e1-e2 ppt/chapter05 mp… · basic...
Post on 25-Aug-2020
18 Views
Preview:
TRANSCRIPT
E1E1--E2 (CFA)E2 (CFA)
For internal circulation of BSNL only
MPLSMPLS--VPNVPN
MPLSMPLS
For internal circulation of BSNL only
BASIC CONCEPTS OF MPLS
CONTENTS
Drawbacks of Traditional IP Forwarding
Basic MPLS Concepts
MPLS versus IP over ATMMPLS versus IP over ATM
Traffic Engineering with MPLS
MPLS Architecture
MPLS Labels
Label Switch Routers
For internal circulation of BSNL only
Routing protocols are used to distribute Layer 3 routing
information.
Forwarding is based on the destination address only.
Drawbacks of Traditional IP Forwarding
Routing lookups are performed on every hop.
For internal circulation of BSNL only
Drawbacks of Traditional IP Forwarding
Traditional IP Forwarding
Every router may need full Internet routing
information
For internal circulation of BSNL only
Drawbacks of Traditional IP Forwarding
Traditional IP Forwarding
Every router may need full Internet routing information (more than
100,000 routes).Destination-based routing lookup is needed on every hop.
For internal circulation of BSNL only
Drawbacks of Traditional IP Forwarding
(Cont.)
IP over ATM
Layer 2 devices have no knowledge of Layer 3 routing
information—virtual circuits must be manually established.
For internal circulation of BSNL only
Drawbacks of Traditional IP Forwarding
(Cont.)
IP over ATM
Layer 2 devices have no knowledge of Layer 3 routing information—
virtual circuits must be manually established.
Layer 2 topology may be different from Layer 3 topology, resulting in
suboptimal paths and link use.
Even if the two topologies overlap, the hub-and-spoke topology is
usually used because of easier management.
For internal circulation of BSNL only
Drawbacks of Traditional IP Forwarding
(Cont.) Traffic Engineering
Most traffic goes between large sites A and B, and uses only the primary
link.
Destination-based routing does not provide any mechanism for load
balancing across unequal paths.
Policy-based routing can be used to forward packets based on other
parameters, but this is not a scalable solution.
For internal circulation of BSNL only
Basic MPLS Concepts
MPLS is a new forwarding mechanism in which packets
are forwarded based on labels.
Labels usually correspond to IP destination networks
(equal to traditional IP forwarding).
Labels can also correspond to other parameters, such as Labels can also correspond to other parameters, such as
QoS or source address.
MPLS was designed to support forwarding of other
protocols as well.
For internal circulation of BSNL only
Basic MPLS Concepts Example
For internal circulation of BSNL only
Basic MPLS Concepts Example
Only edge routers must perform a routing lookup.
For internal circulation of BSNL only
Basic MPLS Concepts
Only edge routers must perform a routing lookup.
Core routers switch packets based on simple label lookups and swap labels.
For internal circulation of BSNL only
MPLS versus IP over ATM
Layer 2 devices are IP-aware and run a routing protocol.
For internal circulation of BSNL only
MPLS Versus IP over ATM
Layer 2 devices are IP-aware and run a routing protocol.
There is no need to manually establish virtual circuits.
For internal circulation of BSNL only
MPLS Versus IP over ATM
Layer 2 devices are IP-aware and run a routing protocol.
There is no need to manually establish virtual circuits.
MPLS provides a virtual full-mesh topology.
For internal circulation of BSNL only
Traffic Engineering with MPLS
Traffic can be forwarded based on other parameters (QoS,
source, ...).
Load sharing across unequal paths can be achieved.
For internal circulation of BSNL only
MPLS Architecture
• MPLS has two major components:
• Control plane: Exchanges Layer 3 routing
information and labels
• Data plane: Forwards packets based on
labelslabels
Control plane contains complex mechanisms to
exchange routing information, such as OSPF,
EIGRP, IS-IS, and BGP, and to exchange labels,
such as TDP, LDP, BGP, and RSVP.
Data plane has a simple forwarding engine.
For internal circulation of BSNL only
MPLS Architecture
Router functionality is divided into two major
parts: control plane and data plane
For internal circulation of BSNL only
MPLS Architecture
Router functionality is divided into two major parts: control plane
and data plane
For internal circulation of BSNL only
MPLS Architecture
Router functionality is divided into two major parts:
control plane and data plane
For internal circulation of BSNL only
MPLS Architecture
Router functionality is divided into two major parts: control plane
and data plane
For internal circulation of BSNL only
MPLS Architecture
Router functionality is divided into two major parts: control plane
and data plane
For internal circulation of BSNL only
MPLS Labels
MPLS technology is intended to be used anywhere
regardless of Layer 1 media and Layer 2 protocol.
MPLS uses a 32-bit label field that is inserted between
Layer 2 and Layer 3 headers
For internal circulation of BSNL only
MPLS Labels Label Format
• MPLS uses a 32-bit label field that contains the following
information:
20-bit label
3-bit experimental field
1-bit bottom-of-stack indicator
8-bit TTL field
For internal circulation of BSNL only
MPLS Label Stack
Protocol identifier in a Layer 2 header specifies that
the payload starts with a label (labels) and is followed
by an IP header.
Bottom-of-stack bit indicates whether the next header
is another label or a Layer 3 header.
Receiving router uses the top label only.
For internal circulation of BSNL only
MPLS Label Stack
Usually only one label is assigned to a packet.
The following scenarios may produce more than one
label:
– MPLS VPNs (two labels: The top label points to the egress router
and the second label identifies the VPN.)and the second label identifies the VPN.)
– MPLS TE (two or more labels: The top label points to the
endpoint of the traffic engineering tunnel and the second label
points to the destination.)
– MPLS VPNs combined with MPLS TE (three or more labels.)
For internal circulation of BSNL only
MPLS Labels
For internal circulation of BSNL only
MPLS Labels
For internal circulation of BSNL only
Label Switch Routers
LSR primarily forwards labeled packets (label swapping).
Edge LSR primarily labels IP packets and forwards them into the
MPLS domain, or removes labels and forwards IP packets out of
the MPLS domain.
For internal circulation of BSNL only
Label Switch Routers
Architecture of LSRs
•LSRs, regardless of the type, perform these functions:
Exchange routing information
Exchange labels
Forward packetsForward packets
– The first two functions are part of the control plane.
– The last function is part of the data plane.
For internal circulation of BSNL only
Label Switch Routers
Architecture of LSRs
For internal circulation of BSNL only
Label Switch Routers
Architecture of Edge LSRs
For internal circulation of BSNL only
Terminology
Label: A label is an identifier, which indicates the path a
packet, should traverse. Label is carried along with the packet.
The receiving router examines the packet for its label content to
determine the next hop. Once a packet has been labeled, the
rest of the journey of the packet through the backbone is based
on label switching. Since every intermediate router has to lookon label switching. Since every intermediate router has to look
in to the label for routing the decision making at the level of
router becomes fast.
Label Creation: Every entry in routing table (build by using any
IGP protocol) is assigned a unique 20-bit label.
For internal circulation of BSNL only
Terminology
SWAP: Every incoming label is replaced by a new outgoing
label (As per the path to be followed) and the packet is
forwarded along the path associated with the new label.
PUSH: A new label is pushed on top of the packet, effectively
"encapsulating" the original IP packet in a layer of MPLS.
POP: The label is removed from the packet effectively "de-POP: The label is removed from the packet effectively "de-
encapsulating". If the popped label was the last on the label
stack, the packet "leaves" the MPLS tunnel.
LER: A router that operates at the edge of the access
network and MPLS network LER performs the PUSH and
POP functions and is also the interface between access and
MPLS network, commonly know as Edge router.
For internal circulation of BSNL only
Terminology
LSR: An LSR is a high-speed router device in the core of
an MPLS network, normally called Core routers. These
routers perform swapping functions and participate in the
establishment of Label Switch Path (LSP)
Ingress / Egress Routers: The routers receiving theIngress / Egress Routers: The routers receiving the
incoming traffic or performing the first PUSH function are
ingress routers and routers receiving the terminating
traffic or performing the POP function are Egress
routers. The same router performs both functionality i.e.
Ingress and Egress. The routers performing these
functions are LER.
For internal circulation of BSNL only
Terminology
FEC: The forward equivalence class (FEC) is a
representation of a group of packets that share the same
requirements for their transport. All packets in such a
group are provided the same treatment en route to the
destination. As opposed to conventional IP forwarding, indestination. As opposed to conventional IP forwarding, in
MPLS, the assignment of a particular packet to a
particular FEC is done just once, as the packet enters
the network at the edge router.
For internal circulation of BSNL only
MPLS functions
MPLS performs following functions
Specifies mechanisms to manage traffic flow of various
granularities, such as flows between different hardware,
machines, or even flows between different applications.
MPLS remains independent of the Layer-2 & layer-3 protocols.
Meaning thereby that label encapsulating the data packetMeaning thereby that label encapsulating the data packet
does not depend upon layer 3 /layer 2 protocol of data. This
justifies the name as multi protocol label switching.
For internal circulation of BSNL only
MPLS functions contd…
Provides a means to map IP addresses to simple, fixed-length
labels used by different packet-forwarding and packet-
switching technologies
Interfaces to existing routing protocols such as resource Interfaces to existing routing protocols such as resource
reservation protocol (RSVP) and open shortest path first
(OSPF).
Supports the IP, ATM, and frame- relay Layer-2 protocols.
For internal circulation of BSNL only
Label Distribution Protocol
(LDP)
The LDP is a protocol for the distribution of label
information to LSRs in a MPLS networks. It is used to
map FECs to labels, which, in turn, create LSP.map FECs to labels, which, in turn, create LSP.
LDP sessions are established between LDP peers in the
MPLS network (not necessarily adjacent).
For internal circulation of BSNL only
MPLS Operation
The following steps must be taken for a data packet to
travel through an MPLS domain:
Label creation and distribution
Table creation at each routerTable creation at each router
Label-switched path creation
Label insertion/table lookup
Packet forwarding
For internal circulation of BSNL only
MPLS Applications
MPLS addresses today’s network backbone
requirements effectively by providing a standards-based
solution that accomplishes the following:
Improves packet-forwarding performance in the network.
MPLS enhances and simplifies packet forwardingMPLS enhances and simplifies packet forwarding
through routers using Layer-2 switching paradigms.
MPLS is simple which allows for easy implementation.
MPLS increases network performance because it
enables routing by switching at wire line speeds.
Supports QoS and CoS for service differentiation.
For internal circulation of BSNL only
MPLS Applications
MPLS uses traffic-engineered path setup and helps
achieve service-level guarantees.
MPLS incorporates provisions for constraint-based and
explicit path setup.
Supports network scalability.
MPLS can reuse existing router/ATM switch hardware,MPLS can reuse existing router/ATM switch hardware,
effectively joining the two disparate networks.
Builds interoperable networks
MPLS is a standards-based solution.
MPLS helps build scalable VPNs with traffic-engineering
capability.
For internal circulation of BSNL only
Advantages of MPLS over
other technologies
BSNL's primary objectives in setting up the BGP/MPLS
VPN network are:
Provide a diversified range of services (Layer 2, Layer 3
and Dial up VPNs) to meet the requirements of the entire
spectrum of customers from Small and Medium to Largespectrum of customers from Small and Medium to Large
business enterprises and financial institutions.
Make the service very simple for customers to use even
if they lack experience in IP routing.
Make the service very scalable and flexible to facilitate
large-scale deployment.
For internal circulation of BSNL only
Advantages of MPLS over
other technologies
Provide a reliable and amenable service.
Offering SLA to customers.
Capable of meeting a wide range of customer
requirements, including security, quality of Service
(QOS) and any-to-any connectivity.(QOS) and any-to-any connectivity.
Capable of offering fully managed services to
customers.
Allow BSNL to introduce additional services such as
bandwidth on demand etc over the same network.
For internal circulation of BSNL only
MPLSMPLS--VPNVPN
For internal circulation of BSNL only
Overview
Traditional Router-Based Networks
Virtual Private Networks
VPN Terminology
MPLS VPN ArchitectureMPLS VPN Architecture
MPLS VPN Routing
MPLS VPN Label Propagation
For internal circulation of BSNL only
Traditional Router-Based
Networks
Traditional router-based networks connect customer
sites through routers connected via dedicated point-to-
point links.
For internal circulation of BSNL only
Virtual Private Networks
VPNs replace dedicated point-to-point links with emulatedpoint-to-point links sharing common infrastructure.
Customers use VPNs primarily to reduce their operationalcosts.
For internal circulation of BSNL only
VPN Terminology
For internal circulation of BSNL only
VPN Implementation
Technologies
VPN services can be based on two major models:
Overlay VPNs, in which the service provider provides virtual
point-to-point links between customer sites
Peer-to-peer VPNs, in which the service provider Peer-to-peer VPNs, in which the service provider
participates in the customer routing
For internal circulation of BSNL only
Overlay VPNs
Service provider infrastructure appears as point-to-point
links to customer routes.
Routing protocols run directly between customer routers.
Service provider does not see customer routes and is
responsible only for providing point-to-point transport of
customer data.
For internal circulation of BSNL only
Peer-to-Peer VPNs
For internal circulation of BSNL only
Benefits of VPN Implementations
Overlay VPN:
–Well-known and is easy to implement.
– Service provider does not participate in customer routing.
– Customer network and service provider network are well
isolated.
Peer-to-peer VPN:
– Guarantees optimum routing between customer sites.
– Easier to provision an additional VPN.
– Only the sites are provisioned, not the links between them.
For internal circulation of BSNL only
Drawbacks of VPN Implementations
Overlay VPN:
– Implementing optimum routing requires full mesh of
virtual circuits.
– Virtual circuits have to be provisioned manually.– Bandwidth must be provisioned on a site-to-sitebasis.basis.
– Overlay VPNs always incur encapsulation overhead.Peer-to-peer VPN:
– Service provider participates in customer routing.– Service provider becomes responsible for customerconvergence.
– PE routers carry all routes from all customers.– Service provider needs detailed IP routingknowledge.
For internal circulation of BSNL only
MPLS VPN Architecture
An MPLS VPN combines the best features of an
overlay VPN and a peer-to-peer VPN:
– PE routers participate in customer routing,
guaranteeing optimum routing between sites and
easy provisioning.
– PE routers carry a separate set of routes for each
customer (similar to the dedicated PE router
approach).
– Customers can use overlapping addresses.
For internal circulation of BSNL only
MPLS VPN Architecture -
Terminology
For internal circulation of BSNL only
PE Router Architecture
Backbone
For internal circulation of BSNL only
Propagation of Routing Information
Across the P-Network
Question: How will PE routers exchange customer routing information?
Answer #1: Run a dedicated Interior Gateway Protocol (IGP) for each customeracross the P-network.
This is the wrong answer for the following reasons:
The solution does not scale.
P routers carry all customer routes.
For internal circulation of BSNL only
Propagation of Routing Information
Across the P-Network
Question: How will PE routers exchange customer routing information?
Answer #2: Run a single routing protocol that will carry all customer routes inside the provider backbone.
Better answer, but still not good enough:
P routers carry all customer routes.
For internal circulation of BSNL only
Propagation of Routing Information
Across the P-Network
Question: How will PE routers exchange customer routing information?
Answer #3: Run a single routing protocol that will carry all customer routes between PE
routers. Use MPLS labels to exchange packets between PE routers.
The best answer:
� P routers do not carry customer routes; the solution is scalable.
For internal circulation of BSNL only
Propagation Routing Information
Across the P-Network
Question: Which protocol can be used to carry customer routes between PE routers?
Answer: The number of customer routes can be very large. BGP is the onlyrouting protocol that can scale to a very large number of routes.
Conclusion:BGP is used to exchange customer routes directly between PE routers.
For internal circulation of BSNL only
Propagation of Routing Information
Across the P-Network
Question: How will information about the overlapping subnets of two customers be propagated via a single routing protocol?
Answer: Extend the customer addresses to make them unique.
For internal circulation of BSNL only
Route Distinguishers
The 64-bit route distinguisher (RD) is prepended to an
IPv4 address to make it globally unique.
The resulting address is a VPNv4 address.
VPNv4 addresses are exchanged between PE routers
via BGP.
– BGP that supports address families other than IPv4
addresses is called Multiprotocol BGP (MP-BGP).
For internal circulation of BSNL only
Route Distinguishers
For internal circulation of BSNL only
Route Distinguishers
For internal circulation of BSNL only
Route Distinguishers
For internal circulation of BSNL only
Route Distinguishers
For internal circulation of BSNL only
Route Distinguishers
For internal circulation of BSNL only
Route Distinguishers
• The RD has no special meaning.
• Used only to make potentially overlapping IPv4
addresses globally unique.
• The RD could serve as a VPN identifier, but this design
could not support all topologies required by thecould not support all topologies required by the
customers.
For internal circulation of BSNL only
Route Targets - VoIP Service
Sample
Requirements:
All sites of one customer need to communicate.
Central sites of both customers need to communicate with VoIP gateways and other central sites.
Other sites from different customers do not communicate with each other.
A
For internal circulation of BSNL only
Route Targets Connectivity
Requirements
For internal circulation of BSNL only
Route Targets - Why Are They
Needed?
Some sites have to participate in more than
one VPN.
The RD cannot identify participation in more than one VPN.
RTs were introduced in the MPLS VPN architecture to
support complex VPN topologies.support complex VPN topologies.
– A different method is needed in which a set of identifiers can be
attached to a route.
For internal circulation of BSNL only
Route Targets - What Are They?
RTs are additional attributes attached to VPNv4 BGP
routes to indicate VPN membership.
Extended BGP communities are used to encode these
attributes.
– Extended communities carry the meaning of the – Extended communities carry the meaning of the
attribute together with its value.
Any number of RTs can be attached to a single route.
For internal circulation of BSNL only
Route Targets - How Do They Work?
Export RTs:
– Identifying VPN membership
– Appended to the customer route when it is converted
into a VPNv4 route
Import RTs:
– Associated with each virtual routing table
– Select routes to be inserted into the virtual routing
table
For internal circulation of BSNL only
MPLS VPN Routing - CE Router
Perspective
The CE routers run standard IP routing software and exchange
routing updates with the PE router.
• EBGP, OSPF, RIPv2, EIGRP, and static routes are
supported.
The PE router appears as another router in the C-network.
For internal circulation of BSNL only
MPLS VPN Routing
Overall Customer Perspective
To the customer, the PE routers appear as core
routers connected via a BGP backbone.
The usual BGP and IGP design rules apply.
The P routers are hidden from the customer.
For internal circulation of BSNL only
MPLS VPN Routing P Router
Perspective
P routers do not participate in MPLS VPN routing and do not
carry VPN routes.
P routers run backbone IGP with the PE routers and
exchange information about global subnets (core links and
loopbacks).
For internal circulation of BSNL only
MPLS VPN Routing PE Router
Perspective
� Exchange VPN routes with CE routers via per-VPN routing protocols
– Exchange VPNv4 routes with other PE routers via MP-IBGP sessions
PE routers:
� Exchange core routes with P routers and PE routers via core IGP
For internal circulation of BSNL only
Routing Tables on PE Routers
PE routers contain a number of routing tables:
– Global routing table, which contains core routes (filled with core
IGP) and Internet routes (filled with IPv4 BGP)
– VRF tables for sets of sites with identical routing requirements
– VRFs filled with information from CE routers and MP-BGP
information from other PE routers
For internal circulation of BSNL only
VPN Packet Forwarding Across
an MPLS VPN Backbone
Question: How will the PE routers forward the VPN packets across the
MPLS VPN backbone?
Answer #1: They will label the VPN packets with an LDP label for the egress
PE router and forward the labeled packets across the MPLS backbone.
For internal circulation of BSNL only
VPN Packet Forwarding Across
an MPLS VPN Backbone
Question: How will the PE routers forward the VPN packets across the
MPLS VPN backbone?
However, the egress PE router does not know which VRF to use for packet
switching, so the packet is dropped.
How about using a label stack?
Answer #1: They will label the VPN packets with an LDP label for the egress
PE router and forward the labeled packets across the MPLS backbone.
Results:
The P routers perform the label switching, and the packet reaches the
egress PE router.
For internal circulation of BSNL only
VPN Packet Forwarding Across
an MPLS VPN Backbone
Question: How will the PE routers forward the VPN packets across the
MPLS VPN backbone?
Answer #2: They will label the VPN packets with a label stack, using the LDP label for
the egress PE router as the top label, and the VPN label assigned by the
egress PE router as the second label in the stack.
For internal circulation of BSNL only
VPN Packet Forwarding Across
an MPLS VPN Backbone
Question: How will the PE routers forward the VPN packets across the
MPLS VPN backbone?
Result:The P routers perform label switching, and the packet reaches the egress
PE router.
The egress PE router performs a lookup on the VPN label and forwards the packet
toward the CE router.
Answer #2: They will label the VPN packets with a label stack, using the LDP label for
the egress PE router as the top label, and the VPN label assigned by the
egress PE router as the second label in the stack.
For internal circulation of BSNL only
VPN Penultimate Hop Popping
Penultimate hop popping can be performed on the last P router.
The egress PE router performs label lookup only on the VPN label,
resulting in faster and simpler label lookup
IP lookup is performed only once—in the ingress PE router.
For internal circulation of BSNL only
Penultimate hop popping can be performed on the last P router.
The egress PE router performs label lookup only on the VPN
label, resulting in faster and simpler label lookup
IP lookup is performed only once—in the ingress PE
router.
VPN Penultimate Hop Popping
router.
For internal circulation of BSNL only
VPN Label Propagation
Question: How will the ingress PE router get the second label in the
label stack from the egress PE router?
Answer: Labels are propagated in MP-BGP VPNv4 routing updates.
For internal circulation of BSNL only
VPN Label Propagation (Cont.)
Step 1: A VPN label is assigned to every VPN route by the egress
PE router.
For internal circulation of BSNL only
VPN Label Propagation (Cont.)
Step 1: A VPN label is assigned to every VPN route by the egress
PE router.
Step 2: The VPN label is advertised to all other PE routers in an MP-BGP
update.
For internal circulation of BSNL only
VPN Label Propagation (Cont.)
Step 1: A VPN label is assigned to every VPN route by the egress
PE router.
Step 2: The VPN label is advertised to all other PE routers in an MP-BGP
update.
Step 3: A label stack is built in the VRF table.
For internal circulation of BSNL only
For internal circulation of BSNL only
top related