applications of mpls in gÉant

Applications of MPLS in GEANT Agnès Pouélé ([email protected])

Applications of MPLS in GÉANT

MPLS WORLD CONGRESS 2002Paris 7th February 2002

Agnes Pouele, Network Engineer DANTE

1


Agenda• Overview of GÉANT• GÉANT Services• GÉANT and Traffic Engineering

• GÉANT TE and OSPF Metric

• Replacement of TEN-155 MBS Service• The TEN-155 MBS Service

• GÉANT Premium IP Service

• Alternative solutions with MPLS • Enforcement of the Premium IP Service with MPLS TE

• The Virtual Lab Service

• Conclusion2


Overview of GÉANT• DANTE

– DANTE plans, builds and manages advanced network services for the European R&E community.

• GÉANT– GÉANT is a 10 Gbps Pan-European Network, it

supports the development activities of the European National Research & Education Networks (NRENs)

– GÉANT has been launched in December 2001 and is the successor of TEN-155*.

3


GÉANT Services

• GÉANT Standard IP Service• IP traffic from NREN to NREN (About 30 countries)• IP traffic from NREN to Research Peerings (Abilene, Canarie, ESnet, NII ..)

• Multicast Service• Multicast is enabled for all the customers and Research Peerings

• Replacement of the Managed Bandwidth Service• Premium IP Service (End to End Service for upper bounded Delay, upper

bounded IPDV, negligible loss).• Layers 2 VPN

• Upcoming of New Services• Security and Dos attack detection• IPv6 (Pan-European IPv6 test pilot network)

4

Applications of MPLS in GEANT Agnès Pouélé ([email protected]) 5


GÉANT Services

6

• GÉANT Standard IP Service• IP traffic from NREN to NREN (About 30 countries)• IP traffic from NREN to Research Peerings (Abilene,

Canarie, ESnet, NII ..)

• Multicast Service• Multicast is enabled for all the customers and Research

Peerings

• Replacement of the Managed Bandwidth Service• Premium IP Service (End to End Service for upper bounded

Delay, upper bounded IPDV, negligible loss).• Layers 2 VPN

• Upcoming • Security and Dos attack detection• IPv6 (Pan-European IPv6 test pilot network)


GÉANT and Traffic Engineering

• GÉANT is currently an over-provisioned backbone.• It doesn’t need MPLS-TE for splitting the traffic load

among the trunks at its beginning.• We are using OSPF metrics to influence the path taken

by the IP traffic from each entrance to each exit point.– The use of OSPF metrics is quite simple but has some

limitations in terms of scalability and TE

7


GÉANT TE: OSPF Metric

uk

fr

at

ch

cz

pl

hu

sk

gr

ie

10

10

9

7 640

20

40

20

40

10

35

40

160

159

77

7

40

35

630

10si

160

170

be

nl

40

40

40

lu

640

640

5

it

es

de

se

IUCCJanet NY4-1 Nordunet

Eenet

Latnet

Litnet

Posnan

DFNNY4-2

InfonetCesnet

Sanet

HungarnetRoEduNet

Arnes

Grnet

Switch&Cern

Renater

Rediris

FCCN

Surfnet

Belnet

Restena

Heanet

Carnet

INFN

Aconet

Unicom-bCynet

8

STM64 circuitsSTM16 circuitsSTM4 circuitsSTM1 circuits


Replacement of TEN-155 MBS Service

• TEN-155 was an IP network built on ATM STM1 trunks upgraded in year 2000 at 622 Mbps.

• The TEN-155 Managed Bandwidth service provided International test-bed with QoS.

• The platforms were built with ATM VPs or PVCs with different classes of service (UBR, CBR).

• The test-beds were extended in each NREN backbone with the extension of the virtual connections

9


MBS service from TEN-155

UK

DE

NREN Janet

DFN

AS8933

TEN-155 backbone

AS786

AS680

A

B

RegionalNetwork

RegionalNetwork

NL

FR

MBS serviceATM connection across NRENs and TEN-155

10


GÉANTPremium IP Service

• The Premium IP service is an end-to-end service (University to University) crossing multiple administrative domains

• The model is based on a combination of edge-to-edge services offered by each domain.

• This service which is currently being piloted in GÉANT has the aim to provide international Virtual leased line based on Diffserv.

• It is defined on the basis of the Diffserv Expedited Forwarding Per Hop behavior which is required to offer– Bandwidth, low loss, upper bounded delay and jitter

11


Premium IP:Virtual Leased Line service

UK

DE

NREN Janet

DFN

AS20965

GÉANT backbone

AS786

AS680

A

B

RegionalNetwork

RegionalNetwork

SE

FR•Premium IP packets are tagged with DSCP code =46•Rate Limitation is applied per aggregate on the NREN’s access, based on the total demanded bandwidth towards the destination.•Admission Control is made manually based on the Sum of bandwidth already booked on the destination access.

Rate limitation is applied on the NREN access

streams < 10 % of the BW access

12


Alternative solution with MPLS GÉANT Premium IP service and MPLS TE

• MPLS TE can enforce this service by providing the best TE path across the network.– Lowest Delay independently of OSPF metric– Low loss with the use of Backup LSPs

• The LSPs can carry the aggregate Premium IP traffic and can be provisioned on demand– We don’t necessarily need to establish a full mesh. It

depends on the number of participants

• The bandwidth of the LSPs reflects the total amount of booking of Premium IP from one NREN to another one.

13


UK

DE

NREN Janet

DFN

AS20965

GÉANT backbone

AS786

AS680

A

B

RegionalNetwork

RegionalNetwork

SE

FR

Rate limitation is applied on the NREN access

streams < 10 % of the BW access

LSP FR-UKLSP DE-UK

LSP UK-SE

Alternative solution with MPLS GÉANT Premium IP and MPLS TE

14


• Forwarding of Premium IP “only” into the LSPs.– “CoS and destination” Based Forwarding

• Admission Control– On the core

– Automatically done by RSVP-TE.

– This Admission Control will permit to control the booking of Premium IP per link in the core and avoid overload in the case of re-routing.

– On the Access– Still Manual but can be automated by monitoring the of tunnel

BW landing on each exit point

Alternative solution with MPLS GÉANT Premium IP and MPLS TE

15


Alternative Solution with MPLS The Virtual Lab Service

• Definition– The customers of MBS were using this service for

the guaranteed BW and for the ability to have a Layer 3 network independent of the production traffic on TEN-155. The models discussed previously can’t provide isolation.

– Thus a second service is under study for the provisioning of VPNs.

– This service is called the Virtual Lab Service.

16


• The Virtual Lab Service allows the construction of international test-beds. – The service itself will be limited, in the beginning,

to the core backbone.

• This service is based on point-to-point connections of layer 2 encapsulated into MPLS.– Proprietary Encapsulation– Draft-Kompella-ppvpn-l2vpn-01.txt

The Virtual Lab ServiceOverview

17


• On the core side the virtual connection will be carried out by MPLS TE

• On the access side two types of access are defined– Shared access

• IP traffic and Virtual lab traffic are on the same physical link separated at layer 2 by virtual channel

– POS STM16 FR-DLCI– ATM PVCs

– Dedicated access• Any layer 2

The Virtual Lab ServiceOverview

18


LSPs

Shared media access (up to STM16 POS)

DLCI Production traffic access

Dedicated accessSTMxx to STM16 POS

EncapsulationLayer2 <-> MPLS

NREN’s access router

GÉANT’s router

In the core

MPLS traffic

IPV4 traffic

DLCI Virtual Lab access

NREN B

NREN A

NREN C

GÉANT backbone

Dedicated access (up to STM16 POS) NREN’s test router

The Virtual Lab ServiceExample of Virtual platform

19


The Virtual Lab ServiceDifferent Options

• Different options for the Virtual lab– With QoS

• Queuing of MPLS packets with Experimental CoS bits marked

• Use of WRR in the core (For now not needed)• Use of Rate limitation on the access

– With Backup LSPs• To protect sensitive application (low loss)

• Monitoring via SNMP per virtual lab.– Monitoring of each trunk (LSP) per VL

• BW usage ..20


RegionalNetwork

RegionalNetwork

RegionalNetwork

The Virtual Lab Service: Inter-domain extension

DLCI Production traffic access

NREN’s PE

GÉANT’s PEDLCI Virtual Lab access

NREN B

NREN A NREN C

GÉANT backbone

ATM access

MPLS VPN layer 2MPLS VPN layer 2

LSPs

PE1

PE2PE4PE/CE

PE

•Delivery to the regional network of a DLCIs

GRE Tunnels&LSPor

UTI

PE3

•Delivery to the regional network of ATM PVCs

Interworking area

ATM BackboneATM PVCs

Shared media access (up to STM16 POS)

21

Interworking area


The Virtual Lab Servicenext step

• Definition of the service– Still under discussion

• Limitations – Interoperability– Number of Virtual platform which can be

supported ?• Extension to NREN’s core backbone

– Obvious for the NREN’s which are still in ATM– To be investigated for pure IP backbone

22


Conclusion

• GÉANT and MPLS-TE for IP production traffic– Altought GÉANT looks over provisioned in the

medium term we expect an exponential growth in the usage of BW.

• Replacement of the MBS service– MPLS Layer-2 VPNs & Traffic Engineering

associated with Diffserv are keys to the deployment of the advanced services needed by the Research Community.

23


Thanks

•Questions ?

24

applications of mpls in gÉant

Documents