cisco confidential 1 mpls fundamentals sherif toulan, p.eng.,ccie#4220 sr. technical leader, cisco...

Cisco Confidential 1

MPLS fundamentals

Sherif Toulan, P.Eng.,CCIE#4220Sr. Technical Leader, Cisco Systems Canada

© 2015 Cisco Systems. All rights reserved.Cisco Systems 2

Agenda

1. MPLS Technology Basics

2. MPLS Traffic Engineering (TE)

3. MPLS Layer-2 Virtual Private Networks (L2 VPN)

4. MPLS Layer-3 Virtual Private Networks (L3 VPN)

Summary

Topics


MPLS Technology Basics


Agenda

Evolution of MPLS

MPLS Reference Architecture

MPLS forwarding

Summary

© 2015 Cisco Systems. All rights reserved.Cisco Systems

Evolution of MPLS Technology Evolution and Main Growth Areas

5

1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014

Bring MPLS to Market

Complete base MPLS portfolio

Optimize MPLS for video

Optimize MPLS for packet transport

Cisco ships MPLS

First L3VPNs Deployed

First MPLS TE Deployments

First L2VPN Deployments

Large Scale L3VPN

Deployments

Large Scale MPLS TE

Deployments

Large Scale L2VPN

Deployments

First MPLS Transport

Profile Deployments

• Evolved in 1996 to full IETF standard, covering over 130 RFCs

• Key application initially were Layer-3 VPNs, followed by Traffic Engineering (TE), and Layer-2 VPNs


What Is MPLS?

6

Multi Multi-Protocol: The ability to carry any payload.

Have:IPv4, IPv6, Ethernet, ATM, FR. Could do IPX, AppleTalk, DECnet, etc etc.Protocol

Label Uses Labels to tell a node what to do with a packet; separates forwarding (hop by hop behavior) from routing (control plane)

Switching Routing == IPv4 or IPv6 lookup.Then forwarding is based on label Switching.

• It’s all about labels …

• Use the best of both worlds– Layer-2 (ATM/FR): efficient forwarding and

traffic engineering– Layer-3 (IP): flexible and scalable

• MPLS forwarding plane– Use of labels for forwarding Layer-2/3 data traffic– Labeled packets are being switched instead

of routed• Leverage layer-2 forwarding efficiency

• MPLS control/signaling plane– Use of existing IP control protocols

extensions + new protocols to exchange label information• Leverage layer-3 control protocol flexibility and scalability


MPLS Reference Architecture

• P (Provider) router – Label switching router (LSR)– Switches MPLS-labeled packets

• PE (Provider Edge) router– Label Edge router (LER)– Imposes and removes MPLS labels

• CE (Customer Edge) router – Connects customer network to MPLS

network, no labels to be sent to CE nodes

Different Type of Nodes & their Roles in a MPLS Network

7

MPLS enabled Domain

CE

CE

CE

CE

Label switched traffic

P

P

P

P

PE

PE PE

PE

MPLS core


Basic MPLS Forwarding Operations

• Label imposition (Push)– By ingress PE router; classify and

label packets– Based on Forwarding Equivalence

Class (FEC)

• Label swapping – By P router; forward packets using

labels; indicates service class & destination

• Label disposition (Pop)– By egress PE router; remove label and

forward original packet to destination CE

How Labels Are Being Used to Establish End-to-end Connectivity

8

CE

CE

CE

CE

PE

PE

PE

Label Imposition (Push)Label Swap Label Swap

PE

Label Disposition (PoP)

P

P

P

PL1 L2 L3

“FEC = Set of all packets that are going to be forwarded in exactly the same way”

MPLS core

MPLS enabled Domain


MPLS Labels

• Labels used for making forwarding decision

• Multiple labels (4 bytes) can be used for MPLS packet encapsulation

• Outer label always used for switching MPLS packets in network

• Inner labels usually used for services (e.g. Layer 2/Layer 3 VPN)

Label Definition and Encapsulation

EXP = Experimental Bits for QoS : 3 Bits; S = Bottom of Stack; TTL = Time to Live

MPLS Label Entry (4 bytes)

MPLS Label Stack (1 label)

Label = 20 bits EXP S TTL

Layer 2 MAC Header MPLS Label4 bytes

Layer 3 Packet


MPLS Path (LSP) Setup

• Label Switched Path (LSP) signaling Either Label Distribution Protocol (LDP*) or RSVP

for TE (traffic engineering) Leverages IP routing Forwarding Information Base

(FIB) table

• Exchange of labels Label bindings to IP addresses Downstream MPLS node advertises what label to

use to send traffic to node

• MPLS forwarding MPLS Forwarding table

Traffic Forwarding

10

IP MPLS

Forwarding

Destination address based

Forwarding table learned from control plane

TTL support

Label based

Forwarding table learned from control plane

TTL support

Control Plane OSPF, IS-IS, BGPOSPF, IS-IS, BGP

LDP, RSVP

Packet Encapsulation

IP HeaderOne or more MPLS

labels

QoS 8 bit TOS field in IP header3 bit Traffic Class field in

label

OAM IP ping, traceroute MPLS OAM

* Label Distribution Protocol “LDP signaling assumed for next the examples”


MPLS Path (LSP) Setup

• Label Distribution Protocol (LDP) signaling– Leverages existing routing

• Can use both protocols simultaneously– They work differently, they solve different

problems– Dual-protocol deployments are very common

Signaling Options

11

LDP RSVP

Forwarding path LSPTE Tunnel

Primary and, optionally, backup

Forwarding Calculation

Based on IP routing database

Shortest-Path based

Based on TE topology database

Shortest-path and/or other constraints (CSPF calculation)

Packet Encapsulation Single label One or two labels

SignalingBy each node independently

Uses existing routing protocols/information

Initiated by head-end node towards tail-end node

Uses routing protocol extensions/information

Supports bandwidth reservation

Supports link/node protection

Cont.


IP Packet Forwarding Example

• IP routing information exchanged between nodes– Via IGP (e.g., OSFP, IS-IS)

• Packets being forwarded based on destination IP address– Lookup in routing table

Basic IP Packet Forwarding

0

1

1

128.89.25.4

171.69.11.1

0

128.89.25.4 Data

128.89.25.4 Data

128.89.25.4 Data

…

128.89

171.69

Address

I/F

1

1

…

128.89

171.69

Address

I/F

0

1 …

128.89

171.69

Address

I/F

0

1

IP Forwarding Table

IP Forwarding Table

IP Forwarding Table

128.89.25.4 Data

1


MPLS Path (LSP) Setup with LDP enabled

• Enable IGP Routing (OSPF or ISIS) & MPLS LDP on all core links, i.e. PE-P & P-P links

• Exchange of IP routes in core via:– OSPF, IS-IS….,etc.

• Establish IP reachability

Step 1: IP Routing (IGP) Convergence

128.89

171.69

In Label

Address Prefix

…

OutI’face

128.89 1

171.69 1

…

Out Label

In Label

Address Prefix

…

OutI’face

128.89 0

171.69 1

…

Out Label

In Label

Address Prefix

128.89

…

OutI’face

0

…

Out Label

You Can Reach 171.69 Thru Me

You Can Reach 128.89 and 171.69 Thru Me

Routing Updates (OSPF, ISIS, …)

You Can Reach 128.89 Thru Me

MPLS Forwarding Table MPLS Forwarding Table MPLS Forwarding Table

0

1

1

0


MPLS Path (LSP) Setup with LDP enabled

• Local label mapping are sent to connected nodes

• Receiving nodes update MPLS forwarding table

• LDP label advertisement

Step 2: Assignment of MPLS Labels

1

128.89

Use Label 30 for 128.89Use Label 20 for 128.89 and

Use Label 21 for 171.69

Label Distribution Protocol (LDP)

171.69Use Label 36 for 171.69

In Label

Address Prefix

128.89

171.69

…

OutI’face

1

1

…

Out Label

In Label

Address Prefix

128.89

171.69

…

OutI’face

0

1

…

Out Label

In Label

Address Prefix

128.89

…

OutI’face

0

…

Out Label

20

21

…

-

-

…

30

36

…

20

21

…

-

…

30

…

MPLS Forwarding Table MPLS Forwarding Table MPLS Forwarding Table )

0

1

1

0


MPLS Traffic Forwarding with LDP

• Ingress PE node adds label to packet (push)– Via MPLS forwarding table

• Downstream node use label for forwarding decision (swap)– Outgoing interface– Out MPLS label

• Egress PE removes label and forwards original packet (pop)

Step 3: Hop-by-hop Traffic Forwarding Using Labels

128.89.25.4 Data 128.89.25.4 Data20

128.89.25.4 Data30

Forwarding based on Label

128.89.25.4 Data

128.89

171.69

In Label

Address Prefix

128.89

171.69

…

OutI’face

1

1

…

Out Label

In Label

Address Prefix

128.89

171.69

…

OutI’face

0

1

…

Out Label

In Label

Address Prefix

128.89

…

OutI’face

0

…

Out Label

20

21

…

-

-

…

30

36

…

20

21

…

-

…

30

…

MPLS Forwarding Table MPLS Forwarding Table MPLS Forwarding Table

0

1

1

0


MPLS Traffic Forwarding with LDP

1. MPLS technology is widely deployed in Service Provider core networks, MPLS increases the performance by doing forwarding based on labels

2. The MPLS enabled routers (LSRs, LERs) use Label Distribution Protocol (LDP) to assign & distributes labels.

3. The MPLS enabled routers advertise their labels to other MPLS enabled routers, the labels advertise reachability across MPLS network

4. Data packets are forwarded using MPLS labels hence increasing speed & performance in the Service Provider network

5. MPLS label is 4 bytes!

Summary


MPLS Traffic Engineering


• MPLS Traffic Engineering (TE) motivation

• MPLS TE Path Selection - Constraint-Based Shortest Path First (CSPF)

• MPLS TE signaling – LSP Setup – Resource Reservation Protocol (RSVP)

• Summary

Agenda


Link Utilization problem with IGP (OSPF or ISIS)

PE1

P1

P4

P2

P3

P5

PE4

PE3

PE2

IP (Mostly) Uses Destination-Based Least-Cost RoutingFlows from PE1, PE2 Merge at P1 and Become IndistinguishableUpper path is overutilized!!

Alternate Path Under-Utilized!!

Cost=10

Cost=20

Cost=20

Cost= 20Cost= 20

DS3

OC3

DS3

DS3

DS3

IGP = Interior Gateway Protocol (OSPF or ISIS)

MPLS core

40M

40M


What MPLS-TE Addresses?

Node Next-Hop

PE3 Tunnel0

PE4 Tunnel1

DS3

OC3

DS3

DS3

DS3

OC3

OC3

• P1 is the HEADEND & sees all links

• P1 computes paths on properties other than just shortest cost

• No oversubscription!

• Tunnel 0, Tunnel 1 are multi-hop tunnels

P1

P2

P4

P3

P5

PE3

PE4

Tunnel 0Tunnel 0

Tunnel 1Tunnel 1

Tunnel 1

40Mb

40Mb

MPLS core


TE Terminology

• Constraint-Based Shortest Path First (CSPF) only run by Headend– MPLS-TE uses CSPF to create a shortest path based on a series of constraints:

Resource Availability User constraints ( tunnel priority,link attributes,metric,….etc.)

• Tunnels are UNI-DIRECTIONAL!

Tunnel Direction

HEADEND MIDPOINT TAILEND

Upstream Downstream


TE Fundamentals – “Building Blocks”Step 2:CSPF does Path Calculation on headend only – uses IGP advertisements to compute “constrained” paths

Step 3:Path Setup-RSVP/TE used to distribute labels, provide LAC, failure notification, etc.

Step 1:Information Distribution - IGP (OSPF or ISIS) extensions used to flood bandwidth information between routers

Tunnel Headendnode

Midpoint

Tail

MPLS core


Path Calculation “Constraint-Based Shortest Path First (CSPF)”

MPLS

TE Topology database

• Additional link characteristics advertised by OSPF, ISIS TE extensions

Interface address Physical bandwidth Maximum reservable bandwidth Administrative group (attribute flags)

• IS-IS or OSPF flood link information

• TE nodes build a topology database

• CSPF uses topology database to find best path for TE

• User Constraints and topology database used by CSPF as input to path computation

• Tunnel can be signaled via RSVP once a path is found

55 33

1010

1515

1010

1010

88

1010

R1(Headend) R8

(Tailend)

Link with insufficient bandwidthLink with sufficient bandwidth

nnnn

Find shortest path to R8 with 8Mbps

Find shortest path to R8 with 8Mbps


• Tunnel signaled with TE extensions to RSVP

• 4 main RSVP messages for TE RSVP PATH message RSVP RESV message RSVP error message (PATHERR,RESVERR) RSVP tear messages (PATHTEAT,RESVTEAR)

• Forwarding Table is populated using RSVP labels allocated by RESV messages

IP/MPLSHead end

Tail end

TE LSP

PATHPATH

RESVRESV

RSVP Label=16

Mid point

TE Path Setup using Resource Reservation Protocol (RSVP)


How to map Customer Traffic into TE tunnel?

• Multiple traffic selection options:1. Static routes

2. Policy Based Routing

• Traffic enters tunnel at head endIP/MPLS

Head end

TE LSP

Customer Traffic


MPLS Traffic Engineering Summary

1. Traffic Engineering (TE) tunnels are used to manipulate the traffic across the Service provider core networks

2. Traffic Engineering (TE) tunnels provide efficient utilization of links based on available bandwidth & defined user constraints.

3. Traffic Engineering (TE) tunnels use CSPF to establish the path & RSVP for signaling the TE tunnels

4. Customer traffic can be mapped to TE tunnels to follow a specific path across the core network & as defined in Service Level Agreements between Service Provider & Customer.


MPLS Layer-2 Virtual Private Network (L2 VPN)


Agenda

• Layer-2 Virtual Private Network (VPN) Technology Options

• Virtual Private Wire Service (VPWS) overview

• Summary


Layer 2 VPN (L2 VPN) Services to Customers

• Layer-2 VPN Point to Point services or Virtual Private Wire

Services (VPWS) over MPLS

Service Provider sells the L2 VPN services to the end Customers (banks, dealers,….etc.)

Transport in the core network

MPLS ForwardingMPLS Forwarding

MPLS (LDP/RSVP-TE)MPLS (LDP/RSVP-TE)

Layer-3 VPNs Layer-3 VPNs

Service to Customers

Layer-2 VPNs


Layer-2 Virtual Private Networks (L2 VPN)

Virtual Private Wire Service (VPWS) – MPLS is required in the core– Point-to-point– Referred to as Pseudowires (PWs)

• Virtual Private LAN Service (VPLS) – Multipoint relies on flooding– MPLS is required in the core

• xEVPN– Multipoint with optimized routes learning– Optimized for load balancing, redundancy & scale– MPLS is required in the core

Technology Options- MPLS core

MPLS Layer-2 VPNsMPLS Layer-2 VPNs

Point-to-PointLayer-2 VPNs (VPWS) with MPLS core

Point-to-PointLayer-2 VPNs (VPWS) with MPLS core

MultipointLayer-2 VPNs (MPLS core)

MultipointLayer-2 VPNs (MPLS core)

VPLSVPLS xEVPNxEVPN

PBB-EVPNPBB-EVPN

EVPNEVPN


Layer-2 VPN Enabler

• L2 VPNs are built with Pseudo wire (PW) technology over MPLS networks

• PWs provide a transport to multiple types of network services over a Packet Switched Network (PSN)

• PW technology provides Like-to-Like transport and also Interworking (IW)

• No routing is involved with Customers– Customers can run their own

routing,QoS,security,….etc.

The Pseudo wire

Ethernet

ATM

TDMPPP/HDLC

FR

Pseudo wire

Provider Edge (PE)

Packet Switched Network

Provider Edge (PE)


Virtual Private Wire Service (VPWS) Overview


Emulated Layer-2 Service

Pseudo wire (PW)

PSNTunnel

PE2PE1

CE3

CE1

CE4

CE2

PW2

PW1

NativeService

NativeService

AC (Ethernet)

AC (ATM)

AC (Ethernet)

AC (ATM)

Pseudo wire (PW) Reference Model

• An Attachment Circuit (AC) is the physical or virtual circuit attaching a CE to a PE• Customer Edge (CE) equipment perceives a PW as an unshared link or circuit

• Provides a point2point service

• Discovery: Label Distribution Protocol (LDP)

• Signaling: Label Distribution Protocol (LDP)

• Emulated services can be: – Virtual Local Area Network (VLAN) – ATM – Frame Relay – HDLC/PPP

Ref: RFC 3985 Pseudo Wire Emulation Edge-to-Edge (PWE3) Architecture


MPLSCE-2CE-1 P1 P2

PE1 PE2

Data Traffic direction

VPWS data forwarding Processing

Data trafficData traffic

Push tunnel labelPush data traffic label

Tunnel Label= 34Tunnel Label= 34

VC Label= 28VC Label= 28


VC and Tunnel label imposition


Data trafficData traffic Data trafficData traffic

Pop

VC label disposition

Tunnel Label =45Tunnel Label =45



Swap

Tunnel label swapping through MPLS cloud


Summary

1. Layer-2 VPN enables transport of any traffic over MPLS network by a Service Provider core network

2. Layer-2 VPN is simple & Service Provider has no control or visibility in customer data

3. Label Distribution Protocol (LDP) is used for signaling & discovery between Provider Edge (PE) nodes

4. Typical applications of L2 VPN are layer-2 business VPN services & Data Center Interconnect

5. Customer Layer 2 traffic can be mapped onto a Traffic Engineering (TE) tunnel inside the Service Provider core network


MPLS Layer-3 Virtual Private Network (L3 VPN)


Agenda

• MPLS Layer-3 VPN (L3 VPN) fundamentals

• Summary


Layer-3 VPN vs. Layer-2 VPN

Layer 2 VPNs

• Customer endpoints connected via Layer 2 such as Frame Relay, ATM, Ethernet,….etc. connection

• Provider network is not responsible for distributing site routers as routing relationship is between the customer endpoints

• Provider will need to manually fully mesh end points if any-to-any connectivity is required

Layer 3 VPN

• Customer end points peer with providers’ routers at Layer 3, i.e. there is routing protocol between Customer & Service Provider

• Provider network responsible for distributing routing information to VPN sites

• Don’t have to manually fully mesh customer endpoints to support any-to-any connectivity


MPLS Layer-3 VPN Control Plane Basics

VRF1 VRF1

LDP LDPLDP

PE1

PE3

PE2

CE1

CE4CE3

1. VPN service is enabled on PEs (VRFs are created and applied to VPN site interface)

2. VPN site’s CE1 connects to a VRF enabled interface on a PE1

3. VPN site routing by CE1 is distributed to MP-iBGP on PE1

4. PE1 allocates VPN label for each prefix, sets itself as a next hop and relays VPN site routes to PE3

5. PE3 distributes CE1’s routes to CE2 (Similar happens from CE2 side…)

CE2

iBGP—VPNv4 iBGP—VPNv4

iBGP—VPNv4 Label Exchange

P1 P2

VRF2VRF2


MPLS Layer-3 VPN Packet Forwarding

PE

MPLS VPN Service Provider Network

PE

CECE

Bank of Amercia

Site BSite A

VRF interface

IP packet

IP packet enters PE on VRF interface

1

Lookup of destination IP address in VRF table• VPN label pushed• MPLS label pushed

2

IP packet

VPN label

MPLS label

Labeled packet forwarded

3

P swaps MPLS label

4

P

IP packet

Packet forwarded as IP packet

7

IP packet

VPN label

Pop MPLS top label

5Lookup of VPNlabel in VRF table6

VRF interface

Bank of Amercia


The Full MPLS integrated Network: Layer-3 VPN, Layer-2 VPN, Traffic Engineering technologies

CE

PE PECE

CE

Layer 3 Routing protocols available on PE-CE – Static OSPF,BGP

CE

Layer 2 Circuits available – Ethernet, ATM, Frame Relay, PPP, HDLC

Layer 3 VPN Layer 2 VPN Traffic Engineering

Legend

MPLS Backbone

Traffic Engineering for Bandwidth protection and restoration

InternetGateway

Internet

Layer 2 Circuits available – Ethernet, ATM, Frame Relay, PPP, HDLC

Layer 3 Routing protocols available on PE-CE – Static, RIPv2, OSPF, EIGRP, eBGP


MPLS session Key Takeaways

1. MPLS networks consist of PE routers at ingress/egress and P routers in the core

2. MPLS forwarding operations is based on MPLS labels, hence it speeds up the performance

3. Label Distribution Protocol (LDP) is used for MPLS signaling

4. Routing protocols (OSPF or ISIS ) enabled in the core network has to be working properly for proper MPLS forwarding operation

5. Traffic Engineering manipulates that path of traffic to better utilize bandwidth & meet Service Level agreements between Service Provider & Customer

6. RSVP is used for TE signaling

7. Layer 3 VPN requires routing between Customer sites & Service Provider

8. Layer 2 VPN does not require routing between Customer sites & Service Provider

9. MPLS & its associated technologies are widely deployed across both Service Provider & Enterprise networks

Thank you.


Acronym DescriptionMPLS Multi Protocol label switching

TE Traffic Engineering

VPN Virtual Private Network

ATM Asynchronous transfer mode

FR Frame relay

IP Internet protocol

FEC Forwarding equivalence class

LDP Label distribution protocol

LSP Label switched path

TOS Type of service

RSVP Resource reservation protocol

OAM Operation, administration, maintenance

BGP Border gateway protocol

TTL Time to live

QoS Quality of service

IGP Interior gateway protocol

OSPF Open shortest path first

MAC Media Access Control

LAC Link Admission Control

Acronym DescriptionISIS Intermediate system to intermediate system

LSR Label switch router

LER Label edge router

CSPF Constraint-based shortest path first

PBR Policy based routing

PW Pseudowire

VPLS Virtual private LAN service

VPWS Virtual private wire service

EVPN Ethernet Virtual Private Network

PBB-EVPN Provider backbone bridging Ethernet Virtual Private Network

PSN Packet Switched network

VLAN Virtual local area network

HDLC High-level data link control

PPP Point-to-point protocol

IGP Interior gateway protocol

RIPv2 Routing information protocol version 2

EIGRP Enhanced Interior Gateway Routing Protocol

OAM Operation, Administration & Maintenance

Acronyms

cisco confidential 1 mpls fundamentals sherif toulan, p.eng.,ccie#4220 sr. technical leader, cisco...

Documents

mpls layer

mpls network

scalable mpls

cisco systems basic

mpls technology basics

mpls traffic engineering

router lsr switches

cisco systems canada