copyright © 2008 juniper networks, inc. proprietary and confidential 1 mpls in the data center...

Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net 1

MPLS in the Data Center

Achieve “Carrier-class” Network Dependability and Reliability for

Business Critical Services


Accelerating the Enterprise

Inter-Data Center Transport Network Network Segmentation for Compliance (VLAN-VRF) L2VPN for VLAN Extensions (VMotion for DRP)


Agenda

Brief MPLS OverviewBrief MPLS Overview

Advantages of MPLS NetworksAdvantages of MPLS Networks

Why MPLS Is “Important” to Data Center DeploymentsWhy MPLS Is “Important” to Data Center Deployments

Deployment ScenariosDeployment Scenarios

SummarySummary



Internal MPLS Deployment

Many Enterprises Already Use MPLS…

Private IP services managed and delivered by Service Provider

MPLS deployed and/or managed within the Enterprise

Provider MPLS Network MPLS SuperCore

You

YouPrivate routing instance in Service Provider PE Router

MPLS PPVPN



TRUTHMYTH


“Deploying MPLS in the enterprise is like swatting a fly with a nuclear weapon.”

MPLS was designed to allow the largest networks on the planet to scale their topologies and services

Many large enterprises today face the same scaling and management problems as traditional providers

… and:Sometimes you *do* need a big fly-swatter.



What Is MPLS? Multi-Protocol Label Switching

• A suite of protocols developed to add transport and virtualization capabilities to large IP networks

• Borrowed virtual circuit ideas from ATM• But packet based (no SAR)

• Leverages standard IPv4 (or IPv6) control plane• Manage MPLS networks using familiar protocols like

OSPF or Integrated IS-IS and BGP

Label Switched Paths• Adds switched virtual circuit layer to packet based networks• A single LSP can span various media types

• Ethernet, ATM, Frame Relay, PPP/HDLC links (PoS, PDH)



Two Layers of MPLS Functionality MPLS Label Switched Paths [Traffic Control]

• LSPs carry traffic between edge routers• Individual LSPs are engineered using various Traffic Engineering

technologies (ERO or Dynamic TE)• Various link/LSP protection mechanisms operate on LSP layer

(Fast-Reroute, Standby LSPs)

MPLS VPN Layer [Virtualization]• Ingress traffic mapped into specific LSPs• “Customer” traffic encapsulated across MPLS core

• BGP/MPLS L3VPNs (RFC4364, formerly 2547bis)• L2VPN or VPLS• Pseudowire (draft-martini or CCC)



MPLS ComponentsVLAN Components

High-Level Network Infrastructure Mappings

VLAN segmentation is localized and limited in scale

VLAN Tags (4 bytes)• 16-bit PID, 3-bit Priority, 1-bit CFI,

12-bit VLAN ID

Layer 2 Segmentation Spanning Tree Protocol Active/Blocking VLAN Trunking VLAN ACLs 802.1p QoS Markings Ethernet failures/repairs …

Allows network-wide segmentation with large scale

MPLS Label stack (4 bytes)• 20-bit Label, 3-bit QoS (EXP), 1-bit

bottom of stack flag, 8-bit TTL field

Layer 2 and Layer 3 Segmentation

OSPF / LDP ECMP LSP Switching IP ACLs DSCP/EXP QoS Markings Fast Re-route capabilities & BFD …





Agenda





SummarySummary



MPLS Brings the Benefits of Circuits to IPMPLS Brings the Benefits of Circuits to IP

What’s So Great About MPLS?

Enables Consolidation of disparate networks onto a single network• Support best effort, enhanced delivery, and assured delivery service

levels for mixed use services• Lowers capital and operational cost though convergence while

enabling application convergence

Delivers Control through traffic segregation• Regional-, departmental-, and project-oriented groups have control

over their network assets and configurations• Traffic remains separate though multiple MPLS-based VPNs

Provides Resiliency with fast reroute and traffic engineering • MPLS-based traffic engineering enables a fine-tuning of the network

to deliver appropriate levels of services• Enables sub-50 msec. reroute to maintain real-time traffic during a

node or link failure





Agenda





SummarySummary



Translating MPLS Benefits to Business Impact Enterprises that have large private networks or business

critical Data Centers can leverage MPLS to create both CapEx and OpEx cost savings

Moving to an MPLS network provides business benefits like improved network availability, performance, and policy enforcement

Enterprises should evaluate MPLS to determine if this is the right opportunity to implement MPLS capable hardware into their Data Center network• In order to support business critical applications that require

highly-available, low-latency and “carrier-class” reliability with a proven track record



The Legacy Network: High Cost Resiliency Traditional private IP networks do not support “real time”

applications• Routing tables do not converge fast enough to support sub

50-msec link and node failures

The alternative is to deploy SONET/SDH to providesub-50 msec link and node failure detection and re-routing

This additional transport layer in the private WAN and Data Center comes at a significant additional expense

Let’s look at an alternative…



The MPLS Resiliency Solution MPLS can be deployed without the additional cost and

complexity of SONET/SDH• Dark fiber installations and/or Provider Ethernet services

MPLS can be configured to support sub 50-msec link and node failure detection and correction• Fast Re-Route (FRR) provides “real time” re-routing over

back-up paths• Bi-directional Forwarding Detection (BFD) provides early

detection of link and node failures

The Result: MPLS provides a cost effective alternative for the highly resilient network supporting “real-time” communications



The Legacy Network: Cost of Building Redundant Networks Integration of a new business entity or application in the Data

Center or maintaining separation among various businesses• Rapidly changing requirements in a Data Center to add/move/remove

applications to support business functions worldwide• Regulatory environments and business operations sometimes require

guarantees of business unit/subsidiary separation

Traditional practices require separate physical and redundant networks to be built• Application X, Business Partner, Voice, Storage, PCI compliance, etc.

Each separate and redundant network requires its own• Equipment (Networking, servers, etc.)• WAN access• Space and power• Provisioning• Management…making this an expensive proposition

Let’s look at an alternative…



The MPLS Network Solution MPLS enables one physical network to be configured and

operate as many separate virtual networks• L2 or L3 VPN services

New acquisitions and various applications can be added to the network via MPLS VPNs• Each subsidiary or application is allowed to operate as though each has a

private network…over a cost effective shared infrastructure

MPLS allows for more control over network bandwidth allocation per service/application while maintaining latency requirements for critical applications

The Result: Diverse needs of business units are satisfied with virtualized networks that cost less and effectively scale to support the largest enterprises





Agenda





SummarySummary



Drivers for MPLS in the Data Center:Three Common Scenarios

Inter-Data Center Transport Network• Packet-based network that behaves like a traditional

transport layer • Ex: replace existing SONET/DWDM links with MPLS

Virtualized Network Core (Segmentation)• Need for logical separation of network services

• Separation of L3 or L2 traffic across core network for business service/application requirements or for compliance (VLAN to VRF)

L2VPN Inter-Data Center Extensions• Extend L2 domain across Data Centers

• Supporting VMware VMotion, DRP, etc.• Both Transport and Virtualization requirements

2

1

3



Inter-Data Center Transport Network Large Enterprises need to engineer traffic between

consolidated Data Centers• Most Critical applications

• Real-time Mainframe replication• Disk / Database / Transaction Mirroring

• Fast-Reroute required to protect critical apps Traffic engineering

• Expensive high-bandwidth links consolidate previous SONET links into single transport core

• Must allocate bandwidth to various applications• Must protect latency of critical apps

SuperCore is transport core only• Strict demarc from existing WAN—No routing interaction• All links exposed as point-to-point L2VPNs• In-sourced carrier network to protect the “Crown Jewels”

1



Inter-Data Center Transport Network

Data Center

Data Center

Corp WAN

Data Center

Critical applications protected by Fast-

Reroute Detour paths and secondary LSPs

Applications engineered into LSPs

across MPLS SuperCore



Virtualized Network Core (Segmentation) MPLS VPN applications at the WAN Edge and Core/Aggregation

layer provide unique traffic separation capabilities

L3VPNs• Maintain separate L3 VPN connectivity across Data Centers via “super

core” network• Can map VLAN to VRF to maintain consistent segmentation end-to-end

VPLS and L2VPN• Multipoint Virtual LAN networks across MPLS core• Can extend VLAN segments across multiple locations for mirroring

or DRP

Pseudo-wire Circuits• Point-to-Point connections across MPLS core

• Ethernet Port or VLAN circuits

2



WanEdge

CoreLayer

Access Layer

Aggregation Layer

CoreONLY

Juniper Data Center Network ArchitectureCollapsed Layers

Single JUNOS software

Option to collapse WAN and Core

Easier to operate and manage

Reduced power, cooling, and space

10 GbE (standby)

1 GbE

10 GbE (active)



Juniper Data Center Network ArchitectureVirtualization With JUNOS IP or MPLS

MX – IP or MPLS L3 VPNsconsolidate separate

business units

Securely isolate businesses and applications with L3 VPNs

Traffic engineering and end to end quality of service from server to server across DCs

Extend virtualization per application with

MPLS in DC

WAN Edge

CoreLayer

Access Layer

VPN

Server VLAN

VLANs (mapped into VRFs)

VLANs

Trunk




MPLS’s leverage of L3 protocols makes it more robust + scalable than VLANs + spanning trees for data center interior services

Flexible traffic separation (VPNs) and traffic management (DS TE) open up new virtualization options in DCs

MPLS HA (node, link and path) add responsiveness + reliability to the traffic management and scale

Integration with WAN design (if only by similarity) can simplify performance management and opex

Could go all the way to access tier in some designs

LERLSRLSR

VPNs

DS TE QoS



L2VPN/VPLS for VLAN Extensions MPLS L2VPN/VPLS infrastructure at WAN edge and

Core/Aggregation layers provides easy management of L2 extended domains across Data Centers

Customer deployment scenarios include• Data Mirroring, archiving and application standby for DRP

and business continuity planning• Also growth in server virtualization and virtual machine

management across Data Centers• Primarily VMware VMotion to move virtual machines/applications

across the network without losing information• Moves could be in the local LAN, or across the MPLS core to

another Data Center for migration or DRP

3



Archiving, Back-Up + Mirroring Between Data Centers via VPLS

Core

DC 2

DC 1

Mirroring VLAN 1

Mirroring VLAN 2

Other Production Traffic

Mirroring + back-up hosts can live in VLANs designed for that purpose

VPLS-capable node is required at aggregation/core tier

Amount of bandwidth required can be allocated + enforced

Other production applications can carry on in parallel

Mirroring VLAN 1

Mirroring VLAN 2



Core

DC 2

DC 1

Other Production Traffic

Support for VMotion across Data Centers

VM 1

VM 2

L2VPN/VPLS path created in order to move Virtual Machines across Data Centers

Requirement to stay on same subnet maintained end to end

Bandwidth and latency requirements enforced across network components

VM 1

VM 2





Agenda





SummarySummary



Summary MPLS in the Data Center provides great flexibility and

reliability for deploying business critical applications• MPLS VPN simplifies the implementation and management of

application and business network segmentation requirements• L2VPN/VPLS eases the implementation and support requirements

for L2 domains across multiple locations• MPLS Traffic Engineering reduces the cost of transport network

deployments by using the same label technology over cheaper Ethernet without compromising on reliability and convergence times

MPLS on the WAN core and Data Center Core/Aggregation Layers• Enables consolidation of disparate networks onto a single network• Delivers control through traffic segmentation• Provides resiliency with fast reroute and traffic engineering

copyright © 2008 juniper networks, inc. proprietary and confidential 1 mpls in the data center...

Documents

enterprise truthmyth

juniper networks

based networks

mpls private ip services

largest networks

large ip networks

vlan id layer

ccc slide