mpls an 9march2018-wide · multi-protocol label switching the m in mpls stands for multi-protocol,...

MPLS

9 March 2018 AN

MPLS is not alone

Multi-Protocol Label Switching

MPLS-TP MP-BGP H-VPLS OSPF-TE LIB

LSP ISIS-TE EVPN GMPLS MPLS-TE

T-MPLS LFIB LABEL LDP TAG

RSVP-TE VPLS FEC LER SR

• Used in many (most?) provider networks • to provide all kinds of different services


• Designed in the ATM era • better performance was

needed • Different services

transported over MPLS core

• Fixed size “label” • pre-established • Faster lookup • Label added to packet header

• No expensive (and recursive) lookups needed • Routing was (too) slow


Basically:★ edge device of MPLS network applies “tag”★ switch forwards according to label swapping table★ edge device removes tag and forwards packet

• Designed in the ATM era • better performance was

needed • Different services

transported over MPLS core

• Fixed size “label” • pre-established • Faster lookup • Label added to packet header

• No expensive (and recursive) lookups needed • Routing was (too) slow

Label switching started in 1996

• Back then ATM was popular, only encapsulations

for flows over ATM were defined • ATM did not become the big hit and is mostly

replaced now by IP/Ethernet devices

A bit of history

• Next Cisco came with Tag Switching (1997) • This was brought to the IETF for open standardisation • IETF working group involved other vendors and MPLS was defined • Tag renamed to Label

Because:• Back then traffic was growing faster than router vendors and providers could keep up with• Existing routing equipment was very expensive• Performance was not enough (no in hardware forwarding of packets)• Fixed length label lookup was faster

RFC-3031: Multiprotocol Label Switching Architecture [June 2001]

A bit of history

...because its techniques are applicable to ANY network layer protocol

• Designed to provide a unified data-carrying service for both circuit-based clients and packet-switching clients which provide a datagram service model (converged networks). • To carry many different kinds of traffic, including IP packets, as well as native ATM, SONET,

Frame Relay, PPP, HDLC and Ethernet frames, but also Pseudo Wires (PW), VPLS, IP VPNs. • Label Switched Paths are similar to circuit-switched paths (virtual circuit) in ATM or FR networks,

except not dependent on a particular Layer-2 technology. •MPLS defines specific label formats for ATM and Frame Relay, and a generic label format

intended for use with most other media.

• ATM labels correspond to VPI/VCI numbers and may be as long as 24 bits - Frame Relay labels correspond to DLCI numbers and are either 10 or 23 bits long. • The generic label is 20 bits long.

Multi-Protocol Label Switching The M in MPLS stands for Multi-Protocol, which allows all kinds of different services and encapsulations to be transported over MPLS enabled backbones

4.4.4.4

Destination Based Routing

inet.0

R1 R2

R3

R4

inet.0

inet.0

inet.0

10.0.1.0/31

10.0.2.0/31 10.0.3.0/31

1.1.1.1 2.2.2.2

3.3.3.3

4.4.4.4

Destination Based Routing

inet.0

R1 R2

R3

R4

inet.0

inet.0

inet.0

10.0.1.0/31

10.0.2.0/31 10.0.3.0/31

Lookup destination address in forwarding table




1.1.1.1 2.2.2.2

3.3.3.3

mpls.0

mpls.0

mpls.0

mpls.0

Label switching

R1 R2

R3

R4

10.0.1.0/31

10.0.2.0/31 10.0.3.0/31

4.4.4.41.1.1.1 2.2.2.2

3.3.3.3

mpls.0

mpls.0

mpls.0

mpls.0

Label switching

R1 R2

R3

R4

10.0.1.0/31

10.0.2.0/31 10.0.3.0/31

Lookup label in label database

4.4.4.41.1.1.1 2.2.2.2

3.3.3.3

mpls.0

mpls.0

mpls.0

mpls.0

Label switching

R1 R2

R3

R4

10.0.1.0/31

10.0.2.0/31 10.0.3.0/31





4.4.4.41.1.1.1 2.2.2.2

3.3.3.3

Rx 100K IPv4 routes Tx 100K IPv4 routes

Rx 100K Labeled routes Tx 100K Labeled routes

Faster lookups

inet.0

mpls.0

100K IPv4 FIB entries

1 MPLS FIB entry

• It was invented for fast(er) “routing" (more like L2 switching) • IDEA: • All packets with same label follow the same path • Fixed length label lookup is faster than longest match lookups

MPLS is sometimes called: Layer 2.5 protocol

Applications

TCP UDP SCTP, MPTCP, DCCP, …

MPLS

Ethernet

Physical

ATM FR PPP…

IP


Layer 2

Layer 3

Each flow might be special but numerous flows share the same forwarding behaviour


Label EXP S TTLLabel = a number

EXP = experimental bits, for Class of Service (*) S = Bottom of Stack TTL = Time-to-Live (to detect loops)

This header is put between Layer-2 and Layer-3 header (a.k.a. shim header) in IP

(*) Renamed to Traffic Class field RFC-5462

Ethernet header

IP header Data

Ethernet header

IP header DataMPLS

header

original packet

20 bits 3 bits 1 bit 8 bits

L2 header L3 header

SIDE TRACK Routing vs Switching

Routing vs Switching

• Switch switches within the subnet/within the network • Router routes between the networks

•Switching makes packet (frame) forwarding decisions based on Layer 2 data

•Routing makes packet forwarding decision based on Layer 3 data

Switches switch and Routers route …

recursive lookup - to determine the next hop + outbound interface

MAC address

IP address

SID

E TR

ACK

physical layer-2 address

logical, hierarchical layer-3 address

MPLS

OSPF / ISIS BGP

RIBRouting Information Base

FIBForwarding Information Base

Topology Database

“IP Routing table”

“Forwarding table”

• Not all entries in RIB have next hops that are directly

connected

• OSPF/ISIS route has an outgoing interface; it’s computed by

the SPF algorithm and transferred into the IP routing table

• BGP route has no outgoing interface and its next hop is not

directly connected; the router has to perform recursive

lookups to find the outgoing interface

• IP routes are copied to Forwarding Information Base (FIB) and

their next hops are resolved, outgoing interfaces are

computed and multiple entries are created when the next-hop

resolution results in multiple paths to the same destination

Simplified view

SID

E TR

ACK



Juniper specific

See: https://www.juniper.net/documentation/en_US/junos/topics/concept/mpls-routing-tables.html

SID

E TR

ACK

RIB

FIB

Useful for MPLS lab


Regardless of how you decide to call the physical (or virtual) device that forwards the data across your network, it’s important to understand whether it forwards the data based on physical layer-2 addresses (we called that bridging) or based on logical, hierarchical layer-3 addresses (what we called routing 20 years ago).

•Switching makes packet (frame) forwarding decisions based on Layer 2 data •Routing makes packet forwarding decision based on Layer 3 data

Switches switch and Routers route….

Bridging

http://blog.ipspace.net/2010/07/bridging-and-routing-is-there.htmlhttp://blog.ipspace.net/2011/02/how-did-we-ever-get-into-this-switching.html

• Ivan Pepelnjak Blog: http://blog.ipspace.net/2009/12/lies-damned-lies-and-product-marketing.html

MPLS is somewhere in between… (Layer 2.5) unless used with ATM or Frame Relay, i.e. L2 protocols that also use something like a label

SID

E TR

AC

K


MPLS-based networks scale better than those using ATM or Frame Relay because of two major improvements:

• Automatic setup of virtual circuits based on network topology (core IP routing information), both between the core switches and between the core (P-routers) and edge (PE-routers) devices. Unless configured otherwise, IP routing protocol performs topology autodiscovery and LDP establishes a full mesh of virtual circuits across the core.

• VC merge: Virtual circuits from multiple ingress points to the same egress point can merge within the network. VC merge significantly reduces the overall number of VCs (and the amount of state the core switches have to keep) in fully meshed networks.

• Important purpose of MPLS: reduces routes in routers and forwarding table entries •Multiple IP prefixes “into one tag”SI

DE

TRA

CK

LSP - Label Switched Path LER - Label Edge Router

LSR - Label Switching Router FEC - Forwarding Equivalence Class

LIB - Label Information Base

LER and LSP

R1 CE

R3 LSR

R8 LER

R7 LSR

R6 LER

R5 LSR

R4 LSR

R2 LER

R9 CETransit

R10 CETransit

LER = Label Edge Router (or PE = Provider Edge router)

See also: http://blog.ipspace.net/2011/10/mpls-is-not-tunneling.html

CE = Customer Edge router

LER and LSP

R1 CE

R3 LSR

R8 LER

R7 LSR

R6 LER

R5 LSR

R4 LSR

R2 LER

R9 CEIngress Transit

R10 CETransit




LER and LSP

R1 CE

R3 LSR

R8 LER

R7 LSR

R6 LER

R5 LSR

R4 LSR

R2 LER


R10 CETransit

LSP




LER and LSP

EgressR1 CE

R3 LSR

R8 LER

R7 LSR

R6 LER

R5 LSR

R4 LSR

R2 LER


R10 CETransit

LSP


LSP = Label Switched Path: unidirectional path between LERs “Virtual circuit” between pair of routers



Egress

LSR

R1CE

R3LSR

R8LER

LSR = Label Switching Router (or P = Provider router)

R7LSR

R6LER

R5LSR

R4LSR

R2LER

R9CE

LSP

Ingress Transit

Label push

Label swap

Label pop

R10CETransit

Label swap

• Label locally significant on router • Labels only valid between LSRs •Actions: push, swap, pop

Before any MPLS forwarding will occur you need to build an LSP!

Forwarding Equivalence Class FEC

• The ingress router receives packet and determines to which FEC it belongs • Forwarded with the same label (over the same LSP) • FEC only determined once - at ingress LSR

A FEC is a set of packets that a single router: • Forwards to the same next hop • Out the same interface • With the same treatment (such as queuing)

≈ normal routing

EgressR1CE

R3LSR

R8LER

R7LSR

R6LER

R5LSR

R4LSR

R2LER

R9CE

LSP

Ingress Transit

Label push

Label pop

R10CETransit

FEC lookup

FEC can be based on destination prefix, incoming interface, traffic class, source address, …

From: RFC3031 Multiprotocol Label Switching ArchitectureForwarding Equivalence Class FEC

Packet headers contain considerably more information than is needed simply to choose the next hop. Choosing the next hop can therefore be thought of as the composition of two functions. The first function partitions the entire set of possible packets into a set of "Forwarding Equivalence Classes (FECs)". The second maps each FEC to a next hop. Insofar as the forwarding decision is concerned, different packets which get mapped into the same FEC are indistinguishable. All packets which belong to a particular FEC and which travel from a particular node will follow the same path (or if certain kinds of multi-path routing are in use, they will all follow one of a set of paths associated with the FEC).

In conventional IP forwarding, a particular router will typically consider two packets to be in the same FEC if there is some address prefix X in that router's routing tables such that X is the "longest match" for each packet's destination address. As the packet traverses the network, each hop in turn reexamines the packet and assigns it to a FEC.

In MPLS, the assignment of a particular packet to a particular FEC is done just once, as the packet enters the network. The FEC to which the packet is assigned is encoded as a short fixed length value known as a "label". When a packet is forwarded to its next hop, the label is sent along with it; that is, the packets are "labeled" before they are forwarded.

At subsequent hops, there is no further analysis of the packet's network layer header. Rather, the label is used as an index into a table which specifies the next hop, and a new label. The old label is replaced with the new label, and the packet is forwarded to its next hop.

In the MPLS forwarding paradigm, once a packet is assigned to a FEC, no further header analysis is done by subsequent routers; all forwarding is driven by the labels. This has a number of advantages over conventional network layer forwarding.

Label Information Base

• Labels are stored in Label Information Base •Database with all label and forwarding information • LIB is populated by static entries or dynamic label distribution protocols

•Mapping between previous hop (incoming port, label) and FEC •Mapping between FEC and next hop (outgoing port, label)

LIB

Label Forwarding Information Base - LFIB: • Forwarding table mapping between labels

to outgoing interfaces • Only the labels for the best path of FEC

•Each router has its own LIB, and generates the LFIB • (Similar to RIB and FIB)

LIB

LFIB

Z PE1YPE2 Xingress egress

FEC = loopback address PE1LSR/transit LSR/transit LSR/transit

Prefixes distributed with OSPF/ISIS

Z PE1YPE2 Xingress egress



PE1 assigns a Label (L1) to its own Loopback

address (FEC) and advertises that to its LDP peer X

Z PE1YPE2 Xingress egress(PE1,L1)





Z PE1YPE2 Xingress egress(PE1,L1)

FEC = loopback address PE1

X evaluates whether PE1 is on the IGP shortest path for that FEC. If successful X

assigns L2 for FEC PE1, installs forwarding state swapping L2 and L1 and advertises a

binding for L2 and FEC PE1 to Y

LSR/transit LSR/transit LSR/transit




Z PE1YPE2 Xingress egress(PE1,L1)(PE1,L2)









Y will do similar processing. The LSP setup proceeds from

egress to ingress

Z PE1YPE2 Xingress egress(PE1,L1)(PE1,L2)










egress to ingress

Z PE1YPE2 Xingress egress(PE1,L1)(PE1,L2)(PE1,L3)(PE1,L4)










egress to ingress


PE1-push L4









ingress router PE2 adds label L4 to

packets


egress to ingress


swap (L4, L3) PE1-push L4










packets


egress to ingress


swap (L3, L2) swap (L4, L3) PE1-push L4










packets


egress to ingress

Z PE1YPE2 X

swap (L2, L1)

ingress egress(PE1,L1)(PE1,L2)(PE1,L3)(PE1,L4)











packets


egress to ingress

Z PE1YPE2 X

swap (L2, L1)












packets

pop (L1)


egress to ingress

Z PE1YPE2 X

swap (L2, L1)







LSR/transit LSR/transit LSR/transitLSP





packets

pop (L1)


egress to ingress

Z PE1YPE2 X

swap (L2, L1)








Label actions: Push to the stack, Swap top label, PoP from the stack; S-bit is set to 1 in MPLS header if label is last label on the stack;

LSPPrefixes distributed with OSPF/ISIS




packets

pop (L1)

• Label 3 is announced by router B to its neighbor E • 3 is a special value, Implicit NULL label [RFC-3032];

• This triggers Penultimate Hop Popping (PHP) • the LSR (E) before the LER (B) pops the label and forwards normal IP packet to LER (B); • simplifies processing at LER (saves one lookup); •default behaviour of most implementations, not mandatory;

3

2833

28 = label

Penultimate Hop Popping

C

F

GE

D

A BPHP

But who/what assigns the labels? Goal is to build a forwarding table with mapping between FEC/incoming label and outgoing label; ➡Routers pick the label values (local significance only)

The MPLS architecture uses downstream label allocation: router expects to receive the traffic with label it picked locally

Called downstream because label L bound to FEC F at router B was picked by router C who is one hop further down in the direction of the traffic flow from B

A

C

B

downstream ->

<- upstream

LSR that is required to interpret the label is responsible for assigning it

Label allocation and distribution

28FEC F =

• LSR A receives mapping for Label L for FEC <1.2.3.4> from neighbor LSR B • LSR A will use Label L for forwarding if and only if LSR B is on the IGP shortest path for

destination <1.2.3.4> from A’s point of view • LSPs shift with IGP path changes!!!

•Danger of black-holing/looping during reconvergence

Label allocation and distribution

• Label = unsigned integer in the range 0 - 1048575 • Some reserved numbers: 0 - 15 (e.g. label 3) • A received packet with unrecognised label (unassigned) is dropped

• Packets can carry more than 1 label = label stack • Last-in, first-out stack • The forwarding decision is based on label at top of stack (see S-bit!)

Question: Should a label be unique within MPLS domain?

MPLS so far






Short break….. (15 min)

How are the labels distributed and the mappings made?

• You need routing and signalling (control plane functions)

• Manual configuration of label bindings and LSPs

• Or define a new protocol • Or extend existing protocol to carry labels

Ps. Answer: No, unique on router (if platform label space) or per interface (if interface label space)

Both were done: • New protocol: LDP (Label Distribution Protocol) • Two existing protocols: RSVP and BGP

protocols { mpls { static-label-switched-path <LSP-name> { ingress { next-hop <address of next-hop router>; to <LSP-endpoint>; push <label>; } } } }

Manual LSP config

protocols { mpls { static-label-switched-path <LSP-name> { transit <incoming-label> { next-hop <address of next-hop router>; to <LSP-endpoint>; swap <outgoing-label>; } } } }

On ingress router

On all transit routers

And on egress router: POP label

Juniper specific

human control plane

Label Distribution Protocol

• UDP discovery and TCP sessions between peers • LDP Peers inform each other of the label bindings

• An IGP protocol must br configured on all LSRs • New IGP routes (prefixes in routing table) lead to new label bindings

• Labels can be withdrawn when IGP routes are no longer valid • Hard-state - expected to work until explicitly torn down

LDP is specifically designed for label binding and distribution - does nothing else but that, no routing, in fact it relies on an IGP for all routing decisions

LDP

• Fundamental concept in MPLS: 2 LSRs must agree on meaning of labels used to forward traffic • Protocol used where one LSR informs another of the LABEL BINDINGS it has made

See https://tools.ietf.org/html/rfc5036

• LDP works between directly connected neighbors • Peers are automatically discovered (via multicast to well-known UDP port) • Builds a full mesh of LSPs between all routers • LDP establishes LSPs that follow the IGP best path

Initialization: exchange information regarding features and modes supported;

Next: information regarding binding Labels and FECs exchanged;

After discovery a TCP session is established and LDP session is set up;

Keep sessions up keep-alive messages are sent;

Label Distribution Protocol LDP

Easy config

Label messages: advertise new labels, withdraw labels

OSPF / IS-IS BGP

RIBRouting Information Base

FIBForwarding Information Base

LIBLabel Information Base

(mpls.0)

LFIBLabel Forwarding Information

Base

Topology Database

“Routing table” (inet.0)

“Forwarding table”

“Label Routing table”

FEC mapping table (inet.3)

LDP Database

LDP

Juniper specific

See also: http://blog.ipspace.net/2011/12/junos-day-one-mpls-behind-scenes.html

Resource ReserVation Protocol

• RSVP was developed before MPLS • Bandwidth reservation protocol for individual traffic flows in network as part of the int-serv model • Its mechanism is to reserve bandwidth along each hop of a network for an end-to-end session

➡Doesn't scale (create, maintain, tear-down state for each traffic flow!), so it is not/hardly used.

• RSVP extensions for MPLS to create and maintain LSPs and to create associated bandwidth reservations = RSVP-TE [RFC-3209] • Better scaling (single LSP can carry all traffic between ingress and egress router pair, not per flow)

(*) Integrated Services Architecture [RFC1633]: fine-grained Quality of Service across the Internet

(*)

RSVP

• RSVP-signaled LSP does not necessarily follow IGP shortest path • Extensions allow for explicit routing (specify entire path or specific transit nodes)

Creation of RSVP-signaled LSP:

Bandwidth reservation is optional

‣ PATH message: Label request object, Record Route Object, Sender-Tspec, Explicit Route Object (ERO)

RSVP-TE Signaling protocol, not routing protocol

• Ingress router initiates by sending an RSVP PATH message •destination is the egress router

• Egress router sends back an RSVP RESV message • follows the reverse path back to ingress • includes the allocated label

• Transit routers receiving the RESV message • allocate new local label • relay message upstream • install entry in LIB

‣ RESV message: label object, Record Route Object

• RSVP-signaled LSP does not necessarily follow IGP shortest path • Extensions allow for explicit routing (specify entire path or specific transit nodes)

Creation of RSVP-signaled LSP:

Bandwidth reservation is optional

‣ PATH message: Label request object, Record Route Object, Sender-Tspec, Explicit Route Object (ERO)

➡ ERO object contains list of addresses of nodes through which the LSP must pass (strict or loose)

RSVP-TE Signaling protocol, not routing protocol

• Ingress router initiates by sending an RSVP PATH message •destination is the egress router

• Egress router sends back an RSVP RESV message • follows the reverse path back to ingress • includes the allocated label

• Transit routers receiving the RESV message • allocate new local label • relay message upstream • install entry in LIB

‣ RESV message: label object, Record Route Object

10

• PATH and RESV messages travel hop-by-hop through network - establish state at each node • Periodic exchange of PATH and RESV messages after establishment to refresh the state (if missed LSP is torn down) • RSVP-signaled LSPs follow single path from ingress to egress (even in case of multiple available paths) • LSP still unidirectional!

RSVP-TE

10

5

5

5

5

5

55 = IGP metric

C

E

D

A B

F

G

10


RSVP-TE

10

5

5

5

5

5

55 = IGP metric

C

E

D

A B

F

G

PATH message

10


RSVP-TE

10

5

5

5

5

5

55 = IGP metric

C

E

D

A B

F

G

PATH message RESV message

10


RSVP-TE

10

5

5

5

5

5

55 = IGP metric

C

E

D

A B

F

G

PATH message RESV messageRESV state

With Record Route Object routers can check if the

path is loop-free

RSVP-TE

6.6.6.6 From: 1.1.1.1, State: Up, ActiveRoute: 0, LSPname: LSP-1 ActivePath: LSP-1-P (primary) LSPtype: Static Configured LoadBalance: Random Encoding type: Packet, Switching type: Packet, GPID: IPv4 *Primary LSP-1-P State: Up Priorities: 7 0 SmartOptimizeTimer: 180 Computed ERO (S [L] denotes strict [loose] hops): (CSPF metric: 5) 10.10.10.2 S 20.20.20.2 S 40.40.40.2 S 50.50.50.2 S 60.60.60.2 S Received RRO (ProtectionFlag 1=Available 2=InUse 4=B/W 8=Node 10=SoftPreempt 20=Node-ID): 10.10.10.2 20.20.20.2 40.40.40.2 50.50.50.2 60.60.60.230 Jun 16 19:01:39.596 Selected as active path 29 Jun 16 19:01:39.596 Record Route: 10.10.10.2 20.20.20.2 40.40.40.2 50.50.50.2 60.60.60.2 28 Jun 16 19:01:39.594 Up 27 Jun 16 19:01:39.478 Originate Call

Example output Juniper:

• It supports multiple address families, easy to define and carry new types of reachability information and associated attributes • Advertise prefix and label(s) associated with it

MP-BGP

• Can be used inter-domain (between AS-es BGP is used) • Often BGP is already used so no need for another protocol • This is used for Layer3 VPN between sites interconnected by MPLS (provider) core network • Each VPN has its own VRF (Virtual Routing and Forwarding instance); • MPLS forwarding uses stacked labels:

• outer label for LSP forwarding • inner label to differentiate between different VPNs

Multiprotocol Extensions to BGP

[RFC-3107] Carrying Label Information in BGP-4: The label mapping information for a particular route is piggybacked in the same BGP Update message that is used to distribute the route itself.

VRFVRF

MP-BGP

• This is used for Layer3 VPNs between sites interconnected by MPLS (provider) core network • Each VPN has its own VRF (Virtual Routing and Forwarding instance) • MPLS forwarding uses stacked labels: outer label for LSP forwarding + inner label to differentiate between different VPNs

Multiprotocol Extensions to BGP

PE-A

PE-B

PE-C

VPN-Customer D

VPN-Customer E

VPN-Customer F

VPN-Customer D

VPN-Customer E

VPN-Customer F

VPN-Customer D

VPN-Customer E

VPN-Customer F

VRF

MPLS core

See RFC-4364: BGP/MPLS IP Virtual Private Networks (VPNs)

BGP

BGP

ISIS/OSPF

MP-BGP Multiprotocol Extensions to BGPPE-A

PE-B

PE-C

VPN-Customer D

VPN-Customer E

VPN-Customer F

VPN-Customer D

VPN-Customer E

VPN-Customer F

VPN-Customer D

VPN-Customer E

Each VRF has different VPN label

MPLS core

Route distinguisher (RD) : 64 bit field prefixed to Customer IP prefix(es) to make it unique VPN-IPv4 address space •prepended to routes in VRF to identify to which VRF they belong

Route target (RT): extended BGP community value •defines which prefixes are imported and exported on each PE

Routes from “red” VPN not imported!

VPN-IPv4 routes are transported with BGP to other PE’s - with MPLS label (inner label)

• Can you use different Label distribution protocols at the same time? • E.g LDP and RSVP-TE? And also MP-BGP?

Yes! • Depends on the built topology • Depends on services that need to be provisioned • Makes it more complex • Needs to be provisioned/configured

Label Distribution Protocols

• LSPs have to be built before traffic starts flowing • RSVP-TE LSPs need to be configured • VRF and route distinguisher and route targets in L3 VPNs need to be configured

• Can you use different Label distribution protocols at the same time? • E.g LDP and RSVP-TE? And also MP-BGP?

Yes! • Depends on the built topology • Depends on services that need to be provisioned • Makes it more complex • Needs to be provisioned/configured

Label Distribution Protocols

• LSPs have to be built before traffic starts flowing • RSVP-TE LSPs need to be configured • VRF and route distinguisher and route targets in L3 VPNs need to be configured

Network orchestrators / controllers with GUIs to make it easier

Due to Moore’s Law lookup speed is no longer the biggest problem, but since 1997 a lot of ways to use MPLS have been found...

• Very heavily used: for implementing Traffic Engineering (TE) • L3VPN (over the same core) • L2VPN (over the same core) • Improving network resiliency with MPLS fast reroute


What is it? • Process of manipulating traffic on an (IP) network to “enhance the performance” • Is not network engineering, but linked • Reduce overall cost of operations by more efficient use of bandwidth resources

Traffic Engineering

With “traditional” IP and IP routing protocols difficult: ➡ tweaking link cost or weight to influence IGP behaviour ➡ availability of resources (e.g. bandwidth) not taken into account

• IGPs distribute network topology information through network • Can be used to calculate the routes of LSP automatically •When required to establish LSPs not following IGP routes, with guaranteed QoS characteristics

and backup LSPs that avoid single points of failure you need more:

Traffic Engineering extensions “-TE”

TE

ISIS-TE OSPF-TE

•MPLS-TE: set of extensions to MPLS • explicit or constraint based routing • use RSVP-TE to set up explicit paths • bandwidth reservation

• Cost optimisation (better utilisation of network resources) • Congestion management • Dynamic services & traffic profiles • Efficient routing (predictable, deterministic paths) and rerouting in case of failures • Availability/ resilience / fast restoration • QoS / separate realtime latency-critical services from other traffic

“MORE CONTROL”

Traffic Engineering TE

RFC-3272: Overview and Principles of Internet Traffic Engineering RFC-2702: Requirements for Traffic Engineering over MPLS

Virtual Private LAN Service

• A VPLS is (provider) service that emulates the full functionality of traditional LAN • A Layer 2 Virtual Private Network (VPN) • VPLS is "private" in that CE devices that belong to different VPLSs cannot interact • VPLS is "virtual" in that multiple VPLSs can be offered over a common packet switched network (over

IP/MPLS network)

VPLS

PE-A

PE-B

PE-CVPN-Customer E

VPN-Customer E

VPN-Customer E

MPLS core

P

PPP

Single LAN segment

Virtual Private LAN ServiceVPLS

• Ethernet service: frames sent to broadcast addresses and unknown dest MAC addresses are flooded to all ports

• all unknown unicast, broadcast and multicast frames are flooded over the corresponding Pseudo-Wires to all PE nodes participating in the VPLS

• Responsibility of service provider to create loop-free topology• Full-mesh of Pseudo-Wires connecting the edge sites

• Using LDP for Signaling [RFC-4762]• Using BGP for Auto-Discovery and Signaling [RFC-4761]

Latest New Protocols

EVPN Segment Routing

Ethernet VPN

• VPLS has number of limitations in redundancy, multicast, multihoming, provisioning simplicity • New RFC on defining the requirements for a new solution: Ethernet VPN (EVPN) [RFC-7209]

EVPN

• EVPN is Layer 2 overlay on IP/MPLS network • Virtual multipoint bridged connectivity between different Layer 2 domains

• Control plane is MP-BGP •New address family •Allows MAC addresses to be treated as routes in the BGP table •Entry can contain just a MAC address or an IP address + MAC address (ARP entry) •With or without VLAN tags

See: RFC-7432: BGP MPLS-based Ethernet VPN

• Alternative for LDP and RSVP-TE in MPLS networks • Segment routing is a new forwarding paradigm that provides source routing • The source can define the path a packet will take • SR uses MPLS to forward packets (in IPv4), but labels are distributed by IGP (OSPF, ISIS)

Source Routing: a node steers packets through an ordered list of instructions (segments) that are encoded in the packet header

SRSegment Routing

• Alternative for LDP and RSVP-TE in MPLS networks • Segment routing is a new forwarding paradigm that provides source routing • The source can define the path a packet will take • SR uses MPLS to forward packets (in IPv4), but labels are distributed by IGP (OSPF, ISIS)

Source Routing • the source chooses a path and encodes it in the packet header as an ordered list of segments• the rest of the network executes the encoded “instructions”• Segment: an identifier for any type of instruction• forwarding or service• Example segments: particular node in network, network link, prefix

Source Routing: a node steers packets through an ordered list of instructions (segments) that are encoded in the packet header

SRSegment Routing

• SR allows to enforce a flow through any topological path and service chain while maintaining per-flow state only at the ingress node to the SR domain;• Application for SR enable some kind of application controller that can steer traffic over different paths, depending on

different requirements and the current state of the network;• Doing this now requires MPLS-TE, as well as keeping state in many device, with SR, there is no need to keep state in

intermediary devices

Segment Routing – Forwarding Plane MPLS: ordered list of segments is represented as a stack of labels –Segment Routing re-uses MPLS data plane without any change–Segment is encoded as MPLS label–Applicable to IPv4 and IPv6 address familiesIPv6: an ordered list of segments is encoded in a routing extension header

The state is in the packet, not in the network

SRSegment Routing

See for more info: IETF SPRING WG and http://www.segment-routing.net/home

7

•  Source routing along any explicit path Stack of “adjacency segment” labels

•  Segment Routing provides entire path control

B C

N O

Z

D

P

A

9101

9105 9107

9103

9105

9101

9105

9107

9103

9105

9105

9107

9103

9105

9107

9103

9105

9103

9105 9105

segment routing with central optimization (PCE - path computation element)

Next Header Length Type Segments Left

Segment 0

Segment 1

Segment 2

First Segment Flags Reserved

Optional Type Length Value Objects (variable)

Segment n

• segment encoded as IPv6 address • ordered list of segments is encoded as ordered list of IPv6 addresses in the routing header • active segment is indicated by the Destination Address of the packet • next active segment is indicated by a pointer in the routing header

(1) Picture from: https://conference.apnic.net/data/36/apnic36-segment-routing-santanu_v2s_1377667562.pdf

(1)

SRSegment Routing

Just look at the number of RFCs after RFC-3013 and the drafts in the MPLS WG of the IETF: https://datatracker.ietf.org/wg/mpls/

• MPLS over 15 years old but…• Still heavily used• Still lot of activities on standardisation• Lot of new activities building upon or extending MPLS

MPLS et cetera …





Thanks for your attention!

Questions? marĳ[email protected]

mpls an 9march2018-wide · multi-protocol label switching the m in mpls stands for multi-protocol,...

Documents