Beruflich Dokumente
Kultur Dokumente
Santanu Dasgupta
santanu@cisco.com
Edge
Edge
MPLS QoS
MPLS TE
MPLS OAM/MIBs
Layer-3 VPNs
Layer-2 VPNs
MPLS Signaling and Forwarding
Edge
Edge
MPLS QoS
Edge
Core MPLS
MPLS TE
Core
Core
MPLS OAM/MIBs
Edge
Network
NetworkInfrastructure
Infrastructure
Agenda
Introduction
MPLS Network Components
MPLS VPNs
MPLS Layer-3 VPNs
MPLS Layer-2 VPNs
MPLS QoS
MPLS Traffic Engineering
MPLS Management
Summary
Core MPLS
End-to-end MPLS
Services
MPLS Network
Services
Introduction
The business drivers for MPLS
Presentation_ID
Cisco Public
Enterprise/end-user perspective
Campus/LAN
Need for network segmentation (users, applications,
etc.)
WAN connectivity (connecting enterprise networks)
Need for easier configuration of site-to-site WAN
connectivity
Evolution of MPLS
Evolved from tag switching in 1996 to full IETF
standard, covering over 130 RFCs
Key application initially were Layer-3 VPNs, followed
by Traffic Engineering (TE), and Layer-2 VPNs
For your
reference
only
MPLS Applications
Service
Providers
Key Features
L2/L3VPNs
TE/FRR
QoS
High Availability
Applications
Data center
interconnect
Segmentation for IT
Mergers,
Acquisitions, spinoffs
Enterprise Data
Center
Data center
interconnects
EWAN
Edge
VPNs
VPNs / VRFs
VPNs / VRFs
TE/FRR
VRF-Aware Security
High Availability
High Availability
High Availability
Departmental
segmentation
Service multiplexing
Security
Mergers, Acquisitions,
spinoffs
Disaster Recovery
Vmotion support
Branch Interconnects
Internet Access
Branch Connectivity
10
Layer-3 VPNs
Layer-2 VPNs
MPLS QoS
MPLS TE
MPLS OAM/MIBs
Core MPLS
Network Infrastructure
11
Presentation_ID
Cisco Public
12
Layer-2 VPNs
MPLS TE
MPLS OAM/MIBs
Core MPLS
Network Infrastructure
13
The internals
MPLS labels
Processing of MPLS labels
Exchange of label mapping information
Forwarding of labeled packets
14
CE
PE
PE
CE
CE
CE
PE
PE
15
Label # 20bits
EXP S
TTL-8bits
PPP Header
Label
MAC Header
Label
16
Label Swap
L1
L2
Label Swap
L2
L3
L2/L3 Packet
CE
PE
PE
CE
CE
CE
PE
PE
17
18
Note that, in addition LDP, also other protocols are being used for
label information exchange
Will be discussed later
19
For your
reference
only
Uses UDP (port 646) for session discovery and TCP (port
646) for exchange of LDP messages
LDP operations
LDP Peer Discovery
LDP Session Establishment
MPLS Label Allocation, Distribution, and Updating MPLS
forwarding
20
LDP Operations
LDP startup
Local labels
assigned to RIB
prefixes and
stored in LIB
Peer discovery
and session setup
Exchange of
MPLS label
bindings
Programming of
MPLS forwarding
Based on LIB info
CEF/MFI updates
MPLS Node A
MPLS Node B
Session Setup
RIB
LIB
RIB
LIB
Label Binding
Exchange
LDP Interactions
with
MPLS Forwarding
MPLS
Forwarding
CEF/MFI
MPLS
Forwarding
CEF/MFI
21
RIB
Routing
Process
Routing
Updates/
Adjacencies
LIB
MPLS
Process
Label Binding
Updates/
Adjacencies
MFI
FIB
MPLS Traffic
Forwarding
IP Traffic
Forwarding
22
FIB
FIB
Address
Prefix
I/F
128.89
0
1
Address
Prefix
I/F
Address
Prefix
I/F
128.89
128.89
171.69
171.69
171.69
128.89
0
0
128.89.25.4
Data
128.89.25.4
Data
1
128.89.25.4
Data
128.89.25.4
Data
171.69
Packets Forwarded
Based on IP Address
(via RIB lookup)
2010 Cisco and/or its affiliates. All rights reserved.
23
MFI/FIB
MFI/FIB
In
Address Out Out
Label Prefix
Iface Label
In
Address Out Out
Label Prefix
Iface Label
In
Address Out Out
Label Prefix
Iface Label
128.89
128.89
171.69
171.69
128.89
0
0
Routing Updates
(OSPF, EIGRP, )
128.89
171.69
24
MFI/FIB
MFI/FIB
In
Address Out Out
Label Prefix
Iface Label
In
Address Out Out
Label Prefix
Iface Label
In
Address Out Out
Label Prefix
Iface Label
128.89
128.89
171.69
171.69
128.89
128.89
171.69
25
MFI/FIB
MFI/FIB
In
Address Out Out
Label Prefix
Iface Label
In
Address Out Out
Label Prefix
Iface Label
In
Address Out Out
Label Prefix
Iface Label
128.89
128.89
171.69
171.69
128.89
128.89
Label Distribution
Protocol (LDP)
171.69
(Downstream Allocation)
2010 Cisco and/or its affiliates. All rights reserved.
26
MFI/FIB
MFI/FIB
In
Address Out Out
Label Prefix
Iface Label
In
Address Out Out
Label Prefix
Iface Label
In
Address Out Out
Label Prefix
Iface Label
128.89
128.89
171.69
171.69
128.89
128.89
0
128.89.25.4
1
128.89.25.4
Data
9
128.89.25.4
Data
128.89.25.4
Data
Data
171.69
27
28
CE
PE
OSPF, IS-IS,
EIGRP, EIGRP
PE
CE
LDP, RSVP
CE
CE
PE
PE
29
Label Stacking
More than one label can be used for MPLS packet encapsulation
Creation of a label stack
TE Label
LDP Label
VPN Label
Inner Label
Layer 2/3
Packet Header
30
Summary
MPLS uses labels to forward traffic
More than one label can be used for traffic
encapsulation; multiple labels make up a label stack
Traffic is encapsulated with label(s) at ingress and at
egress labels are removed in MPLS network
MPLS network consists of PE router at ingress/egress
and P routers in the core
MPLS control plane used for signaling label mapping
information to set up end-to-end Label Switched Paths
MPLS forwarding plane used for label imposition
(PUSH), swapping, and disposition (POP) operation
2010 Cisco and/or its affiliates. All rights reserved.
31
MPLS VPNs
Overviews
Presentation_ID
Cisco Public
32
Layer-3 VPNs
MPLS QoS
Layer-2 VPNs
MPLS TE
MPLS OAM/MIBs
Network Infrastructure
33
34
CE
PE-CE
Link
PE
PE
CE
VPN
CE
CE
PE
PE
PE-CE link
Connect customer network to SP network; layer-2 or layer-3
VPN
Dedicated secure connectivity over shared infrastructure
2010 Cisco and/or its affiliates. All rights reserved.
35
Enterprise/end-user perspective
Enables site/campus network segmentation
Allows for dedicated connectivity for users, applications,
etc.
Enables easier setup of WAN connectivity
Easier configuration of site-to-site WAN connectivity (for
L3VPN and VPLS); only one WAN connection needed
36
Layer-2 VPNs
Layer-3 VPNs
Point-to-Point
Layer-2 VPNs
Multi-Point
Layer-2 VPNs
CPE connected to
PE via p2p Layer-2
connection (FR,
ATM)
CPE connected to
PE via Ethernet
connection (VLAN)
CE-CE routing; no
SP involvement
37
Presentation_ID
Cisco Public
38
39
40
CE
VRF Green
PE
MPLS Backbone IGP
CE
VPN 2
VRF Blue
41
Customer
Route
Exchange
CE
CE
Customer
Route
Exchange
BGP RR
PE
VRF
VRF
PE
PE
VPN 1
VRF
VPN 2
VRF
P
Label switched traffic
CE
CE
PE
MP-iBGP Session
42
CE1
BGP advertisement:
VPN-IPv4 Addr = RD:16.1/16
BGP Next-Hop = PE1
Route Target = 100:1
Label=42
PE1
VRF
No VPN Routes
in core (P) nodes
VPN 1
PE2
VRF
eBGP:
16.1/16
IP Subnet
CE2
ip vrf Green
RD 1:100
route-target export 1:100
route-target import 1:100
Processing Steps:
1. CE1 redistribute IPv4 route to PE1 via eBGP.
2. PE1 allocates VPN label for prefix learnt from
CE1 to create unique VPNv4 route
3. PE1 redistributes VPNv4 route into MP-iBGP, it
sets itself as a next hop and relays VPN site
routes to PE2
4. PE2 receives VPNv4 route and, via processing
in local VRF (green), it redistributes original
IPv4 route to CE2.
43
IPv4
CE1
IPv4
Packet
PE1
VRF
IGP VPNv4
Label B Label IPv4
P1
IGP VPNv4
Label A Label IPv4
P2
VPN 1
IPv4
PE2
VRF
IPv4
Packet
CE2
ip vrf Green
RD 1:100
route-target export 1:100
route-target import 1:100
Processing Steps:
1. CE2 forwards IPv4 packet to PE2.
2. PE2 imposes pre-allocated VPN label (learned via MP-IBGP) to IPv4 packet
received from CE2.
3. PE2 imposes outer IGP label (learned via LDP) and forwards labeled packet
to next-hop P-router P2.
4. P-routers P1 and P2 swap outer IGP label and forward label packet to PE1.
5. Router PE1 strips VPN label and forwards IPv4 packet to CE1.
2010 Cisco and/or its affiliates. All rights reserved.
44
Aerospace
Cosmetics
Remote Site 1
VRF instances
created for each
group at the edge
Central site - HQ
Financial
Services
Financial Services
Cosmetics
VPN_Fin
VPN_Fin
VPN_Cos
VPN_Cos
VPN_Aero
MPLS Backbone
Remote Site 2
Remote Site 3
VPN_Aero
VPN_Cos
VPN_Fin
VPN_Aero
Aerospace
Financial
Services
Cosmetics
Aerospace
45
Central Site
Central Site
MPLS Backbone
Remote Sites
Remote Sites
2010 Cisco and/or its affiliates. All rights reserved.
46
For your
reference
only
Access
Distribution
Core
Internet
47
VRF-lite + 802.1Q
VLANs
VRF-lite + GRE
tunnels
Layer-3 MPLS
VPNs
Core
802.1Q VLAN ID
mapping onto VRFs
Distribution nodes
configured as PE routers
with VRF(s)
For your
reference
only
End-to-end
Connectivity
End-to-end label
switched paths (LSPs)
between distribution
nodes (PE routers)
48
For your
reference
only
L2
No BGP or MPLS
VRF-lite configured on core and
distribution nodes
Many-to-Many model
Restricted scalability
Typical for department
inter-connectivity
Layer 3
Multi-VRF
VPN1
L2
VPN2
802.1Q
49
For your
reference
only
L2
No BGP or MPLS
VRF-lite only configured on
distribution nodes
Layer 3
Multi-VRF
VPN1
L2
VPN2
GRE
50
For your
reference
only
L2
MPLS
VRF
VPN1
L2
VPN2
51
52
Presentation_ID
Cisco Public
53
L2VPN Options
L2VPN Models
VPLS
VPWS
L2TPv3
IP Core
AToM
Ethernet
MPLS Core
Ethernet
Ethernet
Frame Relay
Frame Relay
54
SP
Interconnection
PE Router
SP
Network
PE Router
Pseudo Wire
FR
ATM
PPP
Many Subscriber
Encapsulations
Supportable
HDLC
Ethernet
2010 Cisco and/or its affiliates. All rights reserved.
55
Customer2
Site1
PSN Tunnel
PWES
PWES
Customer2
Site2
Pseudo-Wires
Customer1
Site1
PE
PE
PWES
PWES
Customer1
Site2
56
57
PE1
CE1
LDP session
Layer-2
Connection
5
2
PE2
CE2
Layer-2
Connection
58
CE1
Layer-2
Packet
Tunnel
VC
Label C Label
PE1
Tunnel
VC
Label B Label
L2
P1
Tunnel
VC
Label A Label
L2
P2
L2
L2
PE2
Layer-2
Packet
CE2
Processing Steps:
1. CE2 forwards layer-2 packet to PE2.
2. PE2 imposes VC (inner) label to layer-2 packet received from
CE2 and optionally a control word as well (not shown).
3. PE2 imposes Tunnel outer label and forwards packet to P2.
4. P2 and P1 router forwards packet using outer (tunnel) label.
5. Router PE2 strips Tunnel label and, based on VC label, layer-2
packet is forwarded to customer interface to CE1, after VC label
is removed
In case control word is used, new layer-2 header is generated first.
2010 Cisco and/or its affiliates. All rights reserved.
59
PE1
Directed LDP
Label Exchange for VC1 Label 10
101
10 50
101
10 90
DLCI 201
DLCI 101
CPE Router,
FRAD
PE2
Neighbor LDP
Label 50
Neighbor LDP
Label 90
MPLS
Backbone
CPE Router,
FRAD
60
PE1
PE2
Site2
CE
MPLS
WAN
Site3
CE
61
62
VPLS Overview
Full Mesh of Targeted-LDP Sessions
Exchange VC Labels
Attachment Circuit
CE
n-PE
n-PE
PW
Tunnel LSP
CE
CE
Red VSI
Blue VSI
Green VSI
CE
PW
CE
PW
CE
Red VSI
Blue VSI
Green VSI
Directed LDP
Session Between
Participating PEs
CE
63
Customer A1
L2 Metro
Ethernet
Carrier A
PE1
PE2
Metro
Backbone
Provider
PE3
Metro
Ethernet
Carrier A
L2 Metro
Ethernet
Carrier A
CE12
CE22
QinQ
CE13
Customer A1
CE23
64
AToM PWs suited for implementing transparent point-topoint connectivity between Layer-2 circuits
VPLS suited for implementing transparent point-tomultipoint connectivity between Ethernet links/sites
65
MPLS QoS
Technology Overview and Applications
Presentation_ID
Cisco Public
66
Layer-3 VPNs
MPLS QoS
MPLS TE
Layer-2 VPNs
MPLS OAM/MIBs
Network Infrastructure
67
68
EXP
Layer-2 Header
MPLS Header
IP DiffServ Marking
DSCP
Layer 3 Header
69
For your
reference
only
CE
PE
IP
DSCP
3
MPLS
EXP 3
MPLS
EXP 2
MPLS
EXP 3
MPLS
EXP 3
MPLS
EXP 2
IP
DSCP
3
IP
DSCP
3
IP
DSCP
3
PE
IP
DSCP
2
IP
DSCP
2
70
For your
reference
only
CE
PE
IP
DSCP
3
PE
MPLS
EXP 3
MPLS
EXP 2
MPLS
EXP 2
MPLS
EXP 3
MPLS
EXP 3
MPLS
EXP 3
MPLS
EXP 2
IP
DSCP
3
IP
DSCP
3
IP
DSCP
3
IP
DSCP
3
IP
DSCP
3
71
For your
reference
only
CE
PE
IP
DSCP
3
MPLS
EXP 3
MPLS
EXP 2
MPLS
EXP 3
MPLS
EXP 3
MPLS
EXP 2
IP
DSCP
3
IP
DSCP
3
IP
DSCP
3
PE
IP
DSCP
3
IP
DSCP
3
72
73
Presentation_ID
Cisco Public
74
Layer-3 VPNs
MPLS QoS
MPLS TE
Layer-2 VPNs
MPLS OAM/MIBs
Network Infrastructure
75
Capacity planning
TE improves aggregate availability of the network
76
Node
Next-Hop
Cost
10
10
20
20
30
30
Router A
Router F
OC-3
OC-3
Router E
DS3
Router G
DS3
OC-3
Router C
DS3
OC-3
Router D
77
Next-Hop
Cost
10
10
20
20
Tunnel 0
30
Tunnel 1
30
Router B
Router A
Router F
OC-3
OC-3
Router E
DS3
40 Mb
OC-3
Router C
DS3
Router G
DS3
OC-3
Router D
78
Head end
IP/MPLS
Mid-point
TE LSP
Tail end
Auto-route
Static
PBR
CBTS / PBTS
Forwarding Adjacency
Tunnel select
* Optional
79
For your
reference
only
IP/MPLS
Neighbor address
Physical bandwidth
Maximum reservable bandwidth
Unreserved bandwidth
(at eight priorities)
TE metric
Administrative group (attribute flags)
TE
Topology
database
80
Path Calculation
TE nodes can perform
constraint-based routing
Find shortest
path to R8
with 8Mbps
IP/MPLS
R1
15
10
10
R8
10
10
TE
Topology
database
81
For your
reference
only
TE LSP Signaling
Tunnel signaled with TE
extensions to RSVP
Soft state maintained with
downstream PATH messages
Soft state maintained with
upstream RESV messages
Head end
IP/MPLS
LABEL_REQUEST (PATH)
LABEL (RESV)
EXPLICIT_ROUTE
RECORD_ROUTE (PATH/RESV)
SESSION_ATTRIBUTE (PATH)
RESV
Tail end
PATH
TE LSP
82
Router B
Router D
Router E
Router Y
Router X
Router C
Primary tunnel: A B D E
Backup tunnel: B C D (preprovisioned)
Recovery = ~ 50 ms
*Actual Time VariesWell Below 50 ms in Lab Tests, Can Also Be Higher
2010 Cisco and/or its affiliates. All rights reserved.
83
Internet
Service Provider
Backbone
Oversubscribed
Shortest Links
84
Service Provider
Backbone
VPN Site A
VPN Site B
85
MPLS TE Summary
MPLS TE can be used to implement traffic engineering to enable
enhanced network availability, utilization, and performance
Enhanced network availability can be implemented via MPLS TE
Fast Re-Route (FRR)
Link, node, and path protection
Automatically route around failed links/nodes; like SONET APS
86
MPLS Management
Technology Overview and Applications
Presentation_ID
Cisco Public
87
Layer-3 VPNs
MPLS QoS
MPLS TE
Layer-2 VPNs
MPLS OAM/MIBs
Network Infrastructure
2010 Cisco and/or its affiliates. All rights reserved.
88
89
For your
reference
only
Monitor service
End-to-end monitoring
Linked to customer SLAs
90
MPLS MIBs
MPLS OAM
Key Functionality
MPLS-LDP-STD-MIB
MPLS-L3VPN-STD-MIB
MPLS-TE-STD-MIB
91
sysUpTimeInstance = 8159606
sysUpTimeInstance = 8159606
snmpTrapOID.0 = mplsLdpSessionDown
snmpTrapOID.0 = mplsLdpSessionDown
mplsLdpSessionState.<index> = nonexistent(1)
mplsLdpSessionDiscontinuityTime.<index> = 8159605
mplsLdpSessionStatsUnknownMesTypeErrors.<index> = 0
mplsLdpSessionState.<index> = nonexistent(1)
mplsLdpSessionDiscontinuityTime.<index> = 8159605
mplsLdpSessionStatsUnknownTlvErrors.<index> = 0
mplsLdpSessionStatsUnknownMesTypeErrors.<index> = 0
ifIndex.5 = 5
mplsLdpSessionStatsUnknownTlvErrors.<index> = 0
ifIndex.5 = 5
snmpTrapOID.0 = linkDown
sysUpTimeInstance = 8160579
ifIndex.5 = 5
PE1
PE1
ifDescr.5 = Ethernet1/0
snmpTrapOID.0 = mplsLdpSessionDown
ifType.5 = ethernetCsmacd(6)
mplsLdpSessionState.<index> = nonexistent(1)
LDP session
P1
P1
mplsLdpSessionDiscontinuityTime.<index> = 8160579
LDP session
mplsLdpSessionStatsUnknownMesTypeErrors.<index>
= 0
mplsLdpSessionStatsUnknownTlvErrors.<index> = 0
ifIndex.5 = 5
mplsLdpSessionState.<index> = nonexistent(1)
mplsLdpSessionDiscontinuityTime.<index> = 8160579
mplsLdpSessionStatsUnknownMesTypeErrors.<index> = 0
mplsLdpSessionStatsUnknownTlvErrors.<index> = 0
ifIndex.5 = 5
92
93
P1
P2
PE1
PE2
94
95
Summary
Final Notes and Wrap Up
Presentation_ID
Cisco Public
96
97
For your
reference
only
MPLS Applications
Service
Providers
Key Features
L2/L3VPNs
TE/FRR
QoS
High Availability
Applications
Data center
interconnect
Segmentation for IT
Mergers,
Acquisitions, spinoffs
Enterprise Data
Center
Data center
interconnects
EWAN
Edge
VPNs
VPNs / VRFs
VPNs / VRFs
TE/FRR
VRF-Aware Security
High Availability
High Availability
High Availability
Departmental
segmentation
Service multiplexing
Security
Mergers, Acquisitions,
spinoffs
Disaster Recovery
Vmotion support
Branch Interconnects
Internet Access
Branch Connectivity
98
99
Q and A
Presentation_ID
Cisco Public
100
101