Intro To Mpls

Introduction to MPLS
BRKRST-1101
BRKRST-1101
2009 Cisco Systems, Inc. All rights reserved.
Cisco Public
Goals of This Session

Understand history and business drivers for MPLS Learn about MPLS customer and market segments p g Understand the problems MPLS is addressing Understand benefits of deploying MPLS Understand the major MPLS technology components Learn the basics of MPLS technology Understand typical applications of MPLS
BRKRST-1101
Cisco Public
Agenda
Introduction MPLS Network Components MPLS VPNs
MPLS Layer-3 VPNs MPLS Layer-2 VPNs
MPLS QoS MPLS Traffic Engineering g g MPLS Management Summary

BRKRST-1101 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
Introduction
The Business Drivers for MPLS
BRKRST-1101
Cisco Public
Why Multi Protocol Label Switching?

SP/carrier perspective
Reduce costs (CAPEX); consolidate networks Consolidated network for multiple Layer-2/3 services Support increasingly stringent SLAs Handle increasing scale/complexity of IP-based services
Enterprise/end-user perspective /
Campus/LAN Need for t N d f network segmentation (users, applications, etc.) k t ti ( li ti t ) WAN connectivity (connecting enterprise networks) Need for easier configuration of site-to-site WAN connectivity site to site
BRKRST-1101
Cisco Public
What Is MPLS Technology?

Its all about labels Use the best of both worlds
Layer-2 (ATM/FR): efficient forwarding and traffic engineering Layer-3 (IP) fl ibl and scalable L 3 (IP): flexible d l bl
MPLS forwarding plane

Use of labels for forwarding Layer-2/3 data traffic Labeled packets are being switched instead of routed Leverage layer-2 forwarding efficiency
MPLS control/signaling plane

Use of existing IP control protocols extensions + new protocols to exchange label information Leverage layer-3 control protocol flexibility and scalability
Evolution of MPLS
Evolved from tag switching in 1996 to full IETF standard, covering over 130 RFC t d d i RFCs Key application initially were Layer-3 VPNs, followed by Traffic Engineering ( ), and Layer-2 VPNs g g (TE), y
MPLS Group Formally Chartered by IETF Cisco Calls a BOF at IETF to Standardize Tag Switching Cisco Ships MPLS (Tag Switching) MPLS VPN Deployed Cisco Ships MPLS TE TE Deployed Large Scale Deployment AToM Interprovider Capabilities MPLS OAM Bandwidth Protection
Layer 2 Interworking
1996
BRKRST-1101
1997
1998
1999
2000 Time
2001
2002
2003
2004+
7
Cisco Public
MPLS Customer Distribution

Total Cisco MPLS Customer Count Well Over 400
MPLS Customer Segments Geographic Customer Distribution
AsiaPac 9%
Government 12% Emerging Markets 20% European Markets 42%
Japan 2%
Service Provider 45% Enterprise 43%
US and Canada 27%
Source: MPLS Tracker and Various Other Internal Cisco Databases, Based on 2008 Data.
MPLS Enterprise Customer Segments

30 25 % of Tot MPLS Enterprise Customer Base tal e
Financials, Transportation, and System p y Integrators are currently biggest enterprise customer segments for MPLS
20
15 25 10 20
13 5
13 10 9 7 3 3 3 2
C R M
0
Fi na nc Tr ia l an sp or Sy ta tio st em n In Ed te gr uc at at or io n/ R es ea rc h R et ai C on l gl om er at e In te rn C al on IT te nt Pr ov id er nc M e an uf ac tu rin g In su ra En er gy
Enterprise Customer Segments
Source: MPLS Tracker and Various Other Internal Cisco Databases, Based on 2008 Data.
M D ed ef en ia /E se nt er ta in m Ph en t ar m ac eu tic al G ov er nm en t H ea lth ca re
Enterprise MPLS Customers

Two types of enterprise customers for MPLS technology MPLS indirectly used as subscribed WAN service
Enterprise subscribes to WAN connectivity data service offered by external service provider Data connectivity service implemented by service p y p y provider via MPLS VPN technology (e.g., layer-2 and layer-3 VPNs) VPN service can be managed or unmanaged
MPLS used as part of self managed network

Enterprise deploys MPLS in its own network Enterprise manages it own MPLS b E t i its MPLS-based network d t k
10
Enterprise MPLS Drivers

Network segmentation
Network virtualization Distributed application virtualization
Network realignment/migration
Consolidation of (multiple) legacy networks Staged network consolidation after company merger/acquisition
Network optimization
Full-mesh and hub-and-spoke connectivity Traffic Engineering (TE) for bandwidth protection
BRKRST-1101
Cisco Public
11
Business Drivers
Market Segment Example Companies and Organizations Investment/retail banks Financials Financial service providers Business Drivers Secure integration of external network of acquired firm Increased network reliability Leverage common network infrastructure for multiple airport tenants i tt t Need for secure and cost effective connectivity between state agencies
Transportation
Airports
Government
Federal government Local State government
BRKRST-1101
Cisco Public
12
MPLS Technology Framework

End-to-end Services
Layer-3 VPNs
Layer-2 VPNs
MPLS Network Services
MPLS QoS
MPLS TE
MPLS OAM/MIBs
Core MPLS
MPLS Signaling and Forwarding g g g
Network Infrastructure
BRKRST-1101
Cisco Public
13
MPLS Technology Components

Basic Building Blocks of MPLS
BRKRST-1101
Cisco Public
14
MPLS Forwarding and Signaling

MPLS Label Forwarding and Signaling Mechanisms
Layer-3 VPNs
Layer-2 VPNs
MPLS QoS
MPLS TE
Core MPLS
MPLS OAM/MIBs
BRKRST-1101
Cisco Public
15
Basic Building Blocks

The big picture
MPLS-enabled network devices Label Switched Paths (LSPs)
The internals
MPLS labels Processing of MPLS labels Exchange of label mapping information Forwarding of labeled packets F di fl b l d k t
Other related protocols and protocols to exchange label information

Between MPLS-enabled devices
16
MPLS Network Overview

MPLS Domain
CE
PE
PE
CE
CE PE P
Label switched traffic
CE P PE
P (Provider) router = l b l switching router = core router (LSR) (P id ) t label it hi t t

Switches MPLS-labeled packets
PE (Provider Edge) router = edge router (LSR)

Imposes and removes MPLS l b l I d labels
CE (Customer Edge) router

Connects customer network to MPLS network
17
MPLS Label and Label Encapsulation

MPLS Label
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Label # 20bits
EXP S
TTL-8bits
COS/EXP = Class of Service: 3 Bits; S = Bottom of Stack; TTL = Time to Live
MPLS Label Encapsulation

PPP Header (Packet over SONET/SDH)
PPP Header Label Layer 2/L3 Packet
One or More Labels Appended to the Packet (Between L2/L3 packet header and link layer header)
LAN MAC Label Header
MAC Header
Label
Layer 2/L3 Packet
BRKRST-1101
Cisco Public
18
MPLS Label Operations

Label Imposition (Push)
L1
Label Swap
L1 L2
Label Swap
L2 L3
Label Disposition (PoP)

L3
L2/L3 Packet
CE
PE
PE
CE
CE PE P P PE
CE
Label imposition (Push)

By ingress PE router; classify and label packets
Label swapping or switching

By P router; forward packets using labels; indicates service class and destination
Label disposition (PoP)

By egress PE router; remove label and forward original packet to destination CE
19
Forwarding Equivalence Class

Mechanism to map ingress layer-2/3 packets onto a Label Switched Path (LSP) by ingress PE router
Part of label imposition (Push) operation
Variety of FEC mappings possible

IP prefix/host address Groups of addresses/sites (VPN x) Used for L3VPNs Layer 2 circuit ID (ATM, FR, PPP, HDLC, Ethernet) Used for Pseudowires (L2VPNs) A bridge/switch instance (VSI) Used for VPLS (L2VPNs) Tunnel interface Used for MPLS traffic engineering (TE)
20
Label Distribution Protocol

MPLS nodes need to exchange label information with each other
Ingress PE node (push operation) Needs to know what label to use for a given FEC to send packet to neighbor Core P node (swap operation) Needs to know what label to use for swap operation for incoming labeled packets Egress PE node (pop operation) Needs to tell upstream neighbor what label to use for specific FEC type LDP used for exchange of label (mapping) information
Label Distribution Protocol (LDP)

Defined in RFC 3035 and RFC3036; updated by RFC5036 LDP is a superset of the Cisco-specific Tag Distribution Protocol
Note that, in addition LDP also other protocols are being used for that LDP, label information exchange
Will be discussed later
21
Some More LDP Details
For your reference only
Assigns, distributes, and installs (in forwarding) labels for prefixes advertised by unicast routing protocols
OSPF, IS-IS, EIGRP, etc.
Also used for Pseudowire/PW (VC) signaling

Used for L2VPN control plane signaling
Uses UDP (port 646) for session discovery and TCP (port 646) for exchange of LDP messages LDP operations
LDP Peer Discovery LDP Session E t bli h S i Establishment t MPLS Label Allocation, Distribution, and Updating MPLS forwarding
Information repositories used by LDP

LIB: Label Information Database (read/write) RIB: Routing Information Database/routing table (read-only)
22
LDP Operations
LDP startup
Local labels assigned to RIB prefixes and stored in LIB Peer discovery and session setup Exchange of MPLS label bindings l b l bi di MPLS Node A
RIB LIB
Label Binding Exchange
LDP Control Plane

Session Setup
MPLS Node B
RIB LIB
Programming of g MPLS forwarding

Based on LIB info CEF/MFI updates
LDP Interactions I t ti with MPLS Forwarding
MPLS Forwarding CEF/MFI
MPLS Forwarding CEF/MFI
BRKRST-1101
Cisco Public
23
MPLS Control and Forwarding Plane

MPLS control plane
Used for distributing labels and building label-switched paths (LSPs) Typically supported by LDP; also supported via RSVP and BGP Labels define destination and service
RIB Routing Process
Routing Updates/ Adjacencies
LIB
MPLS Process
Label Binding Updates/ Adjacencies
MPLS forwarding plane

Used for label imposition, swapping, and disposition Independent of type of control plane Labels separate forwarding from IP address-based routing
MFI
MPLS Traffic Forwarding
FIB
IP Traffic Forwarding
24
IP Packet Forwarding Example

FIB
Address Prefix 128.89 171.69 I/F 1 1
FIB
I/F 0 1
FIB
Address Prefix 128.89 171.69 I/F 0 1
Address Prefix 128.89 171.69
128.89 0 0 1 1 128.89.25.4 Data 128.89.25.4 Data 171.69 171 69 128.89.25.4 Data 128.89.25.4 Data
Packets Forwarded Based on IP Address (via RIB lookup)

25
Step 1: IP Routing (IGP) Convergence

MFI/FIB
In Address Label Prefix 128.89 171.69 Out Out Iface Label 1 1
MFI/FIB
MFI/FIB
In Address Label Prefix 128.89 Out Out Iface Label 0
0 1 0
128.89
You Can Reach 128.89 and 171.69 171 69 Thru Me
You Can Reach 128.89 Thru Me

1
Routing Updates (OSPF, EIGRP ) (OSPF EIGRP, )
You Can Reach 171.69 Thru Me
171.69 171 69
BRKRST-1101
Cisco Public
26
Step 2a: LDP Assigns Local Labels

MFI/FIB
MFI/FIB
In Address Label Prefix 4 5 128.89 171.69 Out Out Iface Label 0 1
MFI/FIB
In Address Label Prefix 9 128.89 Out Out Iface Label 0 -
0 1 0
128.89
171.69 171 69
BRKRST-1101
Cisco Public
27
Step 2b: LDP Assigns Remote Labels

MFI/FIB
In Address Label Prefix 128.89 171.69 Out Out Iface Label 1 1 4 5
MFI/FIB
In Address Label Prefix 4 5 128.89 171.69 Out Out Iface Label 0 1 9 7
MFI/FIB
0 1 0
128.89
Use Label 4 for 128.89 and Use Label 5 for 171 69 171.69
Use Label 9 for 128.89

1
Label Distribution Protocol (LDP) P t l

(Downstream Allocation)
BRKRST-1101 2009 Cisco Systems, Inc. All rights reserved.
Use Label 7 for 171.69
171.69 171 69
Cisco Public
28
Step 3: Forwarding MPLS Packets

MFI/FIB
In Address Label Prefix 128.89 171.69 Out Out Iface Label 1 1 4 5
MFI/FIB
In Address Label Prefix 4 5 128.89 171.69 Out Out Iface Label 0 1 9 7
MFI/FIB
0 0
128.89 Data
128.89.25.4 1 9 128.89.25.4 Data 4 128.89.25.4 Data 1 128.89.25.4 Data
Label Switch Forwards Based on Label
171.69 171 69
BRKRST-1101
Cisco Public
29
Summary Steps For MPLS Forwarding

Each node maintains IP routing information via IGP
IP routing table (RIB) and IP forwarding table (FIB)
LDP leverages IGP routing information LDP label mapping exchange (between MPLS nodes) takes place after IGP has converged
LDP depends on IGP convergence Label binding information stored in LIB
Once LDP h received remote l b l bi di O has i d t label binding information MPLS forwarding is updated
Label bindings are received from remote LDP peers MPLS forwarding via MFI
30
MPLS Network Protocols

MP-iBGP OSPF, IS-IS, EIGRP, EIGRP
CE
PE
PE
CE
LDP, RSVP
CE PE P
CE P PE
IGP: OSPF, EIGRP, IS-IS on core facing and core links RSVP and/or LDP on core and/or core facing links MP-iBGP on PE devices (for MPLS services)
31
Label Stacking
More than one label can be used for MPLS packet encapsulation
Creation of a label stack
Recap: labels correspond to Forwarding Equivalence Class (FEC)

Each label in stack used for different purposes
Outer label always used for switching MPLS packets in network Remaining inner labels used to specific services/FECs, etc. Last label in stack marked with EOS bit Allows building services such as
MPLS VPNs; LDP + VPN label Traffic engineering (FRR): LDP + TE label VPNs over TE core: LDP + TE + VPN label Any transport over MPLS: LDP + PW label Inner Label I L b l Outer Label TE Label LDP Label VPN Label Layer 2/3 Packet Header
32
BRKRST-1101
Cisco Public
MPLS Core Architecture Summary

1a. Existing Routing Protocols (e.g. OSPF, IS-IS) Establish Reachability to Destination Networks 1b. 1b LDP Establishes Label to Destination E t bli h L b l t D ti ti Network Mappings 4. 4 Edge LSR at Egress Removes Label and Delivers Packet
2. Ingress Edge LSR Receives Packet, Performs Layer 3 Value Added Value-Added Services, and Labels Packets
3. LSR Switches Packets Using Label Swapping

33
Summary
MPLS uses labels to forward traffic More than one label can be used for traffic encapsulation; multiple labels make up a label stack Traffic is encapsulated with label(s) at ingress and at egress labels are removed in MPLS network MPLS network consists of PE router at i t k i t f t t ingress/egress / and P routers in the core MPLS control plane used for signaling label mapping information to set up end-to-end Label Switched Paths MPLS forwarding plane used for label imposition (PUSH), swapping, and disposition (POP) operation
34
MPLS VPNs
Overview
BRKRST-1101
Cisco Public
35

End-to-End Data Connectivity Services Across MPLS Networks (from PE to PE)
End-to-end Services
Layer-3 La er 3 VPNs
Layer-2 La er 2 VPNs
MPLS QoS
MPLS TE
MPLS OAM/MIBs
MPLS Signaling and Forwarding
BRKRST-1101
Cisco Public
36
What Is a Virtual Private Network?

VPN is a set of sites or groups which are allowed to communicate with each other in a secure way
Typically over a shared public or private network infrastructure
VPN is defined by a set of administrative policies

Policies established by VPN customers themselves (DIY) Policies implemented by VPN service provider (managed/unmanaged)
Different inter-site connectivity schemes possible

Ranging from complete to partial mesh, hub-and-spoke
Sites may be either within the same or in different organizations

VPN can be either intranet or extranet
Site may be in more than one VPN

VPNs may overlap
Not all sites have to be connected to the same service provider

VPN can span multiple providers
37
MPLS VPN Example

PE-CE Link PE-CE Link
CE
PE
PE
CE
VPN
CE PE P
CE P PE
PE-CE PE CE link
Connect customer network to SP network; layer-2 or layer-3
VPN
Dedicated secure connectivity over shared infrastructure
38
MPLS VPN Benefits

SP/carrier perspective
Reduce costs (CAPEX) Leverage same network for multiple services and customers Migrate legacy networks onto single converged network Mi t l t k t i l d t k Reduce costs (OPEX) Easier service enablement; only edge node configuration
Enterprise/end-user perspective
Enables site/campus network segmentation Allows for dedicated connectivity for users, applications, etc. Enables easier setup of WAN connectivity Easier configuration of site-to-site WAN connectivity (for L3VPN and VPLS); only one WAN connection needed
39
MPLS VPN Options

MPLS VPN Models
Layer-2 VPNs y
Point-to-Point Layer-2 VPN L 2 VPNs
CPE connected to PE via p2p Layer-2 connection (FR, ATM) CEs peer with each other (IP routing) via p2p layer-2 VPN connection CE-CE routing; no SP involvement
BRKRST-1101
Layer-3 VPNs y
CPE connected to PE via IP-based connection (over any layer-2 type)
Multi-Point Layer-2 VPN L 2 VPNs

CPE connected to PE via Ethernet connection (VLAN) CEs peer with each other via fully/partial mesh Layer-2 VPN connection CE-CE routing; no SP involvement
Cisco Public
Static routing g PE-CE routing protocol; eBGP, OSPF, IS-IS CEs peer with PE router PE routers maintain customer-specific routing tables and exchange customer=specific routing information Layer-3 VPN providers PE routers are part of customer routing
40
MPLS Layer-3 VPNs

Technology Overview and Applications
BRKRST-1101
Cisco Public
41
MPLS L3 VPN Overview

Customer router (CE) has a IP peering connection with PE/edge router in MPLS network
IP routing/forwarding across PE-CE link
MPLS VPN network responsible for distributing routing information to remote VPN sites
MPLS VPN part of customer IP routing domain
MPLS VPNs enable full-mesh, hub-and-spoke, and hybrid connectivity among connected CE sites MPLS VPN service enablement in MPLS networks only requires VPN configuration at edge/PE nodes
Connectivity in core automatically established via BGP signaling
42
MPLS L3 VPN Technology Components

PE-CE link
Can be any type of layer-2 connection (e.g., FR, Ethernet) CE configured to route IP traffic to/from adjacent PE router Variety of routing options; static routes, eBGP, OSPF, IS-IS
MPLS L3VPN control plane

Separation of customer routing via virtual VPN routing table In PE router: customer I/Fs connected to virtual routing table Between PE routers: customer routes exchanged via BGP B t t t t h d i
MPLS L3VPN forwarding plane

Separation of customer VPN traffic via additional VPN label VPN label used by receiving PE to identify VPN routing table
43
Virtual Routing and Forwarding Instance

CE VPN 1 CE VPN 2 VRF Blue VRF Green PE MPLS Backbone IGP
Virtual Routing and Forwarding Instance (VRF) Typically one VRF created for each customer VPN on PE router VRF associated with one or more customer interfaces VRF has its own instance of routing table (RIB) and forwarding table (CEF) VRF has its own instance for PE-CE configured routing protocols
44
VPN Route Distribution

VPN Route Exchange Customer Route Exchange E h
BGP RR PE P P PE
Customer Route Exchange E h
CE
VRF
VPN 1 VPN 2
PE P
VRF
CE
CE
VRF VRF
CE P PE
MP-iBGP Session
Full mesh of BGP sessions among all PE routers

Multi-Protocol BGP extensions (MP-iBGP) Typically BGP Route Reflector (RR) used for improved scalability
45
VPN Control Plane Processing

eBGP: 16.1/16 IP Subnet BGP advertisement: VPN-IPv4 Addr = RD:16.1/16 BGP Next-Hop = PE1 Route Target = 100:1 Label 42 Label=42 No VPN Routes in core (P) nodes eBGP: 16.1/16 IP Subnet
CE1
PE1
VRF
PE2
VRF
VPN 1
ip vrf Green RD 1:100 route-target export 1:100 route-target import 1:100
CE2
Make Customer Routes Unique: Route Distinguisher (RD): 8-byte field, VRF parameters; unique value assigned by a provider to each VPN to make different VPN routes unique VPNv4 address: RD+VPN IP prefix Selective Distribute Customer Routes: Route Target (RT): 8-byte field, VRF parameter, parameter unique value to define the import/export rules for VPNv4 routes MP-iBGP: advertises VPNv4* prefixes + labels
Processing Steps: 1. 2. 3. CE1 redistribute IPv4 route to PE1 via eBGP. PE1 allocates VPN label for prefix learnt from CE1to create unique VPNv4 route PE1 redistributes VPNv4 route into MPiBGP, it sets itself as a next hop and relays VPN site routes to PE2 PE2 receives VPNv4 route and, via processing in local VRF (green), it redistributes original IPv4 route to CE2.
46
4.
VPN Forwarding Plane Processing

IPv4 IGP VPNv4 Label C Label IPv4 IGP VPNv4 Label B Label IPv4 IGP VPNv4 Label A Label IPv4 IPv4
CE1
IPv4 Packet
PE1
VRF
P1
P2
PE2
VRF
IPv4 Packet
VPN 1
ip vrf Green RD 1:100 route-target export 1:100 route-target import 1:100
CE2
Processing Steps: 1. 2. 3. 4. 5.
BRKRST-1101
CE2 forwards IPv4 packet to PE2. PE2 imposes pre-allocated VPN label (learned via MP-IBGP) to IPv4 packet pre allocated MP IBGP) received from CE2. PE2 imposes outer IGP label (learned via LDP) and forwards labeled packet to next-hop P-router P2. P-routers P1 and P2 swap outer IGP label and forward label packet to PE1. Router PE1 strips VPN label and forwards IPv4 packet to CE1.
2009 Cisco Systems, Inc. All rights reserved. Cisco Public
47
Use Case 1: Traffic Separation

Requirement: Need to ensure data separation between Aerospace, Cosmetics and Financial Services, while leveraging a shared Services infrastructure Solution: Create MPLS VPN for each group
Central site - HQ
VRF instances created for each group at the edge
Remote Site 1
Aerospace
Cosmetics
Financial Services
VPN_Fin VPN_Fin VPN_Cos VPN_Aero VPN_Cos
Financial Services
Cosmetics
MPLS Backbone
Remote Site 3
VPN_Aero VPN_Cos VPN_Fin VPN_Aero VPN Aero
Remote Site 2
Aerospace
Financial Services
Cosmetics
Aerospace
BRKRST-1101
Cisco Public
48
Use Case 2: Network Integration

Requirement: Need to handle acquired (or divested) companies Solution: Create MPLS VPN for each acquired company till appropriate security policies are established
Central site - HQ
Acquired Company Site 1
Remote Site 1 & Acquired Companys Site 2 maybe in the same physical location for reduced access costs
Aerospace
Cosmetics
Financial Services
VPN_Acq VPN_Fin VPN_Cos VPN_Aero
VRF instances added for each site of Acquired Company

VPN_Acq
Acquired Company Site 2
Remote Site 2
VPN_Aero VPN_Fin
MPLS Backbone
VPN_Cos VPN_Fin
Remote Site 1
Aerospace
Financial Services
Financial Services
Cosmetics
BRKRST-1101
Cisco Public
49
Use Case 3: Shared Access to Services

Requirement: To resell information (based on raw data) to other companies Solution: Enterprise needs to become an Information Provider. Solution set similar to Service ProvidersMPLS VPNs
VRF instances created for each subscriber company
Company A A Site 1
Company B and Company A B A Site 2 maybe in the same physical location for reduced access costs
Information Provider XYZ
Company B
VPN_A
VPN_A
VPN_B
MPLS Backbone
VPN_B
VPN_A
Company A Site 2
Company A and Company B access A B Information Provider XYZ for analysis, reports, trends, etc.
50
BRKRST-1101
Cisco Public
Use Case 4: Simplify Hub Site Design

Requirement: To ease the scale and design of head-end site Solution: Implement MPLS Layer 3 VPNs, which reduces the number of routing peers of the central site
Without MPLS
Central Site
With MPLS
Central site has high number of routing peers creates a complicated headend design
Central Site
Central site has a single routing peer enhancing head-end design
MPLS Backbone
Remote Sites
Remote Sites
51
Enterprise Network Architecture

Access Distribution
Core
Internet
BRKRST-1101
Cisco Public
52
Enterprise Network Segmentation

Distribution
VRF-lite + 802.1Q VLANs
VRF lite configured on distribution nodes VLAN mapping onto pp g VRFs VRF lite configured on distribution nodes VRFs associated with GRE tunnels Distribution nodes configured as PE routers with VRF(s)
Core
VRF lite configured on core nodes 802.1Q VLAN ID mapping onto VRFs Core nodes forward IP packets (GRE IP Packets) )
End-to-end Connectivity C ti it
Device Separation: VRF Data Path Separation: 802.1Q 802 1Q VLAN ID End-to-end GRE tunnels between distribution nodes End-to-end label switched paths (LSPs) between distribution nodes (PE routers)
VRF-lite + GRE tunnels
Layer-3 MPLS VPNs
Core nodes forward MPLS packets (via LFIB)
BRKRST-1101
Cisco Public
53
Option 1: VRF lite + 802.1Q VRF-lite

Layer-2 access No BGP or MPLS VRF-lite configured on core and distribution nodes MPLS labels substituted by 802.1q tags end-to-end Every link is a 802.1Q trunk Many-to-many model Restricted scalability Typical for department inter-connectivity
v Multi-VRF v v v v v
L2 Layer 3 r
VPN1 VPN2 802.1Q 802 1Q
L2
54
BRKRST-1101
Cisco Public
Option 2: VRF lite + GRE VRF-lite

L2 access No BGP or MPLS VRF-lite only configured on distribution nodes VLANs associated with end-to-end GRE tunnels Many-to-One model Restricted scalability Typical for user specific user-specific VPN connectivity
v Multi-VRF v v
L2 Layer 3 r
VPN1 VPN2 GRE
L2
55
BRKRST-1101
Cisco Public
Option 3: Layer-3 MPLS VPNs Layer 3

L2 access Distribution nodes configured as PE routers with VRFs MP iBGP MP-iBGP between distribution nodes
L2
MPLS S
MPLS packet forwarding by core nodes Many-to-nany model High scalability g y

v VRF
VPN1 VPN2
L2
56
BRKRST-1101
Cisco Public
MPLS Layer-3 VPN Summary Layer 3

Provide layer-3 connectivity among CE sites via IP peering (across PE-CE link) Implemented via VRFs on edge/PE nodes providing customer route and forwarding segmentation BGP used for control plane to exchange customer VPN (VPNv4) routes between PE routers MPLS VPNs enable full-mesh, hub-and-spoke, and hybrid IP connectivity among connected CE sites L3 VPNs for enterprise network segmentation can also be implemented via VRFs + GRE tunnels or VLANs
BRKRST-1101
Cisco Public
57
MPLS Layer-2 VPNs y

BRKRST-1101
Cisco Public
58
L2VPN Options
L2VPN Models VPWS
Virtual Private Wire Service
Point to Point
VPLS
Virtual Private LAN Service
Point to Multipoint p
MPLS Core
L2TPv3
IP Core Ethernet Frame Relay ATM (AAL5 and Cell) PPP and HDLC
AToM
MPLS Core Ethernet Frame Relay ATM (AAL5 and Cell) PPP and HDLC
Ethernet
MPLS Layer-2 VPNs y
Any Transport over MPLS: AToM
BRKRST-1101
Cisco Public
59
Layer 2 Layer-2 VPN Overview
BRKRST-1101
Cisco Public
60
Any Transport over MPLS Architecture

Based on IETFs Pseudo-Wire (PW) reference model PW is a connection (tunnel) between 2 PE devices, which connects 2 PW end-services
PW connects 2 Attachment Circuits (ACs) Bi-directional (for p2p connections) Use of PW/VC label for encapsulation
Customer2 Site1 Customer2 Site2
PWES
PSN Tunnel Pseudo-Wires Pseudo Wires
PWES
Customer1 Site1
PE
PE
PWES Emulated Layer-2 Service
PWES
Customer1 Site2
BRKRST-1101
Cisco Public
61
AToM Technology Components

PE-CE link
Referred to as Attachment Circuit (AC) Can be any type of layer-2 connection (e.g., FR, Ethernet)
AToM Control Plane

Targeted LDP (Label Distribution Protocol) session Virtual Connection (VC)-label negotiation, withdrawal, error notification
AToM F AT M Forwarding Plane di Pl

2 labels used for encapsulation + control word Outer tunnel (LDP) label To get from ingress to egress PE using MPLS LSP Inner de-multiplexer (VC) label To identify L2 circuit (p y (packet) encapsulated within tunnel label ) p Control word Replaces layer-2 header at ingress; used to rebuild layer-2 header at egress
62
AToM Control Plane Processing

4 5 2 3
LDP session Label Mapping Messages
5 2
CE1
Layer-2 Connection
PE1
PE2
Layer-2 Connection
CE2
Processing Steps (for both P1 and P2): 1. 2. 3. 4. 5. CE1 and CE2 are connected to PE routers via layer-2 connections Via CLI, a new virtual circuit cross-connect is configured, connecting customer interface to manually provided VC ID with target remote PE New targeted LDP session between PE routers established, in case one does not already exist d t l d i t PE binds VC label with customer layer-2 interface and sends labelmapping message to remote PE over LDP session Remote PE receives LDP label binding message and matches VC ID with local configured cross-connect
2009 Cisco Systems, Inc. All rights reserved. Cisco Public
BRKRST-1101
63
AToM Forwarding Plane Processing

L2 Tunnel VC Label C Label L2 Tunnel VC Label B Label L2 Tunnel VC Label A Label L2 L2
CE1
Layer-2 Packet
PE1
P1
P2
PE2
Layer-2 Packet
CE2
Processing Steps: 1. 2. 3. 4. 5. CE2 forwards layer-2 packet to PE2. PE2 imposes VC (inner) label to layer-2 packet received from CE2 and optionally a control word as well (not shown). PE2 imposes tunnel outer label and forwards packet to P2. P2 and P1 router forwards packet using outer (tunnel) label. Router PE2 strips tunnel label and, based on VC label, layer-2 packet is forwarded to customer interface to CE1, after VC label is removed
In case control word is used, new layer-2 header is generated first.
BRKRST-1101
Cisco Public
64
Use Case: L2 Network Interconnect

Requirement: Need to create connectivity between remote customer sites, sites currently interconnected via Frame Relay WAN connectivity connectivity. Only point-to-point connectivity required. Solution: Interconnect AToM PW between sites, enabling transparent Frame Relay WAN connectivity.
VC1 Connects DLCI 101 to DLCI 201 Directed LDP Label Exchange for VC1 Label 10 101 10 50 101 10 90 PE2 DLCI 201 Neighbor LDP N i hb LDP Label 50 Neighbor LDP N i hb LDP Label 90
PE1 DLCI 101
CPE Router, FRAD
MPLS Backbone
CPE Router, FRAD
BRKRST-1101
Cisco Public
65
Virtual Private LAN Service Overview

Site1 CE PE1 PE2 Site2 CE
MPLS WAN
Site3 CE
Architecture for Ethernet Multipoint Services (EMS) over MPLS Emulates IEEE Ethernet bridge; VPLS network acts like a virtual switch that emulates conventional L2 bridge Fully meshed or hub-spoke topologies supported
66
VPLS Technology Components

PE-CE link
Referred to as Attachment Circuit (AC) Ethernet VCs are either port mode or VLAN ID
VPLS Control Plane

Full mesh of targeted LDP sessions Virtual Connection (VC)-label negotiation, withdrawal, error notification
VPLS Forwarding Plane

Virtual Switching Instance: VSI or VFI (Virtual Forwarding Instance) VPN ID: Unique value for each VPLS instance PWs for interconnection of related VSI instances
67
VPLS Overview
Full Mesh of Targeted-LDP Sessions c a ge C abe s Exchange VC Labels Attachment Circuit
n-PE PW CE PW CE Red VSI Blue VSI Green VSI G Directed LDP Session Between S i B t Participating PEs Tunnel LSP PW CE CE Red VSI Blue VSI Green VSI
CE
CE
n-PE
CE
Full Mesh of PWs Between VSIs
BRKRST-1101
Cisco Public
68
Use Case: VPLS Network Interconnect

Requirement: Need to create full-mesh connectivity between separate metro networks. networks Solution: Use VPLS to create transparent bridge layer-2 Ethernet connectivity between ethernet networks.
Customer A1
CE11 CE21 L2 Metro Ethernet Carrier A
Customer A1 PE1 Metro M t Backbone Provider PE2

L2 Metro Ethernet Carrier A CE12 CE22
QinQ
VPLS VPN Name: VPLS VPLSCarrierA VPN ID: 1100 VCID: 1234 Each PE points to other peer PEs loopback address
PE3
Metro Ethernet Carrier A C i
CE13
Customer A1
CE23
BRKRST-1101
Cisco Public
69
Layer 2 Layer-2 VPN Summary

Enables transport of any Layer-2 traffic over MPLS network Two types of L2 VPNs; AToM for point-to-point and VPLS point to multipoint layer 2 connectivity point-to-multipoint layer-2 Layer-2 VPN forwarding based on Pseudo Wires (PW), which use VC label for L2 packet encapsulation
LDP used for PW signaling
AToM PWs suited for implementing transparent pointpoint to-point connectivity between Layer-2 circuits AToM PWs suited for implementing transparent pointto-multipoint connectivity between Ethernet links/sites
70
MPLS QoS Q
BRKRST-1101
Cisco Public
71

MPLS Qos Support for Traffic Marking and Classification to Enable Differentiated Services
Layer-3 VPNs y
Layer-2 VPNs y
MPLS QoS
MPLS TE
MPLS OAM/MIBs
BRKRST-1101
Cisco Public
72
Why MPLS QoS?

Typically different traffic types (packets) sent over MPLS networks
E.g., Web HTTP, VoIP, FTP, etc.
Not all application traffic types/flows are the same

Some require low latency to work correctly; e.g., VoIP
MPLS Q S used f traffic prioritization to guarantee QoS d for ffi i ii i minimal traffic loss and delay for high priority traffic
Involves packet classification and queuing
MPLS leverages mostly existing IP QoS architecture

Based on Differentiated Services (DiffServ) model; defines perper hop behavior based on IP Type of Service (ToS) field
73
MPLS QoS Operations

MPLS EXP bits used for packet classification and prioritization instead of IP Type of Service (ToS) field
DSCP values mapped into EXP bits at ingress PE router
Most providers provide 3 5 service classes 35 Different DSCP <-> EXP mapping schemes
Uniform mode pipe mode and short pipe mode mode, mode,
MPLS DiffServ Marking in Experimental Bits
IP DiffServ Marking
EXP Layer 2 Layer-2 Header MPLS Header
DSCP Layer 3 Header
BRKRST-1101
Cisco Public
74
MPLS Uniform Mode

End-to-end behavior: original IP DSCP value not preserved
At ingress PE, IP DSCP value copied in EXP value EXP value changed in the MPLS core At egress PE, EXP value copied back into IP DSCP value CE PE P P PE
CE
MPLS EXP 3 MPLS EXP 3 IP DSCP 3 IP DSCP 3
MPLS EXP 2 MPLS EXP 3 IP DSCP 3 MPLS EXP 2 IP DSCP 3 IP DSCP 2 IP DSCP 2
BRKRST-1101
Cisco Public
75
MPLS Pipe Mode

End-to-end behavior: original IP DSCP is preserved
At ingress PE, EXP value set based on ingress classification EXP changed in the MPLS core At egress PE, EXP value not copied back into IP DSCP value CE PE P P PE
CE
MPLS EXP 2 MPLS EXP 3 IP DSCP 3
MPLS EXP 2 MPLS EXP 3 IP DSCP 3 MPLS EXP 2 IP DSCP 3 IP DSCP 3
BRKRST-1101
Cisco Public
76
MPLS Short Pipe Mode

End-to-end behavior: original IP DSCP is preserved
At ingress PE, EXP value set based on ingress classification EXP changed in the MPLS core At egress PE, original IP DSCP value used for QoS processing CE PE P P PE
CE
MPLS EXP 2 MPLS EXP 3 IP DSCP 3 MPLS EXP 2 IP DSCP 3 IP DSCP 3 IP DSCP 3
BRKRST-1101
Cisco Public
77
MPLS QoS Summary

MPLS QoS used for MPLS packet-specific marking and classification
Based on EXP bits
Different schemes for mapping between IP (ToS/DSCP) and MPLS packet (EXP) classification
At ingress and egress PE router MPLS pipe mode mostly used; preserves end-to-end IP QoS
Enables traffic prioritization to guarantee minimal traffic loss and delay for high priority traffic
Useful when packet loss and delay guarantees must be provided for hi h i it traffic f high priority t ffi across MPLS network t k
78
BRKRST-1101
Cisco Public
MPLS Traffic Engineering g g

BRKRST-1101
Cisco Public
79

Traffic Engineering Capabilities for Bandwidth Management and Network Failure Protection
Layer-3 VPNs y
Layer-2 VPNs y
MPLS QoS
MPLS TE
MPLS OAM/MIBs
BRKRST-1101
Cisco Public
80
Why Traffic Engineering?

Congestion in the network due to changing traffic tt t ffi patterns
Election news, online trading, major sports events
Better utilization of available bandwidth

Route on the non-shortest path
Route around failed links/nodes

Fast rerouting around failures, transparently to users Like SONET APS (Automatic Protection Switching)
Build new servicesvirtual leased line services services virtual

VoIP toll-bypass applications, point-to-point bandwidth guarantees
Capacity planning
TE improves aggregate availability of the network
81
The Problem with Shortest-Path Shortest Path

IP (Mostly) Uses Destination-Based LeastCost Routing Alternate Path Under Utilized
Node B C D E F G Next Hop Next-Hop B C C B B B Cost 10 10 20 20 30 30 Router B
Some links are DS3 some are OC-3 DS3, OC 3 Router A has 40M of traffic for router F, 40M of traffic for router G Massive (44%) packet loss at router Brouter E!
Changing to A->C->D->E wont help
Router F
OC-3
Router A
OC-3
Router E
DS3 OC-3
Router G
OC-3
Router C
DS3 DS3
Cisco Public
Router D
82
How MPLS TE Solves the Problem

Node B C D E F G Next Hop Next-Hop B C C B Tunnel 0 Tunnel 1 Cost 10 10 20 20 30 30 Router B
Router A sees all links Router A computes paths on properties other than just shortest cost; creation of 2 tunnels t l No link oversubscribed!
Router F
OC-3
Router A
OC-3
Router E
DS3 OC-3
Router G
OC-3
Router C
DS3 DS3
Cisco Public
Router D
83
How MPLS TE Works

Head end
Link information distribution*

ISIS-TE
IP/MPLS
OSPF-TE
Path calculation (CSPF)* (CSPF) Path setup (RSVP-TE) Forwarding traffic down tunnel
Auto-route Static
Mid-point
TE LSP
Tail end
PBR CBTS/PBTS Forwarding adjacency Tunnel select

* Optional
BRKRST-1101
Cisco Public
84
Link Information Distribution

Additional link characteristics
Interface address Neighbor address Physical bandwidth Maximum reservable bandwidth Unreserved bandwidth (at eight priorities) TE metric ti Administrative group (attribute flags)
IP/MPLS
IS-IS or OSPF flood link information TE nodes build a topology database Not required if using off-line path computation
TE Topology database
http://www.cisco.com/go/mpls
85
Path Calculation
Find shortest path to R8 with 8Mbps
IP/MPLS
R1 15 10 5 3 10 10 10 8 R8
TE nodes can perform constraint-based constraint based routing Constraints and topology database as input to path computation t ti Shortest-path-first algorithm ignores links not meeting constraints
TE Topology database
Tunnel can be signaled once a p path is found Not required if using offline path computation
n Li k with insufficient bandwidth Link ith i ffi i t b d idth n Link with sufficient bandwidth
BRKRST-1101
Cisco Public
86
TE LSP Signaling
Tunnel signaled with TE extensions to RSVP Soft state maintained with downstream PATH messages Soft S f state maintained with upstream RESV messages New RSVP objects
LABEL_REQUEST (PATH) LABEL (RESV) EXPLICIT_ROUTE RECORD_ROUTE (PATH/RESV)
PATH
Head end
IP/MPLS
L=16
RESV
Tail end
SESSION_ATTRIBUTE (PATH)
LFIB populated using RSVP labels allocated by RESV messages

Input Out Label, Label Interface 17 16, 0
TE LSP
87
MPLS TE FRR Link Protection FRRLink

Router A Router B Router D Router E
Router X Router C
Router Y
Primary tunnel: A B D E Backup tunnel: B C D (preprovisioned) Recovery = ~ 50 ms

*Actual Time VariesWell Below 50 ms in Lab Tests, Can Also Be Higher
88
Use Case 1: Tactical TE Deployment

Requirement: Need to handle scattered congestion points in the network Solution: Deploy MPLS TE on only those nodes that face congestion
MPLS Traffic Engineering Tunnel Relieves Congestion Points Bulk of Traffic Flow e.g. Internet Download
Internet Service Provider Backbone
Oversubscribed Shortest Links
BRKRST-1101
Cisco Public
89
Use Case 2: 1-Hop Tunnel Deployment 1 Hop

Requirement: Need protection onlyminimize packet loss lots of bandwidth in the core Solution: Deploy MPLS fast reroute for less than 50ms failover time with 1-hop primary TE tunnels and backup tunnel for each
Service Provider Backbone
VPN Site A
Primary 1-Hop TE Tunnel Backup Tunnel Physical Links

Cisco Public
VPN Site B
BRKRST-1101
90
MPLS TE Summary
MPLS TE can be used to implement traffic engineering to enable enhanced network availability, utilization and availability utilization, performance Enhanced network availability can be implemented via MPLS TE Fast Re-Route (FRR)
Link, node, and path protection Automatically route around failed links/nodes; like SONET APS
Better network bandwidth utilization can be implemented via creation of MPLS TE tunnels using explicit routes
Route on the non-shortest path
MPLS TE can be used for capacity planning by creation of bandwidth-specific tunnels with explicit paths through the network
Bandwidth management across links and end-to-end paths
91
MPLS Management g
BRKRST-1101
Cisco Public
92

MPLS Management Using SNMP MPLS MIB and MPLS OAM Capabilities
Layer-3 VPNs Layer-2 VPNs
MPLS QoS
MPLS TE
MPLS OAM/MIBs
BRKRST-1101
Cisco Public
93
What s Whats Needed for MPLS management?

Whats needed beyond the basic MPLS CLI?
CLI used for basic configuration and trouble shooting (show commands)
Traditional management tools: MIBs to provide management information for SNMP management applications (e.g., HPOV)
MIB counters, Trap notifications, etc cou te s, ap ot cat o s, etc.
New management tools: MPLS OAM -> for reactive trouble shooting g
Ping and trace capabilities of MPLS label switched paths
Automated MPLS OAM -> for proactive trouble shooting

Automated LSP ping/trace via Auto IP SLA
94
MPLS Operations Lifecycle

Build and plan the network
Capacity planning and resource monitoring
One-time Strategic Operations Exte ernal-Focus Operatio sed ons Inte ernal-Focus Operati sed ions
Monitor the network

Node/link failure detection May impact multiple services
Network Configuration and Planning
Service Configuration and Planning
Provision new services and maintain existing services

Edge/service node configuration
Network Monitoring
Service Monitoring
Monitor service
End-to-end monitoring g Linked to customer SLAs
Ongoing Tactical Operations
95
MPLS MIBs and OAM

Management Feature
MPLS-LDP-STD-MIB MPLS MIBs MPLS-L3VPN-STD-MIB MPLS-TE-STD-MIB MPLS LSP Ping/Trace for LDP-based LSPs MPLS OAM MPLS LSP Ping/Trace for TE tunnels
Key Functionality
LDP session status Trap notifications VRF max-route Trap notifications TE Tunnel status Trap notifications Validate end-to-end connectivity of LDPsignaled LSPs g Validate end-to-end connectivity of TE tunnels Discovery of all available equal cost LSP paths between PEs
LSP Multipath (ECMP) Tree Trace p ( )
BRKRST-1101
Cisco Public
96
LDP Event Monitoring Using LDP Traps

Interface Shutdown (E1/0 on PE1)
Time = t: Received SNMPv2c Trap from pe1:
sysUpTimeInstance = 8159606 snmpTrapOID.0 = mplsLdpSessionDown mplsLdpSessionState.<index> = nonexistent(1) mplsLdpSessionDiscontinuityTime.<index> = 8159605 mplsLdpSessionStatsUnknownMesTypeErrors.<index> = 0 i i mplsLdpSessionStatsUnknownTlvErrors.<index> = 0 ifIndex.5 = 5
LDP Session Down (PE1 P01)

Time = t: Received SNMPv2c Trap from pe1:
sysUpTimeInstance = 8159606 snmpTrapOID.0 = mplsLdpSessionDown mplsLdpSessionState.<index> = nonexistent(1) mplsLdpSessionDiscontinuityTime.<index> = 8159605 mplsLdpSessionStatsUnknownMesTypeErrors.<index> = 0 mplsLdpSessionStatsUnknownTlvErrors.<index> = 0 ifIndex.5 = 5
Interface goes down Time = t+1: Received SNMPv2c Trap from pe1:
sysUpTimeInstance = 8159906 snmpTrapOID.0 snmpTrapOID 0 = linkDown ifIndex.5 = 5 ifDescr.5 = Ethernet1/0 ifType.5 = ethernetCsmacd(6) locIfReason.5 = administratively down
LDP session goes down Time = t+1: Received SNMPv2c Trap from p01:
sysUpTimeInstance = 8160579 snmpTrapOID.0 = mplsLdpSessionDown mplsLdpSessionState.<index> = nonexistent(1) mplsLdpSessionDiscontinuityTime.<index> = 8160579 mplsLdpSessionStatsUnknownMesTypeErrors.<index> = 0
PE1
PE1
Time = t+2: Received SNMPv2c Trap from p01: LDP session

sysUpTimeInstance = 8160579 snmpTrapOID.0 = mplsLdpSessionDown mplsLdpSessionState.<index> = nonexistent(1) mplsLdpSessionDiscontinuityTime.<index> = 8160579 mplsLdpSessionStatsUnknownMesTypeErrors.<index> = 0 mplsLdpSessionStatsUnknownTlvErrors.<index> = 0 ifIndex.5 = 5
P1
mplsLdpSessionStatsUnknownTlvErrors.<index> = 0 ifIndex.5 ifIndex 5 = 5
LDP session
P1
BRKRST-1101
Cisco Public
97
Validation of PE PE MPLS Connectivity PE-PE

Connectivity of LSP path(s) between PE routers can be validated using LSP ping (ping mpls command via CLI)
pe1>ping mpls ipv4 10.1.2.249/32 Sending 5, 100-byte MPLS Echos to 10.1.2.249/32, timeout is 2 seconds, send interval is 0 msec: Codes: '!' - success, 'Q' - request not sent, '.' - timeout, 'L' - labeled output interface, 'B' - unlabeled output interface, 'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch, 'M' - malformed request, 'm' - unsupported tlvs, 'N' - no label entry, PE1 PE2 'P' - no rx intf label prot, 'p' - premature termination of LSP, P1 P2 'R' - transit router, 'I' - unknown upstream index, 'X' - unknown return code 'x' - return code 0 code, Type escape sequence to abort. !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 284/294/300 ms p ( / ), p / g/ / /
BRKRST-1101
Cisco Public
98
Automated MPLS OAM

Automatic MPLS OAM probes between PE routers
Automatic discovery of PE targets via BGP next-hop discovery Automatic discovery of all available LSP paths for PE targets via LSP multi-path trace Scheduled LSP pings to verify LSP path connectivity 3 consecutive LSP ping failures result in SNMP Trap notification
PE1 - MPLS OAM Probe PE2 - MPLS OAM Probe PE3 - MPLS OAM Probe
PE3
P1 PE1
P2 PE2
BRKRST-1101
Cisco Public
99
MPLS Management Summary

MPLS management operations include MPLS node and service configuration, and monitoring In addition to CLI, SNMP MIBs and OAM capabilities are available for MPLS management MPLS MIBs provide LDP, VPN, and TE management information, which can be collected by SNMP tools
MIB counters, Trap notifications
Advanced MPLS management capabilities can be implemented via MPLS OAM

LSP path discovery and connectivity validation Proactive monitoring via automated MPLS OAM
100
Summary y
Final Notes and Wrap Up
BRKRST-1101
Cisco Public
101
Summary and Key Takeaways

Its all about labels
Label-based forwarding and IP protocol extensions for label exchange Best of both worldsL2-type forwarding and L3 control plane
Key K application of MPLS i t i l li ti f is to implement VPN services t i

Secure and scalable layer 2 and 3 VPN connectivity
MPLS supports advanced traffic engineering capabilities

QoS, bandwidth control, and failure protection
MPLS is a mature technology with widespread deployments gy p p y

Both SP and enterprise networks
Two types of MPLS users

Indirect (subscriber): MPLS used as transport for subscribed service Direct (DIY): MPLS implemented in (own) SP or enterprise network
102
MPLS Applications
Service Providers
Key Features s
Enterprise Data Center

VPNs TE/FRR High Availability
Data center interconnects

VPNs / VRFs VRF-Aware Security High Availability
EWAN Edge
VPNs / VRFs VRF Aware Security High Availability
L2/L3VPN s L2/L3VPNs TE/FRR QoS High Availability Hosted Data centers
Data center interconnect Segmentation for IT Mergers, Acquisitions, spinoffs
Departmental segmentation Service multiplexing Security Mergers, Acquisitions, spinoffs
Applic cations
Disaster Recovery Vmotion support Branch Interconnects Internet Access Branch Connectivity
Network Consolidation Merging Multiple parallel network into a shared infrastructure Network segmentation By user groups or business function Service and policy centralization Security policies and appliances at a central location New applications readiness Converged multi-service network multi service Increased network security User groups segmentation with VPNs
BRKRST-1101
Cisco Public
103
Consider MPLS When

Theres a need for network segmentation
Segmented connectivity for specific locations, users, applications, etc. Full-mesh Full mesh and hub and spoke connectivity hub-and-spoke
Theres a need for network realignment/migration

Consolidation of (multiple) legacy networks Staged network consolidation after company merger/acquisition
There s Theres a need for optimized network availability and performance

Node/link protection, pro-active connectivity validation Bandwidth traffic engineering and QoS traffic prioritization
104
Q and A
BRKRST-1101
Cisco Public
105
Cisco Live 2009 MPLS Sessions

More MPLS Topics Covered in Following Sessions: BRKRST-2102 Deploying IP/MPLS VPNs p y g g g BRKRST-2104 Deploying MPLS Traffic Engineering BRKRST-2105 Inter-AS MPLS Solutions BRKRST 3101 BRKRST-3101 Advanced Topics and Future Directions in MPLS Lab: Enabling MPLS in Enterprise g p
BRKRST-1101
Cisco Public
106
Terminology Reference
Terminology
AC AS CoS ECMP IGP LAN LDP LER LFIB LSP LSR NLRI P Router PE Router PSN Tunnel Autonomous System (a Domain) Class of Service Equal Cost Multipath Interior Gateway Protocol Local Area Network Label Distribution Protocol, RFC 3036. Label Edge Router An Edge LSR Interconnects MPLS and non-MPLS Domains Router. Domains. Labeled Forwarding Information Base Label Switched Path Label Switching Router Network Layer Reachability Information An Interior LSR in the Service Provider's Autonomous System An LER in the Service Provider Administrative Domain that Interconnects the Customer Network and the Backbone Network. Packet Switching Tunnel
Description
Attachment Circuit An AC Is a Point to Point Layer 2 Circuit Between a CE and a PE Circuit. Point-to-Point, PE.
BRKRST-1101
Cisco Public
107
Terminology Reference
Terminology
Pseudo-Wire PWE3 QoS RD RIB RR RT RSVP-TE VPN VFI VLAN VPLS VPWS VRF VSI
Description
A Pseudo Wire Is a Bidirectional Tunnel" Between Two Features on a Pseudo-Wire Tunnel" Switching Path. Pseudo-Wire End-to-End Emulation Quality of Service Route Distinguisher R t Di ti i h Routing Information Base Route Reflector Route Target Resource Reservation Protocol based Traffic Engineering Virtual Private Network Virtual Forwarding Instance Virtual Local Area Network Virtual Private LAN Service Virtual Private WAN Service Virtual Route Forwarding Instance Virtual Switching Instance
BRKRST-1101
Cisco Public
108
Recommended Reading
Continue your Cisco Live learning experience with further reading from Cisco Press Check the Recommended Reading flyer for suggested books
Available Onsite at the Cisco Company Store

109
Further Reading
http://www.cisco.com/go/mpls http://www.ciscopress.com MPLS and VPN Architectures Jim Guichard, Ivan PapelnjakCisco Press Traffic Engineering with MPLS Eric Osborne, Aj Si h Ei O b Ajay SimhaCisco P Ci Press Layer 2 VPN Architectures Wei Luo Carlos Pignataro Dmitry Bokotey Luo, Pignataro, Bokotey, Anthony ChanCisco Press MPLS QoSSantiago Alvarez-Cisco Press QoS Santiago Alvarez Cisco
110
BRKRST-1101
Cisco Public
Complete Your Online Session Evaluation

Give us your feedback and you could win fabulous prizes prizes. Winners announced daily. Receive 20 Passport points for each session evaluation you complete. Complete your session evaluation online now (open a browser ( through our wireless network to access our portal) or visit one of the Internet stations throughout the Convention Center.
Dont f forget to activate your Cisco Live Virtual account for access to all session material, communities, and on-demand and live activities throughout the year. A i h Activate your account at the h Cisco booth in the World of Solutions or visit www.ciscolive.com.
111
BRKRST-1101
Cisco Public
BRKRST-1101
Cisco Public
112

Intro To Mpls

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Intro To Mpls

Hochgeladen von

Copyright:

Verfügbare Formate

Introduction to MPLS

2009 Cisco Systems, Inc. All rights reserved.

Goals of This Session

2009 Cisco Systems, Inc. All rights reserved.

MPLS QoS MPLS Traffic Engineering g g MPLS Management Summary

2009 Cisco Systems, Inc. All rights reserved.

Why Multi Protocol Label Switching?

2009 Cisco Systems, Inc. All rights reserved.

What Is MPLS Technology?

MPLS forwarding plane

MPLS control/signaling plane

2009 Cisco Systems, Inc. All rights reserved.

MPLS Customer Distribution

Service Provider 45% Enterprise 43%

US and Canada 27%

MPLS Enterprise Customer Segments

Enterprise Customer Segments

Enterprise MPLS Customers

MPLS used as part of self managed network

Enterprise MPLS Drivers

2009 Cisco Systems, Inc. All rights reserved.

Federal government Local State government

2009 Cisco Systems, Inc. All rights reserved.

MPLS Technology Framework

MPLS Network Services

MPLS Signaling and Forwarding g g g

2009 Cisco Systems, Inc. All rights reserved.

MPLS Technology Components

2009 Cisco Systems, Inc. All rights reserved.

MPLS Forwarding and Signaling

MPLS Signaling and Forwarding g g g

2009 Cisco Systems, Inc. All rights reserved.

Basic Building Blocks

Other related protocols and protocols to exchange label information

MPLS Network Overview

P (Provider) router = l b l switching router = core router (LSR) (P id ) t label it hi t t

PE (Provider Edge) router = edge router (LSR)

CE (Customer Edge) router

MPLS Label and Label Encapsulation

COS/EXP = Class of Service: 3 Bits; S = Bottom of Stack; TTL = Time to Live

MPLS Label Encapsulation

LAN MAC Label Header

Layer 2/L3 Packet

2009 Cisco Systems, Inc. All rights reserved.

MPLS Label Operations

Label Disposition (PoP)

Label imposition (Push)

Label swapping or switching

Label disposition (PoP)

Forwarding Equivalence Class

Variety of FEC mappings possible

Label Distribution Protocol

Label Distribution Protocol (LDP)

Some More LDP Details

For your reference only

Also used for Pseudowire/PW (VC) signaling

Information repositories used by LDP

LDP Control Plane

Programming of g MPLS forwarding

LDP Interactions I t ti with MPLS Forwarding

MPLS Forwarding CEF/MFI

MPLS Forwarding CEF/MFI