Alcatel-Lucent Multiprotocol Label Switching Student Guide v2-1-Dl

Alcatel-Lucent Multiprotocol Label Switching (MPLS)

Module 0 Course Introduction

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te

Alcatel-Lucent Multiprotocol Label Switching v2.1 Module 0 - Page 2

Alcatel-Lucent Multiprotocol Label Switching v2.1 Module 0 | 2 All rights reserved 2011 Alcatel-Lucent

Module Objectives

Alcatel-Lucent Career Certification Flow Alcatel-Lucent Multiprotocol Label Switching Course Informationy Introductiony Objectivesy Timeline y Prerequisites and Follow-ony Administration

Alcatel-Lucent Multiprotocol Label Switching

This course is part of the Alcatel-Lucent Service Routing Certification (SRC) Program. See www.alcatel-lucent.com/src for more information on the SRC program.

To locate additional information relating to the topics presented in this manual, refer to the following:

Technical Practices for the specific product Internet Standards documentation such as protocol standards bodies, RFCs, and IETF drafts Technical support pages of the Alcatel-Lucent website located at: http://www.alcatel-lucent.com/support

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te


33


The Alcatel-Lucent SRC Program Five Certifications

ALCATEL-LUCENT NETWORK ROUTING SPECIALIST I4 DAYS / 1 COURSE / 1 WRITTEN EXAM

ALCATEL-LUCENT TRIPLE PLAY ROUTING PROFESSIONAL36 DAYS / 8 COURSES / 8 WRITTEN EXAMS / 1 PRACTICAL LAB EXAM

ALCATEL-LUCENT SERVICE ROUTING ARCHITECT49 DAYS / 11 COURSES / 11 WRITTEN EXAMS / 2 PRACTICAL LAB EXAMS

ALCATEL-LUCENT NETWORK ROUTING SPECIALIST II18 DAYS / 4 COURSES / 4 WRITTEN EXAMS / 1 PRACTICAL LAB EXAM

ALCATEL-LUCENT MOBILE ROUTING PROFESSIONAL32 DAYS/ 7 COURSES / 7 WRITTEN EXAMS / 2 PRACTICAL LAB EXAMS

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te


44


SRC Courses and Exams

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



SRC Program Exam Profile

Exam Name Exam Number Exam Pre-requisites(4A0-XXX)

Alcatel-Lucent Scalable IP Networks 4A0-100 NA

Alcatel-Lucent Interior Routing Protocols 4A0-101 NA

Alcatel-Lucent Border Gateway Protocol 4A0-102 NA

Alcatel-Lucent Multiprotocol Label Switching 4A0-103 NA

Alcatel-Lucent Services Architecture 4A0-104 NA

Alcatel-Lucent Virtual Private LAN Services 4A0-105 NA

Alcatel-Lucent Virtual Private Routed Networks 4A0-106 NA

Alcatel-Lucent Quality of Service 4A0-107 NA

Alcatel-Lucent Multicast Protocols 4A0-108 NA

Alcatel-Lucent Triple Play Services 4A0-109 NA

Alcatel-Lucent Advanced Troubleshooting 4A0-110 NA

Alcatel-Lucent IP/MPLS Mobile Backhaul Transport 4A0-M01 NA

Alcatel-Lucent Mobile Gateways for the LTE Evolved Packet Core

4A0-M02 NA

Alcatel-Lucent Network Routing Specialist II Lab Exam NRSII4A0 100, 101, 103, 104

Alcatel-Lucent Mobile Routing Professional Lab Exam MRP4A0 100, 101, 103, 104, 107, M01, M02, NRSII4A0

Alcatel-Lucent Service Routing Architect Lab Exam ASRA4A0 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, NRSII4A0

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Exam Delivery

Written Exams

Delivered by Prometric Global provider of testing services 5000+ test sites worldwide Register at:

www.prometric.com/alcatel-lucent

Lab Exams

Written at Alcatel-Lucent sites NRS II Certification

Half-day lab exam

MRP Certification

Half-day lab exam

SRA Certification Full-day lab exam

Register at:www.alcatel-lucent.com/src/examreg

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te


7


SRC Program Global Reach, Flexible Delivery Options

APAC Shanghai, China Sydney, Australia Melbourne, Australia Wellington, New Zealand Bangalore, India Chennai, India Gurgaon, India Mumbai, India

Europe Antwerp, BelgiumNewport, UK Paris, France

AmericasPlano, USAOttawa, CanadaMexico City, MexicoSao Paulo, Brazil

Class schedules posted @ www.alcatel-lucent.com/src Registration online @ www.alcatel-lucent.com/src/coursereg

On-site delivery at your business location anywhere in the world Delivery from any of the following Alcatel-Lucent University locations

globally

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Your Own Service Router Lab Now you can have one

Need access to a lab to help you: Prepare for your NRS II and SRA exams? Practice and build your service routing knowledge and configuration skills?

The Alcatel-Lucent Exam Preparation service provides: Remote, private access (724) to an Alcatel-Lucent service router lab:

six-node fully meshed network three-hour time slots available

Access to a suite of over 30 lab practice scenarios with optimal solutions Access to traffic simulation and analysis tools

To find out more and sign up visit http://www.alcatel-lucent.com/src/examprep

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te


9


Credit for other IP Certifications

Cisco or Juniper certified?

You can receive exemptions from some of the SRC exams, if you hold any one of the Cisco or Juniper certifications identified

Certifications must be valid to receive exemptions

Submit your request for exemptions at: http://www.alcatel-lucent.com/src/exemptions

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te




MPLS is a label switching technology that combines the traffic engineering capability of ATM with the flexibility and scalability of IP. MPLS provides the ability to establish connection-oriented paths over a connectionless IP network, and facilitates a mechanism toengineer network traffic patterns independently of routing tables. MPLS technology offers many services, including layer 2 and layer 3 VPN services, traffic engineering, and resiliency.

This 5-day instructor-led course is designed to introduce and explore MPLS concepts and related signaling protocols. It examines the LDP and RSVP protocols and their position in the MPLS topology. To reinforce the course objectives, there will be discussions, comprehensive lab exercises, and case studies.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Alcatel-Lucent MPLS Course Goal

Provide the participants with a foundation knowledge of MPLS andrelated protocols, and their application and implementation in an Alcatel-Lucent network environment.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Alcatel-Lucent MPLS Course Content

Course Introduction Module 1 Introduction to MPLS Module 2 Fundamentals of MPLS Module 3 Label Distribution Protocol Module 4 Resource Reservation Protocol Module 5 Traffic Engineering Module 6 Resiliency

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Alcatel-Lucent MPLS Course Objectives

Upon successful completion of this course, you should be familiar with: The drivers for MPLS MPLS control and data plane operation MPLS terminology and uses in an Alcatel-Lucent environment LDP and RSVP protocol operation and configuration The options available for traffic engineering in an MPLS network,

including configuration and operation How to traffic engineer in a hierarchical network using LDP-over-

RSVP The available options for achieving resiliency with MPLS networks The implementation of fast re-route in an Alcatel-Lucent

environment

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Alcatel-Lucent MPLS Course Timeline

Day 1 Module 0 Course Introduction Module 1 Introduction to MPLS Module 2 Fundamentals of MPLS

Day 2 Module 3 Label Distribution Protocoly Lab 3.1 MPLS Infrastructure Verification and IGP Configurationy Lab 3.2 Configuring and Verifying the Provider Core for LDPy Lab 3.3 Enabling LDP ECMPy Lab 3.4 Applying Export Policy for Label Distribution

Day 3 Module 4 Resource Reservation Protocoly Lab 4 IGP-Based RSVP LSP Establishment

Module 5 Traffic Engineering

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Alcatel-Lucent MPLS Course Timeline (contd)

Day 4 Module 5 Traffic Engineering (contd)y Lab 5.1 Configuring Link Coloring for Constraint-Based LSP Tunnelsy Lab 5.2 Diffserv TE LSP Maximum Allocation Method (MAM)y Lab 5.3 - Diffserv TE LSP Russian Doll Model (RDM)y Lab 5.4 Configure LDP over RSVP across OSPF Areasy Lab 5.5 Configure RSVP for IP Routing

Day 5 Module 6 Resiliencyy Lab 6.1 Enabling Primary and Secondary LSP Tunnelsy Lab 6.2 Using SRLG for Path Resiliencyy Lab 6.3 FRR Facility Backup Protectiony Lab 6.4 FRR One-to-One Protection

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Alcatel-Lucent MPLS Course Prerequisites and Follow-on

Suggested Prerequisites In order to fully appreciate the concepts to be discussed in this

course, it is strongly recommended that the following courseswill have already been successfully completed: Alcatel-Lucent Scalable IP Networks Alcatel-Lucent Interior Gateway Protocols

MPLS Exam To ensure full comprehension of the material covered in this

course, it is recommended that the student register for, and take, the Alcatel-Lucent MPLS exam following successful completion of this course.

Suggested Follow-on Courses Based on the material covered in this course, it is recommended

that this course be followed with the Alcatel-Lucent Services Architecture course.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te


Typical graphic symbols found in this courseware.


Alcatel-Lucent MPLS Symbols and Icons

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Administration

Registration Facility Information Restrooms Communications Materials Schedule Introductions

Name and Company Experience

Questions

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te

3FL-30635-AAAA-ZZZZA Edition 01

www.alcatel-lucent.com/src

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te

Alcatel-Lucent Multiprotocol Label Switching v2.1 Module 1 Page 1


Module 1 Introduction to MPLS

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Module Objectives

Upon successful completion of this module, you should be able to: Define Multiprotocol Label Switching (MPLS) Standards and basic

terminology

Explain the MPLS data plane operations Describe MPLS service and resiliency drivers Identify advantages of MPLS over IP-only networks

Alcatel-Lucent Multiprotocol Label SwitchingThis course is part of the Alcatel-Lucent Service Routing Certification (SRC) Program. See www.alcatel-lucent.com/srcfor more information on the SRC program.

To locate additional information relating to the topics presented in this manual, refer to the following:


Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te


Module 1 MPLS Overview

Section 1 MPLS Drivers

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Section Objectives

In this section, we will introduce the role of MPLS in:

Improving forwarding performance Traffic Engineering applications Building High Available Networks Consolidation of Services over a common infrastructure Delivering Layer 2 and Layer 3 Services Triple Play Solutions Building a BGP Free Core

This section provides a general overview of the diverse services and applications that became available with the establishment of MPLS tunnels, and all their related features.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Multiprotocol Label Switching

RFC 3031 describes the Multiprotocol Label Switching (MPLS) architecture

The term Multiprotocol indicates that an MPLS architecture can transport payloads from many different protocols (IPv4, IPv6, Ethernet, ATM, Frame Relay, etc.)

Label Switching describes that an MPLS domain switches, rather than routes, packets in the Service Provider Core

MPLS routers forward packets using pre-determined labels

Multiprotocol Label Switching (MPLS) allows routers to forward traffic based on a simple label embedded in the packet header. An MPLS router examines the label to determine the next-hop for the packet. This simplifies the forwarding process and separates it from the routing protocol, which determines the route that traffic will take across the network.

MPLS is a label switching technology that sets up a specific path for a sequence of packets. Each packet is identified by a label inserted in the packet and forwarding occurs based on this label.

MPLS is independent of any routing protocol but is considered multiprotocol because it works with the Internet Protocol (IP), Asynchronous Transport Mode (ATM), and Frame Relay (FR) network protocols.

In the case of IP networks, any IGP routing protocol may be used to establish the IGP infrastructure.

The MPLS Working Group of IETF at http://www.ietf.org/html.charters/mpls-charter.html may be used as a further reference.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Improved Switching Performance

Label Switching was initially considered an improvement over IP packet switching, as it involves a simpler lookup.

However, with the advances in hardware technology, MPLS for L3 forwarding alone has become obsolete in recent years.

Initially, engineers developed a label switching protocol to improve packet processing in IP routers. Routers did their work in software rather than hardware, and MPLS packet switching could improve performance. Routing was considered to be slower and more cumbersome.

Routing an IP packet requires that the device process the packet up to Open Systems Interconnect (OSI) Layer 3. The router looks at the destination IP address in the IP header and compares it against the routing table entries, locating the longest, or best, match. This process can be quite resource intensive, depending on the routing table size.

The MPLS Label Binding Table lookup process is simpler. The table only contains the forwarding information associated with an exact match, rather than a longest match, so the forwarding table can be smaller than a routing table. The nodes forward traffic using a predetermined label sent down a preselected path and replaced at each hop, so they can decide much more quickly where to send the packets next.

Modern manufacturing and hardware advances have negated much of the speed benefits gained when using MPLS versus routing strictly for moving IP packets. Routers now use special purpose hardware, namely Application-Specific Integrated Circuits (ASIC), to forward IP packets in the data plane. The packet processing time differences between the two techniques is so insignificant that this argument becomes invalid.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Traffic Engineering IP Hyperaggregation

Same path is used for both traffic with hop-by-hop IP forwarding. In case of congestion, packet drops occur. Alternative links not- or under-utilized.

Routing protocols cannot make use of all available network resources because of their limited mechanisms for selecting the best path.

Routing protocols do not provide routers with any visibility into network resource utilization, and therefore the routers do not recognize congestion on the network links, underutilized alternate paths, or idle links.

Distributing the aggregate network traffic load over all available resources becomes difficult in conventional IP routing, and IP hyperaggregation remains a problem.

MPLS can help engineers correct hyperaggregation issues with traffic engineered label switch paths that are planned and designed to better balance the traffic load in a hierarchical, highly reliable network infrastructure.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Traffic Engineering MPLS RSVP

MPLS offers manageable and scalable tools that engineer the traffic flows for better utilization of network resources.

Traffic Engineering refers to the ability to optimize the use of network resources; that is, utilizing all the links and router processes in the most efficient way as possible.

With reference to the above slide, using an IP-only network on router R3, traffic from both routers R1 and R2 will be forwarded to router R4, based on the IGP best path (lowest cost) decision. This can cause congestion (bottleneck) issues on the links depicted along the blue path, while the links along the red path might be underutilized, or not used at all.

IP does not have the inherent capability to tackle such issues because of its design. Equal Cost Multiple Path (ECMP) is thus offered as a possible solution. It adjusts the IGP costs of both paths equally, so that load balancing can be achieved. However, this would quickly prove to be a non-scalable and unmanageable approach for large networks. Solving the problem for a certain portion of the network, or for certain sets of traffic flows, would create problems for others.

With the RSVP-TE protocol, MPLS can offer a better and easy-to-use solution to service providers. In this example, the network administrator can easily steer the traffic originating from router R2 over the bottom path, through router R5, which is completely different from the IGP chosen path.

MPLS Traffic Engineering is covered in greater detail in Module 5.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



High Available MPLS Networks

MPLS offers a rich set of traffic protection mechanisms that surpass the IGP convergence times.

In the event of unexpected network resource failure, such as within a link or complete node, the ability of the network to respond as quickly as possible becomes extremely important. The total amount of time it takes to reroute traffic over other links/nodes is called convergence time.

The convergence times offered by an IP-only network depend on a number of factors but, in any case, they can be unsatisfactory, and even unacceptable, for certain mission-critical traffic types or customers.

MPLS provides outstanding rerouting performance, with easily configurable features.

Using Fast Reroute, each router can signal a protection LSP that takes a path away from the potential point of failure in advance. This can be the next-node or next-link along the path of the Primary LSP, as shown in the above slide.

Fast Reroute has a proven field record of providing less than 50 milliseconds of convergence times for large numbers of LSPs after detecting failure.

In cases where end-to-end protection of primary LSPs is required, secondary LSPs can also be used. In normal circumstances, the traffic is forwarded over the primary LSP. If the primary LSP fails, the secondary can take over. Using the standby option on the secondary LSP further improves the convergence times after failure detection.

Fast reroute and Secondary (standby) LSP features can be used individually or in conjunction for any configured primary LSP.

MPLS fast convergence (resiliency) features are covered in greater detail in Module 6.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Consolidation of Services Over a Common Infrastructure

MPLS is mature, standards-based technology that continues to evolve in many service provider networks around the globe.

The real advantage of MPLS is its versatile and unmatched ability to support all the aforementioned services, applications, and solutions over a converged networking infrastructure.

Its resiliency and security features are provided by the inherent tunneling and traffic protection mechanisms covered in this section.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Layer 2 Point-to-Point VPN Services (VPWS)

Virtual Private Wire Services (VPWS) provide point-to-point transport of legacy networking technologies (ATM, FR, TDM) as well as ubiquitous Ethernet.

A Virtual Private Network (VPN) offers a private, isolated and secure connection between customer sites. Business VPN Services are among the most important applications and are a significant source of revenue for service providers.

For the customer demanding service to connect two remote sites that require dedicated point-to-point connectivity, a Virtual Leased Line (VLL ) or Virtual Private Wire Service VPWS) can be utilized. As the name implies, a VLL emulates a private leased line connection over a packet-based core infrastructure. It is the simplest type of VPN to deploy with minimal resource requirements, which is ideal for point-to-point connectivity scenarios.

From the customers perspective, the service provider network that provides the VLL service acts like an end-to-end wire. For this reason, this type of service is also referred to as a Virtual Private Wire Service (VPWS). An industry standard exists under the name pseudowire to allow for interoperability across different providers willing to provide this service. In Alcatel-Lucent parlance, this is called a Pipe service.

If the User Network Interface (UNI) at both sides of the connection are Ethernet based, the service is called an ePipe.

An important benefit of MPLS is its ability to support legacy access technologies such as ATM, FR or TDM. These traffic types can easily be transported through aPipe, fPipe and cPipe respectively, thanks to the transparent nature of the VLL connection.

A similar service can be provided over a pure IP-network, as well by using Generic Routing Encapsulation (GRE) tunnels, which utilize an IP header. Security concerns can further be addressed using IPSec on top of the GRE tunnels via encryption. Although such solutions work, they bring high operational overhead and are slow and not scalable.

The advantage of MPLS is the ease of provisioning and maintenance, and of providing a scalable, highly available, and standards-based solution.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Layer 2 Multipoint VPN Services (VPLS)

VPLS (Virtual Private LAN Service) connects multiple customer sites, emulating a Layer 2 bridged environment.

In relation to the VPN requirements presented, Virtual Private LAN Service (VPLS) enables multipoint connectivity at OSI Layer 2 for enterprise customers.

In the above figure, a VPLS service is illustrated with three participating service routers. The service acts a bridged Layer 2 multipoint VPN, connecting various geographically dispersed customer sites. The service provider network acts like an Ethernet bridge or switch, from the perspective of the customer. All customer end devices connected to the same VPLS service appear to be on the same broadcast domain.

Thus, there is also a clear demarcation of functionality and responsibility between the service provider and the customer. The service provider simply provides Layer 2 connectivity, based on MAC address communication. With this, the customers can maintain their routing control tasks themselves.

VPLS supports features such as VLAN trunking, double tagging (also known as Q-in-Q), VLAN translation, and several variations of the Spanning Tree Protocol (STP) to avoid Layer 2 broadcast storms.

The Alcatel-Lucent Service Router implementation addresses possible scalability concerns by introducing the Hierarchical VPLS (H-VPLS) and Provider Backbone Bridging (PBB) features.

Virtual Private LAN Services and related features are covered in detail in the dedicated VPLS course of the SRC program.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Layer 3 Multipoint VPN Services (VPRN)

A VPRN (Virtual Private Routed Network) service connects multiple customer sites while maintaining separate, isolated route tables for each customer.

The multipoint connectivity needs of customers can also be addressed via the use of Layer 3 (IP) VPN Services.

Alcatel-Lucent calls this type of service a Virtual Private Routed Network (VPRN). The term peering model is also used in the industry for such solutions, because peer relationships between the customer and provider edge routers are necessary to exchange IP routing information.

The privacy concerns in IP-VPN services are addressed by Virtual Routing and Forwarding (VRF) instances on the service router. Each IP-VPN customer is allocated a separate VRF, which isolates routing information and enables the use of overlapping private IP address spaces at each customer site.

Isolation is achieved inherently in the core, thanks to the tunneling concept that uses labels.

IP-VPN services are typically offered as managed services and are usually preferred by customers willing to offload their routing control tasks to the service provider.

Prior to MPLS, IP-VPN services could still be offered on IP-only networks through routing policies and packet filters that achieve isolation and separation between different customers. This approach can easily become overwhelmingly complex and administratively non-scalable or unmanageable, however, hence the extensive MPLS feature set. A

lcat

el-L

ucen

t Con

fiden

tial f

or In

tern

al U

se O

NLY

- D

o N

ot D

istri

bute



The Triple Play Solution

A Triple Play network provides IPTV, Video On-Demand, VoIP, Internet access, and other IP-based applications for subscribers (residential home users). The Triple Play solution allows service providers to provide combined data, Internet access, and video and voice applications to large numbers of customers.

The Triple Play reference architecture in the diagram is based on two major network elements, optimized for their respective roles: the Broadband Service Aggregator (BSA) and the Broadband Service Router (BSR).

BSA devices have Layer 2 service capabilities that forward traffic using Layer 2 mechanisms. They also have the Quality of Service (QoS) and packet filtering capabilities necessary to enforce higher-level policies. BSAs terminate Layer 2 access traffic, forward the traffic over MPLS tunnels, and then terminated the tunnels on the BSRs.

The BSRs are highly scalable, high throughput devices that perform routing and additional QoS and subscriber management functions.

The connectivity between the BSAs and BSRs is provided through a secure and resilient VPLS infrastructure. The combined security features of this model prevent unauthorized access, denial of service, and theft of service.

Broadband Service Access Network (BSAN) devices are typically Digital Subscriber Line Access Multiplexer (DSLAM) devices, which terminate physical connections from home user devices. The BSANs connect the home users to the BSAs.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



BGP-Free IP/MPLS Core

BGP traffic is tunneled through the core, removing the need for the routers inside the IP/MPLS core to maintain BGP routing information.

Packet forwarding in a service provider IP network is possible only if the routes to all destination prefixes are known on each router.

In many typical deployments, BGP is used to bring external routing information from other autonomous systems to provide connectivity to the global internet. The number of IPv4 prefixes in the global internet table has exceeded well beyond 300,000 as of 2010 (http://bgp.potaroo.net/).

In the IP-only case, normally all the routers in the service provider domain need to contain these external routes in their BGP tables for packet forwarding to work end-to-end. This includes even the core (P) routers, which might not have to offer directly BGP related services on themselves, unlike the PE routers.

However, by using MPLS shortcut tunnels between the PE devices and the BGP Peering Router(s), external traffic can be label-switched through the tunnels in a transparent fashion from the perspective of the P or core routers; hence the term, BGP-Free Core.

For reference, Route Reflectors are commonly used to reduce the amount of internal BGP peering sessions. The same tunneling methodology can be applied to remove the burden of keeping and processing a high number BGP routes from core routers and relaxing the memory and CPU resources on these routers.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Section Summary

This section provided an overview on:y The function of MPLS in Business VPN Servicesy The function of MPLS in Triple Play Solutionsy The function of MPLS in providing a BGP-Free Corey Traffic Engineering capabilities of MPLSy Traffic Protection mechanisms offered by MPLSy How IP/MPLS networks serve as a common infrastructure for the

consolidation of multiple services and access technologies.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te


Module 1 MPLS Overview

Section 2 Introduction to MPLS

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Section Objectives

In this section we will:

Offer a brief definition of MPLS and provide RFC references. Introduce the concept of a label. Introduce the data plane operation of MPLS (Push, POP, Swap) Define the basic terminology used in MPLS (P/PE/CE, LER, LSR,

FEC)

Present the requirements for label signaling protocols in MPLS and relate the LIB/LFIB relationship to the RIB/FIB of IP routing protocols.

This section provides an overall review of some of the fundamental principles of Multiprotocol Label Switching. An introduction to the technology and its related terminology is also provided.

The concepts are presented in a way that allows for comparison with normal IP routing that can help highlight the packet forwarding differences and the benefits introduced by MPLS.

The end of the section takes a glimpse into the tables maintained on MPLS enabled routers to pave the way for following modules, in which the control plane perspective will be analyzed from a much deeper perspective.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



IP Routing Overview

The following routing process occurs at each router:y Check and remove the L2 encapsulation header of the incoming

packet.

y Examine the L3 (IP) header and perform a longest match lookup on the destination IP address in the forwarding table.

y Determine the next hop interface.y Build a new L2 encapsulation header and forward the packet to the

next hop router.

The end-to-end IP packet forwarding process relies on a hop-by-hop forwarding paradigm.

Every router in the network builds a routing table using the routing protocols and the information that they receive from the other routers. When data arrives at the router, it uses the routing table to determine the next hop to the destination. The routing table contains a list of network destinations with the next-hop address to be used to reach them.

When a packet is received, each router choose the best path over which to forwarding the packet by using its Layer 2 association and Layer 3 routing tables.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



IP Routing Process on a Single Router

Packet forwarding includes the following key actions:

1. Data link layer frame validation performs basic frame length and FCS verification and frame sanity checks. When a router receives a frame from a LAN, it reads the destination MAC address to ensure that it is the intended recipient of the frame. Then, if it is the intended recipient, the router checks the FCS for errors related to the frame. If there are any errors, the router discards the frame.

2. Network-layer protocol demultiplexing determines the upper protocol that needs to receive encapsulated data. This step is performed after the L2 information is removed so that the payload is handed to the correct upper layer.

3. IP packet validation performs basic IP header verification. The router verifies the packet before performing further processing. The version and ToS fields are examined and removed. The TTL field should be greater than 1; if the TTL = 1, the packet is discarded because its TTL is finished.

4. Forwarding decision finds a path to the destinationThe router checks its routing table for a route to the packets destination. If it finds a match between the packets destination IP address and one of the prefixes (every entry is checked), it chooses the egress interface. If it does not find a match, it drops the packet.

5. Data link frame construction encapsulates packet. The IP packet is encapsulated in the L2 frame that corresponds to the egress interface. If the interface is Ethernet, new source and destination MAC addresses are added, the router sets the frames type field and creates a new FCS. The packet is sent to the physical layer for transport.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



MPLS Terminology: PE, P, CE, LER, LSR

Service architecture terminology PE : Provider Edge Router P : Provider (Core) Router CE : Customer Edge Router

MPLS Terminology iLER : Ingress Label Edge Router eLER: Egress Label Edge Router LSR : Label Switch Router

Customer edge devicesA customer edge (CE) device resides on the customer premises. The CE device provides access to the service provider network over a link to one or more provider edge (PE) routers. The end user typically owns and operates these devices. The CE devices are unaware of tunneling protocols or VPN services that are provided by the service provider.

Provider edge devicesA provider edge (PE) device has at least one interface that is directly connected to the CE devices. In addition, a PE device usually has at least one interface that connects to the service providers core devices or routers. The PE device must be able to connect to different CE devices over different access media, so it is usually able to support many different interface types. The PE device is the customer's gateway to the VPN services offered by the service provider.

Provider routerProvider (P) routers are located in the provider core network. The P router supports the service providers bandwidth and switching requirements over a geographically dispersed area. The P router does not connect directly to the customer equipment.

LER (Label Edge Router)The LER MPLS router resides in the boundary between the MPLS domain and the customer domain (hence the keyword edge). In this sense, it is similar to the PE. This naming convention refers to routers function in the MPLS datagram forwarding process. An LER may be an:

Ingress LER (iLER): Non-MPLS traffic enters the MPLS domain through the iLER. The iLER adds a label to the non-MPLS traffic and sends it to the next hop LSR.

Egress LER (eLER): MPLS traffic exits the MPLS domain through the eLER. The eLER removes the label from the MPLS packet and forwards the unlabeled packet to the CE router.

LSR (Label Switched Router)

The LSR resides within the MPLS domain. It connects the iLER and eLER to form a path for forwarding labeled traffic through the MPLS domain. When an LSR receives labeled traffic, it replaces the incoming (ingress) label with an outgoing (egress) label and forwards the labeled packet to the next hop router.Whether a router is iLER, eLER, or LSR depends on where that router resides in the MPLS domain as well as the direction in which traffic flow. A different CE-CE pair or traffic flow direction could change these roles.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



MPLS Label Switching: Push, Swap & Pop

Labels are pushed onto packets as they enter the service provider network. They are swapped across the network and popped as they leave the network.

The above slide illustrates the basic data plane forwarding process of MPLS labeled packets.

A label header is a fixed length entity the router inserts into the packets as they enter the Service Provider Core Network. The process occurs on the first router (PE) attached to the CE device and is called a Push operation.

The packet that comes in from the CE router, indicated as Data in this figure, can be any type of non-MPLS traffic, depending on the type of service (the different service types will be presented in the next section).

The Provider (P) routers simply check the incoming label against their Label Forwarding Database to find out the interface and outgoing label needed to forward the packet to the next-hop. The PE router at the other end of the flow strips the incoming label and sends the packet again as unlabeled to the other CE router.

The details of the label structure and concepts, such as label stacking, are explained in Module 2.

Building the Label Forwarding Database is explained more in detail later in this section.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



MPLS Terminology: LSP

LSP Label Switched Path An LSP is a logical entity that represents the MPLS label

connection between Label Edge Routers.

Another commonly used synonymous term is transport tunnel.

A Label Switched Path (LSP) can be defined as a sequence of labels and label actions performed on MPLS routers to forward data packets from point A to point B, using label switching.

A Label Switched Path always starts from an iLER and ends at an eLER. An LSP is thus an end-to-end, unidirectional path that can carry traffic from Router A to Router B.

In the above slide, traffic flows from left-to-right. The flow of MPLS labeled packets in the other direction, that is, right-to-left, would be represented by another LSP pointing in the reverse direction. In that case, the roles of the iLER and eLER routers in the figure would be swapped.

The encapsulation and forwarding of packets using labels is also referred to as tunneling; as such, LSPs are often called as tunnels.

Tunnels must be established prior to the arrival of data packets. Label negotiation and distribution protocols are used to build the tunnels with negotiated label values. The details of these control processes and exact mechanisms of MPLS protocols will be covered in the upcoming modules.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



FEC (Forwarding Equivalence Class) in IGP

FEC Forwarding Equivalence Class A FEC is a group of IP packets forwarded in the same manner, over

the same path, and with the same forwarding treatment.

For IP-only networks, FECs usually correspond to an IP prefix in the route table.

y For example: An entry in route table for 10.1.1.0/24 with next-hop address 15.15.15.15

y Two received packets with addresses 10.1.1.1 and 10.1.1.2 will both be forwarded to the same next-hop, 15.15.15.15. In this manner, it could be said that they both share the same FEC.

In IP-based routing, FEC lookup is done at each hop.

Forwarding Equivalence Class (FEC) allows for the classification of packets into groups based on common criteria.

In IP networks, the most commonly used Forwarding Equivalence Class (FEC) is the packets destination IP addresses (prefixes).

By definition, FECs can be based on other administrative criteria, such as the markings inside packets that indicate Class of Service information.

In IP routing, packets are reclassified at each hop along their forwarding paths, according to their destination IP addresses.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



FEC (Forwarding Equivalence Class) in MPLS

In MPLS, FECs can be defined based on destination IP prefixes, and other administrative criteria.

In MPLS-based forwarding, FEC lookup is done only at the ingress LER on incoming data packets.

The FEC lookup determines the next hop LSR and the label the source router pushes onto the packet.

The LSRs then simply perform swap operations based on the previously determined label values.

The tunnels are established before the data packets arrive on the ingress router. When the label associations to the tunnels are also known, the ingress LER decides if the data packet will be forwarded via normal IP routing or via label switching. The choice depends on the service configuration of the router associated with the incoming interface on which the packet was received.

If label switching is to be used, the ingress LER chooses the tunnel and pushes the label onto the packet before sending it to the next LSR.

The LSRs along the path do not need to reclassify the packets as they receive them; they merely swap the labels according the previously determined and negotiated values.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



MPLS FEC Lookup at Ingress LER

9 FEC lookup is done only at the iLER

When an iLER receives a packet, it makes a decision to forward the packet via an MPLS tunnel (LSP). As indicated in the previous slide, this depends on the definition of the service the ingress interface is associated with.

If the iLER decides to use an MPLS tunnel to forward the packet, it performs an FEC lookup in its Label Binding Table.

As the name implies, the Label Binding Table contains FECs received from other routers and their label associations.

In this example, and throughout this course, the FEC corresponds to an IP prefix (an IP address plus a subnet mask) that exists on a router.

In the figure above, FEC x belongs to router R5, which is why we have LSP 1 pointing to, or terminating on, router R5.

FEC y belongs to router R6; therefore, the final destination for LSP 2 is router R6.

Through the lookup operation, the iLER finds out that the packet needs to be forwarded through LSP 1, thus a label with a value of Label1 is pushed onto the packet and sent to router R1, which is the next-hop LSR. The rest of the story is as explained in previous slides.

The exchange of label bindings and the process of building the binding tables are summarized in the following slides.A

lcat

el-L

ucen

t Con

fiden

tial f

or In

tern

al U

se O

NLY

- D

o N

ot D

istri

bute



Building Tables: IP Control Plane

Routing Protocols exchange routing updates on the control plane With this information the Control Processor Module (CPM)

populates the RIB (Routing Information Base)

Every router consists of a Control Plane and a Data Plane. Data packet processing and forwarding take place on the Data Plane. The Control Plane is like the command center of the router; communication with other routers via protocols and maintenance functions inside the router takes place here. The Control Plane, therefore, always needs to be one step ahead of the Data Plane.

The two functions are usually divided among different hardware components within the system. On Alcatel-Lucent 7750 Service Routers, the hardware component that performs the control plane functions is called the Control Processor Module, or CPM, and the component that performs the data packet processing and forwarding functions is called the Input Output Module, or IOM.

When a routing protocol is enabled on the routers of a network, a series of actions is initiated. In this and the following slides, the information exchange between a single router pair is briefly discussed. It is then easy to extend these principles to any number of devices in the network.

First, with the more modern link state protocols (OSPF and IS-IS), an adjacency relationship is established between the routers. If the two routers agree on the parameters, they exchange routing updates with each other to synchronize their topology databases and build their Routing Information Base (RIB).

In this course, only the link-state protocols are considered (OSPF and IS-IS), since these are the only choices in todays Service Provider Networks.

The SRC AIRP course examines the Interior Routing Protocols in much greater detail.A

lcat

el-L

ucen

t Con

fiden

tial f

or In

tern

al U

se O

NLY

- D

o N

ot D

istri

bute



Building Tables: IP Control Plane

Based on their protocol metrics, the CPM chooses the best routesfrom the RIB and writes them into the Route Table.

Inside the RIB, various next-hop alternatives to certain destinations might exist, depending on the link and node redundancy in the network. The responsibility of the router is to choose the best paths to all the given destinations. In the case of link protocols, the Shortest Path First, or SPF, algorithm performs this function.

The SPF algorithm uses metrics to calculate the best path. In link-state protocols, metric is defined as a function of the physical link bandwidth. The higher the bandwidth, the lower the metric, and the lower the cost of getting to destinations via that link.

The router places the SPF chosen routes in the Route Table.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Building Tables: IP Control Plane Data Plane Interaction

The routing information is transferred to the Data Plane (the Input Output Modules) and is stored in the FIB (Forwarding InformationBase).

The Route Table thus contains the best (lowest cost) paths to all possible destination prefixes. To be able to perform data packet forwarding functions, this information needs to be transferred to all the data plane components. The database that is maintained on the data plane for this purpose is called the FIB (Forwarding Information Base).

The FIB is virtually an image of the Route Table that is calculated from the entries in the RIB of the control plane. Since the FIB exists on the data plane, it does not need the extra information related to the control plane. In this manner, we can loosely think of it as a lightened version of the Route Table.

On Alcatel-Lucent 7750 Service Routers, identical copies of the routers FIB exists on every operational IOM. Dedicated internal processes exist to keep these databases synchronized and up-to-date.

The command to display the route table entries on the 7750 SR is show router route-table.The command to display the forwarding table entries on a certain IOM card that is installed in slot number is show router fib .

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Building Tables: IP Data Forwarding

IP Forwarding takes place in the Data Plane using the information available in the Forwarding Information Base.

Once the Forwarding Information Base (FIB) is populated, it is used to forward native (unlabeled) IP packets on the router.

(The detailed data packet forwarding process was explained on Pages 6 and 7.)

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Building Tables: MPLS Control Plane

MPLS Protocols Exchange label bindings for their FECs and build the LIB (Label Information Base).

An IGP routing protocol in the network is a mandatory prerequisite to making the core network MPLS-capable. This brings several additional capabilities and applications, the most important of which will be covered in the next section.

When an operator starts the MPLS label signaling protocol on the routers, the routers establish protocol sessions first. The routing information present in the route tables allow the routers to create these sessions.

After sessions are established, routers exchange label bindings for FECs (destination IP prefixes) that are known to them. The information that is sent and received is stored in a database that is called the Label Information Base, or LIB.

When this process is completed on the end-to-end path of an LSP (tunnel), label forwarding can take place.

The details of this process depend on the MPLS label signaling protocol that is used, which will be covered later in the course.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Building Tables: MPLS Control Plane Data Plane Interaction

Label Binding Information is transferred to the Data Plane and is stored in the LFIB (Label Forwarding Information Base).

Just as a FIB is required for native IP traffic, a Label Forwarding Information Base (LFIB) needs to be stored on the data plane for forwarding label switched packets.

A selection process might be performed on the LIB when constructing the LFIB. Thus, the LIB might contain some redundant entries, those are not actually used on the data plane (LFIB) at a given time. This depends on the actual MPLS label distribution protocol implementation, either Label Distribution Protocol (LDP) or Resource Reservation Protocol with Traffic Engineering extensions (RSVP-TE), the details of which are covered in their individual sections.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Building Tables: MPLS Data Forwarding on iLER and LSR

A label is pushed onto the packet at the iLER and label swapping takes place at the LSR, using the LFIB in the Data Plane.

When an iLER receives a packet, it makes a decision to forward the packet via an MPLS tunnel (LSP). As indicated in the previous slide, this depends on the definition of the service with which the ingress interface is associated.

If the iLER decides to use an MPLS tunnel to forward the packet, it will perform an FEC lookup in its LFIB. This process will allow the packet to be encapsulated with a label and forwarded to the next-hop LSR.

For the sake of simplicity, a single label is being used to illustrate the basic concepts of MPLS label switching. In reality, however, more than one label is often imposed onto the data packet, depending on the type of service or application. This is called a label stack, which will be explained in Module 2.

The LSR then swaps the label with another, again consulting the LFIB stored locally on itself.

In some exceptional cases, the LSR might impose a further label onto the incoming stack in addition to the swap operation. We will see an example of this in Module 6.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Building Tables: MPLS Data Forwarding on LSR and eLER

The label of the incoming packet from the LSR is popped at the eLERusing the LFIB in the Data Plane.

The LSR processing is the same as explained in the previous slide.

The eLER is the last MPLS hop router, where the tunnel ends (terminates). This router pops the incoming label(s), locates the outgoing interface, and forwards the original data packet outside the core MPLS network (towards the CE).

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Section Summary

This section covered:y Review of IP Routing mechanismy Introduction to basic MPLS terminology (LER, LSR, LSP, FEC,

label)

y IP Control and Data Planes overview (RIB and FIB)y MPLS Control and Data Planes overview (LIB and LFIB)

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Module Summary

MPLS allows optimum routing with Layer 3 awareness over any Layer 2 medium, solving many issues of traditional IP forwarding.

MPLS label switching technology provides the ability to establish connection-oriented paths over a connectionless IP network.

MPLS allows Service Providers to build highly reliable and scalable core networks, and offer customers IP and differentiated services, based on QoS and other features.

A Forwarding Equivalence Class (FEC) is a group of IP packets that will be forwarded over the same path with the same forwarding treatment.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Module Summary (contd)

MPLS Traffic Engineering allows Service Providers to control andoptimize traffic flows in an MPLS domain, independent of the IP routing tables.

RSVP-TE enables MPLS traffic-engineering for increased resiliency, reliability, and performance.

The router at the beginning of an LSP is the ingress LER (iLER). The router at the end of an LSP is the egress LER (eLER). The MPLS control plane (CPM) exchanges routing information and

label bindings, and maintains the RIB, route-table, and LIB.

The MPLS data plane (IOM) stores the FIB and LFIB, and forwards labeled or unlabeled packets, based on information contained in these tables and the packets header.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te




A Label Switched Path (LSP) defines an ingress to egress path through a network that is followed by all packets assigned to a specific FEC.

LSPs are unidirectional in nature. The three label operations are PUSH, SWAP, and POP. The label swapping mechanism requires packet classification at

the ingress of the network to assign an initial label to each packet.

The label swapping mechanism in an LSR replaces the incoming label with the outgoing label, and directs the packet to the outbound port for transmission to the LSP next-hop address.

The egress LER will remove MPLS labels from the packet and forward unlabeled IP packets outside the MPLS domain.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te




Four tables are maintained by routers in an MPLS network Routing Information Base (RIB) Forwarding Information Base (FIB) Label Information Base (LIB) Label Forwarding Information Base (LFIB)

MPLS allows network operators to design a network that Avoids bottlenecks with TE LSPs Recovers quickly from outages with secondary paths and fast

reroute Supports L2 and L3 consumer and business services, including

mobile and triple play service architectures Transparently tunnels BGP routed traffic through a BGP-free

core

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Learning Assessment

1. The router at the beginning of an LSP is the ________.

2. A router in the MPLS domain that resides between the ingress andegress routers is called a(n) _______ .

3. The router at the end of an LSP is the_____________________.

4. Define the three MPLS label operations.

5. Define an MPLS Forwarding Equivalence Class (FEC).

6. What information is contained in the LFIB?

7. An iLER and an eLER perform what forwarding operations on a packet?

1. The router at the beginning of an LSP is the ingress Label Edge Router (iLER).

2. A router in the MPLS domain that resides between the ingress and egress routers is called a Label Switch Router (LSR).

3. The router at the end of an LSP is the egress Label Edge Router (eLER).

4. Define the three MPLS label operations.

PUSH An MPLS header is inserted into an IP packet

SWAP An existing MPLS header is exchanged for a new MPLS header

POP An MPLS header is removed from an IP packet

5. Define an MPLS Forwarding Equivalence Class (FEC).

An MPLS FEC is a group of packets forwarded in the same manner, over the same path, and with the same forwarding treatment.

6. What information is contained in the LFIB?

The active labels matching the best path to the destination FEC.

7. An iLER and an eLER perform what forwarding operations on a packet?

Switching and routing switching a labelled packet and routing an unlabeled packet.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te

www.alcatel-lucent.com

3FL-30635-AAAA-ZZZZA Edition 01

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Module 2 Fundamentals of MPLS

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Module Objectives

Upon successful completion of this module, you should be able to:

Explain the data plane implications of MPLS. Explain the control plane implications of MPLS. Describe the management plane functions that are available to

MPLS.

Alcatel-Lucent Multiprotocol Label SwitchingThis course is part of the Alcatel-Lucent Service Routing Certification (SRC) Program. See www.alcatel-lucent.com/srcfor more information on the SRC program.

To locate additional information related to the topics presented in this manual, refer to the following:


Module 2 introduces the concepts related to forwarding of MPLS packets in the data plane. The MPLS label stack, its application in VPN services, and the fields inside the MPLS label header are all explained.

In the second part of the module, the general control plane principles of MPLS dynamic signaling protocols are explained. Label distribution and control and retention modes are examined from a generic perspective. The actual operation of these modes depends on the protocol implementation, which will be investigated in the later LDP and RSVP-TE modules.

Labels that are reserved for special uses, such as implicit and explicit null and router alert label, are explained at the end of the module.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te


Module 2 Fundamentals of MPLS

Section 1 Understanding the Data Plane Implications of MPLS

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



Section Objectives

In this section we will:

Explain the MPLS Label Stack Operation. Explain the MPLS Label structure in detail (label values, EXP, S,

TTL fields).

Explain pipe vs. uniform mode operation with respect to TTL, EXP, and the impact to a label stack.

Explain frame vs. cell mode label implementation.

This section explains the key elements related to forwarding of MPLS data packets.

MPLS label stacking is explained first, along with the justification for the need of a stack in the example of VPN services.

Then, several fields inside the MPLS header (label value, Experimental, Bottom of Stack and Time to Live) are introduced.

The actual use of these fields, as influenced by the mode of implementation (pipe vs. uniform mode), is explained in step-by-step detail.

The Alcatel-Lucent (ALU) SR OS mode of implementation for processing these fields is also considered.

Finally, the two encoding options for the MPLS label are explained, frame mode v. cell mode, together with ALU SR OS implemented frame mode of operation.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



MPLS (Frame Mode) Label Stack Implementation

In Frame Mode, the MPLS Label is inserted between OSI Layer 2 and the encapsulated data (Payload).

MPLS headers are inserted between the Layer 2 of the network interface and the encapsulated MPLS Payload.

As explained in the previous module, MPLS initially transported IP packets to their destination FEC with label encapsulation, providing higher network performance. As such, MPLS is also often known as a Layer 2.5 protocol, since the label is inserted as a shim between the Layer 2 and Layer 3 headers.

Today, MPLS also supports VPN services as well as IGP and BGP tunnels, extending its use. An MPLS Payload can consists of a variety of protocols and services, so in this course we generically label the green payload field as Data.

A label stack can be formed by encapsulating labels with other labels, each layer providing a specific function on the network. For example, the router places a service label on the customers payload to identify the VPN to which it belongs. Then, to move this labeled payload through the MPLS domain, the same router adds to the stack top a transport label. If the operator runs Fast Reroute, discussed in Module 6, a router may add a bypass tunnel label to the stack. The SR OS supports up to six stacked labels.

Stacked labels support a wide range of MPLS-based services, including VPLS, VPRN, MPLS Fast-Reroute, trace, ping, or Traffic Engineering applications.

Technically, a packet can have any number of labels in it, depending on the number of applications being used. The maximum number of labels that can be carried is governed by the physical interfaces maximum packet size as well as the routers implementation of the MPLS protocols.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



The Need for a Label Stack for VPN Services

The MPLS Transport (Outer) tunnel can encapsulate multiple Service (Inner) tunnels.

The service provider IP/MPLS network supports all customer services - including scalable and standards based VPN solutions - over a consolidated, shared backbone.

The above figure shows the logical service construct for simple point-to-point connectivity services. In this model, only the edge (PE) routers are service aware. For each VPN customer, service instances are configured on all the participating PE routers.

A service instance is a virtual software entity in the service router. Different service instances provide isolation between different customers, which provides inherent security and the ability to apply local, customized settings for each customer. Different logical service instances also allow for a very granular and scalable allocation of resources across different customers.

Referring again to the figure above, the separate logical service tunnels connect the service instances that belong to the same customer on both PE routers.

The MPLS transport tunnel (depicted in red) can multiplex and transport several service tunnels. The intermediate (P) routers are only aware of the transport tunnel. The transport tunnel encapsulates (hides) the service tunnels from the P routers. Because the P routers have no visibility over the services instances or the service tunnels connecting these instances, they need only look at the outermost label to make their forwarding decisions. This improves both network performance and scalability.

A more detailed discussion on the Alcatel-Lucent service model offered in the SRC ASA (Alcatel-Lucent Service Architecture) course. The important point to understand here is the concept of tunneling and label stacking.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



MPLS Label Stack Operation for VPN Services

This diagram assumes that the routers have already signaled the tunnels and their associated label values prior to the arrival of data traffic at the iLER. We discuss these MPLS control plane fundamentals in the next module.

Looking at the left side of the figure above, the ingress PE (router R1) processes each customers data traffic into a dedicated service. From there, router R1 delivers the data into their corresponding service tunnels. Router R1 pushes a separate, previously signaled service label on top of each packet. Router R1 pushes onto the appropriate data packets service label S1 for Customer A and service label S2 for Customer B.

The same edge-to-edge transport tunnel forwards the labeled packets to the core. Router R1 pushes transport label T1 onto the label stack and sends the twice-labeled packet towards router R2.

As an LSR, router R2 processes only the top label in the stack. Router R2 swaps transport label T1 with transport label T2 and sends the packet on to router R3. Router R2 leaves the remaining parts of the packet, service label X and the encapsulated customer data, untouched.

When the egress PE router R3 receives the packet, it processes the transport label T2 first, popping it from the top of the stack.

Router R3 needs the second label so that it can select the appropriate service instance to which it will send the data packet. Since router R3 forwarded the service label S1 to router R1, router R3 knows the data belongs to Service 1 and Customer A. Similarly, if the router R3 receives the packet with a service label S2, the data belongs to Customer Bs Service 2.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



MPLS Encapsulation for Layer 2 VPN Services

Customer Layer 2 Header is preserved at iLER.

Layer 2 and Layer 3 VPN services treat customer packets differently.

The two main Layer 2 VPN services are Virtual Private Wire Services (VPWS) and Virtual Private LAN Services (VPLS). As Layer 2 services, they are transparent to the customer. The service forwards the entire customer-generated L2 payload transparently between the two CE devices.

For example, assume Ethernet data link connections between all routers:

(*) The CE1 Layer 2 header uses CE1s source MAC address and CE2s destination MAC address. Router R1 (**), the ingress LER, encapsulates the entire frame within two MPLS labels, an MPLS transport label and a service label, and an Ethernet frame header. The frames source MAC address is that of router R1s egress interface and the destination MAC address is that of router R2s ingress interface. The top label (transport) tunnels the customers traffic hop by hop from the ingress to the egress LER, while the bottom label (service) identifies the edge to edge service to which the payload belongs.

The egress LER extracts the customers payload from the service providers headers, and forwards the original Layer 2 frame to CE2. CE2 accepts this packet, since its own L2 MAC address is the destination.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



MPLS Encapsulation for Layer 3 (IP) VPN Services

Customer Layer 2 Header is removed at iLER. A new Layer 2 Header is built by eLER.

The Layer 3 (IP) VPN service solution is Virtual Private Routed Network (VPRN).

In this model, the service instances maintain isolated routing tables and decide on a per service basis how to forward the packets to their destinations. The PE routers form peer relationships with the CE routers inside the respective service instances.

Again, assuming Ethernet data link connections between all routers:

(*) The Layer 2 header sent from CE1 to router R1 has a source MAC address of the CE1, and a destination MAC address of the PE1 service interface. From the customers perspective, PE1 is the next-hop to the destination network, CE2.

Router R1, the ingress PE router, removes the Layer 2 header, processes the IP packet, and forwards only the IP header and payload, encapsulated within two MPLS headers.

(**) Router R1 encapsulates the MPLS packet with the egress service provider interface Layer 2 header. The source MAC address is that of router R1 and the destination MAC address is that of router R2.

(***) The egress LER (router R3) removes the service headers and processes the packet as any IP packet, finding a route in the services IGP routing table, building a new Layer 2 header and forwarding the packet to CE2. The source MAC address is that of the service interface on router R3 and the destination MAC is that of the CE2 interface.

Alc

atel

-Luc

ent C

onfid

entia

l for

Inte

rnal

Use

ON

LY -

Do

Not

Dis

tribu

te



MPLS Label Header

Each MPLS header is fixed 4 bytes in size* RFC 5462 renames the EXP field to Traffic Class

Field Name Size (bits) Purpose

Label MPLS Label 20 The MPLS label Value

EXP* Experimental 3 QoS mapping from TOS/COS bits

S Bottom of Stack 1 Flag to indicate bottom of MPLS stack

TTL Time to Live 8 Packet lifetime in MPLS hops

Each MPLS header in the MPLS stack includes the following four fields:

Label (20 bits): The most significant 20 bits in the MPLS header is the label, which contains the value information. Labels can be given values ranging from 0 to 1,048,575. The next slide shows the allocation of this large range into different pools that are used for various purposes or applications.

EXP (3 bits): The next 3 bits are experi

Documents

Alcatel-Lucent Multiprotocol Label Switching Student Guide v2-1-Dl