Cisco Mpls -Te for Vpns

7/28/2019 Cisco Mpls -Te for Vpns

1/41

111 2002, Cisco Systems, Inc. All rights reserved.BW Protection

7/28/2019 Cisco Mpls -Te for Vpns

2/41

2 2003, Cisco Systems, Inc. All rights reserved.

Ecosystems Seminar

TE for VPNs

Cisco MPLS -Traffic Engineering for VPNs

Amrit Hanspal

Sr. Product Manager MPLS & QoS

Internet Technologies Division

7/28/2019 Cisco Mpls -Te for Vpns

3/41

333 2003, Cisco Systems, Inc. All rights reserved.

Ecosystems Seminar

TE for VPNs

Agenda

MPLS Fundamentals Application 1: Increasing Bandwidth

Inventory

Application 2: Minimizing Packet Loss Application 3: Optimizing the Core

Traffic Engineering for VPNs Summary

7/28/2019 Cisco Mpls -Te for Vpns

4/41444 2003, Cisco Systems, Inc. All rights reserved.

Ecosystems Seminar

TE for VPNs

MPLS Is Key technology for Delivery ofLayer 2 & Layer 3 Services

MPLS VPNs: BuildOnce / Sell ManyNetwork Based VPNs

Layer 2 Integration for a SingleConverged NetworkInfrastructure

OpticalServicesOptical

Services

IPServices

IPServices

IP+Optical SwitchIP+Optical Switch

O-UNIO-UNI MPLSMPLS

IPIP

IP+Optical Integration

ATMServices

ATMServices

IPServices

IPServices

IP+ATM SwitchIP+ATM Switch

PNNIPNNI MPLSMPLS

IPIP

Traffic Engineering: Optimization for

Additional traffic =>$$

Traffic Engineering: Optimization for

Additional traffic =>$$

Protection SolutionReduction in

CAPEX & OPEX

Protection SolutionReduction in

CAPEX & OPEX

FrameRelay

FrameRelay

ATM

IP+ATM Integration

7/28/2019 Cisco Mpls -Te for Vpns

5/41555 2003, Cisco Systems, Inc. All rights reserved.

Ecosystems Seminar

TE for VPNs

MPLS Layer 3 VPNs

Scalable VPNs

IP QoS and TrafficEngineering

Easy to manage andNo VC provisioningrequired

Hub/Spoke or Mesh

Topologies can easilybe deployed

Provides a level ofSecurity equivalent toFrame-relay and ATM

Supports thedeploymentof new value-addedapplications

Customer IP addressfreedom

MPLS

Network

Traff ic Separation at Layer 3Each VPN Has Unique RD

Traff ic Separation at Layer 3Each VPN Has Unique RD

MPLS VPN RenaultMPLS VPN Renault

MPLS VPN BankcorpMPLS VPN Bankcorp

Corp ASite 2

Corp ASite 3

Corp ASite 1

Corp BSite 2

Corp BSite 1

Corp BSite 3

VPN Membership-

Based on Logical Port

VPN Membership-

Based on Logical Port

7/28/2019 Cisco Mpls -Te for Vpns

6/41666 2003, Cisco Systems, Inc. All rights reserved.

Ecosystems Seminar

TE for VPNs

Current Layer 2 VPNs With FR & ATM

FR/ATM

Backbone

Blue VPN

Red VPN

Purple VPN

Core has

individual VC

information

7/28/2019 Cisco Mpls -Te for Vpns

7/41777 2003, Cisco Systems, Inc. All rights reserved.

Ecosystems Seminar

TE for VPNs

MPLS Layer 2 VPNs Any Transport over MPLS (AToM)

MPLSBackbone

Blue VPN

Red VPN

Purple VPN

Core does not

have individual

VC information

Idea is to do the same as ATM & FRTransport layer 2 frames in MPLS packetCreate mapping of layer 2 circuits to LSPsScale better by using label stacking

7/28/2019 Cisco Mpls -Te for Vpns

8/41888 2003, Cisco Systems, Inc. All rights reserved.

Ecosystems Seminar

TE for VPNs

Agenda

MPLS Fundamentals Application 1: Increasing Bandwidth

Inventory

Application 2: Minimizing Packet Loss Application 3: Optimizing the Core

Traffic Engineering for VPNs Summary

7/28/2019 Cisco Mpls -Te for Vpns

9/41999 2003, Cisco Systems, Inc. All rights reserved.

Ecosystems Seminar

TE for VPNs

IP Routing and the Fish Problem

R8R2

R6

R3

R4

R7

R5

R1

IP (Mostly) Uses Destination-Based Least-Cost Routing

Flows from R8 and R1 Merge at R2 and Become Indistinguishable

From R2, Traffic to R3, R4, R5 Use Upper Route

Al ternate Path Under-Utilized

7/28/2019 Cisco Mpls -Te for Vpns

10/41101010 2003, Cisco Systems, Inc. All rights reserved.

Ecosystems Seminar

TE for VPNs

Router F

The Problem with Shortest-Path

Changing to A->C->D->E

wont help

Router C Router D

Router G

80MbT

raffic

80MbT

raffic

35MbDrops!

35MbDrops!

Router A

Router B

NodeNode Next-HopNext-Hop CostCost

BB 1010BB

FF 3030BB

CC 1010CCDD 2020CC

EE 2020BB

GG 3030BB

OC-3

OC-3

DS3

DS3

DS3OC-3

OC-3

Some links are DS3, someare OC-3

Router A has 40Mb of traffic forRoute F, 40Mb of traffic for

Router G

Massive (44%) packet loss atRouter B->Router E!

Router E

7/28/2019 Cisco Mpls -Te for Vpns

11/41111111 2003, Cisco Systems, Inc. All rights reserved.

Ecosystems Seminar

TE for VPNs

Router F

How MPLS TE Solves the problem

Router A sees all l inks

Router A computes paths

on properties other thanjust shortest cost

No link oversubscribed!

Router C

Router E

Router D

Router G

Router A

Router B

40Mb40Mb

40Mb

40Mb

NodeNode Next-HopNext-Hop CostCost

BB 1010BB

F 30Tunnel 0

CC 1010CCDD 2020CC

EE 2020BB

GG 3030Tunnel 1Tunnel 1

OC-3

OC-3

DS3

DS3

DS3OC-3

OC-3

7/28/2019 Cisco Mpls -Te for Vpns

12/41

121212 2003, Cisco Systems, Inc. All rights reserved.

Ecosystems Seminar

TE for VPNs

TE Fundamentals Building Blocks

Path Calculation uses IGP

advertisements to compute

constrained paths

RSVP/TE used to distribute

labels, provide CAC, failure

notification, etc.

IGP (OSPF or ISIS) used to

flood bandwidth information

between routers

7/28/2019 Cisco Mpls -Te for Vpns

13/41

131313 2003, Cisco Systems, Inc. All rights reserved.

Ecosystems Seminar

TE for VPNs

Information Distribution

You need a link-state protocol as your IGP

IS-IS or OSPF

Link-state requirement is only forMPLS-TE!

Not a requirement for VPNs, etc! Why do I need a link-state protocol?

To make sure info gets flooded

To build a picture of the entire network

Information flooded includes Link,

Bandwidth, Attributes, etc.

7/28/2019 Cisco Mpls -Te for Vpns

14/41

141414 2003, Cisco Systems, Inc. All rights reserved.

Ecosystems Seminar

TE for VPNs

NodeNode Next-HopNext-Hop CostCost

BB 1010BB

F 30Tunnel 0

CC 1010CCDD 2020CC

EE 2020BB

GG 3030Tunnel 1Tunnel 1

Router F

Path Calculation (PCALC)

PCALC takes bandwidth,other constraintsinto account

Paths calculated, resourcesreserved if necessary

End result: Bandwidth usedmore efficiently!

40Mb

40Mb

OC-3

OC-3

DS3

DS3OC-3

DS3Router C

Router E

Router D

Router G

Router A

Router B

40Mb40Mb

OC-3

7/28/2019 Cisco Mpls -Te for Vpns

15/41

151515 2003, Cisco Systems, Inc. All rights reserved.

Ecosystems Seminar

TE for VPNs

Path Calculation

What if theres more than one path that meets

the minimum requirements (bandwidth, etc.)?

PCALC algorithm: Find all paths with thelowest IGP cost

1. Pick the path with the highest minimum availablebandwidth along the path

2. Then pick the path with the lowest hop count (notIGP cost, but hop count)

3. Then just pick one path at random

7/28/2019 Cisco Mpls -Te for Vpns

16/41

161616 2003, Cisco Systems, Inc. All rights reserved.

Ecosystems Seminar

TE for VPNs

Path Setup

PATH message: Can I have 40Mb along this path?

RESV message: Yes, and heres the label to use Labels are installed along each hop

Router FRouter B

Router C

Router E

Router D

Router G

Router A

= PATH messages

= RESV messages

7/28/2019 Cisco Mpls -Te for Vpns

17/41

171717 2003, Cisco Systems, Inc. All rights reserved.

Ecosystems Seminar

TE for VPNs

Unequal Cost Load Balancing

IP routing has equal-cost load balancing, but not unequal cost*

Unequal cost load balancing diff icult to do while guaranteeing aloop-free topology

Since MPLS doesnt forward based on IP header, permanentrouting loopsdont happen

16 hash buckets for next-hop, shared in rough (11:5 for case

below) proportion to configured tunnel bandwidth or load-sharevalue

Router A Router E

Router F

*EIGRP Has Variance, but Thats Not As Flexible

Router G

40MB

20MB

7/28/2019 Cisco Mpls -Te for Vpns

18/41

181818 2003, Cisco Systems, Inc. All rights reserved.

Ecosystems Seminar

TE for VPNs

Auto-Route

Router As routingtable, built via

auto-route Everything behind

the tunnel is routed

via the tunnel

Tunnel1

Router FRouter H

Router B

Router C

Router E

Router D

Router G

Router A

Router 1

NodeNode Next-HopNext-Hop CostCost

BB 1010BB

FF 3030BB

CC 1010CCDD 2020CC