ENTERPRISE MPLS - Juniper Networksforums.juniper.net/jnet/attachments/jnet/BAJUG/2/1/bajug 1 Enterprise MPLS.pdfWHAT IS MULTI-PROTOCOL LABEL SWITCHING? Forwarding paradigm: what should

ENTERPRISE MPLS Kireeti Kompella

2 Copyright © 2012 Juniper Networks, Inc. www.juniper.net

AGENDA

  The “New VLAN”

  Protocol Suite

  Signaling Labels

  Hierarchy

  Signaling

  Advanced Topics §  Layer 2 or Layer 3? §  Resilience and End-to-end Service Restoration §  Multicast §  ECMP and Entropy Labels

  The New VLAN


WHY ARE YOU HERE?

  A) because it would have been your turn to cook dinner

  B) because someone mentioned “drinks”

  C) because you needed an alibi

  D) because you were told that MPLS stood for “More Partying, Less Studying”

  E) because networking is cool


MPLS – THE NEW VLAN

  MPLS is a very flexible forwarding paradigm

  MPLS can be used for: 1.  Faster forwarding (IP forwarding was believed to be too slow!) 2.  Traffic engineering 3.  Fast recovery from network failures 4.  Uniformly transporting a number of link layer technologies 5.  Scaling a network: backbone, edge, access 6.  Providing VPN services

  Which of these do you think attracted attention when MPLS first came out? Which spurred the first big deployment?

§  Network “virtualization” – segmentation and isolation §  Just what VLANs do, but in a manner that is a whole lot more

scalable, manageable and adaptable


WHAT IS MULTI-PROTOCOL LABEL SWITCHING?

Forwarding paradigm: what should happen to

packets arriving at this box?

Control plane: how does this box learn

how to deal with packets?

Lesson 1: signaling flow and packet flow are almost always in opposite directions Principle: “downstream label allocation”

The MPLS protocol suite encompasses both forwarding and

signaling (control plane). The control plane shares many elements with the IP control plane (hence the term

“IP/MPLS”)


WHAT IS A LABEL?

Label value TC

BoS

TTL

32 bits (4 octets)

20 bits 3 1 8 bits

TC = Traffic Class BoS = “bottom of stack” TTL = “time-to-live” (as in IP)


WHAT IS SWITCHING?

Most common operation on labels:

Label value TC

BoS

TTL ñ

New label value TC’

BoS

TTL-1

Label value gets switched; TC generally stays the same, but may change TTL gets decremented. BoS doesn’t change


WHAT IS MULTI-PROTOCOL?

MPLS

IPv4, IPv6, Ethernet, ATM, Frame Relay, PPP, TDM!

IPv4, IPv6, Ethernet, ATM, Frame Relay, PPP, TDM

MPLS runs over multiple protocols (Ethernet, PPP, …) MPLS carries multiple protocols (IPv4, IPv6, …)

I.e., “multi-protocol above and below”


SIGNALING LABELS

…

To reach FEC F, use label L1

To reach FEC F, use label Ln

FEC: Forwarding Equivalence Class = set of packets that are to be treated identically from a forwarding point of view

All packets in FEC F will be tagged with the same label (Ln) at the ingress, and will follow the same path to the egress

Lesson 2: labels are locally significant, and typically

downstream-assigned (e.g., egress chooses L1)

ingress egress

push Ln L3 è L2 pop L1

Label Switched Path (LSP)


CHARACTERIZATION OF A FEC

  Typically, the loopback address of a router – all packets that will be delivered to their destination via a particular egress router (e.g., BGP next hop)

§  Some signaling protocols allow the creation of multiple LSPs to an egress

§  In this case, the FEC could be further narrowed by QoS class or other contents of a packet

§  This leads to a simple implementation of policy-based routing

  Determination of a packet’s FEC is done only once, at the ingress

§  Intermediate LSRs keep packets in the LSP using the label, swapping it at each hop

§  The egress pops the label and forwards based on IP or other header information


FORWARDING: VERY MUCH LIKE IP!

Prefix BGP NH IGP NH Interface Label 10.1.1/24 Router Y Router X ge-1/1/1.1 22 10.1.2/24 Router Q Router P ge-2/2/2.2 33 … … … … …

Ingress

X

Y

P

Q

BGP IGP

BGP IGP LDP


GE interfaces

APPLICATION: SHOW SOME OF THE BENEFITS OF MPLS

10GE interface

Lower path has capacity, but is longer (by metric)

Say upper link is saturated

Say link fails

Alternate path can be used

Local repair “Slow” IP

Fast MPLS


LABEL STACKS AND HIERARCHY One can put multiple labels on a packet. The labels are called a “label stack”.

Label stacks create hierarchy which in turn enables a number of benefits.

L3 L2 L1 L2’ L1’

L3

pack

et

L2

pack

et

L2’ L2

pack

et

L1’ L1

pack

et


SIGNALING

  Choices for signaling: §  LDP (hop-by-hop, follows IGP shortest path)

§  Mechanisms exist for multicast, local repair §  RSVP-TE (hop-by-hop, follows given path)

§  Mechanisms for multicast, local repair, traffic engineering §  BGP (multi-hop)

§  Used for scaling, and for various VPN technologies


ADVANCED TOPICS: LAYER 2 OR LAYER 3?

  Layer 2 §  easy to understand, configure, manage (“plug-and-play”) §  fragile: flooding, loops, broadcast storms, … §  VLANs make it not-so-plug-and-play: ACLs, manual policies, ... MPLS can give you a Layer 2 “look-and-feel” with a solid, robust, IP

control plane based infrastructure

  Layer 3 §  More protocols (more help!) §  Initial investment higher; payoff greater §  Robust, scalable, flexible MPLS can add resilience, segmentation, traffic engineering

  With MPLS, you can choose now, change your mind, migrate to a new approach, adapt, … -- it’s MULTI-PROTOCOL!


MPLS Infrastructure

RESILIENCE AND END-TO-END RESTORATION

Dual-homed server complex

End user


MULTICAST

L1

L2

L3

This router must make 3 copies of the

incoming packet, put the appropriate label on each, and send

each to the next router

multiple destinations


ECMP AND ENTROPY LABELS

L1

L2

L3

This router must choose among 3 next hops in a consistent manner, put the appropriate label on the packet,

and send it to the next router

single destination

How to map a flow consistently to the same link? Typically, by hashing on some header fields

How about making the ingress do this work, encode it as a label, and allow transit LSRs to simply use that label?

EL

pack

et

L Stacking is cheap, flexible and effective!


BACK TO THE NEW VLAN Th

ree

diffe

rent

use

rs o

n th

ree

diffe

rent

inte

rface

s

BGP

Incoming interface

VPN Prefix BGP NH VPN Label

ge-1/1/1 Engg 10.1.1/24 Router X 22 ge-1/1/2 HR 10.1.2/24 Router Y 33 ge-1/1/3 Finance 10.1.1/24 Router Z 44

X

Y

Z

Routers in the middle are not aware of the end-to-end “VLAN”


TYPES OF VPNs – Layer 2 and Layer 3

  IP VPN – RFC 2547/4364 §  Forward based on IPv4/v6 addresses, but segmented (private)

  Virtual Private LAN Service (VPLS) – RFC 4761/4762 §  Emulation of an Ethernet segment (really a VLAN!)

  Ethernet VPNs – draft-ietf-l2vpn-evpn §  Emulation of an Ethernet segment, but with a BGP control plane §  Scales to very large number of segments, with each segment

containing a large number of endpoints §  Work in progress, both standards and implementation

  Very similar signaling, forwarding mechanisms, provisioning, management, trouble-shooting, etc. across all of these

  All can take advantage of ECMP, entropy labels, multicast, …


VPN POLICIES AND MANAGEMENT

  Overlapping addresses (IP and/or MAC) have been designed in

  VPN topologies can be very flexible §  Default is any-to-any §  Other typical use cases include hub-and-spoke and dual h-and-s

  VPNs can cross Autonomous System boundaries §  For example, an internal VPN can connect to a wide-area VPN

which in turn connects to a DC VPN in the cloud

  VPN management is limited to the endpoints; routers in the middle are unaware of the VPNs, and unaffected by VPN scale


CONCLUSION

  MPLS is a very flexible, powerful and extensible forwarding paradigm that is accompanied by an equally flexible, powerful and extensible control plane

§  MPLS’s starting point (TE) and where it is today (a host of VPN applications) is testament to this

§  MPLS is also by design compatible with IP §  The MPLS control plane means more to master, but that control

plane also significantly reduces provisioning and management

  MPLS allows a decoupling of “transport” and “services” (VPNs) §  This uses hierarchy in the control plane and label stacking §  This means that changes can be limited to edge devices

§  This in turn means less disruption to core devices, more stability, …

  MPLS continues to evolve, but much more slowly now

Documents

ENTERPRISE MPLS - Juniper Networksforums.juniper.net/jnet/attachments/jnet/BAJUG/2/1/bajug 1 Enterprise MPLS.pdfWHAT IS MULTI-PROTOCOL LABEL SWITCHING? Forwarding paradigm: what should