86
1 Multi-Protocol Label Switching (MPLS) Internet Routing + Label Switching * Some materials come from Cisco.com

Internet Routing + Label Switching - ee.cityu.edu.hkewong/EE6412/notes/Long_MPLS.pdf · 1 Multi-Protocol Label Switching (MPLS) Internet Routing + Label Switching * Some materials

Embed Size (px)

Citation preview

1

Multi-Protocol Label Switching (MPLS)

Internet Routing + Label Switching

* Some materials come from Cisco.com

2

Learning Outcomes• know the motivation/objectives of MPLS• know the challenge and basic ideas of MPLS• know how MPLS works• know how to assign labels (globally vs. locally)• know how to forward IP packets and switch labels

in MPLS domain• know how to allocate and distribute labels• know the difference between IP routing and

MPLS routing and how they work• know how MPLS-VPN works

3

4

5

6

7

8

9

10

11

Challenge

How to design routing and switching in the core network of the Internet with the following objectives:

• Handle a vast volume of traffic (Scalability)• Provide different qualities of service (QoS)• Load-balance the traffic in the core network

(Traffic Engineering)

12

Outline• Problems on the Internet• Solution to the problems: MPLS• How MPLS solves those problems• How MPLS works

– Packet forwarding & Label Switching– Label Distribution – Label Allocation Schemes

• Examples for IP routing vs. MPLS routing• MPLS-VPN

13

Problems on the Internet (1)Problem 1:

Normal IP forwarding is slow=> Not scalable and not practical in the Internet core

Procedure for normal IP forwarding1. Read the destination address2. Perform longest-match table lookup (time consuming!!)3. Find the next hop to forward

14

Problems on the Internet (2)

Problem 2:Difficult to provide quality of service (QoS) because– packets for the same source-destination pair

may go through different paths – difficult to keep track which path the traffic go

through and hence difficult to reserve resources (e.g. bandwidth and buffer) along that path

15

Packets flow in the Internet

16

Problems on the Internet (3)

Problem 3:No mechanism to control traffic, leading to– unbalanced traffic distribution, hence causing

• unnecessary congestion in some areas but• under-utilization in some other areas

– the danger of route oscillation – e.g. the “fish”problem

17

The “fish” problem (1)R2

R3

R1

Path for R2 to R3 trafficPath for R2 to R3 traffic

Path for R1 to R3 trafficPath for R1 to R3 traffic

underunder--utilized alternate pathutilized alternate path

18

The “fish” problem (2)R2

R3

R1

Path for R2 to R3 trafficPath for R2 to R3 traffic

Path for R1 to R3 trafficPath for R1 to R3 traffic

underunder--utilized alternate pathutilized alternate path

19

Outline• Problems on the Internet• Solution to the problems: MPLS• How MPLS solves those problems• How MPLS works

– Packet forwarding & Label Switching– Label Distribution – Label Allocation Schemes

• Examples for IP routing vs. MPLS routing• MPLS-VPN

20

Solution

Multi-Protocol Label Switching (MPLS)

21

The basic ideas of MPLS

• Build a “mass transportation” system in the core of the Internet, giving the traffic with predefined paths (decided by a traffic engineering mechanism NOT by IP routing protocol)

• Group/Aggregate and label traffic-flows • Forward packets with labels in the

predefined paths

22

23

24

Outline

• Problems on the Internet• Solution to the problems: MPLS• How MPLS solves those problems• How MPLS works

– Packet forwarding & Label Switching– Label Distribution – Label Allocation Schemes

• Examples for IP routing vs. MPLS routing• MPLS-VPN

25

Problems solved

Problem 1: Normal IP forwarding is slowSolution: Packets forwarded with labels using

exact-match table lookup=> make packet forwarding faster

26

27

28

Problems solved

Problem 2: Difficult to provide QoS.Solution: The traffic in a flow will follow a

predefined path ⇒ enable to reserve the resources (e.g

bandwidth and buffer) along that path⇒ make the provision of QoS much easier

29

30

31

32

33

34

35

36

37

Problems solved

Problem 3: Unbalanced traffic distribution and the danger of causing route oscillation

Solution: From packet-based routing to pre-determined flow-based routing

⇒more control on how the traffic distribute in the network (traffic engineering)

⇒ load-balance traffic

38

Unbalanced Traffic Distribution (before)

R2

R3

R1

Path for R2 to R3 trafficPath for R2 to R3 traffic

Path for R1 to R3 trafficPath for R1 to R3 traffic

underunder--utilized alternate pathutilized alternate path

39

Balanced Traffic Distribution (now!!)

R2

R3

R1

Path for R2 to R3 trafficPath for R2 to R3 traffic

Path for R1 to R3 trafficPath for R1 to R3 traffic

40

Summary on Advantages of MPLS

• Increase scalability through – link-level fast-forwarding of IP-packets– flow aggregation

• Provide QoS• Implement Traffic Engineering• Build highly scaleable Virtual Private Networks

(VPNs)• Support multi-protocols: IP, ATM, frame relay

41

Outline

• Problems on the Internet• Solution to the problems: MPLS• How MPLS solves those problems• How MPLS works

– Packet forwarding & Label Switching– Label Distribution – Label Allocation Schemes

• Examples for IP routing vs. MPLS routing• MPLS-VPN

42

How MPLS works• An MPLS domain contains MPLS-enabled IP router,

called Label Switching Routers (LSRs) – perform label switching

• A Label Switched Path (LSP) is set-up before packet transmission in MPLS domain

• An IP packet enters the MPLS domain via an ingress (edge) LSR which– Identify the Forwarding Equivalency Class (FEC) – the

way to group IP packets in MPLS domain– Assign the label associated with the FEC

• With the label, the packet is forwarded to the next LSR along the LSP

• The packet leaves the MPLS domain via an egress (edge) LSR where its label removed

43

MPLS Operation Diagram

Ingress LSR

Core LSRs

Egress LSR

MPLS domain

44

Outline

• Problems on the Internet• Solution to the problems: MPLS• How MPLS solves those problems• How MPLS works

– Packet forwarding & Label Switching– Label Distribution – Label Allocation Schemes

• Examples for IP routing vs. MPLS routing• MPLS-VPN

45

Packet Forwarding & Label Switching

• At the core LSR, the label is used in an exact-match table lookup to identify– The next LSR in the LSP– The new label value

• The packet with the new label is forwarded to the next LSR

46

MPLS Packet Forwarding

47

Label (virtual circuit number) switching/changing

Why doesn’t a packet just keep the same label (VC number) on each of the links along a LSP?

1. Reduced complexity for setting up a LSP (more scalable)

2. Lower blocking probability

48

Reduced LSP-Setup Complexity

• Each link in the LSP can choose a VC number independently of what the other links in the LSP choose.– avoid the use of a complicated control

algorithm => more scalable• Only adjacent switches need to cooperate

with each other.– reduce the number of message exchanges

between the switches => more scalable

49

Lower Blocking Probability

• It is possible that each link has available VC number while there is no common VC number available in every link along the LSP.

• If VC number is not allowed to change from link to link, the connection will be blocked in this case.

50

Example: Blocking?

51

Outline

• Problems on the Internet• Solution to the problems: MPLS• How MPLS solves those problems• How MPLS works

– Packet forwarding & Label Switching– Label Distribution– Label Allocation Schemes

• Examples for IP routing vs. MPLS routing• MPLS-VPN

52

Label Distribution

• Label Distribution Protocol (LDP) is used to distribute the labels when LSP is setup

• Egress router starts to distribute labels and passes them to its upstream LSRs

• Each LSR – Receives outgoing label from downstream LSR– Allocates and distributes incoming labels to

upstream LSR

53

Outline

• Problems on the Internet• Solution to the problems: MPLS• How MPLS solves those problems• How MPLS works

– Packet forwarding & Label Switching– Label Distribution – Label Allocation Schemes

• Examples for IP routing vs. MPLS routing• MPLS-VPN

54

Label Allocation Schemes• Application flow

– End-to-end flow– Fine control but not scale well

• Destination IP-prefix– Aggregate flows destined to the same destination

network– Scale better– Easy to implement due to the same information carried

in IP routing protocols• Egress router

– Aggregate flows destined to the same egress router– Scale much better – Less control of individual traffic flows

55

Question

How to decide which label allocation scheme to be used?

56

Answer

• For very premier users who are willing pay a lot, “application flow” scheme can be used

• For VPN users in a remote network, “Destination IP-prefix” scheme can be used

• For the purpose of traffic engineering in the MPLS domain, “Egress router” approach can be used

57

Outline

• Problems on the Internet• Solution to the problems: MPLS• How MPLS solves those problems• How MPLS works

– Packet forwarding & Label Switching– Label Distribution – Label Allocation Schemes

• Examples for IP routing vs. MPLS routing• MPLS-VPN

58

IP Routing

• Distributing Routing Information (IP routing)• Forwarding Packets (normal IP forwarding )

59

IP Routing: Distributing Routing Information

0

1

128.89

171.69

……

171.69171.69

AddressPrefix

AddressPrefix I/FI/F

11 ……

128.89128.89

AddressPrefix

AddressPrefix I/FI/F

00

You Can Reach 128.89 thru Me

128.89128.89 00

1

......

128.89128.89

171.69171.69

AddressPrefix

AddressPrefix I/FI/F

11

11

0

Routing Updates (OSPF, RIP…)

You Can Reach 128.89and 171.69 thru Me

You Can Reach 171.69 thru Me

60

IP Routing: Distributing Routing Information

• Interior gateway protocols, like Open Shortest Path First protocol (OSPF) or Routing Information Protocol (RIP), create, maintain and communicate routing tables that define how to get to a particular destination across a network.

• Each router advertises all the destinations that are reachable through its interfaces.

• Routers use this information to build their routing tables.

61

IP Routing: Forwarding Packets

128.89.25.4128.89.25.4 Data

0

11

128.89

171.69Packets Forwarded Based on

IP Address

......

171.69171.69

AddressPrefix

AddressPrefix I/FI/F

11

11

……

171.69171.69

AddressPrefix

AddressPrefix I/FI/F

11 ……

AddressPrefix

AddressPrefix I/FI/F

00

00

128.89.25.4128.89.25.4 Data128.89.25.4128.89.25.4 Data

128.89.25.4128.89.25.4 Data

128.89128.89 128.89128.89

128.89128.89

0

62

IP Router: Forwarding Packets

• When a packet comes into a router, a look-up is done based on the IP address in the packet.

• If a match is obtained, the packet is forwarded out the appropriate interface.

• The packet follows the same process on a hop-by-hop base through the network until it reaches its destination.

63

MPLS Routing

• Distributing Routing Information (IP routing) • Assigning Labels (label distribution protocol)• Forwarding Packets (fast label switching)• Label Sharing (flow aggregation)

64

MPLS Routing: Distributing Routing Information

128.89

1

01

0

You Can Reach 128.89and 171.69 thru Me

You Can Reach 128.89 thru Me

You Can Reach 171.69 thru Me

......

128.89128.89

171.69171.69

AddressPrefix

AddressPrefix

OutI'faceOut

I'face

11

11

In Label

In Label

OutLabelOut

Label

...... ......

128.89128.89

171.69171.69

AddressPrefix

AddressPrefix

OutI'faceOut

I'face

00

11

In Label

In Label

OutLabelOut

Label

...... ......

128.89128.89

AddressPrefix

AddressPrefix

OutI'faceOut

I'face

00

In Label

In Label

OutLabelOut

Label

......

Routing Updates (OSPF, RIP…) 171.69

65

MPLS Routing: Distributing Routing Information

• What label switching does is to extend the forwarding table by adding a label field.

• One for the incoming label and one for the outgoing label.

• Note that the topology of the network is discovered using unmodified layer 3 protocols such as OSPF.

66

MPLS Routing: Assigning Labels

128.89

1

01

0

Use Label 9 for 128.89

Use Label 7 for 171.69

......

128.89128.89

171.69171.69

AddressPrefix

AddressPrefix

OutI'faceOut

I'face

11

11

In Label

In Label

OutLabelOut

Label

...... ......

128.89128.89

171.69171.69

AddressPrefix

AddressPrefix

OutI'faceOut

I'face

00

11

In Label

In Label

OutLabelOut

Label

...... ......

128.89128.89

AddressPrefix

AddressPrefix

OutI'faceOut

I'face

00

In Label

In Label

OutLabelOut

Label

......

--

--

...... ......

44

55

......

44

55

99

77

......

99 --

...... ......

Use Label 4 for 128.89and Use Label 5 for 171.69

Routing Updates (OSPF, RIP…) 171.69

67

MPLS Routing: Assigning Labels

• LDP is used to– Bind/link labels to paths/routes– distribute this information to each

upstream neighbor of routers.

68

MPLS Routing: Forwarding Packets

128.890

0

......

171.69171.69

AddressPrefix

AddressPrefix

OutI'faceOut

I'face

11

11

In Label

In Label

OutLabelOut

Label

...... ......

128.89128.89

171.69171.69

AddressPrefix

AddressPrefix

OutI'faceOut

I'face

00

11

In Label

In Label

OutLabelOut

Label

...... ......

128.89128.89

AddressPrefix

AddressPrefix

OutI'faceOut

I'face

00

In Label

In Label

OutLabelOut

Label

......

--

--

...... ......

44

55

......

55

99

77

......

--

...... ......

128.89.25.4128.89.25.4 Data

Core LSR Forwards based on Label

128.89.25.4 Data 144128.89.25.4 Data99

128.89.25.4128.89.25.4 Data

128.89128.89 44 99

Ingress LSR Labels IP Packet

1

171.69

69

MPLS Routing: Forwarding Packets

• When the packet gets to ingress LSR where labels are assigned, there’s an IP look-up based on the IP prefix.

• It finds the forwarding table entry and it discovers that to get to the destination it should use label 4.

• It sticks that label on the front of the packet and forwards it along.

• Core LSR can just do pure label forwarding, gets in the packet with label 4, figures out that the outgoing interface is 0, and the outgoing label 9 replaces the incoming label 4.

70

Question

How does the MLPS domain route an IP packet with IP address 171.69.25.4?

71

MPLS Routing: Label Sharing

128.89.250

1

0

117.59117.59

171.69171.69

AddressPrefix

AddressPrefix

OutI'faceOut

I'face

11

11

InLabel

InLabel

OutLabelOut

Label

11 117.59117.59

128.89128.89

171.69171.69

AddressPrefix

AddressPrefix

OutI'faceOut

I'face

00

11

In Label

In Label

OutLabelOut

Label

00 ......

AddressPrefix

AddressPrefix

OutI'faceOut

I'face

00

In Label

In Label

OutLabelOut

Label

......

77

22

77 44

44

55

44

55

XX

77

XX

--

...... ......

128.89.25.4 Data

1

44

128.89.25.4128.89.25.4 Data

128.89.25.4 Data

128.89128.89 44 XX

128.89.25.4 Data77

XX

128.89.25128.89.25

117.59117.59 11 --

77

44

XX

77 XX

11

00

Prefixes that Share a Path Can Share Label

Remove Label One Hop Prior to De-

Aggregation Point

De-Aggregation Point Does

Layer-3 lookup117.59

72

MPLS Routing: Label Sharing

• You can use the same label for all traffic heading to the same Egress LSR.

• IP packets with destination networks 128.89 and 117.59 share the same incoming and outgoing labels

• Note that the cross signs at the second router. Both labels should be stripped before forwarding to the third hop.

73

Question

Why is label removed one hop prior to de-aggregation point?

74

Answer

• When label sharing traffic (with different destination networks) arrive at the Egress LSR, they may want to go to different outgoing lines

• Due to label sharing, label switching cannot separate traffic with same label but different destination networks while normal IP packet forwarding (at layer 3) can do so

• Therefore, label needs to be removed one hop prior to de-aggregation point in order to do normal IP packet forwarding at the last/Egress LSR

75

Outline

• Problems on the Internet• Solution to the problems: MPLS• How MPLS solves those problems• How MPLS works

– Packet forwarding & Label Switching– Label Distribution – Label Allocation Schemes

• Examples for IP routing vs. MPLS routing• MPLS-VPN

76

Virtual Private Network (VPN)

• An IP network infrastructure delivering private network services over a publicinfrastructure

• Traffic from a given enterprise or group passes transparently through an internet

• Segregated from other traffic on an internet• Performance guarantees• Security providing

77

The properties of VPN

• Use a layer 3 backbone• Scalability, easy provisioning• Global as well as non-unique private

address space• QoS• Controlled access• Easy configuration for customers

78

MPLS-VPN Terminology

• Provider Network (P-Network)– The backbone under a Service Provider’s control

• PE router– Provider Edge router. Part of the P-Network and

interfaces to Customer Edge routers • P router

– Provider (core) router, without knowledge of VPN

79

MPLS-VPN Terminology (cont.)

• Customer Network (C-Network)– Network under customer’s control

• CE router– Customer Edge router. Part of the C-network

and interfaces to a PE router

80

MPLS VPN Connection Model • PE routers use MPLS with P (core) routers

and plain IP with CE routers• PE and P routers share a common Interior

Gateway Protocol (e.g. ISIS or OSPF)• PE routers establish Border Gateway

Protocol (BGP) sessions between them • PE routers use BGP to exchange routing

information related to the connected sites and VPNs

81

MPLS VPN Connection Model

VPN_A

VPN_A

VPN_B10.3.0.0

10.1.0.0

11.5.0.0

P P

PP PE

PE CE

CE

CE

VPN_A

VPN_B

VPN_B

10.1.0.0

10.2.0.0

11.6.0.0

CEPE

PECE

CE

VPN_A10.2.0.0

CE

BGP sessions

82

MPLS Packet forwarding

• PE and P routers have BGP next-hop reachability through the backbone IGP

• Labels are distributed through LDP (hop-by-hop) corresponding to BGP Next-Hops

• Label Stack is used for packet forwarding– Top (left most) label indicates BGP Next-Hop

(interior label)– Second level label indicates outgoing interface

(exterior label)

83

MPLS Packet forwarding

• MPLS nodes forward packets based on the top label

• P routers do not have BGP as well VPN knowledge– No VPN routing information– No Internet routing information (outside

MPLS)

84

MPLS VPN Forwarding

T1 T7T2 T8T3 T9

T4 T7T5 TBT6 TBT7 T8

VPN_A

VPN_A

VPN_B10.3.0.0

10.1.0.0

11.5.0.0

P P

PP

PE4

CE

CE

CE

Data

<VPN_B,10.1> , BGP next hop PE1<VPN_B,10.2> , BGP next hop PE2<VPN_B,10.3> , BGP next hop PE3<VPN_A,11.6> , BGP next hop PE1<VPN_A,10.1> , BGP next hop PE4<VPN_A,11.5> , BGP next hop PE4<VPN_A,10.2> , BGP next hop PE2

<VPN_B,10.2> , BGP NH= PE2 , T2 T8

• Ingress PE3 receives normal IP Packets from CE router of VPN_B 10.3VPN_B 10.3

• PE3 router does “IP Longest Match” for VPN_B 10.2VPN_B 10.2 , find BGP next hop (i.e.PE2PE2) and impose a stack of labels:Exterior Label T2T2 + Interior Label T8T8

DataT8T2VPN_A

VPN_B

VPN_B

10.1.0.0

10.2.0.0

11.6.0.0

CE

PE1

PE2

CE

CE

VPN_A10.2.0.0

CE

PE3

85

MPLS VPN Forwarding

VPN_A

VPN_A

VPN_B10.3.0.0

10.1.0.0

11.5.0.0

P P

PPPE4

CE

CE

CE

T7T8T9TaTb

TuTwTxTyTz

T8, TA

T2 DataT8Data

T2 DataTB

outin /

VPN_A

VPN_B

VPN_B

10.1.0.0

10.2.0.0

11.6.0.0

CEPE1

PE2CE

CE

VPN_A10.2.0.0

CE T2 DataData

TAT2

PE3

• All Subsequent P routers do switch the packet solely on Interior Label

• Egress PE2 router removes Interior Label • Egress PE2 uses Exterior Label to select which VPN/CE

to forward the packet to• Exterior Label is removed and packet routed to VPN_B 10.2VPN_B 10.2’s CE router

86

Conclusions: MPLS Fundamentals• Based on label-swapping/switching

paradigm – Separate forwarding information (label) from the content of IP header

• As a packet enters an MPLS network, it is assigned a label based on its Forwarding Equivalence Class (FEC) – as determined at the edge of the MPLS network

• FECs are groups of packets forwarded over the same Label Switched Path (LSP)