intro to mpls - Cisco · MPLS VPN Terminology • Provider Network (P-Network) The backbone under control of a Service Provider • CE router Customer Edge router; Part of the customer

1Session NumberPresentation_ID © 2001, Cisco Systems, Inc. All rights reserved.

Introduction To MPLS Technologies

Steve Smith

Systems Engineer

[email protected]

MPLS VPNs © 2001, Cisco Systems, Inc. All rights reserved. 222

Agenda

• Market Drivers

• What is MPLS?

• MPLS VPNs

• Technologies for MPLS QOS

• MPLS Traffic Engineering

• Any Transport over MPLS AToM

• GMPLS


New World RequirementsNew World Requirements

Transport Services• Leased line, Frame Relay, ATM

(current business processes)Revenue

IP Connectivity Services• Internet• Intranet• Extranet

Growth

IP Valued-Added Services• Content hosting • Collaboration• Voice • Video

Profit


IP/VPN SLA requirements

cannot be met with today’s

technology!

IP/VPN SLA requirements

cannot be met with today’s

technology!

Customer PerspectiveCustomer Perspective

• Current Requirements

QoS

Privacy

Availability

Reliability

• New Requirements§Multiple service classes

§Multiple service options

§ATM, Frame Relay, Private IP, Public IP

§Multiple VPN options

§Lower-cost managed services

§Any-to-any connectivity

§Extranets, COINS (Community of Interest Networks)

§Seamless integration


The Solution: MPLS

A new paradigm that delivers the best of both worlds:

•Privacy and QoS of ATM and Frame Relay

•Flexibility and scalability of IP

Foundation for IP business services:

•Flexible grouping of users and value-added services

Low-cost managed IP services:

•Scalability—small to large private networks


What is MPLS?


MPLS – What is it ?

Inbox

What is MPLS?

•Multiprotocol Label Switching is an emerging IETF industry standard based on Cisco’s Tag Switchingsubmission

How does it work?

•Forwards packets based on labels

•Packets are switched, not routed PacketLabel

PacketLabel

PacketLabel

PacketLabel

http://www.ietf.org/html.charters/mpls-charter.html

http://search.ietf.org/internet-drafts/draft-rosen-rfc2547bis-03.txt

http://search.ietf.org/internet-drafts/draft-martini-l2circuit-trans-mpls-05.txt


MPLS: The Key Technology for IP Service Delivery (1 of 3)

• Network-based VPNs with MPLS:a foundation for value-added service delivery

Flexible user and service grouping (biz-to-biz)

Flexibility of IP and the QoS and privacy of ATM

Enables application and content hosting inside each VPN

Transport independent

Low provisioning costs enable affordable managed services

IPServices

IPServices

ATMServices

ATMServices

IP+ATM SwitchIP+ATM Switch

PNNIPNNI MPLSMPLS

IPIP• IP+ATM: MPLS brings IP and ATM together

Eliminates IP “over” ATM overhead and complexity

One network for Internet, Business IP VPNs, and transport



• Guaranteed Bandwidth ServicesCombine MPLS traffic engineering and QoS

Deliver point-to-point bandwidth guaranteed pipes

Leverage the capability of traffic engineering

Build solution like virtual leased line and toll trunking

• MPLS Traffic EngineeringProvides routing on diverse paths to avoid congestion

Better utilization of the network

Better availability using protection solution (Fast Reroute)



• IP+Optical: MPLS brings IP and Optical togetherEliminates IP “over” optical complexity

Uses MPLS as a control plane for setting up lightpaths (wavelengths)

One control plane for Internet, business IP VPNs, and optical transport

• Any Transport over MPLSTransport ATM, FR, Ethernet, PPP over MPLS

Provide services to existing installed base

Protect Investment in the installed gear

Leverage capabilities of the packet core

Combine with other packet-based services such as MPLS VPNs

FrameRelay

ATM

FrameRelay

IPServices

IPServices

OpticalServicesOptical

Services

IP+Optical SwitchIP+Optical Switch

O-UNIO-UNI MPLSMPLS

IPIP


MPLSHow Does It Work ?


MPLS Labels

Label HeaderPPP Header Layer 3 HeaderPPP Header(Packet over SONET/SDH)

Label HeaderMAC Header Layer 3 HeaderLAN MAC Tag Header

ATM Cell Header HEC

Label

DATACLPPTIVCIGFC VPI


Router Example: Distributing Routing InformationRouter Example: Distributing Routing Information


Router Example: Forwarding PacketsRouter Example: Forwarding Packets

Packets are forwarded on thebasis of IP address.


MPLS Example: Routing InformationMPLS Example: Routing Information


MPLS Example: Assigning LabelsMPLS Example: Assigning Labels


MPLS Example: Forwarding PacketsMPLS Example: Forwarding Packets


MPLSThe First Complete IP Solution

AnyAny--toto--Any ConnectivityAny Connectivity

Leased LinesLeased Lines

Frame Relay/Frame Relay/ATMATM

IPIP

MPLSMPLS

UserUserNN22

NN22

(logical)(logical)

NN

NN

NetworkNetworkNN22

NN22

(logical)(logical)

NN

NN

QoSQoSüü

üü

üü

PrivacyPrivacyüü

üü

üü

Low CostLow CostManagedManagedServicesServices

üü

MPLS is the MPLS is the first first solution that delivers on solution that delivers on allall the requirementsthe requirementsfor new world private IP networks.for new world private IP networks.


MPLS VPNs


Customer Connectivity Deployed on a Shared Infrastructure with the Same Policies as a Private Network

SP SharedNetwork

Virtual Private Network Defined

VPNVPN

Internet, Private IP, Frame Relay, ATM, MPLS

Internet, Private IP, Frame Relay, ATM, MPLS


MPLS VPN GoalsMPLS VPN Goals

• Provide Internet Protocol (IP) VPN service, on Layer 3 backbone network.

• Improve provisioning scalability for provider.

• Support IP class of service mechanisms.

• Support nonunique, private (RFC-1918) addressing in customer networks.

• Simplify routing configuration for customer.

• Support more complex connectivity than Layer 2 VPN:


MPLS VPN Terminology

• Provider Network (P-Network)The backbone under control of a Service Provider

• CE routerCustomer Edge router; Part of the customer network and interfaces to a PE router

• PE routerProvider Edge router; Part of the P-Network and interfaces to CE routers

• P routerProvider (core) router, without knowledge of VPN



• Route-Target64 bits identifying routers that should receive the route

• Route DistinguisherAttributes of each route used to uniquely identify prefixes among VPNs (64 bits)

VRF-based (not VPN-based)

• VPN-IPv4 addressesAddress including the 64 bits Route Distinguisher and the 32 bits IP address



• MP-BGP

Multi-Protocol extensions to BGP

• VRF

VPN Routing and Forwarding Instance

Routing table and FIB table

Populated by routing protocol contexts


Example VPN test1

A

B

C

D

test1

B

AC


A

R2

CE2

A

VPN Test1 Topology

R1 R4 R5

S/0/0

S/0/2 S/0/0

S/0/3S/0/0

CE1 PE1PE1 PE2PE2

1. Define VRFip vrf test1rd 100:1route-target export 100:1

S/0/0

interface Serial0/2ip vrf forwarding test1ip address 30.0.0.2 255.0.0.0

2. Assign to Interface


A

R2

CE2

A

VPN Test1 Privacy

R1 R4 R5

S/0/0

S/0/2 S/0/0

S/0/3S/0/0

CE1 PE1PE1 PE2PE2

S/0/0

How can these connections be kept private?C

PE2 imports only the unique route descriptor.

ip vrf test1route-target import 100:1

?

C

?


MPLS VPN MechanismsMPLS Forwarding

PE2PE1

CE1 CE2

IP

IP

IPVPN Label

P1 P2

IP IP

IPVPN Label

IGP Label (PE2)IGP Label (PE2)

IPVPN Label

IGP Label (PE2)IGP Label (PE2)


Security Aspects

• Controlled route distributionequivalent to Frame Relay networks

• VPNID cannot be spoofed• Options for additional security

IPsec or application-level encryption

http://www.mier.com/reports/cisco/MPLS-VPNs.pdf


Validating Cisco MPLS Based IP-VPN as a Secure Network

Security

Miercom independent testing confirmed Cisco MPLS VPN is secure:ü Customers network topology is not

revealed to the outside world

ü Customers can maintain own addressing plans and the freedom to use either public or private address space

ü Attackers cannot gain access into VPNs or Service Provider’s network

ü Impossible for attacker to insert “spoofed” label into a Cisco MPLS network and thus gain access to a VPN or the MPLS core

RED-Glascow2611

100.200.200.104

3.4.4.4

10.4.4.4

SER 5/0:0100.200.104.1

POS 1/0100.200.106.2

T1 FRdlci 102

eBGP AS72 T1 FRdlci 104RIP v2

Ser 3/0100.200.102.1

S iS i

SiSi

SER 1/0:0100.200.104.2

ATM2/0/0100.200.111.1

SER 1/0/1:0100.200.110.1

POS 2/1/0100.200.112.2

3.5.5.5

RED-Dover1750

100.200.200.10910.3.3.3

T1 FRdlci 109RIP v2T1 FR

dlci 110Static

10.3.3.3

DOVER7505

100.200.200.112

ATM1/0100.200.111.2

Ser 0100.200.109.2

BLUE-Dover2611

100.200.200.110 YELLOW-Dover3640

100.200.200.111

Ser 1/0100.200.110.2

Ser 5/0:0100.200.101.1

BLUE-Oxford1750

100.200.200.101

Ser 0100.200.101.2

T1 FRdlci 101

OSPF

10.4.4.4

pvc 0/11eBGP AS71

BLUE-Glascow3640

100.200.200.105

SER 1/0/0:0100.200.109.1

ATM1/0100.200.105.2

10.5.5.5

ATM 1/0100.200.105.1

pvc 1/1OS PF

OC3 POS

GLASCOW7206

100.200.200.106

OXFORD7206

100.200.200.103

LONDONGSR12008

100.200.200.107

POS 1/0100.200.103.1POS 1/1

100.200.106.1

POS 1/0100.200.112.1

POS 2/0100.200.110.1

OC3 POSOC3 POS

YELLOW-Oxford3640

100.200.200.102

Ser 0/0100.200.102.2

S iS i

POS 2/0100.200.103.2

Test Network Topology


Technologies For MPLS QOS


Leveraging Today’s IP QoS Solutions

TechnologyTechnology

IP PrecedenceIP Precedence

CommittedCommittedAccess RateAccess Rate(CAR)(CAR)

WREDWRED

CBWFQCBWFQor MDRRor MDRR

MPLSMPLS

FunctionFunction

•• prioritization (in IP header)prioritization (in IP header)•• indicates service classindicates service class•• packet classification by application, protocol, etc.packet classification by application, protocol, etc.•• sets precedencesets precedence•• bandwidth management:bandwidth management:

discard or change service classdiscard or change service class•• Weighted Random Early DetectionWeighted Random Early Detection•• congestion congestion avoidanceavoidance•• service class enforcementservice class enforcement•• Class Based Weighted Fair Queuing (7500)Class Based Weighted Fair Queuing (7500)•• Modified Deficit Round Robin (GSR)Modified Deficit Round Robin (GSR)•• queuing policies (e.g. latency)queuing policies (e.g. latency)•• IP+ATM QoS integrationIP+ATM QoS integration•• traffic engineeringtraffic engineering


Classification

VideoConferencing

BusinessApplications

Email,Web browsing,

Pointcast

GoldSilverBronze

Classifier

Application-level QoS andbandwidth management

Multiple Service Classes

IP Network


Policer / CAR

CustomerPremise

Backbone

Layer-3CAR Filter

• Layer-3 Input and Output Rate Limits• Aggregate and Granular Limits

Port, MAC address, IP address, application, precedence

• Token Bucket for Rate MeasurementAccommodates IP burstiness, no buffering/shaping

• Excess Burst Policies• Managed Packet Discard


Offered Load

Managed CongestionManaged CongestionManaged Congestion

Uncontrolled CongestionUncontrolled CongestionUncontrolled Congestion

Congestion Management Goals

• Maximize “Goodput” and Minimize Delay

• Scale to High-speed Nets• Fairness• Leverage TCP• Accommodate IP Burstiness• Preserve Traffic Classes• Avoid Global Synchronization

Throughput

The Problem of Congestion


RED Discard Policy

AverageQueue DepthMinimum

ThresholdMaximumThreshold

Probability of Packet Discard

AdjustableSlope

RED FIFO,TailDrop


WRED Service Profile Example

AverageQueue DepthStandard

MinimumThreshold

StandardMaximumThreshold

PremiumMaximumThreshold

StandardServiceProfile

PremiumServiceProfile

Probability of Packet Discard

Two Service Levels are Shown;

Up to SixCan Be Defined

AdjustableSlope

PremiumMinimumThreshold


50%

35%

15%

Gold

Silver

Bronze

Step 1:Define buffering

Step 2:Define bandwidth

LLQ/CBWFQQoS Guarantees and Bandwidth Efficiency

• Weights guarantee minimum bandwidth• Buffering controls latency• Unused capacity is shared amongst the other classes

proportional to their weights• Each queue can be separately configured for QoS (e.g. ABR)• Benefits:

maximize transport of paying trafficno loss of service class guaranteesno wasted bandwidth as with PVCs

Guaranteed: latency, deliveryGuaranteed: latency, delivery

Guaranteed: deliveryGuaranteed: delivery

Best effortBest effort


Source: Cisco Labs

VoIP Traffic—QoS Enabled

0

10

20

30

40

50

60

70

80

90

100

110

0

1

2

3

4

5

6

7

8

9

10

Timeline

Link Saturation

(%)

Quality (PSQM)

Congested

Lightly Loaded

HighQuality

LowQuality

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20

Network Load

Network Load

Quality without

QoS

Quality without

QoS

Quality with QoSQuality

with QoS


Applying QOS To MPLS/VPNsCE-CE

CBWFQ/MDRR/WRED

MDRR/WRED

CBWFQMDRR/WREDCAR/GTS

CAR CBWFQ/MDRR/WRED

CE PE P PE CE

IP PREC markedwith CAROn CE

MPLS EXP set at PE based on IP PREC

MPLS FramesQueued based on MPLS EXP values

IP Packetdelivered to customer withnew IP PREC value

IP packetsQueuedBased onIP PRECvalues

IP packetsQueuedBased onIP PRECvalues


MPLS Traffic Engineering


What Is Traffic Engineering?

Term in common use in telephone company voice network world

Measures, models, and controls traffic to achieve various goals

Provides an integrated approach to engineering traffic at Layer 3 in the Open System Interconnection reference model.


Reasons for Traffic Engineering

Unanticipated growth and shifts in traffic

Size of pipes

Links not available

Infrastructure doesn’t exist

Long lead times

Economics

Failure scenarios


Tunnel Attributes

• Dynamic—choose the constraint-based shortest path first tunnel

• Static—use the path specified

• Bandwidth—tunnel capacity

• Priority—high-priority tunnels may preempt lower-priority tunnels


Dynamic Example

• IGP metrics are used.• Result is constraint-based SPF.

Tunnel 1

Head

R4(config-if)#tunnel mpls traffic-eng path-option 1 dynamic

TailR1 R2R4 R5

R3


Explicit Path

• Tunnel 2 is created using an explicit route, R4 - R1 - R3 - R2- R5.

Tunnel 1

Tunnel 2

130 131

132 133

134

ip explicit-path name longpath enablenext-address 130.0.0.2next-address 132.0.0.2next-address 133.0.0.2next-address 134.0.0.2

tunnel mpls traffic-eng path-option 1 explicit name longpath

R1 R2R4 R5

R3


Assign Tunnel Bandwidth

1000 1000 1000

tunnel mpls traffic-eng bandwidth 1000

Tunnel 1

Notes:• Values shown indicate tunnel BW—units are Kbps.• This command initiates the reservation process.

HeadR1 R2R4 R5

R3


1000 750 1000

Tunnel BW Reservation Example

Head

RSVP SignalingRSVP Signaling

Tunnel 1

Note:• These values reflect the bandwidth

available from the BW reserved pool.

10001000

R1 R2R4 R5

R3


Any Transport over MPLSAToM


••Traditional L2VPNs are built with leased lines, virtual circuitsTraditional L2VPNs are built with leased lines, virtual circuitssuch as ATM such as ATM PVCsPVCs or FR or FR DLCIsDLCIs

••L2VPN can now be built using L2 transport mechanisms L2VPN can now be built using L2 transport mechanisms standardized by standardized by IETF’sIETF’s PWE3 working group (PWE3 working group (akaaka AToMAToM) )

••Similar to L3VPN service except that packet forwarding is Similar to L3VPN service except that packet forwarding is based on L2 information rather than L3 based on L2 information rather than L3

••L2 VPN is a service model for interconnecting multiple L2 VPN is a service model for interconnecting multiple customers sites using L2 circuits or L2 transports, taking into customers sites using L2 circuits or L2 transports, taking into consideration factors such as management, consideration factors such as management, QoSQoS, security, , security, provisioning, etcprovisioning, etc

L2VPN


AToM: Any Transport over MPLS

• AToM à Cisco’s term for martini compliant L2 transport of any or all of the following over MPLS

Ø Frame Relay

Ø VLAN based Ethernet (VC type 4)

Ø Port-based Ethernet (VC Type 5)

Ø Cisco-HDLC

Ø PPP

Ø ATM AAL5 PDU

Ø ATM cells (non AAL5 mode)


L2 Transport: AToM|<|<-------------------- ES:FR/Ether/ATM/PPP/HDLC ES:FR/Ether/ATM/PPP/HDLC -------------------->|>|

|<|<------------ PW:Emulated VC PW:Emulated VC ------------>|>||<|<---- FR FR ---->| >| EthernetEthernet

ATM/PPP/HDLCATM/PPP/HDLC

|<|<----FR FR ---->| >| EthernetEthernet

ATM/PPP/HDLCATM/PPP/HDLC

ES ES àà Emulated Services:Emulated Services: FR/Ether/ATM/PPP/HDLCFR/Ether/ATM/PPP/HDLC

Attachment VCAttachment VC (AVC)(AVC):: FR DLCI/Ethernet VLAN/ATM PVC/PPP/HDLCFR DLCI/Ethernet VLAN/ATM PVC/PPP/HDLC

PW PW àà PseudoPseudo--Wire: Emulated VC Wire: Emulated VC (EVC)(EVC):: MPLS LSPMPLS LSP

PSN PSN àà Packet Switched Network Packet Switched Network (Tunnel)(Tunnel):: MPLS LSP or RSVPMPLS LSP or RSVP--TETE

IP Network

MPLS Core

Attachment VC /Attachment VC /L2 circuitL2 circuit



Site1A

Site 2A

Attachment VC /Attachment VC /L2 circuit L2 circuit

PE1 Site1B

Site 2B

PE2

AToM Reference ModelAToM Reference Model

CE 1A

CE 2A

CE 1B

CE 2B

PSN Tunnel: MPLS TunnelPSN Tunnel: MPLS Tunnel

MPLS (LSP or RSVPMPLS (LSP or RSVP--TE)TE)


Generalized MPLSGMPLS


Unified Control Plane (UCP) Defined

E.g., Addressing, Routing, & SignalingE.g., Addressing, Routing, & Signaling

UCP provides a set of control functionsUCP provides a set of control functions

MetroDWDM

MetroSONET

CoreDWDMIP IP

Control Network

Generalized across disparate transport technologiesGeneralized across disparate transport technologies

UCP Key Capabilities Signaling Automated network provisioning

Traffic Engineering Optimized use of resources across all layers

Protection & Restoration Resource Efficient & configurable services


UCP Protocol TypesO-UNI and GMPLSO-UNI enables circuit/wavepath signaling and setup initiated by a client device. Topology and routing information are not exchanged across the user-to-network boundary.

GMPLS provides path signaling, setup and integrated routing. Protocols can be configured to represent how topology & routing information are shared to represent a wide range of models from overlay to peer.

CNUNI

GMPLS or Proprietary

12

4848

12 12OTN C

NUNI

GMPLS

MPLS/IP

O-UNI

Multi-Client

NNI

NNI


Questions?

Documents

intro to mpls - Cisco · MPLS VPN Terminology • Provider Network (P-Network) The backbone under control of a Service Provider • CE router Customer Edge router; Part of the customer