Môn chuyên đề - MPLS

7/28/2019 Mn chuyn - MPLS

1/31

1

MC LCDANH MC HNH V ................................................................................................................................ 3

DANH MC VIT TT .............................................................................................................................. 4

LI NI U ............................................................................................................................................... 7

Chng I: Tng quan v cng ngh MPLS ................................................................................................ 8

1.1. Gii thiu v chuyn mch a giao thc.............................................................................................. 8

1.2.Lch s pht trin v cc u im ca MPLS...................................................................................... 8

1.2.1. Cc li ch ca MPLS................................................................................................................... 9

1.2.2. c im vt tri ca MPLS so vi m hnh IP over ATM........................................................... 9

1.2.3. BGP - Free Core ......................................................................................................................... 10

1.2.4 Lung lu lng quang................................................................................................................ 11

1.3: Cng Ngh Chuyn Mch MPLS........................................................................................................... 121.3.1 Cu trc ca nt MPLS................................................................................................................... 12

1.3.1.1 Mt phng chuyn tip (Forwarding plane) ............................................................................ 12

1.3.1.2 Mt phng iu khin (Control Plane) .................................................................................... 17

1.3.2 Phn t v chc nng ca chng trong MPLS............................................................................... 18

1.3.2.1 LSR (label switch Router) ....................................................................................................... 18

1.3.2.2 LSP (label switch Path)............................................................................................................ 18

1.3.2.3 FEC (Forwarding Equivalence Class)..................................................................................... 18

1.3.3 Cc giao thc s dng trong MPLS................................................................................................. 18

1.3.3.1 Phn phi nhn ......................................................................................................................... 18

Chng II: Mng MPLS - VPN ................................................................................................................. 20

2.1.mng ring o VPN ............................................................................................................................. 20

2.1.1 Lch s pht trin ca VPN.................................................................................................................. 20

2.1.2 Phn loi.......................................................................................................................................... 20

2.1.3 Cc giao thc s dng trong mng ring o ................................................................................... 21

2.1.3.1 IP Security................................................................................................................................. 21

2.1.3.2 Giao thc ng hm im-im PPTP................................................................................... 21

2.1.3.3 Giao thc ng hm lp 2 L2TP............................................................................................ 22

2.2: Mng MPLS-VPN ................................................................................................................................ 23

2.2.1 Cc m hnh MPLSVPN ............................................................................................................... 23

2.2.1.1 M hnh V3VPN........................................................................................................................ 23


2/31

2

2.2.1.2 M hnh L2VPN........................................................................................................................ 24

2.2.2 Hot ng ca MPLS VPN....................................................................................................... 25

2.2.2.1 Truyn thng tin nh tuyn .................................................................................................. 25

2.2.2.2 a chVPNIP.................................................................................................................. 25

2.2.2.3 Chuyn tip gi tin VPN........................................................................................................ 28

TNG KT ................................................................................................................................................. 30

Mng vin thng th h sauTS. Nguyn Qu Minh Hin ............................................................ 31

Cng ngh chuyn mch MPLS - ThS. Hong Trng Minh ........................................................... 31


3/31

3

DANH MC HNH V

Chng I

Hnh 1.1. Mng li MPLS BGP free............................................................................................................ 10

Hnh 1.2. Non-Fully Meshed Overlay ATM Network.................................................................................. 11

Chng II


4/31

4

DANH MC VIT TT

ASIC Application Specific Intergrated

Circuits

Mch tch hp chuyn dng

ATM Asynchnorous Tranfer Mode Truyn dn khng ng b

AToM Any Transport over MPLS Truyn ti qua MPLS

BGP Border Gateway Protocol Giao thc cng bin

CE Custome Edge Bin pha khch hng

CEF Cisco Express Forwarding Chuyn tip nhanh ca Cisco

CoS Class of Service Cp dch v

CQ Custom Queue Hng i ty CR Constraint-based routing nh tuyn rng buc

DiffServ Differentiated Services Dch v khc bit

DSCP DiffServ Code Point M im dch v khc bit

DS-TE DiffServ-aware MPLS Traffic

Engineering

Cng nghiu khin lungMPLS quan tm ti DiffiServ

E-LSR Egress LER LER bin ra

FEC Forwarding Equivalency Class Lp chuyn tip tng ng

FTP File Tranfer Protocol Giao thc truyn file

GRE Generic Routing Encapsulation ng gi nh tuyn chung

HDLC High Data Link Control iu khin kt ni d liu tc cao

IETF Internet Engineering Task Force y ban t vn k thut Internet

IGP Interior Gateway Protocol Giao thc nh tuyn trong phmvi min

I-LSR Ingress LSR LSR bin vo

IntServ Integrated Services Dch v tch hp

IP Internet Protocol Giao thc Internet

IS-IS Intermediate System to

Intermediate System Protocol

Giao thc h thng trung gian tih thng trung gian

LAN Local Area Network Mng a phng


5/31

5

LDP Label Distribution Protocol Giao thc phn phi nhn

LER Label Edge Router Bnh tuyn nhn bin ra

LFIB Label Forwarding Information

Base

C sthng tin chuyn tip nhn

LIB Label Information Base Bng c sd liu nhn

LSP Label Switch Path Tuyn chuyn mch nhn

LSR Label Switch Router Bnh tuyn chuyn mch nhn

MAC Media Access Control iu khin truy nhp mi trng

MPLS Multiprotool Label Switching Chuyn mch nhn a giao thc

MP-

BGP

MPLS - border gateway Protocol a giao thc cong bin

OSPF Open Shortest Path First Giao thc OSPFOUI Organizationally Unique Identifier Nhn dng duy nht to chc

PE Provider Edge Bin nh cung cp

PPP Point-to-Point Protocol Giao thc im - im

PQ Priority Queue Hng i u tin

PVC Permanent Virtual Circuit Mch o cnh

QoS Quanlity of Service Cht lng dch v

RD Route Distinguisher B phn bit tuynRFC Request for comment Cc ti liu chun do IETF a ra

RSVP Resource Reservation Protocol Giao thc dnh sn ti nguyn

RT Route Targets Tuyn ch

SLA Service Level Agreements Tha thun cp dch v

SP Service Provider Nh cung cp

SVC Switch Virtual Connection Chuyn mch kt ni o

TCP Tranmission Control Protocol Giao thc iu khin truyn dn

TDP Tag Distribution Protocol Giao thc phn phi tag

TE Traffic Engineering K thut iu khin lu lng

TTL Time To Live Thi gian sng

UDP User Datagram Protocol Giao thc UDP

UNI User-to-Network Interface Giao din ngi dng ti mng


6/31

6

VC Virtual Channel Knh o

VCI Virtual Channel Identifier nh danh knh o

VoATM Voice over ATM Thoi qua ATM

VoIP Voice over IP Thoi qua IPVP Virtual Path Tuyn o

VPI Virtual Packet Indentifier nh danh gi o

VPN Virtual Pravite network Mng ring o


7/31

7

LI NI U

Cng vi s pht trin ca t nc, nhng nm gn y cc ngnh kinh t quc dnu pht trin mnh m, v ngnh cng nghip vin thng cng khng l ngoi l. Sngi s dng cc dch v mng tng ng k, theo don con sny ang tng theohm m. Ngy cng c nhiu cc dch v mi v cht lng dch vcng c yu cucao hn. ng trc tnh hnh ny, cc vn v mng bt u bc l, cc nh cung cpmng v cc nh cung cp dch vcng c nhiu n lc nng cp cng nh xydng h tng mng mi. Nhiu cng ngh mng v cng ngh chuyn mch c phttrin, trong s chng ta phi kn cng ngh chuyn mch nhn a giao thc MPLS.Cng ngh MPLS ( Multi Protocol Label Switching) c t chc quc t IETF chnhthc a ra vo cui nm 1997, pht trin nhanh chng trn ton cu.

Cng ngh mng ring o MPLS VPN a ra mt tng khc bit hon ton sovi cng ngh truyn thng, n gin ha qu trnh to ng hm trong mng ring o

bng c ch gn nhn gi tin (Label) trn thit b mng ca nh cung cp. Thay v phi tthit lp, qun tr, v u t nhng thit bt tin, MPLS VPN s gip doanh nghip giaotrch nhim ny cho nh cung cpn vc y nng lc, thit b v cng ngh bomt tt hn nhiu cho mng ca doanh nghip. Theo nh gi ca Din n cng nghOvum nm 2005, MPLS VPN l cng ngh nhiu tim nng, ang bc vo giai on

pht trin mnh m nhnhng tnh nng u vit hn hn nhng cng ngh truyn thng.MPLS VPN v ang dn thay th hon ton cc cng ngh mng truyn thng lchu v l tin tin ti mt h thng mng bng rng Mng th h mi NGN ( Next

Generation Network).


8/31

Tng quan v mng ring o VPN

8

Chng I: Tng quan v cng ngh MPLS

1.1. Gii thiu v chuyn mch a giao thcMPLS (Multiprotocol label switching) l mt cng ngh kt hp c im tt nht

gia nh tuyn lp ba v chuyn mch lp hai cho php chuyn ti cc gi rt nhanhtrong mng li (core) v nh tuyn tt mng bin (edge) bng cch da vo nhn (label).MPLS l mt phng php ci tin vic chuyn tip gi trn mng bng cch gn nhnvo mi gi IP, t bo ATM, hoc frame lp hai. Phng php chuyn mch nhn gipcc Router v cc b chuyn mch MPLS-enable ATM quyt nh theo ni dung nhn tthn vic nh tuyn phc tp theo a chIP ch. MPLS cho php cc ISP cung cp nhiudch v khc nhau m khng cn phi bi c sh tng sn c. Cu trc MPLS c tnhmm do trong bt k s phi hp vi cng ngh lp hai no.

MPLS h trmi giao thc lp hai, trin khai hiu qu cc dch v IP trn mt mng

chuyn mch IP. MPLS h trvic to ra cc tuyn khc nhau gia ngun v ch trnmt ng trc Internet. Bng vic tch hp MPLS vo kin trc mng, cc ISP c thgim chi ph, tng li nhun, cung cp nhiu hiu qu khc nhau v t c hiu qucnh tranh cao.

c im mng MPLS:- Khng c MPLS API, cng khng c thnh phn giao thc pha host.- MPLS ch nm trn cc router.- MPLS l giao thc c lp nn c th hot ng cng vi giao thc khc IP nh IPX,ATM, Frame Relay,...

- MPLS gip n gin ho qu trnh nh tuyn v lm tng tnh linh ng ca cc tngtrung gian.

1.2. L ch spht tr in v cc u im ca MPLS

Cc giao thc trc MPLS:Trc MPLS, giao thc WAN ph bin nht l ATM v Frame relay. Nhng mng

WAN c chi ph hiu quc xy dng t nhiu giao thc khc nhau. Cng vi vicbng n mng Internet, IP tr thnh giao thc ph bin nht. IP khp mi ni. VPNc to ra qua nhng giao thc WAN ny. Khch hng thu nhng kt ni ATM v kt

ni Frame relay hoc s dng knh truyn s liu (knh thu ring) v xy dng mngring ca htrn . Bi v nhng bnh tuyn ca nh cung cp cung cp dch vlp2 ti bnh tuyn lp 3 ca khch hng. Nhng kiu mng nh vy c gi l mngoverlay. Hin nay mng Overlay vn c s dng nhng rt nhiu khch hng bt us dng dch v MPLS VPN.


9/31


9

1.2.1. Cc li ch ca MPLS

Nhng li ch ca vic s dng MPLS trong mng bao gm:- Vic s dng h tng mng thng nht- u im vt tri so vi m hnh IP over ATM- Giao thc cng bin (BGP) - li t do- M hnh peer to peer cho MPLS VPN- Chuyn lu lng quang- iu khin lu lng

1.2.2. c im vt tri ca MPLS so vi m hnh I P over ATM Stch hp: MPLS xc nhp tnh nng ca IP v ATM ch khng xp chng lp IP

trn ATM.

tin cy cao hn: Vi c s h tng ATM, MPLS c th kt hphiu qu vinhiu giao thc nh tuyn IP over ATM thit lp mt mng li (mesh) dch v cngcng gia cc router xung quanh mt m my ATM.

Trc tip thc thi cc loi dch v:MPLS s dng hng i v bm ca ATM cung cp nhiu loi dch v khc nhau. N h trquyn u tin IP v cp dch v CoStrn chuyn mch ATM m khng cn chuyn i phc tp sang cc lp ATM ForumService.

Htrhiu qu cho Mul icast vRSVP: Khc vi MPLS, xp lp IP trn ATM nysinh nhiu bt li, c bit trong vic h trcc dch v IP nh IP muticast v RSVP (giaothc dnh trc ti nguyn). MPLS h trcc dch v ny, k tha thi gian v cng vic

theo cc chun v khuyn khch to nn nh x xp x ca cc c trng IP & ATM So lng vqun l VPN:MPLS c thtnh c cc dch v IPVPN v rt d

qun l cc dch v VPN quan trng cung cp cc mng IP ring trong c sh tngca n. Khi mt ISP cung cp dch v VPN h trnhiu VPN ring trn mt c sh tngn.Vi mt ng trc MPLS, thng tin VPN chc x l ti mt im ra vo. Ccgi mang nhn MPLS i qua mt ng trc v n im ra ng ca n. Kt hp MPLSvi MP- BGP (a giao thc cng bin) to ra cc dch v VNP da trn nn MPLS(MPLS-based VNP) d qun l hn vi siu hnh chuyn tip qun l pha VNP vcc thnh vin VNP, dch v MPSL-based VNP cn c th mrng h trhng trm

nghn VPN. Gim ti trn mng li:Cc dch vVPN hng dn cch MPLS h trmi thng

tin nh tuyn phn cp. Hn na, c th tch ri cc nh tuyn Internet khi li mngcung cp dch v. Ging nh d liu VPN, MPSL ch cho php truy sut bng nh tuynInternet ti im ra vo ca mng. Vi MPSL, k thut lu lng truyn bin ca ASc gn nhn lin kt vi im tng ng. S tch ri ca nh tuyn ni khi nh


10/31


10

tuyn Internet y cng gip hn ch li, n nh v tng tnh bo mt.

Khnng iu khin lu lng: MPLS cung cp cc khnng iu khin lu lng sng dng hiu qu ti nguyn mng. K thut lu lng gip chuyn ti t cc phnqu ti sang cc phn cn ri ca mng da vo im ch, loi lu lng, ti, thi gian,...

1.2.3. BGP - F ree CoreKhi mng IP ca nh cung cp dch v phi chuyn tip lu lng, mi b nh

tuyn phi tm kim a ch ch ca gi. Nu nhng gi c gi ti ch nm ngoimng ca nh cung cp ny, nhng tin t IP ngoi phi c th hin trong bng nhtuyn ca mi bnh tuyn. BGP mang tin tngoi nh l tin t ca khch hng haytin tInternet. C ngha l tt c cc bnh tuyn trong mng nh cung cp dch v phichy BGP. Tuy nhin, MPLS cho php chuyn tip nhng gi da trn tm kim nhn hnl tm kim a ch IP. MPLS cho php mt nhn c kt hp vi mt bnh tuyn vohn l vi a chIP ch ca gi.

Mt bnh tuyn ti bin ca mng MPLS vn cn xem xt (look at) a ch IP chca gi v do vn cn phi chy BGP. Mi tin t BGP trn nhng b nh tuynMPLS ra c mt a ch IPbc nhy tip theo BGP kt hp vi n. a ch IPbc nhytip theo BGP l mt a ch IP ca bnh tuyn MPLS vo. Nhn kt hp vi gi IP lnhn m kt hp vi a ch IPbc nhy tip theo BGP. Bi v tt c cc bnh tuynli chuyn tip gi da trn nhn MPLS c gn m kt hp vi a ch IP bc nhytip theo BGP, mi a ch IPbc nhy tip theo BGP ca bnh tuyn MPLS vo phic tt c nhng bnh tuyn li bit n. Bt k giao thc nh tuyn cong trong (nhgiao thc OSPF hoc IS-IS) c th thc hin nhim v ny.

Hnh 1.1. Mng li MPLS BGP free


11/31


11

Hin nay tt c cc bnh tuyn trong mng li ang thc hin chuyn tip nhnggi c gn nhn, khng phi tm kim a chIP, do chng ta phn no b bt ccc gnh nng chy BGP.

1.2.4 Lung lu lng quang

V chuyn mch ATM hoc Frame Relay ch n thun Lp 2, nhng b nhtuyn kt ni qua chng bi cc knh o c to ra gia chng. i vi bt k mt bnh tuyn chuyn lu lng trc tip ti mt bnh tuyn khc ti bin, mt knh osc to ra thang gia chng. Vic to ra nhng knh o bng tay ny hng nhmchn. Trong bt ktrng hp ny, nu yu cu kt ni any - to - any gia cc site, cnthit phi c mesh y ca nhng knh o gia cc site, iu ny lm tng tnh cngknh mng v tng chi ph. Nu cc site ch kt ni vi nhau nh hnh 1.2 lu lng tCE1 ti CE3 phi i qua CE2 trc:

Kt qu l lu lng qua mng ng trc ATM hai ln v i ng vng qua bnh tuyn CE2. Khi s dng MPLS VPN nh a ra trong phn trc, lu lng trctip - do ti u - gia tt c cc kt cui khch hng. i vi lu lng di chuynti u gia cc kt cui trong trng hp ca m hnh overlay VPN, tt c cc kt cui

phi c kt ni vi nhau, do yu cu c thit k dng mesh y ca cc ng ktni hoc cc knh o.

Hnh 1.2. Non-Fully Meshed Overlay ATM Network


12/31


12

1.3: Cng Ngh Chuyn Mch MPLS

1.3.1 Cu trc ca nt MPLS

Mt nt ca MPLS c hai mt phng: mt phng chuyn tip MPLS v mt phng

iu khin MPLS. Nt MPLS c th thc hin nh tuyn lp ba hoc chuyn mch lphai. Hnh sau m t cu trc cbn ca mt nt MPLS

Hnh 1.3 Cu trc mt nt MPLS

1.3.1.1 Mt phng chuyn tip (Forwarding plane)Mt phng chuyn tip c trch nhim chuyn tip gi da trn gi tr cha trong

nhn. Mt phng chuyn tip s dng mt cs t hng tin chuyn tip nhn LFIB chuyn tip cc gi. Thut ton m c s dng bi phn t chuyn tip chuyn mchnhn s dng thng tin cha trong LFIB nh l cc thng tin cha trong gi tr nhn. Mint MPLS c hai bng lin quan n vic chuyn tip l: cs thng tin nhn LIB vLFIB. LIB cha tt ccc nhn c nt MPLS cc bnh du v nh x ca cc nhnny n cc nhn c nhn t lng ging (MPLS neighbor) ca n. LFIB s dng mttp con cc nhn cha trong LIB thc hin chuyn tip gi.

Nhn M PLSMt nhn MPLS l mt trng 32 bit cnh vi cu trc xc nh. Nhn c dng

xc nh mt FEC.i vi ATM, nhn c t choc l trng VCI hoc l VPIca mo u ATM. Tuy nhin, nu l khung trong Frame Relay, nhn li c t trng DLCI ca mo u Frame Relay.


13/31


13

Hnh 1.4 Cu trc ca nhn MPLS

Vic h trcho mo u m yu cu bnh tuyn gi c mt ng dn chcho bnh tuyn nhn bit rng khung ny cha mt mo u chn thm. Cc k thutkhc nhau s dng cc cch khc nhau. Ethernet s dng gi tr ethertype 0x8848 v0x8847 ch s c mt ca mo u chn thm. Gi trEthertype 0x8847 c s dng ch ra rng mt khung ang mang gi unicast MPLS, v gi tr ethertype 0x8848 ch rarng khung ang mang gi multicast MPLS. Token ring v FDDI cng sdng gi tr loiny nh l mt phn ca mo u SNAP.

PPP s dng mt Chng trnh iu khin mng c chnh sa (NCP Network

Control Program) c bit n nh l giao thc iu khin MPLS (MPLS CP) v nhdu tt c nhng gi cha mt mo u chn thm vi 0x8281 trong trng giao thcPPP. Frame Relay s dng ID giao thc lp mng SNAP (NLP ID NetworkLayerProtocol) v m u SNAP c nh du vi gi tr dng 0x8847 theo ch ra khungang mang mo u chn thm. ATM s dng mo u SNAP vi gi tr ethertype dang0x8847 v 0x8848.

Nhn MPLS cha cc trng sau: Trng nhn (label field): 20 bit u l gi tr ca nhn. Gi tr ny nm trong khont 0 n 220-1 hoc 1048575. Tuy nhin, 16 gi tr u tin khng c dng sdng; n c s dng vi nhng ngha c bit.

Cc bit t20 n 22 l 3 bit thc nghim(EXPexperimental). Nhng bit ny chc s dng trong cht lng ca dch v(QoS); khi cc gi MPLS xp hng c thdng cc bit EXP tng t nh cc bit IP u tin (IP Precedence). Ch : Nhng bitc t tn l thc nghim l c l do lch s. Trong qu kh, khng ai bit cch sdng nhng bit ny.


14/31


14

Trng ngn xp(stack field): 1 bit, bit 23 l bit cui ca ngn xp. Bit ny sclp l 1 khi y l nhn cui cng ca ngn xp, cn i vi cc nhn khc n l 0 (bitBoS). Chng nhn l s tp trung ca nhng nhn m c t pha trn ca gi. Chngnhn c th ch gm 1 nhn, hoc nhiu nhn. S lng cc nhn (y l trng 32 bit)

m ta c th tm thy trong ngn xp l v hn, mc d ta t khi nhn thy mt ngn xpc bn nhn hoc hn.

Trng TTL: Bit th24 n 31 l 8 bit s dng lm bit thi gian sng (Time to liveTTL). Nhng TTL ny c chc nng ging nhTTL trong IP header. N c tng ln1 sau mi bc nhy, v chc nng chnh ca n l trnh mt gi b mc kt trong vnglp nh tuyn. Nu vng nh tuyn xy ra v khng c TTL, th vng lp gi l mimi. Nu TTL ca mt nhn v 0 th gi s b loi b.

Cc loi nhn c bit Untagged:gi MPLS n c chuyn thnh mt gi IP v chuyn tip n ch. Nc dng trong thc thi MPLS VPN. Nhn Implicit-null hay POP:Nhn ny c gn khi nhn trn (top label) ca giMPLS n bbc ra v gi MPLS hay IP c chuyn tip ti trm k xui dng. Gi trca nhn ny l 3 (trng nhn 20 bit). Nhn ny c dng trong mng MPLS chonhng trm k cui.

Nhn Explicit-null:c gn gi gi tr EXP cho nhn trn (top label) ca gin. Nhn trn c hon i vi gi tr 0 v chuyn tip nh mt gi MPLS ti trm kxui dng. Nhn ny s dng khi thc hin QoS vi MPLS.

Nhn Aggregate: Vi nhn ny, khi gi MPLS n n bbc tt c nhn trong chngnhn ra trthnh mt gi IP v thc hin tra cu trong FIB xc nh giao tip ngra cho n.

Hnh 1.5 Cc loi nhn c bit


15/31


15

Ngn xp nhn

Nhng bnh tuyn MPLS tt (capable) cn nhiu hn 1 nhn trn mi gi nh tuyn gi ny trong mng MPLS. Vic ny c thc hin bi vic t nhn trongmt ngn xp. Nhn u tin trong ngn xp c gi l nhn nh v nhn cui cngc gi l nhn y. gia ta c th c nhiu nhn.

Hnh 1.6Ngn xp nhn

Nhng ng dng thc t ca MPLS cn nhiu hn 1 nhn trong ngn xp nhn chuyn tip nhng gi c gn nhn. Hai v dng dng ca MPLS l MPLS VPN vAToM. C hai ng dng trn ca MPLS u t hai nhn rong ngn xp. Trong cc giMPLS cbn, nhn trn cng xut hin ngay sau mo u lp kt ni, v nhn cui cngxut hin ngay trc mo u lp mng. Gi chuyn tip c thc hin cng vi vic sdng gi tr nhn ca nhn trn cng trong ngn xp. Tuyn IP unicast khng s dngngn xp nhn, nhng MPLS VPN v iu khin lu lng li s dng ngn xp nhn.

M ha MPLSNgn xp t trc gi lp 3 trc header ca giao thc vn chuyn, nhng sau

header ca lp 2. Ngn xp MPLS thng c gi l header m bi v tr ca n.C nhiu kiu ng gi m lp 2 c thp ng hoc lin kt c c s h trca

Cisco IOS nh: PPP, HDLC, Ethernet ... Git hit rng giao thc truyn ti l IPv4, vphng thc ng gi ng link l PPP, lu trnhn hin nay l sau header PPP nhngtrc header IPv4. Bi v ngn xp nhn trong khung Lp 2 c t trc header caLp 3 hoc nhng giao thc truyn ti khc, ta c th c nhng gi tr mi trong trnggiao thc lp kt ni d liu, nhng gi tr ny chra c phn tip theo ca header lp 2sl gi c dn nhn MPLS. Trng giao thc lp kt ni d liu l mt gi tr ch ra

loi ti m khung lp 2 truyn i. Bng 2-1 ch ra tn v gi tri vi trng nhn dnggiao thc (Protocol IdentifierPI) trong header lp 2 i vi cc loi ng gi lp 2 khcnhau.


16/31


16

Bng 1.1 Gi trxc nh giao thc MPLS cho cc dng ng gi lp 2

Csthng tin chuyn tip nhn (L F IB)

LFIB c duy tr bi mt nt MPLS cha mt chui cc entry (mc nhp).Nhhnh di y, mi ng nhp vo cha mt nhn ti v mt hoc vi mc ph. LFIBc lp bng cha cc gi tr trong nhn ti.

Hnh 1.7 Cu trc ca LFIB

Mt nt MPLS c th duy tr mt bng chuyn tip n, mt bng chuyn tip trnmi giao din ca n hoc l kt hp c hai. Trong trng hp c nhiu bng chuyn tip,chuyn tip gi c thc hin bi gi tr ca nhn ti cng nh giao din vo m gi n.


17/31


17

Thut ton chuyn tip giChuyn mch nhn s dng thut ton chuyn tip da trn vic trao i nhn. Nt

MPLS m duy tr mt LFIB n ly gi tr nhn tt rng nhn tm thy trong gi ti vsd ng gi tr ny nh ch s trong LFIB. Sau khi mt nhn ti match (khp) c tmthy, nt MPLS thay th nhn ny trong gi vi mt nhn ra t mc ph v gi gi qua

giao din ra c th ti nt tip c th theo bi mc ph. Nu mc ph ch ra mt hng ira, nt MPLS t gi trong hng i c th.

Nu nt MPLS duy tr nhiu LFIB cho mi giao din ca n, n s dng giao dinvt l ni gi n chn mt LFIB c th phc v chuyn tip gi. Thng thng,thut ton chuyn tip s dng nhiu loi thut ton c huyn tip unicast, multicast vgi unicast vi bit ToS c thit lp. Tuy nhin, MPLS ch s dng mt thut tonchuyn tip da trn trao i nhn.

Mt nt MPLS c th ly ra tt c thng tin n cn chuyn tip nhn cng nhxc nh ti nguyn dnh ring cn thit bng vic truy nhp b nhn. Tra cu tc cao v khnng chuyn tip lm cho chuyn mch nhn (label switching) thnh k thut

chuyn mch c tnh thc thi cao. MPLS cng c thc s dng vn chuyn giaothc Lp 3 khc nh IPv6, IPX hoc Apple Talk tIPv4. c tnh ny gip MPLS c thtng thch tt vi vic chuyn i cc mng t IPv4 sang IPv6.

1.3.1.2 Mt phng iu khin (Control Plane)

Mt phng iu khin MPLS chu trch nhim to ra v lu tr LFIB. Tt c cc ntMPLS phi chy mt giao thc nh tuyn IP trao i thng tin nh tuyn IP vi ccnt MPLS khc trong mng. Cc nt MPLS enable ATM s dng mt biu khin nhn(LSC Label Switch Controller) nhrouter 7200, 7500 hoc dng mt m un x ltuyn (RMPRoute Processor Module) tham gia xl nh tuyn IP.

Nhng nhn trao i vi cc nt MPLS lin kc s dng xy dng LFIB.MPLS s dng mt m hnh chuyn tip da trn trao i nhn m c thc kt ni vimt phm vi cc module iu khin khc nhau. Mi module iu khin chu trch nhimnh du, phn phi mt tp cc nhn, cng nh chu trch nhim d tr thng tin iukhin khc c lin quan. Cc giao thc cng nh tuyn trong phm vi min IGP cdng xc nhn khnng n c, s lin kt v nh x gia FEC v a ch trmk(next-hop address).

Thng tin lin kt nhn chc phn phi gia cc router ni trc tip vi nhaubng cch dng giao thc phn phi LDP.

Cc m un iu khin MPLS gm: nh tuyn Unicast (Unicast Routing) nh tuyn Multicast (Multicast Routing) K thut lu lng (Traffic Engineer) Mng ring o (VPNVirtual private Network) Cht lng dch v(QoSQuality of Service)


18/31


18

Hnh 1.8 Cc thnh phn mt phng dliu v mt phng iu khin ca MPLS

1.3.2Phn t v chc nng ca chng trong MPLS

1.3.2.1 LSR (label switch Router)

Thnh phn c bn ca mng MPLS l thit b nh tuyn chuyn mch nhn LSR.Thit b ny thc hin chc nng chuyn tip gi thng tin trong phm vi mng MPLS

bng th tc phn phi nhn. l kh nng cn thit hiu c nhn MPLS, nhn vtruyn gic gn nhn trn ng lin kt d liu.1.3.2.2 LSP (label switch Path)

ng chuyn mch nhn l mt tp hp cc LSR m chuyn mch mt gi c nhnqua mng MPLS hoc mt phn ca mng MPLS. Vc bn, LSP l mt ng dn quamng MPLS hoc mt phnmng m gi i qua. LSR u tin ca LSP l mt LSR vo,

ngc li LSR cui cng ca LSP l mt LSR ra. Tt ccc LSR gia LSR vo v rachnh l cc LSR trung gian.

1.3.2.3 FEC (Forwarding Equivalence Class)

Lp chuyn tip tng ng (FEC) l mt nhm hoc lung cc gi c chuyntip dc theo cng mt tuyn v c xl theo cng mt cch chuyn tip. Tt c cc gicng thuc mt FEC s c nhn ging nhau. Tuy nhin, khng phi tt c cc gi c cngnhn u thuc cng mt FEC, bi v gi tr EXP ca chng c th khc nhau; phngthc chuyn tip khc nhau v n c th ph thuc vo FEC khc nhau.

1.3.3 Cc giao thc sdng trong MPLS

1.3.3.1 Phn phi nhn

Nhn u tin c gn trn mt LRS vo v nhn ny sthuc mt LSP. Tuyn ica giqua mng MPLS c quy nh (bound) bi mt LSP. S thay i chnh trongqu trnh chuyn tip l nhn trn cng trong ngn xp nhn c trao i ti mi bc


19/31


19

nhy. LSR vo sgn mt hoc nhiu nhnln gi. LSR trung gian sthc hin vic traoi nhn trn cng (nhn i vo) ca gi nhn c (gi c gn nhn) vi mt nhnkhc (nhn i ra) v truyn gi trn ng kt ni ra. LSR ra ca LSP sly ton b nhnca LSP ny v chuyn tip gi.

Giao thc phn phi nhn c nhm nghin cu MPLS ca IETF xy dng v ban

hnh di tn RFC 3036. Phin bn mi nht c cng bnm 2001 a ra nhng nhngha v nguyn tc hot ng ca giao thc LDP. Giao thc phn phi nhn c sdng trong qu trnh gn nhn cho cc gi thng tin yu cu. Giao thc LDP l giao thciu khin tch bit c cc LSR s dng trao i v iu phi qu trnh gnnhn/FEC. Giao thc nyl tp hp cc thtc trao i cc bn tin cho php cc LSR sdng gi trnhn thuc FEC nht nh truyn cc gi thng tin.

Hnh 1.9 Quan h gia LDP vi cc giao thc khc

Giao thc truyn ti tin cyVic quyt nh sdng TCP truyn cc bn tin LDP l mt vn cn xem xt.

Yu cu v tin cy l rt cn thit: nu vic lin kt nhn hay yu cu lin kt nhnc truyn mt cch khng tin cy th lu lng cng khng c chuyn mch theonhn. Mt vn quan trng na l thtcc bn tin phi bo m ng. Nhvy liuvic sdng TCP truyn LDP c bo m hay khng v c nn xydng lun chcnng truyn ti ny trong bn thn LDP hay khng?

Thit kmt giao thc truyn ti tin cy l mt vn nan gii. c rt nhiu cgng ci thin TCP nhm lm tng tin cy ca giao thc truyn ti. Tuy nhin vnhin nay vn cha r rng v TCP vn c sdng cho truyn ti LDP.


20/31


20

Chng II: Mng MPLS - VPN

2.1 Mng r ingo VPNVPN l mt cch m phng mng ring trn mt mng cng cng nh Internet. N

c gi l o bi v n ph thuc vo vic s dng cc kt ni o, l nhng kt ni

tm thi gm cc gi c nh tuyn trn nhiu my tnh trn Internet theo mt cu trcc bit. Cc kt ni o m bo an ninh c thit lp gia cc my tnh, gia cc mng,gia mng v my tnh.

2.1.1 L ch spht tr in ca VPN

VPN khng phi l cng ngh mi. Khi nin u tin vVPN c AT&T a rakhong cui thp nn 80. VPN c bit n nh l mng c nh ngha bng phnmm (software defined network -SDN). SDN l mng WAN vi khong cch xa n cthit lp dnh ring cho ngi dng. SDN da vo c sd liu truy nhp phn loi

truy nhp vo mng gn hoc t xa. Da vo thng tin gi d liu sc nh tuyn tich thng qua c sh tng cho mch cng cng.

Th h th 2 ca VPN cng xut hin vi sra i ca X25 v ISDN vo u thpk 90 .Trong mt thi gian giao thc X25 qua mng ISDN c thit lp nh l mt giaothc ca VPN, tuy nhin t l sai s trong qu trnh truyn dn vt qu s cho php. Do th h th 2 ca VPN nhanh chng b lng qun trong mt thi gian ngn. Sau th thh th 2 thtrng VPN b chm li cho n khi cng ngh Frame Relay v cng nghATM ra ith h th 3 ca VPN da trn 2 cng ngh ny.Nhng cng ngh ny datrn khi ni

n chuy

n m

ch knh

o.

Trong thi gian gn y thng mi in t tr thnh mt phng thc thngmi hu hiu, nhng yu cu ca ngi s dng VPN cng r rng hn. Ngi dngmong mun mt gii php m c th ddng c thc hin, thay i, qun tr, c khnng truy cp ton cu v c khnng cung cp bo mt mc cao, tu cui nu cui .Th h gn y ca VPN l IP-VPN p ng c tt c nhng yu cu ny

bng cch s dng cng nghng hm.

2.1.2 Phn loi

C ba loi ph bin hin nay l VPN truy cp t xa (Remote-Access ) v VPN im-ni-im (site-to-site) v Firewall-Based VPNs

Remote Access VPN m t vic cc ngi dng xa s dng cc phn mm VPN truy cp vo mng Intranet ca cng ty thng qua gateway hoc VPN concentrator (bncht l mt server). V l do ny, gii php ny thng c gi l client/server. Trong


21/31


21

gii php ny, cc ngi dng thng thng s dng cc cng ngh WAN truyn thng to li cc tunnel v mng HO ca h.

VPN im-ni-im l vic s dng mt m dnh cho nhiu ngi kt ni nhiuim cnh vi nhau thng qua mt mng cng cng nh Internet. Loi ny c th da

trn Intranet hoc Extranet.Firewall-based VPN l gii php trong doanh nghip s qun l firewall v ttrin khai VPN hoc nh cung cp dch v s cung cp cc tnh nng firewall nngcao h trVPN.

2.1.3 Cc gi ao thc sdng trong mng r ingo

2.1.3.1 IP Secur i ty

c pht trin bi IETF, IPSec l tiu chun m truyn thng tin an ton xc

nhn ngi s dng h thng mng cng cng. y l giao thc hot ng lp mng,cung cp cc dch v bo mt, nhn thc, ton vn d liu v iu khin truy cp. N lmt tp hp cc tiu chun mlm vic cng nhau gia cc phn thit b. IPSec cho phpthit lp mt ng ngm bo mt gia hai mng ring v nhn thc hai u ca ngngm ny. Cc thit b gia hai u ng ngm c th l mt cp host, hoc mt cpcng bo mt (c th l router, firewall, b tp trung VPN) hoc mt cp thit b gm mthost v mt cng bo mt. ng ngm ng vai tr nh mt knh truyn bo mt v ccgi d c th truyn mt cch an ton thng qua ng hm. Cc gi tin truyn trongng ngm c khun dng ging nh cc gi tin bnh thng khc v khng lm thay

i cc thit b, kin trc cng nh nhng ng dng hin c trn mng trung gian, qua cho php gim ng kchi ph trin khai v qun l.

Hot ng ca IPSec mc c bn i hi phi c cc phn chnh sau:- Lin kt bo mt SA (Security Association)- Xc thc tiu AH(Authentication Header)- Bc gi bo mt ti ESP (Encapsulating Security Payload)- Ch lm vic

2.1.3.2 Giao thc ng hm im-im PPTP

c pht trin bi Microsoft, 3COM v Ascend Communications. N c xut thay th cho IPSec. PPTP thi hnh phn lp 2 (Data Link) trong m hnh OSI vthng c s dng trong truyn thng tin hiu hnh Windows.


22/31


22

Giao thc ng hm im - im PPTP c xy dng da trn chc nng caPPP, cung cp khnng quay s truy cp t xa, to ra mt ng hm bo mt thng quaInternet n site ch. PPTP s dng phin bn giao thc GRE ng v tch gi PPP.

Hnh 2.1 Kin trc ca PPTP

Sau khi PPP thit lp kt ni, PPTP s dng cc quy lut ng gi ca PPP ngcc gi truyn trong ng hm.

Sau khi ng hm c thit lp th d liu ngi dng c truyn gia client vmy ch PPTP. Cc gi PPTP cha cc gi d liu IP. Cc gi d liu c ng gi bitiu GRE, s dng s ID ca Host cho iu khin truy cp, ACK cho gim st tc d liu truyn trong ng hm.

2.1.3.3 Giao thc ng hm lp 2 L2TP

c pht trin bi h thng Cisco nhm thay th IPSec. Tin thn ca n l Layer 2Forwarding (L2F), c pht trin truyn thng tin an ton trn mng Internet nhng bthay th bi L2TP v LT2P c khnng m ha d liu tt hn v c khnng giao tipvi Windown. L2TP l s phi hp ca L2F) v PPTP. Thng c s dng m hacc khung Point-to-Point Protocol (PPP) gi trn cc mng X.25, FR, v ATM.

L2TP c thc s dng lm giao thc ng hm cho mng VPN im-niimv VPN truy cp t xa. Trn thc t, L2TP c th to ra mt ng hm gia my khchv router, NAS v router, router v router.


23/31

23

2.2: Mng MPLS-VPN

2.2.1 Cc m hnh MPLSVPN

Hin nay c hai m hnh trin khai mng ring o trn nn MPLS ph bin l mng

ring o lp 3 (L3VPN) v mng ring o lp 2 (L2VPN). Sau y s gii thiu nhngc im chnh ca hai m hnh ny.

2.2.1.1 M hnh V3VPN

Kin trc mng ring o L3VPN c chia thnh hai lp, tng ng vi cc lp 3 vlp 2 trong m hnh OSI. L3VPN da trn RFC 2547 bits, m rng mt s c tnh c bnca giao thc cng bin BGP (Border Gateway Protocol) v tp trung vo hng a giaothc ca BGP nhm phn b cc thng tin nh tuyn qua mng li ca nh cung cp dchv cng nh l chuyn tip cc lu lng VPN qua mng li.

Trong kin trc L3VPN, cc b nh tuyn khch hng ca nh cung cp c coi lcc phn t ngang hng. B nh tuyn bin khch hng CE cung cp thng tin nh tuynti b nh tuyn bin nh cung cp PE. PE lu cc thng tin nh tuyn trong bng nhtuyn v chuyn tip o VRF. Mi khon mc ca VRF tng ng vi mt mng khchhng v hon ton bit lp vi cc mng khch hng khc.

VPN A

VPN B

Bng VRF VPN A

Bng VRF VPN B

Bng nh tuyn

Gi IP Nhn LSPNhn VRF Gi IP Gi IP

CE

CE

PE

P

P

P

PE

P

PE

Mng MPLS cung cp dch v

Bng VRF VPN A

Bng nh tuyn

Bng VRF VPN B

Bng nh tuyn

VPN B

VPN A

CE

CE

Hnh 2.2 M hnh MPLS L3VPN

Cc gi tin IP qua min MPLS c gn hai loi nhn, bao gm nhn MPLS ch thng dn chuyn mch nhn LSP v nhn ch th nh tuyn/chuyn tip o VRF. Ngnxp nhn c thip lp cha cc nhn trn. Cc b nh tuyn P ca nh cung cp x


24/31

24

l nhn LSP chuyn tip cc gi tin qua min MPLS. Nhn VRF ch c x l tithit b nh tuyn bin PE ni vi b nh tuyn khch hng.

M hnh L3VPN c u im l khng gian a ch khch hng c qun l bi nhkhai thc, v nh vy n cho php n gin ha vic trin khai kt ni vi nh cung cp.

Ngoi ra, L3VPN cn cung cp kh nng nh tuyn ng phn phi cc thng tin nhtuyn vi cc b VPN. Tuy nhin, L3VPN ch h tr cc lu lng IP hoc lu lngng gi vo gi tin IP. ng thi, vic tn ti hai bng nh tuyn ti cc thit b binmng cng l mt vn phc tp trong iu hnh v nh hng ti kh nng m rngcc h thng thit b.

2.2.1.2 M hnh L2VPN

M hnh mng ring o lp 2 c pht trin sau v cc tiu chun vn trong giaion hon thin. Cch tip cn L2VPN hng ti vic thit lp cc ng hm qua mngMPLS x l cc kiu lu lng khc nhau nh Ethernet, FR, ATM, v PPP/HDLC.

C hai dng L2VPN c bn l:- im ti im: Tng t nh trong cng ngh ATM v FR, nhm thit lp ccng dn chuyn mch o qua mng.- im ti a im: H tr cc cu hnh mt li v phn cp.

Trong nhng nm gn y, dch v LAN o da trn m hnh L2VPN a im sdng cng ngh truy nhp Ethernet c trin khai rng ri. Gii php ny cho phplin kt cc mng Ethernet qua h tng MPLS trn c s nhn dng lp hai, v vy gimc phc tp ca cc b nh tuyn lp ba. Trong m hnh L2VPN cc b nh tuynCE v PE khng nht thit phi c coi l ngang hng thay vo , ch cn tn ti kt ni

lp hai gia cc b nh tuyn ny.

VPN A

VPN B

Gi L2 Gi L2

CE

CE

PE

P

P

P

PE

P

PE

Mng MPLS cung cp dch v

VPN B

VPN A

CE

CE

Nhn LSP Nhn VC Gi L2T iu khin

Hnh 2.3 M hnh MPLS L2VPN


25/31

25

L2VPN xc nh kh nng tm kim qua mt phng d liu bng a ch hc c tcc b nh tuyn ln cn. L2VPN s dng ngn xp nhn tng t nh trong L3VPN.

Nhn MPLS bn ngoi c s dng xc nh ng dn cho lu lng qua minMPLS, cn nhn knh o VC nhn dng cc mng LAN o, VPN hoc kt ni ti cc

im cui. Mt trng nhn ty chn s dng iu khin ng cc kt ni lp hai ct trong cng ngn xp st vi trng d liu.L2VPN c u im quan trng nht l cho php cc giao thc lp cao c truyn

trong sut i vi MPLS. N c th hot ng trn hu ht cc cng ngh lp hai gmATM, FR, Ethernet v m ra kh nng tch hp cc mng phi kt ni IP vi cc mnghng kt ni. Ngoi ra, trong gii php ny ngi s dng u cui khng cn phi cuhnh nh tuyn cho cc b nh tuyn khch hng CE.

2.2.2Hot ng ca MPLS VPN

2.2.2.1 Truynthng tin nh tuynCc b nh tuyn PE cn phi trao i thng tin trong cc bng nh tuyn o

m bo vic nh tuyn d liu gia cc site khch hng ni vi nhng b nh tuynny. Bi ton t ra l phi c mt giao thc nh tuyn truyn thng tin tt c cctuyn khch hng dc theo mng nh cung cp m vn duy tr c khng gian a chc lp gia cc khch hng khc nhau.

Mt gii php c xut trn c s s dng giao thc nh tuyn ring cho mikhch hng. Cc b nh tuyn PE c th c kt ni thng qua cc ng hm im im (v giao thc nh tuyn cho mi khch hng s hot ng gia cc b nh tuyn

PE) hoc l b nh tuyn P ca nh cung cp c th tham gia vo qu trnh nh tuynca khch hng.

Mt gii php khc da trn vic trin khai mt giao thc nh tuyn trao ithng tin ca tt c cc tuyn khch hng dc theo mng nh cung cp dch v. R rnggii php ny c u im hn nhng b nh tuyn P vn phi tham gia vo nh tuynkhch hng do vn khng gii quyt c vn m rng.

V vy, gii php ti u hn l vic truyn thng tin nh tuyn khch hng s do mtgiao thc nh tuyn gia cc b nh tuyn PE iu hnh, cn cc b nh tuyn P khngtham gia vo qu trnh nh tuyn ny.

2.2.2.2 a chVPNI P

Vi vic trin khai giao thc nh tuyn BGP trao i tt c cc tuyn ca khchhng gia cc b nh tuyn PE t ra mt vn l lm th no m BGP c th truynnhng tin t xc nh thuc v cc khch hng khc nhau gia cc b nh tuyn PE.


26/31

26

BGP s dng a ch IP chn mt ng i gia tt c cc ng c th i n ch.Do , BGP khng th lm vic ng nu khch hng s dng cng khng gian a ch.

Ch c mt gii php gii quyt vn ny l m rng tin t a ch IP ca khchhng vi mc ch lm cho a ch ny tr nn duy nht ngay c khi c s trng lp a

ch. Ngoi ra, phi m bo rng chnh sch s dng chn mt ng nh tuyn notrong s cc tuyn c BGP s dng ch c th c trong mt bng VRF duy nht.Vic m rng tin t a ch IP ca khch hng VPN dn n mt khi nim mi

l a ch VPN IP. a ch VPN IP c to ra bng cch ghp hai phn c dikhng i l trng phn bit tuyn (Route Distinguisher) v a ch IP c s ( hnh 4.3).

Trng phn bit tuyn a ch IP

64bit 32bit

a ch VPN - v4

Hnh 2.4a chVPNIpv4

Yu t phn bit thuc v trng a phn bit tuyn khi mng khch hng c cnga ch IP. Trng ny c cu trc cho php mi nh cung cp dch v VPN t to ra mtgi tr nhn dng cho tuyn m khng s b trng vi gi tr tng t s dng bi nh

cung cp dch v khc. Trng phn bit tuyn bao gm ba loi nh ch ra trn hnh 4.4

Kiu 0x00 S h thng t tr ASN

a. Kiu 2 octet ASN v 4 octet gn bi nh qun tr mng cc b

S gn ca nh qun tr mng cc b

0 15 16 31

Kiu 0x00 S gn ca nh qun tr mng cc b

c. Kiu 4 octet gn bi nh qun tr mng cc b v 2 octet gn

0 15 16 31

Kiu 0x00 a ch IP

b. Kiu 4 octet a ch IP v 2 octet gn

a ch IP

0 15 16 31

S gn

S gn ca nh qun tr mng cc b S gn

Hnh 2.5 Khun dng trng phn bit tuyn.


27/31

27

Trngs h t tr ASN (Autonomous System Number) cha gi tr s i din choh thng ca nh cung cp dch v VPN. Trng s gn (Assigned Nember) do mi nhcung cp dch v mng VPN t qun. Trong hu ht cc trng hp, nh cung cp dch vn nh mt gi tr trng s gn cho mt mng VPN, tuy nhin i khi cng c th gn

nhiu gi tr cho mt mng VPN. Hai mng VPN do mt nh cung cp dch v qun l skhng s dng chung mt s gn, v s h t tr ASN cng l duy nht trong mng toncu.

i vi giao thc BGP th vic qun l cc tuyn ng vi a ch VPN IP khngkhc g vic qun l tuyn ng vi a ch IP c s. Kh nng h tr a giao thc ca MP

BGP lm cho n c th qun l tuyn ng vi nhiu h a ch khc nhau. Mt imquan trng cn lu l cu trc a ch VPN IP cng nh cu trc ca trng phn bittuyn ng vi a ch VPN IP l hon ton m i vi BGP. BGP ch so snh phn mou ca hai a ch VPN IP ch n khng quan tm n cu trc ca chng. V vy

trong trng hp ny, BGP khng cn h tr thm cc giao thc ph m ch s dngnhng c tnh sn c. Cc c tnh m giao thc BGP s dng cho MPLS VPN nh:c tnh cng ng (Community), nh tuyn lc da trn cng ng hay s dng tuynd phng. Cc c tnh trn c p dng i vi cc tuyn ng vi a ch VPN IPcng ging nh cc tuyn ng vi a ch IP thng thng.

a ch VPN IP ch hon ton gii hn trong nh cung cp dch v, v cc khchhng VPN (c th l cc thit b ca khch hng) khng c khi nim g v n. a chVPNIP ch c nhn bit v gn b nh tuyn bin ca nh cung cp PE. i vimi kt ni VPN, b nh tuyn PE c cu hnh ng vi mt gi tr ca trng phn

bit tuyn. Khi PE nhn c mt tuyn t CE kt ni trc tip ti n thn cn xc nhCE thuc VPN no trc khi chuyn thng tin v tuyn ny cho BGP ca nh cung cpdch v. B nh tuyn PE s chuyn a ch IP c s ca tuyn thnh a ch VPN IP

bng cch s dng trng phn bit tuyn t cho VPN . Mt cchtng t khi PEnhn mt tuyn t BGP ca nh cung cp dch v, n s chuyn thng tin a ch VPN IP ca tuyn thnh thng tin a ch IP c s.

Nh ta bit, BGPv4 hin nay ch c th thc hin c vi cc a ch Ipv4. Khi, vic truyn thng tin tuyn ca khch hng dc theo mng MPLS VPN s c thchin nh sau:

- B nh tuyn CE gi cp nht nh tuyn Ipv4 n b nh tuyn PE.- B nh tuyn PE sau thm trng phn bit tuyn (64bit) vo trng a ch Ipv4(32bit) m n nhn, kt qu l to ra a ch VPN IPv4 96bit duy nht.- a ch VPN Ipv4 ny c truyn thng qua phin MP iBGP n cc b nhtuyn PE khc.- B nh tuyn PE nhn s loi b trng phn bit tuyn t a ch VPN Ipv4 to thnh a ch Ipv4 nh ban u m CE u xa gi.


28/31

28

- a ch Ipv4 ny c chuyn tip n b nh tuyn CE khc trong bn cp nhtnh tuyn Ipv4.

Mt im quan trng cn nhn mnh l a ch VPN IP ch c s l trong ccgiao thc nh tuyn ch khng c ti trong phn mo u ca gi IP. V vy VPN IPkhng th s dng mt cch trc tip chuyn tip gi. Nhim v chuyn tip cc gic thc hin da trn MPLS v s trnh by phn sau.

2.2.2.3 Chuyn tip gi ti n VPNCc yu t cn thit m bo cho s hot ng ca MPLS VPN bao gm giao

thc nh tuyn v phng thc truyn gi tin qua mng MPLS trong khi vn m boc tnh cht ca VPN.

Vi cc tuyn khch hng c truyn dc theo mng ng trc MPLS VPN lulng gia cc b nh tuyn CE v PE mc nh l lu lng ca cc gi tin IP. B nhtuyn khch hng CE h tr cc giao thc nh tuyn IP chun v khng tham gia vo

MPLS VPN, b nh tuyn PE ch phi chuyn gi tin IP nhn c t b nh tuynkhch hng n cc b nh tuyn PE khc. R rng l gii php ny rt kh thc hin biv b nh tuyn P khng bit r v cc tuyn ca khch hng, v v th mt s yu cucht lng dch v s kh c kh nng p ng.

Phng php khc c v kh quan hn l s dng ng dn chuyn mch nhn LSPgia cc bnh tuyn PE chuyn tip cc gi tin IP theo gi tr nhn gn vo chng(hnh 4.5)

CE Router

CE Router

IP IngressPE PRouter PRouter Egress - PE

IP L1 IP L2 IP L3

MPLS VPN Backbone

IP

CE Router

CE Router

Hnh 2.6 Sdng nhn chuyn tip gi tin VPN

Trong phng php ny, gi tin IP ca khch hng c gn mt nhn ng k chob nh tuyn PE u ra (Egress). Cc b nh tuyn li khng cn bit a ch IP cakhch hng, v ch c gi tin no c gn nhn s c chuyn n b nh tuyn PEu ra. Cc b nh tuyn li ch thc hin cc hot ng chuyn tip v phn phi gi tin


29/31

29

khch hng n b nh tuyn PE u ra. Tuy nhin, ti b nh tuyn PE u ra, gi tinIP ca khch hng khng c thng tin no v VPN hay l VRF b nh tuyn c ththc hin kim tra VRF, do n c th b mt.

Mt phng php ti u hn c th c lachn chuyn tip cc gi tin l s

dng ngn xp nhn (Hnh 4.6)

CE Router

CE Router

IP IngressPE PRouter PRouter Egress - PE

IP L1

MPLS VPN Backbone

IP

CE Router

CE Router

V IP L2V IP L3V

Hnh 2.7 Sdng ngn xp nhn chuyn tip gi tin VPN

Ngn xp nhn MPLS c s dng ch th cho b nh tuyn PE u ra bit philm g vi gi tin VPN. Ngn xp nhn bao gm hai nhn xp chng ln nhau gi l nhn

bn trong (inner label) v nhn bn ngoi (outer label). Khi gi tin vo mng, b nhtuyn PE u vo gn hai loi nhn ny vo gi tin IP. Nhn trn cng trong ngn xp lca ng dn chuyn mch nhn (cn gi l LDP), m bo cho gi tin c truyn quamng MPLS VPN ng trc n b nh tuyn PE u ra.

MPLS s dng ngn nhn ngoi chuyn tip gi tin t b nh tuyn PE u voqua mng li. mi b nh tuyn P nhn ny c s dng chuyn tip gi tin, nchnh l ch s trong bng chuyn tip ca b nh tuyn. Cc b nh tuyn P chuyn tipgi tin dc theo LSP theo phng php hon i nhn v khng bao gi kim tra nhn bntrong hoc a ch ch IP ca gi tin. Khi gi tin n PE u ra, b nh tuyn ny thchin tch b nhn ngoi ri x l nhn trong. Nhn trong l nhn c b nh tuyn PEng k cho mi VRF, v PE s s dng n quyt nh VRF no m gi tin thuc v.

Ni cch khc, nhn trong quyt nh CE no gi tin s c gi n.Theo mc nh, b nh tuyn PE u ra thc hin tm kim trong bng chuyn tip

VRF s dng a ch IP ch ca gi tin. Sau , n chuyn tip gi IP khng nhn nsite khch hng thch hp. Bn thn cc nhn bn trong c lin lc gia cc PE trongcc bn tin cp nht m rng MP iBGP. Nhn th hai trong ngn xp nhn cn c sdng ch trc tip n giao din u ra ti khch hng. Trong trng hp ny, b nh


30/31

30

tuyn PE u ra ch thc hin kim tra nhn trn gi tin VPN. Tnh hung ny thngc dng khi b nh tuyn CE l bc k tip ca tuyn VPN v nhn ny c th chn mt VRF n nht. B nh tuyn PE u ra thc hin kim tra nhn trc tmc VRF ch, sau mi thc hin kim tra a ch IP trong VRF.

TNG KT

Trong nhng nm gn y, cng ngh chuyn mch nhn a giao thc MPLS c rt nhiu quc gia la chn xy dng v pht trin h thng mng vin thngca mnh. Mt trong nhng ng dng in hnh ca MPLS l dch v mng ring oMPLS VPN. Dch v ny gp phn rt ln vo s pht trin nhanh chng caMPLS v m ra nhiu kh nng ng dng mi.

Chng ny trnh by v cc m hnh trin khai MPLS VPN ti lp hai vlp ba, nhng k thut then cht trong MPLS VPN nh truyn thng tin nh tuyn,a ch VPN IP v hot ng chuyn tip gi tin VPN. Ngoi ra, trong ni dung cachng ny cng cp n mt s vn lin quan n kha cnh bo mt v chtlng dch v trong MPLS VPN. Cui chng c a ra mt s phn tch v so snhcc c im ni bt ca hai gii php VPN da trn IPSec v MPLS. C th ni, victrin khai cng ngh VPN trn nn MPLS ha hn nhiu thun li mi v chc chn sl gii php l tng cho mng ring o trong tng lai.


31/31

TI LIU THAM KHO

Mng vin thng th h sauTS. Nguyn Qu Minh Hin Cng ngh chuyn mch MPLS - ThS. Hong Trng Minh Vnpro.org Cc bi bo, bi vit trn cc din n: nhatnghe.com, vnpro.org,

vntelecom.org.

Documents

Môn chuyên đề - MPLS