Multiprotocol Label Switching (MPLS)

(1)

Multiprotocol Label Switching

(MPLS)

Petr Gryg

(2)

Technology Basics

•

Integrates label-based forwarding paradigm with network layer routing

•

label forwarding + label swapping similar to ATM/FR

•

switching tables constructed using IP routing protocol(s)

•

Advantages:

•

improves the price/performance of network layer routing

•

MPLS switching algorithm might be simpler and faster than traditional IP routing

•

Processor-intensive packet analysis and classification happens only once at the ingress edge

•

But MPLS is not onlyBut MPLS is not only a method to make routers much more faster a method to make routers much more faster

•

improves the scalability of the network layer

•

(slow lookup of huge IP routing tables etc.)

•

provides greater flexibility in the delivery of (new) routing services

•

new routing services may be added without change to the forwarding paradigm

• Multiple VRF-based VPNs (with address overlap), traffic-engineering,…

(3)

MPLS Operation in Brief

(Frame Mode)

•

Standard IP routing protocol used in MPLS routing domain Standard IP routing protocol used in MPLS routing domain

•

(OSPF, IS-IS, …)(OSPF, IS-IS, …)

•

<IP prefix, label > mapping created by egress router<IP prefix, label > mapping created by egress router

•

i.e. router at MPLS domain edge used as exit point for that IP prefixi.e. router at MPLS domain edge used as exit point for that IP prefix

•

Label distribution protocols used to distribute label bindings for IP Label distribution protocols used to distribute label bindings for IP prefixes between adjacent neighbors

prefixes between adjacent neighbors

•

label has local significancelabel has local significance

•

Ingress LSR receives IP packetsIngress LSR receives IP packets

•

Performs classification and assigns labelPerforms classification and assigns label

•

Forwards labeled packet to MPLS coreForwards labeled packet to MPLS core

•

Core LSRs switch labeled packets based on label valueCore LSRs switch labeled packets based on label value

•

Egress router removes label before forwarding packet out of MPLS Egress router removes label before forwarding packet out of MPLS domain

domain

(4)

MPLS position in OSI RM

MPLS operates between link and network layer

•

Deals with L3 routing/addressing

•

Uses L2 labels for fast switching

• Inherent labels of some L2 technologies

Inherent labels of some L2 technologies

•

ATM VPI/VCI, Frame Relay DLCI, optical switching ATM VPI/VCI, Frame Relay DLCI, optical switching lambdas, …

lambdas, …

• Additional “shim” headers placed between L2 and

Additional “shim” headers placed between L2 and

L3 headers

•

it’s presence indicated in L2 headerit’s presence indicated in L2 header

(5)

Label-based packet forwarding

•

Packet marked with labels at ingress MPLS routerPacket marked with labels at ingress MPLS router

•

Allows to apply various rules to impose labels

•

destination network prefix, QoS, policy routing (traffic engineering), VPNs, …

•

labels imply both routes (IP destination prefixes) and service attributes (QoS, labels imply both routes (IP destination prefixes) and service attributes (QoS, TE, VPN, …)

TE, VPN, …)

•

Multiple labels can be imposed (label stack)Multiple labels can be imposed (label stack)

•

allows special applications (hierarchical MPLS forwarding)allows special applications (hierarchical MPLS forwarding)

•

Packet quickly forwarded according to labels through MPLS corePacket quickly forwarded according to labels through MPLS core

•

uses only label swapping, no IP routinguses only label swapping, no IP routing

•

IP routing information used only to build forwarding tables, not for actual IP routing information used only to build forwarding tables, not for actual (potentially slow) IP routing

(potentially slow) IP routing

•

label-switch paths determined by IP routing protocollabel-switch paths determined by IP routing protocol

• implementation of MPLS is only as good as underlying routing protocolimplementation of MPLS is only as good as underlying routing protocol

•

Label removed at egress router and packet forwarded using Label removed at egress router and packet forwarded using standard L3 IP routing table lookup

(6)

Components of MPLS architecture

• Forwarding Component (data plane)

•

“brute force” forwarding using label forwarding information base (LFIB)

• Control Component (control plane)

•

Creates and updates label bindings (LFIB)

•

<IP_prefix, label>

•

MPLS node has to participate in routing protocol (IGP or MPLS node has to participate in routing protocol (IGP or static routing)

static routing)

•

including ATM switches in MPLS cell-modeincluding ATM switches in MPLS cell-mode

•

Labels assignment is distributed to other MPLS peers

•

using some sort of label distribution protocol (LDP)

(7)

MPLS Devices

Label-Switch Router (LSR)

•

Any router/switch participating on label assignment and Any router/switch participating on label assignment and distribution that supports label-based packet/cell switching

distribution that supports label-based packet/cell switching

LSR Classification

•

Core LSR (P-Provider)Core LSR (P-Provider)

•

Edge LSR (PE-Provider Edge)Edge LSR (PE-Provider Edge)

(Often the same kind of device, but configured differently)

•

Frame-mode LSRFrame-mode LSR

•

MPLS-capable router with Ethernet interfacesMPLS-capable router with Ethernet interfaces

•

Cell-mode LSRCell-mode LSR

(8)

Functions of Edge LSR

• Any LSR on MPLS domain edge, i.e. with non-MPLS

Any LSR on MPLS domain edge, i.e. with non-MPLS

neighboring devices

• Performs label imposition and disposition

Performs label imposition and disposition

•

Packets classified and label imposedPackets classified and label imposed

•

Classification based on routing and policy requirementsClassification based on routing and policy requirements

•

Traffic engineering, policy routing, QoS-based routingTraffic engineering, policy routing, QoS-based routing

• Information of L3 (and above) headers inspected only

Information of L3 (and above) headers inspected only

once at edge of the MPLS domain

(9)

Forwarding Equivalence Class

(FEC)

•

Packets classified into FECs at MPLS domain

edge LSR

• according unicast routing destinations, QoS class,

according unicast routing destinations, QoS class,

VPN, multicast group, traffic-engineered traffic

class, …

•

FEC is a class of packets to be MPLS-switched

the same way

(10)

Label switching path (LSP)

•

Sequence of LSRs between ingress and egress

(edge) LSRs

• + sequence of assigned labels (local significance)

+ sequence of assigned labels (local significance)

•

Unidirectional

•

For every forward equivalence class

•

May diverge from IGP shortest path

• Path established by traffic engineering using explicit

Path established by traffic engineering using explicit

routing and label switching paths tunnels

(11)

Upstream and downstream neighbors

• From perspective of some particular LSR

From perspective of some particular LSR

• Related to particular destination (and FEC)

Related to particular destination (and FEC)

• Routing protocol’s Next-hop address determines

Routing protocol’s Next-hop address determines

downstream neighbor

Upstream neighbor is closer to data source whereas

downstream neighbor is closer to the destination

network

(12)

MPLS and IP routing interaction in LSR

IP routing table

IP routing process

MPLS Signalling protocol

Label forwarding table

routing information routing information exchange exchange (routing protocol) (routing protocol) label bindings label bindings exchange exchange Outgoing Outgoing labeled labeled Incoming Incoming labeled labeled packets packets Incoming Incoming unlabeled unlabeled packets

packets OutgoingOutgoing unlabelled unlabelled packets packets Control plane Control plane

(13)

Interaction of neighboring MPLS LSRs

Routing information Routing information exchange exchange label bindings label bindings exchange exchange Labeled packets Labeled packets IP routing table

IP routing table

IP routing

process process MPLS Signalling MPLS Signalling Protocol Protocol Label forwarding Label forwarding table table

IP routing

process

MPLS Signalling MPLS Signalling Protocol Protocol Label forwarding Label forwarding table table

(14)

Operation of edge LSR

IP routing process

MPLS Signalling protocol

routing information routing information

exchan exchangege

label bindings label bindings exchange exchange Outgoing Outgoing Incoming Incoming unlabeled unlabeled packets packets Outgoing Outgoing unlabeled unlabeled packets packets

IP forwarding table

Label disposition

and L3 lookup

Incoming Incoming Resolving Resolving of recursive of recursive routes routes

(15)

Penultimate hop behavior

Label at the top of label stack is removed not by egress routes at MPLS domain edge (as

could be expected), but by it’s upstream neighbor (penultimate hop)

•

On egress router, packet could not be label-switched anywayOn egress router, packet could not be label-switched anyway

•

Egress router has to perform L3 lookup to find more specific routeEgress router has to perform L3 lookup to find more specific route

•

commonly, egress router advertises single label for summary routecommonly, egress router advertises single label for summary route

•

Disposition of label imposed by egress router’s upstream neighbor would Disposition of label imposed by egress router’s upstream neighbor would introduce unnecessary overhead

introduce unnecessary overhead

•

For that reason, upstream neighbor of egress router always pops label and sends For that reason, upstream neighbor of egress router always pops label and sends packet to egress router unlabeled

packet to egress router unlabeled

•

Egress LSR requests popping of label through label distribution protocolEgress LSR requests popping of label through label distribution protocol

(16)

Label and label stack

•

Label format (and length) dependent on L2

technology

•

Labels have local-link significance, each LSR

creates it’s own label mappings

• although not a rule, same label is often propagated

although not a rule, same label is often propagated

from different links for the same prefix

•

Multiple labels may be imposed, forming the

label stack

• Label bottom indicated by “s” bit

Label bottom indicated by “s” bit

• Label stacking allows special MPLS applications

Label stacking allows special MPLS applications

(VPNs etc.)

(17)

MPLS header

•

Between L2 and L3 header

• MPLS header presence indicated in EtherType/PPP

MPLS header presence indicated in EtherType/PPP

Protocol ID/Frame Relay NLPID

•

4 octets (32b)

• 20 bits – label value

20 bits – label value

• 3 bits Exp (experimental) – used for QoS today

3 bits Exp (experimental) – used for QoS today

• 8 bits MPLS TTL (Time to Live)

8 bits MPLS TTL (Time to Live)

(18)

Label Bindings Distribution

(19)

Label Distribution Protocol

Functionality

• Used to advertise

Used to advertise

<

IP

_prefix

_

prefix

,

label>

label

>

binding

s

• Used to create

Used to create

L

abel

Information Base (LIB)

and

Label

F

orwarding

I

nformation

B

ase

(LFIB)

•

LIB maintains all prefixes advertised by MPLS neighborsLIB maintains all prefixes advertised by MPLS neighbors

•

LFIB maintains only prefixes advertised by next hops for individual LFIB maintains only prefixes advertised by next hops for individual routes

routes

•

i.e. those actually used for label switchingi.e. those actually used for label switching

•

next-hop determined by traditional IGP next-hop determined by traditional IGP

LFIB used for actual label switching, LIB maintains labels which may be

useful if IGP routes change

(20)

Label Retention Modes

•

Liberal mode

• LSR retains labels for FEC from all neighbors

LSR retains labels for FEC from all neighbors

•

Requires more memory and label spaceRequires more memory and label space

•

Improves latency after IP routing paths changeImproves latency after IP routing paths change

•

Conservative mode

• Only labels from next-hop for IP prefix are

Only labels from next-hop for IP prefix are

maintained

•

next-hop determined from IP routing protocolnext-hop determined from IP routing protocol

(21)

Label Distribution Modes

•

Independent LSP control

• LSR binds labels to FECs and advertises them

LSR binds labels to FECs and advertises them

whether or not the LSR itself has received a label

from it’s next-hop for that FEC

• Most common in MPLS frame mode

Most common in MPLS frame mode

•

Ordered LSP control

• LSR only binds and advertises label for FEC if

LSR only binds and advertises label for FEC if

-

it is the egress LSR for that FECit is the egress LSR for that FEC

(22)

Protocols for Label Distribution

•

Label Distribution Protocol (LDP) – IETFLabel Distribution Protocol (LDP) – IETF standard standard

•

TCP port 646TCP port 646

•

RSVP-TERSVP-TE

•

used for MPLS traffic engineeringused for MPLS traffic engineering

•

BGPBGP

•

implements MPLS VPNs (peer model)implements MPLS VPNs (peer model)

•

PIMPIM

•

enables MPLS-based multicastsenables MPLS-based multicasts

•

Tag Distribution Protocol (TDP) – Cisco proprietary, obsoleteTag Distribution Protocol (TDP) – Cisco proprietary, obsolete

•

LDP predecestorLDP predecestor

•

TCP port 711TCP port 711

Label bindings are exchanged

Label bindings are exchanged between neighboring routersbetween neighboring routers

•

in special cases also between non-neighboring routers in special cases also between non-neighboring routers

(23)

Label Distribution Protocol (LDP):

Message Types

• Discovery messages (hellos)

Discovery messages (hellos)

•

UDP/646UDP/646

•

Used to discover and continually check for presence of LDP Used to discover and continually check for presence of LDP peers

peers

• Once a neighbor is discovered, LDP session is

Once a neighbor is discovered, LDP session is

established over TCP/646

•

messages to establish, maintain and terminate sessionmessages to establish, maintain and terminate session

•

label mappings advertisement messages label mappings advertisement messages

•

create, modify, deletecreate, modify, delete

•

error notification messageerror notification message

•

LDP Neighbor IDLDP Neighbor ID

(24)

Frame-mode and Cell-mode LSRs

(25)

Frame-mode LSRs

•

Frame/Packet processing devices

• such as routers or Frame Relay switches

such as routers or Frame Relay switches

•

Labeled packets treated as L2 frames

• Shim header between L2 and L3 header

Shim header between L2 and L3 header

(26)

Frame-mode Label Distribution

• Unsolicited downstream

Unsolicited downstream

•

Labels distributed automatically to upstream neighborsLabels distributed automatically to upstream neighbors

•

Downstream LSR advertises labels for particular FECs to the Downstream LSR advertises labels for particular FECs to the upstream neighbor

upstream neighbor

• Independent control of label assignment

Independent control of label assignment

•

Label assigned as soon as new IP prefix appears in IP routing table Label assigned as soon as new IP prefix appears in IP routing table

(may be limited by ACL) (may be limited by ACL)

•

Mapping stored into LIBMapping stored into LIB

•

LSR may send (switch) labeled packets to next hop even if next-LSR may send (switch) labeled packets to next hop even if next-hop itself does not have label for switching that FEC further

hop itself does not have label for switching that FEC further

• Liberal retention mode

Liberal retention mode

(27)

Cell-mode LSRs

ATM switches

•

LSRs switch cells, not packets

• packets fragmented into cells

packets fragmented into cells

•

VPI/VCI used to carry labels

•

Additional piece of software needed to integrate

ATM switches with IP routing (IGP) and

implement label distribution protocols - Label

Switch Controller

• needed to provide label assignment and distribution

needed to provide label assignment and distribution

and proper building of switching tables (ATM layer)

(28)

Problems with ATM Switches in IP

Networks

•

ATM switches cannot perform IP lookup and label stack lookupATM switches cannot perform IP lookup and label stack lookup

•

Packets chopped into ATM cellsPackets chopped into ATM cells

•

VPI/VCI serves as labelVPI/VCI serves as label

•

ATM switches cannot handle IP packets directly hop-by-hopATM switches cannot handle IP packets directly hop-by-hop

•

Virtual circuits have to be createdVirtual circuits have to be created

•

created dynamically for every FECcreated dynamically for every FEC

•

Signalling between neighboring ATM switches is needed to dynamically Signalling between neighboring ATM switches is needed to dynamically create VCs

create VCs

•

VPI=0, VCI=32, aal5snap encapsulationVPI=0, VCI=32, aal5snap encapsulation

•

between ATM Edge LSR and ATM LSR and between two ATM LSRsbetween ATM Edge LSR and ATM LSR and between two ATM LSRs

•

ATM switching tables created according to signalling requestsATM switching tables created according to signalling requests

(29)

Downstream on demand label assignment

•

On-demand dynamic VC creation methodOn-demand dynamic VC creation method

•

Label request for particular prefix is Label request for particular prefix is sent by ingress LSR step-by-sent by ingress LSR

step-by-step to destination egress LSR along IGP shortest path

step to destination egress LSR along IGP shortest path

•

Upstream LSRs request label to downstream neighborsUpstream LSRs request label to downstream neighbors

•

Downstream LSRs respond with labels Downstream LSRs respond with labels upon requestupon request

•

Egress LSR creates label mappingEgress LSR creates label mapping

•

Label mapping propagated back to the sourceLabel mapping propagated back to the source

•

Labels assigned by all intermediate LSRsLabels assigned by all intermediate LSRs

•

Uses conservative label retention modeUses conservative label retention mode

•

LIB maintains only actually used labelsLIB maintains only actually used labels

•

because label request is sent to FEC’s next hop onlybecause label request is sent to FEC’s next hop only

•

Labels assigned only on demandLabels assigned only on demand

(30)

Cell-mode Label Distribution Problem

• Unsolicited Downstream method cannot be used

•

AAL5 cannot intermix cells of multiple packets

101/4 3 150.10/16 100/7 2 101/4 3 150.10/16 100/5 1 Out tag Out if (prefix) In tag In if 1 1 2 2 3 3 150.10.0.0/16 150.10.0.0/16 Packet Packet Packet Packet 7

7 77

7 7 5 5 5 5 5 5 4

4 44 44 44

???

(31)

Cell-mode Label Assignment Principles

•

ATM-LSR assigns unique label (VPI/VCI pair)

for every upstream neighbor

• LSR requests downstream neighbor to give one label

LSR requests downstream neighbor to give one label

(VPI/VCI) per FEC and per incoming interface

(upstream neighbor)

• Separate VC created for every FEC from ingress

Separate VC created for every FEC from ingress

LSR to egress edge LSR

(32)

Cell-mode Label Distribution:

Unique Labels for

U

pstream

N

eighbors

7 77

7 7 5 5 5 5 5 5 4

(33)

VC Merge

Option

_Option

•

Single label can be allocated for FEC if ATM

switch avoids intermixing of cells of packets of

that FEC coming from

different

_different

ingoing

_ingoing

interfaces at the same time

• LSR have to capture

LSR have to capture

/buffer

cells of incoming

packets and send packets one after another at the

outgoing interface

•

Saves label space, limits number of VCs

(34)

VC Merge

O

_O

peration

_peration

7 77

7 7 5 5 5 5 5 5 4

(35)

MPLS

O

peration -

S

ummary

1.

1. Standard routing protocols create routing table

Standard routing protocols create routing table

2.

2. Label distribution protocol creates and distributes

Label distribution protocol creates and distributes

<IP-prefix, label> mappings

3.

3. Ingress edge LSR receives IP packet, classifies it and

Ingress edge LSR receives IP packet, classifies it and

imposes label

4.

4. Core LSRs switch packets only using label switching

Core LSRs switch packets only using label switching

without inspecting IP headers

5.

5. Egress edge LSR disposes label and forwards packet

Egress edge LSR disposes label and forwards packet

according to IP routing table

(36)

MPLS Applications

IP header and forwarding decision decoupling allows for

better flexibility and new applications

(37)

Some Popular MPLS

Applications

•

BGP-Free core

•

6PE/6VPE

•

Carrier Supporting Carrier

•

MPLS Traffic engineering

•

MPLS VPN

•

Integration of IP and ATM

(38)

I

ntegration

_ntegration

of

_of

IP

_IP

and

_and

ATM

_ATM

• IP routing tightly integrated with m

IP routing tightly integrated with m

ultipurpose ATM

backbone

using MPLS

•

ATM routing protocols like PNNI and signalling protocols ATM routing protocols like PNNI and signalling protocols for SVCs are not necessary

for SVCs are not necessary

• Eliminates complex technologies to map between IP

Eliminates complex technologies to map between IP

and ATM routing information and addressing

•

no need for solutions like LANE, CLIP, NHRP and MPOA no need for solutions like LANE, CLIP, NHRP and MPOA based on emulation of classical LAN/WAN technologies

based on emulation of classical LAN/WAN technologies

over ATM

• ATM infrastructure may be fully utilized

ATM infrastructure may be fully utilized

(39)

BGP-Free Core

•

Design of transit AS without BGP running on transit

(internal) routers

•

BGP sessions between PE routers only

• full mesh or using route reflector(s)

full mesh or using route reflector(s)

•

P routers know only routes to networks in the core

• including PE loopback interfaces

including PE loopback interfaces

•

LDP creates LSPs into individual networks in the core

(including PEs' loopbacks)

•

PEs' loopbacks are used as next hops of BGP routes

passed between PE routers

(40)

6PE (1)

•

Interconnection of IPv6 islands over MPLS Interconnection of IPv6 islands over MPLS non-IPv6-aware core

non-IPv6-aware core

•

PE routers has to support both IPv6 and IPv4, but P routers do PE routers has to support both IPv6 and IPv4, but P routers do not need to be upgraded (can be MPLS + IPv4 only)

not need to be upgraded (can be MPLS + IPv4 only)

•

Outer label identifies destination PE router (IPv4 BGP next hop), Outer label identifies destination PE router (IPv4 BGP next hop), inner label identifies particular IPv6 route

inner label identifies particular IPv6 route

•

Inner label serves as 'index' into egress PE's IPv6 routing tableInner label serves as 'index' into egress PE's IPv6 routing table

•

IPv6 prefixes plus associated (inner) labels are passed between PE IPv6 prefixes plus associated (inner) labels are passed between PE routers through MP-BGP (using TCP/IPv4)

routers through MP-BGP (using TCP/IPv4)

•

Inner label needed because of PHPInner label needed because of PHP

(41)

6PE (2)

•

BGP Next Hop attribute is the IPv4-mapped IPv6 address of BGP Next Hop attribute is the IPv4-mapped IPv6 address of egress 6PE router

egress 6PE router

•

Only LDP for IPv4 is requiredOnly LDP for IPv4 is required

•

LDP for IPv6 not implemented yetLDP for IPv6 not implemented yet

•

Does not support multicast trafficDoes not support multicast traffic

•

Only proposed standard – RFC 4798 (Cisco, 2007), but Only proposed standard – RFC 4798 (Cisco, 2007), but implemented by multiple vendors

implemented by multiple vendors

•

See See

http://www.netmode.ntua.gr/Presentations/6PE%20-%20IPv6%20over%20MPLS%20(cisco%20expo%2005).pdf

for further details

(42)

6VPE

•

VRF-aware 6PE

•

Allows to build MPLS IPv6 VPNs on IPv4-only

MPLS core

•

See

http://sites.google.com/site/amitsciscozone/ho

me/important-tips/mpls-wiki/6vpe-ipv6-over-mpls-vpn for configuration example (Cisco)

(43)

Carrier Supporting Carrier (1)

•

Hierarchical application of label switching concept

•

A MPLS super-carrier provides connectivity between

regions for others MPLS-based customer carriers

• Concept of MPLS VPN in super-carrier networks

Concept of MPLS VPN in super-carrier networks

• CSC-P, CSC-PE, CSC-CE

CSC-P, CSC-PE, CSC-CE

• Customer carriers regions may also implement MPLS

Customer carriers regions may also implement MPLS

VPN

(44)

Carrier Supporting Carrier (2)

•

Utilizes label stack with multiple labels

• sub-carrier's labels are untouched during transport

sub-carrier's labels are untouched during transport

over super-carrier

•

Customer carriers do not exchange their

customer's routes with super-carrier

(45)

MPLS Traffic Engineering

(46)

MPLS TE Goals

•

Minimizes network congestion, improve

network performance

•

Spreads flows to multiple paths

• i.e. diverges them from “shortest” path calculated by

i.e. diverges them from “shortest” path calculated by

IGP

(47)

MPLS TE Principle

•

Originating LSR (headend) sets up a TE LSP to

terminating LSR (tailend) through a explicitly

specified path

• defined by sequence of intermediate LSRs

defined by sequence of intermediate LSRs

• either strict or loose explicit route

either strict or loose explicit route

•

LSP is calculated automatically using constraint-

LSP is calculated automatically using

constraint-based routing or manually

based routing or manually

• using some sort of management tool in large

using some sort of management tool in large

networks

(48)

MPLS-TE Mechanisms

•

Link information distribution

•

Path computation

•

LSP signalling

• RSVP

RSVP

-TE accomplishes

label assignment during MPLS

tunnel creation

• signalling needed even if path calculation is performed

signalling needed even if path calculation is performed

manually

•

Selection of traffic that will take the TE-LSP

(49)

Link Information Distribution

• Utilizes extensions of OSPF or IS-IS to distribute links’

Utilizes extensions of OSPF or IS-IS to distribute links’

current states and attributes

•

OSPF LSA type 10 (opaque)OSPF LSA type 10 (opaque)

•

Maximum bandwidth, reservable bandwidth, available bandwidth, Maximum bandwidth, reservable bandwidth, available bandwidth, flags (aka attributes or colors), TE metric

flags (aka attributes or colors), TE metric

• Constraint-based routing

Constraint-based routing

•

Takes into account links’ current states and attributes when Takes into account links’ current states and attributes when calculating routes

calculating routes

•

““Constraint-based SPF” calculation excludes links that do not Constraint-based SPF” calculation excludes links that do not comply with required LSP parameters

(50)

RSVP Signalling

•

Resource reSerVation Protocol (RFC 2205) was

originally developed in connection with IntServ,

but should be understood as completely

independent signalling protocol

•

Reserves resources for unidirectional

(unicast/multicast) L4 flows

• soft-state

soft-state

•

May be used with MPLS/TE to signal DiffServ

QoS PHB over the path

(51)

RSVP Messages

•

Message Header (message type)

• Resv, Path, ResvConfirm, ResvTeardown

Resv, Path, ResvConfirm, ResvTeardown

PathTeardown, PathErr,ResvErr

•

Variable number of object of various classes

• including sub-objects

including sub-objects

•

Support for message authentication and integrity

check

(52)

Basic RSVP Operation

•

PATH message travels from sender to receiver(s)

• allows intermediate nodes to build soft-state information

allows intermediate nodes to build soft-state information

regarding particular session

• includes flow characteristics (flowspec)

includes flow characteristics (flowspec)

•

RESV message travels from receiver interested in

resource reservation towards the sender

• actually causes reservation of intermediate nodes'

actually causes reservation of intermediate nodes'

resources

• provides labels to upstream routers

provides labels to upstream routers

(53)

LSP Preemption

• Support for creation of LSPs of different priorities with

Support for creation of LSPs of different priorities with

preemption option

•

setup and holding prioritysetup and holding priority

•

setup priority is compared with holding priority of existing LSPssetup priority is compared with holding priority of existing LSPs

•

0 (best) – 7 (worst)0 (best) – 7 (worst)

• Preemption modes

Preemption modes

•

Hard – just tears preempted LSP downHard – just tears preempted LSP down

•

Soft – signalls pending preemption to the headend of existing Soft – signalls pending preemption to the headend of existing LSP to give it an opportunity to reroute traffic

(54)

LSP Path Calculation in Multiarea

Environment

•

Splitting network into multiple areas limits state

information flooding

•

Headend specifies path to route LSP setup

requests using list of ABRs

• loose routing

loose routing

•

Each ABR calculates and reserves path over

connected area and requests another ABR on

the path to take care of next section

(55)

Fast Reroute

•

In case of node or link failure, backup LSP may

be automatically initiated (in tens of

milliseconds)

•

Fast Reroute option must be requested during

LSP setup

(56)

Fast Reroute - Global restoration

•

New LSP is set up by headend

• LSP failure is signalled to the headend by PathErr

LSP failure is signalled to the headend by PathErr

RSVP message

• Headend has the most complete routing constraints

Headend has the most complete routing constraints

information to establish a new LSP

(57)

Fast Reroute - Local restoration

•

““Detour” LSP around failed link/nodeDetour” LSP around failed link/node

•

LSR that detected the failure (called Point of Local Repair) start LSR that detected the failure (called Point of Local Repair) start to use alternative LSP

to use alternative LSP

•

Detour LSPs are manually preconfigured or precalculated dynamically by Detour LSPs are manually preconfigured or precalculated dynamically by Point of Local Repair and pre-signalled

Point of Local Repair and pre-signalled

•

““Detour” joins back the original LSP at the Merge PointDetour” joins back the original LSP at the Merge Point

•

i.e. at Next hop for link protection, Next Next hop for Node protection i.e. at Next hop for link protection, Next Next hop for Node protection

•

Facility Backup (commonly used) - double labeling is used on detour pathFacility Backup (commonly used) - double labeling is used on detour path

•

external tag is dropped before packet enters Merge Pointexternal tag is dropped before packet enters Merge Point

•

packets arrive to the Merge Point with the same label as they would if they packets arrive to the Merge Point with the same label as they would if they came along original LSP

came along original LSP

•

One-to-One backup One-to-One backup

•

does not use label stackingdoes not use label stacking

(58)

MPLS and Diffserv

• LSR uses the same mechanism as traditional router to

LSR uses the same mechanism as traditional router to

implement different Per-Hop Behaviors (PHBs)

• 2 types of LSPs (may coexist on single network):

2 types of LSPs (may coexist on single network):

•

EXP-inferred LSPs (mostly used)EXP-inferred LSPs (mostly used)

•

can transport multiple traffic classes simultaneouslycan transport multiple traffic classes simultaneously

•

EXP bits in shim header used to hold DSCP valueEXP bits in shim header used to hold DSCP value

•

Map between EXP and PHB signaled during LSP setupMap between EXP and PHB signaled during LSP setup

•

extension of LDP and RSVP (new TLV defined)extension of LDP and RSVP (new TLV defined)

•

Label-inferred LSPsLabel-inferred LSPs

•

can transport just one traffic classcan transport just one traffic class

(59)

Diffserv Tunneling over MPLS

There are two markings of the packet (EXP,

DSCP). There are different models to handle

interaction between multiple markings.

•

Pipe model

• transfers inside DSCP marking untouched

transfers inside DSCP marking untouched

• useful for interconnection of two Diffserv domains

useful for interconnection of two Diffserv domains

using MPLS

•

Uniform Model

(60)

MPLS VPNs

(61)

VPN

Implementation Options

_{Implementation Options}

Solution to implement potentially

overlapping address spaces

of

independent customers:

• Overlay model

Overlay model

•

Infrastructure provides tunells between Infrastructure provides tunells between CPE CPE routersrouters

•

FRFR/ATM virtual circuits, IP tunnels (GRE, IPSec, …)/ATM virtual circuits, IP tunnels (GRE, IPSec, …)

• Peer-to-peer model

Peer-to-peer model

•

Provider edge router exchange routing information with customer Provider edge router exchange routing information with customer edge router

edge router

•

Customer routes in service provider’s IGPCustomer routes in service provider’s IGP

•

Need to solve VPN separation and overlapping customer addressingNeed to solve VPN separation and overlapping customer addressing

•

traditionally by complicated filteringtraditionally by complicated filtering

•

Optimal routing between customer sites through shared Optimal routing between customer sites through shared infrastructure

infrastructure

(62)

MPLS VPN Basic Principles

•

MPLS helps to separate traffic from different VPNs without usage of MPLS helps to separate traffic from different VPNs without usage of overlay model tunneling techniques

overlay model tunneling techniques

•

Routes from different VPNs kept separated, multiple routing tables Routes from different VPNs kept separated, multiple routing tables implemented at edge routers (one for each VPN)

implemented at edge routers (one for each VPN)

•

Uses MPLS label stack: outer label identifies egress edge router, inner Uses MPLS label stack: outer label identifies egress edge router, inner label identifies VPN

label identifies VPN

•

single route in particular VPNsingle route in particular VPN

•

To allow propagation of IP prefixes from all VPNs to the core, To allow propagation of IP prefixes from all VPNs to the core,

potentially overlapping addresses of separated VPNs is made unique

with Route Distinguisher (different for every VPN)

•

Those “IP-VPN” (VPNv4) addresses are propagated between PE routers using Those “IP-VPN” (VPNv4) addresses are propagated between PE routers using extended BGP (Multiprotocol BGP, MP-BGP)

extended BGP (Multiprotocol BGP, MP-BGP)

•

New address family: VPNv4 address = RD + IPv4 addressNew address family: VPNv4 address = RD + IPv4 address

(63)

MPLS VPN advantages

•

Integrates advantages of overlay and peer-to-

Integrates advantages of overlay and

peer-to-peer model

peer model

• Overlay model advantages:

Overlay model advantages:

•

security and customer isolationsecurity and customer isolation

• Peer-to-peer model advantages:

Peer-to-peer model advantages:

•

routing optimalityrouting optimality

(64)

MPLS VPN Implementation

•

VPN defined as set of sites sharing the same routing informationVPN defined as set of sites sharing the same routing information

•

Site may belong to multiple VPNsSite may belong to multiple VPNs

•

Multiple sites (from different VPNs) may be connected to the Multiple sites (from different VPNs) may be connected to the same PE router

same PE router

•

PE routers maintains only routes for connected VPNs and PE routers maintains only routes for connected VPNs and backbone routes needed to reach other PEs

backbone routes needed to reach other PEs

•

Increases scalabilityIncreases scalability

•

Decreases performance requirements of PE routerDecreases performance requirements of PE router

•

PE router uses IP at customer network interface(s) and MPLS at PE router uses IP at customer network interface(s) and MPLS at backbone interfaces

backbone interfaces

•

Backbone (P routers) uses only label switchingBackbone (P routers) uses only label switching

•

IGP routing protocol used only to establish optimal label switch pathsIGP routing protocol used only to establish optimal label switch paths

•

Utilizes MPLS label stackUtilizes MPLS label stack

•

Inner label identifies VPNInner label identifies VPN

(65)

Routing information exchange

•

P-P and P-PE routers

• Using IGP

Using IGP

• Needed to determine paths between PEs over MPLS

Needed to determine paths between PEs over MPLS

backbone

•

PE-PE routers (non-adjacent)

• Using MP-iBGP sessions

Using MP-iBGP sessions

• Needed to exchange routing information between

Needed to exchange routing information between

routing tables for particular VPN (VRFs)

(66)

Routing information in PE routers

PE routers maintain multiple separated routing tables

•

Global routing table – filled with backbone routes

(from IGP)

• allows to reach other PE routers

allows to reach other PE routers

•

VRF (VPN routing & forwarding)

• Separate routing tables for individual VPNs

Separate routing tables for individual VPNs

• Every router interface assigned to a single VRF

Every router interface assigned to a single VRF

(67)

VPN routing and forwarding

VRF = virtual router

PE

PE PP

VPN A CE

VPN B CE

VRF A

VRF B

VPN B CE

VRF for VPN B

VRF for VPN A

MPLS domain

(68)

VRF usage

CE

CE _PE_PE

CE CE P P VPN A VPN A VPN A VPN A VPN B VPN B VRF A VRF A VRF B VRF B VPN B VPN B PE PE CE CE CE VPN A VPN A VPN B VPN B CE CE VPN A VPN A PE PE packet packet

(69)

MPLS VPN example

10.0.0.1/24

S0

I-PE

Customer A

G-P

S0 S1/0 S1/1

e0 e0

e1 e1

10.0.0.1/24

Customer A Customer B

Customer B

J-PE

10.0.1.1/24

10.0.2.1/24

1.0.0.0/24 2.0.0.0/24

.1

.1 .2 .2

OSTRAVA TACHOV

(70)

VPN Route Distinguishing and

Exchange Between PEs

10.0.0.1/24 S0 I-PE Customer A G-P S0 S1/0 S1/1 e0 e0 e1 e1 10.0.0.1/24

Customer B J-PE 10.0.1.1/24 10.0.2.1/24 1.0.0.0/24 2.0.0.0/24 .1

.1 .2 .2

lo0 lo0 3.0.0.1/32 3.0.0.2/32 VRF CustomerA-I VRF CustomerA-J VRF VRF CustomerB-J RD 100:2 RT 100:20 RD 100:1 RT 100:10 OSTRAVA _TACHOV MPLS Core

IGP (OSPF, IS-IS, …)

(71)

PE

-

_-

to

_to

-

_-

PE

_PE

VPN Route Propagation

_{VPN Route Propagation}

•

PE router exports information from VRF to MP-BGPPE router exports information from VRF to MP-BGP

•

prefix uniqueness ensured using Route Distinguisher (64bit ID)prefix uniqueness ensured using Route Distinguisher (64bit ID)

•

VPN-V4 prefix = RD VPN-V4 prefix = RD + IPv4 prefix+ IPv4 prefix

•

Route exported with source VRF ID (route target)Route exported with source VRF ID (route target)

•

MMultiprotocol (Multiprotocol (MPP) i) iBGP session between PE routersBGP session between PE routers over over MPLS backbone (P routers)

MPLS backbone (P routers)

•

Full mesh (route reflectors often used)Full mesh (route reflectors often used)

•

Propagates VPNv4 routesPropagates VPNv4 routes

•

BGP attributes identify site-of-origin and route targetBGP attributes identify site-of-origin and route target

•

Opposite Opposite PE router imports information from MP-BGP into PE router imports information from MP-BGP into VRF

VRF

•

routes imported into particular VRFs according to BGP Route Target routes imported into particular VRFs according to BGP Route Target attribute values

(72)

MPLS VPN BGP attributes

•

Site of Origin (SOO)

• Identifies site where the route originated from

Identifies site where the route originated from

•

avoids loopsavoids loops

•

Route Target

• Identifies source VRF

Identifies source VRF

(73)

Customer route advertisement from PE

router (MP-BGP)

•

PE router assigns RT, RD based on source VRF and

SOO

•

PE router assigns VPN (MPLS) label

• Identifies particular VPN route (in VPN site’s routing

Identifies particular VPN route (in VPN site’s routing

table)

• Used as second label in the label stack

Used as second label in the label stack

•

Top-of-stack label identify egress PE routerTop-of-stack label identify egress PE router

•

Route’s next-hop rewritten to advertising PE router

loopback interface

(74)

CE

to

_to

PE

_PE

routing information exchange

_{routing information exchange}

•

CE router always exchanges routes with VRF

assigned to interface connecting that CE router

• IGP (RIPv2,OSPF)

IGP (RIPv2,OSPF)

• External BGP

External BGP

• Static routing or direct

Static routing or direct

l

y connected networks

•

Multiple

instances of

routing process

(

for every VRF

)

are running on PE router

(75)

Overlapping of VPNs

Site (VRF) may belong

to multiple

VPNs provided

that there is no addresses overlap

• Useful for shared server farms, extranets, ISPs etc.

Useful for shared server farms, extranets, ISPs etc.

(76)

Overlapping VPNs example

10.0.0.1/24 S0 I-PE Customer A G-P S0 S1/0 S1/1 e0 e0 e1 e1 10.0.0.1/24

Customer B J-PE 10.0.1.1/24 10.0.2.1/24 1.0.0.0/24 2.0.0.0/24 .1

.1 .2 .2

lo0 lo0 3.0.0.1/32 3.0.0.2/32 VRF CustomerA-I VRF CustomerA-J VRF CustomerB-I VRF CustomerB-J RD 100:2 RT 100:22 RD 100:1 RT 100:11 OSTRAVA _TACHOV