Mpls
Multiprotocol Label Switching (MPLS ) is a packet-forwarding technology used on network routers and switches to allow for the virtualization of routing and forwarding tables. MPLS uses the concept of label switching to forward traffic based on labels as opposed to network addresses. There are many different features that exist within the MPLS umbrella, but the primary technology we will explore is layer 3 vpns.
Mpls overcomes many of the limitations of traditional networks by allowing shared hardware to be used by multiple independent clients. Mpls was the next evolution of networking after the traditional hub and spoke topologies. SDN seems to be the next technology that may take network virtualization to a whole new level.
Traditional Network
The traditional networking model created physically seperated networks for each customer. Each site was connected with a point-to-point circuit that was purchased from a service provider.
Traditional Network Design (Hub & Spoke)
Each site requires a dedicated circuit (Her bir site özel bir devre gerektirir) Large headend router Widespread outages when the headend router fails Low bandwidth per site Spoke to spoke communications must pass through hub Does not scale Expensive
Mpls Topology
Provider Router - "P" Router
Used for transport across the MPLS backbone Runs an IGP such as OSPF or ISIS Has no BGP peerings Has no knowledge of customer routes Provider Edge Router - "PE" Router
Label Switch Router (LSR) Has knowledge of the customer routes Peers directly with the customer equipment
Route Reflector Eliminates the need for a full mesh of iBGP peerings within the MPLS backbone PE's establish iBGP sessions only with the route reflectors Use to perform routing lookups for PE routers Does not transit customer traffic
Customer Edge Router - "CE" Router
Typically has an eBGP peering with the upstream PE router
An Ip routing protocol is used within the MPLS backbone ( e.g OSPF,ISIS) to establish reachability to destination networks A label distribution protocol (e.g LDP/TDP) is used to distribute labels for destination network mappings. The ingress PE router receives IP packets, perform packet classification ( into a VRF), assign a label and forwards the labeled packet into the MPLS network. Core P routers switch packets based on the label value ( no knowledge of the customer routers) The egress PE router removes the label before forwarding the IP packet outside the MPLS network to the CE router.
Label Switched Paths
LSP's derive from IGP routing information LSPs may diverge from IGP shortest path - Mpls traffic engineering (TE) - Makes better use of available bandwidth
Label stack is used for packet forwarding Top label indicates BGP Next Hop (IGP label) Second level label indicates outgoing interface or VRF (BGP label , VPN label)
What is a Layer 3 IP VPN ?
IP network infrastructure delivering private network services over a service provider's infrastructure. Basically, used to transport customer routes across the MPLS backbone and keep them isolated from other customer networks. - Defined by a VRF - Uses a layer 3 backbone - Scability, easy provisioning - Customer Ip space can overlap - QoS for customer application needs - Controlled access - Easy configuration for customers
What is a VRF
Virtual Routing and Forwarding (VRF)
Typically used on a PE router. Creates a virtual routing instance to support a customer. VRFs maintain seperation from the global routing table and the other customer VRFs. Many VRFs can be used on the same PE router to support many customers A VRF contains a Route Distinguisher (RD) that gives routes a unique identifier. - Allow customer IP space to overlap. Route targets are used to import and export customer routes across PE devices on the MPLS backbone - Allow customers to communicate across multiple sites.
Route Configuration
vrf definition customer 1
rd 100:24
route-target import 100:24
route-target export 100:24
address-family ipv4
P router (LSRs) are in the core of the Mpls cloud. PE routers use MPLS with the core and plain IP with CE routers. P and PE routers share a common IGP (e.g ISIS or OSPF) PE routers are MP-iBGP fully meshed to exchange routing information related to the connected sites and VPNs. Route reflectors can be used to reduce the full mesh of MP-iBGP peerings.
PE and CE routers exchange routing information through a routing protocol. - eBGP, OSPF, RIPv2 , EIGRP , static routing - eBGP is the most common - This is the demarcation point between the provider and customer. CE routers run standard Ip routing software ( no MPLS functionality)
PE routers maintain seperate routing tables
- The global forwarding table - The routes (ipv4) the PE receives through the backbone IGP are installed in the global routing table - VRF forwarding table - The routes the PE receives from the customer networks are installed in the respective customer VRF routing table
Each VRF has an import and export policy configured Policies use route-target attribute (extended community) PE receives MP-iBGP updates for VPN-ipv4 routes. If route-target is equal to any of the import values configured in the PE, the update is accepted. Otherwise it is silently discarded.
PE and P routers have BGP next-hop reachability through the backbone IGP Labels are distributed through LDP (hop by hop ) corresponding to BGP Next-hops Label Stack is used for packet forwarding - Top label indicates BGP next-hop (IGP label) - Second level label indicates outgoing interface or VRF (BGP label , VPN label)
Labels are learned through the TDP/LDP protocol and assigned to IGP routes. Labels learned through MP-BGP and assigned to VPN routes. Mpls Nodes forward packets based on the top label P routers don't have BGP ( nor VPN) knowledge - No VPN routing information
Last updated
