How To Make A Network Secure
|
|
- Emory Grant
- 3 years ago
- Views:
Transcription
1 1
2 2
3 3
4 4
5 -Lower yellow line is graduate student enrollment -Red line is undergradate enrollment -Green line is total enrollment numbers are projected to be near 20,000 (on-campus) not including distance education numbers. 5
6 6
7 7
8 8
9 9
10 10
11 11
12 -High security isolated networks are being demanded for things like: -Health/medical data under HIPAA regulatory requirements -Administrative natured applications that require higher security -Isolation of credit card point of sale processing devices (subject to PCI DSS) -Some academic researchers asking for increased security. -Our customers were demanding us to service increasing diversity with increased availability. 12
13 University networks are a diverseplace. We are like a large enterprise only without the ability to exert much in the way of standards or control over our environments. This lack of ability to control the environment is especially true for the diversity of communication endpoints attaching to the network. 13
14 14
15 -Similarto VLAN s only more powerful, MPLS allows for the separation of traffic on the same physical media -Unlike VLAN s, MPLS does this at the network layer (layer 3) -This enables us to scale up network virtualization considerably. -Since about the year 2000, MPLS has been widely popular with ISP s due to the ability to serve many more customers from a single physical infrastructure. -Label switching separates the control plane from the data forwarding plane thus enabling ISP s to not have to carry a full Internet routing table through the core of their networks. -For us, MPLS is more interesting for its ability to create closed application groups within the network. 15
16 -The LSP is the path from the source to the destination for a data packet entering the MPLS network. -The LSP is the culmination of all of the outgoing interface label information within the entire network. Outgoing label information in locally significant on a per router / per interface basis. -Label distribution protocol is used between routers to propagate hop by hop forwarding information upstream. -Within an MPLSVPN infrastructure, the FEC becomes the unique layer 3 network or VPN identifier. 16
17 17
18 -Data always follows the label switched patch downstream whereas label distribution information is propagated upstream to the source router. -An MPLS label value unique identifies an IP destination prefix. -If the bottom of stack indicator is zero, then multiple labels are in use within the MPLS packet. -TTL functions exactlythe same way as TTL in an IP only network. That is to say, it is used for network loop prevention. -MPLS header TTL is decremented within each LSR. -When an IP packet enters an MPLS network, the TTL is typically copied from the IP header. -When the packet exists the MPLS, the TTL is copied back to the IP header. -process is called TTL propagation -TTL propagation can be disabled which will hide the MPLS network from the traceroute command. 18
19 -TheMPLS label stack is inserted between the Layer 2 header and the Layer 3 IP header as a SHIM header. 19
20 -Routing protocoldestination reachabilityinformation, and used to populate the RIB which in turn populates the FIB. -FIB maps destination prefixes to next-hop adjacencies. -LIB is populated only by the Label Distribution Protocol -LIB: ipdestination prefixes mapped to next-hop labels received from downstream neighbors. 20
21 -peer to peer modelmeans that routing information is exchanged between customer routers and provider routers -customer isolation is achieved on provider edge (PE) routers by using virtual routing and forwarding tables (VRFs) -similar to maintaining multiple dedicated routers for customers -individual route contexts can be used on PE routers and mapped to a VRF if desired. -example: route prefix /24 is received from CE1A -routes learned are redistributed into MP-BGP on PE1 -prefix is prepended with RD value 65000:100 and appended with RT of 65000:100 -VPN label is assigned for each prefix learned by PE1 s MP-BGP process -MP-BGP route update is received by PE2 and the route prefix is stored in the VRF CustAtable based on the VPN label. -received routes are redistributed into CE2A s route table. -PE router must run an IGP that provides NLRI for ibgp. (OSPF or ISIS) -From the data packet forwarding perspective, if CEA1 originates a packet for a route prefix belonging to CE2A, -PE1 receives the packet and appends a VPN label and outgoing LDP label. -packet is forwarded through the core network P1 and P2 with LDP label swapping as it goes. -P2 receives the packet, pops the top label and forwards to PE2 still retaining VPN label. -PE2 pops the VPN label and forwards the packet to CE2A. *The VPN label is never touched until it reaches the egress PE router towards the FEC. 21
22 -The RD is unique per virtual routing table/ VRF on a PE router. -The use of RD enables two different customer networks to have overlapping address space. -Route Targets(RT) identify the VPN membership of the router learned from that specific site. -RT s are implemented using extended BGP communities in which the higher order 16-bits of the community are encoded with the VPN identifier. -When implementing complex VPN topologies, such as an extranet VPN, route targets play a critical role. 22
23 23
24 This packetdisplay from the Wiresharksniffer is captured on the outgoing interface of the originating router. It shows the imposition of the outgoing interface label as well as the VPN label. Notice that the IP header TTL value of 126 has been copied onto the MPLS header and then appropriately decremented by 1 showing LSR traversal. 24
25 This packet display from the Wiresharksniffer shows a packet that has been received on an interface of the destination router. -for efficiency, there exists only the VPN label which allows the router to simply perform an IPV4 prefix lookup in the FIB of the VRF this packet belongs to. -this is a process known as penultimate hop popping (PHP) done by the upstream router. -before final forwarding to the destination address, the TTL from the MPLS header will be copied back onto the IP header. -the source IP TTL is actually preserved but will be overwritten shortly. 25
26 TheMPLS network that UNCG is building treats the University buildings as individual layer 2 switched networks with multiple unique VLAN s per building. -Each VLAN is representative of a campus wide closed application group that has specific operational and security parameters. -The VLAN s that fall into one specific set of requirements map into a single VRF within the distribution layer PE routers. -Therefore, each VLANtypically represents a route prefix that is directly connected to a PE router. -Virtual Router Redundancy Protocol (VRRP) is used for multi-homing buildings in order to provide redundancy. -Additionally,for those VRF s that are forwarding route prefixes with only RFC-1918 addressing, a redundant firewall is provided in the Internet border PE routers in order to provide security and address translation. -At this time, none of our University building tech staff are interested in directly managing network routers, therefore we don t have a defined customer edge device and probably will not see that in the foreseeable future. --The switched networks in buildings are being upgraded to Cisco 3750 series equipment with gigabit copper access being offered. At the same time, we have increased the access network level of security by using features like MAC address limitations, ARP inspection, and DHCP snooping. 26
27 The process of migration was madeeasier by the ability to purchase a portion of the new network in the form of routers, and configure them ahead of time. Base router configuration involved setting up: -Point to point physical and IP /30 links between all routers. - Configuration of MPLS encapsulation on all links - Configuration of Label Distribution Protocol on all links. - Configuration of MP-BGP and core route reflectors -on each of the PE routers, connected routes must be redistributed in order for the SVI s to appear in the VRF route table. -Configuration of our first VRF to carry/encapsulate the legacy network traffic (VRF public) -Configuration of Multicast VPN as our existing network was multicast enabled. - -Connection of the legacy network to the new network - redistribution of OSPF into the new network s BGP process -redistribution of BGP routes back to the OSPF legacy network. Then, one by one we took Switched Virtual interfaces that faced buildings on the legacy network, and configured them into the public VRF on the new network. The interfaces could remain in an administratively down state until the physical building link itself was migrated. 27
28 28
29 29
30 30
31 31
32 32
33 33
34 -each of the clouds represented in this diagram mapsto a specific VRF within the MPLS network -the extranet in the center is used as a route distribution point to transmit routes to multiple client side VRFs. 34
35 35
36 -Forlayer 2 segments, we ended up using physical interfaces looped back to trunk interfaces. -we designated one PE router as the multi-point layer 2 source, then created point to point MPLS layer 2 tunnels from that device to all other PE devices. -to do so required a physical loopback. -when sniffing an MPLS encapsulated link, there is no guarantee you are going to see both directions of traffic. 36
37 37
38 38
Introducing Basic MPLS Concepts
Module 1-1 Introducing Basic MPLS Concepts 2004 Cisco Systems, Inc. All rights reserved. 1-1 Drawbacks of Traditional IP Routing Routing protocols are used to distribute Layer 3 routing information. Forwarding
More informationHow Routers Forward Packets
Autumn 2010 philip.heimer@hh.se MULTIPROTOCOL LABEL SWITCHING (MPLS) AND MPLS VPNS How Routers Forward Packets Process switching Hardly ever used today Router lookinginside the packet, at the ipaddress,
More informationWAN Topologies MPLS. 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr. 2006 Cisco Systems, Inc. All rights reserved.
MPLS WAN Topologies 1 Multiprotocol Label Switching (MPLS) IETF standard, RFC3031 Basic idea was to combine IP routing protocols with a forwarding algoritm based on a header with fixed length label instead
More informationMPLS-based Layer 3 VPNs
MPLS-based Layer 3 VPNs Overall objective The purpose of this lab is to study Layer 3 Virtual Private Networks (L3VPNs) created using MPLS and BGP. A VPN is an extension of a private network that uses
More informationFor internal circulation of BSNLonly
E3-E4 E4 E&WS Overview of MPLS-VPN Overview Traditional Router-Based Networks Virtual Private Networks VPN Terminology MPLS VPN Architecture MPLS VPN Routing MPLS VPN Label Propagation Traditional Router-Based
More informationEnterprise Network Simulation Using MPLS- BGP
Enterprise Network Simulation Using MPLS- BGP Tina Satra 1 and Smita Jangale 2 1 Department of Computer Engineering, SAKEC, Chembur, Mumbai-88, India tinasatra@gmail.com 2 Department of Information Technolgy,
More informationNotice the router names, as these are often used in MPLS terminology. The Customer Edge router a router that directly connects to a customer network.
Where MPLS part I explains the basics of labeling packets, it s not giving any advantage over normal routing, apart from faster table lookups. But extensions to MPLS allow for more. In this article I ll
More information- Multiprotocol Label Switching -
1 - Multiprotocol Label Switching - Multiprotocol Label Switching Multiprotocol Label Switching (MPLS) is a Layer-2 switching technology. MPLS-enabled routers apply numerical labels to packets, and can
More informationMPLS-based Virtual Private Network (MPLS VPN) The VPN usually belongs to one company and has several sites interconnected across the common service
Nowdays, most network engineers/specialists consider MPLS (MultiProtocol Label Switching) one of the most promising transport technologies. Then, what is MPLS? Multi Protocol Label Switching (MPLS) is
More informationExpert Reference Series of White Papers. An Overview of MPLS VPNs: Overlay; Layer 3; and PseudoWire
Expert Reference Series of White Papers An Overview of MPLS VPNs: Overlay; Layer 3; and PseudoWire 1-800-COURSES www.globalknowledge.com An Overview of MPLS VPNs: Overlay; Layer 3; and PseudoWire Al Friebe,
More informationPRASAD ATHUKURI Sreekavitha engineering info technology,kammam
Multiprotocol Label Switching Layer 3 Virtual Private Networks with Open ShortestPath First protocol PRASAD ATHUKURI Sreekavitha engineering info technology,kammam Abstract This paper aims at implementing
More informationMP PLS VPN MPLS VPN. Prepared by Eng. Hussein M. Harb
MP PLS VPN MPLS VPN Prepared by Eng. Hussein M. Harb Agenda MP PLS VPN Why VPN VPN Definition VPN Categories VPN Implementations VPN Models MPLS VPN Types L3 MPLS VPN L2 MPLS VPN Why VPN? VPNs were developed
More informationNetwork Virtualization with the Cisco Catalyst 6500/6800 Supervisor Engine 2T
White Paper Network Virtualization with the Cisco Catalyst 6500/6800 Supervisor Engine 2T Introduction Network virtualization is a cost-efficient way to provide traffic separation. A virtualized network
More informationMPLS Concepts. Overview. Objectives
MPLS Concepts Overview This module explains the features of Multi-protocol Label Switching (MPLS) compared to traditional ATM and hop-by-hop IP routing. MPLS concepts and terminology as well as MPLS label
More informationIntroduction to MPLS-based VPNs
Introduction to MPLS-based VPNs Ferit Yegenoglu, Ph.D. ISOCORE ferit@isocore.com Outline Introduction BGP/MPLS VPNs Network Architecture Overview Main Features of BGP/MPLS VPNs Required Protocol Extensions
More informationMPLS Basics. For details about MPLS architecture, refer to RFC 3031 Multiprotocol Label Switching Architecture.
Multiprotocol Label Switching (), originating in IPv4, was initially proposed to improve forwarding speed. Its core technology can be extended to multiple network protocols, such as IPv6, Internet Packet
More informationMikroTik RouterOS Introduction to MPLS. Prague MUM Czech Republic 2009
MikroTik RouterOS Introduction to MPLS Prague MUM Czech Republic 2009 Q : W h y h a v e n 't y o u h e a r d a b o u t M P LS b e fo re? A: Probably because of the availability and/or price range Q : W
More informationIMPLEMENTING CISCO MPLS V3.0 (MPLS)
IMPLEMENTING CISCO MPLS V3.0 (MPLS) COURSE OVERVIEW: Multiprotocol Label Switching integrates the performance and traffic-management capabilities of data link Layer 2 with the scalability and flexibility
More informationComputer Network Architectures and Multimedia. Guy Leduc. Chapter 2 MPLS networks. Chapter 2: MPLS
Computer Network Architectures and Multimedia Guy Leduc Chapter 2 MPLS networks Chapter based on Section 5.5 of Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross Addison-Wesley,
More informationHP Networking BGP and MPLS technology training
Course overview HP Networking BGP and MPLS technology training (HL046_00429577) The HP Networking BGP and MPLS technology training provides networking professionals the knowledge necessary for designing,
More informationCisco Configuring Basic MPLS Using OSPF
Table of Contents Configuring Basic MPLS Using OSPF...1 Introduction...1 Mechanism...1 Hardware and Software Versions...2 Network Diagram...2 Configurations...2 Quick Configuration Guide...2 Configuration
More informationRFC 2547bis: BGP/MPLS VPN Fundamentals
White Paper RFC 2547bis: BGP/MPLS VPN Fundamentals Chuck Semeria Marketing Engineer Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA 408 745 2001 or 888 JUNIPER www.juniper.net
More informationImplementing Cisco MPLS
Implementing Cisco MPLS Course MPLS v2.3; 5 Days, Instructor-led Course Description This design document is for the refresh of the Implementing Cisco MPLS (MPLS) v2.3 instructor-led training (ILT) course,
More informationImplementing MPLS VPN in Provider's IP Backbone Luyuan Fang luyuanfang@att.com AT&T
Implementing MPLS VPN in Provider's IP Backbone Luyuan Fang luyuanfang@att.com AT&T 1 Outline! BGP/MPLS VPN (RFC 2547bis)! Setting up LSP for VPN - Design Alternative Studies! Interworking of LDP / RSVP
More informationIP/MPLS-Based VPNs Layer-3 vs. Layer-2
Table of Contents 1. Objective... 3 2. Target Audience... 3 3. Pre-Requisites... 3 4. Introduction...3 5. MPLS Layer-3 VPNs... 4 6. MPLS Layer-2 VPNs... 7 6.1. Point-to-Point Connectivity... 8 6.2. Multi-Point
More informationKingston University London
Kingston University London Thesis Title Implementation and performance evaluation of WAN services over MPLS Layer-3 VPN Dissertation submitted for the Degree of Master of Science in Networking and Data
More informationIMPLEMENTING CISCO MPLS V2.3 (MPLS)
IMPLEMENTING CISCO MPLS V2.3 (MPLS) COURSE OVERVIEW: The course will enable learners to gather information from the technology basics to advanced VPN configuration. The focus of the course is on VPN technology
More informationMPLS Implementation MPLS VPN
MPLS Implementation MPLS VPN Describing MPLS VPN Technology Objectives Describe VPN implementation models. Compare and contrast VPN overlay VPN models. Describe the benefits and disadvantages of the overlay
More informationl.cittadini, m.cola, g.di battista
MPLS VPN l.cittadini, m.cola, g.di battista motivations customer s problem a customer (e.g., private company, public administration, etc.) has several geographically distributed sites and would like to
More informationMPLS VPN. Agenda. MP-BGP VPN Overview MPLS VPN Architecture MPLS VPN Basic VPNs MPLS VPN Complex VPNs MPLS VPN Configuration (Cisco) L86 - MPLS VPN
MPLS VPN Peer to Peer VPN s Agenda MP-BGP VPN Overview MPLS VPN Architecture MPLS VPN Basic VPNs MPLS VPN Complex VPNs MPLS VPN Configuration (Cisco) CE-PE OSPF Routing CE-PE Static Routing CE-PE RIP Routing
More informationMPLS VPN over mgre. Finding Feature Information. Prerequisites for MPLS VPN over mgre
The feature overcomes the requirement that a carrier support multiprotocol label switching (MPLS) by allowing you to provide MPLS connectivity between networks that are connected by IP-only networks. This
More informationDD2491 p2 2011. MPLS/BGP VPNs. Olof Hagsand KTH CSC
DD2491 p2 2011 MPLS/BGP VPNs Olof Hagsand KTH CSC 1 Literature Practical BGP: Chapter 10 MPLS repetition, see for example http://www.csc.kth.se/utbildning/kth/kurser/dd2490/ipro1-11/lectures/mpls.pdf Reference:
More informationMPLS Concepts. MPLS Concepts
MPLS Concepts MPLS: Multi Protocol Label Switching MPLS is a layer 2+ switching MPLS forwarding is done in the same way as in VC (Virtual Circuit) switches Packet forwarding is done based on Labels MPLS
More informationAnalyzing Capabilities of Commercial and Open-Source Routers to Implement Atomic BGP
Telfor Journal, Vol. 2, No. 1, 2010. 13 Analyzing Capabilities of Commercial and Open-Source Routers to Implement Atomic BGP Aleksandar Cvjetić and Aleksandra Smiljanić Abstract The paper analyzes implementations
More informationExam Name: BGP + MPLS Exam Exam Type Cisco Case Studies: 3 Exam Code: 642-691 Total Questions: 401
Question: 1 Every time a flap occurs on a route, the route receives A. 750 per-flap penalty points which are user configurable B. 1500 per-flap penalty points which are user configurable C. 200 per-flap
More informationIPv6 over IPv4/MPLS Networks: The 6PE approach
IPv6 over IPv4/MPLS Networks: The 6PE approach Athanassios Liakopoulos Network Operation & Support Manager (aliako@grnet.gr) Greek Research & Technology Network (GRNET) III Global IPv6 Summit Moscow, 25
More informationFrame Mode MPLS Implementation
CHAPTER 4 Frame Mode MPLS Implementation Lab 4-1: Configuring Frame Mode MPLS (4.5.1) In this lab, you learn how to do the following: Configure EIGRP on a router. Configure LDP on a router. Change the
More informationContent CHAPTER 1 MPLS OVERVIEW... 1-1
Content Content CHAPTER 1 MPLS OVERVIEW... 1-1 1.1 MPLS OVERVIEW... 1-1 1.1.1 MPLS Introduction... 1-1 1.1.2 MPLS Network Introduction... 1-5 1.1.3 Introduction to MPLS and Routing Protocols... 1-6 1.1.4
More informationAPNIC elearning: Introduction to MPLS
2/5/5 ANIC elearning: Introduction to MLS 3 MAY 25 3: M AEST Brisbane (UTC+) Issue Date: Revision: Introduction resenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security DNS/DNSSEC
More informationWhite Paper. Cisco MPLS based VPNs: Equivalent to the security of Frame Relay and ATM. March 30, 2001
The leading edge in networking information White Paper Cisco MPLS based VPNs: Equivalent to the security of Frame Relay and ATM March 30, 2001 Abstract: The purpose of this white paper is to present discussion
More informationDD2491 p2 2009. BGP-MPLS VPNs. Olof Hagsand KTH/CSC
DD2491 p2 2009 BGP-MPLS VPNs Olof Hagsand KTH/CSC Literature Practical BGP: Chapter 10 JunOS Cookbook: Chapter 14 and 15 MPLS Advantages Originally, the motivation was speed and cost. But routers does
More informationMPLS Architecture for evaluating end-to-end delivery
International Journal of Scientific and Research Publications, Volume 2, Issue 11, November 2012 1 MPLS Architecture for evaluating end-to-end delivery Nikita Wadhera Lovely Professional University Abstract-
More informationMPLS Virtual Private Networks
MPLS Virtual Private Networks Luca Cittadini Giuseppe Di Battista Maurizio Patrignani Summary This chapter is devoted to Virtual Private Networks (VPNs) designed with Multi Protocol Label Switching (MPLS)
More informationAPPLICATION NOTE 211 MPLS BASICS AND TESTING NEEDS. Label Switching vs. Traditional Routing
MPLS BASICS AND TESTING NEEDS By Thierno Diallo, Product Specialist Protocol Business Unit The continuing expansion and popularity of the Internet is forcing routers in the core network to support the
More informationInvestigation of different VPN Solutions And Comparison of MPLS, IPSec and SSL based VPN Solutions (Study Thesis)
MEE09:44 BLEKINGE INSTITUTE OF TECHNOLOGY School of Engineering Department of Telecommunication Systems Investigation of different VPN Solutions And Comparison of MPLS, IPSec and SSL based VPN Solutions
More informationIn this chapter, you learn about the following: How MPLS provides security (VPN separation, robustness against attacks, core hiding, and spoofing
In this chapter, you learn about the following: How MPLS provides security (VPN separation, robustness against attacks, core hiding, and spoofing protection) How the different Inter-AS and Carrier s Carrier
More informationLab 4.2 Challenge Lab: Implementing MPLS VPNs
Lab 4.2 Challenge Lab: Implementing MPLS VPNs Learning Objectives Configure Open Shortest Path First (OSPF) and Enhanced Interior Gateway Routing Protocol (EIGRP) on a router Enable MPLS on a router Verify
More informationUsing OSPF in an MPLS VPN Environment
Using OSPF in an MPLS VPN Environment Overview This module introduces the interaction between multi-protocol Border Gateway Protocol (MP-BGP) running between Provider Edge routers (s) and Open Shortest
More informationMPLS. A Tutorial. Paresh Khatri. paresh.khatri@alcatel-lucent.com.au
MPLS A Tutorial Paresh Khatri paresh.khatri@alcatel-lucent.com.au Agenda 1. MPLS overview and LSP types 2. Distribution Protocol (LDP) 3. Questions Introduction Paresh Khatri (paresh.khatri@alcatel-lucent.com.au)
More informationMPLS VPN Services. PW, VPLS and BGP MPLS/IP VPNs
A Silicon Valley Insider MPLS VPN Services PW, VPLS and BGP MPLS/IP VPNs Technology White Paper Serge-Paul Carrasco Abstract Organizations have been demanding virtual private networks (VPNs) instead of
More informationBroadband Network Architecture
Broadband Network Architecture Jan Martijn Metselaar May 24, 2012 Winitu Consulting Klipperaak 2d 2411 ND Bodegraven The Netherlands slide Broadband Services! Dual play, Triple play, Multi play! But what
More informationMultiprotocol Label Switching Load Balancing
Multiprotocol Label Switching Load Balancing First Published: July 2013 The Cisco ME 3800 and ME 3600 switches support IPv4 and IPv6 load balancing at the LER and LSR. Effective with Cisco IOS Release
More informationUnderstanding Virtual Router and Virtual Systems
Understanding Virtual Router and Virtual Systems PAN- OS 6.0 Humair Ali Professional Services Content Table of Contents VIRTUAL ROUTER... 5 CONNECTED... 8 STATIC ROUTING... 9 OSPF... 11 BGP... 17 IMPORT
More informationProtection Methods in Traffic Engineering MPLS Networks
Peter Njogu Kimani Protection Methods in Traffic Engineering MPLS Networks Helsinki Metropolia University of Applied Sciences Bachelor of Engineering Information technology Thesis 16 th May 2013 Abstract
More informationA Simulation Analysis of Latency and Packet Loss on Virtual Private Network through Multi Virtual Routing and Forwarding
A Simulation Analysis of Latency and Packet Loss on Virtual Private Network through Multi Virtual Routing and Forwarding Rissal Efendi STMIK PROVISI Semarang, Indonesia ABSTRACT MPLS is a network management
More informationCampus Network Virtualization using Multiprotocol Label Switching Virtual Private Networks (MPLS-VPNs)
Campus Network Virtualization using Multiprotocol Label Switching Virtual Private Networks (MPLS-VPNs) Frank Ibikunle Electrical and Information Engineering Dept, Covenant University Ota, Nigeria Segun
More informationMPLS/BGP Network Simulation Techniques for Business Enterprise Networks
MPLS/BGP Network Simulation Techniques for Business Enterprise Networks Nagaselvam M Computer Science and Engineering, Nehru Institute of Technology, Coimbatore, Abstract Business Enterprises used VSAT
More informationDesign of Virtual Private Networks with MPLS
Design of Virtual Private Networks with MPLS Luca Cittadini Giuseppe Di Battista Maurizio Patrignani Summary This chapter is devoted to Virtual Private Networks(VPNs) designed with Multi Protocol Label
More informationMPLS is the enabling technology for the New Broadband (IP) Public Network
From the MPLS Forum Multi-Protocol Switching (MPLS) An Overview Mario BALI Turin Polytechnic Mario.Baldi@polito.it www.polito.it/~baldi MPLS is the enabling technology for the New Broadband (IP) Public
More informationNetwork Working Group Request for Comments: 2547. March 1999
Network Working Group Request for Comments: 2547 Category: Informational E. Rosen Y. Rekhter Cisco Systems, Inc. March 1999 BGP/MPLS VPNs Status of this Memo This memo provides information for the Internet
More informationIPv6 over MPLS VPN. Contents. Prerequisites. Document ID: 112085. Requirements
IPv6 over MPLS VPN Document ID: 112085 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram VRF Configuration Multiprotocol BGP (MP BGP) Configuration
More informationMPLS VPN Route Target Rewrite
The feature allows the replacement of route targets on incoming and outgoing Border Gateway Protocol (BGP) updates Typically, Autonomous System Border Routers (ASBRs) perform the replacement of route targets
More informationTable of Contents. Cisco Configuring a Basic MPLS VPN
Table of Contents Configuring a Basic MPLS VPN...1 Introduction...1 Prerequisites...1 Requirements...1 Components Used...2 Related Products...2 Conventions...2 Configure...3 Network Diagram...3 Configuration
More informationDesign of MPLS networks VPN and TE with testing its resiliency and reliability
MASARYK UNIVERSITY FACULTY OF INFORMATICS Design of MPLS networks VPN and TE with testing its resiliency and reliability Diploma thesis Michal Aron Brno, spring 2014 ZADANIE DP Declaration I declare
More informationWhy Is MPLS VPN Security Important?
MPLS VPN Security An Overview Monique Morrow Michael Behringer May 2 2007 Future-Net Conference New York Futurenet - MPLS Security 1 Why Is MPLS VPN Security Important? Customer buys Internet Service :
More informationFundamentals Multiprotocol Label Switching MPLS III
Fundamentals Multiprotocol Label Switching MPLS III Design of Telecommunication Infrastructures 2008-2009 Rafael Sebastian Departament de tecnologies de la Informació i les Comunicaciones Universitat Pompeu
More informationImplementing Cisco Service Provider Next-Generation Edge Network Services **Part of the CCNP Service Provider track**
Course: Duration: Price: $ 3,695.00 Learning Credits: 37 Certification: Implementing Cisco Service Provider Next-Generation Edge Network Services Implementing Cisco Service Provider Next-Generation Edge
More informationMPLS VPN Implementation
MPLS VPN Implementation Overview Virtual Routing and Forwarding Table VPN-Aware Routing Protocols VRF Configuration Tasks Configuring BGP Address families Configuring BGP Neighbors Configuring MP-BGP Monitoring
More informationImplementation of Traffic Engineering and Addressing QoS in MPLS VPN Based IP Backbone
International Journal of Computer Science and Telecommunications [Volume 5, Issue 6, June 2014] 9 ISSN 2047-3338 Implementation of Traffic Engineering and Addressing QoS in MPLS VPN Based IP Backbone Mushtaq
More informationAMPLS - Advanced Implementing and Troubleshooting MPLS VPN Networks v4.0
Course Outline AMPLS - Advanced Implementing and Troubleshooting MPLS VPN Networks v4.0 Module 1: MPLS Features Lesson 1: Describing Basic MPLS Concepts Provide an overview of MPLS forwarding, features,
More informationIntroduction Inter-AS L3VPN
Introduction Inter-AS L3VPN 1 Extending VPN services over Inter-AS networks VPN Sites attached to different MPLS VPN Service Providers How do you distribute and share VPN routes between ASs Back- to- Back
More informationDD2490 p4 2011. Routing and MPLS/IP. Olof Hagsand KTH CSC
DD2490 p4 2011 Routing and MPLS/IP Olof Hagsand KTH CSC 1 Literature Lecture slides and lecture notes (on web) Reference JunOS Cookbook: Chapter 14 2 Background MPLS - Multiprotocol Label Switching Originally
More informationLayer 3 Multiprotocol Label Switching Virtual Private Network
i Zelalem Temesgen Weldeselasie Layer 3 Multiprotocol Label Switching Virtual Private Network Technology and Communication 2014 1 VAASAN AMMATTIKORKEAKOULU UNIVERSITY OF APPLIED SCIENCES Information Technology
More informationUnderstanding Route Redistribution & Filtering
Understanding Route Redistribution & Filtering When to Redistribute and Filter PAN-OS 5.0 Revision B 2013, Palo Alto Networks, Inc. www.paloaltonetworks.com Contents Overview... 3 Route Redistribution......
More informationMPLS. Cisco MPLS. Cisco Router Challenge 227. MPLS Introduction. The most up-to-date version of this test is at: http://networksims.com/i01.
MPLS Cisco MPLS MPLS Introduction The most up-to-date version of this test is at: http://networksims.com/i01.html Cisco Router Challenge 227 Outline This challenge involves basic frame-mode MPLS configuration.
More informationOVERLAYING VIRTUALIZED LAYER 2 NETWORKS OVER LAYER 3 NETWORKS
OVERLAYING VIRTUALIZED LAYER 2 NETWORKS OVER LAYER 3 NETWORKS Matt Eclavea (meclavea@brocade.com) Senior Solutions Architect, Brocade Communications Inc. Jim Allen (jallen@llnw.com) Senior Architect, Limelight
More informationMigrating to MPLS Technology and Applications
Migrating to MPLS Technology and Applications Serge-Paul Carrasco June 2003 asiliconvalleyinsider.com Table Of Content Why to migrate to MPLS? Congestion on the Internet Traffic Engineering MPLS Fundamentals
More informationLayer 3 MPLS VPN Enterprise Consumer Guide Version 2
Layer 3 MPLS VPN Enterprise Consumer Guide Version 2 This document is written for networking engineers and administrators responsible for implementing a Layer 3 (L3) MPLS VPN service from a service provider
More informationIPv6 Fundamentals, Design, and Deployment
IPv6 Fundamentals, Design, and Deployment Course IP6FD v3.0; 5 Days, Instructor-led Course Description The IPv6 Fundamentals, Design, and Deployment (IP6FD) v3.0 course is an instructor-led course that
More informationQuidway MPLS VPN Solution for Financial Networks
Quidway MPLS VPN Solution for Financial Networks Using a uniform computer network to provide various value-added services is a new trend of the application systems of large banks. Transplanting traditional
More informationVirtual Private LAN Service on Cisco Catalyst 6500/6800 Supervisor Engine 2T
White Paper Virtual Private LAN Service on Cisco Catalyst 6500/6800 Supervisor Engine 2T Introduction to Virtual Private LAN Service The Cisco Catalyst 6500/6800 Series Supervisor Engine 2T supports virtual
More informationImplementing VPN over MPLS
IOSR Journal of Electronics and Communication Engineering (IOSR-JECE) e-issn: 2278-2834,p- ISSN: 2278-8735.Volume 10, Issue 3, Ver. I (May - Jun.2015), PP 48-53 www.iosrjournals.org Implementing VPN over
More informationTackling the Challenges of MPLS VPN Testing. Todd Law Product Manager Advanced Networks Division
Tackling the Challenges of MPLS VPN ing Todd Law Product Manager Advanced Networks Division Agenda Background Why test MPLS VPNs anyway? ing Issues Technical Complexity and Service Provider challenges
More informationConfiguring a Basic MPLS VPN
Configuring a Basic MPLS VPN Help us help you. Please rate this document. Contents Introduction Conventions Hardware and Software Versions Network Diagram Configuration Procedures Enabling Configuring
More informationMulti-Protocol Label Switching To Support Quality of Service Needs
Technical Report, IDE1008, February 2010 Multi-Protocol Label Switching To Support Quality of Service Needs Master s Thesis in Computer Network Engineering - 15hp AMJAD IFTIKHAR AOON MUHAMMAD SHAH & FOWAD
More informationISTANBUL. 1.1 MPLS overview. Alcatel Certified Business Network Specialist Part 2
1 ISTANBUL 1.1 MPLS overview 1 1.1.1 Principle Use of a ATM core network 2 Overlay Network One Virtual Circuit per communication No routing protocol Scalability problem 2 1.1.1 Principle Weakness of overlay
More informationTransitioning to BGP. ISP Workshops. Last updated 24 April 2013
Transitioning to BGP ISP Workshops Last updated 24 April 2013 1 Scaling the network How to get out of carrying all prefixes in IGP 2 Why use BGP rather than IGP? p IGP has Limitations: n The more routing
More informationMPLS VPN Security BRKSEC-2145
MPLS VPN Security BRKSEC-2145 Session Objective Learn how to secure networks which run MPLS VPNs. 100% network focus! Securing routers & the whole network against DoS and abuse Not discussed: Security
More informationHow To Understand The Benefits Of An Mpls Network
NETWORKS NetIron XMR 16000 NETWORKS NetIron XMR 16000 NETWORKS NetIron XMR 16000 Introduction MPLS in the Enterprise Multi-Protocol Label Switching (MPLS) as a technology has been around for over a decade
More informationS-38.3192 ITGuru Exercise (3: Building the MPLS BGP VPN) Spring 2006
S-38.3192 ITGuru Exercise (3: Building the MPLS BGP VPN) Spring 2006 Original version: Johanna Nieminen and Timo Viipuri (2005) Modified: Timo-Pekka Heikkinen, Juha Järvinen and Yavor Ivanov (2006) Task
More informationAn Introduction to MPLS
Research An Introduction to MPLS Timothy G. Griffin griffin@research.att.com http://www.research.att.com/~griffin November 21, 2002 1 What s all this talk about MPLS? MPLS is going to solve all of our
More informationnetkit lab MPLS VPNs with overlapping address spaces 1.0 S.Filippi, L.Ricci, F.Antonini Version Author(s)
netkit lab MPLS VPNs with overlapping address spaces Version Author(s) 1.0 S.Filippi, L.Ricci, F.Antonini E-mail Web Description silvia.filippi@kaskonetworks.it http://www.kaksonetworks.it/ A lab showing
More informationIPv4/IPv6 Transition Mechanisms. Luka Koršič, Matjaž Straus Istenič
IPv4/IPv6 Transition Mechanisms Luka Koršič, Matjaž Straus Istenič IPv4/IPv6 Migration Both versions exist today simultaneously Dual-stack IPv4 and IPv6 protocol stack Address translation NAT44, LSN, NAT64
More informationBuilding VPNs. Nam-Kee Tan. With IPSec and MPLS. McGraw-Hill CCIE #4307 S&
Building VPNs With IPSec and MPLS Nam-Kee Tan CCIE #4307 S& -.jr."..- i McGraw-Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto
More informationMPLS for ISPs PPPoE over VPLS. MPLS, VPLS, PPPoE
MPLS for ISPs PPPoE over VPLS MPLS, VPLS, PPPoE Presenter information Tomas Kirnak Network design Security, wireless Servers Virtualization MikroTik Certified Trainer Atris, Slovakia Established 1991 Complete
More informationMPLS Environment. To allow more complex routing capabilities, MPLS permits attaching a
MPLS Environment Introduction to MPLS Multi-Protocol Label Switching (MPLS) is a highly efficient and flexible routing approach for forwarding packets over packet-switched networks, irrespective of the
More informationVirtual Leased Lines - Martini
Virtual Lease Lines - Martini Virtual Leased Lines - Martini Martini Drafts draft -martini-l2circuit-encap-mpls -04.txt defines the handling and encapsulation of layer two packets. draft -martini-l2circuit-trans-mpls
More informationMoonv6 Test Suite. MPLS Provider Edge Router (6PE) Interoperablility Test Suite. Technical Document. Revision 0.1
Moonv6 Test Suite MPLS Provider Edge Router (6PE) Interoperablility Test Suite Technical Document Revision 0.1 IPv6 Consortium 121 Technology Drive, Suite 2 InterOperability Laboratory Durham, NH 03824-3525
More informationImplementing MPLS VPNs over IP Tunnels
Implementing MPLS VPNs over IP Tunnels The MPLS VPNs over IP Tunnels feature lets you deploy Layer 3 Virtual Private Netwk (L3VPN) services, over an IP ce netwk, using L2TPv3 multipoint tunneling instead
More informationAT&T Managed IP Network Service (MIPNS) MPLS Private Network Transport Technical Configuration Guide Version 1.0
AT&T Managed IP Network Service (MIPNS) MPLS Private Network Transport Technical Configuration Guide Version 1.0 Introduction...2 Overview...2 1. Technology Background...2 2. MPLS PNT Offer Models...3
More information