Migrating to MPLS Technology and Applications Serge-Paul Carrasco June 2003 asiliconvalleyinsider.com
Table Of Content Why to migrate to MPLS? Congestion on the Internet Traffic Engineering MPLS Fundamentals MPLS Graceful Restart MPLS Fast Re-Route DiffServ TE MPLS Pseudo Wires Services Layer 2 VPNs: VPLS Layer 3 VPNs: BGP MPLS (RFC 2547bis) Generalized MPLS Other Major Developments References
Why to Migrate to MPLS? MPLS provides new capabilities for packet networks: Traffic Engineering; Differentiated Services MPLS provides new applications: Layer 2 VPNs: VPLS; Layer 3 VPNs: BGP MPLS (G)-MPLS provides: Control Plane for optical networks; Inter working between packet and optical networks Still in development: Replacement for other transport technologies.
Congestion on the Internet! Over-Utilized Path Under-Utilized Path IP routing, based on IGPs using shortest path algorithms, contributes to congestion problems in Autonomous Systems (AS) within the Internet. Some links in the Internet backbone are over utilized while others are under utilized.
Traffic Engineering Through Label Switching Changing Internet routing poses significant challenges to the stability and integrity of the Internet. MPLS originated as a control plane, by providing connection-oriented capability to IP, through label switching to perform traffic engineering for IP networks. Traffic engineering with MPLS emerged to optimize traffic loads on the Internet backbone by distributing loads evenly. Traffic engineering maximizes Internet networks availability, reliability and throughput.
MPLS Label Label (20-bits) CoS S TTL L2 Header MPLS Header IP Packet 32-bits Fields Label Experimental (CoS) Stacking Bit Time to live (TTL)
MPLS Fundamentals (1) In MPLS networks, packets are forwarded based on their Forwarding Equivalence Class (FEC) as they enter the MPLS network. The FEC to which the packet is assigned is encoded as a short fixed length value known as label. An FEC is a flow of IP packets forwarded over the same path and mapped through the same labels. A label-switched path (LSP) is a simplex L2 tunnel like an ATM or FR PVC which defines the path followed by labeled packets assigned to the same FEC.
MPLS Fundamentals (2) LSP hops are: Strict: if the next LSP hop is directly connected; Loose: if the next LSP hop is found using an IGP. Labels can be stacked to provide LSPs hierarchy. MPLS does not assume a single label distribution protocol. Present distribution protocols include: RSVP, LDP and BGP. Label distribution is done from downstream to upstream. MPLS can use various layer 2 data links: Ethernet, ATM/ FR.
MPLS Fundamentals (3) (Link1, STS-#1/48) (Link3, STS-#145/192) XC2 1 1 XC1 2 XC4 2 1 3 3 1 2 2 (Link1, STS-#1/48) XC6 3 Path Setup Res (Link1, STS-#1/48) 1 Router 1 XC3 XC5 Router 2 Path Setup Req 3 2 1 (Router2, STS-48, via XC5) 3 (Link1, STS-#97/144) OC-192 Link CR-LDP Label Request CR-LDP Label Mapping An ingress Label-Switching Router (LSR), Router 1, assigns IP packets to an FEC. It binds the initial label. Transit LSRs, Routers XC-2 and XC-5, forward the MPLS packet using label swapping. An egress LSR, Router 2, removes the MPLS label. 1 XC1 XC2 XC5 XC6 From Link 1, STS-#1/48 Link 3, STS-#145/192 Link 2, STS-#49/96 Link 1, STS-#97/144 To Link 2, STS-#145/192 Link 1, STS-#49/96 Link 3, STS-#97/144 Link 3, STS-#1/48
Label Distribution with RSVP RSVP initially designed to provide resource reservations, can also be used to carry signaling information along data flow paths. RSVP PATH The ingress LSR generates an RSVP Path message with the following objects: Session Label_Request Explicit_Route (ERO) Record_Route (RRO) Session_Attribute FlowSpec (Tspec) RSVP RESV The egress LSR responds with an RSVP RESV message with the following objects: Session Label Record_Route (RRO) Style FlowSpec (Rspec)
MPLS Reliability: Graceful Restart Graceful Restart allows to recover the control plane on the down nodes without disturbing data traffic. Graceful Restart makes the MPLS control plane self healing. Graceful restart is used in case of: planned restart such as software upgrade; unplanned restart such as software crash and restart. Neighboring nodes pre-negotiate restart capabilities and parameters. Modification to RSVP involves new objects: Restart_Cap and modification to the Hello messages.
MPLS Reliability: Fast Reroute 1 LSR 1 LSR 2 X LSR 4 LSR 3 LSR 5 LSR 6 Fast Reroute provides recovery for node and link failures. The back-up nodes or links are pre-signaled (protection). Traffic is switched to the back-up link around the point of failure in 10s of milliseconds (restoration).
Back-up LSP Tunnels Crank back to the node closed to the failure, not the ingress router. The ingress should re-compute alternative routes. Two approaches: one-to-one and one-to-many back-ups One-to-one back-up A detour LSP is provided at each PLR (Point of Local Repair). Detour LSPs can merge to improve scalability. New RSVP objects: - Detour - Fast_ReRoute Facility back-up (One-to-many) Instead of creating multiple Detours, a singe LSP is created for multiple nodes and links failures. Label stacking is used to preserve labels from the protected path. Modification of RSVP objects: - Session_Attribute - Record_Route
MPLS with DiffServ: DiffServ-TE When the network load is optimized with MPLS traffic engineering, QoS are more likely to be met. DiffServ Behavior Aggregate can be managed through a traffic engineering framework. Different BA can be assigned to different paths. L-LSP One FEC per PHB so that the transit LSR can infer the proper PHB without having to look for the DSCP. E-LSP One FEC for a group of PHB. The DSCP drop precedence is mapped to the Exp field of the label providing an FEC for 8 BA.
Pseudo Wire Edge-to-Edge (PWE3) Reference Architecture Emulated Service Pseudo-Wire (ES) (PW) CE PE PE CE PSN (Packet Switched Network) Tunnel PWE3 Topology: - Pt to Pt Attachment VC Emulated VC Attachment VC
Virtual Private Wire Services (VPWS) VPWS are point-to-point Layer 2 services, similar to ATM/FR services, using tunnels over a PSN. All services are emulated like Virtual Circuits (VC). VC are carried over pseudo-wires (PW) which provides point-to-point Layer 2 connection. The end-user can keep the same Layer 2 connections from its CE to the PE.
VPWS Functions Customer Site A VC label Tunnel label Customer Site B VC label Customer Site C Customer Site D The VPWS accomplishes three major functions: Encapsulation of circuit data or PDUs at the ingress; Carrying the encapsulated data across the tunnel; Managing the signaling, timing, order, OAM and specific aspects of the service.
PWE3 Layers Customer Site A VC label Tunnel label Customer Site B Customer Site C VC label Customer Site D Payload Encapsulation Multiplexing PSN Circuit (TDM, SONET), Cell (ATM, FR), Packet (Ethernet) Encapsulation of circuit data or PDUs at the ingress L2TPv3 or MPLS Shim IPv4/v6 or MPLS
MPLS Pseudo Wire Services Martini Encapsulation Tunnel Label Demux Field VC Encaps Field Layer 2 payload Tunnel Label: MPLS label defining the path through the network. Demultiplexer Field: distinguish individual emulated virtual circuits (VC) within a single tunnel; Emulated VC Encapsulation Field (known as control word): contains specific header information about the enclosed PDU for Frame Relay and ATM; The layer 2 header fields may be discarded at the ingress Layer 2 payload: Ethernet/VLAN, PPP/HDLC Frame Relay, ATM AAL5, ATM Cell
Ethernet over MPLS Martini Encapsulation Original Ethernet frame Preamble DA SA 802.1q L payload FCS Encapsulated Ethernet over MPLS over Ethernet Transport DA SA 0x8847 Tunnel Header Demux Field Ethernet header Ethernet payload FCS Ingress device strips the Ethernet preamble and FCS Ethernet header and payload are transported New MPLS Ethernet header (type 0x8847) and new FCS is added to MPLS Ethernet packet
Virtual Private LAN Services (VPLS) Reference Architecture VLAN VLAN MPLS VLAN CE Layer 2 Aggregation PE PE CE CE PE VPLS Topology: - Pt to Pt, Pt to multipoint - Full/partial mesh - Hierarchical
VPLS: Layer 2 VPNs (1) VPLS emulates the various LANs services over an MPLS transport network. VPLS creates a Layer 2 broadcast domain through an Ethernet learning bridge model. The MPLS network acts as a LAN switch.
VPLS: Layer 2 VPNs (2) PE devices are required to dynamically learn MAC addresses on physical ports and on VC LSPs. MAC address are learned and aged on a per LSP basis. To support standard Ethernet bridging, packet are replicated across LSPs for broadcast and multicast traffic and for flooding of unknown unicast traffic. Includes hierarchical VPLS.
VPLS: Layer 2 VPNs (3) All customer VPN sites are linked together through one Layer 2 VPLS network Customer 1 VPLS Customer 1 VPN Site Multiple customer VPLS traffic are tunneled together over the same MPLS/LSP tunnels Customer 1 VPN Site Layer 2 MPLS Network Customer 2 VPN Site Customer 2 VPN Site Customer 1 & 2 VPLS Customer 1 VPN Site Customer 1 VPN Site Customer 1 VPN Site VPLS Topology: - Pt to Pt, Pt to multipoint - Full/partial mesh - Hierarchical
VPLS: Layer 2 VPNs (4) Customer 1 and 2 are part of two independent VPLS. Tunnel LSPs are established between PEs. Layer 2 PW or VC LSPs are set up over Tunnel LSPs. Two MPLS labels are stacked. One per PW (Customer Circuits). One per Trunk (Tunnel LSPs). Resulting VC LSPs must be loop-free.
BGP MPLS Reference Architecture IGP MPLS IGP Site 1 CE FT PE P PE FT CE Site 3 FT CE CE Site 2 P Site 2 Site 3 CE FT FT PE P P P PE FT CE Site 1
BGP MPLS: Layer 3 VPNs (1) VPNs routes get communicated from the CE to the PE using an IGP. PE propagates the VPNs routes, called VPNs routing and forwarding (VRF), to its PE peers using ibgp with: BGP community BGP multi-protocol extensions (MP-BGP) The VPNs traffic is forwarded between the PEs connected to the sites of the customer VPNs using MPLS LSP in a mesh topology.
BGP MPLS: Layer 3 VPNs (2) Since customers can use private addresses and private addresses cannot be routed in the Internet. VPNs_IPv4 is the new address format formed using a route distinguisher and the end-user IPv4 prefix address. MP-BGP is used to carry those VPN-IPv4 addresses.
BGP MPLS: Layer 3 VPNs (3) Customer VPN routing tables are Communicated from CE to PE with OSPF and from PE to PE with BGP CE PE Customer VPN Site Customer VPN traffic is forwarded between the sites through MPLS/LSP tunnels established between PEs P PE CE Customer VPN Site Layer 3 MPLS Network Customer VPN Site LSP Tunnels Customer VPN Site OSPF MPLS + BGP OSPF
Generalized MPLS (GMPLS) GMPLS aims to create a universal IP control plane for multiple types of switching systems that can be found in an end-to-end network: Packet Switching; TDM Switching; Lambda Switching; Fiber Switching. With GMPLS, the same traffic engineering architecture can be used between IP and Optical networks to facilitate networks inter-working and simplify network operations.
GMPLS Components Link Management Protocol (LMP) for NE adjacencies in transparent networks; Link-state routing protocols OSPF or IS-IS with extensions for network topology discovery; IP/MPLS signaling protocols CR-LDP or RSVP-TE with extensions for path controls.
GMPLS Features Support hierarchical LSPs like MPLS but GMPLS LSPs can include intermix of links with heterogeneous labels; GMPLS LSPs start and end through the same interfaces types; Support bi-directional LSPs; Type of payloads: SONET/SDH, G.709, GbE Suggested label: labels can be suggested by the upstream node; Label set: labels selected by the downstream node can be restricted by the upstream node.
Other Major Developments Migrating Frame Relay/ATM to MPLS: Signaling Inter working; QoS; OAM. Migrating TDM over MPLS: Voice encoding; VoIP/MPLS when end stations are VoIP capable; VoMPLS for trunking applications.
References IETF: www.ietf.org Sub IP Working Groups: MPLS, PW3E, PPVPN MPLS Forum: www.mplsforum.com
Thank you for your attention asiliconvalleyinsider.com