Internetworking II: VPNs, MPLS, and Traffic Engineering 3035/GZ01 Networked Systems Kyle Jamieson Lecture 10 Department of Computer Science University College London
Taxonomy of communica@on networks Virtual circuit network: establish a circuit, then send packets over that circuit CommunicaFon network Switched network Broadcast network Circuit- switched network Packet- switched network Datagram network Virtual circuit network
Mul@protocol label switching (MPLS) Use #1: Speed up IP forwarding by using a fixed length label (instead of the IP address) to perform forwarding Use #2: A customer wants to create a virtual private networks spread over mulfple disfnct networks Use #3: A network provider wants to control how traffic flows over its network (traffic engineering)
MPLS s label Add an idenffier called a label to the packet Forward packets to outgoing interface based only on label value (don t inspect IP prefix) Signaling protocol needed to set up virtual circuits PPP or Ethernet header MPLS header IP header remainder of L2 frame label Exp S TTL 20 3 1 5
MPLS des@na@on- based forwarding
MPLS des@na@on- based forwarding Label distribufon protocol MPLS- enabled routers allocate and adverfse a label for each prefix in the roufng table
MPLS des@na@on- based forwarding Label distribufon protocol MPLS- enabled routers store the label in a table alongside the prefix it represents
MPLS des@na@on- based forwarding Label Edge Router (LER) Threaded indices of labels get built up over mulfple hops Forwarding rule: Replace an incoming packet s matching label with the corresponding remote label
Mul@protocol label switching (MPLS) Use #1: Speed up IP forwarding by using a fixed length label (instead of the IP address) to perform forwarding Use #2: A customer wants to create a virtual private networks spread over mul@ple dis@nct networks Use #3: A network provider wants to control how traffic flows over its network (traffic engineering)
Virtual private networks (VPNs) SomeFmes, we want to restrict connecfvity among nodes in the network VC requires that a circuit be established before data can flow Idea: Use virtual circuits to yield privacy But, the Internet is a datagram network, so we need another mechanism
IP tunnels
IP tunnels 0 1 Network number Interface 1 Interface 0 2 Virtual interface 0 (default) Interface 1 Rule: To forward out virtual interface 0, encapsulate in IP header addressed to R2.
An MPLS L2 VPN L2VPN: Feature Overview Implementing MPLS Layer 2 VPNs Customer injects Ethernet (L2) packets to ingress provider Figure 13 provides an example of Ethernet port mode at work. edge (PE) router Figure Provider 13 adds Ethernet MPLS Port Mode labels Packet Flow to packets, sends over tunnel Ether CE Ether PE MPLS emulated VC Type 5 Ether PE Ether CE Tunnel label VC label VC label Control Word Control Word Packet flow 158276 [Figure: Cisco] LAN Mode
LAN Mode Cisco IOS XR Multiprotocol Label Switching Configuration Guide VLAN mode provides Ethernet VLAN-to-VLAN connectivity. In VLAN mode, each VLAN on a customer-end to provider-end link can be configured as a separate L2VPN connection, using either VC type 4 or VC type 5. VC type 5 is the default mode. An MPLS L2 VPN in VLAN mode On Type 4 VCs, on the ingress provider edge, the VLAN tag maps to a particular pseudowire and the packet is placed on the pseudowire with the VLAN tag untouched. On Type 5 VCs, on the ingress provider edge that is receiving packets from the customer edge, the network service provider strips off the customer edge VLAN tag before placing the packets on the pseudowire. On the egress provider edge, the network service provider pushes the VLAN tag onto the protocol stack before it sends the packet to the customer edge. On ingress PE, VLAN tag maps to a parfcular MPLS tunnel Ingress PE strips off VLAN tag and adds MPLS label Egress PE router pushes VLAN tag back onto packet Figure 14 VLAN Mode Packet Flow Ether CE tagged Ether PE MPLS emulated VC Type 5 Ether PE tagged Ether CE Tunnel label VC label VC label VLAN tag VLAN tag Control Word Control Word VLAN tag VLAN tag Packet flow 158393 [Figure: Cisco]
Mul@protocol label switching (MPLS) Use #1: Speed up IP forwarding by using a fixed length label (instead of the IP address) to perform forwarding Use #2: A customer wants to create a virtual private networks spread over mulfple disfnct networks Use #3: A network provider wants to control how traffic flows over its network (traffic engineering)
Source rou@ng
MPLS explicit rou@ng Suppose we want to pick a different route for a packet than the one IP forwarding would choose IP has a source roufng opfon, but it isn t widely used Limited number of hops can be specified Processed on slow path of most IP routers MPLS allows similar funcfonality, termed explicit rou1ng Most ogen, service provider s router picks the route, not the real source
Explicit rou@ng: Example Suppose an ISP wants to load- balance R1 à R7 and R2 à R7 traffic Could IP roufng handle this? No! IP roufng only looks at desfnafon, not source Flows from R1 and R2 both have desfnafon R7 SoluFon: Tag packets at R1, R2 with different MPLS labels Threaded indices then accomplish the desired roufng
Impact of MPLS DesFnaFon- based forwarding Forwarding algorithm changes from LPM to exact match i.e., we are using a simpler forwarding algorithm Advances in IP lookup as we have seen makes this somewhat less important (but sfll used) Explicit roufng Widely used tool for traffic engineering: ensuring that network can meet demands placed on it Enables fast reroute: pre- calculate path to quickly failover onto in the event some link fails Virtual private networks Enables VPNs at L2 as we have seen, as well as L3