MEN Part 1- Day5 -Ver1_NoRestriction

8/14/2019 MEN Part 1- Day5 -Ver1_NoRestriction

1/88

Network Learning CentreProprietary & Confidential

11

MEN Part 1

50464928


2/88


22

Agenda

Day 5

Module 6

BGP and MPLS Overview

Module 7

MEN Architecture & Services

Feedback & Test


3/88


33

Module 6

BGP


4/88


44

Page4

Overview Of BGP

BGP is an exterior routing protocol, used to transmit routing

information between ASs

It is a kind of distance-vector routing protocol and avoids the

occurrence of loop in design. It provides additional attribute

information for the route

Transfer protocol: TCP; port No.: 179

It supports Classless Inter-Domain Routing (CIDR)

Route updating: transmit incremental routes only

Abundant route filtering and routing policies

Border Gateway Protocol (BGP) is a dynamic routing protocol. Its basic

function is to automatically exchange the loopless routing information

between Autonomous Systems (AS). By exchanging the path-reachable

information with AS sequence attribute, it can construct the topology map

of the autonomous area, thus removing the route loop and implementing

the routing strategy configured by the user. Compared with protocols likeOSPF and RIP, which run inside the autonomous area, BGP is a kind of

Exterior Gateway Protocol (EGP) while OSPF and RIP are Interior

Gateway Protocol (IGP). BGP is usually used between ISPs.

BGP has been put into use since 1989. Its three earliest versions are RFC1105

(BGP-1), RFC1163 (BGP-2) and RFC1267 (BGP-3) respectively. The

current version is RFC1771 (BGP- 4). With the fast development of the

Internet, the volume of the routing table expands quickly as well, and the

amount of routing information exchanged between ASs is also ever

increasing, which affects the network performance. BGP supports

Classless Inter-Domain Routing (CIDR), which can effectively reduce the

ever-expanding routing table. BGP-4 is fast turning into the actual

standard of the Internet border routing protocol. Its features are described

as follows:

BGP is a kind of exterior routing protocol, different from interior routing

protocol like OSPF and RIP. It focuses on the control of route advertising

and the selection of optimal routes, instead of route discovery and

calculation.

By taking the AS path information, it can thoroughly solve the problem of

route cycle.

To control the advertising and selection of routes, it provides additional


5/88


55

Page5

Autonomous System

What is an Autonomous System(AS)?

which routing protocol running inside the AS

Which routing protocol running between ASs

The Autonomous System (AS) refers to a set of routers, which aremanaged by the same technical management organization and adoptthe unified routing strategy. Each AS has a unique AS number, whichis allocated by the management organization authorized by theInternet.

IGP routing protocol such as static route, OSPF , IS-IS etc

BGP only

The Autonomous System (AS) refers to a set of routers, which are managed

by the same technical management organization and adopt the unified routing

strategy. Each AS has a unique AS number, which is allocated by the

management organization authorized by the Internet.

The basic concept of introducing the AS is to differentiate different ASs by

different numbers. Thus, when the network administrator does not want hisown communication data to pass some AS, this numbering method becomes

very useful. Maybe the administrator's network can access this AS absolutely.

However, if this AS is managed by his component or lacks enough security

mechanism, he needs to avoid this AS. By adopting the routing protocol and

AS number, the routers can specify the path between them and the method for

routing information exchange.

The AS numbers range from 1 to 65535. Among them, the numbers from 1 to

64511 are the registered Internet number, and those from 64512 to 65535 are

the private network numbers.

Quiz

How many AS number available to the public internet network?

A: 1~64511

B: 1~65525

C: 64512~65535

D: 0~65535


6/88


66

Page6

Working Mechanism Of BGP

AS1

AS7

AS6

AS5

AS4

AS3

AS2

As the application layer protocol, the BGP system runs on a special router.

During the first startup of the system, the routing information is exchanged by

sending the whole BGP routing table. Later, for the objectives of updating the

routing table, only the update message is exchanged. During the operation,

the system checks whether the connection is normal by receiving and sending

the keep-alive message.The router, which sends the BGP message, is called the BGP speaker. It

continuously receives and generates new routing information, and advertises

it to other BGP speakers. When a BGP speaker receives new route

advertisement from other ASs, it will advertise this route to all the other BGP

speakers inside the AS if this route is better than the currently known route,

or currently there is no acceptable route. A BGP speaker calls other BGP

speakers that exchange message with it as peer. Several related peers can

construct a group.

Generally, a route is generated inside the AS. It is discovered and calculated

by some interior routing protocol and transmitted to the boundary of the AS.Then, The Autonomous System Boundary Router (ASBR) spreads it to other

ASs via the EBGP connection. During the spreading, the route may pass

several ASs, which are called the transitional AS, such as AS5. If this AS has

multiple boundary routers, Information will be exchanged among these

routers by running IBGP. In this case, the internal routers need not know

these exterior routes. They only need to maintain the IP connectivity among

the boundary routers, such as AS2, AS3 and AS4. After the route reaches the

AS boundary, ASBR can redistribute the route into the interior routing

protocol if the interior router needs to know these exterior routes. The

exterior routes have a large amount, which will usually exceed the processing

capability of the interior routers. So, filtering or aggregation shall be done


7/88


77

Page7

IBGP Neighbor & EBGP Neighbor

EBGP

RTB

RTC

IBGP

RTA

RTD

RTE

EBGP

AS100

AS200

AS300

On the router, BGP runs in the following two modes: IBGP (Internal BGP), EBGP

(External BGP)

If two peers that exchange BGP messages belong to the same AS, they are Internal

BGP (IBGP), such as RTB and RTD.

If two peers that exchange BGP messages do not belong to the same AS, they are

External BGP (EBGP), such as RTA and RTB.

Although BGP runs between ASs, it is also necessary to establish BGP connection

between different border routers of an AS. Only in this way, can routing information

be transmitted in the entire network, such as RTB and RTD. To establish the

communication between AS100 and AS300, we need to establish IBGP connection

between them.

The direct connection is not necessarily established between IBGP peers physically,

but the full logical connection between them must be ensured (it suffices if TCP

connection can be created).

In most of the cases, there is physically direct link between EBGP peers. However, if itis hard to realize, remedy can be done by configuring the command "neighbor

neighbor-address ebgp-multihop[ttl]". Here, "ttl" is the maximum hop count. Its

default value is 64 and the value range is 1-255.

Quiz

1. Which of the following statements about IBGP routers are true? (Select one.)

A. They must be fully meshed.

B. They can be in a different AS.

C. They must be directly connected.


8/88


88

iBGP & eBGP

BGP configuration does not define peers as

iBGP or eBGP Each router examines its own ASN and

compare with defined neighbor ASN

If ASN match peer is iBGP

If ASN does not match peer is eBGP


9/88


99

Page9

Route Advertising Principles of BGP

BGP Speaker only selects the best one for its own use BGP Speaker only advertises the routes used by itself to its neighbors

For the routes obtained from EBGP, the BGP Speaker will advertise them to

all its neighbors (including EBGP and IBGP)

For the routes obtained from IBGP, the BGP Speaker will not advertise

them to its IBGP neighbors

For the routes obtained from IBGP, whether the BGP Speaker will advertise

them to its EBGP neighbors depends on the synchronization state of IGP

and BGP

Once the connection is established, the BGP Speaker will advertise all its

BGP routes to the new neighbors

Route advertising principles of BGP:

In the case of multiple paths, the BGP Speaker only selects the best one for

its own use.

The BGP Speaker only advertises the routes used by itself to its neighbors.

For the routes obtained from EBGP, the BGP Speaker will advertise them toall its neighbors (including EBGP and IBGP).

For the routes obtained from IBGP, the BGP Speaker will not advertise them

to its IBGP neighbors.

For the routes obtained from IBGP, whether the BGP Speaker will advertise

them to its EBGP neighbors depends on the synchronization state of IGP and

BGP.

Once the connection is established, the BGP Speaker will advertise all its

BGP routes to the new neighbors.

These principles were stipulated by the BGP designers when they were

developing the BGP routing protocol. Further study of the reasons is outsidethe scope of this document.

Quiz

what would BGP router do when the TCP connection established ?

A: exchange the routing table between the BGP neighbors

B: exchange the BGP routes between the BGP neighbors

C: check the BGP version ,as numbers to form the EBGP/IBGP relationship

D: send a keep-a-live packet to the peer


10/88


1010

BGP

BGP advertises only one best path

Only incremental updates Keep alive messages after initial exchange

between BGP peers every 60s Hold time 180s

Triggered updates are batched and rate-limited (every 5seconds for internal peer, every 30 seconds for externalpeer)

Public AS number from InterNIC (www.internic.net) or RIPE(www.ripe.net)

Use private AS numbers (64512 - 65535) if BGP in a privatenetwork

Only one BGP routing process per router is allowed Reliance Public AS - 18101


11/88


1111

Page11

BGP Synchronization

EBGP EBGP

RTB

RTC

IBGP

RTA

RTD

RTE

RTF

E0:10.1.1.1/24

S0

S1

AS100

AS200

AS300

It is stated in the BGP protocol that: a BGP router does not advertise the

routing information learnt from the internal BGP peers to the external peers,

unless this information can also be obtained from IGP. If a router can learn

about this routing information via IGP, then it can be considered that the

route can be broadcast inside AS and the internal connection is ensured.

One of major duties of BGP is to transmit the network reachabilityinformation of this AS to other ASs. As shown in the figure above, RTB will

encapsulate the routing information toward 10.1.1.1/24 into the UPDATE

message, and advertise it to RTE via the TCP connection established by RTC

and RTD. If RTE does not take synchronization into account, it will directly

accept such routing information and report it to RTF, then if RTF or RTE has

the data packet to be sent to 10.1.1.1/24, this packet must pass RTD and RTC

if it wants to reach the destination. As the synchronization was not taken into

account in advance, the routing tables of RTD and RTC have no routing

information to 10.1.1.1/24 and the data packet will be discarded when it

reaches RTD. So, BGP must be synchronous with IGP (e.g., RIP, OSPF, etc.).

Synchronization means that BGP will not advertise the transitional

information to other ASs until IGP broadcasts this routing information

successfully in its AS . That is, after a router receives the update information

of a destination from the IBGP peer, it shall attempt to verify whether this

destination can be reached via the internal AS before advertising it to other

EBGP peers (i.e., verify whether this destination is within IGP, and whether

the non-BGP router can transmit this traffic to this destination). If IGP knows

this destination, it will receive such routing information and then advertise it

to EBGP peers. Otherwise, it will consider that this route is asynchronous

with IGP and thus will not advertise it.

As shown in the figure above, RTE gets the route going to the network


12/88


1212

Page12

Full Dynamic Redistribution

OSPF discovers route 18.0.0.1/8

Dynamically redistribute the route discovered by IGP (OSPF)

into the BGP routing table of RTB

18.0.0.1/8

OSPF

RTB

AS200

The BGP routing protocol runs between ASs. Its major work is to transmit

routing information between ASs, instead of discovering and calculating

routing information. The work of discovering and calculating routing

information is done by the IGP routing protocol, e.g. RIP and OSPF. The

routing information of BGP needs to be redistributed into BGP in the mode of

configuration commands.According to the redistribution mode, it can be classified into three types:

purely dynamic redistribution, semi-dynamic redistribution and static

redistribution.

Purely dynamic redistribution means that the router gets the routing

information by IGP routing protocol and then dynamically redistributes it into

BGP.

As shown in the figure above, RTB dynamically detects the routes going to

the network 18.0.0.0/8 via OSPF protocol and then dynamically redistributes

it into BGP. We call such a kind of route redistribution mode as purely

dynamic redistribution.

The route leading to the network 18.0.0.0/8 is redistributed from OSPF.

Meanwhile, other routing information of OSPF is also redistributed into BGP.


13/88


1313

Page13

Semi Dynamic Redistribution

OSPF discovers the route 18.0.0.1/8

Semi-dynamically redistribute the route discovered by IGP

(OSPF) into the BGP routing table of RTB

18.0.0.1/8

RTB

AS200

OSPF

Semi-dynamic redistribution means that the routing information is

dynamically discovered and calculated by IGP routing protocol. Part of the

specified routing information will be selectively redistributed with the

network command when it is redistributed into the BGP system.

AS shown in the figure above, router B dynamically detects the route going

to the network 18.0.0.0/8 via OSPF protocol and then redistributes it intoBGP statically. Such a kind of route redistribution mode is called semi-

dynamic redistribution.

The route to be redistributed should be be specified with the user interface of

the router. As a result, only one specified OSPF route is redistributed into

the BGP routing table.


14/88


1414

Page14

Static Redistribution

Manually configure the static route 18.0.0.1/8

Redistribute the static route manually configured into the BGP

routing table of RTB

18.0.0.1/8

AS200

RTB

Static redistribution means that the routing information obtained by the router

is the static routing information manually configured, which will be statically

redistributed into the BGP system.

As shown in the figure above, router B first establishes a static route going to

the network 18.0.0.0/8 and then redistributes it into BGP. Such kind of route

redistribution mode is called static redistribution.

As a result, a manually configured route is added into the BGP routing table.

How many methods can you use to installed the route to the bgp routing table

?(choose all apply)

A: Full Dynamic Redistribution

B: Semi Dynamic Redistribution

C: Static Redistribution

D: IGP route redistribute


15/88


1515

Page15

BGP Messages

There are four types of BGP messages: Open: greeting--"hello, let's make friends!"

Keepalive: I'm alive, don't leave me alone

Update: fresh news...

Notification: i won't play with you any more!

BGP has four types of messagesOPEN, UPDATE, NOTIFICATION and

KEEPALIVE.

Between BGP peers, an OPEN message is transmitted so as to exchange

information such as version, AS number, hold time and BGP identifier for

negotiation.

What UPDATE message carries is route update information, including route

withdrawal information, reachable information and its path attributes.

When BGP detects errors (e.g. connection interruption, negotiation error ,

message error), it will send the NOTIFICATION message to shut off the

connection with its peers.

The KEEPALIVE messages are sent periodically between BGP neighbors ,

so as to ensure the connection is kept alive . The default timer is 60 seconds.

The OPEN message is mainly used to establish the neighborhood (BGP

peers). It is the initial handshake information between BGP routers and shall

occur before all notification information. Others will respond with theKEEPALIVE message after receiving the OPEN message. Once the

handshake succeeds, these BGP neighbors can exchange messages like

UPDATE, KEEPALIVE and NOTIFICATION.

Quiz

(1) How many BGP messages available for the BGP version 4(choose all

apply)

A: OPEN

B: UPDATE


16/88


1616

Page16

Finite State Machine of BGP

Active

Open-sent

Open-confirm Established

Idle

Connect

Connect-Retrytimer expiry

TCP connection fails

Connect-Retry

timer expiry

Start

Others

TCP connection fails

Error

Error Error

KeepAlive

timer expiry

KeepAlive packetreceived

1. KeepAlivetimer expiry

2. Update received3. KeepAlive received

Correct OPENpacket received

TCP connection setup

TCP connection setupOthers

The BGP finite state machine (FSM) has six states. The procedure of

transition between shows the establishment procedure of BGP neighborhood.

The first state is "Idle". Once BGP starts, the state machine enters the

"Connect" state. In this sate, if Connect-Retry timer expires, the BGP state

machine will stay in the "Connect" state. Meanwhile, BGP will attempt to

establish the TCP connection. If the creation of TCP connection fails, theBGP state machine will enter the "Active" state. If the TCP connection is

established successfully, the BGP state machine will enter the "OpenSent"

state directly. In "Active" state, if the TCP connection cannot be established

yet, the BGP state machine will stay in the "Active" state and will not enter

the "OpenSent" state until the TCP connection is established successfully. In

the "OpenSent" state, once BGP receives a correct Open message, it will

enter the "OpenConfirm" state. In the "OpenConfirm" state, if the KeepAlive

timer expires, the BGP state machine will stay in the "OpenConfirm" state.

And it will not enter the "Established" state until BGP receives the KeepAlive

message. Till now, the BGP connection is really established.

In addition, when any of the five states ("Idle" excluded) has errors, the BGP

state machine will return to the "Idle" state.

Idle: "Idle" is the first state of BGP connection. In this state, BGP is waiting

for a start event. After such an event emerges, BGP will initialize the

resources, reset the Connect-Retry timer, and initiate a TCP connection.

Meanwhile, it will enter the "Connect" state.

Connect: in this state, BGP establishes the first TCP connection. If the

Connect-Retry timer expires, BGP will establish the TCP connection again

and continue to stay in the "Connect" state. If the TCP connection is

established successfully, it will enter the "OpenSent" state. Otherwise, it will

enter the "Active" state.


17/88


18/88


1818

Page18

BGP Path Attributes

A Path Attribute is a characteristic of anadvertised BGP route.

Each Path Attribute falls into one of fourcategories:

Well-known mandatory

Well-known discretionary

Optional transitive

Optional nontransitive

Notes:

Well-known means it must be recognized by all BGP implementations.

Optional means BGP implementation is not required to support the attribute.

Mandatory means the attribute must be included in all BGP Update messages

Discretionary means they may or may not be sent in a specific Updatemessages

Transitive means a BGP process should accept the path in which the attributeis included even if it doesnt support this attribute and it should pass the pathon to its peers

Nontransitive means a BGP process that does not recognize the attribute canquietly ignore the Update in which the attribute is included and not advertisethe path to its other peers

The enterprises and service providers are often concerned about suchquestions: how to prevent my private network from being advertised out?

How to filter the route update that comes from some neighboring route? howto make certain that I am using this link instead of any other link?. It isthrough the use of route attribute that BGP answers these questions.

BGP route attribute is a set of parameters. It further describes the specificroute so as to enable BGP to filter and select routes. When configuring theroute strategy, we often use the route attribute. However, not all of them willbe involved.

In fact, route attributes are classified into the following categories:

Mandatory attribute: one that is necessary in the route update data message.In the BGP routing information, this kind of attribute domain has its uniquerole that cannot be substituted by any others. If it is not included, something

will be wrong with the routing information. For example, AS-Path is a


19/88


1919

Page19

Path AttributeWell-known mandatory

ORIGIN

AS-Path

Next hop

Well-known discretionary

Local-Preference

Atomic-Aggregate

Optional transitive

Aggregator

Community

Optional nontransitive

Multi-Exit-Disc (MED)

ORIGINATOR-ID

Cluster-List

Destination Pref (MCI)

Advertiser (Baynet)

Rcid-Path (Baynet)

MP_Reach_NLRI

MP_Unreach_NLRI

Extended_Communities

There are six attributes that are commonly used:

Origin: it is used to define the origin of the routing information, indicating

how a route becomes the BGP route, such as IGP, EGP, and Incomplete.

As-Path: it is the sequence of the ASs passed by a route, listing all the ASs

passed by a route before it reaches the notified network. The BGP speaker

puts its own AS preamble to the head of the received AS path, which can

avoid route loop and be used for route filtering and selection.

Next hop: it includes the IP address of the next hop border router that reaches

the network listed in the update information. The next hop of the BGP is

somewhat different from that of IGP. It can be an address of the peer that

notifies this route, such as EBGP, which is similar to the IGP. But in some

other cases, the BGP uses the next hop of the third party. For example, the

IBGP transmits without any change the next hop obtained from the EBGP

peer in the AS. In the multiple access media, the BGP takes the actual origin

of the route as the next hop, even though it is not the BGP peer.

Multi-Exit-Discriminators (MED): when some AS has multiple entries, the

MED attribute can be used to help its external neighboring router select a

better entry path. The smaller the MED value of a route, the higher its

precedence.

Local-Preference: this attribute is used to select in the AS the route reaching

some destination by preference. It reflects the preference level of the BGP

speaker for each external route. The bigger the local-preference value, the

higher the preference level of the route.

Community: this attribute marks a group of routing information that has the

same feature, which is irrelevant with the IP subnet or AS where it is located.

The accepted community values are NO-EXPORT, NO-ADVERTISE,


20/88


2020

Page20

ORIGIN Attribute

ORIGIN specifies the origin of the routing update. When BGP has multipleroutes, it uses ORIGIN as one factor in determining the preferred route.

IGP NLRI (Network layer Reachability Information) was learned from a protocol

internal to the originating AS. BGP routes are given an origin of IGP if they are

learned from an IGP routing table via the network statement.

EGP NLRI was learned from the Exterior Gateway Protocol.

Incomplete NLRI was learned by some other means. Incomplete imply that the

information for determining the origin of the route is incomplete. Routes that BGP

learns through redistribution carry the incomplete origin attribute.

Which one is preferred? IGP > EGP > Incomplete

When the BGP makes the route decision, it will take the origin attribute into

account to determine the precedence levels between multiple routes.

Specifically, the BGP will prefer the route with the minimum origin attribute

value, i.e. the IGP has the precedence over EGP, and EGP has the precedence

over INCOMPLETE. We can configure these three origin attributes

manually.Generally:

If a route is redistributed into the BGP routing table with the specifically, the

origin attribute shall be IGP

If a route is obtained via EGP, the origin attribute shall be EGP

Otherwise, the Origin attribute should be Incomplete

Quiz

(1)When import a route from ospf routing protocol into the BGP routing table

,which origin attribute value would this route to be ?

A: IGP

B: EGP

C: OSPF

D: Incomplete


21/88


2121

Page21

AS_PATH Attribute

AS-PATH uses a sequence of AS numbers to describe the inter-AS path or route to the

destination specified by the NLRI.

AS-PATH describes all AS it has passed through ,beginning with the most recent AS

and ending with the originating AS.

D(18.0.0.0/8)AS200

AS300

AS400

AS100AS500

RTA

RTB

30.0.0.1

30.0.0.2D (400 300 200)

D (500 200)

The AS-Path attribute is also a mandatory one. It is the sequence of numbers of all

the ASs passed by a route to a certain destination. The BGP uses the AS-path

attribute as a part of the route update (message update) to ensure a loopless

topology structure over the Internet. The BGP will not accept the route of this AS

number contained in the AS-path attribute, because this route has been processed

by this AS. In this way, route loop is avoided. For this reason, the BGP will add itsown AS number to the AS-path attribute when advertising a route to the EBGP

peer, so as to record the information on the AS area passed by the route.

Meanwhile, the AS-path attribute acts on route selection. In case other factors are

the same, the route with shorter AS path will be selected. As shown in the figure

above, the path for the network segment D18.0.0.0/8 in AS200 to reach AS100 by

passing AS200, AS300, and AS400 is d1 (400 300 200) and that for it to reach

AS100 by passing AS200 and AS500 is d2 (500 200). In this case, the BGP will

select the shorter path d2 by precedence.

Note: when the AS-Path field of a route records the AS-number, it will always put

the new AS-number in front. As shown in the figure above, the route first passesAS200 and records d2 (200); then it passes AS500 and records: d2 (500 200).

We can increase the path length by adding the pseudo AS number, so as to act on

route selection, We can configure RTA to add two AS element 200, 200 to the

AS-Path list carried by the route it sent to 30.0.0.2. After such a configuration, the

path d2 will change into 500 200 200 200, which is longer than the path d1. So now

the BGP will select the shorter path d1 by precedence.

Quiz

(1) When a route is passing AS100 from other AS, where the AS 100 value would

-


22/88


2222

Page22

AS_PATH Attribute

The Function of AS-PATH

AS can influence its incoming traffic by changing the AS_PATH of its

advertising route

AS_PATH can be used for loop avoidance

D(18.0.0.0/8)AS200

AS300

AS400

AS100AS500

RTA

RTB

30.0.0.1

30.0.0.2D (400 300 200)

D (500 200,200,200)

D (200 200 200)


23/88


2323

Page23

Next Hop Attribute

18.0.0.0/8

20.0.0.0/8

RTA

RTC

RTB

RTD19.0.0.0/8

21.0.0.2

21.0.0.1

10.0.0.2

10.0.0.3

10.0.0.1

AS100

AS200

IBGP

IBGPEBGP

RTBI can reach 18.0.0.0/8 via the next hop 10.0.0.2I can reach 20.0.0.0/8 via the next hop 10.0.0.3

RTAI can reach 18.0.0.0/8 via the next hop10.0.0.2

I can reach 20.0.0.0/8 via the next hop 10.0.0.3I can reach 19.0.0.0/8 via the next hop 21.0.0.1

RTCI can reach 19.0.0.0/8 via the next hop 10.0.0.1

I can reach 20.0.0.0/8 via the next hop 10.0.0.3

The next hop attribute is also an accepted mandatory attribute. The next hop

in the BGP is different from that in the IGP. The concept of the next hop in

the BGP is a little complicated. It can be one of the following three types:

When the BGP notifies the IBGP of the route obtained from other EBGPs, it

does not change the next hop attribute of the route. The local BGP directly

transmits the next hop attribute obtained from the EBGP to the IBGP. Asshown in the figure above, the next hop attribute is 10.0.0.2 when the RTA

notifies the route 18.0.0.0 to RTB via the IBGP.

When the BGP notifies the EBGP peer of the route, the next hop attribute is

the port address of the connection between the BGP and its peer. As shown

in the figure above, the next hop attribute is 10.0.0.2 when the RTC

notifies the RTA of the route 18.0.0.0/8. And when it notifies the RTC of

the route 19.0.0.0/8, the next hop attribute is 10.0.0.1.

For the multi-access network (e.g. Ethernet or frame relay), something is

different with the next hop. As shown in the figure above, when RTC is

advertising the route 20.0.0.0/8 to the EBGP router RTA, it finds that thelocal port 10.0.0.2 and the next hop 10.0.0.3 of this route are the same

shared subnet. So, it uses 10.0.0.3 as the next hop to advertise the route to

the EBGP, instead of 10.0.0.2.

Quiz

(1)select the following statement which are true

A: When the BGP notifies the IBGP of the route obtained from other EBGPs,

it does not change the next hop attribute of the route

B: When the BGP notifies the IBGP of the route obtained from other EBGPs,


24/88


2424

Page24

LOCAL_PREF Attribute

LOCAL_PREF is used to communicate a BGP routersdegree of preference for an advertised route.

LOCAL_PREF is only in updates between internal BGPpeers and it is not passed to other AS.

If an internal BGP speaker receives multiple routes tothe same destination, it compares the LOCAL_PREFattribute of the routes. The route with highestLOCAL_PREF is selected.

The LOCAL_PREF attribute affects only traffic leavingthe AS.

The local precedence attribute is an optional attribute. It represents theprecedence level assigned to a route, with which we can compare differentroutes that have the same destination. The bigger the attribute value, thehigher the precedence level of the route. This attribute is used only insidethe AS and exchanged between IBGP peers, but not notified to the EBGPpeer. In short, the local precedence attribute is used to help the router

inside the AS select the optimal egress for it to go out, i.e. select the egresswith higher local precedence level.

What shall be noted is: configuring the attribute value of local precedencelevel will only affect the traffic that leaves this AS, but not the traffic thatenters this AS. By default, the value of local precedence attribute is 100.

Quiz

(1)A BGP speaker received the same route from its two IBGP peer withdifferent preference ,which route the BGP speaker will use by default ?

A: the route with the bigger preference value

B: the route with the smaller preference value

C: the route with the bigger router-id

D: the route with the smaller router-id


25/88


2525

Page25

LOCAL_PREF Attribute

Dlocal-pref1 100 Dlocal-pref2 200 RTA will select local-pref2 that has higher local preference

AS400

AS100

AS300AS200

RTA

RTB RTC

RTD RTE

RTF

D (18.0.0.0/8)

30.0.0.1

30.0.0.2

20.0.0.1

20.0.0.2

Dlocal-pref1 100 Dlocal-pref2 200

As shown in the figure above, the RTB sets the local precedence level of the

route received via the RTD as local-pref1 100, and the RTC sets the local

precedence level of the route received via the RTE as local-pref2 200. In this

way, the RTA will prefer local-pref2 which has a higher precedence level.


26/88


2626

Page26

MULTI-EXIT-DISC (MED) Attribute

MED is carried in EBGP updates and allows an AS to inform another AS ofits preferred ingress points. It is meant only for a single AS to demonstrate a

degree of preference when it has multiple ingress points.

MED attribute affects only the incoming traffic to the AS.

If all else is equal , an AS receiving multiple routes to the same destination

compare the MED of the routes. The lowest MED value is prefered. MEDs

are not compared if two routes to the same destination are received from

two different AS.

The MED is passed between internal peers of the receiving AS but not

passed beyond the receiving AS. MED is used only to influence traffic

between two directly connected AS.

The MED attribute is optional, used to indicate the preferable path for the

external neighbor router to enter some AS that has multiple entries. When

some AS has multiple entries, the MED attribute can be used to help its

external neighbor router select a better entry path. That is, select the entry

path with smaller MED value by precedence.

A BGP speaker received the same route from its two EBGP peer with

different MED value ,which route the BGP speaker will use by default ?

A: the route with the bigger MED value

B: the route with the smaller MED value

C: use tow for backup

D: the route with the smaller router-id


27/88


2727

Page27

MULTI-EXIT-DISC (MED) Attribute

D(18.0.0.0/8)

RTA

RTB RTC

30.0.0.1

30.0.0.2

20.0.0.1

20.0.0.2

AS100

AS200

D,metric1 10

D,metric2 20

D,metric1 10 D,metric2 20

RTA will select the lower metric

IBGP

As shown in the figure above, we can set the metric value of the network D

notified by the RTB as metric 1 10 and that of the network D notified by the

RTC as metric 2 20. In this way, the RTA will select the metric 1 that has

smaller metric value by precedence.

Generally, the router only compares the MED values of respective EBGP

neighbor paths from the same AS, but not those from different ASs. Ifcomparison is required, the Quidway series routers offer the one user

interface command to change this default behavior.

Note: By default, it is not allowed to compare the MED attribute values of

paths from different AS neighbors, unless it can be confirmed that different

ASs adopt the same IGP and route selection method.


28/88


29/88


2929

Page29

Well-known Community

NO_EXPORT Routes received carrying this value cannot be advertised to EBGP peers and outside of

the confederation

NO_ADVERTISE

Routes received carrying this value cannot be advertised at all to either EBGP or IBGP

peers.

LOCAL_AS

Routes received carrying this value cannot be advertised to EBGP peers including

peers in other AS within a confederation.

INTERNET

All routes belong to this community by default. Received routes belonging to this

community are advertised freely

The community attribute is an optional transitional attribute. Some communitiesare accepted, i.e. they have the global meaning. These communities are:

NO_EXPORT: after a route with such a community attribute value is received, itshall not be notified to the peers outside an confederation.

NO_ADVERTISE: after a route with such a community attribute value is

received, it shall not be notified to any BGP peers.LOCAL-AS: after a route with such a community attribute value is received, itshall be notified to the peers inside the local AS, but not to any EBGP peers(including the EBGP peers inside the confederation).

INTERNET: After a route with such a community attribute value is received, itshall be notified to all other routers.

Besides these accepted community attribute values, the private communityattribute values can also be used for special objectives. These attribute values aremarked with some numbers.

One route can have multiple community attribute values, which is similar to the

case where a route can have multiple AS numbers in its AS path attribute. The BGProuter, which sees multiple community attribute values in one route, can takeaction according to one or more or all of these attribute values. The router can addor modify the community attribute values before it transmits the route to otherpeers.


30/88


3030

Page30

BGP Route Selection Procedure

In general, the procedure of local BGP route selection is: 1. If the next hop of this route is unreachable, this route is not selected.

2. Select the route with a higher local preference.

3. Select the originated route by the local router (same local precedence).

4. Select the route with shortest AS path.

5. Select the route with lowest origin code (IGP lower than EGP, EGP lower than Incomplete

).

6. Select the route with smallest MED .

7.Performing load sharing on multiple routes according to the configured number of routes (in

case load sharing is configured and there are multiple external routes to the same AS)

8. Select the route with smallest Router ID .

Generally, the procedure of local BGP route selection is:

(1)If the next hop of this route is unreachable, then drop this route.

(2)Select the route with a higher local precedence level.

(3)Select the originated route by the local router (the same local precedence level).

(4)Select the route whose AS path is shortest.

(5)Select the route whose origin type is IGP, EGP, and Incomplete in turn.

(6)Select the route whose MED is smallest.

(7)performing load sharing on multiple routes according to the configured number of routes(in case load sharing is configured and there are multiple external routes to the same AS)

(8)Select the route whose Router ID is smallest.

Select the best answer for the BGP route selection ( )

(1)Select the route with a higher local precedence level.

(2)Select the route whose AS path is shortest.

(3)Select the route whose MED is smallest

(4)If the next hop of this route is unreachable, then drop this route.

A: 4-1-2-3B: 4-1-3-2

C: 1-2-3-4

D: 1-3-2-4


31/88


3131

Module 6

MPLS


32/88


3232

Page 32

Chapter 1Chapter 1 MPLS OverviewMPLS Overview

Chapter 2Chapter 2 Label and Label StackLabel and Label Stack

Chapter 3Chapter 3 Label Forwarding and AllocationLabel Forwarding and Allocation


33/88


3333

Page 33

MPLS

MPLSMulti-Protocol LabelSwitching

Multi-Protocol

Support multiple Layer-3 protocols,such as IP, IPv6, IPX, SNA

Label Switching

Label packets, and replace IPforwarding with label switching

MPLS is the abbreviation of Multi-Protocol Label Switching. MP means

it support more than one protocol, such as IP, IPv6, IPX, SNA, etc. as we

know, in IP network, the routers forwarding packets by using packets

destination IP address and looking for the IP routing table to get the next hop,

while in MPLS network, we using label to forward the packets, named labelswitching. MPLS uses a short label of fixed length to encapsulate packets.

MPLS use FEC (Forwarding Equivalent Class) to classify the forwarding

packets. The packets of the same FEC are treated the same in the MPLS

network. later we will introduce the FEC.

By adding a label to the packet at the entrance of MPLS network, the

packet is forwarded by label switching, some thing like ATM Switching. And

when leaving the MPLS network, the label added is removed and the label

packet is restored to original protocol packet.

For more details about MPLS, refer to RFC 3031 (Multi-protocol Label

Switching Architecture).


34/88


3434

Page 34

Origin: To Integrate IP with ATM

Connectionlesscontrol plane

Connectionlessforwarding plane

IP

Connection-orientedcontrol plane

Connection-orientedforwarding plane

ATM

Connectionlesscontrol plane

Connection-orientedforwarding plane

MPLS

MPLS originates from the Internet Protocol version 4 (IPv4). Before MPLS

generation, IP network forwarding packets with IP routing table, by looking for the

IP routing table with packets destination IP address and get the next hop, as each

forwarded packet need to look for the IP routing table, the efficiency is low.

Another packet forwarding technology is ATM, forward packet by VPI/VCI

switching, a type of label switching, the efficiency is higher than IP forwarding. IP

network, its control plane is connectionless, and forwarding plane also is

connectionless, just hop by hop, each hop decide to choose the next hop. while

ATM, its control plane is connection-oriented, if many device need to set up the

connection with each other, the configuration is very heavy, and with label

switching, the forwarding plane is connection-oriented, the packet forwarding path

is defined before.

MPLS integrates both of the two forwarding technologies. Its control plane isconnectionless, easy to widen its network, and forwarding plane is connection-

oriented, before data forwarding, LSP need to be set up, and is available to manager

and control the setting up.


35/88


3535

Page 35

Connection-oriented Features

Connectionless: packet route

Path 1 = S1, S2, S6, S8

Path 2 = S1, S4, S7, S8

The data reach their destinationout of order along differentpaths

connection-oriented: cell switching

VC = S1, S4, S7, S8

The data reach their destination inorder along the same connection

Fixed time delay, easy to control Connection types: PVC SVC

S2 S6

S4 S7

S3 S5

S1 S8

1

1

1

2 2

2

S2 S6

S4 S7

VC

S1 S8S3 S5

As for connectionless packet forwarding, the data reach their destination out of

order, because each packet choose its forwarding path independently, and usually

the path will be different and the time delay of each packet also will be different, so

the sending sequence and the arriving sequence will be different. While the

connection-oriented packet switching, the forwarding path is fixed and then time

delay is fixed and the sending sequence and arriving sequence are the same. And it

is easy to control. There have two connection type: PVC (Permanent Virtual

Circuit) and SVC (Switched Virtual Circuit)


36/88


3636

Page 36

Basic MPLS Concepts

LSR: Label Switch Router

LER: Label Edge Router

LSP: Label Switch Path

LER

LER

LER

LER

LSR LSR

LSR

MPLS domain

IP

MPLS

LSP

Some basic concepts in MPLS:

LSR is the basic component of the MPLS network. The network consisting of

LSRs, is called an MPLS domain. The LSR located at the edge of the domain and

having a neighbor not running MPLS is an edge LSR, also called Labeled Edge

Router (LER).

The LSR located inside the domain is called a core LSR. The core LSR can be

either a router that supports MPLS or an ATM-LSR upgraded from an ATM switch.

MPLS runs between LSRs in the domain, and IP runs between an LER and an router

outside the domain.

The LSRs along which labeled packets are transmitted form an LSP.


37/88


3737

Page 37

Core LSR

Basic Working Process of MPLS

IP IP L1 IP L2 IP L3 IP

Traditional IP

forwarding

TraditionalIP forwarding Label forwarding

Edge LSR Edge LSR

The slide show the MPLS working process:

1.LDP establishes a label map for desired FECs in each LSR through the

routing table generated by the traditional routing protocols like OSPF and

IS-IS

2.The ingress receives a packet, determines its FEC and adds a label to the

packet. This packet is called the MPLS labeled packet;

3.The Transits forward the packet according to its label and the label

forwarding information base without any Layer 3 processing;

4.The egress rips off the label and continues forwarding for delivery

MPLS is a tunnel technique rather than a service or application. It is a routing

and forwarding platform, combining the label switched forwarding with the

network layer routing. It supports multiple upper layer protocols and services, and

guarantees security during the transmission of information.


38/88


3838

MPLS Packet Flow


39/88


3939

Page 39

MPLS Advantages

Replace IP header with short and fixed-length labels as forwarding basis toimprove forwarding speed

Better integrate IP with ATM

Provide value-added service withoutprejudice to efficiency:

VPN

Traffic engineering

QOS

MPLS technologys original intention is used to replace IP forwarding with

label switching to improve the forwarding efficiency, while with the development of

router technology, software based forwarding mechanism is replaced by hardware

based forwarding mechanism, the speed is higher than software based MPLS label

forwarding, so it is not exact to say that MPLS improve forwarding speed now.

Now the most charm of MPLS is that it can provide many value-added service

such as follows:

1.MPLS VPN

2.MPLS Traffic Engineering

3.MPLS Qos


40/88


4040

Page 40

MPLS Encapsulation Format and Label

MPLS headerLayer 2

headerIP header Data

Label SEXP TTL

200 23 24 31

32 bits

A label is a short, fixed length, locally significant identifier which is used to

identify a FEC. The label which is put on a particular packet represents the

Forwarding Equivalence Class to which that packet is assigned.

Most commonly, a packet is assigned to a FEC based (completely or partially)

on its network layer destination address. However, the label is never an encoding of

that address.

A label contains four fields:

Label: 20 bits, represents label value, and used as the pointer for

forwarding.

Exp: 3 bits, reserved, used for experiments, and generally used as Class of

Service (CoS).

S: 1 bit, represents label stack. The value 1 refers to the bottom layer label.

Just 0 means next head is MPLS header and 1 means next header is IP

header.

TTL: 8 bits, represents time to live, and has the same meaning as the TTL

in the IP packet.


41/88

A value of 0 represents the "IPv4 Explicit NULL Label". This label value is

only legal at the bottom of the label stack. It indicates that the label stack must be

popped, and the forwarding of the packet must then be based on the IPv4 header.

A value of 1 represents the "Router Alert Label". This label value is legal

anywhere in the label stack except at the bottom. When a received packet contains

this label value at the top of the label stack, it is delivered to a local software

module for processing. The actual forwarding of the packet is determined by the

label beneath it in the stack. However, if the packet is forwarded further, the Router

Alert Label should be pushed back onto the label stack before forwarding. The use

of this label is analogous to the use of the "Router Alert Option" in IP packets .

Since this label cannot occur at the bottom of the stack, it is not associated with a

particular network layer protocol.

A value of 2 represents the "IPv6 Explicit NULL Label". This label value is

only legal at the bottom of the label stack. It indicates that the label stack must be

popped, and the forwarding of the packet must then be based on the IPv6 header.

A value of 3 represents the "Implicit NULL Label". This is a label that an LSR

may assign and distribute, but which never actually appears in the encapsulation.

When an LSR would otherwise replace the label at the top of the stack with a new

label, but the new label is "Implicit NULL", the LSR will pop the stack instead of

doing the replacement. Although this value may never appear in the encapsulation,

it needs to be specified in the Label Distribution Protocol, so a value is reserved.


42/88

A label space refers to the value range of labels that can be allocated to LDP

peers. You can specify a label space for each interface of an LSR (per interface

label space) or for the entire LSR (per platform label space).

Platform-wide means the label should be unique with all the interfaces on the

device; interface-specific means the label should be unique with one interface,

while different interface of the device, the label value could be the same.

LDP is the protocol used to distribute the label, how can we identify the type

of generated label. LDP choose the < LSR ID> :< Label Space ID >, LSR ID

Globally unique value of an LSR (4 octets); Label space IDZero for platform-

wide label space (2 octets). For example, identifier 192.168.1.1:0 means platform-

wide, identifier 192.168.1.1:5 means interface-specific.

With different encapsulation mode, MPLS based device choose different

label space:

MPLS based frame mode use Platform-wide label space, such as IP,

Ethernet.

MPLS based cell mode use Per-interface label space, such as ATM


43/88


4343

Page 43

MPLS TTL Processing

Consider the entire MPLS domain as one hop

IP TTL --MPLS TTL255 MPLS TTL -- IP TTL --

Ingress LER LSR Egress LER

Include IP TTL in MPLS TTL

IP TTL --

MPLS TTLIP TTL MPLS TTL --

MPLS TTL --

IP TTLMPLS TTL

Ingress LER LSR Egress LER

The MPLS label comprises an 8-bit TTL field, which is similar to that in an IP

header. TTL is also used in the trace route function. As described in RFC 3031, an

LSR node needs to copy the TTL value of the IP packet or that of the upper layer

label to the TTL field of the added label. When LSR forwards a labeled packet, the

TTL value of the label at the top of the label stack decrements by 1. When the label

is out of the label stack, the LSR copies the TTL value at the top of the stack to the

IP packet or lower layer label.

Before the LSP transverses the non-TTL LSP segment formed by ATM-LSRs

or FR-LSRs, the TTL should be processed uniformly because the LSRs within that

domain cannot process the TTL field. That is, the value of the length in this non-

TTL LSP segment should be decremented by 1 on entering the segment.

In MPLS VPN applications, you can hide the MPLS backbone network

structure for security. The VRP supports different TTL propagation settings for

VPN packets and public packets.


44/88


4444

Page 44

Label Stack

Theoretically, label stack enableslimitless nesting to provide infiniteservice support. This is simply thegreatest advantage of MPLS

technology.

MPLSheader

Layer2header IP header Data

MPLSheader

Theoretically, label stack enables limitless nesting to provide infinite service

support. This is simply the greatest advantage of MPLS technology. In real use, up

to now there usually no more than four labels in packet. Each label use S bit to mark

the bottom label. The value 1 means the bottom layer label.

In layer2 header how to identify the higher layers protocol? In PPP there add a

new type of NCP called MPLSCP, identified with 0x8281. while in Ethernet 0x8847

means unicast MPLS, 0x8848 means multicast and 0x0800 means IP packet.

The label stack follow FIFO, label process from the top stack. When executing

MPLS forwarding, only use the outer side label.


45/88


4545

MPLS Architecture

Router functionality is divided into two major parts: controlplane and data plane

Data PlaneData Plane

Control PlaneControl Plane

OSPF: 10.0.0.0/8OSPF: 10.0.0.0/8

LDP: 10.0.0.0/8Label 17

LDP: 10.0.0.0/8Label 17

OSPF

LDP

LFIB

LDP: 10.0.0.0/8Label 4

LDP: 10.0.0.0/8Label 4

OSPF: 10.0.0.0/8OSPF: 10.0.0.0/8

417Labeled packet

Label 4

Labeled packetLabel 4




46/88


4646

Page 46

Basic Concepts of Label Forwarding

FEC (Forwarding Equivalence Class): Import the packetswith identical characteristics into the same LSP

NHLFE (Next Hop Label Forwarding Entry): Describelabel operations

next hop

label operation types: push/pop/swap/null

Link layer encapsulation types

FTN (FEC to NHLFE): Map FEC to NHLFE

ILM (Incoming Label Map): Map MPLS label to NHLFE

MPLS is a high-performance forwarding technology that takes the packets with

the same forwarding mode as a class. This kind of class is called Forwarding

Equivalent Class (FEC). The packets of the same FEC are treated the same in the

MPLS network. The source address, destination address, source port, destination

port, protocol type, Virtual Private Network (VPN) or any of these combinations

can determine an FEC. For example, packets transmitted to the same destination

through the longest matching algorithm belong to an FEC.

Next Hop Label Forwarding Entry (NHLFE): indicates the action to be

performed on a label, such as push, pop and swap.

FEC to NHLFE map (FTN): indicates the mapping for an FEC to NHLFE on

the ingress.

Incoming Label Map (ILM): indicates the mapping process of the received labelto NHLFE on the transits and egress.


47/88


4747

Page 47

Label Forwarding

The traditional routing protocol and Label Distribution Protocol (LDP) serve to create routingtable and label mapping table (FEC-Label mapping) in each LSR for FECs with servicerequirement, i.e. create LSP successfully.

Ingress LER receives a packet, determines the FEC that the packet belongs to, and label thepacket

In MPLS domain, packets are forwarded in accordance with labels and label forwarding table viathe forwarding unit

Egress LER removes the label and continues forwarding the packet

Parse IP headerFEC bound with LSPFTN->NHLFE

ILM->NHLFE

ILM->NHLFE

Parse IP headerdistribute FEC

mapped to next hopILM->NHLFE

Ingress LER LSR LSR Egress LER

Label operation: pushLabel operation: swap Label operation: swap

label operation: pop

A B C D

On the ingress, the packets entering the network are classified into various

FECs by their characteristics. Usually, FEC classification is done based on the

destination IP address prefix or host address. The packets belonging to the same

FEC will have the same label and pass through the same path in the MPLS domain.

LSR assigns a label for an incoming packet, and then forwards it through a specified

interface.

On the transits along the LSP, the mapping table of the incoming and outgoing

labels is established. The element of this table is referred to as NHLFE. When a

labeled packet arrives, LSR only needs to find the corresponding NHLFE from the

table according to the incoming label and replace the original label with the new

outgoing label, and then forward the labeled packet. This process is called ILM.

Therefore, this method is much simpler, and the forwarding is faster.

On the LER, it removes the label and continues forwarding the packet .


48/88


4848

Page 48

NHLFEA:

Add label L1E1B10.0.1.0/24

OthersLabel operationTransmitting interfacenext hop

NHLFE

FEC

Remove the previous label and add L2E1CL1

Otherslabel operationTransmitting interfaceNext hop

NHLFEIngress

label

B:

Remove the previous label and add L3DL2

OthersLabel operationNext hop

NHLFEIngress

label

C:

E1Transmitting interface

The "Next Hop Label Forwarding Entry" (NHLFE) is used when forwarding a

labeled packet. It contains the following information:

1. the packet's next hop

2. the operation to perform on the packet's label stack; this is one of the followingoperations:

a) replace the label at the top of the label stack with a specified new label

b) pop the label stack

c) replace the label at the top of the label stack with a specified new label, and then

push one or more specified new labels onto the label stack.


49/88


4949

Page 49

Creating LSP

LSP drive modes:

Driven by stream: incoming packets drive LSP creation

Driven by topology: topology information (route) drives LSPcreation

Driven by application: application (like QoS) drives LSPcreation

Signaling protocol is used to distribute labels between LSRs andestablish LSP:

LDP: Label Distribution Protocol

CR-LDP: Constrained Route LDP

RSVP-TE

MP-BGP PIM

Actually, LSP establishment refers to the process of binding FEC with the

label, and then advertising this binding to the adjacent LSR on LSP. But how to

drive the LSPs creation, there have several drive modes:

Driven by stream: incoming packets drive LSP creation

Driven by topology: topology information (route) drives LSP creation

Driven by application: application (like QoS) drives LSP creation

And now there have several signaling protocol can be used to distribute

labels such as :

LDP: Label Distribution Protocol

CR-LDP: Constrained Route LDP, When LSP establishment is issued at

the Ingress, some constraint information is added to the LSP

RSVP-TE: resource reservation setup protocol with traffic-engineering

extensions

MP-BGP:Multiprotocol-BGP

PIM: Protocol Independent Multicast, Multicast routing architecture that

allows the addition of IP multicast routing on existing IP networks.

PIM is unicast routing protocol independent and can be operated in two

modes: dense and sparse.


50/88


5050

Label Distribution Protocol (LDP)Label Distribution Protocol (LDP)

LSPs can be defined explicitly for every FEC by networkadministrator or dynamically using LDP.

1

1

LER LERLSR

2

1

0 2 4

Request for label128.89.25.4 Data

12

Request for label

8

LERs assign a label, corresponding to a LSP, to each IP datagram as it is transmitted

towards the destination.Thereafter, at each corresponding hop, the label is used to forward the packet to its nexthop. Two protocols for label request LDP and RSVP-TEBoth LDP and RSVP-TE create LSPs by first sending label requests through thenetwork hop-by-hop to the egress point.

Ingress LER makes a request to upstream router for Label to be used.


51/88

Look carefully about the label forwarding table, there have IN interface and IN

label, OUT interface and OUT label. As for IN label, this label means that I (stand

for this router) distribute to the others, the OUT label means that the other routers

distribute to me, I will put it to the packet. As for some special label value such as 3,

the operation is pop, the label will be removed.

From this table we can view that IN label is different (if it is platform-wide),

and OUT label there may have some same values, why?

Perhaps one is that the label is distributed by different next hop device, they

generate the labels independently, the other is the same route item such as

10.1.1.0/24 in this table, there have several different IN interface such as Serial0 and

Serial1.


5151

Page 51

Label Forwarding Table

IN interface IN label Prefix/MASK OUT interface

(next hop)

OUT label

Serial0 50 10.1.1.0/24 Eth03.3.3.3 80

Serial1 51 10.1.1.0/24 Eth03.3.3.3 80

Serial1 62 70.1.2.0/24 Eth03.3.3.3 52

Serial1 52 20.1.2.0/24 Eth14.4.4.4 52

Serial2 77 30.1.2.0/24 Serial35.5.5.5) 3pop

The in and out is correspond to the label swapnot the labeldistribution.

The in label is that I distribute to the others, I will not put it to

the packet

The out label is the others distribute to me, I will put it to thepacket


52/88


5252

1a. Existing routing protocols (e.g. OSPF, IS-IS)establish reachability to destination networks

1b. Label Distribution Protocol (LDP)establishes label to destinationnetwork mappings.

2. Ingress Edge LSR receivespacket, performs Layer 3 value-added services, and labelspackets

4. Edge LSR ategress removes

label and deliverspacket

3. LSR switchespackets using labelswapping

MPLS Operation Re-Cap


53/88


5353

Module 7

MEN Architecture & Services


54/88


5454

MEN Architecture


55/88


5555

MCN - Media Convergence Node is the access node to the Reliancenational backbone network, spread across cities. MCN is a point of

Metro and Core Network integration

MAN Metro Aggregation Node At here multiple BAN ringsterminate. This node acts as high-speed gigabit aggregation.

BAN -Building Aggregation Node is primarily a high end Gigabitaggregation switch terminating multiple BA gigabit aggregation rings.

BN Building Node - The access element is referred as the BN. Thiselement is capable of offering various QoS to customers.

Definitions


56/88


5656

Page 56

Reliance MEN Network today

RDN IP/MPLSBackbone

MCN1

MAN

BAN

BAN

BN

BN

City CCity A

City B City D

MCN1

MCN1MCN1

All MCN nodes connectto RDN with full mesh by

L2VPN Virtual Circuit.

MCN2

MAN

MANMAN

BAN

BAN

BAN

BAN

BAN

BAN

BN BN BN BN

BN

BN

BN

BN

BN

BN

BN

BN

BN

BN

BN

BNBN

MAN

MAN

MAN

MAN

MAN

MAN

MCN:Media Convergence Node (Cisco 7609), in Mumbai city and top ten cities

deployed two node for redundancy and other cities only deployed one node.

MAN:Metro Aggregation Node (Cisco 7609), each cities deployed multiple node.

BAN:Building Aggregation Node (Some site are Cisco 7609 acting as layer 3

device, some site are Cisco 3750 acting as layer 2 traffic aggregation device andwill be replaced by CX600).

BN: Building Nodes (Cisco ME3400 and Cisco 3550), act as last mile accessing

customers.

RDN: Reliance Data Network (Juniper T640/T320), is Reliance IP/MPLS backbone

network.


57/88


5757

Page 57

Topology of Mumbai City today

BN

RDN IP/MPLSBackbone

InternetInternet

MAN

BANBAN

BN BN

BN

BN

BN

SESM

ISGISG

BN

BNBN

CAG1CAG2

IAG

BN

BN

BN

BN

BAN BAN

BN

BN

BN

IAD

IAD CPE CPE

Wimax BaseStationIP DSLAM

IAD SS SS

MAN

MAN

MCN1 MCN2

MAN

MAN

BAN Rings dual homing toMAN Ring

Two sets of MCN link toRDN with back up design

DHCP/IPTV

Radius

Reliance Voice

AG/MGW

TG

IPTV Head end System: Microsoft IPTV Edition software 1.1

IPTV STB: Tatung corporation (Chinese company and a partner with Microsoft

corporation of IPTV services)

ISG: Internet Service Gateway (Cisco 7301) (BRAS)

IAG: Internet Access Gateway (Juniper M40E)

CAG: Customer Access Gateway (Big enterprise and other ISP ASBR)

SESM: (Cisco policy server)

Each city the MCN nodes connecting the IDC where it is deployed DHCP servers,

AAA servers, IPTV head system, Network Management system, ISG, SESM.

In Mumbai city there are two MCN nodes deployed.

For residential customers, there are three access types on last mile, IP DSLAM and

Lan switch and Wimax, and each customer can be deployed three terminals: PC

STBVoIP.

For enterprise customers, each customer deployed a CPE and connected to BN node

of Reliance MEN.


58/88


5858

Page 58

Topology of Top Ten Cities today

BN

RDN IP/MPLSBackbone

InternetInternet

MAN

BN BN

BN

BN

BN

SESM

ISGISG

BN

BNBN

CAG1CAG2

IAG

BN

BN

BN

BN

BAN BAN

BN

BN

BN

IAD

IAD CPE CPE


IAD SS SS

MAN

MAN

MCN1 MCN2

BAN rings single homingto MAN ring

Two sets of MCN link toRDN with back up design

MAN

MAN

BANBAN

Reliance Voice

AG/MGW

TGDHCP/IPTV

Radius







SESM: (Cisco policy server)

Each city the MCN nodes connecting the IDC where it is deployed DHCP servers,

AAA servers, IPTV head system, Network Management system, ISG, SESM.

In Mumbai city there are two MCN nodes deployed.

For residential customers, there are three access types on last mile, IP DSLAM and

Lan switch and Wimax, and each customer can be deployed three terminals: PC

STBVoIP.

For enterprise customers, each customer deployed a CPE and connected to BN node

of Reliance MEN.


59/88


5959

Page 59

Topology of Normal City today

BN

RDN IP/MPLSBackbone

InternetInternet

MANBAN BAN

BN BN

BN

BN

SESM

ISGISG

BN BN

BNBN

BN

BN

CAG1CAG2

IAG

IAD

IAD CPE CPE

Wimax BaseStation

BN

IP DSLAM

IAD SS SS

MAN MAN

DHCP/IPTV

Radius

Reliance Voice

AG/MGW

TG

MCN1







For MCN node, only Mumbai city deployed two nodes and other cities just

deployed one node.


60/88


6060

Page 60

building up New BAN and BN Ring

CX600 CX600CX600

CX200 CX200

CX200

CX200CX200

CX200

CX200 CX200

CX200 CX200

CX200 CX200

BN ring single homing to BAN BN ring dual homing to BAN

Each BAN has maximum 12 BN rings and each BN ring has maximum 14 BN

nodes on the ring.

Two scenario: one is BN ring single homing to BAN node, the other scenario is BN

ring dual homing to BAN nodes.


61/88


6161

Page 61

Adding CX600 or Replacing Cisco

Equipments in MAN/BAN RingMCN1 MCN2

CX600

CX600 CX600

CX600

C7609

C7609

C7609 C7609

C7609

C7609MAN Ring

MAN Ring

MAN Ring

adding CX600 as new MAN node in MAN ring.


62/88


6262

Unused Fiber Route (UFR) Network


63/88


64/88


6464

UFR Network

Dual-Homed Section UFR with IP-DSLAM ring


65/88


6565

UFR Network

6 number of nodes (stacked 3750)

recommended in the level 1 8 numbers of nodes recommended in the level-2

12 numbers of nodes in the dual homedsituation


66/88


6666

STP in UFR Architecture

Considering MSTP in all the UFR Layer-2

switches it would result in a exceptionally largeLayer-2 domain which would provide impracticalconvergence times in the event of a OFC link orDevice failure

Rapid PVST is used in the UFR Architecture

IP-DSLAM will run MSTP or RSTP.


67/88


6767

MEN Services


68/88


6868

Page 68

Reliance MEN Services

Residential Broadband Services

HSI

VoIP

IPTV (BTV&VOD)

Enterprise Services

Inter-AS VPN Services


69/88


70/88


7070

BIA thru DLC

MA Ring(7609)

MCNRDN ILT7609 TAG TN

MANMAN

BA Rings

BAN Rings(7609)BAN

BAN

BAN

BAN

Ring

Rings

Rings

DLC-RTADSLCard(24port)

Fa

Fa

TNCT

TNMAN

ADSL ModemRJ 11

RJ 45


71/88


72/88


7272

Page 72



Enterprise Services

E-LINE

E-LAN

L3VPN

MVPN


Enterprise Services:

-EPL

Inter-AS VPN Services:

-L3VPN

-MVPN

-CSC


73/88


7373

Page 73

Enterprise Services (E-LINE)

BN

RDN IP/MPLS

Backbone

MANBAN BAN

MCN1

BN BN

BN

BN

BN BN

BNBN

BN

BN

MAN MAN

MCN2

BN

MANBAN BAN

MCN1

BN BN

BN

BN

BN BN

BNBN

BN

BN

MAN MAN

CPECPE

CPECPE

EPL: Ethernet Private Line


74/88


7474

Page 74

Delhi

MCN1

MCN2

VPN-X VPN-Y

RR

BAN

BAN

VPN-Z

BNBN

BAN

RR2

RDN IP/MPLSBackbone

Enterprise Services (E-LAN)

Multipoint-to-multipoint

connection forenterprise customersby E-LAN


75/88


7575

Page 75

Enterprise Services (MPLS L3VPN )

Delhi

MCN1

MCN2

VPN-X VPN-Y

RR

BAN

BAN

VPN-Z

BNBN

BAN

RR2

RDN IP/MPLSBackbone

Multipoint-to-multipoint

connection forenterprise customersby L3VPN


76/88


7676

Page 76

Enterprise Services (MVPN)

BN Ring

CX200

CX600

CX200

CX600 CX600

CX600

CX600

CX200

CX200

BN Ring

MCN1

BAN Ring

MAN Ring

CX600

MAN Ring

MCN1

RDN IP/MPLSBackbone

CX200

City X City Y

BAN Ring

CPE

MCN2

MAN

MAN

MAN

MAN

MAN

MAN

CPE CPE

MVPN: Multicast VPN


77/88


7777

Page 77



Enterprise Services



78/88


7878

Page 78

Inter-AS VPN(L3VPN)

BN

RDN IP/MPLS

Backbone

InternetInternet

MANBAN BAN

MCN1

BN BN

BN

BN

SESM

ISGISG

BN BN

BNBN

BN

DHCP/IPTV/Management

CAG1CAG2

IAG

BN

MAN MANMCN acts as ASBR ofReliance MEN andestablished Inter-ASconnection with CAG

CPECPE

CPE


79/88


7979

Network Implementation


80/88


8080

Page80

IP Address Planning

There are three types services.

HSI

HSI service assigned with public internet IP

address

VoIP

VoIP service assigned with Reliance private IP

address

IPTV

IPTV service assigned with Reliance private IP

address

different services using different scopes of IP addresses.


81/88


8181

Page81

VLAN Assigning

Access Mode VALN ID IP Address of Gateway

IP DSLAM VLAN 102Using IP Address of

super-vlan as their gatewayEthernet Lan Switch VLAN 66

Wimax VLAN 65

Static IP address

assignedVLAN 64

IP address of logical vlan-interface

64

Multicast VLAN VLAN 999IP address of logical vlan-interface

999

enterprise customers

Per customer

per VLAN ID

Packets processed by BAN

According to VLAN ID and go intoL3VPN,VPLS,MVPN

Residential Customers can access Reliance MEN by three last miles access

types, IP DSLAM, Active Ethernet LAN switch and Wimax. Each access types

assigned one VLAN id, IP DSLAM assigned VLAN id 102, LAN switch

assigned VLAN id 66,Wimax assigned VLAN id 65, static IP address assigned

VLAN id 64, multicast VLAN id 999;

For VLAN id 65,66,102 act as sub-VLANs and created a super-VLAN logic

interface to share the IP gateway and isolated different sub-VLANs each

other;

For VLAN id 64, services carried with VLAN 64 will be terminated by itself

logic interface, not by super-VLAN interface;

Multiple ports belong to same VLAN on one box deployed port separated

feature with each other;

For VLAN id 999, used for multicast VLAN and created VLAN logic interface

to terminate multicast service;


82/88


8282

Page 82

VLAN Assigning

BN

Reliance RDNIP/MPLS Backbone

InternetInternet

MANBAN BAN

MCN1 MCN2

BN BN

BN

BN

SESM

ISGISG

BN BN

BNBN

BN

DHCP/IPTVCAG1

CAG2

IAG

IAD

IAD CPE CPE

Wimax BaseStation

BN

IP DSLAM

IAD SS SS

MAN MAN

Radius

Reliance Voice

AG/MGW

TG

VLAN 102 and 999should be configured

VLAN 65 should be configured

Customer VLAN IDshould be configured


83/88


8383

Page83

MPLS L3VPN for HIS and VoIP

Reliance RDNIP/MPLS Backbone

InternetInternet

MANBAN BAN

MCN1 MCN2

SESM

ISGISG

DHCP/IPTVCAG1

CAG2

IAG

IAD

IAD CPE CPE


IAD SS SS

MAN MAN

Radius

Reliance Voice

AG/MGW

TG

PIM SM/SSM&Anycast RP&MSDP

IGMP Snooping &IGMP Throttling &IGMP filter


84/88


8484

Page84

MPLS L3VPN for Customers

AS 65000

Delhi

MCN1

MCN2

VPN-X VPN-Y

MP-iBGP

RR

BAN

BAN

VPN-Z

BNBN

BAN

RR2

RDN IP/MPLSBackbone

MPLS LDP LSP

MPLS TETunnel


85/88


8585

Page85

MPLS L2VPN for Customers

MPLS LDP LSP

MPLS TETunnel

Martini mode


86/88


8686

Page86

MPLS VPLS for Customers

Delhi

MCN1

MCN2

VPN-X VPN-Y

RR

BAN

BAN

VPN-Z

BNBN

BAN

RR2

RDN IP/MPLSBackbone

MPLS LDP LSP

MPLS TETunnel

Martini mode


87/88


8787

Page87

Multicast VPN for Customers

BN Ring

CX200

CX600

CX200

CX600 CX600

CX600

CX600

CX200

CX200

BN Ring

MCN1

BANRing

MAN Ring

CX600

MAN Ring

MCN1

RDN IP/MPLSBackbone

CX200

City X City Y

BANRing

PIM-SM/SSM

PIM SM/DM (CPE&BAN)

RP&MSDP RP&MSDP

CPE

MCN2

MAN

MAN

MAN

MAN

MAN

MAN

CPE CPE

MVPN only deployed for enterprise customer with video applications;

Default-MDT for PIM RPT, data-MDT for PIM SPT;

Deploying PIM SM/SSM routing protocol on each MCN &MAN & BAN

nodes;

Deploying BFD for PIM feature to achieve multicast redundancy of PIM DRfailure on BN dual homing BAN scenario;

Deploying four RP nodes using Any-cast RP feature for multicast traffic load

balance and redundancy (RP location: Mumbai, De

Documents

MEN Part 1- Day5 -Ver1_NoRestriction