MPLS-2015-CISCOLIVE

8/20/2019 MPLS-2015-CISCOLIVE

1/75


2/75

Introduction to MPLSBRKMPL-1100

Eric Osborne

Principal Engineer, Cisco

[email protected]


3/75

© 2013 Cisco and/or its affiliates. All rights reserved.BRKMPL-1100 Cisco Public

Session Goals

Understand history and business drivers for MPLS Learn about MPLS customer and market segments

Understand the problems MPLS is addressing

Understand the major MPLS technology components

Understand typical MPLS applications

Understand benefits of deploying MPLS

Learn about MPLS futures; where MPLS is going

Objectives


4/75


Agenda

Introduction MPLS Technology Basics

MPLS Layer-3 VPNs

MPLS Layer-2 VPNs

Advanced Topics

Summary

Topics


5/75

Introduction


6/75© 2013 Cisco and/or its affiliates. All rights reserved.BRKMPL-1100 Cisco Public

Intro

Involved in Internet networks since 1995

At cisco since 1998

– TAC, AS, DE

Co-Author, “Traffic Engineering with MPLS” (Cisco Press 2003)

Long-time IP/MPLS guy

About Me



What Is MPLS?

Multi Multi-Protocol: The ability to carry anypayload.

Have:IPv4, IPv6, Ethernet, ATM, FR.

Could do IPX, AppleTalk, DECnet, etc

etc.

Protocol

Label Uses Labels to tell a node what to dowith a packet; separates forwarding(hop by hop behavior) from routing

(control plane)

Switching Routing == IPv4 or IPv6 lookup.Everything else is Switching.



What is MPLS?

It’s all about labels …

Use the best of both worlds – Layer-2 (ATM/FR): efficient forwarding and traffic engineering

– Layer-3 (IP): flexible and scalable

MPLS forwarding plane – Use of labels for forwarding Layer-2/3 data traffic

– Labeled packets are being switched instead of routed Leverage layer-2 forwarding efficiency

MPLS control/signaling plane – Use of existing IP control protocols extensions + new protocols

to exchange label information Leverage layer-3 control protocol flexibility and scalability

Brief Summary



Technology Comparison

IP Native Ethernet

Forwarding

Destination address based

Forwarding table learned

from control plane

TTL support

Destination address based

Forwarding table learned

from data plane

No TTL support

Forward

Control Plane Routing ProtocolsEthernet Loop avoidance

and signaling protocols

Ro

M

Packet Encapsulation IP Header 802.3 Header MP

QoS 8 bit TOS field in IP header 3-bit 802.1p field in VLAN tag 3 bit

OAM IP ping, traceroute E-OAM

Key Characteristics of IP, Native Ethernet, and MPLS



Evolution of MPLSTechnology Evolution and Main Growth Areas

1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 20

Bring MPLS to Market

Complete base MPLS portfolio

Optimize MPLS for video

Optimpac

Cisco ships

MPLS

FirstL3VPNs

Deployed

First MPLS TE

Deployments

First L2VPN

Deployments

Large Scale

L3VPNDeployments

Large Scale

MPLS TEDeployments

Large ScaleL2VPN

Deployments

First LSM

Deployments

First

Dep

Evolved from tag switching in 1996 to full

IETF standard, covering over 130 RFCs Key application initially were Layer-3 VPNs,

followed by Traffic Engineering (TE),and Layer-2 VPNs


11/75

MPLS Technology Basics


12/75


Topics

MPLS reference architecture

MPLS Labels

MPLS signaling andforwarding operations

MPLS Traffic Engineering

MPLS OAM

Basics of MPLS Signaling and Forwarding

Transport

MPLS Forwarding

IP/MPLS (LDP/RSVP-TE/BGP)

Layer-3 VPNs Layer-2 VPNs

Service (Clients)


13/75


MPLS Reference Architecture

P (Provider) router

– Label switching router (LSR)

– Switches MPLS-labeled packets

PE (Provider Edge) router

– Edge router (LER)

– Imposes and removes MPLS

labels

CE (Customer Edge) router

– Connects customer network toMPLS network

Different Type of Nodes in a MPLS Network

MPLS Domain

CE

CE

Label switched traffic

P

P

P

P

PE

PE


14/75


MPLS Labels

Labels used for makingforwarding decision

Multiple labels can be used forMPLS packet encapsulation

No limit on the number oflabels in a stack.

Outer label always used forswitching MPLS packets innetwork

Inner labels usually used forservices (e.g. L2/L3 VPN)

Label Definition and Encapsulation

TC = Traffic Class: 3 Bits; S = Bottom of Stack;

MPLS Label Stack Ent

MPLS Label Stack (1

MPLS Label Stack (2 la

Label = 20 bits T

LAN MAC Header Label, S=0

LAN MAC Header Label , S


15/75


MPLS QoS

MPLS label contains 3 TC bits

Used for packet classification andprioritization – Similar to Type of Service (ToS) field

in IP packet (DSCP values)

DSCP values of IP packet mappedinto TC bits of MPLS label – At ingress PE router

Most providers have defined 3–5service classes (TC values)

Different DSCP TC mappingschemes possible – Uniform mode, pipe mode, and short

pipe mode

QoS Marking in MPLS Labels

MPLS HeaderLayer-2 Header La

MPLS DiffServ Marking

in Traffic Class BitsIP

TC D


16/75


Basic MPLS Forwarding Operations

Label imposition (Push)

– By ingress PE router; classify andlabel packets

– Based on Forwarding EquivalenceClass (FEC)

Label swapping – By P router; forward packets using

labels; indicates service class &destination

Label disposition (Pop) – By egress PE router; remove label

and forward original packet todestination CE

How Labels Are Being Used to Establish End-to-end Connectivity

CE

CE

PE

PE

Label Imposition

(Push)

Label Swap Label Swap

P

P

P

PL1

L2 L3


17/75


MPLS Path (LSP) Setup and Traffic Forward

LSP signaling

– Either LDP* or RSVP – Leverages IP routing

– Routing table (RIB)

Exchange of labels

– Label bindings

– Downstream MPLS node advertises whatlabel to use to send traffic to node

MPLS forwarding

– MPLS Forwarding table (FIB)

MPLS Traffic Forwarding and MPLS Path (LSP) Setup

IP

Forwarding

Destination address

Forwarding table le

from control pla

TTL support

Control Plane OSPF, IS-IS, BG

Packet

EncapsulationIP Header

QoS 8 bit TOS field in IP

OAM IP ping, tracerou

* LDP signaling assumed for next the examples


18/75


MPLS Path (LSP) Setup

LDP signaling

– Leverages existing routing

RSVP signaling

– Aka MPLS RSVP/TE

– Enables enhanced capabilities, such asFast ReRoute (FRR)

Can use both protocolssimultaneously

– They work differently, they solvedifferent problems

– Dual-protocol deployments are verycommon

Signaling Options

LDP

Forwarding path LSP

Forwarding

Calculation

Based on IP routing database

Shortest-Path based

Packet

EncapsulationSingle label

Signaling

By each node independently

Uses existing routing

protocols/information


19/75


MPLS Path (LSP) Setup with LDP

Exchange of IP routes

– OSPF, IS-IS, EIGRP, etc.

Establish IPreachability

Step 1: IP Routing (IGP) Convergence

1

01

InLabel

Addr essPrefix

…

OutI’face

128.89 1

171.69 1

…

OutLabel

InLabel

AddressPrefix

…

OutI’face

128.89 0

171.69 1

…

OutLabel

InLa

You Can Reach 171.69 Thru Me

You Can Reach 128.89 and

171.69 Thru Me

Routing Updates

(OSPF, EIGRP, …)

You C

Forwarding Table Forwarding Table

0

1

1


20/75


IP Packet Forwarding Example

IP routing information

exchanged between nodes – Via IGP (e.g., OSFP, IS-IS)

Packets being forwardedbased on destination IPaddress

– Lookup in routing table (RIB)

Basic IP Packet Forwarding

0

1

1

128.89.25.4 Data

128.89.25.

128.89.25.4 Data

…

128.89

171.69

Addr ess I/F

1

1

…

128.89

171.69

Address I/F

0

1

ForwardingTable ForwardingTable


21/75


MPLS Path (LSP) Setup with LDP

Local label mapping are sent to

connected nodes

Receiving nodes updateforwarding table

– Out label

LDP label advertisement

happens in parallel(downstream unsolicited)

Step 2: Assignment of Remote Labels

1

01

UUse Label 20 for 128.89 and

Use Label 21 for 171.69

Label Distribution

Protocol (LDP)(Downstream

All ocati on)

Use Label 36 fo r 171.69

InLabel Add ressPrefix

128.89

171.69

…

OutI’face

1

1

…

OutLabel InLabel AddressPrefix

128.89

171.69

…

OutI’face

0

1

…

OutLabel

20

21

…

-

-

…

30

36

…

20

21

…

Forwarding Table Forwarding Table

0

1

1


22/75


MPLS Traffic Forwarding with LDP

Ingress PE node adds label

to packet (push) – Via forwarding table

Downstream node uselabel for forwardingdecision (swap)

– Outgoing interface – Out label

Egress PE removes labeland forwards originalpacket (pop)

Hop-by-hop Traffic Forwarding Using Labels

1

0

1

128.89.25.4 Data 128.89.25.4 Data20

128.89.230

Forwarding based on

Label

In

Label

Add ress

Prefix

128.89

171.69

…

Out

I’face

1

1

…

Out

Label

In

Label

Add ress

Prefix

128.89

171.69

…

Out

I’face

0

1

…

Out

Label

In

Labe

20

21

…

-

-

…

30

36

…

20

21

…

30

…

Forwarding Table Forwarding Table Fo

0

1

1


23/75


MPLS Traffic Forwarding with LDP

Routing protocol distributes routes

LDP distributes labels that map to routes

Packets are forwarded using labels

…

So what?

…

MPLS’s benefit shows up later, in two places:

1. Divergence from IP routed shortest path

2. Payload-independent tunneling

Quick recap


24/75


MPLS Path (RSVP) Setup

MPLS-TE lets you deviate from the IGP shortest-cost path

This gives you lots of flexibility around how you send traffic across

Three steps:

1. Information distribution

2. Path calculation

3. LSP signaling


25/75



Flood link characteristics in the IGP

– Reservable bandwidth, link colors, otherproperties

IP/MPLS


26/75



IGP: Find shortest (lowest

cost) path to all nodes.

TE: Per node, find the shortest(lowest cost) path whichmeets constraints.

Link with ins

Link with su

n

n

Find

shortest

path to R8with 8Mbps

IP/MPLS

53

10

15

10

10

8

R1


27/75



Set up the calculated path using RSVP

(Resource ReSerVation Protocol)

Once labels are learned, they’reprogrammed just like LDP labels

– At the forwarding level, you can’t tell whetheryour label came from RSVP or LDP

– All the hard work is in the control plane

– No per-packet forwarding hit for any of this

IP/MPLSHead end

PATH

RESV

L=16


28/75


MPLS TE Fast ReRoute (FRR)

Steady state

– Primary tunnel: A → B → D → E

– Backup tunnel: B → C → D (pre-provisioned)

Failure of link between router Band D

Traffic rerouted over backuptunnel

Recovery time 50 ms – Actual Time Varies—Well Below 50 ms in Lab

Tests

Implementing Network Failure Protection Using MPLS RSVP/TE

Router D

Router C

Router A Router B

RouteRouter X

P

B


29/75


MPLS OAM

MPLS LSP Ping

– Used for testing end-to-end MPLS connectivity similar to IP ping – Can we used to validate reachability of LDP-signaled LSPs, TE tunnels, and PWs

MPLS LSP Trace – Used for testing hop-by-hop tracing of MPLS path similar to traceroute – Can we used for path tracing LDP-signaled LSPs and TE tunnels

MPLS LSP Multipath (ECMP) Tree Trace – Used to discover of all available equal cost LSP paths between PEs – Unique capability for MPLS OAM; no IP equivalent!

Auto IP SLA – Automated discovery of all available equal cost LSP paths between PEs – LSP pings are being sent over each discovered LSP path

Tools for Reactive and Proactive Trouble Shooting of MPLS Connect


30/75


Summary

MPLS networks consist of PE routers at in/egress and P routers in

Traffic is encapsulated with label(s) at ingress (PE router)

Labels are removed at egress (PE router)

MPLS forwarding operations include label imposition (PUSH), swadisposition (POP)

LDP and RSVP can be used for signaling label mapping informatioan end-to-end Label Switched Path (LSP)

RSVP label signaling enables setup of TE tunnels, supporting enhengineering capabilities; traffic protection and path management

Key Takeaways


31/75

MPLS Virtual Private Networks


32/75


MPLS Virtual Private Networks

Definition of MPLS VPN

service

Basic MPLS VPN deploymentscenario

Technology options

Topics

Transport

MPLS Forwarding



Service (Clients)


33/75


What Is a Virtual Private Network?

Set of sites which communicate with each other in a secure way

– Typically over a shared public or private network infrastructure

Defined by a set of administrative policies

– Policies established by VPN customers themselves (DIY)

– Policies implemented by VPN service provider (managed/unmanaged)

Different inter-site connectivity schemes possible

– Full mesh, partial mesh, hub-and-spoke, etc.

VPN sites may be either within the same or in different organizatio

– VPN can be either intranet (same org) or extranet (multiple orgs)

VPNs may overlap; site may be in more than one VPN

Definition


34/75


MPLS VPN: Build vs Buy?

To some people, “deploying MPLS VPN” means building your own

network

To some, it means “buying MPLS-based VPN services from a prov

Most of the heavy lifting is in building your own

Buying may or may not have any impact on your network


35/75


MPLS VPN Example

VPN policies

– Configured on PE routers (manualoperation)

VPN signaling – Between PEs

– Exchange of VPN policies

VPN traffic forwarding

– Additional VPN-related MPLS labelencapsulation

PE-CE link – Connects customer network to MPLS

network; either layer-2 or layer-3

Basic Building Blocks

Label Switched Traffic

P

P

PE

PE

CE

PE-CE

Link

P

P

CE

VPN

Policy

VPN

Policy

VPN Signaling


36/75


MPLS VPN Models

MPLS Layer-3 VPNs

– Peering relationship between CEand PE

MPLS Layer-2 VPNs

– Interconnect of layer-2 AttachmentCircuits (ACs)

Technology Options

MPLS VPN Models

• CE connecte

based conne

layer-2 type)

– Static rou

– PE-CE rou

eBGP, OS

• CE routing h

relationship

routers are p

routing

• PE routers m

specific rout

exchange cu

routing infor

MPLS LMPLS Layer-2 VPNs

Point-to-PointLayer-2 VPNs

Multi-PointLayer-2 VPNs

• CE

connected

to PE viap2p L2

connection

• CE-CE L2

connectivity

• CE-CE

routing; no

SP

involvement

• CE

connected to

PE viamp2mp

Ethernet

connection

• CE-CE L2

connectivity

• CE-CE

routing; no

SP

involvement


37/75

MPLS Layer-3 Virtual Private Networks

MPLS L 3 Vi t l P i t N t k


38/75



Technology components

VPN control plane mechanisms

VPN forwarding plane

Deployment use cases

– Business VPN services

– Network segmentation

– Data Center access

Topics

Transport

MPLS Forwarding



Service (Clients)

MPLS L 3 VPN O i


39/75


MPLS Layer-3 VPN Overview

VPN policies

– Separation of customer routing via virtual VPN routing table (VRF) – In PE router, customer interfaces are connected to VRFs

VPN signaling – Between PE routers: customer routes exchanged via BGP (MP-iBGP)

VPN traffic forwarding – Separation of customer VPN traffic via additional VPN label

– VPN label used by receiving PE to identify VPN routing table

PE-CE link – Can be any type of layer-2 connection (e.g., FR, Ethernet)

– CE configured to route IP traffic to/from adjacent PE router

– Variety of routing options; static routes, eBGP, OSPF, IS-IS

Technology Components

Vi t l R ti d F di I t


40/75


Virtual Routing and Forwarding Instance

Virtual routing and forwarding table

– On PE router – Separate instance of routing (RIB) and

forwarding table

Typically, VRF created for eachcustomer VPN

– Separates customer traffic

VRF associated with one or morecustomer interfaces

VRF has its own routing instance forPE-CE configured routing protocols

– E.g., eBGP

Virtual Routing Table and Forwarding to Separate Customer Traffic

VRF

Blue

VRF

Green

CE

PE

CE

VPN 2

VPN 1

VPN R t Di t ib ti


41/75


VPN Route Distribution

Full mesh of BGP sessions

among all PE routers – Or BGP Route Reflector

(common)

Multi-Protocol BGP extensions(MP-iBGP) to carry VPN policies

PE-CE routing options – Static routes

– eBGP

– OSPF

– IS-IS

Exchange of VPN Policies Among PE Routers


P

P

PE

PE

CE

PE-CE

Link

P

P

CEP

P

Blue VRF

Red VRF

BGP Route Reflector

VPN Control Plane Processing


42/75



Make customer routes unique:

Route Distinguisher (RD):8-byte field, VRF parameters; unique value to make VPN IP routes

VPNv4 address: RD + VPN IP prefix

Selective distribute VPN routes:

Route Target (RT): 8-byte field, VRF parameter, unique value to dimport/export rules for VPNv4 routes

MP-iBGP: advertises VPNv4 prefixes + labels



43/75


Blue VPN


1. CE1 redistribute IPv4 route to

PE1 via eBGP2. PE1 allocates VPN label for

prefix learnt from CE1 to createunique VPNv4 route

3. PE1 redistributes VPNv4 routeinto MP-iBGP, it sets itself as a

next hop and relays VPN siteroutes to PE2

4. PE2 receives VPNv4 routeand, via processing in localVRF (green), it redistributesoriginal IPv4 route to CE2

Interactions Between VRF and BGP VPN Signaling

BGP advertisement :

VPN-IPv4 Addr = RD:16.1/16

BGP Next-Hop = PE1

Route Target = 100:1Label=42

PPE1

eBGP:

16.1/16

PCE1

ip vrf blue-vpn

RD 1:100

route-target export

1:100

route-target import

1:100

VRF parameters:

Name = blue-vpnRD = 1:100

Import Route-Target = 100:1

Export Route-Target = 100:1

VPN Forwarding Plane Processing


44/75


VPN Forwarding Plane Processing

1. CE2 forwards IPv4 packet to PE2

2. PE2 imposes pre-allocated VPNlabel to IPv4 packet received fromCE2 Learned via MP-IBGP

3. PE2 imposes outer IGP label A(learned via LDP) and forwardslabeled packet to next-hopP-router P2

4. P-routers P1 and P2 swap outerIGP label and forward label packetto PE1 A->B (P2) and B->C (P1)

5. Router PE1 strips VPN label andIGP labels and forwards IPv4packet to CE1

Forwarding of Layer-3 MPLS VPN Packets

P1PE1 P2CE1

IGPLabel A

IPv4VPNv4Label

IGPLabel B

IPv4VPNv4Label

IGPLabel C

IPv4Packet

IPv4

Service Provider Deployment Scenario


45/75



Deployment Use Case

– Delivery of IP VPN services tobusiness customers

Benefits – Leverage same network for

multiple services and customers(CAPEX) Highly scalable

– Service enablement onlyrequires edge nodeconfiguration (OPEX)

– Different IP connectivity can beeasily configured; e.g.,full/partial mesh

MPLS Layer-3 VPNs for Offering Layer-3 Business VPN Services

VPNCoreEdge Core

CPEE

Managed VPN Service

Unmanaged VPN Service

Network

SegmentCPE Edge

MPLS NodeCE PE

Typical

Platforms ASR1K

ISR/G2

ASR9K

7600

ASR1K

ASR903

ME3800X

Enterprise Deployment Scenario


46/75


Enterprise Deployment Scenario

Deployment Use Case

– Segmentation of enterprisenetwork to provide selectiveconnectivity for specific usergroups and organizations

Benefits

– Network segmentation only

requires edge node configuration – Flexible routing; different IP

connectivity can be easilyconfigured; e.g., full/partial mesh

MPLS Layer-3 VPNs for Implementing Network Segmentation

VPNCoreEdge Core

AccessE

MPLS VPNs for L3 Network

Segmentation

Network

Segment Access Edge

MPLS Node CE PE

Typical

Platforms ASR1K

ISR/G2

7600

ASR1K

Data Center Deployment Scenario


47/75


Data Center


Deployment Use Case

– Segmented WAN Layer-3 atData Center edge

– Layer-3 segmentation in DataCenter

Benefits

– Only single Data Center edge

node needed for segmentedlayer-3 access

– Enables VLAN/Layer-2 scale (>4K)

MPLS Layer-3 VPNs for Segmented L3 Data Center Access and Inte

CoreDistribution Core Access

Top Of Rack

MPLS VPNs term

aggreg

Network

Segment

Distribut ion Core

MPLS Node CE or PE P or CE

Typical

Platforms

N7K

6500

N7K

6500

MPLS L3 VPN: Build vs buy?


48/75


MPLS L3 VPN: Build vs buy?

Key consideration: bringing SP into the customer’s routing domain

Easy to solve with BGP, the world’s only political routing protocol!

Also works with static routes: no dynamic handoff, no potential for mess

BGP and static are very popular

EIGRP, OSPF, RIP are also options

Summary


49/75


Summary

MPLS Layer-3 VPNs provide IP connectivity among CE sites

– MPLS VPNs enable full-mesh, hub-and-spoke, and hybrid IP connectivity

CE sites connect to the MPLS network via IP peering across PE-C

MPLS Layer-3 VPNs are implemented via VRFs on PE edge node

– VRFs providing customer routing and forwarding segmentation

BGP used for signaling customer VPN (VPNv4) routes between PE

To ensure traffic separation, customer traffic is encapsulated in anVPN label when forwarded in MPLS network

Key applications are layer-3 business VPN services, enterprise nesegmentation, and segmented layer-3 Data Center access

Key Takeaways


50/75




51/75


MPLS Layer 2 Virtual Private Networks

L2VPN technology options

P2P VPWS services (PWs) – Overview & Technology Basics

– VPN control plane

– VPN forwarding plane

MP2MP VPLS services – Overview & Technology Basics

– VPN control plane – VPN forwarding plane

Deployment use cases – L2 Business VPN services

– Data Center Interconnect

Topics

Transport

MPLS Forwarding



Service (Clients)



52/75


MPLS Layer 2 Virtual Private Networks

VPWS services

– Point-to-point – Referred to as Pseudowires

(PWs)

VPLS services

– Multipoint-to-Multipoint

EVPN – BGP-based mp2mp

PBB-EVPN

– Combines scale tools fromPBB with BGP learning fromEVPN

Technology Options

MPLS Layer-2 VPNs

Point-to-PointLayer-2 VPNs (VPWS)

Multipoint-to-Layer-2 V

VPLS

MPLS L2 VPN


53/75


MPLS L2 VPN

Started with p2p, but that doesn’t scale well

Many issues to solve with multipoint – Discovery: who do I talk to?

– Signaling: what label(s) do I send them?

– Learning: what MACs are at which sites?

– Connectivity: can CEs be multihomed? ECMP orredundancy?

Can solve in the control plane or in the dataplane

Control plane: BGP or LDP?

Data plane is often expensive

Why so many solutions?

Virtual Private Wire Services (VPWS)


54/75


Virtual Private Wire Services (VPWS)

Based on IETF’s Pseudo-Wire(PW) Reference Model

Enables transport of any Layer-2traffic over MPLS

PE-CE link is referred to as Attachment Circuit (AC)

Provides a p2p service

Discovery: manual (config)

Signaling: LDP

Learning: data plane

Overview of Pseudowire (PW) Architecture


P

P

PE

PE

CE

Attachmen t

Circuit (AC)

P

P

CE

Pseudo-Wire 1

Pseudo-Wire 2

Emulated Layer-2 Service

Layer-2

Layer-2

VPWS Control Plane Processing


55/75


g

1. New Virtual Circuit (VC) cross-connect connects customer L2

interface (AC) to new PW via VC IDand remote PE ID

2. New targeted LDP session betweenPE1 and PE2 is established, in caseonedoes not already exist

3. PE binds VC label with customer

layer-2 interface and sends label-mapping to remote PE

4. Remote PE receives LDP labelbinding message and matches VCID with local configured VC cross-connect

Signaling of a New Pseudo-Wire

2 LDP session

3 Label Mapping M

1

4

PPE PCE

Emulated Layer-2 Service

VPWS Forwarding Plane Processing


56/75


g g

1. CE2 forwards L2 packet to PE2.

2. PE2 pushes VC (inner) label to L2packet received from CE2 – Optionally, a control word is added

as well (not shown)

3. PE2 pushed outer (Tunnel) labeland forwards packet to P2

4. P2 and P1 forward packet using

outer (tunnel) label (swap)5. Router PE2 pops Tunnel label and,

based on VC label, L2 packet isforwarded to customer interface toCE1, after VC label is removed – In case control word is used, new

layer-2 header is generated first

Forwarding of Layer-2 Traffic Over PWs

P1PE1 P2CE1

IGPLabel A

EthPWLabel

IGPLabel B

EthPWLabel

IGPLabel C

EthernetFrame

Eth

EVPN


57/75


Provides mp2mp

Discovery: BGP, using MPLSVPN mechanisms (RT)

Signaling: BGP

Learning: Control plane (BGP)

Allows for multihomed CEs

PE

PE

CE2

CE1

Emulated Virtual Switch

BGP RR

BGP advertisement:

L2VPN/EVPN Addr = CE1.MAC

BGP Next-Hop = PE1

Route Target = 100:1

Label=42

PBB-EVPN


58/75


Combines Provider Backbone

Bridging (802.1ah) with EVPN – Scales better than straight EVPN – Removes the need to flood all MAC

addresses in BGP

Provides mp2mp

Discovery: BGP, using MPLSVPN mechanisms (RT)

Signaling: BGP

Learning: Forwarding plane

Allows for multihomed CEs

PE

PE

CE2

CE1

Emulated Virtual Switch

BGP RR

BGP advertisement:

L2VPN/EVPN Addr = PE1.B-MAC

BGP Next-Hop = PE1

Route Target = 100:1

Label=42

CE-CE MAC addresses learned in the data pla



59/75


p y

Deployment Use Case

– Delivery of E-LINE services tobusiness customers

Benefits – Leverage same network for

multiple services andcustomers (CAPEX) Highly scalable

– Service enablement onlyrequires edge nodeconfiguration (OPEX)

PWs for Offering Layer-2 Business VPN Services

Network

SegmentCE PE

Typical

Platforms M3400 ASR901

ME3800X ASR903

ASR9K

PPE PCE

Layer-2 VPN Service



60/75


y

Deployment Use Case

– E-LAN services for Data Centerinterconnect

Benefits

– Single WAN uplink to connect tomultipleData Centers

– Easy implementation ofsegmented layer-2 trafficbetween Data Centers

VPLS for Layer-2 Data Center Interconnect (DCI) Services

NetworkSegment

DC Edge Core

MPLS Node CE P

Typical

Platforms

ASR9K

7600

6500

CRS-1

ASR9K

Core

Core

Edge

Core

Core

DCEdge

Data Center

Summary


61/75


L2VPNs enable transport of any Layer-2 traffic over MPLS network

L2 packets encapsulated into additional VC label

Both LDP and BGP can be used L2VPN signaling

PWs suited for implementing transparent point-to-point connectivityLayer-2 circuits (E-LINE services)

VPLS suited for implementing transparent point-to-multipoint connbetween Ethernet links/sites (E-LAN services)

Typical applications of L2VPNs are layer-2 business VPN servicesCenter interconnect

Key Takeaways


62/75

Advanced Topics

MPLS And IPv6


63/75


MPLS allows IPv6 to be

deployed as an edge-onlyservice, no need to run v6 in thecore

– Easier to deploy

– Security mechanism

6PE: All IPv6 can see each

other (single VPN) – IPv6+label (no RD, no RT)

6VPE: Separate IPv6 VPNs

– VPNv6, includes RD and RT

IPv6 Support for Native MPLS Deployments and MPLS Layer-3 Serv

P6PE PCE

IPv6 IPv4 MPLS

P6VPE PCE

IPv6 IPv4 MPLS

Label Switched Multicast (LSM)


64/75


What is Label Switched Multicast? – MPLS extensions to provide

P2MP connectivity – RSVP extensions and multicast LDP

Why Label-Switched Multicast? – Enables MPLS capabilities, which

can not be applied to IP multicasttraffic (e.g., FRR)

Benefits of Label-SwitchedMulticast – Efficient IP multicast traffic

forwarding

– Enables MPLS traffic protection andBW control of IP multicast traffic

Point-to-Multi-Point MPLS Signaling and Connectivity

IP/MPLS

Uni-Direction

LSP

IP/MPLS

P2MP or MP2

LSP Tree

MPLS /IP

Label Switched

Multicast (LSM)

MPLS Transport Profile (TP)


65/75


What is MPLS TP? – Point-to-point static LSPs which are co-

routed – Bi-directional TP tunnel

Why MPLS TP? – Migration of TDM legacy networks often

assume continuation of connection-oriented operations model

– MPLS TP enables packet-basedtransport with connection-orientedconnectivity

Benefits of MPLS TP – Meets transport-oriented operations

requirements – Enables seamless migration to dynamic

MPLS

Bi-Directional MPLS Tunnel Extensions For Transport Oriented Conn

Transport

MPLS Forwarding

IP/MPLS(LDP/RSVP-TE/BGP) MPL(Static/R

PPE PCE

Bi-Directional

MPLS TP Tunnel

Futures


66/75


New MPLS Developments on the Horizon

MPLS and Cloud

IntegrationVPN Data Center

Integration

MPLS Multilayer

OptimizatonTE+TP+RSVP+GMPLS

Global OptimizationS-PCE/SDN

Control Plane

ReductionSegment Routing


67/75

Summary

Summary


68/75


It’s all about labels … – Label-based forwarding and protocol for label exchange

– Best of both worlds … L2 deterministic forwarding and scale/flexible L3 s

Key MPLS applications are end-to-end VPN services – Secure and scalable layer 2 and 3 VPN connectivity

MPLS supports advanced traffic engineering capabilities – QoS, bandwidth control, and failure protection

MPLS is a mature technology with widespread deployments – Defacto for most SPs, large enterprises, and increasingly in Data Center

Ongoing technology evolution – IPv6, optimized video transport, TP transport evolution, and cloud integra

Key Takeaways

Consider MPLS When …D i i C it i


69/75


Is there a need for network segmentation? – Segmented connectivity for specific locations, users, applications, etc.

Is there a need for flexible connectivity? – E.g., Flexible configuration of full-mesh or hub-and-spoke connectivity

Is there a need for implementing/supporting multiple (integrated) se – Leverage same network for multiple services

Are there specific scale requirements? – Large number of users, customer routes, etc.

Is there a need for optimized network availability and performance? – Node/link protection, pro-active connectivity validation

– Bandwidth traffic engineering and QoS traffic prioritization

Decision Criteria

Cisco Live 2013MPLS S i


70/75


BRKMPL-1100 Introduction to MPLS

BRKMPL-2100 Deploying MPLS Traffic Engineering

BRKMPL-2101 Deploying MPLS-based Layer 2 Virtual Private Networks BRKMPL-2102 Deploying MPLS-based IP VPNs

BRKMPL-2108 Designing MPLS in Next Generation Data Center: A Case Study

BRKMPL-2109 MPLS Solutions for Cloud Networking

BRKMPL-2333 E-VPN & PBB-EVPN: the Next Generation of MPLS-based L2VPN

BRKMPL-3010 Generalized MPLS - Introduction and Deployment

BRKMPL-3101 Advanced Topics and Future Directions in MPLS

LTRMPL-2102 Enterprise Network Virtualization using IP and MPLS Technologie LTRMPL-3100 Unified MPLS Lab

LTRMPL-3102 Enterprise Network Virtualization using IP and MPLS Technologie

PNLSPG-3999 Transport Evolution in SP Core Networks

TECMPL-3100 Unified MPLS - An architecture for Advanced IP NGN Scale

TECMPL-3200 SDN WAN Orchestration in MPLS and Segment Routing Network

MPLS Sessions

Terminology ReferenceA U d i MPLS R f A hit t


71/75


Terminology Description

AC Attachment Circuit. An AC Is a Point-to-Point, Layer 2 Circuit Between a CE and a PE.

AS Autonomous System (a Domain)

CoS Class of Service

ECMP Equal Cost Multipath

IGP Interior Gateway Protocol

LAN Local Area Network

LDP Label Distribution Protocol, RFC 3036.

LER Label Edge Router. An Edge LSR Interconnects MPLS and non-MPLS Domains.

LFIB Labeled Forwarding Information Base

LSP Label Switched Path

LSR Label Switching Router

NLRI Network Layer Reachability Information

P Router An Interior LSR in the Service Provider's Autonomous System

PE Router An LER in the Service Provider Administrative Domain that Interconnects the Customer Network and the Back

PSN Tunnel Packet Switching Tunnel

Acronyms Used in MPLS Reference Architecture

Terminology ReferenceAcronyms Used in MPLS Reference Architecture


72/75


Terminology Description

Pseudo-Wire A Pseudo-Wire Is a Bidirectional “Tunnel" Between Two Features on a Switching Path.

PWE3 Pseudo-Wire End-to-End Emulation

QoS Quality of Service

RD Route Distinguisher

RIB Routing Information Base

RR Route Reflector

RT Route Target

RSVP-TE Resource Reservation Protocol based Traffic Engineering

VPN Virtual Private Network

VFI Virtual Forwarding Instance

VLAN Virtual Local Area Network

VPLS Virtual Private LAN Service

VPWS Virtual Private WAN Service

VRF Virtual Route Forwarding Instance

VSI Virtual Switching Instance

Acronyms Used in MPLS Reference Architecture

Further ReadingMPLS References at Cisco Press and cisco com


73/75


http://www.cisco.com/go/mpls

http://www.ciscopress.com

MPLS and VPN Architectures — Cisco Press®

– Jim Guichard, Ivan Papelnjak

Traffic Engineering with MPLS — Cisco Press®

– Eric Osborne, Ajay Simha

Layer 2 VPN Architectures — Cisco Press®

– Wei Luo, Carlos Pignataro, Dmitry Bokotey, and Anthony Chan

MPLS QoS — Cisco Press ®

– Santiago Alvarez

MPLS References at Cisco Press and cisco.com

Complete Your Online Session Evaluation

http://www.cisco.com/go/mplshttp://www.ciscopress.com/http://www.ciscopress.com/http://www.cisco.com/go/mpls


74/75


Maximize your Cisco Live exp

free Cisco Live 365 account. D

PDFs, view sessions on-dema

live activities throughout the y

Cisco Live 365 button in your

log in.

Give us your feedback andyou could win fabulous prizes.Winners announced daily.

Receive 20 Cisco Daily Challengepoints for each session evaluationyou complete.

Complete your session evaluationonline now through either the mobileapp or internet kiosk stations.


75/75

Documents

MPLS-2015-CISCOLIVE