30
1 _________________________________________________ ___________________________________________ ______________________________________________ RTTC Pune presents

MPLS VPN

Tags:

Embed Size (px)

Citation preview

  • __________________________________________________________________________________________________________________________________________RTTC Pune presents

  • Internet Network of NetworksEach and every IP packet in the network is routed independently as it is a connectionless networkMultiple packets originated from the same source for the single destination may follow different path in the internetThe packets may reach the destination out of sequence also bad for VoIP and VideoSome of the packets may also fail to reach the destinationHence Quality of Service can not be assured by the internet network

  • Internet-Security: WeaknessesInternet is an open network i.e. any person from anywhere can access any part of networkInternet is a shared network and is not controlled by any single agencyNo security mechanism has been provided in the network - Network security is left to the customerCustomer can adopt different means for data protection depending upon how important the data is?

  • Internet Devices

    Firewalls To avoid unauthorized intrusions

    Switches To connect LANs

    Routers To route the traffic from Source to Destination

  • Private NetworksLeased LinesInfosysMumbaiInfosysBangaloreInfosysHyderabadWiproMumbaiWiproChennaiWiproBangaloreInfosys Pune

  • Private NetworkAdvantages:Leased lines are securedPrivacy and QoS GuaranteedDisadvantagesLeased lines are very expensiveNo of links required grows exponentially if full mesh connectivity is required and network expands.Tunnels are used to flow traffic from one end to otherNetwork complexity increases as network grows. All existing sites requires reconfiguration in case of a new site addition.

  • Internet Based Private NetworkWiproPuneInternetShared InfrastructureInfosys PuneInfosysHyderabadInfosysMumbaiWiproChennaiInfosysBangaloreWiproBangalore

  • Internet Based Private NetworkAdvantages:Single physical connectivity at each site. No reconfiguration required at existing sites in case of addition of new site to the network.Huge saving in annual connectivity charges.Disadvantages:Highly insecure environmentNo guarantee of Privacy and QoSAny unauthorized traffic can enter in private network

  • Virtual Private NetworkWhat is VPN?Applying some policies to the traffic flowing in the shared network (BSNL) so that traffic of one customer (Wipro) will not mix-up with other customer (Infosys). VPN create the feeling in customer about security and safety of their valuable data on the shared network Different solutions are available to make communication over internet safe, secure and it can also ensure desired grade of quality of service. These solutions are known as VPN solutions.Earlier different protocols like L2TP, PPTP, IPSec etc are used to provide VPN solutions to customers. These Protocols take care of data authenticity, data integrity, and if required data confidentiality.

  • VPN TunnelsTunneling is the mechanism to encapsulate IP datagrams inside another packet so that original datagram is not visible to network. Every packet is authenticated to ensure that it is coming from right source and optionally packets can be encrypted also for data confidentiality if required FirewallFirewallInternet

  • Virtual Private NetworkInternetFirewallsWiproMumbaiInfosys PuneInfosysHyderabadWiproBangaloreInfosysBangaloreInfosysMumbaiWiproChennai

  • Advantages of VPN - Data SecurityAuthenticityEnsures the identity of all communicating partiesEach data packet was originated by the claimed senderData IntegrityEnsures that information being transmitted over the link is not altered in any way during transitData ConfidentialityProtects the privacy of information being exchanged between communicating parties

  • MPLS Based VPNsWhat is the need for new technology like MPLS?In normal IP based network routing decisions are done on hop-by-hop basis ( i.e. at every node / router)Leased Line based network is highly expensive and do not provide mesh connectivity among the sites by default Hence a need of a ultra fast forwarding technologyMPLS changes the hop-by-hop paradigm by enabling devices (routers) to specify paths for a specific type of traffic to follow in the network based upon QoS and bandwidth needs of the applications

  • Advantages of MPLS Based IP Infrastructure

    Security is the responsibility of MPLS NetworkCompany will be responsible for the Security of the Information and network in a Point to Point leased lines.Simple Network Implementation & Easy Network Expansion at Customer PremisesEasy to configure & ManageBetter traffic management for BSNL as well as Customer using techniques like QoS, CoS and Traffic EngineeringHence strict SLA can be achieved with customers Lower cost compared to Leased LinesEasy Introduction of New Services like VoIP, Video Multicasting over the same link

  • Complexity of Customers Network with Point to Point Leased Lines

    PuneAhmedabadMumbaiLucknowKolkottaDelhiChennaiBangaloreErnakulamHyderabadLeased lines from BSNL

  • How it looks in the MPLS environment LinksRouterPuneAhmedabadMumbaiLucknowKolkottaDelhiChennaiBangaloreErnakulamHyderabadBSNLs MPLS VPN Network

  • What is MPLS ?

    Multi Protocol Label SwitchingA technology for speeding up data communication over combined IP (or ATM) networks. MPLS improves the speed of packet processing and enhances performance of the network.

  • How does MPLS work ?MPLS attaches a label to IP packet when the IP packet enters the MPLS domain By looking at the label router takes decision on whether to accept the packet (if it is destination) or make packet forwarding decisions and swaps the label. Above activity happens at every intermediate router till packet reaches the destination. With MPLS, the Layer 3 header analysis (i.e. looking at Source and Destination IP Address) is done just once when the packet enters the MPLS domain. Label inspection drives subsequent packet forwarding.

  • Strength of MPLS MPLS provide a connection-oriented service for transporting data across computer networks Ability to use any physical transmission media allows higher backbone and interface capacityUltra Fast Forwarding TechnologyMPLS provides beneficial applications like: Virtual Private Networking (VPN) Traffic Engineering (TE) Quality of Service (QoS)

  • Advantages of MPLS MPLS is an initiative that integrates Layer 2 information about network links (bandwidth, latency, utilization) into Layer 3 (IP) within a particular autonomous system--BSNL--in order to simplify and improve IP Packet exchange. MPLS gives network operators (BSNL) a great deal of flexibility to divert and route traffic around link failures, congestion, and bottlenecks.

  • Terminology used in MPLSLabel Switched Path (LSP) :Each network path created by the MPLS protocol is a LSPLSP is an unidirectional entity

    Label Switching Routers (LSR) :Each IP router that supports the MPLS protocol is called a label switching router (LSR)Four different types of LSRs: ingress, transit, penultimate, and egress

  • Terminology used in MPLS

    Ingress Router :The ingress router is the only entry point for user data traffic into MPLS and is a start point of LSP.

    Egress Router :The egress router is the end point of the LSP.

    Transit Router :All routers located in the middle of an LSP are considered transit routers. Main function is to swap the label

    Penultimate Router :One of the transit routers in an LSP which has a special function called Penultimate Hop Popping to perform.

  • Terminology used in MPLSLabels :A header created by an edge label switch router (edge LSR) and used by label switch routers (LSR) to forward packets.Identifies the path a packet should traverse.

    Forwarding Equivalence Class (FEC) FEC is a group of IP packets which are forwarded in the same manner, over the same path, and with the same forwarding treatment. An FEC might correspond to a destination IP subnet. For example, all traffic with a certain value of IP precedence might constitute a FEC.

  • MPLS Network :

  • MPLS ArchitectureMPLS Architecture is divided into two planes:1. Control Plane : Create Labels and LSPs2. Data Plane : Forwarding Labeled Packets

    MPLS takes help of many Protocols:1. Routing Protocols2. Signaling Protocols LDP or RSVP

  • MPLS Architecture

    MPLS was created to combine the benefits of connectionless L3 routing and forwarding with connection-oriented L2 forwarding.

    MPLS clearly separates the control plane, where L3 routing protocols establish the paths used for packet forwarding

    And the data plane, where L2 label switched paths forward data packets across the MPLS infrastructure.

    MPLS also simplifies per-hop data forwarding, where it replaces the L3 lookup function performed in traditional routers with simpler label swapping.

  • How MPLS works?

  • What is Quality of ServiceDesktop Conferencing,Distance LearningMission-Critical ApplicationsFTPE-Mail

  • Role of QoSProtect mission-critical applicationsVoice, ERP, data warehouse, sales force automationPrioritize groups of usersFinance, sales, suppliersEnable multimedia applicationsDistance learning, desktop video conferencing

  • Quality of Service (QoS)MPLS has got very powerful tools like traffic prioritization, traffic scheduling, traffic shaping, traffic policing etc to ensure proper grade of quality of service to customer.Broadly three grades of services are available at present in MPLS VPN ServiceGold (Guaranteed bandwidth, delivery, Jitter and latency)Silver (Guaranteed delivery)Bronze (Best effort)

  • BSNLS MPLS Network

  • QoS has been a critical requirement for the wide-area network for years. Bandwidth, delay, and delay variation requirements are at a premium in the wide-area. The importance of end-to-end QoS is increasing due to the rapid growth of intranets and extranet applications that have placed increased demands on the entire network. QoS plays a number of important roles: Protect mission-critical applicationsQoS can protect mission critical applications, such as mission critical enterprise applications or sales automation systems, from bandwidth hungry applications such as multimedia, web-casting, and real-time video applications.Prioritize groups of usersQoS can also be used to prioritize traffic based on user or user group classification such as sales and engineering groups.Enable multimedia applicationsQoS is required to enable many new multimedia applications such distance learning or desktop video conferencing. QoS policies can also restrict the use of network resources by these bandwidth-hungry applications.


Interas Mpls VPN

Interas Mpls VPN

Documents
Mpls l3 VPN Tmpll3v001

Mpls l3 VPN Tmpll3v001

Documents
MPLS/WAN/VPN Bandwidth Services at NNPC Nodal … MPLS Based Bandwidth... · MPLS/WAN/VPN Bandwidth Services at NNPC Nodal Hubs ... Service (MPLS) and Virtual Private Network (VPN)

MPLS/WAN/VPN Bandwidth Services at NNPC Nodal … MPLS Based Bandwidth... · MPLS/WAN/VPN Bandwidth Services at NNPC Nodal Hubs ... Service (MPLS) and Virtual Private Network (VPN)

Documents
MPLS VPN - Product Presentation

MPLS VPN - Product Presentation

Documents
MPLS VPN MPLS VPN - · PDF fileMPLS VPN • MPLS VPNs are enhancement to MPLS • MPLS uses a virtual circuit (VC) across a private network to lt th VPN f it V PN emulate the VPN function

MPLS VPN MPLS VPN - · PDF fileMPLS VPN • MPLS VPNs are enhancement to MPLS • MPLS uses a virtual circuit (VC) across a private network to lt th VPN f it V PN emulate the VPN function

Documents
Troubleshooting MPLS VPN Networks · 2019-05-03 · MPLS VPN Control Plane—MPBGP • MPLS VPN is based on RFC2547 • The whole MPLS VPN concept revolves around MP-BGP • MP-BGP

Troubleshooting MPLS VPN Networks · 2019-05-03 · MPLS VPN Control Plane—MPBGP • MPLS VPN is based on RFC2547 • The whole MPLS VPN concept revolves around MP-BGP • MP-BGP

Documents
VPN Mpls Ipsec Tls

VPN Mpls Ipsec Tls

Documents
Mpls vpn toi

Mpls vpn toi

Engineering
MPLS VPN - ctamericas.com · MPLS VPN China Telecom’s MPLS VPN services are the ultimate cost-effective solutions for business communication needs, offering the security, reliability,

MPLS VPN - ctamericas.com · MPLS VPN China Telecom’s MPLS VPN services are the ultimate cost-effective solutions for business communication needs, offering the security, reliability,

Documents
Technickézajímavosti z implementace MPLS VPN s multicast VPN

Technickézajímavosti z implementace MPLS VPN s multicast VPN

Documents
MPLS VPN - HH

MPLS VPN - HH

Documents
Kamal-mpls Based VPN

Kamal-mpls Based VPN

Documents
Mpls l3 VPN Principle

Mpls l3 VPN Principle

Documents
MPLS VPN Tutorial Dang

MPLS VPN Tutorial Dang

Documents
MPLS L3 vpn workbook.pdf

MPLS L3 vpn workbook.pdf

Documents
Mpls l2 VPN Tmpll2v001

Mpls l2 VPN Tmpll2v001

Documents
MPLS VPN Security - Deniz AYDINmonsterdark.com/wp-content/uploads/MPLS-VPN-Security.pdf · MPLS Security: History 2001: First MPLS deployments; little security concerns ... Cisco

MPLS VPN Security - Deniz AYDINmonsterdark.com/wp-content/uploads/MPLS-VPN-Security.pdf · MPLS Security: History 2001: First MPLS deployments; little security concerns ... Cisco

Documents
MPLS VPN Technology

MPLS VPN Technology

Documents
Sigcom Mpls VPN

Sigcom Mpls VPN

Documents
Bgp Mpls VPN Principle

Bgp Mpls VPN Principle

Documents
GRE VPN Mpls

GRE VPN Mpls

Documents
MPLS VPN. MPLS/BGP VPNs Goals MPLS/BGP VPN Features Implementation Conclusions

MPLS VPN. MPLS/BGP VPNs Goals MPLS/BGP VPN Features Implementation Conclusions

Documents
IPClear MPLS VPN Whitepaper

IPClear MPLS VPN Whitepaper

Documents
Juniper L2 MPLS VPN

Juniper L2 MPLS VPN

Technology
MPLS VPN Configurations

MPLS VPN Configurations

Documents
MPLS Protocol & Services Interoperability Event ...• VPN - Virtual Private Network • BGP/MPLS VPN - Layer 3 MPLS VPN using BGP-4 • VRF Table - VPN Routing and Forwarding Table

MPLS Protocol & Services Interoperability Event ...• VPN - Virtual Private Network • BGP/MPLS VPN - Layer 3 MPLS VPN using BGP-4 • VRF Table - VPN Routing and Forwarding Table

Documents
MPLS-VPN Services

MPLS-VPN Services

Documents
Comparison between traditional vpn and mpls vpn

Comparison between traditional vpn and mpls vpn

Education
MPLS VPN Service - PCCW Globalmediafiles.pccwglobal.com/images/downloads/SP_MPLS_VPN_20131029...MPLS VPN Service PCCW Global’s MPLS ... Customer Portal Database Customer Service

MPLS VPN Service - PCCW Globalmediafiles.pccwglobal.com/images/downloads/SP_MPLS_VPN_20131029...MPLS VPN Service PCCW Global’s MPLS ... Customer Portal Database Customer Service

Documents
MPLS VPN - Theseus

MPLS VPN - Theseus

Documents