Upload
duongxuyen
View
221
Download
1
Embed Size (px)
Citation preview
© 2005 Petr Grygarek, Advanced Computer Networks Technologies 1
Multiprotocol Label SwitchingMultiprotocol Label Switching(MPLS)(MPLS)
Petr GrygPetr Grygáárekrek
2© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Technology in BriefTechnology in Brief
• Inserts underlying label-based forwarding layer under traditional network layer routing• label forwarding + label swapping similar to ATM/FR
• Forwarding tables (switching paths) may be constructed by various mechanisms providing enormous flexibility• switching tables constructed using IP routing protocol(s) or some other
mechanism
• Completely decouples data plane forwarding from path determination (control plane)
• Packet forwarding does not depends only on routing protocols that search for shortest path for particular L3 routed protocol based on particular IGP metric
• Integrates advantages of traditional packet switching and circuit switching worlds
3© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS Advantages & ApplicationsMPLS Advantages & Applications• improves the price/performance of network layer routing
• MPLS switching algorithm might be simpler and faster than traditional IP routing (longest match)
• Processor-intensive packet analysis and classification happens only once at the ingress edge
• But MPLS should not be primarily considered a method to make routers much But MPLS should not be primarily considered a method to make routers much faster anymore todayfaster anymore today
• integrates various traditional applications on single setvice provider platform
• Internet, L3 VPN, L2 VPN, L2 virtual P2P lines, Voice (->QoS, fast reconvergence), …
• Wide range of traffic-engineering and node/link protection options
• improves the scalability of the network layer• eliminating huge IP routing tables by establishing forwarding hierarchy
• provides greater flexibility in the delivery of (new) routing services • new routing services may be added without change to the forwarding paradigm
• Multiple VRF-based VPNs (with address overlap), traffic-engineering,…
• integrates IP routing with VC-based networks (like ATM)
4© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Frame Mode and Cell ModeFrame Mode and Cell Mode
• Frame modeFrame mode• frame switching, used today in service provider's and frame switching, used today in service provider's and
other core networksother core networks• encapsulate IP or any other payloads (even L2 frames)encapsulate IP or any other payloads (even L2 frames)
• Cell modeCell mode• Used to integrate connectionless packet forwarding Used to integrate connectionless packet forwarding
applications with connection-oriented networks applications with connection-oriented networks (ATM)(ATM)
• Mostly historical, not used anymore todayMostly historical, not used anymore today
5© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS position in OSI RMMPLS position in OSI RMMPLS operates between link and network layerMPLS operates between link and network layer• Deals with L3 routing/addressingDeals with L3 routing/addressing• Uses L2 labels for fast switchingUses L2 labels for fast switching
• Additional “shim” headers placed between L2 and Additional “shim” headers placed between L2 and L3 headersL3 headers• it’s presence indicated in L2 headerit’s presence indicated in L2 header
• Ethernet EtherType, PPP Protocol field, Frame Relay NLPID, Ethernet EtherType, PPP Protocol field, Frame Relay NLPID, ……
• 8847 – unicast, 8848 multicast8847 – unicast, 8848 multicast
• Inherent labels of some L2 technologiesInherent labels of some L2 technologies• ATM VPI/VCI, Frame Relay DLCI, optical switching ATM VPI/VCI, Frame Relay DLCI, optical switching
lambdas, …lambdas, …
6© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Label-based packet forwardingLabel-based packet forwarding• Packet marked with labels at ingress MPLS router (label imposition)Packet marked with labels at ingress MPLS router (label imposition)
• Allows to apply various rules to impose labels • destination network prefix, QoS, policy routing (traffic engineering), VPNs, …• labels imply both routes (IP destination prefixes) and service attributes (QoS, labels imply both routes (IP destination prefixes) and service attributes (QoS,
TE, VPN, …)TE, VPN, …)• Multiple labels can be imposed (label stack)Multiple labels can be imposed (label stack)
• allows special applications (hierarchical MPLS forwarding)allows special applications (hierarchical MPLS forwarding)
• Packet quickly forwarded according to labels through MPLS corePacket quickly forwarded according to labels through MPLS core• uses only label swapping, no IP routinguses only label swapping, no IP routing• IP routing information may be used only to build forwarding tables, not for IP routing information may be used only to build forwarding tables, not for
actual (potentially slow) IP routingactual (potentially slow) IP routing
• Label removed at egress router and packet forwarded using Label removed at egress router and packet forwarded using standard L3 IP routing table lookupstandard L3 IP routing table lookup• In reality, penultimate hop removes label to avoid double In reality, penultimate hop removes label to avoid double
lookup on egress devicelookup on egress device
7© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Components of MPLS architectureComponents of MPLS architecture
• Forwarding Component (data plane)• “brute force” forwarding using label forwarding information
base (LFIB)• Control Component (control plane)
• Control plane implementation for MPLS-based IP routing:
• Creates and updates label bindings (LFIB)• <IP_prefix, label>
• MPLS node has to participate in routing protocol (IGP or static routing) and/or some MPLS node has to participate in routing protocol (IGP or static routing) and/or some other signalling mechanismother signalling mechanism
• including ATM switches in MPLS cell-modeincluding ATM switches in MPLS cell-mode
• Labels assignment is distributed to other MPLS peers• using some sort of label distribution protocol (LDP)
Control and forwarding functions are separated
8© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS DevicesMPLS DevicesLabel-Switch Router (LSR)Label-Switch Router (LSR)
• Any router/switch participating on label assignment and Any router/switch participating on label assignment and distribution that supports label-based packet/cell switchingdistribution that supports label-based packet/cell switching
LSR ClassificationLSR Classification• Core LSR (P-Provider)Core LSR (P-Provider)• Edge LSR (PE-Provider Edge)Edge LSR (PE-Provider Edge)(Often the same kind of device, but configured differently)(Often the same kind of device, but configured differently)
• Frame-mode LSRFrame-mode LSR• MPLS-capable router with Ethernet interfacesMPLS-capable router with Ethernet interfaces
• Cell-mode LSRCell-mode LSR• ATM switch with added functionality (control software)ATM switch with added functionality (control software)
9© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Functions of Edge LSRFunctions of Edge LSR
• Any LSR on MPLS domain edge, i.e. with non-MPLS Any LSR on MPLS domain edge, i.e. with non-MPLS neighboring devicesneighboring devices
• Performs label imposition and dispositionPerforms label imposition and disposition• Packets classified and label imposedPackets classified and label imposed• Classification based on routing and policy requirementsClassification based on routing and policy requirements
• Traffic engineering, policy routing, QoS-based routingTraffic engineering, policy routing, QoS-based routing
• Information of L3 (and above) headers inspected only Information of L3 (and above) headers inspected only once at edge of the MPLS domainonce at edge of the MPLS domain
10© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Forwarding Equivalence Class (FEC)
• Packets classified into FECs at MPLS domain Packets classified into FECs at MPLS domain edge LSRedge LSR• according unicast routing destinations, QoS class, according unicast routing destinations, QoS class,
VPN, multicast group, traffic-engineered traffic VPN, multicast group, traffic-engineered traffic class, …class, …
• FEC is a class of packets to be MPLS-switched FEC is a class of packets to be MPLS-switched the same waythe same way
11© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Label switching path (LSP)Label switching path (LSP)
• Sequence of LSRs between ingress and egress Sequence of LSRs between ingress and egress (edge) LSRs(edge) LSRs• + sequence of assigned labels (local significance)+ sequence of assigned labels (local significance)
• Unidirectional (!)Unidirectional (!)• Reverse path can take completely different routeReverse path can take completely different route
• For every forward equivalence classFor every forward equivalence class• May diverge from IGP shortest pathMay diverge from IGP shortest path
• Path established by traffic engineering using explicit Path established by traffic engineering using explicit routing and label switching paths tunnels routing and label switching paths tunnels
12© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Upstream and downstream neighborsUpstream and downstream neighbors
• From perspective of some particular LSRFrom perspective of some particular LSR• Related to particular destination (and FEC)Related to particular destination (and FEC)• Routing protocol’s Next-hop address determines Routing protocol’s Next-hop address determines
downstream neighbordownstream neighbor
Upstream neighbor is closer to data source whereas Upstream neighbor is closer to data source whereas downstream neighbor is closer to the destination downstream neighbor is closer to the destination networknetwork
13© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Label and label stackLabel and label stack• Label format (and length) dependent on L2 Label format (and length) dependent on L2
technologytechnology• Labels have local-link significance, each LSR Labels have local-link significance, each LSR
creates it’s own label mappingscreates it’s own label mappings• although not a rule, same label is often propagated although not a rule, same label is often propagated
from different links for the same prefixfrom different links for the same prefix• Multiple labels may be imposed, forming the Multiple labels may be imposed, forming the
label stacklabel stack• Label bottom indicated by “s” bitLabel bottom indicated by “s” bit• Label stacking allows special MPLS applications Label stacking allows special MPLS applications
(VPNs etc.)(VPNs etc.)• Packet switching is always based on the label on the Packet switching is always based on the label on the
top of stacktop of stack
14© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS headerMPLS header• Between L2 and L3 headerBetween L2 and L3 header
• MPLS header presence indicated in EtherType/PPP MPLS header presence indicated in EtherType/PPP Protocol ID/Frame Relay NLPIDProtocol ID/Frame Relay NLPID
• 4 octets (32b)4 octets (32b)• 20 bits – label value20 bits – label value• 3 bits Exp (experimental) – used for QoS today3 bits Exp (experimental) – used for QoS today• 8 bits MPLS TTL (Time to Live)8 bits MPLS TTL (Time to Live)• 1 bit – “S bit” – indicates bottom of stack1 bit – “S bit” – indicates bottom of stack
15© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS Operation – basic IP routingMPLS Operation – basic IP routing• Standard IP routing protocol used in MPLS routing domain Standard IP routing protocol used in MPLS routing domain
• (OSPF, IS-IS, …)(OSPF, IS-IS, …)• <IP prefix, label > mapping created by egress router<IP prefix, label > mapping created by egress router
• i.e. router at MPLS domain edge used as exit point for that IP prefixi.e. router at MPLS domain edge used as exit point for that IP prefix• Label distribution protocols used to distribute label bindings for IP Label distribution protocols used to distribute label bindings for IP
prefixes between adjacent neighborsprefixes between adjacent neighbors• label has local significancelabel has local significance
• Ingress LSR receives IP packetsIngress LSR receives IP packets• Performs classification and assigns labelPerforms classification and assigns label• Forwards labeled packet to MPLS coreForwards labeled packet to MPLS core
• Core LSRs switch labeled packets based on label valueCore LSRs switch labeled packets based on label value• Egress router removes label before forwarding packet out of MPLS Egress router removes label before forwarding packet out of MPLS
domaindomain• performs normal L3 routing table lookupperforms normal L3 routing table lookup
16© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS and IP routing interaction in LSRMPLS and IP routing interaction in LSR
IP routing tableIP routing table
IP routing processIP routing process
MPLS Signalling protocolMPLS Signalling protocol
Label forwarding tableLabel forwarding table
routing informationrouting information exchange exchange
(routing protocol)(routing protocol)
label bindingslabel bindingsexchangeexchange
Outgoing Outgoing labeledlabeled packets packets
IncomingIncominglabeledlabeledpacketspackets
IncomingIncomingunlabeledunlabeled
packetspackets OutgoingOutgoingunlabelledunlabelled packets packets
Control planeControl plane
Data planeData plane
17© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Interaction of neighboring MPLS LSRsInteraction of neighboring MPLS LSRs
Routing informationRouting informationexchangeexchange
label bindingslabel bindingsexchangeexchange
Labeled packetsLabeled packets
IP routing tableIP routing table
IP routingIP routingprocessprocess
MPLS SignallingMPLS SignallingProtocolProtocol
Label forwardingLabel forwardingtabletable
IP routing tableIP routing table
IP routingIP routingprocessprocess
MPLS SignallingMPLS SignallingProtocolProtocol
Label forwardingLabel forwardingtabletable
18© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Operation of edge LSROperation of edge LSR
IP routing tableIP routing table
IP routing processIP routing process
MPLS Signalling protocolMPLS Signalling protocol
Label forwarding tableLabel forwarding table
routing informationrouting informationexchanexchangege
label bindingslabel bindingsexchangeexchange
OutgoingOutgoinglabeledlabeledpacketspackets
IncomingIncomingunlabeledunlabeled
packetspackets
OutgoingOutgoingunlabeledunlabeledpacketspackets
IP forwarding tableIP forwarding table
Label dispositionLabel disposition and L3 lookup and L3 lookupIncomingIncoming
labeledlabeledpacketspackets
ResolvingResolvingof recursiveof recursiveroutesroutes
19© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Penultimate hop behaviorPenultimate hop behaviorLabel at the top of label stack is removed not by egress routes at MPLS domain edge (as Label at the top of label stack is removed not by egress routes at MPLS domain edge (as
could be expected), but by it’s upstream neighbor (penultimate hop)could be expected), but by it’s upstream neighbor (penultimate hop)• On egress router, packet could not be label-switched anywayOn egress router, packet could not be label-switched anyway• Egress router has to perform L3 lookup to find more specific routeEgress router has to perform L3 lookup to find more specific route
• commonly, egress router advertises single label for summary routecommonly, egress router advertises single label for summary route• Label-based lookup and disposition of label imposed by egress router’s upstream Label-based lookup and disposition of label imposed by egress router’s upstream
neighbor would introduce unnecessary overheadneighbor would introduce unnecessary overhead• For that reason, upstream neighbor of egress router always pops label and sends For that reason, upstream neighbor of egress router always pops label and sends
packet to egress router unlabeledpacket to egress router unlabeled• Egress LSR requests popping of label through label distribution protocolEgress LSR requests popping of label through label distribution protocol
• advertises “implicit-null” label for particular FECadvertises “implicit-null” label for particular FEC
20© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Label Bindings DistributionLabel Bindings Distribution
21© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Label Distribution Protocol Label Distribution Protocol FunctionalityFunctionality
• Used to advertise Used to advertise <<IPIP__prefixprefix,, label label>> bindingbindingss• Still not available for IPv6 on most of platformsStill not available for IPv6 on most of platforms
• Used to create Used to create LLabel abel Information Base (LIB)Information Base (LIB) and and Label Label FForwarding orwarding IInformation nformation BBase ase (LFIB)(LFIB)• LIB maintains all prefixes advertised by MPLS neighborsLIB maintains all prefixes advertised by MPLS neighbors• FIB (HW copy of routing table) may contain label to be imposed FIB (HW copy of routing table) may contain label to be imposed
for particular destination networkfor particular destination network• LFIB maintains only labels advertised by next hops for individual LFIB maintains only labels advertised by next hops for individual
prefixesprefixes• i.e. those actually used for label switchingi.e. those actually used for label switching• next-hop determined by traditional IGP next-hop determined by traditional IGP
LFIB used for actual label switching, LIB maintains labels which may be LFIB used for actual label switching, LIB maintains labels which may be useful if IGP routes changeuseful if IGP routes change
22© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Label Retention ModesLabel Retention Modes• Liberal mode (mostly used in Frame mode)Liberal mode (mostly used in Frame mode)
• LSR retains labels for FEC from all neighborsLSR retains labels for FEC from all neighbors• Requires more memory and label spaceRequires more memory and label space• Improves latency after IP routing paths changeImproves latency after IP routing paths change
• Conservative modeConservative mode• Only labels from next-hop for IP prefix are Only labels from next-hop for IP prefix are
maintainedmaintained• next-hop determined from IP routing protocolnext-hop determined from IP routing protocol
• Saves memory and label spaceSaves memory and label space
23© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Label Distribution ModesLabel Distribution Modes
• Independent LSP controlIndependent LSP control• LSR binds labels to FECs and advertises them LSR binds labels to FECs and advertises them
whether or not the LSR itself has received a label whether or not the LSR itself has received a label from it’s next-hop for that FECfrom it’s next-hop for that FEC
• Most common in MPLS frame modeMost common in MPLS frame mode
• Ordered LSP controlOrdered LSP control• LSR only binds and advertises label for FEC ifLSR only binds and advertises label for FEC if
- it is the egress LSR for that FECit is the egress LSR for that FEC- it received a label binding from next-hop LSRit received a label binding from next-hop LSR
24© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Label allocationLabel allocation
• Per device / per interfacePer device / per interface• For all or just for specified prefixesFor all or just for specified prefixes• Label range may be explicitly specifiedLabel range may be explicitly specified
25© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Protocols for Label DistributionProtocols for Label Distribution• Label Distribution Protocol (LDP) – IETFLabel Distribution Protocol (LDP) – IETF standard standard
• TCP port 646TCP port 646• RSVP-TERSVP-TE
• used for MPLS traffic engineeringused for MPLS traffic engineering• BGPBGP
• implements MPLS VPNs (peer model)implements MPLS VPNs (peer model)• PIMPIM
• enables MPLS-based multicastsenables MPLS-based multicasts
• Tag Distribution Protocol (TDP) – Cisco proprietary, obsoleteTag Distribution Protocol (TDP) – Cisco proprietary, obsolete• LDP predecestorLDP predecestor• TCP port 711TCP port 711
Label bindings are exchanged Label bindings are exchanged between neighboring routersbetween neighboring routers• in special cases also between non-neighboring routers in special cases also between non-neighboring routers
• ““targeted LDP” session – e.g. MPLS-based pseudowiretargeted LDP” session – e.g. MPLS-based pseudowire
26© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Label Distribution Protocol (LDP): Label Distribution Protocol (LDP): Message TypesMessage Types
• Discovery messages (hellos)Discovery messages (hellos)• UDP/646UDP/646• Used to discover and continually check for presence of LDP Used to discover and continually check for presence of LDP
peerspeers
• Once a neighbor is discovered, LDP session is Once a neighbor is discovered, LDP session is established over TCP/646established over TCP/646• messages to establish, maintain and terminate sessionmessages to establish, maintain and terminate session• label mappings advertisement messages label mappings advertisement messages
• create, modify, deletecreate, modify, delete
• error notification messageerror notification message• LDP Neighbor IDLDP Neighbor ID
• Corresponding address must be reachable from LDP peerCorresponding address must be reachable from LDP peer
27© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Frame-mode Label Distribution (LDP)Frame-mode Label Distribution (LDP)• Unsolicited downstreamUnsolicited downstream
• Labels distributed automatically to upstream neighborsLabels distributed automatically to upstream neighbors• Downstream LSR advertises labels for particular FECs to the Downstream LSR advertises labels for particular FECs to the
upstream neighborupstream neighbor• Independent control of label assignmentIndependent control of label assignment
• Label assigned as soon as new IP prefix appears in IP routing table Label assigned as soon as new IP prefix appears in IP routing table (may be limited by ACL)(may be limited by ACL)• Mapping stored into LIBMapping stored into LIB
• LSR may send (switch) labeled packets to next hop even if next-LSR may send (switch) labeled packets to next hop even if next-hop itself does not have label for switching that FEC furtherhop itself does not have label for switching that FEC further
• Liberal retention mode Liberal retention mode • All received label mappings are retainedAll received label mappings are retained
28© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS ApplicationsMPLS Applications
IP header and forwarding decision decoupling allows for IP header and forwarding decision decoupling allows for better flexibility and new applicationsbetter flexibility and new applications
29© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Some Popular MPLS Some Popular MPLS ApplicationsApplications
• BGP-Free coreBGP-Free core• 6PE/6VPE6PE/6VPE• Carrier Supporting CarrierCarrier Supporting Carrier• MPLS Traffic engineeringMPLS Traffic engineering• MPLS VPNMPLS VPN• Integration of IP and ATMIntegration of IP and ATM
• or with other connection-oriented networkor with other connection-oriented network
30© 2005 Petr Grygarek, Advanced Computer Networks Technologies
BGP-Free CoreBGP-Free Core• Design of transit AS without BGP running on transit Design of transit AS without BGP running on transit
(internal) routers(internal) routers• BGP sessions between PE routers onlyBGP sessions between PE routers only
• full mesh or using route reflector(s)full mesh or using route reflector(s)
• P routers know only routes to networks in the coreP routers know only routes to networks in the core• including PE loopback interfacesincluding PE loopback interfaces
• LDP creates LSPs into individual networks in the core LDP creates LSPs into individual networks in the core (including PEs' loopbacks)(including PEs' loopbacks)
• PEs' loopbacks are used as next hops of BGP routes PEs' loopbacks are used as next hops of BGP routes passed between PE routerspassed between PE routers
31© 2005 Petr Grygarek, Advanced Computer Networks Technologies
6PE (1)6PE (1)• Interconnection of IPv6 islands over MPLS Interconnection of IPv6 islands over MPLS
non-IPv6-aware corenon-IPv6-aware core• PE routers has to support both IPv6 and IPv4, but P routers do PE routers has to support both IPv6 and IPv4, but P routers do
not need to be upgraded (can be MPLS + IPv4 only)not need to be upgraded (can be MPLS + IPv4 only)• Outer label identifies destination PE router (IPv4 BGP next hop), Outer label identifies destination PE router (IPv4 BGP next hop),
inner label identifies particular IPv6 routeinner label identifies particular IPv6 route• Inner label serves as 'index' into egress PE's IPv6 routing tableInner label serves as 'index' into egress PE's IPv6 routing table• IPv6 prefixes plus associated (inner) labels are passed between PE IPv6 prefixes plus associated (inner) labels are passed between PE
routers through MP-BGP (using TCP/IPv4)routers through MP-BGP (using TCP/IPv4)• Inner label needed because of PHP, even if egress PE needs to Inner label needed because of PHP, even if egress PE needs to
do IPv6 route table lookup anywaydo IPv6 route table lookup anyway• penultimate hop cannot handle now exposed IPv6 headerpenultimate hop cannot handle now exposed IPv6 header• Technical implementation: inner label not unique per-route, but one of 16 reserved labels Technical implementation: inner label not unique per-route, but one of 16 reserved labels
is chosenis chosen• single reserved value is not enough because of load balancingsingle reserved value is not enough because of load balancing
32© 2005 Petr Grygarek, Advanced Computer Networks Technologies
6PE (2)6PE (2)• BGP Next Hop attribute is the IPv4-mapped IPv6 address of BGP Next Hop attribute is the IPv4-mapped IPv6 address of
egress 6PE routeregress 6PE router• Only LDP for IPv4 is requiredOnly LDP for IPv4 is required
• LDP for IPv6 not implemented yetLDP for IPv6 not implemented yet• Does not support multicast trafficDoes not support multicast traffic• Only proposed standard – RFC 4798 (Cisco, 2007), but Only proposed standard – RFC 4798 (Cisco, 2007), but
implemented by multiple vendorsimplemented by multiple vendors• See See
http://www.netmode.ntua.gr/Presentations/6PE%20-%20IPv6%20over%20MPLS%20(cisco%20expo%2005).pdfhttp://www.netmode.ntua.gr/Presentations/6PE%20-%20IPv6%20over%20MPLS%20(cisco%20expo%2005).pdf for further details for further details
33© 2005 Petr Grygarek, Advanced Computer Networks Technologies
6VPE6VPE
• VRF-aware 6PEVRF-aware 6PE• Allows to build MPLS IPv6 VPNs on IPv4-only Allows to build MPLS IPv6 VPNs on IPv4-only
MPLS coreMPLS core• See See
http://sites.google.com/site/amitsciscozone/hohttp://sites.google.com/site/amitsciscozone/home/important-tips/mpls-wiki/6vpe-ipv6-over-me/important-tips/mpls-wiki/6vpe-ipv6-over-mpls-vpn for configuration example (Cisco)mpls-vpn for configuration example (Cisco)
34© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Carrier Supporting Carrier (1)Carrier Supporting Carrier (1)• Hierarchical application of label switching conceptHierarchical application of label switching concept• A MPLS super-carrier provides connectivity between A MPLS super-carrier provides connectivity between
regions (POPs) for others MPLS-based customer regions (POPs) for others MPLS-based customer carrierscarriers• Concept of MPLS VPN in super-carrier networksConcept of MPLS VPN in super-carrier networks• CSC-P, CSC-PE, CSC-CECSC-P, CSC-PE, CSC-CE• Customer carriers regions may also implement MPLS Customer carriers regions may also implement MPLS
VPNVPN• or be pure IP networksor be pure IP networks
• Enables “global” MPLS/VPNEnables “global” MPLS/VPN
35© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Carrier Supporting Carrier (2)Carrier Supporting Carrier (2)
• Utilizes label stack with multiple labelsUtilizes label stack with multiple labels• sub-carrier's labels are untouched during transport sub-carrier's labels are untouched during transport
over super-carrierover super-carrier
• Customer carriers do not exchange their Customer carriers do not exchange their customer's routes with super-carriercustomer's routes with super-carrier• Just loopback interfaces of PE routersJust loopback interfaces of PE routers
36© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS Traffic EngineeringMPLS Traffic Engineering
37© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS TE GoalsMPLS TE Goals• Minimizes network congestion, improve Minimizes network congestion, improve
network performancenetwork performance• Spreads flows to multiple pathsSpreads flows to multiple paths
• i.e. diverges them from “shortest” path calculated by i.e. diverges them from “shortest” path calculated by IGPIGP
• More efficient network resource usageMore efficient network resource usage
38© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS TE PrincipleMPLS TE Principle• Originating LSR (headend) sets up a TE LSP to Originating LSR (headend) sets up a TE LSP to
terminating LSR (tailend) through a explicitly terminating LSR (tailend) through a explicitly specified pathspecified path• defined by sequence of intermediate LSRsdefined by sequence of intermediate LSRs• either strict or loose explicit routeeither strict or loose explicit route• dynamic (IGP-based path is also an option)dynamic (IGP-based path is also an option)
• LSP is calculated automatically using constraint-LSP is calculated automatically using constraint-based routing based routing • or manually using some sort of central management or manually using some sort of central management
tool in large networkstool in large networks
39© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS-TE MechanismsMPLS-TE Mechanisms• Link information distributionLink information distribution• Path computation (constrained SPF)Path computation (constrained SPF)• LSP signallingLSP signalling
• RSVPRSVP-TE accomplishes-TE accomplishes label assignment during MPLS label assignment during MPLS tunnel creationtunnel creation
• signalling needed even if path calculation is performed signalling needed even if path calculation is performed manuallymanually
• Selection of traffic that will take the TE-LSPSelection of traffic that will take the TE-LSP• by QoS class or another policy routing criteriaby QoS class or another policy routing criteria• static routes, policy routing, autoroute, forwarding static routes, policy routing, autoroute, forwarding
adjacency, ...adjacency, ...
40© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Link Information DistributionLink Information Distribution• Utilizes extensions of OSPF or IS-IS to distribute links’ Utilizes extensions of OSPF or IS-IS to distribute links’
current states and attributescurrent states and attributes• OSPF LSA type 10 (opaque)OSPF LSA type 10 (opaque)• Maximum bandwidth, reservable bandwidth, available bandwidth, Maximum bandwidth, reservable bandwidth, available bandwidth,
flags (aka attributes or colors), TE metricflags (aka attributes or colors), TE metric
• Constraint-based routingConstraint-based routing• Takes into account links’ current states and attributes when Takes into account links’ current states and attributes when
calculating routescalculating routes• ““Constraint-based SPF” calculation excludes links that do not Constraint-based SPF” calculation excludes links that do not
comply with required LSP parameterscomply with required LSP parameters• bandwidth, affinity bits (link “colors”), …bandwidth, affinity bits (link “colors”), …
• Uses TE-metric instead of IGP metric if defined on individual linksUses TE-metric instead of IGP metric if defined on individual links
41© 2005 Petr Grygarek, Advanced Computer Networks Technologies
RSVP SignallingRSVP Signalling• Resource reSerVation Protocol (RFC 2205) was Resource reSerVation Protocol (RFC 2205) was
originally developed in connection with IntServ, originally developed in connection with IntServ, but should be understood as completely but should be understood as completely independent signalling protocolindependent signalling protocol
• Reserves resources for unidirectional Reserves resources for unidirectional (unicast/multicast) L4 flows(unicast/multicast) L4 flows• soft-statesoft-state
• May be used with MPLS/TE to signal DiffServ May be used with MPLS/TE to signal DiffServ QoS PHB over the pathQoS PHB over the path
42© 2005 Petr Grygarek, Advanced Computer Networks Technologies
RSVP MessagesRSVP Messages
• Message Header (message type)Message Header (message type)• Resv, Path, ResvConfirm, ResvTeardown Resv, Path, ResvConfirm, ResvTeardown
PathTeardown, PathErr,ResvErrPathTeardown, PathErr,ResvErr
• Variable number of objects of various classesVariable number of objects of various classes• TLVsTLVs• including sub-objectsincluding sub-objects
• Support for message authentication and integrity Support for message authentication and integrity checkcheck
43© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Basic RSVP OperationBasic RSVP Operation• PATH message travels from sender to receiver(s) PATH message travels from sender to receiver(s)
• from TE tunnel headend to tailend in our casefrom TE tunnel headend to tailend in our case• allows intermediate nodes to build soft-state information allows intermediate nodes to build soft-state information
regarding particular sessionregarding particular session• includes flow characteristics (flowspec)includes flow characteristics (flowspec)
• RESV message travels from receiver interested in RESV message travels from receiver interested in resource reservation towards the senderresource reservation towards the sender• from TE tunnel tailend back to headendfrom TE tunnel tailend back to headend• actually causes reservation of intermediate nodes' resourcesactually causes reservation of intermediate nodes' resources• provides labels to upstream routersprovides labels to upstream routers
• Soft state has to be periodically renewedSoft state has to be periodically renewed
44© 2005 Petr Grygarek, Advanced Computer Networks Technologies
LSP PreemptionLSP Preemption
• Support for creation of LSPs of different priorities with Support for creation of LSPs of different priorities with preemption optionpreemption option• setup and holding prioritysetup and holding priority
• setup priority is compared with holding priority of existing LSPssetup priority is compared with holding priority of existing LSPs
• 0 (best) – 7 (worst)0 (best) – 7 (worst)
• Preemption modesPreemption modes• Hard – just tears preempted LSP downHard – just tears preempted LSP down• Soft – signalls pending preemption to the headend Soft – signalls pending preemption to the headend
(PathTear/ResvTear) of existing LSP to give it an (PathTear/ResvTear) of existing LSP to give it an opportunity to reroute trafficopportunity to reroute traffic
45© 2005 Petr Grygarek, Advanced Computer Networks Technologies
LSP Path Calculation in Multiarea LSP Path Calculation in Multiarea EnvironmentEnvironment
• Splitting network into multiple areas limits state Splitting network into multiple areas limits state information floodinginformation flooding
• Headend specifies path to route LSP setup Headend specifies path to route LSP setup requests using list of ABRsrequests using list of ABRs• loose routingloose routing
• Each ABR calculates and reserves path over Each ABR calculates and reserves path over connected area and requests another ABR on connected area and requests another ABR on the path to take care of next sectionthe path to take care of next section
• In practise, service providers prefer flat core In practise, service providers prefer flat core network (OSPF area0 / L2-only IS-IS)network (OSPF area0 / L2-only IS-IS)
46© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Dynamic routing & TE tunnelsDynamic routing & TE tunnels• Autoroute – all destinations located behind TE Autoroute – all destinations located behind TE
tunnel endopoint are directed to TE tunnel tunnel endopoint are directed to TE tunnel interface (unidirectional)interface (unidirectional)• tunnel's metric normally corresponds to IGP metric tunnel's metric normally corresponds to IGP metric
between headend and tailend between headend and tailend • shortest path, regardless of actual tunnel pathshortest path, regardless of actual tunnel path
• Logic local to tunnel headend routerLogic local to tunnel headend router
• Forwarding adjacencyForwarding adjacency• Headend-tailend link (TE tunnel) is propagated into Headend-tailend link (TE tunnel) is propagated into
OSPF/IS-IS databaseOSPF/IS-IS database• Needs to be configured both on headend and tailendNeeds to be configured both on headend and tailend
47© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS Fast RerouteMPLS Fast Reroute
• In case of node or link failure, backup LSP may In case of node or link failure, backup LSP may be automatically initiated (in tens of be automatically initiated (in tens of milliseconds)milliseconds)• 50 ms failover is a goal (compare to SDH)50 ms failover is a goal (compare to SDH)
• Fast Reroute option must be requested during Fast Reroute option must be requested during LSP setupLSP setup
• Global or Local restorationGlobal or Local restoration• Similar functionality exists in IP-only Similar functionality exists in IP-only
environment (IP Fast Reroute)environment (IP Fast Reroute)
48© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Fast Reroute - Global restorationFast Reroute - Global restoration
• New LSP is set up by headendNew LSP is set up by headend• LSP failure is signalled to the headend by PathErr LSP failure is signalled to the headend by PathErr
RSVP messageRSVP message• Headend has the most complete routing constraints Headend has the most complete routing constraints
information to establish a new LSPinformation to establish a new LSP
• Backup tunnel can be pre-signalled or signalled Backup tunnel can be pre-signalled or signalled when primary tunnel goes downwhen primary tunnel goes down• latter option incurs tunnel break detection and latter option incurs tunnel break detection and
signalling delayssignalling delays
49© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Fast Reroute - Local restorationFast Reroute - Local restoration• ““Detour” LSP around failed link/nodeDetour” LSP around failed link/node• LSR that detected the failure (called Point of Local Repair) start LSR that detected the failure (called Point of Local Repair) start
to use alternative LSPto use alternative LSP• Detour LSPs are manually preconfigured or precalculated dynamically by Detour LSPs are manually preconfigured or precalculated dynamically by
Point of Local Repair and pre-signalledPoint of Local Repair and pre-signalled
• ““Detour” joins back the original LSP at the Merge PointDetour” joins back the original LSP at the Merge Point• i.e. at Next hop for link protection, Next Next hop for Node protection i.e. at Next hop for link protection, Next Next hop for Node protection • Facility Backup (commonly used) - double labeling is used on detour pathFacility Backup (commonly used) - double labeling is used on detour path
• external tag is dropped before packet enters Merge Pointexternal tag is dropped before packet enters Merge Point• packets arrive to the Merge Point with the same label as they would if they packets arrive to the Merge Point with the same label as they would if they
came along original LSP (just from different interface)came along original LSP (just from different interface)• Different input interface is not an issue as labels are allocated per-Different input interface is not an issue as labels are allocated per-
platform, not per-interfaceplatform, not per-interface• One-to-One backup One-to-One backup
• does not use label stackingdoes not use label stacking• Each LSP has it’s own backup pathEach LSP has it’s own backup path
50© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS QoSMPLS QoS
51© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS and DiffservMPLS and Diffserv• LSR uses the same mechanism as traditional router to LSR uses the same mechanism as traditional router to
implement different Per-Hop Behaviors (PHBs)implement different Per-Hop Behaviors (PHBs)• 2 types of LSPs (may coexist on single network):2 types of LSPs (may coexist on single network):
• EXP-inferred LSPs (mostly used)EXP-inferred LSPs (mostly used)• can transport multiple traffic classes simultaneouslycan transport multiple traffic classes simultaneously• EXP bits in shim header used to hold DSCP valueEXP bits in shim header used to hold DSCP value• Map between EXP and PHB signaled during LSP setupMap between EXP and PHB signaled during LSP setup
• extension of LDP and RSVP (new TLV defined)extension of LDP and RSVP (new TLV defined)
• Label-inferred LSPsLabel-inferred LSPs• can transport just one traffic classcan transport just one traffic class• Fixed mapping of <DSCP, EXP> to PHB standardizedFixed mapping of <DSCP, EXP> to PHB standardized
52© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Diffserv Tunneling over MPLSDiffserv Tunneling over MPLS
There are two markings of the packet (EXP, There are two markings of the packet (EXP, DSCP). There are different models to handle DSCP). There are different models to handle interaction between multiple markings.interaction between multiple markings.
• Pipe model Pipe model • transfers IP DSCP marking untouched transfers IP DSCP marking untouched • useful for interconnection of two Diffserv domains useful for interconnection of two Diffserv domains
using MPLSusing MPLS• Uniform ModelUniform Model
• Uniform customer and provider QoS modelsUniform customer and provider QoS models• makes LSP an extension of DiffServ domainmakes LSP an extension of DiffServ domain
53© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS VPNsMPLS VPNs
54© 2005 Petr Grygarek, Advanced Computer Networks Technologies
VPNVPN Implementation Options Implementation OptionsSolution to implement potentiallySolution to implement potentially overlapping address spaces overlapping address spaces of of
independent customers:independent customers:
• Overlay modelOverlay model• Infrastructure provides tunells between Infrastructure provides tunells between CPE CPE routersrouters
• FRFR/ATM virtual circuits, IP tunnels (GRE, IPSec, …)/ATM virtual circuits, IP tunnels (GRE, IPSec, …)
• Peer-to-peer modelPeer-to-peer model• Provider edge router exchange routing information with customer Provider edge router exchange routing information with customer
edge routeredge router• Customer routes in service provider’s IGPCustomer routes in service provider’s IGP
• Need to solve VPN separation and overlapping customer addressingNeed to solve VPN separation and overlapping customer addressing• traditionally by complicated filteringtraditionally by complicated filtering
• Optimal routing between customer sites through shared Optimal routing between customer sites through shared infrastructureinfrastructure• data don’t need to follow tunnel pathsdata don’t need to follow tunnel paths
55© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS VPN Basic PrinciplesMPLS VPN Basic Principles• MPLS helps to separate traffic from different VPNs without usage of MPLS helps to separate traffic from different VPNs without usage of
overlay model tunneling techniques overlay model tunneling techniques • Routes from different VPNs kept separated, multiple routing tables Routes from different VPNs kept separated, multiple routing tables
implemented at edge routers (one for each VPN)implemented at edge routers (one for each VPN)• Uses MPLS label stack: outer label identifies egress edge router, inner Uses MPLS label stack: outer label identifies egress edge router, inner
label identifies VPNlabel identifies VPN• single route in particular VPNsingle route in particular VPN
• To allow propagation of IP prefixes from all VPNs to the core, To allow propagation of IP prefixes from all VPNs to the core, potentially overlapping addresses of separated VPNs is made unique potentially overlapping addresses of separated VPNs is made unique with Route Distinguisher (different for every VPN)with Route Distinguisher (different for every VPN)• Those “IP-VPN” (VPNv4) addresses are propagated between PE routers using Those “IP-VPN” (VPNv4) addresses are propagated between PE routers using
extended BGP (Multiprotocol BGP, MP-BGP)extended BGP (Multiprotocol BGP, MP-BGP)• New address family: VPNv4 address = RD + IPv4 addressNew address family: VPNv4 address = RD + IPv4 address
• MP-BGP also distributes (inner) labels identifying particular route in target VRF MP-BGP also distributes (inner) labels identifying particular route in target VRF at egress edge router (using BGP attributes)at egress edge router (using BGP attributes)
• MP-BGP runs only between PEs, Ps are not involved at allMP-BGP runs only between PEs, Ps are not involved at all
56© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS VPN advantagesMPLS VPN advantages
• Integrates advantages of overlay and peer-to-Integrates advantages of overlay and peer-to-peer modelpeer model• Overlay model advantages:Overlay model advantages:
• security and customer isolationsecurity and customer isolation
• Peer-to-peer model advantages:Peer-to-peer model advantages:• routing optimalityrouting optimality• Simplicity of new CPEs additionSimplicity of new CPEs addition
57© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS VPN ImplementationMPLS VPN Implementation• VPN defined as set of sites sharing the same routing informationVPN defined as set of sites sharing the same routing information
• Site may belong to multiple VPNsSite may belong to multiple VPNs• Multiple sites (from different VPNs) may be connected to the Multiple sites (from different VPNs) may be connected to the
same PE routersame PE router• PE routers maintains only routes for connected VPNs and PE routers maintains only routes for connected VPNs and
backbone routes needed to reach other PEsbackbone routes needed to reach other PEs• Increases scalabilityIncreases scalability• Decreases performance requirements of PE routerDecreases performance requirements of PE router
• PE router uses IP at customer network interface(s) and MPLS at PE router uses IP at customer network interface(s) and MPLS at backbone interfacesbackbone interfaces
• Backbone (P routers) uses only label switchingBackbone (P routers) uses only label switching• IGP routing protocol used only to establish optimal label switch paths IGP routing protocol used only to establish optimal label switch paths
between PEsbetween PEs• Utilizes MPLS label stackUtilizes MPLS label stack
• Inner label identifies VPN/VRF (or particular route in destination VRF)Inner label identifies VPN/VRF (or particular route in destination VRF)• Outer label identifies egress LSROuter label identifies egress LSR
58© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Routing information exchangeRouting information exchange
• P-P and P-PE routers P-P and P-PE routers • Using IGPUsing IGP• Needed to determine paths between PEs over MPLS Needed to determine paths between PEs over MPLS
backbonebackbone
• PE-PE routers (non-adjacent)PE-PE routers (non-adjacent)• Using MP-iBGP sessionsUsing MP-iBGP sessions• Needed to exchange routing information between Needed to exchange routing information between
routing tables (VRFs) for particular VPNrouting tables (VRFs) for particular VPN
59© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Routing information in PE routersRouting information in PE routers
PE routers maintain multiple separated routing tablesPE routers maintain multiple separated routing tables• Global routing table – filled with backbone routes Global routing table – filled with backbone routes
(from IGP)(from IGP)• allows to reach other PE routersallows to reach other PE routers
• VRF (VPN routing & forwarding)VRF (VPN routing & forwarding)• Separate routing tables for individual VPNsSeparate routing tables for individual VPNs• Every router interface assigned to a single VRFEvery router interface assigned to a single VRF• VRF instance can be seen as virtual routerVRF instance can be seen as virtual router
60© 2005 Petr Grygarek, Advanced Computer Networks Technologies
VPN routing and forwardingVPN routing and forwarding
VRF = virtual routerVRF = virtual router
PEPE PP
VPN A CEVPN A CE
VPN A CEVPN A CE
VPN B CEVPN B CE
VRF AVRF A
VRF BVRF B
VPN B CEVPN B CE
VRF for VPN BVRF for VPN B
VRF for VPN AVRF for VPN A
MPLS domainMPLS domain
61© 2005 Petr Grygarek, Advanced Computer Networks Technologies
VRF usageVRF usage
CECE
CECE PEPE
CECE
PP
VPN AVPN A
VPN AVPN A
VPN BVPN B
VRF AVRF A
VRF BVRF B
VPN BVPN B
PEPE
CECE
CECE
VPN AVPN A
VPN BVPN BCECE
CECE
VPN AVPN A
PEPE
packetpacket
62© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS VPN exampleMPLS VPN example
10.0.0.1/24
S0I-PE
Customer AG-P
S0S1/0 S1/1e0 e0
e1 e1
10.0.0.1/24
Customer A Customer B
Customer B
J-PE
10.0.1.1/24
10.0.2.1/24
1.0.0.0/24 2.0.0.0/24
.1.1 .2 .2
OSTRAVA TACHOV
MPLS Core
63© 2005 Petr Grygarek, Advanced Computer Networks Technologies
VPN Route Distinguishing and VPN Route Distinguishing and Exchange Between PEsExchange Between PEs
10.0.0.1/24
S0I-PE
Customer AG-P
S0S1/0 S1/1e0 e0
e1 e1
10.0.0.1/24
Customer A Customer B
Customer B
J-PE
10.0.1.1/24
10.0.2.1/24
1.0.0.0/24 2.0.0.0/24
.1.1 .2 .2lo0 lo03.0.0.1/32 3.0.0.2/32
VRFCustomerA-I
VRFCustomerA-JVRF
CustomerB-I
VRFCustomerB-J
RD 100:2RT 100:20
RD 100:2RT 100:20
RD 100:1RT 100:10
RD 100:1RT 100:10
OSTRAVA TACHOV
MPLS CoreIGP (OSPF, IS-IS, …)
MP-BGP
64© 2005 Petr Grygarek, Advanced Computer Networks Technologies
PEPE--toto--PE PE VPN Route PropagationVPN Route Propagation
• PE router exports information from VRF to MP-BGPPE router exports information from VRF to MP-BGP• prefix uniqueness ensured using Route Distinguisher (64bit ID)prefix uniqueness ensured using Route Distinguisher (64bit ID)• VPN-V4 prefix = RD VPN-V4 prefix = RD + IPv4 prefix+ IPv4 prefix• Route exported with source VRF ID (route target)Route exported with source VRF ID (route target)
• MMultiprotocol (Multiprotocol (MPP) i) iBGP session between PE routersBGP session between PE routers over over MPLS backbone (P routers)MPLS backbone (P routers)• Full mesh (route reflectors often used)Full mesh (route reflectors often used)• Propagates VPNv4 routesPropagates VPNv4 routes• BGP attributes identify site-of-origin and route target(s)BGP attributes identify site-of-origin and route target(s)
• Opposite Opposite PE router imports information from MP-BGP into PE router imports information from MP-BGP into VRFVRF• routes imported into particular VRFs according to BGP Route Target routes imported into particular VRFs according to BGP Route Target
attribute valuesattribute values
65© 2005 Petr Grygarek, Advanced Computer Networks Technologies
MPLS VPN BGP attributesMPLS VPN BGP attributes
• Site of Origin (SOO)Site of Origin (SOO)• Identifies site where the route originated fromIdentifies site where the route originated from
• avoids loopsavoids loops
• Route TargetRoute Target• In fact, it identifies source VRFIn fact, it identifies source VRF• Each VRF may configure which RT(s) it importEach VRF may configure which RT(s) it import
66© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Customer route advertisement from PE Customer route advertisement from PE router (MP-BGP)router (MP-BGP)
• PE router assigns RT, RD based on source VRF and PE router assigns RT, RD based on source VRF and SOOSOO
• PE router assigns VPN (MPLS) labelPE router assigns VPN (MPLS) label• Identifies particular VPN route (in VPN site’s routing Identifies particular VPN route (in VPN site’s routing
table, i.e. in VRF)table, i.e. in VRF)• Used as second label in the label stackUsed as second label in the label stack
• Top-of-stack label identify egress PE routerTop-of-stack label identify egress PE router
• Route’s next-hop rewritten to advertising PE router Route’s next-hop rewritten to advertising PE router loopback interfaceloopback interface
• MP-iBGP update sent to other PE routersMP-iBGP update sent to other PE routers
67© 2005 Petr Grygarek, Advanced Computer Networks Technologies
CECE to to PEPE routing information exchangerouting information exchange• CE router always exchanges routes with VRF CE router always exchanges routes with VRF
assigned to interface connecting that CE routerassigned to interface connecting that CE router• Static routing or directStatic routing or directlly connected networksy connected networks• External BGPExternal BGP• IGP (RIPv2,OSPF)IGP (RIPv2,OSPF)
• Multiple Multiple instances of instances of routing process routing process ((for every VRFfor every VRF) ) are running on PE routerare running on PE router• or separated routing contexts in single or separated routing contexts in single routing routing processprocess
68© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Overlapping of VPNsOverlapping of VPNs
Site (VRF) may belong Site (VRF) may belong to multiple to multiple VPNs provided VPNs provided that there is no addresses overlapthat there is no addresses overlap• Useful for shared server farms, extranets, Internet VRFs Useful for shared server farms, extranets, Internet VRFs
etc.etc.• Multiple RT imports configured for particular VRFMultiple RT imports configured for particular VRF
Typical usages both in SP networks and in DC cores Typical usages both in SP networks and in DC cores
69© 2005 Petr Grygarek, Advanced Computer Networks Technologies
Overlapping VPNs exampleOverlapping VPNs example
10.0.0.1/24
S0I-PE
Customer AG-P
S0S1/0 S1/1e0 e0
e1 e1
10.0.0.1/24
Customer A Customer B
Customer B
J-PE
10.0.1.1/24
10.0.2.1/24
1.0.0.0/24 2.0.0.0/24
.1.1 .2 .2lo0 lo03.0.0.1/32 3.0.0.2/32
VRFCustomerA-I
VRFCustomerA-JVRF
CustomerB-I
VRFCustomerB-J
RD 100:2RT 100:21
RD 100:2RT 100:22
RD 100:1RT 100:11
RD 100:1RT 100::12
OSTRAVA TACHOV