Netmanias.2007.12.13-MPLS Backhaul & Backbone Network Design (en)

About NMC Consulting Group NMC Consulting Group is an advanced and professional network consulting company, specializing in IP network areas (e.g., FTTH, Metro Ethernet and IP/MPLS), service areas (e.g., IPTV, IMS and CDN), and wireless network areas (e.g., Mobile WiMAX, LTE and Wi-Fi) since 2002. Copyright © 2002-2013 NMC Consulting Group. All rights reserved.

www.nmcgroups.com

Netmanias Technical document: MPLS Backhaul & Backbone Network Design

MPLS Backhaul & Backbone Network Design

December 13, 2007

NMC Consulting Group ([email protected])

www.netmanias.com

www.nmcgroups.com

Copyright © 2002-2013 NMC Consulting Group. All rights reserved. 2


Table of Contents

MPLS Backhaul Network

MPLS Backhaul Concept

Backhaul Connectivity for Residential User

Backhaul Connectivity for Enterprise User

Backhaul Network Resiliency

MPLS Backbone Network

MPLS Backbone Concept

MPLS L3 VPN

MPLS L2 VPN: VPWS

MPLS L2 VPN: VPLS

MPLS Fast Recovery



MPLS Backhaul Network



Backhaul Concept

Customer Separation by QinQ and H-VPLS 1 S-VID and 1 VC-LSP per access node for residential user 1 S-VID and 1 VC-LSP per enterprise user

Single backhaul can support

All kinds of access node: xDSL, FTTH, WiBro Residential TPS service and WiBro service Enterprise site-to-site VPN service and Internet service

Dual-homing architecture between AS (CO) and ES (POP) for redundancy

ES (PE) AS (PE)

MPLS Backbone

ER

H-VPLS

Active Spoke LSP

Residential xDSL

FTTH

WiBro

TPS Service

WiBro Service

Enterprise

VPN Service

Internet Service

QinQ

POP CO



VSI

VSI

ADSL2+

Voice PVC (1/35)

Video PVC (1/36)

Internet PVC (1/37)

Mgmt PVC (0/34)

DSLAM RG/IAD

AS (PE)

S-VID=DSLAM ID

Voice VLAN (3)

Video VLAN (4)

Internet VLAN (5)

C-VID=Service ID

OLT PON

ONT

L2 SW BS

ES (PE)

BRAS

ER

QinQ (Per-Access Node VLAN)

H-VPLS

POP

Active Spoke LSP

CO

MTU-S

PE-rs

EMS

Voice VLAN (3)

Video VLAN (4)

Internet VLAN (5)

VC-LSP=Per DSLAM

S-VID=DSLAM ID

GE port

Tunnel-LSP=PE to PE

Voice VLAN (3)

Video VLAN (4)

Internet VLAN (5)

Mgmt VLAN (1000) S-VID=OLT ID/RAS ID

Voice VLAN (3)

Video VLAN (4)

Internet VLAN (5)

C-VID=Service ID

EMS

Voice VLAN (3)

Video VLAN (4)

Internet VLAN (5)

VC-LSP=Per OLT/Per BS

S-VID=OLT ID/RAS ID

GE port

Voice VLAN (3)

Video VLAN (4)

S-VID=DSLAM ID

GE port

Voice VLAN (3)

Video VLAN (4)

S-VID=OLT ID/RAS ID

GE port

Internet VLAN (5)

S-VID=DSLAM ID

GE port

Internet VLAN (5)

S-VID=OLT ID/RAS ID

ER

BRAS

RG/

IAD

PON

CPE

C-VID=Service ID

C-VID=Service ID

C-VID=Service ID

C-VID=Service ID

QinQ QinQ

VSI

VSI

VSI

VSI

VPLS

VPLS

VC-LSP to VSI S-VID to VSI Q-in-Q

Backhaul Connectivity for Residential User



VSI

VSI

VSI

VSI

ADSL2+

DSLAM CE

AS (PE)

S-VID=Enterprise ID (VPN-A)

OLT

L2 SW

ES (PE) ER

QinQ (Per-Enterprise VLAN)

H-VPLS

POP

Active Spoke LSP

CO

MTU-S

PE-rs

VC-LSP=Per Enterprise VPN (VPN-A)


GE port

Tunnel-LSP=PE to PE


GE port

GE port

CPE

CE

QinQ QinQ

VSI

S-VID=Enterprise ID (VPN-B) S-VID=Enterprise ID (VPN-B) S-VID=Enterprise ID (VPN-B)

CPE

VSI

VC-LSP=Per Enterprise VPN (VPN-B)

S-VID=Enterprise ID (VPN-C)

VC-LSP=Per Enterprise VPN (VPN-C)


GE port


CPE

VSI

S-VID=Enterprise ID (VPN-D) S-VID=Enterprise ID (VPN-D) S-VID=Enterprise ID (VPN-D)

CPE

VSI

VC-LSP=Per Enterprise VPN (VPN-D)

ER

VPN-A

VPN-B

VPN-C

VPN-D

C-VID=Defined by User C-VID=Defined by User

VC-LSP to VSI S-VID to VSI Q-in-Q

BS

Backhaul Connectivity for Enterprise User



ER AS

BRAS

AN ES

< Normal >

VRRP Master

Load Balancing

Backhaul Network Resiliency

ER AS

BRAS

AN ES

ER AS

BRAS

AN ES

ER AS

BRAS

AN ES ER AS

BRAS

AN ES

ER AS

BRAS

AN ES

VRRP

Active Spoke LSP

< Link Fail >

< Node Fail >

< Link Fail >

< Node Fail >

VRRP Master

Load Balancing

VRRP Master Load Balancing

VRRP Master

Load Balancing

VRRP Master

RFC 4762: Virtual Private LAN Service (VPLS) Using LDP Signaling, Jan. 2007 RFC 2338: Virtual Router Redundancy Protocol , April 1998



MPLS Backbone Network



MPLS Backbone Concept

Metro Ethernet

Backhaul

Metro Ethernet

Backhaul

PE1.CTY1

PE2.CTY1

Metro Ethernet

Backhaul

PE1.CTY2

PE2.CTY2

PE1.CTY4

PE2.CTY4

PE1.CTY5

PE2.CTY5

PE1.CTY6

PE2.CTY6

PE1.CTY7

PE2.CTY7

Metro Ethernet

Backhaul City 2

Metro Ethernet

Backhaul

Metro Ethernet

Backhaul

City 3

PE1.CTY3

PE2.CTY3

City 4

City 1

Metro Ethernet

Backhaul City 5

City 6

City 7

CR1 CR2

CR3

Metro Ethernet

Backhaul Metro Ethernet

Backhaul

MPLS L3 Internet VPN

MPLS L3 VoIP VPN

MPLS L3 Video VPN

MPLS L3 Enterprise VPN

MPLS L2 VPN (VPWS)

MPLS L2 VPN (VPLS)

MPLS L3 VPN Per-Service VPN

• Internet VPN: Residential ADSL/FTTH/WiBro Internet Access, Enterprise ADSL/FTTB/WiBro Internet Access Service

• Voice MPLS VPN • Video MPLS VPN

Per-Enterprise VPN • Enterprise MPLS L3 VPN

MPLS L2 VPN Per-Enterprise VPN

• Enterprise VPWS VPN • Enterprise VPLS VPN

PE PE



ADSL Case

DSLAM

Residential Internet VLAN

(C-VID=Internet, S-VID=AN1)

Residential Voice VLAN

(C-VID=Voice, S-VID=AN1)

Residential Video VLAN

(C-VID=Video, S-VID=AN1)

MPLS L3 Internet VPN (LSP to BR)

PE/BR PE

BRAS

VRF

PE2

Per-Enterprise VLAN

(C-VID=null, S-VID=Ent. A)

MPLS L3 Internet VPN (LSP to PE:P2P)

MPLS L3 VPN (LSP to PE 2)

VRF

VRF MPLS L3 Voice VPN (LSP to SAR)

MPLS L3 Voice VPN (LSP to PE: Data)

VRF MPLS L3 Video VPN (LSP to SAR)

Per-Enterprise VLAN

(C-VID=null, S-VID=Ent. B) VRF

MPLS L2 VPN (VPWS) Per-Enterprise VLAN

(C-VID=Private Use, S-VID=Ent. C) VSI



Per-Enterprise VLAN

(C-VID=Private Use, S-VID=Ent. D)

Internet PVC (1/37)

Voice PVC (1/35)

Video PVC (1/36)

A Single PVC

A Single PVC

A Single PVC

A Single PVC VSI


PE/SAR PE3

H-VPLS

VRF

VRF

VRF

Residential

Internet Access

Residential

Voice

Residential

Video

Enterprise

Internet Access

Enterprise

L3 VPN

Enterprise

L2 VPN (PtP)

Enterprise

L2 VPN (PtMP)

VRF VRF VRF VRF VRF

VSI VSI VSI VSI VSI VSI

VSI VSI VSI VSI VSI VSI VSI

VRF

VRF

VSI

VSI

VSI

PPPoE

DHCP

DHCP

Static/Public Subnet

Private Addressing and Routing



Per-Service VRF (Internet) VRF

VRF

VRF

Per-Service VRF (Voice)

Per-Service VRF (Video)

AS ES



FTTH Case

OLT


PE/BR PE

BRAS

VRF

PE2

MPLS L3 Internet VPN (LSP to PE:P2P)


VRF




VRF

MPLS L2 VPN (VPWS) VSI



C-VID=Internet(5)

C-VID=Voice(3)

C-VID=Video(4)

C-VID=Ent. A

C-VID=Ent. B

C-VID=Ent. C

C-VID=Ent. D VSI


PE/SAR PE3

H-VPLS

VRF

VRF

VRF

Residential

Internet Access

Residential

Voice

Residential

Video

Enterprise

Internet Access

Enterprise

L3 VPN

Enterprise

L2 VPN (PtP)

Enterprise

L2 VPN (PtMP)

VRF VRF VRF VRF VRF

VSI VSI VSI VSI VSI VSI

VSI VSI VSI VSI VSI VSI VSI

VRF

VRF

VSI

VSI

VSI


(C-VID=Internet, S-VID=AN1)


(C-VID=Voice, S-VID=AN1)


(C-VID=Video, S-VID=AN1)

DHCP

DHCP

DHCP

Static/Public Subnet




Per-Service VRF (Internet) VRF

VRF

VRF


Per-Service VRF (Video)

AS ES

Per-Enterprise VLAN

(C-VID=null, S-VID=Ent. A)

Per-Enterprise VLAN

(C-VID=null, S-VID=Ent. B)

Per-Enterprise VLAN

(C-VID=Private Use, S-VID=Ent. C)

Per-Enterprise VLAN

(C-VID=Private Use, S-VID=Ent. D)



WiBro Case


PE/BR PE

VRF

PE2

MPLS L3 Internet VPN (LSP to PE:P2P) VRF




CID=Internet CID

CID=Voice CID

CID=Video CID

PE/SAR PE3

VRF

VRF

VRF

Residential

Internet Access

Residential

Voice

Residential

Video


(C-VID=Internet, S-VID=RAS1)


(C-VID=Voice, S-VID=RAS1)


(C-VID=Video, S-VID=RAS1)

BS ASN-GW L3 Per-Service VRF (Internet) VRF

VRF

VRF


Per-Service VRF (Video) GRE tunnel

DHCP

AS ES



VPN Service

MPLS L3 VPN

MPLS L2 VPN

Virtual Private Wire Service (VPWS)

Virtual Private LAN Service (VPLS)



MPLS L3 VPN for Enterprise

RFC 2547bis defines a mechanism that allows service providers to use their IP backbone to

provide VPN services to their customers. RFC 2547bis VPNs are also known as BGP/MPLS

VPNs because BGP is used to distribute VPN routing information across the provider's

backbone and because MPLS is used to forward VPN traffic from one VPN site to another.

Metro Ethernet

Backhaul

Metro Ethernet

Backhaul

PE1.CTY1

PE2.CTY1

CE

VPN A

Metro Ethernet

Backhaul

PE1.CTY2

PE2.CTY2

PE1.CTY4

PE2.CTY4

PE1.CTY5

PE2.CTY5

PE1.CTY6

PE2.CTY6

PE1.CTY7

PE2.CTY7

CE

VPN A

Metro Ethernet

Backhaul City 2

CE

Metro Ethernet

Backhaul

CE

Metro Ethernet

Backhaul

City 3

PE1.CTY3

PE2.CTY3

City 4

City 1

Metro Ethernet

Backhaul City 5

City 6

City 7

CR1 CR2

CR3

CE

CE PE PE CE P P

IP/MPLS Network



Tunnel LSP Setup: RSVP-TE

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

CR1 CR2

CR3

PATH

ERO = {CR1, CR2, PE1.CTY5}

PATH

ERO = {CR2, PE1.CTY5}

PATH

ERO = {PE1.CTY5}

RESV

Label = 17

RESV

Label = 20

RESV

Label = 3

Ingress Routing Table

In Out(port/label)

IP Route 2/17

MPLS Table

In(port/Label) Out(port/label)

3/17 6/20

MPLS Table

In(port/Label) Out(port/label)

2/20 5/3

RVSP-TE PATH Message Establish state and request label assignment PE1.CTY1 transmit a PATH message addressed to PE1.CTY5 Label Request Object ERO = {Strict CR1, strict CR2, strict PE1.CTY5} PRO = {PE1.CTY1 IP address, store and add IP hop address} Session object identifies LSP name Session Attribute: Priority, Preemption and Fast Reroute Flow-Spec: Request Bandwidth Reservation

RVSP-TE RESV Message Distribute labels and reserve resource PE1.CTY5 transmits a RESV message to PE1.CTY1 Label = 3 Session object to uniquely identify the LSP

CR2 and CR1 Stores “Outbound” label and allocate an “Inbound” label Transmits RESV with inbound label to upstream LSR PE1.CTY1 binds label to FEC

Tunnel LSP

RSVP-TE for Traffic Engineering

RFC 3209, RSVP-TE: Extensions to RSVP for LSP Tunnels, December 2001



Constraint-Based Routing

Routing Table Traffic Engineering

Database (TED)

User

Constraints

Constrained Shortest

Path First (CSPF)

Explicit Route

RSVP Signaling

1) Store information from IGP flooding

3) Examine user defined constraints

4) Calculate the physical path for the LSP

5) Represent path as an explicit route

6) Pass ERO to RSVP for signaling

2) Store traffic engineering information

Extended IGP

(OSPF-TE, IS-IS TE)



CE-PE Routing: OSPF, RIP, BGP, Static Route PE-PE Routing: MP-iBGP

Metro Ethernet

Backhaul

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

Metro Ethernet

Backhaul City1 City5

CR1 CR2

CR3

Site-2, VPN-B

10.1.2.0/24

RIP

Site-2, VPN-A

10.1.2.0/24

IS-IS

IGP (IS-IS)

advertises

IPv4 route

Site-1, VPN-B

10.1.1.0/24

RIP

Site-1, VPN-A

10.1.1.0/24

IS-IS

CE2

CE2

CE1

CE1

VRF Green

Destination BGP Next Hop Inner Label

10.1.2.0/24 PE1.CTY5 10

VRF Yellow


10.1.2.0/24 PE1.CTY5 12

VRF Green VRF Green

MP-iBGP

•Destination = RD_Green:10.1.2/24

•Label = 10

•BGP Next Hop = PE1.CTY5

•Route Target = Green

IGP (IS-IS)

advertises

IPv4 route

MP-iBGP advertises VPNv4 route

with MPLS label and RTs.

RT indicate to which VRF the route is

imported. RD is removed from VPNv4 route.

IPv4 route is inserted into VRF Green

routing table.

IPv4 route is inserted in

VRF Green routing table.

IPv4 route is redistributed into MP-

iBGP. RD is added to IPv4 route to make

it a VPNv4 route. RTs are added.

CE PE PE CE P P

MPLS L3 VPN for Enterprise: VPN Route Distribution



Metro Ethernet

Backhaul

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

Metro Ethernet

Backhaul City 1 City 5

CR1 CR2

CR3

Site-2, VPN-B

10.1.2.0/24

RIP

Site-2, VPN-A

10.1.2.0/24

IS-IS

Site-1, VPN-B

10.1.1.0/24

RIP

Site-1, VPN-A

10.1.1.0/24

IS-IS

CE2

CE2

CE1

CE1

VRF Green


10.1.2.0/24 PE1.CTY5 10

VRF Yellow


10.1.2.0/24 PE1.CTY5 12

Global Routing Table

Destination IGP Next Hop Tunnel Label

PE1.CTY5 CR1 25

MPLS Table

In

(port/label)

Out

(port/label)

1/25 3/30

IGP Label(25)

VPN Label(10)

10.1.2.5

IGP Label(30)

VPN Label(10)

10.1.2.5

IGP Label(0)

VPN Label(10)

10.1.2.5

Egress PE router(PE1.CTY5) removes top label, uses inner label to select which VPN/CE to forward the packet to. Inner label is removed and packet sent to CE2 router

10.1.2.5

VRF Green

VRF Green

PE1.CTY1 router receives normal IP packet from CE1 router.

PE1.CTY1 router does “IP Longest Match” from VRF, finds iBGP next hop PE1.CTY5 and imposes a stack of labels

P routers switch the packet based on the IGP Label (top label)

MPLS Table

Incoming

(port/Inner label)

Outgoing

interface

1/10 if2

10.1.2.5

MPLS L3 VPN for Enterprise: Forwarding Customer Traffic Across the BGP/MPLS Backbone



Metro Ethernet

Backhaul

Metro Ethernet

Backhaul

PE2.CTY1

PE1.CTY5

PE2.CTY5

PE1.CTY7

PE2.CTY7

Metro Ethernet

Backhaul City 1

City 5

City 7

CR1 CR2

CR3

CE2

CE3

CE1

A pair of VC-LSPs

PE1.CTY1

S-VID 200/Eth10

S-VID 200/Eth20

S-VID 200/Eth30

PE1.CTY1

Per-Enterprise

Hierarchical shaping

(PIR/CIR)

S-VID

200

S-VID

201

I

T V

RT Video

RT Voice

Best Effort

Mission Critical

M

Eth10

PE1.CTY5

Per-Enterprise


(PIR/CIR)

S-VID

200

S-VID

201

I

T V

RT Video

RT Voice

Best Effort

Mission Critical

M

Eth20

100Mbps shaper

Customer

Classification

(VC-Label)

Application

Classification

(5-Tuple)

5Mbps shaper

PE1.CTY7

Per-Enterprise


(PIR/CIR)

S-VID

200

S-VID

201

I

T V

RT Video

RT Voice

Best Effort

Mission Critical

M

Eth30

5Mbps shaper

Service Rate Control at each PE participating a VPLS instance Upstream Rate Control: Ingress Rate

Limiting Downstream Rate Control: Egress Rate

Shaping Granularity of Rate Control: 1Mbps

A pair of VC-LSPs

A pair of VC-LSPs

VPN A VPN A

VPN A

MPLS L3 VPN: Rate Control Per-Customer and Per- Site



Metro Ethernet

Backhaul

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

Metro Ethernet


CR1 CR2

CR3

Site-2, VPN-A

Branch Office Site-1, VPN-A

Headquarter CE2

CE1

QinQ (Per-enterprise VLAN)

H-VPLS

Tunnel Signaling (LDP/RSVP-TE)

VPN Routing (OSPF, RIP, Static, etc.) VPN Route and Label Distribution (MG-iBGP)

IGP (IS-IS)

QinQ (Per-enterprise VLAN)

VLL/

H-VPLS

VPN Routing (OSPF, RIP, Static, etc.)

Metro Aggregation IP/MPLS Backbone Metro Aggregation

CE PE PE CE P P

VRF Green

VRRP between VRFs

S-VID 100

S-VID 100

VRF Green

VRF Green

vc-lsp 100

vc-lsp 200

S-VID 100

VRF configuration in 2 PE routers. Backhaul is connected to PE through 2 VLANs

VRRP redundancy per VRF between PE routers (255 VRRP instance for VRF)

Ex) PE redundancy in Headquarter site, and single PE in Branch office

S-VID 100

MPLS L3 VPN for Enterprise: PE Redundancy



Benefits of BGP/MPLS VPNs

The major objective of BGP/MPLS VPNs is to simplify network operations for customers while allowing the service provider to offer scalable, revenue-generating, value-added services. BGP/MPLS VPNs has many benefits, including the following.

There are no constraints on the address plan used by each VPN customer. The customer can use either globally unique or private IP address spaces. From the service provider's perspective, different customers can have overlapping address spaces.

The CE router at each customer site does not directly exchange routing information with other CE routers. Customers do not have to deal with inter-site routing issues because inter-site routing issues are the responsibility of the service provider.

VPN customers do not have a backbone or a virtual backbone to administer. Thus, customers do not need management access to PE or P routers.

Providers do not have a separate backbone or virtual backbone to administer for each customer VPN. Thus, providers do not require management access to CE routers.

The policies that determine whether a specific site is a member of a particular VPN are the policies of the customer. The administrative model for RFC 2547bis VPNs allows customer policies to be implemented by the provider alone or by the service provider working together with the customer.

The VPN can span multiple service providers. While this capability of BGP/MPLS VPNs is important, this paper does not describe inter-provider VPN solutions.

Without the use of cryptographic techniques, security is equivalent to that supported by existing Layer 2 (ATM or Frame Relay) backbone networks.

Service providers can use a common infrastructure to deliver both VPN and Internet connectivity services. Flexible and scalable QoS for customer VPN services is supported through the use of the experimental bits in the

MPLS shim header or by the use of traffic engineered LSPs (signaled by RSVP). The RFC 2547bis model is link layer (Layer 2) independent.



MPLS L3 VPN for Enterprise

Features

Maximum Number of 802.1Q (VLAN) Circuits 26K

Maximum Number of 802.1ad (QinQ) Circuits 26K

Maximum Number of LSPs (LDP) 2.4K

Maximum Number of LSPs (RSVP-TE) 50K

Maximum Number of VRF 4K

Maximum VPN Route Entries per VRF 500K

Maximum Number of MPLS L3 VPN Instances 4K

Juniper M-series



Metro Ethernet

Backhaul

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

Metro Ethernet


CR1 CR2

CR3

Site-2, VPN-B

Site-2, VPN-A

Site-1, VPN-B

Site-1, VPN-A

CE2

CE1

CE1

Per-enterprise VLAN (QinQ)

VLL/

H-VPLS


PW Signaling (Martini Signaling: Targeted LDP)

IGP (IS-IS) VLL/

H-VPLS


Martini signaling

T-LDP

DU-LDP

Point-to-Point Transparent LAN Service (Customer VLAN (C-VID))

PW (vc-lsp) Per-enterprise VLAN (QinQ)

CE2

Standard: RFC 4448 (Martini), Encapsulation Methods for Transport of Ethernet over MPLS Networks, April 2006 RFC 4447 (Martini), Pseudowire Setup and Maintenance Using LDP, April 2006

MPLS L2 VPN: VLL/VPWS/EoMPLS Service




Metro Ethernet

Backhaul

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

Metro Ethernet


CR1 CR2

CR3

Site-2, VPN-B

Site-2, VPN-A

Site-1, VPN-B

Site-1, VPN-A

CE2

CE2

CE1

CE1

PE1.CTY5 configured:

Local S-VID200 on Ethernet20 to

be configured with VCID 2400

going to PE1.CTY1.

PE1.CTY1 configured:

Local S-VID200 on Ethernet30 to

be configured with VCID 2400

going to PE1.CTY5.

VCID (Virtual Circuit ID) represents the provisioned ID for the “circuit” between the (Ethernet port + VLAN ID) entities provisioned in the 2 PEs (PE1.CTY1 and PE1.CTY5)

Tunnel LSP

1. Configuring PE

Metro Ethernet

Backhaul

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

Metro Ethernet


CR1 CR2

CR3

Site-2, VPN-B

Site-2, VPN-A

Site-1, VPN-B

Site-1, VPN-A

CE2

CE2

CE1

CE1

Tunnel LSP

PE1.CTY5 binds the VCID 2400 to

vc-label 2000

DU-LDP Label Mapping Message

VC FEC TLV:

• VC Type = Ethernet

• VCID = 2400

VC Label TLV:

• vc-label = 2000

PE1.CTY1 binds vc-label 2000 to

local VLAN 200 on Eth30 using

VCID 2400 as common ID

S-VID 200/Eth30 S-VID 200/Eth20


2. VC Label Mapping and DU-LDP Signaling

VCID 2400

Port VLAN(S-VID) VC-Label Tunnel Label

30 200 2000 100

Unidirectional representation: same steps

for PE1.CTY1 to PE1.CTY5 direction

Vc-label 2000




Tunnel Label(25)

VC Label(10)

D-MAC/S-MAC

S-VID

C-VID

IP Packet

Metro Ethernet

Backhaul

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

Metro Ethernet


CR1 CR2

CR3

Site-2, VPN-B

Site-2, VPN-A

Site-1, VPN-B

Site-1, VPN-A

CE2

CE2

CE1

Tunnel LSP


3. Packet Forwarding

VCID 2400

Port VLAN(S-VID) VC-Label Tunnel Label

30 200 2000 100

MPLS Table

In

(port/label)

Out

(port/label)

1/25 3/30

Vc-label 2000

D-MAC/S-MAC

C-VID

IP Packet

Tunnel Label(30)

VC Label(10)

D-MAC/S-MAC

S-VID

C-VID

IP Packet

D-MAC/S-MAC

S-VID(200)

C-VID

IP Packet

D-MAC/S-MAC

S-VID(200)

C-VID

IP Packet

Tunnel Label(0)

VC Label(10)

D-MAC/S-MAC

S-VID

C-VID

IP Packet

D-MAC/S-MAC

C-VID

IP Packet

CE1



EoMPLS Service: QoS

Metro Ethernet

Backhaul

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

Metro Ethernet


CR1 CR2

CR3

Site-2, VPN-B

Site-2, VPN-A

Site-1, VPN-B

Site-1, VPN-A

CE2

CE2

CE1

Tunnel LSP


PW

CE1

PE1.CTY1

Per-Enterprise


(PIR/CIR)

S-VID

200

S-VID

201

I

T V

RT Video

RT Voice

Best Effort

Mission Critical

M

S-VID

202

Eth30

PE1.CTY5

Per-Enterprise


(PIR/CIR)

S-VID

200

S-VID

201

I

T V

RT Video

RT Voice

Best Effort

Mission Critical

M

S-VID

202

Eth20

Per-Enterprise Rate

Shaping (1Mbps

increment from 1Mbps

to 1Gbps)

5Mbps shaper

A customer traffic is

classified to the application

level and mapped to 4 Traffic

class

Customer

Classification

Application

Classification

Virtual Leased Line

3Mbps shaper

20Mbps shaper

5Mbps shaper

3Mbps shaper

20Mbps shaper



VPLS Service

Metro Ethernet

Backhaul

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

Metro Ethernet

Backhaul City 1

City 5

CR1 CR2

CR3

Site-2, VPN-B

Site-2, VPN-A

Site-1, VPN-B

Site-1, VPN-A

CE2

CE1

CE1

Per-enterprise VLAN(QinQ)

VLL/

H-VPLS


PW Signaling (Martini Signaling: Targeted LDP)

IGP (IS-IS) VLL/

H-VPLS


Martini signaling

T-LDP

DU-LDP

Point-to-Multi-Point Transparent LAN Service

VPLS (Full-Meshed PW) Per-enterprise VLAN(QinQ)

CE2 PE1.CTY7

PE2.CTY7

PE1.CTY3

PE2.CTY3

City 7

Standard: RFC 4762: Virtual Private LAN Service (VPLS) Using LDP Signaling, Jan. 2007 RFC 4761: RFC 4761 on Virtual Private LAN Service (VPLS) Using BGP for Auto-Discovery and Signaling, Jan. 2007 RFC 4664: Framework for Layer 2 Virtual Private Networks (L2VPNs), Sep. 2006

VSI VSI

VSI VSI



VPLS Reference Model

Metro Ethernet

Backhaul

Metro Ethernet

Backhaul

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

PE1.CTY7

PE2.CTY7

Metro Ethernet

Backhaul City 1

City 5

City 7

CR1 CR2

CR3

CE

CE

CE

CE

MPLS Tunnel LSP (Full-Mesh)

Pseudo Wire (a pair of vc-lsp)

VSI Green

VSI Violet

VSI Green

VSI Violet

VSI Green

VSI Violet

CE

CE



VPLS Instance Creation: PW Signaling

Metro Ethernet

Backhaul

Metro Ethernet

Backhaul

PE2.CTY1

PE1.CTY5

PE2.CTY5

PE1.CTY7

PE2.CTY7

Metro Ethernet

Backhaul City1

City5

City7

CR1

CR2

CR3

CE

CE

CE

CE

CE

CE

Use vc-label 201 for VCID 1000 when

sending to me

FIB for VPLS 1000 (PE1.CTY1)

MAC Location Interface

Local Eth10, S-VID 200

Remote Tunnel to PE1.CTY5(vc-lsp102)


PW12

Use vc-label 102 for VCID 1000 when

sending to me

T-LDP(PE1.CTY1PE1.CTY5): For SVC-ID 1000, use VC- label 201 when sending to me






T-LSP signaling for creating PW12 PE1.CTY1

1. T-LSP signaling for creating Full-Mesh PW

2. VPLS Instance (VSI) Creation FIB for VPLS 1000 (PE1.CTY5)











S-VID 200/Eth10

S-VID 200/Eth20

S-VID 200/Eth30

S-VID 300/Eth20



3. Data Forwarding (VPLS MAC Learning)

Metro Ethernet

Backhaul

Metro Ethernet

Backhaul

PE2.CTY1

PE1.CTY5

PE2.CTY5

PE1.CTY7

PE2.CTY7

Metro Ethernet

Backhaul City1

City5

City7

CR1 CR2

CR3

CE

CE

CE

CE

CE

CE



M1 Local Eth10, S-VID 200



PW12

PE1.CTY1





M1 Remote Tunnel to PE1.CTY1(vc-lsp201)







S-VID 200/Eth10

S-VID 200/Eth20

S-VID 200/Eth30

Once the VPLS instance with vc-id 1000 has been created, the first packets can be sent and the MAC learning process starts.

Assume M1 is sending a packet to PE1.CTY5 destined for M2 (M2 and M1 are each identified by a unique MAC address).

PE1.CTY1 receives the packet and learns (from the source MAC address) that M1 can be reached on local port Eth 10, S-VID 200; it stores this information in the FIB for vc-id

1000.

PE1.CTY1 does not yet know the destination MAC address M2, so it floods the packet to PE1.CTY5 with VC label 102 (on the corresponding MPLS outer tunnel) and to

PE1.CTY7 with VC label 103 (on the corresponding MPLS outer tunnel).

PE1.CTY5 learns from VC label 201 that M1 is behind PE1.CTY1; it stores this information in the FIB for vc-id 1000.

PE1.CTY7 learns from VC label 302 that M1 is behind PE1.CTY1; it stores this information in the FIB for vc-id 1000.

Tunnel Label(25)

VC Label(102)

D-MAC = M2

S-MAC = M1

S-VID = 200

C-VID = 100

IP Packet

D-MAC = M2

S-MAC = M1

S-VID = 200

C-VID = 100

IP Packet

M1

S-VID 300/Eth20

M2

M3

M4

Tunnel Label(15)

VC Label(103)

D-MAC = M2

S-MAC = M1

S-VID = 200

C-VID = 100

IP Packet

D-MAC = M2

S-MAC = M1

S-VID = 200

C-VID = 100

IP Packet

D-MAC = M2

S-MAC = M1

S-VID = 300

C-VID = 100

IP Packet

VPLS MAC Learning and Packet Forwarding



PE1.CTY5 strips off label 102, does not know the destination M2 and floods the packet on ports Eth 20, S-VID 200 and Eth20, S-VID 300; PE1.CTY5 does not flood the packet

to PE1.CTY7 because of the split horizon rule.

PE1.CTY7 strips off label 103, does not know the destination M2 and sends the packet on port Eth30, S-VID 200; PE1.CTY7 does not flood the packet to PE1.CTY5 because of

the split horizon rule.

M2 receives the packet.

When M2 receives the packet from M1, it replies with a packet to M1:

PE1.CTY5 receives the packet from M2 and learns that M2 is on local port Eth 20, S-VID 200; it stores this information in the FIB for vc-id 1000.

PE1.CTY5 already knows that M1 can be reached via PE1.CTY1 and therefore only sends the packet to PE1.CTY1 using VC label 201.

PE1.CTY1 receives the packet for M1; it knows that M1 is reachable on port Eth 10, S-VID 200.

M1 receives the packet.

Metro Ethernet

Backhaul

Metro Ethernet

Backhaul

PE2.CTY1

PE1.CTY5

PE2.CTY5

PE1.CTY7

PE2.CTY7

Metro Ethernet

Backhaul City1

City5

City7

CR1 CR2

CR3

CE

CE

CE

CE

CE

CE PW12

PE1.CTY1

S-VID 200/Eth10

S-VID 200/Eth20

S-VID 200/Eth30

Tunnel Label(12)

VC Label(201)

D-MAC = M1

S-MAC = M2

S-VID = 200

C-VID = 100

IP Packet

D-MAC = M1

S-MAC = M2

S-VID = 200

C-VID = 100

IP Packet

M1

S-VID 300/Eth20

M2

M3

M4

D-MAC = M1

S-MAC = M2

S-VID = 200

C-VID = 100

IP Packet

















VPLS MAC Learning and Packet Forwarding



Metro Ethernet

Backhaul

Metro Ethernet

Backhaul

PE2.CTY1

PE1.CTY5

PE2.CTY5

PE1.CTY7

PE2.CTY7

Metro Ethernet

Backhaul City1

City5

City7

CR1 CR2

CR3

CE

CE

CE

CE

CE

CE

PW12

PE1.CTY1

S-VID 200/Eth10

S-VID 200/Eth20

S-VID 200/Eth30

PE1.CTY1

Per-Enterprise


(PIR/CIR)

S-VID

200

S-VLAN

201

I

T V

RT Video

RT Voice

Best Effort

Mission Critical

M

Eth10

PE1.CTY5

Per-Enterprise


(PIR/CIR)

S-VID

200

S-VLAN

201

I

T V

RT Video

RT Voice

Best Effort

Mission Critical

M

Eth20

100Mbps shaper

Customer

Classification

Application

Classification

5Mbps shaper

PE1.CTY7

Per-Enterprise


(PIR/CIR)

S-VID

200

S-VLAN

201

I

T V

RT Video

RT Voice

Best Effort

Mission Critical

M

Eth30

5Mbps shaper

Service Rate Control At Each PE participating a VPLS instance Upstream Rate Control: Ingress Rate Limiting Downstream Rate Control: Egress Rate

Shaping Granularity of Rate Control: 1Mbps

PW13

PW23

VPLS Rate Control Per-Customer and Per- Site



Features

Maximum number of 802.1Q (VLAN) Circuits 26K

Maximum number of 802.1ad (QinQ) Circuits 26K

Maximum number of LSPs (LDP) 2.4K

Maximum number of LSPs (RSVP-TE) 50K

Maximum number of VPWS instances 16K

Maximum number of VPLS instances 2K

Maximum number of MAC addresses 850K

MPLS L2 VPN for Enterprise: Scaling Characteristics

Juniper M-series



MPLS Protection



Path Protection: Secondary Path

1. Outage

1) Link Failure

2) Node Failure (RSVP Hello)

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

CR1 CR2

Primary LSP

Secondary LSP

2. RSVP Patherr and Resvtear

unicast to ingress PE

Ingress PE switches traffic to pre-established secondary path

Secondary LSP (Standby LSP Case) Path: Pre-computed (CSPF) BW Reservation: Pre-Signaled (RSVP-TE)

1. Secondary LSP: Pre-computed/Pre-signaled backup LSP

Secondary paths support the configuration of primary and secondary physical paths for an LSP to protect against link and transit node forwarding plane failures.

The primary path is the preferred path while the secondary path is used as an alternative route when the primary path fails.

There are two types of secondary paths: standby and non-standby. A standby secondary path is pre-computed and pre-signaled while a

non-standby secondary path is pre-computed but is not pre-signaled.

2. Normal Operation

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

CR1 CR2

Primary LSP

Secondary LSP

RSVP Hello RSVP Hello RSVP Hello

3. Network Impairment

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

CR1 CR2 Primary LSP

Secondary LSP

4. Protection Switching

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

CR1 CR2

Primary LSP

Secondary LSP

CR3

CR3

CR3

CR3



1. Outage

1) Link Failure

2) Node Failure (RSVP Hello)

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

CR1 CR2 LSP

3. RSVP Patherr and Resvtear


1. Detour LSP Pre-Setup

Fast reroute (or one-to-one backup) allows an LSR immediately upstream from an outage to quickly route around a failed link or node to an LSR downstream of the outage.

This is accomplished by pre-computing and pre-establishing detour paths that bypass the immediate downstream link and the next-hop LSR.

For LSP PE1.CTY1-to-PE1.CTY5, the following detours are established PE1.CTY1 create a detour to PE1.CTY5 via CR3 CR1 create a detour to PE1.CTY5 via CR3 CR2 create a detour to PE1.CTY5 via CR3

2. Normal Operation

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

CR1 CR2

RSVP Hello RSVP Hello RSVP Hello

3. Network Impairment

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

CR1 CR2

2. CR2 switches traffic to

its dedicated detour path

Detours LSPs 4. Re-optimization

Fast reroute provides local repair and allows connectivity to be restored faster than traffic can be switched by the ingress LSR to a standby secondary LSP.

Fast reroute is only a short-term solution because the detour paths may not provide adequate bandwidth and the activation of a detour path can result in congestion on bypass links.

As soon as the ingress router calculates a new path avoiding the failure, traffic is redirected along the new path, detours are torn down, and new detours established.

Local Protection: Fast Reroute (1:1 Protection)

CR3

CR3

CR3



PE1.CTY3

PE2.CTY3

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

PE1.CTY7

PE2.CTY7

CR1 CR2

LSP1: PE1.CTY3-to-PE1.CTY5


LSP1

LSP2

Many-to-one (facility backup) is based on interface rather than on LSP. While fast reroute protects interfaces or nodes along the entire path of a LSP, many-to-one protection can be applied on interfaces as needed.

A bypass path is set up around the link to be protected using an alternate interface to forward traffic.

Link protection (or many-to-one backup) allows an LSR immediately upstream from a link failure to use an alternate interface to forward traffic to its downstream neighbor LSR.

This is accomplished by pre-establishing a bypass path that is shared by all protected LSPs traversing the failed link. A single bypass path safeguards the set of protected LSPs.

The bypass path is shared by all protected LSPs traversing the failed link (many LSPs protected by one bypass path).

Bypass Path

1. Bypass Path Pre-Setup

PE1.CTY3

PE2.CTY3

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

PE1.CTY7

PE2.CTY7

CR1 CR2 LSP1

LSP2

Bypass

Path

2. Network Impairment (Link Failure)

1. Link Failure

3. RSVP Patherr and

Resvtear


2. CR1 switches all LSP

traffic to the bypass link

When an outage occurs, the router immediately upstream from the link outage switches protected traffic to the bypass link, then signals the link failure to the ingress router.

Like fast reroute, link protection provides local repair and restores connectivity faster than the ingress router switching traffic to a standby secondary path.

However, unlike fast reroute, link protection does not provide protection against the failure of the downstream neighbor.

Local Protection: Link Protection (Many-to-one or facility backup)

CR3

CR3



PE1.CTY3

PE2.CTY3

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

PE1.CTY7

PE2.CTY7

CR1 CR2



LSP1

LSP2

Next-hop bypass: Provides an alternate route for an LSP to reach a neighboring router. This type of bypass path is established when you enable either node-link protection or link protection.

Next-next-hop bypass: Provides an alternate route for an LSP through a neighboring router en route to the destination router. This type of bypass path is established exclusively when node-link protection is configured.

1. Bypass Path Pre-Setup 2. Network Impairment (Link Failure)

1. Link Failure

2. PE1.CTY3 switches all LSP

traffic to the NHOP bypass link

NHOP

bypass NNHOP

bypass

PE1.CTY3

PE2.CTY3

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

PE1.CTY7

PE2.CTY7

CR1 CR2 LSP1

LSP2

NHOP

bypass

Link Failure

1. Node Failure

2. PE1.CTY3 switches all LSP

traffic to the NNHOP bypass link

PE1.CTY3

PE2.CTY3

PE1.CTY1

PE2.CTY1

PE1.CTY5

PE2.CTY5

PE1.CTY7

PE2.CTY7

CR1 CR2 LSP1

LSP2

NNHOP

bypass

Node Failure

Local Protection: Node-Link Protection (Many-to-one or facility backup)

CR3

CR3

CR3



End of Document


Carrier WiFi

Data Center Migration

WirelineNetwork

LTE

Mobile Network

Mobile WiMAX

Carrier Ethernet

FTTH

Data Center

Policy Control/PCRF

IPTV/TPS

Metro Ethernet

MPLS

IP Routing

99 00 01 02 03 04 05 06 07 08 09 10 11 12 13

eMBMS/Mobile IPTV

Services

CDN/Mobile CDN

Transparent Caching

BSS/OSS

Cable TPS

Voice/Video Quality

IMS

LTE Backaul

Netmanias Research and Consulting Scope

Visit http://www.netmanias.com to view and download more technical documents.

Documents

Netmanias.2007.12.13-MPLS Backhaul & Backbone Network Design (en)