SMUCSE 8344 Lecture 9 Mark E. Allen SMU 8344
SMUCSE 8344 Agenda Summarize MPLS –Discussion from Cisco Presentation Discuss QoS in MPLS –Chapter 6 in MPLS Book Traffic Engineering in MPLS –Chapter 7 MPLS Book Virtual Private Networks –Chapter 8 MPLS Book Introduction to Optical Networking
SMUCSE 8344 MPLS Architecture Overview Adapted from Stefano Previdi’s and Jay Kumarasamy presentation
SMUCSE 8344 Agenda MPLS Concepts LSRs and labels Label assignment and distribution Label Switch Paths ATM LSRs Loops and TTL LDP overview Day in the Life of a Packet
SMUCSE 8344 MPLS Concepts MPLS: Multi Protocol Label Switching MPLS is a layer 2+ switching Developed to integrate IP and ATM MPLS forwarding is done in the same way as in ATM switches Packet forwarding is done based on Labels
SMUCSE 8344 MPLS Concepts Unlike IP, classification/label can be based on: Destination Unicast address Traffic Engineering VPN QoS FEC: Forwarding Equivalence Class A FEC can represent a: Destination address prefix, VPN, Traffic Engineering tunnel, Class of Service.
SMUCSE 8344 Agenda MPLS Concepts LSRs and labels Label assignment and distribution Label Switch Paths ATM LSRs Loops and TTL LDP overview Summary
SMUCSE 8344 LSRs and Labels LSR: Label Switch Router Edge-LSR: LSRs that do label imposition and disposition ATM-LSR: An ATM switch with Label Switch Controller
SMUCSE 8344 LSRs and Labels IGP domain with a label distribution protocol An IP routing protocol is used within the routing domain (e.g.:OSPF, i-ISIS) A label distribution protocol is used to distribute address/label mappings between adjacent neighbors The ingress LSR receives IP packets, performs packet classification, assign a label, and forward the labelled packet into the MPLS network Core LSRs switch packets/cells based on the label value The egress LSR removes the label before forwarding the IP packet outside the MPLS network
SMUCSE 8344 LSRs and Labels Uses new Ethertypes/PPP PIDs/SNAP values/etc More than one Label is allowed -> Label Stack MPLS LSRs always forward packets based on the value of the label at the top of the stack Label = 20 bits Exp = Experimental, 3 bits S = Bottom of stack, 1bit TTL = Time to live, 8 bits Label | Exp|S| TTL
SMUCSE 8344 LSRs and Labels PPP Header Layer 3 Header Shim Header PPP Header(Packet over SONET/SDH) Ethernet Hdr Layer 3 Header Shim Header Ethernet FR Hdr Layer 3 Header Shim Header Frame Relay ATM Cell Header HEC DATA CLP PTI VCI GFC VPI Label HEC DATA CLP PTI VCI GFC VPI Label Subsequent cells
SMUCSE 8344 Agenda MPLS Concepts LSRs and labels Label assignment and distribution Label Switch Paths ATM LSRs Loops and TTL LDP overview Day in the Life of a Packet
SMUCSE 8344 Label Assignment and Distribution Labels have link-local significance Each LSR binds his own label mappings Each LSR assign labels to his FECs Labels are assigned and exchanged between adjacent neighboring LSR Applications may require non-adjacent neighbors
SMUCSE 8344 Label Assignment and Distribution Rtr-C is the downstream neighbor of Rtr-B for destination /24 Rtr-B is the downstream neighbor of Rtr-A for destination /24 LSRs know their downstream neighbors through the IP routing protocol – Next-hop address is the downstream neighbor /24 Rtr-BRtr-ARtr-C /24 Upstream and Downstream LSRs
SMUCSE 8344 Label Assignment and Distribution LSRs distribute labels to the upstream neighbors /24 Rtr-B Rtr-A Rtr-C /24 Next-Hop InLab -... AddressPrefix OutI/F 1... OutLab InI/F 0... Next-Hop InLab AddressPrefix OutI/F 1... OutLab InI/F 0... Next-Hop InLab AddressPrefix OutI/F 1... OutLab -... InI/F 0... Use label 40 for destination /24 Use label 30 for destination /24 IGP derived routes Unsolicited Downstream Distribution
SMUCSE 8344 Label Assignment and Distribution Upstream LSRs request labels to downstream neighbors Downstream LSRs distribute labels upon request /24 Rtr-B Rtr-A Rtr-C /24 Use label 30 for destination /24 Use label 40 for destination /24 Request label for destination /24 On-Demand Downstream Distribution
SMUCSE 8344 Label Assignment and Distribution Liberal retention mode LSR retains labels from all neighbors Improve convergence time, when next-hop is again available after IP convergence Require more memory and label space Conservative retention mode LSR retains labels only from next-hops neighbors LSR discards all labels for FECs without next-hop Free memory and label space Label Retention Modes
SMUCSE 8344 Label Assignment and Distribution Label Distribution Modes Independent LSP control LSR binds a Label to a FEC independently, whether or not the LSR has received a Label the next-hop for the FEC The LSR then advertises the Label to its neighbor Ordered LSP control LSR only binds and advertise a label for a particular FEC if: it is the egress LSR for that FEC or it has already received a label binding from its next-hop
SMUCSE 8344 Label Assignment and Distribution Several protocols for label exchange LDP Maps unicast IP destinations into labels RSVP, CR-LDP Used in traffic engineering BGP External labels (VPN) PIM For multicast states label mapping
SMUCSE 8344 Agenda MPLS Concepts LSRs and labels Label assignment and distribution Label Switch Paths ATM LSRs Loops and TTL LDP overview Day in the Life of a Packet
SMUCSE 8344 Label Switch Path (LSP) LSPs are derived from IGP routing information LSPs may diverge from IGP shortest path LSP tunnels (explicit routing) with TE LSPs are unidirectional Return traffic takes another LSP LSP follows IGP shortest pathLSP diverges from IGP shortest path IGP domain with a label distribution protocol
SMUCSE 8344 Label Switch Path (LSP) Penultimate Hop Popping The label at the top of the stack is removed (popped) by the upstream neighbor of the egress LSR The egress LSR requests the “popping” through the label distribution protocol Egress LSR advertises implicit-null label The egress LSR will not have to do a lookup and remove itself the label One lookup is saved in the egress LSR
SMUCSE 8344 Label Switch Path (LSP) Penultimate Hop Popping 0 1 Summary route for / /24 Next-Hop InLabAddressPrefixOutI/FOutLabInI/F /162pop Next-Hop InLabAddressPrefixOutI/FOutLabInI/F / Egress LSR summarises more specific routes and advertises a label for the new FEC Summary route is propagate through the IGP and label is assigned by each LSR Use label “implicit-null” for FEC /16 Summary route for /16 Use label 4 for FEC / /24 Address Prefix and mask /24 Next-Hop InterfaceSerial / Serial /16...Null Egress LSR needs to do an IP lookup for finding more specific route Egress LSR need NOT receive a labelled packet
SMUCSE 8344 Agenda MPLS Concepts LSRs and labels Label assignment and distribution Label Switch Paths ATM LSRs Loops and TTL LDP overview Summary
SMUCSE 8344 ATM LSRs ATM switches forward cells, not packets Label Dist is Downstream on-demand, Ordered IGP label is carried in the VPI/VCI field Merging LSR: Ability to use the same label for different FECs if outgoing interface is the same Save label space on ATM-LSRs Cell interleave problem Non Merging LSR: ATM-LSR requests one label per FEC and per incoming interface (upstream neighbors) Downstream LSR may request itself new label to its downstream neighbors
SMUCSE 8344 ATM LSRs Non-Merging Downstream on Demand InLab AddressPrefix OutI/F OutLab InI/F IP Packet ATM cell ATM-LSR requested additional label for same FEC in order to distinguish between incoming interfaces (Downstream on Demand)
SMUCSE 8344 ATM LSRs VC-Merging Downstream on Demand InLab AddressPrefix OutI/F OutLab InI/F IP Packet ATM cell ATM-LSR transmitted cells in sequence in order for the downstream LSR to re-assembling correctly the cells into packets
SMUCSE 8344 Agenda MPLS Concepts LSRs and labels Label assignment and distribution Label Switch Paths ATM LSRs Loops and TTL LDP overview Summary
SMUCSE 8344 Loops and TTL In IP networks TTL is used to prevent packets to travel indefinitely in the network MPLS may use same mechanism as IP, but not on all encapsulations TTL is present in the label header for PPP and LAN headers (shim headers) ATM cell header does not have TTL
SMUCSE 8344 Loops and TTL LSRs using ATM do not have TTL capability Some suggested options: - hop-count object in LDP - Path Vector object in LDP
SMUCSE 8344 Loops and TTL TTL is decremented prior to enter the non-TTL capable LSP If TTL is 0 the packet is discarded at the ingress point TTL is examined at the LSP exit IGP domain with a label distribution protocol LSR-1 LSR-2 LSR-4 LSR-5 LSR- 3 LSR-6 Egress IP packet TTL = 6 Label = 25 IP packet TTL = 6 IP packet TTL = 10 LSR-6 --> 25 Hops=4 IP packet TTL = 6 Label = 39 IP packet TTL = 6 Label = 21
SMUCSE 8344 Agenda MPLS Concepts LSRs and labels Label assignment and distribution Label Switch Paths ATM LSRs Loops and TTL LDP overview Day in the Life of a Packet
SMUCSE 8344 LDP Concepts Label Distribution Protocol Labels map to FECs for Unicast Destination Prefix LDP works between adjacent/non-adjacent peers LDP sessions are established between peers
SMUCSE 8344 LDP Messages Discovery messages Used to discover and maintain the presence of new peers Hello packets (UDP) sent to all-routers multicast address Once neighbor is discovered, the LDP session is established over TCP
SMUCSE 8344 LDP Messages Session messages Establish, maintain and terminate LDP sessions Advertisement messages Create, modify, delete label mappings Notification messages Error signalling
SMUCSE 8344 MPLS Concepts LSRs and labels Label assignment and distribution Label Switch Paths ATM LSRs Loops and TTL LDP overview Day in the Life of a Packet Agenda
SMUCSE 8344 Day in the life of a Packet 0 Summary route for / /24 Next-Hop InLabAddressPrefixOutI/FOutLabInI/F /162pop Next-Hop InLabAddressPrefixOutI/FOutLabInI/F / Egress LSR summarises more specific routes and advertises a label for the new FEC Summary route is propagate through the IGP and label is assigned by each LSR Use label “implicit-null” for FEC /16 Summary route for /16 Use label 4 for FEC /16 Egress LSR needs to do an IP lookup for finding more specific route /24 Address Prefix and mask /24 Next-Hop InterfaceSerial / Serial /16...Null Use label 7 for FEC /16 Next-Hop InLabAddressPrefixOutI/FOutLabInI/F / CE PE PP
SMUCSE 8344 Day in the life of a Packet Basic Layout
SMUCSE 8344 Day in the life of a Packet Database Layout
SMUCSE 8344 DISCUSSION OF QoS and Constraint Based Routing
SMUCSE 8344 Key Questions How does MPLS Support QoS? What is the difference between Integrated Services (INT-SERV) Differentiated Services (DIFF- SERV)? –Integrated services T-Spec and R-Spec Much of this is similar to ATM
SMUCSE 8344 Integrated Services An attempt to bring the ATM capabilities to IP –T-Spec: Max burst size, token rate, committed rate, etc. –R-Spec: Effective bandwidth or amount of resource required within the network. This is very different than “best-effort” and requires sophisticated queuing mechanisms Many in the industry saw this as a “reinvention” of ATM
SMUCSE 8344 Integrated Services architecture for providing QOS guarantees in IP networks for individual application sessions resource reservation: routers maintain state info of allocated resources admit/deny new call setup requests: Question: can newly arriving flow be admitted with performance guarantees while not violated QoS guarantees made to already admitted flows?
SMUCSE 8344 Intserv: QoS guarantee scenario Resource reservation –call setup, signaling (RSVP) –traffic, QoS declaration –per-element admission control –QoS-sensitive scheduling (e.g., WFQ) request/ reply
SMUCSE 8344 Call Admission Arriving session must : declare its QOS requirement –R-spec: defines the QOS being requested characterize traffic it will send into network –T-spec: defines traffic characteristics signaling protocol: needed to carry R-spec and T- spec to routers (where reservation is required) –RSVP
SMUCSE 8344 Intserv QoS: Service models [rfc2211, rfc2212] Guaranteed service: worst case traffic arrival: leaky-bucket- policed source Controlled load service: "a quality of service closely approximating the QoS that same flow would receive from an unloaded network element." WFQ token rate, r bucket size, b per-flow rate, R D = b/R max arriving traffic
SMUCSE 8344 IETF Differentiated Services Concerns with Intserv: Scalability: signaling, maintaining per-flow router state difficult with large number of flows Flexible Service Models: Intserv has only two classes. Also want “qualitative” service classes –“behaves like a wire” –relative service distinction: Platinum, Gold, Silver Diffserv approach: simple functions in network core, relatively complex functions at edge routers (or hosts) Don’t define service classes, provide functional components to build service classes
SMUCSE 8344 Diffserv Architecture Edge router: - per-flow traffic management - marks packets as in-profile and out-profile Core router: - per class traffic management - buffering and scheduling based on marking at edge - preference given to in-profile packets - Assured Forwarding scheduling... r b marking
SMUCSE 8344 Edge-router Packet Marking class-based marking: packets of different classes marked differently intra-class marking: conforming portion of flow marked differently than non-conforming one profile: pre-negotiated rate A, bucket size B packet marking at edge based on per-flow profile Possible usage of marking: User packets Rate A B
SMUCSE 8344 Classification and Conditioning Packet is marked in the Type of Service (TOS) in IPv4, and Traffic Class in IPv6 6 bits used for Differentiated Service Code Point (DSCP) and determine PHB that the packet will receive 2 bits are currently unused
SMUCSE 8344 Classification and Conditioning may be desirable to limit traffic injection rate of some class: user declares traffic profile (egs., rate, burst size) traffic metered, shaped if non-conforming
SMUCSE 8344 Forwarding (PHB) Per Hop Behavior (PHB) PHB result in a different observable (measurable) forwarding performance behavior PHB does not specify what mechanisms to use to ensure required PHB performance behavior Examples: –Class A gets x% of outgoing link bandwidth over time intervals of a specified length –Class A packets leave first before packets from class B
SMUCSE 8344 Forwarding (PHB) PHBs being developed: Expedited Forwarding: pkt departure rate of a class equals or exceeds specified rate –logical link with a minimum guaranteed rate Assured Forwarding: 4 classes of traffic –each guaranteed minimum amount of bandwidth –each with three drop preference partitions
SMUCSE 8344 Summary REFER TO MPLS 8 LECTURE FOR More Detail on these QoS and CBR (Constraint Based Routing)
SMUCSE 8344 Virtual Private Networks (VPNs)
SMUCSE 8344 When VPN? Internet as your own private network –Communicate securely between various corporate sites (Intranet) –Communicate securely between partner sites (Extranet) –Connect remote dial-up users securely to corporate networks
SMUCSE 8344 Advantages Flexible and cost effective Better business-to-business connectivity –business partners, service providers, contractors, and customers Advances in security
SMUCSE 8344 Layer2 vs. Layer3 VPNs Layer 3 VPNs Layer 2 VPNs Provider devices forward customer packets based on Layer 3 information (e.g., IP) MPLS/BGP VPNs (RFC 2547), GRE, virtual router approaches SP involvement in routing Provider devices forward customer packets based on Layer 2 information “pseudo-wire” concept Tunnels, circuits, LSPs, MAC address
SMUCSE 8344 Layer2 Example IP or MPLS Core IP Core R2R1 L2TPv3 Tunnel Ethernet IPL2TPEthernet Server B Workstation A Step #2 R1 takes Ethernet frame and encapsulates it in L2TP and routes it to tunnel destination Step #3 R2 receives IP/L2TP/Ethernet Packet and removes the IP/L2TPv3 headers. The remaining Ethernet frame is forwarded to Server B. Step #1 Workstation A sends packet destined for Server B
SMUCSE 8344 Overlay Model Each site has a router connected via P-T-P links to routers on other sites –Leased lines –Frame relay –ATM circuit Connectivity –Fully connected –Hub-and-spoke
SMUCSE 8344 Limitations of Overlay Customers need to manage the back- bones Mapping between Layer2 Qos and IP QoS Scaling problems –Cannot support large number of customers –(n-1) peering requirement
SMUCSE 8344 The Peer Model Aims to support large-scale VPN service Key technologies –Constrained distribution of routing info. –Multiple forwarding tables –VPN-IP addresses –MPLS switching
SMUCSE 8344 Terminology CE router Customer Edge router PE router –Provider Edge router. Part of the P- Network and interfaces to CE routers P router –Provider (core) router, without knowledge of VPN
SMUCSE 8344 Terminology (cont’d) Route Distinguisher Attributes of each route used to uniquely identify prefixes among VPNs (64 bits) VPN-IPv4 addresses Address including the 64 bits Route Distinguisher and the 32 bits IP address VRF –VPN Routing and Forwarding Instance –Routing table and FIB table
SMUCSE 8344 Connection Model The VPN backbone is composed by MPLS LSRs PE routers (edge LSRs) P routers (core LSRs) PE routers are faced to CE routers and distribute VPN information through BGP to other PE routers P routers do not run BGP and do not have any VPN knowledge
SMUCSE 8344 Model (cont’d) P and PE routers share a common IGP PE and CE routers exchange routing information through: EBGP, OSPF, RIP, Static routing CE router run standard routing software
SMUCSE 8344 Routing The routes the PE receives from CE routers are installed in the appropriate VRF The routes the PE receives through the backbone IGP are installed in the global routing table By using separate VRFs, addresses need NOT to be unique among VPNs
SMUCSE 8344 Forwarding PE and P routers have BGP next-hop reachability through the backbone IGP Labels are distributed through LDP (hop- by-hop) corresponding to BGP Next-Hops Label Stack is used for packet forwarding Top label indicates Next-Hop (interior label) Second level label indicates outgoing interface or VRF (exterior label)
SMUCSE 8344 Forwarding (cont’d) The upstream LDP peer of the BGP next- hop (PE router) will pop the first level label The egress PE router will forward the packet based on the second level label which gives the outgoing interface (and VPN)
SMUCSE 8344 Forwarding Example PE2 PE1 CE1 CE2 P1 P2 IGP Label(PE2) VPN Label IP packet PE1 receives IP packet Lookup is done on site VRF BGP route with Next-Hop and Label is found BGP next-hop (PE2) is reachable through IGP route with associated label IGP Label(PE2) VPN Label IP packet P routers switch the packets based on the IGP label (label on top of the stack) VPN Label IP packet Penultimate Hop Popping P2 is the penultimate hop for the BGP next- hop P2 remove the top label This has been requested through LDP by PE2 IP packet PE2 receives the packets with the label corresponding to the outgoing interface (VRF) One single lookup Label is popped and packet sent to IP neighbour IP packet CE3
SMUCSE 8344 Scalability Existing BGP techniques can be used to scale the route distribution Each edge router needs only the information for the VPNs it supports Directly connected VPNs Easy to add new sites –configure the site on the PE connected to it, the network automatically does the rest
SMUCSE 8344 QoS Support Pipe model –Similar to int-serv Hose Model –Similar to diff-serv