Presentation is loading. Please wait.

Presentation is loading. Please wait.

Implementing Secure Converged Wide Area Networks (ISCW)

Published bySibyl Dawson Modified over 6 years ago

Similar presentations

Presentation on theme: "Implementing Secure Converged Wide Area Networks (ISCW)"— Presentation transcript:

1 Implementing Secure Converged Wide Area Networks (ISCW)
Module 4: Frame Mode MPLS Implementation

2 Module 4: Frame Mode MPLS Implementation
Lesson 4.1: Introducing MPLS Networks

3 Objectives Describe Multiprotocol Label Switching (MPLS) features and operation. Compare and contrast 3 Cisco IOS platform IP switching mechanisms. Identify the fields and format of an MPLS label. Describe the purpose of the control and data planes in the MPLS architecture. Describe the function and architecture of Label Switch Routers (LSRs) and Edge LSRs.

4 WAN Topologies This graphic shows a range of possible WAN topologies. While sites can be connected using any of these topologies, a full mesh topology is required for optimal routing between the sites. The full mesh topology provides a dedicated virtual circuit between any two customer edge (CE) routers in the network to support the best routing solution, but using the full mesh configuration is very expensive. A partial mesh topology or hub-and-spoke topology is a less expensive solution. These topologies use a central point to coordinate activities. However, these solutions do not provide optimal routing. Using the partial mesh topology reduces the number of virtual circuits to the minimum number of circuits that are needed to provide optimum transport between major sites. The hub-and-spoke topology allows for the ultimate reduction in circuits within the partial mesh topology. Many sites, or spokes, connect directly to the central site or sites, or hubs, with no direct connectivity occurring between them. To prevent single points of failure, the hub-and-spoke topology sometimes extends to a redundant hub-and-spoke topology. Multiprotocol Label Switching (MPLS) provides optimal routing between sites. With MPLS, a site requires only one connection to the MPLS Service Provider (SP). MPLS is a high-performance method for forwarding packets through a network. MPLS enables routers at the edge of a network to apply simple labels in the form of numbers to these packets. MPLS-enabled routers can then switch packets according to labels, incurring minimal overhead for routing lookup.

5 Basic Multiprotocol Label Switching (MPLS) Features
MPLS reduces routing lookups. MPLS forwards packets based on labels. Labels usually correspond to IP destination networks (equal to traditional IP forwarding). Labels can also correspond to other parameters: Layer 3 VPN destination Layer 2 circuit Outgoing interface on the egress router QoS Source address MPLS supports forwarding of all Layer 3 protocols, not just IP. MPLS provides a blend of Layer 2 switching and Layer 3 routing to forward packets using short, fixed-length labels. Using MPLS in a wide area network adds many useful features: In a traditional IP network, every router performs routing lookups. Each router in the network makes an independent decision when the router forwards packets. Using MPLS helps reduce the number of routing lookups that are needed and can change the forwarding criteria. This capability eliminates the need to run a particular routing protocol on all the devices. MPLS is a switching mechanism that assigns labels, or numbers, to packets and then uses those labels to forward packets. The labels are assigned at the edge of the MPLS network, and forwarding inside the MPLS network is based solely on labels. Labels usually correspond to a path to Layer 3 destination addresses. IP destination-based routing uses a similar correspondence. Labels can also correspond to Layer 3 VPN destinations (MPLS VPN) or non-IP parameters, such as a Layer 2 circuit or outgoing interface on the egress router. MPLS supports forwarding of protocols other than TCP/IP. Label switching within the network occurs in the same manner regardless of the Layer 3 protocol that is used.

6 MPLS Operation Only edge routers must perform a routing lookup.
MPLS provides fast routing for large networks. Only the edge routers perform a routing lookup, and core routers forward packets based on the labels. These two functions mean faster forwarding of packets through the SP network. The example illustrates a situation in which the intermediary router, or core router, does not have to perform a time-consuming routing lookup. Instead, the core router simply swaps label 25 with label 23. The core router then forwards the packet to the Edge-1 router based on receiving label 23 from the Edge-1 router. In the example, the routing table tells the Edge-2 router that to reach the network, the Edge-2 router should assign a label of 25 to the packet. The edge router then forwards the packet to the core router. The label tells the core router that when the core router receives a packet with label 25, the router should swap that label with label 23 and then forward the packet to the Edge-1 router. Later in the course, you will read about the actual method that is used to inform the routers of these label allocations. In larger networks, the result of MPLS labeling is that only the routers at the edge of an MPLS network perform a routing lookup. All the core MPLS routers forward packets based on labels. Router switching mechanisms are a key component of the MPLS conceptual model. The next topic explains router switching mechanisms in more detail. Only edge routers must perform a routing lookup. Core routers switch packets based on simple label lookups and swap labels.

7 Cisco IOS Platform Switching Mechanisms
Process switching, or routing table-driven switching: Full lookup is performed at every packet Fast switching, or cache-driven switching: Most recent destinations are entered in the cache First packet is always process-switched Topology-driven switching: CEF (prebuilt FIB table) CEF The Cisco IOS platform supports three IP switching mechanisms: Process switching Fast switching Cisco Express Forwarding (CEF) The original switching mechanism available on Cisco routers was process switching. However, process switching is very slow because it must find a destination in the routing table. This process can possibly result in a recursive lookup. Process switching must also construct a new Layer 2 frame header for every packet. As a result, process switching is no longer widely used in modern networks. Cisco IOS platforms have the capability to overcome the slow performance of process switching. The platforms support several switching mechanisms that use a cache to store the most recently used destinations. A cache uses a faster searching mechanism than process switching does while storing the entire Layer 2 frame header to improve the encapsulation performance. In cache-driven switching, an entry is created in the cache when the first packet whose destination is not found in the fast-switching cache is process switched. The subsequent packets are switched in the interrupt code; this is how the cache improves performance. The most recent and preferred Cisco IOS platform switching mechanism is Cisco Express Forwarding (CEF), which incorporates the best of the previous switching mechanisms. One of the benefits of CEF is that this mechanism supports per-packet load balancing, which was previously supported only by process switching. CEF also supports per-source or per-destination load balancing, fast destination lookup, and many other features that are not supported by other switching mechanisms. CEF uses a Forwarding Information Base (FIB) to make IP destination prefix-based switching decisions. The FIB is conceptually similar to a routing table or information base. It maintains a mirror image of the forwarding information contained in the IP routing table. When routing or topology changes occur in the network, the IP routing table is updated, and those changes are reflected in the FIB. The FIB maintains next-hop address information based on the information in the IP routing table. Because there is a one-to-one correlation between FIB entries and routing table entries, the FIB contains all known routes and eliminates the need for route cache maintenance that is associated with switching paths such as fast switching and optimum switching. Cisco Express Forwarding

8 Standard IP Switching Overview
. . This graphic illustrates a specific sequence of events for process switching and fast switching for destinations that were learned through Border Gateway Protocol (BGP). Three events occur for both process switching and fast switching: When a BGP update is received and processed in the BGP table, if the update is selected as the best route, an entry is created in the routing table. When the first packet arrives for this destination, the router tries to find the destination in the fast-switching cache. Because the destination is not in the fast-switching cache, process switching has to switch the packet and a recursive lookup is performed to find the outgoing interface. If the Layer 2 address is not found in the cache, an Address Resolution Protocol (ARP) request is triggered. In this example, if the destination is in network /8, according to the BGP, the next hop to reach that network is To reach network /24, the outgoing interface is Ethernet 0. Once the pathway is found, an entry is created in the fast-switching cache. All subsequent packets for the same destination are fast switched according to a three-step procedure: The router processes the packet immediately because switching occurs in the interrupt code. The router performs fast destination lookup, but not recursive lookup. The encapsulation uses a pregenerated Layer 2 header that contains the destination and Layer 2 source (MAC) address. (No ARP request or ARP cache lookup is necessary.) When a router receives a packet that should be fast switched but the packet destination is not in the switching cache, the packet is process switched instead. To ensure that the subsequent packets for the same destination prefix will be fast switched, a full routing table lookup is performed and an entry is created in the fast switching cache. .

9 CEF Switching Overview
. . CEF uses an architecture that is different from process switching or any other cache-based switching mechanism. CEF uses a complete IP switching table and the FIB table. The FIB table holds the same information that the IP routing table holds. The generation of entries in the FIB table is not packet-triggered but change-triggered. When something changes in the IP routing table, the change is also reflected in the FIB table. Because the FIB contains the complete IP switching table, the router can make definitive decisions based on the information in the FIB table. Whenever a router receives a packet that should be CEF-switched but the destination is not in the FIB, the packet is dropped. The FIB table is also different from other fast-switching caches. This table does not contain information about the outgoing interface and the corresponding Layer 2 header. That information is stored in a separate table called the Adjacency Table. The Adjacency Table provides a copy of the ARP cache, but instead of holding only the destination MAC address, the table holds the Layer 2 header. .

10 MPLS Switching Overview
IP Domain R4 LSR R5 LSR Station B Station A R6 Edge LSR R1 Edge LSR R2 LSR R3 LSR L LSR This graphic illustrates a simple IP network using MPLS. In a standard IP network, R1 and R6 are edge routers and R2, R3, R4, and R5 are core routers. Core routers communicate with the external world through the edge routers. To use MPLS on this network, the core routers become label switching routers (LSRs) and edge routers become Edge LSRs. When IP packets enter the MPLS domain, the Edge LSR converts IP packets into MPLS packets by adding a label. When packets leave the MPLS domain, the Edge LSR converts the packets back from MPLS packets to IP packets by removing the label. Inside the domain, LSRs forward MPLS packets following instructions that the label contains. When the LSR receives an MPLS packet, the router inspects the packet to extract the information that the LSR needs to efficiently forward to the next hop within the MPLS network. This information is in the label. In the network shown, the frame generated by Station A follows the standard Ethernet format with a normal Layer 2 header followed by a Layer 3 header. Because the destination address resides in a different network, Station A targets the Layer 2 header to the station’s default gateway. In this case, the default gateway also serves as the Edge LSR (ingress side). The ingress LSR references the router’s internal switch table (the Label Forwarding Information Base [LFIB] table) and determines that the LSR needs to forward the frame toward the next LSR. The ingress LSR must then insert a label between the Layer 2 and Layer 3 headers to indicate what path the frame should travel on the way to Station B. Router 2 looks at the frame entering the port and determines that there is a label embedded between Layers 2 and 3. Therefore, the router treats the frame according to the configuration in the router LFIB. Each of the subsequent routers handles the frame in a similar manner until the frame reaches the egress LSR. The egress Edge LSR strips off all label information and passes a standard frame to Station B. Because each of the routers between Stations A and B can switch the frame based on the content in the LFIB and do not need to perform the usual routing operation, the frame is handled more quickly than the frame would be handled with other switching methods. Edge LSR MPLS IP MPLS MPLS Label Instructions Internal Table

11 MPLS Characteristics MPLS technology is intended to be used anywhere, regardless of Layer 1 media and Layer 2 protocol. MPLS uses a 32-bit label field that is inserted between Layer 2 and Layer 3 headers (frame mode MPLS). MPLS over ATM uses the ATM header as the label (cell mode MPLS). MPLS works on any media and Layer 2 encapsulation. Most Layer 2 encapsulations are frame-based, and MPLS simply inserts or imposes a 32-bit label between the Layer 2 and Layer 3 headers (frame mode MPLS). ATM is a special case that uses fixed-length cells, and a label cannot be added inside the cells because the cell length would exceed the fixed 53-byte size. MPLS thus uses the virtual path identifier/virtual channel identifier (VPI/VCI) fields in the ATM header as a label (cell mode MPLS).

12 Label Format Field Description 20-bit label
The actual label. Values 0 to 15 are reserved. 3-bit experimental (EXP) field Undefined in the RFC. Used by Cisco to define a class of service (CoS) (IP precedence). 1-bit bottom-of-stack indicator MPLS allows multiple labels to be inserted. The bottom-of-stack bit determines if this label is the last label in the packet. If this bit is set (1), the setting indicates that this label is the last label. 8-bit Time to Live (TTL) field Has the same purpose as the TTL field in the IP header. MPLS labels have a specific format and fields that assist in making forwarding decisions. The 32-bit MPLS label contains four fields.

13 Label Stack PID in a Layer 2 header specifies that the payload starts with a label (or labels) and is followed by an IP header. The bottom-of-stack bit indicates whether the next header is another label or a Layer 3 header. Receiving router uses the top label only. A label does not contain any information about the Layer 3 protocol that is being carried in a packet. This lack of information means that the identity of the network layer protocol must be inferable from the value of the label. However for Layer-2 protocols that have TYPE or PID fields new values indicate the MPLS-enabled Layer-3 protocol. As an example, a PPP frame carrying unicast MPLS would have a Protocol ID field set to 0x2081. In most cases only one label is assigned to a packet. There are some instances where more than one label is used: MPLS VPNs: Multiprotocol BGP (MP-BGP) is used to propagate a second label that identifies the VPN in addition to the label that is propagated by Label Distribution Protocol (LDP) to identify the path. MPLS Traffic Engineering (MPLS TE): Uses Resource Reservation Protocol (RSVP) to establish label switched path (LSP) tunnels. RSVP propagates labels that are used to identify the tunnel LSP. This label is in addition to the label that is propagated by LDP to identify the underlying LSP. MPLS VPNs combined with MPLS TE: Three or more labels are used to identify the VPN, tunnel LSP, and the underlying LSP. There are three Ethertype values that are used to identify Layer 3 protocols with most Layer 2 encapsulations: Unlabeled IP unicast: PID = 0x0800 identifies that the frame payload is a classic unicast IP packet. Labeled IP unicast: PID = 0x8847 identifies that the frame payload is a unicast IP packet with at least one label preceding the IP header. The bottom-of-stack bit indicates when the IP header actually starts. Labeled IP multicast: PID = 0x8848 identifies that the frame payload is a multicast IP packet with at least one label preceding the IP header. The bottom-of-stack bit indicates when the IP header actually starts.

14 Frame Mode MPLS Operation
This graphic shows an edge router that receives a normal IP packet. The MPLS label is often depicted as a new "shim layer" that has interposed itself between the network and data link layers. This layer is where the term "Layer 2.5 technology" comes from. Note: The type or protocol ID field indicates as MPLS enabled layer-3 protocol.

15 Major Components of MPLS Architecture
Control plane: Exchanges routing information and labels Contains complex mechanisms, such as OSPF, EIGRP, IS-IS, and BGP, to exchange routing information Exchanges labels, such as LDP, BGP, and RSVP Data plane: Forwards packets based on labels Has a simple forwarding engine To support multiple protocols, MPLS divides the classic router architecture into two major components: Control plane: Controls the routing information exchange and the label exchange between adjacent devices. Data plane: Also known as the forwarding plane, this plane controls forwarding based on either destination addresses or labels. The control plane and the data plane are the two main components of the MPLS architecture. The control plane is dependent on the routing protocol used: Open Shortest Path First (OSPF) Enhanced Interior Gateway Routing Protocol (EIGRP) Intermediate System-to-Intermediate System (IS-IS) Routing Information Protocol (RIP) BGP The control plane also requires label exchange protocols, including the MPLS LDP and BGP, which is used by MPLS VPN. MPLS Traffic Engineering uses RSVP to reserve resources, or bandwidth, in the network. The data plane is a simple label-based forwarding engine that is independent of routing or label exchange protocols. A Label Forwarding Information Base (LFIB) table stores the label information that the forwarding engine uses to forward packets. The LFIB table is populated by the label exchange protocol that is used, which is LDP, BGP, or RSVP.

16 Control Plane Components Example
MPLS can implement destination-based forwarding using labels to make forwarding decisions. In the example shown, a Layer 3 routing protocol is needed to propagate Layer 3 routing information. A label exchange mechanism is simply an add-on mechanism that propagates labels that are used for Layer 3 destinations. The figure illustrates the two components of the control plane: OSPF: Receives and forwards a routing update for IP network /8. LDP: Receives label 17 to use for packets with destination address 10.x.x.x. A local label 24 is generated and sent to upstream neighbors when the packets are destined for 10.x.x.x. LDP inserts an entry into the LFIB table of the data plane, where an incoming label 24 is mapped to an outgoing label 17. The data plane then forwards all packets with label 24 through the appropriate interfaces after swapping label 24 for label 17. Information from control plane is sent to the data plane.

17 Label Switch Routers (LSRs)
LSR primarily forwards labeled packets (swap label). Edge LSR: Labels IP packets (impose label) and forwards them into the MPLS domain. Removes labels (pop label) and forwards IP packets out of the MPLS domain. When discussing MPLS, there are two commonly used terms: LSR: A device that forwards packets primarily based on labels. Cisco calls this a provider router (P router). Edge LSR: A device that primarily labels packets or removes labels. Cisco calls this a provider edge router (PE router). LSRs and Edge LSRs forward packets by making switching decisions based on the MPLS label. LSRs and Edge LSRs are usually capable of doing both label switching and IP routing. Their names are based on the router positions in an MPLS domain. Routers that have all interfaces enabled for MPLS are called LSRs because they mostly forward labeled packets. Routers that have some interfaces that are not enabled for MPLS are usually at the edge of an MPLS domain—autonomous systems (ASs). These routers also forward packets based on IP destination addresses and label the packets if the outgoing interface is enabled for MPLS. For example, an Edge LSR receives a packet for destination , imposes label 21, and forwards the frame to the LSR in the MPLS backbone. LSR swaps label 21 with label 25 and forwards the frame. The edge LSR removes label 25 and forwards the packet based on IP destination address

18 Functions of LSRs Component Function Control plane
Exchanges routing information Exchanges labels Data plane Forwards packets (LSRs and Edge LSRs) The control plane and data plane in an LSR interact and enable label switching and forwarding of labeled packets to occur. All LSRs must perform a number of functions: Exchange routing information (control plane). Exchange labels (control plane). Forward packets (data plane). Frame mode MPLS forwards packets based on the 32-bit label.

19 Component Architecture of LSR
This graphic shows the component architecture of an LSR. The primary function of an LSR is to forward labeled packets. To accomplish this, every LSR needs a Layer 3 routing protocol and a protocol to exchange labels. LDP populates the LFIB table in the data plane that is used to forward labeled packets.

20 Component Architecture of Edge LSR
Edge LSRs also forward IP packets based on the IP destination addresses of the packet and, optionally, label the packets if a label exists. There are several possible combinations of forwarding and labeling packets: Forward the received IP packet based on the IP destination address and send as an IP packet Forward the received IP packet based on the IP destination address and send as a labeled packet Forward the received labeled packet based on the label, change (swap) the label, and send the labeled packet Forward the received labeled packet based on the label, remove the label, and send the IP packet These scenarios are possible if the network is not configured properly: A received labeled packet is dropped if the label is not found in the LFIB table, even if the IP destination exists in the IP forwarding table, also called the FIB. A received IP packet is dropped if the destination is not found in the IP forwarding table (FIB table), even if there is an MPLS label-switched path toward the destination.

21 Summary MPLS provides a blend of Layer 2 switching and Layer 3 routing to forward packets using short, fixed-length labels. MPLS provides fast routing for large networks. Only the edge routers perform a routing lookup, and core routers forward packets based on the labels. These two functions mean faster forwarding of packets through the SP network. The most recent and preferred Cisco IOS platform switching mechanism is Cisco Express Forwarding (CEF), which incorporates the best of the previous switching mechanisms. To support multiple protocols, MPLS divides the classic router architecture into two major components: control plane and data plane.

22 Q and A

23 Resources MPLS Overview
How Multiprotocol Label Switching Will Benefit the Internet

24

Download ppt "Implementing Secure Converged Wide Area Networks (ISCW)"

Similar presentations

MPLS VPN.

MPLS VPN.
Identifying MPLS Applications

Identifying MPLS Applications
Internetworking II: MPLS, Security, and Traffic Engineering

Internetworking II: MPLS, Security, and Traffic Engineering
Delivery and Forwarding of

Delivery and Forwarding of
© 2006 Cisco Systems, Inc. All rights reserved. MPLS  Multiprotocol Label switching.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS  Multiprotocol Label switching.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—2-1 Label Assignment and Distribution Introducing Typical Label Distribution in Frame-Mode MPLS.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—2-1 Label Assignment and Distribution Introducing Typical Label Distribution in Frame-Mode MPLS.
Introducing MPLS Labels and Label Stacks

Introducing MPLS Labels and Label Stacks
CS 672 1 Summer 2003 Lecture 6. CS 672 2 Summer 2003 Hierarchical LSP LSP1 LSP2 LSP3 Ingress LSR for LSP1 Egress LSR for LSP1 Ingress LSR for LSP3 Hierarchical.

CS Summer 2003 Lecture 6. CS Summer 2003 Hierarchical LSP LSP1 LSP2 LSP3 Ingress LSR for LSP1 Egress LSR for LSP1 Ingress LSR for LSP3 Hierarchical.
MPLS H/W update Brief description of the lab What it is? Why do we need it? Mechanisms and Protocols.

MPLS H/W update Brief description of the lab What it is? Why do we need it? Mechanisms and Protocols.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 4: Frame Mode MPLS Implementation.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 4: Frame Mode MPLS Implementation.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 4: Frame Mode MPLS Implementation.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 4: Frame Mode MPLS Implementation.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 4: Frame Mode MPLS Implementation.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 4: Frame Mode MPLS Implementation.
Chapter 19 Binding Protocol Addresses (ARP) Chapter 20 IP Datagrams and Datagram Forwarding.

Chapter 19 Binding Protocol Addresses (ARP) Chapter 20 IP Datagrams and Datagram Forwarding.
MPLS L3 and L2 VPNs Virtual Private Network –Connect sites of a customer over a public infrastructure Requires: –Isolation of traffic Terminology –PE,

MPLS L3 and L2 VPNs Virtual Private Network –Connect sites of a customer over a public infrastructure Requires: –Isolation of traffic Terminology –PE,
COS 420 Day 16. Agenda Assignment 3 Corrected Poor results 1 C and 2 Ds Spring Break?? Assignment 4 Posted Chap 16-20 Due April 6 Individual Project Presentations.

COS 420 Day 16. Agenda Assignment 3 Corrected Poor results 1 C and 2 Ds Spring Break?? Assignment 4 Posted Chap Due April 6 Individual Project Presentations.
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,

(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
1 Semester 2 Module 6 Routing and Routing Protocols YuDa college of business James Chen

1 Semester 2 Module 6 Routing and Routing Protocols YuDa college of business James Chen
MPLS Evan Roggenkamp. Introduction Multiprotocol Label Switching High-performance Found in telecommunications networks Directs data from one network node.

MPLS Evan Roggenkamp. Introduction Multiprotocol Label Switching High-performance Found in telecommunications networks Directs data from one network node.
1 Multi-Protocol Label Switching (MPLS) presented by: chitralekha tamrakar (B.S.E.) divya krit tamrakar (B.S.E.) Rashmi shrivastava(B.S.E.) prakriti.

1 Multi-Protocol Label Switching (MPLS) presented by: chitralekha tamrakar (B.S.E.) divya krit tamrakar (B.S.E.) Rashmi shrivastava(B.S.E.) prakriti.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—1-1 MPLS Concepts Introducing Basic MPLS Concepts.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—1-1 MPLS Concepts Introducing Basic MPLS Concepts.

Similar presentations

Ads by Google