CCIE notes – MPLS

MPLS IP Forwarding: Data Plane

– MPLS routers inject (push) or remove (pop) or forwards packets based on labels
– MPLS relies on the CEF while expanding the logic and data structures as well



LSR (Label Switch Router)

– any router that has awareness of MPLS Labels
FIB – used for incoming unlabled packets
LFIB – used for incoming labeled packets

MPLS header and Label
– header of 4 bytes, located before the IP header

MPLS header

EXP – experiemental (used for QoS)

S – bottom of the stack, if “1” it means the label immediatelly preceeding the IP header

TTL – time to live

MPLS TTL filed and MPLS TTL Propagation

-MPLS needs the TTL filed so it can completely ignore the encapsulation of the IP header TTL

– MPLS it only decrements its own TTL

By default this is how MPLS works:

Ingress E-LSR – after it decrements the IP TTL field, it copies the IP TTL field into the MPLS TTL filed

LSR – when it swaps the label it decrements the MPLS TTL

Egress E-LSR – decrements MPLS TTL, and copies the value into the IP TTL

Cisco can be configured to decrement MPLS propagation – when it is disabled, the MPLS TTL is 255 => the entire MPLS network appears as a single HOP, when you issue a traceroute

 

 

MPLS Forwarding – Control Plane

MPLS VPNs use 2 control planes: LDP and BGP (MP-BGP)

MPLS LDP Basics

LDP – Label Distribution Protocol

– used to advertise labels for each prefix in the IP routing table, it says “if you want to send packets to this IP prefix, send them to me with the label listed in the LDP update”

– LDP is striggered by a new IP route in the unicast routing table

1. Pe learns a new unicast IP route

2. PE allocates a new local label ( that doesn’t exist)

3. PE uses LDP to advertise to neigh the mapping between IP prefix and label to all LDP neigh

LSP – Label Switches Path

– unidirectional

MPLS LIB feeding FIB and LFIB

LIB – Label Information Based

LSR – Label Switch routers

LSR – stores labels and related information inside LIB

LIB – stores all labels and associated information, that could be used to forward a packet

– each must pick the best label and outgoing interface to actually use and then populate that information into the FIB and LFIB = > FIB and LFIB have only the best labels

LDP – use HELLO feature to discover LDP neighbors

– multicasts LSR are sent to 224.0.0.2 ( UDP port 646 , TDP uses UDP port 711_

– the HELLO lists the LSR’s LDP ID (2ID) which consists of a 32-bit dotted-decimal number and a 2byte label space number

– can list a “transparent address” in HELLO message, which is the IP address that LSR wants to use for any LDP TCP connection

– after becoming neighbors, they use the unicast address listed in the HELLOs. The address must be present in the IP routint table

 

LDP reference

LDP Feature LDP Implementation

Transport protocols UDP (Hellos) , TCP (updates)

Port Number 646 (LDP), 711 (TDP)

Hello dest address 224.0.0.2

Who initates TCP connection highest LDP ID

TCP connection uses this address Transparent IP address (if configurated) or LDP ID if no transparent address is configured

LDP ID determines by these rules, in order of precedance a. Configuration

b. Highest IP address of an up/up loopback interface, when LDP comes up

c. Highest IP address of an up/up non -loopback when LDP comes up

 

 

MPLS VPN

ATM and Frame Relay are replaced by MPLS VPNs

– use MPLS unicast IP forwarding with other ffeature

MPLS VPN – uses MP-BGP to overcome name of the challenges when connecting an IP network to a large nr. of customer IP internetworks

MPLS VPN VRFs – are used so you can have multiple routing tables

Router Roles: CE, PE, P

-both PE and P routers run LDP and an IGP to support unicast IP routing

– the IGP advertises routes only for subnets inside the MPLS networking, with no customer routes included => P and PE routes can together lable switch packets from the ingress PE to egress PE

– to keep track of all the routes from clients (that can override), the PE stores the routes in separate, per-customer routing tables, called VRFs

Then PE use IBGP to exchange the customer routes with other PEs – it never advertises the routes to other P routers

– PE places 2 lables on the packet:

1. An router MPLS header (S-bit = 0 ), with a label value that causes the packet to be label switches to the egress PE 0 used for the MPLS (to be forwarded through the MPLS network)

2. An INNER MPLS header (S-bit=1), with a label that identifies the egress VRF on which to base forwarding decision – used for the VPN (label for VPNs)

MPLS VPN Control Plane

1. VRFs

2. RD (Route Distinguishers)

3. RT (Route Targets)

1. VRFs

– to support multiple customers, MPLS includes the concept of virtual router

– MPLS routers need a minimal of one VRF for each customer attached to that particular router

Each VRF has

a. An IP routing table (RIB)

b. A CEF file, that is populated based on the RIB

c. A separate instance or process of the routing protocol used to exchange routes with the CEs, that need to be supported by the VRFs

MPLS deals with the overlapping prefix problem by adding another number in frount of the original BGP NLRI (prefix)

 

2. RDs

– allows GP to advertise and distinguish between duplicate IPv4 prefixes

– concept: advertises each prefix as a traditional IPv4 prefix but adds another number (the RD) that uniquely identifies the route

– the new prefix format, called VPNv4, has the following two parts

a. A 64-bit RD

b. A 32-bit IPv4 prefix

-every VRF must be configured with an RD

RD is made of 8 bytes and has 3 formats:

2-byte integer:4-byte-integer

4-byte-integer:2-byte-integer

4-byte-dotted-decimal:2-byte-integer

– in all 3 formats, the 1st value (before the colon) should be either an ASN or an IPv4 address

 

3. Route Targets (RT)

– are advertised in BGP updates, as BGP extended Community Path Attributes (PAs)

– BGP extended connections are 8 bytes in lenghts

RT values follow the same basic format as the values of an RD; for a particular prefix, only one RD is defined, but i can have one or more RTs

– MPLS use RT to determine into which VRFs a PE places iBGP learned routes

– uses “export” and “import” commands

“export” -redistribute out of the VRF into BGP

“import” -redistribute into the VRF from BGP

Overlapping VPNs

– can support overlapping VPNs by the virtue of the RT concept

– the RT concept allows an MPLS network to leak routes from multiple VPNs into a particular VRF

Configuration of the MPLS. Steps:

1. Create each VRF, RD and RT, plus association to the customer

2. Configure the IGP between PE and CE

3. Configure mutual redistribuition between IGP and BGP

4. Configure MP-BGP between PEs

Other MPLS Applications

1. FEC (Forwarding Equivalence Class)

– a set of packets that receives the same forwarding treatment by a single LSR

2. VRF-Lite – known as Multi-VRF CE, provides multiple instance of IP routing tables in a single router

VRF-Lite without MPLS

– allows two separate IP internetworks into different domains or grouping without req separate routers and without requiring separate physical connections