BRKMPL-1100

Introduction to MPLS
Anna Wielosz
Technical Marketing Manager, Cisco
anwielos@[Link]

Session Goals
Objectives

Understand history and business drivers for MPLS

Learn about MPLS customer and market segments

Understand the problems MPLS is addressing

Understand the major MPLS technology components

Understand typical MPLS applications

Understand benefits of deploying MPLS

Learn about MPLS futures; where MPLS is going

Agenda

Introduction

MPLS Technology Basics

MPLS Layer-3 VPNs

MPLS Layer-2 VPNs

Advanced Topics

Summary

Introduction

What Is MPLS?
Multi
Protocol

Multi-Protocol: The ability to carry any

payload

Have: IPv4, IPv6, Ethernet, ATM, FR

Label

Uses Labels to tell a node what to do

with a packet; separates forwarding
(hop by hop behavior) from routing
(control plane)

Switching

Routing == IPv4 or IPv6 lookup.

Everything else is Switching.

What is MPLS?
Brief Summary

Its all about labels

Use the best of both worlds

Layer-2 (ATM/FR): efficient forwarding and traffic engineering

Layer-3 (IP): flexible and scalable

MPLS forwarding plane

Use of labels for forwarding Layer-2/3 data traffic

Labeled packets are being switched instead of routed

Leverage layer-2 forwarding efficiency

MPLS control/signaling plane

Use of existing IP control protocols extensions + new protocols

to exchange label information

Leverage layer-3 control protocol flexibility and scalability

Evolution of MPLS
Technology Evolution and Main Growth Areas

Evolved from tag switching in 1996 to full IETF

standard, covering over 130 RFCs

Key application initially were Layer-3 VPNs,

followed by Traffic Engineering (TE),
and Layer-2 VPNs

Optimize MPLS
for SDN and Cloud
Optimize MPLS for
packet transport
Optimize MPLS for video

Complete base MPLS portfolio

First G-MPLS
Deployment

Bring MPLS to Market

First
L3VPNs
Deployed

Cisco ships
MPLS

1997 1998

First MPLS TE
Deployments

2001 2002

(Planned)
First Segment
Routing
Deployments

Large Scale
L2VPN
Deployments

First L2VPN
Deployments

1999 2000

(Planned)
First
SDN/PCE
Deployments

Large Scale
L3VPN
Deployments

2003 2004

Large Scale
MPLS TE
Deployments

2005 2006

2007 2008

First LSM
Deployments

First MPLS TP
Deployments

2009 2010 2011 2012

(Planned) First
PBB-EVPN
Deployments

2013 2014

2015

MPLS Technology Basics

Topics
Basics of MPLS Signaling and Forwarding

MPLS reference architecture

Service (Clients)

MPLS Labels
Layer-3 VPNs

MPLS signaling and forwarding

operations

Layer-2 VPNs

Transport

MPLS Traffic Engineering

IP/MPLS (LDP/RSVP-TE/BGP/OSPF/IS-IS)

MPLS OAM
MPLS Forwarding

MPLS OAM

Management

MPLS Reference Architecture

Different Type of Nodes in a MPLS Network

P (Provider) router
MPLS Domain

Label switching router (LSR)

Switches MPLS-labeled packets

PE (Provider Edge) router

CE

PE

PE

CE

Label edge router (LER)

Imposes and removes MPLS labels

CE

CE (Customer Edge) router

Connects customer network to MPLS

network

CE
PE

P
Label switched traffic

PE

MPLS Labels
Label Definition and Encapsulation

Labels used for making

forwarding decision

MPLS Label Stack Entry

Label = 20 bits

TC

TTL

TC = Traffic Class: 3 Bits; S = Bottom of Stack; TTL = Time to Live

Multiple labels can be used for

MPLS packet encapsulation

No limit on the number of labels in a

stack

Outer label always used for

switching MPLS packets in network

Inner labels usually used for

services (e.g. L2/L3 VPN)

LAN MAC Header

Label, S=1

Layer 3
Packet

MPLS Label Stack (1 label)

LAN MAC Header

Label, S=0

Label, S=1

MPLS Label Stack (2 labels)

Layer 3
Packet

MPLS QoS
QoS Marking in MPLS Labels

MPLS label has 3 Traffic Class (TC) bits

Used for packet classification and prioritization

Similar to Type of Service (ToS) field in IP packet

(DSCP values)

DSCP values of IP packet mapped into TC bits

of MPLS label

At ingress PE router

Most providers have defined 35 service

classes (TC values)

Different DSCP <-> TC mapping schemes

possible

MPLS DiffServ Marking

in Traffic Class Bits

Uniform mode, pipe mode, and short pipe mode

TC
Layer-2 Header

MPLS Header

IP DiffServ Marking

DSCP

Layer 3 Header

Basic MPLS Forwarding Operations

How Labels Are Being Used to Establish End-to-end Connectivity

Label imposition (Push)

By ingress PE router; classify and label

packets
Based on Forwarding Equivalence Class
(FEC)

Label swapping

Label Imposition
(Push)

By P router; forward packets using labels;

indicates service class & destination

CE

PE

Label Swap

Label Swap

L1

Label Disposition
(PoP)

PE
L3

L2

CE

CE

Label disposition (Pop)

By egress PE router; remove label and

forward original packet to destination CE

CE

PE

PE

MPLS Path (LSP) Setup and Traffic Forwarding

MPLS Traffic Forwarding and MPLS Path (LSP) Setup

LSP signaling protocols

Forwarding

MPLS

Destination address
based

Label based

Forwarding table learned

from control plane

Label bindings
Downstream MPLS node advertises what
label to use to send traffic to node

MPLS forwarding

MPLS Forwarding table (Forwarding

Information Base FIB)

Forwarding table learned

from control plane
TTL support

TTL support

Exchange of labels

Either LDP* or RSVP

Leverages IP routing
Routing table (Routing Information Base
RIB)

IP

Control Plane

OSPF, IS-IS, BGP

LDP, RSVP, BGP,

OSPF, IS-IS

Packet
Encapsulation

IP Header

One or more labels

QoS

8 bit TOS field in IP

header

3 bit TC field in label

OAM

IP ping, traceroute

MPLS OAM

(*) LDP signaling assumed for next the examples

MPLS Path (LSP) Setup

Signaling Options

LDP signaling

LDP

Leverages existing routing

Forwarding path

RSVP signaling

Aka MPLS RSVP / TE

Enables enhanced capabilities, such
as Fast ReRoute (FRR)

LSP

Can use both protocols

simultaneously

Forwarding
Calculation

Packet
Encapsulation

Shortest-Path based

Single label

LSP or TE Tunnel
Primary and, optionally, backup
Based on TE topology
database
Shortest-path and/or other
constraints
(CSPF calculation)

One or two labels

Initiated by head-end node

towards tail-end node

They work differently, they solve

different problems
Dual-protocol deployments are very
common

Based on IP routing database

RSVP

By each node independently

Signaling

Uses existing routing

protocols/information

Uses routing protocol

extensions/information
Supports bandwidth reservation
Supports link/node protection

MPLS Path (LSP) Setup with LDP

Step 1: IP Routing (IGP) Convergence

Exchange of IP routes

OSPF, IS-IS, EIGRP, etc.

Establish IP reachability

Forwarding Table
In
Address
Label Prefix

Out Out
Iface Label

Forwarding Table
In
Address
Label Prefix

Forwarding Table

Out Out
Iface Label

128.89

128.89

171.69

171.69

In
Address
Label Prefix

Out Out
Iface Label

128.89

128.89

1
0

You Can Reach 128.89 and

171.69 Thru Me

Routing Updates
(OSPF, EIGRP, )

You Can Reach 128.89 Thru Me

11

You Can Reach 171.69 Thru Me

171.69

IP Packet Forwarding Example

Basic IP Packet Forwarding

IP routing information exchanged

between nodes

Via IGP (e.g., OSFP, IS-IS)

Packets being forwarded based on

destination IP address

Lookup in routing table (RIB)

Forwarding
Table

Forwarding
Table

Address

I/F

Address

I/F

128.89

128.89

171.69

171.69

Forwarding
Table
Address

I/F

128.89

171.69

128.89

0
[Link] Data

[Link] Data

1
[Link] Data

[Link] Data
171.69

MPLS Path (LSP) Setup with LDP

Step 2: Assignment of Remote Labels

Local label mapping are sent to

connected nodes
Receiving nodes update forwarding
table

Forwarding Table
In Address Out Out
Label Prefix IfaceLabel
128.89
1
20

Forwarding Table

Forwarding Table

In Address Out Out

In Address Out Out
Label Prefix IfaceLabel Label Prefix IfaceLabel
20 128.89
0
30
30
128.89
0
-

171.69

21

21

171.69

36

Out label

LDP label advertisement happens in

parallel (downstream unsolicited)

128.89
0

Use Label 20 for 128.89 and

Use Label 21 for 171.69

Label Distribution
Protocol (LDP)
(Downstream
Allocation)

Use Label 30 for 128.89

11

Use Label 36 for 171.69

171.69

MPLS Traffic Forwarding with LDP

Hop-by-hop Traffic Forwarding Using Labels

Ingress PE node adds label to

packet (push)

Forwarding Table

Forwarding Table

In Address Out Out

Label Prefix IfaceLabel
128.89
1
20

Via forwarding table

Downstream node use label for

forwarding decision (swap)

171.69

21

21

171.69

36

Egress PE removes label and

forwards original packet (pop)

0 128.89

Outgoing interface
Out label

Forwarding Table

In Address Out Out

In Address Out Out
Label Prefix IfaceLabel Label Prefix IfaceLabel
20 128.89
0
30
30
128.89
0
-

0
[Link] Data

1
[Link] Data

30 [Link] Data
20 [Link] Data

11

Forwarding based on
Label

171.69

MPLS Traffic Forwarding with LDP

Quick recap

Routing protocol distributes routes

LDP distributes labels that map to routes

Packets are forwarded using labels

So what?

MPLSs benefit shows up later, in two places:

Divergence from IP routed shortest path

Payload-independent tunneling

MPLS Path (RSVP) Setup

MPLS-TE lets you deviate from the IGP shortest-cost path

This gives you lots of flexibility around how you send traffic across your network

Three steps:

Information distribution
Path calculation
LSP signaling

MPLS Path (RSVP) Setup

Flood link characteristics in the IGP

Reservable bandwidth, link colors,

other properties
IP/MPLS

R1

R8

TE
Topology
database

MPLS Path (RSVP) Setup

IGP: Find shortest (lowest cost) path

to all nodes
TE: Per node, find the shortest
(lowest cost) path which meets
constraints

Find
shortest
path to R8
with 8Mbps

Link with insufficient bandwidth

Link with sufficient bandwidth

IP/MPLS

R1
15

10
10

R8

10

10

TE
Topology
database

MPLS Path (RSVP) Setup

Set up the calculated path using

RSVP (Resource ReSerVation
Protocol)

IP/MPLS

Head end

Once labels are learned, theyre

programmed just like LDP labels
At the forwarding level, you cant tell
whether your label came from RSVP
or LDP
All the hard work is in the control plane
No per-packet forwarding hit for any of
this

L=16
RESV

Tail end

PATH

Input
Label

Out Label,
Interface

17

16, 0

TE LSP

Topic covered in detail in

BRKMPL-2100 (MON)

MPLS TE Fast ReRoute (FRR)

Implementing Network Failure Protection Using MPLS RSVP/TE

Steady state

Primary tunnel:

Router A

Router B

Router D

Router E

ABDE

Backup tunnel:

B C D (pre-provisioned)

Failure of link between router B and

D

Traffic rerouted over backup tunnel

Recovery time 50 ms

Primary Tunnel

Backup Tunnel

Actual Time VariesWell Below 50

ms in Lab Tests

Router Y

Router X
Router C

MPLS OAM
Tools for Reactive and Proactive Trouble Shooting of MPLS Connectivity

MPLS LSP Ping

MPLS LSP Trace

Used for testing hop-by-hop tracing of MPLS path similar to traceroute

Can we used for path tracing LDP-signaled LSPs and TE tunnels

MPLS LSP Multipath (ECMP) Tree Trace

Used for testing end-to-end MPLS connectivity similar to IP ping

Can we used to validate reachability of LDP-signaled LSPs, TE tunnels, and PWs

Used to discover of all available equal cost LSP paths between PEs
Unique capability for MPLS OAM; no IP equivalent!

Auto IP SLA

Automated discovery of all available equal cost LSP paths between PEs
LSP pings are being sent over each discovered LSP path

Summary
Key Takeaways

MPLS networks consist of PE routers at in/egress and P routers in core

Traffic is encapsulated with label(s) at ingress (PE router)

Labels are removed at egress (PE router)

MPLS forwarding operations include label imposition (PUSH), swapping, and

disposition (POP)

LDP and RSVP can be used for signaling label mapping information to set up an
end-to-end Label Switched Path (LSP)

RSVP label signaling enables setup of TE tunnels, supporting enhanced traffic

engineering capabilities; traffic protection and path management

MPLS Virtual Private

Networks

MPLS Virtual Private Networks

Topics

Basic MPLS VPN deployment

scenario
Technology options

Management

Service (Clients)
Layer-3 VPNs

Layer-2 VPNs

Transport

IP/MPLS (LDP/RSVP-TE/BGP/OSPF/IS-IS)

MPLS Forwarding

MPLS OAM

Definition of MPLS VPN service

What Is a Virtual Private Network?

Definition

Set of sites which communicate with each other in a secure way

Typically over a shared public or private network infrastructure

Defined by a set of administrative policies

Policies established by VPN customers themselves (DIY)

Policies implemented by VPN service provider (managed/unmanaged)

Different inter-site connectivity schemes possible

VPN sites may be either within the same or in different organizations

Full mesh, partial mesh, hub-and-spoke, etc.

VPN can be either intranet (same org) or extranet (multiple orgs)

VPNs may overlap; site may be in more than one VPN

MPLS VPN Example

Basic Building Blocks

VPN policies

VPN signaling

VPN traffic forwarding

Between PEs
Exchange of VPN policies

Additional VPN-related MPLS label

encapsulation

PE-CE link

Connects customer network to MPLS

network; either layer-2 or layer-3

BGP Route Reflector

PE-CE
Link

Configured on PE routers (manual

operation)

PE

CE

VPN
Signaling

PE-CE
Link

PE

VPN
Policy

CE
VPN
Policy
VPN
Policy

VPN

CE Policy
PE

PE

CE

MPLS VPN Models

Technology Options

MPLS VPN Models

MPLS Layer-3 VPNs

Peering relationship between CE and
PE

MPLS Layer-2 VPNs

MPLS Layer-2 VPNs

Interconnect of layer-2 Attachment

Circuits (ACs)

Point-to-Point
Layer-2 VPNs

Multi-Point
Layer-2 VPNs

CE
connected
to PE via L2
(Eth, FR,
ATM, etc)
connection

CE
connected to
PE Ethernet
connection

CE-CE L2
p2p
connectivity
CE-CE
routing; no
SP
involvement

MPLS Layer-3 VPNs

CE connected to PE via IPbased connection (over any
layer-2 type)
Static routing
PE-CE routing protocol;
eBGP, OSPF, IS-IS

CE-CE L2
(Eth) mp
connectivity

CE routing has peering

relationship with PE router; PE
routers are part of customer
routing

CE-CE
routing; no
SP
involvement

PE routers maintain customerspecific routing tables and

exchange customer=specific
routing information

Topic covered in detail in

BRKMPL-2102 (WED)

MPLS Layer-3 Virtual

Private Networks

MPLS Layer-3 Virtual Private Networks

Topics

Technology components

Management

Service (Clients)

VPN control plane mechanisms

Layer-3 VPNs

VPN forwarding plane

Deployment use cases

Business VPN services

Network segmentation
Data Center access

Transport

IP/MPLS (LDP/RSVP-TE/BGP/OSPF/IS-IS)

MPLS Forwarding

MPLS OAM

Layer-2 VPNs

MPLS Layer-3 VPN Overview

Technology Components

VPN policies

VPN signaling

Between PE routers: customer routes exchanged via BGP (MP-BGP)

VPN traffic forwarding

Separation of customer routing via virtual VPN routing table (VRF)

In PE router, customer interfaces are connected to VRFs

Separation of customer VPN traffic via additional VPN label

VPN label used by receiving PE to identify VPN routing table

PE-CE link

Can be any type of layer-2 connection (e.g., FR, Ethernet)

CE configured to route IP traffic to/from adjacent PE router
Variety of routing options; static routes, eBGP, OSPF, IS-IS

Virtual Routing and Forwarding Instance

Virtual Routing Table and Forwarding to Separate Customer Traffic

Virtual routing and forwarding table

On PE router
Separate instance of routing (RIB) and
forwarding table

CE

Typically, VRF created for each

customer VPN

Separates customer traffic

VRF associated with one or more

customer interfaces

VRF has its own routing instance for PECE configured routing protocols

E.g., eBGP

VRF
Green

VPN 1

MPLS Backbone

CE
VPN 2

PE

VRF
Blue

VPN Route Distribution

Exchange of VPN Policies Among PE Routers

Full mesh of BGP sessions among

all PE routers

Or BGP Route Reflector (common)

Multi-Protocol BGP extensions (MPiBGP) to carry VPN policies

CE

PE-CE routing options

CE

Static routes
eBGP
OSPF
IS-IS
EIGRP

BGP Route Reflector

PE-CE
Link

PE

PE-CE
Link

PE

Blue VRF

CE
Blue VRF
Red VRF

Red VRF

CE
PE

PE

VPN Control Plane Processing

Make customer routes unique:

Route Distinguisher (RD):

8-byte field, VRF parameters; unique value to make VPN IP routes unique
VPNv4 address: RD + VPN IP prefix

Selective distribute VPN routes:

Route Target (RT):

8-byte field, VRF parameter, unique value to define the import/export rules for VPNv4
routes
MP-iBGP: advertises VPNv4 prefixes + labels

VPN Control Plane Processing

Interactions Between VRF and BGP VPN Signaling

CE1 redistribute IPv4 route to PE1 via

eBGP

PE1 allocates VPN label for prefix learnt

from CE1 to create unique VPNv4 route

PE1 redistributes VPNv4 route into MPiBGP, it sets itself as a next hop and
relays VPN site routes to PE2

PE2 receives VPNv4 route and, via

processing in local VRF (green), it
redistributes original IPv4 route to CE2

eBGP:
16.1/16

CE1

PE1

BGP advertisement:
VPN-IPv4 Addr = RD:16.1/16
BGP Next-Hop = PE1
Route Target = 100:1
Label=42

Blue VPN

ip vrf blue-vpn
RD 1:100
VRF parameters:
route-target export
Name = blue-vpn
1:100
RD = 1:100
route-target import
Import Route-Target = 100:1
1:100
Export Route-Target = 100:1

eBGP:
16.1/16
PE2

CE2

VPN Forwarding Plane Processing

Forwarding of Layer-3 MPLS VPN Packets

CE2 forwards IPv4 packet to PE2

PE2 imposes pre-allocated VPN label to

IPv4 packet received from CE2

Learned via MP-IBGP

PE2 imposes outer IGP label A (learned

via LDP) and forwards labeled packet to
next-hop P-router P2
P-routers P1 and P2 swap outer IGP
label and forward label packet to PE1

IPv4

A->B (P2) and B->C (P1)

Router PE1 strips VPN label and IGP

labels and forwards IPv4 packet to CE1

IGP
Label C

VPNv4
Label

IGP
Label B

IPv4

VPNv4
Label

IGP
Label A

IPv4

IPv4

IPv4

IPv4
Packet

IPv4
Packet

CE1

VPNv4
Label

PE1

P1

P2

PE2

CE2

Service Provider Deployment Scenario

MPLS Layer-3 VPNs for Offering Layer-3 Business VPN Services

Deployment Use Case

Benefits

Leverage same network for multiple

services and customers (CAPEX)

Managed VPN Service

Delivery of IP VPN services to

business customers

Highly scalable

Service enablement only requires

edge node configuration (OPEX)
Different IP connectivity can be easily
configured; e.g., full/partial mesh

Unmanaged VPN Service

CPE

Edge

Core

VPN Core

Edge

CPE

Enterprise Deployment Scenario

MPLS Layer-3 VPNs for Implementing Network Segmentation

Deployment Use Case

Segmentation of enterprise network to

provide selective connectivity for
specific user groups and organizations

Benefits

Network segmentation only requires

edge node configuration
Flexible routing; different IP
connectivity can be easily configured;
e.g., full/partial mesh

MPLS VPNs for L3 Network

Segmentation

Access

Edge

Core

VPN Core

Edge

Access

Data Center Deployment Scenario

MPLS Layer-3 VPNs for Segmented L3 Data Center Access and Interconnect

MPLS VPNs terminating on DC

aggregation

Deployment Use Case

Segmented WAN Layer-3 at Data

Center edge
Layer-3 segmentation in Data Center

MPLS VPNs
at DC edge
Access
Top Of Rack Distribution

Core

Benefits

Only single Data Center edge node

needed for segmented layer-3 access
Enables VLAN/Layer-2 scale (> 4K)

Data Center

Core

Edge

MPLS L3 VPN: Build vs buy?

Key consideration: bringing SP into the customers routing domain

Easy to solve with BGP, the worlds only political routing protocol!

Also works with static routes: no dynamic handoff, no potential for dynamic
mess

BGP and static are very popular

EIGRP, OSPF, RIP are also options

Summary
Key Takeaways

MPLS Layer-3 VPNs provide IP connectivity among CE sites

MPLS VPNs enable full-mesh, hub-and-spoke, and hybrid IP connectivity

CE sites connect to the MPLS network via IP peering across PE-CE links

MPLS Layer-3 VPNs are implemented via VRFs on PE edge nodes

VRFs providing customer routing and forwarding segmentation

BGP used for signaling customer VPN (VPNv4) routes between PE nodes

To ensure traffic separation, customer traffic is encapsulated in an additional VPN label

when forwarded in MPLS network

Key applications are layer-3 business VPN services, enterprise network segmentation,
and segmented layer-3 Data Center access

Topic covered in detail in

BRKMPL-2101 (TUE)

MPLS Layer-2 Virtual

Private Networks

MPLS Layer-2 Virtual Private Networks

Topics

L2VPN technology options

Management

Service (Clients)

P2P services (VPWS)

MP2MP services (VPLS / xEVPN)

Overview & Technology Basics

VPN control / forwarding plane

Deployment use cases

L2 Business VPN services

Data Center Interconnect

Layer-3 VPNs

Layer-2 VPNs

Transport

IP/MPLS (LDP/RSVP-TE/BGP/OSPF/IS-IS)

MPLS Forwarding

MPLS OAM

Overview & Technology Basics

VPN control plane
VPN forwarding plane

MPLS Layer-2 Virtual Private Networks

Technology Options

VPWS services

VPLS services

Multipoint

MPLS Layer-2 VPNs

Point-to-Point
Layer-2 VPNs (VPWS)

Multipoint-to-Multipoint
Layer-2 VPNs

EVPN

Point-to-point
Referred to as Pseudowires (PWs)

Multipoint with BGP-based MAC learning

PBB-EVPN

Combines scale tools from PBB (aka MACin-MAC) with BGP-based MAC learning
from EVPN

VPLS

EVPN

PBB-EVPN

Virtual Private Wire Services (VPWS)

Overview of Pseudowire (PW) Architecture

Based on IETFs Pseudo-Wire (PW)

Reference Model

Attachment
Circuit (AC)

Attachment
Circuit (AC)

Pseudo-Wire 1

Enables transport of any Layer-2 traffic

over MPLS

PE2

PE1

CE
Layer-2

PE-CE link is referred to as Attachment

Circuit (AC)

Provides a p2p service

Discovery: manual (config)

Signaling: LDP

Learning: none

CE
Layer-2

CE

CE
Layer-2

PE3

Pseudo-Wire 2

Emulated Layer-2 Service

Layer-2

PE4

VPWS Control Plane Processing

Signaling of a New Pseudo-Wire
(1) New Virtual Circuit (VC) cross-connect
connects customer L2 interface (AC) to
new PW via VC ID and remote PE ID
(2) New targeted LDP session between
PE1 and PE2 is established, in case one
does not already exist
(3) PE binds VC label with customer layer2 interface and sends label-mapping to
remote PE
(4) Remote PE receives LDP label binding
message and matches VC ID with local
configured VC cross-connect

3
4
CE1

Label Mapping Messages

4
LDP session

PE1

PE2

Emulated Layer-2 Service

CE2

VPWS Forwarding Plane Processing

Forwarding of Layer-2 Traffic Over PWs

CE2 forwards L2 packet to PE2.

PE2 pushes VC (inner) label to L2 packet

received from CE2

Optionally, a control word is added as well (not

shown)

Eth

P2 and P1 forward packet using outer (tunnel)

label (swap)

Router PE1 pops Tunnel label and, based on

VC label, L2 packet is forwarded to customer
interface to CE1, after VC label is removed

In case control word is used, new layer-2 header is

generated first

PW
Label

IGP
Label B

Eth

PW
Label

IGP
Label A

Eth

PW
Label

Eth

Eth

Ethernet
Frame

Ethernet
Frame

PE2 pushed outer (Tunnel) label and forwards

CE1
packet to P2

IGP
Label C

PE1

P1

P2

PE2

CE2

Virtual Private LAN Services

Overview of VPLS Architecture

VPLS network acts like a virtual

switch that emulates conventional
L2 bridge

Fully meshed or Hub-Spoke

topologies supported

Provides a multipoint ethernet

service

Attachment
Circuit (AC)

Attachment
Circuit (AC)

PE2

PE1

CE
Eth

Eth

CE

CE
Eth

Eth

PE4

PE3

Discovery: manual or auto (BGP)

Emulated Virtual Switch

Signaling: LDP or BGP (PW label)

Learning: data plane

CE

Pseudo-Wire

Topic covered in detail in

BRKMPL-2333 (THU)

EVPN

Ethernet VPN

Provides a multipoint ethernet

service

Discovery: BGP, using MPLS VPN

mechanisms (RT)

Signaling: BGP (MAC prefixes)

Learning: Control plane (BGP)

Allows for multihomed CEs

BGP advertisement:
L2VPN/EVPN Addr = [Link]
BGP Next-Hop = PE1
Route Target = 100:1
Label=42

BGP RR
CE1

PE 3

PE 1

CE3

CE4

CE2
PE 4

PE 2

Emulated Virtual Switch

Topic covered in detail in

BRKMPL-2333 (THU)

PBB-EVPN

BGP advertisement:
L2VPN/EVPN Addr = PE1.B-MAC
BGP Next-Hop = PE1
Route Target = 100:1
Label=42

Combines Provider Backbone Bridging

(MAC-in-MAC) with EVPN

Scales better than EVPN

Removes the need to advertise Customer CE-CE MAC addresses learned in the data plane)
MAC addresses in BGP
BGP RR

Provides multipoint ethernet service

Discovery: BGP, using MPLS VPN

mechanisms (RT)

CE1

PE 3 B-MAC
CE3

B-MAC PE 1

B-MAC

CE2

Signaling: BGP (B-MAC prefixes)

Learning: Control plane (BGP) and

forwarding plane

B-MAC

PE 4

PE 2

Emulated Virtual Switch

Allows for multihomed CEs

C-MAC = Customer MAC address

B-MAC = Backbone MAC address

CE4

Service Provider Deployment Scenario

PWs for Offering Layer-2 Business VPN Services

Deployment Use Case

Delivery of E-LINE services to

business customers
Layer-2 VPN Service

Benefits

Leverage same network for multiple

services and customers (CAPEX)

Highly scalable

Service enablement only requires

edge node configuration (OPEX)

CE

PE

PE

CE

Data Center Deployment Scenario

VPLS for Layer-2 Data Center Interconnect (DCI) Services

Deployment Use Case

E-LAN services for Data Center

interconnect

Benefits

Data Center

Single WAN uplink to connect to

multiple
Data Centers
Easy implementation of segmented
layer-2 traffic between Data Centers

DC
Edge

Data Center
DC
Edge

Core

Core

Edge
Data Center

Edge

DC
Edge
Core

Core

Edge

Summary
Key Takeaways

L2VPNs enable transport of any Layer-2 traffic over MPLS network

L2 packets encapsulated into additional VC label

Both LDP and BGP can be used Pseudowire (PW) signaling

PWs suited for implementing transparent point-to-point connectivity between Layer-2 circuits (E-LINE
services)

VPLS suited for implementing transparent point-to-multipoint connectivity between Ethernet links/sites
(E-LAN services)

EVPN / PBB-EVPN are next-generation L2VPN solutions based on BGP control-plane for MAC
distribution/learning over the core

Typical applications of L2VPNs are layer-2 business VPN services and Data Center interconnect

Topics covered in detail in

BRKMPL-3101 ( WED/THU)

Advanced Topics

Segment Routing
Control Plane

Segment routing provides

Rich forwarding behaviors

Minimal forwarding state (encapsulated in packet)

Simple IS-IS / OSPF extensions program MPLS

forwarding plane

IGP advertises

101

102

203
202

201

201

103

Node segment id (label) per node (globally significant)

Adjacency segment id (label) per link (locally significant)

Packet with node segment id forwarded along shortest

path to destination

Packet with adjacency segment id forwarded over

adjacency

Segment can be represented as an MPLS label or as

IPv6 IP address which allows seamless end to end
paths over MPLS and IPv6 networks

203
202

105

104

Adjacency Segment
Identifier (label)

Node Segment
Identifier (label)

Segment Routing
Forwarding Plane
Adjacency Path

Node Path
A

Combined Path
A

B
102

202

202

201

103
202

103
Payload

Payload

D
(php)

202
201
202

201
202

202

Payload

Payload

Payload

Payload

D
102
202

202

Payload

Payload

D
(php)

Payload

Enhanced Path Computation for MPLS TE LSPs

with Path Computation Element (PCE)
Inter-Area MPLS TE

SDN WAN Orchestration

Application
Stateless PCE

Path Request
LSP DB
Stateful PCE

Stateless PCE
(ABR)

Stateless PCE
(ABR)

PCEP

PCEP

PCEP
Stateless PCC

Area 1

TED

TED

Area 0

PCEP

BGP-LS /
SNMP / CLI

BGP-LS /
SNMP / CLI

Area 0

Area 2

Stateful
PCC

PCC-initiated
LSP
Stateless
PCC

Area 1

Area 2

PCC-initiated
LSP

PCE-initiated
LSP

ABRs act as stateless PCEs

Out-of-network, stateless PCE server

Out-of-network, stateful PCE server

ABRs implement backward recursive PCE-

PCC initiates LSPs

PCE always initiates LSPs

Introduced in IOS XR 3.5.2

Introduced in IOS XR 5.1.1

Based Computation
Introduced in IOS XR 3.5.2

MPLS for IPv6 over IPv4

IPv6 Support for Native MPLS Deployments and MPLS Layer-3 Services

MPLS allows IPv6 to be deployed

as an edge-only service, no need to
run v6 in the core

Easier to deploy
Security mechanism

IPv6

CE

6PE: All IPv6 can see each other

(single VPN)

IPv6+label (no RD, no RT)

6VPE: Separate IPv6 VPNs

VPNv6, includes RD and RT

IPv6

CE

6PE

6VPE

IPv6

IPv4 MPLS

6PE

IPv6

IPv4 MPLS

CE

6VPE

CE

LDPv6
LDP for Native IPv6

LDPv6 provides label binding for

IPv6 prefixes
The implementation is specified in
RFC 5036 and draft-ietf-mpls-ldpipv6

IPv6

With IPv6 support LDP can address

Single stack deployments

Dual stack deployments

CE

IPv6
MPLS

IPv6
MPLS

CE

IPv6

IPv6
MPLS

IPv6/v4
MPLS

CE

IPv6/v4
MPLS

IPv6/v4
MPLS

IPv6

IPv6

CE

Label Switched Multicast (LSM)

Point-to-Multi-Point MPLS Signaling and Connectivity

What is Label Switched Multicast?

Uni-Directional
LSP

MPLS extensions to provide

P2MP connectivity
RSVP extensions and multicast LDP

MPLS /
IP
IP/MPLS

Why Label-Switched Multicast?

Enables MPLS capabilities, which can

not be applied to IP multicast traffic
(e.g., FRR)

P2MP or MP2MP
LSP Tree

Benefits of Label-Switched Multicast Label Switched

Efficient IP multicast traffic forwarding

Enables MPLS traffic protection and
BW control of IP multicast traffic

Multicast (LSM)
IP/MPLS

Futures
New MPLS Deployments Models on the Horizon

WAN Orchestration
PCE/SDN

MPLS Multilayer
Optimization
PCE/GMPLS

Control Plane
Simplification
Segment Routing

Summary

Summary
Key Takeaways

Its all about labels

Key MPLS applications are end-to-end VPN services

QoS, bandwidth control, and failure protection

MPLS is a mature technology with widespread deployments

Secure and scalable layer 2 and 3 VPN connectivity

MPLS supports advanced traffic engineering capabilities

Label-based forwarding and protocol for label exchange

Best of both worlds L2 deterministic forwarding and scale/flexible L3 signaling

De facto for most SPs, large enterprises, and increasingly in Data Centers

Ongoing technology evolution

Control-plane simplification (Segment Routing) and WAN orchestration (PCE/SDN)

Consider MPLS When

Decision Criteria

Is there a need for network segmentation?

Is there a need for flexible connectivity?

Leverage same network for multiple services

Are there specific scale requirements?

E.g., Flexible configuration of full-mesh or hub-and-spoke connectivity

Is there a need for implementing/supporting multiple (integrated) services?

Segmented connectivity for specific locations, users, applications, etc.

Large number of users, customer routes, etc.

Is there a need for optimized network availability and performance?

Node/link protection, pro-active connectivity validation

Bandwidth traffic engineering and QoS traffic prioritization

MPLS Sessions at Cisco Live

BRKMPL-1100

Introduction to MPLS

BRKMPL-2100

Deploying MPLS Traffic Engineering

BRKMPL-2101

Deploying MPLS-based Layer 2 Virtual Private Networks

BRKMPL-2102

Deploying MPLS-based IP VPNs

BRKMPL-2108

Designing MPLS in Next Generation Data Center: A Case Study

BRKMPL-2333

E-VPN & PBB-EVPN: the Next Generation of MPLS-based L2VPN

BRKMPL-3101

Advanced Topics and Future Directions in MPLS

BRKRST-2124

Introduction to Segment Routing

BRKRST-3122

Segment Routing: Technology and Use-cases

MPLS Sessions at Cisco Live (cont.)

LTRRST-2332

Segment Routing

LTRMPL-2102

Enterprise Network Virtualization using IP and MPLS Technologies: Introduction

LTRMPL-3102

Enterprise Network Virtualization using IP and MPLS Technologies: Advanced

TECMPL-3200

SDN WAN Orchestration in MPLS and Segment Routing Networks

Terminology Reference
Acronyms Used in MPLS Reference Architecture
Terminology

Description

AC

Attachment Circuit. An AC Is a Point-to-Point, Layer 2 Circuit Between a CE and a PE.

AS

Autonomous System (a Domain)

CoS

Class of Service

ECMP

Equal Cost Multipath

IGP

Interior Gateway Protocol

LAN

Local Area Network

LDP

Label Distribution Protocol, RFC 3036.

LER

Label Edge Router. An Edge LSR Interconnects MPLS and non-MPLS Domains.

LFIB

Labeled Forwarding Information Base

LSP

Label Switched Path

LSR

Label Switching Router

NLRI

Network Layer Reachability Information

P Router

An Interior LSR in the Service Provider's Autonomous System

PE Router

An LER in the Service Provider Administrative Domain that Interconnects the Customer Network and the Backbone Network.

PSN Tunnel

Packet Switching Tunnel

Terminology Reference
Acronyms Used in MPLS Reference Architecture (cont.)
Terminology

Description

Pseudo-Wire

A Pseudo-Wire Is a Bidirectional Tunnel" Between Two Features on a Switching Path.

PWE3

Pseudo-Wire End-to-End Emulation

QoS

Quality of Service

RD

Route Distinguisher

RIB

Routing Information Base

RR

Route Reflector

RT

Route Target

RSVP-TE

Resource Reservation Protocol based Traffic Engineering

VPN

Virtual Private Network

VFI

Virtual Forwarding Instance

VLAN

Virtual Local Area Network

VPLS

Virtual Private LAN Service

VPWS

Virtual Private WAN Service

VRF

Virtual Route Forwarding Instance

VSI

Virtual Switching Instance

Further Reading
MPLS References at Cisco Press and [Link]

[Link]

[Link]

MPLS and VPN Architectures Cisco Press

Traffic Engineering with MPLS Cisco Press

Eric Osborne, Ajay Simha

Layer 2 VPN Architectures Cisco Press

Jim Guichard, Ivan Papelnjak

Wei Luo, Carlos Pignataro, Dmitry Bokotey, and Anthony Chan

MPLS QoS Cisco Press

Santiago Alvarez

Complete Your Online Session Evaluation

Give us your feedback to be

entered into a Daily Survey
Drawing. A daily winner
will receive a $750 Amazon
gift card.

Complete your session surveys

though the Cisco Live mobile
app or your computer on
Cisco Live Connect.
Dont forget: Cisco Live sessions will be available
for viewing on-demand after the event at
[Link]/Online

Continue Your Education

Demos in the Cisco campus

Walk-in Self-Paced Labs

Table Topics

Meet the Engineer 1:1 meetings

Related sessions

Thank you