Multiprotocol Label Switching (MPLS) is a Layer 2 WAN backbone technology that delivers virtual private network (VPN) services over Internet Protocol (IP), traffic engineering capabilities, and a converged network infrastructure that replaces traditional Frame Relay and ATM networks. Originally developed by Cisco Systems in the form of tag switching, MPLS was adopted as an Internet standard by the Internet Engineering Task Force (IETF). Service providers are the primary implementers of the technology.
Service providers offer MPLS services as an alternative to traditional Frame Relay, leased line, and ATM services. With MPLS, service providers can offer similar services to traditional WAN technologies at lower costs and provide additional IP-based services previously not available.
At the heart of MPLS is an encapsulation scheme that serves as an alternative to traditional IP routing. When a packet comes into the service-provider edge, a router assigns a tag to the packet based on the destination IP network. The tag is a type of shorthand for a traditional IP-based route. After the tag is applied, the router forwards the packet into the MPLS core. The core routers read the label, apply the appropriate services, and forward the packet based on the label. After the packet reaches the destination edge of the service-provider network, the MPLS label is removed and the IP packet forwarded onto the IP network.
Traffic engineering is a core component that allows service providers to deliver services predictably for each of their customers. MPLS traffic engineering expands on the capabilities offered by ATM and Frame Relay. Tagged IP packets are routed through the MPLS core based on the resources required by the packet and available network resources. The MPLS network chooses the shortest path for a traffic flow based on its resource requirements. It determines resource requirements by the size and priority for a traffic flow. MPLS networks honor IP quality of service (QoS) by delivering both best-effort delivery as well as time- and bandwidth-sensitive guarantees.
Service providers offer MPLS-based services in the form of VPNs. Using MPLS labels, service providers can deliver IP-based services to many customers without the complexity of traditional Frame Relay or ATM circuit management. Customers can use private or public IP addressing without concern for overlapping other customer addressing.
MPLS VPN services are as secure as Frame Relay in that one customer cannot see the traffic from another customer even though they traverse the same MPLS network. For additional security, customers can place firewalls between their private network and the service provider, as well as encrypt the traffic as it goes into the MPLS network. As long as the packets have standard IP headers, the MPLS network can ship the packet to its destination.
Because MPLS networks look like a private intranet to the connected IP networks, service providers can provide additional IP-based services, such as QoS and telephony support within the VPN, and centralized services, such as web hosting.
At-A-Glance—MPLS
Multiprotocol Label Switching (MPLS) was originally developed to speed up the routing of packets through the WAN network. Since its development, the speed of traditional routing has increased considerably, but MPLS still has many benefits.
MPLS enables service providers to offer additional services to its enterprise customers, including virtual private networks (VPNs), improved traffic engineering, quality of service (QoS), Layer 2 tunneling, and multiprotocol support.
You can deploy MPLS as a multiservice-based network, providing an Internet Protocol (IP) alternative to Frame Relay, ATM, and leased line. This feature presents a cost savings to service providers. Rather than build out separate networks for IP, Frame Relay, and ATM users, the provider can build a single MPLS network and support them all.
</division><division> <title>What Are the Problems to Solve?</title>An MPLS network must differentiate all the packets from each other. It does so by labeling each packet. To add a label to a packet, the network must first determine all the normal information that a typical router does. In other words, the first router a packet encounters must fully analyze the header, from which the label is made.
After the packet has a label, the rest of the routers in the network must have a way to act upon the information contained in the label.
</division><division> <title>Equipment and Stuff</title>The three primary equipment types in an MPLS networks are the following:
Customer premise equipment (CPE)—. Equipment on the customer site. All traffic leaving the local site is routed through this point. Often referred to as customer equipment (CE).
Edge label switch routers (ELSR)—. Located at the ingress point of the service-provider network, this equipment assigns (and removes) labels. ELSR can either be routers or high-end stitches. Often referred to as provider equipment (PE).
Label switch routers (LSR)—. Located in the core of the service-provider network, LSRs forward packets or cells based on their labels.
The Label Distribution Protocol (LDP) distributes label information throughout the network.
</division><division> <title>MPLS Labels</title>The forwarding mechanism in MPLS uses a label to make decisions where and how to send packets or cells through the network. The label is applied at the ingress to the service-provider network and removed at the network egress point. The router responsible for adding the label is the only network router that needs to process the entire packet header. The network uses the information contained in the header, along with the preconfigured instructions, to generate the label. Routers can base labels on IP destinations (this is what traditional routing uses) and other parameters, such as IP sources, QoS, VPN membership, or specific routes for traffic-engineering purposes. MPLS also supports forwarding mechanisms from other protocols.
Types of Labels |
|---|
IP destination address |
IP source address |
QoS parameters |
Specific routes |
VPN membership |
Other protocols |
An additional benefit of MPLS is its inherent security. As illustrated in the next diagram, after the packet or cell from a company enters the service-provider network, the label essentially keeps that packet segregated from all other customers’ packets and cells. Because there is no place where one customer can view another customer’s packet and cells, there is no danger of someone outside the network snooping for packets. Obviously, this limitation does not stop someone bent on illegally accessing a company’s information, but it does remove the possibility of someone claiming that he “accidentally” received the information.
</division><division> <title>MPLS Architecture</title>
MPLS has two layers, or planes, each with an area of specific function in the network. The layers are the control plane and the data plane. The control plane is responsible for the exchange of routing information (including labels) between adjacent devices. The data plane handles forwarding operations.
</division><division> <title>How Does the Router Know Where to Send Stuff?</title>The routers in an MPLS network forward packets based on labels, but the router must know the relationship between a label and a path through the network. This relationship is established and communicated throughout the network using forwarding equivalence classes (FECs). A FEC is a specific path through the network of LSRs; it is equal to the destination network stored in an IP routing table. The LSRs simply look at the label and forward the packet based on the contents of the FEC. This process is simpler, faster, and more flexible than traditional IP routing.
</division><division> <title>Other MPLS Features</title>Traffic engineering is the ability to dynamically define routes based on known demand or alternate available routes. Traffic engineering can also optimize network usage.
Intelligent rerouting refers to MPLS’s ability to reroute based on network congestion. Rather than change the route on a packet-by-packet basis, MPLS can reroute on a flow-by-flow basis.
MPLS is particularly well-suited to support VPNs. With a VPN, the packets from one enterprise are transparent to all other enterprise VPNs. The labels and the FECs effectively segregate VPN traffic from other packets on the Internet.
MPLS Layer 2 tunneling, also known as Any Transport over MPLS (AToM), allows a service provider to transport Frame Relay and ATM over an MPLS-based network. This feature increases the range of services that the service provider can offer.
</division>