Multiprotocol Label Switching
Multiprotocol Label Switching (MPLS) allows IP-based routers to set up, maintain, and tear down connection-oriented virtual circuits across an IP-based network. MPLS forwards data across these virtual circuits using label swapping. MPLS works on any Layer 2 technology that supports IP, including Ethernet, token ring, Asynchronous transfer mode (ATM), POS, and frame relay.
MPLS grew out of many vendors’ proprietary protocols, such as Cisco’s tag switching (which MPLS most resembles), Nokia’s IP switching, IBM’s aggregate rate-based IP switching (ARIS), and 3Com’s Fast IP.
MPLS is not used for the purpose for which it was invented. Like its predecessors, it was designed to provide a fast and efficient forwarding scheme, since at the time, it was considered faster to switch at Layer 2 than it was to route at Layer 3. This is no longer true—today’s “wire-speed” routers are no slower at forwarding than any Layer 2 device.
MPLS is a broad topic and has applicability in nearly all aspects of the carriage of data today—forwarding, VPNs, protection and restoration, Traffic Engineering, routing protocols, and QoS—and its application is widening as new standards develop. MPLS promises multiprotocol unification—one backbone for all services, including voice, data, ATM, VPN, IP, and frame relay. The basic foundation of MPLS is defined in RFC 3031 and RFC 3032, which provide the framework for the evolution of MPLS.
The forwarding mechanism in MPLS is relatively simple. The complexity lies within the control protocols that build and maintain the virtual circuits, which are the core of MPLS functionality.
The following components make up a network supporting MPLS.
- Label edge router (LER): This is a device at the edge of the MPLS network (i.e., between devices that do not support MPLS and label switching routers). The ingress LER is the device that will add a label to incoming data. The egress LER will remove a label from an MPLS-labeled packet and act according to the encapsulated data. Normally, this means performing a Network Layer lookup (i.e., route the IP packet inside). In the context of MPLS VPNs, this LER device is called the provider edge (PE) router.
- Label switching router (LSR): This is a device capable of performing label swapping as well as forwarding native Layer 3 packets. LSRs are typically found in the core of the MPLS network. In the context of MPLS VPNs, an LSR is called the provider (P) router.
- Label switched path (LSP): This is the name given to the virtual circuit established across the MPLS network. The LSP defines the path that a unidirectional flow of data takes between LERs and across LSRs in the core of the network. Since this is a unidirectional flow, at least two LSPs must be established to achieve bidirectional traffic flow. The LSP is defined by mapping labels from an incoming interface to an outgoing interface.
- Penultimate hop popping (PHP): The last router in the LSP (i.e., the egress LER) can be thought of as the “ultimate” router. Thus, the second-to-last route can be thought of as the “penultimate” router. Penultimate hop popping is a feature where by the penultimate router removes the label and forwards the packet, now unlabeled, to the last router. This penultimate hop popping is useful in that it saves the egress LER from receiving the incoming labeled packet, performing the label lookup, realizing the label must be popped, popping the label, then performing a second lookup on the encapsulated packet to find how to forward it from there.
MPLS Label Swapping
At the core of MPLS is the forwarding mechanism. Forwarding in MPLS is based upon label swapping in a fashion similar to frame relay and ATM. Like frame relay, labels are only locally significant (i.e., each interface could use the same label for a different path). This is not ambiguous in any way since a label database can be kept per interface. The incoming port number combined with the label makes the entry globally unique.
Some current implementations support using the same set of labels (called a label space) per label switching router (LSR) or, perhaps, per network (i.e., globally). The wider the significance of the label, the fewer the labels available for assignment to LSPs.
The visual describes the MPLS label, which is used to forward traffic across the MPLS domain. This is the label used on all Layer 2 technologies, except ATM and frame relay.
- Label: 20 bits, allowing for over 1 million unique labels per label space. The label space could be defined per interface or per platform. Multicast uses a separate label space than unicast over MPLS. The label is the circuit identifier the LSR uses to forward the packet.
- EXP: Experimental Use. Originally this 3-bit field was unused. However, current implementations use it to define the queue in which to place a packet on an outgoing interface. This class of service (COS) is likely to interoperate with Differentiated Services (Diffserv) protocol to set the field on a packet, although a network administrator could also define the COS to which a packet is assigned on the ingress to the MPLS domain.
- S: Bottom of Stack. This entry is used to indicate whether this is the last label before the encapsulated data (S=1) or if there is another label inside (S=0). This allows a stack of theoretically infinite labels to be placed in front of a packet and great flexibility in terms of being able to scale a network and enable new services. Hence, multiple labels can be forwarded transparently through another provider or core network with a single label (similar to a virtual path in ATM).
- TTL: Time to Live. In any network, you must either guarantee a loop-free topology or somehow limit the effect of loops when they occur. IP routing protocols do not guarantee a loop-free topology, so we must limit the effect of routing loops with a TTL. Like IP TTL, in MPLS, the TTL is decremented by each LSR. If the TTL reaches zero, the packet is discarded. A service provider can use the TTL different ways. If the TTL is taken from and then put back in the encapsulated IP packet, the network user can still “see” the internal topology (i.e., the traceroute). If the IP TTL is not used in the MPLS label and is preserved across the LSP, the provider topology becomes “invisible” to traceroutes. That is one way to respond to customer requests to “reduce the hop count”!
MPLS Forwarding Tables
The MPLS forwarding table consists of a series of entries based on the label field value of the incoming label on the information to be label switched. The information could be an IP packet, but this is not always the case. The label on the incoming data unit forms the index to the forwarding table, which is in numerical order by label.
Each entry in the forwarding table consists of one or more subentries. Each subentry has three main pieces of information used to forward the information. First, the outgoing label to be used on the information as it exits the device is listed. Next, there is the proper output port (many sources call this the outgoing “interface”) to use. Finally, there is the next hop device’s network address. This last piece of information is used for a number of reasons, most of them strictly administrative and not directly related to the forwarding of traffic.
More than one subentry is used when multicast service is supported in the MPLS device. So one input unit might generate two, three, or more output pieces of information, all to different destinations. Copies of the information are output with each label and on each port indicated in the table.
Push, Pop, Swap
Pushing is the act of applying an additional label to a packet. The packet might already have a label on it, since MPLS can support multiple stacked labels. This pushing is normally done at the ingress LER, at the edge of the network. The LER requires a mapping so that it knows what data to put on an LSP. It might also be performed in the core of a network where multiple LSPs are aggregated or encapsulated inside another LSP.
Popping is the act of removing the outermost label from the packet. One or more labels might still be inside. Popping is normally done at the egress LER. LERs must do an additional lookup to decide how to forward the encapsulated packet. Penultimate routers will pop the label but will only forward the unencapsulated packet according to the lookup table for the LSP.
Swapping is the act of replacing a label. The inside of the labeled packet is never inspected. The swapping is done by LSRs. The EXP field is used to define how the packet should be queued, and the TTL is decremented. If TTL equals zero, the packet will be discarded.
FEC and NHLFE
The forwarding function performed by an LER can be divided into two functions. The first function is to separate all incoming data into different forward equivalence classes (FEC). Data put into the same FEC follows the same LSP and is indistinguishable to the forwarding function. Data can be separated into different FECs in any way the LER is capable of distinguishing between packets. Early deployments of MPLS only support separation based upon destination IP address (i.e., packets going to a particular destination will belong to the same LSP). TE applications rely on the BGP Next Hop attribute to divide data into different LSPs.
The application of the FEC is limitless—we could define FECs based upon source address, TCP/UDP port number, application-specific information, incoming router port, etc. However, there is a trade-off in the granularity of the FEC. The finer the FEC, the more flexibility we have in controlling the flow of data, but the more LSPs that need to be defined. The coarser the FEC, the more scalable the network is (less LSPs needed), but it is less flexible.
The second forwarding function is to map the FEC to a next hop label forwarding entry (NHLFE), which is called the FEC-to-NHLFE (FTN) mapping. In other words, FTN means taking data assigned to an FEC and deciding which label to use. The advantage to this type of forwarding is that this is done once by the LER at the edge of the MPLS network and not by every node that forwards the packet.
MPLS VPN Implementations
A key feature that MPLS brings to an IP network is that it provides connections to the connectionless IP. With connections come control which is why it is a favored technology with service providers.
These connections can be used to implement a variety of services. A very popular service is the Layer 3 VPN which is most commonly implemented according to RFC 2547bis. Our discussion here is not with this service but with the ability for MPLS to provide Layer 2 VPN connectivity.
For the simple point to point service the Martini Drafts, several Internet drafts written by Luca Martini, describes the encapsulation of Layer 2 frames into MPLS packets for carriage across the MPLS network.
Adapting these point to point connections with virtual switches gives rise to the virtual private LAN service.
|<mp3>http://podcast.hill-vt.com/podsnacks/2007q2/mpls.mp3%7Cdownload</mp3> | Multiprotocol Label Switching (MPLS)|
|<mp3>http://podcast.hill-vt.com/podsnacks/2007q4/mpls_qos.mp3%7Cdownload</mp3> | MPLS QoS|