What Is MPLS?
MPLS, a protocol proposed by the Internet Engineering Task Force (IETF), uses labels to guide the forwarding of data packets at high speeds. It maps IP addresses to short and fixed-length labels of local significance, eliminating the need of IP routing table lookups. MPLS performs label swapping to determine the forwarding path of a packet, making packet forwarding far more efficient. In addition, MPLS labels can be used to establish logical tunnels on an IP network. And because MPLS is compatible with various network-layer and link-layer protocols, it can provide public network tunnels for a wide range of services, including L2VPN, L3VPN, and EVPN services.
Why Do We Need MPLS?
In the mid-1990s, hardware limitations had a negative impact on the exponential growth of data transmitted across the Internet. IP technologies, which relied on the longest match rule, instead had to rely on software for route lookups, resulting in low forwarding performance. This limited the development of networks. To address these challenges, the IETF proposed the MPLS protocol, aiming to improve the forwarding performance of routing devices on IP networks.
Comparison between IP routing and MPLS forwarding
MPLS significantly improves forwarding performance compared to traditional IP routing in several ways:
- Eliminating time-consuming IP routing table lookups: MPLS replaces the time-consuming process of IP routing table lookups with a simpler label swapping mechanism, significantly reducing the time needed to guide packet forwarding.
- Reducing the number of header parsing and label encapsulation/decapsulation operations: After a packet enters an MPLS domain, only the domain's ingress and egress need to parse the IP packet header and encapsulate or decapsulate labels, and transit nodes only need to swap labels. This further speeds up packet forwarding.
Despite this, as application-specific integrated circuit (ASIC) technology advanced and hardware became the preferred means of fast IP routing table lookups, MPLS no longer offered the significant performance improvements it once did.
MPLS has found a new lease on life due to its label-based forwarding, which is essentially a tunneling technology that can encapsulate multiple layers of labels in a packet. And because MPLS works seamlessly with various network-layer and link-layer protocols, it is an ideal choice for establishing public network tunnels for various VPN services. Moreover, MPLS packet forwarding relies on fixed paths determined through label swapping, making it a connection-oriented forwarding technology. This has led to its widespread use across various scenarios, such as traffic engineering (TE), QoS, and SD-WAN.
What Are the Characteristics of MPLS?
What Basic Concepts Are Involved in MPLS?
The following explains some of the core concepts involved in MPLS.
FEC
MPLS is a class-based forwarding technology that groups similar data packets into a single class, known as a forwarding equivalence class (FEC). MPLS processes packets belonging to the same FEC in a consistent manner.
Packets can be classified into FECs based on any combination of the following elements: source address, destination address, source port, destination port, protocol type, service type, and so on. For example, all packets destined for the same destination address in IP routing using the longest match rule would be classified into the same FEC.
MPLS label
An MPLS label is a short, fixed-length identifier that has only local significance. It uniquely identifies the FEC to which a packet belongs. In some cases (e.g., when load balancing is required), one FEC may be mapped to multiple MPLS labels. However, one label can represent only one FEC on a device.
An MPLS label has 4 bytes. The following figure shows how it is encapsulated.
Encapsulation structure of an MPLS label
An MPLS label contains the following four fields:
Label: a 20-bit field that identifies a label value.
TC: a 3-bit field that indicates the traffic class. This field is also called Exp. It is generally used for class of service (CoS).
S: a 1-bit field that identifies the bottom of stack (BoS). MPLS supports multiple labels, that is, label nesting. If the BoS value of a label is 1, the label is at the bottom of the label stack.
TTL: an 8-bit field indicating a time to live (TTL) value. This field is the same as the TTL field in IP packets.
An MPLS label is encapsulated between the link layer and network layer (also referred to as Layer 3). The following figure shows where an MPLS label is encapsulated in a packet. MPLS labels are supported by all link-layer protocols.
Encapsulation position of an MPLS label
An MPLS label stack is also called an MPLS multi-layer label. It contains an ordered set of MPLS labels, as shown in the following figure. The label close to the Layer 2 header is known as the label "on top of the stack" or the outer label; the label close to the IP header is known as the label "at the bottom of the stack" or the inner label. The labels are processed from the top of the label stack in a last in first out manner.
MPLS label stack
Label operations
The basic operations on MPLS labels include label push, label swap, and label pop. They are basic actions of label forwarding and a part of the label forwarding information base (LFIB).
Basic label operations
The basic operations on MPLS labels are as follows:
Push: When an IP packet enters an MPLS domain (consisting of a series of consecutive LSRs), the ingress adds a label between the Layer 2 header and the IP header of the packet. A transit node can also add a label to the top of the label stack (label nesting) as needed after it receives the packet.
Swap: When the packet is forwarded inside the MPLS domain, a transit node searches the LFIB and replaces the label on top of the stack in the MPLS packet with the label that is assigned by the next hop.
Pop: When the packet leaves the MPLS domain, the egress removes the MPLS label; or the MPLS node at the penultimate hop removes the label on top of the stack to reduce the number of labels in the label stack.
Because MPLS labels have no significance on the egress, you can configure penultimate hop popping (PHP) to reduce the processing load on the egress. This allows the penultimate hop to pop the label out of an MPLS packet so that the egress can directly forward the packet over IP or based on the inner label.
PHP is implemented by allocating a special label value 3. A label with this value indicates an implicit-null label that never appears in a label stack. When the penultimate hop finds that it is allocated with label value 3, it does not replace the label on top of the stack with this label. Instead, it pops the label so that the egress directly forwards the packet over IP or based on the inner label.
LSP
A label switched path (LSP) is a path along which packets that belong to the same FEC (that is, packets encapsulated with MPLS labels) are forwarded in an MPLS domain, as shown in the following figure.
LSP networking
An LSP is a unidirectional channel from the ingress to the egress. An LSP has the following roles:
Ingress: the start node of an LSP. An LSP has only one ingress. The ingress pushes an MPLS label into an IP packet and encapsulates the packet into an MPLS packet.
Transit node: an intermediate node on an LSP. An LSP may have any number of transit nodes, including zero. A transit node searches the LFIB and forwards MPLS packets through label swapping.
Egress: the last node of an LSP. An LSP has only one egress. The egress pops the specific label (if any) out of an MPLS packet and restores the original packet before forwarding it.
How Is an MPLS Network Structured?
The following figure shows the typical structure of an MPLS network.
MPLS network structure
An MPLS network consists of the following elements:
- Label switching router (LSR): an MPLS-capable network device, which is fundamental to an MPLS network. A series of continuous LSRs constitutes an MPLS domain.
- Core LSR: resides in an MPLS domain and connects only to LSRs inside the domain.
- Label edge router (LER): resides on the edge of an MPLS domain and connects to one or more MPLS-incapable nodes.
On an MPLS network, an LSP can be set up between any two LERs to forward packets that enter an MPLS domain and can pass through one or more core LSRs. Therefore, the ingress and egress of an LSP are LERs, and transit nodes are core LSRs.
What Are the Benefits of MPLS?
MPLS is widely used on IP networks and provides the following benefits:
- MPLS is fully compatible with and an improvement upon the IP network, making it easy to promote for its low construction costs.
- The control and forwarding planes of MPLS are separated. On the control plane, LSPs are set up based on IP routes. MPLS can borrow the flexibility and reliability mechanisms of IP routes where needed. On the connection-oriented forwarding plane, packets are transmitted over LSPs. In addition, MPLS can effectively implement TE and QoS.
- MPLS is independent of link-layer protocols. It supports protocols such as frame relay, ATM, PPP, and SDH, ensuring interworking of multiple types of networks and providing good compatibility.
- An MPLS network supports a hierarchical topology and is suitable for deployment on the IP backbone network.
- Theoretically, the MPLS label stack supports unlimited label nesting, meeting the requirements of VPN services for multi-layer encapsulation of public and private network labels. Therefore, MPLS provides strong support for the development of VPN services.
How Does MPLS Work?
The primary objective of MPLS is to correctly forward packets that enter an MPLS domain to their destination. This process is divided into two parts: LSP establishment and packet forwarding along the LSP.
How Does MPLS Establish LSPs?
MPLS is a technology that uses labels to guide data packet forwarding. In this technology, the establishment of an LSP is a process in which LSRs along the LSP determine the labels for a specific FEC.
MPLS labels are assigned and distributed by a downstream node to an upstream node. As shown in the following figure, the downstream LSR classifies FECs based on the destination addresses of IP routes and allocates labels to the FECs corresponding to specified destination addresses. Then, the downstream LSR sends the labels to the upstream LSR, triggering the upstream LSR to establish an LFIB. This process repeats until the series of LSRs form an LSP.
Process of establishing an LSP
LSPs can be classified into static LSPs and dynamic LSPs based on how they are established:
- Static LSPs are established by manually assigning labels to FECs. In this case, the outgoing label value of the upstream LSR must be the same as the incoming label value of the downstream LSR.
- A dynamic LSP is set up when an LSR uses a label distribution protocol to dynamically generate and distribute labels. A downstream LSR uses IP routes to send labels to an upstream LSR. MPLS supports various label distribution protocols, such as the Label Distribution Protocol (LDP), Resource Reservation Protocol-Traffic Engineering (RSVP-TE), and Multiprotocol Extensions for Border Gateway Protocol (MP-BGP).
LDP
LDP is an important label distribution control protocol in the MPLS system. It is responsible for FEC classification, MPLS label allocation, and dynamic establishment and maintenance of LSPs. LDP specifies various messages and the associated procedures for message processing during the distribution of labels. Through LDP, LSRs can directly map routing information at the network layer to LSPs at the data link layer, enabling dynamic establishment of LSPs at the network layer.
In addition to supporting large numbers of LSPs and them being established based on topology changes, LDP features simple networking and configuration. It significantly reduces both the maintenance workload and the likelihood of configuration errors compared with configuring LSPs manually.
LDP session messages are classified into the following types:
- Discovery message: used to notify or maintain the presence of an LSR.
- Session message: used to establish, maintain, and terminate sessions between LDP peers. Initialization and Keepalive messages are types of session messages.
- Advertisement message: used to create, modify, or delete the mapping between FECs and labels.
- Notification message: used to provide advisory information or error information.
LDP transmits Discovery messages over UDP and transmits Session, Advertisement, and Notification messages over TCP.
LDP session establishment begins with the exchange of Hello messages between two LSRs. The following figure shows the process.
Process of establishing an LDP session
- The two LSRs send Hello messages to each other. A Hello message contains a transport address, which is used to establish an LDP session. The LSR with the larger transport address serves as the active peer and initiates a TCP connection request. In this example, LSR A functions as the active peer, while LSR B is the passive peer.
- After the TCP connection is successfully established, LSR A sends an Initialization message to negotiate parameters used to establish an LDP session with LSR B. The parameters include the LDP version, label distribution mode, Keepalive hold timer value, maximum PDU length, and label space.
- Upon receipt of the Initialization message, LSR B sends an Initialization message and a Keepalive message to LSR A if LSR B accepts all parameters. Otherwise, if LSR B rejects some parameters, it sends a Notification message to terminate LDP session establishment.
- Upon receipt of the Initialization message, LSR A sends a Keepalive message to LSR B if LSR A accepts all parameters. Otherwise, if LSR A rejects some parameters, it sends a Notification message to terminate LDP session establishment.
After each LSR receives the Keepalive message from the other, the LDP session is successfully established.
RSVP and RSVP-TE
RSVP was specifically developed for the integrated service model, enabling users to request and receive various QoS levels for Internet applications. Operating over both IPv4 and IPv6 networks, RSVP is not a routing protocol. Instead, its sole responsibility is to manage and advertise reserved resources on the network. A receive end initiates a resource reservation request, which is then propagated along the transmission path to reserve resources on each node through which the request passes. When a receiver requests resources, it sends a Path message to initiate the process. The sender responds by sending a Resv message, which completes resource allocation and reservation along the reverse path of the Path message.
RSVP-TE, an extension of RSVP, is specifically designed for traffic engineering purposes. It introduces new objects to help establish MPLS LSPs. The Label_Request object is included in Path messages to initiate label requests, and the Label object is included in Resv messages to distribute labels. By incorporating path constraints such as bandwidth and affinity attributes, RSVP-TE optimizes path planning and traffic management on the network.
RSVP-TE LSP setup process
What Are the Basic Concepts Involved in MPLS Packet Forwarding?
The MPLS forwarding process includes querying the forwarding information base (FIB) entry, next hop label forwarding entry (NHLFE), and incoming label map (ILM) entry. These entries are associated with each other through a tunnel ID.
Tunnel ID
To provide a unified interface for upper-layer applications (such as VPN and route management) that use tunnels, the system automatically allocates a 32-bit tunnel ID to each tunnel. The tunnel ID is unique on the local device.
FIB, LIB, and LFIB
The FIB is used to guide IP packet forwarding on an IP network. It is constructed using the routing information selected from the routing information base (RIB). The FIB contains information such as the destination network segment, outbound interface, next-hop IP address, route tag, and route preference.
Like the RIB in IP routing, the label information base (LIB) stores the mapping between each label and the corresponding FEC. The LIB is crucial for managing MPLS label information and includes details such as the FEC network segment, incoming label, outgoing label, and downstream node that distributes the outgoing label.
Similar to the FIB, the label forwarding information base (LFIB) is used to direct the forwarding of MPLS packets on an MPLS network. The LFIB is constructed using important information in the LIB. Such information includes the incoming label, outgoing label, destination network segment, outbound interface, and next-hop IP address.
NHLFE
The NHLFE is used to direct the forwarding of MPLS packets. It contains information such as the tunnel ID, outbound interface, next hop, outgoing label, and label operation. By leveraging the outgoing label, the NHLFE can determine the outbound interface and next hop for packet forwarding. You can obtain detailed FEC-to-NHLFE (FTN) information by searching the FIB for the entries whose token values are not 0x0. FTN entries are only available on the ingress.
ILM
The ILM maps incoming labels with the NHLFE, and creates a mapping between the incoming label, outgoing label, and tunnel ID on the local device. A transit node creates ILM entries to map labels with NHLFEs. The node can then search the ILM for label forwarding information based on label indexes. This process is similar to searching the FIB based on destination IP addresses.
How Are Packets Forwarded Along LSPs?
Take a PHP-capable LSP as an example. MPLS packets are forwarded along the LSP as follows:
After receiving an IP packet destined for 192.168.1.1/24, the ingress checks whether the tunnel ID corresponding to the destination IP address is 0x0 in the FIB. If it is, the device forwards the packet according to the IP forwarding process. Otherwise, the device adopts the MPLS forwarding process for the packet. Specifically, it searches for the outbound interface, next hop, outgoing label (e.g., Y), and label operation (e.g., push label Y) based on the tunnel ID. The device then encapsulates the packet into an MPLS packet and forwards this packet through the outbound interface and next hop indicated by the NHLFE.
After receiving the MPLS packet, the transit node searches the ILM for the tunnel ID based on label Y. It also searches the NHLFE for the outbound interface, next hop, outgoing label, and label operation (label swap) required by next-hop forwarding based on the tunnel ID. The transit node then replaces label Y with label X and forwards the packet.
After receiving the MPLS packet, the transit node at the penultimate hop performs the preceding search operations. Because the label value assigned by the egress is 3 (a special label, as described earlier in "MPLS label"), the transit node performs the PHP operation to pop label X. It then forwards the IP packet to the egress.
After receiving the IP packet, the egress forwards it to the destination 192.168.1.1/24.
Packet forwarding through an LSP
Typical MPLS Application — MPLS VPN
MPLS VPN is a technology that uses MPLS to construct VPNs on an IP backbone network. The essence of VPN is to transmit service data across a public network as if it was on a private network. This requires a tunnel to be set up on the public network so that data packets can be transmitted directly to the destination through the tunnel. Generally, MPLS VPN uses LSPs established using MPLS as public network tunnels to transmit private network service data.
The basic MPLS VPN model consists of the following three roles (which are shown in the following figure):
Customer edge (CE): an edge device on a user network. A CE is directly connected to a service provider (SP) network through interfaces. The VPN sites of users are connected to the SP network through the CE. A CE can be a network device or a host. Generally, CEs are unaware of VPNs and do not need to support MPLS.
Provider edge (PE): an edge device on an SP network. A PE is directly connected to a CE. On an MPLS network, PEs function as LSRs and process all MPLS and VPN services. This places high requirements on the performance of PEs.
Provider (P): a backbone device on an SP network. A P is not directly connected to a CE. On an MPLS network, a P functions as an LSR and only needs to process MPLS services. It does not need to maintain VPN information.
On an MPLS VPN, a VPN packet carries an outer label and an inner label. The outer label is swapped when the packet is inside the backbone network. This label identifies an LSP from the local PE to the peer PE, determining the path of the packet to the peer PE. The inner label determines the VPN instance of the packet when the packet is transmitted from the peer PE to the peer CE. The packet is forwarded to the target site based on the routing table of the VPN instance. The outer label is allocated by LDP and RSVP-TE, and the inner label is allocated by LDP.
Basic MPLS VPN model
MPLS VPN fully leverages the technical advantages of MPLS and is the most widely used VPN technology. It offers the following benefits to users:
- An MPLS label corresponds to the data flow of a specified service (specific FEC), helping to isolate services of different users.
- MPLS provides TE and QoS capabilities. Users can use MPLS to fully optimize VPN resource configuration.
- MPLS VPN provides flexible policy control to meet the special requirements of different users and implement value-added services quickly.
- Author: Sun Yuling
- Updated on: 2024-09-02
- Views: 26276
- Average rating: