* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Introduction to MPLS
Survey
Document related concepts
Distributed firewall wikipedia , lookup
IEEE 802.1aq wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Cellular network wikipedia , lookup
Internet protocol suite wikipedia , lookup
Airborne Networking wikipedia , lookup
Network tap wikipedia , lookup
Computer network wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Deep packet inspection wikipedia , lookup
Point-to-Point Protocol over Ethernet wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
UniPro protocol stack wikipedia , lookup
Transcript
ATM and Multi-Protocol Label Switching (MPLS) By Behzad Akbari Spring 2011 These slides are based in parts on the slides of J. Kurose (UMASS) and Shivkumar (RPI) 1 Outline ATM basics IP over ATM MPLS basics MPLS VPN MPLS traffic engineering 2 Asynchronous Transfer Mode: ATM 1990’s/00 standard for high-speed (155Mbps to 622 Mbps and higher) Broadband Integrated Service Digital Network architecture Goal: integrated, end-end transport of carry voice, video, data meeting timing/QoS requirements of voice, video (versus Internet best-effort model) “next generation” telephony: technical roots in telephone world packet-switching (fixed length packets, called “cells”) using virtual circuits 3 ATM architecture AAL AAL ATM ATM ATM ATM physical physical physical physical end system switch switch end system adaptation layer: only at edge of ATM network data segmentation/reassembly roughly analagous to Internet transport layer ATM layer: “network” layer cell switching, routing physical layer 4 ATM: network or link layer? Vision: end-to-end transport: “ATM from desktop to desktop” ATM is a network technology Reality: used to connect IP backbone routers “IP over ATM” ATM as switched link layer, connecting IP routers IP network ATM network 5 ATM Adaptation Layer (AAL) ATM Adaptation Layer (AAL): “adapts” upper layers (IP or native ATM applications) to ATM layer below AAL present only in end systems, not in switches AAL layer segment (header/trailer fields, data) fragmented across multiple ATM cells analogy: TCP segment in many IP packets AAL AAL ATM ATM ATM ATM physical physical physical physical end system switch switch end system 6 ATM Adaptation Layer (AAL) [more] Different versions of AAL layers, depending on ATM service class: AAL1: for CBR (Constant Bit Rate) services, e.g. circuit emulation AAL2: for VBR (Variable Bit Rate) services, e.g., MPEG video AAL5: for data (eg, IP datagrams) User data AAL PDU ATM cell 7 ATM Layer Service: transport cells across ATM network analogous to IP network layer very different services than IP network layer Network Architecture Internet Service Model Guarantees ? Congestion Bandwidth Loss Order Timing feedback best effort none ATM CBR ATM VBR ATM ABR ATM UBR constant rate guaranteed rate guaranteed minimum none no no no yes yes yes yes yes yes no yes no no (inferred via loss) no congestion no congestion yes no yes no no 8 ATM Layer: Virtual Circuits VC transport: cells carried on VC from source to dest call setup, teardown for each call before data can flow each packet carries VC identifier (not destination ID) every switch on source-dest path maintain “state” for each passing connection link,switch resources (bandwidth, buffers) may be allocated to VC: to get circuit-like perf. Permanent VCs (PVCs) long lasting connections typically: “permanent” route between to IP routers Switched VCs (SVC): dynamically set up on per-call basis 9 ATM VCs Advantages of ATM VC approach: QoS performance guarantee for connection mapped to VC (bandwidth, delay, delay jitter) Drawbacks of ATM VC approach: Inefficient support of datagram traffic one PVC between each source/dest pair) does not scale (N*2 connections needed) SVC introduces call setup latency, processing overhead for short lived connections 10 ATM Layer: ATM cell 5-byte ATM cell header 48-byte payload Why?: small payload -> short cell-creation delay for digitized voice halfway between 32 and 64 (compromise!) Cell header Cell format 11 ATM cell header VCI: virtual channel ID will change from link to link thru net PT: Payload type (e.g. RM cell versus data cell) CLP: Cell Loss Priority bit CLP = 1 implies low priority cell, can be discarded if congestion HEC: Header Error Checksum cyclic redundancy check 12 ATM Physical Layer (more) Two pieces (sublayers) of physical layer: Transmission Convergence Sublayer (TCS): adapts ATM layer above to PMD sublayer below Physical Medium Dependent: depends on physical medium being used TCS Functions: Header checksum generation: 8 bits CRC Cell delineation With “unstructured” PMD sublayer, transmission of idle cells when no data cells to send 13 ATM Physical Layer Physical Medium Dependent (PMD) sublayer SONET/SDH: transmission frame structure (like a container carrying bits); bit synchronization; bandwidth partitions (TDM); several speeds: OC3 = 155.52 Mbps; OC12 = 622.08 Mbps; OC48 = 2.45 Gbps, OC192 = 9.6 Gbps TI/T3: transmission frame structure (old telephone hierarchy): 1.5 Mbps/ 45 Mbps unstructured: just cells (busy/idle) 14 IP-Over-ATM Classic IP only 3 “networks” (e.g., LAN segments) MAC (802.3) and IP addresses IP over ATM replace “network” (e.g., LAN segment) with ATM network ATM addresses, IP addresses ATM network Ethernet LANs Ethernet LANs 15 IP-Over-ATM app transport IP Eth phy IP AAL Eth ATM phy phy ATM phy ATM phy app transport IP AAL ATM phy 16 Datagram Journey in IP-over-ATM Network at Source Host: IP layer maps between IP, ATM dest address (using ARP) passes datagram to AAL5 AAL5 encapsulates data, segments cells, passes to ATM layer ATM network: moves cell along VC to destination at Destination Host: AAL5 reassembles cells into original datagram if CRC OK, datagram is passed to IP 17 IP-Over-ATM Issues: IP datagrams into ATM AAL5 PDUs from IP addresses to ATM addresses just like IP addresses to 802.3 MAC addresses! ATM network Ethernet LANs 18 Re-examining Basics: Routing vs Switching 19 IP Routing vs IP Switching 20 MPLS: Best of Both Worlds PACKET ROUTING IP HYBRID MPLS +IP CIRCUIT SWITCHING ATM TDM Caveat: one cares about combining the best of both worlds only for large ISP networks that need both features! Note: the “hybrid” also happens to be a solution that bypasses IP-over-ATM mapping woes! 21 History: Ipsilon’s IP Switching: Concept Hybrid: IP routing (control plane) + ATM switching (data plane) 22 Ipsilon’s IP Switching ATM VCs setup when new IP “flows” seen, I.e., “data-driven” VC setup 23 Issues with Ipsilon’s IP switching 24 Tag Switching Key difference: tags can be setup in the background using IP routing protocols (I.e. control-driven VC setup) 25 Multi-Protocol Label Switching (MPLS) 26 Background It was meant to improve routing performance on the Internet MPLS is similar to virtual circuits Routing is difficult using CIDR (longest prefix matching) Using the label-swapping paradigm to optimize network performance Only a fixed-sized label is used (like a VCID) with local scope It is very datagram oriented though It uses IP addressing and IP routing protocols 27 Goals of MPLS To enable IP capability on devices that cannot handle IP traffic Making cell switches behave as routers Increased performance Using the label-swapping paradigm to optimize network performance Forward packets along “explicit routes” (pre-calculated routes not used in “regular” routing) MPLS also permits explicit backbone routing, which specifies in advance the hops that a packet will take across the network. This should allow more deterministic, or predictable, performance that can be used to guarantee QoS To support certain virtual private network services 28 IP Regular Destination Based Forwarding Address Prefix I/F Address Prefix I/F Address Prefix I/F 128.89 1 128.89 0 128.89 0 171.69 1 171.69 1 … … … … 0 128.89 0 1 128.89.25.4 Data 0 128.89.25.4 Data 1 128.89.25.4 Data 128.89.25.4 Data Packets Forwarded Based on IP Address 171.69 29 MPLS Example: Routing Information Out In Address Out I’face Label Label Prefix Out In Address Out I’face Label Label Prefix 128.89 1 128.89 0 171.69 1 171.69 1 … … … … Out In Address Out I’face Label Label Prefix 128.89 0 … … 0 128.89 0 1 You Can Reach 128.89 Thru Me You Can Reach 128.89 and 171.69 Thru Me Routing Updates (OSPF, EIGRP, …) 1 You Can Reach 171.69 Thru Me 171.69 30 Labels for Destination-Based Forwarding A label is allocated for each prefix in its table The label is chosen locally Think of them as indices into the routing table Router advertises this to its neighbors “label distribution protocol” (LDP) Packets addressed to the prefix should, for efficiency, be tagged with the label. The label of an incoming packet is “swapped” before being forwarded to the next router. 31 MPLS Example: Assigning Labels Out In Address Out Label I’face Label Prefix Out In Address Out Label I’face Label Prefix - 128.89 1 4 4 128.89 0 9 - 171.69 1 5 5 171.69 1 7 … … … … … … … … Out In Address Out Label I’face Label Prefix 9 128.89 0 - … … … … 0 128.89 0 1 Use Label 9 for 128.89 Use Label 4 for 128.89 and Use Label 5 for 171.69 Label Distribution Protocol (LDP) 1 171.69 Use Label 7 for 171.69 (downstream allocation) 32 MPLS Example: Forwarding Packets Out In Address Out Label I’face Label Prefix Out In Address Out Label I’face Label Prefix - 128.89 1 4 4 128.89 0 9 - 171.69 1 5 5 171.69 1 7 … … … … … … … … Out In Address Out Label I’face Label Prefix 9 128.89 0 - … … … … 0 128.89 0 1 128.89.25.4 9 128.89.25.4 Data Data 1 128.89.25.4 Data 4 128.89.25.4 Data Label Switch Forwards Based on Label 33 MPLS Operation 1a. Existing routing protocols (e.g. OSPF, IS-IS) establish reachability to destination networks. 1b. Label Distribution Protocol (LDP) establishes label to destination network mappings. 2. Ingress Edge LSR receives packet, performs Layer 3 value-added services, and labels(PUSH) packets. 4. Edge LSR at egress removes(POP) label and delivers packet. 3. LSR switches packets using label swapping(SWAP) . 34 Remarks Rather than longest prefix-matching we use label matching Regular IP routing is still used Labels can be very efficient, simply an index into the routing table E.g., we could use OSPF to determine the routes Then we use labels for efficiency in per-hop routing Note that a “Setup” phase (like in VC’s) is not used 35 Placement of “labels” For Ethernet, the “protocol number used” is 0x8847 for MPLS I.e., the “protocol number” of IP is not used. Thus, IP never sees the message! 36 Label Header 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 Label Label = 20 bits S = Bottom of Stack, 1 bit EXP S TTL EXP = Class of Service, 3 bits TTL = Time to Live, 8 bits • Header= 4 bytes, Label = 20 bits. • Can be used over Ethernet, 802.3, or PPP links • Contains everything needed at forwarding time 37 Some Definitions Forwarding Equivalence Class (FEC): a group of IP packets which are forwarded in the same manner (e.g., over the same path, with the same forwarding treatment) Labeled Switched Router (LSR): A router capable of supporting MPLS labels. Labeled Switched Path: a sequence of LSR’s so that data can traverse the entire path using labels. 38 Traffic Aggregates: Forwarding Equivalence Classes LSR LER LSR LER LSP IP1 IP1 IP1 #L1 IP1 #L2 IP1 #L3 IP2 #L1 IP2 #L2 IP2 #L3 IP2 IP2 Packets are destined for different address prefixes, but can be mapped to common path • FEC = “A subset of packets that are all treated the same way by a router” • The concept of FECs provides for a great deal of flexibility and scalability • In conventional routing, a packet is assigned to a FEC at each hop (i.e. L3 look-up), in MPLS it is only done once at the network ingress 39 Label Switched Path (LSP) Intf Label In In 3 0.50 Intf Dest Intf In Out 3 47.1 1 Label Out 0.50 Dest Intf Out 47.1 1 Label In 0.40 Dest Intf Out 47.1 1 3 1 47.3 3 Intf In 3 IP 47.1.1.1 1 47.1 3 1 Label Out 0.40 2 2 47.2 2 IP 47.1.1.1 40 Label Merging When multiple input streams corresponding to the same FEC exit using the same MPLS label. InLabel NextHop Label 10 Port 3 30 25 Port 3 30 Dest NextHop Label D Port 1 10 R2 Netw D R4 Port 3 R1 Port 1 Port 5 Dest NextHop D Port 5 Label 25 R3 41 Non-Label Merging Each source-destination pair has its own label at each LSR router. InLabel NextHop Label 10 Port 3 5 25 Port 3 8 Dest NextHop Label D Port 1 10 R2 Netw D R4 Port 3 R1 Port 1 Port 5 Dest NextHop D Port 5 Label 25 R3 42 Pushing-Requesting Labels R2 can “push” a label to R1, indicating which label to use to reach D R1 can “request” a label from R2 to be used to reach D. If using non-merging, usually R1 requests a label from R2 Netw D R2 R4 R1 43 ATM Most importantly, we can use ATM switches for IP We can turn “ATM Cell switches” into “label switching routers” usually only by changing the software and not the hardware of the switch. 44 IP over ATM (Before MPLS) We had every router with a VC over an ATM network to every other router Known as an “overlay” network Whole ATM network looked like a single “subnet” to the IP Routers ATM switches are not aware that the payload is an IP packet 45 IP disassembly into ATM cells IP becomes an “application” to the ATM layer. IP packets have to be broken into small 48-byte pieces, and placed into ATM Cells Cells are sent over the ATM circuit (e.g. from R1 to R6), the switches only see ATM Cells, not IP packet At R6, the cells are regrouped and the IP packet restored 46 ATM switches as LSRs (using MPLS) ATM switches are now “peers” of MPLS routers No longer viewed as a single subnet, each link is now a subnet 47 Advantages of MPLS vs overlay Each MPLS router has fewer “adjacencies” (i.e. neighbors) This reduces the OSPF traffic to the router significantly In OSPF you receive the topology of the entire network via each of your neighbors. Each router now has a view of the entire topology Not possible in overlay networks (ATM network “black box”) Routers have better control of paths in case of link failures In overlay networks, the ATM switches would do the rerouting ATM switches may still support native ATM if desired. 48 How to route IP packets? Can we send IP messages to our neighbors? We can use a special VCID (say 0) to send IP messages to our neighbor. Each node has a VCID 0 with each of its neighbors (a “single hop” VCID Thus, to send an IP message to a neighbor Disassemble the IP packet into ATM Cells Send them on VCID 0 of the link of the desired neighbor The neighbor reassembles the IP packet Since we can send an IP message to any neighbor This implies ATM LSR’s can execute ANY Internet protocol based on IP (e.g., OSPF, RIP, etc) and forward IP datagrams 49 End-to-end VC’s Disassembly/reassembly at each hop is wasteful It is better to establish an e-2-e VC for each source/destination pair, e.g., from R1 to R6 From OSPF (or other mechanism), each router knows which other router is ATM or regular router R1 “requests” a label from LSR1 for destination R6 LSR1 requests a label from LSR3 for destination R6 LSR3 requests a label from R6 50 Explicit Routing Similar to “source routing” but done by a router “Fish” network due to its shape R1 -> R7 : R1 R3 R6 R7 R2 -> R7 : R2 R3 R4 R5 R7 Perhaps we want to balance the load somehow Cannot be done with regular IP IP routing does not look at the source of the message 51 Explicitly Routed (ER-) LSP Route= {A,B,C} #14 #216 #972 B A #14 #972 C #462 ER-LSP follows route that source chooses. In other words, the control message to establish the LSP (label request) is source routed. 52 Explicitly Routed (ER-) LSP Contd Intf Label In In 3 0.50 Intf In 3 3 Dest 47.1.1 47.1 Intf Out 2 1 Dest Intf Label Out Out 47.1 1 0.40 Label Out 1.33 0.50 Intf In 3 Label In 0.40 Dest Intf Out 47.1 1 IP 47.1.1.1 1 47.1 3 1 3 1 47.3 3 2 2 47.2 2 IP 47.1.1.1 53 Explicit Route Advantages Traffic Engineering You can control how much traffic travels through some point in the network This is done by controlling the paths taken by traffic Fast-rerouting You can bypass broken links quickly with explicit routing. No need to wait for a routing protocol (OSPF) to react. How? Keep track of two paths, regular path and backup path If the regular path fails use the backup 54 Virtual Private Networks We can do VPN’s with MPLS. Virtual Private Network A group of connected networks Connections may be over multiple networks not belonging to the group (e.g. over the Internet) E.g., joining the networks of several branches of a company into a “private internetwork” 55 Virtual Private Networks C A B K L M C K L A B M 56 Tunneling IP Tunnel Virtual point-to-point link between an arbitrarily connected pair of nodes Network 1 R1 Internetwork Network 2 R2 IP Tunnel 10.0.0.1 IP Dest = 2.x IP Payload IP Dest = 10.0.0.1 IP Dest = 2.x IP Payload IP Dest = 2.x IP Payload 57 Tunneling Advantages of tunneling Transparent transmission of packets over heterogeneous networks Only need to change relevant routers (end points) Coupled with encryption, gives you a secure private internetwork. End-points of tunnels my have features not available in other Internet routers. The data carried may not even be IP messages! Multicast Local Addresses Disadvantages Increases packet size Processing time needed to encapsulate and decapsulate packets Management at tunnel-aware routers 58 Virtual Private Networks with MPLS We can do similarly with MPLS We can connect different sites with an MPLS tunnel We can send regular IP traffic through the tunnel, or any other type of traffic. 59 “Layer 2” tunnel Use MPLS to provide a tunnel between two LANs (Ethernet, etc) ATM points Any data can be “wrapped” with a label It need not be IP datagrams LSR does not look “beyond” the label 60 Demultiplexing Label What to do with the packet once it reaches the other side of the tunnel? A “demultiplexing” label needs to be added to inform the end-point router what to do with the packet. 61 E.g., Emulate a VC ATM cells with a specific VCID come in at the entrance of the tunnel ATM cells at the end of the tunnel should have the appropriate VCID for the next switch after the router. 62 63 Emulate a VC (steps) 1. 2. 3. 4. 5. 6. An ATM cell arrives to the input LSR with VCID 101 The head router attaches the demultiplexing label and identifies the emulated circuit The head router attaches the tunnel label (to reach the tail router) Routers in the middle forward as usual The tail router removes the tunnel label, finds the demultiplexing label, and identifies the VC The tail router modifies the VCID to the next ATM switch value (202) and sends it to the ATM switch. 64 Label Stacks The previous example has a stack of two labels You can have larger stacks of labels in the header. In the example It enables to have a tunnel And many types of traffic within the tunnel 65 “Layer 3” VPN’s The packet being carried is an IP packet Hence the name “layer 3” VPNs Service provider (see picture next ..) Has many customers Each customer has many sites These sites are linked with tunnels to appear to be one large Internetwork Each customer can only reach its own sites The customer is isolated from the rest of the Internet and from other customers 66 67