Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
IEEE 802.1aq wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Point-to-Point Protocol over Ethernet wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Deep packet inspection wikipedia , lookup
Lecture 9 Mark E. Allen SMU 8344 SMU CSE 8344 Agenda • Summarize MPLS – Discussion from Cisco Presentation • Discuss QoS in MPLS – Chapter 6 in MPLS Book • Traffic Engineering in MPLS – Chapter 7 MPLS Book • Virtual Private Networks – Chapter 8 MPLS Book • Introduction to Optical Networking SMU CSE 8344 MPLS Architecture Overview Adapted from Stefano Previdi’s and Jay Kumarasamy presentation SMU CSE 8344 Agenda SMU • MPLS Concepts • LSRs and labels • Label assignment and distribution • Label Switch Paths • ATM LSRs • Loops and TTL • LDP overview • Day in the Life of a Packet CSE 8344 MPLS Concepts • • • • MPLS: Multi Protocol Label Switching MPLS is a layer 2+ switching Developed to integrate IP and ATM MPLS forwarding is done in the same way as in ATM switches • Packet forwarding is done based on Labels SMU CSE 8344 MPLS Concepts • Unlike IP, classification/label can be based on: Destination Unicast address Traffic Engineering VPN QoS • FEC: Forwarding Equivalence Class • A FEC can represent a: Destination address prefix, VPN, Traffic Engineering tunnel, Class SMU CSE 8344 of Service. Agenda • MPLS Concepts • LSRs and labels • Label assignment and distribution • Label Switch Paths • ATM LSRs • Loops and TTL • LDP overview • Summary SMU CSE 8344 LSRs and Labels • LSR: Label Switch Router • Edge-LSR: LSRs that do label imposition and disposition • ATM-LSR: An ATM switch with Label Switch Controller SMU CSE 8344 LSRs and Labels IGP domain with a label distribution protocol • An IP routing protocol is used within the routing domain (e.g.:OSPF, i-ISIS) • A label distribution protocol is used to distribute address/label mappings between adjacent neighbors • The ingress LSR receives IP packets, performs packet classification, assign a label, and forward the labelled packet into the MPLS network • Core LSRs switch packets/cells based on the label value • The egress LSR removes the label before forwarding the IP packet outside the MPLS network SMU CSE 8344 LSRs and Labels 0 1 2 3 01234567890123456789012345678901 Label | Exp|S| TTL Label = 20 bits Exp = Experimental, 3 bits S = Bottom of stack, 1bit TTL = Time to live, 8 bits • Uses new Ethertypes/PPP PIDs/SNAP values/etc • More than one Label is allowed -> Label Stack • MPLS LSRs always forward packets based on the value of the label at the top of the stack SMU CSE 8344 LSRs and Labels PPP Header(Packet over SONET/SDH) Ethernet Frame Relay ATM Cell Header GFC PPP Header Shim Header Layer 3 Header Ethernet Hdr Shim Header Layer 3 Header FR Hdr Shim Header Layer 3 Header VPI VCI PTI CLP HEC DATA VCI PTI CLP HEC DATA Label Subsequent cells GFC SMU VPI Label CSE 8344 Agenda SMU • MPLS Concepts • LSRs and labels • Label assignment and distribution • Label Switch Paths • ATM LSRs • Loops and TTL • LDP overview • Day in the Life of a Packet CSE 8344 Label Assignment and Distribution • Labels have link-local significance Each LSR binds his own label mappings • Each LSR assign labels to his FECs • Labels are assigned and exchanged between adjacent neighboring LSR • Applications may require non-adjacent neighbors SMU CSE 8344 Label Assignment and Distribution Upstream and Downstream LSRs 171.68.40/24 171.68.10/24 Rtr-A Rtr-B Rtr-C • Rtr-C is the downstream neighbor of Rtr-B for destination 171.68.10/24 • Rtr-B is the downstream neighbor of Rtr-A for destination 171.68.10/24 • LSRs know their downstream neighbors through the IP routing protocol – Next-hop address is the downstream neighbor SMU CSE 8344 Label Assignment and Distribution Unsolicited Downstream Distribution Use label 30 for destination 171.68.10/24 Use label 40 for destination 171.68.10/24 171.68.40/24 171.68.10/24 Rtr-A Rtr-B Rtr-C In I/F In Lab Address Prefix Out I/F Out Lab In I/F In Lab 0 - 171.68.10 1 0 30 171.68.10 ... ... 30 ... ... ... Next-Hop... ... Address Prefix Out I/F Out Lab 1 40 ... Next-Hop... ... IGP derived routes In I/F In Lab Address Prefix 0 40 171.68.10 ... ... Out I/F Out Lab 1 ... Next-Hop... ... • LSRs distribute labels to the upstream neighbors SMU CSE 8344 Label Assignment and Distribution On-Demand Downstream Distribution Use label 40 for destination 171.68.10/24 Use label 30 for destination 171.68.10/24 171.68.10/24 171.68.40/24 Rtr-A Rtr-B Request label for destination 171.68.10/24 Rtr-C Request label for destination 171.68.10/24 • Upstream LSRs request labels to downstream neighbors • Downstream LSRs distribute labels upon request SMU CSE 8344 Label Assignment and Distribution Label Retention Modes • Liberal retention mode • LSR retains labels from all neighbors Improve convergence time, when next-hop is again available after IP convergence Require more memory and label space • Conservative retention mode • LSR retains labels only from next-hops neighbors LSR discards all labels for FECs without next-hop Free memory and label space SMU CSE 8344 Label Assignment and Distribution Label Distribution Modes • Independent LSP control LSR binds a Label to a FEC independently, whether or not the LSR has received a Label the next-hop for the FEC The LSR then advertises the Label to its neighbor • Ordered LSP control LSR only binds and advertise a label for a particular FEC if: it is the egress LSR for that FEC or it has already received a label binding from its next-hop SMU CSE 8344 Label Assignment and Distribution Several protocols for label exchange • LDP Maps unicast IP destinations into labels • RSVP, CR-LDP Used in traffic engineering • BGP External labels (VPN) • PIM For multicast states label mapping SMU CSE 8344 Agenda SMU • MPLS Concepts • LSRs and labels • Label assignment and distribution • Label Switch Paths • ATM LSRs • Loops and TTL • LDP overview • Day in the Life of a Packet CSE 8344 Label Switch Path (LSP) IGP domain with a label distribution protocol IGP domain with a label distribution protocol LSP follows IGP shortest path LSP diverges from IGP shortest path • LSPs are derived from IGP routing information • LSPs may diverge from IGP shortest path LSP tunnels (explicit routing) with TE • LSPs are unidirectional Return traffic takes another LSP SMU CSE 8344 Label Switch Path (LSP) Penultimate Hop Popping • The label at the top of the stack is removed (popped) by the upstream neighbor of the egress LSR • The egress LSR requests the “popping” through the label distribution protocol •Egress LSR advertises implicit-null label • The egress LSR will not have to do a lookup and remove itself the label •One lookup is saved in the egress LSR SMU CSE 8344 Label Switch Path (LSP) Penultimate Hop Popping In I/F 0 In Lab - ... ... Address Prefix 171.68/16 Out I/F 1 Next-Hop ... ... Out Lab 4 In I/F 0 In Lab 4 ... ... ... Address Prefix 171.68/16 Out I/F 2 Next-Hop ... ... Summary route for 171.68/16 0 1 1 Out Lab pop Address Prefix and mask Next-Hop Interface 171.68.10/24 171.68.9.1 Serial1 171.68.44/24 171.68.12.1 Serial2 171.68/16 ... Null ... Summary route for 171.68/16 0 171.68.44/24 Use label 4 for FEC 171.68/16 Use label “implicit-null” for FEC 171.68/16 171.68.10/24 Egress LSR summarises more specific routes and advertises a label for the new FEC Summary route is propagate through the IGP and label is assigned by each LSR Egress LSR needs to do an IP lookup for finding more specific route Egress LSR need NOT receive a labelled packet SMU CSE 8344 Agenda SMU • MPLS Concepts • LSRs and labels • Label assignment and distribution • Label Switch Paths • ATM LSRs • Loops and TTL • LDP overview • Summary CSE 8344 ATM LSRs • ATM switches forward cells, not packets • Label Dist is Downstream on-demand, Ordered • IGP label is carried in the VPI/VCI field • Merging LSR: Ability to use the same label for different FECs if outgoing interface is the same Save label space on ATM-LSRs Cell interleave problem • Non Merging LSR: ATM-LSR requests one label per FEC and per incoming interface (upstream neighbors) Downstream LSR may request itself new label to its downstream neighbors SMU CSE 8344 ATM LSRs Non-Merging Downstream on Demand In In Address I/F Lab Prefix Out Out I/F Lab 1 5 171.68 0 3 2 8 171.68 0 4 ... ... ... ... ... ATM-LSR requested additional label for same FEC in order to distinguish between incoming interfaces (Downstream on Demand) 5 IP Packet ATM cell 5 ATM cell IP Packet 8 ATM cell SMU 8 ATM cell 8 ATM cell 4 3 4 3 4 ATM cell ATM cell ATM cell ATM cell ATM cell CSE 8344 171.68 ATM LSRs VC-Merging Downstream on Demand In In Address I/F Lab Prefix Out Out I/F Lab 1 5 171.68 0 3 2 8 171.68 0 3 ... ... ... ... ... ATM-LSR transmitted cells in sequence in order for the downstream LSR to re-assembling correctly the cells into packets 5 IP Packet ATM cell 5 ATM cell IP Packet 8 ATM cell SMU 8 ATM cell 8 ATM cell 3 3 3 3 3 ATM cell ATM cell ATM cell ATM cell ATM cell CSE 8344 171.68 Agenda SMU • MPLS Concepts • LSRs and labels • Label assignment and distribution • Label Switch Paths • ATM LSRs • Loops and TTL • LDP overview • Summary CSE 8344 Loops and TTL • In IP networks TTL is used to prevent packets to travel indefinitely in the network • MPLS may use same mechanism as IP, but not on all encapsulations • TTL is present in the label header for PPP and LAN headers (shim headers) • ATM cell header does not have TTL SMU CSE 8344 Loops and TTL • LSRs using ATM do not have TTL capability • Some suggested options: - hop-count object in LDP - Path Vector object in LDP SMU CSE 8344 Loops and TTL LSR-1 LSR3 LSR-2 IP packet TTL = 10 Label = 25 IP packet TTL = 6 Label = 39 IP packet TTL = 6 LSR-6 LSR-6 --> 25 Hops=4 IGP domain with a label distribution protocol Label = 21 IP packet TTL = 6 IP packet TTL = 6 Egress LSR-5 LSR-4 • TTL is decremented prior to enter the non-TTL capable LSP If TTL is 0 the packet is discarded at the ingress point • TTL is examined at the LSP exit SMU CSE 8344 Agenda SMU • MPLS Concepts • LSRs and labels • Label assignment and distribution • Label Switch Paths • ATM LSRs • Loops and TTL • LDP overview • Day in the Life of a Packet CSE 8344 LDP Concepts • Label Distribution Protocol • Labels map to FECs for Unicast Destination Prefix • LDP works between adjacent/non-adjacent peers • LDP sessions are established between peers SMU CSE 8344 LDP Messages • Discovery messages • Used to discover and maintain the presence of new peers • Hello packets (UDP) sent to all-routers multicast address • Once neighbor is discovered, the LDP session is established over TCP SMU CSE 8344 LDP Messages • Session messages • Establish, maintain and terminate LDP sessions • Advertisement messages • Create, modify, delete label mappings • Notification messages • Error signalling SMU CSE 8344 Agenda • MPLS Concepts • LSRs and labels • Label assignment and distribution • Label Switch Paths • ATM LSRs • Loops and TTL • LDP overview • Day in the Life of a Packet SMU CSE 8344 Day in the life of a Packet In I/F 0 In Lab - ... ... Address Prefix 171.68/16 Out I/F 1 Next-Hop ... ... Out Lab 4 In I/F 0 In Lab 4 ... ... ... Address Prefix 171.68/16 Out I/F 1 Next-Hop ... ... Out Lab 7 In I/F 0 In Lab 7 ... ... ... P1 1 PE P 0 0 Use label 4 for FEC 171.68/16 0 Use label 7 for FEC 171.68/16 Summary route for 171.68/16 CE Address Prefix 171.68/16 Out I/F 2 Next-Hop ... ... Out Lab pop ... Address Prefix and mask Next-Hop Interface 171.68.10/24 171.68.9.1 Serial1 171.68.44/24 171.68.12.1 Serial2 171.68/16 ... Null 2 0 PE Use label “implicit-null” for FEC 171.68/16 Summary route for 171.68/16 171.68.44/24 171.68.10/24 Summary route is propagate through the IGP and label is assigned by each LSR Egress LSR summarises more specific routes and advertises a label for the new FEC Egress LSR needs to do an IP lookup for finding more specific route SMU CSE 8344 Day in the life of a Packet Basic Layout Control Plane IP Routing Protocols Routing Exchange IP Routing Table Label Distribution Protocol Label Binding Exchange Label Removed L3 lookup Outgoing IP Packets Incoming IP Packets Forward Information Block (FIB) Incoming LabelledPackets SMU Label Forward Information Block (LFIB) Forwarding Plane CSE 8344 Outgoing Labelled Packets Day in the life of a Packet Database Layout ISIS OSPF BGP LDP Routing Table ge han fasttag-rewrite tag_info rou t e-ta tag_rewrite [ ] tag_hash fast-adjacency g-c incoming-tag find -ro ute req - ta _al l_ta g gs FIB TIB Dest. IP address tag_rewrite output-if encaps incoming-tag outgoing-tag SMU IDB vectors TFIB tfib_entry tag_rewrite loadinfo tag_info Incoming tag tfib_entry tfib_entry tfib_entry CSE 8344 ip_turbo_fs tag_optimum_fs ip2_tag_optimum_fs DISCUSSION OF QoS and Constraint Based Routing SMU CSE 8344 Key Questions • How does MPLS Support QoS? • What is the difference between Integrated Services (INT-SERV) Differentiated Services (DIFFSERV)? – Integrated services • T-Spec and R-Spec • Much of this is similar to ATM SMU CSE 8344 Integrated Services • An attempt to bring the ATM capabilities to IP – T-Spec: Max burst size, token rate, committed rate, etc. – R-Spec: Effective bandwidth or amount of resource required within the network. • This is very different than “best-effort” and requires sophisticated queuing mechanisms • Many in the industry saw this as a “reinvention” of ATM SMU CSE 8344 Integrated Services • architecture for providing QOS guarantees in IP networks for individual application sessions • resource reservation: routers maintain state info of allocated resources • admit/deny new call setup requests: Question: can newly arriving flow be admitted with performance guarantees while not violated QoS guarantees made to already admitted flows? SMU CSE 8344 Intserv: QoS guarantee scenario • Resource reservation – call setup, signaling (RSVP) – traffic, QoS declaration – per-element admission control request/ reply – QoS-sensitive scheduling (e.g., WFQ) SMU CSE 8344 Call Admission Arriving session must : • declare its QOS requirement – R-spec: defines the QOS being requested • characterize traffic it will send into network – T-spec: defines traffic characteristics • signaling protocol: needed to carry R-spec and Tspec to routers (where reservation is required) – RSVP SMU CSE 8344 Intserv QoS: Service models [rfc2211, rfc2212] Guaranteed service: • worst case traffic arrival: leaky-bucketpoliced source arriving traffic token rate, r bucket size, b WFQ SMU Controlled load service: • "a quality of service closely approximating the QoS that same flow would receive from an unloaded network element." per-flow rate, R D = b/R max CSE 8344 IETF Differentiated Services Concerns with Intserv: • Scalability: signaling, maintaining per-flow router state difficult with large number of flows • Flexible Service Models: Intserv has only two classes. Also want “qualitative” service classes – “behaves like a wire” – relative service distinction: Platinum, Gold, Silver Diffserv approach: • simple functions in network core, relatively complex functions at edge routers (or hosts) • Don’t define service classes, provide functional components to build service classes SMU CSE 8344 Diffserv Architecture r Edge router: - per-flow traffic management - marks packets as in-profile and out-profile Core router: - per class traffic management - buffering and scheduling based on marking at edge - preference given to in-profile packets - Assured Forwarding SMU CSE 8344 b marking scheduling .. . Edge-router Packet Marking • profile: pre-negotiated rate A, bucket size B • packet marking at edge based on per-flow profile Rate A B User packets Possible usage of marking: • class-based marking: packets of different classes marked differently • intra-class marking: conforming portion of flow marked differently than non-conforming one SMU CSE 8344 Classification and Conditioning • Packet is marked in the Type of Service (TOS) in IPv4, and Traffic Class in IPv6 • 6 bits used for Differentiated Service Code Point (DSCP) and determine PHB that the packet will receive • 2 bits are currently unused SMU CSE 8344 Classification and Conditioning may be desirable to limit traffic injection rate of some class: • user declares traffic profile (egs., rate, burst size) • traffic metered, shaped if non-conforming SMU CSE 8344 Forwarding (PHB) • Per Hop Behavior (PHB) • PHB result in a different observable (measurable) forwarding performance behavior • PHB does not specify what mechanisms to use to ensure required PHB performance behavior • Examples: – Class A gets x% of outgoing link bandwidth over time intervals of a specified length – Class A packets leave first before packets from class B SMU CSE 8344 Forwarding (PHB) PHBs being developed: • Expedited Forwarding: pkt departure rate of a class equals or exceeds specified rate – logical link with a minimum guaranteed rate • Assured Forwarding: 4 classes of traffic – each guaranteed minimum amount of bandwidth – each with three drop preference partitions SMU CSE 8344 Summary • REFER TO MPLS 8 LECTURE FOR More Detail on these QoS and CBR (Constraint Based Routing) SMU CSE 8344 Virtual Private Networks (VPNs) SMU CSE 8344 When VPN? • Internet as your own private network – Communicate securely between various corporate sites (Intranet) – Communicate securely between partner sites (Extranet) – Connect remote dial-up users securely to corporate networks SMU CSE 8344 Advantages • Flexible and cost effective • Better business-to-business connectivity – business partners, service providers, contractors, and customers • Advances in security SMU CSE 8344 Layer2 vs. Layer3 VPNs Layer 3 VPNs Layer 2 VPNs •Provider devices forward customer packets based on Layer 3 information (e.g., IP) •Provider devices forward customer packets based on Layer 2 information •SP involvement in routing •Tunnels, circuits, LSPs, MAC address •MPLS/BGP VPNs (RFC 2547), GRE, virtual router approaches •“pseudo-wire” concept SMU CSE 8344 Layer2 Example Step #1 Workstation A sends packet destined for Server B Step #2 R1 takes Ethernet frame and encapsulates it in L2TP and routes it to tunnel destination IP Core R1 Ethernet IP or MPLS Core IP L2TP Ethernet L2TPv3 Tunnel Workstation A SMU Step #3 R2 receives IP/L2TP/Ethernet Packet and removes the IP/L2TPv3 headers. The remaining Ethernet frame is forwarded to Server B. Server B CSE 8344 R2 Ethernet Overlay Model • Each site has a router connected via P-T-P links to routers on other sites – Leased lines – Frame relay – ATM circuit • Connectivity – Fully connected – Hub-and-spoke SMU CSE 8344 Limitations of Overlay • Customers need to manage the backbones • Mapping between Layer2 Qos and IP QoS • Scaling problems – Cannot support large number of customers – (n-1) peering requirement SMU CSE 8344 The Peer Model • Aims to support large-scale VPN service • Key technologies – – – – SMU Constrained distribution of routing info. Multiple forwarding tables VPN-IP addresses MPLS switching CSE 8344 Terminology • CE router • Customer Edge router • PE router – Provider Edge router. Part of the PNetwork and interfaces to CE routers • P router – Provider (core) router, without knowledge of VPN SMU CSE 8344 Terminology (cont’d) • Route Distinguisher • Attributes of each route used to uniquely identify prefixes among VPNs (64 bits) • VPN-IPv4 addresses • Address including the 64 bits Route Distinguisher and the 32 bits IP address • VRF – VPN Routing and Forwarding Instance – Routing table and FIB table SMU CSE 8344 Connection Model • The VPN backbone is composed by MPLS LSRs • PE routers (edge LSRs) • P routers (core LSRs) • PE routers are faced to CE routers and distribute VPN information through BGP to other PE routers • P routers do not run BGP and do not have any VPN knowledge SMU CSE 8344 Model (cont’d) • P and PE routers share a common IGP • PE and CE routers exchange routing information through: • EBGP, OSPF, RIP, Static routing • CE router run standard routing software SMU CSE 8344 Routing • The routes the PE receives from CE routers are installed in the appropriate VRF • The routes the PE receives through the backbone IGP are installed in the global routing table • By using separate VRFs, addresses need NOT to be unique among VPNs SMU CSE 8344 Forwarding • PE and P routers have BGP next-hop reachability through the backbone IGP • Labels are distributed through LDP (hopby-hop) corresponding to BGP Next-Hops • Label Stack is used for packet forwarding • Top label indicates Next-Hop (interior label) • Second level label indicates outgoing interface or VRF (exterior label) SMU CSE 8344 Forwarding (cont’d) • The upstream LDP peer of the BGP nexthop (PE router) will pop the first level label • The egress PE router will forward the packet based on the second level label which gives the outgoing interface (and VPN) SMU CSE 8344 Forwarding Example CE1 IP packet P routers switch the packets based on the IGP label (label on top of the stack) PE1 Penultimate Hop Popping P2 is the penultimate hop for the BGP nexthop P2 remove the top label This has been requested through LDP by PE2 PE2 receives the packets with the label corresponding to the outgoing interface (VRF) One single lookup Label is popped and packet sent to IP neighbour CE2 IGP Label(PE2) VPN IP Label IP packet packet PE1 receives IP packet Lookup is done on site VRF BGP route with Next-Hop and Label is found BGP next-hop (PE2) is reachable through IGP route with associated label SMU P1 IGP Label(PE2) VPN IP Label packet VPN Label P2 IP packet PE2 CE3 CSE 8344 Scalability • Existing BGP techniques can be used to scale the route distribution • Each edge router needs only the information for the VPNs it supports • Directly connected VPNs • Easy to add new sites – configure the site on the PE connected to it, the network automatically does the rest SMU CSE 8344 QoS Support • Pipe model – Similar to int-serv • Hose Model – Similar to diff-serv SMU CSE 8344