Netmanias.2007.12.13-MPLS Backhaul & Backbone Network Design (En)

Netmanias Technical document: MPLS Backhaul & Backbone Network Design
www.nmcgroups.com
MPLS Backhaul & Backbone Network Design
December 13, 2007
NMC Consulting Group (tech@netmanias.com)

www.netmanias.com
www.nmcgroups.com
About NMC Consulting Group

NMC Consulting Group is an advanced and professional network consulting company, specializing in IP network areas (e.g., FTTH, Metro Ethernet and IP/MPLS), service areas (e.g., IPTV, IMS and CDN), and wireless network areas
(e.g., Mobile WiMAX, LTE and Wi-Fi) since 2002.
Copyright 2002-2013 NMC Consulting Group. All rights reserved.
Table of Contents
MPLS Backhaul Network
MPLS Backhaul Concept
Backhaul Connectivity for Residential User
Backhaul Connectivity for Enterprise User
Backhaul Network Resiliency
MPLS Backbone Network
MPLS Backbone Concept
MPLS L3 VPN
MPLS L2 VPN: VPWS
MPLS L2 VPN: VPLS
MPLS Fast Recovery
MPLS Backhaul Network
Backhaul Concept
QinQ
H-VPLS
TPS Service
Residential
xDSL
WiBro Service
AS (PE)
Active Spoke LSP
FTTH
ES (PE)
VPN Service
MPLS Backbone
Enterprise
Internet Service
ER
WiBro
CO
POP
Customer Separation by QinQ and H-VPLS

1 S-VID and 1 VC-LSP per access node for residential user
1 S-VID and 1 VC-LSP per enterprise user
Single backhaul can support
All kinds of access node: xDSL, FTTH, WiBro
Residential TPS service and WiBro service
Enterprise site-to-site VPN service and Internet service
Dual-homing architecture between AS (CO) and ES (POP) for redundancy
Backhaul Connectivity for Residential User

QinQ (Per-Access Node VLAN)
QinQ
RG/IAD
DSLAM
H-VPLS
QinQ
ES (PE)
AS (PE)
Active Spoke LSP
ADSL2+
ER
VPLS
MTU-S
PON
ONT
OLT
VPLS
PE-rs
BS
BRAS
L2 SW
CO
POP
Q-in-Q
EMS
Mgmt PVC (0/34)
RG/
IAD
GE port
VC-LSP=Per DSLAM
C-VID=Service ID
VSI
S-VID=DSLAM ID
Voice VLAN (3)
Voice VLAN (3)
Video PVC (1/36)
Video VLAN (4)
Video VLAN (4)
Internet VLAN (5)
Internet VLAN (5)
Internet PVC (1/37)
Mgmt VLAN (1000)
VC-LSP to VSI
Tunnel-LSP=PE to PE
GE port
S-VID=DSLAM ID
Voice PVC (1/35)
EMS
PON
CPE
S-VID to VSI
GE port
S-VID=OLT ID/RAS ID C-VID=Service ID
VSI
GE port
VSI
S-VID=DSLAM ID
Voice VLAN (3)
C-VID=Service ID
Video VLAN (4)
ER
VC-LSP=Per OLT/Per BS
S-VID=OLT ID/RAS ID
Voice VLAN (3)
Voice VLAN (3)
Voice VLAN (3)
Video VLAN (4)
Video VLAN (4)
Video VLAN (4)
Internet VLAN (5)
Internet VLAN (5)
Internet VLAN (5)
VSI
S-VID=OLT ID/RAS ID
Voice VLAN (3)
C-VID=Service ID
Video VLAN (4)
GE port
VSI
S-VID=DSLAM ID
Internet VLAN (5)
C-VID=Service ID
VSI
S-VID=OLT ID/RAS ID
Internet VLAN (5)
C-VID=Service ID
BRAS
Backhaul Connectivity for Enterprise User

QinQ (Per-Enterprise VLAN)
H-VPLS
QinQ
CE
DSLAM
QinQ
ES (PE)
AS (PE)
ER
Active Spoke LSP
ADSL2+
MTU-S
CE
OLT
PE-rs
BS
L2 SW
POP
CO
Q-in-Q
S-VID to VSI
GE port
VC-LSP to VSI
Tunnel-LSP=PE to PE
VPN-A
GE port
C-VID=Defined by User
VC-LSP=Per Enterprise VPN (VPN-A)
S-VID=Enterprise ID (VPN-A)
VSI
S-VID=Enterprise ID (VPN-A)
S-VID=Enterprise ID (VPN-B)
VSI
S-VID=Enterprise ID (VPN-B)
GE port
C-VID=Defined by User
VSI S-VID=Enterprise ID (VPN-A)
CPE
VC-LSP=Per Enterprise VPN (VPN-B)
VPN-B
VSI S-VID=Enterprise ID (VPN-B)
CPE
VPN-C
ER
VC-LSP=Per Enterprise VPN (VPN-C)
GE port
S-VID=Enterprise ID (VPN-C)
VSI
S-VID=Enterprise ID (VPN-C)
S-VID=Enterprise ID (VPN-D)
VSI
S-VID=Enterprise ID (VPN-D)
VSI S-VID=Enterprise ID (VPN-C)
CPE
VC-LSP=Per Enterprise VPN (VPN-D)
VPN-D
VSI S-VID=Enterprise ID (VPN-D)
CPE
Backhaul Network Resiliency

RFC 4762: Virtual Private LAN Service (VPLS) Using LDP Signaling, Jan. 2007
AN
AS
ES
RFC 2338: Virtual Router Redundancy Protocol , April 1998
ER
AN
AS
ES
ER
Active Spoke LSP
VRRP
VRRP Master
Load Balancing
BRAS
AN
AS
ES
BRAS
< Node Fail >
VRRP Master
ER
AN
AS
ES
ER
VRRP Master
Load Balancing
Load Balancing
BRAS
< Normal >

AN
AS
ES
VRRP Master
ER
BRAS
< Link Fail >

AN
AS
ES
ER
VRRP Master
Load Balancing
BRAS
< Link Fail >

< Node Fail >
BRAS
MPLS Backbone Network
MPLS Backbone Concept

MPLS L3 VPN
Per-Service VPN
Internet VPN: Residential
ADSL/FTTH/WiBro Internet
Access, Enterprise
ADSL/FTTB/WiBro Internet Access
Service
Voice MPLS VPN
Video MPLS VPN
Per-Enterprise VPN
Enterprise MPLS L3 VPN
PE1.CTY1
Metro Ethernet
Backhaul City 1
PE1.CTY5
Metro Ethernet
City 5
Backhaul
PE2.CTY1
PE1.CTY2
CR1
CR2
PE2.CTY5
Metro Ethernet
Backhaul City 2
PE1.CTY6
PE2.CTY2
Metro Ethernet
City 6 Backhaul
PE1.CTY3
Metro Ethernet
City 3
Backhaul
PE2.CTY6
PE2.CTY3
PE1.CTY7
CR3
Metro Ethernet
Backhaul
PE1.CTY4
City 7
Metro Ethernet
City 4
Backhaul
MPLS L2 VPN
Per-Enterprise VPN
Enterprise VPWS VPN
Enterprise VPLS VPN
PE2.CTY7
PE2.CTY4
MPLS L3 Internet VPN

MPLS L3 VoIP VPN
Metro Ethernet
Backhaul
PE
MPLS L3 Video VPN
PE
Metro Ethernet
Backhaul
MPLS L3 Enterprise VPN

MPLS L2 VPN (VPWS)
MPLS L2 VPN (VPLS)
ADSL Case
BRAS
PE
DSLAM
AS
Residential
Internet Access
PPPoE
Internet PVC (1/37)
Residential
Voice
DHCP
Voice PVC (1/35)
Residential
Video
DHCP
ES
Residential Internet VLAN

(C-VID=Internet, S-VID=AN1)
VRF
Per-Service VRF (Internet)
VRF
Per-Service VRF (Voice)
VRF
Per-Service VRF (Video)
PE/SAR
PE2
PE3
MPLS L3 Internet VPN (LSP to BR)

VRF
Residential Voice VLAN

(C-VID=Voice, S-VID=AN1)
PE/BR
MPLS L3 Internet VPN (LSP to PE:P2P)
VRF
MPLS L3 Voice VPN (LSP to SAR)

VRF
VRF
MPLS L3 Voice VPN (LSP to PE: Data)
Video PVC (1/36)
Enterprise
A Single PVC
Internet Access
Static/Public Subnet
Enterprise
A Single PVC
L3 VPN
Private Addressing and Routing
Enterprise
A Single PVC
L2 VPN (PtP)
A Single PVC
Enterprise
L2 VPN (PtMP)
Residential Video VLAN

(C-VID=Video, S-VID=AN1)
VRF
VRF
MPLS L3 Video VPN (LSP to SAR)

VRF
Per-Enterprise VLAN
(C-VID=null, S-VID=Ent. A)
Per-Enterprise VLAN
(C-VID=null, S-VID=Ent. B)
Per-Enterprise VLAN
(C-VID=Private Use, S-VID=Ent. C)
VRF
VRF
VRF
VRF
VRF
VRF
VSI
MPLS L3 VPN (LSP to PE 2)
VRF

VRF
MPLS L2 VPN (VPWS)
VSI
VSI
VSI
VSI
VSI
VSI
VSI
Per-Enterprise VLAN
(C-VID=Private Use, S-VID=Ent. D)
H-VPLS
VSI
VSI
VSI
VSI
VSI
VSI
VSI
VSI

VSI
VSI
10
FTTH Case
BRAS
PE
OLT
AS
Residential
Internet Access
DHCP
C-VID=Internet(5)
Residential
Voice
DHCP
C-VID=Voice(3)
Residential
Video
DHCP
ES

(C-VID=Internet, S-VID=AN1)
PE/BR
VRF
VRF
VRF
PE/SAR
PE2
PE3

VRF
VRF

(C-VID=Voice, S-VID=AN1)

VRF
VRF
C-VID=Video(4)
Enterprise
C-VID=Ent. A
Internet Access
Static/Public Subnet
Enterprise
C-VID=Ent. B
L3 VPN
Enterprise
C-VID=Ent. C
L2 VPN (PtP)
C-VID=Ent. D
Enterprise
L2 VPN (PtMP)

(C-VID=Video, S-VID=AN1)
VRF
VRF

VRF
Per-Enterprise VLAN
(C-VID=null, S-VID=Ent. A)
Per-Enterprise VLAN
(C-VID=null, S-VID=Ent. B)
Per-Enterprise VLAN
(C-VID=Private Use, S-VID=Ent. C)
VRF
VRF
VRF
VRF
VRF
VRF
VSI
VRF

VRF
MPLS L2 VPN (VPWS)
VSI
VSI
VSI
VSI
VSI
VSI
VSI
Per-Enterprise VLAN
(C-VID=Private Use, S-VID=Ent. D)
H-VPLS
VSI
VSI
VSI
VSI
VSI
VSI
VSI
VSI

VSI
VSI
11
WiBro Case
PE
BS
AS
ES
L3 ASN-GW
GRE tunnel
PE/BR
VRF
VRF
VRF
PE/SAR
PE2
PE3
DHCP
Residential
Internet Access
CID=Internet CID
Residential
Voice
CID=Voice CID
Residential
Video

(C-VID=Internet, S-VID=RAS1)

VRF

(C-VID=Voice, S-VID=RAS1)
VRF

VRF
VRF
CID=Video CID

(C-VID=Video, S-VID=RAS1)
VRF
VRF

VRF
12
VPN Service
MPLS L3 VPN
MPLS L2 VPN
Virtual Private Wire Service (VPWS)
Virtual Private LAN Service (VPLS)
13
MPLS L3 VPN for Enterprise

RFC 2547bis defines a mechanism that allows service providers to use their IP backbone to
provide VPN services to their customers. RFC 2547bis VPNs are also known as BGP/MPLS
VPNs because BGP is used to distribute VPN routing information across the provider's
backbone and because MPLS is used to forward VPN traffic from one VPN site to another.
IP/MPLS Network
VPN A
PE1.CTY1
Metro Ethernet
Backhaul City 1
CE
VPN A
PE1.CTY5
City 5
Metro Ethernet
Backhaul
City 6
Metro Ethernet
Backhaul
PE2.CTY1
PE1.CTY2
CR1
CE
CR2
PE2.CTY5
Metro Ethernet
Backhaul City 2
CE
PE1.CTY6
PE2.CTY2
PE1.CTY3
Metro Ethernet
Backhaul City 3
CE
PE2.CTY6
PE2.CTY3
PE1.CTY7
CR3
Metro Ethernet
PE1.CTY4
City 7 Backhaul
Metro Ethernet
City 4
Backhaul
CE
PE2.CTY7
PE2.CTY4
CE
PE
PE
CE
14
Tunnel LSP Setup: RSVP-TE

RSVP-TE for Traffic Engineering
RFC 3209, RSVP-TE: Extensions to RSVP for LSP Tunnels, December 2001
PATH
ERO = {CR1, CR2, PE1.CTY5}
RESV
Label = 17
Ingress Routing Table
In
Out(port/label)
IP Route
2/17
PATH
ERO = {CR2, PE1.CTY5}
PATH
ERO = {PE1.CTY5}
RESV
Label = 20
RESV
Label = 3
MPLS Table
MPLS Table
In(port/Label) Out(port/label)
3/17
In(port/Label) Out(port/label)
6/20
2/20
CR1
5/3
CR2
PE1.CTY1
PE1.CTY5
Tunnel LSP
PE2.CTY1
RVSP-TE PATH Message

Establish state and request label assignment
PE1.CTY1 transmit a PATH message addressed to PE1.CTY5
Label Request Object
ERO = {Strict CR1, strict CR2, strict PE1.CTY5}
PRO = {PE1.CTY1 IP address, store and add IP hop address}
Session object identifies LSP name
Session Attribute: Priority, Preemption and Fast Reroute
Flow-Spec: Request Bandwidth Reservation
PE2.CTY5
CR3
RVSP-TE RESV Message

Distribute labels and reserve resource
PE1.CTY5 transmits a RESV message to PE1.CTY1
Label = 3
Session object to uniquely identify the LSP
CR2 and CR1
Stores Outbound label and allocate an Inbound label
Transmits RESV with inbound label to upstream LSR
PE1.CTY1 binds label to FEC
15
Constraint-Based Routing
Extended IGP
(OSPF-TE, IS-IS TE)
Routing Table
Traffic Engineering
Database (TED)
Constrained Shortest
Path First (CSPF)
User
Constraints
1) Store information from IGP flooding

2) Store traffic engineering information
Explicit Route
3) Examine user defined constraints

4) Calculate the physical path for the LSP
5) Represent path as an explicit route
RSVP Signaling
6) Pass ERO to RSVP for signaling
16
MPLS L3 VPN for Enterprise: VPN Route Distribution

VRF Yellow
Destination BGP Next Hop Inner Label
10.1.2.0/24
PE1.CTY5
12
RT indicate to which VRF the route is

imported. RD is removed from VPNv4 route.
IPv4 route is inserted into VRF Green
routing table.
MP-iBGP advertises VPNv4 route

with MPLS label and RTs.
VRF Green
10.1.2.0/24
Site-1, VPN-A
10.1.1.0/24
IS-IS
CE1
Site-1, VPN-B
10.1.1.0/24
RIP
CE1
PE1.CTY5
IGP (IS-IS)
advertises
IPv4 route
10
VRF Green
CR1
CR2
IPv4 route is redistributed into MPiBGP. RD is added to IPv4 route to make

it a VPNv4 route. RTs are added.
IPv4 route is inserted in

VRF Green routing table.
VRF Green
IGP (IS-IS)
advertises
IPv4 route
PE1.CTY1
Metro Ethernet
City1
Backhaul
CE
MP-iBGP
Destination = RD_Green:10.1.2/24
Label = 10
BGP Next Hop = PE1.CTY5
Route Target = Green
PE1.CTY5
City5
PE2.CTY1
PE2.CTY5
PE
CR3
PE
Site-2, VPN-A
10.1.2.0/24
IS-IS
CE2
Metro Ethernet
Backhaul
Site-2, VPN-B
10.1.2.0/24
CE2
RIP
CE
CE-PE Routing: OSPF, RIP, BGP, Static Route

PE-PE Routing: MP-iBGP
17
MPLS L3 VPN for Enterprise: Forwarding Customer Traffic Across the BGP/MPLS Backbone
VRF Green
10.1.2.0/24
PE1.CTY5
10
VRF Yellow
10.1.2.0/24
PE1.CTY5
12
Global Routing Table

Destination IGP Next Hop Tunnel Label
PE1.CTY5
CR1
25
MPLS Table
In
Out
Incoming
(port/label) (port/label) (port/Inner label)
1/25
Site-1, VPN-A
10.1.1.0/24
IS-IS
CE1
Site-1, VPN-B
10.1.1.0/24
RIP
MPLS Table
VRF Green
3/30
if2
CR2
CR1
10.1.2.5
1/10
VRF Green
PE1.CTY5
PE1.CTY1
Metro Ethernet
Backhaul City 1
IGP Label(25)
VPN Label(10)
PE2.CTY1
Outgoing
interface
IGP Label(30)
VPN Label(10)
IGP Label(0)
10.1.2.5
VPN Label(10)
10.1.2.5
City 5
10.1.2.5 PE2.CTY5
CE1
10.1.2.5
Site-2, VPN-A
10.1.2.0/24
IS-IS
CE2
Metro Ethernet
Backhaul
Site-2, VPN-B
10.1.2.0/24
RIP
CE2
CR3
PE1.CTY1 router receives normal IP

packet from CE1 router.
PE1.CTY1 router does IP Longest
Match from VRF, finds iBGP next hop
PE1.CTY5 and imposes a stack of labels
P routers switch the packet based on the

IGP Label (top label)
Egress PE router(PE1.CTY5) removes top

label, uses inner label to select which
VPN/CE to forward the packet to.
Inner label is removed and packet sent to
CE2 router
18
MPLS L3 VPN: Rate Control Per-Customer and Per- Site

PE1.CTY1
S-VID
200
100Mbps shaper
V
T
M
I
Per-Enterprise
Hierarchical shaping
(PIR/CIR)
Eth10
PE1.CTY5
Application
Classification
(5-Tuple)
RT Voice
RT Video
Mission Critical
Best Effort
RT Voice
RT Video
Mission Critical
Best Effort
V
T
M
I
S-VID
200
5Mbps shaper
Per-Enterprise
(PIR/CIR)
Customer
Classification
(VC-Label)
S-VID
201
Eth20
S-VID
201
VPN A
VPN A
PE1.CTY5
A pair of VC-LSPs
S-VID 200/Eth20
PE1.CTY1
CE1
S-VID 200/Eth10
City 5
Metro Ethernet
Backhaul City 1
CR1
CR2
CE2
Metro Ethernet
Backhaul
PE2.CTY5
PE2.CTY1
Service Rate Control at each PE

participating a VPLS instance
Upstream Rate Control: Ingress Rate
Limiting
Downstream Rate Control: Egress Rate
Shaping
Granularity of Rate Control: 1Mbps
A pair of VC-LSPs
VPN A
A pair of VC-LSPs
RT Voice
RT Video
Mission Critical
Best Effort
PE1.CTY7
PE1.CTY7
CR3
V
T
M
I
CE3
S-VID 200/Eth30
City 7
S-VID
200
Metro Ethernet
Backhaul
PE2.CTY7
5Mbps shaper
Per-Enterprise
(PIR/CIR)
Eth30
S-VID
201
19
MPLS L3 VPN for Enterprise: PE Redundancy

CE
PE
Metro Aggregation
VPN Routing (OSPF, RIP, Static, etc.)
PE
IP/MPLS Backbone
Metro Aggregation
VPN Route and Label Distribution (MG-iBGP)
VPN Routing (OSPF, RIP, Static, etc.)
Tunnel Signaling (LDP/RSVP-TE)
QinQ (Per-enterprise VLAN)
CE
QinQ (Per-enterprise VLAN)
IGP (IS-IS)
VLL/
H-VPLS
H-VPLS
vc-lsp 100
CR1
VRF Green
CR2
VRF Green
S-VID 100
Site-1, VPN-A
Headquarter
CE1
S-VID 100
Metro Ethernet
Backhaul
S-VID 100
PE1.CTY1
PE1.CTY5
VRRP between VRFs

City 1
S-VID 100
City 5
PE2.CTY1
Site-2, VPN-A
Branch Office
CE2
Metro Ethernet
Backhaul
PE2.CTY5
VRF Green
vc-lsp 200
CR3
VRF configuration in 2 PE routers. Backhaul is connected to PE through 2 VLANs

VRRP redundancy per VRF between PE routers (255 VRRP instance for VRF)
Ex) PE redundancy in Headquarter site, and single PE in Branch office
20
Benefits of BGP/MPLS VPNs

The major objective of BGP/MPLS VPNs is to simplify network operations for customers while allowing the service
provider to offer scalable, revenue-generating, value-added services. BGP/MPLS VPNs has many benefits, including the
following.
There are no constraints on the address plan used by each VPN customer. The customer can use either globally
unique or private IP address spaces. From the service provider's perspective, different customers can have
overlapping address spaces.
The CE router at each customer site does not directly exchange routing information with other CE routers. Customers
do not have to deal with inter-site routing issues because inter-site routing issues are the responsibility of the service
provider.
VPN customers do not have a backbone or a virtual backbone to administer. Thus, customers do not need
management access to PE or P routers.
Providers do not have a separate backbone or virtual backbone to administer for each customer VPN. Thus, providers
do not require management access to CE routers.
The policies that determine whether a specific site is a member of a particular VPN are the policies of the customer.
The administrative model for RFC 2547bis VPNs allows customer policies to be implemented by the provider alone or
by the service provider working together with the customer.
The VPN can span multiple service providers. While this capability of BGP/MPLS VPNs is important, this paper does
not describe inter-provider VPN solutions.
Without the use of cryptographic techniques, security is equivalent to that supported by existing Layer 2 (ATM or
Frame Relay) backbone networks.
Service providers can use a common infrastructure to deliver both VPN and Internet connectivity services.
Flexible and scalable QoS for customer VPN services is supported through the use of the experimental bits in the
MPLS shim header or by the use of traffic engineered LSPs (signaled by RSVP).
The RFC 2547bis model is link layer (Layer 2) independent.
21
MPLS L3 VPN for Enterprise

Features
Maximum Number of 802.1Q (VLAN) Circuits
26K
Maximum Number of 802.1ad (QinQ) Circuits
26K
Maximum Number of LSPs (LDP)
2.4K
Maximum Number of LSPs (RSVP-TE)
50K
Maximum Number of VRF
4K
Maximum VPN Route Entries per VRF

Maximum Number of MPLS L3 VPN Instances
500K
4K
Juniper M-series
22
MPLS L2 VPN: VLL/VPWS/EoMPLS Service

Metro Aggregation
IP/MPLS Backbone
Metro Aggregation
Point-to-Point Transparent LAN Service (Customer VLAN (C-VID))

Per-enterprise VLAN (QinQ)
Martini signaling
T-LDP
DU-LDP
Per-enterprise VLAN (QinQ)
PW (vc-lsp)
PW Signaling (Martini Signaling: Targeted LDP)
VLL/
H-VPLS
Site-1, VPN-A
IGP (IS-IS)
PE1.CTY1
CR1
VLL/
H-VPLS
CR2
PE1.CTY5
Site-2, VPN-A
CE1
CE2
Metro Ethernet
City 1
Backhaul
Site-1, VPN-B
City 5
Metro Ethernet
Backhaul
PE2.CTY1
PE2.CTY5
CE1
Site-2, VPN-B
CE2
CR3
Standard:
RFC 4448 (Martini), Encapsulation Methods for Transport of Ethernet over MPLS Networks, April 2006
RFC 4447 (Martini), Pseudowire Setup and Maintenance Using LDP, April 2006
23

1. Configuring PE
VCID (Virtual Circuit ID) represents the provisioned ID for the circuit between the (Ethernet port + VLAN
ID) entities provisioned in the 2 PEs (PE1.CTY1 and PE1.CTY5)
PE1.CTY5 configured:
Local S-VID200 on Ethernet20 to
be configured with VCID 2400
going to PE1.CTY1.
PE1.CTY1 configured:
Local S-VID200 on Ethernet30 to
be configured with VCID 2400
going to PE1.CTY5.
Site-1, VPN-A
S-VID 200/Eth30
CR1
PE1.CTY1
CR2
PE1.CTY5
CE2
Metro Ethernet
Backhaul City 1
Metro Ethernet
City 5
Backhaul
Tunnel LSP
PE2.CTY1
Site-1, VPN-B
PE2.CTY5
CE1
2. VC Label Mapping and DU-LDP Signaling
PE1.CTY1 binds vc-label 2000 to

local VLAN 200 on Eth30 using
VCID 2400 as common ID
PE1.CTY1
Site-1, VPN-A
DU-LDP Label Mapping Message

VC FEC TLV:
VC Type = Ethernet
VCID = 2400
VC Label TLV:
vc-label = 2000
CR1
CR2
PE1.CTY5 binds the VCID 2400 to

vc-label 2000
PE1.CTY5
S-VID 200/Eth20
Vc-label 2000
Metro Ethernet
Backhaul City 1
Site-2, VPN-B
CE2
CR3
S-VID 200/Eth30
CE1
Tunnel LSP
Site-2, VPN-A
CE2
Metro Ethernet
City 5
Backhaul
PE2.CTY1
Site-1, VPN-B
PE2.CTY5
CE1
VCID 2400
Port VLAN(S-VID) VC-Label Tunnel Label
30
Site-2, VPN-A
S-VID 200/Eth20
CE1
200
2000
100
CR3
Site-2, VPN-B
CE2
Unidirectional representation: same steps

for PE1.CTY1 to PE1.CTY5 direction
24

3. Packet Forwarding
VCID 2400
Port VLAN(S-VID) VC-Label Tunnel Label
30
200
2000
100
MPLS Table
In
Out
(port/label) (port/label)
1/25
Site-1, VPN-A
PE1.CTY1
CE1
CR1
3/30
CR2
PE1.CTY5
S-VID 200/Eth30
S-VID 200/Eth20
Vc-label 2000
Metro Ethernet
Backhaul City 1
Site-2, VPN-A
CE2
Tunnel LSP
Metro Ethernet
City 5
Backhaul
PE2.CTY1
Site-1, VPN-B
PE2.CTY5
CE1
Site-2, VPN-B
CE2
CR3
D-MAC/S-MAC
C-VID
IP Packet
D-MAC/S-MAC
Tunnel Label(25)
Tunnel Label(30)
Tunnel Label(0)
D-MAC/S-MAC
D-MAC/S-MAC
S-VID(200)
C-VID
IP Packet
S-VID(200)
VC Label(10)
VC Label(10)
VC Label(10)
C-VID
D-MAC/S-MAC
D-MAC/S-MAC
D-MAC/S-MAC
C-VID
IP Packet
S-VID
S-VID
S-VID
IP Packet
C-VID
C-VID
C-VID
IP Packet
IP Packet
IP Packet
25
EoMPLS Service: QoS

Per-Enterprise Rate
Shaping (1Mbps
increment from 1Mbps
to 1Gbps)
A customer traffic is
classified to the application
level and mapped to 4 Traffic
class
PE1.CTY1
V
T
M
I
S-VID
200
5Mbps shaper
PE1.CTY5
Application
Classification
RT Voice
Per-Enterprise
(PIR/CIR)
Eth30
V
T
M
I
RT Voice
RT Video
RT Video
Mission Critical
Mission Critical
Best Effort
Best Effort
5Mbps shaper
Per-Enterprise
(PIR/CIR)
Customer
Classification
S-VID
201
S-VID
200
Eth20
S-VID
201
3Mbps shaper
3Mbps shaper
S-VID
202
S-VID
202
20Mbps shaper
20Mbps shaper
Virtual Leased Line

Site-1, VPN-A
PE1.CTY1
CE1
CR1
CR2
PE1.CTY5
S-VID 200/Eth30
S-VID 200/Eth20
PW
Metro Ethernet
Backhaul City 1
Site-2, VPN-A
CE2
Tunnel LSP
Metro Ethernet
City 5
Backhaul
PE2.CTY1
Site-1, VPN-B
PE2.CTY5
CE1
Site-2, VPN-B
CE2
CR3
26
VPLS Service
Metro Aggregation
IP/MPLS Backbone
Metro Aggregation
Point-to-Multi-Point Transparent LAN Service

Per-enterprise VLAN(QinQ)
VPLS (Full-Meshed PW)
Per-enterprise VLAN(QinQ)
PW Signaling (Martini Signaling: Targeted LDP)

VLL/
H-VPLS
IGP (IS-IS)
Site-1, VPN-A
VSI
CR1
VLL/
H-VPLS
CR2
PE1.CTY1
VSI
PE1.CTY5
CE1
Site-2, VPN-A
CE2
Metro Ethernet
City 1
Backhaul
Site-1, VPN-B
CE1
Martini signaling
T-LDP
DU-LDP
Metro Ethernet
City 5
Backhaul
PE2.CTY1
PE2.CTY5
PE1.CTY3
PE1.CTY7
VSI
VSI
City 7
CR3
PE2.CTY3
Site-2, VPN-B
CE2
PE2.CTY7
Standard:
RFC 4762: Virtual Private LAN Service (VPLS) Using LDP Signaling, Jan. 2007
RFC 4761: RFC 4761 on Virtual Private LAN Service (VPLS) Using BGP for Auto-Discovery and Signaling, Jan. 2007
RFC 4664: Framework for Layer 2 Virtual Private Networks (L2VPNs), Sep. 2006
27
VPLS Reference Model
MPLS Tunnel LSP (Full-Mesh)

Pseudo Wire (a pair of vc-lsp)
VSI Green
PE1.CTY5
VSI Green
PE1.CTY1
CE
VSI Violet
Metro Ethernet
Backhaul City 1
CR1
City 5
CE
Metro Ethernet
Backhaul
CR2
CE
PE2.CTY5
CE
PE2.CTY1
VSI Violet
VSI Green
PE1.CTY7
CE
CR3
Metro Ethernet
City 7 Backhaul
VSI Violet
CE
PE2.CTY7
28
VPLS Instance Creation: PW Signaling

1. T-LSP signaling for creating Full-Mesh PW
T-LDP(PE1.CTY1PE1.CTY5): For SVC-ID 1000, use VC- label 201 when sending to me
Use vc-label 102 for VCID 1000 when
sending to me
Use vc-label 201 for VCID 1000 when

sending to me
PE1.CTY5
PE1.CTY1
CE
S-VID 200/Eth20
T-LSP signaling for creating PW12
S-VID 200/Eth10
CE
Metro Ethernet
City5 S-VID
300/Eth20
Backhaul
Metro Ethernet
City1
Backhaul
CR2
CR1
PW12
CE
CE
PE2.CTY5
PE2.CTY1
PE1.CTY7
S-VID 200/Eth30
CE
CR3
City7
Metro Ethernet
Backhaul
CE
PE2.CTY7
2. VPLS Instance (VSI) Creation

FIB for VPLS 1000 (PE1.CTY1)
MAC Location
Interface

MAC Location
Interface

MAC Location
Interface
Local
Eth10, S-VID 200
Local
Eth20, S-VID 200
Local
Eth30, S-VID 200
Remote
Tunnel to PE1.CTY5(vc-lsp102)
Local
Eth20, S-VID 300
Remote
Remote
Remote
Remote
Remote
29
VPLS MAC Learning and Packet Forwarding

D-MAC = M2
3. Data Forwarding (VPLS MAC Learning)
Tunnel Label(25)
S-MAC = M1
VC Label(102)
S-VID = 200
D-MAC = M2
C-VID = 100
S-MAC = M1
S-VID = 200
M1
CE
PE1.CTY1
IP Packet
PE1.CTY5
CR1 IP Packet
CE
S-VID 200/Eth20
C-VID = 100
S-VID 200/Eth10
M2
CR2
Metro Ethernet
City5 S-VID
300/Eth20
Backhaul
Metro Ethernet
City1
Backhaul
CE
CE
D-MAC = M2
PW12
PE2.CTY5
S-MAC = M1
PE2.CTY1
M3
S-VID = 300
D-MAC = M2
Tunnel Label(15)
S-MAC = M1
VC Label(103)
S-VID = 200
D-MAC = M2
C-VID = 100
S-MAC = M1
IP Packet
S-VID = 200
C-VID = 100
IP Packet
PE1.CTY7
S-VID 200/Eth30
M4
CE
CR3
C-VID = 100
City7
IP Packet
Metro Ethernet
Backhaul
CE
PE2.CTY7

MAC Location
Interface
M1
Local
Eth10, S-VID 200
Remote
Remote

MAC Location
Interface
Local
M1

MAC Location
Interface
Eth20, S-VID 200
Local
Eth20, S-VID 300
Remote
Remote
M1
Local
Eth30, S-VID 200
Remote
Remote
Once the VPLS instance with vc-id 1000 has been created, the first packets can be sent and the MAC learning process starts.
Assume M1 is sending a packet to PE1.CTY5 destined for M2 (M2 and M1 are each identified by a unique MAC address).
PE1.CTY1 receives the packet and learns (from the source MAC address) that M1 can be reached on local port Eth 10, S-VID 200; it stores this information in the FIB for vc-id
1000.
PE1.CTY1 does not yet know the destination MAC address M2, so it floods the packet to PE1.CTY5 with VC label 102 (on the corresponding MPLS outer tunnel) and to
PE1.CTY7 with VC label 103 (on the corresponding MPLS outer tunnel).
PE1.CTY5 learns from VC label 201 that M1 is behind PE1.CTY1; it stores this information in the FIB for vc-id 1000.
PE1.CTY7 learns from VC label 302 that M1 is behind PE1.CTY1; it stores this information in the FIB for vc-id 1000.
30
VPLS MAC Learning and Packet Forwarding
S-MAC = M2
VC Label(201)
S-VID = 200
D-MAC = M1
C-VID = 100
S-MAC = M2
CE
PE1.CTY1
IP Packet
PE1.CTY5
S-VID = 200
M1
D-MAC = M1
Tunnel Label(12)
CR1 IP Packet
CE
S-VID 200/Eth20
C-VID = 100
S-VID 200/Eth10
M2
CR2
Metro Ethernet
City5 S-VID
300/Eth20
Backhaul
Metro Ethernet
City1
Backhaul
PW12
CE
PE2.CTY5
CE
M3
PE2.CTY1
D-MAC = M1
S-MAC = M2
M4
S-VID = 200
PE1.CTY7
C-VID = 100
S-VID 200/Eth30
IP Packet
CR3
City7
MAC Location
Interface
M1
Local
Eth10, S-VID 200
M2
Remote
Remote
CE

MAC Location
Interface
Metro Ethernet
Backhaul
CE
PE2.CTY7
M2
Local
Local
Eth20, S-VID 300
M1
Remote
Remote

MAC Location
Interface
Eth20, S-VID 200

M1
Local
Eth30, S-VID 200
Remote
Remote
PE1.CTY5 strips off label 102, does not know the destination M2 and floods the packet on ports Eth 20, S-VID 200 and Eth20, S-VID 300; PE1.CTY5 does not flood the packet
to PE1.CTY7 because of the split horizon rule.
PE1.CTY7 strips off label 103, does not know the destination M2 and sends the packet on port Eth30, S-VID 200; PE1.CTY7 does not flood the packet to PE1.CTY5 because of
the split horizon rule.
M2 receives the packet.
When M2 receives the packet from M1, it replies with a packet to M1:
PE1.CTY5 receives the packet from M2 and learns that M2 is on local port Eth 20, S-VID 200; it stores this information in the FIB for vc-id 1000.
PE1.CTY5 already knows that M1 can be reached via PE1.CTY1 and therefore only sends the packet to PE1.CTY1 using VC label 201.
PE1.CTY1 receives the packet for M1; it knows that M1 is reachable on port Eth 10, S-VID 200.
M1 receives the packet.

31
VPLS Rate Control Per-Customer and Per- Site

PE1.CTY1
S-VID
200
100Mbps shaper
V
T
M
I
PE1.CTY5
Application
Classification
Per-Enterprise
(PIR/CIR)
Eth10
RT Voice
RT Video
Mission Critical
Best Effort
RT Voice
RT Video
Mission Critical
Best Effort
V
T
M
I
5Mbps shaper
Per-Enterprise
(PIR/CIR)
Customer
Classification
S-VLAN
201
PE1.CTY5
S-VID 200/Eth20
PE1.CTY1
S-VID 200/Eth10
Metro Ethernet
Backhaul
City5
Metro Ethernet
City1
Backhaul
Eth20
S-VLAN
201
PW12
CE
S-VID
200
CR1
CR2
CE
CE
PE2.CTY5
CE
PE2.CTY1
PW23
Service Rate Control At Each PE participating a

VPLS instance
PW13
Upstream Rate Control: Ingress Rate Limiting
Downstream Rate Control: Egress Rate
PE1.CTY7
Shaping
Granularity of Rate Control: 1Mbps
RT Voice
RT Video
Mission Critical
Best Effort
PE1.CTY7
S-VID 200/Eth30
CE
CR3
City7
V
T
M
I
S-VID
200
Metro Ethernet
Backhaul
CE
PE2.CTY7
5Mbps shaper
Per-Enterprise
(PIR/CIR)
Eth30
S-VLAN
201
32
MPLS L2 VPN for Enterprise: Scaling Characteristics

Features
Maximum number of 802.1Q (VLAN) Circuits
26K
Maximum number of 802.1ad (QinQ) Circuits
26K
Maximum number of LSPs (LDP)
2.4K
Maximum number of LSPs (RSVP-TE)
50K
Maximum number of VPWS instances
16K
Maximum number of VPLS instances
2K
Maximum number of MAC addresses
850K
Juniper M-series
33
MPLS Protection
34
Path Protection: Secondary Path

1. Secondary LSP: Pre-computed/Pre-signaled backup LSP
Secondary paths support the configuration of primary and secondary
physical paths for an LSP to protect against link and transit node
forwarding plane failures.
The primary path is the preferred path while the secondary path is
used as an alternative route when the primary path fails.
There are two types of secondary paths: standby and non-standby.
A standby secondary path is pre-computed and pre-signaled while a
non-standby secondary path is pre-computed but is not pre-signaled.
Primary LSP
CR1
3. Network Impairment
2. RSVP Patherr and Resvtear
unicast to ingress PE
CR1 Primary LSP
CR2
PE1.CTY5
PE1.CTY1
CR3
PE2.CTY1
CR2
PE1.CTY5
PE1.CTY1
CR3
PE2.CTY1
PE2.CTY5
2. Normal Operation
Primary LSP
RSVP Hello
Secondary LSP
4. Protection Switching
Primary LSP
RSVP Hello
CR1
CR1
CR2
PE1.CTY5
PE1.CTY1
PE2.CTY1
CR3
Secondary LSP
PE2.CTY5
Ingress PE switches traffic to pre-established

secondary path
Secondary LSP (Standby LSP Case)
Path: Pre-computed (CSPF)
BW Reservation: Pre-Signaled (RSVP-TE)
Secondary LSP
RSVP Hello
1. Outage
1) Link Failure
2) Node Failure (RSVP Hello)
CR2
PE1.CTY5
PE1.CTY1
PE2.CTY1
CR3
PE2.CTY5
PE2.CTY5
Secondary LSP
35
Local Protection: Fast Reroute (1:1 Protection)

1. Detour LSP Pre-Setup
3. Network Impairment
Fast reroute (or one-to-one backup) allows an LSR immediately

upstream from an outage to quickly route around a failed link or node
to an LSR downstream of the outage.
This is accomplished by pre-computing and pre-establishing detour
paths that bypass the immediate downstream link and the next-hop
LSR.
For LSP PE1.CTY1-to-PE1.CTY5, the following detours are established
PE1.CTY1 create a detour to PE1.CTY5 via CR3
CR1 create a detour to PE1.CTY5 via CR3
CR2 create a detour to PE1.CTY5 via CR3
CR1
LSP CR2
2. CR2 switches traffic to

its dedicated detour path
3. RSVP Patherr and Resvtear
CR1
1. Outage
1) Link Failure
2) Node Failure (RSVP Hello)
CR2
PE1.CTY5
PE1.CTY1
PE2.CTY1
PE2.CTY5
PE1.CTY5
PE1.CTY1
CR3
PE2.CTY1
PE2.CTY5
4. Re-optimization
Detours LSPs
CR3
Fast reroute provides local repair and allows connectivity to

be restored faster than traffic can be switched by the ingress
LSR to a standby secondary LSP.
2. Normal Operation
RSVP Hello
RSVP Hello
CR1
RSVP Hello
CR2
PE1.CTY5
PE1.CTY1
Fast reroute is only a short-term solution because the

detour paths may not provide adequate bandwidth and the
activation of a detour path can result in congestion on
bypass links.
As soon as the ingress router calculates a new path avoiding
the failure, traffic is redirected along the new path, detours
are torn down, and new detours established.
PE2.CTY1
PE2.CTY5
CR3
36
Local Protection: Link Protection (Many-to-one or facility backup)

1. Bypass Path Pre-Setup
2. Network Impairment (Link Failure)
Many-to-one (facility backup) is based on interface rather than on LSP.

While fast reroute protects interfaces or nodes along the entire path of a
LSP, many-to-one protection can be applied on interfaces as needed.
A bypass path is set up around the link to be protected using an alternate
interface to forward traffic.
Link protection (or many-to-one backup) allows an LSR immediately
upstream from a link failure to use an alternate interface to forward
traffic to its downstream neighbor LSR.
This is accomplished by pre-establishing a bypass path that is shared by all
protected LSPs traversing the failed link. A single bypass path safeguards
the set of protected LSPs.
The bypass path is shared by all protected LSPs traversing the failed link
(many LSPs protected by one bypass path).
PE1.CTY3
LSP1
CR1
CR2
PE1.CTY1
LSP2
PE2.CTY1
3. RSVP Patherr and

Resvtear
PE1.CTY3
LSP1
1. Link Failure
CR1
CR2
Bypass
Path
PE2.CTY3
PE1.CTY1
PE2.CTY5
PE1.CTY7
LSP2
PE2.CTY1
PE1.CTY5
CR3
PE2.CTY7
PE1.CTY5
When an outage occurs, the router immediately upstream from the link
outage switches protected traffic to the bypass link, then signals the link
failure to the ingress router.
Bypass Path
PE2.CTY3
2. CR1 switches all LSP

traffic to the bypass link
CR3
LSP1: PE1.CTY3-to-PE1.CTY5
PE2.CTY5
PE1.CTY7
Like fast reroute, link protection provides local repair and restores
connectivity faster than the ingress router switching traffic to a standby
secondary path.
PE2.CTY7
However, unlike fast reroute, link protection does not provide protection
against the failure of the downstream neighbor.
37
Local Protection: Node-Link Protection (Many-to-one or facility backup)

1. Bypass Path Pre-Setup
2. Network Impairment (Link Failure)
Next-hop bypass: Provides an alternate route for an LSP to reach a

neighboring router. This type of bypass path is established when you
enable either node-link protection or link protection.
Next-next-hop bypass: Provides an alternate route for an LSP through a
neighboring router en route to the destination router. This type of bypass
path is established exclusively when node-link protection is configured.
Link Failure
2. PE1.CTY3 switches all LSP
traffic to the NHOP bypass link
1. Link Failure
LSP1
PE1.CTY3
LSP1
CR1
NHOP
bypass
PE2.CTY3
PE1.CTY1
CR2
PE1.CTY7
LSP2
CR3
2. PE1.CTY3 switches all LSP

traffic to the NNHOP bypass link
PE2.CTY7
1. Node Failure
PE1.CTY3
LSP1
CR1
CR2
NNHOP
bypass
PE2.CTY3
PE1.CTY1
PE2.CTY1
PE1.CTY5
PE2.CTY5
PE1.CTY7
LSP2
PE2.CTY7
Node Failure
CR3
PE2.CTY5
PE1.CTY7
PE1.CTY5
PE2.CTY5
PE1.CTY1
PE2.CTY1
NNHOP
bypass
LSP2
PE2.CTY1
PE1.CTY5
CR2
NHOP
bypass
PE2.CTY3
PE1.CTY3
CR1
CR3
PE2.CTY7
38
End of Document
39
Netmanias Research and Consulting Scope

99
00
01
02
03
04
05
06
07
08
09
10
11
12
13
eMBMS/Mobile IPTV
CDN/Mobile CDN
Transparent Caching
BSS/OSS
Services
Cable TPS
Voice/Video Quality
IMS
Policy Control/PCRF
IPTV/TPS
LTE
Mobile
Network
Mobile WiMAX
Carrier WiFi
LTE Backaul
Data Center Migration
Carrier Ethernet
FTTH
Wireline
Network
Data Center
Metro Ethernet
MPLS
IP Routing
Visit http://www.netmanias.com to view and download more technical documents.
40

Netmanias.2007.12.13-MPLS Backhaul & Backbone Network Design (En)

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Netmanias.2007.12.13-MPLS Backhaul & Backbone Network Design (En)

Încărcat de

Drepturi de autor:

Formate disponibile

Netmanias Technical document: MPLS Backhaul & Backbone Network Design

MPLS Backhaul & Backbone Network Design

December 13, 2007

NMC Consulting Group (tech@netmanias.com)

About NMC Consulting Group

Netmanias Technical document: MPLS Backhaul & Backbone Network Design

MPLS Backhaul Concept

Backhaul Connectivity for Residential User

Backhaul Connectivity for Enterprise User

Backhaul Network Resiliency

MPLS Backbone Network

MPLS Backbone Concept

MPLS L2 VPN: VPWS

MPLS L2 VPN: VPLS

MPLS Fast Recovery

Copyright 2002-2013 NMC Consulting Group. All rights reserved.

Netmanias Technical document: MPLS Backhaul & Backbone Network Design

MPLS Backhaul Network

Copyright 2002-2013 NMC Consulting Group. All rights reserved.

Netmanias Technical document: MPLS Backhaul & Backbone Network Design

Customer Separation by QinQ and H-VPLS

Copyright 2002-2013 NMC Consulting Group. All rights reserved.

Netmanias Technical document: MPLS Backhaul & Backbone Network Design

Backhaul Connectivity for Residential User

Voice VLAN (3)

Video PVC (1/36)

Video VLAN (4)

Video VLAN (4)

Internet VLAN (5)

Internet VLAN (5)

Internet PVC (1/37)

Mgmt VLAN (1000)

Voice PVC (1/35)

Video VLAN (4)

Voice VLAN (3)

Voice VLAN (3)

Video VLAN (4)

Video VLAN (4)

Video VLAN (4)

Internet VLAN (5)

Internet VLAN (5)

Internet VLAN (5)

Video VLAN (4)

Copyright 2002-2013 NMC Consulting Group. All rights reserved.

Netmanias Technical document: MPLS Backhaul & Backbone Network Design

Backhaul Connectivity for Enterprise User

Active Spoke LSP

VC-LSP=Per Enterprise VPN (VPN-A)

VSI S-VID=Enterprise ID (VPN-A)

VSI S-VID=Enterprise ID (VPN-B)

VC-LSP=Per Enterprise VPN (VPN-C)

VSI S-VID=Enterprise ID (VPN-C)

VSI S-VID=Enterprise ID (VPN-D)

Copyright 2002-2013 NMC Consulting Group. All rights reserved.

Netmanias Technical document: MPLS Backhaul & Backbone Network Design

Backhaul Network Resiliency

RFC 2338: Virtual Router Redundancy Protocol , April 1998

Active Spoke LSP

< Node Fail >

< Normal >

< Link Fail >

< Link Fail >

< Node Fail >