Documente Academic
Documente Profesional
Documente Cultură
http://id.linkedin.com/in/syarifuddin
Multiprotocol Label Switching (MPLS) is a
mechanism in high-performance
telecommunications networks that directs data
from one network node to the next based on
short path labels rather than long network
addresses, avoiding complex lookups in a
routing table. The labels identify virtual links
(paths) between distant nodes rather than
endpoints. MPLS can encapsulate packets of
various network protocols. MPLS supports a
range of access technologies, including T1/E1,
ATM, Frame Relay, and DSL.
In 1996 a group from Ipsilon Networks proposed a
"flow management protocol". Their "IP Switching"
technology, which was defined only to work over ATM,
did not achieve market dominance. Cisco Systems
introduced a related proposal, not restricted to ATM
transmission, called "Tag Switching". It was a Cisco
proprietary proposal, and was renamed "Label
Switching". It was handed over to the Internet
Engineering Task Force (IETF) for open
standardization. The IETF work involved proposals
from other vendors, and development of a consensus
protocol that combined features from several vendors'
work.
MPLS brings the following benefits to IP networks:
› Improved up-time – By providing alternative network paths
› Improved bandwidth utilization – By allowing for multiple traffic
types to traverse the network
› Reduced network congestion – By utilizing optional paths for
traffic to avoid congestion
› Improved end user experience – By allowing multiple Classes of
Service to different types of traffic such as VOIP
› Traffic engineering - the ability to set the path that traffic will
take through the network and the ability to set performance
characteristics for a class of traffic.
› Layer 2 transport - new standards allow service providers to carry
Layer 2 services including Ethernet, Frame Relay and ATM over an
IP/MPLS core
Beside of its benefits, MPLS have several
issues :
The carrier has to play a role in configuration
of the overall network.
MPLS network does not offer any inherent data
protection and improper implementation can
open your network to vulnerabilities.
Possibilities to “peek up” end user traffic from
Service Provider Network
Label switching through label path
P
P
CE
CE
PE P PE
P
CE Label Path CE
‘Shim’ Label(s)
4 Octets
Label Stack TTL
Label Exp. S
Entry Format
Label: Label Value, 20 bits (0-15 reserved)
Packet-based encoding Exp.: Experimental, 3 bits (Class of Service)
S: Bottom of Stack, 1 bit (1 = last entry in label stack)
TTL: Time to Live, 8 bits
› Push
– Push the first label on the packet or
– Push a label on existing label stack
– For IP packets, set the TTL value of the label to the value
in the IP packet
› Pop
– Remove the top label from the packet
– Copy the TTL value of the label to the TTL value of the IP
Packet
LSP
IP1 IP1
IP1 #L1 IP1 #L2 IP1 #L3
IP2 #L1 IP2 #L2 IP2 #L3
IP2 IP2
Packets are destined for different address prefixes, but can be
mapped to common path
• FEC = “A subset of packets that are all treated the same way by a router”
• The concept of FECs provides for a great deal of flexibility and scalability
• In conventional routing, a packet is assigned to a FEC at each hop (i.e. L3
look-up), in MPLS it is only done once at the network ingress.
Label protocols in MPLS were divided in three
items:
◦ LSP (Label Switched Patch)
Is static label distribution that need to be created
manually in P & PE Routers.
◦ LDP (Label Distribution Protocol)
Dynamic protocol that automatically generates label
path between Routers
◦ RSVP (Resource Reservation Protocols)
Provide better reroute time failure
› All Routers are configured manually with labels
› No signaling is required
ESR ESR
ESR
LSP Secondary
ESR
Path (Non-Fate or
Core Router
Sharing ) ESR
Hello REQ
Path Refresh
PATH
RESV
Refresh
ESR
ESR
• When Primary Path Fails
• The first secondary path becomes active
• Attempts are made to restore primary path (retry timer)
• Software will revert back to primary when it recovers
ESR ESR
ESR
LSP Secondary
ESR
Path (Non-Fate or
Core Router
Sharing ) ESR
Hello REQ
Path PATH
Hello REQ
RESV
ERR ERR
ESR
ESR
Difficult to quickly restore connectivity using
traditional IP protocols because:
Failures are not detecting quickly
Takes time to compute an alternate route
Takes time to signal an alternate LSP and update
forwarding tables
Protected
R4 LSP
R2
R1 R3
R6 R9
R7 R5
R8
R9
R6 R5
R7
Resv Error
Path Error
Path Tear
3 4 ResV Tear
Path Refresh
ResV Refresh
Path: 30.30.30.1 2
1
Path: 30.30.30.1
ResV: 10.10.10.1
ILER 5 ResV: 10.10.10.1
Resv Conf
ELER
RSVP-TE has extensions to support operation with MPLS:
◦ Provide the mechanism to setup an explicitly routed LSP that could
differ from the normal path calculated by the IGP.
◦ Perform downstream on demand label allocation, distribution, and
binding among LSRs in the path, thus establishing path state in
network nodes.
◦ Optionally provide resource reservations (bandwidth) along the path to
meet the requirements of the traffic flow.
◦ Provide users information about the actual path traversed by the LSP.
◦ LSP preemption based on administrative policy control.
◦ Loop detection and avoidance during the initial LSP set-up and
rerouting an existing LSP.
◦ Monitor and maintain the state of an explicitly routed LSP
RSVP Refresh Reduction
◦ PATH Refresh and RESV Refresh are sent out for each
LSP
◦ Multiple messages are bundled into a single
message to reduce network overhead
◦ Each bundled message contains Multiple Message-
ids of the associated PATH and RESV messages for
which the state needs to be refreshed
› RSVP Failure Detection
› Hello Message exchanged between neighbors
› Enables failure detection in milliseconds
ESR ESR
ESR
Secondary LSP or
Core Router
ESR
Primary LSP
Hello REQ
ESR
Hello ACK
ESR
ESR
Study Case, General Requirement :
Customer requested to use Cisco Router as the platform.
To keep compatibility with non-Cisco devices,routing
protocol that will be used is OSPF.
Label Protocol = LDP.
Every region has different OSPF area to keep ospf
calculation locally. Area 0 for backbone PR, area 1 for
jakarta, area 2 for east java, and area 3 for borneo.
Ring topology will be used for P router. From jakarta1 –
jakarta2 - surabaya1 - banjarmasin1 – jakarta1.
To keep redundancy, there will be 2 P router in jakarta that
will serve as master & backup.
2 P routers in jakarta were connected to 5 PE (2
jakarta, 1 bekasi, 1 bogor, 1 tangerang), 1 P
surabaya connected to 3 PE (1 surabaya, 1
malang, 1 madiun), 1 P banjarmasin connected
with 1 PE in the same place.
Due to services that will be delivered from
PEJKTKPI01 & PEJKTKPI02 were critical, to provide
redundancy, PEJKTKPI01 have direct link to
PEJKTKPI02
PRJKTKPI01, PRJKTKPI02, PEJKTKPI01, PEJKTKPI02
were placed in same room
East Java Area were designed to use ring
topology with distribution point to P surabaya.
P surabaya – PE surabaya – PE malang – PE
madiun – P surabaya.
For Borneo area, there is only 1 P & 1 PE. We
create 2 interface point to point for
redundancy
Device Ip Loopback
PRJKTKPI01 10.0.0.1/32 Loopback IP is used to stabilize
PRJKTKPI02 10.0.0.2/32
OSPF, BGP, MPLS LDP,
PEJKTKPI01 10.0.0.3/32
PEJKTKPI02 10.0.0.4/32 and many router processes
PEBTNTGR01 10.0.0.5/32
PEJBRBKS01 10.0.0.6/32
PEJBRBGR01 10.0.0.7/32
PRJTMSBY01 10.0.0.8/32
PEJTMSBY01 10.0.0.9/32
PEJTBMLG01 10.0.0.10/32
PEJTMMDN01 10.0.0.11/32
PRKALBJM01 10.0.0.12/32
PEKALBJM01 10.0.0.13/32
Loopback IP Design
Banjarmasin
10.10.40.2/30
Area 3 Kalimantan
PEKALBJM01
10.0.0.13/32
10.10.40.6/30
10.10.40.1/30
Banjarmasin
10.10.40.5/30
Surabaya
10.10.10.10/30
/ 30
0.1 0.13
10.1 10 Surabaya 10.10.30.2/30
PRKALBJM01 .10 10.10.30.5/30
.10 10.10.30.1/30
10.0.0.12/32 .9/
3 0
PEJTMSBY01
Area 0 CORE 10.0.0.9/32
10.10.30.6/30
/ 30
10.10.10.14/30 . 1 0.6 PRJTMSBY01 Area 2 Jatim
. 10
10 10.0.0.8/32 Malang
10.10.20.5/30 10.10.30.14/30
.5/ 3 0
10.10.10.1/30 0.10 10.10.30.9/30
10.10.10.2/30 10.1 PEJTMMLG01
10.10.20.1/30 10.10.20.18/30
10.0.0.10/32
PRJKTKPI01 Jakarta 10.10.20.22/30
10.0.0.1/32 10.10.30.13/30 10.10.30.10/30
Jakarta PRJKTKPI02
10.0.0.2/32 PEJTMMDN01
10.10.20.25/30
10.10.20.2/30 10.0.0.11/32
Madiun
10.10.20.26/30 10.10.20.21/30
PEJKTKPI01
10.0.0.3/32
Jakarta PEJKTKPI02
10.0.0.4/32
Jakarta
Area 1 Jakarta
10.10.20.6/30
10.10.20.17/30
10.10.20.9/30
10.10.20.10/30 10.10.20.13/30 10.10.20.14/30
PEBTNTGR01
PEJBRBGR01 PEJBRBKS01 Project : MPLS Core Network
10.0.0.5/32
Tangerang 10.0.0.7/32 10.0.0.6/32 Revision : 4 Design by : Muhammad Syarifuddin
Bogor Bekasi
Banjarmasin
10.10.10.10/30
0 .1 3/30
0 .1
10.1 10
PRKALBJM01 . 10 Surabaya
.10
10.0.0.12/32 .9/
3 0
Area 0 CORE
. 6/ 30
10.10.10.14/30
0.10 PRJTMSBY01
. 1
10 10.0.0.8/32
0
10.10.10.1/30 0. 1 0.5/3
10. 1
10.10.10.2/30
PRJKTKPI01 Jakarta
10.0.0.1/32
Jakarta PRJKTKPI02
10.0.0.2/32
10.10.20.5/30
10.10.10.1/30
10.10.10.2/30
10.10.20.1/30 10.10.20.18/30
PRJKTKPI01 Jakarta 10.10.20.22/30
10.0.0.1/32
Jakarta PRJKTKPI02
10.0.0.2/32
10.10.20.25/30
10.10.20.2/30
10.10.20.26/30 10.10.20.21/30
PEJKTKPI01
10.0.0.3/32
Jakarta PEJKTKPI02
10.0.0.4/32
Jakarta
Area 1 Jakarta
10.10.20.6/30
10.10.20.17/30
10.10.20.9/30
10.10.20.10/30 10.10.20.13/30 10.10.20.14/30
PEBTNTGR01
10.0.0.5/32 PEJBRBGR01 PEJBRBKS01
Tangerang 10.0.0.7/32 10.0.0.6/32
Bogor Bekasi
Surabaya
Surabaya 10.10.30.2/30
10.10.30.5/30
10.10.30.1/30
PEJTMSBY01
10.0.0.9/32
10.10.30.6/30
PRJTMSBY01 Area 2 Jatim
10.0.0.8/32 Malang
10.10.30.14/30
10.10.30.9/30
PEJTMMLG01
10.0.0.10/32
10.10.30.13/30 10.10.30.10/30
PEJTMMDN01
10.0.0.11/32
Madiun
Banjarmasin
10.10.40.2/30
Area 3 Kalimantan
PEKALBJM01
10.0.0.13/32
10.10.40.6/30
10.10.40.1/30
Banjarmasin
10.10.40.5/30
PRKALBJM01
10.0.0.12/32
Loopback0 10.0.0.1/32
PRJKTKPI01
Loopback0 10.0.0.2/32
PRJKTKPI02
Loopback0 10.0.0.3/32
Fa1/0 To PEJKTKPI02 Fa1/0 10.10.20.25/30 PEJKTKPI02 Fa1/0 10.10.20.26/30
Fa1/1 To PRJKTKPI01 Fa1/2 10.10.20.2/30 PRJKTKPI01 Fa1/2 10.10.20.1/30
PEJKTKPI02
Loopback0 10.0.0.4/32
Fa1/0 To PEJKTKPI01 Fa1/0 10.10.20.26/30 PEJKTKPI01 Fa1/0 10.10.20.25/30
Fa1/1 To PRJKTKPI02 Fa1/2 10.10.20.21/30 PRJKTKPI02 Fa1/2 10.10.20.22/30
PEBTNTGR01
Loopback0 10.0.0.5/32
Fa1/0 To PRJKTKPI01 Fa1/3 10.10.20.6/30 PRJKTKPI01 Fa1/3 10.10.20.5/30
Fa1/1 To PEJBRBGR01 Fa1/1 10.10.20.9/30 PEJBRBGR01 Fa1/1 10.10.20.10/30
PEJBRBKS01
Loopback0 10.0.0.6/32
Fa1/0 To PRJKTKPI02 Fa1/3 10.10.20.17/30 PRJKTKPI02 Fa1/3 10.10.20.18/30
Fa1/1 To PEJBRBGR01 Fa1/0 10.10.20.14/30 PEJBRBGR01 Fa1/0 10.10.20.13/30
PEJBRBGR01
Loopback0 10.0.0.7/32
Fa1/0 To PEJBRBKS01 Fa1/1 10.10.20.13/30 PEJBRBKS01 Fa1/1 10.10.20.14/30
Fa1/1 To PEBTNTGR01 Fa1/1 10.10.20.10/30 PEBTNTGR01 Fa1/1 10.10.20.9/30
Loopback0 10.0.0.8/32
PRJTMSBY01
Loopback0 10.0.0.9/32
Fa1/0 To PRJTMSBY01 Fa1/2 10.10.30.2/30 PRJTMSBY01 Fa1/2 10.10.30.1/30
Loopback0 10.0.0.10/32
Fa1/0 To PEJTMSBY01 Fa1/1 10.10.30.6/30 PEJTMSBY01 Fa1/1 10.10.30.5/30
Loopback0 10.0.0.11/32
Fa1/0 To PRJTMSBY01 Fa1/3 10.10.30.13/30 PRJTMSBY01 Fa1/3 10.10.30.14/30
Loopback0 10.0.0.13/32
Fa1/0 To PRKALBJM01 Fa1/2 10.10.40.2/30 PRKALBJM01 Fa1/2 10.10.40.1/30
2
1
4
Drag the new PC icon to the topology, right
click, and choose configure
On the NIO UDP tab, fill the local port and
remote port, leave the remote host to default
127.0.0.1, and then click add.
Each NIO UDP local port/remote port represent
the VPCS number.
VPCS can support 9 virtual PCs to accomodate
your needs
Please note below numbering :
30000 -> vpcs number 1
30001 -> vpcs number 2
30002 -> vpcs number 3
---
30009 -> vpcs number 9
To connect VPCS to Router, click on add link
menu in GNS3, choose manual interface, point
it to the desired router interface, and then
connect it to vpcs nio udp as described in
picture below.
You can open command prompt, point to the
vpcs folder, and run vpcs program. Because
we use nio udp 30000, we should press 1
(one) in vpcs to enter virtual pc number 1
Press ? to see all available commands.
Its time to configure our routers, by right click
on the router, click console.
Type “enable” to enter privileged mode, and
then “configure terminal” to enter global
configuration mode.
Every router has different configuration, and
don’t forget to setup the loopback IP Address
PRJKTKPI01: PRJKTKPI02: PEJKTKPI01:
hostname PRJKTKPI01 hostname PRJKTKPI02 hostname PEJKTKPI01
interface Loopback0 interface Loopback0 interface Loopback0
ip address 10.0.0.1 255.255.255.255 ip address 10.0.0.2 255.255.255.255 ip address 10.0.0.3 255.255.255.255
! ! !
interface FastEthernet0/0 interface FastEthernet0/0 interface FastEthernet0/0
description to PRJKTKPI02 f0/0 description to PRJKTKPI01 f0/0 description to PEJKTKPI02 f0/0
ip address 10.10.10.1 255.255.255.252 ip address 10.10.10.2 255.255.255.252 ip address 10.10.20.25 255.255.255.252
speed 100 speed 100 speed 100
full-duplex full-duplex full-duplex
! ! !
interface FastEthernet0/1 interface FastEthernet0/1 interface FastEthernet0/1
description to PRKALBJM01 f0/1 description to PRJTMSBY01 f0/1 description to PRJKTKPI01 f1/0
ip address 10.10.10.14 255.255.255.252 ip address 10.10.10.5 255.255.255.252 ip address 10.10.20.2 255.255.255.252
speed 100 speed 100 speed 100
full-duplex full-duplex full-duplex
! !
interface FastEthernet1/0 interface FastEthernet1/0 PEJKTKPI02:
description to PEJKTKPI01 f0/1 description to PEJKTKPI02 f0/1 hostname PEJKTKPI02
no switchport no switchport interface Loopback0
ip address 10.10.20.1 255.255.255.252 ip address 10.10.20.22 255.255.255.252 ip address 10.0.0.4 255.255.255.255
duplex full duplex full !
speed 100 speed 100 interface FastEthernet0/0
! ! description PEJKTKPI01 f0/0
interface FastEthernet1/1 interface FastEthernet1/1 ip address 10.10.20.26 255.255.255.252
description to PEBTNTGR01 f0/0 description PEJBRBKS01 f0/0 speed 100
no switchport no switchport full-duplex
ip address 10.10.20.5 255.255.255.252 ip address 10.10.20.18 255.255.255.252 !
duplex full duplex full interface FastEthernet0/1
speed 100 speed 100 description PRJKTKPI02 f1/0
! ! ip address 10.10.20.21 255.255.255.252
speed 100
full-duplex
PEBTNTGR01: PEJBRBGR01: PEJBRBKS01:
hostname PEBTNTGR01 hostname PEJBRBGR01 hostname PEJBRBKS01
interface Loopback0 interface Loopback0 interface Loopback0
ip address 10.0.0.5 255.255.255.255 ip address 10.0.0.7 255.255.255.255 ip address 10.0.0.6 255.255.255.255
! ! !
interface FastEthernet0/0 interface FastEthernet0/0 interface FastEthernet0/0
description to PRJKTKPI01 f1/1 description to PEJBRBKS01 f0/1 description to PRJKTKPI02 f1/1
ip address 10.10.20.6 255.255.255.252 ip address 10.10.20.13 255.255.255.252 ip address 10.10.20.17 255.255.255.252
speed 100 speed 100 speed 100
full-duplex full-duplex full-duplex
! ! !
interface FastEthernet0/1 interface FastEthernet0/1 interface FastEthernet0/1
description to PEJBRBGR01 f0/1 description to PEBTNTGR01 f0/1 description to PEJBRBGR01 f0/0
ip address 10.10.20.9 255.255.255.252 ip address 10.10.20.10 255.255.255.252 ip address 10.10.20.14 255.255.255.252
speed 100 speed 100 speed 100
full-duplex full-duplex full-duplex
! ! !
PRJTMSBY01: PEJTMSBY01:
hostname PRJTMSBY01 hostname PEJTMSBY01
interface Loopback0 interface Loopback0
ip address 10.0.0.8 255.255.255.255 ip address 10.0.0.9 255.255.255.255
! !
interface FastEthernet0/0 interface FastEthernet0/0
description to PRKALBJM01 f0/0 description to PRJTMSBY01 f1/0
ip address 10.10.10.9 255.255.255.252 ip address 10.10.30.2 255.255.255.252
speed 100 speed 100
full-duplex full-duplex
! !
interface FastEthernet0/1 interface FastEthernet0/1
description to PRJKTKPI02 f0/1 description to PEJTMMLG01 f0/0
ip address 10.10.10.6 255.255.255.252 ip address 10.10.30.5 255.255.255.252
speed 100 speed 100
full-duplex full-duplex
! !
interface FastEthernet1/0
description to PEJTMSBY01 f0/0
no switchport
ip address 10.10.30.1 255.255.255.252
duplex full
speed 100
!
interface FastEthernet1/1
description to PEJTMMDN01 f0/0
no switchport
ip address 10.10.30.14 255.255.255.252
duplex full
speed 100
!
PEJTMMLG01: PEJTMMDN01:
hostname PEJTMMLG01 hostname PEJTMMDN01
interface Loopback0 interface Loopback0
ip address 10.0.0.10 255.255.255.255 ip address 10.0.0.11 255.255.255.255
! !
interface FastEthernet0/0 interface FastEthernet0/0
description to PEJTMSBY01 f0/1 description to PRJTMSBY01 f1/1
ip address 10.10.30.6 255.255.255.252 ip address 10.10.30.13 255.255.255.252
speed 100 speed 100
full-duplex full-duplex
! !
interface FastEthernet0/1 interface FastEthernet0/1
description to PEJTMMDN01 f0/1 description to PEJTMMLG01 f0/1
ip address 10.10.30.9 255.255.255.252 ip address 10.10.30.10 255.255.255.252
speed 100 speed 100
full-duplex full-duplex
!
PRKALBJM01: PEKALBJM01:
hostname PRKALBJM01 hostname PEKALBJM01
interface Loopback0 interface Loopback0
ip address 10.0.0.12 255.255.255.255 ip address 10.0.0.13 255.255.255.255
! !
interface FastEthernet0/0 interface FastEthernet0/0
description to PRJTMSBY01 f0/0 description to PRKALBJM01 f1/0
ip address 10.10.10.10 255.255.255.252 ip address 10.10.40.2 255.255.255.252
speed 100 speed 100
full-duplex full-duplex
! !
interface FastEthernet0/1 interface FastEthernet0/1
description to PRJKTKPI01 f0/1 description to PRKALBJM01 f1/1
ip address 10.10.10.13 255.255.255.252 ip address 10.10.40.6 255.255.255.252
speed 100 speed 100
full-duplex full-duplex
!
interface FastEthernet1/0
description to PEKALBJM01 f0/0
no switchport
ip address 10.10.40.1 255.255.255.252
duplex full
speed 100
!
interface FastEthernet1/1
description to PEKALBJM01 f0/1
no switchport
ip address 10.10.40.5 255.255.255.252
duplex full
speed 100
OK, after finishing interface configuration
setup. Don’t forget to save it by typing: “copy
running-config startup-config”. And then do
verification on each router, following below
procedure. This verification step is a MUST,
otherwise the next step will be failed. Such as
OSPF, MPLS, and MPLS VPN.
Configuration verification : from privileged
mode, type “show run” check within interface,
make sure configuration were entered
correctly.
Interface verification: from privileged mode,
type “show ip interface brief”, or “show
interface”, make sure we already setup the IP
Address, and UP, whether by status or
protocol.
Connectivity verification, do ping to directly
connected neighbor. And make sure all were
giving reply.
IP routing verification, final step, make sure
loopback IP, and neighbor IP were shown in
routing table. The “C” sign indicate direct
connection to neighbor interface and loopback
interface.
Format ospf routing can be described below:
Router>enable
Router#configure terminal
Router(config)#router ospf x
x is the ospf process number
Router(config-router)#network A.B.C.D W.X.Y.Z area y
ABCD= network address, WXYZ= wildcard mask,y = area
Router(config-router)#