Section 16.2. Multiprotocol Label Switching (MPLS) | Computer and Communication Networks (paperback)

16.2. Multiprotocol Label Switching (MPLS)

Multiprotocol label switching (MPLS) improves the overall performance and delay characteristics of the Internet. MPLS transmission is a special case of tunneling and is an efficient routing mechanism. Its connection-oriented forwarding mechanism, together with layer 2 label-based lookups, enables traffic engineering to implement peer-to-peer VPNs effectively.

MPLS adds some traditional layer 2 capabilities and services, such as traffic engineering, to the IP layer. The separation of the MPLS control and forwarding components has led to multilayer, multiprotocol interoperability between layer 2 and layer 3 protocols. MPLS uses a small label or stack of labels appended to packets and typically makes efficient routing decisions. Another benefit is flexibility in merging IP-based networks with fast-switching capabilities. This technology adds new capabilities to IP-based networks:

Connection-oriented QoS support
Traffic engineering
VPN support
Multiprotocol support

Traditional IP routing has several limitations, ranging from scalability issues to poor support for traffic engineering. The IP backbone also presents a poor integration with layer 2 existing in large service provider networks. For example, a VPN must use a service provider's IP network and build a private network and run its own traffic shielded from prying eyes. In this case, VPN membership may not be well engineered in ordinary IP networks and can therefore result in an inefficient establishment of tunnels.

MPLS network architectures also support other applications, such as IP multicast routing and QoS extensions. The power of MPLS lies in the number of applications made possible with simple label switching, ranging from traffic engineering to peer-to-peer VPNs. One of the major advantages of MPLS is integration of the routing and switching layers . The development of the label-switched protocol running over all the existing layer 2 and layer 3 architectures is a major networking development.

16.2.1. MPLS Operation

MPLS is based on the assignment of labels to packets. Assigning labels to each packet makes a label-swapping scheme perform its routing process much more efficiently . An MPLS network consists of nodes called label switch routers (LSR). An LSR switches labeled packets according to particular switching tables. An LSR has two distinct functional components: a control component and a forwarding component. The control component uses routing protocols, such as OSPF and the border gateway protocol (BGP). The control component also facilitates the exchange of information with other LSRs to build and maintain the forwarding table.

A label is a header used by an LSR to forward packets. The header format depends on the network characteristics. LSRs read only labels and do not engage in the network-layer packet headers. One key to the scalability of MPLS is that labels have only local significance between two devices that communicate. When a packet arrives, the forwarding component uses the label of the packet as an index to search the forwarding table for a match. The forwarding component then directs the packet from the input interface to the output interface through the switching fabric.

MPSL Packet Format

MPLS uses label stacking to become capable of multilevel hierarchical routing. A label enables the network to perform faster by using smaller forwarding tables, a property that ensures a convenient scalability of the network. Figure 16.6 shows the MPLS header encapsulation for an IP packet. An MPLS label is a 32-bit field consisting of several fields as follows .

Label value is a 20-bit field label and is significant only locally.
Exp is a 3-bit field reserved for future experimental use.
S is set to 1 for the oldest entry in the stack and to 0 for all other entries.
Time to live is an 8-bit field used to encode a hop-count value to prevent packets from looping forever in the network.

Figure 16.6. MPLS header encapsulation for an IP packet

16.2.2. Routing in MPLS Domains

Figure 16.7 shows the label-switching paradigm in an MPLS network. An ingress LSR is an edge device that performs the initial packet processing and classification and applies the first label. An ingress LSR creates a new label. A core LSR swaps the incoming label with a corresponding next -hop label found from a forwarding table. At the other end of the network, another edge router, the egress LSR, is an outbound edge router and pops the label from the packet. It should be noted that multiple labels may be attached to a packet, forming a stack of labels. Label stacking enables multilevel hierarchical routing. For example, BGP labels are used for higher-level hierarchical packet forwarding from one BGP speaker to the other, whereas Interior Gateway Protocol (IGP) labels are used for packet forwarding within an autonomous system. Only the label at the top of the stack determines the forwarding decision.

Figure 16.7. Multiple layer 2 switching example in MPLS

Once an IP packet enters an MPLS domain, the ingress LSR processes its header information and maps that packet to a forward equivalence class (FEC). At this point, a label switch path (LSP) through the network must be defined, and the QoS parameters along that path must be established. The QoS parameters define how many resources are to be used for the path and what queueing and discarding policy are to be used. For these functions, two protocols are used to exchange necessary information among routers: An intradomain routing protocol, such as OSPF, is used to exchange routing information, and the Label Distribution Protocol (LDP) assigns labels. At the end of the process, the router appends an appropriate label for FEC purposes and forwards the packet through.

Example.

As shown in Figure 16.5, an IP packet with the destination address 85.2.1.1 enters an MPLS domain, and the ingress LSR processes its header and assigns a label, numbered 5. The label swapping from 5 to 8 takes place in the core router; finally, the next-hop IP address is attached to the packet on its way out of the egress router.

Figure 16.5. An MPLS network

Packet forwarding at the core LSR is based on a label-swapping mechanism. Once it receives a labeled packet, the core LSR reads the label as an index to search in the incoming label map table for the corresponding next-hop label. The label in the MPLS header is swapped with the out-label and sent on the next hop. This method of packet forwarding simplifies the routing process by replacing the longest-prefix match of IP routing with simple short-label exact-match forwarding. The real benefit of this method is that instead of processing IP headers for forwarding packets, routers process a short label. Once a packet arrives at the egress LSR, its MPLS header is decapsulated, and the stripped packet is routed to its destination.

In summary, an MPLS domain has three label manipulation instructions: An ingress LSR creates a new label and pushes it to the label stack of a packet, a core LSR swaps the incoming label with a corresponding next-hop label found from the forwarding table, and an egress LSR (outbound edge router) pops a label from the label stack. Only the label at the top of the stack determines the forwarding decision. The egress LSR strips the label, reads the IP packet header, and forwards the packet to its final destination.

16.2.3. Tunneling and Use of FEC

In an MPLS operation, any traffic is grouped into FECs. FEC implies that a group of IP packets are forwarded in the same mannerfor example, over the same path or with the same forwarding treatment. A packet can be mapped to a particular FEC, based on the following criteria:

Source and/or destination IP address or IP network addresses
TCP/UDP port numbers
Class of service
Applications

As mentioned earlier, labels have only local significance. This fact removes a considerable amount of the network-management burden . An MPLS packet may carry as many labels as required by a network sender. The process of labeled packets can always be performed based on the top label. The feature of label stack allows the aggregation of LSPs into a single LSP for a portion of the route, creating an MPLS tunnel . Figure 16.8 shows an IP packet moving through an MPLS domain. When the labeled packet reaches the ingress LSR, each incoming IP packet is analyzed and classified into different FECs. This traffic-classification scheme provides the capability to partition the traffic for service differentiation.

Figure 16.8. An IP packet labeled in an MPLS domain and tunneled to reach the other end of the domain

Route selection can be done either hop by hop or by explicit routing . With hop-byhop routing, each LSR can independently choose the next hop for each FEC. Hop-byhop routing does not support traffic engineering, owing to limited available resources. Explicit routing can provide all the benefits of traffic engineering. With explicit routing, a single LSR determines the LSP for a given FEC. For explicit routing, LSRs in the LSP are identified, whereas in an explicit routing, only some of the LSRs in an LSP are specified.

With the introduction of constraint-based routing, FEC can segregate the traffic into different levels of QoS, each with different service constraints, to support a variety of services, such as latency-based voice traffic and security-based VPN. At the beginning of the tunnel, an LSR assigns the same label to packets from a number of LSPs by pushing the label onto each packet's stack. At the other side of the tunnel, another LSR pops the top element from the label stack, revealing the inner label.

Label Distribution Protocol (LDP)

The Label Distribution Protocol (LDP) is a set of rules by which an LSR informs another LSR of an FEC. LDP enables two LSRs to understand each other's MPLS capabilities. LSP schemes are either downstream on demand or downstream unsolicited . With the downstream-on-demand scheme, an upstream node explicitly requests a label from a downstream node, and the downstream node forms the requested label. With the downstream-unsolicited scheme, a downstream node advertises a label mapping even without receiving any advance requests . Both types of LDPs can be used in explicit and hop-by-hop routing; however, a simple LDP can function using the routing protocol, such as OSPF, to design routes, since hop-by-hop routing does not follow the traffic engineering.

16.2.4. Traffic Engineering

High-quality connections can be expensive in an Internet service provider domain. Traffic engineering enables an ISP to route high-quality traffic to offer the best service to users in terms of throughput and delay. This way, traffic engineering reduces the cost of a network connection. Traffic engineering substitutes the need to manually configure network devices to set up explicit routes. In MPLS, traffic engineering is an automated scheme for control signaling and link bandwidth assignment and has a dynamic adaptation mechanism.

Traffic engineering can be either traffic oriented or resource oriented . Traffic-oriented traffic engineering relates to the optimization of such traffic performance parameters as the minimization of packet loss and delay and quick fault recovery when a node or a link fails. The resource-oriented technique engages in the optimization of network resource utilization.

Example.

Figure 16.9 shows an example of traffic engineering in MPLS. Assume that router R1 has a packet to send to R2. OSPF routes the packet through the shortest path, regardless of whether R3 is experiencing congestion. In an MPLS network, an LSP can be set up explicitly to avoid the congested node; if a constraint-based routing algorithm is used, an LSP avoiding the congested node is set up dynamically, even though the routing path is longer. This path-management capability is very appealing for traffic engineering.

Figure 16.9. A traffic engineering scenario

Example.

Figure 16.10 shows an example of traffic engineering in an MPLS network. The routing table is shown for router R2, where R2 advertises to R3, R5, and R6 that it can route to all three destinations C, D, and E. Hence, any frame with labels 31, 4, and 21, respectively, are switched toward these destinations.

Figure 16.10. Layer 3 routing in an MPLS network

16.2.5. MPLS-Based VPNs

Routine operations of virtual private networks require the use of both wide-area intradomain routing and interdomain routing schemes. A VPN's request to form a tunnel can be processed at the edge routers. For example, multiprotocol-based Border Gateway Protocol (BGP) makes MPLS-based VPN easier to manage VPN sites and VPN membership, mainly owing to the traffic engineering feature of MPLS. In an MPLS network, VPNs can be deployed by delivering the service using MPLS-aware subscriber equipment on the same infrastructure used for deploying Internet services.

An MPLS network domain acts as a backbone network between VPN users. Also, core LSRs act as providing routers , and edge routers act as costumer edge routers . Costumer edge routers distribute VPN information through MPLS-BGP to other providing routers. In order to forward an IP packet encapsulated for VPN through an MPLS backbone, the top label of the MPLS label stack is used to indicate the outgoing interface, and the second-level label is used to indicate the BGP next hop. When it receives a normal encapsulated IP packet from a router, an ingress costumer edge router performs an "IP longest match" and finds the next hop corresponding to the packet's home VPN. The second-to-last MPLS router forwards the packet and pops the top label so that the costumer edge router can forward the packet, based on the second-level label, which gives the VPN.