Understanding Mpls Vpns; Chapter 30 Configuring Mpl And Eompl - Cisco Catalyst 3750 Software Configuration Manual

Chapter 30 Configuring MPLS and EoMPLS

Understanding MPLS VPNs

With MPLS, the Layer 3 header is analyzed only once and then is mapped into a fixed-length,
unstructured value called a label. Many different headers can map to the same label, as long as those
headers always result in the same choice of next hop. In effect, a label represents a
forwarding-equivalence class—that is, a set of packets that can be very different but that are
indistinguishable to the forwarding function.
The initial choice of label can be based exclusively on the contents of the Layer 3 header, or it can be
based on policy, allowing forwarding decisions at subsequent hops to be based on policy. After a label
is chosen, a short label header is put at the front of the Layer 3 packet and carried across the network as
part of the packet. At subsequent hops through each MPLS router in the network, labels are exchanged,
and the router uses MPLS forwarding-table lookups for the label to make forwarding decisions. It is not
necessary to re-analyze the packet header. Because the label is a fixed length and unstructured, the MPLS
forwarding-table lookup process is straightforward and fast.
Each label-switching router (LSR) in the network makes an independent, local decision as to which label
value is used to represent which forwarding equivalence class. This association is known as a label
binding. Each LSR informs its neighbors of the label bindings that it has made. When a labeled packet
is sent from LSR A to neighboring LSR B, the label value carried by the packet is the label value that B
assigned to represent the packet's forwarding equivalence class. Thus, the label value changes as the IP
packet travels through the network.
Because the Catalyst 3750 Metro switch is used as a service-provider edge (PE) device, rather than a
Note
service-provider core router, it does not normally operate as an LSR. The switch only performs label
switching when it is connected to two different provider core routers over the ES ports to provide a
redundant path. In this case, the switch uses QoS policies to classify MPLS packets on egress for label
switching.
A label represents a forwarding-equivalence class, but it does not represent a particular path through the
network. In general, the path through the network continues to be chosen by the existing Layer 3 routing
protocols, such as Open Shortest Path First (OSPF), Enhanced Interior Gateway Protocol (EIGRP),
Intermediate-System-to-Intermediate-System (IS-IS), and Border Gateway Protocol (BGP). At each hop
when a label is looked up, the choice of the next hop is determined by the dynamic routing algorithm.
Understanding MPLS VPNs
Using MPLS virtual private networks (VPNs) provides the capability to deploy and administer scalable
Layer 3 VPN backbone services to business customers. A VPN is a secure IP-based network that shares
resources on one or more physical networks. A VPN contains geographically dispersed sites that can
communicate securely over a shared backbone.
VPN routes are distributed over the MPLS network by using multiprotocol BGP (MP-BGP), which also
distributes the labels associated with each VPN route. MPLS VPN depends on VPN routing and
forwarding (VRF) support to isolate the routing domains from each other. When routes are learned over
an MPLS VPN, the switch learns the new route as a normal VRF route, except that the destination MAC
address for the next hop is not the real address, but a specially formed address that contains an identifier
that is allocated for the route. When an MPLS-VPN packet is received on a port, the switch looks up the
labels in the routing table to determine what to do with the packet.
Catalyst 3750 Metro Switch Software Configuration Guide
30-2
78-15870-01