February 28th, 2008 neteng
Joe Haris, of 6200networks.com has a very interesting post here, about a big announcement coming from Cisco on March 5th. Now this could be some major marketing hype, but I found it interesting and thought others may as well!
neteng
Buy Me a Beer! Help me keep my sanity as I write more articles.Posted in News | 2 Comments »
February 26th, 2008 neteng
Just an FYI that I updated the diagram to simplify the original Basic MPLS article. After some feedback, I realized that the extra information in the original diagram could be a little confusing. I decided just to include the ISP core at this time. I hope this helps! I’m working on the next article (MPLS VPN) as we speak, so stay tuned.
neteng
Buy Me a Beer! Help me keep my sanity as I write more articles.Posted in MPLS | 2 Comments »
February 25th, 2008 neteng
Good morning folks. Before I post the networking news for this morning, I wanted to send a big thank you to my friend Carl at sunpenguin.net. He made the first donation to my Beer fund and has kept me functioning for a little while longer. He’s truly a refined and honorable gentleman. 
Now on to the news!
- Cisco announces QuantumFlow mystery network processor - 40 cores!!
- Satellite May Spread 1.2 Gbps Speeds Across Japan - I wonder if I can leach off this from California…
- Cisco Security Conversion Tool (SCT) — Easing the pain of a Check Point to Cisco firewall migration - May be useful for some readers here.
- Cisco, Duke To Boast World’s Largest 802.11n Network - Sheesh. I’m still running 802.11G at home.
neteng
Buy Me a Beer! Help me keep my sanity as I write more articles.Posted in MMNN | 3 Comments »
February 22nd, 2008 neteng
It’s Friday. For that, I am very grateful as I’m sure many of you are!
neteng
Buy Me a Beer! Help me keep my sanity as I write more articles.Posted in FMF | 1 Comment »
February 21st, 2008 neteng
It just hasn’t been my month! I’ve been fighting some sort of cold for the past week and then had some catastrophic data loss yesterday due to a failed drive (let this be a lesson to me…nightly backups). I’ll be working on recovering that tonight. Just wanted to keep you folks up to date on my status. I will get back on the article-writing horse one of these days, I promise!
Thanks for understanding,
neteng
Buy Me a Beer! Help me keep my sanity as I write more articles.Posted in News | 2 Comments »
February 13th, 2008 neteng
Hi all. I just wanted to let you know that I’m still trying to crank out the next article in the MPLS Series. It will be coming out a bit later than my normal pace, due to busyness on the home-front as well as being in the process of moving on to a new project at work.
Thanks for your patience and I’m looking forward to getting back to regular updates!
neteng
Buy Me a Beer! Help me keep my sanity as I write more articles.Posted in MPLS | 2 Comments »
February 12th, 2008 neteng
I’m busy working away on the next MPLS article, but I came across this last night and wanted to share. Very cool for Netflix subscribers with a Vista PC running Media Center. You can stream the Watch Now videos to your Xbox-360 and watch them on your television instead of creating temporary tunnel vision from staring at your laptop screen too long!
New Vista Media Center Plugin - MyNetflix (beta)
neteng
Buy Me a Beer! Help me keep my sanity as I write more articles.Posted in Links, Misc | 1 Comment »
February 11th, 2008 neteng
Hello everybody. My apologies for the lack of FMF on Friday. I took a vacation day and spent an extended weekend in Parker, Arizona. The weather was great and it was very relaxing. It was my first real vacation since my CCIE lab and it felt fantastic. On to today’s networking news:
- Cisco targets services sector for growth - Lots of first-party hardware companies appear to be focusing there efforts on this.
- Yahoo says Microsoft offer undervalues company - Not really networking, per se, but interesting nonetheless.
- Report: Motorola, Nortel in wireless infrastructure talks - Two pretty good-sized companies. Could give them more leverage with new and existing customers.
- What those oceanic cable cuts mean to you - This has been a conspiracy theorist’s dream as of late. I think it was just giant sea rats chewing through the cable.
neteng
Buy Me a Beer! Help me keep my sanity as I write more articles.Posted in MMNN | 1 Comment »
February 5th, 2008 neteng
Update: I changed the diagram to better suit this particular article on MPLS. I wanted to simplify it, so I just included the ISP core. The MPLS Series entry containing the image and .net files have also changed accordingly.
Today, we’re going to tackle the very basics of setting up MPLS connectivity. When we’re done, we will have a full functional label switching environment within our fictional ISP core. This will be our starting point and then we’ll get a little more in-depth with each lab. Before we get into the labs, you’ll want to have at least a basic idea of how label switching works. I highly recommend picking up MPLS Fundamentals and reading over at least the first few chapters. There are also some resources available on the web: Introduction to MPLS, MPLSTutorial.com.
Basic MPLS
In this lesson, we’re going to be covering LDP (Label Discovery Protocol) and it’s interoperation with our IGP (OSPF). We’ll see how the LIB (Label Information Base) & LFIB (Label Forwarding Information Base) are built and how these items work together with CEF.
Briefly, the LIB and LFIB are essentially the MPLS ‘versions’ of the IPv4 RIB & FIB (CEF table) you find in your standard router. They basically serve the same function, the LIB being the ‘routing table’ and the the LFIB acting as the ’switching table’ to quickly get packets in and out of the router. When changes occur in the LIB (link failure, route withdrawal, etc.), the LFIB is updated appropriately.
If you look at the network diagram, you’ll also see the different names applied to each router, depending on where it sits in the network:
CE Customer Edge PE Provider Edge P Provider
These are explained quite well in other sources, but in brief, P routers can be connected only to PE and other P routers. PE routers can be connected to P, PE & CE routers. And lastly, CE routers can be connected only to PE routers (possibly other CE routers). The CE routers do not in and of themselves run any sort of label switching. You’ll get a better understanding of each router’s function as we go through this series.
Before we begin any sort of MPLS configuration, let’s take a look at how our ISP is currently set up. Right now, they are running single-area OSPF as their IGP protocol and not carrying any user traffic. We’ll pretend that this ISP is just starting up and has no customers connected to it just yet. For now, all traffic is purely internal. In the following lessons, we’ll see our customers attached to the network and BGP come into play.
Let’s take a look at the routing table on R6, just to get an idea of what we have:
R6#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static routeGateway of last resort is not set
192.168.45.0/30 is subnetted, 1 subnets
O 192.168.45.0 [110/65] via 192.168.56.1, 01:40:57, Serial1/1
192.168.56.0/30 is subnetted, 1 subnets
C 192.168.56.0 is directly connected, Serial1/1
192.168.36.0/30 is subnetted, 1 subnets
C 192.168.36.0 is directly connected, Serial1/0
192.168.34.0/30 is subnetted, 1 subnets
O 192.168.34.0 [110/65] via 192.168.36.1, 01:40:57, Serial1/0
150.1.0.0/32 is subnetted, 4 subnets
C 150.1.6.6 is directly connected, Loopback0
O 150.1.5.5 [110/65] via 192.168.56.1, 01:40:57, Serial1/1
O 150.1.4.4 [110/66] via 192.168.56.1, 01:40:58, Serial1/1
[110/66] via 192.168.36.1, 01:40:58, Serial1/0
O 150.1.3.3 [110/65] via 192.168.36.1, 01:40:58, Serial1/0
You can see that we’re learning all of the attached networks (including Loopbacks) through OSPF, except for the links connected to our future customers. Also, take notice that R6 has two equal-cost paths to R4’s loopback (150.1.4.4). You’ll see how this comes into play later on.
Now, there are three steps to enabling MPLS on a router. Firstly, MPLS will not work without CEF enabled. We need ip cef on every router we intend to deploy MPLS. Secondly, we need to globally enable MPLS through the mpls ip command. We then enable a tag distribution protocol on the interfaces to enable the exchanging of labels between routers. This is also done through the mpls ip command, but per-interface. In most networks, you’ll use LDP as the tag distribution protocol. Cisco supports an old proprietary protocol named TDP (Tag Distribution Protocol), but it’s considered legacy. LDP is the default in IOS version 12.4 and higher. So we’ll enable MPLS on all routers and interfaces that are connected to our core.
R6#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R6(config)#mpls ip
R6(config)#int s1/0
R6(config-if)#mpls ip
R6(config-if)#int s1/1
R6(config-if)#mpls ip
Let’s verify our config:
R6#sh mpls interfaces
Interface IP Tunnel Operational
Serial1/0 Yes (ldp) No Yes
Serial1/1 Yes (ldp) No Yes
Cool. Once we complete the configuration on all of the other core-connected routers, we are in business. We can verify that LDP sessions have been established and are communicating through a couple of different commands:
R6#sh mpls ldp discovery
Local LDP Identifier:
150.1.6.6:0
Discovery Sources:
Interfaces:
Serial1/0 (ldp): xmit/recv
LDP Id: 150.1.3.3:0
Serial1/1 (ldp): xmit/recv
LDP Id: 150.1.5.5:0R6#sh mpls ldp neighbor
Peer LDP Ident: 150.1.3.3:0; Local LDP Ident 150.1.6.6:0
TCP connection: 150.1.3.3.646 - 150.1.6.6.18851
State: Oper; Msgs sent/rcvd: 14/14; Downstream
Up time: 00:02:02
LDP discovery sources:
Serial1/0, Src IP addr: 192.168.36.1
Addresses bound to peer LDP Ident:
192.168.36.1 192.168.34.1 150.1.3.3
Peer LDP Ident: 150.1.5.5:0; Local LDP Ident 150.1.6.6:0
TCP connection: 150.1.5.5.646 - 150.1.6.6.44185
State: Oper; Msgs sent/rcvd: 13/13; Downstream
Up time: 00:01:11
LDP discovery sources:
Serial1/1, Src IP addr: 192.168.56.1
Addresses bound to peer LDP Ident:
192.168.25.1 192.168.56.1 192.168.45.1 150.1.5.5
A couple of key things to mention here. First, notice the LDP Id in the show mpls ldp discovery output. This address is chosen in a similar way that a router-id is chosen in most routing protocols. The highest Loopback interface address is chosen, and if not present, the highest physical interface address is chosen. The thing you need to really know is that if this IP address is not reachable, an LDP adjacency will not form. So always make sure that you can reach these IP addresses from your router.
Something else to highlight is that LDP communicates through TCP and listens in on port 646. This is important to remember in case you have some security measures implemented between links (ACLs, firewalls, etc.).
Let’s look at the LIB and corresponding LFIB on one of the routers (R6):
R6#sh mpls ip binding
150.1.3.3/32
in label: 20
out label: imp-null lsr: 150.1.3.3:0 inuse
out label: 20 lsr: 150.1.5.5:0
150.1.4.4/32
in label: 19
out label: 20 lsr: 150.1.3.3:0 inuse
out label: 19 lsr: 150.1.5.5:0 inuse
150.1.5.5/32
in label: 18
out label: 19 lsr: 150.1.3.3:0
out label: imp-null lsr: 150.1.5.5:0 inuse
150.1.6.6/32
in label: imp-null
out label: 18 lsr: 150.1.3.3:0
out label: 18 lsr: 150.1.5.5:0
192.168.25.0/30
out label: imp-null lsr: 150.1.5.5:0
192.168.34.0/30
in label: 17
out label: imp-null lsr: 150.1.3.3:0 inuse
out label: 17 lsr: 150.1.5.5:0
192.168.36.0/30
in label: imp-null
out label: imp-null lsr: 150.1.3.3:0
out label: 16 lsr: 150.1.5.5:0
192.168.45.0/30
in label: 16
out label: 16 lsr: 150.1.3.3:0
out label: imp-null lsr: 150.1.5.5:0 inuse
192.168.56.0/30
in label: imp-null
out label: 17 lsr: 150.1.3.3:0
out label: imp-null lsr: 150.1.5.5:0R6#sh mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 192.168.45.0/30 0 Se1/1 point2point
17 Pop tag 192.168.34.0/30 0 Se1/0 point2point
18 Pop tag 150.1.5.5/32 0 Se1/1 point2point
19 19 150.1.4.4/32 0 Se1/1 point2point
20 150.1.4.4/32 0 Se1/0 point2point
20 Pop tag 150.1.3.3/32 0 Se1/0 point2point
I’ve highlighted a couple of routes to illustrate what we’re seeing in these tables. Let’s first take a look at 192.168.45.0/30. The LIB shows that packets sent to 192.168.45.0/30 will come in with a label marked as 16. There are two possible paths out: through R3 (LSR Id 150.1.3.3) or R5 (LSR Id 150.1.5.5). R5 is chosen, as seen by the in-use notation. This is because it’s the best path according to the IGP. The outgoing tag is Imp-null, which means Implicit NULL. This refers to the fact that R6 actually POPs the label before sending it to R5. This is called Penultimate Hop Popping (PHP) and is enabled by default on Cisco routers. Essentially, this router saves R5 from having to do extra processing since the 192.168.45.0 network is directly connected to R5. R5 doesn’t have to expend precious CPU time to look at the label; it just receives the packet as a normal Layer 3 packet. This is also indicated in the LFIB with Pop tag as the outgoing label.
Also of interest is the path to 150.1.4.4/32. As you can see, there are two equal-cost paths to R4’s loopback address. Therefore, the LFIB operates similarly to the FIB when CEF is enabled and allows load balancing across these paths.
So now we’ve enabled MPLS throughout our core. That’s it. That’s all there is to basic MPLS. Pretty boring, eh? MPLS in and of itself only really gets interesting when you run ‘applications’ over it. Once we get into VPNs & Traffic Engineering, we’ll really see it’s power. For now, I implore you to use the .NET file and implement this network. Play around with the different commands and you’ll gain a thorough understanding of how things work.
HumanModem .NET & Topology Images Files
Buy Me a Beer! Help me keep my sanity as I write more articles.Posted in MPLS | 9 Comments »
February 5th, 2008 neteng
I’ve decided that I would start this series off by posting access to the layer-3 topologies and .NET files that I’ll be using for my articles. This way, you can implement the labs as we go along if you’d like. Right now, I’m just posting the first topology and .NET files, but there will likely be different topologies as we move through the series. Of course, you will have to modify the .NET file to work with your setup, but the basic connectivity should remain the same.
Basic_MPLS_Topology_ISP_CORE_IP_Addressing.gif
Basic_MPLS_Topology_ISP_CORE_Port_Labels.gif
Buy Me a Beer! Help me keep my sanity as I write more articles.MPLS_Topology_VPN_IP_Addressing.gif
MPLS_Topology_VPN_Port_Labels.gif
Posted in MPLS | 4 Comments »
