MPLS-based Virtual Private Networks Khalid Siddiqui CS 843 Research Paper Department of Computer Science Wichita State University Wichita, KS
Presentation Outline To describe the: Need Need History History Working Working Benefits Benefits Of MPLS-based Virtual Private Networks
Why MPLS-based VPNs? Trends in Enterprise Computing Trends in Enterprise Computing 1. Companies having offices scattered throughout the country. 2. On-the-run employees. Network Congestion Network Congestion Better QoS required for Voice over IP and converged voice and data networks. Security Security More sophisticated and costly attacks on networks.
Definition/Features of MPLS Stands for Multi-protocol Label Switching. Stands for Multi-protocol Label Switching. A technology for speeding up network traffic flow and making it manageable. A technology for speeding up network traffic flow and making it manageable. Works by attaching a label in front of each packet. Works by attaching a label in front of each packet. At each subsequent hop in the network, the router only takes a look at the label and forwards it. At each subsequent hop in the network, the router only takes a look at the label and forwards it. This is in contrast to the normal switching where routers look at the IP address of each packet and forward it accordingly. This is in contrast to the normal switching where routers look at the IP address of each packet and forward it accordingly. This is how MPLS saves time and make traffic flow faster and smoother. This is how MPLS saves time and make traffic flow faster and smoother.
MPLS Features Contd. Label Distribution: Each LSR in the network maintains a table of {incoming interface, label} and {outgoing interface, label}. Label Distribution: Each LSR in the network maintains a table of {incoming interface, label} and {outgoing interface, label}. Resource Reservation: MPLS allows the reservation of bandwidth beforehand to ensure the continuous transmission of audio and/or video data. Resource Reservation: MPLS allows the reservation of bandwidth beforehand to ensure the continuous transmission of audio and/or video data. Traffic Engineering: Process of directing and diverting traffic to where there are resources available. Factors that affect Traffic Engineering are: Traffic Engineering: Process of directing and diverting traffic to where there are resources available. Factors that affect Traffic Engineering are: Current available resources Current available resources Current and future state of the network Current and future state of the network QoS Requirements QoS Requirements
MPLS Terminology Egress: Exit point from the network. Egress: Exit point from the network. FEC: Forwarding Equivalence Class. A sequence of packets that are routed the same way, meaning through the same LSP. FEC: Forwarding Equivalence Class. A sequence of packets that are routed the same way, meaning through the same LSP. Ingress: Entry point into the network. Ingress: Entry point into the network. LER: Label Edge Router. An LSR at the edge of an MPLS network. These routers usually make up the ingress and egress of the network. LER: Label Edge Router. An LSR at the edge of an MPLS network. These routers usually make up the ingress and egress of the network. LSR: Label Switching Router. A part of the MPLS network that forwards packets based on the label attached in front of the packets. LSR: Label Switching Router. A part of the MPLS network that forwards packets based on the label attached in front of the packets.
Benefits of MPLS Faster Packet Switching. Faster Packet Switching. Better management of different kinds of traffic (voice, data or converged). Better management of different kinds of traffic (voice, data or converged). Bandwidth Reservation for different Quality of Service. Bandwidth Reservation for different Quality of Service. Works with Internet Protocol (IP), Asynchronous Transfer Mode (ATM), Frame Relay; thus multiprotocol. Works with Internet Protocol (IP), Asynchronous Transfer Mode (ATM), Frame Relay; thus multiprotocol. Expected to work with future technologies. Expected to work with future technologies.
Definition/Features of VPN Stands for Virtual Private Network. Stands for Virtual Private Network. A VPN is a private network that uses a public network such as the Internet to provide secure remote access to the corporate network for its employees. A VPN is a private network that uses a public network such as the Internet to provide secure remote access to the corporate network for its employees. This is in contrast to earlier, expensive leased lines. This is in contrast to earlier, expensive leased lines. It works by sharing the same public infrastructure while providing security with the help of encryption and tunneling protocols. It works by sharing the same public infrastructure while providing security with the help of encryption and tunneling protocols. Data (packets) is encrypted by the sender and decrypted by the receiver. Data (packets) is encrypted by the sender and decrypted by the receiver. Only data that is encrypted properly enters a particular tunnel. Only data that is encrypted properly enters a particular tunnel.
Fig. 2: Virtual Private Network
VPN Terminology Tunneling: Transmission of private data through the public network such that the routing nodes in the network are unaware that the transmission is part of a private network. Tunneling: Transmission of private data through the public network such that the routing nodes in the network are unaware that the transmission is part of a private network. Encryption: The conversion of data into a form called ciphertext that is not understandable to anyone who’s not authorized to look at it. Encryption: The conversion of data into a form called ciphertext that is not understandable to anyone who’s not authorized to look at it. L2TP: Layer 2 Tunneling Protocol, a common tunneling protocol. L2TP: Layer 2 Tunneling Protocol, a common tunneling protocol. PPTP: Point to Point Tunneling Protocol, another common VPN tunneling protocol. PPTP: Point to Point Tunneling Protocol, another common VPN tunneling protocol.
Benefits of VPN Extend connectivity of a corporation beyond geographic boundaries. Extend connectivity of a corporation beyond geographic boundaries. Provide secure connections. Provide secure connections. Reduce expenditure and costs as compared to leased lines or WANs. Reduce expenditure and costs as compared to leased lines or WANs. Eliminate the need for transportation of remote users. Eliminate the need for transportation of remote users. Provide potential for networking in a global environment. Provide potential for networking in a global environment.
Conclusion MPLS-based Virtual Private Networks promise a lot of potential when properly designed. Virtual Private Networks provide the highly desirable benefits of low-cost, high speed, and secure connection. MPLS, on the other hand, provide better Quality of Service based on Traffic Engineering and Resource Reservation. So, I expect to see these kind of networks in heavy use in the near future.
References Brittain, Paul and Adrian Farrel, MPLS Virtual Private Networks, November, Brittain, Paul and Adrian Farrel, MPLS Virtual Private Networks, November, Brittain, Paul and Adrian Farrel, MPLS Traffic Engineering: A choice of signalling protocols, crldprsvp.pdf, January 17, Brittain, Paul and Adrian Farrel, MPLS Traffic Engineering: A choice of signalling protocols, crldprsvp.pdf, January 17, MPL VPNs, archive/ripe-39/presentations/mpls-vpn/, Novermber MPL VPNs, archive/ripe-39/presentations/mpls-vpn/, Novermber Spirent White Paper, BGP/MPLS Virtual Private Networks: Performance and Security over the Internet, literatureqqw8/marketingliterature/W5103_RFC_2547.pdf. Spirent White Paper, BGP/MPLS Virtual Private Networks: Performance and Security over the Internet, literatureqqw8/marketingliterature/W5103_RFC_2547.pdf. Tyson, Jeff, How Virtual Private Networks Work, Tyson, Jeff, How Virtual Private Networks Work,