MPLS | Unicast IP Forwarding 

‐ MPLS pictures the entire WAN, which was previously a Layer 2 obstacle (no QoS and difficult
any-to-any implementation), as a single router with multiple interfaces.

‐ Each site reuires one connection to the ISP network. This connection will most likely be Frame
Relay at the local loop.

MPLS Labels 
‐ Forwarding Equivalence Class FEC : a set of packets tagged with the same label.

‐ Label : a 20-bit length field that can correspond to destination network, VPN, QoS, outgoing
interface, … Labels 0 – 15 are reserved.

‐ MPLS Header : a 4-octect (32-bit) structure including the Label :

‐ Label Stack : an ordered set of labels attached to a packet header (a max of 3 layers by default).
The “Bottom of the Stack” field is on 1 when the label is the last on the stack.

‐ Following scenarios need Label Stacks :

‐ MPLS-VPNs : The added label identifies the VPN and its relevant informations are
propagated by Multiprotocol BGP MP-BGP.
‐ MPLS Traffic Engineering MPLS-TE : uses RSVP to establish LSP tunnels.
‐ MPLS-VPNs & MPLS-TE.

‐ Label Swap : the operation of looking up an incoming label to determine the outgoing label, port…

‐ Penultimate Hop Pop PHP : the second-to-last node in an LSP pop the label and adds a label of 3
(imp-null) before sending the packet to the PE. The PE only perfoms routing table lookup.

MPLS Modes 
‐ Frame Mode: use of MPLS with frame-based-encapsulated interfaces (ethernet, FR, …).

‐ Cell Mode : denotes the use of ATM-encapsulated interfaces. Cell-MPLS uses VPI/VCI fields.

  v 1.0 
 
 MPLS| Unicast IP Forwarding
 

MPLS terminology 
‐ Customer Premises Equipment router (Customer Edge CE) : the customer router that interface
directly with the PE router.

‐ Edge router (Provider Edge PE) : an MPLS node connected to a neighboring node outside of its
MPLS domain. Only PEs perform the routing table lookup.

‐ Label-Switched Router LSR (Provider P) : an MPLS node capable of forwarding labled packets.
LSRs doesn’t need to be capable of performing native L3 routing.

‐ Label-Switched Path LSP : the path through one or more LSRs followed by a packet.

MPLS Components 
‐ Control Plane : maintains routing (OSPF, BGP, …) and label information (LDP or TDP) exchange
between adjcent devices.

‐ Data Plane (Forwarding Plane) : forwards traffic based on destination addresses or labels and
takes care of label swapping.

Labels Allocation 
• Control plane

‐ Routing Information Base RIB : the routing tables built by the control plane routing protocols.

‐ Label Information Base LIB (IP-to-Label) : Stores local and neighbors LSRs labels assigned to
each destination network.

• Data Plane

‐ CEF Forwarding Information Base FIB (IP-to-NextHop) : Initially built based on IP routing
tables with no labeling information. Based on TDP/LDP received informations, Next Hop Label
assigned to each network destination is added to the related entry. FIB lookups use network
destinations as index, so unlabled packets are forwarded based on the FIB, witch is known as
Interim Packet Propagation.

‐ Label Forwarding Information Base LFIB (Label-to-NextHop) : based on the LIB and FIB, each
LSR builds its own LFIB, on which lookups use labels, so, LFIB performs labeled packets
forwarding and label swapping.

Label Distribution 
• Tag Distribution Protocol TDP

‐ TDP is CISCO Proprietary and is dropped since LDP was ratified. TDP uses UDP & TCP 711.

2
 
 MPLS| Unicast IP Forwarding
 

• Label Distribution Protocol LDP

‐ LDP is vendor-neutral.

‐ LDP discovers LDP-neighbors by multicasting Hellos to 244.0.0.2 on UDP 646. Hellos list LSR’s
LDP ID : LID (32-bit dotted-decimal and 2-bytes Label Space Number always set to 0 for frame-
based MPLS). Hellos can also list optionnaly a Transport Address. First 4-bytes of LID represent
the highest IP address of an up/up loopback interface, otherwise, the highest IP address ofan
up/up non-loopback interface.

‐ TCP neighbors form a TCP connection between each other on TCP 646 using the Transport
Address (if listed in the Hello) or the first 4-bytes of the LID.

‐ Once the TCP connection is up, neighbors exchange their bindings of local labels and prefixes.

‐ 2 Label distribution manners:

‐ Unsolicited downstream : Neighbors receive an update due to a convergence event.
‐ Downstream-on-demand : Neighbors request updates.

MPLS TTL Propagation 
‐ When MPLS TTL Propagation is enabled :

‐ When MPLS TTL Propagation is disabled :

‐ TTL Propagation can be enabled/disabled for 2 classes of packets independently:

‐ Local : the LSR locally created traffic.
‐ Forwarded : customers traffic (for consistent TTL propagation, Forwarded traffic TTL
propagation must be enabled on all LSRs or disabled on all LSRs).
 

3
 
 MPLS| Unicast IP Forwarding
 

MPLS Unicast IP Forwarding 
‐ MPLS Unicast IP considers only routing tables informations to forward customers’ traffic.

‐ Customer routes are advertised through the MPLS network by an IGP.

‐ Every LSR reacts to a newly learned customer route by allocating a new local label and
advertising said-label to all its neighbors using LDP (or TDP).

CONFIGURATION 
‐ To configure MPLS unicast IP forwarding :
1. Enable CEF :
Router(config)# ip cef 

2. Enable MPLS globally (enabled by default) :

Router(config)# mpls ip 

3. Enable MPLS on a per-interface basis (disabled by default) :

Router(config‐if)# mpls ip 

4. Choose between LDP/TDP globally or per-interface (LDP by default on new IOSs) :

Router(config)# mpls label protocol {ldp | tdp | both} 

5. Configure MTU size as needed (1500 by default, add 4*max-label-stack) :

Router(config‐if)# mpls mtu mtu‐size 

4
 
 MPLS| Unicast IP Forwarding
 

‐ To enable/disable MPLS TTL propagation :

Router(config)# [no] mpls ip ttl‐propagation [local | forwarded] 

TROUBLESHOOTING 
‐ To clear IP CEF informations :
Router # clear adjacency 
Router # clear ip cef inconsistency 
Router # clear cef interface 

‐ To output the content of the FIB :

Router # show ip cef {summary | detail} 

‐ To output the content of the LFIB :

Router # show mpls forwarding‐table   

‐ To output the content of the LIB :

Router # show mpls ldp bindings 

‐ To ensure LDP adjacencies have been established :

Router # show mpls ldp neighbor 

5
 
 MPLS | MPLS‐VPNs 

‐ MPLS-VPNs use MPLS unicast IP forwarding with additional MPLS-aware features at the P
network edge ; allowing the SP to provide a wide variety of services to its customers.

‐ MPLS-VPNs use MP-BGP to overcome issues of duplicate IP address ranges.

MPLS‐VPN Components 
• Control Plan on P Routers

‐ P routers run an IGP or IBGP and carry only P network routes in their routing tables.

‐ P routers interface with PEs to transport BGP peering information across to remote PEs.

• Control Plan on PE Routers

‐ PEs exchange customer routes with connected CEs using either EBGP or an IGP. These routes
are stored in separate per-cutomer routing tables : VRF tables.

‐ PEs exports VRF entries to an MP-BGP global routing table and advertise these MP-BGP
routes to remote PEs using MP-BGP peering.

• Data Plan

‐ At the ingress PE, 2 labels are pushed on packets :

‐ Outer label causes the packet to be forwarded to remote PE.
‐ Inner label identifies the VRF to use on the remote PE.

  v 1.0 
 
 MPLS| MPLS‐VPNs
 

Virtual Routing and Forwarding tables VRFs 
‐ VRFs provide isolation between customer routes. A separate VRF is assigned to each customer.

‐ For more complex designs, a PE might need multiple VRFs per customer.

‐ Each VRF has 3 components :

‐ RIB : IP routing table.
‐ CEF FIB : populated based on the VRF RIB
‐ A separate instace of IGP or EBGP used to exchange routes with CE.

Route Distinguishers RDs 
‐ An Route Distinguishers RDs is a 64-bit Address-Family added in the front of the original BGP
NLRI (32-bit IPv4 prefix) when routes are exported to MPBGP to distinguish each VRF routes.

‐ The new NLRI (RD + IPv4) is called VPNv4.

‐ The RD has 3 formatting conventions. First 2 bytes identifie the used format for next 6 bytes :
‐ 2-byte-integer : 4-byte-integer,
‐ 4-byte-integer : 2-byte-integer,
‐ 4-byte-dotted-decimal : 2-byte-integer.

‐ On IOS show and config. commands, only the last 6 bytes of the RD are specified.

‐ The first value (encoded into the last 6 bytes) should be either an ASN or an IPv4 address (e.g.
the PE BGP ID). The second value can have any meening.

2
 
 MPLS| MPLS‐VPNs
 

Route Targets RTs 
‐ An Overlapping VPN occurs when one CE site needs to be reachable by CEs in different VPNs.

‐ RDs are adequate for a single VPN. Route Targets RTs are needed to support Overlapping VPN
and indicate VPN membership. A prefix can have only one RD (one RD per VRF) but one or more
RTs (one RT per VPN) assigned to it. RT values follow the same basic format as RD values.

‐ BGP Extended Communities are 8-byte used for a wide variety of purposes. MPLS uses BGP
Extended Community Path Attributes PAs to encode one or more RTs.

‐ Export RTs configured on ingress PE VRFs are added to BGP NLRIs when routes are exported
(from VRFs to MP-BGP) based on VPN membership.

‐ Import RTs configured on egress PE VRFs determine which routes must be imported from MP-
BGP to which VRF.

CONFIGURATION 
‐ To configure MPLS-VPN on PE routers:
1. Enter the VRF sub-config mode (and create the VRF table) :
Router(config)# ip vrf vrf‐name 

2. Configure one RD and one or more RTs (only last 6 bytes) :

Router(config‐vrf)# rd rd‐value 
Router(config‐vrf)# route‐target [both | import | export ] rt‐value   

3. Assign PE interfaces interfacing with the customer to the VRF table :

Router(config‐if)# ip vrf forwarding vrf‐name 

4. Configure VPNv4 BGP on P side and IPv4 VRF on C side (if EBGP is used) :
Router(config‐router)# address‐family vpnv4 
Router(config‐router)# address‐family ipv4 vrf vrf‐name 

3
 
 MPLS| MPLS‐VPNs
 

TROUBLESHOOTING 
‐ To output the content of the RIB :
Router # show ip route vrf vrf‐name 

‐ To output the content of the FIB :

Router # show ip cef vrf vrf‐name 

4