how-to block ads
There are multiple networks that like to share the same medium. This medium in general sense can be anything, ranging from the same physical network devices to same Internet connection or same circuits. The requirement is that each network cannot access or see each other.
A traditional approach of this situation is to implement ACL to filter out traffic. With ACL approach however, all the networks share the same routing table at some point. Another downside is when each network uses private IP address scheme which can be used by anybody for any purpose that may conflict with other network. In some environment, the ACL approach might be security risk in addition to potential operation problem.
Another approach is to implement VRF (Virtual or VPN Routing and Forwarding). With VRF approach, each network has its own routing table. Since each network has its own routing table, no ACL is necessary and any network can use any IP address scheme including private ones without conflicting other networks.
Check out the following link for more info
RFC 4381: Analysis of the Security of BGP/MPLS IP Virtual Private Networks (VPNs)
»MPLS with a Single Router?
In some VRF implementation, usually LDP (Link Distribution Protocol) and MP-BGP (Multiprotocol BGP) are used to forward traffic of all networks over one network transparently. These LDP and MP-BGP usage is typical implementation of MPLS network.
Check out the following links for more info on LDP and MP-BGP
RFC 4364: BGP/MPLS IP Virtual Private Networks (VPNs)
RFC 3031: Multiprotocol Label Switching Architecture
RFC 3036: LDP Specification
RFC 2105: Cisco Systems' Tag Switching Architecture Overview (TDP) - Cisco's version of LDP
For some simple networks, something called VRF lite can be used. When VRF lite is implemented, LDP is not used although at some point MP-BGP may be used.
With either LDP or non-LDP implementation, any routing protocols can be used to interconnect places. VRF works with connected networks, static routes, and dynamic routing protocols (RIP, OSPF, EIGRP, BGP).
Check out the following link for more info on VRF-based routing protocols
RFC 4577: OSPF as the Provider/Customer Edge Protocol for BGP/MPLS IP Virtual Private Networks (VPNs)
Where MPLS/VRF fits
»How to maintain VLAN Tags across Routers
»[Config] 4500 inter-vlan routing
»Cisco Forum FAQ »Multiple networks share same Internet lines or same devices transparently
»Cisco Forum FAQ »Separate Internet: Dedicate T1/E1 for server, dedicate DSL/Cable for LAN
»Cisco Forum FAQ »Configure DMZ on routers
ISP-offered MPLS Solution
Since its birth, MPLS technology has been exciting to ISP since they could cut costs tremendously by sharing physical infrastructure compared to good-old Frame Relay technology where ISP has to build unique physical infrastructure for each network. ISP MPLS technology implementation comes up with various names, however they can be categorized by either Layer-3 or Layer-2 solution.
The Layer-3 solution is typical MPLS where ISP manages PE and P routers. In some extends, ISP may offer to manage the CE routers as managed MPLS solution so that MPLS BGP mechanism is transparent to their customers.
The Layer-2 solution is more modern approach where the ISP may call it as Metro Ethernet or Point-to-Point solution. In some extends, ISP may actually use point-to-point fiber infrastructure to offer the Point-to-Point solution compared to "simulated" point-to-point infrastructure.
For those more advanced customers, ISP also offer VPLS-based solution or some may call it CSC (Carrier Supporting Carrier). With this solution, the customer manages its own PE or may even manage its own P routers (the Layer-3 side) while the ISP manage the Layer-2 side. By managing its own PE or even P routers, customer has total control of the MPLS Cloud from assigning its own VRF (MPLS Labels) to Traffic Engineering so that the customer can create custom-made MPLS network for specific network need such as unique Layer-3 MPLS network for voice and data without a need of managing the Layer-2 side.
At customer site, typically ISP implement at least T1/E1 circuits as part of the MPLS solution they offer to customers. For larger bandwidth demand, ISP may implement DS-3, OCx, or DWDM circuits. Depending on the requirement, ISP may bring in their own equipments to install at customer site such as PE or CE router, or some Ethernet-based switch for those Ethernet-handoff solution. With any telco circuit implementation, good old multiplexer (Muxes) or simple Smartjack boxes for T1 circuits are also part of the MPLS solution which may or may not be managed by the MPLS provider. Depending on the customer area availability, there may or may not be fiber drop at customer site as part of the MPLS solution.
With any MPLS solution, prospective customer should review how ISP actually use their fiber infrastructure in offering the MPLS solution. Some ISP may or may not have direct physical fiber connectivity between areas. Some ISP may offer more expensive solution with lower latency. Further, prospective customer should review their internal network design of how should their network design look like with MPLS solution come to play in order to verify reliability, scalability, and top-notch network performance.
Various MPLS Topics
»Anyone experience with L2TPv3?
TE (Traffic Engineering)
»[bgp] multisite multihome via mpls and bgp
»[Config] VRF RD Best Practice
MTU on MPLS
»L2TPv3 MTU problem/question.
MPLS QoS: DiffServ and IntServ (Differentiated Services and Integrated Services)
»IP QOS(quality of service) over MPLS usingIntegrated Service
»Packets are not being marked - QOS over MPLS
»Regional routing in WAN cloud?