Professional Documents
Culture Documents
India.
AbstractMPLS(Multi Protocol Label Switching) is an the capability to maintain different VRF tables so that the
emerging technology [1] which has started attracting all the privacy and protection of an MPLS-VPN can be extended
service provider networks with its exceptional and admirable down to a branch office of the customer rather than just at the
features. VPN(Virtual Private Network) is one of its most PE router node.
popular feature which carries traffic securely and privately from
customers one end to another through the service providers
A VLAN-like configuration is created on the customer side
network. However, in this case the CE(Customer Edge) router is by CE routers using VRF interfaces. The VRFs present on the
not involved in providing private network through the customary CE router and PE router are then mapped to each other. When
LAN. The Multi-VRF(Virtual Routing and Forwarding) CE Multi-VRF CE is configured, the CE router is able to configure
feature-also known as VRF-Liteis a feature whereby the VPN the VRF interfaces and its routing tables. Only some of the PE
functionality is extended to the CE router in an economical way. functionality is shared with the CE router. The CE router
A Multi-VRF router can run multiple instances of routing cannot perform functions like label exchange, which is a
protocols with a neighboring router with overlapping address feature of MPLS, i.e. MPLS is not enabled on the CE routers.
spaces configured on different VRF instances. Hence, only one
CE and PE routers share IP enabled communication between
CE router is needed for multiple VPNs, thus simplifying
provisioning and network management rather than a multiple
them.
CE router solution. This paper describes the designing of such a The designed network in this paper illustrates the
Multi-VRF MPLS network on the service providers end which connectivity of companies with a large main site and its smaller
can separate a customers large network into smaller sites and sites or departments that are interconnected across an MPLS
keep them isolated in a cost-effective way. GNS(Graphical VPN network. The main site of the company is large and has
Network Simulator) software stack with VMware virtualization several departments that are required to be separated from each
were chosen for this purpose, as these applications are well suited other for privacy reasons. These departments for example,
for emulation of real network environment. The resultant sales, marketing, human resources, engineering etc., then
network obtained after this design is a real time solution to many
connect to their respective department remote sites through the
problems and demands in todays service providers network.
MPLS VPN network. This communication is carried using
Index TermsMPLS, MPLS Virtual Private Network, Virtual Multi-VRF MPLS. Only one CE router is required at every end
Routing and Forwarding, routing protocols, Customer Edge(CE) to manage the departments, thus simplifying provisioning and
router, Provider Edge(PE) router, route distinguisher, route network management rather than a multiple CE router solution.
target. CE router has VRF functionality to provide VPN routing
information and hence there are less routing updates to manage.
Each CE router announces its site's local routes to a PE router,
I. INTRODUCTION
and learns the remote VPN routes from that PE router. Routing
MPLS-VPNs [2] provide protection and isolation as traffic information is then shared by the PE routers with CE routers by
travels through the provider network. The CE router has no using static routing or a routing protocol such as BGP,OSPF,
means to assure private networks across the conventional LAN RIPv1, or RIPv2. The PE router maintains VPN routes only
network. Usually to provide confidentiality, either a switch is for which it is directly attached. Every VPN is mapped to a
needed to be deployed and each client be located in a separate particular VRF. After learning local VPN routes from CEs,
VLAN or a separate CE router is required for every customers VPN routing information is exchanged between other PE
organization or IP address combination attached to a PE. routers through internal BGP (IBPG).
These solutions are both expensive to the customer as This paper is organized as follows: Section II illustrates the
additional equipment is required and also requires extra previous work done in the MPLS domain. Section III
network management and provisioning for each customer site. elaborates the proposed designing for a multiple customer,
Multi-VRF CE is an attribute, that provides solutions to multiple site MPLS network, whereas Section IV deals with the
these problems. Multi-VRF CE extends partial PE functionality analysis of simulation results. The final section summarizes the
to a CE router in an MPLS-VPN network. A CE router now has paper.
II. PREVIOUS WORK complexity of the network and also making it cost effective.
Earlier, if the customers were willing to setup a private link Every site can connect to its corresponding site, which is
between their various sites they would request the service remotely located. Multi-VRF helps the CE routers to maintain
provider for a separate link which was a costly investment. complete privacy and doesnt allow any unwanted interference.
Also, the customers could not use the same private IP addresses Multi-VRF also offers the usage of same IP addresses in
while connecting to the service provider network as the service different sites, i.e. overlapping of IP addresses is possible
provider could not distinguish between the various customers amongst different sites.
or its various departments. When MPLS VPN started getting B. Design scenario of a sample network
implemented, it enabled the service provider to lease private
The aim of the proposed sample network as shown below
links to the customer on the same network without any
in Fig. 1, is to show how the features of Multi-VRF can be
additional links to be installed. Different departments can be
utilized to connect large companys various sites to each other,
separated by implementing VLANs on switches in the main
satisfying certain given constraints by customers. The sample
site and mapping each VLAN to a VRF (sub)interface on the
network has two companies: Customer A and B. These two
PE router.
companies have different departments each namely, Sales,
Another way to differentiate between the smaller sites or
Marketing, Human Resources and Engineering, which are
departments was to have separate CE routers as and when
spread out at different locations.
required for every customers organization or IP address
CE1 router has connections to company As Sales,
grouping for a PE router. However, both these solutions are not
Marketing, HR and Engineering departments.
optimal now as additional setup is required, making the
network more complex. CE2 router has connections to company Bs Sales and
Marketing departments.
III. DESCRIPTION OF PROPOSED NETWORK CE3 router has connections to company As Sales, and
Marketing departments.
A. Motivation CE4 router has connections to company Bs Sales,
Now, with the ever increasing expansion of companies and Marketing, HR and Engineering departments.
industries, every company has its branches and sites spread all CE5 router has connections to company As HR and
over the globe. The company needs to have connectivity Engineering departments.
between its various sites along with features like privacy and CE6 router has connections to company Bs HR and
security. A service providers network should be capable Engineering departments.
enough to handle many such companies and its sites in the This sample network insists on the following constraints:
same network architecture, satisfying all the needs of its C1: Customer As and Bs departments should be able
customers. The use of Multi-VRF enables the service provider to communicate with their own departments located at
to handle multiple sites on one CE router itself, reducing the different places.
C2: Complete privacy and security should be provided MPLS. This information helps in supporting multiple
to the departments, not allowing any other department customers. Furthermore, to learn the paths and
of other field to communicate in between. exchange the LDP(Label Distribution Protocol) labels
C3: All the customers and their departments belong to in the MPLS network, BGP can be used or any other
different Autonomous Systems. routing protocol can be used simultaneously.
C4: Minimum number of links should be utilized for S6: Route Reflectors(RR) within the network
communication between these companies and their The architecture of BGP for the internal neighbor ship
sites by the service provider. requires full-mesh of connections between all PEs. RR
can be used in order to reduce this amount of iBGP
C. Proposed Solution connections. Following this approach RRs are fully
The proposed solution satisfying these constraints can be meshed and rest of the BGP speakers within AS peer
shown via emulators like GNS(Graphical Network Simulator) only with this RRs rather than with each other.
which is applicable for real-time scenarios. The steps for
designing this network can be shown as below: IV. SIMULATION RESULTS
S1: VRFs on CE and PE routers The sample scenario was implemented in GNS3 and the
VRF instance is used for each customers every following results were obtained which are satisfying all the
department in the network to achieve this. The Route- criteria mentioned resulting in a better service provider network
Distinguisher (RD) and Route-Target (RT) are two with many real-time features included.
different concepts that are both used in an MPLS
A. VRFs on CE and PE routers
VPN. The RD is used to keep all prefixes in the
BGP(Border Gateway Protocol) table unique, and the The VRFs configured on CE1, CE4, PE1 and PE4 are as
RT is used to transfer routes between VRFs/VPNS. shown in the figures below:
VRFs on CE and PE routers connected to each other
should match with same RTs.
S2: Trunk ports
MPLS Multi-VRF allows different departments to use
the same physical link between the PE and the CE
routers. Trunk ports with several VLANs separate
packets amongst the departments and hence each
department has its own VLAN(Virtual Local Area
Network). This reduces the excess use of links Figure 2: VRFs implemented on CE1 router
between CE and PE routers.
S3: Routing protocol for every VRF and between CE
and PE routers
For every VRF on CE and PE routers, a routing
protocol should be configured. Similarly, a routing
protocol should also exist for connectivity between the
CE and PE router. Most routing protocols that are
commonly used are: BGP, OSPF, EIGRP, RIP, and
Figure 3: VRFs implemented on CE4 router
static routing. In case of OSPF routing protocol, a
subcommand : capability vrf-lite is required under
router ospf at the CE router.
S4: Enable MPLS in the core service provider network
At the core service providers network, it makes no
difference between MPLS Multi-VRF or normal Figure 4: VRFs implemented on PE1 router
MPLS VPN that uses multiple CE routers. Hence a
standard MPLS configuration is done at the core
network.
S5: Routing Protocols within the network
Multi-protocol BGP [3][4][7] which allows multiple
address families to be transferred across the network in Figure 5: VRFs implemented on PE4 router
parallel should be used for the exchange of customers
routing information.BGP is designed to be the protocol
operating across multiple Autonomous Systems (AS)
and is more suitable for distributing very large amount
of routing information along with label distribution for