Got it
Huawei Enterprise Support Community
Community Forums Routing & Switching
[Approaching NE(14)] A Pa...

[Approaching NE(14)] A Packet‘s Adventures on Huawei Routers - MPLS Forwarding(1 Highlighted

Latest reply: Jul 4, 2021 17:37:39 6857 22 6 0 1
View the author 1#

Getting Started with MPLS and MPLS VPN

MPLS Overview and Background

Multiprotocol Label Switching (MPLS) uses labels, not routes, to forward packets and combines the advantages of IP and asynchronous transfer mode (ATM) technology.

IP technology, while simple and cheap to deploy, relies on the longest match algorithm, which is not the most efficient choice for forwarding packets. In comparison, ATM is much more efficient at forwarding packets. ATM uses fixed-length labels (called cells) and maintains a label table, which is much smaller than a routing table. However, ATM is a complex protocol with a high deployment cost, which has hindered its widespread popularity and growth.

MPLS was developed to satisfy users who wanted a technology that combines the best features of both IP and ATM.

MPLS is designed to increase forwarding rates. Unlike IP, MPLS ***yzes packet headers on the edge of a network, not at each hop. Therefore, packet processing time is shortened.

Although losing its advantage in accelerating the forwarding speed, MPLS supports multi-layer labels, and its forwarding plane is connection-oriented. MPLS is widely used in virtual private network (VPN), traffic engineering (TE), and quality of service (QoS) scenarios.

Typical MPLS Network Structure

The following figure illustrates the typical MPLS network structure.

56fcc03fe32c0.png

Label switching routers (LSRs) are the basic elements of an MPLS network. There are three main types of LSRs:

  • An Ingress is on the MPLS network edge and receives packets from another network. It ***yzes data packets and adds a label to them.

  • A transit LSR is within an MPLS domain and it forwards packets based on labels.

  • An egress is on the MPLS network edge and sends packets to another network. It removes the label from the packet before sending the packet out of the MPLS network.

MPL Header and Label

An MPLS header is 4 bytes long and contains the following fields.

56fcc04725b89.png

  • Label: a label value.

  • EXP: used for extension. This field is used to implement the class of service (CoS) function, which is similar to Ethernet 802.1p.

  • S: whether a label is at the bottom of a label stack. MPLS supports multiple labels that can be stacked. Value 1 indicates a label at the bottom of a label stack.

  • TTL: short for time to live. This field is the same as the TTL in IP packets.

Label Distribution Process

Data packets travel along label switched paths (LSPs) across an MPLS network. LSPs that are unidirectional originate from the ingress and terminate at the egress. MPLS forwarding is performed in a "road is built first, and cars go" way. Before packets are forwarded, labels must be distributed to establish an LSP.

A label is assigned by a downstream LSR to an upstream LSR. In the following figure, Transit-2 is downstream to Transit-1 and Egress is downstream to Transit-2. Conversely, Tansit-1 is upstream to Transit-2 and Ingress is upstream to Transit-1.

56fcc04f25cd9.png

Downstream LSRs assign labels because the downstream LSR itself uses these labels to identify a packet that can be forwarded. If an upstream LSR assigns a label, the downstream LSRs do not know how to use the label to forward a packet unless they agree on this label. To simplify the process, the downstream LSR itself assigns the label.

Packet Forwarding Process

56fcc05b18f9c.png

  1. The ingress receives an IP packet destined for 10.1.1.1, adds label Z to the packet, and forwards it downstream.

  2. Transit-1 receives the labeled packet, swaps label Z for label Y, and forwards the packet downstream.

  3. Transit-2 receives the labeled packet, swaps label Y for label X, and also forwards the packet downstream.

  4. The egress receives the packet, removes label X, and forwards the packet over an IP route to 10.1.1.1.

Label Operation ― Push, Swap, and Pop

  • Push: Adding a label to a packet, as shown in Step 1 stated above.

  • Swap: Swapping a label at the top of the label stack in an MPLS packet for another label assigned by a next hop, as shown in Steps 2 and 3 stated above.

  • Pop: Removing a label from an MPLS packet before the packet leaves the MPLS network, as shown in Step 4 stated above. In addition, the penultimate LSR can also remove a label from an MPLS packet. This process is called penultimate hop popping (PHP), and is described in the following section.

PHP Mechanism and Implicit Null Label

Assume that an MPLS packet arrives at the egress, the last hop of an LSP. The egress looks up its MPLS forwarding table for a matching entry and removes the label from the MPLS packet. After the egress finds that the MPLS packet becomes an unlabeled IP packet, the egress re-looks up for an entry in the IP forwarding table and forwards the packet. Obviously, the lookup in the MPLS forwarding table is unnecessary and reduces forwarding efficiency. To make an improvement, PHP enables the egress to instruct the penultimate LSR to remove the last label from the MPLS packet before sending the packet to the egress. After receiving the packet, the egress directly forwards the unlabeled IP packet or single-labeled packet. PHP helps reduce the burden on the egress.

PHP enables the egress to assign only implicit null label (label 3), to the penultimate LSR. The implicit null label is removed before appearing in the label stack of a packet reaching the egress. When an implicit null label is distributed to a penultimate LSR, the LSR directly removes the label without having to swap an existing label for it at the top of the label stack.

MPLS VPN Overview

As mentioned in the MPLS background, MPLS is widely used in virtual private network (VPN) services. Well, what is VPN?

Before the advent of VPN, telecom carriers rented Layer 2 leased lines to enterprises. Each leased line was exclusive to a specific enterprise.

Each time a leased line was added, a new physical link needed to be built, which was time consuming and costly. ATM and Frame Relay (FR), following the leased line technique, enabled carriers to use virtual circuits to provide P2P leased lines. Such leased lines were time-saving and of low cost. Virtual circuits depended on dedicated transmission media. Either ATM or FR if used must be supported by all devices in all service areas. Costly network construction and low transmission rates made virtual circuit-based services lag behind the development speed of applications on the Internet.

A substitute solution was invented to use VPNs over an existing IP network. The nature of VPNs is to provide virtual leased line services over a shared network (known as a public network), which poses a problem. No enterprise wants its data to be exposed on the shared public network, and their VPNs must be isolated from one another. Packets of a specific VPN must be transparently transmitted over the public network. To tackle this issue, VPNs use the tunneling technique to transmit data.

The tunneling technique provides a tunnel between two network nodes to transparently exchange data. Tunnel protocols are used to establish tunnels. They include Generic Routing Encapsulation (GRE), Layer 2 Tunneling Protocol (L2TP), and MPLS that is what we are talking about. After a tunnel is established, one end adds a tunnel protocol header to each packet and forwards the packet to the other end. Upon receipt of it, the other end removes the header and forwards the packet. Tunnels, including MPLS LSPs, are the integral part of VPNs. MPLS LSPs are the most commonly used on carrier networks. VPNs that transmit data along MPLS LSPs are called MPLS VPNs.

MPLS VPNs are classified as MPLS L3VNs or MPLS L2VPNs. MPLS L2VPNs involve virtual private LAN service (VPLS) tunnels and virtual leased line (VLL) and pseudo wire emulation edge-to-edge (PWE3) tunnels.

  • MPLS L3VPN: L3VPN users consider that a shared network (public network) is like a router connecting to VPN sites to one another. The public network builds dedicated routing and forwarding tables for each VPN.

    56fcc06540702.png

  • VPLS: uses virtual leased network segments to connect LANs to one another. For VPLS users, a public network is like an Ethernet switch connecting VPN sites to each other. VPLS is also called E-LAN.

    56fcc06d88f8d.png

  • VLL and PWE3: use an IP network to simulate traditional leased lines. VLL users take a public network as a P2P link to connect VPN sites to one another. VLL is also called virtual private wire service (VPWS) or E-Line. PWE3 is an extension to VLL.

    56fcc0767e0f5.png

MPLS Label Position

Labels are encapsulated between the data link and network layers. Their position in a data packet is illustrated in the following figure.

56fcc07d7dc8d.png

An MPLS packet can carry multiple labels. The label next to the physical layer is called the outer label or stack top label. The label next to the network layer is called the inner label or stack bottom label. Theoretically, an unlimited number of MPLS labels can be stacked in an MPLS packet.

On an MPLS VPN, the most inner label is the VPN label, also called a private network label. The most outer label is the tunnel label, also called a public network label.

MPLS Forwarding Process

Processing on the Ingress

After a data packet enters an MPLS network, the ingress ***yzes it and adds a label to the packet. Transit LSRs forward the packet based on labels carried in the packet. The egress removes the label from the packet before sending the packet out of the MPLS network.

56fcc09656ec6.png

  1. The uplink packet forwarding engine (PFE) parses a received packet and determines the forwarding type. The process is the same as the Layer 2 or Layer 3 IP forwarding process for handling an incoming packet. Layer 2 forwarding is performed for an incoming packet in a VPLS, VLL, or PWE3 scenario, and Layer 3 IP forwarding in an MPLS VPN scenario.

  • MPLS L3VPN scenario: Layer 3 IP forwarding is performed for incoming packets. The ingress searches the forwarding information base (FIB) table for a matching entry. If the tunnel ID is 0x0, common IP forwarding is performed. If the tunnel ID is not 0x0, MPLS L3VPN forwarding is performed.

    Destination/Mask  Nexthop   Flag   TimeStamp  Interface   TunnelID
    1.1.1.1/32        10.0.0.1   DGU   t[347299]  GE1/0/0     0x0
    10.0.0.0/24       10.0.0.1   U     t[257502]  GE1/0/0     0x0 

    192.0.0.0/24      10.0.0.1   DGHUT t[670625]  GE1/0/0     0x2000001 

    127.0.0.0/8       127.0.0.1  U     t[102]     InLoop0     0x0

       

    VPN packets are transparently transmitted along LSPs in an MPLS domain. The outbound interface of VPN packets on the ingress connects to an LSP. To provide a uniform interface for upper-layer applications (such as VPN and route management) that use tunnels, the ingress automatically assigns an ID to each tunnel. Such ID is called a tunnel ID that is valid only on a local node. The following figure shows the format of a tunnel ID.

    56fcc09ed1fbc.png

    The LSP Token field is used to search the MPLS forwarding table for matching entries. The LSP token value is merely an index used in MPLS forwarding entry lookup.

  • VPLS: The ingress performs Layer 2 bridge forwarding for incoming packets. The ingress searches the MAC entry table based on the destination MAC address and VLAN ID in a packet and finds a matching outbound interface name and LSP token. The following figure shows an example of a MAC entry table:

    MAC Address      VLAN/    PEVLAN CEVLAN Port         Type      LSP/LSR-ID
                     VSI/SI                                        MAC-Tunnel
    -------------------------------------------------------------------------
    0005-0005-0005   b        -      -      GE3/1/6      static    3/-

       

  • VLL/PWE3: Layer 2 VPN forwarding is performed for incoming packets. The ingress searches the L2VPN forwarding table and finds the matching control word, outbound interface information, and LSP token.

The ingress performs common processing and uses a switch fabric unit (SFU) to an outbound interface.

The downlink packet forwarding engine (PFE) searches for the next hop label forwarding entry (NHLFE) based on the LSP token. The NHLFE table is used to guide MPLS forwarding.

NHLFE:
LSR Type         : Ingress
Tunnel id        : 0x2000001
Out interface    : GigabitEthernet1/0/0
Nexthop          : 10.0.0.1
Out label        : 4096
Label operation  : PUSH

 

The NHLFE entry contains an inner label value, an outer label value, a label operation type, an outbound name, and a next-hop IP address.

The ingress performs common downlink processing.

The outbound interface module encapsulates the recently processed information into the packet. The module pushes two labels into the packet. The S field value in the inner label is 1, indicating the stack bottom label. The S field value in the outer label is 0. If VLL or PWE3 is used, the module determines whether to add a control word between the inner label and payload based on the control word before encapsulating data link layer information. If the Ethernet type is used at the data link layer, the Eth-Type field value is 0x8847. The module forwards the packet to a physical interface card (PIC), and the PIC converts the packet into electrical or optical signals and forwarding them.

Processing on a Transit LSR

Packets in MPLS L3VPN, VPLS, VLL, and PWE3 scenarios are processed in the same way on a transit LSR.

56fcc0a6b43e1.png

  1. The transit LSR parses the received packet and finds its protocol type is MPLS. The transit LSR uses the stack top label to look for a match in the incoming label mapping (ILM) table and obtain an entry that contains the tunnel ID and outbound interface information. The outbound interface information contains the target blade (TB) and target port (TP).

    If load balancing is used, multiple ILM entries are found. The transit LSR uses a hash algorithm to select one ILM entry. The following figure shows an example of an ILM entry.

    If fast reroute (FRR) is used, the transit LSR determines the active and standby routes based on the LSP status and outbound interface status. If the primary LSP and its outbound interface are working properly, the transit LSR selects the primary LSP. If not, the FRR LSP (backup LSP) is selected.

    ILM:
    In Label          : Ingress
    Swap label        : --
    Load-balance Count: 2
    Tunnel id [0]     : 0x2000002
    Out interface [0] : GigabitEthernet2/0/0
    Nexthop [0]       : 20.2.1.2
    Tunnel id [1]     : 0x2000003
    Out interface [1] : GigabitEthernet2/0/1
    Nexthop [1]       : 20.2.2.2
    Has FRR LSP       : No
    FRR inner label   : --
    FRR tunnel id     : 0
    FRR out interface : no
    FRR nexthop       : no

     

  2. If a trunk interface is used as an outbound interface, the transit LSR uses a trunk hash algorithm to select a trunk member interfaces as the outbound interface.

  3. The transit LSR performs common processing and uses an SFU to forward the packet downstream based on target board information.

  4. The downstream PFE searches for an NHLFE entry based on the tunnel ID and LSP token. The matching NHLFE entry contains outbound interface information, a next-hop IP address, an outgoing label value, and a label operation type. The label operation type is "swap" for a label with value non-3 or "pop" for a label with value 3.

    NHLFE:
    LSR Type         : Transit
    Tunnel id        : 0x2000002
    Out interface    : GigabitEthernet2/0/0
    Nexthop          : 20.2.1.2
    Out label        : 3
    Label operation  : SWAP

     

  5. If the outgoing label value is not 3, the transit LSR swaps the outer incoming label for another outgoing label value, reduces the TTL value by one, and encapsulates data link layer information into the packet. If Ethernet is used at the data link layer, the Eth-Type value is 0x8847. If the outgoing label value is 3 (implicit null label), the transit LSR removes the outer label, sets the MPLS TTL carried in the inner label to the outer MPLS TTL value minus one, and encapsulates data link layer information into the packet.

  6. The transit LSR performs common processing, such as implementing the committed access rate (CAR).

  7. The downlink PFE uses the traffic classification QoS policy to re-set the EXP value in the MPLS header of the packet and checks the packet with the outbound interface. The transit LSR forwards the packet to the PIC, and the PIC converts the packet into electrical or optical signals and forwards them.

Processing on the Egress

56fcc0b3002e5.png

  1. The egress searches the ILM table for an entry matching the outer label in the packet. If the label operation type is "pop" in the entry, the egress removes the label from the packet.

  2. The egress checks the S field in the removed label.

   This is what I want to talk about/share with you today, thank you!

The post is synchronized to: [Amazing Microwaves] How to Maximize Bandwidth of A Packet's Adventures on Huawei NE Routers

Like (6) Dislike (0) Favorite(1) Share Report
Previous: Configuration Video-Configure RRPP
Next: RP-200-55 / ZOOM/TEAMS/WEBEX COMPATIBILITY
(0) (0)
2#
user_2790689
Created Apr 1, 2016 06:09:19

Thank you for sharing.
View more
  • x
  • convention:

EL.BODO
EL.BODO Created Mar 13, 2021 17:45:35 (0) (0)
 
(0) (0)
3#
rusnell
Created May 12, 2016 14:46:51

Thank you very much really appreciate!
View more
  • x
  • convention:

EL.BODO
EL.BODO Created Mar 13, 2021 17:45:46 (0) (0)
 
(0) (0)
4#
juancast
Created Aug 25, 2017 14:35:14

Excellent
View more
  • x
  • convention:

bek7
bek7 Created Mar 7, 2021 20:25:02 (0) (0)
 
(0) (0)
5#
wissal
MVE Created Apr 12, 2018 15:01:37

clear and useful document, thanks
View more
  • x
  • convention:
(0) (0)
6#
faysalji
Author Created Sep 27, 2018 10:41:16

Good [Approaching NE(14)] A Packet‘s Adventures on Huawei Routers - MPLS Forwarding(1-2762917-1
View more
  • x
  • convention:
(0) (0)
7#
Mysterious.color
Created Oct 31, 2018 09:55:39

Thank you very much really appreciate you work
View more
  • x
  • convention:
(0) (0)
8#
VinceD
Created Oct 24, 2020 22:52:36

thanks for sharing
View more
  • x
  • convention:
(0) (0)
9#
Kevin_Thomas
Created Jan 18, 2021 11:26:20

Thanks!
View more
  • x
  • convention:

Kevin_Thomas
Kevin_Thomas Created Jan 18, 2021 11:26:29 (0) (0)
 
(0) (0)
10#
bek7
Created Mar 7, 2021 20:25:15

well described
View more
  • x
  • convention:

bek7
bek7 Created Mar 7, 2021 20:25:32 (0) (0)
 
12
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.