MPLS Basics

One of the great advancements to enhance WAN services is MPLS. Originally, it was created to address the problems on ATM networks and thanks to Cisco and IETF, it has evolved to what it is today.

MPLS (Multiprotocol Label Switching) is a protocol that uses labels for packet switching. MPLS is agnostic of Layer 1 or Layer 2 protocols and can be used on any type of links. It inserts a 32-bit label in between the Layer 2 and Layer 3 headers which dubbed it as a Layer 2.5 protocol. These labels number range is 0-1,048,575. Labels 0-15 for reserved purposes therefore the usuable range is 16-1,048,575. The defaul range in Cisco routers is from 16 - 100,000 which is good enough for big enterprises.

MPLS requires a running IGP routing protocol with a full routing table. CEF must also be enable because FIB (Forwarding Information Base) and adjancency tables are needed to build the
LFIB (Label Forwarding Information Base). FIB is responsible for maintaning the next hops for the routes in the routing table while adjacency table is for the Layer 2 rewrite so that repetitive ARP requests will be avoided.

The process of how MPLS works starts by the routing protocol building the IP routing table. After that, based on the routing table the MPLS enabled router will now build its own mapping between destination ip to a label. Thirdly, using LDP (Label Distribution Protocol) the LSR's (Label Switch Routers or simply MPLS-enabled routers) in an MPLS networks share their assigned labels. Lastly, the LSR's build the LIB (Label Information Base), LFIB, and FIB based on the labels they received.

How to Configure MPLS in a Cisco Router

We have below a simple diagram of the network that will be used for this example. We will focus on the basics of configuration, some show commands and some "what if" scenarios.

Diagram:



Dynamips Configuration


autostart = true

ghostios = true
sparsemem = true
# MPLS Basics

[localhost]

[[7200]]
image = \Program Files\Dynamips\images\c7200-jk9o3s-mz.124-7a.bin
npe = npe-400
ram = 160

[[ROUTER R1]]
Se1/0 = R2 Se1/0
Se1/1 = R3 Se1/0

[[ROUTER R2]]
Se1/1 = R3 Se1/1

[[ROUTER R3]]

Basic Configurations


Start dynamips and apply the basic configuration below needed for this example. Just copy and paste everything below and it should be good.


R1
!
interface Serial1/0
ip address 192.168.12.1 255.255.255.0
no shut
!
interface Serial1/1
ip address 192.168.13.1 255.255.255.0
no shut

!
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0

R2
!
interface Serial1/0
ip address 192.168.12.2 255.255.255.0
no shut
!
interface Serial1/1
ip address 192.168.23.2 255.255.255.0
no shut
!
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0

R3
!
interface Serial1/0
ip address 192.168.13.3 255.255.255.0
no shut
!
interface Serial1/1
ip address 192.168.23.3 255.255.255.0
no shut
!
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0

Enabling MPLS


Once you have done this the OSPF adjacencies should be up and running. Now what we need to do is apply the necessary MPLS command to enable MPLS on network.


R1(config)#int se1/0
R1(config-if)#mpls ip
R1(config-if)#int se1/1
R1(config-if)#mpls ip

R2(config)#int se1/0
R2(config-if)#mpls ip
R2(config-if)#int se1/1
R2(config-if)#mpls ip

R3(config)#int se1/0
R3(config-if)#mpls ip
R3(config-if)#int se1/1
R3(config-if)#mpls ip


Once you have applied the single command "mpls ip" on the both sides of the link, an LDP adjacency will be formed and will display a log shown below:


*Feb 21 04:15:51.811: %SYS-5-CONFIG_I: Configured from console by console
*Feb 21 04:15:52.135: %LDP-5-NBRCHG: LDP Neighbor 192.168.13.1:0 (2) is UP


This means that MPLS is enabled on both sides and the neighbors are exchanging label information. The LFIB, FIB and LIB are created after the neighborships are formed.

Verifying MPLS Interfaces

Inorder to get which interfaces are mpls enabled the command "show mpls interfaces" is used. Operational state is "Yes" if the command "mpls ip" is enabled on the interface.


R3#sh mpls interfaces
Interface IP Tunnel Operational
Serial1/0 Yes (ldp) No Yes
Serial1/1 Yes (ldp) No Yes



Verifying LDP Neighbors


To know the LDP neighbors use "show mpls ldp neighbors". This will show the neighbors ID which is based on the highest ip address of the mpls enable interface., the LDP neighborship uptime, which interface it was discovered and the ip addresses of the MPLS enabled interfaces. Like OSPF, LDP's election of the ID is first chosen the highest ip address of the loopback interfaces and then the physical interfaces.




R3#sh mpls ldp neigh
Peer LDP Ident: 192.168.23.2:0; Local LDP Ident 192.168.23.3:0
TCP connection: 192.168.23.2.646 - 192.168.23.3.46832
State: Oper; Msgs sent/rcvd: 18/18; Downstream
Up time: 00:10:59
LDP discovery sources:
Serial1/1, Src IP addr: 192.168.23.2
Addresses bound to peer LDP Ident:
192.168.12.2 192.168.23.2
Peer LDP Ident: 192.168.13.1:0; Local LDP Ident 192.168.23.3:0
TCP connection: 192.168.13.1.646 - 192.168.23.3.26398
State: Oper; Msgs sent/rcvd: 6/6; Downstream
Up time: 00:00:39
LDP discovery sources:
Serial1/0, Src IP addr: 192.168.13.1
Addresses bound to peer LDP Ident:
192.168.12.1 192.168.13.1



Let's configure loopbacks for R1, R2 and R3. Using 1.1.1.1, 2.2.2.2 and 3.3.3.3 respectively and lets see what happends to the Peer LDP Ident.


R1#config t
R1(config)#int lo0
R1(config-if)#ip address 1.1.1.1 255.255.255.255

R2#config t
R2(config)#int lo0
R2(config-if)#ip address 2.2.2.2 255.255.255.255

R3#config t
R3(config)#int lo0
R3(config-if)#ip address 3.3.3.3 255.255.255.255


After configuring, lets first clear the ospf process on the routers. Use the "clear ip ospf process" and "clear mpls ldp neigbor" in enable mode. For some reason in Dynamips, there are no changes to the LDP ident and the OSPF router id, so its advisable to remove the OSPF process first and disabling first MPLS on the interfaces then renabling OSPF and MPLS. Now lets see what happens to the LDP Ident.


R1#sh mpls ldp neigh
Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 192.168.13.1:0
TCP connection: 2.2.2.2.646 - 192.168.13.1.17752
State: Oper; Msgs sent/rcvd: 15/15; Downstream
Up time: 00:05:24
LDP discovery sources:
Serial1/0, Src IP addr: 192.168.12.2
Addresses bound to peer LDP Ident:
192.168.12.2 192.168.23.2 2.2.2.2
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 192.168.13.1:0
TCP connection: 3.3.3.3.646 - 192.168.13.1.19721
State: Oper; Msgs sent/rcvd: 14/14; Downstream
Up time: 00:05:22
LDP discovery sources:
Serial1/1, Src IP addr: 192.168.13.3
Addresses bound to peer LDP Ident:
192.168.13.3 192.168.23.3 3.3.3.3


It's now taking the loopback ip address as the Local Ident which proves that MPLS LDP chooses the ID like how OSPF does. You can manually force the LDP id by the command "mpls ldp router-id loopback0 force" so it will take the ip address of the interfaces as its ID. In this example we us the loopback0 with is already the default ID.

MPLS Labels


Let's take a look on how MPLS labels destination IP addresses. I mentioned at the beginning that MPLS creates a label for certain destination ip addresses in the routing table. When the labels are done, it propagates the information to its neighbors so they will know what label they should put on the packet for the sending router. An analogy in the real world, we can compare this to snail mail processing. The address on the letter is the IP address and the Zip code is the Label. The central post office knows where to send the letter, by just looking at the zip code. They don't need to read the whole address. Once the letter has been sent to the local post office, its the time they read the whole address. The local post office is like the PE (Provider Edge) routers. This will be discussed in the next post.

To show the MPLS labels and how their neighbors identify the route with their own labels use the "show mpls ldp bindings" command.


R1#sh mpls ldp binding
tib entry: 1.1.1.1/32, rev 4
local binding: tag: imp-null
remote binding: tsr: 2.2.2.2:0, tag: 19
remote binding: tsr: 3.3.3.3:0, tag: 20
tib entry: 2.2.2.2/32, rev 8
local binding: tag: 19
remote binding: tsr: 2.2.2.2:0, tag: imp-null
remote binding: tsr: 3.3.3.3:0, tag: 21
tib entry: 3.3.3.3/32, rev 10
local binding: tag: 20
remote binding: tsr: 2.2.2.2:0, tag: 21
remote binding: tsr: 3.3.3.3:0, tag: imp-null
tib entry: 192.168.12.0/24, rev 2
local binding: tag: imp-null
remote binding: tsr: 2.2.2.2:0, tag: imp-null
remote binding: tsr: 3.3.3.3:0, tag: 19
tib entry: 192.168.13.0/24, rev 6
local binding: tag: imp-null
remote binding: tsr: 2.2.2.2:0, tag: 20
remote binding: tsr: 3.3.3.3:0, tag: imp-null
tib entry: 192.168.23.0/24, rev 12
local binding: tag: 21
remote binding: tsr: 2.2.2.2:0, tag: imp-null
remote binding: tsr: 3.3.3.3:0, tag: imp-null

Check out the first entry mark in red. The TIB is also equivalent to LIB. Tag Information Base was its old name when Label Switching was then called Tag Switching. 1.1.1.1 is the ip address entry. Local binding means what tag the router will put for the packet to destination 1.1.1.1 based on the LIB it generated. In this case we see it as imp-null meaning it will not put because this is a locally originated. Remote Binding means, the label the LDP neighbor router assigned to this subnet. TSR (Tag Switching Router) 2.2.2.2 which is router R2 assigns a label of 19 as identifier to this subnet and 3.3.3.3 which is router R3 assigns label 20 to this.

Let's take a look at the 2nd entry. For 2.2.2.2, R1 has a tag of 19 to identify this subnet but R2 has imp-null because this originates from R2. Routes originated locally to the router are never label. R3 identifies this as label 21.

MPLS LFIB

MPLS enabled routers don't label the packets before sending based on their LIB but based on the LIB's of their neighbors learned through LDP. They label it this way so that when the packet reaches their neighbor, the neighbor knows exactly this label is for and how to forward it because this label information is from the router itself. Take a look at the example below. I'll shut the link from R1 to R3 so the pacdkets destined for R3 will pass through R2. Lets also compare the LFIB before and after the shutting of links.

Before shut


After Shut



Observe the prefix 3.3.3.3, when R1 and R3 where directly connected before I shut down the link, the Outgoing tag or VC is Pop tag. This means that if R1 receives a packet destined for R3, it "pops" or removes the label and doesn't swap any label because in the LIB of R3, 3.3.3.3 has an implicit-null. After the link has been shut down, the Outgoing tag or VC now is 21. This literally means that R1 must swap a label of 21 to packets destined for 3.3.3.3. R2 in its LIB has 21 for 3.3.3.3. R2 to R3, should never be labeled because 3.3.3.3 originates from R3. Let's check the traceroute below for more proof.


R1#traceroute 3.3.3.3

Type escape sequence to abort.
Tracing the route to 3.3.3.3

1 192.168.12.2 [MPLS: Label 21 Exp 0] 88 msec 56 msec 60 msec
2 192.168.23.3 140 msec 76 msec *


The first hop is from R1 to R2. You can see clearly that it labeled 21. The 2nd hop did not display any labels.

Verifying and Configuring Label Range

A simple command to verify the label assignment range is "show mpls label range". The range of labels can also be set to your liking by using "mpls label range minrange maxrange" command.


R1#show mpls label range
Downstream Generic label region: Min/Max label: 16/100000
R1(config)#mpls label ?
protocol Set platform default label distribution protocol
range Label range

R1(config)#mpls label range ?
<16-1048575> Minimum label value

R1(config)#mpls label range 100 500000 static 50 70
% Label range changes will take effect at the next reload.


In the example above, we set the range to 100 minimum and 500000 for the maximum. I saved the config and restarted the router. The changes reflect right away when R1 fully restarted. It's local bindings now start from 100.


R1#sh mpls ldp bind
tib entry: 1.1.1.1/32, rev 4
local binding: tag: imp-null
remote binding: tsr: 2.2.2.2:0, tag: 19
tib entry: 2.2.2.2/32, rev 6
local binding: tag: 100
remote binding: tsr: 2.2.2.2:0, tag: imp-null
tib entry: 3.3.3.3/32, rev 8
local binding: tag: 101
remote binding: tsr: 2.2.2.2:0, tag: 21
tib entry: 192.168.12.0/24, rev 2
local binding: tag: imp-null
remote binding: tsr: 2.2.2.2:0, tag: imp-null
tib entry: 192.168.23.0/24, rev 10
local binding: tag: 102
remote binding: tsr: 2.2.2.2:0, tag: imp-null


MPLS Static Bindings

Using the range we configured about for the static bindings, lets configure 3.3.3.3 and statically assign a label of 65.


R1#sh mpls ldp binding
tib entry: 1.1.1.1/32, rev 4
local binding: tag: imp-null
remote binding: tsr: 2.2.2.2:0, tag: 19
tib entry: 2.2.2.2/32, rev 6
local binding: tag: 100
remote binding: tsr: 2.2.2.2:0, tag: imp-null
tib entry: 3.3.3.3/32, rev 12
local binding: tag: 65

------truncated---------------


So that concludes the MPLS Basics. Cheers!

Comments

15 Responses to "MPLS Basics"

Anonymous said... February 22, 2009 at 3:52 AM

Thx a lot masta~

Keep on posting...it helps me bits by bits..

~ aca ~

Anonymous said... March 16, 2009 at 6:36 AM

Hi Dreamer,

I am having a problem with class based tunnel selection.

i configured 3 tunnels and assigned exp values per tunnel but all traffic is flowing through the same tunnel for some reason.

for simplicity i am posting the configuration from ce and pe routers;

upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CE1
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
ip source-route
ip cef
!
!
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
!
!
class-map match-any ef
match packet length min 900 max 1000
class-map match-any af12
match packet length min 1300 max 1400
class-map match-any af13
match packet length min 1500 max 1600
class-map match-any af11
match packet length min 1100 max 1200
!
!
policy-map input
class ef
set ip dscp ef
class af11
set ip dscp af11
class af12
set ip dscp af12
class af13
set ip dscp af13
!
!
!
!
!
interface Loopback0
ip address 10.0.0.7 255.255.255.255
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!
interface FastEthernet1/0
description Connection to Client1
bandwidth 5000
ip address 192.168.153.1 255.255.255.0
duplex auto
speed auto
service-policy input input
!
interface FastEthernet1/1
description Connection to LER_PE1
bandwidth 5000
ip address 10.0.7.1 255.255.255.0
duplex auto
speed auto
!
router ospf 100
log-adjacency-changes
network 10.0.0.0 0.0.0.255 area 0
network 10.0.7.0 0.0.0.255 area 0
network 192.168.153.0 0.0.0.255 area 0
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
logging alarm informational
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
end


!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname LER_PE1
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
no logging console
!
no aaa new-model
ip source-route
ip cef
!
!
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
mpls traffic-eng tunnels
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
!
!
class-map match-all mpls-af11
match dscp af11
class-map match-all mpls-af13
match dscp af13
class-map match-all mpls-af12
match dscp af12
class-map match-all mpls-ef
match dscp ef
class-map match-all mpls-exp
!
!
policy-map mpls-exp
class mpls-ef
set mpls experimental topmost 5
class mpls-af11
set mpls experimental topmost 4
class mpls-af12
set mpls experimental topmost 3
class mpls-af13
set mpls experimental topmost 2
!
!
!
!
!
interface Loopback0
ip address 10.0.0.1 255.255.255.255
!
interface Tunnel4
ip unnumbered Loopback0
tunnel destination 10.0.0.5
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng priority 2 2
tunnel mpls traffic-eng bandwidth 512
tunnel mpls traffic-eng path-option 1 dynamic
tunnel mpls traffic-eng exp 4
no routing dynamic
!
interface Tunnel5
ip unnumbered Loopback0
tunnel destination 10.0.0.5
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng priority 1 1
tunnel mpls traffic-eng bandwidth 1024
tunnel mpls traffic-eng path-option 1 dynamic
tunnel mpls traffic-eng exp 5
no routing dynamic
!
interface Tunnel32
ip unnumbered Loopback0
tunnel destination 10.0.0.5
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng priority 3 3
tunnel mpls traffic-eng bandwidth 512
tunnel mpls traffic-eng path-option 1 dynamic
tunnel mpls traffic-eng exp 1 2 3 6 7
no routing dynamic
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!
interface FastEthernet1/0
description Connection to LSR_P1
bandwidth 2048
ip address 10.0.3.1 255.255.255.0
duplex auto
speed auto
mpls ip
ip rsvp bandwidth 2048 2048
!
interface FastEthernet1/1
description Connection to LSR_P2
bandwidth 512
ip address 10.0.2.1 255.255.255.0
duplex auto
speed auto
mpls traffic-eng tunnels
mpls ip
ip rsvp bandwidth 512 512
!
interface FastEthernet2/0
description Connection to LSR_P3
bandwidth 1024
ip address 10.0.1.1 255.255.255.0
duplex auto
speed auto
mpls traffic-eng tunnels
mpls ip
ip rsvp bandwidth 1024 1024
!
interface FastEthernet2/1
description Connection to Client1
bandwidth 5000
ip address 10.0.7.2 255.255.255.0
duplex auto
speed auto
mpls ip
service-policy input mpls-exp
!
router ospf 100
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
log-adjacency-changes
network 10.0.0.0 0.0.0.255 area 0
network 10.0.1.0 0.0.0.255 area 0
network 10.0.2.0 0.0.0.255 area 0
network 10.0.3.0 0.0.0.255 area 0
network 10.0.7.0 0.0.0.255 area 0
network 192.168.153.0 0.0.0.255 area 0
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
logging alarm informational
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
end

as you can see i have used policies to map traffic using packet size to dscp and dscp to mpls exp.


any help will be greatly appreciated.

Regards,
Munder

Utku said... February 18, 2010 at 2:21 AM

thanks. it helped in a way. cheers,

VEnkat said... March 12, 2010 at 2:29 PM

Do we need to reload the router for "mpls label range" to take effect?

Anonymous said... August 31, 2011 at 3:50 PM

Hey

Great post!!!!

Pls upload a post on labels. How and when different labels are imposed, when to use them.
imp null, exp null, etc

Anonymous said... November 19, 2011 at 10:18 AM

Dear All,

It's great to mpls, do someone have any more topology.

thanks,
bunth

Anonymous said... January 18, 2012 at 7:54 AM

Nice one! It helps. Thanks.

Rahul Kaleeckal said... March 6, 2012 at 4:03 PM

Thanks a lot...

Anonymous said... June 19, 2012 at 3:01 AM

Realy great effort to expain mpls thanks

phyo phyohein said... March 1, 2013 at 1:27 PM

Nice job. It is very good for first learners of MPLS.

One thing is left. " ip cef" must be enabled to work MPLS. But most of the ios has been enabled by default. No need to enable manually in some ios.

Arif Malik said... April 8, 2013 at 12:16 AM

very good stuff...... From where I will get CCNA-SP material???

Anonymous said... May 1, 2013 at 7:12 PM

Thank you so much for your post....

vivek raj said... June 16, 2013 at 7:50 PM

helpfull....

Anonymous said... July 17, 2013 at 4:00 AM

Seriously, these blogs rock. MANY, MANY MANY thanks to the author.

Ismael said... February 26, 2014 at 11:12 AM

Hi,

I may need of your recommendations,

Let say I have this coming project,
multi-site branches connected to a single site hub.

What are the considerations?,

the only goal is inter-connecting the branches accessible to the main HQ.

Post a Comment

Certifications

Certifications

The Dreamer

A fun loving person who enjoys learning new things. Currently working as a Network Engineer supporting the global network of a Fortune 500 company. This blog serves as my notes for the labs I created for my CCIE journey. I can guarantee there are errors in my posts. If you spot them, please let me know.

Join my Facebook Page I WANT TO BE A CCIE

Donate to the Cause

My aim is to create materials for free and possibly a free lab. If you wish to help out, please send any amount. Thanks.

Join my Bandwagon

Blogs that I Read