MPLS

MPLS aims at combining the switching technique at network layer 2 of labels, with the layer 3 protocols. Nowadays, many backbone networks use MPLS as the switching technology carrying any kind of traffic. MPLS permits performance, thanks to the switching technique very close to what ATM or Frame-Relay was doing a few years ago. Initially, IP networks were carried by MPLS. Today, because any transport over MPLS is possible ( ATOM), it is also used to carry L3VPN and L2VPN traffic.

This chapter aims at explaining how MPLS works, explains the main concepts, and explains the differences with classical routing. Furthermore, there’s added clarification on how labels are allocated among routing services and how to construct an effective operational configuration.

MPLS terminology

It is important to understand the MPLS terminology. In this paragraph we will give the most important concepts.

LSR

Labeled Switch Router. Networking devices handling labels used to forward traffic between and through them.

LER

Labeled Edge Router. A Labeled edge router is located at the edge of an MPLS network, generally between an IP network and an MPLS network.

LFIB

Label Forwarding Information Base (i.e. MPLS table). A data structure in which incoming interface and incoming labels are associated with outgoing interfaces and labels.

label binding

An association between a label and a set of packets, which can be advertised to neighbors so that a label switched path can be established.

FEC

Forwarding Equivalent Class. It is a term used in Multiprotocol Label Switching (MPLS) to describe a set of packets with similar or identical characteristics which may be forwarded the same way; that is, they may be bound to the same MPLS label. In classical IP routing, the FEC choice is usually done according to destination IP address.

MPLS label

The MPLS label is a 4 byte field that contains a 20 bit label value, a 3 bit cos value, an 8 bit ttl value, and 1 BOS bit indicating that the label is the last one of the stack. Actually, MPLS can be stacked (then we could use the term LSP Tunneling or Label Stacking). This BOS information indicates that next payload is not an MPLS packet.

MPLS operations

Here are the operations that are applied coming from A and going to B, through an MPLS network.

Packet will first be sent to a LER that stands for the ingress node.

On classical IP routing using Ethernet as medium, an incoming IP packet will be routed, by using its destination IP address; the FIB is inspected, a nexthop IP is returned if everyting went well; then the MAC information is appended to the packet; source mac address is the mac address of the outgoing interface, while destination mac address will be obtained by using the destination mac address of the resolved nexthop.

On a LER, if the nexthop information is reachable through a MPLS network, an extra information called FEC will be located in the FIB. A Label will be pushed between the IP layer and the MAC layer. This extra relationship is called label binding.

Then, the encapsulated MPLS packet will be sent to the destination mac address indicated by its packet. It is received by an incoming LSR. Here, the LFIB is looked up, based on the incoming MPLS label. LFIB returns a swap operation: the incoming label will be replaced by an outgoing label; the new MPLS packet is being sent to the next hop. Before reaching the final destination, the MPLS label must be popped. This happens if the LFIB indicates to pop the label; for instance, the label is being replaced by an implicit-Null label. Here, the IP packet has reached the egress node.

The whole path between the ingress and the egress node is called the LSP. The incoming label set at the ingress node, will determine the whole path the packet uses to reach the egress node. By setting the appropriate FEC information at the LER, it is possible to apply specific path, depending on the characteristics of the incoming traffic. Note also that because that FEC information can be applied to all kind of traffic, one can have multiple criteria.

Label Distribution

Establishing a LSP requires coordination between all LER and LSR. This is done by distribution protocols. If devices are in the same MPLS domain, the distribution can be done either by LDP or an IGP protocol supporting segment routing. Alternatively, BGP labeled address-family can be used to create an LSP.

See also

Distributing Labels with Segment Routing.

Distributing Labels with LDP.

Distributing Labels with BGP labeled unicast.

Label Stacking

Several services can rely on MPLS framework, and not only IP. One example is L3VPN technology. BGP provides the capability to exchange VPN information, by exchanging labels. Label stacking is then used.

See also

BGP L3VPN.

Label assignments

Label usage in control plane routing services

This section deals with the allocation of MPLS labels by the various routing protocols available on the Virtual Service Router, to populate the LFIB with MPLS entries. The possible label values for MPLS are from 0 to 1,048,575. Each label entry in the LFIB uniquely identifies a next-hop and cannot be shared by different routing protocols simultaneously. The best practices outlined in this section aim to ensure that MPLS labels are not allocated to multiple routing protocols at the same time. It’s important to note that as per RFC 3032, section 2.1, the range from 0 to 15 is either reserved or holds particular importance. Only label values starting with 16 are considered in this section.

Different routing services utilize label values or label chunks in various ways:

• Static label chunks are explicitly defined in the configuration to request specific label values or ranges. For instance, the IS-IS segment-routing service necessitates the configuration of both the SR global block and the SR local block. The user must ensure that the same static label values are not used on different services. To configure static labels in various services, you can refer to the following:

  • IS-IS label block configuration.

  • BGP L3VPN label allocation: the hard-set mode.

  • SRTE binding SID configuration.

  • SRTE triggered policies binding SID range configuration.

• Routing services make dynamic label chunk requests to automatically obtain MPLS label ranges, without the constraints of specific ranges like static label requests. Typically, blocks of 64 or 128 labels are reserved within the label range from 16 to 1,048,575. When a routing protocol runs out of dynamic labels, it reserves a new range. This approach is employed by services like BGP labeled-unicast for route redistribution, and LDP for establishing LSPs. The below-listed services use the dynamic label chunks:

  • LDP configuration.

  • BGP L3VPN label allocation : the automatic mode.

  • BGP Labeled unicast.

To maintain consistency in label value usage, a central instance per VRF, referred to as the label manager, is tasked with overseeing all labels and managing their distribution to control plane routing services. You can inspect the distribution of label chunks by using the show mpls labels command. For instance, the output below shows that the IS-IS routing service employs two label chunks configured by the user. Also, the BGP and LDP services use two dynamic label chunks.

vsr> show mpls labels
prototype reserved labels
========= ===============
bgp       16-127
ldp       128-191
isis      15000-15999, 16000-23999

Label conflicts

When routing services allocate dynamic or static label chunks, overlapping problems can arise. In particular, if a static label chunk is requested in a range already defined for dynamic allocation, it results in a label allocation failure.

For instance, if the user first configures the LDP service, then the L3VPN BGP service with the command l3vpn export label 60, the configuration will be accepted, but will not be operational. The label value 60 can not be assigned to the BGP service because the label chunk from 16 to 79 has already been allocated to LDP.

vsr running config# vrf main routing mpls ldp
vsr running ldp# router-id 192.0.2.1
vsr running ldp# address-family ipv4
vsr running ipv4#! discovery transport-address 192.0.2.1
vsr running ipv4#

vsr> show mpls labels
prototype reserved labels
========= ===============
ldp       16-79

vsr running config# vrf main routing bgp
vsr running bgp#! as 65500
vsr running bgp# router-id 192.0.2.1
vsr running bgp# neighbor 192.0.2.2 remote-as 65500
vsr running bgp# address-family ipv4-unicast
vsr running ipv4-unicast# l3vpn export label 60
vsr running ipv4-unicast# l3vpn export route-distinguisher 65500:1
vsr running ipv4-unicast# l3vpn export route-target 65500:1
vsr running ipv4-unicast#

vsr> show mpls labels
prototype reserved labels
========= ===============
ldp       16-79
vsr> show log service routing
[..]
Oct 11 11:47:27 vsr zebra[163745]: [YMY6E-K9JYD][EC 4043309085] Unable to assign Label Chunk 60 - 60 to bgp instance 0

Configuring BGP first, followed by LDP configuration, would result in a working configuration.

vsr> show mpls labels
prototype reserved labels
========= ===============
bgp       60
ldp       61-124

Unfortunately, this is not a solution: after reboot, LDP may start before BGP, causing the same label allocation failure.

Two best practices are proposed to mitigate those conflicts:

• Usage of L3VPN BGP service static label should be avoided and replaced by automatic dynamic labels. Using the above configuration example, replacing the l3vpn export label 60 command with the l3vpn export label auto command solves the problem.

  vsr running config# vrf main routing bgp
  vsr running bgp#! as 65500
  vsr running bgp# router-id 192.0.2.1
  vsr running bgp# neighbor 192.0.2.2 remote-as 65500
  vsr running bgp# address-family ipv4-unicast
  vsr running ipv4-unicast# l3vpn export label auto
  vsr running ipv4-unicast# /
  vsr running config# vrf main routing mpls ldp
  vsr running ldp# router-id 192.0.2.1
  vsr running ldp# address-family ipv4
  vsr running ipv4#! discovery transport-address 192.0.2.1
  vsr running ipv4#
  

  vsr> show mpls labels
  prototype reserved labels
  ========= ===============
  bgp       80-207
  ldp       16-79
  

• Users must configure static MPLS labels and ranges above the expected maximum value for dynamic labels. Dynamic label values start from label 16. The following default label ranges are suitable in most cases:

  • IS-IS SR local label block : 15000 - 15999

  • IS-IS SR global label block : 16000 - 23999

  • SR-TE triggered policies binding sid range : 24000 - 25999

  For SR-TE binding SID configurations, the static label values selected must start after these ranges (at 26000 with the default ranges).

  However, in some cases, dynamic label values can reach values in excess of 15000 and conflict with static ranges: this is the case for BGP when using a large number of labeled unicast prefixes, or L3VPN configurations having the export label-allocation-mode per-nexthop command, and having multiple L3VRF next-hops.

  When modifying static ranges, the user has to make sure it cannot create conflicts with dynamic labels on the Virtual Service Router.

RFC

RFC 3032:

MPLS Label Stack Encoding