ip over mpls.pdf

7/29/2019 IP over MPLS.pdf

1/47

IP over MPLS

Overview

This module focuses on the IP QoS mechanisms available in combination with

Multiprotocol Label Switching (MPLS).

Objectives

Upon completion of this module, you will be able to perform the following tasks:

n Describe and configure QoS Mechanisms in Frame-mode MPLS networks

n Describe and configure QoS Mechanisms in Cell-mode MPLS networks


2/47

23-2 World Wide Training Word Templates v1 Copyright 1999, Cisco Systems, Inc.

MPLS Introduction

Objectives

Upon completion of this lesson, you will be able to perform the following tasks:

n Describe basic features of MPLS

n Describe Frame-mode MPLS

n Describe Cell-mode MPLS


3/47

Copyright 1999, Cisco Systems, Inc. Release Date: 2/1/99 23-3

2001, Cisco Systems, Inc. IP QoS IP over MPLS

Basic MPLS ConceptsBasic MPLS Concepts

Multi-protocol Label Switching (MPLS) is anew forwarding mechanism in which packets

are forwarded based on labels

Labels may correspond to IP destinationnetworks (equal to traditional IP forwarding)

Labels can also correspond to otherparameters (QoS, source address, ...)

MPLS was designed to support forwarding ofother protocols as well

Multi-protocol Label Switching (MPLS) is a switching mechanism that uses labels

(numbers) to forward packets.

Labels usually correspond to layer-3 destination addresses (equal to destination-

based routing). Labels can also correspond to other parameters (QoS, source

address, etc.).

MPLS was designed to support other protocols as well. Label switching is

performed regardless of the layer-3 protocol.


4/47



MPLS ExampleMPLS Example

Only edge routers must perform a routinglookup.

Core routers switch packets based on simplelabel lookups and swap labels.

L=5

L=3

10.1.1.110.1.1.1

Routing lookupand

label assignment10.0.0.0/8 L=5

Label

swappingL=5 L=3

Label removaland

routing lookupL=3

The example in the figure illustrates a situation where the intermediary router does

not have to perform a time-consuming routing lookup. Instead this router simply

swaps a label with another label (5 is replaced by 3) and forwards the packet

based on the received label (5).

In larger networks, the result of MPLS labeling is that only the edge routers

perform a routing lookup. All the core routers forward packets based on the labels.


5/47



MPLS vs. IP-over-ATMMPLS vs. IP-over-ATM

Layer-2 devices are IP-aware and run arouting protocol

There is no need to manually establishvirtual circuits

MPLS provides a virtual full-mesh topology

10.1.1.1L=5L=3

L=1710.1.1.1

Layer-2 devices run alayer3 routing protocol

and establish virtual

circuits dynamically basedon layer3 information

The example in the figure shows how MPLS is used in ATM networks to provide

optimal routing across layer-2 ATM switches. In order for MPLS to work with

ATM switches, the switches must be layer-3 aware (ATM switches must run a

layer-3 routing protocol).

Another benefit of this setup is that there is no longer a need to manually establish

virtual circuits. ATM switches automatically create a full mesh of virtual circuits

based on layer-3 routing information.


6/47



Traffic Engineering with MPLSTraffic Engineering with MPLS

Traffic can be forwarded based on otherparameters (QoS, source, ...)

Load sharing across unequal paths can be

achieved

SecondaryOC48 link

Large site A

Large site B

Small site C

PrimaryOC192 link

MPLS also supports traffic engineering. Traffic engineered tunnels can be created

based on a traffic analysis to provide load balancing across unequal paths.

Multiple traffic engineering tunnels can lead to the same destination but can use

different paths. Traditional IP forwarding would force all traffic to use the same

path based on the destination-based forwarding decision. Traffic engineering

determines the path at the source based on additional parameters (available

resources and constraints in the network).


7/47



MPLS ArchitectureMPLS Architecture

MPLS has two major components:

Control plane exchanges layer-3 routing information andlabels

Data plane forwards packets based on labels

Control plane contains complex mechanisms toexchange routing information (OSPF, EIGRP, IS-IS,BGP,...) and labels (TDP, LDP, BGP, RSVP, ...)

Control plane maintains the contents of the labelswitching table (label forwarding information base orLFIB)

Data plane has a simple forwarding engine

To better understand the inner workings of MPLS, its two major components

should be clarified:

n Control plane, which takes care of the routing information exchange and the

label exchange between adjacent devices

n Data plane, which takes care of forwarding either based on destination

addresses or labels.

There is a large number of different routing protocols such as OSPF, IGRP,

EIGRP, IS-IS, RIP, BGP, etc. that can be used in the control plane.

The control plane also requires protocols such as TDP (MPLS), LDP (MPLS),

BGP (MPLS/VPNs), RSVP (Traffic Engineering), CR-LDP (Traffic

Engineering), etc. to exchange labels.

The data plane however, is a simple label-based forwarding engine that is

independent of the type of routing protocol or label exchange protocol. A Label

Forwarding Information Base (LFIB) is used to forward packets based on labels.

The LFIB table is populated by the control plane.


8/47



MPLS ArchitectureMPLS Architecture

Routers functionality is divided into twomajor parts: control plane and data plane

Data plane

Control plane

OSPF: 10.0.0.0/8

LDP: 10.0.0.0/8

Label 17

OSPF

LDP

LFIB

LDP: 10.0.0.0/8

Label 4

OSPF: 10.0.0.0/8

417

Labeled packet

Label 4

Labeled packet

Label 17

A simple MPLS-enabled network implements destination-based forwarding that

uses labels to make forwarding decisions.

A layer-3 routing protocol is still needed to propagate layer-3 routing information.

A label exchange mechanism is simply an add-on to propagate labels that are used

for layer-3 destinations.

The example in the figure illustrates the two components of the control plane:

n OSPF that receives and forwards IP network 10.0.0.0/8, and places that prefix

into the routing table.

n LDP that receives label 17 to be used for packets with a destination address

10.x.x.x. A local label 4 is generated and sent to upstream neighbors so these

neighbors can label packets with the appropriate label. LDP inserts an entry

into the Data Planes LFIB table where label 4 is mapped to label 17.

The data plane then forwards all packets with label 4 through the appropriate

interfaces and replaces the label with label 17.


9/47



MPLS Modes of OperationMPLS Modes of Operation

MPLS technology is designed to be Layer-1and Layer-2 independent

MPLS uses a 32-bit label field which isinserted between Layer-2 and Layer-3headers (frame mode)

MPLS over ATM uses the ATM header as thelabel (cell mode)

MPLS is designed for use on virtually any media and layer-2 encapsulation. Most

layer-2 encapsulations are frame-based and MPLS simply inserts a 32-bit label

between the layer-2 and layer-3 headers (frame-mode MPLS).

ATM is a special case where fixed-length cells are used and a label cannot be

inserted on every cell. MPLS uses the VPI/VCI fields in the ATM header as a

label (cell-mode MPLS).


10/47



Label FormatLabel Format

MPLS uses a 32-bit label field thatcontains the following information:

20-bit label

3-bit experimental field

1-bit bottom-of-stack indicator

8-bit time-to-live field (TTL)

LABEL EXP S TTL

0 19 22 23 3120 24

A 32-bit label contains the following fields:

n 20-bit label: the actual label

n 3-bit experimental field: used to define a class of service (i.e. IP precedence)

n Bottom-of-stack bit: MPLS allows multiple labels to be inserted; this bit is used

to determine if this is the last label in the packet

n 8-bit time-to-live (TTL) field: has the same purpose as the TTL field in the IP

header


11/47



Frame Mode MPLSFrame Mode MPLS

Frame

headerIP header Payload

Layer 2 Layer 3

Frame

headerLabel IP header Payload

Layer 2 Layer 2 Layer 3

Routinglookup and

labelassignment

The example in the figure shows an edge router that receives a normal IP packet.

The router then performs the following actions:

n A routing lookup to determine the outgoing interface

n A label is assigned and inserted between layer-2 frame header and layer-3

packet header if the outgoing interface is enabled for MPLS and a next-hop

label for the destination exists

n The labeled packet is sent

Other routers in the core simply forward the packet based on the label.


12/47



Cell mode MPLSCell mode MPLS

Frame

headerIP header Payload

Layer 2 Layer 3

Frame



AAL5



ATMheader

Cell 1

PayloadATM

headerCell 2

VPI/VCI fields areused for label

switching

Cell-mode MPLS uses the ATM headers VPI/VCI fields to make forwarding

decisions while the 32-bit label is still preserved in the frame but not used in the

ATM network. The original label is only present in the first cell of a packet.


13/47



Label Switch RouterLabel Switch Router

Label Switch Router (LSR) primarily forwards labeledpackets (label swapping)

Edge LSR primarily labels IP packets and forwardsthem into the MPLS domain, or removes labels and

forwards IP packets out of the MPLS domain

MPLS Domain

Edge

LSRLSR

10.1.1.1 L=3 L=5

L=43L=3120.1.1.1

10.1.1.1

20.1.1.1

Before proceeding with a detailed description of MPLS, some of the terminology

that is used in this course is presented:

n Label Switch Router (LSR): a device that primarily forwards packets based on

labels.

n Edge LSR: a device that primarily labels packets or removes labels.

LSRs and Edge LSRs are usually devices that are capable of doing both label

switching and IP routing. Their names are based on their position in an MPLS

domain. Routers that have all interfaces enabled for MPLS are called LSRs

because they mostly forward labeled packets. Routers that have some interfaces

that are not enabled for MPLS are usually at the edge of an MPLS domain

(autonomous system). These routers also forward packets based on IP destination

addresses and label them if the outgoing interface is enabled for MPLS.


14/47



ATM Label Switch RouterATM Label Switch Router

ATM LSR can only forward cells

ATM Edge LSR segments packets into cells andforwards them into an MPLS ATM domain, orreassembles cells into packets and forwards them

out of an MPLS ATM domain

MPLS Domain

ATM

EdgeLSR

ATM

LSR

10.1.1.1 L=1/3

L=1/620.1.1.1

10.1.1.1

20.1.1.1

L=1/3 L=1/3 L=1/5 L=1/5 L=1/5

L=1/6 L=1/6L =1/ 9 L=1/ 9 L=1/9

Label Switch Routers that perform cell-mode MPLS are called:

n ATM LSR if they are ATM switches. All interfaces are enabled for MPLS

and forwarding is done based only on labels.

n ATM Edge LSR if they are routers connected to an MPLS-enabled ATM

network.


15/47



Architecture of LSRsArchitecture of LSRs

LSRs, regardless of the type, perform thefollowing three functions:

Exchange routing information

Exchange labels

Forward packets (LSRs and edge LSRs) orcells (ATM LSRs and ATM edge LSRs)

The first two functions are part of thecontrol plane

The last function is part of the data plane

LSRs of all types must perform the following functions:

n Exchange layer-3 routing information (ATM LSRs must also exchange layer-3

routing information)

n Exchange labels

n Forward packets or cells

Frame-mode and cell-mode MPLS use a different data plane:

n Frame-mode MPLS forwards packets based on the 32-bit label

n Cell-mode MPLS forwards packets based on labels encoded into the VPI/VCI

fields in the ATM header

The control plane performs the following functions:

n Exchange routing information regardless of the type of LSR;

n Exchange labels according to the type of MPLS (frame-mode or cell-mode);


16/47



Architecture of LSRsArchitecture of LSRs

LSRs primarily forward labeled packetsor cells (ATM LSRs)

LSR

Control plane

Data plane

Routing protocol

Label distribution protocol

Label forwarding table

IP routing table

Exchange of

routing information

Exchange of

labels

Incoming

labeled packets

Outgoing

labeled packets

The primary function of an LSR is to forward labeled packets. Therefore, every

LSR needs a layer-3 routing protocol (OSPF, EIGRP, IS-IS, etc.) and a label

exchange protocol (LDP, TDP, etc.).

The label exchange protocol populates the LFIB table in the data plane that is used

to forward labeled packets.

Note LSRs may not be able to forward unlabeled packets either because they are ATM

LSRs, or they do not have all the routing information.


17/47



Architecture of Edge LSRsArchitecture of Edge LSRs

Note: ATM edge LSRs can only forward cells

Edge LSR

Control plane

Data plane

Routing protocol

Label distribution protocol

Label forwarding table

IP routing table

Exchange of

routing information

Exchange of

labels

Incominglabeled packets

Outgoinglabeled packets

IP forwarding table

IncomingIP packets

OutgoingIP packets

Edge LSRs also forward IP packets based on their IP destination addresses and

optionally label them if a label exists.

The following combinations are possible:

n A received IP packet is forwarded based on the IP destination address and

sent as an IP packet.

n A received IP packet is forwarded based on the IP destination address and

sent as a labeled packet.

n A received labeled packet is forwarded based on the label; the label is changedand the packet is sent.

The following scenarios are possible if the network is misconfigured:

n A received labeled packet is dropped if the label is not found in the LFIB table

even if the IP destination exists in the FIB table.

n A received IP packet is dropped if the destination is not found in the FIB table

even if there is a label-switched path available for the destination.


18/47


Summary

MPLS architecture is divided into two parts:

n Control plane that takes care of routing information and label propagation.

n Data plane that takes care of the forwarding of packets.

MPLS has two modes:

n Frame-mode MPLS that is used on all frame-based media.

n Cell-mode MPLS that is used in MPLS-enabled ATM networks.

MPLS networks use the following devices:

n Label Switch Router (LSR) to forward packets based on a 32-bit label

n Edge LSR to forward labeled packets or label IP packets or remove labels.

n ATM LSRs to forward cells based on labels encoded into the VPI/VCI fields

in the ATM header.

n ATM Edge LSRs that segment labeled or unlabeled packets into ATM cells

where a label is encoded into VPI/VCI fields in the ATM header.

Review Questions

1. What are the main benefits of MPLS?

2. How is an MPLS label encoded into IP packets?

3. How are labels propagated?


19/47


Frame-mode MPLS

Objectives


n Describe the QoS possibilities in networks using Frame-mode MPLS

n Use MQC to implement QoS with Frame-mode MPLS


20/47



MPLS QoSMPLS QoS

MPLS uses labels to make a forwardingdecision

The MPLS label is inserted between Layer-2(frame) and Layer-3 (IP packet) headers

All Layer-3 information becomes invisible torouters in an MPLS domain

Classification in MPLS-enabled networks canbe performed on:

MPLS experimental bits

MPLS labels (future enhancement)

Frame-mode MPLS uses 32-bit labels primarily to make a forwarding decision.

Three bits in the label are used for experimental purposes.

When an IP packet enters an MPLS domain a label is inserted between the frame

and the IP header.

The MPLS experimental bits can be used for classification and marking purposes

when implementing QoS in an MPLS domain.

Future enhancements will allow multiple labels to be used to describe the quality of

service.


21/47



MPLS Label AssignmentMPLS Label Assignment

An MPLS label has a three-bit experimental field

Cisco routers automatically copy IP precedence bitsinto the MPLS experimental bits

The Modular QoS CLI can be used to classify labeledpackets based on their MPLS experimental bits

LABEL IPFrameHeader

Frame

Header

Payload

PayloadIP

IP precedece

MPLS exp

The figure illustrates the default behavior of Cisco routers. IP precedence is

automatically copied from the IP header into MPLS labels experimental bits.

The modular QoS CLI can be used to classify labeled packets based on MPLS

experimental bits as well as mark labeled packets with MPLS experimental-bit

values.


22/47



MPLS-aware QoS MechanismsMPLS-aware QoS Mechanisms

The following QoS mechanisms are MPLS aware:

- Weighted Random Early Detection (WRED): MPLS

experimental bits are used as weight in the same manner asIP precedence

- Committed Access Rate (CAR): marking of MPLSexperimental bits

- Class-Based Policing: marking of MPLS experimental bits

- Class-based Marking: marking of MPLS experimental bits

If classification is performed based on MPLSexperimental bits, other MQC QoS mechanisms canalso be used

The figure lists the QoS mechanisms that can interact with MPLS-specific

information:

n WRED performs random drops based on MPLS experimental values.

n CAR can mark labeled packets with MPLS experimental values. Conforming

and exceeding packets can be marked with different MPLS experimental

values.

n Class-based Policing can mark labeled packets with MPLS experimental

values. Conforming, exceeding and violating packets can be marked with

different MPLS experimental values.

n Class-based Marking can statically mark labeled packets with an MPLS

experimental value.

Other QoS mechanisms (for example: CB-WFQ, CB-LLQ) can be used in

combination with classification that is based on the value of the MPLS

experimental bits.


23/47



Configuring CB-WFQ for MPLSConfiguring CB-WFQ for MPLS

match mpls experimental expmatch mpls experimental exp

Router(config-cmap)#

Classifies packets based on MPLS experimental bitsclass-map match-any Goldmatch ip precedence 3 4

match mpls experimental 3 4!

class-map match-any Silver

match ip precedence 1 2match mpls experimental 1 2

!policy-map IP+MPLS

class Goldbandwidth 3000

class Silver

bandwidth 1000!

Interface Ethernet0/0ip address 10.1.1.1 255.255.255.0

mpls ip

service-policy output IP+MPLS!

class-map match-any Gold

match ip precedence 3 4


class-map match-any Silvermatch ip precedence 1 2


policy-map IP+MPLS

class Goldbandwidth 3000

class Silverbandwidth 1000

!Interface Ethernet0/0

ip address 10.1.1.1 255.255.255.0

mpls ipservice-policy output IP+MPLS

!

Classification based on MPLS experimental bits is performed by using the match

mpls experimental command in the class-map configuration mode. Up to eight

values can be used within one class map.

The sample configuration shows a generic class map using the match-any

classification strategy to classify IP packets and labeled packets with the same IP

precedence or MPLS experimental value.


24/47



CAR DiagramCAR Diagram

MeterMeter

Conforms?Conforms?

Set IP prec?Set IP prec?

Set DSCP?Set DSCP?

Set MPLS exp?Set MPLS exp?

Set QoS grp?Set QoS grp?

Mark?Mark?

Transmit?Transmit?

Conform or exceed

marking value

Set IP PrecedenceSet IP Precedence

Set DSCPSet DSCP

Set MPLS ExperimentalSet MPLS Experimental

Set QoS GroupSet QoS Group

Continue?Continue?

Yes

Yes

No

No

Forward

orEnqueue

Go to

NextCAR command

Marking depends on whether the packet conforms to

orexceeds the policy

Yes

Yes

Yes

Yes

DropDrop

Committed Access Rate (CAR) can be used to differentially mark packets based

on the arrival rate of packets within the selected class. If a packet conforms (is

within contract) it is marked with one value, if it exceeds it is marked with a

different value.

CAR also supports recursive processing of packets. One packet can be processed

by multiple rate-limit commands.


25/47



Configuring CAR for MPLSConfiguring CAR for MPLS

rate-limit {input | output} {access-group rate-limit acl} rate BCBE

conform-act {set-mpls-exp-transmit exp | set-mpls-exp-continue exp}

exceed-act {set-mpls-exp-transmit exp | set-mpls-exp-continue exp}

rate-limit {input | output} {access-group rate-limit acl} rate BCBEconform-act {set-mpls-exp-transmit exp | set-mpls-exp-continue exp}

exceed-act {set-mpls-exp-transmit exp | set-mpls-exp-continue exp}

Router(config-if)#

CAR can mark MPLS packets based on their arrival rate CAR supports recursive processing of rate-limit commands

CAR supports classification based on MPLS experimental bit values byusing rate-limit access list

Both conform and exceed actions support other actions: transmit,

continue, drop, set-prec-transmit, set-prec-continue,

interface Serial0/0

ip address 10.1.1.1 255.255.255.252

rate-limit input 64000 2000 2000 conform set-mpls-exp-tr 5 exceed set-

mpls-exp-tr 0

rate-limit output 64000 2000 2000 conform set-mpls-exp-tr 5 exceed set-

mpls-exp-tr 0

!

interface Serial0/0

ip address 10.1.1.1 255.255.255.252

rate-limit input 64000 2000 2000 conform set-mpls-exp-tr 5 exceed set-

mpls-exp-tr 0

rate-limit output 64000 2000 2000 conform set-mpls-exp-tr 5 exceed set-

mpls-exp-tr 0

!

CAR also supports a special rate-limit access list that can match labeled packets

based on their MPLS experimental values.

The action options include the two that can set MPLS experimental values:

n set-mpls-exp-continue: sets the MPLS experimental bits (0 to 7) and

evaluates the next rate-limit command.

n set-mpls-exp-transmit: set the MPLS experimental bits (0 to 7) and

transmits the packet.


26/47



Configuring CAR for MPLSConfiguring CAR for MPLS

access-list rate-limit acl {exp | mask mask}access-list rate-limit acl {exp | mask mask}

Router(config)#

The acl index must be between 200 and 299 to select the ratelimit access list for MPLS experimental bits

Rate limit access lists can be used to match on one or more

MPLS experimental values

Set one value (exp) to be matched or use the mask option to

match on more values

Each access list can have only one line

interface Serial0/0

rate-limit output access-group rate-limit 200 64000 2000 2000 conform

transmit exceed drop

rate-limit input access-group rate-limit 201 64000 2000 2000 conform set-

mpls-exp-tr 0 exceed set-mpls-exp-tr 0

!

access-list rate-limit 200 2

access-list rate-limit 201 mask FE

!

interface Serial0/0

rate-limit output access-group rate-limit 200 64000 2000 2000 conform

transmit exceed drop

rate-limit input access-group rate-limit 201 64000 2000 2000 conform set-

mpls-exp-tr 0 exceed set-mpls-exp-tr 0

!

access-list rate-limit 200 2

access-list rate-limit 201 mask FE

!

Special rate-limit access lists allow high-performance classification based on the

following parameters:

n IP precedence value if the number of the access list is in the range from 1 to

99

n MAC address if the number of the access list is in the range from 100 to 199

n MPLS experimental bits if the number of the access list is in the range from

200 to 299

A rate limit access list can have only one line. A single MPLS experimental valuecan be matched by setting the exp value. Multiple values can be matched by using

the maskkeyword and applying a mask in hex. This mask is an 8 bit value where

each bit corresponds to one experimental value 0 through 7. The low order bit

corresponds to value 0 and the high-order bit corresponds to value 7. Setting the bit

value to 1 indicates that the corresponding experimental value is a match; setting

the value to 0 indicates that the corresponding value is not a match. A combination

of bits in the mask can be used to match on any number of MPLS experimental

values.

For example, to match an experimental value of 0, the mask would be 01 (0000

0001 binary). To match a value of 5, the mask would be 20 (0010 0000 binary).

The second rate-limit command in the sample configuration above uses the mask

FE (1111 1110 binary) to match all MPLS experimental values except value 0.


27/47



CB-PolicingCB-Policing

CB-Policing is similar to CAR except:

- It uses the Modular QoS CLI for classification

- It supports three different actions (conform,

exceed and violate)

- It does not support recursive processing ofpackets

Class-based Policing is used for the same purpose as CAR. CB-Policing differs

from CAR in the following ways:

n The Modular QoS CLI is used to classify packets.

n It can use two token buckets to determine whether a packet conforms to,

exceeds orviolates the policy.

n It does not support recursive processing of packets (the continue option is not

available).


28/47



Configuring CB-Policing for MPLSConfiguring CB-Policing for MPLS

police avg-rate [BC [BE]] [conform-action [action]

[exceed-action [action] [violate-action [action]]]]

police avg-rate [BC[B

E]] [conform-action [action]

[exceed-action [action] [violate-action [action]]]]

Router(config-pmap-c)#

avg-rate traffic rate in bps (8.000 to 200.000.000)

BC normal burst size dimensions the first token bucket in

bytes (default is 1500 or avg-rate/32; whatever is higher)

BE excess burst size dimensions the second token bucket in

bytes (equals BC if not configured)

action can be:- transmit (default conform action)

- drop (default exceed and violate action)- set-prec-transmit ip-precedence

- set-dscp-transmit dscp

- set-qos-transmit qos-group

- set-mpls-exp-transmitmple-exp

- set frde-transmit

- set-clp-transmit

The figure shows that one of several actions can be used to mark labeled packets

with an MPLS experimental value. Three different values can be used within a

single class depending on whether a packet conforms to, exceeds or violates the

policy.


29/47



CB MarkingCB Marking

Class-based Marking can be used to marklabeled packets by setting the MPLS

experimental bits

MPLS experimental bits can currently only beset on input

DSCP should be translated to IP precedenceprior to entry into an MPLS domain

Class-based Marking can use the classification options available in the Modular

QoS CLI and statically mark classes with the MPLS experimental values.

Implementation limitations should be considered when translating between any pair

of parameters on MPLS domain borders (DSCP to MPLS, IP precedence to

MPLS). MPLS marking is currently only supported on input. Inbound IP packets

can be directly marked with MPLS experimental values. Using the QoS group

parameter is necessary when translating MPLS experimental values back to IP

precedence or DSCP (for example: MPLS to QoS group translation on input and

QoS group to DSCP translation on output). This functionality and these limitations

may change with new IOS versions.


30/47



Configuring MPLS MarkingConfiguring MPLS Marking

set mpls experimental exp-bitsset mpls experimental exp-bits

Router(config-pmap-c)#

Mark labeled packets with the specified value (0 to 7) MPLS marking can only be used on input

policy-map SetMPLS

class Class1 qos-group 1

set mpls experimental 1





!

policy-map SetMPLS







!

Use the set mpls experimental command in the policy-map class configuration

mode to mark inbound packets with MPLS experimental values.

The sample configuration shows how a QoS group parameter can be translated

into MPLS experimental bits.


31/47



MPLS TranslationCase Study

MPLS TranslationCase Study

IP domain is using the DiffServ model:- EF Class Premium

- AF1 Class Gold

- AF2 Class Silver

- Default Best effort class

Translate IP DSCP values to and from MPLSexperimental bits to achieve a similar result in theMPLS domain

MPLS Domain

IP Domain

The QoS design in the case study uses DSCP to mark packets. Four classes must

also be managed in the MPLS domain. A translation between DSCP and MPLS is

needed to implement a similar QoS solution in the MPLS domain.

Although standard DSCP values for AF classes seamlessly map to IP precedence

values for backward compatibility it is sometimes necessary to manually translate

markers between DSCP an IP precedence or DSCP and MPLS. For example:

n A QoS design based on IP precedence is using two IP precedence values to

mark packets belonging to one class:

- Class Premium is marked with IP precedence 5 and is guaranteed

low latency

- Class Gold is using IP precedence 4 for conforming (low-drop)

packets and IP precedence 3 for exceeding (high-drop) packets

- Class Silver is using IP precedence 2 for conforming (low-drop)

packets and IP precedence 1 for exceeding (high-drop) packets

- Best effort traffic is marked with IP precedence 0

n When migrating to DSCP-based implementation it is necessary to still support

the old QoS design until the entire network is migrated to support DSCP.

The case study shows how this translation can be done manually.

If the original IP-precedence-based design did not use multiple IP precedence

values per class there should be no need to configure the translation manually. All

class-maps, however, should include class selectors in their match options to

support backward compatibility with IP precedence:

n Matching packets for AF1 requires af11, af12, af13 and cs1 to be matched


32/47





n Matching packets for EF requires ef and cs5 to be matched

The solution shown on the following pages illustrates how default behavior can be

changed by manually configuring the translation between IP precedence (MPLS

experimental bits) and the DSCP.


33/47



MPLS TranslationCase Study DesignMPLS TranslationCase Study Design

IP DSCP MPLE

experimental

EF 5AF1 low-drop 4AF1 medium-drop 4

AF1 high-drop 3AF2 low-drop 2

AF2 medium -drop 2AF2 high-drop 1

Default 0

MPLS DomainIP Domain

DSCP MPLS exp

IP precedenceQoS group

The figure illustrates how DSCP values should be mapped to IP precedence or

MPLS experimental values. Some information is lost because low-drop and

medium-drop packets of AF1 and AF2 are marked as one low-drop class in the

MPLS domain.

The case study shows how some information about the conforming and exceeding

packets within one class can be retained when entering a non-DSCP part of the

network (either because routers do not support DSCP or because MPLS

experimental bits are used to select Class of Service).

The figure illustrates the translation from three drop probability levels on the DSCPlayer into two drop probability level in the IP precedence (MPLS experimental)

layer. Using this design further limits the network to only use two classes for AF

PHB.


34/47



MPLS TranslationCase Study Implementation



DSCP MPLS exp

IP precedence

class-map EF

match ip dscp ef

class-map AF1LD

match ip dscp af11 af12

class-map AF1HD

match ip dscp af13

!

policy-map DSCP2prec

class EF

set ip precedence 5

class AF1LD

set ip precedence 4

class AF1HD

set ip precedence 3

!

class-map EF

match ip dscp ef

class-map AF1LD

match ip dscp af11 af12

class-map AF1HD

match ip dscp af13

!

policy-map DSCP2prec

class EF

set ip precedence 5

class AF1LD

set ip precedence 4

class AF1HD

set ip precedence 3

!

interface Serial5/1/0

service-policy input DSCP2prec

!


service-policy input DSCP2prec

!

The first part of the configuration shows how DSCP is translated to IP precedence

on ingress into the MPLS network. IP precedence is then automatically copied into

MPLS experimental bits.

The default DSCP value equals the default IP precedence value and does not need

to be translated. The EF class does not need to be translated either because the EF

value (101110) is copied as IP precedence into the MPLS experimental field (101),

which equals 5. The configuration for AF2 is not shown in the figure.


35/47






DSCP MPLS exp

QoS group

class-map match-any MPLS5

match mpls exp 5

match ip precedence 5


match mpls exp 4



match mpls exp 3


!

policy-map MPLS2QoS

class MPLS5

set qos-group 5

class MPLS4

set qos-group 4

class MPLS3

set qos-group 3


match mpls exp 5



match mpls exp 4



match mpls exp 3


!

policy-map MPLS2QoS

class MPLS5

set qos-group 5

class MPLS4

set qos-group 4

class MPLS3

set qos-group 3

class-map QoS5

match qos-group 5

class-map QoS4

match qos-group 4

class-map QoS3

match qos-group 3

!

policy-map QoS2DSCP

class QoS5

set ip dscp ef

class QoS4

set ip dscp af12

class QoS3

set ip dscp af13

!

class-map QoS5

match qos-group 5

class-map QoS4

match qos-group 4

class-map QoS3

match qos-group 3

!

policy-map QoS2DSCP

class QoS5

set ip dscp ef

class QoS4

set ip dscp af12

class QoS3

set ip dscp af13

!


service-policy input MPLS2QoS

!interface Serial5/1/0

service-policy output QoS2DSCP


service-policy input MPLS2QoS!

interface Serial5/1/0service-policy output QoS2DSCP

The remainder of the configuration is used to translate MPLS experimental values

back into DSCP. The class-maps are configured to process IP packets (very likely

due to penultimate hop popping) or labeled packets. Low-drop packets are

translated into medium-drop packets in the DiffServ domain.


36/47


Summary

Frame-mode MPLS allows most IP QoS mechanisms to be used. The three MPLS

experimental bits are used in the same way as IP precedence. IP precedence is

actually copied into MPLS experimental bits.

Review Questions

1. Which MPLS parameter is used for classification and marking?

2. What is the default value of the MPLS experimental bits?

3. Which QoS mechanisms can be used to set MPLS experimental bits?


37/47


Cell-mode MPLS

Objectives


n Describe QoS features available with Cell-mode MPLS

n Implement QoS on interfaces using Cell-mode MPLS


38/47



Cell-mode MPLS QoSCell-mode MPLS QoS

Classes are encoded with MPLSexperimental bits

Cell-mode MPLS uses the VPI/VCI fields aslabels for forwarding

ATM switches are not capable of looking intothe frame-mode label where the experimentalbits are

QoS is implemented using up to four parallelvirtual circuits (label-switched paths)

ATM is a Layer-2 technology that does not use frames to transmit Layer-3

packets. Packets are fragmented into fixed-length cells. Cell-mode MPLS makes

use of the ATM header to encode labels into VPI/VCI fields. These fields are only

used to make a forwarding decision. QoS cannot be achieved using MPLS

experimental bits because:

n They are only propagated in the first cell of a packet.

n ATM switches do not look into the payload of cells.

QoS is therefore achieved using multiple labels (up to four).


39/47



Cell-mode MPLSCell-mode MPLS

IP precedence used in IP domain is automaticallytranslated into MPLS experimental bits

MPLS experimental bits are optionally translated intoup to fourparallel virtual circuits (label-switchedpaths)

Native IP

Frame-mode MPLS

Cell-mode MPLS

The figure illustrates how IP packets can be propagated over a native IP network

(no MPLS and no ATM or with ATM PVCs), a frame-based MPLS network and

a cell-based MPLS network.

QoS is retained when IP packets enter a frame-based MPLS network by copying

the IP precedence bits into MPLS experimental bits.

When labeled packets enter a cell-based MPLS network, QoS is retained by

forwarding the packet through one of four VCs, which are based on the value of

MPLS experimental bits.


40/47



Configuring Multi-VCConfiguring Multi-VC

mpls atm multi-vcmpls atm multi-vc

Router(config-if)#

The command enables Multi-VCoperation of cell-mode MPLS

Eight MPLS experimental values are

mapped to four virtual circuits

The class is determined by the two least

significant MPLS experimental bits

Default mapping is similar to

classification of distributed ToS-based

WFQ

Default mapping can be replaced using

the cos-map command

MPLS exp VC

0 Available1 Standard

2 Premium3 Control

4 Available5 Standard6 Premium

7 Control

Cell-mode MPLS uses one single VC for each IP destination. Use the mpls atm

multi-vc interface command to enable routers to request up to four VCs for each

IP destination. Classification is based on the low-order two bits of the MPLS

experimental field (like ToS-based dWFQ).

The table in the figure shows the default mapping of MPLS values into four VCs:

available, standard, premium and control.

Default mapping can be changed using the mpls cos-map and mpls prefix-map

commands.


41/47



Configuring CoS MappingConfiguring CoS Mapping

mpls cos-map numbermpls cos-map number

Router(config)#

Create a CoS map Allowed values are from 1 to 255

class class {available | control | premium | standard}class class {available | control | premium | standard}

Router(config-mpls-cos-map)#

Assigns a class to one of four virtual circuits

Class values can be in the range from 0 to 3

mpls prefix-mappfmap access-list acl cos-map cos-mapmpls prefix-mappfmap access-list acl cos-map cos-map

Router(config)#

Uses CoS map cos-map for all destinations permitted

by access list acl

A CoS map must be configured to change the default behavior of the translation of

MPLS experimental values into one of four virtual circuits (available, standard,

premium and control).

Classes are identified by the two low-order bits of the MPLS experimental field.

Use the mpls prefix-map command to bind a cos-map to all destinations

permitted by the aclaccess list.

Note Most MPLS-related commands are available with the starting keyword mpls orthe oldertag-switching version. Furthermore, using the mpls keyword results in

the command being automatically translated into the tag-switching version for

compatibility with older IOS versions.


42/47



Configuration ExampleConfiguration Example

tag-switching prefix-map 10 access-list 100 cos-map 10



!tag-switching cos-map 10

class 0 available

class 1 standard

class 2 premium

class 3 control!

interface ATM1/0.1 mpls

ip unnumbered Loopback0

no ip mroute-cache

mpls atm multi-vcmpls ip

!

access-list 100 permit ip 10.0.0.0 0.255.255.255 10.0.0.0

0.255.255.255

tag-switching prefix-map 10 access-list 100 cos-map 10tag-switching prefix-map 11 access-list 101 cos-map 10


!tag-switching cos-map 10

class 0 available

class 1 standardclass 2 premium

class 3 control

!

interface ATM1/0.1 mpls

ip unnumbered Loopback0

no ip mroute-cachempls atm multi-vc

mpls ip

!

access-list 100 permit ip 10.0.0.0 0.255.255.255 10.0.0.0

0.255.255.255

The sample configuration shows that all traffic to network 10.0.0.0/8 uses four

parallel VCs. MPLS experimental bits are mapped using cos-map 10.

Note that only prefix map 10 is properly configured. Prefix map 11 does not have

the corresponding access list and prefix map 21 is missing the CoS map as well.


43/47



Monitoring and TroubleshootingCell-mode MPLS


show mpls cos-map [cos-map]show mpls cos-map [cos-map]

Router#

Lists all configured CoS maps

Router#show mpls cos-map 10

cos-map 10 class tag-VC

3 control

2 premium

1 standard

0 available

Router#

Router#show mpls cos-map 10

cos-map 10 class tag-VC

3 control

2 premium

1 standard

0 available

Router#

Use the show mpls cos-map command to verify the parameters assigned to a

cos-map.


44/47





show mpls prefix-map [prefix-map]show mpls prefix-map [prefix-map]

Router#

Lists all configured prefix maps

Router#show mpls prefix-map

prefix-map 10 access-list 100 cos-map 10


Warning: In prefix-map 11, acl 101 is not configured


Warning: In prefix-map 21, acl 32 and cos-map 34 are not configured

Router#

Router#show mpls prefix-map



Warning: In prefix-map 11, acl 101 is not configured


Warning: In prefix-map 21, acl 32 and cos-map 34 are not configured

Router#

Use the show mpls prefix-map command to display one or all configured prefix

maps with their corresponding access lists and cos-maps.

Using this command helps determine if there is a component missing:

n Access list 101 is not configured for prefix map 11

n Prefix map 21 is missing both the access list and the CoS map


45/47


Summary

Cell-mode MPLS uses up to four virtual circuits to achieve differentiated quality of

service. Packets are classified based on the two low-order bits of the MPLS

experimental field.

Review Questions

1. How is differentiated QoS implemented on MPLS-enabled ATM

interfaces?

2. What information is used for classification in cell-mode MPLS?


46/47


Summary

After completing this module, you should be able to perform the following tasks:

n Describe and configure QoS Mechanisms in Frame-mode MPLS networks

n Describe and configure QoS Mechanisms in Cell-mode MPLS networks


47/47

Review Questions and Answers

MPLS Introduction

Question: What are the main benefits of MPLS?

Answer: Simplified BGP designs, support for MPLS-based VPNs.

Question: How is an MPLS label encoded into IP packets?

Answer: A 32-bit label header is inserted in front of the IP header.

Question: How are labels propagated?

Answer: Labels are propagated between adjacent routers using TDP or LDP.

Frame-mode MPLS

Question: Which MPLS parameter is used for classification and marking?

Answer: The MPLS experimental bits are used to classify and mark labeledpackets.

Question: What is the default value of the MPLS experimental bits?

Answer: Cisco routers copy the IP precedence bits into MPLS experimental

bits.

Question: Which QoS mechanisms can be used to set MPLS experimental bits?

Answer: CAR, Class-based Policing and Class-based Marking.

Cell-mode MPLS

Question: How is differentiated QoS implemented on MPLS-enabled ATM

interfaces?

Answers: By using up to 4 VCs (labels) for each destination.

Question: What information is used for classification in cell-mode MPLS?

Answers: Classification is performed based on the two low-order IP precedence

bits.

ip over mpls.pdf

Documents