Until recently, it was difficult to envisage that IP-based networking would overtake established connection-orientated technologies like ATM and Frame Relay in the delivery of time-sensitive information. Yet today, Multi protocol label switching (MPLS) is having a major impact for this very reason and is seen as a natural fit for organisations deploying wide area applications in the Internet age.
2. Business Drivers
The primary business drivers for MPLS are the need for convergence and prioritisation as companies strive to lower their latency as more and more of today’s business critical applications help firms achieve a vital competitive edge.
3. What is MPLS?
Multi Protocol Label Switching (MPLS) is an IETF (Internet Engineering Task Force) government approved wide area networking standard created to: -
- Help carriers and large corporates scale their networks as increasingly large routing tables become more complex to manage
- Combine flexible any-to-any communication found on PSTN or Internet with the reliability and security delivered by Private Line, Frame Relay or ATM services
- Offer diferentiated performance levels and prioritisation of delay and non-delay sensitive traffic as well as voice and multimedia applications, all on a single network
- Address traffic management issues by prioritising time sensitive applications
MPLS is available in three types:
1. Layer 2 point to point
2. Layer 3 IP VPN
3. Layer 2 VPLS
4. MPLS Layer 2 Point to Point
Suitable for companies that require high bandwidth between a small number of sites.
Layer 2 point to point is a cost effective way and flexible alternative to high bandwidth leased lines. Many wholesale network operators have based their core network infrastructure on Ethernet and use Layer 2. This type of transport is protocol agnostic and allows anything running over the LAN to be sent over the WAN without having to use routers to convert packets up to Layer 3, the network layer.
Advantages of MPLS Layer 2 point to point: -
- It is no longer necessary to managed complex routing tables.
- Customers save money by terminating their WAN connections straight in to a Layer 2 switch as opposed to buying expensive routers to convert Layer 3 back down to Layer 2.
Disadvantages of MPLS Layer 2 point to point: -
- Providers tend to provide only high bandwidth circuits, i.e 10 Mbps and above
- Point to multipoint is not supported.
5. MPLS Layer 3 IP/VPN
Particularly suitable for large multi-site enterprise, i.e. retail chains, that deploy a large number of low bandwidth sites or large corporates with a offices deployed globally. This type of service is a natural progression away from legacy Frame Relay and ATM services. It is a perfect fit for companies that are: -
- in the process of merging: IP/VPNs are extremely scalable for fast deployment
- require ‘any to any’ connectivity: a shorter hop count between two local sites is more efficient than - ‘tromboning’ back into a central point. This is especially relevant for global networks where latency is increased as packets travel over long geographical distances.
- preparing for voice and data convergence: to implement a blanket ‘class of service’ prioritization based on traffic type is made simple across multi-site networks.
- be migrating from traditional ATM to IP: ATM is extremely expensive to maintain
- be migrating from frame relay to IP due to its inflexible nature and management restrictions.
- have low bandwidth requirements at small branch offices: in the UK sub 2 Mbps circuit delivery is available over Kilostream circuits which a cheaper alternative to Megastream & Ethernet lines.
- Need only a secure dial-up capability in smaller locations
Advantages of MPLS Layer 3 IP/VPNs
- Offers the same service guarantees services as Frame Relay or ATM without requiring the use of any permanent virtual circuits (PVC).
- Supports Class of Service (COS) for traffic type differentiation
Disadvantages of MPLS Layer 3 IP/VPNs
- Layer 3 IP/VPN’s are proprietary; one provider, one network.
- Changes to the network configuration. For example adjusting COS has to be requested and typically takes up to 5 days. Change control is also chargeable.
- Not suitable for small networks; instead of buying one circuit between two points, customers have to buy two circuits to be brought into the private IP/VPN cloud. IP VPN are only cost effective for 5 circuits and above
- If using BT, Internet access circuits have to be purchased separately.
- IP only; other standards cannot be used over the network without conversion to Layer 3.
- MPLS can be expensive as larger carriers charge for prioritizing traffic in their annual cost.
- Change control: carriers usually reserve the right to charge for manual changes to network configuration.
How do MPLS Layer 3 IP/VPNs work?
Instead of having routers at every node or routing point of a network, traffic goes to the edge of a network and each packet has a label. Incoming packets or ingress as they are known are assigned a label by a Label Edge Router (LER). Packets are forwarded along a Label Switch Path (LSP) where each Label Switch Router (LSR) makes forwarding decisions based solely on the contents of the label. At each hop, the LSR strips off the existing label and applies a new label, which tells the next hop how to forward the packet. In this way, a label determines how it will be transported over a network, simplifying the routing problem and giving label switching routers (LSR) high performance.
The labels, which are underlying protocol-specific identifiers, are distributed using Label Distribution Protocol (LDP) or or piggybacked on routing protocols like border gateway protocol (BGP) and OSPF. Each data packet encapsulates and carries the labels during their journey from source to destination. High-speed switching of data is possible because the fixed-length labels are inserted at the very beginning of the packet or cell and can be used by hardware to switch packets quickly between links.
Diagram 1: How MPLS Layer 3 IP/VPN works
Diagram 2: Class of Service bandwidth is prioritised into 6 levels of service. EF is used to carry voice, AF is used to carry priority data, i.e ERP applications such as SAP, Siebel, Citrix, Oracle and video conferencing. DE is used to carry all other data, i.e. email, browsing.
6. MPLS Layer 2 Virtual Private LAN Services (VPLS)
Virtual Private LAN services are growing in popularity for delivering Ethernet services. They combine MPLS and Ethernet allowing both customers and carriers to benefit. For over two decades, Ethernet switching has dominated the local area network while IP routing has dominated the carrier network. IP backbones have been used to provide Internet access and more recently to provide IP VPN access. Corporate VPN services have been typically provided with existing TDM, ATM and Frame Relay Networks. During this period, Ethernet has continued to scale the bandwidth spectrum and with its simplicity and cost effectiveness, it has established itself as the infrastructure of choice in the metro and the WAN. (Resource: vpls.org executive overview).
Otherwise known as transparent Ethernet services, VPLS is a newer protocol that works over MPLS and gives customers a combination of the benefits of the two above network types, i.e. the ability to operate a multipoint network AND pass all traffic at Layer 2 over the WAN. VPLS is popular in cities, such as Hong Kong & London & New York, where metro Ethernet networks have already been deployed. Due to its simplicity, robustness and ability to scale traffic to 10 Gbps, VPLS is popular with TV broadcasters, the financial sector and media houses.
Advantages of MPLS Layer 2 VPLS
- Transparent interface - no router hardware investment required for bandwidth upgrades
- Layer 2 means that traffic is tagged by MAC address as opposed to IP address
- Low latency – switched as opposed to routed
- Plug & Play for ease of deployment: no configuration required for new sites which appear like new devices on a LAN.
- Closed user groups can be established between customers for collaborative working
- QOS/COS costs – Layer 3 IP/VPN carriers charge an on-going fee for higher priority traffic, whereas VPLS providers only charge a one-off set-up fee to configure all levels of prioritisation. See diagram 3.
Diagram 3: VLAN Prioritisation
Disadvantages of Layer 2 VPLS
VPLS has not yet been rolled out globally therefore the “any to any” feature of Layer 3 IP/VPNs is not yet fully functional with a single provider.
7. Comparison of Standards: Layer 2 vs. Layer 3
8. Comparing MPLS with IPSec and SSL VPN’s
There is no single ‘best choice’ when selecting a VPN so companies may use a combination of IP VPN, IPSec and SSL. The main difference being: -
IP Sec tunnels are encrypted over the public internet and stem from a firewall device or software on a router, whereas an MPLS network is inherently private and part of a carrier’s global network.
The public internet does not fall under the control any one provider’s network therefore service level guarantees and prioritisation can only achieved on a best effort basis.
QOS (Quality of Service) or COS (Class of Service)
Service providers will offer an SLA for packet delivery over an MPLS network whereas no-one can control the public internet. VPNs are usually offered by the service provider as a managed service, and originate and terminate in the service provider's MPLS-enabled IP network. IPSec and SSL VPNs are typically managed by the company, and originate and terminate at the CPE. IPSec and SSL-based VPNs are also available as a managed service from certain service providers
Table 1: Comparing MPLS, IPSec and SSL
9. Costs of setting up an MPLS Network
Every MPLS is bespoke and not only do circuit sizes vary but more importantly the traffic prioritised within each circuit is different for every customer.
Typically, the cost of Layer 3 IP/VPNs & Layer 2 VPLS networks is not cost effective for under five circuits as a separate tail circuit has to be acquired at each end. MPLS technology offers similar levels of security and performance as traditional ATM or Frame Relay private networks, but at a fraction of the cost. Similarly, as the intelligence resides in the MPLS network core, there is no need for any expensive VPN appliances to be located on the customer premises. Because MPLS allows service providers to create new virtual private networks without having to install new hardware, it significantly reduces the cost of implementation, which in turn reduces the overall cost.
A 2008 MPLS pricing survey looks at the cost of an MPLS network for 5, 20 and 50 site installations.
10. Considerations when selecting an MPLS service provider
The capabilities of global and regional carriers are very different when considering the implementation of an MPLS network. Global carriers' networks may not have the in-country coverage you require, whereas the regional carrier with good local coverage is unlikely to have international reach. Although 'mix and matching' capabilities of global and regional carriers may seem like the perfect solution, in reality there can be interoperability issues between different MPLS networks.
First of all define the geographical regions you require MPLS coverage. Draw up a list of prospective providers that fit this criteria.
It is worth asking prospective providers the following questions:
- Who owns the backbone?
- Which 3rd party local loop carriers will they be using the 'tail circuits'? Remember, this is where the majority of problems are likely to occur.
- Ask to see a list of references of similar companies that have deployed MPLS.
11. Frequently asked questions
Q: What is Multi-Protocol Label Switching (MPLS)?
A: MPLS is a packet label-based switching technique, which was originally devised to perform fast switching in the core of the network. MPLS proved to have other qualities even more appealing than fast switching. Being a relative simple connection-oriented protocol, it proved to be suitable for implementing traffic engineering and Quality of Service (QoS) Routing in a simpler way than using IP.
Q: What are the main benefits of MPLS?
A: MPLS makes efficient use of bandwidth due to support for Quality of Service. Implementing changes to the network is therefore comparatively straightforward. In addition, MPLS enabled network removes the need for the expensive switches typical of large scale Frame Relay solutions. Multi-Protocol Label Switching or MPLS enables faster deployment, because there is much less need to configure Customer Premise Equipment (CPE) when new sites are brought on-line.
Q: How easy is it to add additional sites to our MPLS network in due course?
A: MPLS is designed with scalability in mind, whether it is Ethernet based or routed over IP, the ability to deploy add sites has never been easier and large complex routing tables no longer need to be managed.
Q: What are the on-goings costs of MPLS?
A: Like any dedicated private network, annual rental costs will always seem high, however the explosion of IP convergence using fibre networks has led to far higher levels of productivity than we have ever seen previously. However, in order to prioritise traffic and reduce interruption to time sensitive applications gives Tier 1 the opportunity to charge for class of service (COS) over global layer 3 MPLS networks and appear as part of the annual rental cost.
Q: What level of in-house expertise do we need to have an MPLS network?
A: MPLS enables customers to outsource the management of their networks so today relatively low numbers of experienced networking expertise is needed, allowing IT departments to focus in-house functions.