DOCSLIB.ORG

Implementing Trust-To-Trust with Customer Edge Switching

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Implementing Trust-To-Trust with Customer Edge Switching Implementing Trust-to-Trust with Customer Edge Switching Raimo A. Kantola, Member, IEEE, Department of Communications and Networking Aalto University Helsinki, Finland [email protected] for the duration of a session. Abstract — A Network Address Translator allows hosts in a The UNSAF architecture requires a STUN client in the private address space to communicate with servers in the pub- hosts and STUN servers to be deployed in the global net- lic Internet. There is no accepted solution for an arbitrary host work but it leaves the NATs themselves as they are. UNSAF from the public IP network to initiate communication with a uses IP addresses for identification. It clutters applications host in a private address space although attempts have been made to create one. This paper proposes the replace NATs with code that has nothing to do with the task of the with a more comprehensive concept we call Customer Edge application. It scales poorly particularly for mobile hosts. It Switching (CES). Customer edge switching assumes connection does not help in deploying servers in private address space state on the trust boundary between the user and the core net- and thus hampers the user innovation potential. works. The connection state is managed by implicit signaling. An application on a user device such as a mobile termi- The state gives means for the private network operator to ap- nal that wants to be reachable needs to maintain a NAT ply elaborate access control to packet flows arriving from the Internet to the private network. CES is a way of moving from mapping by a keep-alive mechanism that wakes the device the end-to-end principle to the trust-to-trust principle advo- at regular intervals and keeps the NAT state alive. If the cated by Dave Clark. NAT applies the most typical policy of address and port dependent filtering, each application on the device needs to Keywords — Network Address Translator, NAT traversal, send its own keep-alives. For being able to use a single trust, user identity. mapping in the NAT, UNSAF proposes to deploy a network based TURN server for relaying all traffic to and from the host leading to high cost. I. INTRODUCTION Examples of applications that users may want to activate For a long time, the Internet community could not make on their mobiles are voice over IP clients, www-servers and up its mind on the issue of end-to-end or accepting the use mobile peer to peer applications. If even one such applica- of middle boxes such as NATs. The latter were adopted by tion is activated, it drains the mobile’s battery quickly. An the industry because they met a need of extending the IP example how the keep-alive process has been optimized is address space by private addressing and hiding customer by implementing SIP registrations on a preprocessor rather networks from the Internet. IETF took a long time to recog- than the main processor on a Nokia mobile phone. When nize NATs and started to explore how to traverse NATs first used this helped to increase battery lifetime from a few only after peer-to-peer applications had started making fun hours to less than 24h. of doing so. Compare this to the location update process for circuit Now, after the first failed attempt by IETF, there is a switched telephony on mobiles. For CS telephony the mo- new description of NAT behavior and the IETF has gone on bile usually stays reachable for several days without the to create recommendations on how to actually traverse need of recharging the battery. The difference in battery NATs [1]. The result is the Unilateral Self Address Fixing lifetime can be explained by the difference in complexity. It architecture (UNSAF). The architecture consists of the is not feasible to burn on a small piece of silicon all the STUN protocol for spying what the NAT is doing between keep-alive functions required by all applications for packet the user’s device and the global Internet and solution docu- switched services in mobile devices. Due to simplicity and ments such as Interactive Connectivity Establishment (ICE) uniformity of the CS architecture, reachability of the mobile and SIP Outbound that describe how to make use of STUN at all times is efficiently implemented by the location update in particular kinds of applications. The architecture assumes and paging process and their synchronization with the sleep- that applications will want to exchange information about wake-up cycle of the mobile. In case of circuit switched the IP addresses and ports NATs have assigned for the user mobile services, reachability is a low level function upon which an application like telephony can rely. In case of packet access to mobiles, reachability is a matter for each work and thus protect it from attacks. We believe that it is as application. important to address this need as it is to traverse the NAT. The purpose of this paper is to propose an architecture that makes hosts in private address space reachable globally. III. REQUIREMENTS The architecture does not require any keep-alive signaling Let us set the requirement that a host having a private nor registrations from a host. This is optimal for a mobile address can send messages to hosts that also are in their own host that sleeps most of the time for battery saving while private address spaces. Examples where this can apply are wishing to stay reachable and while there is no useful appli- hosts with private IPv4 addresses and hosts with 802.1 cation activity. MAC addresses that also are not globally unique. Moreover, The rest of the paper is organized as follows. Section II the solution should assume that the hosts are mobile and discusses related work. Section III sets the requirements. To may roam foreign networks. Let us formulate this idea of set the stage for the solution, Section IV discusses the dif- communication using private addresses into a clear princi- ference between routing and switching. The solution is de- ple. The principle is that a private network shall not publish scribed in Section V. The issues of deployment are ad- any routing addresses to the public domain and equally, the dressed in Section VI, Section VII compares our proposal public domain shall not publish its addresses to private with an IETF endorsed protocol and finally Section VIII networks. The purpose for the restrictions is enhancing trust. concludes. We illustrate this in Figure 1. Each domain in Figure 1 has an independent address II. RELATED WORK space and is protected by a trust boundary against inbound NAT traversal has been studied by other researchers. traffic. Most recently Miyazaki [2, 3] has explored some new solu- The solution shall not require any keep-alive signaling tions. We summarize the proposed solutions in Table 1. from a host. It makes user devices reachable by default due to network capabilities. It is preferable that all those net- TABLE 1: NAT TRAVERSAL INITIATED BY A GLOBAL NODE work capabilities reside in regular network nodes rather than Changes required in in any add-on servers. Naturally, the host needs to keep Solution GN PN NAT Other some level of attachment to the network using a layer 2 STUN No Yes No STUN Server protocol. The minimum is that the host can be found using AVES No No Yes Waypoint Server paging like in the case of incoming CS telephone calls. Syn- DNS chronizing the network attach –process with the sleep-wake- NAT-f Yes No Yes DDNS up cycle of the mobile will be a responsibility of the lower P2P/UDP Yes Yes No Master Server layer design. Extended No Yes Yes RSA-IP Server It is desirable that the solution does not introduce any RSIP DDNS new protocols for global reachability. It should rather re-use DPRP No Yes Yes existing protocols possibly with new data types. The solu- NATS No Yes Yes NTS Server tion may define new functions. It is undesirable that the GN – Global Node/host, PN – Node in a Private Network, NAT – solution requires changes in hosts because there are too Network Address Translator many of them. A perfect solution is such that if a stake- holder invests into it, it can immediately benefit irrespective Many solutions take the attitude that hosts must adapt to of what the other stakeholders are doing. work with NATs possibly with the help from some servers. On an incoming packet from the global network not A typical solution introduces switching state in a server and belonging to an existing session or flow, the private network some explicit signaling for maintaining that state. Switching shall have reasonable means of making the decision takes place on the IP layer. Several of the solutions suffer from additional configuration information that needs to be maintained. Originator Public Service domain Target IETF is working on the Locator/ID Separation Protocol trust boundaries [10] for the purpose of tackling the scaling issues in the current Internet. We will compare our solution to LISP in Figure 1: Communication across trust boundaries Section VII. All the research papers that we have been able to find whether the packet is legitimate or not. The private network concentrate on the technical problem of traversing a NAT should be offered a range of tools for helping to make that box. We argue that this misses an important point. A private decision. Collectively, these tools can be called packet ac- network administrator has a legitimate need to hide its net- cess control (PAC). We assume that the core network can be based on IPv4, created the mapping entry, it modifies the packet and sets an IPv6 or 802.1 and its variants such as 802.1ah.
Load more

Recommended publications
  • DSL-Based Access Solutions Thomas Martin Session SPL-211
    SPL_211 © 2001, Cisco Systems, Inc. All rights reserved. 1 Design Principles for DSL-Based Access Solutions Thomas Martin Session SPL-211 SPL_211 © 2001, Cisco Systems, Inc. All rights reserved. 3 Agenda • Digital Subscriber Line Technologies • Subscriber Connection Models • Reaching the Services • Case Studies • Summary, Question and Answer SPL_211 © 2001, Cisco Systems, Inc. All rights reserved. 4 What is Digital Subscriber Line (DSL)? End-User DSL E’net ATM Value-Added Copper Loop Packet Network DSL DSL “Modem” “Modem” • DSL is a pair of “modems” on either end of a copper wire pair • DSL converts ordinary phone lines into high-speed data conduits • Like dial, cable, wireless, and E1, DSL by itself is a transmission technology, not a complete end-to-end solution • End-users don’t buy DSL, they buy services such as high-speed Internet access, intranet, leased-line, voice, VPN, and video on demand SPL_211 © 2001, Cisco Systems, Inc. All rights reserved. 5 DSL Modem Technology DSLDSL ServiceService Max.Max. DataData RateRate AnalogAnalog VoiceVoice Max.Max. ReachReach Down/UplinkDown/Uplink (bps)(bps) SupportSupport (km-feet)(km-feet) Residential VDSL–Very 25M/1.6M25M/1.6M YesYes .9–3,000.9–3,000 High Bit Rate oror 8M/8M8M/8M SOHO ADSL–Asymmetric 8M/1M8M/1M YesYes 5.5–18,0005.5–18,000 G.SHDSL 2.3M/2.3M.2.3M/2.3M. NoNo 8.15–26,0008.15–26,000 Business • Trade-off is reach vs. Bandwidth • Reach numbers imply “clean copper” • Different layer 1 transmission technologies, need a common upper protocol layer to tie them together SPL_211 © 2001, Cisco Systems, Inc.
    [Show full text]
  • Best Practices for Deploying Ipv6 Over Broadband Access
    WHITE PAPER Best Practices for Deploying IPv6 over Broadband Access www.ixiacom.com 915-0123-01 Rev. D, January 2016 2 Table of Contents Introduction ................................................................................................. 4 IPv6 Solutions for Broadband Access......................................................... 4 Translation ................................................................................................... 5 Tunneling ..................................................................................................... 5 Dual-Stack Lite (DS-Lite) ............................................................................ 5 IPv6 Rapid Deployment (6rd) ...................................................................... 6 Dual-Stack ................................................................................................... 8 How Dual-Stack PPP works ....................................................................... 8 Test Requirements ....................................................................................... 9 Testing Tunneling ......................................................................................... 9 Testing Dual-Stack PPP ............................................................................. 11 Conclusion ..................................................................................................12 3 Introduction Service Providers: The IPv6 Bell Tolls for Thee! After more than a decade of forewarning, the IPv4 to IPv6 transition has
    [Show full text]
  • Qos Support in MPLS Networks
    1 QoS Support in MPLS Networks MPLS/Frame Relay Alliance White Paper May 2003 By: Victoria Fineberg, Consultant [email protected] Abstract MPLS is sometimes used synonymously with QoS, but more accurately, it is a QoS- enabling technology that forces application flows into connection-oriented paths and provides mechanisms for traffic engineering and bandwidth guarantees along these paths. Furthermore, when an MPLS network supports DiffServ, traffic flows can receive class- based admission, differentiated queue servicing in the network nodes, preemption priority, and other network treatment that provide bases for QoS guarantees. The IETF work in this area has been augmented by the MPLS/Frame Relay Alliance Implementation Agreement which extends MPLS to the user-network interface, and thus serves as a foundation for implementing QoS end-to-end. This paper describes various QoS and MPLS mechanisms and analyzes their applicability. 2 Table of Contents 1. Introduction..................................................................................................................3 1.1 QoS Drivers .........................................................................................................3 1.2 Main Definitions ..................................................................................................4 1.3 Necessary Conditions for QoS.............................................................................5 2. Initial QoS and TE Models ..........................................................................................6
    [Show full text]
  • ISP Architecture – MPLS Overview, Design and Implementation for Wisps
    www.iparchitechs.com 1-855-MIKROTI(K) ISP Architecture – MPLS Overview, Design and Implementation for WISPs. KEVIN MYERS, NETWORK ARCHITECT / MANAGING PARTNER MTCINE #1409 MIKROTIK CERTIFIED TRAINER •Kevin Myers, Network Architect • Jackson, Mississippi – United States • 18 + years in IT, Network Architecture and Engineering • Areas of Design Focus: •MikroTik integration with large multi-vendor networks •Design/Implement/Operate BGP/MPLS/OSPF Wireline and WISP service provider networks •Design/Implement/Operate Data Center (Enterprise and Cloud) networks • Certifications • MTCINE #1409 & MikroTik Certified Trainer • MikroTik – MTCWE, MTCUME, MTCRE, MTCTCE, MTCNA • Cisco/Microsoft – CCNP, CCNA, MCP •www.iparchitechs.com •Global Leaders in MikroTik Design and Engineering •#1 ranked MikroTik consulting firm in North America •The most successful MikroTik global integrator – we bill thousands of hours in MikroTik engineering across 6 continents. •The first consulting firm to offer 24/7 MikroTik technical assistance with enterprise level SLAs •Operate at large scale supporting networks with tens of thousands or routers, switches, firewalls, etc •www.iparchitechs.com •Our Services •Global Professional Services – Consulting for Design, Engineering, Integration and Operations •Fully Managed Network Services - per rack unit support for full network management and monitoring •24/7 support contracts per device – support all MikroTik devices with 24/7 TAC support and 4 hour SLAs. • MultiLingual Support in: English, Français, Polski, Español MPLS – What is it? • Theory: Briefly introduce the MPLS protocol and how it works in conjunction with existing L2/L3 networks • Design: Discuss an MPLS architecture and preparing your WISP for implementing MPLS. • Business Justification: Identify the business and financial use case for implementing MPLS in a WISP.
    [Show full text]
  • Ipv6 in Broadband Networks MR-244
    IPv6 in Broadband Networks MR-244 January 2011 Agenda 1. Introduction to the Broadband Forum 2. Business drivers for IPv6 and IPv4 exhaustion 3. Key IPv6 attributes and deployment challenges 4. IPv6 strategies for broadband access to support Internet access and new services 5. Summary 2 IPv6 in Broadband Networks Tutorial Contributors Christophe Alter – France Telecom Salman Asadullah – Cisco David Allan – Ericsson Michel Borgne – France Telecom Dave Christophe – Alcatel-Lucent Guillaume Gottardi – Cisco Michael Hanrahan – Huawei Christian Jacquenet – France Telecom David Kessens – NSN Suresh Krishnan – Ericsson Roberta Maglione – Telecom Italia Drew Rexrode – Verizon 3 We are the Broadband Forum http://www.broadband-forum.org The Broadband Forum is the central organization driving broadband solutions and empowering converged packet networks worldwide to better meet the needs of vendors, service providers and their customers. We develop multi-service broadband packet networking specifications addressing interoperability, architecture and management. Our work enables home, business and converged broadband services, encompassing customer, access and backbone networks. 4 The BroadbandSuite Goals and Focus The BroadbandSuite is broken down into three major domains: BroadbandManagement – Goal – enhance network management capabilities and enable an intelligent, programmable control layer that unifies diverse networks – Focus - empower service providers to deliver and efficiently maintain personalized services that enhance the
    [Show full text]
  • The Role of Emerging Broadband Technologies on the Converged
    The Role of Emerging Broadband Technologies on the Converged Packet-Based Network Introduction The vision of network convergence toward a consolidated packet-based network has been discussed for years, though it is still not a reality. Currently, there are numerous overlay networks such as IP, ATM, FR, Ethernet, SONET, DWDM and wireless for different services. The evolution pace toward convergence has been slow due to economic, technical and regulatory issues. However, the fact is that data traffic volume is now surpassing voice traffic volume. Traditional TDM voice traffic is moving to IP packets and TDM private line is moving to Ethernet private line. The wave of broadband applications such as Internet access, VOD, and IPTV create high bandwidth requirements for the network. These applications are packet-based, but have a much lower margin of profit for the service providers when compared to traditional voice service. Today’s overlay and traditional circuit-based infrastructure will become less optimal for the new packet-based services as the profit margin decreases. Most of the wireless networks in North America today are still circuit-based because most of the current wireless service is still voice-based. However, with emerging wireless access technologies such as WiMAX and Wi-Fi, more broadband wireless data and video services can be deployed. As a result, the wireless core network evolves toward a packet-based network. Service offerings drive network evolution. As more packet-based broadband services are launched and bundled together in service offerings, service providers start to add more packet-aware features into their current network components.
    [Show full text]
  • Service Provider Ipv6 Deployment BRKSPG-3300
    Service Provider IPv6 Deployment BRKSPG-3300 Amarjit Gahir – Solutions Architect BRKSPG-3300 Prerequisites: Session Abstract • This session focuses on SP IPv6 deployment techniques in core networks which will help network designers and administrators understand IPv6 operation and implementation options for native IPv4 and MPLS core environments. This session will also shed light on IPv6 Multihoming, addressing and Cisco Carrier- Grade IPv6 (CGv6) Solution considerations in core networks. • Attendee must have a solid foundation of IPv6 basics (Protocol, Addressing, Routing), MPLS and Multicast. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 2 Agenda • SP IPv6 Integration Strategy • IPv6 in Core Networks and Deployment Models • IPv6 Addressing Considerations • IPv6 Multi-homing Considerations • Carrier-Grade IPv6 Solution – CGv6 • Conclusion Growing Internet Challenge & Evolution Moving from 1 to 2 to 3 to 1 ….. Public Public IPv4 IPv4 Public IPv6 IPv4 Private IPv6 Private IPv4 IPv4 • 2012: Mandates take effect – GlobAlization - WorldIPv6LAunch - Massive Mobile deployment. Transition to IPv6 forces Services & Applications running over IPv6 customers to acquire product or managed services to sustain business and IPv4/IPv6 Coexistence Infrastructure customer reach IPv6 Internet • 2015: IPv6 is mAinstreAm Customers without transition Preserve IPv4 infrastructure experience v4 run out reduced service levels, diminished customer reach 2012 2015 2020+ © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public IPv4 Runout RIR Projected RemAining ExhAustion Addresses in Date RIR Pool (/8s) APNIC 19-Apr-2011 0.6079 (actual) RIPE NCC 14-Sep-2012 0.9394 (actual) LACNIC 10-Jun-2014 0.1067 (actual) ARIN 24 Sep-2015 (actual) AFRINIC 11-Jan-2019 1.6947 5 © 2017 Cisco and/or its affiliates.
    [Show full text]
  • VPLS: the Switched Ethernet
    VPLS: The Switched Ethernet Executive Summary VPLS is becoming a popular networking option. Its inherent Ethernet any-to-any connectivity model makes VPLS a popular choice for enterprises adding or deleting sites. Existing Ethernet users may have a simple implementation by modifying existing Ethernet equipment, which will also scale easily to meet future bandwidth needs. Although it has many advantages, VPLS may not be right for every business. This paper explains VPLS and discusses when it is a good networking solution. VPLS: The Switched Ethernet __________________________________________________________________________________________________________________ 2 VPLS, or Virtual Private LAN Service, is a widely used term in today’s bottom half of the Data Link Layer. The Data Link Layer uses Media networking environment. Often referred to as “the network of the Access Control (MAC) Addresses to identify endpoints and it formats future”, VPLS seems to be evolving into the next “in” technology. When data in frames (see Figure 1). discussing the topic, it is important to understand the user’s definition. Ethernet can use either layer 2 or layer 3 services to create a Virtual Private LAN or Line? networking solution providing high-bandwidth connectivity between Although it is growing in popularity today, in fact, VPLS has been locations within a metropolitan area, between two cities or across a available for some time and care should be taken to understand how WAN. Ethernet can be implemented either as an access method to a the term is defined. Some believe VPLS stands for Virtual Private Line layer 3 technology, or as a point-to-point, point-to-multi-point or any- Service, and may consider it to be any long-haul service.
    [Show full text]
  • Configuring RSVP
    Configuring RSVP First Published: March 20, 2006 Last Updated: November 17, 2010 This chapter describes the tasks for configuring the Resource Reservation Protocol (RSVP) feature, which is an IP service that allows end systems or hosts on either side of a router network to establish a reserved-bandwidth path between them to predetermine and ensure Quality of Service (QoS) for their data transmission. Finding Feature Information Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the “Feature Information for Configuring RSVP” section on page 34. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required. Contents • Prerequisites for Configuring RSVP, page 2 • Restrictions for Configuring RSVP, page 2 • Information About Configuring RSVP, page 2 • How to Configure RSVP, page 11 • Configuration Examples for Configuring RSVP, page 24 • Additional References, page 32 • Feature Information for Configuring RSVP, page 34 Americas Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA Configuring RSVP Prerequisites for Configuring RSVP Prerequisites for Configuring RSVP RSVP is disabled by default to allow backward compatibility with systems that do not implement RSVP. You must enable RSVP before you make any other RSVP configurations.
    [Show full text]
  • ETSI White Paper on Ipv6 Best Practices, Benefits, Transition
    ETSI White Paper No. 35 IPv6 Best Practices, Benefits, Transition Challenges and the Way Forward First edition – August 2020 ISBN No. 979-10-92620-31-1 ETSI 06921 Sophia Antipolis CEDEX, France Tel +33 4 92 94 42 00 [email protected] www.etsi.org Contributing organizations and authors CAICT Zhiruo Liu China Telecom Chongfeng Xie, Cong Li Cisco Patrick Wetterwald, Pascal Thubert, Francois Clad Hewlett-Packard Enterprise Yanick Pouffary Huawei Giuseppe Fioccola, Xipeng Xiao, Georgios Karagiannis, Shucheng(Will) Liu KPN Eduard Metz Luxembourg University Latif Ladid PT Telecom Jose Cananao, Jose Palma Post Luxembourg Sébastien Lourdez Telefonica Luis M. Contreras IPv6 Best Practices, Benefits, Transition Challenges and the Way Forward 2 Contents Contributing organizations and authors 2 Contents 3 Executive Summary 6 1 Background 8 1.1 Why should IPv6 become a priority again? 8 1.2 Goals of this White Paper 9 2 IPv6 progress in the last 5 years 10 2.1 Devices supporting IPv6 10 2.2 Content (web sites, cloud services) supporting IPv6 11 2.3 Networks supporting IPv6 12 2.4 Number of IPv6 users 12 2.5 Amount of IPv6 traffic 13 2.6 IPv6 standardization progress 14 3 IPv6 service design for Mobile, Fixed broadband and enterprises 14 3.1 IPv6 transition solutions from operator perspective 15 3.1.1 For IPv6 introduction 16 3.1.2 For IPv6-only service delivery 17 3.2 IPv6 prefix and address assignment at the CPEs 22 3.2.1 For MBB UEs 23 3.2.2 For FBB RGs 23 3.2.3 For Enterprise CPEs 23 3.3 IPv6 Packet Transport 24 3.4 IPv6 deployment inside enterprise
    [Show full text]
  • Vlans Feature Overview and Configuration Guide
    TechnicalTTechnicalechnical GuideGuidGuidee Virtual LANs (VLANs) Feature Overview and Configuration Guide VLAN Introduction This guide describes Virtual LANs (VLANs), VLAN features and configuration on the switch. It begins with a description of what a VLAN is, its evolution and purpose, and also provides the meaning of some common VLAN terminology. This is followed with a detailed look at VLAN implementation. Port-based VLAN membership is the most common way to split a network into sets of virtual LANs. We look at how this is achieved using the VLAN tagging. The use of double-tagging (or VLAN stacking) to tunnel VLANs across Layer 2 networks is described, and an example is provided for the configuration of VLAN stacking. Next we discuss private VLANs and the communication rules that limit what is possible between devices operating within the VLAN. AlliedWare Plus™ has two private VLAN solutions: private VLANs for ports in Access Mode private VLANs for ports in Trunked Mode Configuration examples are provided for both of these solutions. Then, we look at combining private VLANs with other features, such as: EPSR, ARP, LLDP, GVRP, Link aggregation, and management servers. The guide ends with a section on configuring protocol based VLANs and then describes how data counters are used to count both the number of received frames or the number of received bytes (octets) belonging to a particular VLAN. C613-22001-00 x REV C alliedtelesis.com Products and software version that apply to this guide This guide applies to all AlliedWare Plus™ products, running version 5.4.4 or later. However, not all features in this guide are supported on all products.
    [Show full text]
  • Introduction to MPLS
    Introduction to MPLS Steve Smith Systems Engineer 2003 Technical Symposium © 2003, Cisco Systems, Inc. All rights reserved. 1 Agenda • Background • Technology Basics What is MPLS? Where Is it Used? • Label Distribution in MPLS Networks LDP, RSVP, BGP • Building MPLS Based Services VPNs AToM Traffic Engineering • Configurations Configuring MPLS, LDP, TE • Summary RST-1061 8216_05_2003_c1 © 2003, Cisco Systems, Inc. All rights reserved. 2 Background 2003 Technical Symposium © 1999, Cisco Systems,© 2003, Inc. Cisco Systems, Inc. All rights reserved. 3 Terminology • Acronyms PE—provider edge router P—Provider core router CE—Customer Edge router (also referred to as CPE) ASBR—Autonomous System Boundary Router RR—Route Reflector • TE—Traffic Engineering TE Head end—Router that initiates a TE tunnel TE Midpoint—Router where the TE Tunnel transits • VPN—Collection of sites that share common policies • AToM—Any Transport over MPLS Commonly known scheme for building layer 2 circuits over MPLS Attachment Circuit—Layer 2 circuit between PE and CE Emulated circuit—Pseudowire between PEs RST-1061 8216_05_2003_c1 © 2003, Cisco Systems, Inc. All rights reserved. 4 Evolution of MPLS • From Tag Switching • Proposed in IETF—Later combined with other proposals from IBM (ARIS), Toshiba (CSR) Cisco Calls a MPLS Croup Cisco Ships Traffic Engineering BOF at IETF to Formally Chartered MPLS TE Deployed Standardize by IETF Tag Switching Cisco Ships MPLS VPN Large Scale MPLS (Tag Deployed Deployment Switching) 1996 1997 1998 1999 2000 2001 Time RST-1061 8216_05_2003_c1
    [Show full text]