Saturday, October 15, 2011

Building a private cloud using MPLS and selective tag switching


To support virtualization requirements, it may be necessary to create a private cloud within the enterprise. MPLS is a proven technology to extend virtualization across WAN networks. Most existing network equipment can be enabled for MPLS, thus allowing an enterprise to gain significant new capabilities without the expense of equipment and facility cost.

To transition an existing production network into one that is MPLS enabled, a detailed design is required to select and place key infrastructure elements such as P, PE, and CE routers. Given that existing production traffic may already be routed by these devices, it is often desirable to leave that untouched.

Selective tag switching allows certain VPN traffic to be label switched by the MPLS network, while the other traffic continues to be routed.

 IP address planning is a critical prerequisite to enable selective tag switching. It is highly desirable to place MPLS infrastructure and the new private cloud extensions in a new and distinctive IP address block.

On the P router, private cloud traffic can be identified by PE router loopback addresses, here using 10.88.0.0/24 as an example
access-list 88 permit 10.88.0.0 0.0.0.255

By default, label switching is applied to all traffic. Therefore it is important to reverse that behavior, and turn on label switching for the target traffic identified by access list.
no mpls ldp advertise-labels
mpls ldp advertise-labels for 88

As a result, only MPLS VPN traffic will be tag switched, while existing traffic shows “untagged”
P-router#sh mpls forward
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
tag    tag or VC   or Tunnel Id      switched   interface
16     Untagged    10.99.0.120/30   0          Fa0/0      10.99.32.206
17     Untagged    10.99.32.232/30  0          Fa0/0      10.99.32.206
18     Untagged    10.99.248.13/32  0          Fa0/0      10.99.32.206
19     Untagged    10.99.32.220/30  0          Fa1/0      10.99.32.214
20     Untagged    10.99.248.7/32   0          Fa1/0      10.99.32.214
21     Pop tag     10.88.0.160/30   0          Fa0/0      10.99.32.206
22     Pop tag     10.88.0.192/30   0          Fa1/0      10.99.32.214
23     Pop tag     10.88.0.1/32     544932     Et3/0      10.88.0.129
24     21          10.88.0.3/32     399694     Fa0/0      10.99.32.206
25     21          10.88.0.5/32     416019     Fa1/0      10.99.32.214
26     Pop tag     10.88.0.136/30   0          Et3/0      10.88.0.129
27     Pop tag     10.88.0.144/30   0          Et3/0      10.88.0.129
28     22          10.88.0.168/30   0          Fa0/0      10.99.32.206
29     Pop tag     10.88.0.172/30   0          Fa0/0      10.99.32.206
...

 “traceroute” also provides an excellent tool to demonstrate if a packet is routed or tag switched throughout a network.
Posted by at
Labels: , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)