Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
857
Views
0
Helpful
4
Replies

MPLS inner label. MP-iBGP intra-AS

a.collaro
Level 1
Level 1

‎06-03-2020 06:25 AM

Hello everybody.

 

I would ask you to help me to better understand the need of a inner label for vpnv4 mp-bgp nlri.

For the IGP NH PE egress router, we use the outer LDP label.

 

However with the RT extended community, the PE-Egress Router know in which VRF put the RD:IPV4 address.

So, in a simple lab layout, with all PE in the same AS, why we need a inner vpv4 label?

Thanks a lot.

 

Americo

Labels:
0 Helpful
4 Replies 4

Harold Ritter
Cisco Employee
Cisco Employee

‎06-03-2020 07:07 AM

Hi,

 

However with the RT extended community, the PE-Egress Router know in which VRF put the RD:IPV4 address.

 

The RT is not inserted in the packets being forwarded. The inner label (service label) is used to forward the packets to the right egress interface or perform the lookup in the proper VRF routing table on the egress PE. 

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

loris.marcellini
Level 1
Level 1

‎06-03-2020 07:09 AM - edited ‎06-03-2020 07:12 AM

Hey there, great question :)

 

Outer labels are used for transport, they're mapped to /32 loopback addresses and are swapped throughout the MPLS core, but you already know this.

 

Inner labels are exchanged via MP-BGP between PEs. In a MPLS L3VPN design, the PEs have VRFs configured for each customer. However, more customers (CEs) can fall into the same VRF and in general despite having a RD (that that makes the IPv4 address unique and represents the VPNv4 address) and RTs (that are used to  regulate the import/export of VPNv4 routes), a PE needs an identifier to know where the traffic should be routed to once ready to be shipped to the customer.

As an example: if CUST_A behind the remote PE A wants to reach CUST_A behind PE B, uses the label received from the other PE via MP-BGP as inner label and the one received from the core (assigned and exchanged using LDP) to reach the remote PE on its loopback :) The P routers in the core swap the outer label and pop it at the penultimate hop (PHP). The remote PE (attached to destination CE) probably has the route to the destination (it previously imported it thanks to matching import/export RTs at MP-BGP exchange time) and is able to forward the traffic towards the right CE based on the VPN label.

 

Hope this helps, L.

0 Helpful

a.collaro
Level 1
Level 1
In response to loris.marcellini

‎06-03-2020 07:30 AM

Hello Loris, Hello Harold.

 

Thanks a lot for your reply.

So it's true that with update packet the PE exchange the RT associated to the MP_NLRI attributes.

But however (I miss it), in the packet forwarding there isn't the RT attributes and the PE egress router need to know in some way where route (Forward toward which CE) the mpls payload.

So it need to know in which VRF put the payload and toward wich CE forward the packet.

 

Thanks once again

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to a.collaro

‎06-05-2020 06:49 AM

Hello Americo,

as explained by Harold and Loris the inner or VPN MPLS label is needed in the MPLS forwarding plane:

a) it provides a key to search fist in the MPLS forwarding table and later in  the correct CEF entry to select the right VRF, right CE and right PE-CE link to send out the IPv4 packet.

b) without the inner label a PE could not support overlapping IP subnets in different VRFs. In this case of overlapping IP subnets in different VRFs learned by different CE routers the MP BGP allocates a different VPN label to each VPNv4 instance. The egress PE when receiving the MPLS frames with the inner label can make the right choice.

The VPN label is sent in MP BGP af VPNv4 with the VPNv4 prefix to signal what is the inner label to be used when sending traffic back to the MP BGP originator of the advertisement.

 

MPLS services use this concept of label stack with the inner label used to describe the service itself and what actions have to be done.

For example an EoMPLS pseudowire uses a two label stack and the VC label allows the receiving PE to understand what actions have to be done on the MPLS frame received with the VC label (PHP applies here too). In this case it would be a simple L2 forwarding of the carried ethernet frame to be sent out the access link to an OSI L2 CE device.

 

In a node the MPLS label space is unique and if label 1500 is used by MP BGP it cannot be reused by another protocol.

This ensures that there are no conflicts between the different protocols that can allocate MPLS labels ( LDP. MP BGP, RSVP TE).

The label value is unique for each service and identifies it.

 

Hope to help

Giuseppe

 

0 Helpful
Customers Also Viewed These Support Documents