MPLS Virtual Private Networks

This chapter is devoted to Virtual Private Networks (VPNs) designed with Multi Protocol Label Switching (MPLS) [14, 15, 1], one of the most elusive protocols of the network stack. Saying that MPLS is “elusive” is not overemphasizing: starting from its arduous fitting within the ISO/OSI protocol stack, continuing with its entangled relationships with several other routing and forwarding protocols (IP, OSPF, MP-BGP, just to name a few), and ending with the complex technicalities involved in its configuration, MPLS defies classifications and challenges easy descriptions. On the other hand, and in a seemingly contradictory way, the configuration of VPNs with MPLS is rather simple and elegant, despite the complexity of the underlying architecture. Also, MPLS flexibility and maintenance ease make it a powerful tool, and account for its ubiquity in Internet Service Providers’ networks. The chapter is organized as follows. Section 1 gives a brief introduction and motivation behind the concept of Virtual Private Network and explains why Layer 3 MPLS VPNs are by far the most popular widespread kind of VPNs deployed today. In Section 2 we introduce the reader to basic concept and terminology about Label Switching (also known as Label Swapping) and Virtual Private Networks. Section 3 gives a high-level step-by-step description of an MPLS VPN. This is based on three main ingredients: an any-to-any IP connectivity inside the network, a signalling mechanism to announce customer IP prefixes, and an encapsulation mechanism, based on MPLS, to transport packets across the network. Section 4 explores in detail the complex interplay between IP and MPLS that is at the basis of MPLS VPNs. More technical details about dynamic routing and connecting to the Internet, advanced usage of routing, and preserving IP-specific per-hop behavior are provided in Section 5. Strengths and limitations of MPLS VPNs are discussed in Section 6. The same section proposes further readings on the subject. The reader who is interested in getting only a high-level understanding on how MPLS VPNs work can read Sections 1, 2, and 3. An indepth view of MPLS VPNs can be gained by reading Sections 4 and 5.