| 리포트 | 기술문서 | 테크-블로그 | 글로벌 블로그 | 원샷 갤러리 | 통신 방송 통계  | 한국 ICT 기업 총람 |

제품 검색

| 네트워크/통신 뉴스 | 기술자료실 | 자유게시판 |  
 
 
섹션 5G 4G LTE C-RAN/Fronthaul Gigabit Internet IPTV/UHD IoT SDN/NFV Wi-Fi Video Streaming KT SK Telecom LG U+ OTT Network Protocol CDN YouTube Data Center
 
스폰서채널 |

 

  스폰서채널 서비스란?
PoC (Proof of Concept) of MPLS VPN
PoC (Proof of Concept) of MPLS VPN
By Netmanias (tech@netmanias.com)
코멘트 (0)
9

Thank you for visiting Netmanias! Please leave your comment if you have a question or suggestion.
Transcript
Netmanias 기술 문서: PoC (Proof of Concept) of MPLS VPN

Contents
목 차
Physical & Logical Topology (including Router configuration)
I.MPLS L3VPN Packet Flow
II.LDP Convergence Test
III.MPLS L2VPN Packet Flow
V.Appendix

2
RSVP Convergence
IV.
Juniper 라우터(M & J series)를 이용하여 MPLS VPN (L3 & L2 VPN) 망을 구성하고, 그 망에서 패킷 전달, 라우팅 정보, Convergence 테스트 등을 통해 MPLS VPN 기본 개념을 이해한다.
목 적

1.1 Physical Topology for MPLS L3VPN PoC
Netmanias 기술 문서: PoC (Proof of Concept) of MPLS VPN

3
사각형.140
PE1.J6300
PE / P router
PE2.J4300
Juniper J6300
PE / P router
Juniper J4300
PE3.J6300
PE / P router
PE4.M5
Juniper J6300
PE / P router
Juniper M5
BR1.C3550
Internet Border router
Cisco 3550
BR2.C3550
Internet Border router
Cisco 3550
CE1.VPN-A
CE1 router for VPN A
Dasan 5124
CE2.VPN-A
CE2 router for VPN A
Dasan 5124
CE3.VPN-A
CE3 router for VPN A
Dasan 5124
CE4.VPN-B
CE4 router for VPN B
Dasan 5124
CE5.VPN-B
CE5 router for VPN B
Dasan 5124
CE6.VPN-B
CE6 router for VPN B
Dasan 5124
L2SW1.V1124
L2 switch
Dasan 1124
L2SW2.V1124
L2 switch
Dasan 1124
L2SW3.V1124
L2 switch
Dasan 1124
NE Info
Sheet.57
Config and route info on L3VPN lab.xls

1.2 Logical Topology for MPLS L3VPN PoC
2.1 MPLS L3VPN Network (Logical Topology)

VPN-A (Full mesh topology)
1) CE1.VPN-A & PE1.J6300  - RD: 1:100  - RT: 1:400  - Routing: eBGP, AS 65530(CE), 65500(PE)
2) CE2.VPN-A & PE3.J6300  - RD: 1:100  - RT: 1:400  - Routing: eBGP, AS 65531(CE), 65500(PE)
3) CE3.VPN-A & PE1.J6300  - RD: 1:100  - RT: 1:400  - Routing: Static

VPN-B (Hub and spoke, CE6.VPN-B is Hub site)
1) CE4.VPN-B & PE1.J63002) CE5.VPN-B & PE3.J63003) CE6.VPN-B & PE2.J4300

Internet VPN
1) BR1.C3550 & PE4.M5  - RD: 1:300  - RT: 1:700  - Routing: OSPF, area 0.0.0.1(BR1), 0.0.0.0(PE)
2) BR2.C3550 & PE3.J6300  - RD: 1:300  - RT: 1:700  - Routing: OSPF, area 0.0.0.2(BR2), 0.0.0.0(PE)
3) PC1 & PE2.J4300  - RD: 1:300  - RT: 1:700  - Routing: Static

2.2 MPLS L3VPN Connectivity
2.3 MPLS L3VPN Packet Flow: Between CEs (Ping Request from 172.16.10.2 to 172.17.11.2)
ping_ce1_to_ce2.pcap

2.3 MPLS L3VPN Packet Flow: Between CEs (Ping Reply from 172.16.11.2 to 172.17.10.2)
ping_ce2_to_ce1.pcap

2.4 MPLS L3VPN Packet Flow: Internet VPN (Ping Request from 10.10.12.2 to Internet)

3.1 Physical Topology for MPLS L3VPN with SmartBits600
사각형.140
PE1.J6300
PE / P router
PE2.J4300
Juniper J6300
PE / P router
Juniper J4300
PE3.J6300
PE / P router
PE4.M5
Juniper J6300
PE / P router
Juniper M5
BR1.C3550
Internet Border router
Cisco 3550
BR2.C3550
Internet Border router
Cisco 3550
CE1.VPN-A
CE1 router for VPN A
Dasan 5124
CE2.VPN-A
CE2 router for VPN A
Dasan 5124
CE3.VPN-A
CE3 router for VPN A
Dasan 5124
CE4.VPN-B
CE4 router for VPN B
Dasan 5124
CE5.VPN-B
CE5 router for VPN B
Dasan 5124
CE6.VPN-B
CE6 router for VPN B
Dasan 5124
L2SW1.V1124
L2 switch
Dasan 1124
L2SW2.V1124
L2 switch
Dasan 1124
L2SW3.V1124
L2 switch
Dasan 1124
NE Info

3.2 MPLS L3VPN Network (Logical Topology) with SmartBits600
VPN-A (Full mesh topology)
1) CE1.VPN-A & PE1.J6300  - RD: 1:100  - RT: 1:400  - Routing: eBGP, AS 65530(CE), 65500(PE)
2) CE2.VPN-A & PE3.J6300  - RD: 1:100  - RT: 1:400  - Routing: eBGP, AS 65531(CE), 65500(PE)
3) CE3.VPN-A & PE1.J6300  - RD: 1:100  - RT: 1:400  - Routing: Static

VPN-B (Hub and spoke, CE6.VPN-B is Hub site)
1) CE4.VPN-B & PE1.J63002) CE5.VPN-B & PE3.J63003) CE6.VPN-B & PE2.J4300
1) CE1.VPN-A & SMB600 Port A  - Routing: OSPF, area 02) CE2.VPN-A & SMB600 Port B  - Routing: OSPF, area 0

Internet VPN
1) BR1.C3550 & PE4.M5  - RD: 1:300  - RT: 1:700  - Routing: OSPF, area 0.0.0.0(BR1), 0.0.0.0(PE)
2) BR2.C3550 & PE3.J6300  - RD: 1:300  - RT: 1:700  - Routing: OSPF, area 0.0.0.0(BR2), 0.0.0.0(PE)3) PC1 & PE2.J4300  - RD: 1:300  - RT: 1:700  - Routing: Static

1) BR1.C3550 & SMB600 Port B  - Routing: eBGP, 65532 (BR1), 60000 (SMB)
2) BR2.C3550 & SMB600 Port C  - Routing: Ebgp, 65533 (BR2), 60001 (SMB)

3.3 LDP Convergence Test Environment

3.4 LDP Convergence Test 1: Port 17/Port 18 Failure

VPN-A (Full mesh topology)
1) CE1.VPN-A & PE1.J6300  - RD: 1:100  - RT: 1:400  - Routing: eBGP, AS 65530(CE), 65500(PE)
2) CE2.VPN-A & PE3.J6300  - RD: 1:100  - RT: 1:400  - Routing: eBGP, AS 65531(CE), 65500(PE)
3) CE3.VPN-A & PE1.J6300  - RD: 1:100  - RT: 1:400  - Routing: Static

VPN-B (Hub and spoke, CE6.VPN-B is Hub site)
1) CE4.VPN-B & PE1.J63002) CE5.VPN-B & PE3.J63003) CE6.VPN-B & PE2.J4300

1) CE1.VPN-A & SMB600 Port A  - Routing: Static2) CE2.VPN-A & SMB600 Port B  - Routing: Static

3.5 Result of LDP Convergence Test 1

Test Input Condition
1. # of routes = 12. Traffic bandwidth = (a)1Mbps, (b)5Mbps3. spf-delay (OSPF parameters) on PE1 = (a)200ms (default), (b)1000ms (in case of 1Mbps)4. Point of link failure = (a)Port 17, (b)Port 18 in MIRROR.SW

[T1-case01.trt]: 1Mbps / 200ms / Port 17[T1-case02.trt]: 1Mbps / 1000ms / Port 17[T1-case03.trt]: 1Mbps / 200ms / Port 18[T1-case03.pcap]: data captured in Port 2, 18 and 15 in MIRROR.SW[T1-case04.trt]: 1Mbps / 1000ms / Port 18[T1-case05.trt]: 5Mbps / 200ms / Port 17[T1-case06.trt]: 5Mbps / 200ms / Port 18

[T1-case01.trt]
10.57s
13.60s
Sheet.15
Sheet.16
Rate-derived Convergence Time = 13.60 . 10.57 = 3.02 secLoss-derived Convergence Time = 689 lost frames / 850 PPS = 811 ms
Sheet.18
[T1-case02.trt]
17.85s
20.88s
Sheet.22
Sheet.23
Rate-derived Convergence Time = 20.88 . 17.85 = 3.03 secLoss-derived Convergence Time = 552 lost frames / 850 PPS = 650 ms
[T1-case03.trt]
Lost Frames = 412Lost Frames = 793
[T1-case04.trt]
Lost Frames = 1118Lost Frames = 1047

Sheet.12
3.6 LDP Convergence Test 2-1: INTERNET VPN with Per-Flow ECMP . Port 16 Failure

Internet VPN
1) BR1.C3550 & PE4.M5  - RD: 1:300  - RT: 1:700  - Routing: OSPF, area 0.0.0.0(BR1), 0.0.0.0(PE)
2) BR2.C3550 & PE3.J6300  - RD: 1:300  - RT: 1:700  - Routing: OSPF, area 0.0.0.0(BR2), 0.0.0.0(PE)
3) PC1 & PE2.J4300  - RD: 1:300  - RT: 1:700  - Routing: Static

1) BR1.C3550 & SMB600 Port B  - Routing: eBGP, 65532 (BR1), 60000 (SMB)
2) BR2.C3550 & SMB600 Port C  - Routing: Ebgp, 65533 (BR2), 60001 (SMB)

3.7 LDP Convergence Test 2-2: INTERNET VPN with Per-Flow ECMP . Link of BR1 Failure  
Internet VPN
1) BR1.C3550 & PE4.M5  - RD: 1:300  - RT: 1:700  - Routing: OSPF, area 0.0.0.0(BR1), 0.0.0.0(PE)
2) BR2.C3550 & PE3.J6300  - RD: 1:300  - RT: 1:700  - Routing: OSPF, area 0.0.0.0(BR2), 0.0.0.0(PE)
3) PC1 & PE2.J4300  - RD: 1:300  - RT: 1:700  - Routing: Static

1) BR1.C3550 & SMB600 Port B  - Routing: eBGP, 65532 (BR1), 60000 (SMB)
2) BR2.C3550 & SMB600 Port C  - Routing: Ebgp, 65533 (BR2), 60001 (SMB)

3.8 Result of LDP Convergence Test 2
Test Input Condition1. # of routes = 172.1.1.0/24, 172.1.2.0/24, ... 172.17.30.0/242. Traffic bandwidth = 1Mbps3. spf-delay (OSPF parameters) = 200ms4. Point of link failure    - Test 2-1: Port 16 (between PE2.J4300 and PE4.M5)    - Test 2-2: fe0/1 on BR1.C3550
[T3-case01a/b/c.trt]: Test2-1[T3-case02a.trt]: Test2-1 without Per-flow ECMP[T3-case03a/b/c.trt]: Test2-2
Sheet.11
[T3-case01a.trt]
19.13s
22.16s
435pps
409pps
Sheet.17
Rate-derived Convergence Time = 22.16 . 19.13 = 3.03 secLoss-derived Convergence Time = 627 lost frames / 844 PPS = 743 ms
Sheet.19
[T3-case01b.trt]
20.91s
23.56s
435pps
409pps
Sheet.25
Rate-derived Convergence Time = 23.56 . 20.91 = 2.65 secLoss-derived Convergence Time = 183 lost frames / 844 PPS =217 ms
[T3-case01c.trt]
Lost Frames = 273
[T3-case02a.trt]
Lost Frames = 1082

3.8 Result of LDP Convergence Test 2 (cont)
[T3-case03a.trt]
Sheet.10
22.46s
435pps
409pps
24.57s
845pps
Sheet.16
Rate-derived Convergence Time = 24.57 . 22.46 = 2.11 secLoss-derived Convergence Time = 265 / 845 = 314 ms
[T3-case03b.trt]
Lost Frames = 353
[T3-case03c.trt]
Lost Frames = 0
Test started without link of BR1 and this link is up during the test

4.1 RSVP Convergence (without Protection/FRR): Port 17 Failure
case01-rsvp-port17-failure.pcapLine 35597

4.2 RSVP Convergence (without Protection/FRR): Port 5 Failure
case02-rsvp-port05-failure.pcapLine 12623

4.3 RSVP Convergence (without Protection/FRR): Port 18 Failure
case03-rsvp-port18-failure-a.pcapLine 58012

5.1 Logical Topology for MPLS L2VPN PoC
Config and route info on L2VPN lab.xls

5.2 Tunnel & VC LSP Establishment
nmc@PE1.M7i> show l2circuit connections
Layer-2 Circuit Connections:Neighbor: 103.0.0.1
    Interface Type St Time last up  # Up trans
    fe-0/0/2.600(vc 50)       rmt   Up     Oct 31 11:31:52 2007 1
      Local interface: fe-0/0/2.600, Status: Up, Encapsulation: VLAN
      Remote PE: 103.0.0.1, Negotiated control-word: No
      Incoming label: 100000, Outgoing label: 100000
    fe-0/0/3.700(vc 100)      rmt   Up     Oct 31 11:31:52 2007 1
      Local interface: fe-0/0/3.700, Status: Up, Encapsulation: VLAN
      Remote PE: 103.0.0.1, Negotiated control-word: No
      Incoming label: 100016, Outgoing label: 100016

nmc@PE3.M5> show l2circuit connections Layer-2 Circuit Connections:Neighbor: 101.0.0.1
    Interface Type  St  Time last up  # Up trans
    fe-0/0/2.600(vc 50)       rmt   Up     Nov  1 05:29:26 2007 1
      Local interface: fe-0/0/2.600, Status: Up, Encapsulation: VLAN
      Remote PE: 101.0.0.1, Negotiated control-word: No
      Incoming label: 100000, Outgoing label: 100000
    fe-0/0/2.700(vc 100)      rmt   Up     Nov  1 05:29:26 2007 1
      Local interface: fe-0/0/2.700, Status: Up, Encapsulation: VLAN
      Remote PE: 101.0.0.1, Negotiated control-word: No
      Incoming label: 100016, Outgoing label: 100016

Appendix

기본적인 MPLS/LDP 설정 방법
각 라우터의 Loopback 주소만 LDP로 advertisement하는 이유는?
MPLS Label Swapping Table을 보면 Incoming Interface가 없는데… 왜?
inet.0와 inet.3
inet.0와 inet.3 (계속)
Router Preference
ECMP (LDP, IGP 공통)
ECMP (LDP, IGP 공통) (계속)
BGP next-hop & IGP next-hop
Routing Policy
Related Contents

 

 

     
         
     

 

     
     

넷매니아즈 회원 가입 하기

2019년 1월 현재 넷매니아즈 회원은 49,000+분입니다.

 

넷매니아즈 회원 가입을 하시면,

► 넷매니아즈 신규 컨텐츠 발행 소식 등의 정보를

   이메일 뉴스레터로 발송해드립니다.

► 넷매니아즈의 모든 컨텐츠를 pdf 파일로 다운로드

   받으실 수 있습니다. 

     
     

 

     
         
     

 

 

비밀번호 확인
코멘트 작성시 등록하신 비밀번호를 입력하여주세요.
비밀번호