MPLS Management

Application Note

Cisco IOS MPLS Embedded Management

Cisco IOS^® MPLS Embedded Management is a set of architectures and value-added services that facilitates the deployment, operation, administration, and management of Multiprotocol Label Switching (MPLS)-based networks in line with the fault, configuration, accounting, performance, and security (FCAPS) model.

As service providers worldwide converge services and disparate networks onto MPLS-based infrastructures, MPLS operation, administration, and maintenance (OAM) capability becomes pivotal in providing service-level agreement (SLA) guarantees, service assurance, quality of service (QoS) assurance, and overall internetworking service management. Network operators need the ability to reliably conduct SLA testing, detect MPLS control- and user-plane defects, and check MPLS forwarding path integrity in real time. A service provider that is planning to offer managed services on an MPLS-based infrastructure must carefully consider MPLS OAM capabilities to support premium SLAs.

Cisco IOS MPLS Embedded Management is enabled by the combination of Cisco^® MPLS Label Switched Path (LSP) Ping/Traceroute, Cisco Virtual Circuit Connectivity Verification (VCCV), Cisco MPLS Traffic Engineering AutoTunnel/AutoMesh, and Cisco Auto Service Assurance Agent (SAA) (Figure 1). These Cisco Systems^® technologies are unique in the industry and allow service providers to easily deploy, operate, and monitor MPLS enhanced services.

MPLS LSP Ping and Traceroute

Cisco MPLS LSP Ping/Traceroute provides diagnostics and troubleshooting for MPLS LSPs. When an LSP fails to deliver user traffic, the failure cannot always be detected by the MPLS control plane. For the MPLS data plane verification, as a natural progression, the IP data plane verification tools (ping and trace route) are extended to work on the MPLS networks. MPLS LSP Ping/Traceroute is modeled after the ping/traceroute paradigm. MPLS Ping allows verifying the LSP connectivity and the integrity of the MPLS network.

Ping mode can test the integrity of connectivity via verification on the Forward Equivalence Class (FEC) entity between the ping origin and the egress node for this particular FEC. This test is carried out by sending an MPLS echo request along the same data path as other packets belonging to this FEC (Figure 2). When the ping packet reaches the end of the path, it is sent to the control plane of the egress label switch router (LSR), which verifies that it is indeed an egress for the FEC. The MPLS echo request contains information about the FEC whose MPLS path is being verified.

MPLS Traceroute is used for hop-by-hop fault localization and LSP path tracing. In the trace route LSP verification, the packet is sent to the control plane of each transit LSR, which performs various checks, including one that determines if it is a transit LSR for this path. Each transit LSR also returns extra information related to the FEC being tested (label bound to the FEC, for example). This information helps when checking the control plane against the data plane (for example, in checking if local forwarding information matches what the routing protocols have determined as the path). Traceroute operation is performed via a manipulation on the time-to-live (TTL) (Figure 3).

These tools provide the foundation for the MPLS OAM capabilities and facilitate the operation of the MPLS network.

VCCV

As network operators deploy Any Transport over MPLS (AToM) services, the ability to provide end-to-end fault detection and diagnostics for an emulated pseudowire service is critical for the network operator. Cisco MPLS VCCV enhances the monitoring and troubleshooting of Layer 2 services across an MPLS network. VCCV creates a control channel between the two termination point pseudowire provider edge devices (Figure 4) to uniquely identify the connectivity verification packets from the regular Layer 2 payloads. Ideally, such a control channel would be completely in-band. When a control word is present on virtual circuit, it is possible to indicate the control channel by setting a bit in the control header. To ensure smooth interoperability between the different devices participating in the pseudowire service, however, the use of an MPLS router alert label to indicate the control channel is also supported. The combination of VCCV and MPLS Ping/Traceroute simplifies the operation, management, and troubleshooting of the emulated Layer 2 service from end to end.

Cisco MPLS Traffic Engineering AutoTunnel—Primary and Backup

Cisco MPLS Traffic Engineering AutoTunnel provides the ability to set up traffic engineering tunnels automatically (Figure 5). There are two variants of AutoTunnels for protection capabilities—primary and backup. Cisco MPLS Traffic Engineering AutoTunnel Primary is a one-hop primary tunnel that, when used in conjunction with Cisco MPLS Traffic Engineering FastReroute protection, protects any traffic steered through the primary "one-hop tunnel." This means that any traffic, including IP traffic going through the physical link, is protected by Cisco MPLS Traffic Engineering Fast Reroute. Similarly, Cisco MPLS Traffic Engineering AutoTunnel Backup provides the capability to automatically build MPLS traffic engineering backup tunnels for the primary traffic engineering tunnel. These backup tunnels are set up mainly using "next-hop" or "next-next-hop" protection, whenever available. A manually configured backup tunnel is preferred and provides "tweaking capabilities" for AutoTunnel features. Cisco MPLS Traffic Engineering AutoTunnel automates the configuration tasks in the deployment of Cisco MPLS Traffic Engineering Fast Reroute.

Cisco MPLS Traffic Engineering AutoTunnel—Mesh Groups

MPLS traffic engineering is deployed within the core of a network. It caters to three major applications:

By deploying a full mesh of traffic engineering tunnels, some service providers have reported a gain of 40 to 50 percent of additional bandwidth over the same infrastructure. This represents a significant reduction in capital expenses for a service provider.

Cisco MPLS Traffic Engineering AutoTunnel Mesh Group focuses on the ability to increase the amount of bandwidth available over the same MPLS infrastructure. It automates the configuration tasks in deployment of full-mesh MPLS traffic engineering tunnels. A full mesh of similar MPLS traffic engineering tunnel (sharing the same attributes) is automatically built between the router's member of a "specific mesh group".

This type of tool is typically needed when transitioning an MPLS network to a fully meshed MPLS traffic engineering tunnel (requires heavy configuration). It is also needed when adding a new router in a fully meshed MPLS traffic engineering core, where traffic engineering tunnels to every existing router from the new one are needed.

Cisco MPLS Aware SAA

Cisco SAA is widely used when network performance measurement and SLA monitoring data such as jitter statistics, packet loss, and round-trip time (RTT) are required within an IP-based network. Cisco IOS SAA collects network performance information in real time, including response time, one-way latency, one-way jitter, one-way packet loss, voice quality measurement, and other network statistics. SAA provides unidirectional and bidirectional measurements and supports measurements per class of service. Proactive notification and threshold violation monitoring for jitter, packet loss, latency, and connectivity are also available. All SAA performance statistics are available in the Simple Network Management Protocol (SNMP) MIBs.

Cisco SAA provides unique tools that allow monitoring of MPLS Layer 3-based VPNs. However, deploying such probes is not always simple—it requires provisioning on the pair of provider edge devices to be monitored. Cisco Auto SAA enhances feature-rich SAA capabilities by simplifying the deployment and configuration of the SAA probes wherever performance measurement and SLA monitoring for an MPLS Layer 3 VPN infrastructure are required. The extended features include automatic generation of probes to measure performance between MPLS provider edge routers, proactive monitoring of the MPLS network, and automatic optimization of probe scheduling, giving a better scan coverage time.

Cisco MPLS-Aware NetFlow

Cisco NetFlow capitalizes on the flow nature of traffic in the network to provide detailed IP accounting information with minimal impact on router/switch performance. NetFlow monitors IP flows in the router/switch and exports the flows in User Datagram Protocol (UDP) format to a NetFlow collector. The NetFlow collector correlates, aggregates, and reports on the data received from the network. This data can be used for purposes that include network management and planning, enterprise accounting, departmental chargeback, usage-based billing, and data warehousing/mining for marketing purposes. The latest version, Cisco NetFlow Version 9, extends NetFlow to support MPLS label information, IPv6 information, BGP next hop, and multicast information.

Cisco MPLS-Aware NetFlow can determine and account for traffic to a particular destination in the MPLS cloud. It supports the complete IP flow information export plus the export of up to three labels and label destination prefix information, including MPLS EXP value. Further, MPLS-Aware NetFlow accounts for MPLS traffic that contains IP or non-IP packets, and can include the MPLS header as part of the accounting information.

Cisco MPLS:

http://www.cisco.com/go/mpls

Cisco IOS Software Release 12.0S Documentation:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1829/index.html

Cisco IOS SAA:

http://www.cisco.com/warp/public/732/Tech/nmp/saa/

Cisco IOS NetFlow:

http://www.cisco.com/warp/public/732/Tech/nmp/netflow/

Advanced topics in MPLS traffic engineering deployment:

http://www.cisco.com/en/US/tech/tk436/tk428/technologies_white_paper09186a00800a4472.shtml