MPLS VPN Network Design Implementation And Testing

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Introduction of GNS3

GNS3 is an open source graphical network simulation tool. It allows designing complex network topologies and launching the simulation on them. GNS3 is bundled with following software. They are strongly linked with GNS3. GNS3 supports IOS routers, ATM/Frame Relay/Ethernet switches and hubs.

Dynamips

Dynamips is a Cisco IOS emulator. It helps to run IOS binary images from Cisco. It emulates 1700, 2600, 3600 and 7200 hardware platforms and runs standard images.

Dynagen

Dynagen is text based front-end for dynamips. The management console of Dynagen allows users to perform more actions such as list devices, suspend, stop and reload instances, determine and manage idle-pc values, perform packet captures and more.

GNS3 supports multiple platforms such as, Windows, Linux and MacOS.

The following diagram shows a GNS3 view.

GNS3 allows uploading the compressed Cisco IOS image. The following figure shows that uploading the image in GNS3

Pros and Cons of Using GNS3

Pros

GNS3 is an open source project designing a real network simulation tool. So, there is any cost of using this tool

Most of the Network simulation tools are not powerful like GNS3 in CLI mode.

In a real service provider scenario, the actual requirement arises to configure network nodes in CLI mode.

GNS3 provides a real network environment to practice the configurations.

The big advantage of GNS3 is the actual router IOS is used in compressed format. So user can get all the router features to configure.

Other simulators provide a strong GUI capability, however that is not useful for real network environment practice.

Other simulators are not using the real IOS images for network nodes. Simulation engine is designed for them. So a lot of features are missed. MPLS feature is an advanced networking feature needs service provider license. Those features missed in most of the network simulators. Some of the simulator needs license with big cost.

Cons

GNS3 has a big disadvantage of scalability problem. Numbers of nodes are limited to the memory and processor capacity of the PC.

Since, the nodes designed in a simulation consume the memory and processing power from PC, It is risk to use for network research purpose. The results may depend on the performance of computer which runs.

GNS3 does not have any graphical analytical tools like opnet simulation tool. This is the big drawback for using network simulation analysis.

So, it is not recommended to use as network analytical tool beyond a limit.

Network Architecture and Design

The project includes MPLS VPN network design, implementation and IGP protocol analysis. OSPF and ISIS are the IGP protocol analyzed regarding their performance in MPLS VPN network. There are two scenarios created for performance analysis. One of the scenario is OSPF based MPLS VPN implementation and other one is ISIS based MPLS VPN implementation.

Firstly, OSPF based MPLS scenario is created and MPLS-VPN is implemented. Then the same setup is duplicated and the IGP protocol is replaced with ISIS. The following diagram shows the network simulation setup.

The network setup consists of MPLS core network and last mile access network. The MPLS core network is designed with 4 MPLS Provider network (P routers) routers and the edges are designed with 4 Provider Edge routers (PE routers). Each PE routers are connected with 2 P routers and one Customer Edge Router (CE Router). One of the customer edge routers is configured as Head office router and another one is configured as one branch router.

The above diagram shows the MPLS core network setup with the IP design and the router Ids as well. PE2 is connected with head office and PE1 is connected with branch office. The above setup is used for all the experiment. Cisco 7200 routers are used as P router and Cisco 3600 routers are used as PE routers.

IP Network design

Node

Router ID

Interface

Connecting Node

IP design

Branch office1

Loop0: 1.1.1.1

Ser1/0

PE1 ser2/0

192.168.20.6/30

Head office

Loop0:7.7.7.7

Ser1/0

PE1 ser2/0

192.168.20.16/30

PE routers

PE1

Loop0: 2.2.2.2

Ser 2/0

Branch office1 ser 1/0

192.168.20.6/30

Fa 1/0

P4 Fa 3/0

192.168.30.4/30

Fa 1/1

P1Fa1/1

192.168.30.0/30

P routers

Node

Router ID

Interface

Connectivity

IP design

P1

Loop0: 3.3.3.3

Fa 1/0

P4 Fa 1/1

192.168.40.4/30

Fa 1/1

PE1 Fa1/1

192.168.30.0/30

Fa 2/0

P2 Fa1/0

192.168.40.8/30

Fa 2/1

P3 Fa1/0

192.168.40.16/30

Fa 3/0

PE2 Fa1/0

192.168.30.28/30

Core Router Design and Implementation (P Routers)

MPLS core routers are mainly designed for fast switching purpose because MPLS design is for reducing the backbone traffic. So MPLS core routers don't do the routing lookup. They will forward the packet based on labels. The following diagram shows the focus of P routers only from the network design

The following figure shows the balance network design extends to head office router. Head office router is configured with a loopback address 192.168.100.1 /32.

The following screenshot explains the trace route report from branch office connected with PE1 to loopback interface of Head office router which connected with PE2. The path assignment shows packets hit the PE1 router and forwarded to MPLS P1 core router. PE1 do the MPLS label assignment

The following screen shot explains the MPLS label assignment at PE1. Router ID 7.7.7.7 is the final target of MPLS VPN tunnel and which is the MPLS provider edge router. 24 is the outgoing label assigned for prefix 7.7.7.7/32.

Next to the PE router the packets are forwarded towards the router P1. Label 36 is assigned for the packets come with inner label 24.

IGP protocol (OSPF) implementation

IGP protocol provides the basic IP connectivity to build the MPLS cloud on top of that. Since, it is a small network, all MPLS cloud routers are configured as Backbone area routers. The following example shows a P1 router OSPF configuration.

OSPF Configuration Example

Global Config to enable routing process

Router(config)#router ospf 100

Router(config-router)#router-id 4.4.4.4

Enable interface network to participate in OSPF

Router(config-router)# network 4.4.4.4 0.0.0.0 area 0

Router(config-router)# network 192.168.30.6 0.0.0.0 area 0

Router(config-router)# network 192.168.30.10 0.0.0.0 area 0

Router(config-router)# network 192.168.40.1 0.0.0.0 area 0

The following diagram shows the OSPF interface detail of Core router P4. It provides a complete connectivity all surrounded routers.

IGP protocol (ISIS) implementation

IS-IS is another IGP protocol used to analyze the performance comparison with OSPF. IS-IS configuration is little bit different than the other protocols such as OSPF, EIGRP. It is not using IP address modelling

The following ISO addresses illustrate the IS-IS address format:

The ISIS Network Service Access Point Address (NSAP) has combined three parts. They are area ID, the system ID, and the NSEL. They are written in hexadecimal and have a maximum size of 20 bytes. The first byte of the area number (49) is the authority and format indicator (AFI). The next six bytes form the system identifier. The system identifier commonly is the media access control (MAC) address. The last byte (00) is called nselector bits. Addresses starting with 49 (AFI=49) are considered private NSAP addresses range similar to private IP addresses.

ISIS NSAP addressing

Nodes

NSAP

PE1

49.0010.1111.2222.2222.00

P1

49.0010.1111.2222.3333.00

P2

49.0010.1111.2222.6666.00

P3

49.0010.1111.2222.5555.00

P4

49.0010.1111.2222.4444.00

PE2

49.0010.1111.2222.7777.00

PE3

49.0010.1111.2222.9999.00

PE4

49.0010.1111.2222.8888.00

ISIS configuration

There are two main steps has to be taken to enable ISIS routing process. The first step is to enable the integrated Isis routing process using the Cisco IOS configuration command router Isis in global configuration mode.

After the IS-IS process is globally enabled, the router must be identified for IS-IS by assigning a network address to the router with the net (config-router) command.

The next step is to advertise the routing from each interface to distribute their IP information. Ip router Isis interface level configuration command will advertise the interface network when you apply on each interface.

There are some more commands to fine tune the ISIS process. Both level-1 and level-2 operation is possible in IS-IS routers. This can be enabled using is-type command in global configuration mode. If it is area router or level-1 router, use is-type level-1 command. If it is backbone or level-2 router, specify is-type level-2 only. Isis circuit-type interface command used to configure the type of adjacency on an interface. It can be level-1 or level-2 only. If it is not specified, the IOS will attempt to establish both adjacencies. The following figure shows a short description of configuration.

ISIS Configuration Example

Global Config to enable routing process

Router(config)#router isis

Router(config-router)#net 49.0010.1111.2222.3333.00

Router(config-router)#is-type level-2-only

Interface Config to enable interface to participate in ISIS

Router(config)# interface Fa 1/0

Router(config-if)# ip router isis

LDP implementation

Label Distribution Protocol plays a key role in MPLS in creating the Label Switch Paths and support to Label Switching Routers to request, distribute and release label information to peer router in the MPLS cloud. MPLS basic architecture is Label distribution which is enabled by LDP. The Peer router can be a directly connected router or none directly connected. However both routers should be Label Switch Routers (LSR). Once both LSRs communicate the LDP parameters such as label binding information, Label Switched Path is established. MPLS LDP distributes the labels through normal routing path to support MPLS forwarding which is called Hop-by-Hop forwarding. With MPLS forwarding, the incoming packets are forwarded based on the label lookup from a table.

LDP assigns the labels based on the Interior Gateway Protocol chosen paths. It provides hop by hop or dynamic label distribution. The resulting LSP forward the label traffic across the MPLS backbone. This capability supports for MPLS VPN technology.

Label Distribution Protocol is configured per interface basis for directly connected neighbors and per session basis for nondirectly connected LSRs. In a VPN scenario we have selected per interface basis configuration. So it is a hop by hop forwarding.

When enable MPLS LDP functionality in the LSR interfaces, it will send out the hello messages as User Datagram Protocol (UDP) packets to all routers on the subnet as multicast. This is a basic LSR discovery process. The neighbor LSR will respond with link hello message and establish the LDP session. There are two roles defined under LDP session for routers such as active and passive. Active role LSR starts to establish the LDP TCP connection session and initiates the negotiation. The router with the higher IP address will take the active role.

The following configuration enables the MPLS LDP on LSR.

LDP Configuration Example

Enable LDP at Global configuration Mode

Router(config)#mpls ip

Router(config)# mpls label protocol ldp

Interface Config to enable LDP

Router(config)# interface Fastethernet1/0

Router(config-if)# mpls ip

The mpls ip global configuration command will enable hop by hop forwarding. However, enabling in global configuration mode will not enable ldp in interface mode. Mpls ip command is enabled by default. The next command will specify the label distribution protocol. The global configuration will enable the LDP protocol on each interface. The default label distribution protocol is LDP. The interface configuration will enable the MPLS hop by hop forwarding.

LDP Configuration verification

LDP verification Commands

Router# show mpls interfaces

Router# show mpls ldp discovery

Router# mpls ldp neighbour

The LDP configuration verification commands helps to troubleshoot the LDP problems in MPLS. The show mpls interfaces command helps to check whether ldp is enabled in each interface. Show mpls ldp discovery used to verify the ldp is up and sending the discovery messages. Final command is used to identify the LDP neighbours.

MPBGP Implementation

Multi Protocol BGP is an extension for the BGP to support MPLS VPN application. It carries the VPN information. The following figure shows the MPBGP configuration in our MPLS VPN scenario.

MPBGP configuration

MPBGP related Commands

Router(Config) #router bgp 65101

Router(config-router)#no bgp default ipv4-unicast

Router(config-router)#neighbor 2.2.2.2 remote-as 65101

Router(config-router)#neighbor update-source loop 0

Router(config-router)#address-family vpnv4

Router(config-router-af)#neighbor 2.2.2.2 activate

Router(config-router-af)#neighbor 2.2.2.2 send-community extended

Router(config-router-af)#neighbor route-reflector-client

Provider Edge Router Configuration

Provider edge routers are the border routers in MPLS cloud. Labels are appended at Ingress PE router and removed at egress routers. On the other hand, PE routers establish the VRF with number of customer site routers which uses identical IP prefixes. In addition to these, PE routers are act as the border routers for IGP protocols. In our testing scenario, OSPF or ISIS runs in the MPLS backbone cloud and ordinary BGP runs in between customer site router and PE router. Route redistribution will be done at PE router. The following command lines in figure() shows the implementation of above scenario.

PE Router configuration

PE router sample

Router(Config) #ip vrf cust1

Router(Config-vrf)# description customer1site1

Router(Config-vrf)# rd 1:1

Router(Config-vrf)# route-target export 1:1

Router(Config-vrf)# route-target import 1:1

Router(config-router)# address-family ipv4 vrf cust1

Router(config-router-af)# neighbor 192.168.20.6 remote-as 65111

Router(config-router-af)#neighbor 192.168.20.6 activate

VRF Implementation

VRF is virtual routing concept from customer router point of view. It shows a magic that Customer Edge (CE) routers to think they have connected with individual PE routers. It is actually PE router is virtualized into number of VRFs. So, there is no address conflict since it is fully virtualized. Same IP prefixes can be used in different VRFs. PE router will maintain separate unique routing table for each customers. It allows customers to use identical IP addresses. The key components in VRF configuration is VRF name and Route distinguisher. Route distinguisher is used to distinguish between overlapping addresses in the VRF. The following figure shows the VRF configuration.

Let's assume two customers have following networks; Customer 1: 192.168.1.0/24

Customer 2: 192.168.1.0/24 This can be implemented in VRF as shown in the figure

VRF configuration

VRF sample

P1# config t

P1(config)# ip vrf VPN_1

P1(config-vrf)# rd 1:1

P1(config-vrf)# exit

P1(config)# ip vrf VPN_2

P1(config-vrf)# rd 1:2

Chapter-7:

Testing and Observation

The objective of the testing is to test the performance analysis of IGP protocols used in MPLS NPN environment. OSPF and ISIS used to analyze. so, two scenarios created based on IGP protocols.

Testing Environment

Initially we have preferred to select three options such as Real router implementation, Opnet network simulation tool and GNS3 network simulation tool. Cisco 3600 series routers are able to support for MPLS. We have enough routers in the lab. So, we have planned to go with that option. But, university only obtained the IP license only form Cisco. MPLS is supported by the Cisco service provider license and it is much cost to buy that license as we have discussed with IT staff. Then, we have given up that option.

Other two options are using the network simulation tools such as GNS3 and OPNET. However, in this time also, same problem arise. OPNET which is installed in the lab doesn't have the MPLS license. So OPNET simulation tool option is also given up.

When we compare both GNS3 and Opnet both have some advantages and disadvantages. The main advantage on GNS3 is we can have the real router environment. The actual router IOS is used and all the same features available as real routers. So, we can configure in the CLI mode. This is a big advantage and benefit to get an industrial environment practice and experience. However, the disadvantage of GNS3 is, it doesn't have the graphical result analytical tool.

OPNET is stronger than GNS3 in graphical result analytical tool. However, it is not enough stronger like GNS3 in CLI mode configuration and real router environment.

As we have seen, finally, GNS3 simulation tool is selected to use for the testing. Testing environment is made with two laptops, since the simulation tool has the dependency on the hardware it is running so, we need to consider this dependency and eliminate the dependency. The following table shows the configuration of each laptop used for testing platform.

Feature

HP Laptop

Toshiba Laptop

1

Model

HP Pavilion dm3 Notebook PC

Toshiba Notebook

2

Processor

AMD Athlon (tm) neo X2 Dual Core Processor L335 1.60 GHz

Intel(R) Core (TM)2 Duo CPU T5750 2.00GHz

3

Memory (RAM)

4.00GB

4.00GB

4

Operating System

Windows 2007

Windows Vista

5

System Type

64-bit Operating system

64-bit Operating system

GNS3 is open source network simulation software able to download as free of charge. GNS3 is downloaded and installed in both laptops for testing. As we have seen in the previous chapters, there are two MPLS scenarios created. Such as, OSPF based MPLS and ISIS based MPLS. Each scenario based testing is carried out on both laptops and results are compared.

Testing Scenarios

The following diagram shows the required setup scenario. From customer site router ICMP packets are sent using following router command

Router# ping ip 192.168.100.1 repeat 100 timeout 1

Each testing scenario has been used to test number of tasks to analyze the performance of IGP protocols on MPLS VPN environment. In our setup, convergence time is measured to analyze the performance between OSPF and ISIS on MPLS VPN platform.

The following sub scenarios are considered for the performance analysis

Link fails in the MPLS VPN traffic path

Router fails in the MPLS VPN traffic path

The following parameters are captured for analysis.

ICMP Traffic success rate

Convergence time delay

Roundtrip time

Traffic rerouted path

The following testing scenarios are created. Each scenario is tested 10 times to get good results.

ISIS based MPLS scenario is created in Toshiba laptop and following sub scenarios are tested 10 times.

Router P1 fails

Link between P1 router and PE1 router fails

Link between P1 router and PE2 router fails

OSPF based MPLS scenario is created in HP laptop and following sub scenarios are tested 10 times.

Router P1 fails

Link between P1 router and PE1 router fails

Link between P1 router and PE2 router fails

The following diagram shows the tested plan

Observation and Results

ISIS based MPLS scenario is created in Toshiba laptop

Results for when P1 router fails

Testing No

Scenario

Roundtrip time (ms)

ICMP success rate (%)

Rerouted Path

Min

Average

Max

1

When Router P1 Fails at ISIS based MPLS

56

196

516

86

192.168.20.5

192.168.30.6

192.168.40.14

192.168.20.17

192.168.20.18

2

32

194

376

86

3

92

206

452

86

4

28

197

404

86

5

32

187

436

86

6

60

190

372

85

7

16

189

376

86

8

80

188

300

86

9

48

184

344

86

10

56

177

296

83

Trace route when P1 fails-ISIS Scenario

Branch_Office1#traceroute 192.168.100.1

Type escape sequence to abort.

Tracing the route to 192.168.100.1

1 192.168.20.5 96 msec 20 msec 124 msec

2 192.168.30.6 [MPLS: Labels 25/31 Exp 0] 200 msec 184 msec 204 msec

3 192.168.40.14 [MPLS: Labels 25/31 Exp 0] 172 msec 204 msec 188 msec

4 192.168.20.17 [AS 65122] [MPLS: Label 31 Exp 0] 156 msec 152 msec 188 msec

5 192.168.20.18 [AS 65122] 388 msec 188 msec *Trace route results captured from router

Results for when link between P1 and PE1 fails

Testing No

Scenario

Roundtrip time (ms)

ICMP success rate (%)

Rerouted Path

Min

Average

Max

1

When link between P1 and PE1 fails at ISIS based MPLS

108

197

344

93

192.168.20.5

192.168.30.6

192.168.40.6

192.168.20.17

192.168.20.18

2

100

189

408

93

3

92

197

376

93

4

112

196

360

93

5

124

204

360

93

6

92

194

344

93

7

112

198

424

93

8

124

187

300

93

9

92

181

340

93

10

92

196

360

93

Trace route results captured from router

Trace route when P1 Fast Ethernet 1/1 fails-ISIS Scenario

Branch_Office1#traceroute 192.168.100.1

Type escape sequence to abort.

Tracing the route to 192.168.100.1

1 192.168.20.5 64 msec 76 msec 48 msec

2 192.168.30.6 [MPLS: Labels 25/31 Exp 0] 220 msec 432 msec 312 msec

3 192.168.40.6 [MPLS: Labels 25/31 Exp 0] 248 msec 248 msec 220 msec

4 192.168.20.17 [AS 65122] [MPLS: Label 31 Exp 0] 172 msec 196 msec 128 msec

5 192.168.20.18 [AS 65122] 200 msec 256 msec *

Results for when link between P1 and PE2 fails

Testing No

Scenario

Roundtrip time (ms)

ICMP success rate (%)

Rerouted Path

Min

Average

Max

1

When link between P1 and PE2 fails at ISIS based MPLS

120

182

296

93

192.168.20.5

192.168.30.6

192.168.40.10

192.168.20.17

192.168.20.18

2

92

243

888

91

3

92

193

376

97

4

96

195

528

93

5

96

197

328

93

6

92

183

436

93

7

96

201

360

93

8

108

197

388

93

9

92

188

404

97

10

108

204

326

97

Trace route results captured from router

Trace route when P1 Fast Ethernet 3/0 fails-ISIS Scenario

Branch_Office1#traceroute 192.168.100.1

Type escape sequence to abort.

Tracing the route to 192.168.100.1

1 192.168.20.5 100 msec 124 msec 32 msec

2 192.168.30.2 [MPLS: Labels 25/31 Exp 0] 220 msec 196 msec 188 msec

3 192.168.40.10 [MPLS: Labels 25/31 Exp 0] 220 msec 276 msec 156 msec

4 192.168.20.17 [AS 65122] [MPLS: Label 31 Exp 0] 172 msec 220 msec 140 msec

5 192.168.20.18 [AS 65122] 296 msec 192 msec *

ISIS based MPLS scenario is created in HP laptop

Results for when P1 router fails

Testing No

Scenario

Roundtrip time (ms)

ICMP success rate (%)

Rerouted Path

Min

Average

Max

1

When Router P1 Fails at ISIS based MPLS

8

171

568

86

192.168.20.5

192.168.30.6

192.168.40.14

192.168.20.17

192.168.20.18

2

60

204

728

86

3

36

170

464

85

4

20

181

636

85

5

28

196

728

86

6

56

168

612

86

7

12

163

496

84

8

40

168

596

90

9

28

191

556

85

10

44

162

712

86

Trace route when P1 fails-ISIS Scenario

Branch_Office1#traceroute 192.168.100.1

Type escape sequence to abort.

Tracing the route to 192.168.100.1

1 192.168.20.5 20 msec 100 msec 84 msec

2 192.168.30.6 [MPLS: Labels 26/36 Exp 0] 184 msec 168 msec 108 msec

3 192.168.40.14 [MPLS: Labels 23/36 Exp 0] 152 msec 216 msec 100 msec

4 192.168.20.17 [AS 65122] [MPLS: Label 36 Exp 0] 156 msec 140 msec 196 msec

5 192.168.20.18 [AS 65122] 276 msec 192 msec *Trace route results captured from router

Results for when link between P1 and PE1 fails

Testing No

Scenario

Roundtrip time (ms)

ICMP success rate (%)

Rerouted Path

Min

Average

Max

1

When link between P1 and PE1 fails at ISIS based MPLS

28

194

760

92

192.168.20.5

192.168.30.6

192.168.40.6

192.168.20.17

192.168.20.18

2

48

216

552

89

3

20

155

560

92

4

52

189

528

96

5

16

151

404

93

6

32

192

588

92

7

44

192

496

93

8

48

222

664

97

9

52

210

576

92

10

8

215

756

92

Trace route results captured from router

Trace route when P1 Fast Ethernet 1/1 fails-ISIS Scenario

Branch_Office1#traceroute 192.168.100.1

Type escape sequence to abort.

Tracing the route to 192.168.100.1

1 192.168.20.5 92 msec 120 msec 88 msec

2 192.168.30.6 [MPLS: Labels 26/36 Exp 0] 268 msec 160 msec 312 msec

3 192.168.40.6 [MPLS: Labels 18/36 Exp 0] 260 msec 328 msec 264 msec

4 192.168.20.17 [AS 65122] [MPLS: Label 36 Exp 0] 156 msec 140 msec 196 msec

5 192.168.20.18 [AS 65122] 224 msec 288 msec *

Results for when link between P1 and PE2 fails

Testing No

Scenario

Roundtrip time (ms)

ICMP success rate (%)

Rerouted Path

Min

Average

Max

1

When link between P1 and PE2 fails at ISIS based MPLS

20

178

716

91

192.168.20.5

192.168.30.6

192.168.40.10

192.168.20.17

192.168.20.18

2

36

191

624

93

3

60

191

568

96

4

40

197

576

92

5

68

218

708

96

6

12

181

576

95

7

48

192

672

97

8

56

204

789

93

9

12

217

912

97

10

44

185

676

94

Trace route results captured from router

Trace route when P1 Fast Ethernet 3/0 fails-ISIS Scenario

Branch_Office1#traceroute 192.168.100.1

Type escape sequence to abort.

Tracing the route to 192.168.100.1

1 192.168.20.5 88 msec 124 msec 36 msec

2 192.168.30.2 [MPLS: Labels 18/36 Exp 0] 216 msec 232 msec 180 msec

3 192.168.40.10 [MPLS: Labels 23/36 Exp 0] 196 msec 180 msec 168 msec

4 192.168.20.17 [AS 65122] [MPLS: Label 36 Exp 0] 156 msec 420 msec 180 msec

5 192.168.20.18 [AS 65122] 100 msec 292 msec *

OSPF based MPLS scenario is created in HP laptop

Results for when P1 router fails

Testing No

Scenario

Roundtrip time (ms)

ICMP success rate (%)

Rerouted Path

Min

Average

Max

1

When Router P1 Fails at OSPF based MPLS

172

373

816

55

192.168.20.5

192.168.30.6

192.168.40.14

192.168.20.17

192.168.20.18

2

184

357

624

56

3

156

355

744

56

4

172

350

744

56

5

64

324

656

58

6

156

338

624

56

7

172

340

608

62

8

188

324

656

61

9

84

348

620

59

10

172

376

768

55

Trace route when P1 fails-ISIS Scenario

Branch_Office1#traceroute 192.168.100.1

Type escape sequence to abort.

Tracing the route to 192.168.100.1

1 192.168.20.5 40 msec 140 msec 60 msec

2 192.168.30.6 [MPLS: Labels 25/35 Exp 0] 304 msec 436 msec 312 msec

3 192.168.40.14 [MPLS: Labels 26/35 Exp 0] 376 msec 364 msec 424 msec

4 192.168.20.17 [AS 65122] [MPLS: Label 35 Exp 0] 356 msec 276 msec 264 msec

5 192.168.20.18 [AS 65122] 368 msec 376 msec *

Trace route results captured from router

Results for when link between P1 and PE1

Testing No

Scenario

Roundtrip time (ms)

ICMP success rate (%)

Rerouted Path

Min

Average

Max

1

When link between P1 and PE1 fails at OSPF based MPLS

156

405

716

91

192.168.20.5

192.168.30.6

192.168.40.6

192.168.20.17

192.168.20.18

2

200

441

824

92

3

216

437

948

92

4

140

340

688

92

5

124

405

796

92

6

72

250

840

92

7

48

273

856

92

8

36

287

664

92

9

116

317

828

92

10

88

269

596

90

Trace route results captured from router

Trace route when P1 Fast Ethernet 1/1 fails-ISIS Scenario

Branch_Office1#traceroute 192.168.100.1

Type escape sequence to abort.

Tracing the route to 192.168.100.1

1 192.168.20.5 52 msec 208 msec 172 msec

2 192.168.30.6 [MPLS: Labels 25/35 Exp 0] 528 msec 760 msec 424 msec

3 192.168.40.6 [MPLS: Labels 25/35 Exp 0] 468 msec 480 msec 392 msec

4 192.168.20.17 [AS 65122] [MPLS: Label 35 Exp 0] 356 msec 284 msec 296 msec

5 192.168.20.18 [AS 65122] 516 msec 500 msec *

Results for when link between P1 and PE2 fails

Testing No

Scenario

Roundtrip time (ms)

ICMP success rate (%)

Rerouted Path

Min

Average

Max

1

When link between P1 and PE2 fails at OSPF based MPLS

92

260

728

92

192.168.20.5

192.168.30.6

192.168.40.10

192.168.20.17

192.168.20.18

2

88

300

884

96

3

92

266

572

92

4

68

255

720

91

5

88

291

708

92

6

72

274

944

92

7

112

300

792

92

8

80

284

688

91

9

72

307

576

92

10

88

290

876

93

Trace route results captured from router

Trace route when P1 Fast Ethernet 3/0 fails-ISIS Scenario

Branch_Office1#traceroute 192.168.100.1

Type escape sequence to abort.

Tracing the route to 192.168.100.1

1 192.168.20.5 32 msec 108 msec 108 msec

2 192.168.30.2 [MPLS: Labels 25/35 Exp 0] 584 msec 272 msec 312 msec

3 192.168.40.10 [MPLS: Labels 26/35 Exp 0] 320 msec 316 msec 152 msec

4 192.168.20.17 [AS 65122] [MPLS: Label 35 Exp 0] 352 msec 392 msec 556 msec

5 192.168.20.18 [AS 65122] 444 msec 408 msec *

No of routes at PE1

OSPF based MPLS scenario is created in Toshiba laptop

Results for when P1 router fails

Testing No

Scenario

Roundtrip time (ms)

ICMP success rate (%)

Rerouted Path

Min

Average

Max

1

When Router P1 Fails at OSPF based MPLS

80

223

344

56

192.168.20.5

192.168.30.6

192.168.40.14

192.168.20.17

192.168.20.18

2

92

181

292

59

3

96

194

420

59

4

108

181

296

56

5

52

184

360

58

6

108

186

392

63

7

60

186

344

61

8

92

195

332

59

9

104

175

344

58

10

112

182

268

58

Trace route when P1 fails-ISIS Scenario

Branch_Office1#traceroute 192.168.100.1

Type escape sequence to abort.

Tracing the route to 192.168.100.1

1 192.168.20.5 96 msec 20 msec 124 msec

2 192.168.30.6 [MPLS: Labels 25/31 Exp 0] 200 msec 184 msec 204 msec

3 192.168.40.14 [MPLS: Labels 25/31 Exp 0] 172 msec 204 msec 188 msec

4 192.168.20.17 [AS 65122] [MPLS: Label 31 Exp 0] 156 msec 152 msec 188 msec

5 192.168.20.18 [AS 65122] 388 msec 188 msec *Trace route results captured from router

Results for when link between P1 and PE1 fails

Testing No

Scenario

Roundtrip time (ms)

ICMP success rate (%)

Rerouted Path

Min

Average

Max

1

When link between P1 and PE1 fails at ISIS based MPLS

124

212

392

93

192.168.20.5

192.168.30.6

192.168.40.6

192.168.20.17

192.168.20.18

2

76

198

384

94

3

108

207

344

93

4

80

191

340

93

5

92

201

420

93

6

112

198

306

93

7

112

198

300

93

8

116

204

408

93

9

124

205

388

94

10

92

196

328

93

Trace route results captured from router

Trace route when P1 Fast Ethernet 1/1 fails-ISIS Scenario

Branch_Office1#traceroute 192.168.100.1

Type escape sequence to abort.

Tracing the route to 192.168.100.1

1 192.168.20.5 64 msec 76 msec 48 msec

2 192.168.30.6 [MPLS: Labels 25/31 Exp 0] 220 msec 432 msec 312 msec

3 192.168.40.6 [MPLS: Labels 25/31 Exp 0] 248 msec 248 msec 220 msec

4 192.168.20.17 [AS 65122] [MPLS: Label 31 Exp 0] 172 msec 196 msec 128 msec

5 192.168.20.18 [AS 65122] 200 msec 256 msec *

Results for when link between P1 and PE2 fails

Testing No

Scenario

Roundtrip time (ms)

ICMP success rate (%)

Rerouted Path

Min

Average

Max

1

When link between P1 and PE2 fails at ISIS based MPLS

108

210

564

93

192.168.20.5

192.168.30.6

192.168.40.10

192.168.20.17

192.168.20.18

2

68

194

424

93

3

92

216

688

93

4

112

217

604

94

5

76

187

532

93

6

108

216

344

93

7

108

214

452

93

8

140

288

436

93

9

92

202

528

93

10

108

216

548

93

Trace route results captured from router

Trace route when P1 Fast Ethernet 3/0 fails-ISIS Scenario

Branch_Office1#traceroute 192.168.100.1

Type escape sequence to abort.

Tracing the route to 192.168.100.1

1 192.168.20.5 100 msec 124 msec 32 msec

2 192.168.30.2 [MPLS: Labels 25/31 Exp 0] 220 msec 196 msec 188 msec

3 192.168.40.10 [MPLS: Labels 25/31 Exp 0] 220 msec 276 msec 156 msec

4 192.168.20.17 [AS 65122] [MPLS: Label 31 Exp 0] 172 msec 220 msec 140 msec

5 192.168.20.18 [AS 65122] 296 msec 192 msec *

Result Analysis

All the testing scenario results are created in a excel sheet and relevant graphs are drawn. Average result is calculated for both scenarios using following formula

Round trip time for ISIS Scenarios= (HP laptop result + Toshiba laptop Result)/2

Round trip time for OSPF Scenario= (HP laptop result + Toshiba laptop Result)/2

ICMP success rate for ISIS Scenarios= (HP laptop result + Toshiba laptop Result)/2

ICMP success rate for ISIS Scenarios= (HP laptop result + Toshiba laptop Result)/2

The following diagram shows the traffic path and table shows accumulated results and the calculation.

Testing No

Scenario

ISIS Scenario in Toshiba Laptop

ISIS Scenario in HP Laptop

ISIS Average Roundtrip time

ISIS Average ICMP success rate

 

OSPF Scenario in Toshiba Laptop

OSPF Scenario in HP Laptop

OSPF Average Roundtrip time

OSPF Average ICMP success rate

Roundtrip time

 

Roundtrip time

 

Roundtrip time

 

Roundtrip time

 

Min

Average

Max

ICMP success rate

Min

Average

Max

ICMP success rate

Min

Average

Max

ICMP success rate

Min

Average

Max

ICMP success rate

1

When P1 Router fails

56

196

516

86

8

171

568

86

183.5

86

92

181

292

59

172

373

816

55

277

57

2

32

194

376

86

60

204

728

86

199

86

96

194

420

59

184

357

624

56

551

57.5

3

92

206

452

86

36

170

464

85

188

85.5

108

181

296

56

156

355

744

56

536

56

4

28

197

404

86

20

181

636

85

189

85.5

52

184

360

58

172

350

744

56

267

57

5

32

187

436

86

28

196

728

86

191.5

86

108

186

392

63

64

324

656

58

510

60.5

6

60

190

372

85

56

168

612

86

179

85.5

60

186

344

61

156

338

624

56

524

58.5

7

16

189

376

86

12

163

496

84

176

85

92

195

332

59

172

340

608

62

267.5

60.5

8

80

188

300

86

40

168

596

90

178

88

80

223

344

56

188

324

656

61

547

58.5

9

48

184

344

86

28

191

556

85

187.5

85.5

104

175

344

58

84

348

620

59

523

58.5

10

56

177

296

83

44

162

712

86

169.5

84.5

112

182

268

58

172

376

768

55

279

56.5

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

1

When Link between P1 Router and PE1 router fails

108

187

344

93

28

194

760

92

190.5

92.5

124

212

392

93

156

405

716

91

617

92

2

100

189

408

93

48

216

552

89

202.5

91

76

198

384

94

200

441

824

92

319.5

93

3

92

197

376

93

20

155

560

92

176

92.5

108

207

344

93

216

437

948

92

644

92.5

4

112

196

360

93

52

189

528

96

192.5

94.5

80

191

340

93

140

340

948

92

531

92.5

5

124

204

360

93

16

151

404

93

177.5

93

92

201

420

93

124

405

796

92

303

92.5

6

92

194

344

93

32

192

888

92

193

92.5

112

198

306

93

72

250

840

92

448

92.5

7

112

198

424

93

44

192

496

93

195

93

112

198

300

93

48

273

856

92

471

92.5

8

124

187

300

93

48

222

664

97

204.5

95

116

204

408

93

36

287

664

92

245.5

92.5

9

92

181

340

93

52

210

576

92

195.5

92.5

124

205

388

94

116

317

828

92

522

93

10

92

196

360

93

8

215

756

92

205.5

92.5

92

196

328

93

88

269

596

90

465

91.5

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

1

When Link between P1 Router and PE2 router fails

120

182

296

93

20

178

716

91

180

92

108

210

564

93

88

291

708

92

501

92.5

2

92

243

888

91

36

191

624

93

217

92

68

194

424

93

72

274

944

92

468

92.5

3

92

193

376

97

60

191

568

96

192

96.5

92

216

688

93

92

260

728

92

238

92.5

4

96

195

528

93

40

197

576

92

196

92.5

112

217

604

94

88

300

884

96

517

95

5

96

197

328

93

68

218

708

96

207.5

94.5

76

187

532

93

92

266

572

92

453

92.5

6

92

183

436

93

12

181

576

95

182

94

108

216

344

93

68

255

720

91

235.5

92

7

96

201

360

93

48

192

672

97

196.5

95

108

214

452

93

112

300

792

92

514

92.5

8

108

197

388

93

56

204

784

93

200.5

93

140

218

436

93

80

284

688

91

502

92

9

92

188

404

97

12

217

912

97

202.5

97

92

202

528

93

72

307

576

93

254.5

93

10

108

204

326

97

44

185

676

94

194.5

95.5

108

216

548

93

88

290

876

93

506

93

IGP protocols both OSPF and ISIS are mainly compared using two factors such as Roundtrip time and ICMP packet success rate.

Figure () shows the result for Average ICMP packet success rate when a router P1 fails. The graph shows that ISIS is performed well. When 100 ICMP packets sent from branch office router to head office router, around 85% of traffic received when a router fails in the MPLS VPN traffic path in the ISIS scenario and 58% traffic only received in the OSPF scenario.

When a router fails in the traffic path, IGP protocol has to perform well to reroute the traffic to the next path. When a router fails, IGP protocol will have routing lookup and quickly reroute to the next path. The time taken to reroute the traffic is called convergence time. As per the result ISIS converged than OSPF well.

The next scenario is used to measure the packet delivery success rate when a link fails in the traffic path. There are two links selected for testing. Figure 1 shows the result of average ICMP success rate when a link fails between P1 and PE1 routers and Figure2 shows the average ICMP success rate when the link fails between P1 and PE2 router. It shows that ISIS perfom well than OSPF when a link fails in a VPN traffic path same as router fails. However it does not show the much difference traffic loss like router fails between OSPF and ISIS.

The reason is when a router fails, it loose several link connection in the traffic path. So, routing protocol has to calculate the several routing paths and find out the best path to deliver.

Roundtrip time is the time required for a packet to travel to the destination from source and back again. In our testing scenario, 100 ICMP packets are sent with 1s timeout period on each scenario. ICMP traffic is sent from branch office router to Head office router continuously through MPLS VPN tunnel. We have made ideal scenarios for comparison and IGP protocols only differentiated. So, well performed IGP protocol should have to show the less roundtrip time.

In the first scenario, 100 ICMP packets are sent continuously. While the traffic flow is going on, P1 router is failed and roundtrip time is measured. It has been done for 10 times. The graph shows that ISIS scenario takes 180 ms as roundtrip time and OSPF shows average 420 ms roundtrip time in average.

Figure () shows the Roundtrip time comparison of when link between P1 router and PE1 router fails and the graph () shows the roundtrip time comparison when the link fails between P1 router and PE2. These evidences also proove that ISIS performs well than OSPF.

Chapter-8:

Conclusion

The project goal is to have a deep look at the MPLS VPN implementation and IGP protocol performance analysis in a MPLS VPN scenario. In Part A, we have looked at the MPLS and VPN technology theory in deep. Part B explained the implementation of MPLS VPN on a simulator and used to analyze the performance of the IGP protocols used in MPLS VPN implementation.

MPLS VPN is a rapidly growing technology to interconnect the remote sites through a centralized MPLS core network. Many banking industries and other companies those have branches all over the country have the requirements to connect their remote sites and they don't want to invest and take the risk on that. So teleco service providers have the increasing demand for MPLS architect.

In our case study we have looked at ISIS and OSPF IGP protocols are supportable for MPLS extension technologies such as MPLS traffic engineering and MPLS VPN technology. We have already seen that how both OSPF and ISIS protocols differentiates on area concept in chapter 3.4.1. Secondly, we have looked at the differences at MPLS traffic engineering extension in chapter 5. In that chapter, it explains how both ISIS and OSPF protocols are developed to support for MPLS traffic engineering. It is very interesting to have a look which is performing well in a MPLS while VPN application is running on top of that.

Integrated ISIS is used for MPLS IGP protocol. ISIS is a link state routing protocol for OSI protocol stack. Integrated ISIS is an alternative to OSPF in the IP network, since ISIS can tags the CLNP (Connection Less Network Protocol) routes with IP network information. ISIS can be used purely for IP routing, purely for ISO routing or for combination of both.

Scalability is the next concept we are going to look at. We couldn't find a good enough test bed to test the scalability in between the IGP protocols used in MPLS VPN environment. However, we will have a theoretical look on that.

According to OSPF area concept, all other areas should have to be physically or virtually linked with backbone area (area 0). If any area is not physically attached to the backbone area, virtual link is established between them. There may be certain design constraints inevitably exist. In this hierarchical model, the requirement is a good IP addressing structure. We can't feed the whole routing information to backbone area from all other areas. A good IP addressing structure will help for the address summarization of routing information and reduce the amount of information carried out in to the backbone area. In comparison, ISIS is also a level based hierarchical model. However, it uses significantly low number of link state PDUs to advertise the routing information. This capability makes ISIS more scalable than OSPF. ISIS can consists of 1000s of routers in a single area but OSPF is maximum consists of 100s of routers only.

We will further look to understand the scalability factor between both IGP protocols when a node advertises the changes on IP prefixes. We know that both protocols uses shortest path tree algorithm for routing calculations. The speciality of ISIS is, when a network changes is only related to IP prefixes, it is using the Partial Route Calculation (PRC) instead of full Shortest Path tree Calculation. The entire shortest path tree calculation will be done only the topology changes happen. ISIS advertises the prefix changes via IP Reachability TLVs. It doesn't use the topology change TLVs.

In case of OSPF, router has to generate type 1 link state advertisement to advertise the IP prefix change. This will trigger a full SPF calculation because type 1 LSA carries node information. So this will not allow more number of routers in the SPF domain because Shortest Path Tree calculation will run through whole network. PRC is a significant contributing factor for a better scaling property of ISIS in a single area.

In case of CPU usage, ISIS is more efficient than OSPF. Since ISIS processes fewer link state PDUs compared to OSPF link state advertisements when a topology changes happen in the network. It is another factor to differentiate ISIS from OSPF.

We have done several testing to evaluate which protocol is performing well in a MPLS VPN data network. All testing scenarios show that ISIS is performing well than OSPF in our test bed. In our testing cases, convergence time is mainly considered as the comparison attribute. Convergence time is the time taken to divert the traffic path when a routing path fails. This is called fail over handling time. We have already seen that both protocols used the same Dijkstra algorithm for routing calculation. Now, we have a question. Even though, both protocols use the same algorithm for route calculation how the convergence time differentiates. ISIS will detect a failure quicker than OSPF and reroute the traffic. There are several factors influenced on this.

Firstly, we have seen that ISIS tends to be less CPU intensive than OSPF. Convergence time also may depend on processing power of router. We have used the idle router scenario. Because of ISIS consumes less CPU, ISIS based scenario quickly identifies the failure and converged quickly so the traffic lost is less compared to OSPF.

Secondly, Because of increased number of TLVs for each instances used in ISIS, it performed well. As we have seen above in the scalability description, ISIS can be tuned well using number of TLVs. If an event which generates link state advertisement or link state PDUs which doesn't affect on SPF tree, whole SPF tree has not been calculated. This will influence on convergence time. OSPF runs whole SPF tree on each event which triggers the link state advertisement. So it makes the delay on fail over handling.

Finally, as per the studies we have done so far, Partial Shortest Path tree calculation makes a big difference between ISIS and OSPF and helped to ISIS to perform well than OSPF. Figure () simply explains how partial Shortest Path Tree calculation differentiates ISIS from OSPF.

Network engineers who works in service provider MPLS VPN network environment recommends ISIS for easiness of configuration than OSPF and ISIS is more secure than OSPF from IP layer security threats, since it is running on layer 2.

As per all the analysis we have done, ISIS is good enough for MPLS VPN implementation rather than OSPF. However, it depends on the service provider MPLS requirements.

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.