05-05-2007, 03:55 PM
Multiprotocol Label Switching (MPLS) is a standards-approved technology for speeding up network traffic flow and making it easier to manage. MPLS involves setting up a specific path for a given sequence of packets, identified by a label put in each packet, thus saving the time needed for a router to look up the address to the next node to forward the packet to. MPLS is called multiprotocol because it works with the Internet Protocol (IP), Asynchronous Transport Mode (ATM), and frame relay network protocols. With reference to the standard model for a network (the Open Systems Interconnection, or OSI model), MPLS allows most packets to be forwarded at the layer 2 (switching) level rather than at the layer 3 (routing) level. In addition to moving traffic faster overall, MPLS makes it easy to manage a network for quality of service (QoS). For these reasons, the technique is expected to be readily adopted as networks begin to carry more and different mixtures of traffic.
MPLS vs. VPN
MPLS (Multiprotocol Label Switching) has been called the next great replacement to private lines. But the recent decline in pricing for private lines makes them much cheaper. When should an enterprise look at VPN, and when does MPLS pay?
MPLS' popularity jumped with the growth in network intelligence and service provisioning at the network edge. Verizon was an early user of MPLS, implementing an IP-VPN using an MPLS network. BellSouth rolled out its network VPN in 2003, a Layer 3 MPLS service that carries IP Internet traffic and DSL. AT&T has announced plans to roll out a data network by 2005 that will be based on an MPLS-based IP backbone.
Two of the more advanced MPLS networks are those operated by PowerNet Global and Australia's Telstra. One of PowerNet's subsidiaries, Aleron, has an OC-48 backbone that is a classic MPLS network using MPLS and Resource Reservation Protocol (RSVP) internally, with traditional IP routing at the edges.
"But VPN is not a dead issue," says Ron Richards, vice president of data and dedicated services for PowerNet Global. It also deals with Qwest, WilTel, Global Crossing, and other carriers.
"Carriers often have MPLS as a backbone for their VPN," Richards says. "We don't sell MPLS as such, but it is there." He compares it to the situation a few years ago when everyone expected ATM to replace frame relay. ATM took over the backbone networks, but frame still is popular.
Diffserv Vs. MPLS
Diffserv (differentiated services) and MPLS (Multiprotocol Label Switching) are two separate standards which purport to help solve the IP quality problem. Diffserv takes the IP TOS (type of service) field, renames it the DS byte, and uses it to carry information about IP packet service requirements. It operates at Layer 3 only and does not deal with lower layers. On the other hand, MPLS specifies ways that Layer 3 traffic can be mapped to connection-oriented Layer 2 transports like ATM and Frame Relay. MPLS adds a label containing specific routing information to each IP packet and allows routers to assign explicit paths to various classes of traffic. It also offers traffic engineering and techniquest that can boost IP routing efficiency.
So what does this all mean in terms of costs and compatibility? Diffserv relies on traffic conditioners sitting at the edge of the network to indicate each packet's requirements. While MPLS requires investment in a network of sophisticated label-switchin routers capable of reading header information and assigning packets to specific paths like virtual circuits on a switched network.
This is an abstract of the article "Diffserv and MPLS: A Quality Choice" November 21, 1998, Data Communications. See the full article for a detailed description of Diffserv
MPOA Vs MPLS
MPLS combines the best aspects of IP routing and ATM switching. MPLS is a
label switching technology
that uses IP routing protocols (OSPF, BGP, IS-IS) with traffic engineering
extensions. MPLS works over Layer2 technologies like ATM , Frame Relay,
POS, etc...
MPLS provides connection-oriented behavior, QoS, and traffic engineering
features to an IP network.
MPOA is based on LANE. The objective of MPOA is to provide efficient data
transfer between ELANs (subnets). MPOA provides the idea of shortcut
routing. MPOA consists of clients (MPC) and servers (MPS)
The basics of MPOA are as follows:
A LEC/MPC monitors traffic flow over an ELAN to an MPS-enabled router. When
the ngress LEC/MPC recognizes a flow that could benefit from a shortcut, it
requests a shortcut to the destination thus bypassing the routed path.
MPLS VPN Vs IPSec VPN
You will have to receive all MPLS circuits through a single carrier, which helps with reliability. However, some carriers offer MPLS using DSL as the local loop, and choosing this can result in less reliability. In general, MPLS will be more reliable than IPSec VPNs because there is less complication in the tunneling and firewall configuration. The cost for the local loops for each choice will be the same. The MPLS tunneling, through the carrier, will have a price tag associated with it, but it shouldn’t be more than a managed IPSec VPN service from a carrier or more than the staff required to manage and troubleshoot an IPSec VPN. MPLS should be more secure than IPSec VPN tunnels, if you don’t allow your MPLS circuits to connect directly to the Internet, which some carriers offer through the carrier’s MPLS cloud. For the best security, use MPLS as a private network only. Used as a private network, MPLS offers the same security as a frame relay network. However, keep in mind that as with frame relay, data sent over an MPLS network is not encrypted. QoS may be included with the carrier’s MPLS offering or it may cost extra. Either way, with MPLS QoS, you can prioritize certain traffic all the way through the carrier’s network. This is great for latency-sensitive applications, like VoIP.
Receiving all your IPSec VPN circuits through the same carrier will increase reliability (but decrease fault tolerance) over using multiple Internet carriers. But due to the multiple VPN concentrators and the encryption configuration, an IPSec VPN can be less reliable than MPLS. Unlike MPLS, IPSec VPN requires VPN concentrators, which will boost the upfront cost. Once you have the hardware, the staff required to maintain and troubleshoot the IPSec VPN tunnels may be the same as, or more than, the MPLS service from the carrier. Network intrusions are a greater concern with IPSec VPN tunnels since you are running them through an Internet circuit. That Internet circuit is open to connections from around the world. A misconfigured firewall can open your IPSec VPN network to the Internet. Security is of even higher concern if you use split tunneling on your VPN concentrators. However, IPSec VPN tunnels beat out MPLS when it comes to protecting the data that is traversing the WAN, because the IPSec VPN data will be encrypted with IPSec. The MPLS data is not encrypted, only tunneled. QoS features are limited. Once you send your encrypted data over the Internet, little can be done to prioritize it.
MPLS Vs FR
Using MPLS technology, the branch offices may communicate with each other directly or, if necessary, using the headquarters. MPLS/VPN serves real flexibility in this sense. MPLS VPN does not require end-to-end configuration therefore there is not high maintenance problem; it provides real flexibility in this sense. In MPLS solutions, all locations will be connected to Koç.net POP, therefore there is no need for running dynamic routing protocols on routers. Simpler and cheaper router can be used and initial investment costs are reduced. Using MPLS technology, branch offices may communicate without any additional cost to the headquarters, addition of new offices does not increase hardware investment. Topology change costs are seriously low compared to FR topology. In Koç.net MPLS structure there is no need for extra investment in backup. In Koç.net MPLS structure, all backup procedure is performed with Koç.net VPDN connection. In case of a failure in MPLS connection, branch office will dial Koç.net POP using 822 rates and enter to MPLS cloud. All of these features are provided without any fee in MPLS/VPN solution. Traffic can be monitored online via web, in case of failure in connection detection, follow-up and troubleshooting are performed by Koç.net. Service prioritization is performed on backbone in Koç.net MPLS backbone. Therefore high quality voice (delay sensitive vide or other critical applications) is available at low costs.
FR connection requires operation from a center. In FR network topology all branch offices are connected to headquarters with CIR (committed information rate) values, communication between branch offices must be performed over headquarters. When branch offices communicate with each other, costs significantly rise. Since CIR configurations have to be end-to-end in FR, there is a high maintenance load. In FR topology routers need to run a dynamic routing protocol (i.e. Rip, eigrp, ospf). Therefore, in order to support FR high capacity routers are needed at the beginning and initial investment costs are high because of this reason. Cost of change in FR structure means an increase in maintenance and hardware upgrade, in case of the addition of a new site, a new CIR configuration is required, in critical situations, hardware/software upgrade, memory, IOS, etc. is needed. Growing topology means extra costs. In FR topology, there is a need for setup of RAS -Remote Access Server in order to back-up lines. This means an extra cost. In case of a failure of main FR line, back-up line is calling Remote Access System (RAS) and paying intercity telephone rates. In FR structure, there is a need for extra software, hardware and human resource for online monitoring (ie.WhatsUp, MRTG ,CiscoWorks, etc.). In order to prioritize specific applications in FR structure, all routers’ ports must be configured for service prioritization. Software (IOS) upgrade to the required versions is necessary, which means extra cost. Voice and video transmission quality available in MPLS structure is not possible with configurations performed only at the edge routers.
MPLS vs. VPN
MPLS (Multiprotocol Label Switching) has been called the next great replacement to private lines. But the recent decline in pricing for private lines makes them much cheaper. When should an enterprise look at VPN, and when does MPLS pay?
MPLS' popularity jumped with the growth in network intelligence and service provisioning at the network edge. Verizon was an early user of MPLS, implementing an IP-VPN using an MPLS network. BellSouth rolled out its network VPN in 2003, a Layer 3 MPLS service that carries IP Internet traffic and DSL. AT&T has announced plans to roll out a data network by 2005 that will be based on an MPLS-based IP backbone.
Two of the more advanced MPLS networks are those operated by PowerNet Global and Australia's Telstra. One of PowerNet's subsidiaries, Aleron, has an OC-48 backbone that is a classic MPLS network using MPLS and Resource Reservation Protocol (RSVP) internally, with traditional IP routing at the edges.
"But VPN is not a dead issue," says Ron Richards, vice president of data and dedicated services for PowerNet Global. It also deals with Qwest, WilTel, Global Crossing, and other carriers.
"Carriers often have MPLS as a backbone for their VPN," Richards says. "We don't sell MPLS as such, but it is there." He compares it to the situation a few years ago when everyone expected ATM to replace frame relay. ATM took over the backbone networks, but frame still is popular.
Diffserv Vs. MPLS
Diffserv (differentiated services) and MPLS (Multiprotocol Label Switching) are two separate standards which purport to help solve the IP quality problem. Diffserv takes the IP TOS (type of service) field, renames it the DS byte, and uses it to carry information about IP packet service requirements. It operates at Layer 3 only and does not deal with lower layers. On the other hand, MPLS specifies ways that Layer 3 traffic can be mapped to connection-oriented Layer 2 transports like ATM and Frame Relay. MPLS adds a label containing specific routing information to each IP packet and allows routers to assign explicit paths to various classes of traffic. It also offers traffic engineering and techniquest that can boost IP routing efficiency.
So what does this all mean in terms of costs and compatibility? Diffserv relies on traffic conditioners sitting at the edge of the network to indicate each packet's requirements. While MPLS requires investment in a network of sophisticated label-switchin routers capable of reading header information and assigning packets to specific paths like virtual circuits on a switched network.
This is an abstract of the article "Diffserv and MPLS: A Quality Choice" November 21, 1998, Data Communications. See the full article for a detailed description of Diffserv
MPOA Vs MPLS
MPLS combines the best aspects of IP routing and ATM switching. MPLS is a
label switching technology
that uses IP routing protocols (OSPF, BGP, IS-IS) with traffic engineering
extensions. MPLS works over Layer2 technologies like ATM , Frame Relay,
POS, etc...
MPLS provides connection-oriented behavior, QoS, and traffic engineering
features to an IP network.
MPOA is based on LANE. The objective of MPOA is to provide efficient data
transfer between ELANs (subnets). MPOA provides the idea of shortcut
routing. MPOA consists of clients (MPC) and servers (MPS)
The basics of MPOA are as follows:
A LEC/MPC monitors traffic flow over an ELAN to an MPS-enabled router. When
the ngress LEC/MPC recognizes a flow that could benefit from a shortcut, it
requests a shortcut to the destination thus bypassing the routed path.
MPLS VPN Vs IPSec VPN
You will have to receive all MPLS circuits through a single carrier, which helps with reliability. However, some carriers offer MPLS using DSL as the local loop, and choosing this can result in less reliability. In general, MPLS will be more reliable than IPSec VPNs because there is less complication in the tunneling and firewall configuration. The cost for the local loops for each choice will be the same. The MPLS tunneling, through the carrier, will have a price tag associated with it, but it shouldn’t be more than a managed IPSec VPN service from a carrier or more than the staff required to manage and troubleshoot an IPSec VPN. MPLS should be more secure than IPSec VPN tunnels, if you don’t allow your MPLS circuits to connect directly to the Internet, which some carriers offer through the carrier’s MPLS cloud. For the best security, use MPLS as a private network only. Used as a private network, MPLS offers the same security as a frame relay network. However, keep in mind that as with frame relay, data sent over an MPLS network is not encrypted. QoS may be included with the carrier’s MPLS offering or it may cost extra. Either way, with MPLS QoS, you can prioritize certain traffic all the way through the carrier’s network. This is great for latency-sensitive applications, like VoIP.
Receiving all your IPSec VPN circuits through the same carrier will increase reliability (but decrease fault tolerance) over using multiple Internet carriers. But due to the multiple VPN concentrators and the encryption configuration, an IPSec VPN can be less reliable than MPLS. Unlike MPLS, IPSec VPN requires VPN concentrators, which will boost the upfront cost. Once you have the hardware, the staff required to maintain and troubleshoot the IPSec VPN tunnels may be the same as, or more than, the MPLS service from the carrier. Network intrusions are a greater concern with IPSec VPN tunnels since you are running them through an Internet circuit. That Internet circuit is open to connections from around the world. A misconfigured firewall can open your IPSec VPN network to the Internet. Security is of even higher concern if you use split tunneling on your VPN concentrators. However, IPSec VPN tunnels beat out MPLS when it comes to protecting the data that is traversing the WAN, because the IPSec VPN data will be encrypted with IPSec. The MPLS data is not encrypted, only tunneled. QoS features are limited. Once you send your encrypted data over the Internet, little can be done to prioritize it.
MPLS Vs FR
Using MPLS technology, the branch offices may communicate with each other directly or, if necessary, using the headquarters. MPLS/VPN serves real flexibility in this sense. MPLS VPN does not require end-to-end configuration therefore there is not high maintenance problem; it provides real flexibility in this sense. In MPLS solutions, all locations will be connected to Koç.net POP, therefore there is no need for running dynamic routing protocols on routers. Simpler and cheaper router can be used and initial investment costs are reduced. Using MPLS technology, branch offices may communicate without any additional cost to the headquarters, addition of new offices does not increase hardware investment. Topology change costs are seriously low compared to FR topology. In Koç.net MPLS structure there is no need for extra investment in backup. In Koç.net MPLS structure, all backup procedure is performed with Koç.net VPDN connection. In case of a failure in MPLS connection, branch office will dial Koç.net POP using 822 rates and enter to MPLS cloud. All of these features are provided without any fee in MPLS/VPN solution. Traffic can be monitored online via web, in case of failure in connection detection, follow-up and troubleshooting are performed by Koç.net. Service prioritization is performed on backbone in Koç.net MPLS backbone. Therefore high quality voice (delay sensitive vide or other critical applications) is available at low costs.
FR connection requires operation from a center. In FR network topology all branch offices are connected to headquarters with CIR (committed information rate) values, communication between branch offices must be performed over headquarters. When branch offices communicate with each other, costs significantly rise. Since CIR configurations have to be end-to-end in FR, there is a high maintenance load. In FR topology routers need to run a dynamic routing protocol (i.e. Rip, eigrp, ospf). Therefore, in order to support FR high capacity routers are needed at the beginning and initial investment costs are high because of this reason. Cost of change in FR structure means an increase in maintenance and hardware upgrade, in case of the addition of a new site, a new CIR configuration is required, in critical situations, hardware/software upgrade, memory, IOS, etc. is needed. Growing topology means extra costs. In FR topology, there is a need for setup of RAS -Remote Access Server in order to back-up lines. This means an extra cost. In case of a failure of main FR line, back-up line is calling Remote Access System (RAS) and paying intercity telephone rates. In FR structure, there is a need for extra software, hardware and human resource for online monitoring (ie.WhatsUp, MRTG ,CiscoWorks, etc.). In order to prioritize specific applications in FR structure, all routers’ ports must be configured for service prioritization. Software (IOS) upgrade to the required versions is necessary, which means extra cost. Voice and video transmission quality available in MPLS structure is not possible with configurations performed only at the edge routers.