What is MPLS technology? What are the advantages?
There is no doubt about the superiority of MPLS VPN technology. People believe that it is a future-oriented network technology. However, like the fate of other technologies, the development of MPLS VPN technology is accompanied by praise and criticism.
Looking back at MPLS
The original intention of MPLS technology was to speed up IP forwarding.
In 1996, Ipsilon company introduced the IP Switching protocol, abandoning the ATM control plane, efficiently integrating ATM switches and IP routers, with the high performance of ATM switches, to break through the performance limitations of traditional routers.
The proposal of IP Switching caused a huge shock in the data communication industry and triggered a revolution in routing technology. Companies have launched their own three-layer switching solutions, such as Cisco's Tag Switching technology, IBM's ARIS (Aggregate Route-based IP Switch) technology and so on. How to standardize these technologies became a major issue at that time.
When Cisco announced its label switching technology, it also proposed to standardize it. Soon after the company proposed a series of Internet drafts related to label switching, in October 1996, the IETF (Internet Engineering Task Force) convened a preparatory group meeting. Companies such as Cisco, IBM, Toshiba, etc. participated in the meeting.
In 1997, the IETF established a working group, and the first meeting of the working group was held in April 1997. After many discussions. The term MPLS was established and used as the name of a series of standards independent of each manufacturer.
MPLS VPN brings:
(1) High security. The label switching path (LSP) of MPLS has security similar to FR and ATM VCC; in addition, MPLS VPN also integrates IPSec encryption, while also achieving transparency to users, users can use firewalls, data encryption and other methods to further improve security Sex.
(2) Strong scalability. First, the number of VPNs that can be accommodated in the network is very large; second, the number of users in the same VPN is easy to expand.
(3) Business integration function. MPLS VPN provides the ability to integrate data, voice and video.
(4) Flexible control strategy. Special control strategies can be formulated to meet the special requirements of different users and realize value-added services.
(5) Powerful management functions. Adopting a centralized management method and a unified platform for service configuration and scheduling, which reduces the burden on users.
(6) Service Level Agreement (SLA). At present, differentiated services, traffic shaping, and service levels are used to ensure certain traffic performance. In the future, bandwidth guarantees and higher service quality guarantees can be provided.
(7) Help users save costs. Mainly include: line fee-the price is cheaper than renting a dedicated line; equipment fee-users only need to be equipped with CE equipment, no special VPN gateway; converged services-through the integration of voice and data services to save costs; management costs-users do not need Carrying out special management and maintenance; personnel costs-there is no need to hire a large number of professional and technical personnel.
Questioning MPLS VPN
Some critics believe that MPLS VPN cannot automatically encrypt data. If the information is sent to others by mistake, it will cause leakage; if the network connection is interrupted, MPLS VPN will also easily cause information leakage; in the case of using MPLS VPN, network administrators If a configuration error occurs, it can also lead to loss of communication confidentiality.
Specifically, at present, the doubts about the three-layer MPLS VPN service mainly focus on the following aspects:
QoS
MPLS VPN promotes the development of multi-service networks, but different services have different requirements for service quality. For example, services such as voice and video have very high requirements for QoS. On the other hand, to provide independent VPNs for different users on a unified IP network, different users have different requirements for QoS. How to provide different services for different VPNs on a shared IP network is also A problem that MPLS VPN must face when it is commercialized.
At present, our company adopts a variety of technologies to ensure the quality of service (QoS) and service level (CoS) of users, and its MPLS VPN service can support three priority virtual networks:
Guarantee level: It is mainly used for high-priority data that needs to be guaranteed, such as voice, video and other services. When the network is congested, the data of this level will not be lost.
Optimal level: It is mainly reserved for important data that needs a certain priority, such as transaction activities. When network congestion occurs, a small amount of data of this level will be lost. The degree of loss depends on the degree of congestion.
Common level: Mainly used for common data, such as WWW, FTP, daily office data, etc.
With the development of MPLS VPN technology, MPLS VPN services can also provide higher levels of QoS, for example, using technologies such as traffic engineering to achieve more priority and better management of traffic.
safety
From the technology itself, MPLS VPN realizes the isolation of traffic, which can guarantee certain access security, and users outside the VPN cannot access the network resources of the VPN. At the same time, for users with higher security requirements, IPSec encryption can be provided while MPLS VPN is provided.
For example, the business of MPLS VPN and IPSec integration-IPSec/MPLS VPN not only integrates IPSec functions but also increases isolation. It can completely solve the problems of privacy, integrity, authenticity and anti-replay, and its isolation is far greater. The FR/ATM is higher than the general configuration.
compatibility
At present, most router and switch manufacturers believe that MPLS VPN is the future development trend of VPN. For the three-layer MPLS VPN, each manufacturer will support the RFC2547bis standard, but the degree of standard support varies depending on the development force, which also causes equipment compatibility problems. However, equipment from mainstream manufacturers such as Cisco, Huawei, and Ericsson all have better compatibility.