MPLS Technology: A Brief Review
Cloud-delivered SD-WAN technologies provide transport independent business-class traffic service, as well as a plethora of new techniques to increase the dexterity and traffic efficiency of your network. Is it time to give these a closer look?
MPLS is a label switching technology that forwards packets at layer 2—typically within a service provider network—without resorting to layer 3 routing. As defined by IETF RFC 3031, MPLS adds a 4-byte label to an IP packet header upon ingress into the MPLS network; the label determines the fixed forwarding path of the traffic flow without requiring the intermediate hops to inspect the IP header’s addressing parameters; the MPLS network egress router again removes the label.
MPLS effectively builds “tunnels” across a routed IP network to efficiently forward packets that follow a fixed and predictable path.
Label switching evolved from older point-to-point connection-oriented technologies such as Frame Relay and ATM. MPLS preserved the forwarding efficiency of the older layer 2 technologies (while carrying traffic over a L3 routed IP network), and enhanced network flexibility by building virtual “leased circuits” that can be reconfigured without requiring physical, layer 2, or layer routing table changes to the network.
Label-switched “tunnels” provide separation between different customers’ traffic on a service provider network—a method of forming VPNs. It is also used to build VRFs (Virtual Routing and Forwarding) within a single customer’s private network. The IP packet content following the MPLS label can optionally be encrypted end-to-end without impeding the capability, or efficiency, of forwarding the packet—offering secure (or encrypted) VPNs or VRFs.
MPLS Deployment: An Assessment
MPLS technology is widely deployed globally in service provider and private networks due to its proven reliability, efficiency, and security. It offers a configuration-controlled method for a service provider to share its physical infrastructure resources securely among many different customers’ VPNs—either with separation only, or with separation and encryption.
Originally evolving to replace leased lines, Frame Relay and ATM circuits, MPLS architecture is particularly well-suited to hauling traffic efficiently over a pre-determined path between a branch office and an aggregation site, typically either a hub site (in a hub-and-spoke network), or a data center.
However, MPLS architecture struggles with the dexterity and agility required by traffic flowing to a frequently-changing variety of “off-network” (that is, off the MPLS VPN) destinations such as cloud-based or SaaS sites, or branch-to-branch traffic. As cloud-based, Internet-based and SaaS destinations become increasingly common, the efficiency and security of MPLS must be weighed up carefully against its rigidity and inflexibility.