IP VPN MPLS og Qo S Hvor er

Скачать презентацию IP VPN MPLS og Qo S Hvor er

6fe33b104ba4f853b99dff79c39a688e.ppt

Количество слайдов: 42

IP, VPN, MPLS og Qo. S Hvor er vi og hvor går vi? NORTIB 13 Februar 2001 Michael Engström IS Mentor Michael. engstrom@anzur. com +47 913 24 140

Broadband Access Networks WWW. ANZUR. COM • x. DSL, Cable, Ethernet, Wireless, etc. • What is Broadband Mbps or services ? • Broadband Access does not mean Broadband Internet connectivity Internet is only one of many services Content and caching will provide high capacity Always on at a fixed low price? Buy it regardless. . . • Different focus Consumer or Business Low cost and business user does not add up NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

Internet 2 Background WWW. ANZUR. COM • 1995 NSF provided funding to MCI • 1996 congestion struck the NAPs Proposal for direct connection to the VBNS HPC program founded • Started in 1996 by 34 contributing universities More than 180 partners today • Application focus Remote instrument control (telescopes, microscopes), highperformance distributed computation, and large-scale database navigation. • Connections via VBNS or Abilene (UCAID) IP Over ATM, Packet Over Sonet (POS) NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

Technology Focus WWW. ANZUR. COM • Security AAA • Multicasting Streaming Video PIM Sparse Mode, MBGP, MSDP, MASC • Quality Of Service /Qbone End-to-end vs. segment-only Qo. S Signaled vs. static provisioning Amount of state required by various approaches Level of granularity, precision, and strength of Qo. S “guarantee“ Reliability and recovery dynamics Diff. Serv NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

Giga. Pops WWW. ANZUR. COM • Layer 2 and Layer 3 • ATM, Gig. E, POS, etc. • Local • 3 D design Shortest path at all times • ”Unlimited” scalability NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

Giga. Pops WWW. ANZUR. COM • Layer 2 and Layer 3 • ATM, Gig. E, POS, etc. • Distributed Arch • 3 D design Shortest path at all times • ”Unlimited” scalability NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

CAVE WWW. ANZUR. COM • Open Cube • Images projected on all walls and floor • User with Light-weight Stereo 3 D Glasses and RF mouse • Remote vehicle design • Dataflows: control, text, audio, video, tracking, database, simulation, haptic, and rendering flows • Requirements Latency, jitter, and bandwidth per flow NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

IPv 6 WWW. ANZUR. COM • Driven by IETF and IPv 6 Forum • Compelling reasons Addressing Server-less auto configuration Scalability in routing Mobility Qo. S • IPv 4 has provided a number of workarounds • Integration with IPv 4 Dual-stack, Tunneling or Translation • 128 bit addressing Hierarchical approach TLA, NLA, SLA, Node Identifier NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

IPv 6 Address Space WWW. ANZUR. COM • 340, 282, 366, 920, 938, 463, 374, 607, 431, 768, 211, 456 unique addresses available – 665, 570, 793, 348, 866, 943, 898, 599 addresses per square meter assuming the earth surface is 511, 263, 971, 197, 990 square meters). • But we need hiearchies. . • Christian Huitema – Pessimistic approach = 1, 564 addresses for each square meter of the surface of the planet Earth. – The optimistic estimate would allow for 3, 911, 873, 538, 269, 506, 102 addresses for each square meter of the surface of the planet Earth. NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

Virtual Private Networks WWW. ANZUR. COM • The ability to use a shared media for private communications in a secure an reliable manner of se ea e d th ns an re so st a ea r Co use ng lli pe om c ATM, X. 25, Frame Relay – Layer 2 VPNs IP Based VPNs is transparent for the transmission layer • Hip or Hype? More than encryption Security, Firewalls, Encryption, AAA, Intrusion, Detection, Active Audit, Tunneling, Quality of Service, Network Management • Several distinctions Access, Intranet, Extranet VC, Overlay model or Peering • IPsec and/or MPLS Multi FIB and Qo. S based VPNs (Virtual Routing) Peer based as opposed to connection oriented Watch out for complexity NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

Outlook WWW. ANZUR. COM ”Today 30% of all VPNs are in-house. By 2004 90% will be outsourced to Service Providers, minimizing the agony of management for the customer” Cahners In-Stat 2000 ”IP VPN services market will grow from $2 billion today to $17. 6 billion by 2004 and” IDC 2000 ”The IP VPN services market will reach a total of 340 Billion USD by 2010, estimating a total of 280 Billion USD for the equipment manufacturers” Yankee Group 2000 NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

VPN Leaders WWW. ANZUR. COM • Lucent Technologies Springtide Networks • Co. Sine Communications • Nortel Networks Shasta Networks • Cisco Systems • Ennovate • Quarry • Unisphere • Redback Networks • Ellacoya • Alcatel North. Church/Newbridge NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

SP VPN Winners 2000 WWW. ANZUR. COM • UUNET • Genuity CPE • Infonet • Equant FR • AT&T MPLS • MCI Worldcom • Global. One • Qwest • SAVVIS IP over ATM/Shasta • Core Express SSP • Smart. Pipes Wholesale VPNs • Pilot Network Services • Aventail NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

Features to ask for WWW. ANZUR. COM • Encryption • Stateful Firewalls • Content Steering/Load Balancing • Network Address Translation • LDAP or other mobility solution for VPDN • FR Interworking • Realtime SLA monitoring • Private Portal Integration • Service Provisioning • Quality Of Service • Multicast Support • L 2 Transparency SP Based VPNs will (? ) prevail NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

Defining Qo. S WWW. ANZUR. COM • Qo. S Should be defined as the level of applicationquality and availability from an end-user perspective • Therefore you… ü design a fault tolerant network ü use stabile SW code ü loadshare to maximize server throughput ü use Content Distribution to physically co-locate content with the end-user ü cache if possible/needed ü need bandwidth ü may prioritize traffic NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

Qo. S – Not only for Multimedia WWW. ANZUR. COM Effect on network availability “Congestion related performance degradation has been found to cause the majority of network downtime costs” Michael Howard, President Infonetics Resaerch © 1997 Infonetics Research Business Centric Network Management and Downtime Costs NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

SAP Response Time Evaluation WWW. ANZUR. COM SAP BW requirements for optimal operations varies between 20/60 kbps per session 6 sec 5 sec 4 sec 3 sec 2 sec 1 sec SAP Only SAP + FTP ©Cisco 1999 Internal Whitepaper NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

Making it manageable WWW. ANZUR. COM • Real-time applications Voice over IP, Video Conferencing, Video Telephony, Distance Learning • Business Critical Applications SNA, SAP R/3, Oracle, Peoplesoft, Telnet • Best effort Data Applications File Transfer, Email, Web NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

Traffic Classes Integrated Access WWW. ANZUR. COM Premium, Standard, Best Effort Guaranteed End-to-End Latency and Delivery Realtime Critical Guaranteed Delivery ”Wasteable” Best-Effort Delivery Classification NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

End-to-end WWW. ANZUR. COM LAN Switch Edge Router Core Router 1. Qo. S Is an End-to-end requirement Layer 2 and Layer 3 Bandwidth will help you a lot Qo. S mechanisms kicks in when you need them 2. QOS algorithms offer temporary relief only If you need more bandwidth… 3. Prioritization can be an option to buying more bandwidth in the WAN NORTIB 13 February 2001 Edge Router CONSULTING SERVICES LAN Switch © 2001 ANZUR NORGE AS

Diff. Serv WWW. ANZUR. COM • IETF Standard RFC 2430, 2474, 2475, 2597, 2598, 2638, 2963, 2983, 2998 • Operates at Layer 3 only Does not provide Hard Qo. S or methods for actual delivery of function • Usage of the Diff Serv field • 64 classes (6 out of 8 bits) IP Precedence of the TOS octet mapped to Diff. Serv Supersedes IPV 4 and IPV 6 TOS field definitions • Granularity issues • Host or router marking Dynamic marking based on COPS requests • Pre-conditioning Shaping / Policing Allows for aggregates NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

Diffserv architecture WWW. ANZUR. COM PHB based on Code Point DS Boundary Node Classification (Conditioning) Diffserv Domain Behavior (CP) Aggregate Traffic Multi Field Diffserv Domain ”Inclusion of non-DS-compliant nodes within a DS domain may result in unpredictable performance and may impede the ability to satisfy service level agreements (SLAs)” RFC 2475 NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

RSVP and the Intserv Model WWW. ANZUR. COM • IETF Standard RFC 1633, 1727, 2210, 2213, 2214, 2215, 2382, 2688, 2689, 2815, 2998, 3006 • Specified in 1994 • Defines a framework for the Integrated model • Components Packet scheduler Classifier Admission Control Reservation Setup Protocol • Scalability Issues NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

RSVP WWW. ANZUR. COM • IETF Standard RFC 2205, 2206, 2207, 2208, 2209, 2210, 2379, 2380, 2382, 2490, 2745, 2746, 2747, 2749, 2750, 2752, 2814 • Transport level protocol • Application level signalling only (Microflow Reservations) Much like ICMP • Unidirectional reservation in transport path nodes • Receiver responsibility • Independent of routing protocols Hence support for MC, OSPF, IS-IS, IPv 4 and IPv 6 • Vendor might implement Proxy RSVP Prevent misuse as well as enabling of reservation for non-RSVP capable clients Request NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

An end-to-end framework for Qo. S WWW. ANZUR. COM • Intserv over Diffserv networks Can be viewed as complementary technologies • RSVP Explicit and dynamic vs. static signaling Allows for intelligent host decisions Resource requests can be re-directed to PBN servers • Diffserv Dynamic adjustment of traffic management controls of PHB relating to current application needs • RSVP Signaling mapped to PBN and a Intserv capable Diffserv core should provide necessary Qo. S functionality Requires pre-conditioning NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

Multi. Protocol Label Switching WWW. ANZUR. COM MPLS A specification for layer 3 switching from the IETF. Similar to Cisco's tag switching, MPLS uses labels, or tags, that contain forwarding information, which are attached to IP packets by a router that sits at the edge of the network known as a label edge router (LER). The routers in the core of the network, known as label switch routers (LSRs), examine the label more quickly than if they had to look up destination addresses in a routing table. When fully implemented on the Internet, MPLS is expected to deliver the quality of service (Qo. S) required to adequately support realtime voice and video as well as service level agreeements (SLAs) that guarantee bandwidth. Following in the tradition of the "dumb network, " MPLS enables more decisions to be made at the periphery of the network. NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

FIB translated into Label Forwarding Entries Labels are mapped to Forward Equivalency Classes Privacy and Qo. S of ATM, Frame Relay Flexibility and Scalability of IP #4 Labeled (3) packet enters LSR 3. Label Lookup is performed and labe. L is swapped to L 4 IP-Packet L 1 IP-Packet LSR 4 LSR 2 LSR 3 LER Label Switched Path IP-Packet #5 Packet enters LER and Label 4 is popped LSR 1 L 2 #3 Labeled (2) packet enters LSR 2. Label Lookup is performed and labe. L is swapped to L 3 LER IP-Packet Forwarding based on Labels Packets are switched, not routed WWW. ANZUR. COM L 3 Very quickly revised by Juha Häinänen #2 Labeled (1) packet enters LSR 1. Label Lookup is performed and labe. L is swapped to L 2 IP-Packet Standardized by the IETF (RFC 3031 - RFC 3038) Based on Cisco Systems Tag Switching L 4 • MPLS Background #1 Packet enters LER and Label 1 is pushed IP-Packet Multi Protocol Label Switching NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

MPLS and applications WWW. ANZUR. COM • An enabling platform for privacy and quality assurance across (a) public Internet MPLS IP Routing Control MPLS Multicast IP Routing Control MPLS/VPN Routing Control MPLS Traffic Engineering Control MPLS Quality Of Service Control Label Information Fwd Base NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

The Integrated Access Promise WWW. ANZUR. COM • End-Customer Site with 8 Voice Channels (512 K with PCM) 512 K Data access 256 K Internet Access 128 K Video Conferencing • 4 Access Lines will cost : 3. 589 Euro/month • 1 Integrated E 1 Access costs : 1. 251 Euro/m 65% Savings => Margin and Competitive position NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

Basic Components of MPLS-VPN’s WWW. ANZUR. COM • Total path include Customer Edge (CE) router, Provider Edge (PE) router, Provider Router (P) • MPLS is used forwarding Packets in the Backbone Provides a level of Security equivalent to Frame-relay and ATM Supports “Private” IP Addressing in customer VPN’s • BGP 4 is used for the constrained distribution of VPN Routing information and VPN Labels Creates a Forwarding table per VPN in each Edge Router serving that VPN. NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

MPLS VPN Packet Forwarding WWW. ANZUR. COM IP PKT • Logically separate forwarding table for each VPN • Routing information based on extended (VPN-IP) addresses • MPLS binds VPN-IP routes to label switched paths PE LSR Label IP Packet 1. Identify VPN Forwarding Table Route 3. Apply label and select outgoing port Label info 2. Select Forwarding Table for this VPN NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

MPLS Qo. S WWW. ANZUR. COM • MPLS LSP can be prepended by a RSVP request Enables Traffic Engineering Traffic or Resource oriented Separate Fwd path from IGP selected path • Conditioning Drop probability BW allocation and latency control Encoded in Co. S field in lable header • Aggregated flows in one LSP is called a trunk A LSP can consist of many Trunks • HW/SW layer algorithms will provide the necessary guarantees Drop probability, BW and Latency guarantees • Inter Provider SLAs, IPS Technology exisits. Procedures not (? ) NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

Summary WWW. ANZUR. COM • Qo. S and VPN will be available within the next 2 years in the Internet with various span • Qo. S in the SP area will be implemented using Diff. Serv in the foreseeable future • RSVP/Intserv integration should offer better scalability • MPLS VPN is likely to succeed Versatility Ease of use, cost and market dynamics • Qo. S based VPNs is possible with MPLS • Plan for IPv 6 • DWDM and new carriers will have severe impact on pricing structure • Bandwidth might become virtually free (? ) but the services will cost • Inter SP services for MC, VPNs and Qo. S will happen within 2 -5 years NORTIB 13 February 2001 CONSULTING SERVICES © 2001 ANZUR NORGE AS

Thank you! http: //www. anzur. com/presentations Michael Engström IS Mentor Michael. engstrom@anzur. com +47 913 24 140