1 / 21

MPLS on campus and backbones

Learn how MPLS was implemented at University of Denver and NOAA for campus WAN and firewall redundancy, along with lessons learned and open issues.

juliej
Download Presentation

MPLS on campus and backbones

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. MPLS on campus and backbones Westnet Panel: Chad Burnham - DU Dave Packham - UU Brent Goodman - BYU Alex Hsia - NOAA

  2. University of Denver campus • Implemented MPLS (VPLS-PE) on Cisco CAT6K (SUP2T) to achieve a goal of campus WAN and firewall redundancy across 2 x data centers, 2 x routed cores and 2 diverse fiber paths- L2 and L3 examples in this case. • To achieve this goal, we had to physically “split” two existing redundant campus firewalls in the summer of 2014

  3. University of Denver MPLS (VPLS-PE) Use Cases: • L2 & L3 Examples: • Redundant Border Router / Firewall Project • Aruba Controllers & Wireless User networks • Data Center Firewall / HIPPA / Health Services (VLAN 19) • L2 Only: • Point of Sale Example (VLAN 520) • PacioLAN Ticketing (VLAN 700)

  4. University of Denver - Lessons Learned • Enabling MPLS on backbone links added a new 40 Bit header - Enabling the “LDP” • Caused Fragmentation, thus required some element of Jumbo Frames/Packets to reduce CPU load/inspection process. • Cannot configure VPLS-PE and VRFs at the same time - must pick one or the other • Had to Enable MPLS (LDP) on all Backbone links to provide redundancy

  5. University of Denver - Open Issues • Backbone ICMP Traceroutes from Loopback interfaces remain non functioning - Open TAC Case….

  6. DU Provided Resources http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-series-switches/white_paper_c11-663645.html http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/config_guide/sup2T/15_1_sy_swcg_2T/vpls.html#56679 To See DF Bit Set in wireshark = ip.flags == 1 http://wiki.mikrotik.com/wiki/Manual:Maximum_Transmission_Unit_on_RouterBoards#VPLS_ingress = Good Diagram showing encapsulation and added Bits http://www.networkworld.com/article/2350577/cisco-subnet/understanding-mpls-label-stacking.html

  7. University of Utah campus

  8. Brigham Young University Campus

  9. NOAA N-Wave Backbone • Provides separation for various NOAA programs to satisfy security boundaries • Layer 3 VRFs • Layer 2 Pseudowires • Shared backbone with the ability to create paths across the network

  10. N-Wave MPLS Network

  11. RDHPCS VRF

  12. CLASS VRF

  13. NOAA Enterprise Backbone • Previous backbones were built to satisfy a particular project/mission • NOAA endsites peering into various VRFs • NOAA transport to a TIC site • Route leaking to provide NOAA-Wide backbone

  14. TIC VRFs

  15. Route leaking

  16. Lessons Learned • LDP was easy to deploy • RSVP necessary to enable MPLS-TE • Pushing MPLS out to aggregation sites • Monitoring of L2 pseudowires is difficult • Beware of MTU issues with MPLS overhead

More Related