You can configure the following MPLS applications using EX Series switches:
IP over MPLS
Uses the traffic engineering capabilities of MPLS to efficiently utilize the existing network (service provider or data center) to manage traffic and to achieve network resiliency.
In IP over MPLS:
- When an IP packet enters the MPLS domain, the first switch in the MPLS domain, also known as the ingress provider edge (PE) switch, analyzes the Layer 3 header of the IP packet and inserts an MPLS label in the packet header. The Layer 3 analysis is done only once, by the ingress PE switch. The label transforms the packet from one that is forwarded based on its IP routing information to one that is forwarded based on information associated with the label.
- The packet is forwarded to the next provider switch in the LSP. This switch and all subsequent switches in the LSP do not examine any of the IP routing information in the labeled packet. Rather, they use the label to look up information in their label forwarding table.
- The provider switches replace the old label with a new label and forward the packet to the next switch in the path.
- When the packet reaches the egress PE switch, the label is removed, and the packet again becomes a native IP packet and is again forwarded based on its IP routing information.
Layer 2 over MPLS (CCC)
Enables you to create an MPLS circuit cross-connect (CCC) between interfaces, connecting two distant interface circuits of the same type by creating MPLS tunnels. MPLS CCC uses the LSPs as the conduit for MPLS packets. Once you have set up a CCC, you must specify an encapsulation for the circuit. The type of CCC-encapsulations that are supported on EX Series switches are Ethernet and VLAN.
Layer 2 VPN
With MPLS Layer 2 VPNs, routing occurs on customer switches, typically on the customer edge (CE) switch.
In MPLS Layer 2 VPN:
- The CE switch connected to a service provider on a Layer 2 VPN selects the appropriate circuit on which to send traffic. The PE switches do not store or process the customer routes; the CE switches must be configured to send Layer 2 data, such as Ethernet, Frame Relay, asynchronous transfer mode (ATM), or Point-to-Point Protocol (PPP), to the appropriate IP/MPLS tunnel. This gives customers complete control over their own routing.
- The PE switch receiving the traffic sends it across the service provider's network to the PE switch connected to the receiving site. The service provider must only detect how much traffic the Layer 2 VPN will need to carry. The service provider's switches carry traffic between the customer's sites using Layer 2 VPN interfaces. The VPN topology is determined by policies configured on the PE switches.
Layer 3 VPN
MPLS Layer 3 VPNs enable service providers to use their IP backbones to provide VPN services to their customers. A Layer 3 VPN is a set of sites that share common routing information and whose connectivity is controlled by a collection of policies. The sites that make up a Layer 3 VPN are connected over a provider’s existing public Internet backbone. Layer 3 VPNs enable customers to leverage the service provider’s technical expertise to ensure efficient site-to-site routing. The customer CE switch uses a routing protocol such as BGP or OSPF to communicate with the provider PE switch and to carry IP prefixes across the network. MPLS-based Layer 3 VPNs use IP over MPLS. Other protocol packets are not supported.
Virtual private LAN service (VPLS) is a virtual private network (VPN) technology that provides Ethernet-based multipoint to multipoint communication over IP or MPLS networks. VPLS enables geographically dispersed sites to share an Ethernet broadcast domain by connecting sites through pseudowires. VPLS is protocol independent, and supports IP, IPX, and other legacy protocols. VPLS also offers additional security benefit to sensitive businesses by enabling enterprises to maintain control over their routing tables and eliminating the need to share the routing tables with the service provider. Because of the limitations in the number of sites supported by VPLS and the availability of Ethernet coverage, many enterprises deploy a combination of MPLS and VPLS services, instead of a pure VPLS network. For instance, VPLS can be used for connecting data centers, whereas MPLS can be used for branches.
For more information, click Junos OS MPLS for EX Series.