MPLS Fundamentals: 2 – Forwarding Labeled Packets

CEF switching is the only IP switching mode that you can use to label packets. Other IP switching modes, such as fast switching, cannot be used, because the fast switching cache does not hold information on labels. Because CEF switching is the only IP switching mode that is supported in conjunction with MPLS, you must turn on CEF when you enable MPLS on the router.

show mpls forwarding-table
show mpls forwarding-table

The local label (or tag) is the label that this LSR assigns and distributes to the other LSRs.
If this LSR receives a packet with top label 16, it removes all labels and forwards the packet as an IP packet, because the outgoing label (tag) is Untagged.

show mpls forwarding-table 2
show mpls forwarding-table

The incoming label 23 is swapped with label 20, and label 16 is pushed onto label 20.

To see all the labels that change on an already labeled packet, you must use the:

show mpls forwarding-table  [ network { mask |  length }] [detail]

The adjacency table holds the Layer 2 information needed to switch out a frame on the outgoing data link.

To recap the label operations:

  • Pop —The top label is removed. The packet is forwarded with the remaining label stack or as an unlabeled packet.
  • Swap—The top label is removed and replaced with a new label.
  • Push—The top label is replaced with a new label (swapped), and one or more labels are added (pushed) on top of the swapped label.

The outgoing labels are the same if the two links are between a pair of routers and both links belong to the platform label space. If multiple next-hop LSRs exist, the outgoing label for each path is usually different, because the next-hop LSRs assign labels independently.

The Cisco LSR drops the Unknown Label.

Label 0 is the explicit NULL label, whereas label 3 is the implicit NULL label. Label 1 is the router alert label, whereas label 14 is the OAM alert label.

The use of implicit NULL at the end of an LSP is called  Penultimate Hop Popping (PHP):

  • An egress LSR assigns the implicit NULL label to a FEC if it does not want to assign a label to that FEC, thus requesting the upstream LSR to perform a pop operation.
  • The egress LSR—running Cisco IOS—assigns the implicit NULL label to its connected and summarized prefixes. The benefit of  this is that if the egress LSR were to assign a label for these FECs, it would receive the packets with one label on top of it. It would then have to do two lookups.
  • PHP is the default mode in Cisco IOS. In the case of IPv4-over-MPLS, Cisco IOS only advertises the implicit NULL label for directly connected routes and summarized routes.
  • The use of the implicit NULL label does not mean that all labels of the label stack must be removed. Only one label is popped off. In any case, the use of the implicit NULL label prevents the egress LSR from having to perform two lookups. Although the  label value 3 signals the use of the implicit NULL label, the label 3 will never be seen as a label in the label stack of an MPLS packet. That is why it is called the implicit NULL label.

Besides the label value, the label also holds the Experimental (EXP) bits. When a label is removed, the EXP bits are also removed.  Because the EXP bits are exclusively used for quality of service (QoS), the QoS part of the packet is lost when the top label is removed. In some cases, you might want to keep this QoS information and have it delivered to the egress LSR. Implicit NULL cannot be used in that case.

The explicit NULL label is the solution to this problem, because the egress LSR signals the IPv4 explicit NULL label (value 0) to the penultimate hop router. The egress LSR then receives labeled packets with a label of value 0 as the top label. The LSR cannot forward the packet by looking up the value 0 in the LFIB because it can be assigned to multiple FECs. The LSR just removes the explicit NULL label. After the LSR removes the explicit NULL label, another lookup has to occur, but the advantage is that the router  can derive the QoS information of the received packet by looking at the EXP bits of the explicit NULL label.

The explicit NULL label for IPv6 has the value 2.

router(config)# mpls ldp explicit-null [foracl] [toacl]

When the Router Alert label is the top label, it alerts the LSR that the packet needs a closer look. Therefore, the packet is not forwarded in hardware, but it is looked at by a software process. When the packet is forwarded, the label 1 is removed. Then a  lookup of the next label in the label stack is performed in the LFIB to decide where the packet needs to be switched to. Next, a label  action (pop, swap, push) is performed, the label 1 is pushed back on top of the label stack, and the packet is forwarded.

In Cisco IOS, the default range is 16 through 100,000.

router(config)# mpls label range min max
router# show mpls label range

A safeguard guards against possible routing loops by not copying the MPLS TTL to the IP TTL if the MPLS TTL is greater than the IP TTL  of the received labeled packet.

If the operation is pop, the TTL of the incoming label –1 is copied to the newly exposed label unless that value is greater than the TTL  of the newly exposed label, in which case the copy does not happen.

For every label, four bytes are added to the packet.

london(config-if)# mpls mtu 1508

Configuration might be needed on the Ethernet switches to allow them to switch giant and baby giant frames.

jumbo mtu

Maximum receive unit (MRU):

It informs the LSR how big a received labeled packet of a certain FEC can be that can still be forwarded out of this LSR without fragmenting it.

This value is actually a value per FEC (or prefix) and not just per interface.

Because the label operation is determined per FEC or prefix, the MRU can change per FEC or prefix.

(Typically, MPLS VPN and AToM networks label the packets respectively the frames with two labels.)

If a labeled packet is received and the LSR notices that the outgoing MTU is not big enough for this packet, the LSR strips off the label stack, fragments the IP packet, puts the label stack (after the pop, swap, or push operation) onto all fragments, and forwards the fragments.

Only if the IP header has the Don’t Fragment (DF) bit set does the LSR not fragment the IP packet, but it drops the packet and returns an ICMP error message “Fragmentation needed and do not fragment bit set” (ICMP type 3, code 4) to the originator of the IP packet.

One method to avoid fragmentation is Path MTU Discovery. In that case, the IP packets sent out have the “Don’t Fragment” (DF) bit set.

Share this!

Author: Mo Moghaddas

Traveler. Casual investor. Hobbyist landscape photographer loving Networks. Blockchain/Cryptocurrency enthusiast. Internet citizen!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.