May 2000

BY ROB REDFORD AND KEITH FALTER

As the demand for frame relay, ATM, and leased line services continues to grow, carriers and service providers are continually challenged with deploying these transport services while supporting the exploding demand for open networking and IP services. Clearly, IP has become the network protocol of choice for developing new business applications. That means it's imperative for companies to extend the network capabilities on their private LANs through the carrier network with intranet and extranet services based on IP VPNs. Providing IP services over a private network poses significant challenges for enterprise network managers. They must either implement a full mesh of Permanent Virtual Circuits (PVCs) or build a partial mesh and then manage a complex traffic matrix that tracks routing and link capacity. Faced with these challenges, managers are increasingly looking to their providers for innovative solutions.

Multiprotocol Label Switching (MPLS), an open industry standard based on technology pioneered by Cisco Systems, bridges the gap between frame relay and IP VPN networking. MPLS delivers the privacy and security frame relay users are accustomed to, with the any-to-any connectivity they want from IP networks. AT&T is the first carrier to deliver an IP VPN service using MPLS technology. The service, called AT&T IP Enabled Frame Relay (IPFR), is a component of AT&T's Enterprise Class VPN Service.

Building on AT&T's current frame relay service, which rides on an ATM backbone based on Cisco's MGX 8850 and BPX 8600 IP+ATM switches, AT&T IPFR simplifies the creation of fully meshed networks among multiple sites. With a traditional frame relay network, a customer trying to create a VPN among 25 sites would need 300 PVCs. With AT&T IPFR, this same customer only needs 25 PVCs -- one to connect each site to an MPLS-enabled edge switch in the AT&T network, which then handles the work of routing the packets to the proper destination.

SIMPLIFYING THE ROUTING PROCESS
The onus of routing packets is now handled primarily by the AT&T network rather than the customer. Reducing the requirement for a fully meshed network to a single PVC per location significantly lowers the processing burden on the customer premise equipment (CPE) router at the customer's site, relieves the network manager from maintaining a complex traffic matrix and routing map, and improves performance by eliminating extra hops though transit hubs. Because AT&T's frame relay network is based on Cisco switching technology, AT&T has been able to deploy MPLS as a software upgrade, allowing IPFR to be accessed from any frame relay port. The capability is available everywhere, deployment doesn't require a forklift upgrade, and AT&T didn't have to change its port or access architecture. In addition, no change is required to the customer's IP addressing scheme (even private IP addresses).

With the IPFR service, the CPE router provides AT&T with routing information for the internal networks located behind each frame relay port. AT&T securely distributes this addressing information across those edge switches in the AT&T network that will be responsible for routing customer data.

When customers transmit packets to other sites, the CPE router sends the traffic across the IP PVC to the switch at the edge of the AT&T network. The MPLS-enabled switch adds a label that identifies a Label Switched Path (LSP) through the AT&T network to the destination edge switch. Core components only have to look at the label to determine how they should switch the packet. Since each label identifies a unique location and each VPN only has access to labels for destinations within the VPN, IPFR VPNs are just as secure as a frame relay PVC.
Many AT&T customers are envisioning new uses for an IP-enabled frame relay network. For example, a major retail customer currently using a traditional hub-and-spoke architecture is considering new IP applications to link their traditional "brick and mortar" business with their emerging "dotcom" business. Rather than routing all traffic to the corporate hub before reaching the Internet, the customer is considering using IPFR to directly access the Internet sales division and partner Web sites. This has several benefits: It reduces the traffic load at the customer's hub, gives them IP network capabilities from their existing frame relay network, and provides rock-solid security thanks to AT&T's network-based firewall.

AT&T IP-enabled frame relay lets companies running IP applications that need any-to-any connectivity establish a simplified, fully meshed, secure, high-performance network while alleviating the need to create tunnels and perform encryption typically associated with traditional IP VPNs.

Rob Redford is director of marketing for Cisco Systems, and Keith Falter is national marketing manager for AT&T High Speed Data Services. For more information, visit the companies' Web sites at www.cisco.com and www.att.com.