Using MPLS To Deliver A New Class Of Private
BY ROB REDFORD AND KEITH FALTER
As the demand for frame relay, ATM, and leased line services continues to
grow, carriers and service providers are continually challenged with
deploying these transport services while supporting the exploding demand for
open networking and IP services. Clearly, IP has become the network protocol
of choice for developing new business applications. That means it's
imperative for companies to extend the network capabilities on their private
LANs through the carrier network with intranet and extranet services based
on IP VPNs. Providing IP services over a private network poses significant
challenges for enterprise network managers. They must either implement a
full mesh of Permanent Virtual Circuits (PVCs) or build a partial mesh and
then manage a complex traffic matrix that tracks routing and link capacity.
Faced with these challenges, managers are increasingly looking to their
providers for innovative solutions.
Multiprotocol Label Switching (MPLS), an open industry standard based on
technology pioneered by Cisco Systems,
bridges the gap between frame relay and IP VPN networking. MPLS delivers the
privacy and security frame relay users are accustomed to, with the
any-to-any connectivity they want from IP networks. AT&T
is the first carrier to deliver an IP VPN service using MPLS technology. The
service, called AT&T IP Enabled Frame Relay (IPFR), is a component of
AT&T's Enterprise Class VPN Service.
Building on AT&T's current frame relay service, which rides on an ATM
backbone based on Cisco's MGX 8850 and BPX 8600 IP+ATM switches, AT&T
IPFR simplifies the creation of fully meshed networks among multiple sites.
With a traditional frame relay network, a customer trying to create a VPN
among 25 sites would need 300 PVCs. With AT&T IPFR, this same customer
only needs 25 PVCs -- one to connect each site to an MPLS-enabled edge
switch in the AT&T network, which then handles the work of routing the
packets to the proper destination.
SIMPLIFYING THE ROUTING PROCESS
The onus of routing packets is now handled primarily by the AT&T network
rather than the customer. Reducing the requirement for a fully meshed
network to a single PVC per location significantly lowers the processing
burden on the customer premise equipment (CPE) router at the customer's
site, relieves the network manager from maintaining a complex traffic matrix
and routing map, and improves performance by eliminating extra hops though
transit hubs. Because AT&T's frame relay network is based on Cisco
switching technology, AT&T has been able to deploy MPLS as a software
upgrade, allowing IPFR to be accessed from any frame relay port. The
capability is available everywhere, deployment doesn't require a forklift
upgrade, and AT&T didn't have to change its port or access architecture.
In addition, no change is required to the customer's IP addressing scheme
(even private IP addresses).
With the IPFR service, the CPE router provides AT&T with routing
information for the internal networks located behind each frame relay port.
AT&T securely distributes this addressing information across those edge
switches in the AT&T network that will be responsible for routing
When customers transmit packets to other sites, the CPE router sends the
traffic across the IP PVC to the switch at the edge of the AT&T network.
The MPLS-enabled switch adds a label that identifies a Label Switched Path (LSP)
through the AT&T network to the destination edge switch. Core components
only have to look at the label to determine how they should switch the
packet. Since each label identifies a unique location and each VPN only has
access to labels for destinations within the VPN, IPFR VPNs are just as
secure as a frame relay PVC.
Many AT&T customers are envisioning new uses for an IP-enabled frame
relay network. For example, a major retail customer currently using a
traditional hub-and-spoke architecture is considering new IP applications to
link their traditional "brick and mortar" business with their
emerging "dotcom" business. Rather than routing all traffic to the
corporate hub before reaching the Internet, the customer is considering
using IPFR to directly access the Internet sales division and partner Web
sites. This has several benefits: It reduces the traffic load at the
customer's hub, gives them IP network capabilities from their existing frame
relay network, and provides rock-solid security thanks to AT&T's
AT&T IP-enabled frame relay lets companies running IP applications
that need any-to-any connectivity establish a simplified, fully meshed,
secure, high-performance network while alleviating the need to create
tunnels and perform encryption typically associated with traditional IP VPNs.
Rob Redford is director of marketing for Cisco Systems, and Keith
Falter is national marketing manager for AT&T High Speed Data Services.
For more information, visit the companies' Web sites at www.cisco.com