ITEXPO begins in:   New Coverage :  Asterisk  |  Fax Software  |  SIP Phones  |  Small Cells

Feature Article
July 2002

Implementing Voice-Ready VPNs


The popularity of VPNs (virtual private networks) is exploding due to their ability to dramatically reduce the cost and complexity associated with connecting remote sites and users. However, VPNs have to date lacked the ability to deliver delay-sensitive traffic such as voice and video with the same QoS (Quality of Service) as networks based on private lines, ATM, or Frame Relay. That limitation has led corporate administrators who are interested in carrying voice traffic over their data infrastructure to second-guess VPN migration.

With the advent of service enabling technologies including MPLS (multiprotocol label switching) and service edge routers, network administrations can now deploy voice-ready IP VPNs with confidence. Voice-ready VPN technology takes advantage of the reduced cost and complexity of IP networks as a delivery mechanism while maintaining the high levels of QoS previously associated only with dedicated ATM and Frame Relay service.

Before examining voice-ready VPNs, it�s helpful to briefly review the ATM technology that forms the basis of the ATM and Frame Relay service used to deliver packetized voice traffic with low latency and jitter.

A Review: Voice over Private Networks
ATM networks are connection-oriented, and were designed with multimedia requirements in mind. ATM uses connections to reserve backbone bandwidth and separate voice and data traffic on each interface, thereby guaranteeing low latency delivery of voice packets. On backbone trunks, each connection is mapped into one of three service queues (CBR, VBR, or UBR) with strict priority scheduling of traffic from the service queues. This ensures that voice (CBR) is prioritized and separated from less delay-sensitive traffic, such as data (UBR).

To avoid congestion among the voice connections that share a service class and queue, the edge ATM switches perform call admission control (CAC) and usage parameter control (UPC). CAC is performed on each new connection to ensure that there is sufficient backbone capacity before accepting the connection. By only accepting the amount of traffic the backbone can handle, the voice queues will not experience congestion. UPC ensures that incoming traffic on each accepted connection does not exceed the guaranteed rate and, therefore, protects the backbone queues from excessive traffic. ATM also uses a fixed, 53-byte cell size to reduce delay variation (a.k.a. jitter) on low-speed links.

MPLS Brings Multi-Service Capabilities to IP Networks
In contrast, IP networks are connectionless. Instead of establishing connections in advance, each packet is individually addressed for its destination. Each network router (hop) looks at the address of incoming IP packets and routes the packet to an output interface using a dynamic routing table. Unlike ATM, the path through the network is non-deterministic and is computed on a hop-by-hop basis. This makes it very difficult to control the amount of traffic on each backbone trunk leading to congestion and delays.

Enter a new class of router, the service edge router, which adds bandwidth control and service awareness to the edge of IP service networks. Service edge routers use MPLS technology in the IP core to reserve backbone bandwidth on pre-established Label Switched Paths (LSPs) that are analogous to ATM connections. The service edge routers then use the reserved bandwidth on LSPs to ensure low-latency delivery of voice traffic through the backbone network.

Beyond bandwidth reservations, the service edge router must also perform service classification, packet marking, UPC, and CAC. The UPC and CAC functions are the same functions which are performed by an edge ATM switch, only in the case of a service edge router they are performed on flows instead of connections. Service classification and packet marking are unique to IP and are used to identify and indicate the (voice) flows within a stream of packets. When a service edge router receives packets from a customer it uses �code points� in the packet such as the IP Type of Service (TOS) byte to separate packets into flows and then assigns each flow to a service class such as CBR, VBR, or UBR. The service edge router communicates flow and service class information to backbone routers using similar code points in the IP or MPLS packet header.

With service edge routers and MPLS technology, service providers can now offer voice-ready IP VPN services.

VPNs: One Choice for Voice
VPNs come in a dizzying array of choices, most of which are not suitable for carrying voice traffic. The flavors of VPNs include: CPE-based which are managed by the end users, remote access VPNs, and finally network-based MPLS (also known as provider-provisioned) VPNs.

CPE-based VPNs (such as IPSec) are controlled and managed by network administrators at corporate and remote sites. Since these VPNs are defined on CPE equipment and are transparent to the service provider, it is difficult for the service provider to guarantee service delivery of traffic (such as packetized voice) across the wide area due to this lack of control and knowledge of the type of traffic traversing the network.

To guarantee voice traffic delivery, a network-based VPN is required where the service provider creates the VPN, is aware of the mix of data and voice traffic and can therefore control and guarantee delivery of voice traffic. Using service edge routers this approach provides the same guarantees as provided by ATM services today.

BGP/MPLS or Layer 3 VPNs: Voice Ready
One type of network-based VPN, referred to as either a BGP/MPLS or Layer 3-based VPN, is suitable for carrying voice traffic. Layer 3 VPNs use MPLS to carry customer VPN traffic and, therefore, can take advantage of the bandwidth reservation inherent to MPLS.

These capabilities are possible because BGP/MPLS VPNs create a unique set of LSPs for each customer VPN. While provisioning the VPN, the service provider can take into account the amount of voice traffic (real-time) the customer has requested and ensure that the LSPs are routed across paths with sufficient reserved bandwidth to guarantee delivery of all the real-time traffic.

How IP DiffServ is Preserved in MPLS VPNs
Once an LSP is created, service providers can use Layer 3 VPNs to deliver packetized voice over the wide area, by applying labels to IP traffic and prioritizing and isolating voice traffic from other traffic within the service provider�s network using an IETF technology called DiffServ.

DiffServ defines specific code points in the TOS field of IP packet headers that indicate the type of traffic contained in the packet. The customer can configure the CPE router to mark voice and data packets with specific DiffServ code points. Service edge routers separate incoming traffic on customer interfaces into flows based on the DiffServ code point. Each flow is metered (a.k.a. UPC) to ensure that it is within the committed rate and then assigned to a service class. This allows service providers to offer VPNs with a range of basic service classes:

  • Real-Time: For delay-sensitive traffic such as voice/video.
  • Premium: For premium Internet access or Layer 2 transport services.
  • Best-Effort: For best-effort Internet access.

Incoming packets are guaranteed low latency delivery across the backbone network by indicating the service class in the MPLS label and being mapped onto LSPs with reserved bandwidth. Core routers maintain the service classes using such techniques as Strict Priority Queuing or Weighted Fair Queuing (WFQ).

The result is guaranteed, low-latency, low-jitter delivery for voice across an IP backbone network that was once limited to private line services.

Voice Ready Adoption
VPNs are providing a level of flexibility and network simplicity that has led to a rapid adoption throughout the world. MPLS-based Layer 3 VPNs are exploding in popularity, particularly in regions outside of the U.S. that did not adopt Frame Relay service at the same rate of U.S.-based corporations. Network administrators looking to transport voice traffic over their data network should seriously consider MPLS-based Layer 3 VPNs due to their ability to deliver a range of delay-sensitive traffic, including voice and video, across the Internet backbone with guaranteed low levels of latency and loss required for widespread corporate adoption.

Steve Vogelsang is vice president and cofounder of Laurel Networks, Inc. Laurel Networks is a leading provider of service edge routers designed and developed specifically for the edge of IP/MPLS networks. Please visit their Web site at www.laurelnetworks.com.

[ Return To The July 2002 Table Of Contents ]

Today @ TMC
Upcoming Events
ITEXPO West 2012
October 2- 5, 2012
The Austin Convention Center
Austin, Texas
The World's Premier Managed Services and Cloud Computing Event
Click for Dates and Locations
Mobility Tech Conference & Expo
October 3- 5, 2012
The Austin Convention Center
Austin, Texas
Cloud Communications Summit
October 3- 5, 2012
The Austin Convention Center
Austin, Texas