Traditional service provider networks provided Layer 2 point-to-point virtual circuits with contractually predefined bandwidth. Regardless of the technology used to implement the service (X.25, Frame Relay or ATM), the traffic engineering (optimal distribution of load across all available network links) was inherent in the process.
In most cases, the calculation of the optimum routing of virtual circuits was done off-line by a network management platform; advanced networks (offering Frame Relay or ATM switched virtual circuits) also offered real-time on-demand establishment of virtual circuits. However, the process was always the same:
- The free network capacity was examined.
- The end-to-end hop-by-hop path throughout the network that satisfied the contractual requirements (and, if needed, met other criteria) was computed.
- A virtual circuit was established along the computed path.
Internet and most IP-based services, including IP-based virtual private networks (VPNs) implemented with MPLS VPN, IPsec or Layer 2 transport protocol (L2TP), follow a completely different service model:
- The traffic contract specifies ingress and egress bandwidth for each site, not site-to-site traffic requirements.
- Every IP packet is routed through the network independently, and every router in the path makes independent next-hop decisions.
- Once merged, all packets toward the same destination take the same path (whereas multiple virtual circuits toward the same site could traverse different links).
Simplified to the extreme, the two paradigms could be expressed as follows:
- Layer 2 switched networks assume that the bandwidth is expensive and try to optimize its usage, resulting in complex circuit setup mechanisms and expensive switching methods.
- IP networks assume that the bandwidth is "free" and focus on low-cost, high-speed switching of a high volume of traffic.
The significant difference between the cost-per-switched-megabit of Layer 2 network (for example, ATM) and routed (IP) network has forced nearly all service providers to build next-generation networks exclusively on IP. Even in modern fiber-optics networks, however, bandwidth is not totally free, and there are always scenarios where you could use free resources of an underutilized link to ease the pressure on an overloaded path. Effectively, you would need traffic engineering capabilities in routed IP networks, but they are simply not available in the traditional hop-by-hop, destination-only routing model that most IP networks use.
Various approaches (including creative designs, as well as new technologies) have been tried to bring the traffic engineering capabilities to IP-based networks. We can group them roughly into these categories:
- The network core uses Layer 2 switched technology (ATM or Frame Relay) that has inherent traffic engineering capabilities. Virtual circuits are then established between edge routers as needed.
- IP routing tricks are used to modify the operation of IP routing protocols, resulting in adjustments to the path the packets are taking through the network.
- Deployment of IP-based virtual circuit technologies, including IP-over-IP tunnels and MPLS traffic engineering.
The Layer 2 network core design was used extensively when the service providers were introducing IP as an additional service into their WAN networks. Many large service providers have already dropped this approach because it does not result in the cost reduction or increase in switching speed that pure IP-based networks bring.
The IP routing tricks try to shift the traffic load to underutilized links by artificially lowering their cost, thus making them look more attractive to routing protocols like OSPF or IS-IS. Fine-tuning the link costs in a complex network to achieve good traffic distribution is almost impossible, so this approach works only in niche situations. Significantly better results can be achieved with Border Gateway Protocol (BGP) thanks to a rich set of attributes it can carry with every IP route. Note that BGP was originally designed to support various routing policies, so you could implement rudimentary traffic engineering as yet another routing policy.
Virtual circuits implemented with IP-over-IP tunnels (using a variety of technologies) are approximately as complex as routing protocol cost-tuning and so are better avoided (although they could still represent a valuable temporary fix). MPLS traffic engineering (MPLS TE), on the other hand, is a complete implementation of traffic engineering technology rivaling the features available in advanced ATM or Frame Relay networks. For example:
- The MPLS TE network tracks available resources on each link using extensions to IP routing protocols (only OSPF and IS-IS are supported, as MPLS TE needs full visibility of network topology, which is not available with any other routing protocol).
- Whenever a new tunnel (the MPLS TE terminology for virtual circuit) needs to be established, the head-end router computes the end-to-end path through the network based on the reported state of available resources.
- The tunnel establishment request is signaled hop-by-hop from the tunnel head-end to the tunnel tail router, reserving resources on every hop.
- After the tunnel is established, the new path is seamlessly integrated with the routing protocols running in the network.
The support for MPLS TE is available in high-end and midlevel routers from multiple vendors. It's therefore highly advisable that you consider the requirements of MPLS TE (OSPF or IS-IS, for example) in your network design. If you implement the basic infrastructure needed by MPLS TE during the network deployment, you'll have it ready to use when you need to shift the traffic to cope with unexpected increases in bandwidth usage or delayed deployment of higher-speed links.
About the author: Ivan Pepelnjak, CCIE No. 1354, is a 25-year veteran of the networking industry. He has more than 10 years of experience in designing, installing, troubleshooting, and operating large service provider and enterprise WAN and LAN networks and is currently chief technology advisor at NIL Data Communications, focusing on advanced IP-based networks and web technologies. His books include MPLS and VPN Architectures and EIGRP Network Design. You can read his blog here: http://ioshints.blogspot.com/index.html.