Welcome back! Previously, we decided that in order for a Layer-3 MPLS VPN to function correctly, the ingress PE is going to need to push two labels onto each data packet. Let’s say that we have a data packet going from site A2 to site A3, using the topology shown in Figure 1:
When the data packet from CE-A2 arrives at PE2 (the ingress PE), PE2 will push two labels onto the packet: an LSP label and a VPN label. This is referred to as a “label stack”. For an example using an Ethernet frame, refer to the “L-3 VPN Label Stack” in Figure 2:
As you can see, the arrangement is that the LSP label is adjacent to the “EtherType” field, and the VPN label follows that, adjacent to the IP header. Label positions are commonly referred to as “top” and “bottom”, as shown in the “Top and Bottom” frame in Figure 2. The labels are also sometimes referred to as the “inner” and “outer”, as shown in the “Inner and Outer” frame in Figure 2. Thus, when doing MPLS Layer-3 VPNs, we use two labels:
- Top = Outer = LSP label (per TDP, LDP or RSVP)
- Bottom = Inner = VPN label (per MP-BGP)
By the way, each four-byte “label” (sometimes called a “shim header”) actually contains four fields, as shown in Figure 3:
The four fields are:
- Label (the actual label value) – 20 bits
- EXP (Experimental) – 3 bits
- S (Bottom of Stack) – 1 bit
- TTL (Time to Live) – 8 bits
What we’ve been calling “the label” is actually the 20-bit label field. Using 20 bits allows for over a million unique labels (labels 0 through 15 are reserved), which is more than enough for the foreseeable future.
If QoS (Quality of Service) is implemented, the ingress PE would likely set the “EXP” bits to reflect the IPP (IP Precedence) of the incoming packet.
The “S” bit is set to “1” if that particular label is the bottom (inner) label in the label stack, otherwise it is set to “0”.
The “TTL” field fulfills the same function as that in an IP header, eventually dropping any packets that become caught in routing loops. The label TTL field also allows for “traceroute” through an MPLS cloud, which displays the P and PE routers along the LSP (or the routers can be configured to hide the internals of the WAN core).
It’s possible to have more than two labels in a stack, but this is less common (Cisco allows up to six). Next time, we’ll take a look at the behind-the-scenes protocols that make MPLS work.
