CCIE routing and switching exam certification guide 4th edition, page 831, chapter 19, figure 19-8 has a wrong label on PE2 LSR, the locally assigned label for 10.3.3.0/24 prefix should be 3 instead of 4. Although this figure is a concept figure aim to let readers to understand the mpls label switching concepts, it should be clear to the point that it has to be precise.
Label 3 is known as implicit null label this is one of the reserved label it will not be used arbitrarily for label assignment. The purpose to establish implicit null label is to save the work of egress LSR (aka PE in MPLS VPN) to do double lookup. Egress LSR always sends out traffic unlabeled and without label the router would need to do FIB lookup to route the traffic to the correct destination, popping a label makes the egress LSR save the work in doing LFIB lookup.
MPLS is difficult because it has several new terminologies, the concept itself is not very different from VLAN. In VLAN, vlan id tag is taken into account to forward frames, if received VLAN id is not within the switch’s database and not tagged the frame will be dropped irregardless whether the destination mac address is correct or not. Similar to MPLS enabled routers, if received label is not present in its LFIB the traffic will be dropped irregardless whether the destination IP address is present or not.
This post is written with the sole purpose to get concept right. I am not an expert in MPLS but getting things right in the first place will make subsequent advance topic easier to understand and mitigate confusion, advance topics are built based on foundamentals like building a new building with the correct columns and rows, without columns and rows a building can never be built.
Referring to the earlier topology. m1,m2 and m3 are MPLS enabled routers, not all links are mpls enabled, only the serial links depicted by a lightning link are mpls enabled links. We shall examine the prefixes and see how the labels are assigned and advertise by the LSRs.
Examining 10.1.1.4/30 prefix
A LSR will assign an arbitrary MPLS label or a reserved MPLS label locally depending on the role of the LSR in respect to the IP prefix.
LSR will start to send mpls label of the prefix to other LSRs. LSR collects all local and remote labels in LIB for all prefixes, and choose one remote label and one local label as outgoing label and incoming label respectively and put the labels in LFIB. Note that it is not incoming or outgoing interface, label and interface should not be confused together.
LFIB only has the best path to its destination. LFIB is strongly influenced by FIB, LFIB is like the shadow of FIB or a symbolic link of a path as in Linux. The idea is to make MPLS routers to look at LFIB to forward traffic instead of FIB to forward traffic.
m1#sh mpls forwarding-table 10.1.1.4 30 Local Outgoing Prefix Bytes Label Outgoing Next Hop Label Label or Tunnel Id Switched interface None No Label 10.1.1.4/30 0 Se0/0/0 point2point m1# m1#sh ip cef | in 10.1.1.4/30 10.1.1.4/30 attached Serial0/0/0 m1#
The difference between LFIB and FIB is LFIB associates a label with the outgoing interface to reach the IP prefix whereas FIB associates an IP prefix with the outgoing interface.
Examine m2 LFIB
m2’s LFIB:
m2#sh mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 Pop Label 10.1.1.4/30 0 Se0/1/0 point2point
Pop Label 10.1.1.4/30 0 Se0/0/0 point2point
17 Pop Label 10.1.1.12/30 0 Se0/1/0 point2point
18 Pop Label 10.1.1.20/30 0 Se0/0/0 point2point
19 Pop Label 10.10.10.1/32 0 Se0/1/0 point2point
20 Pop Label 10.10.10.3/32 0 Se0/0/0 point2point
21 21 10.10.10.4/32 0 Se0/1/0 point2point
22 20 10.10.10.6/32 0 Se0/0/0 point2point
From m2’s LFIB, 10.1.1.4/30 prefix has no outgoing label, pop label means remove label, hence m2 receives traffic without label will be forwarded by CEF via FIB. Also note that local label 16 has two paths, MPLS is doing load balancing.
A traffic with label 16 arrives at m2, m2 will know this traffic is destined for 10.1.1.4/30 prefix, it removes the label and send out to interface se0/1/0 or se0/0/0.
m2 receives traffic with label 21 will know this traffic is destined for 10.10.10.4, swapped label 21 with label 21 and send out via se0/1/0 interface. Note that remote and local bindings may have the same number, local label is locally significant to the LSR only.
m2 receives traffic with label 22 will know the traffic is destined for 10.10.10.6/32 prefix, swap the label 22 to 20 and sends out via interface se0/0/0.
MPLS LSR only cares about incoming label and make label forwarding decision based on constructed LFIB.
MPLS LSR also swaps label and send the traffic out, if there is no label (no label or pop label) to swap the traffic is sent out with top label removed, or sent out without label.
Examine m1 LFIB
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 Pop Label 10.10.10.3/32 0 Se0/0/0 point2point
17 Pop Label 10.10.10.2/32 0 Se0/1/0 point2point
18 Pop Label 10.1.1.20/30 0 Se0/0/0 point2point
19 20 10.10.10.6/32 0 Se0/0/0 point2point
20 Pop Label 10.1.1.8/30 0 Se0/1/0 point2point
Pop Label 10.1.1.8/30 0 Se0/0/0 point2point
21 No Label 10.10.10.4/32 570 Fa0/0 10.1.1.14
m1 receives a traffic with label 16, pops the label and send the traffic out to se0/0/0.
m1 receives a traffic with label 19, swaps the label 19 to 20 and send the traffic out to se0/0/0.
m1 receives a traffic without label and the traffic is destined for 10.10.10.6/32 prefix, it pushes label 20 and send this traffic out to se0/0/0.
m1 receives a traffic without label and the traffic is destined for 10.10.10.3/32 prefix, the traffic is sent out based on FIB via se0/0/0.
m1 receives a traffic with label 21, pops the (remaining) label and sends out via fa0/0. If the traffic is received by m1, without label, m1 will lookup its FIB and make forwarding decision.
Conclusion
1. MPLS enabled router assigns local label for each prefixes. Local label is only locally significant to the router itself, hence router only needs to make sure the labels assigned to each prefix it learned are not conflicting to one another.
2. MPLS enabled router examines incoming traffic to see if there is label if it has label, it refers its LFIB and match its local label with the received traffic label to make forwarding decision.
3. MPLS enabled router examines incoming traffic to see if there is label, if there is no label, it refers its own FIB and forward the traffic as an IP routing traffic.
