wiki/howto/mpls.md

mpls label switching is faster because it's a divide and conquer search in an ordered list, compared to routing, which is a longest prefix match, which is a search in a netmask deep tree

and doing just label switching, especially with multiple labels, have consequences like

you can provide vpns, be that layer2 or layer3 on the same infra, we can source-route through arbitrary paths we want, and so on....

you can control visibility / reachability by route target export / imports, so you can hide various routes from specific endpoints, then they'll become unreachable just for them, basically rendering packet filtering unnecesary

hiding service addresses (ip / mac) from the infra resulting in less resource needs: in the simplest mpls, you dont need bgp route table only where the packet enters the network

you can hide your core from traceroute by disabling ip ttl propagation


hints:

as being layer2.5 technology, you'll need a tunnel which carry ethettype, like gre

inside the core you can do ldp, rsvp-te (strategic or auto-tunnel) or segment-routing

between two ases, you can enable ipv4/ipv6 labeled-unicast address family

to do inter-as-mpls-vpn on top of it, you can enable rr-to-rr, asbr-to-asbr or rr-to-asbr vpnv4/vpnv6/vpls/evpn peerings


more info at http://mpls.dn42/ or at http://mp.ls/

participating networks:

nop-mnt

C4TG1RLS-MNT

planned:

Fortless
Updated mpls.md (markdown) 2023-02-16 20:30:01 +01:00			`mpls label switching is faster because it's a divide and conquer search in an ordered list, compared to routing, which is a longest prefix match, which is a search in a netmask deep tree`
Created mpls (markdown) 2023-02-16 11:29:26 +01:00
			`and doing just label switching, especially with multiple labels, have consequences like`

			`you can provide vpns, be that layer2 or layer3 on the same infra, we can source-route through arbitrary paths we want, and so on....`

			`you can control visibility / reachability by route target export / imports, so you can hide various routes from specific endpoints, then they'll become unreachable just for them, basically rendering packet filtering unnecesary`

			`hiding service addresses (ip / mac) from the infra resulting in less resource needs: in the simplest mpls, you dont need bgp route table only where the packet enters the network`

Updated mpls.md (markdown) 2023-02-16 11:43:29 +01:00			`you can hide your core from traceroute by disabling ip ttl propagation`
Created mpls (markdown) 2023-02-16 11:29:26 +01:00

Updated mpls.md (markdown) 2023-02-16 11:43:29 +01:00			`hints:`

			`as being layer2.5 technology, you'll need a tunnel which carry ethettype, like gre`
Created mpls (markdown) 2023-02-16 11:29:26 +01:00
Updated mpls.md (markdown) 2023-02-16 11:37:44 +01:00			`inside the core you can do ldp, rsvp-te (strategic or auto-tunnel) or segment-routing`

			`between two ases, you can enable ipv4/ipv6 labeled-unicast address family`

			`to do inter-as-mpls-vpn on top of it, you can enable rr-to-rr, asbr-to-asbr or rr-to-asbr vpnv4/vpnv6/vpls/evpn peerings`


Updated mpls.md (markdown) 2023-02-16 22:12:35 +01:00			`more info at http://mpls.dn42/ or at http://mp.ls/`

Created mpls (markdown) 2023-02-16 11:29:26 +01:00			`participating networks:`

			`nop-mnt`

Updated mpls.md (markdown) 2023-02-18 14:19:43 +01:00			`C4TG1RLS-MNT`
Created mpls (markdown) 2023-02-16 11:29:26 +01:00
			`planned:`

			`Fortless`