Originally published at: https://medium.com/@acostatomas43/dentro-de-los-proveedores-de-internet-acerca-de-mpls-y-l3vpn-47b4fe3b4633
What is an Internet Service Provider?
Keywords: Technology, Computer Science, Engineering, Telecommunications, Networking
An Internet Service Provider (ISP) is a large corporation that provides individual users (any of us) with access to the Internet: the network of networks. Examples of ISPs include Movistar, Claro, Personal, VIVO, Vodafone, among others that stand out in the telecommunications market. To understand the structure of something as complex as an ISP or the Internet, we will begin with the definition of a LAN network and a WAN network.
A LAN (Local Area Network) is a set of devices (desktop PCs, laptops, mobile phones, printers, among others) connected to each other within a limited area, usually not exceeding 3 km (approx.). LANs are typically implemented in settings such as offices, buildings, universities, or homes.
A WAN (Wide Area Network) is a technology that allows the interconnection of different LANs that are geographically distant, or even very distant. WANs are notable for their regional, international, and intercontinental reach.
Description: LAN and WAN networks working together. Individual devices connect to a switch, which connects to routers, allowing interconnection between heterogeneous networks.
Thus, the Internet is an enormous set of WANs and LANs, giving life to this vast global mesh of networks, which never sleeps and is constantly transmitting information. That is why, between these individual users and something as complex as the Internet, there must be an intermediary to ensure safe, accurate, and simple access: the ISP.
Description: The basic structure of the Internet: how far can it really go?
The structure of an ISP can be understood, in a simplified manner, from three large levels. First, there are the user or client networks, which hire the provider for connectivity. Next are the access networks, which act as a link between those users and the ISP's own infrastructure. Finally, there is the backbone, the high-capacity core of the provider, responsible for transporting large volumes of traffic between different areas of its network and allowing that traffic to reach, as applicable, other clients, the provider's own services, or external networks like the Internet.
Description: Structure of ISPs: from individual networks, through access networks, to encompassing the backbone. Observe also the IXP (Internet Exchange Point), where heterogeneous ISPs pair up. This is how, for example, a user paying Movistar can communicate with a user from another country paying Vodafone.
What is routing?
Routing is a process carried out by routers that involves sending data packets from a source to a destination across the network without losing them along the way. Routing takes place at layer 3 of the OSI model (extended to the TCP/IP model), meaning it occurs at the network layer. In LAN networks, routing is done statically or dynamically, using routing protocols. However, for WANs, which are the foundation of Internet providers due to their extensive reach, technologies adapted for them are needed. This article will address a widely acclaimed standard in computer networks: the MPLS standard.
How is communication between clients within an ISP?
MPLS (Multiprotocol Label Switching) is a label-based standard that operates at layer 2.5 of the OSI model, as it combines the packet-switching speed of layer 2 and the routing intelligence of layer 3. In a nutshell, and put simply, MPLS helps providers route, across their immense network, without needing to store as much information about their clients to do so, as it brings in a crucial element that simplifies packet forwarding: the label.
An MPLS label is a set of 32 bits that is divided into the following parts: 20 bits dedicated to uniquely identifying the label, 3 bits indicating a class of service provided, 1 bit that indicates whether the current label is the last in a stack of MPLS labels, or if there are more labels below it; and 8 bits indicating its time to live. MPLS labels for a packet are stacked in a certain order, where the outer label (i.e., at the top of the stack) is used for forwarding packets through the network. With labels, we can perform three operations: push, swap, and pop. The 'push' operation adds a label to the IP packet that is entering the MPLS network. The 'swap' operation replaces an input label with an output label. Then, with the 'pop' operation, we remove that label, returning it to an IP packet. This step generally occurs when exiting the network.
Once we understand what MPLS is and what labels are, let’s proceed to understand a very important protocol that allows working with labels: Label Distribution Protocol (LDP). This protocol is responsible for detecting which routers in the network have it enabled, establishing sessions between neighboring routers in this MPLS network, communicating prefix-to-label mappings, and managing internal notifications. Thus, label distribution can occur in two ways: one router gives a label to another neighboring router without it being requested (unsolicited downstream), or the router gives the label to its neighbor upon a request from the latter (downstream on demand).
In this way, if a client wants to communicate with another within the ISP's network, the IP packet is not forwarded through the routers, examining its destination at each hop, but rather incorporates MPLS labels that simplify routing decisions across the backbone. Routing does not strictly rely on pure paths, but rather on labels that simplify everything, so that in an MPLS network, to route, one has the prefix, the next hop, the input label, and the output label. The prefix is simply used for label mapping, and the next hop to know to which neighboring router to forward the packet. The label aggregation operation occurs when the data packet we send is incorporated into this MPLS network where it is routed, followed by a considerable number of label-swapping operations at each distinct place in the network, to conclude with the removal of the label from our packet when it reaches its destination; we again get an IP packet, which rises through the other layers (transport and application), until we obtain the actual data that the person sent us, in a matter of infinitesimal time units.
Services in an MPLS network: L3VPN implementation
A VPN (Virtual Private Network) is a set of devices allowed to communicate with each other under a specified access control policy. For Internet providers, leveraging the concept of VPNs and implementing it via MPLS is very timely, scalable, and efficient: this is how L3VPN (Layer 3 VPN) is born, a service that MPLS offers to ensure security in its networks, specifically at layer 3.
With L3VPN, we redefine the topology of a network, allowing different clients, belonging to different physical networks, to belong to the same private virtual network, i.e., to belong to a VPN, and to be able to traffic information excluding devices that do not belong to this VPN, which, in turn, may belong to another VPN, thus creating a topological art in computer networks, making them a safe and reliable place.
The functioning of L3VPN is more complex than it seems, because it involves the backbone area of the Internet service provider. Customer routers (CEs), intermediary routers (PEs) between the CEs and the backbone routers (P) are deployed. Each PE contains virtual routing tables corresponding to each VPN created (VRFs). An originating PE takes the routes belonging to a VPN, incorporates a Route Distinguisher (RD) to make them unique within the provider's network, and distributes them to other PEs across the backbone. In turn, these routes are announced with a Route Target (RT), which determines in which destination VRF they must be imported. In this way, the receiving PE incorporates the corresponding routes into its VRF and allows clients connected to their respective CEs to communicate with other networks that are part of the same VPN.
Thus, with the implementation of L3VPN to have different VPNs, the topology of an MPLS network is redefined to look like this, understood as a “before and after”:
In the first image, we have a basic structure of an MPLS network, without having implemented L3VPN. In the second image, we have an MPLS network with the implementation of L3VPN; note how we have two VPNs, where in the first VPN, clients connected to routers CE1A and CE2A can communicate with each other, and in a second VPN, clients connected to routers CE1B and CE2B communicate. Between routers PE1 and PE2, this import and export of VPN routes associated with VRFs occurs, so that each PE knows which remote networks belong to the same VPN and, therefore, communication can be established between their respective clients. Then, routers P1 and P2 can be thought of as part of the backbone area.
Conclusions
The internal functioning of an Internet provider is complex, yet comprehensive, efficient, standardized, and dedicated. MPLS was a revolutionary standard that enabled more efficient routing in WAN technologies, which traverse our communications emitted from each of our devices that are connected to the Internet. Starting to understand this art in computer networks in detail is another grain of sand that helps understand our desert: our own global world.
Comments