gurfin / MPLS basics - tips & trix

Created Mon, 22 Apr 2024 12:18:51 +0100 Modified Sat, 04 Jan 2025 12:50:38 +0000
629 Words

This will be a living document, for troubleshooting and tracing MPLS traffic. The idea is for me and others to be able to reference this post for basic MPLS troubleshooting.

MPLS purpose and MPLS packet headers

The original purpose of MPLS was to allow for faster packet routing through a provider network. This is because the actual forwarding operation on the routers is more efficient when using the labels for forwarding decisions, compared to looking up IP-addresses.

In modern routers the performance is high enough that the performance gain from running MPLS is negligible. However, MPLS still delivers on some sought after functions for large scalable networks. Two of the most common functions are L3VPN and L2 tunnels running across a service providers MPLS cloud.

Each router will generate a local label for each prefix is has. This local label will then be used by other, neighboring routers, to forward traffic to our router. The local label on our router will appear as the remote label on their router. It is quite common for this label to change with each hop. It is also possible to “stack” MPLS labels, which is similar to adding more GRE tunnels within a GRE tunnel. This allows you to tunnel LSPs (Label-Switched Path) inside another LSP, but we will leave the topic of stacking labels for another post. In order to communicate these labels we can use a protocol like LDP or BGP.

Terminology

  • LSR = Label Switching Router
    • A router in the label switched path, which forwards traffic using labels.
  • FEC = Forwarding Equivalence Class
    • A group of IP packets which are forwarded in the same manner (over the same path, with the same forwarding treatment).
  • Label
    • A short fixed length physically contiguous identifier which is used to identify a FEC, usually of local significance.
  • LSP = Label Switched Path
    • The path through one or more LSRs at one level of the hierarchy followed by a packets in a particular FEC.

Checking MPLS labels on routers

To follow MPLS forwarding on a Cisco router you can use some of the following commands. These are primarily relevant for L3VPN deployments.

yeet-core01#show mpls forwarding-table vrf 123 1.1.1.1
Local      Outgoing   Prefix           Bytes Label   Outgoing   Next Hop
Label      Label      or Tunnel Id     Switched      interface
None       49         1.1.1.0/24[V]   \
                                                     Gi1/0/13   10.0.0.2
           49         1.1.1.0/24[V]   \
                                                     Gi2/0/13   10.0.0.6

yeet-core01#show ip cef vrf 123 1.1.1.1
1.1.1.0/24
  nexthop 10.0.0.2 GigabitEthernet1/0/13 label 49
  nexthop 10.0.0.6 GigabitEthernet2/0/13 label 49

From the output above we can discern that packets in the VRF123 L3VPN will be loadbalanced between the two MPLS links with the underlay next-hop being 10.0.0.2 and 10.0.0.6 respectively. We can also see that the outgoing label, that is the local label on the peer we are sending these packets to, is the same for both forwarding entries. This is because these are two redundant links between our yeet-core01 and a P-router in the MPLS cloud. This is because of our iBGP peering balancing the traffic across the two links. We can verify that behaviour by looking at the CEF FIB for our VRF, which shows the same behaviour.

If we check the forwarding on the next-hop P-router we would see:

yeet-p01#show mpls forwarding-table labels 49
Local      Outgoing   Prefix           Bytes Label   Outgoing   Next Hop
Label      Label      or Tunnel Id     Switched      interface
49         16         65500:123:1.1.1.0/24   \
                                       137644216     Gi0/0/0        10.10.0.2

yeet-p01#show ip cef vrf 123 1.1.1.1
1.1.1.0/24
  nexthop 10.10.0.2 Gi0/0/0 label 16

Viewing MPLS label stack

In order to view the MPLS label stack used for a specific FEC we can use the following command:

yeet-p01#show mpls forwarding-table vrf 123 1.1.1.1 detail
Local      Outgoing   Prefix           Bytes Label   Outgoing   Next Hop
Label      Label      or Tunnel Id     Switched      interface
105        5264      1.1.1.0/24[V]   \
                                       0             Gi0/0/0    10.10.88.4
	MAC/Encaps=14/18, MRU=1500, Label Stack{5264}
	VPN route: 123
	No output feature configured