DANH MJC HINH V .............................................................................................. THUAT NG VIET TAT ........................................................................................... LI NI DAU ............................................................................................................. CHUONG 1: TONG QUAN MPLS ......................................................................... 1 1.1 So luc v cng ngh IP v cng ngh ATM .............................................. 1 1.1.1 Cng ngh IP ........................................................................................... 1 1.1.2 Cng ngh ATM...................................................................................... 1 1.1.3 IP over ATM ........................................................................................... 2 1.2 Gii thiu v chuyn mch nhn da giao thc (MPLS).............................. 4 1.2.1 Dc dim mang MPLS ............................................................................ 4 1.2.2 Phuong thuc hoat dng ............................................................................ 5 1.3 L|ch su pht trin v cc uu dim cua MPLS ............................................. 5 1.3.1 Lich su phat trin MPLS.......................................................................... 5 1.3.2 Uu dim cua MPLS ................................................................................. 6 1.4 Cu trc cua nt MPLS. .............................................................................. 7 1.4.1 Mt phng chuyn tip ................................................................................ 7 1.4.2 Mt phng diu khin (Control Plane) ...................................................... 11 1.5 Cc phn tu chnh cua MPLS. .................................................................. 12 1.5.1 B dinh tuyn chuyn mach nhn LSR ..................................................... 13 1.5.2 Duong chuyn mach nhn LSP ................................................................. 14 1.5.3 Lop chuyn tip tuong duong (FEC) ........................................................ 15 1.6 Cc giao thc su dng trong MPLS. ......................................................... 16 1.6.1 Giao thuc phn phi nhn (LDP) .............................................................. 16 1.6.2 Giao thuc CR-LDP. .................................................................................. 26 1.6.3 Giao thuc dt truoc tai nguyn (RSVP). .................................................... 30 1.6.4 Giao thuc cng bin BGP ......................................................................... 34 1.7 D}c dim vut tri cua MPLS so vi IP over ATM. ................................ 35 1.8 Mt s ng dng MPLS. ............................................................................ 37 1.8.1 Mang ring ao VPN. .............................................................................. 37 1.8.2 Diu khin luu luong MPLS (MPLS TE). ............................................. 37 1.8.3 Cht luong dich vu trong MPLS (QoS).................................................. 39 CHUONG 2: GII THIJU CHUNG VE VPN ...................................................... 42 2.1 Khi nim v VPN ...................................................................................... 42 2.2 Chc nng v li ch cua VPN. .................................................................. 43 2.2.1 Chuc nng cua mang ring ao. ............................................................... 43 2.2.2 Tin ich cua mang ring ao. ................................................................... 43 2.2.3 Nhuoc dim va nhung giai phap khc phuc. .......................................... 44 2.3 M hnh VPN.............................................................................................. 44 2.3.1 M hinh Overlay VPN (VPN chng ln). .............................................. 45 2.3.2 M hinh VPN ngang cp (Peer to peer VPN). ........................................ 46 2.4 Phn loi VPN. ........................................................................................... 48 2.4.1 VPN truy nhp tu xa (Remote Access VPN). ......................................... 48 2.4.2 VPN dim toi dim (Site - to - Site VPN ). ............................................ 50 CHUONG 3: MANG RING AO MPLS .............................................................. 54 3.1 Gii thiu v MPLS VPN ........................................................................... 54 3.1.1 MPLS VPN la gi? .................................................................................. 54 3.1.2 Loi ich cua MPLS VPN ......................................................................... 55 3.2 Cc thnh phn chnh cua kin trc MPLS VPN ..................................... 55 3.2.1 VRF Virtual Routing and Foewarding Table ...................................... 56 3.2.2 RD Route Distinguisher ...................................................................... 58 3.2.3 RT Routee Targets .............................................................................. 59 3.2.4 Giao thuc MP-BGP. .............................................................................. 60 3.2.5 Hoat dng cua mt phng diu khin MPLS VPN. ................................ 61 3.2.6 Hoat dng cua mt phng du liu MPLS VPN ....................................... 62 3.2.7 Dinh tuyn VPNv4 trong mang MPLS VPN .......................................... 62 3.2.8 Chuyn tip goi trong mang MPLS VPN ............................................... 64 3.3 So snh MPLS VPN v VPN truyn thng ............................................... 65 3.3.1 VPN truyn thng ..................................................................................... 65 3.3.2 MPLS VPN .............................................................................................. 66 CHUONG 4: THJC NGHIJM .............................................................................. 68 4.1 Cu hnh chi tit ti cc thit b| .................................................................... 69 4.1.1 Cu hinh router R1 ................................................................................... 69 4.1.2 Cu hinh router R2 ................................................................................... 70 4.1.3 Cu hinh router R3 ................................................................................... 70 4.1.4 Cu hinh router R4 ................................................................................... 72 4.1.5 Cu hinh router R5 ................................................................................... 73 4.1.6 Cu hinh router R6 ................................................................................... 73 4.1.7 Cu hinh router R7 ................................................................................... 73 4.1.8 Cu hinh router R8 ................................................................................... 74 4.2 Thng tin d|nh tuyn ..................................................................................... 74 4.2.1 Thng tin dinh tuyn R1 ........................................................................... 74 4.2.2 Thng tin dinh tuyn R2 ........................................................................... 74 4.2.3 Thng tin dinh tuyn R3 ........................................................................... 75 4.2.4 Thng tin dinh tuyn R4 ........................................................................... 75 4.2.5 Thng tin dinh tuyn R5 ........................................................................... 76 4.2.6 Thng tin dinh tuyn R6 ........................................................................... 76 4.2.7 Thng tin dinh tuyn R7 ........................................................................... 76 4.2.8 Thng tin dinh tuyn R8 ........................................................................... 77 4.3 Kim tra ......................................................................................................... 77 KET LUAN.............................................................................................................. 84 TI LIJU THAM KHAO....................................................................................... 85
DANH MUC HINH V Hinh 1.1 : MPLS trong m hinh OSI ........................................................................... 4 Hinh 1.2 : Cu truc mt nut MPLS .............................................................................. 7 Hinh 1.3 : Dinh dang nhn MPLS chung ..................................................................... 8 Hinh 1.4 : Nhn trong ngn xp nhn .......................................................................... 9 Hinh 1.5 : Vi tri cua ngn xp nhn cho goi duoc gan nhn ......................................... 9 Hinh 1.6 : Cu truc cua LFIB .................................................................................... 10 Hinh 1.7 : Cac thanh phn mt phng du liu va mt phng diu khin cua MPLS .... 12 Hinh 1.8 : Vi tri cua LER va LSR trong mang MPLS ................................................ 13 Hinh 1.9 : Hoat dng cua LSR trong mang MPLS ..................................................... 14 Hinh 1.10 : Duong chuyn mach nhn (LSP) ............................................................ 14 Hinh 1.11 : M hinh LSP Nested............................................................................... 15 Hinh 1.12 : Lop chuyn tip tuong duong ................................................................. 16 Hinh 1.13 : Giao thuc LDP voi cac giao thuc khac .................................................... 17 Hinh 1.14 : Thu tuc phat hin LSR ln cn ................................................................ 19 Hinh 1.15 : Khun dang cac ban tin LDP .................................................................. 20 Hinh 1.16 : Ban tin NotiIication ................................................................................ 21 Hinh 1.17 : Tham s TLV Hello chung ..................................................................... 21 Hinh 1.18 : Ban tin Initialization ............................................................................... 22 Hinh 1.19 : Ban tin KeepAlive .................................................................................. 22 Hinh 1.20 : Ban tin Address ...................................................................................... 23 Hinh 1.21 : Ban tin Address Withdraw ...................................................................... 23 Hinh 1.22 : Ban tin Lable Mapping ........................................................................... 23 Hinh 1.23 : Ban tin Label Request ............................................................................. 24 Hinh 1.24 : Ban tin Label Withdraw .......................................................................... 25 Hinh 1.25 : Ban tin Label Release ............................................................................. 25 Hinh 1.26 : Ban tin Label Abort Request ................................................................... 26 Hinh 1.27 : Vi du v CSPF ........................................................................................ 29 Hinh 1.28 : Thu tuc bao hiu trong RSVP ................................................................. 31 Hinh 1.29 : Nhn phn phi trong ban tin RESV ....................................................... 33 Hinh 1.30 : Diu khin luu luong trong MPLS .......................................................... 38 Hinh 1.31 : Diu khin luu luong trong MPLS (2) .................................................... 39 Hinh 2.1 : M hinh VPN chng ln ........................................................................... 45 Hinh 2.2 : M hinh VPN ngang hang ........................................................................ 47 Hinh 2.3 : VPN truy cp tu xa ................................................................................... 49 Hinh 2.4 : Thit lp VPN tu xa .................................................................................. 50 Hinh 2.5 : VPN ni b ............................................................................................... 51 Hinh 2.6 : Mt vi du v Extranet VPN truyn thng .................................................. 52 Hinh 2.7 : Thit lp Extranet VPN ............................................................................ 52 Hinh 2.8 : M hinh VPN kt hop............................................................................... 53 Hinh 3.1 : M hinh MPLS VPN ................................................................................ 54 Hinh 3.2 : M hinh mang ring ao tng 3 .................................................................. 56 Hinh 3.3 : Chuc nng cua VRF ................................................................................. 57 Hinh 3.4 : Vi du v RD ............................................................................................. 59 Hinh 3.5 : Cac loai RT va chuc nng cua no .............................................................. 60 Hinh 3.6 : Su tuong tac giua cac giao thuc trong mt phng diu khin .................... 61 Hinh 3.7 : Su truyn tuyn trong mang MPLS VPN .................................................. 62 Hinh 3.8 : Su truyn tuyn trong mang MPLS VPN Step by step .............................. 63 Hinh 3.9 : Chuyn tip goi trong mang MPLS VPN .................................................. 65 Hinh 3.10 : M hinhVPN truyn thng ..................................................................... 65 Hinh 4.1 : So d du ni m phong ........................................................................... 68 Hinh 4.2 : Du ni vt ly ........................................................................................... 68 Hinh 4.3 : Thng tin dinh tuyn R1 ........................................................................... 74 Hinh 4.4 : Thng tin dinh tuyn R2 ........................................................................... 75 Hinh 4.5 : Thng tin dinh tuyn R3 ........................................................................... 75 Hinh 4.6 : Thng tin dinh tuyn R4 ........................................................................... 75 Hinh 4.7 : Thng tin dinh tuyn R5 ........................................................................... 76 Hinh 4.8 : Thng tin dinh tuyn R6 ........................................................................... 76 Hinh 4.9 : Thng tin dinh tuyn R7 ........................................................................... 76 Hinh 4.10 : Thng tin dinh tuyn R8 ......................................................................... 77 Hinh 4.11 : Show mpls ldp bindings R3 .................................................................... 77 Hinh 4.12 : Show mpls ldp bindings R4 .................................................................... 77 Hinh 4.13 : Show mpls ldp bindings R2 .................................................................... 78 Hinh 4.14 : Show mpls ldp bindings R1 .................................................................... 78 Hinh 4.15 : Bang LFIB trn R3 va R4 ....................................................................... 79 Hinh 4.16 : Bang LFIB trn R1 va R2 ....................................................................... 79
THUAT NG VIET TAT
A API Application Programming InterIaces Giao din lp trinh ung dung ARP Address Resolution Protocol Giao thuc phn giai dia chi ASIC Application SpeciIic Intergrated Circuits Mach tich hop chuyn dung ATM Asynchnorous TranIer Mode Truyn dn khng dng b AToM Any Transport over MPLS Truyn tai qua MPLS B BGP Border Gateway Protocol Giao thuc cng duong bin C CE Custome Edge Bin phia khach hang CEF Cisco Express Forwarding Chuyn tip nhanh cua Cisco CoS Class oI Service Cp d dich vu CR Constraint-based routing Dinh tuyn rang buc CSPF Constrained SPF SPF cung buc E E-LSR Egress LER LSR bin ra EGP Exterior Gateway Protocol Giao thuc cng ngoai ER Explicit Routing Dinh tuyn hin F FDDI Fiber Distributed Data InterIace Giao din phn b soi FEC Forwarding Equivalency Class Lop chuyn tip tuong duong FR Frame Relay Chuyn tip khung G GRE Generic Routing Encapsulation Dong goi dinh tuyn chung I IGP Interior Gateway Protocol Giao thuc dinh tuyn trong pham vi min I-LSR Ingress LSR LSR bin vao IP Internet Protocol Giao thuc Internet IS-IS Intermediate System to Intermediate System Protocol Giaot thuc h thng trung gian toi h thng trung gian ISP Internet Service Providers Nha cung cp dich vu internet L LAN Local Area Network Mang ni b LDP Label Distribution Protocol Giao thuc phn phi nhn LER Label Edge Router B dinh tuyn nhn bin ra LFIP Label Forwarding InIormation Base Co so thng tin chuyn tip nhn LIB Label InIormation Base Bang co so du liu nhn LSP Label Switch Path Tuyn chuyn mach nhn LSR Label Switch Router B dinh tuyn chuyn mach M MAC Media Access Control Diu khin truy nhp mi truong MPLS Multilprotocol Lable Switching Chuyn mach nhn da giao thuc MP- BGP MPLS border gateway Protocol Da giao thuc cng bin O OSI Open Systems Interconnection M hinh lin kt h thng du ni mo OSPF Open Shortest Path First Giao thuc OSPF P PE Provider Edge Bin nha cung cp PPP Point-to-Point Protocol Giao thuc dim - dim PVC Permanent Virtual Circuit Mach ao c dinh Q QoS Quanlity oI Service Cht luong dich vu R RD Route Distinguisher B phn bit tuyn RFC Request Ior comment Cac tai liu chun do IETF dua ra RIP Routing InIormation Protocol Giao thuc thng tin dinh tuyn RIPv2 RIP version 2 RIP phin ban 2 RSVP Resource Reservation Protocol Giao thuc danh sn tai nguyn RT Route Targets Tuyn dich S SPF Shortest Path First Thut toan uu tin duong di ngn nht T TCP Transport Control Protocol Giao thuc diu khin truyn dn TLV Time To Live Thoi gian sng U UDP User Datagrame Protocol Giao thuc du liu nguoi dung V VC Virtual Channel Knh ao VCI Virtual Channel IdentiIier Dinh danh knh ao VoIP Voice over ATM Thoai qua ATM VP Virtual Path Tuyn ao VPI Virtual Packet IndentiIier Dinh danh goi ao VPN Virtual Pravite network Mang ring ao
LI NI DAU
Cung voi su phat trin cua dt nuoc, nhung nm gn dy cac nganh kinh t quc dn du phat trin manh m, va nganh cng nghip vin thng cng khng la ngoai l. S nguoi su dung cac dich vu mang tng dang k, theo du doan con s nay dang tng theo ham m. Ngay cang co nhiu cac dich vu moi va cht luong dich vu cng duoc yu cu cao hon. Dung truoc tinh hinh nay, cac vn d v mang bt du bc l, cac nha cung cp mang va cac nha cung cp dich vu cng d co nhiu n luc d nng cp cng nhu xy dung ha tng mang moi. Nhiu cng ngh mang va cng ngh chuyn mach d duoc phat trin, trong s do chung ta phai k dn cng ngh chuyn mach nhn da giao thuc (MPLS). Mt trong s cac ung dung cua MPLS do la mang ring ao trn nn MPLS (MPLS VPN). Do MPLS VPN co uu dim hon nhiu so voi VPN truyn thng, vi th MPLS VPN d duoc trin khai rng ri o nuoc ta, vi th vic tim hiu cac vn d v cng ngh MPLS noi chung va MPLS VPN noi ring la vn d quan trong di voi sinh vin. Nhn thuc duoc diu do, ban d an tt nghip ' Cng ngh chuyn mach nhn da giao thuc va ung dung mang ring ao gioi thiu v qua trinh phat trin dich vu cng nhu cng ngh mang dn toi MPLS. D an cua em gm bn chuong nhu sau: Chuong 1: Tng quan MPLS. Chuong 2: Gioi thiu chung v VPN. Chuong 3: Mang ring ao MPLS. Chuong 4: Thuc nghim. Do kin thuc cua em con co han hon nua thoi gian lam d an co han nn d an cua em khng tranh khoi con nhiu sai sot. Rt mong nhn duoc su ph binh, gop y cua cac thy c giao va cac ban. Em xin gui loi cam on chn thanh dn thy Chu Tun Linh, nguoi d tn tinh huong dn em lam d an nay. D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 1 -
CHUONG 1: TONG QUAN MPLS
1.1 So luc v cng ngh IP v cng ngh ATM 1.1.1 Cng ngh IP IP la thanh phn chinh cua kin truc cua mang Internet. Trong kin truc nay, IP dong vai tro lop 3. IP dinh nghia co cu danh s, co cu chuyn tin, co cu dinh tuyn va cac chuc nng diu khin o muc thp (ICMP). Goi tin IP gm dia chi cua bn nhn; dia chi la mt s duy nht trong toan mang va mang dy du thng tin cn cho vic chuyn goi tin toi dich. Co cu dinh tuyn co nhim vu tinh toan duong di toi cac nut trong mang. Do vy, co cu dinh tuyn phai duoc cp nht cac thng tin v topo mang, thng tin v nguyn tc chuyn tin (nhu trong BGP) va no phai co kha nng hoat dng trong mi truong mang gm nhiu nut. Kt qua tinh toan cua co cu dinh tuyn duoc luu trong cac bang chuyn tin (Iorwarding table) chua thng tin v chng tip theo d co th gui goi tin toi huong dich. Dua trn cac bang chuyn tin, co cu chuyn tin chuyn mach cac goi IP huong toi dich. Phuong thuc chuyn tin truyn thng la theo tung chng mt. o cach nay, mi nut mang tinh toan bang chuyn tin mt cach dc lp. Phuong thuc nay, do vy, yu cu kt qua tinh toan cua phn dinh tuyn tai tt ca cac nut phai nht quan voi nhau. Su khng thng nht cua kt qua s dn toi vic chuyn goi tin sai huong, diu nay dng nghia voi vic mt goi tin. Kiu chuyn tin theo tung chng han ch kha nng cua mang. Vi du, voi phuong thuc nay, nu cac goi tin chuyn toi cung mt dia chi ma di qua cung mt nut thi chung s duoc truyn qua cung mt tuyn toi dim dich. Diu nay khin mang khng th thuc hin mt s chuc nng khac nhu dinh tuyn theo dich, theo loai dich vu, v.v... Tuy nhin, bn canh do, phuong thuc dinh tuyn va chuyn tin nay nng cao d tin cy cng nhu kha nng mo rng cua mang. Giao thuc dinh tuyn dng cho phep mang phan ung lai voi su c bng vic thay di tuyn khi router bit duoc su thay di v topo mang thng qua vic cp nht thng tin v trang thai kt ni. Voi cac phuong thuc nhu CIDR (Classless Interdomain Routing), kich thuoc cua bang chuyn tin duoc duy tri o muc chp nhn duoc, va do vic tinh toan dinh tuyn du do cac nut tu thuc hin, mang co th duoc mo rng ma khng cn thuc hin bt ky mt thay di nao. Tom lai, IP la mt giao thuc chuyn mach goi co d tin cy va kha nng mo rng cao. Tuy nhin, vic diu khin luu luong rt kho thuc hin do phuong thuc dinh tuyn theo tung chng. Ngoai ra, IP cng khng h tro cht luong dich vu. 1.1.2 Cng ngh ATM D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 2 -
ATM (Asynchronous TransIer Mode) la mt k thut truyn tin tc d cao. Cng ngh ATM dua trn co so cua phuong phap chuyn mach goi, thng tin duoc nhom vao cac goi tin co chiu dai c dinh, trong do vi tri cua goi khng phu thuc vao dng h dng b ma dua trn nhu cu bt ki cua knh truoc. Cac chuyn mach ATM cho phep hoat dng voi nhiu tc d va dich vu khac nhau. ATM co hai dc dim quan trong: - Thu nht ATM su dung cac goi co kich thuoc nho va c dinh goi la cac t bao ATM, cac t bao nho voi tc d truyn lon s lam cho tr truyn lan va bin dng tr giam du nho di voi cac dich vu thoi gian thuc, cng s tao diu kin cho vic hop knh o tc d cao duoc d dang hon. - Thu hai, ATM co kha nng nhom mt vai knh ao thanh mt duong ao nhm giup cho vic dinh tuyn duoc d dang. ATM khac voi dinh tuyn IP o mt s dim. No la cng ngh chuyn mach huong kt ni. Kt ni tu dim du dn dim cui phai duoc thit lp truoc khi thng tin duoc gui di. ATM yu cu kt ni phai duoc thit lp bng nhn cng hoc thit lp mt cach tu dng thng qua bao hiu. Mt khac, ATM khng thuc hin dinh tuyn tai cac nut trung gian. Tuyn kt ni xuyn sut duoc xac dinh truoc khi trao di du liu va duoc giu c dinh trong sut thoi gian kt ni. Trong qua trinh thit lp kt ni, cac tng dai ATM trung gian cung cp cho kt ni mt nhn. Vic nay thuc hin hai diu: danh cho kt ni mt s tai nguyn va xy dung bang chuyn t bao tai mi tng dai. Bang chuyn t bao nay co tinh cuc b va chi chua thng tin v cac kt ni dang hoat dng di qua tng dai. Diu nay khac voi thng tin v toan mang chua trong bang chuyn tin cua router dung IP. Qua trinh chuyn t bao qua tng dai ATM cng tuong tu nhu vic chuyn goi tin qua router. Tuy nhin, ATM co th chuyn mach nhanh hon vi nhn gn trn cell co kich thuoc c dinh (nho hon cua IP), kich thuoc bang chuyn tin nho hon nhiu so voi cua IP router, va vic nay duoc thuc hin trn cac thit bi phn cung chuyn dung. Do vy, thng luong cua tng dai ATM thuong lon hon thng luong cua IP router truyn thng. 1.1.3 IP over ATM Hin nay, trong xy dung mang IP, co dn my loai k thut: nhu IP over SDH/SONET, IP over Fiber, IP over WDM. Con k thut ATM, do co cac tinh nng nhu tc d cao, cht luong dich vu tt, diu khin luu luong,. ma cac mang luoi dung b dinh tuyn truyn thng chua co, nn d duoc su dung rng ri trn mang duong truc IP. Mt khac, do yu cu tinh thoi gian thuc con tuong di cao di voi mang luoi, IP over ATM vn la k thut duoc chon truoc tin hin nay. Ma MPLS D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 3 -
chinh la su cai tin cua IP over ATM kinh din, cho nn o dy chung ta cn nhin lai mt chut v hin trang cua k thut IP over ATM IP over ATM truyn thng la mt k thut kiu xp chng, no xp IP (k thut lop 3) ln ATM (k thut lop 2); giao thuc cua hai tng hoan toan dc lp voi nhau; giua chung phai nho mt loat giao thuc (nhu NHRP, ARP,.) nua moi dam bao ni thng. Diu do hin nay trn thuc t d duoc ung dung rng ri. Nhung trong tinh trang mang luoi duoc mo rng nhanh chong, cach xp chng do cng gy ra nhiu vn d cn xem xet lai. Truoc ht, vn d ni bt la phuong thuc chng xp phai thit lp cac lin kt PVC tai N nut, tuc la cn thit lp mang lin kt. Nhu th co th s gy nn vn d binh phuong N, rt phin phuc, tuc la khi thit lp, bao dung, g bo su lin kt giua cac dim nut, s vic phai lam (nhu s VC, luong tin diu khin) du co cp s nhn binh phuong cua N dim nut. Khi ma mang luoi ngay cang rng lon, chi phi kiu do s lam cho mang luoi qua tai. Thu hai, phuong thuc xp chng s ct ca mang luoi IP over ATM ra lam nhiu mang logic nho (LIS), cac LIS trn thuc t du la o trong mt mang vt ly. Giua cac LIS dung b dinh tuyn trung gian d lin kt, diu nay s anh huong dn vic truyn nhom goi tin giua cac LIS khac nhau. Mt khac, khi luu luong rt lon, nhung b dinh tuyn nay s gy hin tuong 'nghn c chai di voi bng rng. Hai dim nu trn du lam cho IP over ATM chi co th dung thich hop cho mang tuong di nho, nhu mang xi nghip,. nhung khng th dap ung duoc nhu cu cua mang duong truc Internet trong tuong lai. Trn thuc t, hai k thut nay dang tn tai vn d yu kem v kha nng mo rng thm. Thu ba, trong phuong thuc chng xp, IP over ATM vn khng co cach nao dam bao QoS thuc su. Thu tu, vn khi thit k hai loai k thut IP va ATM du lam ring le, khng xet gi dn k thut kia, diu nay lam cho su ni thng giua hai bn phai dua vao mt loat giao thuc phuc tap, cung voi cac b phuc vu xu ly cac giao thuc nay. Cach lam nhu th co th gy anh huong khng tt di voi d tin cy cua mang duong truc. Cac k thut MPOA (Multiprotocol over ATM Da giao thuc trn ATM), LANE (LAN Emulation M phong LAN),. cng chinh la kt qua nghin cuu d giai quyt cac vn d do, nhung cac giai phap nay du chi giai quyt duoc mt phn cac tn tai, nhu vn d QoS chng han. Phuong thuc ma cac k thut nay dung vn la phuong thuc chng xp, kha nng mo rng vn khng du. Hin nay, d xut hin mt loai k thut IP over ATM khng dung phuong thuc xp chng, ma dung phuong thuc chuyn mach nhn, ap dung phuong thuc tich hop. K thut nay chinh la co so cua MPLS. D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 4 -
1.2 Gii thiu v chuyn mch nhn da giao thc (MPLS). Chuyn mach nhn da giao thuc MPLS (Multiprotocol Label Switching) la mt cng ngh kt hop dc dim tt nht giua dinh tuyn lop ba va chuyn mach lop hai cho phep chuyn tai cac goi rt nhanh trong mang li (core) va dinh tuyn tt mang bin (edge) bng cach dua vao nhn (label). MPLS la mt phuong phap cai tin vic chuyn tip goi trn mang bng cach gn nhn vao mi goi IP, t bao ATM, hoc Irame lop hai. Phuong phap chuyn mach nhn giup cac Router va cac b chuyn mach MPLS-enable ATM quyt dinh theo ni dung nhn tt hon vic dinh tuyn phuc tap theo dia chi IP dich. MPLS cho phep cac ISP cung cp nhiu dich vu khac nhau ma khng cn phai bo di co so ha tng sn co. Cu truc MPLS co tinh mm deo trong bt ky su phi hop voi cng ngh lop hai nao. MPLS h tro moi giao thuc lop hai, trin khai hiu qua cac dich vu IP trn mt mang chuyn mach IP. MPLS h tro vic tao ra cac tuyn khac nhau giua ngun va dich trn mt duong truc Internet. Bng vic tich hop MPLS vao kin truc mang, cac ISP co th giam chi phi, tng loi nhun, cung cp nhiu hiu qua khac nhau va dat duoc hiu qua canh tranh cao. Tng ung dung Tng ung dung Tng ung dung Tng trinh din Tng phin Tng giao vn Tng giao vn Tng giao vn Tng mang Tng mang Tng mang Tng lin kt du liu Tng lin kt du liu Tng lin kt du liu Tng vt ly OSI TCP/IP MPLS Hinh 1.1 : MPLS trong m hinh OSI 1.2.1 D}c dim mng MPLS - Khng co MPLS API, cng khng co thanh phn giao thuc phia host. - MPLS chi nm trn cac router. Chuyn mach nhn D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 5 -
- MPLS la giao thuc dc lp nn co th hoat dng cung voi giao thuc khac IP nhu IPX, ATM, Frame Relay,. - MPLS giup don gian hoa qua trinh dinh tuyn va lam tng tinh linh dng cua cac tng trung gian. 1.2.2 Phuong thc hot dng Thay th co ch dinh tuyn lop ba bng co ch chuyn mach lop hai.MPLS hoat dng trong li cua mang IP. Cac Router trong li phai enable MPLS trn tung giao tip. Nhn duoc gn thm vao goi IP khi goi di vao mang MPLS. Nhn duoc tach ra khi goi ra khoi mang MPLS. Nhn (Label) duoc chen vao giua header lop ba va header lop hai. Su dung nhn trong qua trinh gui goi sau khi d thit lp duong di. MPLS tp trung vao qua trinh hoan di nhn (Label Swapping). Mt trong nhung th manh cua kin truc MPLS la tu dinh nghia chng nhn (Label Stack). K thut chuyn mach nhn khng phai la k thut moi. Frame relay va ATM cng su dung cng ngh nay d chuyn cac khung (Irame) hoc cac cell qua mang. Trong Frame relay, cac khung co d dai bt ky, di voi ATM d dai cua cell la c dinh bao gm phn mao du 5 byte va tai tin la 48 byte. Phn mao du cua cell ATM va khung cua Frame Relay tham chiu toi cac knh ao ma cell hoc khung nay nm trn do. Su tuong quan giua Frame relay va ATM la tai mi buoc nhay qua mang, gia tri 'nhn trong phn mao du bi thay di. Dy chinh la su khac nhau trong chuyn tip cua goi IP. Khi mt route chuyn tip mt goi IP, no s khng thay di gia tri ma gn lin voi dich dn cua goi; hay noi cach khac no khng thay di dia chi IP dich cua goi. Thuc t la cac nhn MPLS thuong duoc su dung d chuyn tip cac goi va dia chi IP dich khng con ph bin trong MPLS nua. 1.3 L|ch su pht trin v cc uu dim cua MPLS 1.3.1 L|ch su pht trin MPLS Muc dich ban du cua chuyn mach nhn la mun dua tc d cua chuyn mach lop 2 vao lop 3. Ly l ban du cho cac k thut nhu MPLS khng lu sau d duoc nhn thy la co uu dim, boi vi cac chuyn mach lop 3 moi duoc su dung cng ngh ASIC (Application-speciIic integrated circuit), k thut nn tang co th thi hanh chuc nng tim kim voi tc d vua du d h tro cho hu ht cac loai giao tip (interIace) Chun cua chuyn mach nhn duoc nhom nghin cuu cua IETF v MPLS d xut nm 1997 va duoc nghin cuu rng ri. MPLS duoc phat trin tu nhiu k thut chinh, bao gm cac phin ban dc quyn v chuyn mach nhn nhu chuyn mach nhn cua Cisco (Cisco`s Tag Switching), Chuyn mach IP dua trn nn dinh tuyn tng hop cua IBM (IBM`s Aggregate Route-Based IP Switching ARIS), B dinh tuyn chuyn mach t bao cua Toshiba (Toshiba`s Cell-Switched Router CSR), Chuyn mach IP cua Ipsilon (Ipsilon`s IP Switching) va b dinh vi IP cua Lucent (Lucent`s IP Navigator). D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 6 -
Chuyn mach the (Tag Switching), duoc phat minh boi Cisco, va dua dn nguoi dung ln du tin vao nm 1998. Tu khi bt du trin khai chuyn mach the, Cisco d lam vic chung voi IETF d phat trin va thng qua cac chun cua MPLS, hop nht cac dc tinh va uu dim cua Chuyn mach the. 1.3.2 Uu dim cua MPLS - Tc d va d tr: Chuyn mach nhn duoc cung cp d giai quyt vn d v tc d va d tr mt cach hiu qua. Chuyn mach nhn nhanh hon nhiu chuyn mach IP c din boi vi gia tri nhn duoc dt trong header cua goi dn, duoc su dung d quan ly bang dinh tuyn theo cach nhn s duoc su dung la chi muc trong bang. Vic tim kim nay yu cu chi mt ln la tim ra, nguoc lai dinh tuyn c din co th phai tim trong bang do vai nghin ln. Kt qua, trn lung vn chuyn, cac goi duoc gui thng qua mang nhanh hon thng thuong, giam thoi gian tr, va dap ung thoi gian cho nguoi dung. - Kha nng mo rng (Scalability): Di nhin tc d la mt mt quan trong cua chuyn mach nhn, nhung dich vu nhanh khng phai la tt ca ma chuyn mach nhn co th cung cp. No cng co th cung cp kha nng mo rng, tuc la diu tit mt s luong lon va ngay cang tng nhanh chong cac user trn mang Internet. Chuyn mach nhn d nghi mt cach giai quyt cho vn d phat trin mang mt cach nhanh chong nhu vy bng cach cho phep mt s luong lon cac dia chi IP duoc lin kt voi nhau trn mt hay mt vai nhn. Cach tip cn nay s ct giam bot bang dinh tuyn va cho phep mt router phuc vu nhiu nguoi dung hon tai mt thoi dim va cng khng cn doi hoi kha nng xu ly cao cua cac router. - Tinh don gian: Mt uu dim nua cua chuyn mach nhn la v co ban no chi la tp hop cua cac giao thuc dinh tuyn. No rt don gian, chuyn tip mt goi dua trn nhn cua goi do. Lam th nao mt nhn dn mt duong dn cua nguoi dung ma khng cn quan tm dn vic chuyn tip thuc su cua duong dn do. Tt ca co ch diu khin trn co th phuc tap, nhung chung khng lam anh huong dn hiu qua cua duong dn. Tuc la s co rt nhiu cac phuong phap khac nhau d phn phi cac nhn cho duong truyn, tuy nhin sau khi cac nhn d duoc phn phi xong, hoat dng chuyn mach nhn s duoc thuc hin mt cach rt nhanh chong. Chuyn mach nhn co th duoc thuc hin trong mt phn mm, trong cac mach din tu tich hop hay trong mt vi xu ly dc bit. - Muc su dung tai nguyn: Co ch diu khin d thit lp mt nhn phai khng lam tiu tn nhiu tai nguyn. No khng duoc lam mt nhiu tai nguyn va chuyn mach nhn thi hoan toan khng D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 7 -
lam tiu tn nhiu tai nguyn d thuc thi vic thanh lp mt con duong chuyn mach nhn cho duong dn. 1.4 Cu trc cua nt MPLS. Mt nut cua MPLS co hai mt phng: mt phng chuyn tip MPLS va mt phng diu khin MPLS. Nut MPLS co th thuc hin dinh tuyn lop ba hoc chuyn mach lop hai. Hinh sau m ta cu truc co ban cua mt nut MPLS
Hinh 1.2 Cu truc mt nut MPLS 1.4.1 M}t phng chuyn tip Mt phng chuyn tip co trach nhim chuyn tip goi dua trn gia tri chua trong nhn. Mt phng chuyn tip su dung mt co so thng tin chuyn tip nhn LFIB d chuyn tip cac goi. Thut toan ma duoc su dung boi phn tu chuyn tip chuyn mach nhn su dung thng tin chua trong LFIB nhu la cac thng tin chua trong gia tri nhn. Mi nut MPLS co hai bang lin quan dn vic chuyn tip la: co so thng tin nhn LIB va LFIB. LIB chua tt ca cac nhn duoc nut MPLS cuc b danh du va anh xa cua cac nhn nay dn cac nhn duoc nhn tu lang ging (MPLS neighbor) cua no. LFIB su dung mt tp con cac nhn chua trong LIB d thuc hin chuyn tip goi. O Nhn MPLS. Mt nhn MPLS la mt truong 32 bit c dinh voi cu truc xac dinh. Nhn duoc dung d xac dinh mt FEC (Forwarding Equivalence Classes - Nhom chuyn tip tuong duong). Di voi ATM, nhn duoc dt ca o hoc la truong VCI hoc la VPI cua mao du ATM. Tuy nhin, nu la khung trong Frame Relay, nhn lai duoc dt o truong DLCI cua mao du Frame Relay. D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 8 -
K thut lop 2 nhu Ethernet, Token Ring, FDDI, va kt ni point to point khng th tn dung duoc truong dia chi lop 2 cua chung d mang nhn di. Nhung k thut nay mang nhn trong nhung mao du dm (shim). Mao du nhn dm duoc chen thm vao giua lop kt ni va lop mang, nhu hinh sau dy. Vic su dung mao du nhn dm cho phep h tro MPLS trn hu ht cac k thut Lop 2. Hinh .... chi ra cu truc cua mt nhn MPLS.
Hinh 1.3 : Dinh dang nhn MPLS chung 20 bit du (0-~19): Gia tri cua nhn, gia tri nay nm trong khoan tu 0 dn 220-1 hoc 1048575. Tuy nhin, 16 gia tri du tin khng duoc dung d su dung; no duoc su dung voi nhung y nghia dc bit. 3 bit (20 -~ 22) bit thc nghim (EXP experimental). Nhung bit nay chi duoc su dung trong cht luong cua dich vu (QoS); khi cac goi MPLS xp hang co th dung cac bit EXP tuong tu nhu cac bit IP uu tin (IP Precedence). Chu y: Nhung bit duoc dt tn la 'thuc nghim la co ly do lich su. Trong qua khu, khng ai bit cach su dung Bit 23: 1 bit, bit 23 la bit cui cua ngn xp. Bit nay s duoc lp la 1 khi dy la nhn cui cung cua ngn xp, con di voi cac nhn khac no la 0 (bit BoS). Chng nhn la su tp trung cua nhung nhn ma duoc dt phia trn cua goi. Chng nhn co th chi gm 1 nhn, hoc nhiu nhn. S luong cac nhn (o dy la truong 32 bit) ma ta co th tim thy trong ngn xp la v han, mc du ta it khi nhin thy mt ngn xp co bn nhn hoc hon. 8 bit cui ( 24 -~ 31 ): TTL ( time to live ) co chuc nng chng lp vong bng cach dinh thoi gian tn tai cua goi tin trong mang MPLS tuong tu nhu thanh phn TTL trong header goi tin IP
O Ngn xp nhn (Label Stack) Ngn xp nhn la k thut su dung trong vic dong goi IP. No cho phep mt goi co th mang nhiu hon mt nhn. No duoc cung cp boi vic dua vao mt nhn moi D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 9 -
(muc 2) bn trn nhn d tn tai (muc 1), goi duoc chuyn tip qua mang dua trn co so cac nhn o muc 2, sau khi qua mang nay thi nhn muc 2 bi loai ra va vic chuyn tip nay hoat dng dua trn cac nhn muc 1. Nhn trn cung dung sau header lop 2, con nhn cui dung truoc header lop 3. Tai mi buoc nhay dinh tuyn chi xu ly nhn trn cung ngn xp nhn. Chuyn mach nhn duoc thit k d co gin cac mang lon va MPLS h tro chuyn mach nhn voi hoat dng phn cp, hoat dng phn cp nay dua trn kha nng cua MPLS co th mang nhiu hon mt nhn trong goi. Ngn xp nhn cho phep thit k cac LSR trao di thng tin voi nhau va hanh dng nay ging nhu vic tao duong vin node d tao ra mt min mang rng lon va cac LSR khac. Co th noi rng, cac LSR nay la cac node bn trong mt min va khng lin quan dn duong vin node. Vic xu ly mt goi nhn duoc hoan thanh dc lp voi tung muc cua su phn cp. Hinh 2.4 th hin vi tri nhn trong ngn xp nhn. Chu y rng trong ngn xp nhn thi nhn cui lun co gia tri S la 1, cac nhn con lai S la 0.
Hinh 1.4 : Nhn trong ngn xp nhn Thng thuong cac goi du liu khi vao MPLS chi duoc gan mt nhn. Tuy nhin trong mt s truong hop phai su dung nhiu nhn d dap ung yu cu dich vu. Mt s dich vu co th k ra nhu: - MPLS JPA: gm 2 nhn, trong do nhn thu hai (khng thay di khi qua MPLS) dung d hi tu cac tuyn su dung MP BGP qua mang MPLS. Nhn du tin duoc cac router trong MPLS xu ly nhu trong mang MPLS thng thuong. - MPLS 1E: su dung k thut traIIic engineering va phuong phap phn phi nhn RSVP dung d xac dinh LSP cn dung. Nhn con lai duoc dung d hi tu du cui voi tung LSP. O M ha MPLS Ngn xp nhn duoc dt o du? Ngn xp dt truoc goi lop 3 truoc header cua giao thuc vn chuyn, nhung sau header cua lop 2. Ngn xp MPLS thuong duoc goi la header dm (shim header) boi vi tri cua no. Hinh .... th hin vi tri cua ngn xp nhn cho cac goi duoc gan nhn.
Hinh 1.5 : Vi tri cua ngn xp nhn cho goi duoc gan nhn D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 10 -
Co nhiu kiu dong goi ma lop 2 co th dap ung hoc lin kt duoc co su h tro cua Cisco IOS nhu: PPP, HDLC, Ethernet ... Gia thit rng giao thuc truyn tai la IPv4, va phuong thuc dong goi duong link la PPP, luu tru nhn hin nay la sau header PPP nhung truoc header IPv4. Boi vi ngn xp nhn trong khung Lop 2 duoc dt truoc header cua Lop 3 hoc nhung giao thuc truyn tai khac, ta co th co nhung gia tri moi trong truong giao thuc lop kt ni du liu, nhung gia tri nay chi ra duoc phn tip theo cua header lop 2 s la goi duoc dan nhn MPLS. Truong giao thuc lop kt ni du liu la mt gia tri chi ra loai tai ma khung lop 2 truyn di. O Co so thng tin chuyn tip nhn (LFIB) LFIB duoc duy tri boi mt nut MPLS chua mt chui cac entry (muc nhp). Nhu hinh duoi dy, mi duong nhp vao chua mt nhn toi va mt hoc vai muc phu. LFIB duoc lp bang chua cac gia tri trong nhn toi.
Hinh 1.6 : Cu truc cua LFIB O Thut ton chuyn tip gi Chuyn mach nhn su dung thut toan chuyn tip dua trn vic trao di nhn. Nut MPLS ma duy tri mt LFIB don ly gia tri nhn tu truong nhn tim thy trong goi toi va su dung gia tri nay nhu chi s trong LFIB. Sau khi mt nhn toi match (khop) duoc tim thy, nut MPLS thay th nhn nay trong goi voi mt nhn ra tu muc phu va gui goi qua giao din ra cu th toi nut tip cu th theo boi muc phu. Nu muc phu chi ra mt hang doi ra, nut MPLS dt goi trong hang doi cu th. Nu nut MPLS duy tri nhiu LFIB cho mi giao din cua no, no su dung giao din vt ly noi goi dn d chon mt LFIB cu th phuc vu d chuyn tip goi. Thng thuong, D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 11 -
thut toan chuyn tip su dung nhiu loai thut toan d chuyn tip unicast, multicast va goi unicast voi bit ToS duoc thit lp. Tuy nhin, MPLS chi su dung mt thut toan chuyn tip dua trn trao di nhn. Mt nut MPLS co th ly ra tt ca thng tin no cn d chuyn tip nhn cng nhu d xac dinh tai nguyn danh ring cn thit bng vic truy nhp b nho don. Tra cuu tc d cao va kha nng chuyn tip lam cho chuyn mach nhn (label switching) thanh k thut chuyn mach co tinh thuc thi cao. MPLS cng co th duoc su dung d vn chuyn giao thuc Lop 3 khac nhu IPv6, IPX hoc Apple Talk tu IPv4. Dc tinh nay giup MPLS co th tuong thich tt voi vic chuyn di cac mang tu IPv4 sang IPv6. 1.4.2 M}t phng diu khin (Control Plane) Mt phng diu khin MPLS chiu trach nhim tao ra va luu tru LFIB. Tt ca cac nut MPLS phai chay mt giao thuc dinh tuyn IP d trao di thng tin dinh tuyn IP voi cac nut MPLS khac trong mang. Cac nut MPLS enable ATM s dung mt b diu khin nhn (LSC Label Switch Controller) nhu router 7200, 7500 hoc dung mt m dun xu ly tuyn (RMP Route Processor Module) d tham gia xu ly dinh tuyn IP. Cac giao thuc dinh tuyn Link-state nhu OSPF va IS-IS la cac giao thuc duoc chon vi chung cung cp cho mi nut MPLS thng tin cua toan mang. Trong cac b dinh tuyn thng thuong, bang dinh tuyn IP dung d xy dung b luu tru chuyn mach nhanh (Fast switching cache) hoc FIB Co so thng tin chuyn tip (dung boi CEF - Cisco Express Forwarding). Tuy nhin voi MPLS, bang dinh tuyn IP cung cp thng tin cua mang dich va tin t subnet su dung cho nhn ghep (binding). Cac giao thuc dinh tuyn link-state nhu OSPF gui thng tin dinh tuyn (Ilood) giua mt tp cac router khng nht thit lin k nhau, trong khi thng tin lin kt nhn (binding) chi duoc phn b giua cac router lin k bng giao thuc phn phi nhn (LDP) hoc TDP (Cisco`s Proproetary Tag Distribution Protocol). Diu nay lam giao thuc dinh tuyn link state khng thich hop voi su phn phi thng tin lin kt nhn. Tuy nhin su mo rng cac giao thuc dinh tuyn nhu PIM va BGP co th duoc su dung d phn phi thng tin lin kt nhn. Diu nay lam cho vic phn phi thng tin lin kt nhn phu hop voi vic phn phi thng tin dinh tuyn va tranh diu kin it xay ra ma tai do nut MPLS co th nhn thng tin lin kt nhn va khng co thng tin dinh tuyn thich hop. No cng lam don gian hoa toan b h thng vn hanh boi vi no ngn ngua su cn thit cua mt giao thuc ring le nhu LDP d phn phi thng tin nhn ghep. Nhung nhn trao di voi cac nut MPLS lin k duoc su dung d xy dung LFIB. MPLS su dung mt m hinh chuyn tip dua trn trao di nhn ma co th duoc kt ni voi mt pham vi cac module diu khin khac nhau. Mi module diu khin chiu trach nhim danh du, phn phi mt tp cac nhn, cng nhu chiu trach nhim du tru thng tin diu khin khac co lin quan. Cac giao thuc cng dinh tuyn trong pham vi min IGP duoc dung d xac nhn kha nng dn duoc, su lin kt va anh xa giua FEC va dia chi tram k (next-hop address). D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 12 -
Thng tin lin kt nhn chi duoc phn phi giua cac router ni truc tip voi nhau bng cach dung giao thuc phn phi LDP. Cac mdun diu khin MPLS gm: Dinh tuyn Unicast (Unicast Routing) Dinh tuyn Multicast (Multicast Routing) K thut luu luong (TraIIic Engineer) Mang ring ao (VPN Virtual private Network) Cht luong dich vu (QoS Quality oI Service)
Hinh 1.7 : Cac thanh phn mt phng du liu va mt phng diu khin cua MPLS
1.5 Cc phn tu chnh cua MPLS. Thit bi trong giao thuc MPLS co th duoc phn loai thanh LERs va LSRs D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 13 -
Hinh 1.8 : Vi tri cua LER va LSR trong mang MPLS 1.5.1 B d|nh tuyn chuyn mch nhn LSR Thanh phn co ban cua mang MPLS la thit bi dinh tuyn chuyn mach nhn LSR (Label Switch Router). Thit bi nay thuc hin chuc nng chuyn tip goi thng tin trong pham vi mang MPLS bng thu tuc phn phi nhn. Do la kha nng cn thit d hiu duoc nhn MPLS, nhn va truyn goi duoc gan nhn trn duong lin kt du liu. Cac loai LSR trong mang MPLS: O LSR li vo (Ingress LSR) xu ly luu luong di vao min MPLS O LSR chuyn tip (Transit LSR) xu ly luu luong bn trong min MPLS; O LSR li ra (Egress LSR) xu ly luu luong roi khoi min MPLS; O LSR bin (Edge LSR) thuong duoc su dung nhu la tn chung cho ca LSR li vao va LSR li ra. Nhin chung mt LSRs bt ky co 3 chuc nng chinh sau: trao doi thong tin dnh tuyn, trao doi nhn va chuyn tip goi d liu di da vao nhn. Hoat dng trao di thng tin dinh tuyn va trao di nhn xay ra trn mt phng diu khin, con vic chuyn goi du liu di la hoat dng cua mt phng du liu. Chuc nng chinh cua mt LSR la chuyn mach nhn. Boi vy mt LSR cn co mt giao thuc dinh tuyn (OSPF, RIP, EIGRP, IS-IS) va mt giao thuc phn phi nhn. So d nguyn ly chuc nng cua mt LSR duoc cho o hinh duoi dy: D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 14 -
Hinh 1.9 : Hoat dng cua LSR trong mang MPLS 1.5.2 Dung chuyn mch nhn LSP La duong dn qua mt hoc nhiu LSR cho phep goi tin chuyn qua mang trn lop chuyn tip tuong duong FEC. Duong chuyn mach nhn la mt tp hop cac LSR ma chuyn mach mt goi co nhn qua mang MPLS hoc mt phn cua mang MPLS. V co ban, LSP (Label Switch Path) la mt duong dn qua mang MPLS hoc mt phn mang ma goi di qua. LSR du tin cua LSP la mt LSR vao, nguoc lai LSR cui cung cua LSP la mt LSR ra. Tt ca cac LSR o giua LSR vao va ra chinh la cac LSR trung gian. Trong hinh 1.10 duoi dy, mi tn o trn cung chi huong boi vi duong chuyn mach nhn la duong theo mt phuong huong duy nht. Lung cua cac goi co nhn trong mt huong khac tu phai sang trai giua cung cac LSR bin s la mt LSP khac.
Hinh 1.10 Duong chuyn mach nhn (LSP) D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 15 -
LSR vao cua mt LSP khng nht thit phai la b dinh tuyn du tin gan nhn vao goi. Goi co th d duoc gan nhn boi cac LSR truoc do. Trong hinh 1.11 , ta co th thy LSP ma trai rng toan b d rng mang MPLS. Mt LSP khac bt du tai LSR thu ba va kt thuc o truoc LSR cui cung.Do do, khi mt goi di vao LSP thu hai trn cng LSR vao cua no (co nghia la LSR thu ba), no d thuc su duoc dan nhn. LSR vao cua LSP nested (ghep) sau do gan mt nhn thu hai ln trn goi. Ngn xp nhn cua goi trn LSP thu hai by gio d co 2 nhn. Nhn trn cung s phu thuc vao LSP nested (ghep), va nhn duoi cung s phu thuc vao LSP ma trai rng ht toan b mang MPLS. Duong hm diu khin luu luong du phong la mt vi du cho LSP nested (ghep)
Hinh 1.11 M hinh LSP Nested 1.5.3 Lp chuyn tip tuong duong (FEC) Lop chuyn tip tuong duong (FEC) la mt nhom hoc lung cac goi duoc chuyn tip doc theo cung mt tuyn va duoc xu ly theo cung mt cach chuyn tip. Tt ca cac goi cung thuc mt FEC s co nhn ging nhau. Tuy nhin, khng phai tt ca cac goi co cung nhn du thuc cung mt FEC, boi vi gia tri EXP cua chung co th khac nhau; phuong thuc chuyn tip khac nhau va no co th phu thuc vao FEC khac nhau. B dinh tuyn ma quyt dinh goi nao thuc mt FEC nao chinh la LSR bin vao. Dy la logic vi LSR bin vao sp xp va dan nhn vao goi. Sau dy la mt vai vi du v FEC: Nhung goi voi dia chi IP dich lop 3 khop (match) voi mt tin t nao do O Goi truyn multicast thuc nhom nao do. O Goi voi cung phuong thuc chuyn tip, dua trn thu tu uu tin hoc truong dim m DiIIServ IP (DSCP) O Khung lop 2 chuyn qua MPLS nhn duoc trn mt VC hoc mt giao din LSR bin vao va truyn trn mt VC hoc giao din trn LSR bin ra. D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 16 -
O Nhung goi voi dia chi dich IP lop 3 ma thuc mt tp tin t BGP Giao thuc cng bin, tt ca voi cung BGP buoc tip theo.
Hinh 1.12 : Lop chuyn tip tuong duong
1.6 Cc giao thc su dng trong MPLS. 1.6.1 Giao thc phn phi nhn (LDP) Nhn du tin duoc gan trn mt LRS vao va nhn nay s thuc mt LSP. Tuyn di cua goi qua mang MPLS duoc quy dinh (bound) boi mt LSP. Su thay di chinh trong qua trinh chuyn tip la nhn trn cung trong ngn xp nhn duoc trao di tai mi buoc nhay. LSR vao s gn mt hoc nhiu nhn ln goi. LSR trung gian s thuc hin vic trao di nhn trn cung (nhn di vao) cua goi nhn duoc (goi d duoc gan nhn) voi mt nhn khac (nhn di ra) va truyn goi trn duong kt ni ra. LSR ra cua LSP s ly toan b nhn cua LSP nay va chuyn tip goi. Xem xet vi du v mt phng IPv4 trn MPLS, dy la vi du don gian nht v mang MPLS. Mt phng IPv4 trn MPLS la mt mang ma bao gm mt s cac LSR chay giao thuc cng trong IGP (vi du tuyn mo ngn nht OSPF, IS IS, va giao thuc dinh tuyn cng trong nng cao EIGRP). LSR vao tim kim dia chi IPv4 dich cua goi, gan nhn, va chuyn tip goi. LSR tip theo (va bt ky LSR trung gian khac) nhn goi trao di nhn nhn voi nhn gui, va chuyn tip goi. LSR ra tach nhn va chuyn tip goi IPv4 khng co nhn trn duong kt ni ra. D thuc hin vic nay, nhung LSR lin k phai dng y voi nhn su dung cho mi tin t IGP. Do do, mi LSR trung gian phai co kha nng tinh toan d thuc hin vic trao di nhn gui va nhn nhn cho nhau. Diu nay co nghia la ta cn phai co mt k thut d bao cho b dinh tuyn bit nhn nao duoc su dung khi chuyn tip goi. Giua mi cp b dinh tuyn lin k la nhung nhn ni b. Di voi nhung b dinh tuyn lin k d dng y nhung nhn ma su dung cho tin t nao,giua chung cn co mt vai mu giao tip; nu khng, nhung b dinh tuyn D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 17 -
s khng bit nhn gui nao cn ni voi nhn nhn nao. Do do cn thit phai co giao thuc phn phi nhn. Giao thuc phn phi nhn duoc nhom nghin cuu MPLS cua IETF xy dung va ban hanh duoi tn RFC 3036. Phin ban moi nht duoc cng b nm 2001 dua ra nhung dinh nghia va nguyn tc hoat dng cua giao thuc LDP. Giao thuc phn phi nhn duoc su dung trong qua trinh gan nhn cho cac goi thng tin yu cu. Giao thuc LDP la giao thuc diu khin tach bit duoc cac LSR su dung d trao di va diu phi qua trinh gan nhn/FEC. Giao thuc nay la mt tp hop cac thu tuc trao di cac ban tin cho phep cac LSR su dung gia tri nhn thuc FEC nht dinh d truyn cac goi thng tin.
Hinh 1.13 : Giao thuc LDP voi cac giao thuc khac O Giao thc phn phi nhn LDP c cc d}c trung co ban sau dy: LDP cung cp cac k thut phat hin LSR d cho phep LSR tim kim va thit lp truyn thng. LDP dinh nghia 4 loai ban tin: - Ban tin Discovery (phat hin): Duoc dung d thng bao va luu giu su co mt cua mt LSR trong mang. LSR gui dinh ki mt ban tin Hello qua cng UDP voi dia chi da huong cua cac router trn mang con nay. D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 18 -
- Ban tin Session (quan ly phin): Duoc dung d thit lp, duy tri, huy bo cac phin giua cac LDP ngang cp (LSR). Hoat dng nay doi hoi vic gui mt ban tin khoi tao qua TCP. Sau khi hoat dng nay kt thuc, hai LSR s la LDP ngang cp. - Ban tin Advertisement (phat hanh): Duoc dung d thit lp, thay di va huy bo cac trao di nhn cho FEC. Cac ban tin nay cng duoc truyn qua TCP. Mt LSR co th yu cu mt trao di nhn voi mt LSR bn canh khi no mun. No cng co th quang bao cac trao di nhn khi no mun mt LDP ngang cp dung mt trao di nhn. - Ban tin Notification (xac nhn): Cng duoc gui qua TCP va duoc dung d cung cp cac thng tin v tinh trang, biu hin va thng tin v li. Chay trn TCP cung cp phuong thuc phn phi ban tin dang tin cy (ngoai tru cac ban tin DISCOVERY) Thit k cho phep kha nng mo rng d dang, su dung cac ban tin duoc xac dinh nhu mt tp hop cac di tuong m hoa TLV (kiu, d dai, gia tri). M hoa TLV nghia la mi di tuong bao gm mt truong kiu biu thi v loai di tuong chi dinh, mt truong d dai thng bao d dai cua di tuong va mt truong gia tri phu thuc vao truong kiu. Hai truong du tin co d dai c dinh va duoc dt tai vi tri du tin cua di tuong cho phep d dang thuc hin vic loai bo kiu di tuong ma no khng nhn ra. Truong gia tri co mt di tuong co th gm nhiu di tuong m hoa TLV hon. O Pht hin LSR ln cn Thu tuc phat hin LSR ln cn cua LDP chay trn UDP va thuc hin nhu sau: Mt LSR dinh ky gui di ban tin HELLO toi cac cng UDP d bit trong tt ca cac b dinh tuyn trong mang con cua nhom multicast. Tt ca cac LSR tip nhn ban tin HELLO nay trn cng UDP. Nhu vy, tai mt thoi dim nao do LSR s bit duoc tt ca cac LSR khac ma no co kt ni truc tip. Khi LSR nhn bit duoc dia chi cua LSR khac bng co ch nay thi no s thit lp kt ni TCP dn LSR do. Khi do phin LDP duoc thit lp giua 2 LSR. Phin LDP la phin hai chiu co nghia la mi LSR o hai du kt ni du co th yu cu va gui lin kt nhn. Trong truong hop cac LSR khng kt ni truc tip trong mt mang con (subnet) nguoi ta su dung mt co ch b sung nhu sau: LSR dinh ky gui ban tin HELLO dn cng UDP d bit tai dia chi IP xac dinh duoc khai bao khi lp cu hinh. Du nhn ban tin nay co th tra loi lai bng ban tin HELLO khac truyn mt chiu nguoc lai dn LSR gui va vic thit lp cac phin LDP duoc thuc hin nhu trn. D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 19 -
Thng thuong truong hop nay hay duoc ap dung khi giua 2 LSR co mt duong LSP cho diu khin luu luong va no yu cu phai gui cac goi co nhn qua duong LSP do.
Hinh 1.14 : Thu tuc phat hin LSR ln cn Cac thut ngu trong hinh 1.14 duoc giai thich nhu sau UDP Hello: ban tin loi chao TCP Open: yu cu mo kt ni TCP Initialization: khoi tao kt ni TCP Label Request: ban tin yu cu nhn Label Mapping: ban tin anh xa O Giao thc truyn tai tin cy Chung ta d bit, ban tin LDP duoc truyn trn giao thuc TCP, nhung vic quyt dinh su dung TCP d truyn cac ban tin LDP la mt vn d cn xem xet. Yu cu v d tin cy la rt cn thit. Nu vic lin kt nhn hay yu cu lin kt nhn duoc truyn mt cach khng tin cy thi luu luong cng khng duoc chuyn mach theo nhn. Mt vn d quan trong nua do la thu tu cac ban tin phai bao dam dung. Nhu vy liu vic su dung TCP d truyn LDP co bao dam hay khng va co nn xy dung lun chuc nng truyn tai nay trong ban thn LDP hay khng?. Vic xy dung cac chuc nng bao dam d tin cy trong LDP khng nht thit phai thuc hin toan b cac chuc nng cua TCP trong LDP ma chi cn dung lai o nhung chuc nng cn thit nht vi du nhu chuc nng diu khin tranh tc nghn duoc coi la khng cn thit trong LDP. Tuy nhin vic phat trin thm cac chuc nng dam bao d tin cy trong LDP cng co nhiu vn d cn xem xet vi du nhu cac b dinh thoi cho cac ban tin ghi nhn va khng ghi nhn, trong truong hop su dung TCP chi cn mt b dinh thoi cua TCP cho toan phin LDP. Thit k mt giao thuc truyn tai tin cy la mt vn d nan giai. D co rt nhiu c gng d cai thin TCP nhm lam tng d tin cy cua giao thuc truyn tai. Tuy nhin vn d hin nay vn chua r rang va TCP vn duoc su dung cho truyn tai LDP. D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 20 -
O Cc ban tin LDP Ban tin LDP duoc dinh nghia trong khun dang phuong tin dc lp. Muc dich nay d cac ban tin co th kt hop trong mt du liu, 11 ban tin duoc su dung trong LDP. Notification Message : Ban tin thng bao Hello Message : Ban tin loi chao Initialization Message : Ban tin khoi tao KeepAlive Message : Ban tin giu duong Address Message : Ban tin dia chi Address Withdraw Message : Ban tin thu hi dia chi Lable Mapping Message : Ban tin anh xa nhn Lable Withdraw Message : Ban tin thu hi nhn Lable Request Message : Ban tin yu cu nhn Lable Release Message : Ban tin giai phong nhn Lable Abort Request Message : Ban tin huy bo yu cu Tt ca cac ban tin LDP co khun dang sau:
Hinh 1.15 : Khun dang cac ban tin LDP Bit U: bit ban tin chua bit. Nu bit nay bng 1 thi no khng th duoc thng dich boi phia nhn, luc do ban tin bi bo qua ma khng co phan hi. Kiu ban ti: Chi ra kiu ban tin la gi. Chiu di ban tin: Chi ra chiu dai cua cac phn nhn dang ban tin, cac thng s bt buc, va cac thng s tuy chon. D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 21 -
Nhn dng ban tin: la mt s nhn dang duy nht ban tin. Truong nay co th duoc su dung d kt hop cac ban tin Thng bao voi mt ban tin khac. Thng s bt buc, v Thng s tuy chn tuy thuc vao tung ban tin LDP. Ban tin Notification: Duoc dung boi mt LSR d thng bao cho cac LSR ngang cp cua no cac quy dinh v li va cac diu bt thuong. Cac quy dinh do la: khng nhn bit qua trinh gui, cac sai lm, ban tin di tt, su kt thuc cua thoi gian tn tai, giai phong boi mt nut, li cua khoi tao phin LSP. Trong mt vai truong hop, LSR co th kt thuc phin LDP (dong kt ni TCP). Khun dang ban tin duoc chi ra trong hinh 1.16 0 1-14 15 16-30 31 0 NotiIication (0x0001) Message Length Message ID Status (TLV) Option Parameters Hinh 1.16 : Ban tin Notification Mt ID ban tin chi nhn dang mt ban tin. No duoc m hoa trong tt ca cac ban tin. Trang thai TLV chi ra trang thai cua kt qua. Cac tham s lua chon la : trang thai mo rng, trang thai tro lai, ban tin tro lai. Khi mt LSR nhn mt ban tin Notification mang m trang thai chi ra mt li khng th tranh duoc, no huy bo phin LDP nay ngay lp tuc boi vic dong phin kt ni TCP va loai bo tt ca cac lin kt voi phin bao gm ca cac lin kt nhn - FEC vua duoc lp thng qua phin. Ban tin Hello: Ban tin nay duoc thay di giua hai LDP ngang cp trong mt phin phat hin LDP. Khun dang ban tin nhu hinh v 0 1 2-14 15 16 17 - 30 31 0 0 Common Hello Parm (0x0400) Length Hold Time T R Reserved Hinh 1.17: Tham s TLV Hello chung Mt LSR luu giu ban ghi cua cac ban tin Hello duoc gui tu cac LSR ngang cp tim nng. Ban tin Hello giu thoi gian chi r thoi gian ma LSR bn gui luu trong ban ghi cua no tu LSR bn nhn ma khng cn bin nhn cua ban tin Hello khac. Mt cp LSR thuong luong thoi gian luu tru, chung dung cho cac ban tin Hello tu cac LSR D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 22 -
khac. Mi cp d nghi mt thoi gian luu tru. Thoi gian luu tru duoc dung la nho nht duoc d nghi trong cac ban tin Hello. Bit T duoc goi la Targeted Hello. T1 chi ra rng ban tin Hello la Targeted Hello. T0 chi ra rng ban tin Hello la mt lin kt. Bit R duoc goi la yu cu gui Targeted Hello. R1 thi yu cu bn nhn dinh ki gui Targeted Hello toi ngun cua ban tin Hello nay. R0 thi khng co yu cu nao ca. Tham s lua chon la cac TLV dia chi truyn giao IPv4, IPv6 va mt dy s cac hinh ma duoc dung boi LSR bn gui d phat hin hinh thay di o bn gui. Ban tin Initialization : Ban tin nay duoc thay di khi cac LDP ngang cp mun thit lp mt phin LDP. Trong thu tuc nay, cac LSR thuong luong cac tham s nhu Keep alive timer, cac kiu quang bao s duoc h tro (dong xung khng yu cu va dong xung dua trn yu cu). Nu cac nhn FR hoc ATM duoc su dung trong phin, cac quy dinh dung cho cac nhn nay cng duoc thuong luong. Khun dang ban tin duoc chi ra trong hinh 1.18 0 1-14 15 16-30 31 0 Initialization (0x0200) Message Length Message ID Common Session parameter (TLV) Option Parameters Hinh 1.18 : Ban tin Initialization Cac tham s phin chung TLV d duoc giai thich trong phn truoc. Cac tham s lua chon la cac tham s phin ATM va FR. Ban tin KeepAlive: Duoc thay di giua cac LDP ngang cp d yu cu giam sat tinh nguyn ven cua kt ni TCP h tro phin LDP. Khng co tham s lua chon trong ban tin nay. 0 1-14 15 16-30 31 0 KeepAlive (0x0201) Message Length Message ID Option Parameters Hinh 1.19 : Ban tin KeepAlive Ban tin Address: Duoc gui boi mt LSR toi LDP ngang cp cua no d quang bao cac dia chi giao din cua no. Mt LSR nhn mt ban tin dia chi dung dia chi no bit d luu tru co so du liu cho trao di giua cac b nhn din LDP ngang cp va cac dia chi hop tip theo.
D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 23 -
0 1-14 15 16-30 31 0 Address (0x0300) Message Length Message ID Address List (TLV) Option Parameters Hinh 1.20 : Ban tin Address Danh sach dia chi TLV la danh sach cua cac dia chi giao din IP duoc quang bao boi LSR bn gui. Khng co tham s lua chon cho ban tin nay. Ban tin Address Withdraw: Thao bo ban tin dia chi va rut ra mt dia chi giao din quang bao truoc do hoc cac dia chi. 0 1-14 15 16-30 31 0 Address with draw (0x0300) Message Length Message ID Address List (TLV) Option Parameters Hinh 1.21 : Ban tin Address Withdraw Danh sach dia chi TLV chua danh sach cac dia chi duoc rut ra boi LSR bn gui ban tin nay. Ban tin Label Mapping: Duoc dung d quang bao mt LDP ngang cp cac lin kt nhn FEC. Nu mt LSR phn b mt trao di cho mt FEC toi nhiu LDP ngang cp, dy la vn d ni b hoc no trao di mt nhn don toi FEC va phn b su trao di nay toi tt ca cac peer cua no hoc dung cac trao di khac nhau cho mi peer cua no. Cng vy, mt LSR nhn mt ban tin trao di nhn tu LSR dong xung voi mt tin t hoc dia chi host FEC, va khng nn dung nhn cho chuyn tip nu bang dinh tuyn cua no khng chua mt cng phu hop voi gia tri FEC. 0 1-14 15 16-30 31 0 Label Mapping (0x0400) Message Length Message ID FEC TLV Label TLV Option Parameters Hinh 1.22 : Ban tin Lable Mapping D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 24 -
Di nhin, ban tin nay phai chua cac dia chi IP va cac lin kt nhn cua no. FEC TLV chi r phn FEC cua trao di nhn-FEC duoc quang bao. Nhn TLV chi r phn nhn cua trao di nhn-FEC. Cac TLV lua chon la ID ban tin yu cu nhn, s luong hop va vector tuyn. Ban tin Label Request: Duoc dung boi mt LSR d yu cu LDP peer do cung cp mt lin kt nhn cho mt FEC. Mt LSR co th truyn mt ban tin Request duoi bt cu diu kin nao sau dy: LSR nhn ra mt FEC moi thng qua ban chuyn tip va hop bn canh la mt LDP peer, va LSR khng co trao di tu hop bn canh do di voi FEC duoc nhn ra. Hop tip theo thay di FEC, va LSR khng co trao di tu hop bn canh do di voi FEC duoc nhn ra. LSR nhn mt yu cu nhn cho mt FEC tu peer LDP dong ln, FEC cua hop tip theo la mt peer LDP, va LSR khng co trao di tu hop bn canh. 0 1 - 14 15 16 - 30 31 0 Label Request (0x0401) Message Length Message ID FEC TLV Option Parameters Hinh 1.23 : Ban tin Label Request FEC TLV nhn dang gia tri nhn duoc yu cu. Cac TLV lua chon la s luong hop va vector tuyn. Ban tin Label Withdraw: Huy bo mt trao di giua FEC va nhn. No gui mt LDP peer d thng bao cho nut do khng tip tuc dung lin kt nhn-FEC dc trung ma LSR d quang bao truoc do. LSR truyn ban tin Label Withdraw duoi cac diu kin sau: LSR khng nhn ra mt FEC duoc nhn bit truoc do ma no quang bao mt nhn. LSR quyt dinh khng nhn nao chuyn FEC voi trao di nhn dang bi huy bo.
D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 25 -
0 1-14 15 16-30 31 0 Label Withdraw (0x0402) Message Length Message ID FEC TLV (optional) Label TLV Option Parameters Hinh 1.24 : Ban tin Label Withdraw FEC TLV chi r FEC cho cac nhn bi huy bo. Nu khng co nhn TLV theo sau FEC, tt ca cac nhn lin kt voi FEC bi huy bo. Mt khac, chi co nhn duoc chi r trong nhn TLV lua chon bi huy bo. LSR nhn mt ban tin Label Request phai tra loi lai voi ban tin Label Release. Ban tin Label Release: Thng bao cho peer LDP bn gui v LSR khng dai hon cn cac lin kt nhn-FEC dc trung. Mt LSR phai truyn mt ban tin Label Release duoi cac diu kin sau: 0 1-14 15 16-30 31 0 Label Release (0x0403) Message Length Message ID FEC TLV Label TLV (optional) Option Parameters Hinh 1.25 : Ban tin Label Release LSR gui trao di nhn khng dai hon hop tip theo cho vic trao di nhn va LSR la hinh th cho su duy tri hoat dng. LSR nhn mt trao nhn tu mt LSR khng phai la hop tip theo di voi FEC va LSR la hinh th cho su duy tri hoat dng. LSR nhn mt ban tin Label Withdraw. Ban tin Label Abort Request: Kt thuc ban tin Label Request ni bt. Co rt nhiu ly do khac nhau cho vic dua ra ban tin Abort nhu quang bao tin t OSPF va BGP d thay di hoat dng yu cu nhn.
D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 26 -
0 1-14 15 16-30 31 0 Label Request (0x0401) Message Length Message ID FEC TLV LSPID TLV (CR-LDP, mandatory) ER-TLV (CR-LDP, optional) TraIIic TLV (CR-LDP, optional) Pinning TLV (CR-LDP, optional) Hinh 1.26 : Ban tin Label Abort Request O Cc ch d phn phi nhn: Chung ta d bit mt s ch d hoat dng trong vic phn phi nhn nhu: khng yu cu phia truoc, theo yu cu phia truoc, diu khin LSP theo lnh hay dc lp, duy tri tin tin hay bao thu. Cac ch d nay duoc thoa thun boi LSR trong qua trinh khoi tao phin LDP. Khi LSR hoat dng o ch d duy tri bao thu, no s chi giu nhung gia tri Nhn/FEC ma no cn tai thoi dim hin tai. Cac chuyn di khac duoc giai phong. Nguoc lai trong ch d duy tri tin tin, LSR giu tt ca cac chuyn di ma no duoc thng bao ngay ca khi mt s khng duoc su dung tai thoi dim hin tai. Hoat dng cua cac ch d nay nhu sau: LSR1 gui gn kt nhn vao mt s FEC dn mt trong cac LSR ln cn (LSR2) no cho FEC do. LSR2 nhn thy LSR1 hin tai khng phai la nut tip theo di voi FEC do va no khng th su dung gn kt nay cho muc dich chuyn tip tai thoi dim hin tai nhung no vn luu vic gn kt nay lai. Tai thoi dim nao do sau nay co su xut hin thay di dinh tuyn va LSR1 tro thanh nut tip theo cua LSR2 di voi FEC do thi LSR2 s cp nht thng tin trong bang dinh tuyn tuong ung va co th chuyn tip cac goi co nhn dn LSR1 trn tuyn moi cua chung. Vic nay duoc thuc hin mt cach tu dng ma khng cn dn bao hiu LDP hay qua trinh phn b nhn moi. Uu dim lon nht cua ch d duy tri tin tin do la kha nng phan ung nhanh hon khi co su thay di dinh tuyn. Nhuoc dim lon nht la lng phi b nho va nhn. Diu nay dc bit quan trong va co anh huong rt lon di voi nhung thit bi luu tru bang dinh tuyn trong phn cung nhu ATM-LSR. Thng thuong ch d duy tri bao thu nhn duoc su dung trong cac ATM-LSR.
1.6.2 Giao thc CR-LDP. Giao thuc CR-LDP duoc su dung d diu khin cung buc LDP. Giao thuc nay la phn mo rng cua LDP cho qua trinh dinh tuyn cung buc cua LSP. Cng ging nhu D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 27 -
LDP, no su dung cac phin TCP giua cac LSR dng cp d gui cac ban tin phn phi nhn. O Khi nim d|nh tuyn cung bc V co ban chung ta co th dinh nghia dinh tuyn cung buc nhu sau. Mt mang co th duoc biu din duoi dang so d theo V va E G(V,E) trong do V la tp hop cac nut mang va E la tp hop cac knh kt ni giua cac nut mang. Mi knh s co cac dc dim ring. Duong kt ni giua nut thu nht dn nut thu hai trong cp phai thoa mn mt s diu kin cung buc. Tp hop cac diu kin cung buc nay duoc coi la cac dc dim cua cac knh va chi co nut du tin trong cp dong vai tro khoi tao duong kt ni moi bit cac dc dim nay. Nhim vu cua dinh tuyn cung buc la tinh toan xac dinh duong kt ni tu nut nay dn nut kia sao cho duong nay khng vi pham cac diu kin cung buc va la mt phuong an ti uu theo mt tiu chi nao do (s nut it nht hoc duong ngn nht). Khi d xac dinh duoc mt duong kt ni thi dinh tuyn cung buc s thuc hin vic thit lp, duy tri va truyn trang thai kt ni doc theo cac knh trn duong. Dim khac nhau chinh giua dinh tuyn IP truyn thng va dinh tuyn cung buc do la: thut toan dinh tuyn IP truyn thng chi tim ra duong ti uu ung voi mt tiu chi (vi du nhu s nut nho nht); trong khi do thut toan dinh tuyn cung buc vua tim ra mt duong ti uu theo mt tiu chi nao do dng thoi phuong an do phai khng vi pham diu kin cung buc. Yu cu khng vi pham cac diu kin cung buc la dim khac nhau co ban d phn bit giua dinh tuyn cung buc va dinh tuyn thng thuong. Trn dy chung ta d d cp dn vic tim duong khng vi pham cac diu kin cung buc, tip theo chung ta s tim hiu th nao la cac diu kin cung buc. Mt diu kin cung buc phai la diu kin giup ta tim ra mt duong co cac tham s hoat dng nht dinh, d rng bng tn kha dung cua knh truyn la mt yu t quan trong trong vic dinh tuyn cung buc. Ngoai ra diu kin cung buc cng co th la vic quan tri. Vi du nhu mt nha quan tri mang mun ngn khng cho mt luu luong loai nao do khng duoc di qua mt s knh nht dinh trong mang, trong do cac knh duoc xac dinh boi cac dc dim cu th. Cng ging nhu diu kin cung buc la kha nng cua knh, diu kin cung buc la quan tri ung voi cac duong khac nhau cng co th co cac diu kin cung buc la quan tri khac nhau. Vi du nhu di voi mt cp nut, duong tu nut thu nht trong cp toi nut thu hai co th bao gm mt tp hop knh co mt s dc dim nht dinh bi loai ra, trong khi di voi mt cp khac thi lai co mt tp knh khac bi loai ra Dinh tuyn cung buc co th kt hop ca hai diu kin cung buc la quan ly va tinh nng cua knh chu khng nht thit la chi mt trong hai diu kin. Vi du nhu dinh tuyn cung buc phai tim ra duong vua phai co mt d rng bng tn nht dinh vua phai loai tru mt s knh co dc dim nht dinh.
O Cc phn tu d|nh tuyn cung bc D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 28 -
D mt h thng dinh tuyn IP co th h tro dinh tuyn cung buc, no phai thoa mn cac dc dim sau: -Kha nng tinh toan va xac dinh duong tai phia ngun. -Kha nng phn phi thng tin v cu truc mang va dc dim cac knh toi tt ca cac nut trong mang. -H thng phai h tro dinh tuyn hin. Tai nguyn mang co th du phong va cac thng s cua knh co th thay di duoc khi truyn luu luong tuong ung trn tuyn. O Diu kin cung bc "chn dung ngn nht" Nhu d d cp o trn, dinh tuyn cung buc phai tinh toan xac dinh duoc duong thoa mn cac diu kin sau: -La ti uu theo mt tiu chi nao do (vi du nhu duong ngn nht hoc s nut it nht) -Khng vi pham cac diu kin cung buc. Mt trong cach thoa mn tiu chi ti uu la su dung thut toan 'truoc tin la duong ngn nht (SPF). Thut toan SPF trong dinh tuyn IP don gian, vic tinh toan xac dinh duong phai ti uu theo mt tiu chi nao do (vi du nhu khoang cach). Vi vy d tinh toan xac dinh duong khng vi pham cac diu kin cung buc chung ta cn sua di thut toan sao cho no tinh dn cac diu kin cung buc. Chung ta hy xem xet mt thut toan loai nay do la: diu kin cung buc 'chon duong ngn nht (CSPF). V tng quat, thu tuc kim tra xem knh co thoa mn mt diu kin cung buc cu th la dc dim cua dinh tuyn cung buc. Vi du nhu nu diu kin cung buc cn thoa mn la d rng bng tn kha dung, khi do chung ta cn kim tra d rng bng tn kha dung cua knh co lon hon mt gia tri d rng bng tn duoc chi ra trong diu kin cung buc; chi khi thoa mn chung ta moi kim tra nut W o du kia cua knh. D kim tra knh co thoa mn mt diu kin cung buc cu th nao do thi chung ta phai bit truoc cac thng tin cua knh tuong co lin quan dn diu kin cung buc. Vi du nhu khi diu kin cung buc cn thoa mn la d rng bng tn kha dung thi thng tin cn co la d rng bng tn kha dung cua tung knh. Luu y rng thut toan tinh toan xac dinh duong su dung trong CSPF, yu cu b dinh tuyn thuc hin vic tinh toan xac dinh duong phai co cac thng tin v tt ca cac knh trong mang. Diu do co nghia la chi mt s loai giao thuc dinh tuyn co th h tro dinh tuyn cung buc do la cac giao thuc dinh tuyn theo trang thai knh (vi du nhu IS-IS, OSPF). Con cac giao thuc dinh tuyn theo vector khoang cach (vi du nhu RIP) khng h tro dinh tuyn cung buc. D minh hoa cho CSPF, chung ta hy xem xet vi du trn hinh 1-27. Chung ta gia su rng d dai tt ca cac knh du bng nhau va co gia tri la 1. Chung ta cng gia su rng tt ca cac knh du co d rng bng tn kha dung la 150 Mb/s, ngoai tru knh ni tu LSR2 dn LSR4 co d rng bng tn kha dung la 45 Mb/s. Nhim vu cua chung ta la tim duong tu LSR1 dn LSR6 sao cho co d dai ngn nht va d rng bng tn kha D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 29 -
dung phai lon hon hoc bng 100 Mb/s. O dy diu kin cung buc cn thoa mn la d rng bng tn kha dung.
Hinh 1.27 : Vi du v CSPF Khoi du cy duong ngn nht (co gc o LSR1) chi co nut LSR1. Tip theo chung ta kim tra hai nut bn canh LSR1 do la LSR2 va LSR3 voi luu y rng d rng bng tn kha dung cua knh (LSR1-LSR2) va (LSR1-LSR3) du lon hon gia tri cn thit la 100 Mb/s. Kt lun khng knh nao vi pham diu kin cung buc, vi vy chung ta b sung LSR2 va LSR3 vao danh sach 'ung cu. Tip theo chung ta tim nut co khoang cach ngn nht dn LSR1 trong danh sach cac nut 'ung cu. Nut nay la LSR2 (o dy ca hai nut LSR2 va LSR3 du co khoang cach nhu nhau dn LSR1 vi vy co th chon ngu nhin la LSR2), chung ta b sung no vao cy duong ngn nht (LSR1, LSR2) va xoa no khoi danh sach cac nut 'ung cu. Kt thuc mt vong cua thut toan. Vong thu 2 chung ta kim tra nut canh nut LSR2 la LSR4. Voi nut nay chung ta thy rng d rng bng tn kha dung trn knh (LSR2-LSR4) nho hon d rng bng tn yu cu. Vi vy knh nay khng thoa mn diu kin cung buc va chung ta khng b sung LSR4 vao danh sach nut 'ung cu. Chung ta vn con LSR3 trong danh sach nut 'ung cu, vi vy ta b sung no vao cy duong ngn nht (LSR1, LSR3) va xoa no khoi danh sach 'ung cu. Kt thuc vong thu hai cua thut toan. Tai vong thu 3 cua thut toan, chung ta kim tra nut canh nut LSR3 la nut LSR5. Voi nut nay chung ta thy rng d rng bng tn kha dung trn knh (LSR3-LSR5) lon hon d rng bng tn yu cu. Vi vy knh nay thoa mn diu kin cung buc va ta b sung no vao danh sach nut 'ung cu. Tip theo chung ta tim trong danh sach cac nut 'ung cunut co khoang cach ngn nht toi LSR1 la nut LSR5. Vi vy ta b sung LSR5 vao cy duong ngn nht (LSR1, LSR3, LSR5) va xoa LSR5 khoi danh sach 'ung cu. Kt thuc vong thu 3 cua thut toan. Tai vong thu 4 cua thut toan, ta km tra nut canh nut LSR5 la LSR4. Voi nut nay chung ta thy rng d rng bng tn kha dung trn knh (LSR5-LSR4) lon hon d rng bng tn yu cu. Vi vy knh nay thoa mn diu kin cung buc va ta b sung no vao danh sach nut 'ung cu. Tip theo chung ta tim trong danh sach cac nut 'ung D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 30 -
cunut co khoang cach ngn nht toi LSR1 la nut LSR4. Vi vy ta b sung LSR5 vao cy duong ngn nht (LSR1, LSR3, LSR5, LSR4) va xoa LSR4 khoi danh sach 'ung cu. Kt thuc vong thu 4 cua thut toan. Tai vong thu 5 cua thut toan, ta km tra nut canh nut LSR5 la LSR6 va LSR7. Voi nut nay chung ta thy rng d rng bng tn kha dung trn cac knh (LSR4-LSR6) va (LSR4-LSR7) lon hon d rng bng tn yu cu. Vi vy knh nay thoa mn diu kin cung buc va ta b sung LSR6 va LSR7 vao danh sach nut 'ung cu. Tip theo chung ta nhn thy rng trong danh sach cac nut 'ung cu co nut LSR6 co khoang cach ngn nht toi LSR1. Vi vy ta b sung LSR6 vao cy duong ngn nht (LSR1, LSR3, LSR5, LSR4, LSR6) va xoa LSR6 khoi danh sach 'ung cu. Tai dy chung ta nhn thy cy duong ngn nht d co chua nut LSR6 la nut dich cua duong cn tim. Vi vy thut toan kt thuc o dy. Kt qua duong ngn nht tu LSR1 dn LSR6 la (LSR1, LSR3, LSR5, LSR4, LSR6). Chung ta co th nhn thy duong nay khac voi duong duoc xac dinh theo thut toan SPF co th la (LSR1, LSR2, LSR4, LSR6). CR-LDP la giao thuc mo rng tu LDP (RFC 3212) nhm h tro dc bit cho dinh tuyn rang buc, k thut luu luong (TE) va cac hoat dng du tru tai nguyn. Cac kha nng cua CR-LDP tuy chon bao gm thuong luong cac tham s luu luong nhu cp phat bng thng, thit lp va cm giu quyn uu tin.
1.6.3 Giao thc d}t truc ti nguyn (RSVP). Sau khi d xem xet nhung thanh phn chinh trong cu truc dich vu tich hop, trong phn nay chung ta s tp trung vao giao thuc bao hiu RSVP la giao thuc bao hiu dong vai tro rt quan trong trong MPLS. RSVP la giao thuc cho phep cac ung dung thng bao cac yu cu v QoS voi mang va mang s dap ung bng nhung thng bao thanh cng hoc tht bai. RSVP phai mang nhung thng tin sau: - Thng tin phn loai, nho no ma cac lung luu luong voi cac yu cu QoS cu th co th duoc nhn bit trong mang. Thng tin nay bao gm dia chi IP phia gui va phia nhn, s cng UPD. - Chi tiu k thut cua lung luu luong va cac yu cu QoS, theo khun dang TSpec va RSpec, bao gm cac dich vu yu cu (co bao dam hoc tai diu khin). R rang la RSVP phai mang nhung thng tin nay tu cac may chu toi tt ca cac tng dai chuyn mach va cac b dinh tuyn doc theo duong truyn tu b gui dn b nhn, vi vy tt ca cac thanh phn mang nay tham gia vao vic dam bao cac yu cu QoS cua ung dung. RSVP mang cac thng tin trong hai loai ban tin co ban la: PATH va RESV. Cac ban tin PATH tu b gui toi mt hay nhiu b phn co chua TSpec va cac thng tin phn loai do b gui cung cp. Mt ly do cho phep co nhiu b nhn la RSVP duoc thit k d h tro nhiu multicast. Mt ban tin PATH bao gio cng duoc gui toi mt D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 31 -
dia chi goi la dia chi phin, no co th la dia chi unicast hoc multicast Chung ta thuong xem phin dai din cho mt ung dung don, no duoc xac nhn bng mt dia chi dich va s cng dich su dung ring cho ung dung. Trong phn tip theo chung ta s thy rng khng co ly do nao d xem xet mt phin theo cach han ch nhu vy. Khi b nhn nhn duoc ban tin PATH, no co th gui ban tin RESV tro lai cho b gui. Ban tin RESV xac nhn phin co chua thng tin v s cng danh ring va RSpec xac nhn muc QoS ma b phn yu cu. No cng bao gm mt vai thng tin xem xet nhung b gui nao duoc phep su dung tai nguyn dang duoc cp phat. K3 1.28 biu din trinh tu ban tin trao di giua b gui va nhn. O dy chung ta luu y rng cac cng danh ring la don cng. Nu cn su dung cac cng danh ring song cng (vi du nhu phuc vu cho thoai truyn thng) thi phai co cac ban tin b sung theo chiu nguoc lai. Cng chu y rng cac ban tin duoc nhn va chuyn tip boi tt ca cac b dinh tuyn doc theo duong truyn thng tin, do do vic cp phat tai nguyn co th thuc hin tai tt ca cac nut mang cn thit.
Hinh 1.28 : Thu tuc bao hiu trong RSVP Khi cac cng danh duoc thit lp, cac b dinh tuyn nm giua b gui va b nhn s xac dinh cac goi tin thuc cng danh ring nao nho vic kim tra nm truong trong phn mao du cua IP va giao thuc truyn tai do la: dia chi dich, s cng dich, s giao thuc (vi du UDP), dia chi ngun va cng ngun. Chung ta goi tp cac goi tin duoc nhn dang theo cach nay la lung danh ring. Cac goi tin trong lung danh ring thuong bi khng ch (dam bao cho lung khng phat sinh luu luong vuot qua s thng bao trong TSpec) va xp vao hang doi d phu hop voi yu cu v QoS. Vi du mt cach d co dich vu dam bao la su dung hang doi co trong s (WFQ), o dy mi cng danh ring khac nhau duoc xem nhu mt lung di voi cac hang doi, va trong s duoc n dinh cho mi lung phu hop voi tc d dich vu yu cu trong RSpec cua no. Di voi cac lung unicast thi RSVP la kha don gian. No tro ln phuc tap hon trong mi truong multicast, boi vi co rt nhiu b nhn danh ring cng cho mt phin don va cac b nhn khac nhau co th yu cu cac muc QoS khac nhau. Hin nay MPLS chu yu tp trung vao cac ung dung unicast cua RSVP, chung ta s khng di su vao khia canh multicast cua RSVP. Dim cui cung phai chu y v RSVP la no la giao thuc 'trang thai mm. Dc tinh d phn bit giao thuc trang thai mm voi cac giao thuc loai khac la trang thai s tu D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 32 -
dng ht hiu luc sau mt thoi gian tru khi no duoc lam tuoi lin tuc theo chu ky. Diu do co nghia la RSVP s dinh ky gui di cac ban tin PATH va RESV d lam tuoi cac cng danh ring. Nu chung khng duoc gui trong mt khoang thoi gian xac dinh thi cac cng danh ring tu dng huy bo. O MPLS h tr RSVP Trong phn nay chung ta chi tp trung vao vai tro cua RSVP trong mang MPLS v khia canh h tro QoS. Muc tiu du tin cua vic b xung h tro RSVP vao MPLS la cho phep cac LSR dua vao vic phn loai goi tin theo nhn chu khng phai theo mao du IP nhn bit cac goi tin thuc cac lung cua cng danh ring. Noi cach khac, cn phai tao va kt hop phn phi giua cac lung va cac nhn cho cac lung co cac cng danh ring cho RSVP. Chung ta co th xem xet mt tp cac goi tin tao ra bang boi cng danh ring RSVP nhu la mt truong hop ring khac cua FEC. Diu nay tro ln kha d dang d kt hop cac nhn voi cac lung danh ring trong RSVP, it nht la voi unicast. Chung ta dinh nghia mt di tuong RSVP moi la di tuong LABEL duoc mang trong ban tin RSVP RESV. Khi mt LSR mun gui ban tin RESV cho mt lung RSVP moi, LSR cp phat mt nhn tu trong tp nhn ri, tai mt li vao trong LFIB cua no voi nhn li vao duoc dt trong nhn cp phat, va gui di ban tin RESV co chua nhn nay trong di tuong LABEL. Chu y la cac ban tin RESV truyn tu b nhn toi b gui la duoi dang cp phat nhn xui. Khi nhn duoc ban tin RESV chua di tuong LABEL, mt LSR thit lp LFIB cua no voi nhn nay la nhn li ra. Sau do no cp phat mt nhn d su dung nhu la mt nhn li vao va chen no vao ban tin RESV truoc khi gui no di. R rang la, khi cac ban tin RESV truyn ln LSR nguoc thi LSP duoc thit lp doc theo tuyn duong. Cng chu y la, khi cac nhn duoc cung cp trong cac ban tin RESV, mi LSR co th d dang kt hop cac tai nguyn QoS phu hop voi LSP. K3 1.29 minh hoa qua trinh trao di nay. Trong truong hop nay chung ta gia su cac may chu khng tham gia vao vic phn phi nhn. LSR R3 cp phat nhn 5 cho cng danh ring nay va thng bao no toi R2. R2 cp phat nhn 9 cng cho cng danh ring nay va thng bao no toi R1. By gio d co mt LSP cho lung danh ring tu R1 toi R3. Khi cac goi tin tuong ung voi cng danh ring nay (vi du goi tin gui tu H1 toi H2 voi s cng ngun, dich thich hop va s giao thuc giao vn thich hop) toi R1, R1 phn bit no bng cac thng tin mao du IP va lop truyn tai d tao ra QoS thich hop cho cng danh ring.vi du nhu dc dim va hang doi cac goi tin trong hang doi li ra. Noi cach khac. No thuc hin cac chuc nng cua mt b dinh tuyn tich hop dich vu su dung RSVP. Hon nua R1 dua mao du nhn vao cac goi tin va chen gia tri li ra la 9 truoc khi gui chuyn tip goi tin toi R2. D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 33 -
Hinh 1.29 : Nhn phn phi trong ban tin RESV Khi R2 nhn goi tin mang nhn 9, no tim kim nhn do trong LFIB va tim tt ca cac trang thai lien quan dn QoS d xem kim xoat lung, xp hang doi goi tin v.v... nhu th nao. Diu nay tt nhin khng cn kim tra mao du lop IP hay lop truyn tai. Sau do R2 thay th nhn trn goi tin voi mt nhn li ra tu LFIB cua no (mang gia tri 5) va gui goi tin di. Luu y rng, do vic tao ra nhn kt hop duoc diu khin boi cac ban tin RSVP vi vy vic kt hop duoc diu khin nhu trong cac mi truong khac cua MPLS. Cng chu y la dy cng la mt vi du chung to vic mang thng tin kt hop nhn trn mt giao thuc co sn khng cn mt giao thuc ring nhu LDP. Mt kt qua thu vi cua vic thit lp mt LSP cho mt lung voi cng danh ring RSVP la chi co b dinh tuyn du tin trong LSP ma trong vi du trn la R1 lin quan toi vic xem liu cac goi tin thuc lung danh ring nao. Diu nay cho phep RSVP duoc ap dung trong mi truong MPLS theo cach ma no khng th thuc hin duoc trong mang IP truyn thng. Theo qui uoc, cac cng danh ring RSVP co th tao chi cho nhung lung ung dung ring le, tuc la nhung lung duoc xac dinh nho nm truong mao du nhu m ta phia truoc. Tuy nhin, co th dt cu hinh R1 d lua chon cac goi tin dua trn mt s tiu chun. Vi du R1 co th ly tt ca cac goi tin co cung mt tin t ung voi mt dich va dy chung vao LSP. Vi vy, thay vi co mt LSP cho mi lung ung dung ring, mt LSP co th cung cp QoS cho nhiu lung luu luong. Mt ung dung cua kha nng nay la co th cung cp 'duong ng voi bng thng dam bao tu mt Site cua cng ty lon toi mt Site khac, thay vi su dung duong thu bao ring giua cac Site nay. Kha nng nay cng huu ich cho muc dich diu khin luu luong, o dy mt luu luong lon cn duoc gui doc theo cac LSP voi bng thng du d tai luu luong. D h tro mt vai cach su dung tng cuong cua RSVP, MPLS dinh nghia mt di tuong RSVP moi co th mang trong ban tin PATH la: Di tuong LABELREQUEST. Di tuong nay thuc hin hai chuc nng: Thu nht no duoc su dung d thng bao cho mt LSR tai phia cui cua LSP gui RESV tro v d thit lp LSP. Diu nay huu ich cho vic thit lp cac LSP Site-to-Site. Thu hai khi LSP duoc thit lp cho mt tp cac goi tin, khng chi la mt lung ung dung ring. Di tuong chua mt truong d xac dinh giao thuc lop cao hon s su dung LSP. Truong nay duoc su dung ging nhu ethertype hoc tuong tu nhu m d phn knh d xac dinh giao thuc lop cao hon (IPv4, IPX, v.v.), vi vy s khng co truong phn knh trong mao du MPLS nua. D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 34 -
Do vy, mi LSP co th cn duoc thit lp cho mi giao thuc lop cao hon nhung o dy khng gioi han nhung giao thuc nao duoc h tro. Dc bit khng yu cu cac goi tin mang trong LSP duoc thit lp su dung RSVP phai la cac goi tin IP.
O RSVP v kha nng mo rng Mt trong nhung diu chc chn v RSVP la no co th chiu tn tht v kha nng mo rng o mt muc nao dy. Trong thuc t, dc tinh nay khng chinh xac hoan toan. RSVP khoi du duoc thit k d h tro du tru tai nguyn cho cac lung ung dung ring va dy la nhim vu voi nhung thach thuc v kha nng mo rng vn co. Chinh xac thi kha nng mo rng la gi? Noi chung thut ngu nay duoc su dung d chi gioi han su dung tai nguyn tng nhanh nhu th nao khi mang lon hon. Vi du trong mang IP quy m lon nhu mang xuong sng nha cung cp dich vu Internet, chung ta co th quan tm dn vic liu mt bang dinh tuyn s chim b nho cua b dinh tuyn lon dn muc nao, kha nng b xu ly va bng thng lin kt. Vi th, bang dinh tuyn tng chm hon so voi s nguoi su dung kt ni vao mang. Du tru tai nguyn cho cac lung ung dung ring r rang la anh huong xu dn kha nng mo rng. Chung ta co th cho rng mi nguoi su dung s du tru tai nguyn tai mt vai tc d trung binh, vi th s tai nguyn du tru duoc tao ra qua mang lon co kha nng tng nhanh bng s nguoi su dung mang. Diu nay s dn dn chi phi lon nu mi b dinh tuyn phai luu tru trang thai va tin trinh mt vai ban tin cho mi tai nguyn du tru cho lung ung dung ring. Noi tom lai, s chinh xac hon nu noi rng muc du tru tai nguyn cho cac lung ung dung la kem hon so voi RSVP. Su khac nhau nay dc bit quan trong khi chung ta xem xet rng RSVP khng nhung doi hoi cho vic luu tru tai nguyn cho cac lung ung dung ring ma con du tru tai nguyn cho luu luong tng hop. 1.6.4 Giao thc cng bin BGP Giao thuc cng bin (BGP - Border Gateway Protolcol) co mt s tinh cht khac bit voi cac b giao thuc d gioi thiu trn dy, quan trong nht BGP khng phai thun tuy la mt giao thuc vector khoang cach va cng khng thun tuy la giao thuc trang thai lin kt. No dc trung boi mt s tinh cht sau: O Su dung d thng tin lin lac voi cac h tu quan AS. O Phi hop giua nhiu b dinh tuyn su dung BGP. O Nhn ban thng tin v tinh lin kt. O Cung cp thng tin v m hinh tram k tip theo vector khoang cach. O H tro tuy chon cac chinh sach cho nguoi quan tri mang. D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 35 -
O Giao thuc cng bin gioi su dung TCP trong thng tin lin lac d chuyn tai dang tin cy. O Giao thuc BGP cho phep thng tin v con duong di tu ngun toi dich. O H tro dia chi khng phn lop va dinh tuyn lin vung CIDR. O Tich lu thng tin v tuyn duong d bao v bng thng cua mang qua vic gui mt ln cho nhiu dich dn. O BGP cho phep co ch xac minh ban tin, kim chung tn cua noi gui tin. Mt s gii hn co ban cua giao thc cng bin gii nhu sau: O Mt giao thuc cng bin gioi khng thng tin hay din dich cac gia tri v khoang cach ca khi cac gia tri nay tn tai, va thm vao do la khng co su so sanh v gia cua cac tuyn duong. O BGP thng bao nhiu tuyn duong toi dich nhung khng cung cp co ch chia tai. O BGP khng h tro vic chia se giao dich ra du trn cac b dinh tuyn trn cac h tu quan bt ky. O D co duoc su dinh tuyn hop ly hoa, tt ca cac h tu quan trong mi truong mang Internet phai thng nht voi nhau v mt m hinh cho vic thng bao v tinh kt ni. Nghia la, ban thn BGP khng dam bao cho thng nht toan cuc. 1.7 D}c dim vut tri cua MPLS so vi IP over ATM. Khi hop nht voi chuyn mach ATM, chuyn mach nhn tn dung nhung thun loi cua cac t bao ATM - chiu dai thich hop va chuyn voi tc d cao. Trong mang da dich vu chuyn mach nhn cho phep chuyn mach BPX/MGX nhm cung cp dich vu ATM, Frame, Replay va IP Internet trn mt mt phng don trong mt duong di tc d cao. Cac mt phng (PlatIorm) cng cng h tro cac dich vu nay d tit kim chi phi va don gian hoa hoat dng cho nha cung cp da dich vu. ISP su dung chuyn mach ATM trong mang li, chuyn mach nhn giup cac dong Cisco, BPX8600, MGX8800, Router chuyn mach da dich vu 8540 va cac chuyn mach Cisco ATM giup quan li mang hiu qua hon xp chng (overlay) lop IP trn mang ATM. Chuyn mach nhn tranh nhung rc ri gy ra do co nhiu router ngang hang va h tro cu truc phn cp (hierarchical structure) trong mt mang cua ISP. - S tch hp: MPLS xac nhp tinh nng cua IP va ATM chu khng xp chng lop IP trn ATM. MPLS giup cho co so ha tng ATM thy duoc dinh tuyn IP D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 36 -
va loai bo cac yu cu anh xa giua cac dc tinh IP va ATM. MPLS khng cn dia chi ATM va k thut dinh - D tin cy cao hon: Voi co so ha tng ATM, MPLS co th kt hop hiu qua voi nhiu giao thuc dinh tuyn IP over ATM thit lp mt mang luoi (mesh) dich vu cng cng giua cac router xung quanh mt dam my ATM. Tuy nhin co nhiu vn d xay ra do cac PCV link giua cac router xp chng trn mang ATM. Cu truc mang ATM khng th thy b dinh tuyn. Mt link ATM bi hong lam hong nhiu router-to-router link, gy kho khn cho luong cp nht thng tin dinh tuyn va nhiu tin trinh xu li keo theo. - Trc tip thc thi cc loi d|ch v: MPLS su dung hang doi va b dm cua ATM d cung cp nhiu loai dich vu khac nhau. No h tro quyn uu tin IP va cp dich vu CoS trn chuyn mach ATM ma khng cn chuyn di phuc tap sang cac lop ATM Forum Service. - H tr hiu qua cho Mulicast v RSVP: Khac voi MPLS, xp lop IP trn ATM nay sinh nhiu bt loi, dc bit trong vic h tro cac dich vu IP nhu IP muticast va RSVP (giao thuc danh truoc tai nguyn). MPLS h tro cac dich vu nay, k thua thoi gian va cng vic theo cac chun va khuyn khich tao nn anh xa xp xi cua cac dc trung IP&ATM - S do lung v quan l VPN: MPLS co th tinh duoc cac dich vu IP VPN va rt d quan li cac dich vu VPN quan trong d cung cp cac mang IP ring trong co so ha tng cua no. Khi mt ISP cung cp dich vu VPN h tro nhiu VPN ring trn mt co so ha tng don.Voi mt duong truc MPLS, thng tin VPN chi duoc xu li tai mt dim ra vao. Cac goi mang nhn MPLS di qua mt duong truc va dn dim ra dung cua no. Kt hop MPLS voi MP- BGP (da giao thuc cng bin) tao ra cac dich vu VNP dua trn nn MPLS (MPLS-based VNP) d quan li hon voi su diu hanh chuyn tip d quan li phia VNP va cac thanh vin VNP, dich vu MPSL-based VNP con co th mo rng d h tro hang trm nghin VPN. - Giam tai trn mng li: Cac dich vu VPN huong dn cach MPLS h tro moi thng tin dinh tuyn d phn cp. Hon nua, co th tach roi cac dinh tuyn Internet khoi li mang cung cp dich vu. Ging nhu du liu VPN, MPSL chi cho phep truy sut bang dinh tuyn Internet tai dim ra vao cua mang. Voi MPSL, ki thut luu luong truyn o bin cua AS duoc gn nhn d lin kt voi dim tuong ung. Su tach roi cua dinh tuyn ni khoi dinh tuyn Internet dy du cng giup han ch li, n dinh va tng tinh bao mt. - Kha nng diu khin luu lung: MPLS cung cp cac kha nng diu khin luu luong d sung dung hiu qua tai nguyn mang. K thut luu luong giup chuyn tai tu cac phn qua tai sang cac phn con ri cua mang dua vao dim dich, loai luu luong, tai, thoi gian,.
D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 37 -
1.8 Mt s ng dng MPLS. 1.8.1 Mng ring ao VPN. MPLS-VPN : Khng ging nhu cac mang VPN truyn thng, cac mang MPLS- VPN khng su dung hoat dng dong goi va m hoa goi tin d dat duoc muc d bao mt cao. MPLS VPN su dung bang chuyn tip va cac nhn 'tags d tao nn tinh bao mt cho mang VPN. Kin truc mang loai nay su dung cac tuyn mang xac dinh d phn phi cac dich vu iVPN, va cac co ch xu ly thng minh cua MPLS VPN luc nay nm hoan toan trong phn li cua mang. Mi VPN duoc kt hop voi mt bang dinh tuyn - chuyn tip VPN (VRF) ring bit. VRF cung cp cac thng tin v mi quan h trong VPN cua mt site khach hang khi duoc ni voi PE router. Bang VRF bao gm thng tin bang dinh tuyn IP (IP routing table), bang CEF (Cisco Express Forwarding), cac giao din cua Iorwarding table; cac quy tc, cac tham s cua giao thuc dinh tuyn... Mi site chi co th kt hop voi mt va chi mt VRF. Cac VRF cua site khach hang mang toan b thng tin v cac 'tuyn co sn tu site toi VPN ma no la thanh vin. Di voi mi VRF, thng tin su dung d chuyn tip cac goi tin duoc luu trong cac IP routing table va CEF table. Cac bang nay duoc duy tri ring r cho tung VRF nn no ngn chn duoc hin tuong thng tin bi chuyn tip ra ngoai mang VPN cng nhu ngn chn cac goi tin bn ngoai mang VPN chuyn tip vao cac router bn trong mang VPN. Dy chinh la co ch bao mt cua MPLS VPN. Bn trong mi mt MPLS VPN, co th kt ni bt ky hai dim nao voi nhau va cac site co th gui thng tin truc tip cho nhau ma khng cn thng qua site trung tm. Uu dim du tin cua MPLS-VPN la khng yu cu cac thit bi CPE thng minh. Vi cac yu cu dinh tuyn va bao mt d duoc tich hop trong mang li. Chinh vi th vic bao dung cng kha don gian, vi chi phai lam vic voi mang li. Tr trong mang MPLS-VPN la rt thp, so di nhu vy la do MPLS-VPN khng yu cu m hoa du liu vi duong di cua VPN la duong ring, duoc dinh tuyn boi mang li, nn bn ngoai khng co kha nng thm nhp va n cp du liu (diu nay ging voi FR). Ngoai ra vic dinh tuyn trong MPLS chi lam vic o lop 2,5 chu khng phai lop 3 vi th giam duoc mt thoi gian tr dang k. Cac thit bi dinh tuyn trong MPLS la cac Switch router dinh tuyn bng phn cung, vi vy tc d cao hon phn mm nhu o cac router khac. Vic tao Full mesh la hoan toan don gian vi vic toi cac site chi cn dua theo dia chi duoc cu hinh sn trong bang dinh tuyn chuyn tip VPN (VEF).
1.8.2 Diu khin luu lung MPLS (MPLS TE). D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 38 -
Y tuong co ban dng sau vic diu khin luu luong la d su dung ti uu ha tng mang, bao gm cac duong kt ni su dung khng dung muc, boi vi chung khng th thuc cac tuyn uu tin. Diu nay co nghia la diu khin luu luong phai cung cp kha nng huong luu luong qua mang trn cac tuyn di khac nhau tu tuyn uu tin, dy la tuyn co chi phi thp nht duoc cung cp boi dinh tuyn IP. Tuyn chi phi thp nht la tuyn duong ngn nht nhu tinh toan boi giao thuc dinh tuyn dng. Voi nhim vu diu khin luu luong trong mang MPLS, ta co th co luu luong ma duoc xac dinh cu th tu truoc hoc voi cht luong cu th cua lung dich vu tu dim A dn dim B doc theo mt tuyn (ma tuyn nay khac voi tuyn co chi phi thp nht). Kt qua la luu luong co th trai rng hon qua nhung duong kt ni co sn trong mang va lam cho su dung nhiu duong kt ni khng su dung dung trong mang. .... th hin vi du nay.
Hinh 1.30 : Diu khin luu luong trong MPLS Nhu nguoi diu hanh mang diu khin luu luong MPLS, ta co th huong luu luong tu dim A toi dim B qua tuyn duoi (dy khng phai la tuyn ngn nht giua A va B 4 buoc so voi 3 buoc nhay o tuyn trn). Theo dung nghia, ta co th gui luu luong qua cac duong kt ni ma chung co th khng duoc su dung nhiu. Ta co th huong luu luong trong mang trn duong phia duoi bng vic thay di ngn ngu giao thuc dinh tuyn. Vi du hinh 1.31. D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 39 -
Hinh 1.31 : Diu khin luu luong trong MPLS (2) Nu mang nay la mang IP don thun, ta co th khng co b dinh tuyn C chuyn luu luong doc theo tuyn phia duoi bng cach cu hinh mt vai thu trn b dinh tuyn A. B dinh tuyn C quyt dinh d gui luu luong trn tuyn trn hay tuyn duoi chi la do quyt dinh cua chinh no. Nu ta co th diu khin luu luong MPLS cho phep trn mang nay, ta cn co b dinh tuyn A gui luu luong toi b dinh tuyn B doc theo tuyn duoi. Diu khin luu luong MPLS bt buc b dinh tuyn C chuyn tip luu luong A B trn tuyn duoi. Diu nay co th thuc hin duoc trong MPLS do co ch chuyn tip nhn. B dinh tuyn du (head end router) (o dy la b dinh tuyn A) cua tuyn diu khin luu luong la b dinh tuyn ma dua ra tuyn dy du d luu luong chuyn qua mang MPLS. Boi vi no la b dinh tuyn du cui (head end router) ma chi r tuyn, diu khin luu luong cng duoc nhc dn (xem tham khao reIer) toi nhu la dang (Iorm) cua dinh tuyn ngun co ban (source based routing). Nhn duoc dan (gn) vao goi boi b dinh tuyn du cui (head end router) s tao nn lung luu luong goi doc theo tuyn duong ma do b dinh tuyn du cui chi r. Khng co b dinh tuyn trung gian nao chuyn tip goi trn mt tuyn khac. Mt uu dim vuot tri cua vic su dung diu khin luu luong MPLS la kha nng dinh tuyn lai nhanh (Fast ReRouting FRR). FRR cho phep ta dinh tuyn lai luu luong co nhn quanh mt duong kt ni hoc mt b dinh tuyn ma tro thanh khng dung duoc. Vic dinh tuyn lai luu luong xay ra nho hon 50ms, ma no nhanh nhu tiu chun hin nay.
1.8.3 Cht lung d|ch v trong MPLS (QoS). Cht luong dich vu QoS chinh la yu t thuc dy MPLS. So sanh voi cac yu t khac, nhu quan ly luu luong va h tro VPN thi QoS khng phai la ly do quan trong D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 40 -
nht d trin khai MPLS. Nhu chung ta s thy duoi dy, hu ht cac cng vic duoc thuc hin trong MPLS QoS tp trung vao vic h tro cac dc tinh cua IP QoS trong mang. Noi cach khac, muc tiu la thit lp su ging nhau giua cac dc tinh QoS cua IP va MPLS, chu khng phai la lam cho MPLS QoS cht luong cao hon IP QoS. Mt trong nhung nguyn nhn d khng dinh MPLS do la khng ging nhu IP, MPLS khng phai la giao thuc xuyn sut. MPLS khng chay trong cac may chu, va trong tuong lai nhiu mang IP khng su dung MPLS vn tn tai. QoS mt khac la dc tinh xuyn sut cua lin lac giua cac LSR cung cp. Vi du, nu mt knh kt ni trong tuyn xuyn sut co d tr cao, d tn tht lon, bng thng thp s gioi han QoS co th cung cp doc theo tuyn do. Mt cach nhin nhn khac v vn d nay la MPLS khng thay di v cn ban m hinh dich vu IP. Cac nha cung cp dich vu khng ban dich vu MPLS, ho ban dich vu IP (hay dich vu Frame Relay hay cac dich vu khac), va do do, nu ho dua ra QoS thi ho phai dua ra IP QoS (Frame Relay QoS, v.v) chu khng phai la MPSL QoS. Diu do khng co nghia la MPLS khng co vai tro trong IP QoS. Thu nht, MPLS co th giup nha cung cp dua ra cac dich vu IP QoS hiu qua hon. Thu hai, hin dang xut hin mt s kha nng QoS moi h tro qua mang su dung MPLS khng thuc su xuyn sut tuy nhin co th chung to la rt huu ich, mt trong s chung la bng thng bao dam cua LSP. Cht luong dich vu tro ln ph bin trong nhung nm qua. Mt vai mang khng co su han ch v bng thng, do do tc nghn thuong xuyn co kha nng xay ra trong mang. Qos la mt phuong tin (means) d danh su uu tin cho nhung luu luong quan trong hon nhung luu luong kem uu tin khac va dam bao rng no duoc vn chuyn qua mang. IETF duoc thit k 2 cach d thuc hin QoS trong mang IP: dich vu tich hop (IntServ) va dich vu khac bit (DiIIServ). - IntServ su dung giao thuc bao hiu giao thuc danh truoc tai nguyn (RSVP). May chu bao hiu cho mang qua RSVP su cn thit QoS la cho lung luu luong ma no truyn. - Vic dua ra m hinh IntServ co ve nhu giai quyt duoc nhiu vn d lin quan dn QoS trong mang IP. Tuy nhin trong thuc t m hinh nay d khng dam bao duoc QoS xuyn sut (end to end). D co nhiu c gng nhm thay di diu nay nhm dat mt muc QoS cao hon cho mang IP, va mt trong nhung c gng do la su ra doi cua DiIIServ. DiIIServsu dung vic danh du goi va xp hang theo loai d h tro dich vu uu tin qua mang IP. Nhung b dinh tuyn tim kim nhung bit d danh du, xp hang, dinh hinh, va thit lp quyn uu tin (drop) cua goi. - Dich vu Best eIIort: Dy la dich vu ph bin trn mang Internet hay mang IP noi chung. Cac goi thng tin duoc truyn di theo nguyn tc 'dn truoc phuc D an tt nghip Dai hoc Chuong 1: Tng quan v MPLS
Nguyn Tai Phong H09VT4 - 41 -
vu truoc ma khng quan tm dn dc tinh luu luong cua dich vu la gi. Diu nay dn dn rt kho h tro cac dich vu doi hoi d tr thp nhu cac dich vu thoi gian thuc hay video. Cho dn thoi dim nay, da phn cac dich vu duoc cung cp boi mang Internet vn su dung nguyn tc Best EIIort nay. Uu dim lon cua DiIIServ so voi IntServ la m hinh DiIIServ khng cn giao thuc bao hiu. M hinh IntServ su dung mt giao thuc bao hiu ma phai chay trn may chu va b dinh tuyn. Nu mang co hang nghin luu luong, nhung b dinh tuyn phai giu thng tin trang thai cho mi lung luu luong truyn qua no. Dy la mt vn d lon lam cho IntServ tro nn khng ph bin. Vi du tt nht cho QoS la luu luong VoIP. VoIP cn thit duoc truyn toi dich trong thoi gian thuc, nu khng no s khng con dung duoc. Do do, QoS phai uu tin luu luong VoIP d dam bao no duoc truyn trong mt thoi gian xac dinh. D dat duoc diu nay, Cisco IOS dt VoIP voi muc uu tin cao hon luu luong FTP hoc HTTP va d dam bao rng khi nghn mach xay ra, luu luong FTP hoc HTTP s bi danh rot truoc VoIP. D an tt nghip Dai hoc Chuong 2 : Gioi thiu chung v VPN
Nguyn Tai Phong H09VT4 - 42 -
CHUONG 2: GII THIJU CHUNG VE VPN
2.1 Khi nim v VPN Ngay nay, mt cng ty co tru so phn tan o nhiu noi. D kt ni cac may tinh tai cac vi tri nay, cng ty do cn co mt mang thng tin. Mang do la mang ring voi y nghia la no chi duoc cng ty do su dung. Mang do la mang ring cng voi y nghia la k hoach dinh tuyn va danh dia chi trong mang do dc lp voi vic dinh tuyn va danh dia chi cua cac mang khac. Mang do la mt mang ao voi y nghia la cac phuong tin duoc su dung d xy dung mang nay co th khng danh ring cho cng ty do ma co th chia se dung chung voi cac cng ty khac. Cac phuong tin cn thit d xy dung mang nay duoc cung cp boi nguoi thu ba duoc goi la nha cung cp dich vu VPN. Cac cng ty su dung mang duoc goi la cac khach hang VPN. Cac cng ty cung cp dich vu VPN goi la SP (services Provider). VPN co th duoc su dung d mo rng pham vi cua mt Intranet. Boi vi, Intranet thuong duoc su dung d trao di thng tin mt cach dc quyn va ta khng mun nhung thng tin nay duoc truyn ba trn Internet. Tuy nhin trong nhiu truong hop, cac vn phong cng ty trn din rng co nhu cu chia se thng tin va nhung nguoi su dung tu xa mun truy cp vao Intranet thng qua Internet. VPN s cho phep kt ni vao Intranet mt cach an toan va khng lo ngai bi l thng tin. Co th coi kt ni loai nay nhu la Extranet. Dim khac nhau giua hai truong hop Intranet va Extranet do la cu hoi ai la nguoi dt ra cac chinh sach cua mang VPN, trong truong hop mang Intranet thi do la mt cng ty con trong truong hop mang Extranet thi do la mt nhom cng ty. Su dung vi du trn v co so du liu khach hang, rt d hiu la lam th nao ma VPN co th mo rng kha nng ung dung cua Intranet. Gia su tt ca ca nhn vin ban hang cua cng ty dang di cng tac hoc la lam vic tai nha. Ho co th su dung Internet d truy cp vao cac WebServer chua nhung thng tin v khach hang. VPN cung cp kt ni dam bao an toan giua may tinh cua nhn vin va WebServer chua CSDL va m hoa du liu. VPN cho phep kha nng su dung linh hoat di voi bt cu dich vu mang nao duoc su dung mt cach an toan thng qua Internet. VPN la cng ngh cho phep kt ni cac thanh phn cua mt mang ring (private network) thng qua ha tng mang cng cng (Internet). VPN hoat dng dua trn k thut tunneling: goi tin truoc khi duoc chuyn di trn VPN s duoc m hoa va duoc dt bn trong mt goi tin co th chuyn di duoc trn mang cng cng. Goi tin duoc truyn di dn du bn kia cua kt ni VPN. Tai dim dn bn kia cua kt ni VPN, goi tin d bi m hoa s duoc 'ly ra tu trong goi tin cua mang cng cng va duoc giai m.
D an tt nghip Dai hoc Chuong 2 : Gioi thiu chung v VPN
Nguyn Tai Phong H09VT4 - 43 -
Cac giai doan phat trin cua VPN O Th h VPN thu nht do AT&T phat trin co tn la SDN O Th h thu 2 la ISND va X25. O Th h thu 3 la Frame relay va ATM. O Th h thu 4 la VPN trn nn mang IP. O Va th h hin nay la VPN trn nn mang MPLS.
2.2 Chc nng v li ch cua VPN. 2.2.1 Chc nng cua mng ring ao. %Jnh xac thc Thit lp kt ni trong VPN ca hai phia cua thit bi du cui phai xac thuc ln nhau d khng dinh mt diu la thng tin minh mun trao di dung voi di tuong minh mong mun khng phai la mt nguoi khac ma minh khng mong mun. %Jnh %oan vn Khi truyn du liu vic dam bao la du liu khng bi mt di hoc bi xao trn la mt vic lam v cung quan trong. Vi vy VPN d lam duoc diu do mt cach hoan hao. %Jnh bao mt Vic m hoa cac du liu truoc khi dua vao truyn trong mang cng cng va du liu s duoc giai m o phia thu. Bng cach lam nhu vy, thi vic danh cp thng tin du liu la v cung kho khn di voi nguoi khac.
2.2.2 Tin ch cua mng ring ao. VPN dem lai loi ich thuc su va tuc thoi cho cng ty va cac doanh nghip trong cng vic kinh doanh cua minh. Co th dung VPN d don gian hoa vic truy cp di voi cac nhn vin lam vic va nguoi dung luu dng, mo rng mang ni b dn tung vn phong chi nhanh, thm chi trin khai mang mo rng dn tn khach hang va cac di tac chu cht va diu quan trong la nhung cng vic trn du co chi phi thp hon nhiu so voi vic mua thit bi va duong dy cho mang WAN ring. Nhung loi ich cua VPN co th duoc dn duoi dy. !t kinh t Khi su dung mang ring ao VPN cac cng ty co th giam chi phi duoc toi mt cach ti da trong vic du tu va vn hanh chung. Su dung VPN thi cac cng ty chi vic thu cac knh ring trn ha tng chung cua cac nha cung cp dich vu vin thng khng cn phai du tu thit bi du cui cng nhu thit bi truyn dn. Cac thit bi truyn dn la tuong di dt, nn vic giam chi phi khi du tu khi su dung VPN la qua r rang va thit yu. Giam duoc cac loai cuoc phi duong dai truy cp VPN cho cac nhn vin di dng va cac nhn vin di cng tac xa cng ty nho vao vic ho truy nhp vao mang thng qua cac dim kt ni o noi minh cu tru, han ch goi duong dai toi cac modem tp trung. D an tt nghip Dai hoc Chuong 2 : Gioi thiu chung v VPN
Nguyn Tai Phong H09VT4 - 44 -
%Jnh linh hot Tinh linh dng o dy khng chi th hin trong qua trinh vn hanh va khai thac ma no con thuc su mm deo di voi yu cu su dung cua nguoi su dung. Nguoi su dung co th su dung nhiu kt ni hay cac di tuong di chuyn do dc thu cng vic. Khach hang cua VPN qua mang mo rng nay, cng co quyn truy cp va kha nng nhu nhau di voi cac dich vu trung tm bao gm. Cng nhu cac ung dung thit yu khac, khi truy cp chung thng qua nhung phuong tin khac nhau nhu qua mang cuc b LAN, modem, modem cap, duong dy thu bao s v..v, ma khng cn quan tm dn nhung phn phuc tap bn duoi. rng va phat trin Nhu chung ta d bit mang ring ao VPN duoc phat trin va hoat dng dua trn mang cng cng. Ngay nay mang Internet co mt khp noi nn vic do tao cho vic xy dung va phat trin mang VPN ngay cang don gian. Vic kt ni giua cac chi nhanh o xa voi cng ty la qua don gian thng qua duong dy din thoai hoc qua duong dy s DSL. Vic nng cp cng qua don gian khi bng thng duong truyn lon. Va vic g bo VPN cng qua don gian khi khng cn thit.
2.2.3 Nhuc dim v nhng giai php khc phc. $ tin cy va thc thi Mang ring ao su dung cac phuong phap m hoa d bao mt du liu, va su dung mt s ham mt m phuc tap nn vic do d lam cho dung luong cua may chu la kha nng va vic y rt anh huong dn vic xu ly tc d cua may. Khi du liu duoc truyn tai trong VPN qua lon thi vic tc nghn va co th mt thng tin du liu la chuyn thuong xy ra. Vic thit lp cac dich vu proxy va mt s dich vu khac d co th han ch va diu chinh duoc luu luong truyn tai trong mang mt cac hop ly nht. $ rui ro v an ninh Nhu chung ta d bit thi mang ring ao la dung chung duong truyn cua mang cng cng nn co th bi tn cng va diu do nhu la nhung diu duoc canh bao truoc. Nn cac nha cung cp dich d dua ra nhung giai phap an toan cho vic dung mang ring ao, nhung vn d an toan khng bao gio la tuyt di. Vn d cang dua cac giai phap bao mt vao bao nhiu thi no cng anh huong dn gia thanh cua dich vu, va diu do la mt diu khng mong mun tu nha cung cp dich vu cng nhu nguoi su dung dich vu. Nn vic su nhung giai phap trong VPN cng phai duoc cn nhc lam sao ti uu nht.
2.3 M hnh VPN. VPN duoc gioi thiu nhu la mt mt mang ring ma su dung trn ha tng chung. Mt mang ring yu cu tt ca cac du cui khach hang co th kt ni voi nhau va D an tt nghip Dai hoc Chuong 2 : Gioi thiu chung v VPN
Nguyn Tai Phong H09VT4 - 45 -
hoan toan ring bit di voi cac mang VPN khac. Mang VPN thuong la mt cng ty va co mt vai dim kt cui kt ni qua ha tng cua nha cung cp dich vu chung. Dua vao su tham gia cua minh trong vic dinh tuyn cho khach hang Nha cung cp dich vu co th trin khai hai m hinh VPN chinh d cung cp dich vu VPN cho khach hang. O M hinh Overlay VPN O M hinh Peer to Peer VPN
2.3.1 M hnh Overlay VPN (VPN chng ln). Trong m hinh overlay VPN, nha cung cp dich vu cung cp mt kt ni dim dim hoc knh ao tu bn nay sang bn kia mang cua ho giua cac b dinh tuyn cua khach hang. Nhu vy, m hinh Overlay VPN cung cp cho khach hang cac mang ring, nha cung cp khng th tham gia vao vic dinh tuyn khach hang. Cac nha cung cp dich vu chi vn chuyn du liu qua cac kt ni point-to-point ao. Nu mach ao la c dinh, sn sang cho khach hang su dung moi luc thi duoc goi la mach ao c dinh PVC. Nu mach ao duoc thit lp theo yu cu (on-demand) thi duoc goi la mach ao chuyn di SVC. Han ch chinh cua m hinh Overlay la cac mach ao cua cac site khach hang kt ni dang Iull mesh (ngoai tru trin khai dang hub-and-spoke hay partial hub-andspoke). Nu co N site khach hang thi tng s luong mach ao cn thit cho vic ti uu dinh tuyn la N(N-1)/2.
Hinh 2.1 : M hinh VPN chng ln Ban du Overlay VPN duoc thuc thi boi SP d cung cp cac kt ni lop 1 (physical layer) nhu Ghep knh phn chia theo thoi gian (TDM), E1, E3, SONET, va duong kt ni SDH, hay mach chuyn vn lop 2 (du liu dang Irame hoc cell) giua cac site khach hang bng cach su dung cac thit bi Frame Relay hay ATM switch lam D an tt nghip Dai hoc Chuong 2 : Gioi thiu chung v VPN
Nguyn Tai Phong H09VT4 - 46 -
PE (vi du lop 2 la cac knh ao duoc tao boi X.25, ATM hoc Frame Relay). Do do nha cung cp dich vu khng th nhn bit duoc vic dinh tuyn o phia khach hang. Overlay VPN con thuc thi cac dich vu qua layer 3 voi cac giao thuc tao duong hm nhu GRE, IPSec. Tuy nhin, du trong truong hop nao thi mang cua nha cung cp vn trong sut voi khach hang, va cac giao thuc dinh tuyn chay truc tip giua cac router cua khach hang. t s uu dim cua JPN chong lan O Do la m hinh d thuc hin, nhin theo quan dim cua nguoi dung va cua ca nha cung cp dich vu. O Nha cung cp dich vu khng tham gia vao dinh tuyn nguoi dung trong mang VPN chng ln. Nhim vu cua ho la vn chuyn du liu dim - dim giua cac site cua nguoi dung, vic danh du dim tham chiu giua nha cung cp dich vu va nguoi dung s quan ly d dang hon. n ch cua mo hinh JPN chong lan O VPN thich hop trong cac mang khng cn d du phong voi it site trung tm va nhiu site o du xa, nhung lai kho quan ly nu nhu cn nhiu cu hinh nut khac nhau. O Vic cung cp cang nhiu mach ao doi hoi phai co su hiu bit su sc v loai luu luong giua hai site voi nhau ma diu nay thuong khng tht su thich hop. O Khi thuc hin m hinh nay voi cac cng ngh lop 2 thi chi tao ra mt lop moi khng cn thit di voi cac nha cung cp hu ht chi dua trn IP, dn dn su phai co su du tu lon trong vic nay. 2.3.2 M hnh VPN ngang cp (Peer to peer VPN). M hinh ngang cp (peer-to-peer) duoc phat trin d khc phuc nhuoc dim cua m hinh Overlay va cung cp cho khach hang co ch vn chuyn ti uu qua SP backbone. Trong m hinh nay, nhung b dinh tuyn cua nha cung cp dich vu vn chuyn du liu cua khach hang qua mang, nhung no cng tham gia vao vic dinh tuyn cua khach hang. Noi mt cach khac, nhung b dinh tuyn cua nha cung cp dich vu s ngang hang voi b dinh tuyn cua khach hang tai Lop 3. Trong m hinh peer-to-peer, thng tin dinh tuyn duoc trao di giua cac router khach hang va cac router cua nha cung cp dich vu, du liu cua khach hang duoc vn chuyn qua mang li cua nha cung cp. Thng tin dinh tuyn cua khach hang duoc mang giua cac router trong mang cua nha cung cp (P va PE), va mang khach hang (cac CE router). M hinh nay khng yu cu tao ra mach ao. Quan sat hinh trn ta thy, cac CE router trao di tuyn voi cac D an tt nghip Dai hoc Chuong 2 : Gioi thiu chung v VPN
Nguyn Tai Phong H09VT4 - 47 -
router PE trong SP domain. Thng tin dinh tuyn cua khach hang duoc quang ba qua SP backbone giua cac PE va P va xac dinh duoc duong di ti uu tu mt site khach hang dn mt site khac. Vic phat hin cac thng tin dinh tuyn ring cua khac hang dat duoc bng cach thuc hin loc goi tai cac router kt ni voi mang khach hang. Dia chi IP cua khach hang do nha cung cp kim soat. Tin trinh nay xem nhu la thuc thi cac PE peer-topeer chia se (shared PE peer-to-peer).
Hinh 2.2 : M hinh VPN ngang hang Truoc khi MPLS ra doi, m hinh peer to peer VPN co th thit lp bng cach tao ra dinh tuyn ngang cp IP giua b dinh tuyn cua khach hang va cua nha cung cp. M hinh VPN cng yu cu tinh ca nhn (ring bit) va cach ly giua cac khach hang khac nhau. Ta cng co th thit lp bng cach cu hinh b loc goi (danh sach truy nhp) d diu khin du liu toi va di tu b dinh tuyn cua khach hang. Mt cach khac d thuc hin duoc dinh hinh thuc ca nhn la cu hinh nhung b loc dinh tuyn d thng bao dinh tuyn hoc dung dinh tuyn tu vic thng bao toi b dinh tuyn cua khach hang. Hoc ta co th thuc hin tt ca cac phuong thuc trn cung mt luc. Truoc khi MPLS tro nn ph bin, m hinh trung lp overlay VPN d duoc trin khai nhiu hon m hinh peer to peer VPN. M hinh peer to peer VPN yu cu nhiu tu phia nha cung cp boi vi khi thm mt khach hang yu cu rt nhiu su thay di cu hinh tai rt nhiu site. MPLS VPN la mt ung dung cua MPLS ma no tao ra m hinh peer to peer VPN d dang hon d thuc hin. By gio vic thm vao hoc bo ra mt dim cui khach hang d dang hon trong vic cu hinh va do do yu cu it thoi gian va su c gng hon. Voi MPLS VPN, mt b dinh tuyn khach hang (duoc goi la b dinh tuyn khach hang bin - CE) ngang cp voi Lop IP voi it nht mt b dinh tuyn cua nha cung cp dich vu (duoc goi la b dinh tuyn nha cung cp bin - PE). D an tt nghip Dai hoc Chuong 2 : Gioi thiu chung v VPN
Nguyn Tai Phong H09VT4 - 48 -
Nhung nhuoc dim cua m hinh peer to peer VPN so voi m hinh overlay VPN.: O Khach hang phai chia se trach nhim dinh tuyn voi nha cung cp dich vu. O Yu cu phai co thm thit bi bin cua nha cung cp. Nhuoc dim du tin la khach hang phai co mt dinh tuyn ngang hang voi nha cung cp dich vu. Khach hang khng th kim soat (diu khin) mang end to end trn lop 3 va theo dinh tuyn IP, nhu voi m hinh overlay. Nhuoc dim thu hai la cua nha cung cp dich vu. Ganh nng cua nha cung cp dich vu chinh la vic phai trang bi thm thit bi bin b dinh tuyn PE. Nha cung cp dich vu phai co trach nhim va dinh tuyn hi tu cua mang khach hang boi vi cac b dinh tuyn PE phai co kha nng mang tt ca b dinh tuyn cua nhiu khach hang trong khi cung cp dinh tuyn hi tu kip thoi.
2.4 Phn loi VPN. VPN la mt cng ngh ma nha san xut dua ra nhm dap ung duoc mt s nhu cu co ban sau dy: O Cung cp duoc nhiu ung dung khac nhau trong cung mt dich vu khi nguoi dung yu cu. O Co th diu khin duoc quyn truy cp cua nguoi dung, cac nha cung cp dich vu cng nhu cac di tuong bn ngoai khac. Dua vao cac ung dung cng nhu nhung dc dim cua VPN ma nguoi ta chia thanh hai loai VPN co ban. O VPN truy nhp tu xa (Remote Access VPN) O VPN dim toi dim (Site - to Site VPN) Trong do VPN dim toi dim lai duoc chia thanh hai loai la O VPN cuc b O VPN mo rng
2.4.1 VPN truy nhp t xa (Remote Access VPN). Nhung thanh phn chinh trong m hinh VPN truy nhp tu xa : O May chu cua h thng truy nhp tu xa (RAS) duoc dt tai trung tm co nhim vu xac nhn va chung nhn cac yu cu gui toi. No chiu trach nhim diu hanh toan b h thng thng tin va du liu nhn va gui qua mang nay. O Kt ni nhanh chong thun tin dn trung tm d ly du liu mt cach nhanh chong nhm giam duoc mt phn chi phi khi nguoi dung o xa trung tm may chu. D an tt nghip Dai hoc Chuong 2 : Gioi thiu chung v VPN
Nguyn Tai Phong H09VT4 - 49 -
O H tro nhn vin ki thut mt phn trong vic cu hinh, bao tri h thng va quan ly b xu ly trung tm. Va h tro truy cp tu xa boi nguoi dung. Khi trin khai VPN truy nhp tu xa, nhung nguoi dung truy nhp tu xa hoc cac vn phong dai din chi cn kt ni ni b dn nha cung cp dich vu ISP hoc ISP`s POP va kt ni dn tai nguyn thng qua mang Internet. H thng VPN truy nhp tu xa co m hinh duoi dy.
Hinh 2.3 : VPN truy cp tu xa
D an tt nghip Dai hoc Chuong 2 : Gioi thiu chung v VPN
Nguyn Tai Phong H09VT4 - 50 -
Hinh 2.4 : Thit lp VPN tu xa Mt s uu dim cua JPA truy 35 t xa O VPN truy nhp tu xa khng cn h tro nhn vin mang boi vi qua trinh kt ni tu xa duoc cac nha cung cp dich vu thuc hin. O Cac khoan chi phi cho cac kt ni tu xa boi cac kt ni khoang cach duoc thay th boi cac kt ni cuc b thng qua mang Internet. O Cung cp cac dich vu gia re cho nguoi dung o xa, tao su thun loi cho vic phat trin mang. O VPN cung cp kha nng truy nhp tt hon dn cac site cua cac cng ty vi chung h tro muc thp nht chi phi dich kt ni. Mt s 3uc dim cua ma3 JPA truy 35 t xa: O VPN truy nhp tu xa khng h tro cac dich vu bao dam cht luong dich vu diu do rt bt loi cho nguoi dung mi khi co nhung thng tin quan trong mun gui di, khng duoc dam bao an toan. Nn vic mt cp du liu va cac goi du liu khng dn dich la co th xy ra. O Khi su dung cac loai thut toan m hoa phuc tap nn tiu d giao thuc tng mt cach dang k. Diu do bt loi cho vic giai m va truyn di trn mang. O Do phai truyn du liu thng qua Internet, nn khi trao di cac du liu lon nhu cac goi du liu truyn thng, video, m thanh s rt chm. 2.4.2 VPN dim ti dim (Site - to - Site VPN ). La vic su dung mt m danh ring cho nhiu nguoi d kt ni nhiu dim c dinh voi nhau thng qua mt mang cng cng nhu Internet. Loai nay co th dua trn Intranet hoc Extranet. Loai dua trn Intranet: nu mt cng ty co vai dia dim tu xa mun tham gia vao mt mang ring duy nht, ho co th tao ra mt VPN intranet (VPN ni b) d ni LAN voi LAN. Loai dua trn Extranet: khi mt cng ty co mi quan h mt thit voi mt cng ty khac (vi du nhu : di tac cung cp, khach hang .), ho co th xy dung mt VPN extranet (VPN mo rng) kt ni LAN voi LAN d nhiu t chuc khac nhau co th lam vic trn mt mi truong chung. Su khac nhau giua VPN dim toi dim voi VPN truy cp tu xa chi mang tinh tuong trung. Nhiu thit bi VPN moi co th hoat dng theo ca hai cach nay VPN ddieemt toi dim co th duoc xem nhu mt VPN cuc b hoc mo rng xet tu quan dim quan ly chinh sach. Nu ha tng mang co chung mt ngun quan ly, no co th duoc xem nhu la VPN ni b. Nguoc lai, no co th xem nhu la mo rng a. VPN ni b (Intranet VPN). D an tt nghip Dai hoc Chuong 2 : Gioi thiu chung v VPN
Nguyn Tai Phong H09VT4 - 51 -
Intranet VPNs duoc su dung d kt ni dn cac chi nhanh vn phong cua t chuc dn Corporate Intranet (backbone router) su dung campus router. Theo m hinh nay s rt tn chi phi do phai su dung 2 router d thit lp duoc mang, thm vao do, vic trin khai, bao tri va quan ly mang Intranet Backbone s rt tn kem con tuy thuc vao luong luu thng trn mang di trn no va pham vi dia ly cua toan b mang Intranet. D giai quyt vn d trn, su tn kem cua WAN backbone duoc thay th boi cac kt ni Internet voi chi phi thp, diu nay co th giam mt luong chi phi dang k cua vic trin khai mang Intranet.
Hinh 2.5 : VPN ni b b. VPN mo rng (Extranet VPN) Khng ging nhu Intranet va Remote Access-based, Extranet khng hoan toan cach li tu bn ngoai (outer-world), Extranet cho phep truy cp nhung tai nguyn mang cn thit cua cac di tac kinh doanh, chng han nhu khach hang, nha cung cp, di tac nhung nguoi giu vai tro quan trong trong t chuc. D an tt nghip Dai hoc Chuong 2 : Gioi thiu chung v VPN
Nguyn Tai Phong H09VT4 - 52 -
Hinh 2.6 : Mt vi du v Extranet VPN truyn thng Nhu hinh 2.5, mang Extranet rt tn kem do co nhiu doan mang ring bit trn Intranet kt hop lai voi nhau d tao ra mt Extranet. Diu nay lam cho kho trin khai va quan ly do co nhiu mang, dng thoi cng kho khn cho ca nhn lam cng vic bao tri va quan tri. Thm nua la mang Extranet s kho mo rng do diu nay s lam ri tung toan b mang Intranet va co th anh huong dn cac kt ni bn ngoai mang. S co nhung vn d ban gp phai bt thinh linh khi kt ni mt Intranet vao mt mang Extranet.
Hinh 2.7 : Thit lp Extranet VPN Mt s thun loi cua Extranet VPN : O Do hoat dng trn mi truong Internet, ban co th lua chon nha phn phi khi lua chon va dua ra phuong phap giai quyt tuy theo nhu cu cua t chuc. D an tt nghip Dai hoc Chuong 2 : Gioi thiu chung v VPN
Nguyn Tai Phong H09VT4 - 53 -
O Boi vi mt phn Internet-connectivity duoc bao tri boi nha cung cp (ISP) nn cng giam chi phi bao tri khi thu nhn vin bao tri. O D dang trin khai, quan ly va chinh sua thng tin. Mt s bt loi cua Extranet : O Su de doa v tinh an toan, nhu bi tn cng bng tu chi dich vu vn con tn tai. O Tng thm nguy him su xm nhp di voi t chuc trn Extranet. O Do dua trn Internet nn khi du liu la cac loai high-end data thi vic trao di din ra chm chap. Do dua trn Internet, QoS cng khng duoc bao dam thuong xuyn
Hinh 2.8 : M hinh VPN kt hop
D an tt nghip Dai hoc Chuong 3 : Mang ring ao MPLS
Nguyn Tai Phong H09VT4 - 54 -
CHUONG 3: MANG RING AO MPLS
3.1 Gii thiu v MPLS VPN 3.1.1 MPLS VPN l g?
Hinh 3.1 : M hinh MPLS VPN MPLS VPN kt hop nhung dc dim tt nht cua Overlay VPN va peer-to-peer VPN: O Cac router PE tham gia vao qua trinh dinh tuyn cua khach hang (customer), ti uu vic dinh tuyn giua cac site cua khach hang. O Cac router PE su dung cac bang dinh tuyn ao (virtual routing table) cho tung khach hang nhm cung cp kha nng kt ni vao mang cua nha cung cp cho nhiu khach hang. O Cac khach hang co th su dung dia chi IP trung nhau (overlap addresses) MPLS VPN backbone va cac site khach hang trao di thng tin dinh tuyn lop 3. MPLS VPN gm cac vung sau: O Mang khach hang: thuong la min diu khin cua khach hang gm cac thit bi hay cac router trai rng trn nhiu site cua cung mt khach hang. Cac router CE la nhung router trong mang khach hang giao tip voi mang cua nha cung cp. D an tt nghip Dai hoc Chuong 3 : Mang ring ao MPLS
Nguyn Tai Phong H09VT4 - 55 -
O Mang cua nha cung cp: la min thuc diu khin cua nha cung cp gm cac router bin (edge) va li (core) d kt ni cac site thuc vao cac khach hang trong mt ha tng mang chia se. Cac router PE la cac router trong mang cua nha cung cp giao tip voi router bin cua khach hang. Cac router P la router trong li cua mang, giao tip voi cac router li khac hoc router bin cua nha cung cp. Trong mang MPLS VPN, router li cung cp chuyn mach nhn giua cac router bin cua nha cung cp va khng bit dn cac tuyn VPN. Cac router CE trong mang khach hang khng nhn bit duoc cac router li, do do cu truc mang ni b cua mang nha cung cp trong sut di voi khach hang. 3.1.2 Li ch cua MPLS VPN Chi phi thp, tc d n dinh, dap ung duoc yu cu v bao mt thng tin, don gian trong vic quan ly va d dang trong vic chuyn di. Giam thiu chi phi so voi cac cng ngh tuong dng trong vic quan ly, xy dung, trin khai trong mt mang din rng. Tinh n dinh va kha nng mo rng: dap ung nhu cu mo rng mt cach nhanh chong, co th kt ni nhanh chong voi cac mang khac. Thich ung voi nhiu loai cng ngh khac nhau va khng thay th h thng mang hin tai cua khach hang. Voi kha nng h tro nhiu loai cng ngh khac nhau do do MPLS co th h tro nhiu kiu truy cp khac nhau nhu Frame relay, IP, .lam giam thiu chi phi cho khach hang hoc co th tn dung thit bi mang sn co. An toan mang: voi tinh nng m hoa va tao duong hm cua cng ngh VPN giup MPLS dat duoc muc d an toan cao nhu trong mi truong mang ring. Cht luong dich vu: dam bao phn bit thu tu uu tin cho cac loai du liu khac nhau nhu: s liu, hinh anh, m thanh. 3.2 Cc thnh phn chnh cua kin trc MPLS VPN V co ban MPLS VPN co hai m hinh la MPLS VPN Layer 2 va MPLS VPN Layer 3. Tuy nhin trong khun kh d an em s tp trung tim hiu v MPLS VPN Layer 3, va sau dy la cac thanh phn va hoat dng cua MPLS VPN Layer3 D an tt nghip Dai hoc Chuong 3 : Mang ring ao MPLS
Nguyn Tai Phong H09VT4 - 56 -
Hinh 3.2 : M hinh mang ring ao tng 3 3.2.1 VRF - Virtual Routing and Foewarding Table Khach hang duoc phn bit trn router PE bng cac bang dinh tuyn ao (virtual routing tables) hoc cac instance, con duoc goi la VRF. Thuc cht no ging nhu duy tri nhiu router ring bit cho cac khach hang kt ni vao mang cua nha cung cp. Chuc nng cua VRF ging nhu mt ban dinh tuyn toan cuc, ngoai tru vic no chua moi tuyn lin quan dn mt VPN cu th. VRF cng chua mt bang chuyn tip CEF cho VRF ring bit (VRF- speciIic CEF Iorwarding table) tuong ung voi bang CEF toan cuc xac dinh cac yu cu kt ni va cac giao thuc cho mi site khach hang kt ni trn mt router PE. VRF xac dinh bi canh (context) giao thuc dinh tuyn tham gia vao mt VPN cu th cng nhu giao tip trn router PE cuc b tham gia vao VPN, nghia la su dung VRF. Giao tip tham gia vao VRF phai h tro chuyn mach CEF.Mt VRF co th gm mt giao tip (logical hay physical) hoc nhiu giao tip trn mt router. VRF chua mt bang dinh tuyn IP tuong ung voi bang dinh tuyn IP toan cuc, mt bang CEF, lit k cac giao tip tham gia vao VRF, va mt tp hop cac nguyn tc xac dinh giao thuc dinh tuyn trao di voi cac router CE (routing protocol contexts). VRF con chua cac dinh danh VPN (VPN identiIier) nhu thng tin thanh vin VPN (RD va RT). Hinh sau cho thy chuc nng cua VRF trn mt router PE thuc hin tach tuyn khach hang. D an tt nghip Dai hoc Chuong 3 : Mang ring ao MPLS
Nguyn Tai Phong H09VT4 - 57 -
Hinh 3.3 : Chuc nng cua VRF Cisco IOS h tro cac giao thuc dinh tuyn khac nhau nhu nhung tin trinh dinh tuyn ring bit (OSPF, EIGRP,.) trn router. Tuy nhin, mt s giao thuc nhu RIP va BGP, IOS chi h tro mt instance cua giao thuc dinh tuyn. Do do, thuc thi dinh tuyn VRF bng cac giao thuc nay phai tach ring hoan toan cac VRF voi nhau. Bi canh dinh tuyn (routing context) duoc thit k d h tro cac ban sao cua cung giao thuc dinh tuyn VPN PE-CE. Cac bi anh dinh tuyn nay co th duoc thuc thi nhu cac tin trinh ring bit (OSPF), hay nhu nhiu instance cua cung mt giao thuc dinh tuyn (BGP, RIP, .). Nu nhiu instance cua cung mt giao thuc dinh tuyn duoc su dung thi mi instance co mt tp cac tham s cua ring no. Hin tai, Cisco IOS h tro RIPv2, EIGRP, BGPv4 (nhiu instance), va OSPFv2 (nhiu tin trinh) duoc dung cho VRF d trao di thng tin dinh tuyn giua CE va PE. Trong m hinh MPLS VPN, router PE phn bit cac khach hang bng VRF. Tuy nhin, thng tin nay cn duoc mang theo giua cac router PE d cho phep truyn du liu giua cac site khach hang qua MPLS VPN backbone. Router PE phai co kha nng thuc thi cac tin trinh cho phep cac mang khach hang kt ni vao co khng gian dia chi trung lp (overlapping address spaces). Router PE hoc cac tuyn nay tu cac mang khach hang va quang ba thng tin nay bng mang truc chia se cua nha cung cp (shared provider backbone). Diu nay thuc hin bng vic kt hop voi RD trong bang dinh tuyn ao (virtual routing table) trn mt router PE. Ta co th tao VRF trn PE voi lnh i5 vrf .Ta su dung lnh i5 vrf forwardi3 d gan mt giao din PE CE trn PE toi VRF. Ta cng co th gan mt giao din toi mt VRF duy nht, nhung cng co th gan nhiu giao din toi cung mt VRF. Sau do PE s tu dng tao mt bang VRF va D an tt nghip Dai hoc Chuong 3 : Mang ring ao MPLS
Nguyn Tai Phong H09VT4 - 58 -
CEF. Bang dinh tuyn VRF khng ging voi bang dinh tuyn thng thuong trong Cisco IOS tru khi no duoc su dung cho mt tp VPN site duy nht va hoan toan ring bit voi tt ca cac bang dinh tuyn khac. 3.2.2 RD - Route Distinguisher La mt dinh danh 64-bit duy nht, thm vao truoc 32-bit dia chi tuyn duoc hoc tu router CE tao thanh dia chi 96-bit duy nht co th duoc chuyn vn giua cac router PE trong min MPLS. Do do chi duy nht mt RD duoc cu hinh cho 1 VRF trn router PE. Dia chi 96 bit cui cung (tng hop cua 32- bit dia chi khach hang va 64-bit RD) duoc goi la mt dia chi VPNv4. Dia chi VPNv4 trao di giua cac router PE trong mang nha cung cp. RD co th co hai dinh dang: dang dia chi IP hoc chi s AS. Gia tri 64 bit co th co 2 dinh dang: ASN:nn hoc IP-address:nn (o dy nn la mt s). Trong do dinh dang ASN:nn duoc su dung nhiu hon (o dy ASN vit tt cua s h thng tu tri - autonomous system number). RD duoc su dung d tranh truong hop tuyn IPv4 cua mt khach hang trung voi tuyn IPv4 cua khach hang khac. Nu tin t IPv4 10.1.1.0/24 va RD 1:1, tin t vpnv4 s la 1:1:10.1.1.0/24. Mt khach hang co th su dung cac RD khac nhau cho cung mt tuyn IPv4. Khi mt VPN site duoc kt ni toi 2 PE, tuyn tu VPN co th co 2 RD khac nhau, phu thuc vao PE nao ma tuyn nhn duoc. Mi tuyn IPv4 co th co 2 RD khac nhau va co 2 tuyn vpnv4 hoan toan khac nhau. Diu nay cho phep BGP nhin thy chung nhu la cac tuyn khac nhau va ap dung mt chinh sach khac nhau cho mi tuyn. Hinh bn duoi cho thy hai khach hang co dia chi mang ging nhau, 172.16.10.0/24, duoc phn bit nho vao cac gia tri RD khac nhau, 1:100 va 1:101, uu tin quang ba dia chi VPNv4 trn router PE. Giao thuc dung d trao di cac tuyn VPNv4 giua cac PE la multiprotocol BGP (MP- BGP). IGP yu cu duy tri iBGP (internal BGP) khi thuc thi MPLS VPN. Do do, PE phai chay mt IGP cung cp thng tin NLRI cho iBGP nu ca hai PE cung trong mt AS. Hin tai, Cisco h tro ca OSPFv2 va ISIS trong mang nha cung cp nhu la IGP. MP-BGP cng chiu trach nhim chi dinh nhn VPN. Kha nng mo rng la ly do chinh chon BGP lam giao thuc mang thng tin dinh tuyn khach hang. Hon nua, BGP cho phep su dung dia chi VPNv4 trong mi truong MPLS VPN voi dy dia chi trung lp cho nhiu khach hang. Mt phin lam vic MP-BGP giua cac PE trong mt BGP AS duoc goi la MP- iBGP session va kem theo cac nguyn tc thuc thi cua iBGP lin quan dn thuc tinh cua BGP (BGP attributes). Nu VPN mo rng ra khoi pham vi mt AS, cac VPNv4 s trao di giua cac AS tai bin bng MP-eBGP session. D an tt nghip Dai hoc Chuong 3 : Mang ring ao MPLS
Nguyn Tai Phong H09VT4 - 59 -
Hinh 3.4 : Vi du v RD 3.2.3 RT - Routee Targets Nu RD cng duoc su dung d chi ra VPN, vic truyn thng giua cac site cua cac VPN s co su c. Vi du mt site cua cng ty A khng th truyn thng voi mt site cua cng ty B boi vi RD khng ging nhau. Khai nim cac site cua cng ty A truyn thng voi cac site cua cng ty B duoc goi la 0xtran0t VPN. Truong hop truyn thng giua cac site cua cung cng ty A (cung VPN) duoc goi la intran0t VPN. Vic truyn thng giua cac site duoc diu khin boi mt dc tinh MPLS VPN khac goi la Route targets (RTs). RT la mt BGP 0xt0nd0d community chi ra tuyn nao s duoc nhn tu MP-BGP vao VRF. Co hai loai RT do la RT nhp vao (imported RT) va RT xut ra (exported RT). RT nhp vao duoc su dung khi nhp cac tuyn vao VRF tu MP-BGP, nu tuyn nao co gia tri RT phu hop voi RT nhp vao cua VRF thi tuyn do s duoc nhn vao VRF. RT xut ra duoc su dung khi VRF xut ra mt tuyn va duoc gui vao MP-BGP, khi do tuyn xut ra s duoc gn thm RT xut ra truoc khi duoc gui vao MP-BGP. Hinh 3.5 chi ra rng cac RT diu khin tuyn nao duoc nhn vao VRF nao tu cac PE Router khac va cung voi RT nao tuyn VPNv4 duoc xut ra v phia cac PE Router khac. Co th co hon mt RT duoc gn voi tuyn VPNv4. D duoc nhn vao VRF, RT cua tuyn VPNv4 phai phu hop voi it nht mt RT nhn vao duoc cu hinh trn VRF.
D an tt nghip Dai hoc Chuong 3 : Mang ring ao MPLS
Nguyn Tai Phong H09VT4 - 60 -
Hinh 3.5 : Cac loai RT va chuc nng cua no Khi cu hinh vai site thuc v mt VPN va khng co su truyn thng giua cac site thuc v cac VPN khac nhau, chung ta chi cn cu hinh mt RT nhp va mt RT xut trong tt ca cac VRF trn cac PE Router kt ni toi cac site do. Khi cac site thuc cac VPN cn truyn thng voi nhau thi vic cu hinh s phuc tap hon, cac VRF trn cac PE Router kt ni voi cac site do s duoc cu hinh thm cac RT xut va nhp d co th nhn duoc cac tuyn tu VPN khac. 3.2.4 Giao thc MP-BGP. VRF tach ring cac tuyn cua khach hang trn PE Router, nhung lam th nao d cac tin t duoc truyn thng qua mang cua nha cung cp dich vu? Co toi hang trm hoc hang nghin tuyn cn duoc truyn qua mang trong khi do cac PE Router thuong khng duoc kt ni truc tip voi nhau. Vi vy BGP la giao thuc thich hop cho vic mang cac tuyn VPNv4 mt cach dam bao thng qua mang MPLS VPN. BGP la mt giao thuc chun duoc su dung d dinh tuyn trn Internet. No la giao thuc co kha nng mang mt s luong tuyn rt lon thng qua mang, no cng la mt giao thuc linh hoat va d mo rng d thuc hin trong cac mi truong khac nhau. D h tro cho vic truyn cac tuyn VPNv4 thng qua mang, BGP d b xung thm hai thuc tinh moi do la ultiprotocol R0achabl0 NLRI (N0twork Lay0r R0achability Information) va ultiprotocol Unr0achabl0 NLRI. Nhung thuc tinh nay thng bao va rut lai cac tuyn. Chung du co hai truong: Addr0ss Family Ind0ntifi0r D an tt nghip Dai hoc Chuong 3 : Mang ring ao MPLS
Nguyn Tai Phong H09VT4 - 61 -
(AFI) va $ubs06u0nt Addr0ss Family Id0ntifi0r ($AFI) cac truong nay chi ra cac addr0ss family duoc mang boi BGP, mt trong cac addr0ss family do la VPNv4. Ngoai thuc tinh R% 0xt0nd0d community cng duoc dinh nghia d mang cac RTs. BGP thuc hin cng vic truyn cac tuyn VPNv4 thng qua mang MPLS VPN. Tuy nhin diu nay la khng du d co kha nng chuyn du liu VPN mt cach chinh xac, d cho egress PE Router co th chuyn du liu toi CE Router chinh xac, no phai chuyn cac goi tin dua trn nhn. Egress PE Router co th anh xa mt nhn toi tuyn VPNv4, nhn do duoc goi la nhn VPN (JPN lab0l). Egress PE Router phai thng bao nhn nay cung voi tuyn VPNv4 toi ingress PE Router. Nhn nay duoc chua trong truong NLRI (Network Layer Reachability InIormation), khi do truong AFI duoc dt bng 1 va truong SAFI duoc dt bng 128 trong truong hop cua IPv4.
3.2.5 Hot dng cua m}t phng diu khin MPLS VPN. Mt phng diu khin trong MPLS VPN chua moi thng tin dinh tuyn lop 3 va cac tin trinh trao di thng tin cua cac IP preIix duoc gan va phn phi nhn bng LDP. Mt phng du liu thuc hin chuc nng chuyn tip cac goi IP duoc gan nhn dn tram k d v dich. Hinh sau cho thy su tuong tac cua cac giao thuc trong mt phng diu khin cua MPLS VPN.
Hinh 3.6 : Su tuong tac giua cac giao thuc trong mt phng diu khin Cac router CE duoc kt ni voi cac PE, va mt IGP, BGP, hay tuyn tinh (static route) duoc yu cu trn cac CE cung voi cac PE d thu thp va quang cao thng tin NLRI. Trong MPLS VPN backbone gm cac router P va PE, mt IGP kt hop voi LDP duoc su dung giua cac PE va P. LDP dung d phn phi nhn trong mt MPLS D an tt nghip Dai hoc Chuong 3 : Mang ring ao MPLS
Nguyn Tai Phong H09VT4 - 62 -
domain. IGP dung d trao di thng tin NLRI, anh xa (map) cac NLRI nay vao MP- BGP. MP-BGP duoc duy tri giua cac PE trong mt min MPLS VPN va trao di cp nht MP-BGP.
3.2.6 Hot dng cua m}t phng d liu MPLS VPN Vic chuyn tip trong mang MPLS VPN doi hoi phai dung chng nhn (label stack). Nhn trn (top lable) duoc gan va hoan di (swap) d chuyn tip goi du liu di trong li MPLS. Nhn thu hai (nhn VPN) duoc kt hop voi VRF o router PE d chuyn tip goi dn cac CE. Hinh sau m ta cac buoc trong chuyn tip du liu khach hang cua mt phng du liu tu mt site khach hang CE2-A toi CE1-A trong ha tng mang cua SP. Khi du liu duoc chuyn tip toi mt mang cu th doc theo mang VPN qua li MPLS, chi co nhn trn (top lable) trong chng nhn bi hoan di (swap) khi goi di qua backbone. Nhn VPN vn giu nguyn va duoc boc ra khi dn router PE ng ra (egress)/xui dong(downstream). Mang gn voi mt giao tip ng ra thuc vao mt VRF cu th trn router phu thuc vao gia tri cua nhn VPN.
3.2.7 D|nh tuyn VPNv4 trong mng MPLS VPN VRF tach ring khach hang trn b dinh tuyn PE, nhung lam th nao d tin t duoc vn chuyn qua mang cua nha cung cp dich vu? boi vi, nhiu kha nng, s luong lon cac tuyn co th la mt trm nghin duoc vn chuyn qua. BGP la mt ung cu vin boi vi no la giao thuc dinh tuyn tinh va proven co th mang rt nhiu tuyn. Chi thy rng BGP la giao thuc dinh tuyn co ban d mang bang dinh tuyn Internet hoan chinh. Boi vi tuyn VPN cua khach hang duoc thuc hin duy nht bng cach thm RD vao mi tuyn IPv4 chuyn no thanh tuyn VPNv4 tt ca cac tuyn khach hang co th duoc vn chuyn an toan qua mang MPLS VPN.
Hinh 3.7 : Su truyn tuyn trong mang MPLS VPN B dinh tuyn PE nhn tuyn IPv4 tu b dinh tuyn CE qua giao thuc cng trong (IGP Interior Gateway Protocol) hoc BGP ngoai (external BGP eBGP). Nhung D an tt nghip Dai hoc Chuong 3 : Mang ring ao MPLS
Nguyn Tai Phong H09VT4 - 63 -
tuyn IPv4 tu site VPN duoc dt vao trong bang dinh tuyn VRF. VRF duoc su dung phu thuc vao VRF ma duoc cu hinh trn giao din trn b dinh tuyn PE toi b dinh tuyn CE. Nhung tuyn nay duoc ni voi RD ma duoc chi dinh toi VRF. Do do, chung tro thanh tuyn VNPv4, tuyn nay sau do duoc dua vao MP BGP. BGP quan tm dn su phn phi nhung tuyn VPNv4 toi tt ca cac b dinh tuyn PE trong mang MPLS VPN. Trn b dinh tuyn PE, nhung tuyn VPNv4 duoc tach RD va dua vao bang dinh tuyn VRF nhu tuyn IPv4. Tuyn VNPv4, sau khi duoc tach bo RD, co duoc dua vao bang VRF hay khng con phu thuc vao RT co cho phep truy nhp vao VRF hay khng. Nhung tuyn IPv4 sau do duoc quang ba toi cac b dinh tuyn CE qua giao thuc IGP hoc eBGP (giao thuc chay giua b dinh tuyn PE va CE). Hinh sau m ta cac buoc trong su truyn tuyn tu CE dn CE trong mang MPLS VPN.
Hinh 3.8 : Su truyn tuyn trong mang MPLS VPN Step by step Boi vi nha cung cp dich vu ma dang chay mang MPLS VPN chay BGP trong h thng tu tri, iBGP dang chay giua cac b dinh tuyn PE. Su truyn tu eBGP giao thuc chay giua PE va CE toi MP iBGP trong mang MPLS VPN va nguoc lai la tu dng va khng cn cu hinh thm. Tuy nhin vic phn phi lai cua MP iBGP trong IGP ma hin dang chay giua PE va CE la khng tu dng. Ta phai cu hinh phn phi lai ln nhau giua MP iBGP va IGP.
D an tt nghip Dai hoc Chuong 3 : Mang ring ao MPLS
Nguyn Tai Phong H09VT4 - 64 -
3.2.8 Chuyn tip gi trong mng MPLS VPN Nhu d noi trong phn truoc, nhung goi khng th duoc chuyn tip nhu goi IP don thun giua cac site. B dinh tuyn P khng th chuyn tip chung boi vi no khng co thng tin VRF tu mi site. MPLS khng th giai quyt vn d nay boi dan nhn vao goi. B dinh tuyn P sau do phai co thng tin chuyn tip dung cho nhn d chuyn tip goi. Cach chung nht la cu hinh giao thuc phn phi nhn (LDP) giua tt ca cac b dinh tuyn P va PE nn tt ca cac luu luong IP la chuyn mach nhn giua chung. Ta cng co th su dung giao thuc RSVP mo rng cho diu khin luu luong (TE) khi thuc thi MPLS TE, nhung LDP la phuong thuc chung nht cho MPLS VPN. Goi IP sau do duoc chuyn tip nhn voi mt nhn tu b dinh tuyn PE vao toi b dinh tuyn PE ra. B dinh tuyn P khng bao gio phai thuc hin vic tim kim dia chi IP dich. Dy la cach d cac goi duoc chuyn mach giua cac b dinh tuyn PE vao va ra. Nhung nhn nay duoc goi la nhn IGP, boi vi no la nhn phai co trong tin t IPv4 trong bang dinh tuyn toan cuc cua b dinh tuyn P va PE, va IGP cua mang nha cung cp dich vu quang ba no. Lam th nao d b dinh tuyn PE bit duoc goi nao thuc VRF nao. Thng tin nay khng co trong mao du IP, va no khng th duoc nhn ly tu nhn IGP, boi vi dy chi duoc su dung d chuyn tip goi qua mang cua nha cung cp dich vu. Giai phap o dy la thm mt nhn khac trong chng nhn MPLS. Nhn nay s chi ra goi nao thuc VRF. Do do tt ca cac goi cua khach hang duoc chuyn tip voi 2 nhn: nhn IGP nhu la nhn trn cung va nhn VPN nhu la nhn duoi cung. Nhn VPN phai duoc dt trn b dinh tuyn PE vao d chi ra b dinh tuyn PE ra nao ma goi thuc VRF do. Lam th nao d b dinh tuyn PE ra bao hiu toi b dinh tuyn PE vao ma nhn duoc su dung cho tin t VRF? Boi MP BGP thuc su duoc su dung d quang ba tin t VPNv4, no cng bao hiu nhn VPN (duoc bit dn nhn BGP) ma duoc kt ni voi tin t VPNv4. Ch : Thuc su thi khai nim co mt nhn VPN chi ra goi nao thuc VRF cng khng thuc su dung. No co th dung trong vai truong hop, nhung da s la khng. Nhn VPN thuong chi ra nut tip theo ma goi duoc chuyn tip toi trn b dinh tuyn PE ra. Do do, muc dich cua no la d chi b dinh tuyn CE dung nhu buoc tip theo cua goi. Noi tom lai, luu luong VRF to VRF co 2 nhn trong mang MPLS VPN. Nhn trn cung la nhn IGP va duoc phn phi boi LDP hoc RSVP cho TE giua tt ca cac b dinh tuyn P va PE hop by hop. Nhn duoi cung la nhn VPN ma duoc quang ba boi MP iBGP tu PE dn PE. Nhung b dinh tuyn P su dung nhn IBG d chuyn tip goi toi b dinh tuyn PE ra tuong ung. B dinh tuyn PE ra su dung nhn VPN d chuyn tip goi IP toi b dinh tuyn CE tuong ung.
D an tt nghip Dai hoc Chuong 3 : Mang ring ao MPLS
Hinh 3.10 : M hinhVPN truyn thng Han ch du tin va cng la d nhn thy nht o IPSec do la lam giam hiu nng cua mang. Khi xet duong di cua mt goi tin duoc gui tu may tinh A trong mang A dn may tinh B trong mang B. Goi tin tu may tinh A s duoc gui dn CPE A. CPE-A s kim tra goi tin xem liu no co cn thit phai chuyn dn CPEB hay khng. Trong mt mi truong mang khng co VPN thi goi tin s duoc truyn ngay dn CPE-B. Tuy nhin, voi giao thuc IPSec, CPE-A phai thuc hin mt s thao tac truoc khi gui goi tin di. du tin, goi tin duoc m hoa, sau do dong goi vao cac goi IP, hoat dng nay tiu tn thoi gian va gy tr cho goi tin. Tip theo goi tin s duoc dua vao trong mang cua nha cung cp dich vu. Luc nay, nu goi tin moi duoc tao thanh co kich thuoc lon hon kich thuoc ti da cho phep truyn (MTU) trn bt cu mt lin kt nao giua CPE-A va CPE-B thi goi tin s cn phai duoc phn manh thanh hai hay nhiu goi tin nho hon. diu nay chi xay ra trong truong hop bit DF (Don't Fragment) khng duoc thit lp, D an tt nghip Dai hoc Chuong 3 : Mang ring ao MPLS
Nguyn Tai Phong H09VT4 - 66 -
con trong truong hop bit DF duoc thit lp thi goi tin s bi mt va mt ban tin ICMP s duoc gui lai phia phat. Khi goi tin dn duoc CPE-B, no s duoc mo goi va giai m, hai hoat dng nay tip tuc lam tr goi tin trong mang. Cui cung, CPE-B s chuyn tip goi tin dn may tinh B. Thoi gian tr trong mang s phu thuc vao d phuc tap va tc d xu ly cua cac CPE. Cac thit bi CPE cht luong thp thuong phai thuc hin hu ht cac chuc nng IPSec bng phn mm khin tr trong mang lon. Cac thit bi CPE voi kha nng thuc hin cac chuc nng IPSec bng phn cung co th tng tc d xu ly goi tin ln rt nhiu nhung chi phi cho cac thit bi nay la rt dt. diu nay dn dn chi phi trin khai mt mang IPSec VPN la rt tn kem. Cac cng ngh IP VPN khac hin co, nhu IPSec, L2TP, L2F va GRE tt ca du hoat dng tt voi cu hinh mang sao (hubandspoke). Tuy nhin, mang ngay nay cn lin lac nhiu chiu (anytoany). D h tro diu nay su dung Frame relay hay giao thuc duong hm thi cn phai co cu hinh dang kt ni dy du (Iull mesh) cac PVC hay duong hm giua cac vung la thanh vin. Mang khng th cung cp va quan ly mt cu hinh dy du (Iull mesh topology) su dung cac cng ngh truyn thng voi hang ngan hay chuc ngan VPN. Mt dim chung ta cn phai cn nhc khi trin khai cac mang VPN do la cac thit bi CPE. Mi nha cung cp cn phai chc chn rng tt ca cac CPE s hoat dng tuong thich voi nhau. Giai phap don gian va hiu qua nht la su dung cung mt loai CPE trong mi vung, tuy nhin, diu nay khng phai bao gio cng thuc hin duoc do nhiu yu t khac nhau. Tuy ngay nay su tuong thich khng phai la mt vn d lon nhung no vn cn phai duoc quan tm khi hoach dinh mt giai phap mang IPSec VPN. 3.3.2 MPLS VPN Cac mang MPLS VPN khng su dung hoat dng dong goi va m hoa goi tin d dat duoc muc d bao mt cao. MPLS VPN su dung bang chuyn tip va cac nhn d tao nn tinh bao mt cho mang VPN. Kin truc mang loai nay su dung cac tuyn mang xac dinh d phn phi cac dich vu VPN, va cac co ch xu ly thng minh cua MPLS VPN luc nay nm hoan toan trong phn li cua mang. Mi VPN duoc kt hop voi mt bang dinh tuyn - chuyn tip VPN (VRF) ring bit. VRF cung cp cac thng tin v mi quan h trong VPN cua mt site khach hang khi duoc ni voi PE router. Di voi mi VRF, thng tin su dung d chuyn tip cac goi tin duoc luu trong cac bang dinh tuyn IP va bang CEF. Cac bang nay duoc duy tri ring le cho tung VRF nn no ngn chn duoc hin tuong thng tin bi chuyn tip ra ngoai mang VPN cng nhu ngn chn cac goi tin bn ngoai mang VPN chuyn tip vao cac router bn trong mang VPN. Dy chinh la co ch bao mt cua MPLS VPN. D an tt nghip Dai hoc Chuong 3 : Mang ring ao MPLS
Nguyn Tai Phong H09VT4 - 67 -
Bn trong mi mt MPLS VPN, co th kt ni bt ky hai dim nao voi nhau va cac site co th gui thng tin truc tip cho nhau ma khng cn thng qua site trung tm. Cac CE khng doi hoi chuc nng VPN va h tro IPSec. diu nay co nghia la khach hang khng phai chi phi qua cao cho cac thit bi CE. Tr trong mang duoc giu o muc thp nht vi cac goi tin luu chuyn trong mang khng phai thng qua cac hoat dng nhu dong goi va m hoa. So di khng cn chuc nng m hoa la vi MPLS VPN tao nn mt mang ring. Vic tao mt mang dy du (Iull mesh) VPN la hoan toan don gian vi cac MPLS VPN khng su dung co ch tao duong hm. Vi vy, cu hinh mc dinh cho cac mang MPLS VPN la Iull mesh, trong do cac site duoc ni truc tip voi PE vi vy cac site bt ky co th trao di thng tin voi nhau trong VPN. Hoat dng khai thac va bao dung cng don gian hon trong mang MPLS-VPN.
D an tt nghip Dai hoc Chuong 4 : Thuc nghim
Nguyn Tai Phong H09VT4 - 68 -
CHUONG 4: THJC NGHIJM
Cai dt m hinh MPLS VPN layer3 static route don gian trn phn mm m phong GNS3 nhu sau
Hinh 4.1 : So d du ni m phong
Hinh 4.2 : Du ni vt ly
D an tt nghip Dai hoc Chuong 4 : Thuc nghim
Nguyn Tai Phong H09VT4 - 69 -
M ta yu cu Cu hinh dich vu MPLS VPN layer 3 cho 2 khach hang la 2 ngn hang khac nhau , mi ngn hang co 2 chi nhanh ( R7 & R5 la 2 router thuc khach hang A, R6 & R8 la 2 router thuc khach hang B) Cac router R5, R6, R7, R8 la cac router dt tai du khach hang Giao thuc igp su dung trong core MPLS la ospI Cc buc thc hin O Cu hinh IP cho Route O Cu hinh OSPF area 0 trn core MPLS voi cac route R1,R2, R3, R4 O Enable MPLS trn cac router R1, R2, R3, R4 O Cu hinh dia chi Loopback 150.1.3.3/32 trn R3 va quang ba vao OSPF O Cu hinh dia chi Loopback 150.1.4.4/32 trn R4 va quang ba vao OSPF O Cu hinh peer iBGP R3 va R4 su dung cac dia chi vua tao O Tao VRF cho khach hang A (Router R5 va R7) O Tao VRF cho khach hang B (Router R6 va R8) O Cu hinh static route trn router R3 va R4 vao BGP O Redistribute static route trn 2 router R3 & R4 vaoBGP O Cu hinh Loopback 10.1.5.5/24 trn R5 O Cu hinh Loopback 10.1.6.6/24 trn R6 O Cu hinh Loopback 10.1.7.7/24 trn R7 O Cu hinh Loopback 10.1.8.8/24 trn R8 O Cu hinh deIault route trn cac router 5,6,7,8 tro v router 3 va 4. O Kim tra dich vu : tu loopback router 5 co th kt ni toi loopback cua router 7, tu loopback router 6 co th kt ni toi loopback cua router8, cac router thuc cac khach hang khac nhau khng th kt ni voi nhau, router P cua nha cung cp dich vu khng bit duoc mang cua khach hang
4.1 Cu hnh chi tit ti cc thit b| 4.1.1 Cu hnh router R1 ip ceI interIace FastEthernet0/1 ip address 150.1.12.1 255.255.255.0 no shut tag-switching ip interIace FastEthernet0/0 ip address 150.1.13.1 255.255.255.0 no shut D an tt nghip Dai hoc Chuong 4 : Thuc nghim
Nguyn Tai Phong H09VT4 - 70 -
tag-switching ip ! router ospI 1 network 150.1.12.1 0.0.0.0 area 0 network 150.1.13.1 0.0.0.0 area 0 end
4.1.2 Cu hnh router R2 ip ceI interIace FastEthernet0/1 ip address 150.1.12.2 255.255.255.0 no shut tag-switching ip ! interIace FastEthernet0/0 ip address 150.1.24.2 255.255.255.0 tag-switching ip no shut ! router ospI 1 network 150.1.12.2 0.0.0.0 area 0 network 150.1.24.2 0.0.0.0 area 0 end
4.1.3 Cu hnh router R3 ip ceI ip vrI R5-R7 rd 1:57 route-target export 1:57 route-target import 1:57 ip vrI R6-R8 rd 1:68 route-target export 1:68 route-target import 1:68 interIace Loopback0 ip address 150.1.3.3 255.255.255.255 ! interIace FastEthernet0/0 no shut ip vrI Iorwarding R5-R7 D an tt nghip Dai hoc Chuong 4 : Thuc nghim
Nguyn Tai Phong H09VT4 - 71 -
ip address 10.1.37.3 255.255.255.0 ! interIace FastEthernet0/1 ip vrI Iorwarding R6-R8 ip address 10.1.38.3 255.255.255.0 no shut ! interIace FastEthernet1/0 ip address 150.1.13.3 255.255.255.0 tag-switching ip no shut ! router ospI 1 network 150.1.3.3 0.0.0.0 area 0 network 150.1.13.3 0.0.0.0 area 0 ! router bgp 1 neighbor 150.1.4.4 remote-as 1 neighbor 150.1.4.4 update-source Loopback0 neighbor 150.1.4.4 next-hop-selI ! address-Iamily vpnv4 neighbor 150.1.4.4 activate neighbor 150.1.4.4 send-community both exit-address-Iamily ! address-Iamily ipv4 vrI R6-R8 redistribute connected redistribute static exit-address-Iamily ! address-Iamily ipv4 vrI R5-R7 redistribute connected redistribute static exit-address-Iamily ! ip route vrI R5-R7 10.1.7.0 255.255.255.0 10.1.37.7 ip route vrI R6-R8 10.1.8.0 255.255.255.0 10.1.38.8 end
D an tt nghip Dai hoc Chuong 4 : Thuc nghim
Nguyn Tai Phong H09VT4 - 72 -
4.1.4 Cu hnh router R4 ip ceI ! ip vrI R5-R7 rd 1:57 route-target export 1:57 route-target import 1:57 ! ip vrI R6-R8 rd 1:68 route-target export 1:68 route-target import 1:68 ! interIace Loopback0 ip address 150.1.4.4 255.255.255.255 interIace FastEthernet0/1 ip vrI Iorwarding R6-R8 ip address 10.1.46.4 255.255.255.0 no shut ! interIace FastEthernet1/0 ip address 150.1.24.4 255.255.255.0 tag-switching ip no shut ! interIace FastEthernet0/0 no shut ip vrI Iorwarding R5-R7 ip address 10.1.45.4 255.255.255.0 ! router ospI 1 network 150.1.4.4 0.0.0.0 area 0 network 150.1.24.4 0.0.0.0 area 0 ! router bgp 1 neighbor 150.1.3.3 remote-as 1 neighbor 150.1.3.3 update-source Loopback0 neighbor 150.1.3.3 next-hop-selI ! D an tt nghip Dai hoc Chuong 4 : Thuc nghim
4.1.5 Cu hnh router R5 ip ceI interIace Loopback0 ip address 10.1.5.5 255.255.255.0 interIace FastEthernet0/0 ip address 10.1.45.5 255.255.255.0 no shut ip route 0.0.0.0 0.0.0.0 10.1.45.4 end
4.1.6 Cu hnh router R6 ip ceI interIace Loopback0 ip address 10.1.6.6 255.255.255.0 interIace FastEthernet0/0 ip address 10.1.46.6 255.255.255.0 no shut ip route 0.0.0.0 0.0.0.0 10.1.46.4 end
4.1.7 Cu hnh router R7 D an tt nghip Dai hoc Chuong 4 : Thuc nghim
Nguyn Tai Phong H09VT4 - 74 -
interIace Loopback0 ip address 10.1.7.7 255.255.255.0 interIace FastEthernet0/0 no shut ip address 10.1.37.7 255.255.255.0 ip route 0.0.0.0 0.0.0.0 10.1.37.3 end
4.1.8 Cu hnh router R8 interIace Loopback0 ip address 10.1.8.8 255.255.255.0 interIace FastEthernet0/0 no shut ip address 10.1.38.8 255.255.255.0 ip route 0.0.0.0 0.0.0.0 10.1.38.3 end
4.2 Thng tin d|nh tuyn 4.2.1 Thng tin d|nh tuyn R1
Hinh 4.3 : Thng tin dinh tuyn R1 4.2.2 Thng tin d|nh tuyn R2 D an tt nghip Dai hoc Chuong 4 : Thuc nghim
Nguyn Tai Phong H09VT4 - 75 -
Hinh 4.4 : Thng tin dinh tuyn R2 4.2.3 Thng tin d|nh tuyn R3
Hinh 4.5 : Thng tin dinh tuyn R3 4.2.4 Thng tin d|nh tuyn R4
Hinh 4.6 : Thng tin dinh tuyn R4 D an tt nghip Dai hoc Chuong 4 : Thuc nghim
Nguyn Tai Phong H09VT4 - 76 -
4.2.5 Thng tin d|nh tuyn R5
Hinh 4.7 : Thng tin dinh tuyn R5 4.2.6 Thng tin d|nh tuyn R6
Hinh 4.8 : Thng tin dinh tuyn R6 4.2.7 Thng tin d|nh tuyn R7
Hinh 4.9 : Thng tin dinh tuyn R7 D an tt nghip Dai hoc Chuong 4 : Thuc nghim
Nguyn Tai Phong H09VT4 - 77 -
4.2.8 Thng tin d|nh tuyn R8
Hinh 4.10: Thng tin dinh tuyn R8 4.3 Kim tra O Kim tra LDP d nhn nhn cua nhng mng con v cc interface loopback cua cc router core chua?
Hinh 4.11 : Show mpls ldp bindings R3
Hinh 4.12 : Show mpls ldp bindings R4 D an tt nghip Dai hoc Chuong 4 : Thuc nghim
Nguyn Tai Phong H09VT4 - 78 -
Hinh 4.13 : Show mpls ldp bindings R2
Hinh 4.14 : Show mpls ldp bindings R1
O Bang LFIB D an tt nghip Dai hoc Chuong 4 : Thuc nghim
Nguyn Tai Phong H09VT4 - 79 -
Hinh 4.15 : Bang LFIB trn R3 va R4
Hinh 4.16 : Bang LFIB trn R1 va R2 O Bang d|nh tuyn VRF Routing cho cac khach hang tai R3 va R4
D an tt nghip Dai hoc Chuong 4 : Thuc nghim
Nguyn Tai Phong H09VT4 - 80 -
R3#show ip route vrf ` Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate deIault, U - per-user static route o - ODR, P - periodic downloaded static route
Gateway oI last resort is not set
150.1.0.0/16 is variably subnetted, 5 subnets, 2 masks O 150.1.24.0/24 |110/21| via 150.1.13.1, 00:12:08, FastEthernet1/0 O 150.1.4.4/32 |110/22| via 150.1.13.1, 00:11:58, FastEthernet1/0 C 150.1.3.3/32 is directly connected, Loopback0 C 150.1.13.0/24 is directly connected, FastEthernet1/0 O 150.1.12.0/24 |110/11| via 150.1.13.1, 00:12:08, FastEthernet1/0
Routing Table: R5-R7 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate deIault, U - per-user static route o - ODR, P - periodic downloaded static route
Gateway oI last resort is not set
10.0.0.0/24 is subnetted, 4 subnets S 10.1.7.0 |1/0| via 10.1.37.7 B 10.1.5.0 |200/0| via 150.1.4.4, 00:11:09 B 10.1.45.0 |200/0| via 150.1.4.4, 00:11:09 C 10.1.37.0 is directly connected, FastEthernet0/0
Routing Table: R6-R8 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 D an tt nghip Dai hoc Chuong 4 : Thuc nghim
Nguyn Tai Phong H09VT4 - 81 -
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate deIault, U - per-user static route o - ODR, P - periodic downloaded static route
Gateway oI last resort is not set
10.0.0.0/24 is subnetted, 4 subnets S 10.1.8.0 |1/0| via 10.1.38.8 B 10.1.6.0 |200/0| via 150.1.4.4, 00:11:19 B 10.1.46.0 |200/0| via 150.1.4.4, 00:11:19 C 10.1.38.0 is directly connected, FastEthernet0/1
R4#show ip route vrf ` Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate deIault, U - per-user static route o - ODR, P - periodic downloaded static route
Gateway oI last resort is not set
150.1.0.0/16 is variably subnetted, 5 subnets, 2 masks C 150.1.24.0/24 is directly connected, FastEthernet1/0 C 150.1.4.4/32 is directly connected, Loopback0 O 150.1.3.3/32 |110/22| via 150.1.24.2, 00:14:50, FastEthernet1/0 O 150.1.13.0/24 |110/21| via 150.1.24.2, 00:14:50, FastEthernet1/0 O 150.1.12.0/24 |110/11| via 150.1.24.2, 00:14:50, FastEthernet1/0
Routing Table: R5-R7 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate deIault, U - per-user static route o - ODR, P - periodic downloaded static route
Gateway oI last resort is not set D an tt nghip Dai hoc Chuong 4 : Thuc nghim
Nguyn Tai Phong H09VT4 - 82 -
10.0.0.0/24 is subnetted, 4 subnets B 10.1.7.0 |200/0| via 150.1.3.3, 00:13:55 S 10.1.5.0 |1/0| via 10.1.45.5 C 10.1.45.0 is directly connected, FastEthernet0/0 B 10.1.37.0 |200/0| via 150.1.3.3, 00:13:55
Routing Table: R6-R8 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate deIault, U - per-user static route o - ODR, P - periodic downloaded static route
Gateway oI last resort is not set
10.0.0.0/24 is subnetted, 4 subnets B 10.1.8.0 |200/0| via 150.1.3.3, 00:13:59 S 10.1.6.0 |1/0| via 10.1.46.6 C 10.1.46.0 is directly connected, FastEthernet0/1 B 10.1.38.0 |200/0| via 150.1.3.3, 00:14:00
O Kim tra mng d thng nhau chua
Khch hng A
R5#ping 10.1.37.7
Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.37.7, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max 80/104/128 ms
R7#ping 10.1.45.5
Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.45.5, timeout is 2 seconds: !!!!! D an tt nghip Dai hoc Chuong 4 : Thuc nghim
Nguyn Tai Phong H09VT4 - 83 -
Success rate is 100 percent (5/5), round-trip min/avg/max 76/106/136 ms
Khch hng B R6#ping 10.1.38.8
Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.38.8, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max 80/101/160 ms
R8#ping 10.1.46.6
Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.46.6, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max 76/101/116 ms
- Hai khach hang A va B la dc lp voi nhau va khng thy duoc mang bn trong cua nha cung cp dich vu - Mang li core cua nha cung cp dich vu khng bit duoc mang khach hang
D an tt nghip Dai hoc Kt lun
Nguyn Tai Phong H09VT4 - 84 -
KET LUAN
Theo nhung yu cu cua d an tt nghip, thi d tai d dat duoc nhung ni dung co ban lin quan dn vn d MPLS VPN. Du tin la giup nguoi doc co duoc cai nhin tng quan v VPN, dng thoi lun vn cng gioi thiu v cng ngh moi dang duoc ua chung hin nay la MPLS, mt cng ngh kt hop giua dinh tuyn tt o mang bin va chuyn goi nhanh trong mang li. Mt trong s nhung ung dung quan trong cua MPLS la MPLS VPN. Lun vn di su vao nghin cuu MPLS VPN giup cho vic bao mt thng tin giua cac site cua khach hang khi truyn qua mang. Vic trin khai MPLS VPN d kt hop duoc uu dim cua 2 m hinh overlay VPN va peer-to-peer VPN dng thoi k thua duoc nhung uu dim cua cng ngh MPLS. Voi nhung th manh v mt bao mt, tinh mm deo khi trin khai, cht luong duong truyn... va dc bit la uu th v gia ca. Voi mang ring ao dua trn MPLS cac doanh nghip, t chuc hoan toan co th dat duoc cac muc tiu cua minh nhu: diu khin nhiu hon trn ha tng mang, co duoc dich vu hiu nng va d tin cy tt hon, cung cp da lop dich vu toi nguoi su dung, mo rng an toan, dam bao hiu nng dap ung theo yu cu cua ung dung, h tro hi tu da cng ngh va da kiu luu luong trn cung mt mang don. Nho uu dim vuot tri cua cht luong dich vu qua mang IP va la phuong an trin khai VPN moi khc phuc duoc nhiu vn d ma cac cng ngh ra doi truoc no chua giai quyt duoc, MPLS thuc su la mt lua chon hiu qua trong trin khai ha tng thng tin doanh nghip. Huong mo rng cua lun vn: MPLS VPN la mt d tai rt hay va rng lon. Ngoai nhung vn d d d cp trong lun vn, con rt nhiu nhung vn d khac v MPLS nhu: cht luong dich vu, diu khin luu luong, chuyn mach buoc song da giao thuc MLLS, ap dung y tuong chuyn mach nhn vao chuyn mach quang, khi do cac buoc song quang nhu la nhn. Nhung vn d trn em s c gng tim hiu trong thoi gian toi. Kinh mong nhn duoc gop y ph binh cua cac thy c.
TI LIJU THAM KHAO
Ting Vit |1| Nguyn %in Ban, oang %rng inh, Mang ring ao VPN, Hoc vin cng ngh Buu chinh vin thng |2| oang %rng inh, Cng ngh chuyn mach IP va MPLS 2003 |2| %ran %h % Uyn, Chuyn mach nhn da giao thuc, VnPro - Cisco Authorized Training Center. Ting Anh |1| IPSec, VPN, and Firewall Concepts. Cisco Press, 2004. |2| isco $yst0ms 2003,USA,Implementting Cisco (MPLS) v2.0. |3| MPLS VPN, http://www.cisco.com Web Technology Document.