The MPLS-OPS Archive

Cell Relay Retreat>MPLS-OPS Archive>month:2004-Jan> msg00106



[Date Prev][Date Next][Thread Prev][Thread Next]  
  [Date Index][Thread Index][Author Index][Subject Index]

RE: Label Distribution Process

  • From: "kartik" <kartik.kashyap@estelcom.com>
  • Date: Sat, 31 Jan 2004 09:58:52 +0530
  • Importance: Normal
  • Resent-Date: Sat, 31 Jan 2004 00:13:15 -0500
  • To: "Roger Clark Williams" <rogerw@nordlink.com>, "MPLS-ops Mailing List" <mpls-ops@mplsrc.com>
  • X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
  • X-AntiAbuse: Primary Hostname - cpanel.people-connect.com
  • X-AntiAbuse: Original Domain - mplsrc.com
  • X-AntiAbuse: Originator/Caller UID/GID - [0 0] / [47 12]
  • X-AntiAbuse: Sender Address Domain - estelcom.com

Dear Roger

 

It was a good post. I would like to understand

q       “What is label Spoofing ? How it happens?”

q       How can we use downstream on demand on cisco routers ?

 

Regards

Kartik

 

 

-----Original Message-----
From: Roger Clark Williams [mailto:rogerw@nordlink.com]
Sent: Friday, January 30, 2004 11:37 PM
To: MPLS-ops Mailing List
Subject: Fwd: [MPLS-OPS]: Label Distribution Process

 

Shailendra, it can get confusing. And I may have it confused as well, but I will say what I believe to be true.

Upstream and downstream, even though the terms are used relative to labels, are always in reference to the direction of traffic flow, not direction of label distribution. Also remember that labels are unidirectional, so though we talk about a single traffic direction in the example, in fact the same thing happens the other direction for traffic flowing the opposite way.

Downstream distribution in general means that the router will distribute labels for a certain destination in a direction away from that destination, i.e. out interfaces that are not the direction to the destination. The name seems counter-intuitive, as the actual label distribution is, in fact, upstream relative to traffic flow. The router sends out a label whenever it learns about a destination. The distribution tends to be what is called a platform specific label. This means that, for a single destination, the same label can be distributed on all upstream interfaces. When used on a frame heading toward the destination (i.e downstream), the label coming in any interface will be recognized by that router. The benefit is that, assuming some sort of meshed network, there will be multiple labels at every router that could be used to forward packets toward a destination if the chosen path goes down. The reason: Assuming a link state routing protocol such as OSPF or IS-IS, the router is learning about destinations from multiple sources, and therefore has multiple labels from downstream routers. One drawback is that a spoofed label would still be recognized by the router regardless of the interface it enters.

Downstream on demand has a slightly different pattern. The router will not distribute a label until asked by the upstream router, the router farther away from the destination. How would it know to ask? When a frame arrives at the ingress router with an IP address for the destination, that router has no label for the destination. It asks for one from the router closer to the destination. That downstream router in turn asks the next closer router, and this goes on all the way downstream to the egress router. Each router is waiting now for a label from the next one closer. The egress sends a label upstream. This allows the next router in line to release a label upstream, and so it goes upstream until the ingress router gets a label for the destination. Only then can the ingress router forward a frame. This method is used in situations in which there is a premium on available or supported labels, ATM specifically. As well, this distribution tends to be interface-specific, with a specific label sent out only on the interface on which the original request arrived. Though there will be a delay in the initial forwarding, one benefit would be security: A labelled frame must arrive on a specific interface or it will be rejected. Spoofing labels would be more difficult.

Unless I am mistaken, Cisco doesn't use upstream distribution, and I am certainly willing to be corrected if I am wrong. If Juniper does we can wait for that word from a Juniper person. But it brings up an interesting point. Each manufacturer will claim to be following the LDP standard, and in fact they are - to a degree. If one does support upstream distribution and the other doesn't, then even though they are both following the standard as far as they go, the two will not communicate. It is always worth asking the salesperson - carefully- what the platform actually supports.

I hope this helps

Roger Williams



X-SpamCatcher-Score:   1 [X]
X-Real-To: rogerw@nordlink.com
Resent-Date: Fri, 30 Jan 2004 02:35:40 -0500
X-Authentication-Warning: host.secure4-hosting.net: mplsrc12 set sender to mpls-ops-request@mplsrc.com using -f
From: "Shailendra Gupta" <shailendra.gupta@estelcom.com>
To: <mpls-ops@mplsrc.com>
Date: Fri, 30 Jan 2004 12:52:45 +0530
X-Mailer: Microsoft Outlook Express 6.00.2800.1158
Subject: [MPLS-OPS]: Label Distribution Process
Resent-From: mpls-ops@mplsrc.com
X-Mailing-List: <mpls-ops@mplsrc.com> archive/latest/6748
X-Loop: mpls-ops@mplsrc.com
Resent-Sender: mpls-ops-request@mplsrc.com

Dear Friends
 
Kindly help to clarify following label distribution mechanism, associated benefit and Cisco/Juniper default support.
 
1. Downstrem Distribution
2. Downstream on Demand Distribution
3. Upstream on Demand Distribution
 
Peter Tomsu & Gerhard Wieser[Prentice Hall] has very briefly described the same and I have some confusion on this subject. Please share your views & supply any available link on the same.
 
Thanks in advance.
 
Shailendra
 

------- The MPLS-OPS Mailing List Subscribe/Unsubscribe: http://www.mplsrc.com/mplsops.shtml Archive: http://www.mplsrc.com/mpls-ops_archive.shtml