The LAN in the WAN-Part II [Article by ASND exec. Info on MPLS]
nelsonpub.com
Frame relay or virtual private network? This article, the second in a series, takes a look
at IP-VPNs and compares the two types of connectivity. (See Communications News' May
issue, page 46, for the first article in the series.)
By Bob Sullebarger
(Sullebarger is director of product marketing at Ascend Communications, Inc., Westford,
Mass.)
In contrast to frame relay, IP is a connectionless technology. In today's WAN, IP is a best effort
service; performance and delay may vary greatly with traffic conditions inside the WAN. The
appeal of IP is in its ubiquity. An IP flow may hop across multiple disparate Layer 2 networks to
reach its destination without requiring any fundamental protocol conversion.
Frame relay, asynchronous transfer mode (ATM), and point-to-point protocol (PPP) networks can
all transport IP with no difficulty, and IP is rapidly becoming a common underlying transport
protocol for most applications.
However, QoS and security issues must be resolved if IP is to become an effective option for
applications that are today supported by frame relay data services. Security issues are now being
addressed via encryption and authentication schemes such as IPSec, and by tunneling technologies
such as Layer 2 tunneling protocol (L2TP).
While the resource reservation protocol (RSVP) brings a mechanism to deliver a measure of QoS
to IP, its prospects for acceptance by the Internet service provider (ISP) community appear to be
in serious question. Many are concluding that RSVP is a resource hog that simply will not scale to
the dimensions required for large scale IP public wide area networks.
Other solutions for addressing IP QoS are therefore required. To date, the best way to deliver hard
QoS for IP data services is via mapping IP onto connection-oriented technology at Layer 2: That
means frame relay and ATM.
IP tunneling for remote access
There are two basic types of IP-VPNs: 1) those built over the public Internet using tunneling
technologies like L2TP, L2F and point-to-point tunneling protocol (PPTP), and 2) those built on
top of carrier-class public networks based on MPLS (multiprotocol label switching), an emerging
IP switching technology being defined by the Internet Engineering Task Force (IETF).
Tunneling is a technique in which one networking protocol is carried within another. For example,
IPX packets may be encapsulated in IP packets to allow the Internet to effectively interconnect
IPX networks. Tunneling can be a very useful and cost-effective way to allow remote workers to
access corporate resources over the Internet. Leading-edge remote access equipment is available
now to support IP tunneling.
The main advantage of tunnels is that they can traverse the entire Internet, hopping across multiple
ISPs along the way, and maintain secure communication. IP tunneling allows enterprise users to
outsource their dial access to an IP service provider. The cost savings are typically dramatic.
Outsourcing dial access to an ISP delivers reduced costs by avoiding long-distance dial access
charges, reducing the number of access lines required to the central site, and requiring less
equipment to manage at the central site as dial-up traffic is shifted to the Internet access lines.
The carrier-class IP solution
MPLS technology is particularly appropriate for carrier-class IP-VPNs . Because these networks
are built on top of connection-oriented frame relay/ATM infrastructures, they allow service
providers to dedicate resources and deliver on QoS commitments, provided that the traffic both
originates and terminates on their network.
MPLS networks are well suited for intranet and extranet services where full mesh connectivity
among sites is the rule (again, traffic both originates and terminates local to a single service
provider's network) and can also be used for Internet access.
Public data networks built on MPLS technology offer the best solution for IP data services. MPLS
works by performing an IP look-up at the ingress point to the public network, and then mapping
packets onto reverse frame relay or ATM multicast virtual circuits or multipoint trees (MPT).
These underlying virtual facilities may have QoS characteristics attached to them. IP packets may
be filtered at the edge of the network on the basis of source or destination address, protocol ID, or
type of service (ToS) field, and then mapped onto the appropriate QoS plane within the public
network. This service brings the most value for users looking for highly meshed connectivity among
a large number of sites.
MPLS networks can also address the ISP's need to deliver VoIP (voice over IP) services, by
performing flow detection at the network edge and establishing virtual circuits dynamically on
demand.
To make this practical, IP switching platforms in a public network will be required to support SS7
gateway functions for address resolution, and very high levels of performance for switched virtual
circuit (SVC) call set-up (on the order of thousands of calls per second). Luckily, equipment is
already available to handle call processing at rates in excess of those supported by conventional
CO voice switches.
MPLS-based IP VPNs are well suited for 100% IP networks. MPLS provides a comprehensive
mechanism for delivering QoS. It is also highly scalable, with the ability to interconnect thousands of
sites because it does not require a full mesh of virtual circuits. MPLS also provides a better
long-term solution for multicast traffic; frame relay supports multicast, but these services are not
widely deployed by carriers today. Finally, MPLS allows the service provider to dedicate
resources to the VPN, in terms of both bandwidth and virtual routers with private routing tables.
(Sullebarger is director of product marketing at Ascend Communications, Inc., Westford,
Mass.)
See Communications News' July issue, page 56, for the complete article. |
