MPLS - label

MPLS Label Distribution and Swapping


In the context of [MPLS](/mpls) when [VPNs](/mpls-virtual-private-network-vpn) are implemented, there are several components that work together to enable the operation of MPLS Layer 3 VPNs.

One of these is the VPN label.  The VPN label, sometimes referred to as the "inner label" plays an essential role in this service. 

### What is a VPN Label?

When a packet is forwarded within an MPLS network, it's labeled with one or more labels. In the context of MPLS L3 VPNs, there are usually two labels:
* ***Outer Label**: This is the transport label that is used for forwarding the packet across the service provider's core network. This label ensures that the packet reaches the correct egress router.
* **Inner Label** or **VPN Label**: This is the label that's specific to a particular VPN. It's used by the egress router to determine the correct VPN to which the packet belongs and the next hop within that VPN.
### Use of VPN Label:
1. **VPN Segregation**: The VPN label helps in differentiating traffic from different VPNs. Even if two customers use the same [IPv4](/ipv4) or [IPv6](/ipv6) address range, their traffic remains isolated because the VPN labels are different.
2. **[Routing](/routing)**: The VPN label is used to look up the next hop for a packet when it reaches the egress [PE (Provider Edge)](/mpls-label-edge-router) router. This ensures that the packet is correctly forwarded to its destination within the VPN.
### Operation of VPN Label:
1. **Assignment**: When a PE router learns a route from a VPN, it assigns a unique VPN label to that route. This label assignment is then communicated to other PE routers using [MP-BGP (Multiprotocol Border Gateway Protocol)](/bgp-multiprotocol-bgp).
2. **Encapsulation**: When a packet from a VPN customer enters the MPLS network at a PE router, the router pushes two labels onto the packet. The inner VPN label identifies the destination VPN route, and the outer label identifies the egress PE router.
3. **Transit**: As the packet travels across the MPLS core (P routers), only the outer label is considered. The P routers simply swap or pop the outer label based on their MPLS forwarding tables, but they remain unaware of the VPN label.
4. **Decapsulation at Egress PE**: Once the packet reaches the egress PE router, the outer label has served its purpose and is removed. The egress PE router now looks at the VPN label to determine the appropriate VPN next hop and any additional forwarding treatment. After this decision, the VPN label is removed, and the packet is forwarded toward its final destination within the VPN.


The VPN label in MPLS L3 VPN ensures traffic segregation and correct forwarding for individual VPNs. It allows multiple customers with potentially overlapping IP addresses to coexist within a single MPLS network without any IP address conflicts. The MPLS core remains agnostic to the customer's individual routes, ensuring scalability and simplicity.


Links:

https://networklessons.com/mpls/mpls-layer-3-vpn-explained/

https://forum.networklessons.com/t/mpls-layer-3-vpn-explained/1287/221?u=lagapides

MPLS - VPN label

Interface - no carrier counter

Interface - show interfaces counters explained

Interface - unknown protocol drops

Interface speed and bandwidth

Interior Gateway Protocol (IGP)

Internet Exchange Point (IXP)

Internet Service Provider (ISP)

Intrusion prevention system (IPS)

Kron task scheduler

L2TPv3 over IPSec

L2TPv3

LACP

LAG - Multi-Chassis LAG

LFA - Topology Independent LFA

LFA, remote LFA, and how they work together in OSPF

LISP - map request and reply process

LISP - what is it

LISP and overlapping address spaces

LISP debug traffic between two EIDs

LISP host mobility use cases

LISP where EID-to-RLOC mappings originate

LISP

Logging buffered command

Loop-Free Alternate (LFA) Fast Reroute (FRR)

Loop-Free Alternate (LFA) and remote LFA

Loops in layers 2 and 3

MAC Access List EtherType

MAC Access List

MAC address flapping

MAC address of all zeros

MAC address table - multiple entries of the same MAC address

MAC address table - show command on Nexus device

MAC address table populated using source address field

MAC address table static multicast entry

MAC address table

MAC address

MPLS - BGP customer prefixes do not appear in the LFIB

MPLS - Connecting IPv6 sites over an IPv4 backbone

MPLS - Disabling IPv4 address family in BGP for VPNv4

MPLS - Ethernet over MPLS (EoMPLS)

MPLS - L3VPN BGP EIGRP redistribution

MPLS - L3VPN BGP OSPF Redistribution

MPLS - LDP source interface

MPLS - Layer 2 VPNs

MPLS - Multi-VRF CE

MPLS - Segment Routing over MPLS

MPLS - Transport Profile

MPLS - Using the BGP Allow-AS in feature

MPLS - VPNv4 Labels are assigned per route

MPLS - Virtual Private Network (VPN)

MPLS - label distribution using MP-BGP

MPLS - multiarea OSPF in the core

MPLS - network redundancy

MPLS - what is fate sharing

MPLS - what is seamless MPLS

MPLS 6PE uses two labels in the data plane

MPLS Bytes Label Switched in the LFIB

MPLS Customer Edge Router

MPLS L3VPN Inter-AS Options

MPLS LDP Label Filtering

MPLS LDP Session Protection

MPLS LDP Targeted Hellos

MPLS LSR ID

MPLS Label Distribution Protocol

MPLS Label Edge Router

MPLS Label Switch Router

MPLS Layer 3 VPN communication between CE and PE routers

MPLS Layer 3 VPN communication between CE routers

MPLS Local Label Allocation Filtering

MPLS Penultimate hop popping

MPLS Route Distinguisher

MPLS Route Target

MPLS TE - Affinity attribute flag assignment best practices

MPLS TE - TE Tunnels

MPLS TE setup and hold priority

MPLS Troubleshooting

MPLS VPN extranet route leaking unique addressing

MPLS VRF names locally significant

MPLS addresses bound to peer LDP Ident output

MPLS advertising multiple customer subnets

MPLS entropy label

MPLS explicit NULL

MPLS implicit NULL

MPLS mandatory use of CEF

MPLS traffic engineering

MPLS-TE - why are IGPs necessary

MPLS

MPP vs ACLs

MQTT return codes

MST - Root port selection for switches outside MST topology

MST configuration revision number

MTU - Adjusting MTU to accommodate additional headers

MTU - Interface MTU configuration considerations

MTU - MSS and Jumbo Frames

MTU - Path MTU Discovery (PMTUD)

MTU - default interface MTU

MPLS - VPN label

What is a VPN Label?

Use of VPN Label:

Operation of VPN Label:

Links to this page: