The other way of getting IP traffic to its destination is by broadcasting it. Basically, broadcasting a packet means sending it everywhere in the hope that it will end up where it was supposed to go eventually. This method has an obvious drawback in that traffic on the broadcast network is unbearably slow because every router has to deal with every packet no matter if it is meant for Timbuktu or Antarctica. Security is also nonexistent in a broadcast network because every router on the network has access to every data conversation taking place.

MPLS (Multiprotocol Label Switching) bridges the gap between broadcasting and dedicated VCs by creating paths through a network, as an ATM or frame relay VC does. The difference is that MPLS gives the routers a choice of paths and lets the packets be rerouted as needed.

In an MPLS cloud, an IP packet header is analyzed by the first router at the edge of the cloud. That router then determines the best path through the network and places a label on the front of the packet identifying the stream (network path) the packet is to take. Each router in the MPLS network looks only at this label and places the packet onto the path identified by the label. Exiting the network, the packet is routed via normal IP methods to its destination.

MPLS offers network managers the ability to apply many WAN features to their data at the IP level instead of at the frame relay or ATM level. IP customers are not used to having this improved QoS (Quality of Service), traffic engineering and private data streams on their WANs--and they still have the flexibility of nondedicated paths. Although smaller customers won't be able to deploy MPLS directly in their networks, carriers will begin offering private IP networks that use MPLS to direct and shape traffic, thereby bringing the benefits to businesses of all sizes.

Label Everything

In the beginning, an MPLS router places a four-octet "label" on packets entering the network. This label identifies the path, or "flow," that the packet will follow to its destination. Packets taking the same path are assigned to a FEC (forwarding-equivalence class), a logical (nonphysical) grouping of traffic with a like destination. This cuts down on overhead since only the first packet needs to be analyzed. The actual identifying label occupies the first 20 bits; the next three bits are for experimental use, and then there's one bit to indicate the label at the bottom of the stack. The last octet is used for TTL (time to live). This label is placed after the data-link layer headers and before the network layer headers of an Ethernet packet. The label is placed in the VPI/VCI field of the header in ATM networks and in the DLCI field of a frame relay header.

A number of these labels can be placed one after the other. Each router examines only the label at the top of the stack until that label reaches its destination. At the destination, the top label is peeled off. If other labels exist on a packet, each one is examined in turn, causing the packet to be routed until all labels have been removed. If necessary, labels can be swapped or replaced.

Labels are bound to a FEC by the downstream LSR (label-switching router); each label is then communicated to the upstream LSR. An LSR also can be set to look only at labels within a particular numeric range and will therefore assign values only within that range.

LSRs use a set of procedures known as LDP (Label Distribution Protocol) to inform each other of the labels being created among them. The LDP also is used between two LSRs to learn about each other's MPLS capabilities. The advantage is that there isn't only one LDP; existing protocols like BGP (Border Gateway Protocol) and RSVP (Resource Reservation Protocol) are being extended so LDP data can be included with them. In the absence of these, protocols like MPLS-LDP have been created specifically to pass labels between the LSRs.

Two distribution methods are defined within MPLS: downstream on demand and unsolicited downstream. Downstream on demand lets an LSR specifically request that a label be created for a connection. Unsolicited downstream is exactly as it sounds: It lets LSRs distribute labels without being requested. LSRs can support both of these methods, but the methods must be agreed upon by the upstream and downstream LSR.

Label retention, or the ability to maintain labels in a lookup table, is handled in one of two methods. LSRs that observe conservative retention maintain only labels that are from valid next-hop LSRs. All other labels are discarded as soon as they are received. This method lets a small label table be maintained internally, requiring less RAM and quicker lookups. On the other hand, liberal retention uses more RAM within the LSR because it maintains a larger table. Liberal retention lets an LSR respond more quickly and reroute traffic should a connection to a valid next hop go down.