Episode 25 – MPLS Part 1
In a new protocol deep-dive series, Nick Russo and Russ White return to discuss MPLS. In part one, we discuss the primary use cases for MPLS, label allocation, and what SD-WAN means for the future of MPLS.
Show Notes:
- MPLS solves 3 fundamental problems, individually or in concert
- Multi-tenancy/VPNs
- Traffic engineering
- Fast reroute
- 4 bytes in a shim header, technically not a label, but we call it that
- 20 bits for label value, 2^20 ~= 1 million values (this is important)
- 3 bits for EXP, QoS really
- 1 S-bit to signal bottom of stack
- 8 bits TTL
- Label depth is theoretically infinite, but some HW platforms have a tolerance
- Many ways to allocate labels
- LDP transport
- LDP pseudowire
- BGP labeled unicast
- BGP based IP VPNs (VPNv4/v6)
- BGP pseudowire
- SR (really built into OSPF and ISIS for distribution)
- RSVP-TE
- Some forward rules are worth mentioning (basic LDP/BGP-LU environment)
- If route learned via IGP/static, LDP label must be used
- If route learned via BGP, BGP label must be used
- No exceptions
- Penultimate Hop Popping: second to last hop removes topmost label when signaled with imp-null from last hop along a given LSP, saves a lookup
- Is MPLS is a tunnel or not:
Innaput Actors Utilize Remote Access Trojan Since 2016, Presumably Targeting Victim Files
Overview ASERT recently identified a campaign targeting commercial manufacturing in the US and potentially Europe in late 2017. The threat actors used phishing and downloader(s) to install a Remote Access Trojan (RAT) ASERT calls InnaputRAT on the target’s machine. The RAT contained a series of […]
Countries Consider Penalties for Spreading ‘Fake News’
A handful of countries have recently considered passing new laws or regulations to combat so-called fake news, with Malaysia adding penalties of up to six years in jail for distributors.
Malaysia’s controversial Anti-Fake News 2018 bill, which passed this week, also includes a fine of US$123,000. An earlier draft of the legislation included jail time of up to 10 years. Under the new law, fake news is “news, information, data and reports which is or are wholly or partly false,” as determined by Malaysian courts.
The new Malaysian law covers digital news outlets, including video and audio, and social media, and it applies to anyone who maliciously spreads fake news inside and outside the country, including foreigners, as long as Malaysia or its citizens are affected.
Eric Paulsen, cofounder and executive director of Malaysian civil rights group Lawyers for Liberty, called the new law “shocking.” “Freedom of speech, info & press will be as good as dead in Malaysia,” he tweeted in late March.
The law will create a chilling effect on free speech, Malaysia lawyer Syahredzan Johan wrote in TheStar.com. “While we may hope that the implementation of the bill will be transparent and fair, the Continue reading
Datanauts 128: Kubernetes, Serverless And No Code With Kelsey Hightower
Today, the Datanauts revisit the world of Kubernetes and container scheduling, but we also loop in Serverless or Functions as a Service (FaaS) along with building an incredibly famous project that has literally no code.
Our guest is Kelsey Hightower, a Google employee as well as a Kubernetes advocate and expert. We talk with Kelsey about the latest evolution of Kubernetes, whether the notion of Kubernetes lock-in is a concern, and how it’s being used in production.
We also delve into serverless computing or Functions as a Service (FaaS) and discuss the technology’s development and adoption. We also explore Kelsey’s latest project, No Code.
Last but not least, we look at how containers and orchestration affects the interaction between Devs and Ops, and how to embrace the new world of application design.
Show Links:
Kubernetes Up And Running – Amazon
Kubernetes The Hard Way – GitHub
Datanauts 058: Kubernetes A Deep-Dive Introduction
Datanauts 042: Understanding Serverless Architecture
Datanauts 047: A Serverless Architecture Follow-Up
Cloud Native Computing Foundation Announces Kubernetes as First Graduated Project – CNCF
Don’t Miss Keith Bogart’s CCNA Kickoff Tomorrow!
Perhaps you’re interested in starting your CCNA certification journey, or exploring careers in the IT field, but aren’t sure where to start. If this sounds like you then this webinar is for you!
Tune in on Thursday, April 5 at 10 am PST/ 1 pm EST for Keith’s CCNA kickoff session and get all of your questions answered.
This kickoff session for those who are interested in, or have started to study for the CCNA certification. In this free session, we will cover common trouble areas that most people experience when getting started with their certification, such as: how to approach making a study schedule, strategies for not becoming overwhelmed during the study process, deciding whether to take one test or two to get your CCNA, what to expect when you walk into the testing center, which topics to study and how in depth, and what study tools can be useful. Keith will also discuss the testing experience and the CCNA Certification test format.
Rubrik Wants You to Write Data Management Apps on Its SaaS Platform
The platform’s open-API architecture allows developers to write applications for data policy, control, security, and deep intelligence.
Giving every Tor Hidden Service a IPv6 address
Giving every Tor Hidden Service a IPv6 address
Tor has a neat feature called Onion Services [(A)](https://web.archive.org/web/20180330000120/https://www.torproject.org/docs/onion-services.h
Disaster Recovery in the Public Cloud
Find out about the options for building highly available environments using public cloud providers, along with the benefits and tradeoffs.
Disaster Recovery in the Public Cloud
Find out about the options for building highly available environments using public cloud providers, along with the benefits and tradeoffs.
BGP in EVPN-Based Data Center Fabrics – Take 2
My BGP in EVPN-Based Data Center Fabrics blog post generated numerous comments from engineers disagreeing with my views on using IBGP-over-EBGP.
As usual, there were three kinds of comments:
Read more ...MPLS 101 – Dynamic routing with BGP
In our last post we talked about how to make the MPLS control plane more dynamic by getting rid of static LSPs and adding in LDP to help advertise and distribute LSPs to all MPLS speaking routers. However – even once got LDP up and running, we still had to tell the routers to use a given LSP. In the last post, we accomplished this by adding recursive static routes in the inet.0 table to force the routers to recurse to the inet.3 table where the MPLS LSPs lived. In this post, we’re going to tackle getting rid of the static routes and focus on replacing it with a dynamic routing protocol – BGP.
So to start off with, let’s get our lab back to a place where we can start. To do that, we’re going to load the following configuration on each router show in the following lab topology…
interfaces {
ge-0/0/0 {
enable;
unit 0 {
family inet {
address 10.2.2.0/31;
}
}
}
ge-0/0/1 {
enable;
unit 0 {
family inet {
address 10.1.1.0/31;
}
family mpls;
}
}
lo0 {
unit 0 {
family Continue reading