Skip to content
Knowledgebase
Connectivity IP-VPN

MPLS

MPLS is one of the most important protocols within an IP-VPN. When routers send data packets across a network, they do so based on routing tables stored in the router. Over the years, however, networks have become increasingly complex, making it more demanding for routers to determine the correct route. To simplify this task, Multiprotocol Label Switching(MPLS) was developed.

What is MPLS

MPLS is a routing technology in which data packets are forwarded to different network nodes based on labels rather than IP addresses. This prevents complex searches in routing tables and enables data traffic to be transported more efficiently across the network. In an MPLS-enabled network, all data packets are assigned labels. Based on these labels, routers decide where each packet should be sent next.

MPLS is an independent protocol that only exists between routers specifically configured for it. When a data packet enters an MPLS-enabled network, a label is attached to it. When a router receives the packet, it uses the corresponding label to determine where to send it next.

The router then consults a lookup table and replaces the old label with a new one, indicating the packet’s next destination. With these labels, packets can be transported across the network via a dynamically pre-established path, known as a Label-Switched Path (LSP), ensuring traffic follows the most optimal route.

MPLS as a travel planner for data packets

Let’s use a real-world analogy to make this clearer. When you plan a train journey, you often check a travel planner beforehand so that when you have to change trains, you already know which station comes next. Once the journey begins, you don’t have to think about which station to transfer at, the route is already defined to reach your final destination.

The same principle applies to data packets traveling across a network. The routers act like “train stations” where each packet arrives and is forwarded to the next stop. Thanks to the labels assigned by MPLS, each router already knows which route the packet must take to reach its destination. The router no longer has to “think” about which next hop to choose.

The basics of MPLS

MPLS is scalable and protocol-independent. Because traffic is forwarded based on labels rather than IP addresses, it can establish end-to-end connections over any type of synchronous data link and with any network protocol. The key advantage is that MPLS eliminates dependence on OSI Layer 2 (Data Link Layer) technologies such as Asynchronous Transfer Mode (ATM), Frame Relay, and Ethernet.

This also removes the need to deploy multiple Layer 2 networks to handle different kinds of traffic. MPLS belongs to the packet-switched network family.

Within the OSI model, MPLS operates between Layer 2 and Layer 3. For this reason, it is often said that MPLS functions at Layer 2.5. It was designed as a unified solution bridging circuit-switched and packet-switched network technologies.

MPLS was developed with the same goal as ATM and Frame Relay, all these technologies use labels to transport data over a network. Like ATM and Frame Relay, MPLS supports traffic engineering and out-of-band control, making it a very attractive protocol for large-scale networks.

MPLS VPN

MPLS VPNs are methods that make it possible to create VPN networks using MPLS. As such, MPLS VPN plays a critical role within an IP-VPN. When data packets enter the IP-VPN from a business location, their destination is defined based on a label rather than an IP address.

Because a label is added to the packet, overlapping IP addresses can coexist within the same network. For example, IP address 192.168.20.1 label 50 is treated as a different destination from 192.168.20.1 label 60. Within an IP-VPN, two labels are attached to each packet, a VPN label and a destination label.

The VPN label identifies which IP-VPN the packet belongs to, while the destination label indicates which network device or service within the network the packet is intended for. Using these labels, the packets are sent over a dynamically determined path through the IP-VPN. When the packet reaches the destination router, the destination label is removed, and the VPN label determines which IP-VPN it belongs to.

The packet is then forwarded to the correct device based on its IP address. Once the destination router has identified the correct IP-VPN, the final delivery happens using the IP address.

How an MPLS network works

An IP-VPN relies on MPLS. A network using MPLS is often referred to as an MPLS network. It consists of various network components that work together to ensure all traffic is efficiently transported.

An MPLS network includes the following components:

  • Customer Edge (CE) routers: Routers installed on the customer’s premises.
  • Provider Edge (PE) routers: These are owned by the service provider and connected to the customer’s CE routers. PE routers receive packets from CE routers.
  • Provider (P) routers: Also known as transit routers. These reside in the provider’s core network and primarily forward packets across the network.

Together, these components operate as follows:

  1. When a company sends data packets over the IP-VPN, they first reach a CE router. The CE router communicates with the provider’s PE router (for example, via static routes or a routing protocol like BGP). At this stage, packets are still forwarded based on IP addresses.
  2. The CE router sends the packet to the PE router. The PE router adds a label and forwards it into the provider’s core network. From this point onward, the packet is transported based on labels rather than IP addresses.
  3. Based on its label, each P router forwards the packet along a dynamically established path through the provider’s network until it reaches the destination PE router.
  4. Upon arrival, the destination PE router checks which IP-VPN the packet belongs to, removes the label, and sends it to the appropriate CE router using the IP address.

Forwarding Equivalence Class (FEC)

When data packets enter an MPLS-enabled network, they are assigned a Forwarding Equivalence Class (FEC) — defined by the label. Using FECs, groups of packets with similar characteristics can be transported in the same way across the network.

An FEC may correspond to a specific IP address, an internet service, or a particular traffic flow, allowing MPLS to efficiently manage and prioritize traffic across complex network environments.

Relevant articles

Connectivity IP-VPN

What is an IP-VPN?

Lees meer
Connectivity Ethernet VPN

What is an Ethernet VPN?

Lees meer
Connectivity IP-VPN

MPLS

Lees meer
document.addEventListener("scroll", function() { if (window.scrollY > 500) { document.body.classList.add("header-scrolled"); } else { document.body.classList.remove("header-scrolled"); } });