MPLS: Label Switched Path Mechanics
The Architecture of the 'Layer 2.5' Transport Fabric
The Label Anatomy
MPLS operates between the Data Link Layer (Layer 2) and the Network Layer (Layer 3), earning its common moniker as Layer 2.5. It prepends a 32-bit shim header to the IP packet, allowing routers to make forwarding decisions without ever inspecting the IP destination.
MPLS Shim Header (32 bits)
- Label Value: The identifier used for switching. Values 0-15 are reserved (e.g., IPv4 Explicit Null).
- Traffic Class (TC): Formerly EXP bits. Used for QoS mapping (DS-TE).
- Bottom of Stack (S): If set (1), this is the last label before the payload.
- TTL: Prevents infinite loops within the Label Switched Path (LSP).
Label Distribution Protocol (LDP)
LDP is the control plane mechanism that synchronizes label mappings across the network. It operates on a hop-by-hop basis, following the path determined by the IGP (OSPF or IS-IS).
LDP Session Establishment
- Discovery: Routers send UDP Hellos to on port 646.
- TCP Handshake: A TCP session is established between the highest Transport Addresses.
- Initialization: Parameters (Keepalive, Label Range) are negotiated.
- Label Binding: Routers exchange mappings.
Downstream Unsolicited (DU)
In most service provider networks, LDP uses DU mode. This means a router will automatically advertise label bindings to all its neighbors for all prefixes in its routing table, ensuring that LSPs are built proactively before traffic arrives.
LSP: Label Swapping Simulator
Visualize Push, Swap, and Pop (PHP) operations in a Label Switched Path.
Operation Details
Customer sends standard IP packet to Service Provider edge.
Label Forwarding Table
Interactive Simulation: Label Propagation and LSP Pathfinding
Architectural Isolation: L3VPNs
The primary value proposition of modern MPLS is the BGP/MPLS L3VPN (RFC 4364). It allows a provider to carry multiple overlapping private IP spaces over a single shared core without traffic leakage.
The 2-Label Stack Physics
To support VPNs, MPLS uses Label Stacking. A VPN packet in the core has at least two labels:
Outer Label (Transport Label)
Directs the packet to the correct egress PE (Provider Edge) router. It is swapped at every hop in the core (P-routers).
Inner Label (Service / VPN Label)
Hidden from the core. It tells the egress PE which customer VRF (Virtual Routing and Forwarding) instance to use for the final IP lookup.
Traffic Engineering with RSVP-TE
Standard IP routing is "selfish"; every packet takes the shortest path, leading to congestion on primary links while secondary links sit idle. MPLS-TE allows for global network optimization.
CSPF (Constrained Shortest Path First)
Unlike OSPF which only looks at link costs, CSPF factors in constraints like available bandwidth, link color (affinity), and administrative weight. It calculates a path that satisfies the SLA before signaling it.
Fast Re-Route (FRR)
In a standard network, convergence after a link failure takes seconds. With MPLS FRR, the ingress router pre-calculates a Backup LSP.
The Future: Segment Routing (SR-MPLS)
The industry is rapidly moving away from LDP and RSVP-TE toward Segment Routing. SR simplifies the control plane by eliminating the need for LDP entirely, using the IGP itself to distribute labels.
Stateless Core Architecture
In RSVP-TE, every router along a path must maintain state for every tunnel. In SR, the Source Router encodes the entire path into a stack of labels (segments). The core routers remain stateless; they simply pop the top label and forward based on the Prefix SID (Segment Identifier).