France Telecom

Page: 1

MPLS-VPN solution

MPLS-VPN solution

deployed by France

deployed by France

Telecom

Telecom

René Rigault

René Rigault

Direction Technique

Direction Technique

France Telecom-SRD

France Telecom-SRD

rene.rigault@francetelecom.fr

rene.rigault@francetelecom.fr

France Telecom

Page: 2

Agenda



Intranets: what is the situation today ?



Trends: What are the major trends that affect
Corporate Network architectures and what does
MPLS bring to Corporate Networks ?



Global Intranet New: How FT will use MPLS in
conjunction with other Data Transport solution



Quality of Service & SLA(Service Level
Agreement)



Overview of the FT IP Data Network

France Telecom

Page: 3

Intranets: What is the situation
today ?



IP is the predominant protocol, and
determines the engineering of corporate
Networks



Data Legacy protocols remain and are
encapsulated over IP

–

X.25: Cisco/XoT, Nortel/IPEX

–

SNA: DLSw, TN3270

–

Other LAN protocols (IPX, Appletalk,…) are disappearing



Multimedia and Voice traffic will use IP

–

First step: integration over a common network

–

Second step: convergence within Multimedia application

France Telecom

Page: 4

Intranets: Requirements



Separation of the Intranets



Overlapping addressing schemes



Ability to support all kind of accesses

–

permanent accesses

–

new accesses: ADSL, cable

–

dial accesses



Secure access from the Intranet to the
Internet



Secure access from the Internet to the
Intranet

–

Take advantage of the Internet ubiquity



Quality of Service and SLA

France Telecom

Page: 5

Intranets: today



Mainly IP over Frame Relay

–

CIR guarantee and strong SLA (Service Level Agreement)

–

Corporate networks are separated (IP addressing, closed
networks)

–

But

:

• PVC concept does not scale well
• Dial accesses, and new accesses need specific engineering

NAS

Frame Relay

Gateway

Tunnel

France Telecom

Page: 6

Intranets: Large-scale corporate

Intranets today



Dedicated design, engineering, routing are
required



Cost

FR/ATM

Dotted lines: FR-ATM/VC

France Telecom

Page: 7

Trends: IP-VPN technologies



CPE-Based VPN

–

IPSEC for authentication, security

–

How to deliver QoS over the Internet

–

Provisioning, management of Keys, engineering for
tunnel-based networks increase the operational costs



Network-Based VPN

–

MPLS-VPN (RFC 2547)

chosen by FT as a scalable solution

–

Quality of Service based on DiffServ model

–

Allow traffic separation, private addressing scheme

–

same security as a Frame Relay PVC, with any-to-any
connectivity

France Telecom

Page: 8

Trends: CPE-Based IP-VPN



+ Coverage, Ubiquity



+ Integrated access for both Internet browsing and Intranet



- Hard to guarantee quality of service



- Complexity for Provisioning, engineering, support



- Cost of CPEs (Customer Premise Equipment)

X-Net

Y-Net

Z-Net

T-net

U-Net

V-Net

Câble

RTC

RNIS

ADSL

Mobile

ATM

SDH

LS

IPSEC Tunnels

France Telecom

Page: 9

Trends: Network Based MPLS-VPN



Each CPE has one connection to the virtual private network



Easy for provisioning



Low cost CPE



All types of access

Shared IP Networks

PSTN/ISDN

ADSL Turbo IP

Frame Relay

ATM

Interlan 2.0,

Turbo LL

LS, SMHD

SDH

Interlan 1.0

PPP+L2TP

PPP+L2TP

PVC

Ethernet

VC ATM

Circuit

PPP+L2TP

France Telecom

Page: 10

Trends: Why Network Based IP-VPN will
succeed



ADSL will cover 200 major cities within one year



Traffic will continue to grow exponentially



Concentration of ADSL access towards server sites
will need high speed accesses



End-to-End Circuit-Based solution:

–

will be hard to provision regarding the diversity of Frame Relay,
ATM solutions

–

will not provide easy and cost-effective « any to any » connectivity



End-to-End Circuit Based solution will be useful

–

for dedicated bandwidth service between a few sites



MPLS-VPN

–

provide security without encryption

–

are simple to provision and cost-effective to manage

–

are highly scalable

France Telecom

Page: 11

Global Intranet New



MPLS-VPN solution

–

Cisco based within the shared IP network

–

Access through Nortel Switches, ATM services, DSL and
Dial-up connections

–

Low cost CPE

–

Internet access and Goodies (Mail, Web) through an
Application platform



Different level of services

–

Affects the choice of the CPE,

–

Security enhancements

–

Differentiated Quality of Services



IPSEC access towards the Intranet from
Internet

France Telecom

Page: 12

Global Intranet New & Oleane: FT IP
network

NAS

NAS

RTC

RNIS

GSM

ATM

ADSL

PE

PE

PE

PE

L2TP

L2TP

ATM

Turbo LL

Inter LAN

Global ATM

Frame

Relay

BAS

co

co

Ethernet 10, 100, 1000

Switch

G.703

LL

Inter LAN

France Telecom

Page: 13

Global Intranet New: Internet access
to Intranet

INTERNET

Network Based

IP-VPN

IPSEC : PC to GW

PSTN

ISDN

GSM

GPRS

Cable

Remote access

Access

Tunnel IPSEC : GW to GW

LAN

France Telecom

Page: 14

Quality of Service: Backbone & Access



The bigger the network is, the lower transit delay and
jitter are



New Multimedia application become smarter. The
requirement for « fixed bandwidth » becomes less
important.

–

Protocol designed for elastic bandwidth (RTP/RTCP)

–

Transport of Video need less bandwidth as the techniques improve

–

Application can monitor throughput and packet loss in order to
adapt: Elastic bandwidth for Video. Possibility to adapt
compression algorithm for voice: From Hi-Fi - MP3 down to G.729
(8 Kbits/s) or G.723.1 (5.3/6 Kbits/s)



Minimal speed in the backbone is 155 Mbits/s.



Classification and differentiation at the access is the
most important

–

Voice over IP, SNA…



Transmission time in Micro-seconds

Mbits/s
Bytes

0,064

2,048

34

155

2500

60

7500,00

234,38

14,12

3,10

0,19

1500

187500,00

5859,38

352,94

77,42

4,80

France Telecom

Page: 15

Quality of Service: Model used



Differentiated Service model is used

–

Classification in the CPE or in the PE



Bandwith Management for the access

–

Management for both direction: from CPE to PE and from
PE to CPE is required

–

Weighted Fair Queuing based on classification of packet
applies



In the backbone, limited number of Behaviors

France Telecom

Page: 16

Quality of Service: SLA



From PE to PE

–

Network Statistics: Transit Delay, Packet lost,
availability



End to End

–

Availability

–

Transit Delay

–

Packet Loss

–

Throughput for eligible traffic

Needs: CPE with monitor
Assumption about access line utilization



WEB Based presentation and access

France Telecom

Page: 17

Overview of the national network



50 IP service nodes (12000 & 7500 cisco
routers)



130 Frame Relay/ATM Nortel access switches



Global ATM Coverage



200 Cities with ADSL coverage



Internal trunks from 155 Mbits/s to 2.5
Gbits/s



PSTN/ISDN access at local cost everywhere
(France + DOM)

France Telecom

Page: 18

International MPLS-VPN



Global One

–

ATM and Frame Relay access toward IP service
Nodes

–

GIN (Global Intranet Network) already allows MPLS-
VPN

–

Dial access allows L2TP tunnels



International MPLS-VPN will be the next step

–

65 countries

France Telecom

Page: 19

Summary, Trends



France Telecom will use MPLS-VPN as a standard
method to build Intranet services



This method will be internationalized through Global
One



IPSec will be used for access through the public
Internet towards an Intranet



Standard service will provide Network Separation and
the same level of security as PVC based Intranets



Quality of Service will be provided according to
Differentiated Service model



Frame Relay and ATM will be used

–

1. To concentrate access to the MPLS-VPN cloud

–

2. For dedicated bandwidth services between a subset of sites