Pros of MPLS

Unanswered Question
Dec 18th, 2007

What are the Pros and Cons for implementing MPLS on a local LAN? I've gone through MPLS in my CCNP studies and MPLS is used mostly on service provider networks. I run a network of 3000 PC's a 2500 IP phones spread across a medium size city with 90% of my locations connected by fiber, what benefits would i gain by implementing MPLS?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (4 ratings)
Loading.
Collin Clark Tue, 12/18/2007 - 11:06

There is no reason that I can think of for why you would want to run MPLS in your local LAN.

Rodney-roberts Tue, 12/18/2007 - 11:14

I should add I have a physically separated network for the Public Library, would MPLS allow me to securely combine this network with the larger internal employee network cutting my equipment cost?

Collin Clark Tue, 12/18/2007 - 11:17

Maybe. What is your security policy? Is it OK that you peer your network an ISP? What are your bandwidth requirements? Would a point-2-point T1 circuit be enough? What is the distance between the two networks? Could you run fiber to connect them?

Rodney-roberts Tue, 12/18/2007 - 11:23

my security policy doesn't address peering with an ISP i would have to say no if there no real need, secondly internal bandwidth requirements range based on who you ask. 1 gig between buildings has served well so far, and the answer to the last question yes the two networks are close so i could connect them with fiber.

Collin Clark Tue, 12/18/2007 - 11:26

I would connect them via fiber; high bandwidth, no ISP involvement, better security options, low interference, etc.

Rodney-roberts Tue, 12/18/2007 - 11:32

so connect the networks and seprate them with a ASA of a simple router, and secure with ACLs? i would need to readdress one of the network at that point right?

...Just a recap MPLS is a NO_GO too.

Collin Clark Tue, 12/18/2007 - 11:38

No to MPLS. A firewall is a good idea. If you have overlapping address space, you could either re-address as you mentioned or use NAT on the firewall.

scottpilkinton Sat, 12/22/2007 - 19:22

Yes, running MPLS internally on your network would allow you to securely connect multiple network environments into a common 'cloud'. You would accomplish this by implementing VRF's (Virtual Route Forwarders) for your different environments. There is no ISP involvement required as indicated in other posts on this thread. Service providers use this model to connect customers securely over a common connection - this may be a source of confusion for some.

Let me give try and give a practical example:

You have two libraries that need to be separate from other networks - however, the libraries themselves are in an equal trust zone. They would go in the same VRF and connected transparently via the internal MPLS network.

One more example:

There are several areas in your network that needs to offer 'public' internet access. These multiple areas would all go in another VRF and would be connected transparently using the internal MPLS network. By doing this, a single, common, proxy server, web filter can be used along with a single internet connection.

I guess my biggest point is - physical location no longer becomes a limitation after you have an internal MPLS network. You can extend a common trust zone across multiple physical sites and make them all look like they are in the same building using a common network.

Sorry for the long winded explanations - I have recently built my first internal MPLS network across multiple data centers and can't say enough good things about all the advantages it has brought with it.

Scott

www.xpresslearn.com

Darren Ramsey Sat, 12/22/2007 - 20:22

Cisco classifies MPLS as an emerging technology for Enterprise Networking. It can be used for virtualizing and segmenting campus networks into multiple virtual private networks, provided you have the right hardware to run LDP and VRF. We use MPLS in the Campus to segment our guest network, and to resale bandwidth to physician practices located at multiple sites. We can provide say 100MB much cheaper than MetroE carriers can. Additionally we bring their traffic back to a firewall and can permit limited access to each other's resources (say Pacs or HL7 feeds) via policy.

Below are several docs on Campus MPLS.

http://www.cisco.com/web/strategy/docs/healthcare/MGN_Architecture.pdf page 23

http://www.cisco.com/application/pdf/en/us/guest/netsol/ns656/c649/cdccont_0900aecd804ab672.pdf page 88

Actions

This Discussion