Pros of MPLS

Unanswered Question
Dec 18th, 2007
User Badges:

What are the Pros and Cons for implementing MPLS on a local LAN? I've gone through MPLS in my CCNP studies and MPLS is used mostly on service provider networks. I run a network of 3000 PC's a 2500 IP phones spread across a medium size city with 90% of my locations connected by fiber, what benefits would i gain by implementing MPLS?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (4 ratings)
Collin Clark Tue, 12/18/2007 - 11:06
User Badges:
  • Purple, 4500 points or more

There is no reason that I can think of for why you would want to run MPLS in your local LAN.

Rodney-roberts Tue, 12/18/2007 - 11:14
User Badges:

I should add I have a physically separated network for the Public Library, would MPLS allow me to securely combine this network with the larger internal employee network cutting my equipment cost?

Collin Clark Tue, 12/18/2007 - 11:17
User Badges:
  • Purple, 4500 points or more

Maybe. What is your security policy? Is it OK that you peer your network an ISP? What are your bandwidth requirements? Would a point-2-point T1 circuit be enough? What is the distance between the two networks? Could you run fiber to connect them?

Rodney-roberts Tue, 12/18/2007 - 11:23
User Badges:

my security policy doesn't address peering with an ISP i would have to say no if there no real need, secondly internal bandwidth requirements range based on who you ask. 1 gig between buildings has served well so far, and the answer to the last question yes the two networks are close so i could connect them with fiber.

Collin Clark Tue, 12/18/2007 - 11:26
User Badges:
  • Purple, 4500 points or more

I would connect them via fiber; high bandwidth, no ISP involvement, better security options, low interference, etc.

Rodney-roberts Tue, 12/18/2007 - 11:32
User Badges:

so connect the networks and seprate them with a ASA of a simple router, and secure with ACLs? i would need to readdress one of the network at that point right?

...Just a recap MPLS is a NO_GO too.

Collin Clark Tue, 12/18/2007 - 11:38
User Badges:
  • Purple, 4500 points or more

No to MPLS. A firewall is a good idea. If you have overlapping address space, you could either re-address as you mentioned or use NAT on the firewall.

Collin Clark Tue, 12/18/2007 - 12:04
User Badges:
  • Purple, 4500 points or more

Glad to help and appreciate the points!

scottpilkinton Sat, 12/22/2007 - 19:22
User Badges:

Yes, running MPLS internally on your network would allow you to securely connect multiple network environments into a common 'cloud'. You would accomplish this by implementing VRF's (Virtual Route Forwarders) for your different environments. There is no ISP involvement required as indicated in other posts on this thread. Service providers use this model to connect customers securely over a common connection - this may be a source of confusion for some.

Let me give try and give a practical example:

You have two libraries that need to be separate from other networks - however, the libraries themselves are in an equal trust zone. They would go in the same VRF and connected transparently via the internal MPLS network.

One more example:

There are several areas in your network that needs to offer 'public' internet access. These multiple areas would all go in another VRF and would be connected transparently using the internal MPLS network. By doing this, a single, common, proxy server, web filter can be used along with a single internet connection.

I guess my biggest point is - physical location no longer becomes a limitation after you have an internal MPLS network. You can extend a common trust zone across multiple physical sites and make them all look like they are in the same building using a common network.

Sorry for the long winded explanations - I have recently built my first internal MPLS network across multiple data centers and can't say enough good things about all the advantages it has brought with it.


Darren Ramsey Sat, 12/22/2007 - 20:22
User Badges:
  • Silver, 250 points or more

Cisco classifies MPLS as an emerging technology for Enterprise Networking. It can be used for virtualizing and segmenting campus networks into multiple virtual private networks, provided you have the right hardware to run LDP and VRF. We use MPLS in the Campus to segment our guest network, and to resale bandwidth to physician practices located at multiple sites. We can provide say 100MB much cheaper than MetroE carriers can. Additionally we bring their traffic back to a firewall and can permit limited access to each other's resources (say Pacs or HL7 feeds) via policy.

Below are several docs on Campus MPLS. page 23 page 88


This Discussion