I have a query regarding implementation of MPLS in Enterprise Network. If an enterprise network is comprised of Cisco's multilayer design i.e access,distribution and core then what is the advantage of deploying MPLS in that network.
The primary reason for deploying MPLS into an Enterprise network would be for logical separation with VPN's.
Think of it like this. Instead of one physical and one logical network you could have one physical but many logical networks. The advantage of this is you can segregate and priortise depts, production/test environments etc. Yes you could do this with access-lists etc. but it is much "cleaner" and easier to administer using MPLS.
There is also something called VRF-lite which is supported on a lot more switches thah MPLS that can extend MPLS segregation into your LAN.
As far as segregation is concerned we can do it by using VLANs.There are important applications of MPLS in service provider networks like L2/L3 VPNs,Traffic Engineering but for Enterprise Networks I am unable to find some good design guide.Kindly send me the link of Cisco documentation regarding MPLS deployment in Enterprise/Campus design guide with MPLS if possible.
Yes you could use vlans but your still using the same logical network. An example may help
You have a campus network where you want to have a development network and a production network running on the same physical infrastructure. You want to make sure that anyone in the development network cannot access the production network and vice-versa.
Now there are many ways you could approach this and i'm not going to list them all but lets compare the vlan approach with the MPLS approach.
1) You allocate dev users into specific dev vlans.
2) You apply access-lists on the vlan interfaces to only allow communcation between this dev vlan and other dev vlans because you still have one global routing table on the L3 switches.
3) You could also optionally apply QOS to all links that the dev traffic runs over.
If your dev users are spread throughout the campus this can become a lot of administrative work and is still prone to error eg. your L3 switches with the dev and prod vlans have one global routing table. The only thing stopping your dev users accessing production is the accuracy of your access-lists.
The MPLS approach.
1) You create 2 VPN's, one for production and one for dev.
2) You still allocate users into vlans but there is now no need for all the access-lists because the L3 devices have separate routing tables for each VPN.
3) You can more easily apply TE to this setup where production and development have separate paths through some of the critical parts of your network.
The key thing is this. MPLS makes it easier to do this level of segregation because of MPLS VPN's. Service Providers have to be able to keep customer traffic separate.
if you don;t have the requirement in your network to segment different groups of users and give these users differing levels of priority then MPLS probably wouldn't do anything for you.
And yes you could use a combination of access-lists, Policy Based routing, separate routing protocols etc., it's just that on an Enterprise level MPLS scales better.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...