Edge routers are nothing new. They've been around for a
long time. It's just that their importance in the enterprise has started
becoming
increasingly important due to several factors. One is the increasing reliance of
enterprises on their WAN links for different business applications, which
include voice, video, as well as data. So for effective business communication
to happen, an enterprise must choose the right edge router, which not only
meets all the requirements, but also provides the necessary routing performance,
and security.
Here we'll explore some of the new
capabilities that have been introduced in edge routers, and also explore the
various types.
|
Key features
Edge routers are devices that connect an external network to the core
network of an enterprise, using some access mechanism. They're called edge
routers because they sit at the edge of your network. The other type of routers
are called core routers, which we'll talk about later in this article.
The external network could be a public
network like the Internet, or just a connection link between the branch office
and the head office.
The fact is that edge routers can also aggregate
traditional forms of traffic such as VPN, frame relay, and at the same time they
also offer support for newer, timelier methodologies of connectivity, such as
MPLS and VPLS.
Edge routers give flexibility to deliver the right VPN
service for each customer. Layer 2 VPN services are simple to provide and
manage, and are mostly appealing to enterprises with a small number of sites.
However, large organizations prefer a Layer 3 VPN, where each site interfaces to
the service provider over a single connection and not over hundreds or thousands
as would have been required to connect many sites in a Layer 2 model. Layer 3
VPN services leverage the MPLS core to
interconnect numerous customer sites in a hierarchical and scalable fashion,
using BGP (Border Gateway Protocol) to propagate routing information. A service
edge router can be the cornerstone for deploying this service.
Edge routers can also work with IPv6. They accept and
process an IPv6 packet, encapsulate it into an IPv4 packet, and forward it to
another edge router. The other one removes the IPv4 header, reinserts the IPv6
packet and its associated data back onto the network headed for the IPv6
destination. This helps service providers in deploying IPv6-based video-on-
demand, IP television, videoconferencing, voice and video telephony services.
Two other key features of edge routers are their support
for IP/MPLS and VPLS services. MPLS (Multiprotocol Label Switching) is defined
as a label-swapping framework with Layer 3 (Network Layer) routing. It
integrates Layer 2 (Data Link Layer) information into Layer 3 routing. It is
called multiprotocol because it works with the IP (Internet Protocol), ATM
(Asynchronous Transport Mode), and FR (Frame Relay) network protocol. MPLS
allows most packets to be forwarded at the Layer 2, ie switching level rather
than at the Layer 3 (routing level).
In addition to moving traffic faster overall, MPLS
makes it easy to manage a network for QoS (Quality of Service). For these
reasons, the technique is readily adopted as networks begin to carry more
and different mixtures of traffic, including Video Services and VoIP features.
MPLS provides any-to-any connectivity (ie meshed or partially-meshed network).
It gives routers the ability to handle different applications, such as voice,
video, and data. It also lets youprioritize different applications. With MPLS,
different performance levels can be given to different application types.
VPLS is a class of VPNs that supports the connection of
multiple sites in a single bridged domain over a managed IP/MPLS (Multi-protocol
Label Switching) network. VPLS uses edge routers that can learn, bridge and
replicate on a per-VPLS basis.
These routers are connected by a full mesh of MPLS LSP
(Label Switched Path) tunnels, enabling any-to-any connectivity. Multiple
services can be carried within each LSP tunnel.
All services in a VPLS are identified by a unique virtual
channel label, which is exchanged between each pair of edge routers. Edge
routers use these virtual channel labels to demultiplex traffic arriving from
different VPLS nodes over the same LSP tunnel. The VPLS technology
allows service providers to easily configure multipoint-to-multipoint Layer 2
VPN tunnels between the sites. VPLS, in conjunction with MPLS Layer 2 VC, allows
multiple customer sites connected across an MPLS network to share a single
bridged domain. So, all customer sites appear to be on the same LAN, regardless
of their geographical location.
Types of edge routers
While there are many types of edge routers like wireless edge router,
multi-services edge router, label edge router,
edge aggregation router, etc-we detail the two most common of these in use.
Label edge router It is a device that sits at the
edge of an MPLS domain and uses routing information to assign labels to
datagrams and then forwards them to the MPLS domain.
MPLS establishes an end-to-end connection path before
transferring information, and the paths may be selected based on application
requirements such as bandwidth and maximum latency. An end-
to-end MPLS connection is called a Label Switch Path (LSP). Information about
the connection is summarized into an MPLS label, which is inserted between the
Layer 2 and Layer 3 headers of each packet. A
label edge router adds the first label to an incoming packet.
Labels are a simple indexing mechanism that replaces
traditional Layer 2 (Ethernet/ATM) or Layer 3 (IP) packet forwarding mechanism
with fast and simple switching. At each hop in the network, a router examines
the incoming label to
figure out the next forwarding hop for the packet. This eliminates resource
intensive address lookups that reduce overall packet throughput and limit
scalability.
Each Label Switch Router (LSR) makes forwarding decisions
based solely on the contents of the label. At each hop, the LSR strips off the
existing label and applies a new label, which tells the next hop LSR how to
forward the packet. All MPLS routers within the network regularly exchange label
and reachability information to build a complete picture of the network, which
is then used to determine paths and specify the new label to place onto the
packet.
Aggregation router These routers terminate large
number of dedicated access connections such
as leased line services, or ATM and frame relay virtual circuits, and aggregate
the traffic for hand off to a core backbone router.
Edge aggregation routers are typically single-purpose
devices optimized for Internet access and pure IP forwarding. They typically
lack the QoS, connection management, carrier class availability and service
management required to deliver switched data services. Aggregation routers are
essential for scaling IP networks and for providing a clean separation between
access and core functions.
Edge vs core
Edge routers accept any traffic from any source outside the network and
route it into the internal network while a core router provides
packet-forwarding service between other core and edge routers. Another thing
edge routers do is to classify the packets received from the
outside network and mark each packet with the class of service that they should
receive. Edge routers characterize, police, and mark traffic between other edge
or core routers. They provide security to the core and function as admission
controllers to external traffic.
On the other hand, core routers only manage traffic to
avoid and cope with transient congestion within the core. The core router
differentiates the incoming packets based on their code points and the entries
in PHB (Per-HopBehavior) table. Edge router on the entrance of the network
analyzes the Layer 2 address of the Ethernet frame and attaches a 32-bit tag to
the packet. Core network routers use the tag to determine the treatment that
should be afforded to that packet. Each of the
intervening core router analyzes the tag to select the most appropriate path,
over which to forward the packet. Through a
series of such link-by-link decisions,
the end-to-end path is established and maintained for each traffic flow, which
brings connection-oriented characteristics to a connectionless IP network.
Since the edge router usually represents a single point of
failure, it's what most service providers consider as the most vulnerable
point of their network after the core is protected. So instead of using
additional routers and links as in the core, redundancy within the edge router
is provided via redundant control processor cards, redundant line cards, and
redundant links (such as SONET/SDH Automatic Protection Switching
fault tolerance.
Swapnil Arora