Implementing Interconnection Between Data Centers in Different Sites Using MPLS TE
On a traditional IP network, nodes select the shortest path as the route to a destination regardless of other factors such as bandwidth. This routing mechanism may cause congestion on the shortest path and waste resources on other available paths. As shown in Figure 4-29, traffic to Site 2 is forwarded through the shortest path (PE1 > P1 > PE2). Packets on the path will be lost when the traffic exceeds the bandwidth of the path. MPLS TE can be deployed on the network to allocate some traffic to an idle path (such as PE1 > P2 > P3 > PE2 in the figure) to allow network traffic to be allocated properly.
In addition, MPLS TE provides various reliability mechanisms. CR-LSP backup provides end-to-end protection for an MPLS TE tunnel. If the ingress node detects a failure of the primary CR-LSP, it switches traffic to a backup CR-LSP. After the primary CR-LSP recovers, traffic switches back to the primary CR-LSP. When both the primary and backup CR-LSPs are faulty, MPLS TE triggers establishment of a best-effort path to ensure network reliability.
MPLS TE can also use RSVP authentication to defend against attacks initiated by modified or forged messages. Authentication enhancements can also be used to prevent replay attacks and packet mis-sequencing. RSVP authentication and its enhancements improve MPLS TE network security.