Technology and advantages in a Bank’s WAN:
MPLS stands for Multi Protocol Label
Switching. Each of the words in the definition has a meaning. It is a packet
transferring method for high
performance networks. It is also called as “Layer 2.5 networking protocol” as
it lies between layer 2 and layer 3 of OSI model. It is called Multi protocol
because it doesn’t care about the underlying protocol whether it is Ethernet or
Asynchronous Transfer Mode (ATM).All it does is it receives the packet labels
it and forwards and pop out of the network.
is the traditional OSI model in which layer 2 covers protocols like
Ethernet which can carry IP packets, but
only over simple LANs or point-to-point WANs. Layer 3 covers Internet-wide
addressing and routing using IP protocols. MPLS sits between these two layers
and provides additional features. Before we see how it works let us understand
the difference between routing and switching.
In routing IP router finds which network it should
forward a packet to and through which exit port by checking the packet header
and its routing table. Accordingly the next hop of the packet is decided. Till
a match between the destination ip and the routing table data is found search
goes on. Hence it takes longer time.
In switching there is a simple table
maintained containing input port id, packet reference id and corresponding
output port id and new packet reference id to be applied. All entries have
equal importance. Transport is faster.
MPLS uses a combination of routing and
switching and hence ensures fast transportation. It switches if possible and
routes if necessary.
Traditionally as we saw every packet is
routed using routing information from routing table. In MPLS, when a ip domain packet
is received routing is done and a path through the network is determined and it
is assigned a label. This is done by a router in the edge of the MPLS domain
called as Ingress Label Edge Router (LER).This is also called push operation.
If a similar packet arrives again it is checked at the table in the router,
finds a reference caller Forward
Equivalence Class (FEC).Label for that class is pushed on to the packet.
Label is held at header called shim header between layer 2 and layer 3.
The packet received by the LER, after
being labeled is sent to the Label Switch Router (LSR) within the MPLS Domain and
the label is switched from the Label
Information Base table maintained at the router and is transferred to the
next router .This is called swap operation. Likewise packet is swapped across
different LSR in the network until it finally reaches the edge router.
Finally when the packet arrives at the
Egress LER it pops the label and forwards it to the ip domain where the packet
is transferred according to normal ip forwarding
In the specific context of an
MPLS-based virtual private network (VPN), LERs that function
as ingress and/or egress routers to the VPN are often
called PE (Provider Edge) routers. Devices that function only as transit
routers are similarly called P (Provider) routers .The job of a P router is
significantly easier than that of a PE router, so they can be less
So it can be seen that the path in which
a packet is going is already predetermined even before the packet enters into
the network. This is because every Forward Equivalence Class is assigned a Label Switch Path (LSP) through one of
the following protocols
(Label Distribution Protocol)
(Resource Reservation Protocol-Traffic Engineering)
LSP is unidirectional i.e. the return
path of the packet may be different. The Forward Equivalence Class never
changes only the labels change during the transport.
representation of working of MPLS
Traditionally when two packets with
different bandwidth pass through the same router some packet loss may occur.
Even though an alternate route with higher bandwidth is present it will not be
utilized as packets are forwarded in a per-hop basis where a route lookup is
performed on each router from source to destination. This leads to suboptimal
use of available bandwidth.
Traffic Engineering is a solution for
effective use of available bandwidth in our network topology, guarantees
quality of service and improves traffic performance. It also provides faster
network failure convergence as the underlying protocol is a link state protocol
(OSPF/ISIS) where the overall topology is known by every router. The issue with
using link state protocol is that it considers only cost and doesn’t include
bandwidth utilization. Traffic Engineering provides this service through RSVP
protocol which is how traffic engineering is achieved in MPLS network.
In MPLS network the ingress router
decides the path which the packet should follow when it receives the packet. It
sends a path message through the chosen path for which the egress router
responds with the reserve message and a label. This received by the Label
Switching Router (LSR) in the middle and the switched labels are transferred
till the reserve message and the label is received at the ingress router. Hence
a tunnel is created. Then the ingress router sends the packet in the path. This
is how traffic engineering is achieved in a MPLS domain.
of using MPLS for a Bank’s WAN:
We will initially list down the
advantages and features of MPLS network and then discuss how that is advantageous
or suitable in a Bank’s Wide Area Network.
In MPLS network packets entering
ingress Label Edge Router have their path through the network set at the
router. So each class of traffic like data, voice or video can be set to individual
In a bank we need WAN for information
flow between branches and head office or within branches or between two
With MPLS there is possibility of
traffic engineering which optimizes the performance of network by dynamically
analyzing, predicting and regulating the behavior of data transmitted. It
provides better traffic control
Quality of Service:
Because MPLS network enables traffic
engineering, it allows prioritizing packets that are sent over the network. It
is possible to send (for example) – data traffic over a lower priority path and
real-time delay sensitive voice/ video packets over a high priority/ lesser
used/ shorter path. This enables network convergence This makes the Wide Area
Network becomes more suitable for introduction of new services like voice,
video, multi-cast traffic, hosting etc.Apart
from this there can be multiple levels of QoS, meaning that users can specify
latency, jitter and packet loss minimum thresholds for each type of traffic
In a bank’s WAN similarly high
priorities can be set for transaction processing data and lesser priority for
some other less significant traffic such as browsing data of customer. NEFT is
a batch process and RTGS is real time process. RTGS can be set to higher
priority compared to NEFT transactions by using MPLS.
It also ensures no packet is dropped
because of traffic congestion in the network which is a necessary
characteristic for sensitive data forwarding in banks
An MPLS core network is generally
designed and built to overcome individual hardware (router) faults or line
disconnection. In such cases, the data is re-routed through the next optimum
path with a fail-over time of 50 ms or lesser. Even the last mile connections can
be backed up using CDMA wireless back up etc, depending upon the options with
the service provider.
In a bank’s WAN this ensures very low
latency and makes sure all packets are forwarded disregarding the failures
taking place in the network. MPLS allows possibility for multiple network
failure and still makes sure the packet is forwarded through the next available
path. Indian Financial
Network (Infinet) is a closed user group network of banks for interbank payment
and settlement. . The present SLA of Infinet is for
latency of not over 100ms. The architecture changes are underway to bring it to
below 50 ms and even better for latency sensitive payment system applications
as per user requirements.
Easy and Cost effective Scalability:
For organizations that are having a
lot of branches or expanding with new branches, MPLS network would be very
cost-effective as each branch needs one MPLS link while each branch would need
n-1 links for point to point Leased Lines (n being the total number of
branches). MPLS makes it easy for instantaneous addition and deletion of sites. MPLS can scale to over thousands of sites. MPLS typically costs more than
Ethernet but less than T1 lines. MPLS
allows businesses to leave WAN routing to the service provider and keep fewer
WAN engineers on staff.
In a bank’s WAN there may be addition
of a new branch any time or a necessity for addition pof another link at
anytime. For example a new payment system may be developed which requires an
additional link or a branch may close or
there maybe merger of two banks or addition of a new bank. So scalability is a
necessary feature in a bank’s WAN and since MPLS provides scalability in the
cost effective way it is the most preferred WAN network connection for a bank’s
Protocol Independent forwarding:
MPLS networks can carry any type of
packets – be it IP, frame relay or ATM using the same infrastructure. This is
because, whatever type of packets comes in, MPLS labels would be attached to it
for transmitting them over the MPLS network and these labels are protocol
independent. Hence the term “Multi Protocol” is present in the name MPLS. Because of the any-to-any nature of MPLS services, network designers can
reduce the number of “hops” between network points, which translates directly
to increased response time and improved application performance.
Though in a bank’s WAN there is mostly
transfer of IP packets only this is a additional feature of MPLS which provides
protocol independent working banks. This makes constructing network
Connection oriented network:
Since MPLS is a connection-oriented network
unlike connection less networks like IP it is more reliable.
Reliability is an important
feature required in any network and especially in a bank’s WAN where sensitive
data about transactions will be forwarded and received. MPLS with its
connection oriented architecture and multi network failure handling is the best
of existing WAN network in terms of reliability.
Service Level Agreement (SLA):
Service Providers generally provide an
SLA – Service Level Agreement for MPLS networks with a guarantee of very
minimum downtime during the contract period (usually one year or its
multiples). This is possible because an MPLS network can be pro-actively
monitored and maintained. It is possible to analyze the circuit performance
continuously and provide immediate fault rectification and support. That’s in contrast to consumer-grade Internet, which
is typically offered on a best-effort basis.
In a bank’s WAN continuous uptime is a
necessity as it cannot allow non availability of services to its customers
which and also delay in transmission of data over the networks leads to delayed
transactions between which number of transactions might have taken place. With
a proper SLA the responsibility of maintaining the network goes to the service
provider and also ensures Quality of Service which are all clearly discussed in
MPLS networks allow for dynamic
bandwidth allocation and hence can be used to provide bandwidth on demand (for
a specific period etc) to customers. Further, rate limiting and other bandwidth
management parameters allow a certain bandwidth to be dedicated for mission
This again can be included under
QOS.As we saw above MPLS through RSVP-TE protocol assures maximum bandwidth
utilization and allocation to necessary services. In a bank’s WAN as discussed
earlier some significant sensitive services can be set with parameters prior and
this feature is provided only by MPLS.
Service providers take full
responsibility for the security of information that is sent over an MPLS
network. Service providers also create IP tunnels throughout the network
without the need for any encryption from user-end and since it is a closed user
group network that also ensures security.
Security is a major concern for any
bank. Data loss during transmission, loss of confidentiality, integrity and
availability over the network is a major concern for any bank. In a MPLS
network security must be ensured by the service provider.
With all these advantages in MPLS is
the best available WAN network that can be used. MPLS improves the overall
performance of the network with its various features discussed above. MPLS is best and most widely used to interconnect data centers with
branch offices and branches to other branches. Security is not an inherent
feature of MPLS. The standard hub and spoke network provides a one to one
connection between sites which can provide more security than MPLS. But with
proper selection of service provider and proper SLA security can become an
advantage for using MPLS.