This chapter covers MPLS (Multiprotocol Label Switching) concepts and labels, a core topic for the CompTIA Network+ N10-009 exam under Objective 1.6 (Networking Concepts). MPLS is a high-performance packet-forwarding technology that directs data from one network node to the next based on short path labels rather than long network addresses. Understanding MPLS is critical for about 5-10% of exam questions, typically in the context of WAN technologies, QoS, and VPN implementations. This chapter will explain the label structure, label operations, and how MPLS integrates with other technologies.
Jump to a section
Imagine a postal sorting facility that processes millions of parcels daily. Traditionally, each parcel carries a full address (like an IP packet with a destination IP). Each sorting center must read the entire address, look up the route, and decide the next hop. This is slow and requires complex lookups. Now consider an express train system: each cargo container gets a simple tag (the MPLS label) when it enters the network. At each switching yard, workers only look at the tag to decide which track to send the container down—they never open the container or read the full address. The tag is swapped at each yard (label switching) before forwarding. The train moves at high speed because decisions are made based on a fixed-length, short identifier. Similarly, MPLS routers (LSRs) forward packets based on a 20-bit label, not the IP header, enabling faster and more predictable routing. The label is pushed at the ingress, swapped at intermediate hops, and popped at the egress. This is exactly how MPLS works: it creates label-switched paths (LSPs) that bypass IP routing lookups at every hop.
What is MPLS and Why Does It Exist?
MPLS (Multiprotocol Label Switching) is a protocol-agnostic packet-forwarding technology that operates between Layer 2 (data link) and Layer 3 (network) of the OSI model—often referred to as Layer 2.5. It was designed to improve the speed and scalability of traditional IP routing. In pure IP networks, every router must perform a longest-prefix match lookup in the routing table for each packet, which can be slow and resource-intensive. MPLS avoids this by assigning a fixed-length label to each packet at the edge of the network. Core routers then forward packets based solely on this label, using a simple label lookup and swap operation. This enables faster forwarding, traffic engineering, VPN support, and Quality of Service (QoS) guarantees.
MPLS Label Structure
The MPLS label is a 32-bit field inserted between the Layer 2 header (e.g., Ethernet) and the Layer 3 header (e.g., IP). The label structure is defined in RFC 3032: - Label Value (20 bits): The actual label used for forwarding decisions. Values 0-15 are reserved for special purposes (e.g., IPv4 Explicit NULL label = 0, Router Alert label = 1, IPv6 Explicit NULL label = 2, OAM Alert label = 14). - Experimental (EXP) bits (3 bits): Used for QoS or Class of Service (CoS). These bits can influence packet drop precedence and scheduling. Often mapped from IP DSCP or 802.1p priorities. - Bottom of Stack (S bit) (1 bit): Indicates whether this label is the last in the label stack. Set to 1 if this is the bottom label; 0 otherwise. Multiple labels can be stacked for features like MPLS VPNs (e.g., two labels: one for VPN, one for transport). - Time to Live (TTL) (8 bits): Similar to IP TTL, decremented at each hop to prevent loops. The initial TTL is typically copied from the IP TTL or set to 255.
How MPLS Works: Label Operations
MPLS defines three basic label operations: - Push: Adding a label to the packet. This occurs at the ingress Label Edge Router (LER). The LER examines the packet's destination IP, determines which Label Switched Path (LSP) to use, and pushes the corresponding label onto the packet. - Swap: Replacing the top label with a new label. This happens at each intermediate Label Switching Router (LSR). The LSR reads the incoming label, looks up the Label Forwarding Information Base (LFIB), swaps it with an outgoing label, and forwards the packet out the appropriate interface. - Pop: Removing the label. This occurs at the egress LER. The egress router removes the label before forwarding the packet as a standard IP packet to its final destination. If the packet has multiple labels, the egress may pop the top label and forward based on the next label.
Label Distribution Protocols
For MPLS to work, routers must agree on label bindings—which label maps to which destination prefix or FEC (Forwarding Equivalence Class). This can be done statically or dynamically: - Static MPLS: Labels are manually configured on each router. Simple but not scalable. - LDP (Label Distribution Protocol): The most common dynamic protocol. LDP discovers neighbors via Hello messages (UDP port 646) and establishes TCP sessions (port 646) to exchange label bindings. LDP assigns labels to every prefix in the routing table. It uses four message types: Discovery, Session, Advertisement, and Notification. - RSVP-TE (Resource Reservation Protocol - Traffic Engineering): Used for traffic engineering. It reserves bandwidth along an explicit path and distributes labels. RSVP-TE uses Path and Resv messages to set up LSPs with specific bandwidth guarantees. - MP-BGP (Multiprotocol BGP): Used primarily for MPLS Layer 3 VPNs. MP-BGP carries VPN-IPv4 routes along with MPLS labels across the service provider backbone.
MPLS Network Components
Label Edge Router (LER): Also called Provider Edge (PE) router. Sits at the edge of the MPLS domain. Performs label push (at ingress) and pop (at egress). Also performs IP routing lookups to classify packets into FECs.
Label Switching Router (LSR): Also called Provider (P) router. Core routers that perform label swapping. They do not look at the IP header; they only forward based on labels.
Label Switched Path (LSP): The path through the MPLS network that packets follow based on label forwarding. An LSP is unidirectional (from ingress to egress). For bidirectional traffic, two LSPs are needed.
Forwarding Equivalence Class (FEC): A group of packets that are forwarded the same way (e.g., same destination prefix). Labels are assigned per FEC.
MPLS Forwarding Process (Detailed Step-by-Step)
Ingress LER receives an IP packet. It performs a longest-prefix match on the destination IP. It determines the FEC (e.g., destination prefix 10.1.1.0/24) and the corresponding LSP.
Ingress LER pushes an MPLS label. It looks up the LFIB for the FEC and finds an outgoing label (e.g., label 100). It pushes this label onto the packet. The packet now has an MPLS header between Layer 2 and Layer 3.
First LSR receives the labeled packet. It reads the top label (100). It looks up the LFIB entry for label 100, which tells it to swap label 100 with label 200 and forward out interface GigabitEthernet0/1.
Intermediate LSRs repeat the swap operation at each hop. Each LSR swaps the incoming label with the outgoing label specified in the LFIB.
Egress LER receives the labeled packet. The LFIB entry for the incoming label indicates a pop operation (or implicit null label). The egress LER removes the MPLS label and forwards the original IP packet to its destination.
MPLS Interactions with Other Technologies
MPLS VPNs: MPLS is the foundation for Layer 3 VPNs (RFC 4364) and Layer 2 VPNs (VPWS, VPLS). In a Layer 3 MPLS VPN, each customer's routes are isolated using VRF (Virtual Routing and Forwarding) instances, and VPN labels are distributed via MP-BGP.
MPLS QoS: The EXP bits in the MPLS header can be used to mark packets for differentiated services. LSRs can implement queueing and scheduling based on EXP bits. The MPLS EXP bits are often set based on the IP DSCP or 802.1p CoS at the ingress.
MPLS Traffic Engineering (TE): Using RSVP-TE, MPLS can route traffic along explicit paths to avoid congestion, even if those paths are not the shortest IP route. TE allows bandwidth reservation and path optimization.
MPLS and GMPLS: Generalized MPLS extends MPLS to non-packet networks like optical (SONET/SDH) and time-division multiplexing (TDM). It uses labels for wavelengths or timeslots.
Configuration and Verification Commands (Cisco IOS)
While the Network+ exam does not require deep configuration knowledge, understanding basic commands helps reinforce concepts.
Enabling MPLS on an interface:
interface GigabitEthernet0/0
mpls ipVerifying LDP neighbors:
show mpls ldp neighborViewing the LFIB (Label Forwarding Information Base):
show mpls forwarding-tableTracing an MPLS path:
traceroute mpls ipv4 10.1.1.1 255.255.255.255Defaults and Timers
LDP Hello interval: 5 seconds (default)
LDP Hello hold time: 15 seconds (3 x hello interval)
LDP session keepalive interval: 10 seconds
LDP session hold time: 30 seconds
Label retention: Liberal (default) – LSR retains labels even if not currently used, for faster convergence.
TTL propagation: By default, the IP TTL is copied to the MPLS TTL at ingress, and MPLS TTL is copied back to IP TTL at egress.
Ingress LER Classifies Packet
The ingress Label Edge Router (LER) receives an IP packet on its customer-facing interface. It performs a standard IP routing lookup using the destination IP address. Based on the routing table, it determines the Forwarding Equivalence Class (FEC), which groups packets destined for the same prefix or with similar forwarding treatment. The LER then identifies the Label Switched Path (LSP) associated with that FEC. This classification step is the only IP lookup in the entire MPLS forwarding path—all subsequent hops forward based solely on labels.
Ingress LER Pushes Label
Once the FEC is determined, the ingress LER looks up the Label Forwarding Information Base (LFIB) to find the outgoing label for that FEC. It then pushes (adds) an MPLS header containing that label onto the packet. The MPLS header is inserted between the Layer 2 header (e.g., Ethernet) and the IP header. The label value is 20 bits, and the EXP bits may be set based on QoS policies. The Bottom of Stack (S) bit is set to 1 if this is the only label, or 0 if additional labels will follow. The TTL is copied from the IP TTL or set to a default value.
Intermediate LSR Swaps Label
The labeled packet arrives at an intermediate Label Switching Router (LSR). The LSR reads only the top label—it does not examine the IP header. It performs a lookup in its LFIB using the incoming label as the key. The LFIB entry specifies an outgoing label and an outgoing interface. The LSR swaps the incoming label with the outgoing label (i.e., it overwrites the label value). It then decrements the MPLS TTL by 1. If TTL reaches 0, the packet is discarded and an ICMP TTL exceeded message may be sent (if configured). The packet is then forwarded out the specified interface to the next hop LSR.
Egress LER Pops Label
The labeled packet reaches the egress Label Edge Router (LER). The egress LER reads the top label and consults its LFIB. The LFIB entry for this label typically indicates a pop operation (removing the label) or a swap to an implicit/explicit null label (label 3 or 0). The egress LER removes the MPLS header entirely. If there were multiple labels (stacked), it may pop only the top label and forward based on the next label. After popping, the original IP packet is forwarded via standard IP routing to the final destination. The egress LER may also copy the MPLS TTL back into the IP TTL.
Final Destination Receives IP Packet
The destination host or router receives a standard IP packet with no MPLS encapsulation. The packet has traversed the MPLS domain without any intermediate routers performing IP lookups. This reduces latency and processing overhead. The path from ingress to egress is the Label Switched Path (LSP). Note that MPLS forwarding is unidirectional; return traffic would follow a different LSP. The entire process is transparent to end devices—they are unaware that MPLS was used in the core network.
Enterprise Scenario 1: MPLS Layer 3 VPN for Multi-Site Connectivity
A large enterprise with 50 branch offices and 3 data centers wants to connect all sites securely over a service provider's network. The provider offers MPLS Layer 3 VPN service. Each site has a CE (Customer Edge) router connected to the provider's PE (Provider Edge) router. The provider runs MPLS in its core with LDP distributing labels. Each customer site's routes are isolated using VRF instances on the PE. MP-BGP is used to exchange VPN-IPv4 routes between PEs, carrying both the route and an MPLS VPN label. The PE assigns two labels: the outer transport label (from LDP) to get the packet to the egress PE, and the inner VPN label to identify the correct VRF at the egress. This allows the enterprise to have overlapping IP addresses across sites (e.g., 10.0.0.0/8 in multiple VRFs) without conflict. In production, the service provider must carefully plan label space and VRF RD/RT values. Misconfiguration (e.g., incorrect RT import/export) can cause route leaks or blackholing. Performance is typically line-rate as core LSRs perform simple label swaps. Common issues include LDP session flapping due to MTU mismatches (MPLS adds 4 bytes per label) and TTL propagation causing traceroute to show only the egress PE instead of actual hops.
Enterprise Scenario 2: MPLS Traffic Engineering for Bandwidth Optimization
A financial institution requires guaranteed bandwidth between two data centers for real-time trading data. The IP routing protocol (OSPF) would send traffic along the shortest path, which may be congested. The network team deploys MPLS Traffic Engineering (MPLS-TE) using RSVP-TE. They configure explicit paths that avoid congested links and reserve 1 Gbps of bandwidth. The ingress PE signals an LSP using RSVP Path messages, which include bandwidth requirements. Each intermediate LSR checks available bandwidth and reserves it. RSVP Resv messages flow back, confirming the reservation and distributing labels. Once the LSP is established, traffic is forwarded along the TE tunnel. This allows the institution to use underutilized links and meet SLAs. In production, RSVP-TE requires careful bandwidth accounting and may need refresh timers tuned (default 30 seconds). Misconfiguration can cause LSPs to flap or fail to establish if bandwidth is insufficient. Common pitfalls: forgetting to enable MPLS TE on interfaces, or incorrect admin groups preventing path selection.
Scenario 3: Service Provider Core with MPLS LDP
A tier-2 ISP runs MPLS LDP in its core network of 20 P routers. LDP automatically assigns labels to all IGP routes (OSPF or IS-IS). The core forwards millions of packets per second. The ISP uses MPLS to offer Layer 2 VPN (VPLS) for transparent LAN services to enterprise customers. VPLS uses two labels: the outer transport label (LDP) and the inner VC label (from LDP or targeted LDP). The ISP must ensure that LDP sessions are stable; they run over TCP and can be affected by routing changes. They use the 'mpls ldp router-id' command to set a stable loopback address. Common issues include label binding table size (up to 1 million labels on high-end routers) and label space exhaustion. Monitoring commands like 'show mpls ldp bindings' help verify label distribution.
Exactly What N10-009 Tests on MPLS
The CompTIA Network+ N10-009 exam covers MPLS under Objective 1.6 (Networking Concepts) and also in Objective 2.2 (Compare and contrast routing technologies and bandwidth management concepts). You need to know:
The purpose of MPLS (speeding up routing, enabling VPNs, traffic engineering)
The MPLS label structure: 20-bit label, 3-bit EXP, 1-bit S, 8-bit TTL
Label operations: push, swap, pop
The difference between LER (edge) and LSR (core) routers
How MPLS differs from traditional IP routing (label vs. address lookup)
That MPLS is not a routing protocol; it relies on LDP, RSVP-TE, or static configuration
Basic understanding of MPLS VPN (L3VPN) and traffic engineering concepts
Common Wrong Answers and Why Candidates Choose Them
"MPLS replaces IP routing" – Wrong. MPLS works alongside IP routing. IP routing determines the path; MPLS labels are assigned based on that path. Candidates often think MPLS is a replacement because it forwards faster, but it still relies on IP routing protocols (OSPF, BGP) for route discovery.
"MPLS operates at Layer 3" – Wrong. MPLS is often called Layer 2.5 because it sits between Layer 2 and Layer 3. It uses its own label header, not IP addresses, for forwarding. The exam may ask which layer MPLS belongs to; the correct answer is Layer 2.5 or between Layer 2 and Layer 3.
"MPLS labels are globally unique" – Wrong. Labels are locally significant between two MPLS neighbors. A label value of 100 on one router may mean something different on another. Many candidates assume labels are like IP addresses (globally unique), but they are not.
"MPLS requires a routing protocol like BGP" – Wrong. MPLS can use static labels or LDP. BGP is only needed for MPLS VPNs (MP-BGP). The exam may ask which protocol is used to distribute labels; the answer is LDP, not BGP.
Specific Numbers and Terms That Appear on the Exam
Label size: 20 bits (the entire header is 32 bits)
Reserved labels: 0 (IPv4 Explicit NULL), 1 (Router Alert), 2 (IPv6 Explicit NULL), 3 (Implicit NULL)
EXP bits: 3 bits for QoS (0-7)
S bit: 1 bit; 1 = bottom of stack
TTL: 8 bits
LDP uses UDP (discovery) and TCP (session) port 646
LDP hello interval: 5 seconds (default)
LDP hold time: 15 seconds
Edge Cases and Exceptions
PHP (Penultimate Hop Popping): The second-to-last LSR (penultimate hop) pops the label and sends an IP packet to the egress LER. This reduces the egress's processing. The exam may ask: "What label operation does the penultimate hop perform?" Answer: Pop (or implicit null).
Label stacking: For MPLS VPNs, two labels are used. The exam might ask: "How many labels does an MPLS VPN packet have?" Answer: Two (outer transport label, inner VPN label).
TTL handling: By default, MPLS copies IP TTL to MPLS TTL at ingress and copies back at egress. This allows traceroute to work across the MPLS domain. However, some implementations hide core hops (TTL propagation disabled). The exam may test that traceroute may not show all hops if TTL propagation is disabled.
How to Eliminate Wrong Answers
If the question mentions "fast forwarding" or "label switching," look for the answer that involves MPLS.
If the answer choices include "Layer 2.5" or "between Layer 2 and Layer 3," that is the correct description.
If the question asks about label distribution, eliminate BGP unless it's about MPLS VPNs. LDP is the generic answer.
If the question describes a router that pushes/pops labels, it's an LER (edge). If it swaps labels, it's an LSR (core).
Remember that MPLS is unidirectional; two LSPs are needed for bidirectional communication.
MPLS is a Layer 2.5 forwarding technology that uses 32-bit labels (20-bit label, 3-bit EXP, 1-bit S, 8-bit TTL).
Label operations are push (ingress LER), swap (LSR), and pop (egress LER).
LDP (Label Distribution Protocol) uses UDP port 646 for discovery and TCP port 646 for session establishment.
Penultimate Hop Popping (PHP) is a performance optimization where the second-to-last LSR pops the label before sending to the egress.
MPLS labels are locally significant; they are not globally unique.
MPLS supports traffic engineering via RSVP-TE and VPNs via MP-BGP.
The Bottom of Stack (S) bit indicates the last label in a label stack.
MPLS does not replace routing protocols; it depends on them for route information.
Default LDP hello interval is 5 seconds; hold time is 15 seconds.
MPLS can carry any Layer 3 protocol (IPv4, IPv6, etc.)—hence 'multiprotocol'.
These come up on the exam all the time. Here's how to tell them apart.
MPLS (Label Switching)
Uses fixed-length labels (20 bits) for forwarding decisions.
Label lookup is a simple exact-match in LFIB.
Labels are locally significant and swapped at each hop.
Supports traffic engineering, VPNs, and QoS via EXP bits.
Operates at Layer 2.5.
Traditional IP Routing
Uses variable-length destination IP addresses (32 bits for IPv4).
Requires longest-prefix match lookup in routing table (more complex).
IP addresses are globally significant (public) or locally significant (private).
No inherent support for traffic engineering; relies on metric-based routing.
Operates at Layer 3.
Mistake
MPLS is a routing protocol that replaces OSPF or BGP.
Correct
MPLS is a forwarding mechanism, not a routing protocol. It relies on IP routing protocols (e.g., OSPF, IS-IS) to learn routes and build the routing table. LDP then assigns labels to these routes. Without a routing protocol, MPLS has no path information.
Mistake
MPLS labels are unique across the entire network.
Correct
MPLS labels are locally significant between two directly connected LSRs. Each router assigns its own label values independently. A label value of 100 on one router may map to a different FEC than label 100 on another router. The LFIB keeps the mapping local.
Mistake
MPLS operates at Layer 3 of the OSI model.
Correct
MPLS is considered a Layer 2.5 technology. It inserts a shim header between the Layer 2 header and the Layer 3 header. Forwarding decisions are based on labels, not IP addresses, so it does not fit neatly into Layer 2 or Layer 3.
Mistake
MPLS requires BGP to distribute labels.
Correct
BGP is only used for MPLS VPNs (MP-BGP) to distribute VPN routes and VPN labels. For basic MPLS forwarding, LDP (Label Distribution Protocol) is the standard protocol for label distribution. Static label configuration is also possible.
Mistake
MPLS always improves performance over IP routing.
Correct
MPLS can improve forwarding speed by avoiding IP lookups, but the performance gain is marginal on modern hardware with ASICs. The primary benefits of MPLS are traffic engineering, VPN support, and QoS—not raw speed.
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
An LER (Label Edge Router) sits at the edge of the MPLS domain. It performs label push (at ingress) and label pop (at egress). It also performs IP routing lookups to classify packets into FECs. An LSR (Label Switching Router) is a core router that performs label swapping. It only looks at the MPLS label, not the IP header, to forward packets. LERs are also called PE (Provider Edge) routers, while LSRs are called P (Provider) routers.
PHP is a performance optimization where the second-to-last LSR (the penultimate hop) removes the MPLS label before forwarding the packet to the egress LER. This means the egress LER receives a plain IP packet and does not need to perform a label pop operation. PHP uses the implicit null label (label value 3) to signal the penultimate hop to pop the label. This reduces processing load on the egress router.
MPLS supports QoS using the 3-bit EXP (Experimental) field in the MPLS header. These bits can be used to mark packets with different classes of service (0-7). At each LSR, the EXP bits can be used to determine per-hop behavior (PHB) such as queue scheduling, drop priority, and shaping. Typically, the EXP bits are set at the ingress LER based on the IP DSCP or 802.1p CoS values. This allows end-to-end QoS across the MPLS network.
A Forwarding Equivalence Class (FEC) is a group of packets that are forwarded in the same manner over the same path. Packets in the same FEC are assigned the same MPLS label. Typically, a FEC corresponds to a destination IP prefix (e.g., 10.1.1.0/24). However, a FEC can also be defined by other criteria such as source IP, QoS requirements, or VPN membership. The ingress LER classifies packets into FECs and assigns the appropriate label.
MPLS Layer 3 VPN (L3VPN) uses the provider's PE routers to participate in the customer's routing. The PE routers exchange customer routes using MP-BGP, and each customer is isolated using VRF instances. The customer's CE router runs a routing protocol (e.g., BGP, OSPF) with the PE. In MPLS Layer 2 VPN (L2VPN), the provider's network appears as a transparent Layer 2 switch. The customer's CE routers are connected via a virtual circuit, and the provider does not participate in Layer 3 routing. Examples of L2VPN include VPWS (point-to-point) and VPLS (multipoint).
Yes, MPLS can be configured with static labels, where you manually assign label bindings on each router. This is simple but not scalable. Additionally, RSVP-TE can distribute labels for traffic-engineered LSPs without using LDP. MP-BGP also distributes labels for MPLS VPNs. However, for basic MPLS forwarding, LDP is the most common dynamic label distribution protocol.
Label stacking means that a packet can carry multiple MPLS labels (a label stack). The S (Bottom of Stack) bit indicates the last label. Label stacking is used in MPLS VPNs: the outer label (transport label) is used to forward the packet across the provider core, and the inner label (VPN label) identifies the customer VPN at the egress PE. This allows multiple layers of encapsulation without changing the IP header.
You've just covered MPLS Concepts and Labels — now see how well it sticks with free N10-009 practice questions. Full explanations included, no account needed.
Done with this chapter?