More on Multi-protocol Label Switching

As conference director for MPLScon and owner of the MPLS Resource Center (, I took an especially keen interest in the story “Experts Call MPLS Bad For ‘Net”.

Unfortunately, it seems the folks you spoke with are spreading fear, uncertainty and doubt about the role of MPLS, as well as raising several red herrings.

First, it is important to note that MPLS is being used for several purposes within today’s carrier networks. One area is VPN services; a completely unrelated area is traffic engineering. Many major carriers have embraced MPLS as a tool for routing around the inefficiencies of IP routing protocol path selection. So to say that MPLS is “bad for ‘Net” without clarifying that you are referring to MPLS VPN services is misleading.

Second, a recent report by Miercom noted that the security of MPLS VPNs is equivalent to that of frame relay or ATM private virtual circuits (PVC). MPLS really is just another method to build PVCs, only at the IP layer instead of at Layer 2. The risk of an operator misprovisioning a circuit and losing data is no different than for ATM or frame relay. ATM, frame relay and MPLS VPNs all carry unencrypted IP traffic, and the security risks for all three are identical.

Third, the contention that a company doesn’t need MPLS if it has frame relay or ATM is only accurate if the company plans to continue to base its networks on ATM or frame relay. I’m not aware of any carrier willing to conform to that approach given the inherent inefficiencies in carrying high-speed, predominantly IP traffic on ATM. Even more ludicrous is the statement that a company doesn’t need MPLS if it has a pure IP network. That is only true if the company wants to offer IP Security VPN services as the only option, and even in that case, MPLS is still required for traffic engineering.