Security analysis of RSVP-TE signaling in MPLS networks

Multiprotocol label switching (MPLS) is one of the fastest growing telecommunications infrastructure technologies. MPLS provides OSI layer 2 switching speed coupled with layer 3 addressing, and supports multiple service models and sophisticated traffic management. Several telecommunications companies have made massive investments in MPLS technology. Indeed, within a few years, a major portion of global data, voice and video traffic is expected to travel over MPLS network cores.This paper examines the security issues related to the RSVP-TE signaling protocol, which is vital to creating and managing the high-speed paths used by MPLS traffic. Our analysis has revealed several exploits–ranging from network enumeration to denial-of-service attacks–that can significantly impact MPLS networks. The exploits are discussed in detail along with proposed mitigation strategies.