MPLS Labels and Devices

This topic is to discuss the following lesson:


Great lesson however, I have a question about MPLS TTL =254. It means there are 254 hops from CE1 to CE2 for each hop TTL decreases by 1 is that correct? How do we determine or define TTL value?



Hi Hamood,

That’s right, the TTL for the MPLS label works the same as the TTL for the IP packet.

When the PE router receives an IP packet then it will copy the TTL of the IP packet into the MPLS label TTL. Within the MPLS Core, the TTL of the label decreases at each hop. When the MPLS label is popped, it’s TTL value is copied into the TTL of the IP packet.


Hi Rene,

Thank you for the excellent explanation.

Question is regarding the frame-size, with the MPLS header and the ethernet frame the MTU would be maximum 1504 bytes.

It this going to be fragmented?




Hi Hans,

Most interfaces nowadays support Jumbo frames (9000 bytes) so the extra label(s) from MPLS shouldn’t be a problem. You should check this though and increase the MTU if required.


Dear Rene,

What is the best practice to configure the MTU for MPLS? I see some need 1504, some 1508, some 1522 or 1526.


1 Like

Hi Davis,

It depends on the network. Each VPN label will add 4 bytes of overhead.

MPLS VPN uses two labels so you would require a MTU of 1508.

When you have customers that for example are using the MPLS network to transport 802.1Q frames then you’ll need to increase the MTU to account for the extra overhead.


Hi Rene,

The 802.1Q you means is MPLS Layer 2 connection like ATOM?


Hi Davis,

That’s right. When you have customers with “regular” IP packets then only need to increase the MTU by 8 bytes (2x label) but in case of something like 802.1Q, you’ll need an even bigger MTU.


Hi Rene,

Thanks for excellent explanation. just one question how the CE and PE communicate each other.

In almost all cases, the CE device will be completely unaware of MPLS. This means that CE and PE communicate normally–almost always using BGP. Often times, the provider will have a VRF defined for the CE, but the CE is also unaware of this.

Hi Rene, one quick question. Don’t we have security issues when sending IP traffic between P3 and PE2? Do ISP’s have IPSEC tunnels over the penultimate hop path?

I am asking this question because, the traffic is no longer MPLS between P3 and PE2 right?

Having an MPLS label inserted into a packet doesn’t increase or decrease its security, so traffic not having the label wouldn’t be any more or less secure.

As far as traffic between P3 and PE2, if traffic is destined for PE2, and the default behavior of penultimate hop popping is enabled, then there would be not be label used for traffic between P3 and PE2. Traffic in the opposite direction, however, would be using a label imposed by PE2 before it is passed on to P3.


So the penultimate is enabled on the last hop before the PE device? What if they are multiple P hops that have routes to PE, which one will get used? Is that still based on routing or MPLS tags?


Hi Fabian,

PHP (Penultimate Hop Popping) occurs one hop before the PE device yes. Your routing decides the path that is used, labels will be generated for the entries in your routing table.

If you have two equal paths then it’s possible that both P routers deliver traffic. Both will perform PHP then.


Hey Rene,

Thanks for the great lesson. Can you explain about the implicit and explicit null labels used in MPLS

Hi Kumaran,

These have to do with PHP (Penultimate Hop Popping).

Imagine you have a couple of routers like this:

CE1 - PE1 - P1 - P2 - PE2 - CE2

Let’s say CE1 sends an IP packet meant for CE2. What happens is that PE1 adds a label and then it gets label switched from PE1 to P1 > P2 > PE2.

To save PE2 a label lookup, we use PHP. This means that P2 will remove the label before forwarding it to PE2. This will save PE2 a label lookup.

P2 knows that it has to do PHP because PE2 will tell it to. This is done with the implicit NULL label which has a value of 3. This is the default behavior btw.

The problem with PHP is QoS…In the MPLS header, we can use the EXP bits for marking. When P2 pops the label, how does PE2 know what marking the packet should have? It doesn’t have a clue…

To prevent this from happening, we can use the explicit NULL label which has a value of 0. The PE2 will use this to signal P2 to use label value 0 where we can store the EXP bits. The label won’t be popped and PE2 will receive the marking.

Hope this helps!


Rene, they say it is not EXP field but TC now.
What do you think?

Hi Rene,

Hope you are doing great …

I have some questions …

  1. What is the advantage Using PHP over Ultimate HOP popping . I am facing some confusion regarding why we will use PHP.
  2. Suppose 3 ldp Router connected serially … R1+R2+R3 , R1 has a prefix that tag: imp-null and advertise to R2 . R2 also created Tag :16 for and advertise to R1, R3 . Also R3 created Tag:20 for and advertise to R2. So, R2 got those Tags for : 1. Tag :imp-null from R1, 2. Tag: 16 (own creation), 3. Tag:20 from R3 . So my questions is how R2 create LFIB where 3 tags available for same Prefix .
  3. When PE will receive regular IP packect ,then it will add Label, right ?My questions is why MPLS will kick in . It can forward packet based on IP . What is the lookup process behind this .