Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3700
Views
15
Helpful
9
Replies

Advertising MPLS Lable for Specific IPs

Ali Norouzi
Level 1
Level 1

‎04-26-2011 01:12 AM

I know the functionality of  "mpls ldp advertise-labels for access-list" command. I want to know what are pros and cons of having this feature enabled or disabled in the network. Is it good to have MPLS Unicast Forwarding application in the network by allowing routers to generate lable and advertise them to the network. I want to know when its better to have Lable for whole the IPs in the network and when we should filter them by this command.

Thank you

Labels:
0 Helpful
9 Replies 9

Mohamed Sobair
Level 7
Level 7

‎04-26-2011 04:25 AM

Hi,

This command prevents extra labels to be advertised which is not needed.
Especifically this command should be executed at the PE router , because you only need the Label advertisment for the originating BGP session which starts and end Label Swithc paths from the headend to the tail end Label Switch router.

However, this command shouldnt be executed at the core where we need advertisment of all connected interface to create an IGP label which is used for the reachability between ingress and egress LSRs.

I hope this answers your question,

Regards,

Mohamed

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎05-01-2011 11:30 AM

Hello Ali,

the label space is a finite resource, so SP usually use this feature to advertise labels only for the loopback addresses of all nodes.

For this reason the IP address plan usually has a block of ip addresses that is used to pick ip the /32 IP addresses to be given to loopback addresses.

It is considered best practice to use label filtering as a way to achieve scalability.

This is specially true if all service related IP networks at edge are advertised in BGP in different address families .

Without label filtering, a small SP can get MPLS statistics per LSP so it could measure traffic per prefix switched in MPLS.

to be noted other router vendors like Juniper advertise only the label for the loopback address by default.

So a SP network can be run with MPLS label assigned only to loopback addresses

Edit:

note that actually in some releases and notably in IOS XR the command is effective if you issue also

no mpls  ldp advertise-tags

in order to first stop the sending of labels for all prefixes

then the other command you have mentioned allows for selective binding to happen

Hope to help

Giuseppe

0 Helpful

Atif Awan
Cisco Employee
Cisco Employee
In response to Giuseppe Larosa

‎05-02-2011 09:16 PM

@Guiseppe - This feature is not really used to 'conserve' label space. It is used to control label advertisement be it for security reasons or to ensure only required traffic is label switched. Label conservation is better achieved using the 'Local Label Allocation Filtering' feature (LLAF) using which you can actually do selective label assignments locally.

@Mohamed - I do not agree with the statement that the label advertisement control should not be used on the P nodes. It can be used and in fact is used by SPs. As long as you advertise labels from each P node for the PE loopback prefixes you ensure an end-to-end LSP.

Atif

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to Atif Awan

‎05-04-2011 01:38 AM

Hello Atif,

ten years ago,  C7500 were used as PE nodes and they had a label range 16-50000 thatcould be increased with configuration.

for security reasons I would see the use of LDP sessions with MD5 authentication

I have seen the introduction of MPLS label filtering for scalability reasons in those times.

However, label filtering can be a way to avoid to propagate label binding for unexpected IP prefixes and this can be seen as way to improve safety and protection from human configuration errors.

I agree on this

Edit:

may you provide a link to the feature that you have mentioned Local Label allocation filtering ?

thanks a lot

I mean mpls ldp avertising-tags for ....

not the to option

the to option I agree can be a security measure

Hope to help

Giuseppe

0 Helpful

Atif Awan
Cisco Employee
Cisco Employee
In response to Giuseppe Larosa

‎05-04-2011 01:57 AM 

giuslar wrote:
Hello Atif,
ten years ago,  C7500 were used as PE nodes and they had a label range 16-50000 thatcould be increased with configuration.
for security reasons I would see the use of LDP sessions with MD5 authentication
I have seen the introduction of MPLS label filtering for scalability reasons in those times.
However, label filtering can be a way to avoid to propagate label binding for unexpected IP prefixes and this can be seen as way to improve safety and protection from human configuration errors.
I agree on this
Edit:
may you provide a link to the feature that you have mentioned Local Label allocation filtering ?
thanks a lot
I mean mpls ldp avertising-tags for ....
not the to option
the to option I agree can be a security measure
Hope to help
Giuseppe

Hello Giuseppe,

The LLAF feature is documented at:

http://www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_ldp_alloc_filter.html

Atif

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to Atif Awan

‎05-04-2011 02:42 AM

Thanks Atif,

yes this covers the allocation on the local node I had seen the other command has no effects on locally assigned labels as you have noted.

good to know!

Best Regards

Giuseppe

0 Helpful

Mohamed Sobair
Level 7
Level 7
In response to Atif Awan

‎05-05-2011 02:04 PM

Atif,

However, I haven't seen service providers implementing this command on the Core, we didnt use it before and I have confered with different people m the are not using it either on the Core.

and the Second point, The Core needs to advertise the PEs addresses and IGP Labels for reachability and to establish the LSP. why would we need this command on the Core in the first place??

Regards,

Mohamed

0 Helpful

Atif Awan
Cisco Employee
Cisco Employee
In response to Mohamed Sobair

‎05-05-2011 11:46 PM 

msobier123 wrote:
Atif,
However, I haven't seen service providers implementing this command on the Core, we didnt use it before and I have confered with different people m the are not using it either on the Core.
and the Second point, The Core needs to advertise the PEs addresses and IGP Labels for reachability and to establish the LSP. why would we need this command on the Core in the first place??
Regards,
Mohamed

Hello Mohamed,

Well I am not sure why the people you have conferred with are not using it but for me it makes sense to be consistent throughout the core if your intention is for only the PE to PE loopback traffic to be label switched. You have to remember that each device independently allocates and advertises labels for all prefixes learnt via IGP in its RIB. If we do not configure this command on the P routers they will advertise labels for all prefixes in IGP which does not create an issue per say but is not really required either.

The reason I responded to your original post was because to me it gave the impression that using this command on the core P routers creates an issue which it does not.

Atif

yashfaqu
Level 1
Level 1
In response to Mohamed Sobair

‎05-07-2011 04:35 AM

I think, may be in future when we will be out of 1Million - 16 Labels, ISP will consider this option.

0 Helpful
Customers Also Viewed These Support Documents