Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
146
Views
0
Helpful
1
Replies

How do I configure a bi-directional SR policy

Go to solution
steven.crutchley
Level 3
Level 3

‎06-08-2025 01:51 PM

Hi all,

If I'm configuring an SR policy to do something like follow an explicit path, is there methodology I can use to make the return traffic follow the same reversed path? 
For example, if I have this:

segment-routing
 traffic-eng
  segment-list EXPLICIT1
   index 10 mpls label 16001
   index 20 mpls label 16002
   index 30 mpls label 16003
   index 40 mpls label 16005
  !
  policy POLICY1
   color 15 end-point ipv4 1.1.1.5
   candidate-paths
    preference 100
     explicit segment-list EXPLICIT1
     !
    !
   !
  !
 !

If I configure this on R1 and R5 is 1.1.1.5 then approiately steered traffic (with color 15 and endpoint 1.1.1.5) will follow the segment list. 

But what if I want the return traffic from R5 to R1 to follow that same explicit list? Is there a way to do this without manually configuring a policy on R5 to R1 using an explicit list in the opposite direction?

I found the `reverse-path` option here:

segment-routing
 traffic-eng
  policy POLICY1
   candidate-paths
    preference 100
     explicit segment-list EXPLICIT1
      reverse-path segment-list EXPLICIT1-REV

But if I configure `EXPLICIT1-REV` with the reverse path, it doesn't seem to work. 

Is there a proper way to do this, or is the best option just to create an SR policy in the opposite direction? 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joéster Brondani
Level 1
Level 1

‎06-09-2025 08:29 AM - edited ‎06-09-2025 08:32 AM

Hi @steven.crutchley 

The reverse path configuration in an SR Policy is only used for Performance Measurement (like delay or activity monitoring). It does not influence or direct the actual return traffic.

So even if you configure:

reverse-path segment-list EXPLICIT1-REV


the return path will not follow this segment list unless you explicitly configure a separate SR Policy on R5 with EXPLICIT1-REV and direct the traffic to it (e.g. via BGP, static routes or manual setup).

In other words, if you want symmetric forwarding, you must configure a policy on R5 to R1, (be it manual or using bgp/colors, etc).

See:

"Even in Circuit-Style SR-TE (CS-SR) introduced in IOS XR 7.8.1 — which is specifically designed for bidirectional, congruent paths — you still need to configure the reverse SR Policy manually to steer data-plane traffic symmetrically.

The reverse-path feature is monitoring-only. If you want actual traffic to follow the reverse segment list, you must define a policy in the opposite direction yourself."


https://www.cisco.com/c/en/us/td/docs/iosxr/ncs5500/segment-routing/711x/configuration/guide/b-segment-routing-cg-ncs5500-711x/configure-sr-te-policies.html

https://www.cisco.com/c/en/us/td/docs/iosxr/ncs5500/segment-routing/711x/configuration/guide/b-segment-routing-cg-ncs5500-711x/configure-performance-measurement.html

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Joéster Brondani
Level 1
Level 1

‎06-09-2025 08:29 AM - edited ‎06-09-2025 08:32 AM

Hi @steven.crutchley 

The reverse path configuration in an SR Policy is only used for Performance Measurement (like delay or activity monitoring). It does not influence or direct the actual return traffic.

So even if you configure:

reverse-path segment-list EXPLICIT1-REV


the return path will not follow this segment list unless you explicitly configure a separate SR Policy on R5 with EXPLICIT1-REV and direct the traffic to it (e.g. via BGP, static routes or manual setup).

In other words, if you want symmetric forwarding, you must configure a policy on R5 to R1, (be it manual or using bgp/colors, etc).

See:

"Even in Circuit-Style SR-TE (CS-SR) introduced in IOS XR 7.8.1 — which is specifically designed for bidirectional, congruent paths — you still need to configure the reverse SR Policy manually to steer data-plane traffic symmetrically.

The reverse-path feature is monitoring-only. If you want actual traffic to follow the reverse segment list, you must define a policy in the opposite direction yourself."


https://www.cisco.com/c/en/us/td/docs/iosxr/ncs5500/segment-routing/711x/configuration/guide/b-segment-routing-cg-ncs5500-711x/configure-sr-te-policies.html

https://www.cisco.com/c/en/us/td/docs/iosxr/ncs5500/segment-routing/711x/configuration/guide/b-segment-routing-cg-ncs5500-711x/configure-performance-measurement.html

0 Helpful
Customers Also Viewed These Support Documents