01-07-2021 12:20 AM
Hey folks,
topology
background
AS300 runs ISIS L2 with Segment Routing enabled. Global block is default.
iosxrv-5 runs BGP-LU with AS100 (orange in the picture) to exchange loopback addresses of a third AS (InterAS Option C) and redistributes BGP into ISIS. Basically internal router use thos looback to establish a multihop VPNv4 session to another AS.
Everything works well with LDP autoconfig enabled in the core; that is, labels are assigned by LDP when prefixes are redistributed into ISIS, iosxrv-5 uses the BGP-LU label when leaving the AS and internal routers can easily reach remote loopbacks.
As soon as I enabled segment routing, iosxrv-5 stop assigning label to prefixes received from BGP. I have tried to configure a mapping server on iosxrv-5 but it seems you can't have the global block in SR to conflict with the label assigned by BGP. This led to iosxrv-5 assigning and receiving labels via BGP=LU and internal router having no labels for remote loopbacks prefixes.
configuration
iosxrv-5
router bgp 300 address-family ipv4 unicast network 3.3.3.3/32 <-- iosxrv-3 loopback network 4.4.4.4/32 <-- iosxrv-4 loopback network 5.5.5.5/32 <-- iosxrv-5 loopback network 103.103.103.103/32 <-- iosxr-9k-3 loopback allocate-label all ! address-family vpnv4 unicast ! address-family vpnv6 unicast ! neighbor 4.4.4.4 remote-as 300 update-source Loopback0 address-family vpnv4 unicast ! address-family vpnv6 unicast ! ! neighbor 136.152.218.2 <-- BGP peer in AS100 remote-as 100 address-family ipv4 labeled-unicast route-policy PASS in route-policy PASS out ! ! !
router isis AS300
apply-group ISIS
is-type level-2-only
net 49.0001.0000.0000.0005.00
address-family ipv4 unicast
metric-style wide
metric-style wide level 2
mpls traffic-eng level-2-only
mpls traffic-eng router-id Loopback0
redistribute bgp 300 route-policy loopbacks_only <-- redistributes BGP-LU prefixes into ISIS
segment-routing mpls
!
interface Loopback0
address-family ipv4 unicast
prefix-sid absolute 16005
!
!
interface GigabitEthernet0/0/0/0.414
!
!
iosxr-9k-3
router isis AS300 apply-group ISIS is-type level-2-only net 49.0001.0000.0000.0103.00 address-family ipv4 unicast metric-style wide metric-style wide level 2 mpls traffic-eng level-2-only mpls traffic-eng router-id Loopback0 segment-routing mpls ! interface Loopback0 address-family ipv4 unicast prefix-sid absolute 16103 ! ! interface GigabitEthernet0/0/0/0.378 ! !
outputs
Let's take 15.15.15.15/32 as an example of remote loopback address I redistribute on iosxrv-5 from BGP into ISIS:
iosxrv-5
RP/0/0/CPU0:iosxrv-5#sh mpls forwarding
Thu Jan 7 07:58:35.059 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16003 16003 SR Pfx (idx 3) Gi0/0/0/0.414 203.136.152.2 0
16004 Pop SR Pfx (idx 4) Gi0/0/0/0.414 203.136.152.2 404000
16103 16103 SR Pfx (idx 103) Gi0/0/0/0.414 203.136.152.2 0
24000 Pop SR Adj (idx 1) Gi0/0/0/0.414 203.136.152.2 0
24001 Pop SR Adj (idx 3) Gi0/0/0/0.414 203.136.152.2 0
25002 Pop 136.152.218.2/32 Gi0/0/0/0.432 136.152.218.2 312410
25005 16021 11.11.11.11/32 Gi0/0/0/0.432 136.152.218.2 0
25006 16022 12.12.12.12/32 Gi0/0/0/0.432 136.152.218.2 0
25007 16023 13.13.13.13/32 Gi0/0/0/0.432 136.152.218.2 211245
25008 16024 14.14.14.14/32 Gi0/0/0/0.432 136.152.218.2 0
25009 16025 15.15.15.15/32 Gi0/0/0/0.432 136.152.218.2 0
iosxr-9k-3
RP/0/RP0/CPU0:iosxr-9k-3#sh route 15.15.15.15/32 Thu Jan 7 08:04:44.775 UTC Routing entry for 15.15.15.15/32 Known via "isis AS300", distance 115, metric 20, type level-2 Installed Jan 7 07:53:04.426 for 00:11:40 Routing Descriptor Blocks 205.184.203.1, from 5.5.5.5, via GigabitEthernet0/0/0/0.378 Route metric is 20 No advertising protos. RP/0/RP0/CPU0:iosxr-9k-3#sh mpls forwarding prefix 15.15.15.15/32 Thu Jan 7 08:05:11.314 UTC RP/0/RP0/CPU0:iosxr-9k-3#
questions
Thanks in advance for your help.
L.
Solved! Go to Solution.
01-08-2021 08:45 AM
Hi Loris,
> Unfortunately my iosxrv release does not support segment routing commands for BGP and I could not implement your solution
BGP Proxy is indeed only available starting with XR 6.4, which would not be available in XRv. It would be available in XRV9k though.
> @Harold Ritter would this be how you would implement mapping server for IGP prefixes in this case?
The only entry you need in the mapping server configuration would be the one from iosxrv-5, since this is the only non-SR router in the domain. The routers in the other domain will be reachable BGP-LU and therefore do not need to be added to the SRMS config.
> Is there any better solution as an alternative to BGP Proxy SID when BGP at the edge receive BGP-LU labelled prefixes and the local AS > is SR enabled?
Other than BGP Proxy SID, the other option would be to not redistribute from BGP-LU to SR, but rather to propagate BGP-LU prefixes from iosxrv-5 and the other routers in the SR domain via iBGP labeled unicast.
Regards,
01-07-2021 02:24 AM
Hi Loris,
If i understand correctly you enabled SR within AS300 only. Does AS100 runs SR too ?
thanks,
Regards.
01-07-2021 02:37 AM
Hey, no it doesn't, only AS300 is running SR.
01-07-2021 03:10 AM
@loris.marcellini wrote:
questions
- should prefixes received from BGP-LU and redistributed in IGP get Prefix SID assigned and advertised inside the IGP domain? (I know mapping server can be used for LDP - SR interoperability, I have tried it here but label blocks conflicted).
- is there a design issue where this is just not supposed to work as I have designed it
Thanks in advance for your help.
L.
Ok,
so essentially, to answer your question, you should tell to your SR nodes within ISIS domain how those LDP labels are supposed to be translated in order to be forwarded. You are basically missing forwarding information on ASR9k-3.
And, in relation to SID allocation you can define also a non default range if you have any conflicts.
regards.
01-07-2021 04:32 AM
Hey thanks. I am not entirely sure about your answer here. I disabled LDP everywhere here and the only labels are coming from BGP
RP/0/0/CPU0:iosxrv-5#sh run mpls ldp Thu Jan 7 12:33:25.790 UTC % No such configuration item(s) RP/0/0/CPU0:iosxrv-5#sh bgp label table Thu Jan 7 12:33:33.729 UTC Label Type VRF/RD Context 25002 ASBR Nexthop 0:0:0 0.0.0.0 25003 IPv4 GBL Prefix 0:0:0 3.3.3.3/32 25004 IPv4 GBL Prefix 0:0:0 4.4.4.4/32 25005 IPv4 GBL Prefix 0:0:0 11.11.11.11/32 25006 IPv4 GBL Prefix 0:0:0 12.12.12.12/32 25007 IPv4 GBL Prefix 0:0:0 13.13.13.13/32 25008 IPv4 GBL Prefix 0:0:0 14.14.14.14/32 25009 IPv4 GBL Prefix 0:0:0 15.15.15.15/32 25010 IPv4 GBL Prefix 0:0:0 103.103.103.103/32 Processed 9 entries RP/0/0/CPU0:iosxrv-5#
01-07-2021 07:16 AM
About what part of my answer were you not sure ??
You have 2 ways to achieve your forwarding:
Anyway i just told you above that if you have, for some reason, any issue with overlapping label spaces (LDP/SR) you can choose also different ranges for your SRGB block.
Kind regards.
01-07-2021 07:35 AM
I am not sure about the part where you mention LDP as I am not using LDP anywhere. When I try to map labels on iosxrv-5 i get a conflict and I am not entirely sure how to change BGP-LU range there. Should I be using LDP here otherwise it won't work?
I think I actually had the concepts clear. What I am missing is the "how" and on top of that asking to clarify whether the design I have in place together my the idea of using BGP-LU and SR only in such a setup would somehow work or LDP is required.
Thanks, L.
01-07-2021 08:55 AM
Hi,
answers inline:
@loris.marcellini wrote:
I am not sure about the part where you mention LDP as I am not using LDP anywhere. When I try to map labels on iosxrv-5 i get a conflict and I am not entirely sure how to change BGP-LU range there. Should I be using LDP here otherwise it won't work?
SRGB block is changed globally. It's not related to BGP-LU.
As someone else suggested SRMS is the way to go or extend SR across ASes is another possible solution. You can also move your SRMS further in your IGP domain if you don't want configure it under XRv5.
I think I actually had the concepts clear. What I am missing is the "how" and on top of that asking to clarify whether the design I have in place together my the idea of using BGP-LU and SR only in such a setup would somehow work or LDP is required.
Check the config procedures for SR and you can find the detailed steps to implement it.
BGP-LU is just a feature designed to advertise labels but it can exchange also SIDs, so LDP is not necessarily needed here.
Thanks, L.
01-07-2021 08:33 AM
Hi Lori,
You need to configure BGP Proxy Prefix SID on iosxrv-5 for this to work. Please refer to the following document.
Regards,
01-08-2021 12:05 AM
Harold, thanks. Unfortunately my iosxrv release does not support segment routing commands for BGP and I could not implement your solution
I have ended up replacing segment-routing with ldp between iosrv5 and iosxrv4 and spinning up a mapping server config on iosxrv as follow:
RP/0/0/CPU0:iosxrv-4#sh run segment-routing Fri Jan 8 07:59:30.429 UTC segment-routing mapping-server prefix-sid-map address-family ipv4 5.5.5.5/32 1 11.11.11.11/32 5 12.12.12.12/32 6 13.13.13.13/32 7 14.14.14.14/32 8 15.15.15.15/32 9 ! ! ! !
this way any communication between internal sr speakers iosxr-9k-3 and iosxrv3 to iosxr5 and beyond to external addresses is fully labelled with the exception that one label is LDP to cover the gap
RP/0/RP0/CPU0:iosxr-9k-3#trace 15.15.15.15 so lo0 Fri Jan 8 08:03:01.562 UTC Type escape sequence to abort. Tracing the route to 15.15.15.15 1 205.184.203.1 [MPLS: Label 16009 Exp 0] 15 msec 9 msec 9 msec 2 203.136.152.1 [MPLS: Label 25009 Exp 0] 10 msec 5 msec 6 msec <-- LDP 3 136.152.218.2 [MPLS: Label 16025 Exp 0] 5 msec 6 msec 7 msec 4 152.218.199.1 [MPLS: Label 16010 Exp 0] 6 msec 5 msec 6 msec 5 218.199.134.2 [MPLS: Label 16007 Exp 0] 6 msec 6 msec 5 msec 6 148.139.208.2 [MPLS: Label 16005 Exp 0] 6 msec 5 msec 6 msec 7 128.172.166.1 5 msec * 7 msec
@Harold Ritter would this be how you would implement mapping server for IGP prefixes in this case? Is there any better solution as an alternative to BGP Proxy SID when BGP at the edge receive BGP-LU labelled prefixes and the local AS is SR enabled?
Thanks for you help.
L.
01-08-2021 08:45 AM
Hi Loris,
> Unfortunately my iosxrv release does not support segment routing commands for BGP and I could not implement your solution
BGP Proxy is indeed only available starting with XR 6.4, which would not be available in XRv. It would be available in XRV9k though.
> @Harold Ritter would this be how you would implement mapping server for IGP prefixes in this case?
The only entry you need in the mapping server configuration would be the one from iosxrv-5, since this is the only non-SR router in the domain. The routers in the other domain will be reachable BGP-LU and therefore do not need to be added to the SRMS config.
> Is there any better solution as an alternative to BGP Proxy SID when BGP at the edge receive BGP-LU labelled prefixes and the local AS > is SR enabled?
Other than BGP Proxy SID, the other option would be to not redistribute from BGP-LU to SR, but rather to propagate BGP-LU prefixes from iosxrv-5 and the other routers in the SR domain via iBGP labeled unicast.
Regards,
01-09-2021 02:21 AM - edited 01-09-2021 02:21 AM
Harold thanks!
Yes the only prefixes I mapped were those redistributed on iosxrv-5 (loopbacks of remote ASes) plus iosxrv-5 loopback itself as those would travel unlabelled otherwise.
I'll try BGP-LU inside the AS keeping SR just for loopbacks and see how it goes.
Thanks for the help with this, I learned about BGP proxy SID and that's really good, I will give that a try as soon as I feel like creating a 9k only AS (which requires me switching off several other VMs given one 9k requires 10/16GB of RAM).
Cheers, L.
01-09-2021 08:17 AM - edited 01-09-2021 09:08 AM
Hi Loris,
> Yes the only prefixes I mapped were those redistributed on iosxrv-5 (loopbacks of remote ASes) plus iosxrv-5 loopback itself as those
> would travel unlabelled otherwise.
It makes sense.
> I will give that a try as soon as I feel like creating a 9k only AS (which requires me switching off several other VMs given one 9k requires > 10/16GB of RAM).
The other option would be to use xrv9k only on iosxrv-5, where the BGP Proxy SID is required.
Regards,
12-23-2022 09:00 AM
Same issue here, there is a bug report ,
https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr75370
When I redistribute prefix-sids from BGP into ISIS I get:
bgp[1060]: %ROUTING-BGP-3-RIB_FAIL : [11897] : Failed to Redist since prefix sid is out of SRGB inside calculate origin for TBL:default (1/1) while calling the RIB instance 0: Success
Same issue happens in the Multi Domain SR configuration when trying to advertise the prefix-sids into BGP-LU based on https://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k-r6-6/segment-routing/configuration/guide/b-segment-routing-cg-asr9000-66x/b-segment-routing-cg-asr9000-66x_chapter_0111.html
IOSxrv9k , version 6.5. and 7.2.
12-23-2022 12:05 PM - edited 12-24-2022 11:02 PM
Hi @Danial Rahdari ,
The workaround for this bug is to set the segment routing global range explicitly on both ASBRs and to restart the BGP process ("process restart bgp").
Regards,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide