cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
593
Views
5
Helpful
12
Replies
loris.marcellini
Beginner

Segment Routing - BGP-LU interoperability

Hey folks,

 

topology

topo.png

background

AS300 runs ISIS L2 with Segment Routing enabled. Global block is default.

iosxrv-5 runs BGP-LU with AS100 (orange in the picture) to exchange loopback addresses of a third AS (InterAS Option C) and redistributes BGP into ISIS. Basically internal router use thos looback to establish a multihop VPNv4 session to another AS.

 

Everything works well with LDP autoconfig enabled in the core; that is, labels are assigned by LDP when prefixes are redistributed into ISIS, iosxrv-5 uses the BGP-LU label when leaving the AS and internal routers can easily reach remote loopbacks.

 

As soon as I enabled segment routing, iosxrv-5 stop assigning label to prefixes received from BGP. I have tried to configure a mapping server on iosxrv-5 but it seems you can't have the global block in SR to conflict with the label assigned by BGP. This led to iosxrv-5 assigning and receiving labels via BGP=LU and internal router having no labels for remote loopbacks prefixes.

 

configuration

 

iosxrv-5

 

router bgp 300
 address-family ipv4 unicast
  network 3.3.3.3/32 <-- iosxrv-3 loopback
  network 4.4.4.4/32 <-- iosxrv-4 loopback
  network 5.5.5.5/32 <-- iosxrv-5 loopback
  network 103.103.103.103/32 <-- iosxr-9k-3 loopback
  allocate-label all
 !
 address-family vpnv4 unicast
 !
 address-family vpnv6 unicast
 !
 neighbor 4.4.4.4
  remote-as 300
  update-source Loopback0
  address-family vpnv4 unicast
  !
  address-family vpnv6 unicast
  !
 !
 neighbor 136.152.218.2 <-- BGP peer in AS100
  remote-as 100
  address-family ipv4 labeled-unicast
   route-policy PASS in
   route-policy PASS out
  !
 !
!
router isis AS300
apply-group ISIS
is-type level-2-only
net 49.0001.0000.0000.0005.00
address-family ipv4 unicast
metric-style wide
metric-style wide level 2
mpls traffic-eng level-2-only
mpls traffic-eng router-id Loopback0
redistribute bgp 300 route-policy loopbacks_only <-- redistributes BGP-LU prefixes into ISIS
segment-routing mpls
!
interface Loopback0
address-family ipv4 unicast
prefix-sid absolute 16005
!
!
interface GigabitEthernet0/0/0/0.414
!
!

 

 

iosxr-9k-3

 

router isis AS300
 apply-group ISIS
 is-type level-2-only
 net 49.0001.0000.0000.0103.00
 address-family ipv4 unicast
  metric-style wide
  metric-style wide level 2
  mpls traffic-eng level-2-only
  mpls traffic-eng router-id Loopback0
  segment-routing mpls
 !
 interface Loopback0
  address-family ipv4 unicast
   prefix-sid absolute 16103
  !
 !
 interface GigabitEthernet0/0/0/0.378
 !
!

 

 

outputs

Let's take 15.15.15.15/32 as an example of remote loopback address I redistribute on iosxrv-5 from BGP into ISIS:

 

iosxrv-5

 

RP/0/0/CPU0:iosxrv-5#sh mpls forwarding 
Thu Jan 7 07:58:35.059 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16003 16003 SR Pfx (idx 3) Gi0/0/0/0.414 203.136.152.2 0
16004 Pop SR Pfx (idx 4) Gi0/0/0/0.414 203.136.152.2 404000
16103 16103 SR Pfx (idx 103) Gi0/0/0/0.414 203.136.152.2 0
24000 Pop SR Adj (idx 1) Gi0/0/0/0.414 203.136.152.2 0
24001 Pop SR Adj (idx 3) Gi0/0/0/0.414 203.136.152.2 0
25002 Pop 136.152.218.2/32 Gi0/0/0/0.432 136.152.218.2 312410
25005 16021 11.11.11.11/32 Gi0/0/0/0.432 136.152.218.2 0
25006 16022 12.12.12.12/32 Gi0/0/0/0.432 136.152.218.2 0
25007 16023 13.13.13.13/32 Gi0/0/0/0.432 136.152.218.2 211245
25008 16024 14.14.14.14/32 Gi0/0/0/0.432 136.152.218.2 0
25009 16025 15.15.15.15/32 Gi0/0/0/0.432 136.152.218.2 0

 

iosxr-9k-3

RP/0/RP0/CPU0:iosxr-9k-3#sh route 15.15.15.15/32
Thu Jan 7 08:04:44.775 UTC

Routing entry for 15.15.15.15/32
Known via "isis AS300", distance 115, metric 20, type level-2
Installed Jan 7 07:53:04.426 for 00:11:40
Routing Descriptor Blocks
205.184.203.1, from 5.5.5.5, via GigabitEthernet0/0/0/0.378
Route metric is 20
No advertising protos. 
RP/0/RP0/CPU0:iosxr-9k-3#sh mpls forwarding prefix 15.15.15.15/32
Thu Jan 7 08:05:11.314 UTC
RP/0/RP0/CPU0:iosxr-9k-3#

 

questions

  • should prefixes received from BGP-LU and redistributed in IGP get Prefix SID assigned and advertised inside the IGP domain? (I know mapping server can be used for LDP - SR interoperability, I have tried it here but label blocks conflicted).
  • is there a design issue where this is just not supposed to work as I have designed it

 

Thanks in advance for your help.

 

L.

 

1 ACCEPTED SOLUTION

Accepted Solutions

Hi Loris,

 

> Unfortunately my iosxrv release does not support segment routing commands for BGP and I could not implement your solution

 

BGP Proxy is indeed only available starting with XR 6.4, which would not be available in XRv. It would be available in XRV9k though.

 

> @Harold Ritter would this be how you would implement mapping server for IGP prefixes in this case?

 

The only entry you need in the mapping server configuration would be the one from iosxrv-5, since this is the only non-SR router in the domain. The routers in the other domain will be reachable BGP-LU and therefore do not need to be added to the SRMS config.

 

> Is there any better solution as an alternative to BGP Proxy SID when BGP at the edge receive BGP-LU labelled prefixes and the local AS > is SR enabled?

 

Other than BGP Proxy SID, the other option would be to not redistribute from BGP-LU to SR, but rather to propagate BGP-LU prefixes from iosxrv-5 and the other routers in the SR domain via iBGP labeled unicast.

 

Regards,

 

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

12 REPLIES 12
pigallo
Cisco Employee

 

Hi Loris,

 

If i understand correctly you enabled SR within AS300 only. Does AS100 runs SR too ?

 

thanks,

 

 

Regards.

Hey, no it doesn't, only AS300 is running SR.

pigallo
Cisco Employee


@loris.marcellini wrote:

 

questions

  • should prefixes received from BGP-LU and redistributed in IGP get Prefix SID assigned and advertised inside the IGP domain? (I know mapping server can be used for LDP - SR interoperability, I have tried it here but label blocks conflicted).
  • is there a design issue where this is just not supposed to work as I have designed it

 

Thanks in advance for your help.

 

L.

 


Ok,

so essentially, to answer your question, you should tell to your SR nodes within ISIS domain how those LDP labels are supposed to be translated in order to be forwarded. You are basically missing forwarding information on ASR9k-3.

And, in relation to SID allocation you can define also a non default range if you have any conflicts.

 

 

regards.

 

 

 

 

 

 

Hey thanks. I am not entirely sure about your answer here. I disabled LDP everywhere here and the only labels are coming from BGP

 

RP/0/0/CPU0:iosxrv-5#sh run mpls ldp
Thu Jan  7 12:33:25.790 UTC
% No such configuration item(s)

RP/0/0/CPU0:iosxrv-5#sh bgp label table 
Thu Jan  7 12:33:33.729 UTC
Label   Type               VRF/RD         Context
25002   ASBR Nexthop       0:0:0          0.0.0.0
25003   IPv4 GBL Prefix    0:0:0          3.3.3.3/32
25004   IPv4 GBL Prefix    0:0:0          4.4.4.4/32
25005   IPv4 GBL Prefix    0:0:0          11.11.11.11/32
25006   IPv4 GBL Prefix    0:0:0          12.12.12.12/32
25007   IPv4 GBL Prefix    0:0:0          13.13.13.13/32
25008   IPv4 GBL Prefix    0:0:0          14.14.14.14/32
25009   IPv4 GBL Prefix    0:0:0          15.15.15.15/32
25010   IPv4 GBL Prefix    0:0:0          103.103.103.103/32
Processed 9 entries
RP/0/0/CPU0:iosxrv-5#

 

About what part of my answer were you not sure ??

You have 2 ways to achieve your forwarding:

 

  1. Extend SR across ASes and use SID allocation via BGP-LU
  2. use SRMS within IGP to translate labels to SIDs

Anyway i just told you above that if you have, for some reason, any issue with overlapping label spaces (LDP/SR) you can choose also different ranges for your SRGB block.

 

 

Kind regards.

 

 

I am not sure about the part where you mention LDP as I am not using LDP anywhere. When I try to map labels on iosxrv-5 i get a conflict and I am not entirely sure how to change BGP-LU range there. Should I be using LDP here otherwise it won't work?

 

I think I actually had the concepts clear. What I am missing is the "how" and on top of that asking to clarify whether the design I have in place together my the idea of using BGP-LU and SR only in such a setup would somehow work or LDP is required.

 

Thanks, L.

 

Hi,

 

answers inline:

 

 


@loris.marcellini wrote:

I am not sure about the part where you mention LDP as I am not using LDP anywhere. When I try to map labels on iosxrv-5 i get a conflict and I am not entirely sure how to change BGP-LU range there. Should I be using LDP here otherwise it won't work?

SRGB block is changed globally. It's not related to BGP-LU.

As someone else suggested SRMS is the way to go or extend SR across ASes is another possible solution. You can also move your SRMS further in your IGP domain if you don't want configure it under XRv5.

 

 

I think I actually had the concepts clear. What I am missing is the "how" and on top of that asking to clarify whether the design I have in place together my the idea of using BGP-LU and SR only in such a setup would somehow work or LDP is required.

Check the config procedures for SR and you can find the detailed steps to implement it.
BGP-LU is just a feature designed to advertise labels but it can exchange also SIDs, so LDP is not necessarily needed here.

 

Thanks, L.


 

Harold Ritter
Cisco Employee

Hi Lori,

 

You need to configure BGP Proxy Prefix SID on iosxrv-5 for this to work. Please refer to the following document.

 

https://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k-r6-4/segment-routing/configuration/guide/b-segment-routing-cg-asr9000-64x/b-segment-routing-cg-asr9000-64x_chapter_0110.html#concept_wyr_hq3_cdb

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Harold, thanks. Unfortunately my iosxrv release does not support segment routing commands for BGP and I could not implement your solution

 

I have ended up replacing segment-routing with ldp between iosrv5 and iosxrv4 and spinning up a mapping server config on iosxrv as follow:

 

 

RP/0/0/CPU0:iosxrv-4#sh run segment-routing 
Fri Jan  8 07:59:30.429 UTC
segment-routing
 mapping-server
  prefix-sid-map
   address-family ipv4
    5.5.5.5/32 1
    11.11.11.11/32 5
    12.12.12.12/32 6
    13.13.13.13/32 7
    14.14.14.14/32 8
    15.15.15.15/32 9
   !
  !
 !
!

this way any communication between internal sr speakers iosxr-9k-3 and iosxrv3 to iosxr5 and beyond to external addresses is fully labelled with the exception that one label is LDP to cover the gap

 

 

RP/0/RP0/CPU0:iosxr-9k-3#trace 15.15.15.15 so lo0
Fri Jan  8 08:03:01.562 UTC

Type escape sequence to abort.
Tracing the route to 15.15.15.15

 1  205.184.203.1 [MPLS: Label 16009 Exp 0] 15 msec  9 msec  9 msec 
 2  203.136.152.1 [MPLS: Label 25009 Exp 0] 10 msec  5 msec  6 msec <-- LDP
 3  136.152.218.2 [MPLS: Label 16025 Exp 0] 5 msec  6 msec  7 msec 
 4  152.218.199.1 [MPLS: Label 16010 Exp 0] 6 msec  5 msec  6 msec 
 5  218.199.134.2 [MPLS: Label 16007 Exp 0] 6 msec  6 msec  5 msec 
 6  148.139.208.2 [MPLS: Label 16005 Exp 0] 6 msec  5 msec  6 msec 
 7  128.172.166.1 5 msec  *  7 msec 

 

 

@Harold Ritter would this be how you would implement mapping server for IGP prefixes in this case? Is there any better solution as an alternative to BGP Proxy SID when BGP at the edge receive BGP-LU labelled prefixes and the local AS is SR enabled?

 

Thanks for you help.

 

L.

 

 

Hi Loris,

 

> Unfortunately my iosxrv release does not support segment routing commands for BGP and I could not implement your solution

 

BGP Proxy is indeed only available starting with XR 6.4, which would not be available in XRv. It would be available in XRV9k though.

 

> @Harold Ritter would this be how you would implement mapping server for IGP prefixes in this case?

 

The only entry you need in the mapping server configuration would be the one from iosxrv-5, since this is the only non-SR router in the domain. The routers in the other domain will be reachable BGP-LU and therefore do not need to be added to the SRMS config.

 

> Is there any better solution as an alternative to BGP Proxy SID when BGP at the edge receive BGP-LU labelled prefixes and the local AS > is SR enabled?

 

Other than BGP Proxy SID, the other option would be to not redistribute from BGP-LU to SR, but rather to propagate BGP-LU prefixes from iosxrv-5 and the other routers in the SR domain via iBGP labeled unicast.

 

Regards,

 

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

Harold thanks! 

 

Yes the only prefixes I mapped were those redistributed on iosxrv-5 (loopbacks of remote ASes) plus iosxrv-5 loopback itself as those would travel unlabelled otherwise.

 

I'll try BGP-LU inside the AS keeping SR just for loopbacks and see how it goes. 

 

Thanks for the help with this, I learned about BGP proxy SID and that's really good, I will give that a try as soon as I feel like creating a 9k only AS (which requires me switching off several other VMs given one 9k requires 10/16GB of RAM).

 

Cheers, L.

Hi Loris,

 

Yes the only prefixes I mapped were those redistributed on iosxrv-5 (loopbacks of remote ASes) plus iosxrv-5 loopback itself as those

> would travel unlabelled otherwise.

 

It makes sense.

 

> I will give that a try as soon as I feel like creating a 9k only AS (which requires me switching off several other VMs given one 9k requires > 10/16GB of RAM).

 

The other option would be to use xrv9k only on iosxrv-5, where the BGP Proxy SID is required.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
Content for Community-Ad

This widget could not be displayed.