Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1440
Views
15
Helpful
10
Replies

SRMS - Mapping Prefixes between ISIS and OSPF

loris.marcellini
Level 1
Level 1

‎02-23-2021 04:57 PM - edited ‎02-23-2021 04:59 PM

Hey folks,

 

background

I am merging two ASes, AS100 and AS300. AS100 runs ISIS level-2-only and has SR enabled. AS300 runs ospf and ospfv3 and has LDP enabled.

 

I have interconnected iosxr-9k-3 in AS100 to iosxrv-5 AS300 using a physical link and running ISIS between them. iosxrv-5 performs the isis to ospf redistribution and viceversa to allow the two ASes to learn each other internal loopbacks.

 

Capture.PNG

 

I am trying to put in communication prefix 10.10.10.10/32 in AS300 (LDP domain) with 102.102.102.102/32 in AS100 (SR domain).  The communication LDP to SR works as expected, LDP assigns labels to redistributed prefixes and in the interlink iosxrv-5 uses SR to communicate back to AS100.

 

outputs

 

traceroute from AS300 to AS100 (LDP to SR)

RP/0/0/CPU0:iosxrv-10#trace mpls ipv4 102.102.102.102/32 so 10.10.10.10
Wed Feb 24 00:46:52.972 UTC

Tracing MPLS Label Switched Path to 102.102.102.102/32, timeout is 2 seconds

Codes: '!' - success, 'Q' - request not sent, '.' - timeout,
  'L' - labeled output interface, 'B' - unlabeled output interface, 
  'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
  'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label, 
  'P' - no rx intf label prot, 'p' - premature termination of LSP, 
  'R' - transit router, 'I' - unknown upstream index,
  'X' - unknown return code, 'x' - return code 0

Type escape sequence to abort.

  0 210.200.188.2 MRU 1500 [Labels: 24004 Exp: 0]
L 1 210.200.188.1 MRU 1500 [Labels: 24013 Exp: 0] 0 ms
L 2 212.210.200.1 MRU 1500 [Labels: 16102 Exp: 0] 0 ms
L 3 212.210.210.2 MRU 1500 [Labels: 16102 Exp: 0] 0 ms
D 4 217.182.209.1 MRU 1500 [Labels: implicit-null Exp: 0] 20 ms

 

The communication SR to LDP can't work out-of-the-box and that's why I have implemented a mapping server on iosxrv-5. The traceroute looks horrendous:

 

traceroute from AS100 to AS300 (SR to LDP)

RP/0/RP0/CPU0:iosxr-9k-2#trace mpls ipv4 10.10.10.10/32 so 102.102.102.102
Wed Feb 24 00:46:14.441 UTC

Tracing MPLS Label Switched Path to 10.10.10.10/32, timeout is 2 seconds

Codes: '!' - success, 'Q' - request not sent, '.' - timeout,
  'L' - labeled output interface, 'B' - unlabeled output interface, 
  'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
  'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label, 
  'P' - no rx intf label prot, 'p' - premature termination of LSP, 
  'R' - transit router, 'I' - unknown upstream index,
  'X' - unknown return code, 'x' - return code 0

Type escape sequence to abort.

  0 180.144.186.1 MRU 1500 [Labels: 16010 Exp: 0]
M 1 180.144.186.2 MRU 0 [No Label] 4 ms
L 2 217.182.209.2 MRU 1500 [Labels: 16010 Exp: 0] 33 ms
M 3 212.210.210.1 MRU 0 [No Label] 11 ms
M 4 212.210.210.1 MRU 0 [No Label] 29 ms
M 5 212.210.210.1 MRU 0 [No Label] 9 ms
M 6 212.210.210.1 MRU 0 [No Label] 10 ms
M 7 212.210.210.1 MRU 0 [No Label] 10 ms
M 8 212.210.210.1 MRU 0 [No Label] 11 ms
M 9 212.210.210.1 MRU 0 [No Label] 11 ms
M 10 212.210.210.1 MRU 0 [No Label] 11 ms
M 11 212.210.210.1 MRU 0 [No Label] 10 ms
M 12 212.210.210.1 MRU 0 [No Label] 10 ms
M 13 212.210.210.1 MRU 0 [No Label] 10 ms
M 14 212.210.210.1 MRU 0 [No Label] 11 ms
M 15 212.210.210.1 MRU 0 [No Label] 10 ms
M 16 212.210.210.1 MRU 0 [No Label] 10 ms
M 17 212.210.210.1 MRU 0 [No Label] 11 ms
M 18 212.210.210.1 MRU 0 [No Label] 11 ms
M 19 212.210.210.1 MRU 0 [No Label] 10 ms
M 20 212.210.210.1 MRU 0 [No Label] 11 ms
M 21 212.210.210.1 MRU 0 [No Label] 17 ms
M 22 212.210.210.1 MRU 0 [No Label] 21 ms
M 23 212.210.210.1 MRU 0 [No Label] 18 ms
M 24 212.210.210.1 MRU 0 [No Label] 18 ms
M 25 212.210.210.1 MRU 0 [No Label] 18 ms
M 26 212.210.210.1 MRU 0 [No Label] 15 ms
M 27 212.210.210.1 MRU 0 [No Label] 10 ms
M 28 212.210.210.1 MRU 0 [No Label] 10 ms
M 29 212.210.210.1 MRU 0 [No Label] 10 ms
M 30 212.210.210.1 MRU 0 [No Label] 10 ms

 

The mapping works and SR enabled routers in AS100 reach the edge, however when landing on iosxrv-5 (LDP/SR router) it looks like the only labels used are those from LDP hence the communication breaks.

RP/0/RP0/CPU0:iosxr-9k-2#sh route 10.10.10.10/32 detail 
Wed Feb 24 00:48:15.792 UTC

Routing entry for 10.10.10.10/32
  Known via "isis 1", distance 115, metric 30, labeled SR(SRMS), type level-2
  Installed Feb 24 00:22:43.276 for 00:25:32
  Routing Descriptor Blocks
    150.180.144.2, from 5.5.5.5, via GigabitEthernet0/0/0/0.36
      Route metric is 30
      Label: 0x3e8a (16010)
      Tunnel ID: None
      Binding Label: None
      Extended communities count: 0
      Path id:2       Path ref count:0
      NHID:0x1(Ref:12)
    180.144.186.2, from 5.5.5.5, via GigabitEthernet0/0/0/0.54
      Route metric is 30
      Label: 0x3e8a (16010)
      Tunnel ID: None
      Binding Label: None
      Extended communities count: 0
      Path id:1       Path ref count:0
      NHID:0x2(Ref:14)
  Route version is 0xa (10)
  Local Label: 0x3e8a (16010)
  IP Precedence: Not Set
  QoS Group ID: Not Set
  Flow-tag: Not Set
  Fwd-class: Not Set
  Route Priority: RIB_PRIORITY_NON_RECURSIVE_LOW (8) SVD Type RIB_SVD_TYPE_LOCAL
  Download Priority 2, Download Version 376
  No advertising protos.

iosxrv-5 mapping-server

segment-routing
  global-block 16000 23999
    mapping-server
      prefix-sid-map
        address-family ipv4
          10.10.10.10/32 10 range 1 <-- telling the AS100 SR domain about prefix-sid for 10.10.10.10/32
        !
      !
    !
  !
!
router isis 1
segment-routing mpls sr-prefer
segment-routing prefix-sid-map advertise-local
address-family ipv4 unicast
  metric-style wide level 2
  redistribute ospf as300 level-2
!
router ospf as300
segment-routing sr-prefer
redistribute isis 1 <-- isis into ospf

 

problem

 

iosxrv-5 labels used

RP/0/0/CPU0:iosxrv-5#sh mpls forwarding prefix 10.10.10.10/32
Wed Feb 24 00:44:36.972 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes 
Label Label or ID Interface Switched 
------ ----------- ------------------ ------------ --------------- ------------
24002 24002 10.10.10.10/32 Gi0/0/0/0.486 212.210.200.2 664 < -- LDP labels used

 

question

 

As you can see, I have set sr-prefer in both ISIS and OSPF but that already feels weird by itself and makes me wonder, is this actually possible? I was thinking of migrating everything to run ISIS so that sr-prefer would work and iosxrv-5 would start using SR label + LDP label... but I wanted to check whether this is actually doable or not

 

This isn't called out as a possible use case in the official SR book... hence asking you folks!

 

Looking forward to hearing from you.

 

Thanks in advance, L.

 
Labels:
10 Replies 10

Abzal
Level 7
Level 7

‎02-24-2021 01:30 AM - edited ‎02-24-2021 01:57 AM

Hi,

From the output it looks like iosxr-9k-2 is getting correct SID label 10 because SRGB range starts from 16000 so 16000+10 is 16010 what you're seeing from the output.

Am I right that you're connecting LDP only domain with SR only domain? If so I'm not 100% sure but I think you don't need to  enable SR on OSPF domain on mapping server. 

Also SR must be configured under IPv4 family too on ISIS.

 

https://www.ciscolive.com/c/dam/r/ciscolive/latam/docs/2017/pdf/BRKSPG-2540.pdf 

Best regards,
Abzal
0 Helpful

loris.marcellini
Level 1
Level 1
In response to Abzal

‎02-24-2021 02:08 AM

Hey Abzal, thanks for your reply.

 

SR is enabled correctly under the af, just skipped few lines as the config is massive

 

To the ospf point, SR is not enabled, i just used sr-prefer hoping that would tell LDP running under OSPF: "hey use the SR label when available", but surely that did not take the desired effect

 

Any thoughts?

 

Thanks, l.

0 Helpful

loris.marcellini
Level 1
Level 1

‎02-24-2021 02:54 PM - edited ‎02-24-2021 02:58 PM

I have reverted to ISIS only in both ASes to make this work and for now until I get this clarified. Any thoughts anyone?

 

RP/0/RP0/CPU0:iosxr-9k-2#traceroute  10.10.10.10 source 102.102.102.102        
Wed Feb 24 22:53:28.495 UTC

Type escape sequence to abort.
Tracing the route to 10.10.10.10

 1  150.180.144.2 [MPLS: Label 16010 Exp 0] 72 msec  19 msec  21 msec 
 2  144.165.217.2 [MPLS: Label 16010 Exp 0] 23 msec  25 msec  24 msec <--- asr-9k-3 is the SRMS for the SR domain in AS100
 3  212.210.210.1 [MPLS: Label 16010 Exp 0] 257 msec  21 msec  20 msec <--- iosxrv-5 uses SR label as local and LDP as out label
 4  212.210.200.2 [MPLS: Label 24003 Exp 0] 23 msec  17 msec  16 msec 
 5  210.200.188.2 12 msec  *  20 msec

 

0 Helpful

loris.marcellini
Level 1
Level 1
In response to loris.marcellini

‎02-28-2021 02:40 PM

@Harold Ritter any clue?

0 Helpful

Harold Ritter
Cisco Employee
Cisco Employee
In response to loris.marcellini

‎03-02-2021 10:43 AM - edited ‎03-02-2021 10:52 AM

Hi Loris,

 

I see you got it to work by using ISIS through both domains, right? What does not work? When having ISIS in one domain, OSPF in the other and redistributing between the two?

 

By the way, is this a migration scenario or a coexistence scenario that you are testing?

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

loris.marcellini
Level 1
Level 1
In response to Harold Ritter

‎03-02-2021 11:49 AM

Hey Harold,

I got it working yeah! ISIS and OSPF coexistence was the problem here. It
looked like I wasn't able to tell both protocols to use SR as local and LDP
as egress labels.

I am confused and not entirely sure this is actually supposed to work as I
could not find examples of dual protocols scenarios in the SR book.

Looking forward to hearing from you.

Thanks in advance. l.
0 Helpful

Harold Ritter
Cisco Employee
Cisco Employee
In response to loris.marcellini

‎03-02-2021 04:10 PM

Hi Loris,

 

I do not think this scenario is actually supported. The best way to get the coexistence going in the case of the two domains with separate routing protocols would be to use BGP LU to create the end to end LSP.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

loris.marcellini
Level 1
Level 1
In response to Harold Ritter

‎03-02-2021 04:22 PM

Could not be happier to hear that is actually likely not supported

It was a simulation anyways.

Thanks for the precious help as usual!
0 Helpful

Harold Ritter
Cisco Employee
Cisco Employee
In response to loris.marcellini

‎03-02-2021 04:41 PM - edited ‎03-02-2021 04:48 PM

I just thought of one way to make it work and supported. It would be to have the border between the OSPF and ISIS domain and the border between the LDP and SR domain on different routers, as follow:

 

R1 ------ LDP/OSPF ------ R2 -------- LDP/ISIS ------- R3 ------- ISIS/SR ----- R4

 

R2 is the border between the OSPF and ISIS domain and R3 is the border between the LDP and SR domain.

 

But it could get complicated in a larger network and the BGP LU solution is probably more elegant.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

loris.marcellini
Level 1
Level 1
In response to Harold Ritter

‎03-03-2021 05:57 AM

Yep, that makes sense.

 

I would go for BGP-LU as you have suggested though, much more elegant for sure.

 

Thanks for your help, L.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents