Based on my current study of the CCNP SP CORE 350-501 exam, I have decided to share in a blog what I have been learning about Segment Routing using EVE-NG and XR version 6.0.1. It is worth noting that this version has limitations, and it is advised to use version 7 ( I have used 6.3.1 to configure Adjacency-sid index; in this version, it currently works correctly ). Without further ado, let’s begin.

Introduction to Segment Routing (SR):

Segment Routing (SR) represents an extension of link-state routing protocols (IGP), such as OSPF and IS-IS, which have been present in the realm of networking for several years. SR does not involve the exchange of hello messages or packet updates, nor does it require the existence of adjacency relationships between nodes. Instead, it introduces new LSAs (Link State Advertisements) for OSPF and TLVs (Type Length Values) for IS-IS, thus providing a more direct and efficient routing approach.

Segment Routing Models:

• SR-MPLS: Implemented for both IPv4 and IPv6.
• SRv6: Exclusively designed for IPv6. TIP : In real deployment environments, SR-MPLS is more commonly used, although SRv6 promises to be a significant solution in the near future.

KEY:

Open Standar

*RFC 8660 ( https://datatracker.ietf.org/doc/html/rfc8660 )

*RFC 8667 ( https://datatracker.ietf.org/doc/html/rfc8667 )

*RFC 8402 ( https://datatracker.ietf.org/doc/html/rfc8402 )

KEY:

• Even if Segment Routing is not enabled:

– Label range [0-15] reserved for special-purposes

– Label range [16-15,999] reserved for static MPLS labels

– Label range [16,000-23,999] preserved for SRGB

– Label range [24,000-max] used for dynamic label allocation

SRGB

Is a range of MPLS label values reserved for Segment Routing use. It is essentially a block of MPLS labels globally assigned within a Segment Routing network and used for assigning labels to Segment IDs (SIDs) in the MPLS data plane.

LSD manages the labels Allocation

16000 - 23999 reserved from SRGB

24000 - max are used for dynamic labels (Adjacency-SIDs included)

SRGB

IGP uses the global SRGB base and range

We can modify both the global or IGP SRGB

Best practice: same SRGB on all nodes

SRGB can be configured in 2 ways.

EXAMPLE 1, case 1:

In this scenario, we do not modify the default segment routing globally, but only make modifications within the IGP.

IS-IS instance 1: Non-default SRGB [30,000 - 39,999] - This instance will have these SRGB values. IS-IS instance 2: Default SRGB [16,000-23,999] - This instance inherits default values. When creating a new instance within Cisco XR, the default value will always be [16,000-23,999] as it inherits the default SRGB value

Example 2, case 2:

In this scenario, we globally modify the default segment routing from [16,000-23,999] to [50,000 - 59,999], so all instances will inherit the value [50,000 - 59,999].

IS-IS instance 1: Default SRGB [50,000 - 59,999]. IS-IS instance 2: Default SRGB [50,000 - 59,999].

TIP:

According to Cisco’s technical documentation (Segment Routing - Segment Routing Global Block (SRGB)), it is recommended to follow best practices when using the default label range [16,000-23,999] within the same SRGB domain in a Segment Routing network. This recommendation is based on the idea of simplifying the troubleshooting process and making routing management more manageable and efficient.

While it is technically possible to assign a non-default label range between 16,000 and 1,048,575 within the same SRGB domain, this is not recommended due to potential performance issues that may arise in the network. Combining a default range with a non-default one can complicate network operation and maintenance, which could result in additional challenges in troubleshooting and optimizing routing performance. Therefore, it is better to follow recommended practices and use the default label range to ensure optimal operation and efficient management of the Segment Routing network.

SRLB

SRLB enables each node to have its own range of MPLS labels for segmentation, optimizing routing and providing greater flexibility in traffic management within a Segment Routing-based network.

SRLB Is used mainly for two purposes

• First one is for static adjacency SIDs values
• the second one is for static binding SIDs.

SRLB

• 15000 – 15999 Range (default SRLB range , Falls under the static MPLS labels range(Usually have protocols like mpls-tp and pseudo wired values.))
• Used with manual Adjacency and Binding SIDs

Router Capability

S (Scope) set means leak propagate TLV between Levels

D (Down) is set When TLV is leaked from L2 to L1

I (IPv4) is set if SR is enabled under IPv4 AF

V (IPv6) is set if SR is enabled under IPv6 AF

Supported Algorithms

The S and D flags typically remain at 0, while the I and V flags indicate activation of the address family, either for IPv4 or IPv6. If it’s IPv4 , it will be displayed as I:1, and if it’s IPv6 , it would be V:1, depending on the case. Additionally, there’s the algorithm associated with the prefix-SID, where 0 represents SPF and 1 represents strict SPF (shortest path). Therefore, from the output, it can be deduced that both algorithms are understood.

In the following output, Adjacency-SIDs (SRLB) are identifiers associated with each adjacency between routers. In this case, Adjacency-SIDs 24006, 24007, 24010, and 24011 are assigned to the adjacencies between the routers. The function of the SRLB is to provide a locally significant identifier for each adjacency, facilitating efficient packet forwarding and traffic engineering within the network.

Prefix-SID

Prefix-SIDs are associated with a specific network prefix and are used to determine the path that a packet should follow in the network.

IGP Segments

Prefix-SID

• V (Value): Always 0; set if we advertise obsolete Value.(It is the label value we use for the MPLS label index.)
• Absolute_Index + SRGB
• L (Local): Always 0; set if we advertise local significance SID. If we advertise a local significance set And we don’t have a possibility to make them local.

KEY: V and L : these two flags will always be zero.

• P (no-PHP): 0 by default; 1 if we disable PHP.
• E (Explicit-Null): 0 by default; 1 if prefix is propagated or redistributed. stop popping the top label instead.-The explicit null means disabling PHP.
• R (Re-Advertisement) 0 by default; 1 if prefix is propagatedor redistributeset to one if a prefix gets propagated from one level to the other, or if that prefix is being redistributed from another protocol. So if this R value gets set to one the P np the no NP flag, so the P flag automatically gets set to one also.
• N (Node-SID): 1 by default; 0 for anycast SIDs. (It is one by default because the prefix set purpose is to identify a specific unique node. So it’s usually a loopback that gets mapped to a node set, and that loopback will also be the router ID and also the BGP next hop and so on.)

TI-LFA (Topology independent loop free alternate)

It is a routing protection technique associated with Segment Routing (SR) that provides alternative backup paths without requiring detailed information about the network topology. Instead of relying on path calculations based on the global network topology, TI-LFA uses the Segment Routing infrastructure to enable each node in the network to calculate alternative routes locally.

FRR (Fast ReRoute )usually associated with RSVP

• Link-protecting or node-protecting
• Facility based; does not consider any prefix

IPFRR

• LFA precomputes a loop-free backup path
• Some topologies (e.g. ring) doesn”t permit it

TI-LFA

• 100% coverage

• Backup path can be link-protecting, node-protecting or even SRLG disjoint

• Uses the post-convergence path as backup path

The study of the size of the repair segment list in the path following convergence in the context of Topology Independent Loop-Free Alternate (TI-LFA) reveals significant findings regarding the efficiency and scalability of this routing protection approach. In environments with symmetric metrics and in situations where link protection is implemented, it has been observed that the maximum size of the repair segment list is ≤ 2 segments. This underscores TI-LFA’s ability to provide effective and direct protection with minimal complexity in networks with these characteristics.

In contrast, in networks with asymmetric metrics, or when node or Shared Risk Link Group (SRLG) protection is implemented, no theoretical limit has been found for the size of the repair segment list. However, in practice, most cases are considerably less complex.

Taking the use case of Orange as a paradigmatic example, it is evident that for 100% link protection, 100% of scenarios require a maximum of ≤ 2 segments in the backup path. This highlights the inherent efficiency of TI-LFA in link protection, with minimal segment overhead.

In the case of 100% node protection, the analysis demonstrates that 99.72% of scenarios require a maximum of ≤ 2 segments in the backup path. Only a small percentage, 0.04%, requires a maximum of 4 segments. These results indicate that TI-LFA is highly effective even in more complex scenarios, maintaining simplicity and efficiency in node protection.

A deeper analysis of TI-LFA in nine real service provider networks shows that the vast majority of destinations are protected using 0 or 1 segment in the backup path. Cases requiring 2 segments are rare, and never more than 4 segments are needed. This real-world analysis confirms the robustness and scalability of TI-LFA in real-world network environments.

IS-IS Configuration for FRR(tiebreaker):

router is-is 1

address-family ipv4 unicast

fast-reroute per-prefix tiebreaker node-protecting index 101

• Enable Fast Reroute (FRR) in IS-IS for IPv4 unicast.
• Use the “per-prefix” tiebreaker to select backup routes.
• Configure node protection to ensure node resilience.
• Index 101 identifies this specific configuration.

TI-LFA Configuration on the Interface:

interface GigabitEthernet0/0/0/5

address-family ipv4 unicast

fast-reroute per-prefix

fast-reroute per-prefix ti-lfa

• Enable Fast Reroute (FRR) on interface GigabitEthernet0/0/0/5 for IPv4 unicast.
• Configure prefix-based fast rerouting on the interface.
• Enable the “ti-lfa” method to provide topology-independent backup routes.

The (SRLG) Disjointness for Fast Reroute (FRR) on a Cisco IOS XR router running ISIS (Intermediate System to Intermediate System) for IPv4 unicast routing. Here are the details:

SRLG Configuration:

srlg interface GigabitEthernet0/0/0/5

name RED !

interface GigabitEthernet0/0/0/6

name RED !

interface GigabitEthernet0/0/0/9

name RED !

name RED value 1

• Define a Shared Risk Link Group (SRLG) named “RED” with a value of 1.
• Associate interfaces GigabitEthernet0/0/0/5, GigabitEthernet0/0/0/6, and GigabitEthernet0/0/0/9 with the SRLG “RED”.

Key: Segment Routing - Topology Independent LFA (TI-LFA) and uloop avoidance

This is only part 1 of my SR study, I hope you enjoyed it.