TLOC preference question

maxnpj · ‎06-09-2021

I have this config on a remote-side device:

interface ge2/3
description “MPLS”
tunnel-interface
encapsulation ipsec preference 100
color private1 restrict

interface loopback1
description “Public-Internet”
tunnel-interface
encapsulation ipsec preference 200
color public-internet restrict

The preference I am setting on those tunnels....where can I observe that on another device? Is the preference that is being set on the tunnel interface what is shown on the far right using the "sh omp route 10.11.12.0/24" command?

DatacentervEdge#sh omp route 10.11.12.0/24 <-- remote-side network

VPN PREFIX               FROM PEER     ID       LABEL STATUS TYPE     TLOC IP   COLOR         ENCAP PREFERENCE
-----------------------------------------------------------------------------------------------------------
1     10.11.12.0/24   1.1.1.5          898816 1002     C,I,R     installed   1.2.3.4   public-internet ipsec      -
                                 1.1.1.5         898818 1002     C,I,R      installed   1.2.3.4 private1           ipsec    -

I am setting the broadband tunnel preference to be higher, on every vEdge, so when I go to the data center vEdge and "sh omp routes <prefix/mask>" for the remote-side prefix, I get the above output.....no preference...but on that same data center vEdge if I do "sh omp routes <prefix/mask> detail" for that same remote-side prefix I can see one of the routes was Recieved but not installed and the "loss-reason" is "tloc-preference" (Observe path-id 239205) but in each of those below outputs the "preference" is "not set"

show omp routes 10.11.12.0/24 detail

---------------------------------------------------
omp route entries for vpn 1 route 10.11.12.0/24
---------------------------------------------------
RECEIVED FROM:
peer 1.1.1.5
path-id 239203
label 1003
status C,I,R
loss-reason not set
lost-to-peer not set
lost-to-path-id not set
Attributes:
originator 5.6.7.8
type installed
tloc 5.6.7.8, public-internet, ipsec
ultimate-tloc not set
domain-id not set
overlay-id 1
site-id 7777
preference not set
tag
origin-proto iBGP
origin-metric 0
as-path not set
unknown-attr-len not set

RECEIVED FROM:
peer 1.1.1.5
path-id 239205
label 1003
status R
loss-reason tloc-preference
lost-to-peer 1.1.1.6
lost-to-path-id 126860
Attributes:
originator 5.6.7.8
type installed
tloc 5.6.7.8, private1, ipsec
ultimate-tloc not set
domain-id not set
overlay-id 1
site-id 7777
preference not set
tag
origin-proto iBGP
origin-metric 0
as-path not set
unknown-attr-len not set

RECEIVED FROM:
peer 1.1.1.6
path-id 126860
label 1003
status C,R
loss-reason not set
lost-to-peer not set
lost-to-path-id not set
Attributes:
originator 9.10.11.12
type installed
tloc 9.10.11.12, public-internet, ipsec
ultimate-tloc not set
domain-id not set
overlay-id 1
site-id 7777
preference not set
tag
origin-proto iBGP
origin-metric 0
as-path not set
unknown-attr-len not set

Kanan Huseynli · ‎06-09-2021

Hi,

in SD-WAN there are 3 types of routes: OMP routes (vRoutes); TLOC routes; Service routes.

Both OMP routes and TLOC routes have preference value. One is OMP route preference, another is OMP TLOC preference.

Basically, OMP route preference can be seen in "show omp routes" and TLOC route preference can be seen in "show omp tlocs".

You see -- preference or "not set" value in outputs, because show omp routes shows OMP routes, not TLOC routes. Use the second command to see values.

https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/routing/vEdge-20-x/routing-book/m-unicast-routing.html

Btw, your settings are in action. One route is resolved (so next-hop is available via tunnel), but is not installed due to tloc-preference. Based on OMP bestpath algorithm, route with higher TLOC preference preferred over route with lower TLOC preference, when both have the same OMP route preference.

HTH,

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

maxnpj · ‎06-10-2021

Kanan;

Thank you for answering my question...actually...you answered TWO of my posts today...so thank you for that. On this TLOC preference question though, I'm not quite following here.....again, I'm walking through "OMP path selection"...by now I'm on step 5 "OMP Route with higher TLOC Preference will be selected". I looked over the links you sent and reviewed the output from both commands, ("show omp routes" and "show omp tlocs"), but I'm still not sure how I determine the TLOC preference of any particular route. "show omp tlocs detail" shows the preference of a particular TLOC, but by looking at that output alone you would have no idea which color is associated with that TLOC.

So if I want to know the TLOC preference of a prefix 10.11.12.0/24 am I supposed to run "sh omp routes 10.11.12.0/24" look at that output and then run "sh omp tlocs" and somehow match up the two outputs?

I mean no sarcasm or snark in this post...I'm genuinely confused as to how I determine the higher TLOC preference.

Thanks

Kanan Huseynli · ‎06-10-2021

Hi,

yes, exactly. You mush look at two "database". First OMP route table (show omp routes). It includes not only OMP preference, but TLOC info (now TLOC preference, just TLOC). Then, you must search in TLOC table (show omp tlocs) for particular TLOC (you get it from OMP route table). TLOC preference is not part of OMP route (prefix route), but TLOC itself (system_ip, color, encapsulation) is part of OMP route. When device runs bestpath algorithm, it should check TLOC preference, in order to understand the value, it gets TLOC and finds TLOC preference in different table -that is TLOC route table.

HTH,

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.