on 04-10-2019 12:28 AM
MPLS has been the leader in providing VPN service in the past days with the association of LDP for label distribution to achieve the necessary operation for traffic forwarding (not to forget that BGP is used in some cases for label assignment, but the focus in this example is LDP).
We will be using to the below topology to demonstrate the scope of this document and we will be starting with normal MPLS L3VPN service with dependence on LDP for label distribution.
Let us describe the topology in brief: We have two CEs that needs to communicate over MPLS backbone and they are using BGP as their protocol with AS # 10.
As well, we have two MPLS service PEs who are handling the transport of the prefixes of concern with flat ISIS level 2 as the IGP running inside the backbone.
The relations involved in setting up the communication path are illustrated simply in the below figure:
Talking from design perspective and choosing the running protocols assuming unmanaged CE option and direct communication between MPLS service PEs , please refer to the below figure:
Now, let us dig deep in the label assignments (for the sake of demonstration, I have changed the label allocation range for each device following the scheme: PE1 (16100 – 16199), PE2 (16200 – 16299) and so on.
Note: IOS XR label assignment range starts with 16000, on contrary IOS software starts from the range of 16.
RP/0/0/CPU0:PE1#show cef vrf MSSK 10.10.7.0
Tue Apr 9 06:59:44.570 UTC
10.10.7.0/24, version 7, internal 0x1000001 0x0 (ptr 0xa13b0f74) [1], 0x0 (0x0), 0x200 (0xa152c0f0)
Updated Apr 8 13:21:40.189
local adjacency 172.16.17.7
Prefix Len 24, traffic index 0, precedence n/a, priority 3
via 172.16.17.7, 2 dependencies, recursive, bgp-ext [flags 0x6020]
path-idx 0 NHID 0x0 [0xa13b0ef4 0x0]
next hop 172.16.17.7 via 172.16.17.7/32
local label 16100
next hop 172.16.17.7/32 Gi0/0/0/2 labels imposed {None}
RP/0/0/CPU0:PE1# show bgp vpnv4 unicast labels
Tue Apr 9 08:34:32.380 UTC
BGP router identifier 1.1.1.1, local AS number 1
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 7
BGP NSR Initial initsync version 3 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
Route Distinguisher: 1:1 (default for vrf MSSK)
*> 10.10.7.0/24 172.16.17.7 nolabel 16100
*>i10.10.8.0/24 2.2.2.2 16200 nolabel
RP/0/0/CPU0:PE1#show mpls forwarding
Tue Apr 9 06:59:03.893 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16100 Unlabelled 10.10.7.0/24[V] Gi0/0/0/2 172.16.17.7 17330
16101 Pop 3.3.3.3/32 Gi0/0/0/0 192.168.13.3 115899
16102 Pop 192.168.36.0/24 Gi0/0/0/0 192.168.13.3 0
16103 Pop 192.168.34.0/24 Gi0/0/0/0 192.168.13.3 0
16104 16302 4.4.4.4/32 Gi0/0/0/0 192.168.13.3 0
16105 16303 192.168.24.0/24 Gi0/0/0/0 192.168.13.3 0
16106 16304 2.2.2.2/32 Gi0/0/0/0 192.168.13.3 97699
16504 2.2.2.2/32 Gi0/0/0/1 192.168.15.5 668
16107 16305 192.168.26.0/24 Gi0/0/0/0 192.168.13.3 0
16507 192.168.26.0/24 Gi0/0/0/1 192.168.15.5 0
16108 Pop 192.168.56.0/24 Gi0/0/0/1 192.168.15.5 0
16109 16307 6.6.6.6/32 Gi0/0/0/0 192.168.13.3 0
16509 6.6.6.6/32 Gi0/0/0/1 192.168.15.5 0
16110 Pop 5.5.5.5/32 Gi0/0/0/1 192.168.15.5 71344
RP/0/0/CPU0:PE2#show mpls forwarding
Tue Apr 9 07:04:02.402 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16200 Unlabelled 10.10.8.0/24[V] Gi0/0/0/2 172.16.28.8 18514
16201 Pop 4.4.4.4/32 Gi0/0/0/0 192.168.24.4 115664
16202 Pop 192.168.34.0/24 Gi0/0/0/0 192.168.24.4 0
16203 16400 3.3.3.3/32 Gi0/0/0/0 192.168.24.4 0
16600 3.3.3.3/32 Gi0/0/0/1 192.168.26.6 0
16204 16403 1.1.1.1/32 Gi0/0/0/0 192.168.24.4 107684
16606 1.1.1.1/32 Gi0/0/0/1 192.168.26.6 14204
16205 Pop 192.168.36.0/24 Gi0/0/0/1 192.168.26.6 0
16206 16602 192.168.15.0/24 Gi0/0/0/1 192.168.26.6 0
16207 16402 192.168.13.0/24 Gi0/0/0/0 192.168.24.4 1032
16604 192.168.13.0/24 Gi0/0/0/1 192.168.26.6 1432
16208 Pop 192.168.56.0/24 Gi0/0/0/1 192.168.26.6 0
16209 Pop 6.6.6.6/32 Gi0/0/0/1 192.168.26.6 1980
16210 16608 5.5.5.5/32 Gi0/0/0/1 192.168.26.6 0
RP/0/0/CPU0:XR6-P4#show mpls forwarding
Tue Apr 9 07:06:42.561 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16600 Pop 3.3.3.3/32 Gi0/0/0/2 192.168.36.3 2216
16601 Pop 2.2.2.2/32 Gi0/0/0/1 192.168.26.2 13237
16602 Pop 192.168.15.0/24 Gi0/0/0/0 192.168.56.5 0
16603 Pop 192.168.34.0/24 Gi0/0/0/2 192.168.36.3 0
16604 Pop 192.168.13.0/24 Gi0/0/0/2 192.168.36.3 1392
16605 Pop 192.168.24.0/24 Gi0/0/0/1 192.168.26.2 0
16606 16500 1.1.1.1/32 Gi0/0/0/0 192.168.56.5 9214
16300 1.1.1.1/32 Gi0/0/0/2 192.168.36.3 1026
16607 16201 4.4.4.4/32 Gi0/0/0/1 192.168.26.2 0
16302 4.4.4.4/32 Gi0/0/0/2 192.168.36.3 0
16608 Pop 5.5.5.5/32 Gi0/0/0/0 192.168.56.5 145824
CE1#traceroute 10.10.8.8 source lo1 numeric
Type escape sequence to abort.
Tracing the route to 10.10.8.8
VRF info: (vrf in name/id, vrf out name/id)
1 172.16.17.1 12 msec 12 msec 8 msec
2 192.168.13.3 [MPLS: Labels 16304/16200 Exp 0] 28 msec 20 msec 20 msec
3 192.168.36.6 [MPLS: Labels 16601/16200 Exp 0] 20 msec 20 msec 20 msec
4 192.168.26.2 [MPLS: Label 16200 Exp 0] 20 msec 20 msec 20 msec
5 172.16.28.8 20 msec * 20 msec
Now as we have a converged network and communication is in place between the CEs, we will now start with the migration process from LDP to SR (Segment-Routing).
Let us follow the steps one by one, but before moving forward it is worthy to mention that we have two migration strategies:
What we will start with is ships in the night migration strategy.
The basic lines needed to enable segment-routing are (not to forget that wide metrics are needed):
router isis 1
address-family ipv4 unicast
segment-routing mpls
Monitoring the console screen, I have faced the below log message:
RP/0/0/CPU0:PE1#RP/0/0/CPU0:Apr 9 07:26:58.288 : isis[1006]: %ROUTING-ISIS-4-SRGB_ALLOC_FAIL : SRGB allocation failed: 'SRGB reservation not successful for [16000,23999], srgb=(16000 23999, SRGB_ALLOC_CONFIG_PENDING, 0x2) (So far 64 attempts). Make sure label range is free'
That means we are facing some issues in the SRBG range used by segment routing.
RP/0/0/CPU0:PE1(config-isis)#segment-routing global-block ?
<16000-1048574> The lower bound of the SRGB
As we can see from the above command, the SRGB block assignments starts with 16000
It is recommended to use the same range of SRGB among all devices within a network, so the command to use for this purpose is:
router isis 1
segment-routing global-block 90000 99000
RP/0/0/CPU0:PE1#show isis database verbose | include SRGB
Tue Apr 9 09:28:00.491 UTC
Segment Routing: I:1 V:0, SRGB Base: 90000 Range: 9001
Segment Routing: I:1 V:0, SRGB Base: 90000 Range: 9001
Segment Routing: I:1 V:0, SRGB Base: 90000 Range: 9001
Segment Routing: I:1 V:0, SRGB Base: 90000 Range: 9001
Segment Routing: I:1 V:0, SRGB Base: 90000 Range: 9001
Segment Routing: I:1 V:0, SRGB Base: 90000 Range: 9001
The status now is that both LDP and SR are working together inside the network and the communication is still in place , what next to be done is to instruct the routers to prefer SR label assignments/bindings over the already used ones generated by LDP.
router isis 1
address-family ipv4 unicast
segment-routing mpls sr-prefer
Let us check now the MPLS forwarding table to see the result:
RP/0/0/CPU0:PE1#show mpls forwarding
Tue Apr 9 09:30:36.650 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16100 Unlabelled 10.10.7.0/24[V] Gi0/0/0/2 172.16.17.7 35514
16101 Pop 3.3.3.3/32 Gi0/0/0/0 192.168.13.3 1020
16102 Pop 192.168.36.0/24 Gi0/0/0/0 192.168.13.3 0
16103 Pop 192.168.34.0/24 Gi0/0/0/0 192.168.13.3 0
16104 16302 4.4.4.4/32 Gi0/0/0/0 192.168.13.3 0
16105 16303 192.168.24.0/24 Gi0/0/0/0 192.168.13.3 0
16106 16304 2.2.2.2/32 Gi0/0/0/0 192.168.13.3 189
16504 2.2.2.2/32 Gi0/0/0/1 192.168.15.5 0
16107 16305 192.168.26.0/24 Gi0/0/0/0 192.168.13.3 0
16507 192.168.26.0/24 Gi0/0/0/1 192.168.15.5 0
16108 Pop 192.168.56.0/24 Gi0/0/0/1 192.168.15.5 0
16109 16307 6.6.6.6/32 Gi0/0/0/0 192.168.13.3 0
16509 6.6.6.6/32 Gi0/0/0/1 192.168.15.5 0
16110 Pop 5.5.5.5/32 Gi0/0/0/1 192.168.15.5 0
16111 Pop No ID Gi0/0/0/0 192.168.13.3 0
16112 Pop No ID Gi0/0/0/1 192.168.15.5 0
90200 90200 No ID Gi0/0/0/0 192.168.13.3 5312
90200 No ID Gi0/0/0/1 192.168.15.5 0
90400 90400 No ID Gi0/0/0/0 192.168.13.3 0
90500 Pop No ID Gi0/0/0/0 192.168.13.3 450
90600 90600 No ID Gi0/0/0/0 192.168.13.3 0
90600 No ID Gi0/0/0/1 192.168.15.5 0
Checking from the CE side:
CE1#traceroute 10.10.8.8 source lo1 numeric
Type escape sequence to abort.
Tracing the route to 10.10.8.8
VRF info: (vrf in name/id, vrf out name/id)
1 172.16.17.1 4 msec 8 msec 12 msec
2 192.168.13.3 [MPLS: Labels 90200/16200 Exp 0] 24 msec 20 msec 20 msec
3 192.168.36.6 [MPLS: Labels 90200/16200 Exp 0] 20 msec 20 msec 20 msec
4 192.168.26.2 [MPLS: Label 16200 Exp 0] 20 msec 20 msec 20 msec
5 172.16.28.8 20 msec * 20 msec
RP/0/0/CPU0:PE1#show cef vrf MSSK 10.10.8.0
Tue Apr 9 09:32:25.053 UTC
10.10.8.0/24, version 12, internal 0x5000001 0x0 (ptr 0xa13b11f4) [1], 0x0 (0x0), 0x208 (0xa152c118)
Updated Apr 9 09:22:50.843
Prefix Len 24, traffic index 0, precedence n/a, priority 3
via 2.2.2.2, 3 dependencies, recursive [flags 0x6000]
path-idx 0 NHID 0x0 [0xa1594674 0x0]
recursion-via-/32
next hop VRF - 'default', table - 0xe0000000
next hop 2.2.2.2 via 90200/0/21
next hop 192.168.13.3/32 Gi0/0/0/0 labels imposed {90200 16200}
next hop 192.168.15.5/32 Gi0/0/0/1 labels imposed {90200 16200}
Let us now remove LDP from the network to make sure that everything is working as expected and running a continuous reachability test between the CEs to check.
CE1#ping 10.10.8.8 source lo1 repeat 1000000
Type escape sequence to abort.
Sending 1000000, 100-byte ICMP Echos to 10.10.8.8, timeout is 2 seconds:
Packet sent with a source address of 10.10.7.7
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
We are great! No packet loss and we have successfully migrated without any caveats.
RP/0/0/CPU0:PE1#show mpls forwarding
Tue Apr 9 09:38:14.609 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16100 Unlabelled 10.10.7.0/24[V] Gi0/0/0/2 172.16.17.7 295262
16111 Pop No ID Gi0/0/0/0 192.168.13.3 0
16112 Pop No ID Gi0/0/0/1 192.168.15.5 0
90200 90200 No ID Gi0/0/0/0 192.168.13.3 285240
90200 No ID Gi0/0/0/1 192.168.15.5 0
90400 90400 No ID Gi0/0/0/0 192.168.13.3 0
90500 Pop No ID Gi0/0/0/0 192.168.13.3 1221
90600 90600 No ID Gi0/0/0/0 192.168.13.3 0
90600 No ID Gi0/0/0/1 192.168.15.5 0
The below flow diagram briefly describe what we have done to migrate successfully from LDP to SR:
Relevant configurations:
XR1:
router isis 1
is-type level-2-only
net 49.0001.0000.0000.0001.00
segment-routing global-block 90000 99000
address-family ipv4 unicast
metric-style wide
segment-routing mpls sr-prefer
!
interface Loopback0
address-family ipv4 unicast
prefix-sid index 1001
!
!
interface GigabitEthernet0/0/0/0
address-family ipv4 unicast
!
!
interface GigabitEthernet0/0/0/1
address-family ipv4 unicast
Very interesting. Good example.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: