Issue
In this
example we will go through Normal MPLS TE configuration to establish connectivity
between our CEs: R1 and R5 and then we will implement FRR and see how we can maintain
our network using this feature
ISIS area
0 is the IGP used inside the backbone and static routing is the protocol implemented
on CE-PE connections
Configuration
R1
R1#sh run int f1/0
interface FastEthernet1/0
ip address 192.1.12.1 255.255.255.0
speed 100
duplex full
R1#sh run int lo0
interface Loopback0
ip address 1.1.1.1 255.255.255.255
R1#sh run | sec ip route
ip route 0.0.0.0 0.0.0.0
192.1.12.2
R2
R2#sh run int f1/0
interface FastEthernet1/0
vrf forwarding MSSK
ip address 192.1.12.2 255.255.255.0
speed 100
duplex full
R2#sh run int f1/1
interface FastEthernet1/1
ip address 192.1.23.2 255.255.255.0
ip router isis
speed 100
duplex full
mpls traffic-eng tunnels
ip rsvp bandwidth
R2#sh run int f2/0
interface FastEthernet2/0
ip address 192.1.26.2 255.255.255.0
ip router isis
speed 100
duplex full
mpls traffic-eng tunnels
ip rsvp bandwidth
R2#sh run int lo0
interface Loopback0
ip address 2.2.2.2 255.255.255.255
mpls traffic-eng tunnels
R2#sh run | sec ip expli
ip explicit-path name
TO_R4 enable
next-address 3.3.3.3
next-address 7.7.7.7
next-address 4.4.4.4
R2#sh run int tun0
interface Tunnel0
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 4.4.4.4
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng path-option 1 explicit
name TO_R4
tunnel mpls traffic-eng fast-reroute
router isis
net 49.0001.0000.0000.0002.00
is-type level-2-only
metric-style wide
passive-interface Loopback0
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2
R2#sh run | sec router bgp
router bgp 100
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family vpnv4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community both
exit-address-family
!
address-family ipv4 vrf MSSK
network 1.1.1.1 mask 255.255.255.255
network 192.1.12.0
exit-address-family
R2#sh run | sec vrf def
vrf definition MSSK
rd 100:1
route-target export 100:1
route-target import 100:1
!
address-family ipv4
exit-address-family
ip route 1.1.1.1 255.255.255.255
192.1.12.1
R3
R3#sh run int f1/0
interface FastEthernet1/0
ip address 192.1.23.3 255.255.255.0
ip router isis
speed 100
duplex full
mpls traffic-eng tunnels
ip rsvp bandwidth
R3#sh run int f1/1
interface FastEthernet1/1
ip address 192.1.34.3 255.255.255.0
ip router isis
speed 100
duplex full
mpls traffic-eng tunnels
ip rsvp bandwidth
R3#sh run int f2/0
interface FastEthernet2/0
ip address 192.1.36.3 255.255.255.0
ip router isis
speed 100
duplex full
mpls traffic-eng tunnels
ip rsvp bandwidth
R3#sh run int f2/1
interface FastEthernet2/1
ip address 192.1.37.3 255.255.255.0
ip router isis
shutdown
speed 100
duplex full
mpls traffic-eng tunnels
mpls traffic-eng backup-path Tunnel0
ip rsvp bandwidth
R3#sh run int lo0
interface Loopback0
ip address 3.3.3.3 255.255.255.255
R3#sh run | sec router
isis
router isis
net 49.0001.0000.0000.0003.00
is-type level-2-only
metric-style wide
passive-interface Loopback0
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2
mpls traffic-eng tunnels
R3#sh run | sec ip expli
ip explicit-path name EX
enable
exclude-address 192.1.37.7
exclude-address 192.1.37.3
R3#sh run int tun0
interface Tunnel0
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 7.7.7.7
tunnel mpls traffic-eng path-option 1 explicit
name EX
R4
R4#sh run int f1/0
interface FastEthernet1/0
vrf forwarding MSSK
ip address 192.1.45.4 255.255.255.0
speed 100
duplex full
R4#sh run int f1/1
interface FastEthernet1/1
ip address 192.1.34.4 255.255.255.0
ip router isis
speed 100
duplex full
mpls traffic-eng tunnels
ip rsvp bandwidth
R4#sh run int f2/0
interface FastEthernet2/0
ip address 192.1.47.4 255.255.255.0
ip router isis
speed 100
duplex full
mpls traffic-eng tunnels
ip rsvp bandwidth
R4#sh run int lo0
interface Loopback0
ip address 4.4.4.4 255.255.255.255
R4#sh run | sec router
isis
router isis
net 49.0001.0000.0000.0004.00
is-type level-2-only
metric-style wide
passive-interface Loopback0
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2
R4#sh run | sec router bgp
router bgp 100
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
exit-address-family
!
address-family ipv4 vrf MSSK
network 5.5.5.5 mask 255.255.255.255
network 192.1.45.0
exit-address-family
mpls traffic-eng tunnels
R4#sh run | sec vrf def
vrf definition MSSK
rd 100:1
route-target export 100:1
route-target import 100:1
!
address-family ipv4
exit-address-family
R4#sh run int tun0
interface Tunnel0
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 2.2.2.2
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng path-option 1 explicit
name TO_R2
tunnel mpls traffic-eng fast-reroute
R4#sh run | sec ip expli
ip explicit-path name
TO_R2 enable
next-address 7.7.7.7
next-address 6.6.6.6
next-address 2.2.2.2
R4#sh run | sec ip route
ip route vrf MSSK 5.5.5.5
255.255.255.255 192.1.45.5
R5
R5#sh run int f1/0
interface FastEthernet1/0
ip address 192.1.45.5 255.255.255.0
speed 100
duplex full
R5#sh run int lo0
interface Loopback0
ip address 5.5.5.5 255.255.255.255
R5#sh run | sec ip route
ip route 0.0.0.0 0.0.0.0
192.1.45.4
R6
R6#sh run int f1/0
interface FastEthernet1/0
ip address 192.1.26.6 255.255.255.0
ip router isis
speed 100
duplex full
mpls traffic-eng tunnels
ip rsvp bandwidth
R6#sh run int f1/1
interface FastEthernet1/1
ip address 192.1.67.6 255.255.255.0
ip router isis
speed 100
duplex full
mpls traffic-eng tunnels
ip rsvp bandwidth
R6#sh run int f2/0
interface FastEthernet2/0
ip address 192.1.36.6 255.255.255.0
ip router isis
speed 100
duplex full
mpls traffic-eng tunnels
ip rsvp bandwidth
R6#sh run int lo0
interface Loopback0
ip address 6.6.6.6 255.255.255.255
mpls traffic-eng tunnels
R6#sh run | sec router
isis
router isis
net 49.0001.0000.0000.0006.00
is-type level-2-only
metric-style wide
passive-interface Loopback0
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2
R7
R7#sh run int f1/0
interface FastEthernet1/0
ip address 192.1.47.7 255.255.255.0
ip router isis
speed 100
duplex full
mpls traffic-eng tunnels
ip rsvp bandwidth
R7#sh run int f1/1
interface FastEthernet1/1
ip address 192.1.67.7 255.255.255.0
ip router isis
speed 100
duplex full
mpls traffic-eng tunnels
mpls traffic-eng backup-path Tunnel0
ip rsvp bandwidth
R7#sh run int f2/0
interface FastEthernet2/0
ip address 192.1.37.7 255.255.255.0
ip router isis
speed 100
duplex full
mpls traffic-eng tunnels
ip rsvp bandwidth
R7#sh run int lo0
interface Loopback0
ip address 7.7.7.7 255.255.255.255
mpls traffic-eng tunnels
R7#sh run | sec router
isis
router isis
net 49.0001.0000.0000.0007.00
is-type level-2-only
metric-style wide
passive-interface Loopback0
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2
R7#sh run int tun0
interface Tunnel0
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 6.6.6.6
tunnel mpls traffic-eng path-option 1 explicit
name EX
R7#sh run | sec ip expli
ip explicit-path name EX
enable
exclude-address 192.1.67.6
exclude-address 192.1.67.7
Verification
R1#sh ip route 0.0.0.0
Routing entry for
0.0.0.0/0, supernet
Known via "static", distance 1,
metric 0, candidate default path
Routing Descriptor Blocks:
* 192.1.12.2
Route metric is 0, traffic share count is
1
R1#ping 5.5.5.5 source lo0
Type escape sequence to
abort.
Sending 5, 100-byte ICMP
Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source
address of 1.1.1.1
!!!!!
Success rate is 100
percent (5/5), round-trip min/avg/max = 24/28/44 ms
R1#traceroute 5.5.5.5
source lo0
Type escape sequence to
abort.
Tracing the route to
5.5.5.5
VRF info: (vrf in name/id,
vrf out name/id)
1 192.1.12.2 4 msec 4 msec 4 msec
2 192.1.23.3 [MPLS: Labels 17/16 Exp 0] 28
msec 24 msec 24 msec
3 192.1.37.7 [MPLS: Labels 17/16 Exp 0] 28
msec 24 msec 24 msec
4 192.1.45.4 [MPLS: Label 16 Exp 0] 24 msec
20 msec 20 msec
5 192.1.45.5 28 msec 24 msec *
As can be seen that the packet
is following the explicit path configured
Now, on R2 we can see that
the Fast Reroute Protection is requested
R2#sh mpls traffic-eng
tunnels protection
P2P TUNNELS:
R2_t0
LSP Head, Tunnel0, Admin: up, Oper: up
Src 2.2.2.2, Dest 4.4.4.4, Instance 200
Fast Reroute Protection: Requested
Outbound: Unprotected: no backup tunnel
assigned
LSP signalling info:
Original: out i/f: Fa1/1, label: 17,
nhop: 192.1.23.3
nnhop: 7.7.7.7; nnhop rtr id:
7.7.7.7
Path Protection: None
P2MP TUNNELS:
Now, let us shutdown the interface
connecting R3 to R7 (Which is supposed to be a link in the explicit path)
R3(config)#interface
fastEthernet 2/1
R3(config-if)#shutdown
Now, let us trace again from
R1 to R5 loopback 0 interface
R1#traceroute 5.5.5.5
source lo0
Type escape sequence to
abort.
Tracing the route to
5.5.5.5
VRF info: (vrf in name/id,
vrf out name/id)
1 192.1.12.2 16 msec 4 msec 4 msec
2 192.1.23.3 [MPLS: Labels 17/16 Exp 0] 28
msec 28 msec 24 msec
3 192.1.34.4 [MPLS: Labels 18/17/16 Exp 0] 44
msec 24 msec 28 msec
4 192.1.47.7 [MPLS: Labels 17/16 Exp 0] 28
msec 24 msec 28 msec
5 192.1.45.4 [MPLS: Label 16 Exp 0] 24 msec
24 msec 24 msec
6 192.1.45.5 28 msec 24 msec *
We can see that an additional
label has been added as the link which is supposed to be in the explicit path is
now broken
Also noticed that the packet
get back again to R4 even though it can be logically asked why not to go to R4 directly?
Because the packet is following the explicit path
R3#sh mpls traffic-eng
fast-reroute database
P2P Headend FRR
information:
Protected tunnel In-label Out intf/label FRR intf/label Status
--------------------------- -------- -------------- -------------- ------
P2P LSP midpoint frr
information:
LSP identifier In-label Out intf/label FRR intf/label Status
--------------------------- -------- -------------- -------------- ------
2.2.2.2 0 [200] 17 Fa2/1:17 Tu0:17 active
P2MP Sub-LSP FRR
information:
*Sub-LSP identifier
src_lspid[subid]->dst_tunid In-label Out intf/label FRR intf/label Status
--------------------------- -------- -------------- -------------- ------
* Sub-LSP identifier
format:
<TunSrc>_<LSP_ID>[SubgroupID]-><TunDst>_<Tun_ID>
Note: Sub-LSP identifier may be truncated.
Use 'detail' display for the complete key