Monday, January 14, 2013

MPLS TE FRR




Issue

In this example we will go through Normal MPLS TE configuration to establish connectivity between our CEs: R1 and R5 and then we will implement FRR and see how we can maintain our network using this feature

ISIS area 0 is the IGP used inside the backbone and static routing is the protocol implemented on CE-PE connections

Configuration

R1

R1#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.12.1 255.255.255.0
 speed 100
 duplex full

R1#sh run int lo0
interface Loopback0
 ip address 1.1.1.1 255.255.255.255

R1#sh run | sec ip route
ip route 0.0.0.0 0.0.0.0 192.1.12.2

R2

R2#sh run int f1/0
interface FastEthernet1/0
 vrf forwarding MSSK
 ip address 192.1.12.2 255.255.255.0
 speed 100
 duplex full

R2#sh run int f1/1
interface FastEthernet1/1
 ip address 192.1.23.2 255.255.255.0
 ip router isis
 speed 100
 duplex full
 mpls traffic-eng tunnels
 ip rsvp bandwidth

R2#sh run int f2/0
interface FastEthernet2/0
 ip address 192.1.26.2 255.255.255.0
 ip router isis
 speed 100
 duplex full
 mpls traffic-eng tunnels
 ip rsvp bandwidth

R2#sh run int lo0
interface Loopback0
 ip address 2.2.2.2 255.255.255.255

mpls traffic-eng tunnels

R2#sh run | sec ip expli
ip explicit-path name TO_R4 enable
 next-address 3.3.3.3
 next-address 7.7.7.7
 next-address 4.4.4.4

R2#sh run int tun0
interface Tunnel0
 ip unnumbered Loopback0
 tunnel mode mpls traffic-eng
 tunnel destination 4.4.4.4
 tunnel mpls traffic-eng autoroute announce
 tunnel mpls traffic-eng path-option 1 explicit name TO_R4
 tunnel mpls traffic-eng fast-reroute

router isis
 net 49.0001.0000.0000.0002.00
 is-type level-2-only
 metric-style wide
 passive-interface Loopback0
 mpls traffic-eng router-id Loopback0
 mpls traffic-eng level-2

R2#sh run | sec router bgp
router bgp 100
 bgp log-neighbor-changes
 no bgp default ipv4-unicast
 neighbor 4.4.4.4 remote-as 100
 neighbor 4.4.4.4 update-source Loopback0
 !
 address-family ipv4
 exit-address-family
 !
 address-family vpnv4
  neighbor 4.4.4.4 activate
  neighbor 4.4.4.4 send-community both
 exit-address-family
 !
 address-family ipv4 vrf MSSK
  network 1.1.1.1 mask 255.255.255.255
  network 192.1.12.0
 exit-address-family

R2#sh run | sec vrf def
vrf definition MSSK
 rd 100:1
 route-target export 100:1
 route-target import 100:1
 !
 address-family ipv4
 exit-address-family

ip route 1.1.1.1 255.255.255.255 192.1.12.1

R3

R3#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.23.3 255.255.255.0
 ip router isis
 speed 100
 duplex full
 mpls traffic-eng tunnels
 ip rsvp bandwidth

R3#sh run int f1/1
interface FastEthernet1/1
 ip address 192.1.34.3 255.255.255.0
 ip router isis
 speed 100
 duplex full
 mpls traffic-eng tunnels
 ip rsvp bandwidth

R3#sh run int f2/0
interface FastEthernet2/0
 ip address 192.1.36.3 255.255.255.0
 ip router isis
 speed 100
 duplex full
 mpls traffic-eng tunnels
 ip rsvp bandwidth

R3#sh run int f2/1
interface FastEthernet2/1
 ip address 192.1.37.3 255.255.255.0
 ip router isis
 shutdown
 speed 100
 duplex full
 mpls traffic-eng tunnels
 mpls traffic-eng backup-path Tunnel0
 ip rsvp bandwidth

R3#sh run int lo0
interface Loopback0
 ip address 3.3.3.3 255.255.255.255

R3#sh run | sec router isis
router isis
 net 49.0001.0000.0000.0003.00
 is-type level-2-only
 metric-style wide
 passive-interface Loopback0
 mpls traffic-eng router-id Loopback0
 mpls traffic-eng level-2

mpls traffic-eng tunnels

R3#sh run | sec ip expli
ip explicit-path name EX enable
 exclude-address 192.1.37.7
 exclude-address 192.1.37.3

R3#sh run int tun0
interface Tunnel0
 ip unnumbered Loopback0
 tunnel mode mpls traffic-eng
 tunnel destination 7.7.7.7
 tunnel mpls traffic-eng path-option 1 explicit name EX

R4

R4#sh run int f1/0
interface FastEthernet1/0
 vrf forwarding MSSK
 ip address 192.1.45.4 255.255.255.0
 speed 100
 duplex full

R4#sh run int f1/1
interface FastEthernet1/1
 ip address 192.1.34.4 255.255.255.0
 ip router isis
 speed 100
 duplex full
 mpls traffic-eng tunnels
 ip rsvp bandwidth

R4#sh run int f2/0
interface FastEthernet2/0
 ip address 192.1.47.4 255.255.255.0
 ip router isis
 speed 100
 duplex full
 mpls traffic-eng tunnels
 ip rsvp bandwidth

R4#sh run int lo0
interface Loopback0
 ip address 4.4.4.4 255.255.255.255

R4#sh run | sec router isis
router isis
 net 49.0001.0000.0000.0004.00
 is-type level-2-only
 metric-style wide
 passive-interface Loopback0
 mpls traffic-eng router-id Loopback0
 mpls traffic-eng level-2

R4#sh run | sec router bgp
router bgp 100
 bgp log-neighbor-changes
 no bgp default ipv4-unicast
 neighbor 2.2.2.2 remote-as 100
 neighbor 2.2.2.2 update-source Loopback0
 !
 address-family ipv4
 exit-address-family
 !
 address-family vpnv4
  neighbor 2.2.2.2 activate
  neighbor 2.2.2.2 send-community both
 exit-address-family
 !
 address-family ipv4 vrf MSSK
  network 5.5.5.5 mask 255.255.255.255
  network 192.1.45.0
 exit-address-family

mpls traffic-eng tunnels

R4#sh run | sec vrf def
vrf definition MSSK
 rd 100:1
 route-target export 100:1
 route-target import 100:1
 !
 address-family ipv4
 exit-address-family

R4#sh run int tun0
interface Tunnel0
 ip unnumbered Loopback0
 tunnel mode mpls traffic-eng
 tunnel destination 2.2.2.2
 tunnel mpls traffic-eng autoroute announce
 tunnel mpls traffic-eng path-option 1 explicit name TO_R2
 tunnel mpls traffic-eng fast-reroute

R4#sh run | sec ip expli
ip explicit-path name TO_R2 enable
 next-address 7.7.7.7
 next-address 6.6.6.6
 next-address 2.2.2.2

R4#sh run | sec ip route
ip route vrf MSSK 5.5.5.5 255.255.255.255 192.1.45.5

R5

R5#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.45.5 255.255.255.0
 speed 100
 duplex full

R5#sh run int lo0
interface Loopback0
 ip address 5.5.5.5 255.255.255.255

R5#sh run | sec ip route
ip route 0.0.0.0 0.0.0.0 192.1.45.4

R6

R6#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.26.6 255.255.255.0
 ip router isis
 speed 100
 duplex full
 mpls traffic-eng tunnels
 ip rsvp bandwidth

R6#sh run int f1/1
interface FastEthernet1/1
 ip address 192.1.67.6 255.255.255.0
 ip router isis
 speed 100
 duplex full
 mpls traffic-eng tunnels
 ip rsvp bandwidth

R6#sh run int f2/0
interface FastEthernet2/0
 ip address 192.1.36.6 255.255.255.0
 ip router isis
 speed 100
 duplex full
 mpls traffic-eng tunnels
 ip rsvp bandwidth

R6#sh run int lo0
interface Loopback0
 ip address 6.6.6.6 255.255.255.255

mpls traffic-eng tunnels
R6#sh run | sec router isis
router isis
 net 49.0001.0000.0000.0006.00
 is-type level-2-only
 metric-style wide
 passive-interface Loopback0
 mpls traffic-eng router-id Loopback0
 mpls traffic-eng level-2

R7

R7#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.47.7 255.255.255.0
 ip router isis
 speed 100
 duplex full
 mpls traffic-eng tunnels
 ip rsvp bandwidth

R7#sh run int f1/1
interface FastEthernet1/1
 ip address 192.1.67.7 255.255.255.0
 ip router isis
 speed 100
 duplex full
 mpls traffic-eng tunnels
 mpls traffic-eng backup-path Tunnel0
 ip rsvp bandwidth

R7#sh run int f2/0
interface FastEthernet2/0
 ip address 192.1.37.7 255.255.255.0
 ip router isis
 speed 100
 duplex full
 mpls traffic-eng tunnels
 ip rsvp bandwidth

R7#sh run int lo0
interface Loopback0
 ip address 7.7.7.7 255.255.255.255

mpls traffic-eng tunnels

R7#sh run | sec router isis
router isis
 net 49.0001.0000.0000.0007.00
 is-type level-2-only
 metric-style wide
 passive-interface Loopback0
 mpls traffic-eng router-id Loopback0
 mpls traffic-eng level-2

R7#sh run int tun0
interface Tunnel0
 ip unnumbered Loopback0
 tunnel mode mpls traffic-eng
 tunnel destination 6.6.6.6
 tunnel mpls traffic-eng path-option 1 explicit name EX

R7#sh run | sec ip expli
ip explicit-path name EX enable
 exclude-address 192.1.67.6
 exclude-address 192.1.67.7
 


Verification

R1#sh ip route 0.0.0.0
Routing entry for 0.0.0.0/0, supernet
  Known via "static", distance 1, metric 0, candidate default path
  Routing Descriptor Blocks:
  * 192.1.12.2
      Route metric is 0, traffic share count is 1
R1#ping 5.5.5.5 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/28/44 ms
R1#traceroute 5.5.5.5 source lo0
Type escape sequence to abort.
Tracing the route to 5.5.5.5
VRF info: (vrf in name/id, vrf out name/id)
  1 192.1.12.2 4 msec 4 msec 4 msec
  2 192.1.23.3 [MPLS: Labels 17/16 Exp 0] 28 msec 24 msec 24 msec
  3 192.1.37.7 [MPLS: Labels 17/16 Exp 0] 28 msec 24 msec 24 msec
  4 192.1.45.4 [MPLS: Label 16 Exp 0] 24 msec 20 msec 20 msec
  5 192.1.45.5 28 msec 24 msec *

As can be seen that the packet is following the explicit path configured

Now, on R2 we can see that the Fast Reroute Protection is requested

R2#sh mpls traffic-eng tunnels protection

P2P TUNNELS:
R2_t0
  LSP Head, Tunnel0, Admin: up, Oper: up
  Src 2.2.2.2, Dest 4.4.4.4, Instance 200
  Fast Reroute Protection: Requested
    Outbound: Unprotected: no backup tunnel assigned
      LSP signalling info:
        Original: out i/f: Fa1/1, label: 17, nhop: 192.1.23.3
                  nnhop: 7.7.7.7; nnhop rtr id: 7.7.7.7
  Path Protection: None

P2MP TUNNELS:

Now, let us shutdown the interface connecting R3 to R7 (Which is supposed to be a link in the explicit path)

R3(config)#interface fastEthernet 2/1
R3(config-if)#shutdown

Now, let us trace again from R1 to R5 loopback 0 interface

R1#traceroute 5.5.5.5 source lo0
Type escape sequence to abort.
Tracing the route to 5.5.5.5
VRF info: (vrf in name/id, vrf out name/id)
  1 192.1.12.2 16 msec 4 msec 4 msec
  2 192.1.23.3 [MPLS: Labels 17/16 Exp 0] 28 msec 28 msec 24 msec
  3 192.1.34.4 [MPLS: Labels 18/17/16 Exp 0] 44 msec 24 msec 28 msec
  4 192.1.47.7 [MPLS: Labels 17/16 Exp 0] 28 msec 24 msec 28 msec
  5 192.1.45.4 [MPLS: Label 16 Exp 0] 24 msec 24 msec 24 msec
  6 192.1.45.5 28 msec 24 msec *

We can see that an additional label has been added as the link which is supposed to be in the explicit path is now broken
Also noticed that the packet get back again to R4 even though it can be logically asked why not to go to R4 directly? Because the packet is following the explicit path

R3#sh mpls traffic-eng fast-reroute database
P2P Headend FRR information:
Protected tunnel               In-label Out intf/label   FRR intf/label   Status
---------------------------    -------- --------------   --------------   ------

P2P LSP midpoint frr information:
LSP identifier                 In-label Out intf/label   FRR intf/label   Status
---------------------------    -------- --------------   --------------   ------
2.2.2.2 0 [200]                17       Fa2/1:17         Tu0:17           active

P2MP Sub-LSP FRR information:
*Sub-LSP identifier
src_lspid[subid]->dst_tunid    In-label Out intf/label   FRR intf/label   Status
---------------------------    -------- --------------   --------------   ------

* Sub-LSP identifier format: <TunSrc>_<LSP_ID>[SubgroupID]-><TunDst>_<Tun_ID>
  Note: Sub-LSP identifier may be truncated.
  Use 'detail' display for the complete key
 
Posted by at 1 comment:
Subscribe to: Posts (Atom)