Professional Documents
Culture Documents
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL
STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE
OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public
domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH
ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT
LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF
DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Nurse Connect, Cisco Pulse, Cisco SensorBase, Cisco StackPower,
Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip Mino, Flipshare (Design), Flip Ultra,
Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Capital,
Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store, Flip Gift Card, and One Million Acts of Green are service marks; and Access Registrar, Aironet, AllTouch,
AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo,
Cisco IOS, Cisco Lumin, Cisco Nexus, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation,
Continuum, EtherFast, EtherSwitch, Event Center, Explorer, Follow Me Browsing, GainMaker, iLYNX, IOS, iPhone, IronPort, the IronPort logo, Laser Link, LightStream,
Linksys, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, PCNow, PIX, PowerKEY, PowerPanels, PowerTV, PowerTV (Design),
PowerVu, Prisma, ProConnect, ROSA, SenderBase, SMARTnet, Spectrum Expert, StackWise, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc.
and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship
between Cisco and any other company. (0910R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the
document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
This document describes the objectives, audience, conventions, and organization used in Cisco IOS XE
software documentation. Also included are resources for obtaining technical assistance, additional
documentation, and other information from Cisco. This document is organized into the following
sections:
• Documentation Objectives, page i
• Audience, page i
• Documentation Conventions, page ii
• Documentation Organization, page iii
• Additional Resources and Documentation Feedback, page x
Documentation Objectives
Cisco IOS XE documentation describe the tasks and commands available to configure and maintain
Cisco networking devices.
Audience
The Cisco IOS XE documentation set is intended for users who configure and maintain Cisco networking
devices (such as routers and switches) but who may not be familiar with the configuration and
maintenance tasks, the relationship among tasks, or the Cisco IOS commands necessary to perform
particular tasks. The Cisco IOS XE documentation set is also intended for those users experienced with
Cisco IOS XE software who need to know about new features, new configuration options, and new
software characteristics in the current Cisco IOS XE release.
i
About Cisco IOS XE Software Documentation
Documentation Conventions
Documentation Conventions
In Cisco IOS XE documentation, the term router may be used to refer to various Cisco products; for
example, routers, access servers, and switches. These and other networking devices that support
Cisco IOS XE software are shown interchangeably in examples and are used only for illustrative
purposes. An example that shows one product does not necessarily mean that other products are not
supported.
This section contains the following topics:
• Typographic Conventions, page ii
• Command Syntax Conventions, page ii
• Software Conventions, page iii
• Reader Alert Conventions, page iii
Typographic Conventions
Cisco IOS XE documentation uses the following typographic conventions:
Convention Description
^ or Ctrl Both the ^ symbol and Ctrl represent the Control (Ctrl) key on a keyboard. For
example, the key combination ^D or Ctrl-D means that you hold down the
Control key while you press the D key. (Keys are indicated in capital letters but
are not case sensitive.)
string A string is a nonquoted set of characters shown in italics. For example, when
setting a Simple Network Management Protocol (SNMP) community string to
public, do not use quotation marks around the string; otherwise, the string will
include the quotation marks.
Convention Description
bold Bold text indicates commands and keywords that you enter as shown.
italic Italic text indicates arguments for which you supply values.
[x] Square brackets enclose an optional keyword or argument.
... An ellipsis (three consecutive nonbolded periods without spaces) after a syntax
element indicates that the element can be repeated.
| A vertical line, called a pipe, indicates a choice within a set of keywords
or arguments.
[x | y] Square brackets enclosing keywords or arguments separated by a pipe indicate an
optional choice.
{x | y} Braces enclosing keywords or arguments separated by a pipe indicate a
required choice.
[x {y | z}] Braces and a pipe within square brackets indicate a required choice within an
optional element.
ii
About Cisco IOS XE Software Documentation
Documentation Organization
Software Conventions
Cisco IOS XE software uses the following conventions:
Convention Description
Courier font Courier font is used for information that is displayed on a PC or terminal screen.
Bold Courier font Bold Courier font indicates text that the user must enter.
< > Angle brackets enclose text that is not displayed, such as a password. Angle
brackets also are used in contexts in which the italic font style is not supported;
for example, ASCII text.
! An exclamation point at the beginning of a line indicates that the text that follows
is a comment, not a line of code. An exclamation point is also displayed by the
Cisco IOS XE software for certain processes.
[ ] Square brackets enclose default responses to system prompts.
Caution Means reader be careful. In this situation, you might do something that could result in equipment
damage or loss of data.
Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the
manual.
Timesaver Means the described action saves time. You can save time by performing the action described in the
paragraph.
Documentation Organization
This section describes the Cisco IOS XE documentation set, how it is organized, and how to access it on
Cisco.com. Listed are configuration guides, command references, and supplementary references and
resources that comprise the documentation set.
• Cisco IOS XE Documentation Set, page iv
• Cisco IOS XE Documentation on Cisco.com, page iv
• Configuration Guides, Command References, and Supplementary Resources, page v
iii
About Cisco IOS XE Software Documentation
Documentation Organization
Configuration Guides
Configuration guides are provided by technology and release and comprise a set of individual feature
guides relevant to the release and technology.
Command References
Command reference books describe Cisco IOS XE commands that are supported in many different
software releases and on many different platforms. The books are organized by technology. For
information about all Cisco IOS XE commands, use the Command Lookup Tool at
http://tools.cisco.com/Support/CLILookup or the Cisco IOS Master Command List, All Releases, at
http://www.cisco.com/en/US/docs/ios/mcl/allreleasemcl/all_book.html.
iv
About Cisco IOS XE Software Documentation
Documentation Organization
v
About Cisco IOS XE Software Documentation
Documentation Organization
• Cisco IOS XE Interface and Hardware Component LAN interfaces, logical interfaces, serial interfaces, virtual
Configuration Guide interfaces, and interface configuration.
• Cisco IOS Interface and Hardware Component
Command Reference
• Cisco IOS XE IP Addressing Services IP addressing, Address Resolution Protocol (ARP), Network
Configuration Guide Address Translation (NAT), Domain Name System (DNS),
Dynamic Host Configuration Protocol (DHCP), and Next Hop
• Cisco IOS IP Addressing Services
Address Resolution Protocol (NHRP).
Command Reference
• Cisco IOS XE IP Application Services Enhanced Object Tracking (EOT), Gateway Load Balancing
Configuration Guide Protocol (GLBP), Hot Standby Router Protocol (HSRP), IP
• Cisco IOS IP Application Services Services, TCP, Web Cache Communication Protocol (WCCP),
Command Reference User Datagram Protocol (UDP), and Virtual Router Redundancy
Protocol (VRRP).
• Cisco IOS XE IP Multicast Configuration Guide Protocol Independent Multicast (PIM) sparse mode (PIM-SM),
bidirectional PIM (bidir-PIM), Source Specific Multicast
• Cisco IOS IP Multicast Command Reference
(SSM), Multicast Source Discovery Protocol (MSDP), Internet
Group Management Protocol (IGMP), and Multicast VPN
(MVPN).
• Cisco IOS XE IP Routing: BFD Configuration Guide Bidirectional forwarding detection (BFD).
• Cisco IOS XE IP Routing: BGP Configuration Guide Border Gateway Protocol (BGP), multiprotocol BGP,
• Cisco IOS IP Routing: BGP Command Reference multiprotocol BGP extensions for IP multicast.
• Cisco IOS XE IP Routing: EIGRP Enhanced Interior Gateway Routing Protocol (EIGRP).
Configuration Guide
• Cisco IOS IP Routing: EIGRP Command Reference
• Cisco IOS XE IP Routing: ISIS Configuration Guide Intermediate System-to-Intermediate System (IS-IS).
• Cisco IOS IP Routing: ISIS Command Reference
vi
About Cisco IOS XE Software Documentation
Documentation Organization
vii
About Cisco IOS XE Software Documentation
Documentation Organization
viii
About Cisco IOS XE Software Documentation
Documentation Organization
Table 2 lists documents and resources that supplement the Cisco IOS XE software configuration guides
and command references.
ix
About Cisco IOS XE Software Documentation
Additional Resources and Documentation Feedback
x
About Cisco IOS XE Software Documentation
Additional Resources and Documentation Feedback
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Nurse Connect, Cisco Pulse, Cisco SensorBase,
Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good,
Flip Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network are trademarks;
Changing the Way We Work, Live, Play, and Learn, Cisco Capital, Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store, Flip Gift Card,
and One Million Acts of Green are service marks; and Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Lumin, Cisco Nexus,
Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Continuum, EtherFast,
EtherSwitch, Event Center, Explorer, Follow Me Browsing, GainMaker, iLYNX, IOS, iPhone, IronPort, the IronPort logo, Laser Link, LightStream,
Linksys, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, PCNow, PIX, PowerKEY, PowerPanels, PowerTV,
PowerTV (Design), PowerVu, Prisma, ProConnect, ROSA, SenderBase, SMARTnet, Spectrum Expert, StackWise, WebEx, and the WebEx logo are
registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0910R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
xi
About Cisco IOS XE Software Documentation
Additional Resources and Documentation Feedback
xii
Using the Command-Line Interface in
Cisco IOS XE Software
This document provides basic information about the command-line interface (CLI) in Cisco IOS XE
software and how you can use some of the CLI features. This document contains the following sections:
• Initially Configuring a Device, page i
• Using the CLI, page ii
• Saving Changes to a Configuration, page xii
• Additional Information, page xii
For more information about using the CLI, see “Part 1: Using the Cisco IOS Command-Line Interface
(CLI)” of the Cisco IOS XE Configuration Fundamentals Configuration Guide.
For information about the software documentation set, see the “About Cisco IOS XE Software
Documentation” document.
i
Using the Command-Line Interface in Cisco IOS XE Software
Using the CLI
Note The AUX port on the Route Processor (RP) installed in a Cisco ASR 1000 series router does not serve
any useful customer purpose and should be accessed only under the advisement of a customer support
representative.
ii
Using the Command-Line Interface in Cisco IOS XE Software
Using the CLI
iii
Using the Command-Line Interface in Cisco IOS XE Software
Using the CLI
iv
Using the Command-Line Interface in Cisco IOS XE Software
Using the CLI
EXEC commands are not saved when the software reboots. Commands that you issue in a configuration
mode can be saved to the startup configuration. If you save the running configuration to the startup
configuration, these commands will execute when the software is rebooted. Global configuration mode
is the highest level of configuration mode. From global configuration mode, you can enter a variety of
other configuration modes, including protocol-specific modes.
ROM monitor mode is a separate mode that is used when the software cannot load properly. If a valid
software image is not found when the software boots or if the configuration file is corrupted at startup,
the software might enter ROM monitor mode. Use the question symbol (?) to view the commands that
you can use while the device is in ROM monitor mode.
rommon 1 > ?
alias set and display aliases command
boot boot up an external process
confreg configuration register utility
cont continue executing a downloaded image
context display the context of a loaded image
cookie display contents of cookie PROM in hex
.
.
.
rommon 2 >
The following example shows how the command prompt changes to indicate a different command mode:
Router> enable
Router# configure terminal
Router(config)# interface ethernet 1/1
Router(config-if)# ethernet
Router(config-line)# exit
Router(config)# end
Router#
Command Purpose
help Provides a brief description of the Help feature in any command mode.
? Lists all commands available for a particular command mode.
partial command? Provides a list of commands that begin with the character string (no
space between the command and the question mark).
partial command<Tab> Completes a partial command name (no space between the command
and <Tab>).
command ? Lists the keywords, arguments, or both associated with the command
(space between the command and the question mark).
command keyword ? Lists the arguments that are associated with the keyword (space between
the keyword and the question mark).
v
Using the Command-Line Interface in Cisco IOS XE Software
Using the CLI
help
Router> help
Help may be requested at any point in a command by entering a question mark '?'. If nothing
matches, the help list will be empty and you must backup until entering a '?' shows the
available options.
Two styles of help are provided:
1. Full help is available when you are ready to enter a command argument (e.g. 'show ?')
and describes each possible argument.
2. Partial help is provided when an abbreviated argument is entered and you want to know
what arguments match the input (e.g. 'show pr?'.)
?
Router# ?
Exec commands:
access-enable Create a temporary access-List entry
access-profile Apply user-profile to interface
access-template Create a temporary access-List entry
alps ALPS exec commands
archive manage archive files
<snip>
partial command?
Router(config)# zo?
zone zone-pair
partial command<Tab>
Router(config)# we<Tab> webvpn
command ?
Router(config-if)# pppoe ?
enable Enable pppoe
max-sessions Maximum PPPOE sessions
command keyword ?
Router(config-if)# pppoe enable ?
group attach a BBA group
<cr>
vi
Using the Command-Line Interface in Cisco IOS XE Software
Using the CLI
vii
Using the Command-Line Interface in Cisco IOS XE Software
Using the CLI
Note Both password commands have numeric keywords that are single integer values. If you choose a number
for the first character of your password followed by a space, the system will read the number as if it were
the numeric keyword and not as part of your password.
When both passwords are set, the enable secret password takes precedence over the enable password.
To remove a password, use the no form of the commands: no enable password or
no enable secret password.
For more information about password recovery procedures for Cisco products, see
http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/
products_tech_note09186a00801746e6.shtml.
A command history buffer is also available in line configuration mode with the same default and
configuration options. To set the command history buffer size for a terminal session in line configuration
mode, issue the history command:
Router(config-line)# history [size num]
viii
Using the Command-Line Interface in Cisco IOS XE Software
Using the CLI
To recall commands from the history buffer, use the following methods:
• Press Ctrl-P or the Up Arrow key—Recalls commands beginning with the most recent command.
Repeat the key sequence to recall successively older commands.
• Press Ctrl-N or the Down Arrow key—Recalls the most recent commands in the history buffer after
they have been recalled using Ctrl-P or the Up Arrow key. Repeat the key sequence to recall
successively more recent commands.
Note The arrow keys function only on ANSI-compatible terminals such as the VT100.
• Issue the show history command in user EXEC or privileged EXEC mode—Lists the most recent
commands that you entered. The number of commands that are displayed is determined by the
setting of the terminal history size and history commands.
The command history feature is enabled by default. To disable this feature for a terminal session,
issue the terminal no history command in user EXEC or privileged EXEC mode or the no history
command in line configuration mode.
Abbreviating Commands
Typing a complete command name is not always required for the command to execute. The CLI
recognizes an abbreviated command when the abbreviation contains enough characters to uniquely
identify the command. For example, the show version command can be abbreviated as sh ver. It cannot
be abbreviated as s ver because s could mean show, set, or systat. The sh v abbreviation also is not valid
because the show command has vrrp as a keyword in addition to version.
ix
Using the Command-Line Interface in Cisco IOS XE Software
Using the CLI
To create a command alias, issue the alias command in global configuration mode. The syntax of the
command is alias mode command-alias original-command. Following are some examples:
• Router(config)# alias exec prt partition—privileged EXEC mode
• Router(config)# alias configure sb source-bridge—global configuration mode
• Router(config)# alias interface rl rate-limit—interface configuration mode
To view both default and user-created aliases, issue the show alias command.
For more information about the alias command, see
http://www.cisco.com/en/US/docs/ios/fundamentals/command/reference/cf_book.html.
Caution Debugging is a high priority and high CPU utilization process that can render your device unusable. Use
debug commands only to troubleshoot specific problems. The best times to run debugging are during
periods of low network traffic and when few users are interacting with the network. Debugging during
these periods decreases the likelihood that the debug command processing overhead will affect network
performance or user access or response times.
x
Using the Command-Line Interface in Cisco IOS XE Software
Using the CLI
For more system error messages, see the System Messages for Cisco IOS XE document.
xi
Using the Command-Line Interface in Cisco IOS XE Software
Saving Changes to a Configuration
You press Enter to accept the startup-config filename (the default), or type a new filename and then press
Enter to accept that name. The following output is displayed indicating that the configuration was saved:
Building configuration...
[OK]
Router#
On most platforms, the configuration is saved to NVRAM. On platforms with a Class A flash file system,
the configuration is saved to the location specified by the CONFIG_FILE environment variable. The
CONFIG_FILE variable defaults to NVRAM.
Additional Information
• “Part 1: Using the Cisco IOS Command-Line Interface (CLI)” of the Cisco IOS XE Configuration
Fundamentals Configuration Guide
http://www.cisco.com/en/US/docs/ios/ios_xe/fundamentals/configuration/guide/2_xe/cf_xe_book.
html
or
“Using Cisco IOS XE Software” chapter of the Cisco ASR 1000 Series Aggregation Services Routers
Software Configuration Guide
http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/Using_CLI.html
• Cisco Product Support Resources
http://www.cisco.com/go/techdocs
• Support area on Cisco.com (also search for documentation by task or product)
http://www.cisco.com/en/US/support/index.html
• Software Download Center (downloads; tools; licensing, registration, advisory, and general
information) (requires Cisco.com user ID and password)
http://www.cisco.com/kobayashi/sw-center/
• Error Message Decoder, a tool to help you research and resolve error messages for
Cisco IOS XE software
http://www.cisco.com/pcgi-bin/Support/Errordecoder/index.cgi
xii
Using the Command-Line Interface in Cisco IOS XE Software
Additional Information
• Command Lookup Tool, a tool to help you find detailed descriptions of Cisco IOS XE commands
(requires Cisco.com user ID and password)
http://tools.cisco.com/Support/CLILookup
• Output Interpreter, a troubleshooting tool that analyzes command output of supported
show commands
https://www.cisco.com/pcgi-bin/Support/OutputInterpreter/home.pl\
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Nurse Connect, Cisco Pulse, Cisco SensorBase,
Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good,
Flip Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network are trademarks;
Changing the Way We Work, Live, Play, and Learn, Cisco Capital, Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store, Flip Gift Card,
and One Million Acts of Green are service marks; and Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Lumin, Cisco Nexus,
Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Continuum, EtherFast,
EtherSwitch, Event Center, Explorer, Follow Me Browsing, GainMaker, iLYNX, IOS, iPhone, IronPort, the IronPort logo, Laser Link, LightStream,
Linksys, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, PCNow, PIX, PowerKEY, PowerPanels, PowerTV,
PowerTV (Design), PowerVu, Prisma, ProConnect, ROSA, SenderBase, SMARTnet, Spectrum Expert, StackWise, WebEx, and the WebEx logo are
registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0910R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
xiii
Using the Command-Line Interface in Cisco IOS XE Software
Additional Information
xiv
Basic MPLS
Multiprotocol Label Switching (MPLS) on Cisco
Routers
This document describes commands for configuring and monitoring Multiprotocol Label Switching
(MPLS) functionality on Cisco routers and switches. This document is a companion to other feature
modules describing other MPLS applications.
Contents
This document includes the following sections:
• Feature Overview, page 2
• Supported Standards, MIBs, and RFCs, page 4
• Configuration Tasks, page 4
• Feature Information for MPLS on Cisco Routers, page 6
• Glossary, page 7
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
Multiprotocol Label Switching (MPLS) on Cisco Routers
Feature Overview
Feature Overview
Multiprotocol label switching (MPLS) combines the performance and capabilities of Layer 2 (data link
layer) switching with the proven scalability of Layer 3 (network layer) routing. MPLS enables service
providers to meet the challenges of explosive growth in network utilization while providing the
opportunity to differentiate services without sacrificing the existing network infrastructure. The MPLS
architecture is flexible and can be employed in any combination of Layer 2 technologies. MPLS support
is offered for all Layer 3 protocols, and scaling is possible well beyond that typically offered in today’s
networks.
MPLS efficiently enables the delivery of IP services over an ATM switched network. MPLS supports the
creation of different routes between a source and a destination on a purely router-based Internet
backbone. By incorporating MPLS into their network architecture, service providers can save money,
increase revenue and productivity, provide differentiated services, and gain competitive advantages.
2
Multiprotocol Label Switching (MPLS) on Cisco Routers
Feature Overview
Benefits of MPLS
MPLS provides the following major benefits to service provider networks:
• Scalable support for Virtual Private Networks (VPNs)—MPLS enables VPN services to be
supported in service provider networks, thereby greatly accelerating Internet growth.
The use of MPLS for VPNs provides an attractive alternative to the building of VPNs by means of
either ATM or Frame Relay permanent virtual circuits (PVCs) or various forms of tunneling to
interconnect routers at customer sites.
Unlike the PVC VPN model, the MPLS VPN model is highly scalable and can accommodate
increasing numbers of sites and customers. The MPLS VPN model also supports “any-to-any”
communication among VPN sites without requiring a full mesh of PVCs or the backhauling
(suboptimal routing) of traffic across the service provider network. For each MPLS VPN user, the
service provider’s network appears to function as a private IP backbone over which the user can
reach other sites within the VPN organization, but not the sites of any other VPN organization.
From a user perspective, the MPLS VPN model enables network routing to be dramatically
simplified. For example, rather than having to manage routing over a topologically complex virtual
backbone composed of many PVCs, an MPLS VPN user can generally employ the service provider’s
backbone as the default route in communicating with all of the other VPN sites.
• Explicit routing capabilities (also called constraint-based routing or traffic engineering)—Explicit
routing employs “constraint-based routing,” in which the path for a traffic flow is the shortest path
that meets the resource requirements (constraints) of the traffic flow.
In MPLS traffic engineering, factors such as bandwidth requirements, media requirements, and the
priority of one traffic flow versus another can be taken into account. These traffic engineering
capabilities enable the administrator of a service provider network to
– Control traffic flow in the network
– Reduce congestion in the network
– Make best use of network resources
Thus, the network administrator can specify the amount of traffic expected to flow between various
points in the network (thereby establishing a traffic matrix), while relying on the routing system to
– Calculate the best paths for network traffic
– Set up the explicit paths to carry the traffic
3
Multiprotocol Label Switching (MPLS) on Cisco Routers
Supported Standards, MIBs, and RFCs
• Support for IP routing on ATM switches (also called IP and ATM integration)—MPLS enables an
ATM switch to perform virtually all of the functions of an IP router. This capability of an ATM
switch stems from the fact that the MPLS forwarding paradigm, namely, label swapping, is exactly
the same as the forwarding paradigm provided by ATM switch hardware.
The key difference between a conventional ATM switch and an ATM label switch is the control
software used by the latter to establish its virtual channel identifier (VCI) table entries. An ATM
label switch uses IP routing protocols and the Tag Distribution Protocol (TDP) to establish VCI table
entries.
An ATM label switch can function as a conventional ATM switch. In this dual mode, the ATM switch
resources (such as VCI space and bandwidth) are partitioned between the MPLS control plane and
the ATM control plane. The MPLS control plane provides IP-based services, while the ATM control
plane supports ATM-oriented functions, such as circuit emulation or PVC services.
Restrictions
Label switching on a Cisco router requires that Cisco Express Forwarding be enabled on that router (see
the “Configuration Tasks” section below).
Configuration Tasks
This section explains how to configure a router for MPLS forwarding by enabling Cisco Express
Forwarding on the router.
Configuration tasks for other MPLS applications are described in the feature module documentation for
the application.
Note Cisco Express Forwarding is enabled by default on a Cisco ASR 1000 Series Aggregation
Services Router and cannot be disabled.
For more information about Cisco Express Forwarding commands, see the Cisco IOS Switching
Command Reference.
4
Multiprotocol Label Switching (MPLS) on Cisco Routers
Configuration Tasks
5
Multiprotocol Label Switching (MPLS) on Cisco Routers
Feature Information for MPLS on Cisco Routers
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a given
Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that Cisco IOS
XE software release train also support that feature.
6
Multiprotocol Label Switching (MPLS) on Cisco Routers
Glossary
Glossary
ATM edge LSR—A router that is connected to the ATM-LSR cloud through LC-ATM interfaces. The
ATM edge LSR adds labels to unlabeled packets and strips labels from labeled packets.
ATM-LSR—A label switch router with a number of LC-ATM interfaces. The router forwards the cells
among these interfaces using labels carried in the VPI/VCI field of the ATM cell header.
CoS—Class of service. A feature that provides scalable, differentiated types of service across an MPLS
network.
IP precedence—A 3-bit value in a ToS byte used for assigning precedence to IP packets.
label—A short fixed-length label that tells switching nodes how to forward data (packets or cells).
label-controlled ATM interface (LC-ATM interface)—An interface on a router or switch that uses
label distribution procedures to negotiate label VCs.
label edge router (LER)—A router that performs label imposition.
label imposition—The action of putting the first label on a packet.
label switch—A node that forwards units of data (packets or cells) on the basis of labels.
label switched path (LSP)—A sequence of hops (Router 0...Router n) in which a packet travels from
R0 to Rn by means of label switching mechanisms. A label switched path can be chosen dynamically,
based on normal routing mechanisms, or it can be configured manually.
label switched path (LSP) tunnel—A configured connection between two routers, in which label
switching techniques are used for packet forwarding.
label switching router (LSR)—A Layer 3 router that forwards a packet based on the value of a label
encapsulated in the packet.
label VC (LVC)—An ATM virtual circuit that is set up through ATM LSR label distribution procedures.
LFIB—Label Forwarding Information Base. The data structure used by switching functions to switch
labeled packets.
LIB—Label information base. A database used by an LSR to store labels learned from other LSRs, as
well as labels assigned by the local LSR.
MPLS—Multiprotocol label switching. An emerging industry standard that defines support for MPLS
forwarding of packets along normally routed paths (sometimes called MPLS hop-by-hop forwarding).
QoS—quality of service. A measure of performance for a transmission system that reflects its
transmission quality and service availability.
tailend—The downstream, received end of a tunnel.
TDP—Tag Distribution Protocol. The protocol used to distribute label bindings to LSRs.
traffic engineering—The techniques and processes used to cause routed traffic to travel through the
network on a path other than the one that could have been chosen if standard routing methods had been
applied.
traffic engineering tunnel—A label-switched tunnel that is used for traffic engineering. Such a tunnel
is set up through means other than normal Layer 3 routing; it is used to direct traffic over a path different
from the one that Layer 3 routing could cause the tunnel to take.
VPN—Virtual Private Network. Enables IP traffic to use tunneling to travel securely over a public
TCP/IP network.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
7
Multiprotocol Label Switching (MPLS) on Cisco Routers
Glossary
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
8
MPLS Static Labels
This document describes the Cisco MPLS Static Labels feature. The MPLS Static Labels feature
provides the means to configure statically:
• The binding between a label and an IPv4 prefix
• The contents of an LFIB crossconnect entry
Contents
• MPLS Static Labels Feature Overview, page 2
• Prerequisites, page 2
• Configuration Tasks, page 3
• Monitoring and Maintaining MPLS Static Labels, page 5
• Configuration Examples, page 5
• Additional References, page 7
• Feature Information for MPLS Static Labels, page 9
• Glossary, page 10
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Static Labels
MPLS Static Labels Feature Overview
Benefits
Static Bindings Between Labels and IPv4 Prefixes
Static bindings between labels and IPv4 prefixes can be configured to support MPLS hop-by-hop
forwarding through neighbor routers that do not implement LDP label distribution.
Static Crossconnects
Static crossconnects can be configured to support MPLS Label Switched Path (LSP) midpoints when
neighbor routers do not implement either the LDP or RSVP label distribution, but do implement an
MPLS forwarding path.
Restrictions
• The trouble shooting process for MPLS static labels is complex.
• On a provider edge (PE) router for MPLS VPNs, there is no mechanism for statically binding a label
to a customer network prefix (VPN IPv4 prefix).
• MPLS static crossconnect labels remain in the LFIB even if the router to which the entry points goes
down.
• MPLS static crossconnect mappings remain in effect even with topology changes.
• MPLS static labels are not supported for label-controlled Asynchronous Transfer Mode (lc-atm).
• MPLS static bindings are not supported for local prefixes.
Prerequisites
The network must support the following Cisco IOS features before you enable MPLS static labels:
• Multiprotocol Label Switching (MPLS)
• Cisco Express Forwarding
2
MPLS Static Labels
Configuration Tasks
Configuration Tasks
See the following sections for the configuration tasks for the this feature:
• Configuring MPLS Static Prefix/Label Bindings, page 3 (required)
• Verifying MPLS Static Prefix/Label Bindings, page 3 (optional)
• Configuring MPLS Static Crossconnects, page 4 (required)
• Verifying MPLS Static Crossconnect Configuration, page 4 (optional)
Command Purpose
Step 1 Router# configure terminal Enters global configuration mode.
Step 2 Router(config)# mpls label range Specifies a range of labels for use with MPLS Static Labels
min-label max-label [static feature.
min-static-label max-static-label]
(Default is no labels reserved for static assignment.)
Step 3 Router(config)# mpls static binding ipv4 Specifies static binding of labels to IPv4 prefixes.
prefix mask [input | output nexthop]
label Bindings specified are installed automatically in the MPLS
forwarding table as routing demands.
Step 1 Enter show mpls label range command. The output shows that the new label ranges do not take effect
until a reload occurs:
Router# show mpls label range
The following output from the show mpls label range command, executed after a reload, indicates that
the new label ranges are in effect:
Router# show mpls label range
Step 2 Enter the show mpls static binding ipv4 command to show the configured static prefix/label bindings:
Router# show mpls static binding ipv4
3
MPLS Static Labels
Configuration Tasks
Outgoing labels:
10.0.0.1 18
10.18.18.18/32: Incoming label: 201 (in LIB)
Outgoing labels:
10.0.0.1implicit-null
Step 3 Use the show mpls forwarding-table command to determine which static prefix/label bindings are
currently in use for MPLS forwarding.
Router# show mpls forwarding-table
Command Purpose
Step 1 Router# configure terminal Enters global configuration mode.
Step 2 Router(config)# mpls label range Specifies a range of labels for use with MPLS Static Labels
min-label max-label [static feature.
min-static-label max-static-label]
(Default is no labels reserved for static assignment.)
Step 3 Router(config)# mpls static binding ipv4 Specifies static binding of labels to IPv4 prefixes.
prefix mask [input | output nexthop]
label Bindings specified are installed automatically in the MPLS
forwarding table as routing demands.
Step 1 Use the show mpls static crossconnect command to display information about crossconnects that have
been configured:
Router# show mpls static crossconnect
4
MPLS Static Labels
Monitoring and Maintaining MPLS Static Labels
Command Purpose
Router# show mpls forwarding-table Displays the contents of the MPLS LFIB.
Router# show mpls label range Displays information about the static label range.
Router# show mpls static binding ipv4 Displays information about the configured static prefix/label
bindings.
Router# show mpls static crossconnect Displays information about the configured crossconnects.
Configuration Examples
This section provides the following configuration examples for the MPLS Static Labels feature:
• Configuring MPLS Static Prefixes/Labels: Example, page 5
• Configuring MPLS Static Crossconnects: Example, page 6
In the following output, the show mpls label range command indicates that the new label ranges do not
take effect until a reload occurs:
Router# show mpls label range
In the following output, the show mpls label range command, executed after a reload, indicates that the
new label ranges are in effect:
Router# show mpls label range
5
MPLS Static Labels
Configuration Examples
In the following output, the mpls static binding ipv4 commands configure static prefix/label bindings.
They also configure input (local) and output (remote) labels for various prefixes:
Router# configure terminal
Router(config)# mpls static binding ipv4 10.0.0.0 255.0.0.0 output 10.0.0.66 2607
Router(config)# mpls static binding ipv4 10.0.0.0 255.0.0.0 output 10.13.0.8 explicit-null
Router(config)# end
In the following output, the show mpls static binding ipv4 command displays the configured static
prefix/label bindings:
Router# show mpls static binding ipv4
Router(config)# end
In the following output, the show mpls static crossconnect command displays the configured
crossconnect:
Router# show mpls static crossconnect
6
MPLS Static Labels
Additional References
Additional References
The following sections provide references related to the MPLS Static Labels feature.
Related Documents
Related Topic Document Title
MPLS commands Multiprotocol Label Switching Command Reference
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
No new or modified RFCs are supported by this —
feature, and support for existing RFCs has not been
modified by this feature.
7
MPLS Static Labels
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
8
MPLS Static Labels
Feature Information for MPLS Static Labels
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
9
MPLS Static Labels
Glossary
Glossary
BGP—Border Gateway Protocol. The predominant interdomain routing protocol used in IP networks.
Border Gateway Protocol—See BGP.
FIB—Forwarding Information Base. A table that contains a copy of the forwarding information in the
IP routing table.
Forwarding Information Base—See FIB.
label—A short, fixed-length identifier that tells switching nodes how the data (packets or cells) should
be forwarded.
label binding—An association between a label and a set of packets, which can be advertised to
neighbors so that a label switched path can be established.
Label Distribution Protocol—See LDP.
Label Forwarding Information Base—See LFIB.
label imposition—The act of putting the first label on a packet.
label switching router—See LSR.
LDP—Label Distribution Protocol. The protocol that supports MPLS hop-by-hop forwarding by
distributing bindings between labels and network prefixes.
LFIB—Label Forwarding Information Base. A data structure in which destinations and incoming labels
are associated with outgoing interfaces and labels.
LSR—label switching router. A Layer 3 router that forwards a packet based on the value of an identifier
encapsulated in the packet.
MPLS—Multiprotocol Label Switching. An industry standard on which label switching is based.
MPLS hop-by-hop forwarding—The forwarding of packets along normally routed paths using MPLS
forwarding mechanisms.
Multiprotocol Label Switching—See MPLS.
Resource Reservation Protocol—See RSVP.
RIB—Routing Information Base. A common database containing all the routing protocols running on a
router.
Routing Information Base—See RIB.
RSVP—Resource Reservation Protocol. A protocol for reserving network resources to provide quality
of service guarantees to application flows.
traffic engineering—Techniques and processes used to cause routed traffic to travel through the
network on a path other than the one that would have been chosen if standard routing methods were used.
Virtual Private Network—See VPN.
VPN—Virtual Private Network. A network that enables IP traffic to use tunneling to travel securely over
a public TCP/IP network.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
10
MPLS Static Labels
Glossary
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
11
MPLS Static Labels
Glossary
12
MPLS Quality of Service (QoS)
This feature module describes the use of the MPLS class of service (CoS) functionality in an MPLS
network.
Note MPLS Class of Service is referred to as MPLS Quality of Service (QoS). This name reflects the growth
of MPLS to encompass a wider meaning and highlight the path towards future enhancements.
Contents
The document contains the following major sections:
• Feature Overview, page 2
• Supported Standards, MIBs, and RFCs, page 5
• Prerequisites, page 5
• Configuration Tasks, page 6
• Configuration Examples, page 10
• Feature Information for MPLS Quality of Service, page 16
• Glossary, page 17
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
Feature Overview
MPLS CoS functionality enables network administrators to provide differentiated services across an
MPLS network. Network administrators can satisfy a wide range of networking requirements by
specifying the class of service applicable to each transmitted IP packet. Different classes of service can
be established for IP packets by setting the IP precedence bit in the header of each packet.
MPLS CoS supports the following differentiated services in an MPLS network:
• Packet classification
• Congestion avoidance
• Congestion management
Table 1 describes the MPLS CoS services and functions.
MPLS CoS enables you to duplicate Cisco IOS XE IP CoS (Layer 3) features as closely as possible in
MPLS devices, including label edge switch routers (edge LSRs) and label switch routers (LSRs). MPLS
CoS functions map nearly one-for-one to IP CoS functions on all types of interfaces.
2
MPLS Quality of Service (QoS)
Feature Overview
3
MPLS Quality of Service (QoS)
Feature Overview
In either case, LSRs enforce the defined differentiation by continuing to employ WRED or CBWFQ on
every ingress router.
At the egress of an MPLS network, routers process packets as follows:
1. MPLS-labeled packets enter the edge LSR from the MPLS network backbone.
2. The MPLS labels are removed and IP packets may be (re)classified.
3. For each packet, the router performs a lookup on the IP address to determine the packet’s destination
and forwards the packet to the destination interface for processing.
4. The packets are differentiated by the IP precedence values and treated appropriately, depending on
the WRED or CBWFQ drop probability configuration.
4
MPLS Quality of Service (QoS)
Supported Standards, MIBs, and RFCs
Related Documents
For additional information about MPLS commands and Quality of Service, see the following documents:
• Quality of Service Overview
• Cisco IOS Quality of Service Solutions Command Reference
• Cisco IOS Multiprotocol Label Switching Command Reference
MIBs
• CISCO-WRED-MIB
• CISCO-CAR-MIB
To locate and download MIBs for selected platforms, Cisco IOS XE software releases, and feature sets,
use Cisco MIB Locator found at the following URL:
http://www.cisco.com/go/mibs
RFCs
No new or modified RFCs are supported by this MPLS CoS feature.
Prerequisites
To use MPLS CoS to full advantage in your network, the following functionality must be supported:
• Multiprotocol label switching (MPLS)—MPLS is the standardized label switching protocol defined
by the Internet Engineering Task Force (IETF).
• Cisco Express Forwarding—Cisco Express Forwarding is an advanced Layer 3 IP switching
technology that optimizes performance and scalability in networks that handle large volumes of
traffic and that exhibit dynamic traffic patterns.
• Asynchronous Transfer Mode (ATM)—ATM signaling support is required if you are using
ATM interfaces in your network.
Note If you are using only packet interfaces in your network, ATM functionality is not needed.
• QoS features:
– Weighted fair queueing (WFQ)—WFQ, a dynamic scheduling method that allocates bandwidth
fairly to all network traffic.
WFQ applies priorities, or weights, to traffic to classify the traffic into flows and determine how
much bandwidth to allow each flow. WFQ moves interactive traffic to the front of a queue to
reduce response time and fairly shares the remaining bandwidth among high-bandwidth flows.
5
MPLS Quality of Service (QoS)
Configuration Tasks
Configuration Tasks
This section contains the procedures listed below. All the procedures are listed as optional. However,
once you decide to configure a specific MPLS QoS feature (for example, WRED) that procedure
becomes required.
• Configuring WRED, page 6 (optional)
• Verifying WRED, page 6 (optional)
• Configuring CAR, page 7 (optional)
• Verifying the CAR Configuration, page 7 (optional)
• Configuring CBWFQ, page 8 (optional)
• Verifying the CBWFQ Configuration, page 8 (optional)
Configuring WRED
To configure weighted random early detection (WRED), use the commands shown in the following table.
Command Purpose
Step 1 Router(config)# interface type number Specifies the interface type and number.
Step 2 Router(config-if)# random-detect Configures the interface to use
WRED/DWRED.
Step 3 Router(config-if)# random-detect precedence Configures WRED/DWRED parameters per
min-threshold max-threshold mark-probability precedence value.
Verifying WRED
To verify weighted random early detection (WRED), use a command of the form shown in the following
table. This example is based on “Router2” in the network topology shown in Figure 1.
6
MPLS Quality of Service (QoS)
Configuration Tasks
Command Purpose
Step 1 Router2# show queueing interface p6/0/0 Verifies the WRED configuration on
Interface POS6/0/0 queueing strategy:random early detection the specified interface.
(WRED)
Exp-weight-constant:9 (1/512)
Mean queue depth:0
Configuring CAR
To configure CAR, use the commands shown in the following table.
Command Purpose
Step 1 Router(config)# interface name Designates the input interface.
Step 2 Router(config-int)# rate-limit input [access-group Specifies the action to take on packets during
[rate-limit]acl-index] bps burst-normal burst-max label imposition.
conform-action conform-action exceed-action
exceed-action
Step 3 Router(config-int)# end Exits interface configuration mode.
7
MPLS Quality of Service (QoS)
Configuration Tasks
Configuring CBWFQ
To configure CBWFQ, use the commands shown in the following table.
Command Purpose
Step 1 Router(config)# class-map class-map-name Creates a class-map.
Step 2 Router(config-cmap)# match type number Specifies the traffic on which the class-map is to
match.
Step 3 Router(config-cmap)# policy-map policy-map-name Creates a policy map.
Step 4 Router(config-pmap)# class class-map-name Associates class-map with policy-map.
Step 5 Router(config-pmap-c)# bandwidth number Associates bandwidth (CBWFQ) action to act
on traffic matched by class-map.
Step 6 Router(config-pmap-c)# interface type number Specifies the interface type and number.
Step 7 Router(config-if)# service-policy output policy-map-name Assigns policy-map to interface.
class-map:prec_23 (match-all)
0 packets, 0 bytes
5 minute rate 0 bps
match:ip precedence 2 3
queue size 0, queue limit 0
packet output 0, packet drop 0
tail/random drop 0, no buffer drop 0, other drop 0
bandwidth:class-based wfq, weight 15
random-detect:
8
MPLS Quality of Service (QoS)
Configuration Tasks
Exp-weight-constant:9 (1/512)
Mean queue depth:0
Class Random Tail Minimum Maximum Mark Output
drop drop threshold threshold probability packets
0 0 0 0 0 1/10 0
1 0 0 0 0 1/10 0
2 0 0 0 0 1/10 0
3 0 0 0 0 1/10 0
4 0 0 0 0 1/10 0
5 0 0 0 0 1/10 0
6 0 0 0 0 1/10 0
7 0 0 0 0 1/10 0
class-map:prec_45 (match-all)
2137 packets, 576990 bytes
5 minute rate 16000 bps
match:ip precedence 4 5
queue size 0, queue limit 2712
packet output 2137, packet drop 0
tail/random drop 0, no buffer drop 0, other drop 0
bandwidth:class-based wfq, weight 20
random-detect:
Exp-weight-constant:9 (1/512)
Mean queue depth:0
Class Random Tail Minimum Maximum Mark Output
drop drop threshold threshold probability packets
0 0 0 3390 6780 1/10 0
1 0 0 3813 6780 1/10 0
2 0 0 4236 6780 1/10 0
3 0 0 4659 6780 1/10 0
4 0 0 5082 6780 1/10 2137
5 0 0 5505 6780 1/10 0
6 0 0 5928 6780 1/10 0
7 0 0 6351 6780 1/10 0
class-map:prec_67 (match-all)
0 packets, 0 bytes
5 minute rate 0 bps
match:ip precedence 6 7
queue size 0, queue limit 0
packet output 0, packet drop 0
tail/random drop 0, no buffer drop 0, other drop 0
bandwidth:class-based wfq, weight 25
random-detect:
Exp-weight-constant:9 (1/512)
Mean queue depth:0
Class Random Tail Minimum Maximum Mark Output
drop drop threshold threshold probability packets
0 0 0 0 0 1/10 0
1 0 0 0 0 1/10 0
2 0 0 0 0 1/10 0
3 0 0 0 0 1/10 0
4 0 0 0 0 1/10 0
5 0 0 0 0 1/10 0
6 0 0 0 0 1/10 0
7 0 0 0 0 1/10 0
class-map:class-default (match-any)
0 packets, 0 bytes
5 minute rate 0 bps
match:any
0 packets, 0 bytes
5 minute rate 0 bps
queue size 0, queue limit 4068
9
MPLS Quality of Service (QoS)
Configuration Examples
Configuration Examples
This section provides the following configuration examples.
• Configuring Cisco Express Forwarding: Example, page 11
• Running IP on Router 1: Example, page 11
• Running MPLS on Router 2: Example, page 11
• Running MPLS on Router 3: Example, page 12
• Running MPLS on Router 4: Example, page 13
• Running MPLS on Router 5: Example, page 14
• Running IP on Router 6: Example, page 15
The configuration examples in this section are based on the sample network topology shown in Figure 1.
Figure 1 Sample Network Topology for Configuring MPLS CoS on Router Interfaces
Router 3 Router 4
Router 2 Router 5
p3/0/0 p1/2/1
p6/0/0
/0 p0/1/0 p3/0/0 fa5
Router 1 1
fe1/ p1/0/0 /1/0
0/1 Router 6
fe0/ fa2
/0/0
CPE
non-MPLS CPE
router non-MPLS
router
192765
10
MPLS Quality of Service (QoS)
Configuration Examples
!
ip routing
!
hostname R1
!
interface Loopback0
ip address 10.1.1.1 255.255.255.255
!
interface FastEthernet0/0/1
ip address 10.0.0.1 255.0.0.0
!
router ospf 100
network 10.0.0.0 0.255.255.255 area 100
network 10.0.0.1 0.255.255.255 area 100
11
MPLS Quality of Service (QoS)
Configuration Examples
interface POS6/0/0
ip address 10.0.0.1 255.0.0.0
mpls label protocol ldp
mpls ip
random-detect
clock source internal
!
router ospf 100
network 10.0.0.0 0.255.255.255 area 100
network 10.1.0.0 0.255.255.255 area 100
network 11.0.1.0 0.255.255.255 area 100
!
access-list 101 permit ip host 10.10.1.1 any
12
MPLS Quality of Service (QoS)
Configuration Examples
13
MPLS Quality of Service (QoS)
Configuration Examples
14
MPLS Quality of Service (QoS)
Configuration Examples
!
ip routing
!
hostname R6
!
ip cef distributed
!
interface Loopback0
ip address 10.0.0.0 255.255.255.255
!
interface FastEthernet2/0/0
ip address 10.0.0.2 255.0.0.0
ip route-cache distributed
full-duplex
!
router ospf 100
network 10.0.0.0 0.255.255.255 area 100
network 10.1.0.0 0.255.255.255 area 100
!
15
MPLS Quality of Service (QoS)
Feature Information for MPLS Quality of Service
Note Table 3 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
16
MPLS Quality of Service (QoS)
Glossary
Glossary
ATM edge LSR—A router that is connected to the ATM-LSR cloud through LC-ATM interfaces. The
ATM edge LSR adds labels to unlabeled packets and strips labels from labeled packets.
ATM-LSR—A label switch router with a number of LC-ATM interfaces. The router forwards the cells
among these interfaces using labels carried in the VPI/VCI field.
CAR—Committed access rate (packet classification). CAR is the main feature supporting packet
classification. CAR uses the type of service (ToS) bits in the IP header to classify packets. You can use
the CAR classification commands to classify or reclassify a packet.
CoS—Class of service. A feature that provides scalable, differentiated types of service across an MPLS
network.
IP precedence—A 3-bit value in a ToS byte used for assigning precedence to IP packets.
label—A short, fixed-length construct that tells switching nodes how to forward data (packets or cells).
label-controlled ATM interface (LC-ATM interface)—An interface on a router or switch that uses
label distribution procedures to negotiate label VCs.
label imposition—The process of putting the first label on a packet.
label switch—A node that forwards units of data (packets or cells) on the basis of labels.
label-switched path (LSP)—An LSP results from a sequence of hops (Router 0...Router n) through
which a packet travels from R0 to Rn by means of label switching mechanisms. A label-switched path
can be determined dynamically (based on normal routing mechanisms), or it can be defined explicitly.
label-switched path (LSP) tunnel—A configured connection between two routers, in which label
switching techniques are used for packet forwarding.
label switching router (LSR)—A Layer 3 router that forwards a packet based on the value of a label
encapsulated in the packet.
label VC (LVC)—An ATM virtual circuit that is set up through ATM LSR label distribution procedures.
LBR—Label bit rate. A service category defined by this document for label-VC traffic. Link and per-VC
bandwidth sharing can be controlled by relative bandwidth configuration at the edge and each switch
along a label-VC. No ATM traffic-related parameters are specified.
LDP—Label Distribution Protocol. The protocol used to distribute label bindings to LSRs.
LFIB—Label forwarding information base. The data structure used by switching functions to switch
labeled packets.
LIB—Label information base. A database used by an LSR to store labels learned from other LSRs, as
well as labels assigned by the local LSR.
MPLS—Multiprotocol label switching. An emerging industry standard that defines support for MPLS
forwarding of packets along normally routed paths (sometimes called MPLS hop-by-hop forwarding).
RED—Random early detection. A congestion avoidance algorithm in which a small percentage of
packets are dropped when congestion is detected and before the queue in question overflows completely.
ToS bits—Type of service bits. A byte in the IPv4 header.
traffic engineering—The techniques and processes used to cause routed traffic to travel through the
network on a path other than the one that would have been chosen if standard routing methods had been
applied.
traffic engineering tunnel—A label-switched tunnel that is used for traffic engineering. Such a tunnel
is set up through means other than normal Layer 3 routing; it is used to direct traffic over a path different
from the one that Layer 3 routing would cause the tunnel to take.
17
MPLS Quality of Service (QoS)
Glossary
VPN—Virtual private network. Enables IP traffic to use tunneling to transport data securely over a
public TCP/IP network.
WRED—Weighted random early detection. A variant of RED in which the probability of a packet being
dropped depends on either its IP precedence, CAR marking, or MPLS CoS (as well as other factors in
the RED algorithm).
WFQ—Weighted fair queueing. A queue management algorithm that provides a certain fraction of link
bandwidth to each of several queues, based on a relative bandwidth applied to each of the queues.
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco Ironport, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect,
Cisco Stackpower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good,
Flip Mino, Flip Video, Flip Video (Design), Flipshare (Design), Flip Ultra, and Welcome to the Human Network are trademarks; Changing the Way
We Work, Live, Play, and Learn, Cisco Store, and Flip Gift Card are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting
To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS,
Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch,
Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the
IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy,
Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to
Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the
United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0907R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
18
MPLS—Multilink PPP Support
The MPLS—Multilink PPP Support feature ensures that MPLS Layer 3 Virtual Private Networks
(VPNs) with quality of service (QoS) can be enabled for bundled links. This feature supports
Multiprotocol Label Switching (MPLS) over Multilink PPP (MLP) links in the edge (provider edge
[PE]-to-customer edge [CE]) or in the MPLS core (PE-to-PE and PE-to-provider router [P]).
Service providers that use relatively low-speed links can use MLP to spread traffic across them in their
MPLS networks. Link fragmentation and interleaving (LFI) should be deployed in the CE-to-PE link for
efficiency, where traffic uses a lower link bandwidth (less than 768 kbps).
Contents
• Prerequisites for MPLS—Multilink PPP Support, page 2
• Information About MPLS—Multilink PPP Support, page 2
• How to Configure MPLS—Multilink PPP Support, page 7
• Configuration Examples for MPLS—Multilink PPP Support, page 17
• Additional References, page 19
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS—Multilink PPP Support
Prerequisites for MPLS—Multilink PPP Support
MPLS Layer 3 Virtual Private Network Features Supported for Multilink PPP
Table 1 lists MPLS Layer 3 VPN features supported for MLP and indicates if the feature is supported on
CE-to-PE links, PE-to-P links, and Carrier Supporting Carrier (CSC) CE-to-PE links.
MPLS L3 VPN Feature CE-to-PE Links PE-to-P Links CSC CE-to-PE Links
1
Static routes Supported — —
External Border Gateway Protocol Supported Not applicable to Supported
(eBGP) this configuration
Intermediate System-to-Intermediate — Supported —
System (IS-IS)
Open Shortest Path first (OSPF) Supported Supported —
Enhanced Interior Gateway Routing Supported Supported —
Protocol (EIGRP)
2
MPLS—Multilink PPP Support
Information About MPLS—Multilink PPP Support
MPLS L3 VPN Feature CE-to-PE Links PE-to-P Links CSC CE-to-PE Links
Interprovider (Inter-AS) VPNs (with Not applicable to Supported (MLP Not applicable to
Label Distribution Protocol [LDP]) this configuration between this configuration
Autonomous
System Border
routers {ASBRs])
Inter-AS VPNs with IPv4 Label Not applicable to Supported (MLP Not applicable to
Distribution this configuration between ASBRs] this configuration
3
MPLS—Multilink PPP Support
Information About MPLS—Multilink PPP Support
CE LDP CE
LDP P P LDP
PE PE
CE CE
192835
MLP interfaces handling
MPLS labeled packets
The PE-to-CE routing protocols that are supported for the MPLS—Multilink PPP Support feature are
eBGP, OSPF, and EIGRP. Static routes are also supported between the CE and PE routers.
QoS features that are supported for the MPLS—Multilink PPP Support feature on CE-to-PE links are
LFI, header compression, policing, marking, and classification.
4
MPLS—Multilink PPP Support
Information About MPLS—Multilink PPP Support
CE LDP CE
LDP P P LDP
PE PE
CE CE
192836
MLP interfaces handling
MPLS labeled packets
You employ MLP in the PE-to-P or P-to-P links primarily so that you can reduce the number of Interior
Gateway Protocol (IGP) adjacencies and facilitate the load sharing of traffic.
In addition to requiring MLP on the PE-to-P links, the MPLS—Multilink PPP Support feature requires
the configuration of an IGP routing protocol and LDP.
Figure 3 MLP on CSC-CE-to-CSC-PE Links with MPLS VPN Carrier Supporting Carrier
LDP
LDP P1 P2 LDP
The MPLS—Multilink PPP Support feature supports MLP between CSC-CE and CSC-PE links with
LDP or with EBGP IPv4 label distribution. This feature also supports LFI for an MPLS VPN CSC
configuration. Figure 4 shows all MLP links that this feature supports for CSC configurations.
5
MPLS—Multilink PPP Support
Information About MPLS—Multilink PPP Support
Figure 4 MLP Supported Links with MPLS VPN Carrier Supporting Carrier
P1 P2
CSC-PE1 CSC-PE2
Backbone carrier
CE1 CSC-PE1
PE1 PE2
CSC-PE1 CE2
CSC-CE1 CSC-CE2
Customer carrier Customer carrier
192838
MLP interfaces handling
MPLS labeled packets
Multihop
multiprotocol
VPNv4
RR1 RR2
PE1 P1 P2 PE2
ASBR1 ASBR2
BGP IPv4
CE1 routes and labels CE2
VPN1 VPN2
192839
6
MPLS—Multilink PPP Support
How to Configure MPLS—Multilink PPP Support
Prerequisites
Multilink PPP requires the configuration of standard Cisco Express Forwarding. To find out if
Cisco Express Forwarding is enabled on your router, enter the show ip cef command. If
Cisco Express Forwarding is enabled, you receive output that looks like the following:
Router# show ip cef
If Cisco Express Forwarding is not enabled on your platform, the output for the show ip cef command
looks like the following:
Router# show ip cef
SUMMARY STEPS
1. enable
2. configure terminal
3. ip cef
4. exit
7
MPLS—Multilink PPP Support
How to Configure MPLS—Multilink PPP Support
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip cef Enables standard Cisco Express Forwarding switching.
Example:
Router(config)# ip cef
Step 4 exit Exits to privileged EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. configure terminal
3. interface multilink group-number
4. ip address address mask [secondary]
5. encapsulation encapsulation-type
6. ppp multilink
7. end
8
MPLS—Multilink PPP Support
How to Configure MPLS—Multilink PPP Support
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface multilink group-number Creates a multilink bundle or enters multilink interface
configuration mode.
Example: • The group-number argument is the number of the
Router(config)# interface multilink 1 multilink bundle (a nonzero number).
Step 4 ip address address mask [secondary] Sets a primary or secondary IP address for an interface.
• The address argument is the IP address.
Example: • The mask argument is the mask for the associated IP
Router(config-if)# ip address address mask
subnet.
• The secondary keyword specifies that the configured
address is a secondary IP address. If this keyword is
omitted, the configured address is the primary IP
address.
This command is used to assign an IP address to the
multilink interface.
Step 5 encapsulation encapsulation-type Sets the encapsulation method used by the interface.
• The encapsulation-type argument specifies the
Example: encapsulation type. The keyword ppp enables PPP
Router(config-if)# encapsulation ppp encapsulation.
Step 6 ppp multilink Enables MLP on an interface.
Example:
Router(config-if)# ppp multilink
Step 7 end Exits to privileged EXEC mode.
Example:
Router(config-if)# end
9
MPLS—Multilink PPP Support
How to Configure MPLS—Multilink PPP Support
SUMMARY STEPS
1. enable
2. configure terminal
3. controller {t1 | e1} slot/port
4. channel-group channel-number timeslots range
5. exit
6. interface serial slot/subslot/port[.subinterface]
7. ip route-cache [cef |distributed]
8. no ip address
9. keepalive [period [retries]]
10. encapsulation encapsulation-type
11. multilink-group group-number
12. ppp multilink
13. ppp authentication chap
14. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 controller {t1 | e1} slot/port Configures a T1 or E1 controller and enters controller
configuration mode.
Example: • The t1 keyword indicates a T1 line card.
Router# controller t1 1/3
• The e1 keyword indicates an E1 line card.
• The slot/port arguments are the backplane slot number
and port number on the interface. Refer to your
hardware installation manual for the specific slot
numbers and port numbers.
10
MPLS—Multilink PPP Support
How to Configure MPLS—Multilink PPP Support
Example:
Router(config-controller)# exit
Step 6 interface serial Configures a serial interface and enters interface
slot/subslot/port[.subinterface] configuration mode.
Example:
Router(config)# interface serial 1/0/0:1
Step 7 ip route-cache [cef] Controls the use of switching methods for forwarding IP
packets
Example: • The cef keyword enables Cisco Express Forwarding
Router(confg-if)# ip route-cache cef operation on an interface after
Cisco Express Forwarding operation was disabled.
Step 8 no ip address Removes any specified IP address.
Example:
Router(config-if)# no ip address
11
MPLS—Multilink PPP Support
How to Configure MPLS—Multilink PPP Support
Example:
Router(config-if)# ppp multilink
Step 13 ppp authentication chap (Optional) Enables Challenge Handshake Authentication
Protocol (CHAP) authentication on a serial interface.
Example:
Router(config-if)# ppp authentication chap
Step 14 end Exits to privileged EXEC mode.
Example:
Router(config-if)# end
12
MPLS—Multilink PPP Support
How to Configure MPLS—Multilink PPP Support
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type number
4. ppp multilink fragmentation disable
5. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type number Configures an interface type and enters interface
configuration mode.
Example: • The type argument indicates the type of interface to be
Router(config)# interface serial 1/0/0 configured.
• The number argument specifies the port, connector, or
interface card number. The numbers are assigned at the
factory at the time of installation or when the interface
is added to a system, and can be displayed with the
show interfaces command.
Step 4 ppp multilink fragmentation disable Disables packet fragmentation.
Example:
Router(config-if)# ppp multilink fragmentation
disable
Step 5 end Exits to privileged EXEC mode.
Example:
Router(config-if)# end
13
MPLS—Multilink PPP Support
How to Configure MPLS—Multilink PPP Support
SUMMARY STEPS
1. enable
2. show ip interface brief
3. show ppp multilink
4. show ppp multilink interface interface-bundle
5. show interface interface-name interface-number
6. show mpls forwarding-table
7. exit
DETAILED STEPS
Step 1 enable
Use this command to enable privileged EXEC mode. Enter your password if prompted. For example:
Router> enable
Router#
14
MPLS—Multilink PPP Support
How to Configure MPLS—Multilink PPP Support
15
MPLS—Multilink PPP Support
How to Configure MPLS—Multilink PPP Support
You can also use the show interface command to display information about the multilink interface:
Router# show interface multilink6
16
MPLS—Multilink PPP Support
Configuration Examples for MPLS—Multilink PPP Support
Use the show ip bgp vpnv4 command to display VPN address information from the Border Gateway
Protocol (BGP) table:
Router# show ip bgp vpnv4 all summary
Step 7 exit
Use this command to exit to user EXEC mode. For example:
Router# exit
Router>
Building configuration...
!
mpls label protocol ldp
ip cef
ip vrf vpn2
rd 200:1
route-target export 200:1
route-target import 200:1
!
17
MPLS—Multilink PPP Support
Configuration Examples for MPLS—Multilink PPP Support
controller T1 1/0
framing esf
clock source internal
linecode b8zs
channel-group 1 timeslots 1
channel-group 2 timeslots 2
no yellow generation
no yellow detection
!
interface Serial1/0:1
no ip address
encapsulation ppp
tx-ring-limit 26
ppp multilink
ppp multilink group 1
!
interface Serial1/0:2
no ip address
encapsulation ppp
tx-ring-limit 26
ppp multilink
ppp multilink group 1
!
interface Multilink1
ip vrf forwarding vpn2
ip address 10.35.0.2 255.0.0.0
no peer neighbor-route
load-interval 30
ppp multilink
ppp multilink interleave
ppp multilink group 1
!
!
router ospf 200
log-adjacency-changes
auto-cost reference-bandwidth 1000
redistribute connected subnets
passive-interface Multilink1
network 10.0.0.7 0.0.0.0 area 200
network 10.31.0.0 0.255.255.255 area 200
!
!
router bgp 200
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 10.0.0.11 remote-as 200
neighbor 10.0.0.11 update-source Loopback0
!
address-family vpnv4
neighbor 10.0.0.11 activate
neighbor 10.0.0.11 send-community extended
bgp scan-time import 5
exit-address-family
!
address-family ipv4 vrf vpn2
redistribute connected
neighbor 10.35.0.1 remote-as 300
neighbor 10.35.0.1 activate
neighbor 10.35.0.1 as-override
neighbor 10.35.0.1 advertisement-interval 5
no auto-summary
no synchronization
exit-address-family
18
MPLS—Multilink PPP Support
Additional References
Additional References
The following sections provide references related to the MPLS—Multilink PPP Support feature:
Related Documents
Related Topic Document Title
Description of commands associated with MPLS and Cisco IOS Multiprotocol Label Switching Command Reference
MPLS applications
Basic MPLS VPNs Configuring MPLS Layer 3 VPNs
Standards
Standards Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIBs MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
19
MPLS—Multilink PPP Support
Additional References
RFCs
RFCs Title
RFC 1990 The PPP Multilink Protocol (MP)
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
20
MPLS—Multilink PPP Support
Feature Information for MPLS—Multilink PPP Support
Note Table 3 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
21
MPLS—Multilink PPP Support
Glossary
Glossary
bundle—A group of interfaces connected by parallel links between two systems that have agreed to use
Multilink PPP (MLP) over those links.
CBWFQ—class-based weighted fair queueing. A queueing option that extends the standard Weighted
Fair Queueing (WFQ) functionality to provide support for user-defined traffic classes.
Cisco Express Forwarding—A proprietary form of switching that optimizes network performance and
scalability for networks with large and dynamic traffic patterns, such as the Internet, and for networks
characterized by intensive web-based applications or interactive sessions. Although you can use
Cisco Express Forwarding in any part of a network, it is designed for high-performance, highly resilient
Layer 3 IP backbone switching.
EIGRP—Enhanced Interior Gateway Routing Protocol. An advanced version of the Interior Gateway
Routing Protocol (IGRP) developed by Cisco. It provides superior convergence properties and operating
efficiency, and combines the advantages of link-state protocols with those of distance vector protocols.
IGP—Interior Gateway Protocol. An Internet protocol used to exchange routing information within an
autonomous system. Examples of common Internet IGPs include Interior Gateway Routing Protocol
(IGRP), Open Shortest Path First (OSPF), and Routing Information Protocol (RIP).
IGRP—Interior Gateway Routing Protocol. An Interior Gateway Protocol (IGP) developed by Cisco to
address the issues associated with routing in large, heterogeneous networks. Compare with Enhanced
Interior Gateway Routing Protocol (EIGRP).
IS-IS—Intermediate System-to-Intermediate System. An Open Systems Interconnection (OSI)
link-state hierarchical routing protocol, based on DECnet Phase V routing, in which IS-IS routers
exchange routing information based on a single metric to determine network topology.
LCP—Link Control Protocol. A protocol that establishes, configures, and tests data link connections for
use by PPP.
LFI—link fragmentation and interleaving. The Cisco IOS XE LFI feature reduces delay on slower-speed
links by breaking up large datagrams and interleaving low-delay traffic packets with the smaller packets
resulting from the fragmented datagram. LFI allows reserve queues to be set up so that Real-Time
Protocol (RTP) streams can be mapped into a higher priority queue in the configured weighted fair queue
set.
link—One of the interfaces in a bundle.
LLQ—low latency queueing. A quality of service QoS queueing feature that provides a strict priority
queue (PQ) for voice traffic and weighted fair queues for other classes of traffic. It is also called priority
queueing/class-based weighted fair queueing (PQ/CBWFQ).
MLP—Multilink PPP. A method of splitting, recombining, and sequencing datagrams across multiple
logical links. The use of MLP increases throughput between two sites by grouping interfaces and then
load balancing packets over the grouped interfaces (called a bundle). Splitting packets at one end,
sending them over the bundled interfaces, and recombining them at the other end achieves load
balancing.
MQC—Modular QoS CLI. MQC is a CLI structure that allows users to create traffic polices and attach
these polices to interfaces. MQC allows users to specify a traffic class independently of QoS policies.
NCP—Network Control Protocol. A series of protocols for establishing and configuring different
network layer protocols (such as for AppleTalk) over PPP.
OSPF—Open Shortest Path First. A link-state, hierarchical Interior Gateway Protocol (IGP) routing
algorithm proposed as a successor to Routing Information Protocol (RIP) in the Internet community.
OSPF features include least-cost routing, multipath routing, and load balancing. OSPF was derived from
an early version of the IS-IS protocol.
22
MPLS—Multilink PPP Support
Glossary
PPP—Point-to-Point Protocol. A successor to the Serial Line Interface Protocol (SLIP) that provides
router-to-router and host-to-network connections over synchronous and asynchronous circuits. PPP
works with several network layer protocols (such as IP, Internetwork Packet Exchange [IPX], and
AppleTalk Remote Access [ARA]). PPP also has built-in security mechanisms (such as Challenge
Handshake Authentication Protocol [CHAP] and Password Authentication Protocol [PAP]). PPP relies
on two protocols: Link Control Protocol (LCP) and Network Control Protocol (NCP).
RIP—Routing Information Protocol. A version of Interior Gateway Protocol (IGP) that is supplied with
UNIX Berkeley Standard Distribution (BSD) systems. Routing Information Protocol (RIP) is the most
common IGP in the Internet. It uses hop count as a routing metric.
Virtual Bundle Interface—An interface that represents the master link of a bundle. It is not tied to any
physical interface. Data going over the bundle is transmitted and received through the master link.
WFQ—weighted fair queueing. A congestion management algorithm that identifies conversations (in
the form of traffic streams), separates packets that belong to each conversation, and ensures that capacity
is shared fairly among the individual conversations. WFQ is an automatic way of stabilizing network
behavior during congestion and results in improved performance and reduced retransmission.
WRED—weighted random early detection. A queueing method that ensures that high-precedence traffic
has lower loss rates than other traffic during times of congestion.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
23
MPLS—Multilink PPP Support
Glossary
24
MPLS Label Distribution Protocol
MPLS Label Distribution Protocol (LDP)
MPLS Label Distribution Protocol (LDP) enables peer label switch routers (LSRs) in an Multiprotocol
Label Switching (MPLS) network to exchange label binding information for supporting hop-by-hop
forwarding in an MPLS network. This module explains the concepts related to MPLS LDP and describes
how to configure MPLS LDP in a network.
Contents
• Prerequisites for MPLS Label Distribution Protocol, page 2
• Information About MPLS Label Distribution Protocol, page 2
• How to Configure MPLS Label Distribution Protocol, page 5
• Configuration Examples for MPLS Label Distribution Protocol, page 19
• Additional References, page 23
• Feature Information for MPLS Label Distribution Protocol, page 25
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Label Distribution Protocol (LDP)
Prerequisites for MPLS Label Distribution Protocol
2
MPLS Label Distribution Protocol (LDP)
Information About MPLS Label Distribution Protocol
3
MPLS Label Distribution Protocol (LDP)
Information About MPLS Label Distribution Protocol
The exchange of targeted Hello messages between two nondirectly connected neighbors can occur in
several ways, including the following:
• Router 1 sends targeted Hello messages carrying a response request to Router 2. Router 2 sends
targeted Hello messages in response if its configuration permits. In this situation, Router 1 is
considered to be active and Router 2 is considered to be passive.
• Router 1 and Router 2 both send targeted Hello messages to each other. Both routers are considered
to be active. Both, one, or neither router can also be passive, if they have been configured to respond
to requests for targeted Hello messages from each other.
The default behavior of an LSR is to ignore requests from other LSRs that send targeted Hello messages.
You can configure an LSR to respond to requests for targeted Hello messages by issuing the mpls ldp
discovery targeted-hello accept command.
The active LSR mandates the protocol that is used for a targeted session. The passive LSR uses the
protocol of the received targeted Hello messages.
For information about creating MPLS LDP targeted sessions, see the “Establishing Nondirectly
Connected MPLS LDP Sessions” section on page 8.
4
MPLS Label Distribution Protocol (LDP)
How to Configure MPLS Label Distribution Protocol
3. Otherwise, the router selects the largest IP address pertaining to an operational interface as the LDP
router ID.
The normal (default) method for determining the LDP router ID may result in a router ID that is not
usable in certain situations. For example, the router might select an IP address as the LDP router ID that
the routing protocol cannot advertise to a neighboring router. The mpls ldp router-id command allows
you to specify the IP address of an interface as the LDP router ID. Make sure the specified interface is
operational so that its IP address can be used as the LDP router ID.
When you issue the mpls ldp router-id command without the force keyword, the router select selects
the IP address of the specified interface (provided that the interface is operational) the next time it is
necessary to select an LDP router ID, which is typically the next time the interface is shut down or the
address is configured.
When you issue the mpls ldp router-id command with the force keyword, the effect of the mpls ldp
router-id command depends on the current state of the specified interface:
• If the interface is up (operational) and if its IP address is not currently the LDP router ID, the LDP
router ID changes to the IP address of the interface. This forced change in the LDP router ID tears
down any existing LDP sessions, releases label bindings learned via the LDP sessions, and interrupts
MPLS forwarding activity associated with the bindings.
• If the interface is down (not operational) when the mpls ldp router-id force command is issued,
when the interface transitions to up, the LDP router ID changes to the IP address of the interface.
This forced change in the LDP router ID tears down any existing LDP sessions, releases label
bindings learned via the LDP sessions, and interrupts MPLS forwarding activity associated with the
bindings.
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls ip
4. mpls label protocol ldp
5. interface type slot/subslot/port[.subinterface-number]
6. mpls ip
5
MPLS Label Distribution Protocol (LDP)
How to Configure MPLS Label Distribution Protocol
7. exit
8. exit
9. show mpls interfaces [interface] [detail]
10. show mpls ldp discovery [all | vrf vpn-name] [detail]
11. show mpls ldp neighbor [[vrf vpn-name] [address | interface] [detail] | all]
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls ip Configures MPLS hop-by-hop forwarding globally.
• The mpls ip command is enabled by default; you do not
Example: have to specify this command.
Router(config)# mpls ip
• Globally enabling MPLS forwarding does not enable it
on the router interfaces. You must enable MPLS
forwarding on the interfaces as well as for the router.
Step 4 mpls label protocol ldp Configures the use of LDP on all interfaces.
Example:
Router(config)# mpls label protocol ldp
Step 5 Router(config)# interface type Specifies the interface to be configured and enters interface
slot/subslot/port[.subinterface-number] configuration mode.
Example:
Router(config)# interface fastethernet03/0
Step 6 mpls ip Configures MPLS hop-by-hop forwarding on the interface.
• You must enable MPLS forwarding on the interfaces as
Example: well as for the router.
Router(config-if)# mpls ip
Step 7 exit Exits interface configuration mode and enters global
configuration mode.
Example:
Router(config-if)# exit
Step 8 exit Exits global configuration mode and enters privileged
EXEC mode.
Example:
Router(config)# exit
6
MPLS Label Distribution Protocol (LDP)
How to Configure MPLS Label Distribution Protocol
Example:
Router# show mpls ldp discovery
Step 11 show mpls ldp neighbor [[vrf vpn-name] [address Displays the status of LDP sessions.
| interface] [detail] | all]
Example:
Router# show mpls ldp neighbor
Examples
The following show mpls interfaces command verifies that interfaces FastEthernet 0/3/0 and 0/3/1 have
been configured to use LDP:
Router# show mpls interfaces
The following show mpls ldp discovery command verifies that the interface is up and is sending LDP
Discovery Hello messages (as opposed to TDP Hello messages):
Router# show mpls ldp discovery
The following example shows that the LDP session between routers was successfully established:
Router# show mpls ldp neighbor
For examples on configuring directly connected LDP sessions, see the “Configuring Directly Connected
MPLS LDP Sessions: Example” section on page 19.
7
MPLS Label Distribution Protocol (LDP)
How to Configure MPLS Label Distribution Protocol
Prerequisites
• MPLS requires Cisco Express Forwarding.
• You must configure the routers at both ends of the tunnel to be active or enable one router to be
passive with the mpls ldp discovery targeted-hello accept command.
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls ip
4. mpls label protocol ldp
5. interface tunnel number
6. tunnel destination ip-address
7. mpls ip
8. exit
9. exit
10. show mpls ldp discovery [all | vrf vpn-name] [detail]
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls ip Configures MPLS hop-by-hop forwarding globally.
• The mpls ip command is enabled by default; you do not
Example: have to specify this command.
Router(config)# mpls ip
• Globally enabling MPLS forwarding does not enable it
on the router interfaces. You must enable MPLS
forwarding on the interfaces as well as for the router.
8
MPLS Label Distribution Protocol (LDP)
How to Configure MPLS Label Distribution Protocol
Example:
Router(config)# mpls label protocol ldp
Step 5 interface tunnel number Configures a tunnel interface and enters interface
configuration mode.
Example:
Router(config)# interface tunnel1
Step 6 tunnel destination ip-address Assigns an IP address to the tunnel interface.
Example:
Router(config-if)# tunnel destination
172.16.1.1
Step 7 mpls ip Configures MPLS hop-by-hop forwarding on the interface.
• You must enable MPLS forwarding on the interfaces as
Example: well as for the router.
Router(config-if)# mpls ip
Step 8 exit Exits interface configuration mode and enters global
configuration mode.
Example:
Router(config-if)# exit
Step 9 exit Exits global configuration mode and enters privileged
EXEC mode.
Example:
Router(config)# exit
Step 10 show mpls ldp discovery [all | vrf vpn-name] Verifies that the interface is up and is sending Discovery
[detail] Hello messages.
Example:
Router# show mpls ldp discovery
Examples
The following example shows the output of the show mpls ldp discovery command for a nondirectly
connected LDP session:
Router# show mpls ldp discovery
9
MPLS Label Distribution Protocol (LDP)
How to Configure MPLS Label Distribution Protocol
10
MPLS Label Distribution Protocol (LDP)
How to Configure MPLS Label Distribution Protocol
If you use a loopback interface, make sure that the IP address for the loopback interface is
configured with a /32 network mask. In addition, make sure that the routing protocol in use is
configured to advertise the corresponding /32 network.
3. Otherwise, the router selects the largest interface address.
The router might select a router ID that is not usable in certain situations. For example, the router might
select an IP address that the routing protocol cannot advertise to a neighboring router.
The router implements the router ID the next time it is necessary to select an LDP router ID. The effect
of the command is delayed until the next time it is necessary to select an LDP router ID, which is
typically the next time the interface is shut down or the address is deconfigured.
If you use the force keyword with the mpls ldp router-id command, the router ID takes effect more
quickly. However, implementing the router ID depends on the current state of the specified interface:
• If the interface is up (operational) and its IP address is not currently the LDP router ID, the LDP
router ID is forcibly changed to the IP address of the interface. This forced change in the LDP router
ID tears down any existing LDP sessions, releases label bindings learned via the LDP sessions, and
interrupts MPLS forwarding activity associated with the bindings.
• If the interface is down, the LDP router ID is forcibly changed to the IP address of the interface when
the interface transitions to up. This forced change in the LDP router ID tears down any existing LDP
sessions, releases label bindings learned via the LDP sessions, and interrupts MPLS forwarding
activity associated with the bindings.
Prerequisites
Make sure the specified interface is operational before assigning it as the LDP router ID.
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls ip
4. mpls label protocol {ldp | tdp | both}
5. mpls ldp router-id interface [force]
6. exit
7. show mpls ldp discovery [all | detail | vrf vpn-name]
DETAILED STEPS
Example:
Router# configure terminal
11
MPLS Label Distribution Protocol (LDP)
How to Configure MPLS Label Distribution Protocol
Example:
Router# show mpls ldp discovery
Example
The following example assigns interface pos2/0/0 as the LDP router ID:
Router> enable
Router# configure terminal
Router(config)# mpls ip
Router(config)# mpls label protocol ldp
Router(config)# mpls ldp router-id pos2/0/0 force
12
MPLS Label Distribution Protocol (LDP)
How to Configure MPLS Label Distribution Protocol
(QoS) values that the packet carried before the MPLS header was removed. To preserve the QoS values,
you can configure the LSR to advertise an explicit NULL label (a label value of zero). The LSR at the
penultimate hop forwards MPLS packets with a NULL label instead of forwarding IP packets.
Note An explicit NULL label is not needed when the penultimate hop receives MPLS packets with a label
stack that contains at least two labels and penultimate hop popping is performed. In that case, the inner
label can still carry the QoS value needed by the penultimate and edge LSR to implement their QoS
policy.
When you issue the mpls ldp explicit-null command, Explicit Null is advertised in place of Implicit
Null for directly connected prefixes.
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls ip
4. mpls label protocol ldp
5. interface type slot/subslot/port[.subinterface-number]
6. mpls ip
7. exit
8. mpls ldp explicit-null [for prefix-acl | to peer-acl | for prefix-acl to peer-acl]
9. exit
10. show mpls forwarding-table [network {mask | length} | labels label [- label] | interface interface
| next-hop address | lsp-tunnel [tunnel-id]] [vrf vpn-name] [detail]
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls ip Configures MPLS hop-by-hop forwarding globally.
• The mpls ip command is enabled by default; you do not
Example: have to specify this command.
Router(config)# mpls ip
• Globally enabling MPLS forwarding does not enable it
on the router interfaces. You must enable MPLS
forwarding on the interfaces as well as for the router.
13
MPLS Label Distribution Protocol (LDP)
How to Configure MPLS Label Distribution Protocol
Example:
Router(config)# mpls label protocol ldp
Step 5 interface type Specifies the interface to be configured and enters interface
slot/subslot/port[.subinterface-number] configuration mode.
Example:
Router(config)# interface atm2/2/0
Step 6 mpls ip Configures MPLS hop-by-hop forwarding on the interface.
• You must enable MPLS forwarding on the interfaces as
Example: well as for the router.
Router(config-if)# mpls ip
Step 7 exit Exits interface configuration mode and enters global
configuration mode.
Example:
Router(config-if)# exit
Step 8 mpls ldp explicit-null [for prefix-acl | to Advertises an Explicit Null label in situations where it
peer-acl | for prefix-acl to peer-acl] would normally advertise an Implicit Null label.
Example:
Router(config)# mpls ldp explicit-null
Step 9 exit Exits global configuration mode and enter privileged EXEC
mode.
Example:
Router(config)# exit
Step 10 show mpls forwarding-table [network {mask | Verifies that MPLS packets are forwarded with an
length} | labels label [- label] | interface explicit-null label (value of 0).
interface | next-hop address | lsp-tunnel
[tunnel-id]] [vrf vpn-name] [detail]
Example:
Router# show mpls forwarding-table
Examples
Enabling explicit-null on an egress LSR causes that LSR to advertise the explicit-null label to all
adjacent MPLS routers.
Router# configure terminal
Router(config)# mpls ldp explicit-null
If you issue the show mpls forwarding-table command on an adjacent router, the output shows that
MPLS packets are forwarded with an explicit-null label (value of 0). In the following example, the
second column shows that entries have outgoing labels of 0, where once they were marked “Pop label”.
Router# show mpls forwarding-table
14
MPLS Label Distribution Protocol (LDP)
How to Configure MPLS Label Distribution Protocol
Enabling explicit-null and specifying the for keyword with a standard access control list (ACL) changes
all adjacent MPLS routers' tables to swap an explicit-null label for only those entries specified in the
access-list. In the following example, an access-list is created that contains the 10.24.24.24/32 entry.
Explicit null is configured and the access list is specified.
Router# configure terminal
Router(config)# mpls label protocol ldp
Router(config)# access-list 24 permit host 10.24.24.24
Router(config)# mpls ldp explicit-null for 24
If you issue the show mpls forwarding-table command on an adjacent router, the output shows that the
only the outgoing labels for the addresses specified (172.24.24.24/32) change from Pop label to 0. All
other Pop label outgoing labels remain the same.
Router# show mpls forwarding-table
Enabling explicit null and adding the to keyword and an access list enables you to advertise explicit-null
labels to only those adjacent routers specified in the access-list.To advertise explicit-null to a particular
router, you must specify the router's LDP ID in the access-list.
In the following example, an access-list contains the 10.15.15.15/32 entry, which is the LDP ID of an
adjacent MPLS router. The router that is configured with explicit null advertises explicit-null labels only
to that adjacent router.
Router# show mpls ldp discovery
If you issue the show mpls forwarding-table command, the output shows that explicit null labels are
going only to the router specified in the access list.
Router# show mpls forwarding-table
15
MPLS Label Distribution Protocol (LDP)
How to Configure MPLS Label Distribution Protocol
Enabling explicit-null with both the for and to keywords enables you to specify which routes to advertise
with explicit-null labels and to which adjacent routers to advertise these explicit-null labels.
Router# show access 15
If you issue the show mpls forwarding-table command, the output shows that it receives explicit null
labels for 10.24.24.24/32.
16
MPLS Label Distribution Protocol (LDP)
How to Configure MPLS Label Distribution Protocol
When you configure a password for an LDP neighbor, the router tears down existing LDP sessions and
establishes new sessions with the neighbor.
If a router has a password configured for a neighbor, but the neighboring router does not have a password
configured, a message such as the following appears on the console who has a password configured
while the two routers attempt to establish an LDP session. The LDP session is not established.
%TCP-6-BADAUTH: No MD5 digest from [peer's IP address](11003) to [local router's IP
address](646)
Similarly, if the two routers have different passwords configured, a message such as the following
appears on the console. The LDP session is not established.
%TCP-6-BADAUTH: Invalid MD5 digest from [peer's IP address](11004) to [local router's IP
address](646)
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls ip
4. mpls label protocol ldp
5. mpls ldp neighbor [vrf vpn-name] ip-address [password [0-7] password-string]
6. show mpls ldp neighbor [[vrf vpn-name] [address | interface] [detail] | all]
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls ip Configures MPLS hop-by-hop forwarding globally.
• The mpls ip command is enabled by default; you do not
Example: have to specify this command.
Router(config)# mpls ip
• Globally enabling MPLS forwarding does not enable it
on the router interfaces. You must enable MPLS
forwarding on the interfaces as well as for the router.
Step 4 mpls label protocol ldp Configures the use of LDP on all interfaces.
Example:
Router(config)# mpls label protocol ldp
17
MPLS Label Distribution Protocol (LDP)
How to Configure MPLS Label Distribution Protocol
Example:
Router(config)# mpls ldp neighbor 172.27.0.15
password onethirty9
Step 6 exit Exits global configuration mode and enters privileged
EXEC mode.
Example:
Router(config)# exit
Step 7 show mpls ldp neighbor [[vrf vpn-name] [address Displays the status of LDP sessions.
| interface] [detail] | all]
If the passwords have been set on both LDP peers and the
passwords match, the show mpls ldp neighbor command
Example: displays that the LDP session was successfully established.
Router# show mpls ldp neighbor detail
Examples
The following example configures a router with the password cisco:
Router> enable
Router# configure terminal
Router(config)# mpls ip
Router(config)# mpls label protocol ldp
Router(config)# mpls ldp neighbor 10.1.1.1 password cisco
Router(config)# exit
The following example shows that the LDP session between routers was successfully established:
Router# show mpls ldp neighbor
The following show mpls ldp neighbor detail command shows that MD5 (shown in bold) is used for
the LDP session.
Router# show mpls ldp neighbor 10.0.0.21 detail
18
MPLS Label Distribution Protocol (LDP)
Configuration Examples for MPLS Label Distribution Protocol
Router 2
POS2/0/0
10.0.0.33
POS0/3/0
10.0.0.44
Router 1
POS1/3/0
192.168.0.44/0
Router 3
192760
POS1/0/0
192.168.0.55
Note The configuration examples below show only the commands related to configuring LDP for Router 1,
Router 2, and Router 3 in the sample network shown in Figure 1.
Router 1 Configuration
ip cef distributed !Assumes R1 supports distributed CEF
interface Loopback0 !Loopback interface for LDP ID.
ip address 172.16.0.11 255.255.255.255
!
interface POS0/3/0
ip address 10.0.0.44 255.0.0.0
mpls ip !Enable hop-by-hop MPLS forwarding
19
MPLS Label Distribution Protocol (LDP)
Configuration Examples for MPLS Label Distribution Protocol
Router 2 Configuration
ip cef distributed !Assumes R2 supports distributed CEF
!
interface Loopback0 !Loopback interface for LDP ID.
ip address 172.16.0.22 255.255.255.255
!
interface POS2/0/0
ip address 10.0.0.33 255.0.0.0
mpls ip !Enable hop-by-hop MPLS forwarding
mpls label protocol ldp
Router 3 Configuration
ip cef !Assumes R3 does not support dCEF
!
interface Loopback0 !Loopback interface for LDP ID.
ip address 172.16.0.33 255.255.255.255
!
interface POS1/0/0
ip address 192.168.0.55 255.0.0.0
mpls ip !Enable hop-by-hop MPLS forwarding
mpls label protocol ldp
The LDP configuration for Router 1 uses the mpls label protocol ldp command in interface
configuration mode. To specify LDP for all interfaces, use the mpls label protocol ldp command in
global configuration mode without any interface mpls label protocol commands.
The configuration of Router 2 also uses the mpls label protocol ldp command in interface configuration
mode. To specify LDP for all interfaces, use the mpls label protocol ldp command in global
configuration mode without any interface mpls label protocol commands.
Configuring the mpls ip command on an interface triggers the transmission of discovery Hello messages
for the interface.
20
MPLS Label Distribution Protocol (LDP)
Configuration Examples for MPLS Label Distribution Protocol
Router 4
10.11.0.4
Router 1 Router 6
10.11.0.5
41142
Router 5
Router 1 Configuration
Tunnel interfaces Tunnel14 and Tunnel16 specify LDP for targeted sessions associated with these
interfaces. The targeted session for Router 5 requires TDP. The mpls label protocol ldp command in
global configuration mode makes it unnecessary to explicitly specify LDP as part of the configuration
from the Tunnel14 and Tunnel16.
ip cef distributed !Router1 supports distributed CEF
21
MPLS Label Distribution Protocol (LDP)
Configuration Examples for MPLS Label Distribution Protocol
Router 4 Configuration
The mpls label protocol ldp command in global configuration mode makes it unnecessary to explicitly
specify LDP as part of the configuration for the Tunnel41 targeted session with Router 1.
ip cef distributed !Router 4 supports distributed CEF
Router 5 Configuration
Router 5 uses LDP for all targeted sessions. Therefore, its configuration includes the mpls label
protocol ldp command.
ip cef !Router 5 supports CEF
Router 6 Configuration
By default, a router cannot be a passive neighbor in targeted sessions. Therefore, Router 1, Router 4, and
Router 5 are active neighbors in any targeted sessions. The mpls ldp discovery targeted-hello accept
command permits Router 6 to be a passive target in targeted sessions with Router 1. Router 6 can also
be an active neighbor in targeted sessions, although the example does not include such a configuration.
ip cef distributed !Router 6 supports distributed CEF
22
MPLS Label Distribution Protocol (LDP)
Additional References
Additional References
The following sections provide references related to the MPLS Label Distribution Protocol feature.
Related Documents
Related Topic Document Title
Configures LDP on every interface associated with a MPLS LDP Autoconfiguration
specified IGP instance.
Ensures that LDP is fully established before the IGP MPLS LDP-IGP Synchronization
path is used for switching.
Allows ACLs to control the label bindings that an LSR MPLS LDP Inbound Label Binding Filtering
accepts from its peer LSRs.
Enables standard, SNMP-based network management MPLS Label Distribution Protocol MIB Version 8 Upgrade
of the label switching features in Cisco IOS XE release
software.
MPLS LDP commands Cisco IOS Multiprotocol Label Switching Command Reference
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
• MPLS Label Distribution Protocol MIB To locate and download MIBs for selected platforms, Cisco IOS XE
(draft-ietf-mpls-ldp-mib-08.txt) software releases, and feature sets, use Cisco MIB Locator found at
the following URL:
• SNMP-VACM-MIB
The View-based Access Control Model (ACM) http://www.cisco.com/go/mib
MIB for SNMP
RFCs
RFC Title
RFC 3036 LDP Specification
23
MPLS Label Distribution Protocol (LDP)
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
24
MPLS Label Distribution Protocol (LDP)
Feature Information for MPLS Label Distribution Protocol
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
25
MPLS Label Distribution Protocol (LDP)
Feature Information for MPLS Label Distribution Protocol
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
26
MPLS LDP Session Protection
The MPLS LDP Session Protection feature provides faster Label Distribution Protocol (LDP)
convergence when a link recovers following an outage. MPLS LDP Session Protection protects an LDP
session between directly connected neighbors or an LDP session established for a traffic engineering
(TE) tunnel.
Contents
• Prerequisites for MPLS LDP Session Protection, page 2
• Restrictions for MPLS LDP Session Protection, page 2
• Information About MPLS LDP Session Protection, page 2
• How to Configure MPLS LDP Session Protection, page 3
• Configuration Examples for MPLS LDP Session Protection, page 7
• Additional References, page 10
• Feature Information for MPLS LDP Session Protection, page 12
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS LDP Session Protection
Prerequisites for MPLS LDP Session Protection
2
MPLS LDP Session Protection
How to Configure MPLS LDP Session Protection
SUMMARY STEPS
1. enable
2. configure terminal
3. ip cef distributed
4. interface loop back number
5. ip address prefix mask
3
MPLS LDP Session Protection
How to Configure MPLS LDP Session Protection
6. exit
7. interface type slot/subslot/port[.subinterface-number]
8. mpls ip
9. mpls label protocol ldp
10. exit
11. mpls ldp session protection [vrf vpn-name] [for acl] [duration {infinite | seconds}]
12. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip cef distributed Configures distributed Cisco Express Forwarding.
Example:
Router(config)# ip cef distributed
Step 4 interface loopback number Configures a loopback interface and enters interface
configuration mode.
Example:
Router(config)# interface Loopback0
Step 5 ip address prefix mask Assigns an IP address to the loopback interface.
Example:
Router(config-if)# ip address 10.25.0.11
255.255.255.255
Step 6 exit Exits to global configuration mode.
Example:
Router(config-if) exit
Step 7 interface type Specifies the interface to configure and enters interface
slot/subslot/port[.subinterface-number] configuration mode.
Example:
Router(config)# interface POS0/3/0
Step 8 mpls ip Configures MPLS hop-by-hop forwarding for a specified
interface.
Example:
Router(config-if)# mpls ip
4
MPLS LDP Session Protection
How to Configure MPLS LDP Session Protection
Example:
Router(config)# exit
Troubleshooting Tips
Use the clear mpls ldp neighbor command if you need to terminate an LDP session after a link goes
down. This is useful for situations where the link needs to be taken out of service or needs to be
connected to a different neighbor.
To enable the display of events related to MPLS LDP Session Protection, use the debug mpls ldp session
protection command.
5
MPLS LDP Session Protection
How to Configure MPLS LDP Session Protection
SUMMARY STEPS
1. enable
2. show mpls ldp discovery
3. show mpls ldp neighbor
4. show mpls ldp neighbor detail
5. exit
DETAILED STEPS
Step 1 enable
Use this command to enable privileged EXEC mode. Enter your password, if prompted. For example:
Router> enable
Router#
6
MPLS LDP Session Protection
Configuration Examples for MPLS LDP Session Protection
R1 R2 R3
fe2/1/2 fe0/1/1 fe0/1/2 fe1/2/0
fe2/0/2 fe1/3/0
192859
The following configuration examples for R1, R2, and R3 are based on Figure 1.
R1
redundancy
no keepalive-enable
mode hsa
!
ip cef distributed
no ip domain-lookup
multilink bundle-name both
mpls label protocol ldp
mpls ldp session protection
no mpls traffic-eng auto-bw timers frequency 0
mpls ldp router-id Loopback0 force
!
7
MPLS LDP Session Protection
Configuration Examples for MPLS LDP Session Protection
interface Loopback0
ip address 10.0.0.1 255.255.255.255
no ip directed-broadcast
no ip mroute-cache
!
interface Multilink4
no ip address
no ip directed-broadcast
no ip mroute-cache
load-interval 30
ppp multilink
multilink-group 4
!
interface FastEthernet1/0/0
ip address 10.3.123.1 255.255.0.0
no ip directed-broadcast
!
interface FastEthernet2/0/0
no ip address
no ip directed-broadcast
shutdown
!
interface FastEthernet2/0/1
description -- ip address 10.0.0.2 255.255.255.0
no ip address
no ip directed-broadcast
shutdown
!
interface FastEthernet2/0/2
ip address 10.0.0.1 255.0.0.0
no ip directed-broadcast
mpls label protocol ldp
mpls ip
!
interface FastEthernet2/1/2
ip address 10.0.0.1 255.0.0.0
no ip directed-broadcast
mpls label protocol ldp
mpls ip
!
interface FastEthernet2/2/2
ip address 10.0.0.1 255.0.0.0
no ip directed-broadcast
mpls label protocol ldp
mpls ip
!
router ospf 100
log-adjacency-changes
redistribute connected
network 10.0.0.1 0.0.0.0 area 100
network 10.0.0.0 0.255.255.255 area 100
network 10.0.0.0 0.255.255.255 area 100
network 10.0.0.0 0.255.255.255 area 100
network 10.0.0.0 0.255.255.255 area 100
!
ip classless
R2
redundancy
no keepalive-enable
mode hsa
!
ip subnet-zero
8
MPLS LDP Session Protection
Configuration Examples for MPLS LDP Session Protection
ip cef distributed
mpls label protocol ldp
mpls ldp session protection
no mpls traffic-eng auto-bw timers frequency 0
mpls ldp router-id Loopback0 force
!
interface Loopback0
ip address 10.0.0.3 255.255.255.255
no ip directed-broadcast
!
interface FastEthernet0/1/0
no ip address
no ip directed-broadcast
shutdown
full-duplex
!
interface FastEthernet0/1/2
ip address 10.0.0.1 255.0.0.0
no ip directed-broadcast
full-duplex
mpls label protocol ldp
mpls ip
!
interface FastEthernet0/1/1
ip address 10.0.0.2 255.0.0.0
no ip directed-broadcast
ip load-sharing per-packet
full-duplex
mpls label protocol ldp
mpls ip
!
interface FastEthernet0/2/0
ip address 10.3.123.112 255.255.0.0
no ip directed-broadcast
!
router ospf 100
log-adjacency-changes
redistribute connected
network 10.0.0.3 0.0.0.0 area 100
network 10.0.0.0 0.255.255.255 area 100
network 10.0.0.0 0.255.255.255 area 100
!
ip classless
R3
ip cef distributed
no ip domain-lookup
mpls label range 200 100000 static 16 199
mpls label protocol ldp
no mpls traffic-eng auto-bw timers frequency 0
mpls ldp router-id Loopback0 force
!
interface Loopback0
ip address 10.0.0.5 255.255.255.255
no ip directed-broadcast
!
interface FastEthernet1/0/0
no ip address
no ip directed-broadcast
shutdown
half-duplex
!
interface FastEthernet1/2/0
9
MPLS LDP Session Protection
Additional References
Additional References
The following sections provide references related to the MPLS LDP Session Protection feature.
Related Documents
Related Topic Document Title
MPLS LDP MPLS Label Distribution Protocol
MPLS LDP-IGP synchronization MPLS LDP-IGP Synchronization
LDP autoconfiguration LDP Autoconfiguration
MPLS LDP commands Cisco IOS Multiprotocol Label Switching Command Reference
Standards
Standards Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
10
MPLS LDP Session Protection
Additional References
MIBs
MIBs MIBs Link
MPLS LDP MIB To locate and download MIBs for selected platforms, Cisco IOS XE
software releases, and feature sets, use Cisco MIB Locator found at
the following URL:
http://www.cisco.com/go/mibs
RFCs
RFCs Title
RFC 3036 LDP Specification
RFC 3037 LDP Applicability
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
11
MPLS LDP Session Protection
Feature Information for MPLS LDP Session Protection
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
12
MPLS LDP Session Protection
Feature Information for MPLS LDP Session Protection
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
13
MPLS LDP Session Protection
Feature Information for MPLS LDP Session Protection
14
MPLS LDP—Autoconfiguration
The MPLS LDP —Autoconfiguration feature enables you to globally configure Label Distribution
Protocol (LDP) on every interface associated with a specified Interior Gateway Protocol (IGP) instance.
Contents
• Restrictions for MPLS LDP—Autoconfiguration, page 2
• Information About MPLS LDP—Autoconfiguration, page 2
• How to Configure MPLS LDP—Autoconfiguration, page 2
• Configuration Examples for MPLS LDP—Autoconfiguration, page 10
• Additional References, page 11
• Feature Information for MPLS LDP—Autoconfiguration, page 13
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS LDP—Autoconfiguration
Restrictions for MPLS LDP—Autoconfiguration
2
MPLS LDP—Autoconfiguration
How to Configure MPLS LDP—Autoconfiguration
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls ip
4. mpls label protocol ldp
5. interface type slot/subslot/port[.subinterface-number]
6. ip address prefix mask
7. exit
8. router ospf process-id
9. network ip-address wildcard-mask area area-id
10. mpls ldp autoconfig [area area-id]
11. exit
12. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls ip Globally enables hop-by-hop forwarding.
Example:
Router(config)# mpls ip
Step 4 mpls label protocol ldp Specifies LDP as the default label distribution protocol.
Example:
Router(config)# mpls label protocol ldp
Step 5 interface type Specifies the interface to configure and enters interface
slot/subslot/port[.subinterface-number] configuration mode.
Example:
Router(config)# interface POS0/3/0
3
MPLS LDP—Autoconfiguration
How to Configure MPLS LDP—Autoconfiguration
Example:
Router(config-if)# ip address 10.0.0.11
255.255.255.255
Step 7 exit Exits interface configuration mode.
Example:
Router(config-if)# exit
Step 8 router ospf process-id Enables OSPF routing and enters router configuration
mode.
Example:
Router(config)# router ospf 1
Step 9 network ip-address wildcard-mask area area-id Specifies the interface on which OSPF runs and defines the
area ID for that interface.
Example:
Router(config-router)# network 10.0.0.0
0.0.255.255 area 3
Step 10 mpls ldp autoconfig [area area-id] Enables the MPLS LDP—Autoconfiguration feature to
enable LDP on interfaces belonging to an OSPF process.
Example: • If no area is specified, the command applies to all
Router(config-router)# mpls ldp autoconfig interfaces associated with the OSPF process. If an area
area 3 ID is specified, then only interfaces associated with that
OSPF area are enabled with LDP.
Step 11 exit Exits router configuration mode and returns to global
configuration mode.
Example:
Router(config-router)# exit
Step 12 exit Exits global configuration mode and returns to privileged
EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. configure terminal
4
MPLS LDP—Autoconfiguration
How to Configure MPLS LDP—Autoconfiguration
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type Specifies the interface to configure and enters interface
slot/subslot/port[.subinterface-number] configuration mode.
Example:
Router(config)# interface POS0/3/0
Step 4 no mpls ldp igp autoconfig Disables LDP for that interface.
Example:
Router(config-if)# no mpls ldp igp autoconfig
Step 5 exit Exits interface configuration mode and returns to global
configuration mode.
Example:
Router(config-if)# exit
Step 6 exit Exits global configuration mode and returns to privileged
EXEC mode.
Example:
Router(config)# exit
5
MPLS LDP—Autoconfiguration
How to Configure MPLS LDP—Autoconfiguration
SUMMARY STEPS
1. enable
1. show mpls interfaces [detail]
2. show mpls ldp discovery [detail]
3. exit
DETAILED STEPS
Step 1 enable
Use this command to enter privileged EXEC mode. Enter your password if requested. For example:
Router> enable
Router#
• If LDP is enabled by the mpls ip command and the mpls ldp autoconfig command, the output
displays:
IP labeling enabled (ldp):
Interface config
IGP config
The following example shows that LDP was enabled on the interface by both the mpls ip and mpls
ldp autoconfig commands:
Interface Serial2/0/0:
IP labeling enabled (ldp):
Interface config
IGP config
LSP Tunnel labeling enabled
BGP labeling not enabled
MPLS operational
Fast Switching Vectors:
IP to MPLS Fast Switching Vector
MPLS Turbo Vector
MTU = 1500
6
MPLS LDP—Autoconfiguration
How to Configure MPLS LDP—Autoconfiguration
The show mpls ldp discovery details command also show how LDP was enabled on the interface. In
the following example, LDP was enabled by both the mpls ip and mpls ldp autoconfig commands:
Router# show mpls ldp discovery detail
Step 4 exit
Use this command to exit privileged EXEC mode and return to user EXEC mode. For example:
Router# exit
Router>
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number]
4. ip address prefix mask
5. ip router isis
6. exit
7. mpls ip
8. mpls label protocol ldp
9. router isis
10. mpls ldp autoconfig [level-1 | level-2]
11. exit
12. exit
7
MPLS LDP—Autoconfiguration
How to Configure MPLS LDP—Autoconfiguration
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type Specifies the interface to configure and enters interface
slot/subslot/port[.subinterface-number] configuration mode.
Example:
Router(config)# interface POS0/2/0
Step 4 ip address prefix mask Assigns an IP address to the interface.
Example:
Router(config-if)# ip address 10.50.72.4
255.0.0.0
Step 5 ip router isis Enables IS-IS for IP on the interface.
Example:
Router(config-if)# ip router isis
Step 6 exit Exits interface configuration mode.
Example:
Router(config-if)# exit
Step 7 mpls ip Globally enables hop-by-hop forwarding.
Example:
Router(config)# mpls ip
Step 8 mpls label protocol ldp Specifies LDP as the default label distribution protocol.
Example:
Router(config)# mpls label protocol ldp
Step 9 router isis Enables an IS-IS process on the router and enters router
configuration mode.
Example:
Router(config)# router isis
Step 10 mpls ldp autoconfig [level-1 | level-2] Enables the LDP for interfaces belonging to an IS-IS
process.
Example:
Router(config-router)# mpls ldp autoconfig
8
MPLS LDP—Autoconfiguration
How to Configure MPLS LDP—Autoconfiguration
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number]
4. no mpls ldp igp autoconfig
5. exit
6. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type Specifies the interface to configure and enters interface
slot/subslot/port[.subinterface-number] configuration mode.
Example:
Router(config)# interface POS0/3/0
9
MPLS LDP—Autoconfiguration
Configuration Examples for MPLS LDP—Autoconfiguration
Example:
Router(config-if)# no mpls ldp igp autoconfig
Step 5 exit Exits interface configuration mode and returns to global
configuration mode.
Example:
Router(config-if)# exit
Step 6 exit Exits global configuration mode and returns to privileged
EXEC mode.
Example:
Router(config)# exit
10
MPLS LDP—Autoconfiguration
Additional References
mpls ip
mpls label protocol ldp
router isis
mpls ldp autoconfig
Additional References
The following sections provide references related to the MPLS LDP—Autoconfiguration feature.
Related Documents
Related Topic Document Title
MPLS LDP MPLS Label Distribution Protocol
The MPLS LDP-IGP Synchronization feature MPLS LDP-IGP Synchronization
MPLS LDP commands Cisco IOS Multiprotocol Label Switching Command Reference
Configuring integrated IS-IS Integrated IS-IS Routing Protocol Overview
IS-IS commands Cisco IOS IP Routing Protocols Command Reference
Configuring OSPF Configuring OSPF
OSPF commands Cisco IOS IP Routing Protocols Command Reference
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature
11
MPLS LDP—Autoconfiguration
Additional References
MIBs
MIB MIBs Link
MPLS LDP MIB To locate and download MIBs for selected platforms, Cisco IOS XE
software releases, and feature sets, use Cisco MIB Locator found at
the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
RFC 3036 LDP Specification
RFC 3037 LDP Applicability
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
12
MPLS LDP—Autoconfiguration
Feature Information for MPLS LDP—Autoconfiguration
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
13
MPLS LDP—Autoconfiguration
Feature Information for MPLS LDP—Autoconfiguration
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
14
MPLS LDP-IGP Synchronization
The MPLS LDP-IGP Synchronization feature ensures that the Label Distribution Protocol (LDP) is fully
established before the Interior Gateway Protocol (IGP) path is used for switching.
Contents
• Prerequisites for MPLS LDP-IGP Synchronization, page 2
• Restrictions for MPLS LDP-IGP Synchronization, page 2
• Information About MPLS LDP-IGP Synchronization, page 2
• How to Configure MPLS LDP-IGP Synchronization, page 4
• Configuration Examples for MPLS LDP-IGP Synchronization, page 13
• Additional References, page 15
• Feature Information for MPLS LDP-IGP Synchronization, page 16
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS LDP-IGP Synchronization
Prerequisites for MPLS LDP-IGP Synchronization
2
MPLS LDP-IGP Synchronization
Information About MPLS LDP-IGP Synchronization
To enable LDP-IGP synchronization on each interface that belongs to an OSPF or IS-IS process, enter
the mpls ldp sync command. If you do not want some of the interfaces to have LDP-IGP synchronization
enabled, issue the no mpls ldp igp sync command on those interfaces.
If the LDP peer is reachable, the IGP waits indefinitely (by default) for synchronization to be achieved.
To limit the length of time the IGP session must wait, enter the mpls ldp igp sync holddown command.
If the LDP peer is not reachable, the IGP establishes the adjacency to enable the LDP session to be
established.
When an IGP adjacency is established on a link but LDP-IGP synchronization is not yet achieved or is
lost, the IGP advertises the max-metric on that link.
3
MPLS LDP-IGP Synchronization
How to Configure MPLS LDP-IGP Synchronization
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls ip
4. mpls label protocol ldp
5. interface type slot/subslot/port[.subinterface-number]
6. ip address prefix mask
7. mpls ip
8. exit
9. router ospf process-id
10. network ip-address wildcard-mask area area-id
4
MPLS LDP-IGP Synchronization
How to Configure MPLS LDP-IGP Synchronization
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls ip Globally enables hop-by-hop forwarding.
Example:
Router(config)# mpls ip
Step 4 mpls label protocol ldp Specifies LDP as the default label distribution protocol.
Example:
Router(config)# mpls label protocol ldp
Step 5 interface type Specifies the interface to configure and enters interface
slot/subslot/port[.subinterface-number] configuration mode.
Example:
Router(config)# interface POS0/3/0
Step 6 ip address prefix mask Assigns an IP address to the interface.
Example:
Router(config-if)# ip address 10.25.0.11
255.255.255.255
Step 7 mpls ip Enables hop-by-hop forwarding on the interface.
Example:
Router(config-if)# mpls ip
Step 8 exit Exits interface configuration mode.
Example:
Router(config-if)# exit
Step 9 router ospf process-id Enables OSPF routing and enters router configuration
mode.
Example:
Router(config)# router ospf 1
5
MPLS LDP-IGP Synchronization
How to Configure MPLS LDP-IGP Synchronization
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number]
4. no mpls ldp igp sync
5. exit
6. exit
6
MPLS LDP-IGP Synchronization
How to Configure MPLS LDP-IGP Synchronization
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type Specifies the interface to configure and enters interface
slot/subslot/port[.subinterface-number] configuration mode.
Example:
Router(config)# interface POS0/3/0
Step 4 no mpls ldp igp sync Disables MPLS LDP-IGP synchronization for that
interface.
Example:
Router(config-if)# no mpls ldp igp sync
Step 5 exit Exits interface configuration mode and returns to global
configuration mode.
Example:
Router(config-if)# exit
Step 6 exit Exits global configuration mode and returns to privileged
EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. show mpls ldp igp sync
3. show ip ospf mpls ldp interface
4. exit
7
MPLS LDP-IGP Synchronization
How to Configure MPLS LDP-IGP Synchronization
DETAILED STEPS
Step 1 enable
Use this command to enable privileged EXEC mode. Enter your password if prompted. For example:
Router> enable
Router#
FastEthernet0/0/0:
LDP configured; SYNC enabled.
SYNC status: sync achieved; peer reachable.
IGP holddown time: infinite.
Peer LDP Ident: 10.0.0.1:0
IGP enabled: OSPF 1
If MPLS LDP-IGP synchronization is not enabled on an interface, the output appears as follows:
FastEthernet0/3/1:
LDP configured; LDP-IGP Synchronization not enabled.
FastEthernet0/3/1
Process ID 1, Area 0
LDP is configured through LDP autoconfig
LDP-IGP Synchronization: Yes
Holddown timer is not configured
Timer is not running
FastEthernet0/0/2
Process ID 1, Area 0
LDP is configured through LDP autoconfig
LDP-IGP Synchronization: Yes
Holddown timer is not configured
Timer is not running
Step 4 exit
Use this command to exit from privileged EXEC mode. For example:
Router# exit
Router>
8
MPLS LDP-IGP Synchronization
How to Configure MPLS LDP-IGP Synchronization
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls ip
4. mpls label protocol ldp
5. router isis process-name
6. mpls ldp sync
7. interface type slot/subslot/port[.subinterface-number]
8. ip address prefix mask
9. ip router isis process-name
10. exit
11. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls ip Globally enables hop-by-hop forwarding.
Example:
Router(config)# mpls ip
9
MPLS LDP-IGP Synchronization
How to Configure MPLS LDP-IGP Synchronization
Example:
Router(config)# mpls label protocol ldp
Step 5 router isis process-name Enables the IS-IS protocol on the router, specifies an IS-IS
process, and enters router configuration mode.
Example:
Router(config)# router isis ISIS
Step 6 mpls ldp sync Enables MPLS LDP-IGP synchronization on interfaces
belonging to an IS-IS process.
Example:
Router(config-router)# mpls ldp sync
Step 7 interface type Specifies the interface to configure and enters interface
slot/subslot/port[.subinterface-number] configuration mode.
Example:
Router(config-router)# interface POS0/3/0
Step 8 ip address prefix mask Assigns an IP address to the interface.
Example:
Router(config-if)# ip address 10.25.25.11
255.255.255.0
Step 9 ip router isis process-name Enables IS-IS.
Example:
Router(config-if)# ip router isis ISIS
Step 10 exit Exits interface configuration mode and returns to global
configuration mode.
Example:
Router(config-if)# exit
Step 11 exit Exits global configuration mode and returns to privileged
EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number]
10
MPLS LDP-IGP Synchronization
How to Configure MPLS LDP-IGP Synchronization
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type Specifies the interface to configure and enters interface
slot/subslot/port[.subinterface-number] configuration mode.
Example:
Router(config)# interface POS0/2/0
Step 4 ip address prefix mask Assigns an IP address to the interface.
Example:
Router(config-if)# ip address 10.50.72.4
255.0.0.0
Step 5 ip router isis Enables the IS-IS protocol for IP on the interface.
Example:
Router(config-if)# ip router isis
Step 6 Exit Exits to global configuration mode.
Example:
Router(config-if)# exit
Step 7 router isis Enters router configuration mode and enables an IS-IS
process on the router.
Example:
Router(config)# router isis
Step 8 mpls ldp sync Enables LDP-IGP synchronization for interfaces belonging
to an IS-IS process.
Example:
Router(config-router)# mpls ldp sync
11
MPLS LDP-IGP Synchronization
How to Configure MPLS LDP-IGP Synchronization
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number]
4. no mpls ldp igp sync
5. exit
6. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type Specifies the interface to configure and enters interface
slot/subslot/port[.subinterface-number] configuration mode.
Example:
Router(config)# interface POS0/3/0
12
MPLS LDP-IGP Synchronization
Configuration Examples for MPLS LDP-IGP Synchronization
Troubleshooting Tips
Use the debug mpls ldp igp sync command to display events related to MPLS LDP-IGP
synchronization.
13
MPLS LDP-IGP Synchronization
Configuration Examples for MPLS LDP-IGP Synchronization
14
MPLS LDP-IGP Synchronization
Additional References
Additional References
The following sections provide references related to the MPLS LDP-IGP Synchronization feature.
Related Documents
Related Topic Document Title
MPLS LDP MPLS Label Distribution Protocol
MPLS LDP Autoconfiguration MPLS LDP Autoconfiguration
MPLS LDP commands Cisco IOS Multiprotocol Label Switching Command Reference
Standards
Standards Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIBs MIBs Link
MPLS LDP MIB To locate and download MIBs for selected platforms, Cisco IOS XE
software releases, and feature sets, use Cisco MIB Locator found at
the following URL:
http://www.cisco.com/go/mibs
RFCs
RFCs Title
RFC 3036 LDP Specification
RFC 3037 LDP Applicability
15
MPLS LDP-IGP Synchronization
Feature Information for MPLS LDP-IGP Synchronization
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
16
MPLS LDP-IGP Synchronization
Feature Information for MPLS LDP-IGP Synchronization
17
MPLS LDP-IGP Synchronization
Feature Information for MPLS LDP-IGP Synchronization
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
18
MPLS LDP Inbound Label Binding Filtering
The MPLS LDP Inbound Label Binding Filtering feature supports inbound label binding filtering. You
can use the Multiprotocol Label Switching (MPLS) Label Distribution Protocol (LDP) feature to
configure access control lists (ACLs) for controlling the label bindings a label switch router (LSR)
accepts from its peer LSRs.
Contents
• Restrictions for MPLS LDP Inbound Label Binding Filtering, page 2
• Information about MPLS LDP Inbound Label Binding Filtering, page 2
• How to Configure MPLS LDP Inbound Label Binding Filtering, page 2
• Configuration Examples for MPLS LDP Inbound Label Binding Filtering, page 5
• Additional References, page 6
• Feature Information for MPLS LDP Inbound Label Binding Filtering, page 8
• Glossary, page 9
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS LDP Inbound Label Binding Filtering
Restrictions for MPLS LDP Inbound Label Binding Filtering
SUMMARY STEPS
1. enable
2. configure terminal
3. ip access-list standard access-list-number
4. permit {source [source-wildcard] | any} [log]
5. exit
6. mpls ldp neighbor [vrf vpn-name] nbr-address labels accept acl
7. end
2
MPLS LDP Inbound Label Binding Filtering
How to Configure MPLS LDP Inbound Label Binding Filtering
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip access-list standard access-list-number Defines a standard IP access list with a number.
Example:
Router(config)# ip access-list standard 1
Step 4 permit {source [source-wildcard] | any} [log] Specifies one or more prefixes permitted by the access list.
Example:
Router(config-std-nacl)# permit 10.0.0.0
Step 5 exit Exits the current mode and goes to the next higher level.
Example:
Router(config-std-nacl)# exit
Step 6 mpls ldp neighbor [vrf vpn-name] nbr-address Specifies the ACL to be used to filter label bindings for the
labels accept acl specified LDP neighbor.
Example:
Router(config)# mpls ldp neighbor 10.12.12.12
labels accept 1
Step 7 end Exits the current mode and enters privileged Exec mode.
Example:
Router(config)# end
SUMMARY STEPS
1. enable
2. show mpls ldp neighbor [vrf vpn-name] [address | interface] [detail]
3. show ip access-list [access-list-number | access-list-name]
4. show mpls ldp bindings
5. end
3
MPLS LDP Inbound Label Binding Filtering
How to Configure MPLS LDP Inbound Label Binding Filtering
DETAILED STEPS
Step 1 enable
Use this command to enable privileged EXEC mode. Enter your password if prompted. For example:
Router> enable
Router#
Step 2 show mpls ldp neighbor [vrf vpn-name] [address | interface] [detail]
Enter the show mpls ldp neighbor command to show the status of the LDP session, including the name
or number of the ACL configured for inbound filtering.
Note To display information about inbound label binding filtering, you must enter the detail keyword.
Note It is important that you enter this command to see how the access list is defined; otherwise, you
cannot verify inbound label binding filtering.
4
MPLS LDP Inbound Label Binding Filtering
Configuration Examples for MPLS LDP Inbound Label Binding Filtering
Step 5 exit
Use this command to exit to user EXEC mode. For example:
Router# exit
Router>
In the following example, the show mpls ldp bindings neighbor command displays label bindings that
were learned from 10.110.0.10. This example verifies that the LIB does not contain label bindings for
prefixes that have been excluded.
Router# show mpls ldp bindings neighbor 10.110.0.10
5
MPLS LDP Inbound Label Binding Filtering
Additional References
Additional References
The following sections provide additional references related to MPLS LDP inbound label binding filters.
Related Documents
Related Topic Document Title
Configuration information for MPLS LDP “MPLS Label Distribution Protocol (LDP)” chapter in the Cisco IOS
XE Multiprotocol Label Switching Configuration Guide
MPLS LDP commands Cisco IOS Multiprotocol Label Switching Command Reference
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
MPLS Label Distribution Protocol MIB To locate and download MIBs for selected platforms, Cisco IOS XE
(draft-ietf-mpls-ldp-08.txt) software releases, and feature sets, use Cisco MIB Locator found at
the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
RFC 3036 LDP Specification
RFC 3037 LDP Applicability
6
MPLS LDP Inbound Label Binding Filtering
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
7
MPLS LDP Inbound Label Binding Filtering
Feature Information for MPLS LDP Inbound Label Binding Filtering
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
Table 1 Feature Information for MPLS LDP Inbound Label Bonding Filtering
8
MPLS LDP Inbound Label Binding Filtering
Glossary
Glossary
CE router—customer edge router. A router that is part of a customer network and that interfaces to a
provider edge (PE) router.
inbound label binding filtering—Allows LSRs to control which label bindings it will accept from its
neighboring LSRs. Consequently, an LSR does not accept or store some label bindings that its neighbors
advertise.
label—A short fixed-length identifier that tells switching nodes how to forward data (packets or cells).
label binding—An association between a destination prefix and a label.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
9
MPLS LDP Inbound Label Binding Filtering
Glossary
10
MPLS LDP—Local Label Allocation Filtering
This feature introduces command-line interface (CLI) commands to modify the way in which
Multiprotocol Label Switching (MPLS) Label Distribution Protocol (LDP) handles local label
allocation. This MPLS LDP feature enhancement enables the configuration of filtering policies for
selective local label binding assignments by LDP to improve LDP scalability and convergence.
This document contains information about and instructions on how to configure the MPLS LDP—Local
Label Allocation Filtering feature.
Contents
• Prerequisites for MPLS LDP—Local Label Allocation Filtering, page 2
• Restrictions for MPLS LDP—Local Label Allocation Filtering, page 2
• Information About MPLS LDP—Local Label Allocation Filtering, page 2
• How to Configure MPLS LDP—Local Label Allocation Filtering, page 5
• Configuration Examples for MPLS LDP—Local Label Allocation Filtering, page 10
• Additional References, page 17
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS LDP—Local Label Allocation Filtering
Prerequisites for MPLS LDP—Local Label Allocation Filtering
2
MPLS LDP—Local Label Allocation Filtering
Information About MPLS LDP—Local Label Allocation Filtering
The MPLS LDP—Local Label Allocation Filtering feature introduces the mpls ldp label and allocate
commands that allow you to configure LDP to selectively allocate local labels for a subset of the prefixes
learned from the IGP. You can select that LDP allocate local labels for prefixes configured in a prefix
list in the global table or for host routes in the global table.
Local label allocation filtering reduces the number of local labels allocated and therefore the number of
messages exchanged with peers. This improves LDP scalability and convergence. Figure 1 and Figure 2
show how controlling local label allocation can reduce local label space size and greatly reduce the
number of advertisements to peers. Figure 1 shows default LDP label allocation behavior. LDP allocates
a local label for every route and advertises a label binding for every route learned from the IGP.
R1
Label
bindings
Lable Local
To R2
bindings labels
To R4
Global routing
table
To R3
185876
Label
bindings
Figure 2 shows LDP behavior with local label allocation control configured. The size of the local label
space and the number of label binding advertisements are reduced with local label allocation filtering
through the use of a prefix list. The decrease in the number of local labels and label binding
advertisement messages reduces the amount of memory use and improves convergence time for LDP.
The MPLS LDP—Local Label Allocation Filtering feature also allows for more efficient use of the label
space.
R1
Label
bindings
Local
Lable labels To R2
bindings
To R4 Prefix list
Global
routing
table To R3
185877
Label
bindings
Figure 2 shows that router R1 learns a number of routes from its IGP neighbors on routers R2, R3, and
R4. A prefix list defined on router R1 specifies the prefixes for which LDP allocates a local label.
3
MPLS LDP—Local Label Allocation Filtering
Information About MPLS LDP—Local Label Allocation Filtering
Note In general, the number of Label Information Base (LIB) entries remains the same regardless of the kind
of label filtering. This is because the remote label bindings for the prefixes that are filtered are kept in
the LIB. Memory use is reduced because local label filtering decreases the number of local labels
allocated and the number of label bindings advertised to and stored by the peers of an LSR.
Prefix Lists for MPLS LDP Local Label Allocation Filtering: Benefits and
Description
The MPLS LDP—Local Label Allocation Filtering feature allows you to configure LDP to allocate local
labels for a subset of the learned prefixes. LDP accepts the prefix and allocates a local label if the prefix
is permitted by a prefix list. If the prefix list is not defined, LDP accepts all prefixes and allocates local
labels based on its default mode of operation.
The benefits of using prefix lists for LDP local label allocation filtering are as follows:
• Prefix lists provide more flexibility for specifying a subset of prefixes and masks.
• Prefix lists use a tree-based matching technique. This technique is more efficient than evaluating
prefixes or host routes sequentially.
• Prefix lists are easy to modify.
You configure a prefix list for the MPLS LDP—Local Label Allocation Filtering feature with the
ip prefix-list command. The format of the command is as follows: ip prefix-list {list-name |
list-number} [seq number] {deny network/length | permit network/length} [ge ge-length] [le le-length]
4
MPLS LDP—Local Label Allocation Filtering
How to Configure MPLS LDP—Local Label Allocation Filtering
If you create or change a prefix list and prefixes that were previously allowed are rejected, LDP goes
through a label withdraw and release procedure before the local labels for these prefixes are deallocated.
If you delete a prefix, LDP goes through the label withdraw and release procedure for the LIB local label.
If the associated prefix is one for which no LIB entry should be allocated, LDP bypasses this procedure.
The LDP default behavior is to allocate local labels for all non-BGP prefixes. This default behavior does
not change with the introduction of this feature and the mpls ldp label and allocate commands.
Note The local label allocation filtering has no impact on inbound label filtering because both provide LDP
filtering independently. The LDP Inbound Label Binding Filtering feature controls label bindings that a
label switch router (LSR) accepts from its peer LSRs through the use of access control lists (ACLs). The
MPLS LDP—Local Label Allocation Filtering feature controls the allocation of local labels through the
use of prefix lists or host routes.
Creating a Prefix List for MPLS LDP Local Label Allocation Filtering
Perform the following task to create a prefix list for LDP local label allocation filtering. A prefix list
allows LDP to selectively allocate local labels for a subset of the routes learned from the IGP. The
decrease in the number of local labels in the LDP LIB and the number of label mapping advertisements
reduces the amount of memory use and improves convergence time for LDP.
SUMMARY STEPS
1. enable
2. configure terminal
3. ip prefix-list {list-name | list-number} [seq number] {deny network/length | permit
network/length} [ge ge-length] [le le-length]
4. end
5
MPLS LDP—Local Label Allocation Filtering
How to Configure MPLS LDP—Local Label Allocation Filtering
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip prefix-list {list-name | list-number} [seq Creates a prefix list or adds a prefix-list entry.
number] {deny network/length | permit
network/length} [ge ge-length] [le le-length] • The list-name argument configures a name to identify
the prefix list.
6
MPLS LDP—Local Label Allocation Filtering
How to Configure MPLS LDP—Local Label Allocation Filtering
Example:
Router(config)# end
Note The host-routes keyword for the allocate command makes it convenient for you to specify a commonly
used set of prefixes.
Restrictions
A maximum of one local label allocation filter is supported for the global table.
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls ldp label
4. allocate global prefix-list {list-name | list-number}
5. allocate global host-routes
6. no allocate global {prefix-list {list-name | list-number} | host -routes}
7. no mpls ldp label
8. exit
9. exit
DETAILED STEPS
Example:
Router# configure terminal
7
MPLS LDP—Local Label Allocation Filtering
How to Configure MPLS LDP—Local Label Allocation Filtering
Example:
Router(config-ldp-lbl)# exit
Step 9 exit Exits to privileged EXEC mode.
Example:
Router(config)# exit
8
MPLS LDP—Local Label Allocation Filtering
How to Configure MPLS LDP—Local Label Allocation Filtering
SUMMARY STEPS
1. enable
2. show mpls ldp bindings detail
3. debug mpls ldp bindings filter
4. exit
DETAILED STEPS
Step 1 enable
Use this command to enable privileged EXEC mode. Enter your password if prompted. For example:
Router> enable
Router#
Advertisement spec:
Prefix acl = bar
Local label filtering spec: host routes.
The output of this command verifies that host routes are configured as the local label allocation filter for
the router.
9
MPLS LDP—Local Label Allocation Filtering
Configuration Examples for MPLS LDP—Local Label Allocation Filtering
Step 4 exit
Use this command to exit to user EXEC mode. For example:
Router# exit
Router>
Creating a Prefix List for MPLS LDP Local Label Allocation Filtering: Examples
The following examples show how to configure a prefix list for MPLS LDP local label allocation
filtering.
In this example, prefix list List1 permits only 192.168.0.0/16 prefixes. LDP accepts 192.168.0.0/16
prefixes, but would not assign a local label for the following prefixes: 192.168.0.0/24 and
192.168.2.0/24. For example:
configure terminal
!
ip prefix-list List1 permit 192.168.0.0/16
end
In the following example, prefix list List2 permits a range of prefixes from 192.168.0.0/16 to /20
prefixes. LDP would accept 192.168.0.0/16 prefixes, but would not assign local labels for the following
prefixes: 192.168.0.0/24 and 192.168.2.0/24.
configure terminal
!
ip prefix-list List2 permit 192.168.0.0/16 le 20
end
In the following example, prefix list List3 permits a range of prefixes greater than /18. LDP would accept
192.168.17.0/20 and 192.168.2.0/24 prefixes, but would not assign a local label for 192.168.0.0/16.
configure terminal
!
ip prefix-list List3 permit 192.168.0.0/16 ge 18
end
10
MPLS LDP—Local Label Allocation Filtering
Configuration Examples for MPLS LDP—Local Label Allocation Filtering
Prefix list List3, which permits a range of prefixes greater than /18, is configured as the local label
allocation filter for the router. LDP would allow 192.168.17.0/20 and 192.168.2.0/24 prefixes, but would
withdraw labels for prefixes not in the allowed range.
In the following example, host routes are configured as the local label allocation filter:
configure terminal
!
mpls ldp label
allocate global host-routes
exit
exit
LDP allocates local labels for host routes that are in the global routing table.
In the following example, a specific local label allocation filter is removed:
configure terminal
!
mpls ldp label
no allocate global host-routes
exit
exit
In the following example, all local label allocation filters configured in MPLS LDP label configuration
mode are removed and the default LDP local label allocation is restored without a session reset:
configure terminal
!
no mpls ldp label
exit
exit
11
MPLS LDP—Local Label Allocation Filtering
Configuration Examples for MPLS LDP—Local Label Allocation Filtering
R1
Lo 10.1.1.1
Local
Lable labels Label
bindings
bindings
To R2 Prefix list To R3
Lo 10.2.2.2 Lo 10.3.3.3
Global
routing
table
185878
You can use LDP CLI commands to verify the following:
• Router R1 has allocated a local label for the correct subset of the prefixes.
• Routers R2 and R3 did not receive any remote bindings for the prefixes for which Router R1 did not
assign a local label.
12
MPLS LDP—Local Label Allocation Filtering
Configuration Examples for MPLS LDP—Local Label Allocation Filtering
LIB on Router R
This example shows the contents of the LIB on Router R1 based on the configuration in Figure 3:
R1# show mpls ldp bindings
The local labels assigned to 10.2.2.2 and 10.3.3.3 on Router R1 are advertised to Routers R2 and R3.
LIB on Router R2
This example shows the contents of the LIB on Router R2 based on the configuration in Figure 3:
R2# show mpls ldp bindings
13
MPLS LDP—Local Label Allocation Filtering
Configuration Examples for MPLS LDP—Local Label Allocation Filtering
LIB on Router R3
This example shows the contents of the LIB on Router R3 based on the configuration in Figure 3:
R3# show mpls ldp bindings
14
MPLS LDP—Local Label Allocation Filtering
Configuration Examples for MPLS LDP—Local Label Allocation Filtering
Local Label Allocation Filtering Changes Label Bindings on Router R1, Router R 2, and Router R3
After configuring a local label allocation filter on Router R1, you can enter the show mpls ldp bindings
command again to see the changes in the local label bindings in the LIB on each router. Changes to the
output in the LIB entries are highlighted in bold text.
This sample prefix list is used for the examples in the this section:
ip prefix-list ListA permit 0.0.0.0/32 ge 32
Local label bindings for all but 10.2.2.2 and 10.3.3.3 on Router R1 are advertised as withdrawn.
15
MPLS LDP—Local Label Allocation Filtering
Configuration Examples for MPLS LDP—Local Label Allocation Filtering
The 10.10.7.0/24, 10.10.8.0/24, and 10.10.9.0/24 prefixes are no longer assigned local labels. Therefore,
Router R1 sends no label advertisement for these prefixes.
The 10.10.7.0/24, 10.10.8.0/24, and 10.10.9.0/24 prefixes are no longer assigned local labels. Again,
Router R1 sends no label advertisement for these prefixes.
Advertisement spec:
Prefix acl = List1
Local label filtering spec: host routes. ! <--- Local local label filtering spec
16
MPLS LDP—Local Label Allocation Filtering
Additional References
Additional References
The following sections provide references related to the MPLS LDP—Local Label Allocation Filtering
feature.
Related Documents
Related Topic Document Title
Configuration tasks for MPLS LDP MPLS Label Distribution Protocol Overview
MPLS LDP commands Cisco IOS Multiprotocol Label Switching Command Reference
Configuration tasks for inbound label binding filtering MPLS LDP Inbound Label Binding Filtering
for MPLS LDP
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
17
MPLS LDP—Local Label Allocation Filtering
Additional References
RFCs
RFC Title
RFC 3037 LDP Applicability
RFC 3815 Definitions of Managed Objects for the Multiprotocol Label
Switching (MPLS), Label Distribution Protocol (LDP)
RFC 5036 LDP Specification
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
18
MPLS LDP—Local Label Allocation Filtering
Feature Information for MPLS LDP—Local Label Allocation Filtering
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
19
MPLS LDP—Local Label Allocation Filtering
Feature Information for MPLS LDP—Local Label Allocation Filtering
Table 1 Feature Information for MPLS LDP—Local Label Allocation Filtering (continued)
20
MPLS LDP—Local Label Allocation Filtering
Glossary
Glossary
BGP—Border Gateway Protocol. An interdomain routing protocol that replaces Exterior Gateway
Protocol (EGP). A BGP system exchanges reachability information with other BGP systems. It is
defined by RFC 1163.
CE router—customer edge router. A router that is part of a customer network and that interfaces to a
provider edge (PE) router. CE routers do not have routes to associated Virtual Private Networks (VPNs)
in their routing tables.
FEC—Forwarding Equivalency Class. A set of packets that can be handled equivalently for the purpose
of forwarding and thus is suitable for binding to a single label. The set of packets destined for an address
prefix is one example of an FEC.
IGP—Interior Gateway Protocol. Internet protocol used to exchange routing information within a single
autonomous system. Examples of common Internet IGP protocols include Interior Gateway Routing
Protocol (IGRP), Open Shortest Path First (OSPF), Intermediate System-to-Intermediate System
(IS-IS), and Routing Information protocol (RIP).
label—A short fixed-length label that tells switching nodes how to forward data (packets or cells).
LDP—Label Distribution Protocol. A standard protocol between Multiprotocol Label Switching
(MPLS)-enabled routers that is used for the negotiation of the labels (addresses) used to forward packets.
LIB—Label Information Base. A database used by a label switch router (LSR) to store labels learned
from other LSRs, and labels assigned by the local LSR.
LSP—label switched path. A sequence of hops in which a packet travels from one router to another
router by means of label switching mechanisms. A label switched path can be established dynamically,
based on normal routing mechanisms, or through configuration.
LSR—label switch router. A device that forwards Multiprotocol Label Switching (MPLS) packets based
on the value of a fixed-length label encapsulated in each packet.
MPLS—Multiprotocol Label Switching. A switching method that forwards IP traffic using a label. This
label instructs the routers and the switches in the network where to forward the packets. The forwarding
of MPLS packets is based on preestablished IP routing information
PE router—provider edge router. A router that is part of a service provider’s network connected to a
customer edge (CE) router. All Virtual Private Network (VPN) processing occurs in the PE router.
VPN—Virtual Private Network. A secure IP-based network that shares resources on one or more
physical networks. A VPN contains geographically dispersed sites that can communicate securely over
a shared backbone.
21
MPLS LDP—Local Label Allocation Filtering
Glossary
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
22
MPLS LDP—Lossless MD5 Session
Authentication
The MPLS LDP—Lossless MD5 Session Authentication feature enables a Multiprotocol Label
Switching (MPLS) Label Distribution Protocol (LDP) session to be password-protected without tearing
down and reestablishing the LDP session.
Contents
• Prerequisites for MPLS LDP—Lossless MD5 Session Authentication, page 2
• Restrictions for MPLS LDP—Lossless MD5 Session Authentication, page 2
• Information About MPLS LDP—Lossless MD5 Session Authentication, page 2
• How to Configure MPLS LDP—Lossless MD5 Session Authentication, page 6
• Configuration Examples for MPLS LDP—Lossless MD5 Session Authentication, page 16
• Additional References, page 28
• Feature Information for MPLS LDP—Lossless MD5 Session Authentication, page 30
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS LDP—Lossless MD5 Session Authentication
Prerequisites for MPLS LDP—Lossless MD5 Session Authentication
Note The MPLS LDP—Lossless MD5 Session Authentication feature must be configured before MPLS LDP
is configured.
Configure the following features on the label switch router (LSR) before configuring the MPLS
LDP—Lossless MD5 Session Authentication feature:
• Distributed Cisco Express Forwarding
• Static or dynamic routing
• MPLS Virtual Private Network (VPN) routing and forwarding (VRFs) instances for MPLS VPNs
• MPLS LDP—Lossless MD5 Session Authentication for the MPLS VPN VRFs
Note If a VRF is deleted, then the lossless MD5 session authentication for that VRF is automatically removed.
2
MPLS LDP—Lossless MD5 Session Authentication
Information About MPLS LDP—Lossless MD5 Session Authentication
3
MPLS LDP—Lossless MD5 Session Authentication
Information About MPLS LDP—Lossless MD5 Session Authentication
• Key 1 specifies the lab password. The send-lifetime command enables the lab password to
authenticate the outgoing TCP segments from November 2, 2008, at 10:00:00 a.m. until
December 2, 2008, at 10:00:00 a.m. The accept-lifetime command is configured so that the lab
password is never used to authenticate incoming TCP segments. The accept-lifetime command
enables the lab password for 1 second on January 1, 1970. By setting the date to the past and by
enabling a duration of 1 second, the password for incoming TCP segments immediately expires. If
the accept-lifetime command is omitted from the keychain configuration, then the password is
always valid for incoming TCP segments.
• Key 2 and key 3 specify the lab2 and lab3 passwords, respectively. The send-lifetime commands
enable the passwords for 1 second on January 1, 1970. By setting the date to the past and by enabling
a duration of 1 second, the passwords for outgoing TCP segments immediately expire. If the
send-lifetime commands are omitted from the keychain configuration, the passwords are always
valid for outgoing TCP segments. The accept-lifetime commands for key 2 and key 3 enable the
passwords to authenticate the incoming TCP segments from November 2, 2008, at 10:00:00 a.m.
until November 17, 2008, at 10:00:00 a.m. and from November 17, 2008, at 10:00:00 a.m. until
December 2, 2008, at 10:00:00 a.m., respectively.
4
MPLS LDP—Lossless MD5 Session Authentication
Information About MPLS LDP—Lossless MD5 Session Authentication
• If the accept-lifetime value for the next password begins before the accept-lifetime value of the
current password expires, both the next password and the current password are used concurrently.
The next password information is passed to TCP. If TCP fails to authenticate the incoming segments
with the current password, it tries authenticating with the next password. If TCP authenticates a
segment using the new password, it discards the current password and uses the new password from
that point on.
• If a password for incoming or outgoing segments expires and no additional valid password is
configured, one of the following actions take place:
– If a password is required for the neighbor, LDP drops the existing session.
– If a password is not required for the neighbor, LDP attempts to roll over to a session that does
not require authentication. This attempt also fails unless the password expires on both LSRs at
the same time.
When passwords do not match between LDP peers, TCP displays the following error message on the
LSR that has the lower router ID; that is, the router that has the passive role in establishing TCP
connections:
00:01:07: %TCP-6-BADAUTH: Invalid MD5 digest from 10.2.2.2(11051) to 10.1.1.1(646)
5
MPLS LDP—Lossless MD5 Session Authentication
How to Configure MPLS LDP—Lossless MD5 Session Authentication
If one peer has a password configured and the other one does not, TCP displays the following error
messages on the LSR that has a password configured:
00:02:07: %TCP-6-BADAUTH: No MD5 digest from 10.1.1.1(646) to 10.2.2.2(11099)
SUMMARY STEPS
1. enable
2. configure terminal
3. access-list access-list-number {permit | deny} {type-code wildcard-mask | ip-address mask}
4. key chain name-of-chain
5. key key-id
6. key-string string
7. accept-lifetime {start-time | local start-time} {duration seconds | end-time | infinite}
8. send-lifetime {start-time | local start-time} {duration seconds | end-time | infinite}
9. exit
10. exit
11. mpls ldp [vrf vrf-name] password option number for acl {key-chain keychain-name | [0 | 7]
password}
12. exit
13. show mpls ldp neighbor [vrf vrf-name | all] [ip-address | interface] [detail] [graceful-restart]
6
MPLS LDP—Lossless MD5 Session Authentication
How to Configure MPLS LDP—Lossless MD5 Session Authentication
DETAILED STEPS
Example:
Router# configure terminal
Step 3 access-list access-list-number {permit | deny} Creates an access list.
{type-code wildcard-mask | ip-address mask}
Example:
Router(config)# access-list 10 permit 10.2.2.2
Step 4 key chain name-of-chain Enables authentication for routing protocols and
identifies a group of authentication keys.
Example: • Enters keychain configuration mode.
Router(config)# key chain ldp-pwd
Step 5 key key-id Identifies an authentication key on a keychain.
• The key-id value must be a numeral.
Example: • Enters keychain key configuration mode.
Router(config-keychain)# key 1
Step 6 key-string string Specifies the authentication string for a key.
• The string value can be 1 to 80 uppercase or
Example: lowercase alphanumeric characters; the first
Router(config-keychain-key)# key-string pwd1 character cannot be a numeral.
7
MPLS LDP—Lossless MD5 Session Authentication
How to Configure MPLS LDP—Lossless MD5 Session Authentication
8
MPLS LDP—Lossless MD5 Session Authentication
How to Configure MPLS LDP—Lossless MD5 Session Authentication
Example:
Router(config-keychain-key)# exit
Step 10 exit Exits from keychain configuration mode.
Example:
Router(config-keychain)# exit
9
MPLS LDP—Lossless MD5 Session Authentication
How to Configure MPLS LDP—Lossless MD5 Session Authentication
10
MPLS LDP—Lossless MD5 Session Authentication
How to Configure MPLS LDP—Lossless MD5 Session Authentication
Example:
Router(config)# exit
Step 13 show mpls ldp neighbor [vrf vrf-name | all] Displays the status of LDP sessions.
[ip-address | interface] [detail] [graceful-restart]
• The vrf vrf-name keyword-argument pair
displays the LDP neighbors for the specified
Example: VRF instance.
Router# show mpls ldp neighbor detail
• The ip-address argument identifies the
neighbor with the IP address for which
password protection is configured.
• The interface argument identifies the LDP
neighbors accessible over this interface.
• The detail keyword displays information in
long form, including password information for
this neighbor. Here are the items displayed:
– An indication as to whether a password is
mandatory for this neighbor (required/not
required)
– The password source
(neighbor/fallback/number [option
number])
– An indication as to whether the latest
configured password for this neighbor is
used by the TCP session (in use) or the
TCP session uses an old password (stale)
• The graceful-restart keyword displays
per-neighbor graceful restart information.
Enabling the Display of MPLS LDP Password Rollover Changes and Events
When a password is required for a neighbor, but no password is configured for the neighbor, the
following debug message is displayed:
00:05:04: MDSym5 protection is required for peer 10.2.2.2:0(glbl), but no password
configured.
To enable the display of events related to configuration changes and password rollover events, perform
the following task.
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls ldp logging password configuration [rate-limit number]
4. mpls ldp logging password rollover [rate-limit number]
11
MPLS LDP—Lossless MD5 Session Authentication
How to Configure MPLS LDP—Lossless MD5 Session Authentication
5. exit
6. debug mpls ldp transport events
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls ldp logging password configuration This command is used to enable the display of events
[rate-limit number] related to configuration changes.
• The output displays events when a new password is
Example: configured or an existing password has been changed or
Router(config)# mpls ldp logging password deleted. A rate limit of 1 to 60 messages a minute can
configuration rate-limit 30
be specified.
Step 4 mpls ldp logging password rollover [rate-limit This command is used to enable the display of events
number] related to password rollover events.
• Events are displayed when a new password is used for
Example: authentication or when authentication is disabled. A
Router(config)# mpls ldp logging password rate limit of 1 to 60 messages a minute can be specified.
rollover rate-limit 25
Step 5 exit This command exits global configuration mode.
Example:
Router(config)# exit
Step 6 debug mpls ldp transport events This command displays notifications when a session TCP
MD5 option is changed.
Example: • You can also use the debug mpls ldp transport
Router# debug mpls ldp transport events connections command to display notifications when
the MD5 option is changed.
Example:
Router# debug mpls ldp transport events
00:03:44: ldp: MD5 setup for peer 10.2.2.2:0(glbl); password changed to adfas
00:05:04: ldp: MD5 setup for peer 10.52.52.2:0(vpn1(1)); password changed to [nil]
12
MPLS LDP—Lossless MD5 Session Authentication
How to Configure MPLS LDP—Lossless MD5 Session Authentication
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls ldp [vrf vrf-name] password rollover duration minutes
4. mpls ldp [vrf vrf-name] password fallback {key-chain keychain-name | [0 | 7] password}
5. no mpls ldp neighbor [vrf vrf-name] ip-address password password
6. exit
7. show mpls ldp neighbor [vrf vrf-name] [ip-address | interface] [detail] [graceful-restart]
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls ldp [vrf vrf-name] password rollover duration Configures the duration before the new password
minutes takes effect.
• The vrf vrf-name keyword-argument pair
Example: specifies a VRF configured on the LSR.
Router(config)# mpls ldp password rollover duration 7
• The minutes argument specifies the number of
minutes from 5 to 65535 before the password
rollover occurs on this router.
13
MPLS LDP—Lossless MD5 Session Authentication
How to Configure MPLS LDP—Lossless MD5 Session Authentication
14
MPLS LDP—Lossless MD5 Session Authentication
How to Configure MPLS LDP—Lossless MD5 Session Authentication
Example:
Router(config)# exit
Step 7 show mpls ldp neighbor [vrf vrf-name] [ip-address | Displays the status of LDP sessions.
interface] [detail] [graceful-restart]
• The vrf vrf-name keyword-argument pair
displays the LDP neighbors for the specified
Example: VRF instance.
Router# show mpls ldp neighbor detail
• The ip-address argument identifies the
neighbor with the IP address for which
password protection is configured.
• The interface argument lists the LDP
neighbors accessible over this interface.
• The detail keyword displays information in
long form, including password information for
this neighbor. Here are the items displayed:
– An indication as to whether a password is
mandatory for this neighbor (required/not
required)
– The password source
(neighbor/fallback/number [option
number])
– An indication as to whether the latest
configured password for this neighbor is
used by the TCP session (in use) or the
TCP session uses an old password (stale)
• The graceful-restart keyword displays
per-neighbor graceful restart information.
15
MPLS LDP—Lossless MD5 Session Authentication
Configuration Examples for MPLS LDP—Lossless MD5 Session Authentication
LSR1
access-list 10 permit 10.2.2.2
mpls ldp password required for 10
mpls ldp password option 1 for 10 ldp-pwd
!
key chain ldp-pwd
key 1
key-string pwd1
send-lifetime 10:00:00 Jan 1 2009 10:00:00 Feb 1 2009
accept-lifetime 09:00:00 Jan 1 2009 11:00:00 Feb 1 2009
!
interface loopback0
ip address 10.1.1.1 255.255.255.255
!
interface FastEthernet0/0/0
ip address 10.0.1.1 255.255.255.254
mpls label protocol ldp
mpls ip
LSR2
access-list 10 permit 10.1.1.1
mpls ldp password required for 10
mpls ldp password option 1 for 10 ldp-pwd
!
16
MPLS LDP—Lossless MD5 Session Authentication
Configuration Examples for MPLS LDP—Lossless MD5 Session Authentication
LSR1
access-list 10 permit 10.2.2.2
mpls ldp password required for 10
mpls ldp password option 1 for 10 ldp-pwd
!
key chain ldp-pwd
key 1
key-string pwd1
accept-lifetime 00:00:00 Jan 1 2005 duration 1
send-lifetime 10:00:00 Jan 1 2009 10:00:00 Feb 1 2009
key 2
key-string pwd2
accept-lifetime 09:00:00 Jan 1 2009 11:00:00 Feb 1 2009
send-lifetime 00:00:00 Jan 1 2005 duration 1
!
interface loopback0
ip address 10.1.1.1 255.255.255.255
!
interface FastEthernet0/0/0
ip address 10.0.1.1 255.255.255.254
mpls label protocol ldp
mpls ip
LSR2
access-list 10 permit 10.1.1.1
mpls ldp password required for 10
mpls ldp password option 1 for 10 ldp-pwd
!
key chain ldp-pwd
key 1
key-string pwd2
accept-lifetime 00:00:00 Jan 1 2005 duration 1
send-lifetime 10:00:00 Jan 1 2009 10:00:00 Feb 1 2009
key 2
key-string pwd1
accept-lifetime 09:00:00 Jan 1 2009 11:00:00 Feb 1 2009
send-lifetime 00:00:00 Jan 1 2005 duration 1
!
interface loopback0
ip address 10.2.2.2 255.255.255.255
17
MPLS LDP—Lossless MD5 Session Authentication
Configuration Examples for MPLS LDP—Lossless MD5 Session Authentication
!
interface FastEthernet0/0/0
ip address 10.0.1.2 255.255.255.254
mpls label protocol ldp
mpls ip
18
MPLS LDP—Lossless MD5 Session Authentication
Configuration Examples for MPLS LDP—Lossless MD5 Session Authentication
The following example shows how the lossless password change is configured using the
mpls ldp password rollover duration command for LSR A, LSR B, and LSR C so there is enough time
to change all the passwords on all of the routers:
After 10 minutes has elapsed, the password changes. The following system logging message for LSR A
confirms that the password rollover was successful:
%LDP-5-PWDRO: Password rolled over for 10.11.11.11:0
%LDP-5-PWDRO: Password rolled over for 10.12.12.12:0
19
MPLS LDP—Lossless MD5 Session Authentication
Configuration Examples for MPLS LDP—Lossless MD5 Session Authentication
The following example shows the new password configuration for LSR A and LSR B:
Note The rollover duration should be large enough so that the passwords can be changed on all impacted
routers.
After 10 minutes (rollover duration), the password changes and the following system logging message
confirms the password rollover at LSR A:
%LDP-5-PWDRO: Password rolled over for 10.11.11.11:0
Note The rollover duration should be large enough so that the passwords can be changed on all impacted
routers.
20
MPLS LDP—Lossless MD5 Session Authentication
Configuration Examples for MPLS LDP—Lossless MD5 Session Authentication
After 10 minutes, the password changes and the following system logging message confirms the
password rollover at LSR A.
%LDP-5-PWDRO: Password rolled over for 10.11.11.11:0
%LDP-5-PWDRO: Password rolled over for 10.12.12.12:0
21
MPLS LDP—Lossless MD5 Session Authentication
Configuration Examples for MPLS LDP—Lossless MD5 Session Authentication
Note The fallback password is used only when there is no other keychain configured. If there is a keychain
configured, then the fallback password is not used.
The following example shows the existing password configuration for LSR A, LSR B, and LSR C:
22
MPLS LDP—Lossless MD5 Session Authentication
Configuration Examples for MPLS LDP—Lossless MD5 Session Authentication
Note The fallback keychain is not used unless the keychain ldp-pwd is removed using the no mpls ldp
password option 5 for 10 key-chain ldp-pwd command.
The following example shows the new configuration for LSR A, LSR B, and LSR C, where one keychain
is configured with the name ldp-pwd and another keychain is configured with the name fallback for the
fallback password.
Note The rollover duration should be large enough so that the passwords can be changed on all impacted
routers.
23
MPLS LDP—Lossless MD5 Session Authentication
Configuration Examples for MPLS LDP—Lossless MD5 Session Authentication
After 10 minutes, the password changes and the following system logging message confirms the
password rollover at LSR A:
%LDP-5-PWDRO: Password rolled over for 10.11.11.11:0
%LDP-5-PWDRO: Password rolled over for 10.12.12.12:0
24
MPLS LDP—Lossless MD5 Session Authentication
Configuration Examples for MPLS LDP—Lossless MD5 Session Authentication
In the example, for both LSR A and LSR B, during the period of the third send-lifetime 10:30:00 Feb
1 2009 10:30:00 Mar 1 2009 command, all three configured keys are valid as receive keys, and only the
last configured key is valid as a transmit key. The keychain resolution rules dictate that keys 10 and 11
are used as receive keys, and only the last key 12 can be used as the transmit key. Because the transmit
and receive keys are mismatched, the LDP session will not stay active.
Note When more than two passwords are configured in a keychain, the configuration needs to have both
accept-lifetime and send-lifetime commands configured correctly for effective rollovers.
The following example shows the correct keychain configuration with multiple passwords in the
keychain:
25
MPLS LDP—Lossless MD5 Session Authentication
Configuration Examples for MPLS LDP—Lossless MD5 Session Authentication
key-string lab3
send-lifetime 10:30:00 Feb 1 2009 10:30:00 Mar 1 2009
accept-lifetime 10:15:00 Feb 1 2009 10:45:00 Mar 1 2009
!
mpls ldp password option 5 for 10 key-chain ldp-pwd
In the example above, for both LSR A and LSR B, during the period of the third send-lifetime 10:30:00
Feb 1 2009 10:30:00 Mar 1 2009 command, only the last key 12 is valid as transmit and receive keys.
Therefore, the LDP session remains active.
TCP Authentication and LDP Sessions Can Fail When a Second Rollover Period Is Missing: Example
In the following configuration, the first rollover is from “secondpass” to “firstpass.” The second rollover
is from “firstpass” back to “secondpass.” The only rollover period in this configuration is the overlapping
between the “firstpass” and “secondpass.” Because one rollover period is missing, LDP performs only
the first rollover and not the second rollover, causing TCP authentication to fail and the LDP session to
fail.
26
MPLS LDP—Lossless MD5 Session Authentication
Configuration Examples for MPLS LDP—Lossless MD5 Session Authentication
key 2
key-string secondpass
TCP authentication and LDP sessions can also fail if the second key has send and accept lifetime
configured. In this case the accept lifetime of the first key is a subset of the accept lifetime of the second
key. For example:
Reconfigure a Keychain to Prevent TCP Authentication and LDP Session Failures: Example
If the configuration needs to specify the last key in the keychain to always be valid, then configure the
keychain to have at least two keys. Each key must be configured with both the send and accept lifetime
period. For example:
If the configuration needs to specify the first keychain for the time interval, then switch to use the second
key forever after that interval. This is done by configuring the start time for the second key to begin
shortly before the end time of the first key, and by configuring the second key to be valid forever after
that interval. For example:
If the configuration needs to specify the two keys in the order of the second key, first key, and second
key again, then specify three keys in that order with the proper rollover period. For example:
27
MPLS LDP—Lossless MD5 Session Authentication
Additional References
key 2
key-string secondpass
accept-lifetime 01:06:00 Sep 10 2008 01:17:00 Sep 10 2008
send-lifetime 01:08:00 Sep 10 2008 01:15:00 Sep 10 2008
key 3
key-string firstpass
accept-lifetime 01:13:00 Sep 10 2008 infinite
send-lifetime 01:15:00 Sep 10 2008 infinite
Additional References
The following sections provide references related to the MPLS LDP—Lossless MD5 Session
Authentication feature.
Related Documents
Related Topic Document Title
MPLS Label Distribution Protocol (LDP) MPLS Label Distribution Protocol
LDP implementation enhancements for the MD5 MPLS—LDP MD5 Global Configuration
password
MPLS LDP commands Cisco IOS Multiprotocol Label Switching Command Reference
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
No new or modified RFCs are supported by this —
release, and support for existing RFCs has not been
modified by this feature.
28
MPLS LDP—Lossless MD5 Session Authentication
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
29
MPLS LDP—Lossless MD5 Session Authentication
Feature Information for MPLS LDP—Lossless MD5 Session Authentication
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
30
MPLS LDP—Lossless MD5 Session Authentication
Feature Information for MPLS LDP—Lossless MD5 Session Authentication
Table 1 Feature Information for MPLS LDP—Lossless MD5 Session Authentication (continued)
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
31
MPLS LDP—Lossless MD5 Session Authentication
Feature Information for MPLS LDP—Lossless MD5 Session Authentication
32
MPLS LDP–VRF-Aware Static Labels
This document explains how to configure the MPLS LDP–VRF-Aware Static Labels feature and
Multiprotocol Label Switching (MPLS) static labels. Virtual Private Network routing and forwarding
(VRF)-aware static labels can be used at the edge of an MPLS Virtual Private Network (VPN), whereas
MPLS static labels can be used only in the MPLS VPN provider core.
Contents
• Information About MPLS LDP–VRF-Aware Static Labels, page 2
• How to Configure MPLS LDP–VRF-Aware Static Labels, page 3
• Configuration Examples for MPLS LDP–VRF-Aware Static Labels, page 6
• Additional References, page 8
• Feature Information for MPLS LDP–VRF-Aware Static Labels, page 9
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS LDP–VRF-Aware Static Labels
Information About MPLS LDP–VRF-Aware Static Labels
2
MPLS LDP–VRF-Aware Static Labels
How to Configure MPLS LDP–VRF-Aware Static Labels
Reserving Labels to Use for MPLS Static Labels and MPLS LDP–VRF-Aware
Static Labels
To reserve the labels that are to be statically assigned so that the labels are not dynamically assigned,
perform the following task.
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls label range minimum-value maximum-value [static minimum-static-value
maximum-static-value]
4. exit
5. show mpls label range
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls label range minimum-value maximum-value Reserves a range of labels for static labels assignment. The
[static minimum-static-value default is that no labels are reserved for static assignment.
maximum-static-value]
Note You might need to reload the router for the range of
labels you reserve to take effect.
Example:
Router(config)# mpls label range 200 100000
static 16 199
3
MPLS LDP–VRF-Aware Static Labels
How to Configure MPLS LDP–VRF-Aware Static Labels
Example:
Router(config)# exit
Step 5 show mpls label range Displays information about the range of values for local
labels, including those available for static assignment.
Example:
Router# show mpls label range
Prerequisites
• Globally enable MPLS on each LSR.
• Enable Cisco Express Forwarding on each LSR.
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls static binding ipv4 prefix mask {label | input label | output nexthop {explicit-null |
implicit-null | label}}
4. exit
5. show mpls static binding ipv4
6. show mpls forwarding-table
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode and returns to privileged EXEC
mode.
Example:
Router# configure terminal
4
MPLS LDP–VRF-Aware Static Labels
How to Configure MPLS LDP–VRF-Aware Static Labels
Command Purpose
Step 3 mpls static binding ipv4 prefix mask Specifies static binding of labels to IPv4 prefixes.
{label | input label | output nexthop
{explicit-null | implicit-null | label}} Specified bindings are installed automatically in the MPLS
forwarding table as routing demands.
Example:
Router(config)# mpls static binding ipv4
10.2.2.0 255.255.255.255 input 17
Step 4 exit Exits global configuration mode and enters privileged EXEC
mode.
Example:
Router(config)# exit
Step 5 show mpls static binding ipv4 Displays the configured static labels.
Example:
Router# show mpls static binding ipv4
Step 6 show mpls forwarding-table Displays the static labels used for MPLS forwarding.
Example:
Router# show mpls forwarding-table
Restrictions
• The MPLS LDP–VRF-Aware Static Labels feature is supported only with MPLS VPN Carrier
Supporting Carrier networks that use MPLS LDP.
Prerequisites
• Globally enable MPLS on each LSR.
• Enable Cisco Express Forwarding on each LSR.
• Ensure the MPLS VPN is configured.
• Ensure that the provider network has MPLS LDP installed and running.
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls static binding ipv4 vrf vpn-name prefix mask {input label | label}
5
MPLS LDP–VRF-Aware Static Labels
Configuration Examples for MPLS LDP–VRF-Aware Static Labels
4. exit
5. show mpls static binding ipv4 vrf vpn-name
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls static binding ipv4 vrf vpn-name prefix Binds a prefix to a local label.
mask {input label | label}
Specified bindings are installed automatically in the MPLS
forwarding table as routing demands.
Example:
Router(config)# mpls static binding ipv4 vrf
Note You must configure the MPLS VPN and VRFs
vpn100 10.2.0.0 255.255.0.0 input 17 before creating VRF-aware static labels.
Step 4 exit Exits global configuration mode and enters privileged
EXEC mode.
Example:
Router(config)# exit
Step 5 show mpls static binding ipv4 vrf vpn-name Displays the configured MPLS static bindings.
Example:
Router(config)# show mpls static binding ipv4
vrf vpn100
Troubleshooting Tips
To display information related to static binding events, use the debug mpls static binding vrf command.
6
MPLS LDP–VRF-Aware Static Labels
Configuration Examples for MPLS LDP–VRF-Aware Static Labels
Reserving Labels to Use for MPLS Static Labels and MPLS LDP–VRF-Aware
Static Labels: Example
In the following example, the mpls label range command reserves a generic range of labels from 200
to 100000 and configures a static label range of 16 to 199:
Router(config)# mpls label range 200 100000 static 16 199
In this example, the output from the show mpls label range command indicates that the new label ranges
do not take effect until a reload occurs:
Router# show mpls label range
In the following output, the show mpls label range command, executed after a reload, indicates that the
new label ranges are in effect:
Router# show mpls label range
Configuring MPLS Static Labels in the MPLS VPN Provider Core: Example
The following example configures input and output labels for several prefixes:
Router(config)# mpls static binding ipv4 10.0.0.0 255.0.0.0 55
Router(config)# mpls static binding ipv4 10.0.0.0 255.0.0.0 output 10.0.0.66 167
Router(config)# mpls static binding ipv4 10.66.0.0 255.255.0.0 input 17
Router(config)# mpls static binding ipv4 10.66.0.0 255.255.0.0 output 10.13.0.8
explicit-null
The show mpls static binding ipv4 command displays the configured static labels:
Router# show mpls static binding ipv4
7
MPLS LDP–VRF-Aware Static Labels
Additional References
In the following output, the show mpls static binding ipv4 vrf command displays the configured
VRF-aware static bindings:
Router# show mpls static binding ipv4 vrf vpn100
Additional References
The following sections provide references related to the MPLS LDP–VRF-Aware Static Labels feature.
Related Documents
Related Topic Document Title
MPLS commands Cisco IOS Multiprotocol Label Switching Command Reference
MPLS VPN configuration information Configuring MPLS Layer 3 VPNs
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
No new or modified RFCs are supported by this —
feature, and support for existing RFCs has not been
modified by this feature.
8
MPLS LDP–VRF-Aware Static Labels
Feature Information for MPLS LDP–VRF-Aware Static Labels
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
9
MPLS LDP–VRF-Aware Static Labels
Feature Information for MPLS LDP–VRF-Aware Static Labels
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
10
MPLS Traffic Engineering: Path
Calculation and Setup
MPLS Traffic Engineering and Enhancements
Multiprotocol Label Switching (MPLS) traffic engineering software enables an MPLS backbone to
replicate and expand upon the traffic engineering capabilities of Layer 2 ATM and Frame Relay
networks. MPLS is an integration of Layer 2 and Layer 3 technologies. By making traditional Layer 2
features available to Layer 3, MPLS enables traffic engineering. Thus, you can offer in a one-tier
network what previously could be achieved only by overlaying a Layer 3 network on a Layer 2 network.
Contents
• Prerequisites for MPLS Traffic Engineering and Enhancements, page 2
• Restrictions for MPLS Traffic Engineering and Enhancements, page 2
• Information About MPLS Traffic Engineering and Enhancements, page 2
• How to Configure MPLS Traffic Engineering and Enhancements, page 11
• Configuration Examples for MPLS Traffic Engineering and Enhancements, page 19
• Additional References, page 22
• Feature Information for MPLS Traffic Engineering and Enhancements, page 24
• Glossary, page 26
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Traffic Engineering and Enhancements
Prerequisites for MPLS Traffic Engineering and Enhancements
2
MPLS Traffic Engineering and Enhancements
Information About MPLS Traffic Engineering and Enhancements
3
MPLS Traffic Engineering and Enhancements
Information About MPLS Traffic Engineering and Enhancements
4
MPLS Traffic Engineering and Enhancements
Information About MPLS Traffic Engineering and Enhancements
Link-state protocols, like integrated IS-IS or OSPF, use an SPF algorithm to compute a shortest path tree
from the headend node to all nodes in the network. Routing tables are derived from this shortest path
tree. The routing tables contain ordered sets of destination and first-hop information. If a router does
normal hop-by-hop routing, the first hop is over a physical interface attached to the router.
New traffic engineering algorithms calculate explicit routes to one or more nodes in the network. The
originating router views these explicit routes as logical interfaces. In the context of this document, these
explicit routes are represented by LSPs and referred to as traffic engineering tunnels (TE tunnels).
The following sections describe how link-state IGPs can use these shortcuts, and how they can install
routes in the routing table that point to these TE tunnels. These tunnels use explicit routes, and the path
taken by a TE tunnel is controlled by the router that is the headend of the tunnel. In the absence of errors,
TE tunnels are guaranteed not to loop, but routers must agree on how to use the TE tunnels. Otherwise,
traffic might loop through two or more tunnels. See the following sections:
• Enhancement to the SPF Computation, page 5
• Special Cases and Exceptions for SPF Calculations, page 6
• Additional Enhancements to SPF Computation Using Configured Tunnel Metrics, page 6
5
MPLS Traffic Engineering and Enhancements
Information About MPLS Traffic Engineering and Enhancements
Figure 1 Sample Topology of Parallel Native Paths and Paths Over TE Tunnels
26682
Router D Router E
If parallel native IP paths and paths over TE tunnels are available, the following implementations allow
you to force traffic to flow over TE tunnels only or only over native IP paths. Assume that all links have
the same cost and that a TE tunnel is set up from Router A to Router D.
• When the SPF calculation puts Router C on the TENT list, it realizes that Router C is not directly
connected. It uses the first-hop information from the parent, which is Router B.
• When the SPF calculation on Router A puts Router D on the TENT list, it realizes that Router D is
the tail end of a TE tunnel. Thus Router A installs a route to Router D by the TE tunnel, and not by
Router B.
• When Router A puts Router E on the TENT list, it realizes that Router E is not directly connected,
and that Router E is not the tail end of a TE tunnel. Therefore Router A copies the first-hop
information from the parents (Router C and Router D) to the first-hop information of Router E.
Traffic to Router E now load balances over
• The native IP path by Router A to Router B to Router C
• The TE tunnel Router A to Router D
6
MPLS Traffic Engineering and Enhancements
Information About MPLS Traffic Engineering and Enhancements
Although the same metric scheme can work well in other situations, for some applications it is useful to
change the TE tunnel metric (for instance, when there are equal cost paths through TE tunnel and native
IP links). You can adjust TE tunnel metrics to force the traffic to prefer the TE tunnel, to prefer the native
IP paths, or to load share among them.
Suppose that multiple TE tunnels go to the same destination or different destinations. TE tunnel metrics
can force the traffic to prefer some TE tunnels over others, regardless of IGP distances to those
destinations.
Setting metrics on TE tunnels does not affect the basic SPF algorithm. It affects only two questions:
1. Is the TE tunnel installed as one of the next hops to the destination routers?
2. What is the metric value of the routes being installed into the RIB?
You can modify the metrics for determining the first-hop information in one of the following ways:
• If the metric of the TE tunnel to the tailend routers is higher than the metric for the other TE tunnels
or native hop-by-hop IGP paths, this tunnel is not installed as the next hop.
• If the metric of the TE tunnel is equal to the metric of either other TE tunnels or native hop-by-hop
IGP paths, this tunnel is added to the existing next hops.
• If the metric of the TE tunnel is lower than the metric of other TE tunnels or native hop-by-hop IGP
paths, this tunnel replaces them as the only next hop.
In each of the above cases, the IGP assigns metrics to routes associated with those tailend routers and
their downstream routers.
The SPF computation is loop free because the traffic through the TE tunnels is basically source routed.
The end result of TE tunnel metric adjustment is the control of traffic loadsharing. If there is only one
way to reach the destination through a single TE tunnel, then no matter what metric is assigned, the
traffic has only one way to go.
You can represent the TE tunnel metric in two different ways: (1) as an absolute (or fixed) metric or (2)
as a relative (or floating) metric.
If you use an absolute metric, the routes assigned with the metric are fixed. This metric is used not only
for the routes sourced on the TE tunnel tailend router, but also for each route downstream of this tailend
router that uses this TE tunnel as one of its next hops.
For example, if you have TE tunnels to two core routers in a remote point of presence (POP), and one of
them has an absolute metric of 1, all traffic going to that POP traverses this low-metric TE tunnel.
If you use a relative metric, the actual assigned metric value of routes is based on the IGP metric. This
relative metric can be positive or negative, and is bounded by minimum and maximum allowed metric
values. For example, assume the topology shown in Figure 2.
7
MPLS Traffic Engineering and Enhancements
Information About MPLS Traffic Engineering and Enhancements
If there is no TE tunnel, Router A installs routes x, y, and z and assigns metrics 20, 30, and 40
respectively. Suppose that Router A has a TE tunnel T1 to Router C. If the relative metric –5 is used on
tunnel T1, the routers x, y, and z have the installed metrics of 15, 25, and 35. If an absolute metric of 5
is used on tunnel T1, routes x, y and z have the same metric 5 installed in the RIB for Router A. The
assigning of no metric on the TE tunnel is a special case, a relative metric scheme where the metric is 0.
Note For the purpose of briefness, these two new TLVs, 22 and 135, are referred to as “new-style TLVs.” TLVs
2, 128, and 130 are referred to as “old-style TLVs.”
8
MPLS Traffic Engineering and Enhancements
Information About MPLS Traffic Engineering and Enhancements
Both new TLVs have a fixed length part, followed by optional sub-TLVs. The metric space in these new
TLVs has been enhanced from 6 bits to 24 or 32 bits. The sub-TLVs allow you to add new properties to
links and prefixes. Traffic engineering is the first technology to use this ability to add new properties to
a link.
9
MPLS Traffic Engineering and Enhancements
Information About MPLS Traffic Engineering and Enhancements
10
MPLS Traffic Engineering and Enhancements
How to Configure MPLS Traffic Engineering and Enhancements
• Configure all routers one-by-one to advertise new-style TLVs, but to accept both styles of TLVs.
• Configure all routers one-by-one to advertise and to accept only new-style TLVs.
• Configure metrics larger than 63.
11
MPLS Traffic Engineering and Enhancements
How to Configure MPLS Traffic Engineering and Enhancements
SUMMARY STEPS
1. enable
2. configure terminal
3. ip cef
4. mpls traffic-eng tunnels
5. exit
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 ip cef Enables standard Cisco Express Forwarding
operation.
Example:
Router(config)# ip cef
Step 4 mpls traffic-eng tunnels Enables the MPLS traffic engineering tunnel feature
on a device.
Example:
Router(config)# mpls traffic-eng tunnels
Step 5 exit Exits to privileged EXEC mode.
Example:
Router(config)# exit
Note You must enable the tunnel feature on interfaces that you want to support MPLS traffic engineering.
12
MPLS Traffic Engineering and Enhancements
How to Configure MPLS Traffic Engineering and Enhancements
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number]
4. mpls traffic-eng tunnels
5. ip rsvp bandwidth bandwidth
6. exit
7. exit
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 interface type Configures an interface type and enters interface
slot/subslot/port[.subinterface-number] configuration mode.
Example:
Router(config)# interface serial 1/0/0
Step 4 mpls traffic-eng tunnels Enables MPLS traffic engineering tunnels on an
interface.
Example:
Router(config-if)# mpls traffic-eng tunnels
Step 5 ip rsvp bandwidth bandwidth Enables RSVP for IP on an interface and specifies
the amount of bandwidth that will be reserved.
Example:
Router(config-if)# ip rsvp bandwidth 1000
Step 6 exit Exits interface configuration mode and returns to
global configuration mode.
Example:
Router(config-if)# exit
Step 7 exit Exits global configuration mode and returns to
privileged EXEC mode.
Example:
Router(config)# exit
13
MPLS Traffic Engineering and Enhancements
How to Configure MPLS Traffic Engineering and Enhancements
SUMMARY STEPS
1. enable
2. configure terminal
3. router isis
4. mpls traffic-eng level-1
5. mpls traffic-eng router-id loopback0
6. metric-style wide
7. exit
8. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 router isis Enables IS-IS routing, specifies an IS-IS process for IP, and
enters router configuration mode.
Example:
Router(config)# router isis
Step 4 mpls traffic-eng level-1 Turns on MPLS traffic engineering for IS-IS level 1.
Example:
Router(config-router)# mpls traffic-eng level-1
Step 5 mpls traffic-eng router-id loopback0 Specifies that the traffic engineering router identifier for the
node is the IP address associated with interface loopback0.
Example:
Router(config-router)# mpls traffic-eng
router-id loopback0
Step 6 metric-style wide Configures a router to generate and accept only new-style
TLVs.
Example:
Router(config-router)# metric-style wide
14
MPLS Traffic Engineering and Enhancements
How to Configure MPLS Traffic Engineering and Enhancements
SUMMARY STEPS
1. enable
2. configure terminal
3. router ospf process-id
4. mpls traffic-eng area number
5. mpls traffic-eng router-id interface-name
6. exit
7. exit
DETAILED STEPS
Example:
Router# configure terminal
15
MPLS Traffic Engineering and Enhancements
How to Configure MPLS Traffic Engineering and Enhancements
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. ip unnumbered type number
5. tunnel destination ip-address
6. tunnel mode mpls traffic-eng
7. tunnel mpls traffic-eng bandwidth bandwidth
8. tunnel mpls traffic-eng path-option number {dynamic | explicit {name path-name} | identifier
path-number} [lockdown]
9. exit
10. exit
16
MPLS Traffic Engineering and Enhancements
How to Configure MPLS Traffic Engineering and Enhancements
DEFAULT STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 interface tunnel number Configures an interface type and enters interface configuration
mode.
Example:
Router(config)# interface tunnel10
Step 4 ip unnumbered type number Gives the tunnel interface an IP address.
• An MPLS traffic engineering tunnel interface should be
Example: unnumbered because it represents a unidirectional link.
Router(config-if)# ip unnumbered
loopback 0
Step 5 tunnel destination ip-address Specifies the destination for a tunnel.
• The ip-address keyword is the IP address of the host
Example: destination expressed in dotted decimal notation.
Router(config-if)# tunnel destination
10.20.1.1
Step 6 tunnel mode mpls traffic-eng Sets the tunnel encapsulation mode to MPLS traffic engineering.
Example:
Router(config-if)# tunnel mode mpls
traffic-eng
Step 7 tunnel mpls traffic-eng bandwidth Configures the bandwidth for the MPLS traffic engineering tunnel.
bandwidth
Example:
Router(config-if)# tunnel mpls
traffic-eng bandwidth 1000
Step 8 tunnel mpls traffic-eng path-option Configures the tunnel to use a named IP explicit path or a path
number {dynamic | explicit {name dynamically calculated from the traffic engineering topology
path-name} | identifier path-number}
[lockdown]
database.
• A dynamic path is used if an explicit path is currently
unavailable.
Example:
Router(config-if)# tunnel mpls
traffic-eng path-option 1 explicit
identifier 1
17
MPLS Traffic Engineering and Enhancements
How to Configure MPLS Traffic Engineering and Enhancements
Command Purpose
Step 9 exit Exits interface configuration mode and returns to global
configuration mode.
Example:
Router(config-if)# exit
Step 10 exit Exits global configuration mode and returns to privileged EXEC
mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. tunnel mpls traffic-eng autoroute announce
5. exit
6. exit
DEFAULT STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 interface tunnel number Configures an interface type and enters interface
configuration mode.
Example:
Router(config)# interface tunnel1
Step 4 tunnel mpls traffic-eng autoroute announce Causes the IGP to use the tunnel in its enhanced SPF
calculation.
Example:
Router(config-if)# tunnel mpls traffic-eng autoroute
announce
18
MPLS Traffic Engineering and Enhancements
Configuration Examples for MPLS Traffic Engineering and Enhancements
Command Purpose
Step 5 exit Exits interface configuration mode and returns to
global configuration mode.
Example:
Router(config-if)# exit
Step 6 exit Exits global configuration mode and returns to
privileged EXEC mode.
Example:
Router(config)# exit
Router 3
209.165.200.229
S0/1/1 S0/1/0
.2 .1
Tu .168
2.1 2
19
6.0
nn
17 nel
2
el 0
n
Tu
2
.
S0/1/0
S0/1/0 S0/1/0 S0/1/3 S0/1/0
19
MPLS Traffic Engineering and Enhancements
Configuration Examples for MPLS Traffic Engineering and Enhancements
Note You must enter the following commands on every router in the traffic-engineered portion of your
network.
interface s1/0/0
ip address 209.165.200.1 255.255.0.0
ip router isis
mpls traffic-eng tunnels
ip rsvp bandwidth 1000
Note You must enter the following commands on every router in the traffic-engineered portion of your
network.
interface s1/0/0
ip address 209.165.200.1 255.255.0.0
mpls traffic-eng tunnels
ip rsvp bandwidth 1000
20
MPLS Traffic Engineering and Enhancements
Configuration Examples for MPLS Traffic Engineering and Enhancements
21
MPLS Traffic Engineering and Enhancements
Additional References
Additional References
The following sections provide references related to the MPLS Traffic Engineering and Enhancements
feature.
Related Documents
Related Topic Document Title
Configuring Integrated IS-IS Cisco IOS XE IP Routing Protocols Configuration Guide
IS-IS commands Cisco IOS IP Routing Protocols Command Reference
Configuring OSPF Cisco IOS XE IP Routing Protocols Configuration Guide
OSPF command Cisco IOS IP Routing Protocols Command Reference
Configuring Multiprotocol Label Switching Cisco IOS XE Multiprotocol Label Switching Configuration Guide
MPLS TE commands Cisco IOS Multiprotocol Label Switching Command Reference
RSVP commands Cisco IOS Quality of Service Solutions Command Reference
22
MPLS Traffic Engineering and Enhancements
Additional References
Standards
Standard Title
None —
MIBs
MIB MIBs Link
None To locate and download MIBs for selected platforms, Cisco IOS XE
software releases, and feature sets, use Cisco MIB Locator found at
the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
1142 IS-IS
1195 Use of OSI IS-IS for Routing in TCP/IP and Dual Environments
2205 Resource ReSerVation Protocol (RSVP)
2328 OSPF Version 2
2370 The OSPF Opaque LSA Option
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
23
MPLS Traffic Engineering and Enhancements
Feature Information for MPLS Traffic Engineering and Enhancements
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
24
MPLS Traffic Engineering and Enhancements
Feature Information for MPLS Traffic Engineering and Enhancements
25
MPLS Traffic Engineering and Enhancements
Glossary
Glossary
affinity—An MPLS traffic engineering tunnel's requirements on the attributes of the links it will cross.
The tunnel's affinity bits and affinity mask bits must match the attribute bits of the various links carrying
the tunnel.
call admission precedence—An MPLS traffic engineering tunnel with a higher priority will, if
necessary, preempt an MPLS traffic engineering tunnel with a lower priority. Tunnels that are harder to
route are expected to have a higher priority and to be able to preempt tunnels that are easier to route. The
assumption is that lower-priority tunnels will be able to find another path.
constraint-based routing—Procedures and protocols that determine a route across a backbone take into
account resource requirements and resource availability instead of simply using the shortest path.
flow—A traffic load entering the backbone at one point—point of presence (POP)—and leaving it from
another, that must be traffic engineered across the backbone. The traffic load is carried across one or
more LSP tunnels running from the entry POP to the exit POP.
headend—The upstream, transmit end of a tunnel.
IGP—Interior Gateway Protocol. The Internet protocol used to exchange routing information within an
autonomous system. Examples of common IGPs include IGRP, OSPF, and RIP.
ip explicit path—A list of IP addresses, each representing a node or link in the explicit path.
IS-IS—Intermediate System-to-Intermediate System. OSI link-state hierarchical routing protocol that
calls for intermediate system (IS) routers to exchange routing information based on a single metric to
determine network topology.
label switched path (LSP)—A sequence of hops (R0...Rn) in which a packet travels from R0 to Rn
through label switching mechanisms. A label switched path can be chosen dynamically, based on normal
routing mechanisms, or through configuration.
label switched path (LSP) tunnel—A configured connection between two routers, in which label
switching is used to carry the packets.
label switching router (LSR)—A Layer 3 router that forwards packets based on the value of a label
encapsulated in the packets.
LCAC—Link-level (per hop) call admission control.
LSA—Link-state advertisement. Flooded packet used by OSPF that contains information about
neighbors and path costs. In IS-IS, receiving routers use LSAs to maintain their routing tables.
LSP—See label switched path.
OSPF protocol—Open Shortest Path First. A link state routing protocol used for routing IP.
reoptimization—Reevaluation of the most suitable path for a tunnel to use, given the specified
constraints.
RSVP—Resource Reservation Protocol. A protocol for reserving network resources to provide quality
of service guarantees to application flows.
tailend—The downstream, receive end of a tunnel.
traffic engineering—Techniques and processes that cause routed traffic to travel through the network
on a path other than the one that would have been chosen if standard routing methods were used.
26
MPLS Traffic Engineering and Enhancements
Glossary
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
27
MPLS Traffic Engineering and Enhancements
Glossary
28
MPLS Traffic Engineering—Configurable Path
Calculation Metric for Tunnels
The MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels feature enables the
user to control the metric used in path calculation for traffic engineering (TE) tunnels on a per-tunnel
basis. Certain tunnels are used to carry voice traffic, which requires low delay, and other tunnels are used
to carry data. A TE link metric can be used to represent link delay and configure tunnels that carry voice
traffic for path calculation and configure tunnels that carry data to use the Interior Gateway Protocol
(IGP) metric for path calculation.
Contents
• Prerequisites for MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels,
page 2
• Restrictions for MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels,
page 2
• Information About MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels,
page 2
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels
Prerequisites for MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels
• How to Configure MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels,
page 3
• Configuration Examples for Configuring a Path Calculation Metric for Tunnels, page 14
• Additional References, page 16
• Feature Information for MPLS Traffic Engineering—Configurable Path Calculation Metrics for
Tunnels, page 18
2
MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels
How to Configure MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels
SUMMARY STEPS
1. enable
2. configure terminal
3. ip cef distributed
4. mpls traffic-eng tunnels
5. exit
3
MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels
How to Configure MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip cef distributed Enables distributed Cisco Express Forwarding operation.
Example:
Router(config)# ip cef distributed
Step 4 mpls traffic-eng tunnels Enables the MPLS traffic engineering tunnel feature on a
device.
Example:
Router(config)# mpls traffic-eng tunnels
Step 5 exit Exits global configuration mode and returns to privileged
EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. configure terminal
3. router isis
4. mpls traffic-eng {level-1 | level-2}
5. mpls traffic-eng {level-1 | level-2}
6. mpls traffic-eng router-id interface-name
7. metric-style wide
8. exit
4
MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels
How to Configure MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels
9. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 router isis Enables IS-IS routing, specifies an IS-IS process for IP, and
enters router configuration.
Example:
Router(config)# router isis
Step 4 mpls traffic-eng {level-1 | level-2} Configures a router running IS-IS so that it floods MPLS TE
link information into the indicated IS-IS level.
Example: • This commands turns on MPLS TE for IS-IS level 1.
Router(config-router)# mpls traffic-eng level-1
Step 5 mpls traffic-eng {level-1 | level-2} Configures a router running IS-IS so that it floods MPLS TE
link information into the indicated IS-IS level.
Example: • This command turns on MPLS TE for IS-IS level 2.
Router(config-router)# mpls traffic-eng level-2
Step 6 mpls traffic-eng router-id interface-name Specifies that the TE router identifier for the node is the IP
address associated with a given interface.
Example: • This command specifies the IP address of loopback0 as
Router(config-router)# mpls traffic-eng the TE router ID.
router-id loopback0
Step 7 metric-style wide Configures a router to generate and accept only new-style
type, length, value objects (TLVs).
Example:
Router(config-router)# metric-style wide
Step 8 exit Exits router configuration mode and returns to global
configuration mode.
Example:
Router(config-router)# exit
Step 9 exit Exits global configuration mode and returns to privileged
EXEC mode.
Example:
Router(config)# exit
5
MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels
How to Configure MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels
SUMMARY STEPS
1. enable
2. configure terminal
3. router ospf process-id]
4. mpls traffic-eng area number
5. mpls traffic-eng router-id interface-name
6. exit
7. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 router ospf process-id Configures an OSPF routing process for IP and enters
router configuration mode.
Example: • The process-id argument is an internally used
Router(config)# router ospf 100 identification parameter for an OSPF routing process. It
is locally assigned and can be any positive integer.
Assign a unique value for each OSPF routing process.
Step 4 mpls traffic-eng area number Configures a router running OSPF MPLS so that it floods
traffic engineering for the indicated OSPF area.
Example: • The number argument specifies the OSPF area on
Router(config-router)# mpls traffic-eng area 0 which MPLS TE is enabled.
Step 5 mpls traffic-eng router-id interface-name Specifies that the TE router identifier for the node is the IP
address associated with a given interface.
Example: • The interface-name argument specifies the IP address
Router(config-router)# mpls traffic-eng of loopback0 as the TE router ID.
router-id loopback0
6
MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels
How to Configure MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number]
4. mpls traffic-eng administrative-weight weight
5. exit
6. exit
DETAILED STEPS
Example:
Router# configure terminal
7
MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels
How to Configure MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels
8
MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels
How to Configure MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. ip unnumbered type number
5. tunnel destination ip-address
6. tunnel mode mpls traffic-eng
7. tunnel mpls traffic-eng bandwidth bandwidth
8. tunnel mpls traffic-eng path-option number {dynamic | explicit {name path-name
| id path-number}} [lockdown]
9. exit
10. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface tunnel number Configures an interface type and enters interface
configuration mode.
Example: • The number argument is the number of the tunnel.
Router(config)# interface Tunnel0
Step 4 ip unnumbered type number Enables IP processing on an interface without assigning an
explicit IP address to the interface.
Example: • The type and number arguments name the type and
Router(config-if)# ip unnumbered loopback0 number of another interface on which the router has an
assigned IP address. It cannot be another unnumbered
interface.
• An MPLS traffic engineering tunnel interface should be
unnumbered because it represents a unidirectional link.
9
MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels
How to Configure MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels
10
MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels
How to Configure MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels
Note If you do not enter either of the path selection metrics commands, the traffic engineering (TE) metric is
used.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. tunnel mpls traffic-eng path-selection metric {igp | te}
5. exit
6. mpls traffic-eng path-selection metric {igp | te}
7. exit
DETAILED STEPS
Example:
Router# configure terminal
11
MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels
How to Configure MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels
SUMMARY STEPS
1. enable
2. show mpls traffic-eng topology
3. show mpls traffic-eng tunnels
4. exit
DETAILED STEPS
Step 1 enable
Use this command to enable privileged EXEC mode. Enter your password if prompted. For example:
Router> enable
Router#
12
MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels
How to Configure MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels
Use the show mpls traffic-eng topology command, which displays TE and IGP metrics for each link,
to verify that link metrics have been correctly configured for a network. For example:
Router# show mpls traffic-eng topology
Config Parameters:
Bandwidth: 400 kps (Global) Priority: 1 1 Affinity: 0x0/0xFFFF
Metric Type: IGP !!Note metric type
AutoRoute: enabled LockDown: disabled Loadshare: 0 bw-based
auto-bw: disabled(0/115) 0 Bandwidth Requested: 0
.
.
.
Name: te3640-17-c_t222 (Tunnel33) Destination: 192.168.100.22
Status:
Admin: up Oper: up Path: valid Signalling: connected
path option 1, type dynamic (Basis for Setup, path weight 10)
Config Parameters:
Bandwidth: 200 kbps (Global) Priority: 1 1 Affinity: 0x0/0xFFFF
Metric Type: TE !!Note metric type
AutoRoute: enabled LockDown: disabled Loadshare: 0 bw-based
auto-bw: disabled(0/115) 0 Bandwidth Requested: 0
.
.
.
13
MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels
Configuration Examples for Configuring a Path Calculation Metric for Tunnels
Step 4 exit
Use this command to return to user EXEC mode. For example:
Router# exit
Router>
Configuring Link Type and Metrics for Tunnel Path Selection: Examples
The section illustrates how to configure the link metric type to be used for tunnel path selection, and how
to configure the link metrics themselves. The configuration commands included focus on specifying the
metric type for path calculation and assigning metrics to links. Additional commands are required to
fully configure the example scenario: for example, the IGP commands for traffic engineering and the
link interface commands for enabling traffic engineering and specifying available bandwidth.
The examples in this section support the simple network technology shown in Figure 1.
igp: 10 R2 loopback0
192.168.2.2 / 255.255.255.0
te: 15 igp: 10
te: 40
pos0/3//0 pos1/3/1
pos0/2/0 pos2/0/0
R1 loopback0
igp: 15 igp: 10 192.168.4.4 / 255.255.255.0
te: 15 te: 5
pos0/1/0 pos2/1/0
loopback0 R4
192.168.1.1 / 255.255.255.0
pos2/2/0
pos2/0/0 pos0/1/1
igp: 10
te: 5
R3
loopback0 pos0/3/0
192.168.3.3 / 255.255.255.0
pos1/1/0
pos1/0/0
loopback0
192.168.5.5 / 255.255.255.0
192801
igp: 10
te: 15 R5
In Figure 1:
• Tunnel1 and Tunnel2 run from R1 (headend) to R4 (tailend).
14
MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels
Configuration Examples for Configuring a Path Calculation Metric for Tunnels
R1 Configuration
The following example shows how to configure the tunnel headend (R1) for Tunnel1, Tunnel2, and
Tunnel3 in Figure 1:
interface pos0/1/0
mpls traffic-eng administrative-weight 15 !TE metric different from IGP metric
interface pos0/2/0
mpls traffic-eng administrative-weight 15 !TE metric different from IGP metric
R2 Configuration
The following example shows how to configure R2 in Figure 1:
interface pos0/3/0
mpls traffic-eng administrative-weight 15 !TE metric different from IGP metric
interface pos1/3/1
mpls traffic-eng administrative-weight 40 !TE metric different from IGP metric
R3 Configuration
The following example shows how to configure R3 in Figure 1:
15
MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels
Additional References
interface pos2/0/0
mpls traffic-eng administrative-weight 15 !TE metric different from IGP metric
interface pos0/3/0
mpls traffic-eng administrative-weight 15 !TE metric different from IGP metric
interface pos0/1/1
mpls traffic-eng administrative-weight 5 !TE metric different from IGP metric
R4 Configuration
The following example shows how to configure R4 in Figure 1:
interface pos2/0/0
mpls traffic-eng administrative-weight 15 !TE metric different from IGP metric
interface pos2/1/0
mpls traffic-eng administrative-weight 15 !TE metric different from IGP metric
interface pos2/2/0
mpls traffic-eng administrative-weight 5 !TE metric different from IGP metric
R5 Configuration
The following example shows how to configure R5 in Figure 1:
interface pos1/0/0
mpls traffic-eng administrative-weight 15 !TE metric different from IGP metric
interface pos1/1/0
mpls traffic-eng administrative-weight 5 !TE metric different from IGP metric
Additional References
The following sections provide references related to the MPLS Traffic Engineering—Configurable Path
Calculation Metrics for Tunnels feature.
Related Documents
Related Topic Document Title
Configuration tasks for IS-IS and OSPF Cisco IOS XE IP Routing Protocols Configuration Guide
IS-IS and OSPF commands Cisco IOS IP Routing Protocols Command Reference
Configuration tasks for MPLS and MPLS TE Cisco IOS XE Multiprotocol Label Switching Configuration Guide
MPLS TE commands Cisco IOS Multiprotocol Label Switching Command Reference
Configuration tasks for tunnels • Cisco IOS XE Interface and Hardware Component
Configuration Guide
• Cisco IOS XE Multiprotocol Label Switching Configuration
Guide
Tunnel configuration commands • Cisco IOS Interface and Hardware Component Command
Reference
• Cisco IOS XE Multiprotocol Label Switching Command
Reference
16
MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels
Additional References
Standards
Standard Title
No new or modified standards are supported by this –
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
No new or modified RFCs are supported by this –
feature, and support for existing RFCs has not been
modified.
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
17
MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels
Feature Information for MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
Table 1 Feature Information for MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels
18
MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels
Feature Information for MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels
Table 1 Feature Information for MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
19
MPLS Traffic Engineering—Configurable Path Calculation Metric for Tunnels
Feature Information for MPLS Traffic Engineering—Configurable Path Calculation Metrics for Tunnels
20
MPLS Traffic Engineering—Scalability
Enhancements
The MPLS Traffic Engineering—Scalability Enhancement feature improves scalability performance for
large numbers of traffic engineering tunnels.
These improvements allow an increase in the number of traffic engineering (TE) tunnels a router can
support when the router is configured as a tunnel headend. Additionally, when the router is configured
as a tunnel midpoint, the enhancements reduce the time required to establish large numbers of TE
tunnels.
This feature module contains information about and instructions on how to configure the Multiprotocol
Label Switching (MPLS) traffic engineering scalability enhancements.
Contents
• Prerequisites for MPLS Traffic Engineering—Scalability Enhancements, page 2
• Restrictions for MPLS Traffic Engineering—Scalability Enhancements, page 2
• Information About MPLS Traffic Engineering—Scalability Enhancements, page 2
• How to Configure MPLS Traffic Engineering—Scalability Enhancements, page 4
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Traffic Engineering—Scalability Enhancements
Prerequisites for MPLS Traffic Engineering—Scalability Enhancements
2
MPLS Traffic Engineering—Scalability Enhancements
Information About MPLS Traffic Engineering—Scalability Enhancements
• Increase the number of traffic engineering tunnels a router can support when configured as a tunnel
headend and when configured as a tunnel midpoint
• Reduce the time required to establish large numbers of traffic engineering tunnels
3
MPLS Traffic Engineering—Scalability Enhancements
How to Configure MPLS Traffic Engineering—Scalability Enhancements
Improved Counter Capabilities for MPLS TE Tunnels Events and RSVP Signaling
With the MPLS Traffic Engineering—Scalability Enhancements feature, diagnostic and troubleshooting
capabilities for MPLS traffic engineering tunnels and RSVP are improved:
• Counters record tunnel headend error events such as no route (link down), preemption, and
insufficient bandwidth on a per-tunnel basis.
• Counters record RSVP messages. The counters are per-interface and record the number of RSVP
messages of each type sent and received on the interface.
4
MPLS Traffic Engineering—Scalability Enhancements
How to Configure MPLS Traffic Engineering—Scalability Enhancements
SUMMARY STEPS
1. enable
2. configure terminal
3. ip rsvp signalling rate-limit [burst number] [limit number] [maxsize bytes] [period ms]
4. end
5. show ip rsvp neighbor
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip rsvp signalling rate-limit [burst number] Controls the transmission rate for RSVP messages sent to a
[limit number] [maxsize bytes] [period ms] neighboring router during a specified amount of time.
• The burst number keyword and argument pair indicates
Example: the maximum number of RSVP messages sent to a
Router(config)# ip rsvp signalling rate-limit neighboring router during each interval. The range is
burst 5 maxsize 3 period 2
from 1 to 5000. The default is 8.
• The limit number keyword and argument pair indicates
the maximum number of messages to send per queue
interval when the number of messages sent is less than
the number of messages to be sent normally. The range
is 1 to 5000. The default is 37.
• The maxsize bytes keyword and argument pair
indicates the maximum size of the message queue, in
bytes. The range is 1 to 5000. The default is 2000.
• The period ms keyword and argument pair indicates the
length of the interval (time frame) in milliseconds (ms).
The range is 10 to 5000. The default is 20.
Step 4 end Exits to privileged EXEC mode.
Example:
Router(config)# end
Step 5 show ip rsvp neighbor Displays current RSVP neighbors.
Use this command to verify that RSVP message pacing is
Example: enabled.
Router# show ip rsvp neighbor
5
MPLS Traffic Engineering—Scalability Enhancements
How to Configure MPLS Traffic Engineering—Scalability Enhancements
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls traffic-eng topology holddown sigerr seconds
4. end
5. show mpls traffic-eng topology [brief]
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls traffic-eng topology holddown sigerr Specifies the amount of time that a router ignores a link in
seconds its traffic engineering topology database in tunnel path
Constrained Shortest Path First (CSPF) computations
Example: following a traffic engineering tunnel error on the link.
Router(config)# mpls traffic-eng topology • The seconds argument specifies the length of time
holddown sigerr 15
(in seconds) a router should ignore a link during tunnel
path calculations following a traffic engineering tunnel
error on the link. The range is 0 to 300. The default is
10.
Step 4 end Exits to privileged EXEC mode.
Example:
Router(config)# end
Step 5 show mpls traffic-eng topology [brief] Displays the MPLS traffic engineering global topology as
currently known at this node.
Example: • The brief keyword provides a less detailed version of
Router# show mpls traffic-eng topology brief the topology.
6
MPLS Traffic Engineering—Scalability Enhancements
How to Configure MPLS Traffic Engineering—Scalability Enhancements
SUMMARY STEPS
1. enable
2. configure terminal
3. router isis [area-tag]
4. mpls traffic-eng scanner [interval seconds] [max-flash LSPs]
5. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 router isis [area-tag] Enables the IS-IS routing protocol and specifies an IS-IS
process.
Example: • The area-tag argument is a meaningful name for a
Router(config)# router isis routing process. If it is not specified, a null tag is
assumed and the process is referenced with a null tag.
This name must be unique among all IP or
Connectionless Network Service (CLNS) router
processes for a given router.
Note This argument is Required for multiarea IS-IS
configuration and optional for conventional IS-IS
configuration.
7
MPLS Traffic Engineering—Scalability Enhancements
How to Configure MPLS Traffic Engineering—Scalability Enhancements
Example:
Router(config-router)# end
SUMMARY STEPS
1. enable
2. show ip rsvp neighbor [detail]
3. show ip rsvp counters [summary]
4. clear ip rsvp counters
5. clear ip rsvp signalling rate-limit
6. show mpls traffic-eng tunnels statistics
7. clear mpls traffic-eng tunnels counters
8. show mpls traffic-eng topology [brief]
9. exit
DETAILED STEPS
Step 1 enable
Use this command to enable privileged EXEC mode. Enter your password if prompted. For example:
Router> enable
Router#
8
MPLS Traffic Engineering—Scalability Enhancements
How to Configure MPLS Traffic Engineering—Scalability Enhancements
Neighbor:10.0.0.1
Encapsulation:RSVP
Rate-Limiting:
Dropped messages:0
Refresh Reduction:
Remote epoch:0x1BFEA5
Out of order messages:0
Retransmitted messages:0
Highest rcvd message id:1059
Last rcvd message:00:00:04
Neighbor:10.0.0.2
Encapsulation:RSVP
Rate-Limiting:
Dropped messages:0
Refresh Reduction:
Remote epoch:0xB26B1
Out of order messages:0
Retransmitted messages:0
Highest rcvd message id:945
Last rcvd message:00:00:05
9
MPLS Traffic Engineering—Scalability Enhancements
How to Configure MPLS Traffic Engineering—Scalability Enhancements
Step 9 exit
Use this command to exit to user EXEC mode. For example:
Router# exit
Router>
10
MPLS Traffic Engineering—Scalability Enhancements
Configuration Examples for MPLS Traffic Engineering—Scalability Enhancements
The following is sample output that traffic engineering displays when RSVP rate limiting is enabled:
Router# show ip rsvp signalling rate-limit
The following example shows how to configure a router to send a maximum of 5 RSVP traffic
engineering signaling messages in 1 second to a neighbor. The size of the output queue is 35.
configure terminal
ip rsvp signalling rate-limit period 1 burst 5 maxsize 35
In this example, the link hold-down time for signaling errors is set to 15 seconds.
11
MPLS Traffic Engineering—Scalability Enhancements
Additional References
router isis
mpls traffic-eng scanner interval 5 max-flash 50
end
In this example, the router is enabled to process up to 50 IS-IS LSPs without any delay.
Additional References
The following sections provide references related to the MPLS Traffic Engineering (TE)—Scalability
Enhancements feature.
Related Documents
Related Topic Document Title
Quality of service • Cisco IOS Quality of Service Solutions Command Reference
• Cisco IOS XE Quality of Service Solutions Configuration Guide,
Release 2
MPLS • Cisco IOS Multiprotocol Label Switching Command Reference
• Cisco IOS XE Multiprotocol Label Switching Configuration Guide,
Release 2
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
12
MPLS Traffic Engineering—Scalability Enhancements
Additional References
RFCs
RFC Title
No new or modified RFCs are supported by this —
feature, and support for existing RFCs has not been
modified by this feature.
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
13
MPLS Traffic Engineering—Scalability Enhancements
Feature Information for MPLS Traffic Engineering—Scalability Enhancements
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
14
MPLS Traffic Engineering—Scalability Enhancements
Feature Information for MPLS Traffic Engineering—Scalability Enhancements
15
MPLS Traffic Engineering—Scalability Enhancements
Glossary
Glossary
Cisco Express Forwarding—A means for accelerating the forwarding of packets within a router, by
storing route lookup information in several data structures instead of in a route cache.
CLNS—Connectionless Network Services. The Open System Interconnection (OSI) network layer
service that does not require a circuit to be established before the data is transmitted. CLNS routes
messages to their destination independently of any other messages.
CSPF—Constrained Shortest Path First. A routing protocol that calculates the shortest path based on a
set of constraints, such as a minimum bandwidth requirement, maximum number of nodes, or nodes to
include or exclude.
enterprise network—A large and diverse network connecting most major points in a company or other
organization.
headend—The endpoint of a broadband network. All stations send toward the headend; the headend
then sends toward the destination stations.
IGP—Interior Gateway Protocol. An Internet protocol used to exchange routing information within an
autonomous system. Examples of common Internet IGPs include Interior Gateway Routing protocol
(IGRP), Open Shortest Path First (OSPF), and Routing Information Protocol (RIP).
interface—A network connection.
IS-IS—Intermediate System-to-Intermediate System. OSI link-state hierarchical routing protocol based
on DECnet Phase V routing, where ISs (routers) exchange routing information based on a single metric,
to determine the network topology.
LSP—label switched path. A sequence of hops (R0...Rn) in which a packet travels from R0 to Rn
through label switching mechanisms. A label switched path can be chosen dynamically, based on normal
routing mechanisms, or through configuration.
message-pacing—The former name of the rate limiting feature.
MPLS—Multiprotocol Label Switching (formerly known as tag switching). A method for directing
packets primarily through Layer 2 switching rather than Layer 3 routing. In MPLS, packets are assigned
short fixed-length labels at the ingress to an MPLS cloud by using the concept of forwarding equivalence
classes. Within the MPLS domain, the labels are used to make forwarding decisions mostly without
recourse to the original packet headers.
OSPF—Open Shortest Path First. A link-state, hierarchical Interior Gateway Protocol (IGP) routing
protocol. derived from the Intermediate System–Intermediate System (IS-IS) protocol. OSPF features
are least-cost routing, multipath routing, and load balancing.
router—A network layer device that uses one or more metrics to determine the optimal path along which
network traffic should be forwarded. Routers forward packets from one network to another based on
network layer information.
RSVP—Resource Reservation Protocol. A protocol that supports the reservation of resources across an
IP network.
scalability—An indicator showing how quickly some measure of resource usage increases as a network
gets larger.
TLV—type, length, value objects. TLVs are used in data communication to provide optional
information. The type field indicates the type of items in the value field. The length field indicates the
length of the value field. The value field is the data portion of the packet.
topology—The physical arrangement of network nodes and media within an enterprise networking
structure.
16
MPLS Traffic Engineering—Scalability Enhancements
Glossary
traffic engineering—Techniques and processes that cause routed traffic to travel through the network
on a path other than the one that would have been chosen if standard routing methods were used.
traffic engineering tunnel—A label-switched tunnel that is used for traffic engineering. Such a tunnel
is set up through means other than normal Layer 3 routing; it is used to direct traffic over a path different
from the one that Layer 3 routing would cause the tunnel to take.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
17
MPLS Traffic Engineering—Scalability Enhancements
Glossary
18
MPLS Traffic Engineering—LSP Attributes
This document describes how to configure label switched path (LSP) attributes for path options
associated with Multiprotocol Label Switching (MPLS) traffic engineering (TE) tunnels.
The MPLS Traffic Engineering—LSP Attributes feature is an extension to MPLS TE that provides an
LSP Attribute List feature and a Path Option for Bandwidth Override feature. These features provide
flexibility in the configuration of LSP attributes for MPLS TE tunnel path options. Several LSP attributes
can be applied to path options for TE tunnels using an LSP attribute list. If bandwidth is the only LSP
attribute you require, then you can configure a path option for bandwidth override.
Contents
• Prerequisites for MPLS Traffic Engineering—LSP Attributes, page 2
• Restrictions for MPLS Traffic Engineering—LSP Attributes, page 2
• Information About MPLS Traffic Engineering—LSP Attributes, page 2
• How to Configure MPLS Traffic Engineering—LSP Attributes, page 6
• Configuration Examples for MPLS Traffic Engineering—LSP Attributes, page 34
• Additional References, page 39
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Traffic Engineering—LSP Attributes
Prerequisites for MPLS Traffic Engineering—LSP Attributes
2
MPLS Traffic Engineering—LSP Attributes
Information About MPLS Traffic Engineering—LSP Attributes
• LSP attribute lists make the MPLS TE user interface more flexible, easier to use, and easier to extend
and maintain.
• The Path Option for Bandwidth Override feature provides a single command that allows a TE tunnel
to fall back temporarily to path options that can reduce bandwidth constraints.
Note When you configure bandwidth for path options with the bandwidth [sub-pool | global] kbps command,
use either all subpool bandwidths or all global-pool bandwidths.
You can configure bandwidth on both dynamic and explicit path options using either the LSP Attribute
List feature or the Path Option for Bandwidth Override feature. The commands that enable these features
are exclusive of each other. If bandwidth is the only LSP attribute that you need to set on the path option,
then use the command to enable the Path Option for Bandwidth Override feature. This is the simplest
way to configure multiple path options with decreasing bandwidth constraints. Once the bandwidth
keyword is entered on the tunnel mpls traffic-eng path-option command in interface configuration
mode, you cannot configure an LSP attribute list for that path option.
3
MPLS Traffic Engineering—LSP Attributes
Information About MPLS Traffic Engineering—LSP Attributes
4
MPLS Traffic Engineering—LSP Attributes
Information About MPLS Traffic Engineering—LSP Attributes
Note When you configure bandwidth for path options with the bandwidth [sub-pool | global] kpbs command,
use either all subpool bandwidths or all global-pool bandwidths. Do not mix subpool and nonsubpool
bandwidths, otherwise the path option does not reoptimize later.
5
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
The device selects a path option for an LSP in order of preference, as follows:
• The device attempts to signal an LSP using path options starting with path option 1.
The device attempts to signal an LSP with the 1000 kbps bandwidth configured on the tunnel
interface because path-option 1 has no bandwidth configured.
• If 1000 kbps bandwidth is not available over the network, the device attempts to establish an LSP
using path-option 2.
Path option 2 has a bandwidth of 500 kbps configured. This reduces the bandwidth constraint from
the original 1000 kbps configured on the tunnel interface.
• If 500 kbps is not available, the device attempts to establish an LSP using path-option 3.
Path-option 3 is configured as dynamic and has bandwidth 0. The device establishes the LSP if an
IP path exists to the destination and all other tunnel constraints are met.
6
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
• Associating an LSP Attribute List with a Path Option for an MPLS TE Tunnel, page 17 (required)
• Modifying a Path Option to Use a Different LSP Attribute List, page 21 (optional)
• Removing a Path Option for an LSP for an MPLS TE Tunnel, page 23 (optional)
• Verifying that LSP Is Signaled Using the Correct Attributes, page 25 (optional)
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls traffic-eng lsp attributes string
4. affinity value [mask value]
5. auto-bw [frequency secs] [max-bw kbps] [min-bw kbps] [collect-bw]
6. bandwidth [sub-pool | global] kbps
7. list
8. lockdown
9. priority setup-priority [hold-priority]
10. protection fast-reroute
11. record-route
12. no sub-command
13. exit
14. end
DETAILED STEPS
Example:
Router# configure terminal
7
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
Example:
Router(config-lsp-attr)# list
8
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
Example:
Router(config-lsp-attr)# lockdown
Step 9 priority setup-priority [hold-priority] (Optional) Specifies the LSP priority.
• The setup-priority argument is used when signaling an
Example: LSP to determine which existing LSPs can be
Router(config-lsp-attr)# priority 1 1 preempted. Valid values are from 0 to 7, where a lower
number indicates a higher priority. Therefore, an LSP
with a setup priority of 0 can preempt any LSP with a
non-0 priority.
• The hold-priority argument is associated with an LSP
to determine if it should be preempted by other LSPs
that are being signaled. Valid values are from 0 to 7,
where a lower number indicates a higher priority.
Step 10 protection fast-reroute (Optional) Enables failure protection on the LSP.
Example:
Router(config-lsp-attr)# protection
fast-reroute
Step 11 record-route (Optional) Records the route used by the LSP.
Example:
Router(config-lsp-attr)# record-route
Step 12 no sub-command (Optional) Removes a specific attribute from the LSP
attributes list.
Example: • The sub-command argument names the LSP attribute to
Router(config-lsp-attr)# no record-route remove from the attributes list.
Step 13 exit (Optional) Exits from LSP Attributes configuration mode.
Example:
Router(config-lsp-attr)# exit
Step 14 end (Optional) Exits to privileged EXEC mode.
Example:
Router(config)# end
9
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls traffic-eng lsp attributes string
4. affinity value [mask value]
5. bandwidth [sub-pool | global] kbps
6. priority setup-priority [hold-priority]
7. list
8. exit
9. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls traffic-eng lsp attributes string Configures an LSP attribute list and enters LSP Attributes
configuration mode.
Example: • The string argument identifies a specific LSP attribute
Router(config)# mpls traffic-eng lsp attributes list.
1
Step 4 affinity value [mask value] (Optional) Specifies attribute flags for links comprising an
LSP.
Example: • The value argument is a value required for links that
Router(config-lsp-attr)# affinity 0 mask 0 make up an LSP. Values of the bits are either 0 or 1.
• The mask value keyword argument combination
indicates which attribute values should be checked.
– If a bit in the mask is 0, an attribute value of the
link or that bit is irrelevant.
– If a bit in the mask is 1, the attribute value of that
link and the required affinity of the LSP for that bit
must match.
10
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
Example:
Router(config-lsp-attr)# exit
Step 9 end (Optional) Exits to privileged EXEC mode.
Example:
Router(config)# end
SUMMARY STEPS
1. enable
2. configure terminal
11
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls traffic-eng lsp attributes string Configures an LSP attribute list and enters LSP Attributes
configuration mode.
Example: • The string argument identifies a specific LSP attribute
Router(config)# mpls traffic-eng lsp attributes list.
1
Step 4 no sub-command Removes a specific attribute from the LSP attribute list.
• The sub-command argument names the LSP attribute to
Example: remove from the attributes list.
Router(config-lsp-attr)# no priority
Step 5 list (Optional) Displays the contents of the LSP attribute list.
• Use the list command to verify that the path option
Example: attribute is removed from the attribute list.
Router(config-lsp-attr)# list
Step 6 exit (Optional) Exits LSP Attributes configuration mode.
Example:
Router(config-lsp-attr)# exit
Step 7 end (Optional) Exits to privileged EXEC mode.
Example:
Router(config)# end
12
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls traffic-eng lsp attributes string
4. affinity value [mask value]
5. list
6. affinity value [mask value]
7. list
8. exit
9. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls traffic-eng lsp attributes string Configures an LSP attribute list and enters LSP Attributes
configuration mode.
Example: • The string argument identifies a specific LSP attribute
Router(config)# mpls traffic-eng lsp attributes list.
1
Step 4 affinity value [mask value] Specifies attribute flags for links comprising an LSP.
• The value argument is a value required for links
Example: comprising an LSP. Values of bits are either 0 or 1.
Router(config-lsp-attr)# affinity 1 mask 1
• The mask value keyword argument combination
indicates which attribute values should be checked.
– If a bit in the mask is 0, an attribute value of the
link or that bit is irrelevant.
– If a bit in the mask is 1, the attribute value of that
link and the required affinity of the tunnel for that
bit must match.
Step 5 list (Optional) Displays the contents of the LSP attribute list.
• Use the list command to display the path option
Example: attributes configured in the attribute list.
Router(config-lsp-attr)# list
13
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
Example:
Router(config-lsp-attr)# exit
Step 9 end (Optional) Exits to privileged EXEC mode.
Example:
Router(config)# end
SUMMARY STEPS
1. enable
2. configure terminal
3. no mpls traffic-eng lsp attributes string
4. end
5. show mpls traffic-eng lsp attributes [string]
14
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
DETAILED STEPS
Example:
Router# configure terminal
Step 3 no mpls traffic-eng lsp attributes string Removes a specified LSP attribute list from the device
configuration.
Example: • The string argument identifies the specific LSP
Router(config)# no mpls traffic-eng lsp attribute list to remove.
attributes 1
Step 4 end (Optional) Exits to privileged EXEC mode.
Example:
Router(config)# end
Step 5 show mpls traffic-eng lsp attributes [string] (Optional) Displays information about configured LSP
attribute lists.
Example: • Use the show mpls traffic-eng lsp attributes
Router# show mpls traffic-eng lsp attributes command to verify that the LSP attribute list was
deleted from the router.
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls traffic-eng lsp attributes string list
4. exit
5. end
DETAILED STEPS
Step 1 enable
Use this command to enable privileged EXEC mode. Enter your password if prompted. For example:
Router> enable
Router#
15
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
LIST 1
bandwidth 1000
priority 1 1
Step 4 exit
Use this command to exit LSP Attributes configuration mode. For example:
Router(config-lsp-attr)# exit
Router(config)#
Step 5 end
Use this command to exit to privileged EXEC mode. For example:
Router(config)# exit
Router#
SUMMARY STEPS
1. enable
2. show mpls traffic-eng lsp attributes [string] [details]
3. show running-config | begin text-string
4. exit
DETAILED STEPS
Step 1 enable
Use this command to enable privileged EXEC mode. Enter your password if prompted. For example:
Router> enable
Router#
16
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
LIST 1
affinity 1 mask 1
bandwidth 1000
priority 1 1
LIST 2
bandwidth 5000
LIST hipriority
priority 0 0
!
Step 4 exit
Use this command to exit to user EXEC mode. For example:
Router# exit
Router>
Associating an LSP Attribute List with a Path Option for an MPLS TE Tunnel
Perform this task to associate an LSP attribute list with a path option for an MPLS TE tunnel. This task
is required if you want to apply the LSP attribute list that you configured to path options for your MPLS
TE tunnels.
Based on your requirements, you can configure LSP attributes lists with different sets of attributes for
different path options. LSP attribute lists also provide an easy way to configure multiple TE tunnels to
use the same LSP attributes. That is, you can reference the same LSP attribute list to configure
LSP-specific parameters for one or more TE tunnels.
Default Path Option Attributes for TE Tunnels Using LSP Attribute Lists
Values for path option attributes for a TE tunnel are determined in this manner:
• LSP attribute list values referenced by the path option take precedence over the values configured
on the tunnel interface.
17
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
• If an attribute is not specified in the LSP attribute list, the device uses the attribute in the tunnel
configuration. LSP attribute lists do not have defaults.
• If the attribute is not configured on the tunnel, then the device uses the tunnel default value, as
follows:
{affinity= affinity 0 mask 0,
auto-bw= no auto-bw,
bandwidth= bandwidth 0,
lockdown= no lockdown,
priority= priority 7 7,
protection fast-reroute= no protection fast-reroute,
record-route= no record-route
.
.
.
}
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type number
4. tunnel destination {hostname | ip-address}
5. tunnel mode mpls traffic-eng
6. tunnel mpls traffic-eng autoroute announce
7. tunnel mpls traffic-eng bandwidth [sub-pool | global] kbps
8. tunnel mpls traffic-eng priority setup-priority [hold-priority]
9. tunnel mpls traffic-eng path-option number {dynamic | explicit {name path-name |
path-number} [verbatim]} [attributes string] [bandwidth [sub-pool | global] kbps] [lockdown]
10. end
DETAILED STEPS
Example:
Router# configure terminal
18
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
Example:
Router(config-if)# tunnel mode mpls traffic-eng
Step 6 tunnel mpls traffic-eng autoroute announce Specifies that the IGP should use the tunnel (if the tunnel is
up) in its enhanced shortest path first (SPF) calculation.
Example:
Router(config-if)# tunnel mpls traffic-eng
autoroute announce
Step 7 tunnel mpls traffic-eng bandwidth [sub-pool | Configures the bandwidth required for an MPLS TE tunnel
global] bandwidth and assigns it either to the subpool or the global pool.
• The sub-pool keyword indicates a subpool tunnel.
Example:
Router(config-if)# tunnel mpls traffic-eng
• The global keyword indicates a global pool tunnel.
bandwidth 1000 Entering this keyword is not necessary, for all tunnels
are in the global pool in the absence of the sub-pool
keyword.
• The kbps argument is the bandwidth, in kilobits per
second, set aside for the MPLS TE tunnel. The range is
from 1 to 4294967295.
Step 8 tunnel mpls traffic-eng priority setup-priority Sets the priority to be used when the system determines
[hold-priority] which existing tunnels are eligible to be preempted.
• The setup-priority argument is the priority used when
Example: signaling an LSP for this tunnel to determine which
Router(config-if)# tunnel mpls traffic-eng existing tunnels can be preempted.
priority 1 1
Valid values are from 0 to 7. A lower number indicates
a higher priority. An LSP with a setup priority of 0 can
preempt any LSP with a non-0 priority.
• The hold-priority argument is the priority associated
with an LSP for this tunnel to determine if it should be
preempted by other LSPs that are being signaled.
Valid values are from 0 to 7, where a lower number
indicates a higher priority.
19
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
Example:
Router(config-if)# end
20
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type number
4. tunnel destination {hostname | ip-address}
5. tunnel mpls traffic-eng path-option number {dynamic | explicit {name path-name |
path-number} [verbatim]} [attributes string] [bandwidth [sub-pool | global] kbps] [lockdown]
6. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type number Configures the interface type and enters interface
configuration mode.
Example: • The type argument is the type of interface that you want
Router(config)# interface tunnel 1 to configure.
• The number argument is the number of the tunnel
interface that you want to create or configure.
Step 4 tunnel destination {hostname | ip-address} Specifies the destination of the tunnel for this path option.
• The hostname argument is the name of the host
Example: destination.
Router(config-if)# tunnel destination
10.10.10.12
• The ip-address argument is the IP address of the host
destination expressed in decimal in four-part, dotted
notation.
21
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
Example:
Router(config-if)# end
22
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type number
4. tunnel destination {hostname | ip-address}
5. no tunnel mpls traffic-eng path-option number {dynamic | explicit {name path-name |
path-number} [verbatim]} [attributes string] [bandwidth [sub-pool | global] kbps] [lockdown]
6. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type number Configures the interface type and enters interface
configuration mode.
Example: • The type argument is the type of interface that you want
Router(config)# interface tunnel 1 to configure.
• The number argument is the number of the tunnel
interface that you want to create or configure.
Step 4 tunnel destination {hostname | ip-address} Specifies the destination of the tunnel for this path option.
• The hostname argument is the name of the host
Example: destination.
Router(config-if)# tunnel destination
10.10.10.12
• The ip-address argument is the IP address of the host
destination expressed in decimal in four-part, dotted
notation.
23
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
Example:
Router(config-if)# end
24
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
SUMMARY STEPS
1. enable
2. show mpls traffic-eng tunnels tunnel-interface [brief]
3. exit
DETAILED STEPS
Step 1 enable
Use this command to enable privileged EXEC mode. Enter your password if prompted. For example:
Router> enable
Router#
path option 2, type explicit path2 (Basis for Setup, path weight 65834)
Config Parameters:
Bandwidth: 1000 kbps (Global) Priority: 1 1 Affinity: 0x0/0xFFFF
Metric Type: IGP (global)
AutoRoute: enabled LockDown: disabled Loadshare: 1 bw-based
auto-bw: disabled
Active Path Option Parameters:
State: explicit path option 2 is active
BandwidthOverride: enabled LockDown: disabled Verbatim: disabled
Bandwidth Override:
Signalling: 1 kbps (Global)
Overriding: 1000 kbps (Global) configured on tunnel
The output shows that the following attributes are signaled for tunnel tunnel1: affinity 0 mask 0, auto-bw
disabled, bandwidth 1000, lockdown disabled, and priority 1 1.
Step 3 exit
Use this command to return to user EXEC mode. For example:
Router# exit
Router>
25
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
Note Once you configure bandwidth as a path-option parameter, you can no longer configure an LSP attribute
list as a path-option parameter.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type number
4. tunnel destination {hostname | ip-address}
5. tunnel mpls traffic-eng path-option number {dynamic | explicit {name path--name |
path-number} [verbatim]} [attributes string] [bandwidth [sub-pool | global] kbps] [lockdown]
6. end
26
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type number Configures an interface type and enters interface
configuration mode.
Example: • The type argument is the type of interface that you want
Router(config)# interface tunnel 1 to configure.
• The number argument is the number of the tunnel
interface that you want to create or configure.
Step 4 tunnel destination {hostname | ip-address} Specifies the destination of the tunnel for this path option.
• The hostname argument is the name of the host
Example: destination.
Router(config-if)# tunnel destination
10.10.10.12
• The ip-address argument is the IP address of the host
destination expressed in decimal in four-part, dotted
notation.
27
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
Example:
Router(config-if)# end
28
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type number
4. tunnel destination {hostname | ip-address}
5. tunnel mpls traffic-eng path-option number {dynamic | explicit {name path-name |
path-number} [verbatim]} [attributes string] [bandwidth [sub-pool | global] kbps] [lockdown]
6. end
7. show mpls traffic-eng tunnels tunnel-interface [brief]
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type number Configures the interface type and enters interface
configuration mode.
Example: • The type argument is the type of interface that you want
Router(config)# interface tunnel 1 to configure.
• The number argument is the number of the tunnel
interface that you want to create or configure.
Step 4 tunnel destination {hostname | ip-address} Specifies the destination of the tunnel for this path option.
• The hostname argument is the name of the host
Example: destination.
Router(config-if)# tunnel destination
10.10.10.12
• The ip-address argument is the IP address of the host
destination expressed in decimal in four-part, dotted
notation.
29
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
Example:
Router(config-if)# end
Step 7 show mpls traffic-eng tunnels tunnel-interface (Optional) Displays information about tunnels.
[brief]
• Use the show mpls traffic-eng tunnels command to
verify which bandwidth path option is in use by the
Example: LSP.
Router# show mpls traffic-eng tunnels tunnel1
30
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. tunnel destination {hostname | ip-address}
5. no tunnel mpls traffic-eng path-option number {dynamic | explicit {name path-name |
path-number} [verbatim]} [attributes string] [bandwidth [sub-pool | global] kbps] [lockdown]
6. end
7. show mpls traffic-eng tunnels tunnel-interface [brief]
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface tunnel number Configures a tunnel interface type and enters interface
configuration mode.
Example: • The number argument is the number of the tunnel
Router(config)# interface tunnel 1 interface that you want to create or configure.
Step 4 tunnel destination {hostname | ip-address} Specifies the destination of the tunnel for this path option.
• The hostname argument is the name of the host
Example: destination.
Router(config-if)# tunnel destination
10.10.10.12
• The ip-address argument is the IP address of the host
destination expressed in decimal in four-part, dotted
notation.
31
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
Example:
Router(config-if)# end
Step 7 show mpls traffic-eng tunnels tunnel-interface (Optional) Displays information about tunnels.
[brief]
• Use the show mpls traffic-eng tunnels command to
verify which bandwidth path option is in use by the
Example: LSP.
Router# show mpls traffic-eng tunnels tunnel1
32
MPLS Traffic Engineering—LSP Attributes
How to Configure MPLS Traffic Engineering—LSP Attributes
SUMMARY STEPS
1. enable
2. show mpls traffic-eng tunnels tunnel-interface [brief]
3. exit
DETAILED STEPS
Step 1 enable
Use this command to enable privileged EXEC mode. Enter your password if prompted. For example:
Router> enable
Router#
path option 2, type explicit path2 (Basis for Setup, path weight 65834)
path option 1, type explicit path1
Config Parameters:
Bandwidth: 1000 kbps (Global) Priority: 1 1 Affinity: 0x0/0xFFFF
Metric Type: IGP (global)
AutoRoute: enabled LockDown: disabled Loadshare: 1 bw-based
auto-bw: disabled
Active Path Option Parameters:
State: explicit path option 2 is active
BandwidthOverride: enabled LockDown: disabled Verbatim: disabled
Bandwidth Override:
Signalling: 500 kbps (Global)
Overriding: 1000 kbps (Global) configured on tunnel
If bandwidth override is actively being signaled, the show mpls traffic-eng tunnel command displays
the bandwidth override information under the Active Path Option Parameters heading. The example
shows that BandwidthOverride is enabled and that the tunnel is signaled using path-option 2. The
bandwidth signaled is 500. This is the value configured on the path option 2 and it overrides the
1000 kbps bandwidth configured on the tunnel interface.
Step 3 exit
Use this command to exit to user EXEC mode. For example:
Router# exit
Router>
33
MPLS Traffic Engineering—LSP Attributes
Configuration Examples for MPLS Traffic Engineering—LSP Attributes
Troubleshooting Tips
If the tunnel state is down and you configured a path-option with bandwidth override enabled, the show
mpls traffic-eng tunnels command indicates other reasons why a tunnel is not established. For example:
• The tunnel destination is not in the routing table.
• If the bandwidth override value is not zero, the bandwidth constraint may still be too large.
• Other attributes configured on the tunnel, such as affinity, might prevent the calculation of a path
over the existing topology.
• TE might not be configured on all links necessary to reach tunnel destination.
34
MPLS Traffic Engineering—LSP Attributes
Configuration Examples for MPLS Traffic Engineering—LSP Attributes
LIST simple
priority 1 1
!
Router(config-lsp-attr)# no priority
Router(config-lsp-attr)# list
LIST simple
!
Router(config-lsp-attr)# exit
LIST 5
bandwidth 1000
priority 1 1
LIST 5
bandwidth 500
priority 1 1
Router(config-lsp-attr)# exit
35
MPLS Traffic Engineering—LSP Attributes
Configuration Examples for MPLS Traffic Engineering—LSP Attributes
Associating an LSP Attribute List with a Path Option for a TE Tunnel: Example
The following example associates the LSP attribute list identified by the numeral 3 with path option 1:
Router(config)# mpls traffic-eng lsp attributes 3
Router(config-lsp-attr)# bandwidth 1000
Router(config-lsp-attr)# priority 2 2
Router(config-lsp-attr)# protection fast-reroute
Router(config-lsp-attr)# exit
!
!
Router(config)# interface Tunnel 1
Router(config-if)# ip unnumbered FastEthernet1/0/1
Router(config-if)# tunnel destination 10.112.0.12
Router(config-if)# tunnel mode mpls traffic-eng
Router(config-if)# tunnel mpls traffic-eng affinity 1
Router(config-if)# tunnel mpls traffic-eng bandwidth 5000
Router(config-if)# tunnel mpls traffic-eng path-option 1 dynamic attributes 3
The LSP attribute list referenced by the path option will take precedence over the values configured on
the tunnel interface.
36
MPLS Traffic Engineering—LSP Attributes
Configuration Examples for MPLS Traffic Engineering—LSP Attributes
bandwidth = 500
priority = 1 1
}
Path Option for Bandwidth Override and LSP Attribute List Configuration Command Examples
The following are examples of the Cisco IOS XE command-line interface (CLI) to use when you
configure a path option to override the bandwidth:
Router(config-if)# tunnel mpls traffic-eng path-option 3 explicit name path1 ?
Router(config-if)# tunnel mpls traffic-eng path-option 3 explicit name path1 bandwidth 500
?
lockdown not a candidate for reoptimization
<cr>
Note Once you configure bandwidth as a path-option parameter, you can no longer configure an LSP attribute
list as a path-option parameter.
37
MPLS Traffic Engineering—LSP Attributes
Configuration Examples for MPLS Traffic Engineering—LSP Attributes
The device selects a path option for an LSP in order of preference, as follows:
• The device attempts to signal an LSP using path options starting with path-option 1.
The device attempts to signal an LSP with the 1000 kbps bandwidth configured on the tunnel
interface because path-option 1 has no bandwidth configured.
• If 1000 kbps bandwidth is not available over the network, the device attempts to establish an LSP
using path-option 2.
Path-option 2 has a bandwidth of 500 kbps configured. This reduces the bandwidth constraint from
the original 1000 kbps configured on the tunnel interface.
• If 500 kbps is not available, the device attempts to establish an LSP using path-option 3.
Path-option 3 is configured as dynamic and has bandwidth 0. The device establishes the LSP if an
IP path exists to the destination and all other tunnel constraints are met.
interface Tunnel 1
ip unnumbered Loopback0
tunnel destination 10.10.10.12
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng priority 1 1
tunnel mpls traffic-eng bandwidth 1000
tunnel mpls traffic-eng path-option 1 explicit name path1
tunnel mpls traffic-eng path-option 2 explicit name path2 bandwidth 500
tunnel mpls traffic-eng path-option 3 dynamic bandwidth 0
!
!
Router(config)# tunnel mpls traffic-eng path-option 3 explicit name path3 bandwidth 100
38
MPLS Traffic Engineering—LSP Attributes
Additional References
Additional References
The following sections provide references related to the MPLS Traffic Engineering—LSP Attributes
feature.
Related Documents
Related Topic Document Title
MPLS TE command descriptions Cisco IOS Multiprotocol Label Switching Command Reference
Standards
Standards Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIBs MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
39
MPLS Traffic Engineering—LSP Attributes
Additional References
RFCs
RFCs Title
No new or modified RFCs are supported by this —
feature, and support for existing RFCs has not been
modified by this feature.
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
40
MPLS Traffic Engineering—LSP Attributes
Feature Information for MPLS Traffic Engineering—LSP Attributes
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
41
MPLS Traffic Engineering—LSP Attributes
Feature Information for MPLS Traffic Engineering—LSP Attributes
42
MPLS Traffic Engineering—LSP Attributes
Glossary
Glossary
bandwidth—The difference between the highest and lowest frequencies available for network signals.
The term also is used to describe the rated throughput capacity of a given network medium or protocol.
The frequency range necessary to convey a signal measured in units of hertz (Hz). For example, voice
signals typically require approximately 7 kHz of bandwidth and data traffic typically requires
approximately 50 kHz of bandwidth.
bandwidth reservation—The process of assigning bandwidth to users and applications served by a
network. This process involves assigning priority to different flows of traffic based on how critical and
delay-sensitive they are. This makes the best use of available bandwidth, and if the network becomes
congested, lower-priority traffic can be dropped. Sometimes called bandwidth allocation
global pool—The total bandwidth allocated to an Multiprotocol Label Switching (MPLS) traffic
engineering link.
label switched path (LSP) tunnel—A configured connection between two routers, using label
switching to carry the packets.
LSR—label switch router. A Multiprotocol Label Switching (MPLS) node that can forward native
Layer 3 packets. The LSR forwards a packet based on the value of a label attached to the packet.
MPLS TE—Multiprotocol Label Switching (MPLS) traffic engineering (formerly known as “RRR” or
Resource Reservation Routing). The use of label switching to improve traffic performance along with an
efficient use of network resources.
subpool—The more restrictive bandwidth in an Multiprotocol Label Switching (MPLS) traffic
engineering link. The subpool is a portion of the link's overall global pool bandwidth.
TE—traffic engineering. The techniques and processes used to cause routed traffic to travel through the
network on a path other than the one that would have been chosen if standard routing methods had been
used. The application of scientific principles and technology to measure, model, and control internet
traffic in order to simultaneously optimize traffic performance and network resource utilization.
traffic engineering tunnel—A label-switched tunnel used for traffic engineering. Such a tunnel is set
up through means other than normal Layer 3 routing; it is used to direct traffic over a path different from
the one that Layer 3 routing could cause the tunnel to take.
tunnel—A secure communication path between two peers, such as two routers.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
43
MPLS Traffic Engineering—LSP Attributes
Glossary
44
MPLS Traffic Engineering—Verbatim Path
Support
The MPLS Traffic Engineering—Verbatim Path Support feature allows network nodes to support
Resource Reservation Protocol (RSVP) extensions without supporting Interior Gateway Protocol (IGP)
extensions for traffic engineering (TE), thereby bypassing the topology database verification process.
Contents
• Prerequisites for MPLS Traffic Engineering—Verbatim Path Support, page 2
• Restrictions for MPLS Traffic Engineering—Verbatim Path Support, page 2
• Information About MPLS Traffic Engineering—Verbatim Path Support, page 2
• How to Configure and Verify MPLS Traffic Engineering—Verbatim Path Support, page 2
• Configuration Example for MPLS Traffic Engineering—Verbatim Path Support, page 6
• Additional References, page 7
• Feature Information for MPLS Traffic Engineering—Verbatim Path Support, page 9
• Glossary, page 10
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Traffic Engineering—Verbatim Path Support
Prerequisites for MPLS Traffic Engineering—Verbatim Path Support
2
MPLS Traffic Engineering—Verbatim Path Support
How to Configure and Verify MPLS Traffic Engineering—Verbatim Path Support
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. ip unnumbered loopback number
5. tunnel destination {host-name | ip-address}
6. tunnel mode mpls traffic-eng
7. tunnel mpls traffic-eng bandwidth {sub-pool kbps | kbps}
8. tunnel mpls traffic-eng autoroute announce
9. tunnel mpls traffic-eng priority setup-priority [hold-priority]
10. tunnel mpls traffic-eng path-option preference-number {dynamic [attributes string | bandwidth
{sub-pool kbps | kbps} | lockdown | verbatim] | explicit {name path-name | identifier
path-number}}
11. exit
12. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface tunnel number Configures a tunnel interface and enters interface
configuration mode.
Example: • The number argument identifies the tunnel number to
Router(config)# interface tunnel 1 be configured.
Step 4 ip unnumbered loopback number Configures an unnumbered IP interface, which enables IP
processing without an explicit address. A loopback
interface is usually configured with the router ID.
Example:
Router(config-if)# ip unnumbered loopback 1 Note An MPLS traffic engineering tunnel interface
should be unnumbered because it represents a
unidirectional link.
3
MPLS Traffic Engineering—Verbatim Path Support
How to Configure and Verify MPLS Traffic Engineering—Verbatim Path Support
4
MPLS Traffic Engineering—Verbatim Path Support
How to Configure and Verify MPLS Traffic Engineering—Verbatim Path Support
5
MPLS Traffic Engineering—Verbatim Path Support
Configuration Example for MPLS Traffic Engineering—Verbatim Path Support
SUMMARY STEPS
1. enable
2. show mpls traffic-eng tunnels tunnel-interface [brief]
3. disable
DETAILED STEPS
Example:
Router# show mpls traffic-eng tunnels tunnel1
Step 3 disable (Optional) Exits to user EXEC mode.
Example:
Router# disable
6
MPLS Traffic Engineering—Verbatim Path Support
Additional References
Additional References
The following sections provide references related to the MPLS Traffic Engineering—Verbatim Path
feature.
Related Documents
Related Topic Document Title
MPLS commands Cisco IOS Multiprotocol Label Switching Command Reference
Interface commands Cisco IOS Interface and Hardware Component Command Reference
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
No new or modified RFCs are supported by this —
release.
7
MPLS Traffic Engineering—Verbatim Path Support
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
8
MPLS Traffic Engineering—Verbatim Path Support
Feature Information for MPLS Traffic Engineering—Verbatim Path Support
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
9
MPLS Traffic Engineering—Verbatim Path Support
Glossary
Glossary
Fast Reroute—Procedures that enable temporary routing around a failed link or node while a new
label-switched path (LSP) is being established at the head end.
headend—The router that originates and maintains a given label-switched path (LSP). This is the first
router in the LSP’s path.
IGP—Interior Gateway Protocol. Internet protocol used to exchange routing information within an
autonomous system. Examples of common Internet IGPs include Interior Gateway Routing Protocol
(IGRP), Open Shortest Path First (OSPF), and Routing Information protocol (RIP).
LSP—label-switched path. A configured connection between two routers, in which label switching is
used to carry the packets. The purpose of an LSP is to carry data packets.
LSR—label switching router. A device that forwards Multiprotocol Label Switching (MPLS) packets
based on the value of a fixed-length label encapsulated in each packet.
merge point—The backup tunnel’s tail.
MPLS—Multiprotocol Label Switching. A method for forwarding packets (frames) through a network.
It enables routers at the edge of a network to apply labels to packets (frames). ATM switches or existing
routers in the network core can switch packets according to the labels with minimal lookup overhead.
PLR—point of local repair. The head-end of the backup tunnel.
RSVP—Resource Reservation Protocol. A protocol that supports the reservation of resources across an
IP network. Applications running on IP end systems can use RSVP to indicate to other nodes the nature
(bandwidth, jitter, maximum burst, and so on) of the packet streams they want to receive.
SPF—shortest path first. Routing algorithm that iterates on length of path to determine a shortest-path
spanning tree. Commonly used in link-state routing algorithms. Sometimes called Dijkstra’s algorithm.
tailend—The router upon which an label-switched path (LSP) is terminated. This is the last router in the
LSP’s path.
traffic engineering—The techniques and processes used to cause routed traffic to travel through the
network on a path other than the one that would have been chosen if standard routing methods had been
used.
tunnel—A secure communications path between two peers, such as routers.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
10
MPLS Traffic Engineering—RSVP Hello State
Timer
The MPLS Traffic Engineering—RSVP Hello State Timer feature detects when a neighbor is down and
quickly triggers a state timeout, which frees resources such as bandwidth that can be reused by other
label switched paths (LSPs).
Resource Reservation Protocol (RSVP) hellos can be used to detect when a neighboring node is down.
The hello state timer then triggers a state timeout. As a result, network convergence time is reduced, and
nodes can forward traffic on alternate paths or assist in stateful switchover (SSO) operation.
Contents
• Prerequisites for MPLS Traffic Engineering—RSVP Hello State Timer, page 2
• Restrictions for MPLS Traffic Engineering—RSVP Hello State Timer, page 2
• Information About MPLS Traffic Engineering—RSVP Hello State Timer, page 2
• How to Configure MPLS Traffic Engineering—RSVP Hello State Timer, page 5
• Configuration Examples for MPLS Traffic Engineering—RSVP Hello State Timer, page 10
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Traffic Engineering—RSVP Hello State Timer
Prerequisites for MPLS Traffic Engineering—RSVP Hello State Timer
2
MPLS Traffic Engineering—RSVP Hello State Timer
Information About MPLS Traffic Engineering—RSVP Hello State Timer
Hellos enable RSVP nodes to detect when a neighboring node is not reachable. After a certain number
of intervals, hellos notice that a neighbor is not responding and delete its state. This action frees the
node’s resources to be reused by other LSPs.
Hellos must be configured both globally on the router and on the specific interface to be operational.
Hello Instance
A hello instance implements RSVP hellos for a given router interface address and a remote IP address.
A hello instance is expensive because of the large number of hello requests that are sent and the strains
they put on the router resources. Therefore, you should create a hello instance only when it is needed to
time out state and delete the hello instance when it is no longer necessary.
Alternate Path
Router 4
PathError
117934
Hello Instance Hello Instance
LSP1
Assume that the link between Router 1 and Router 2 fails. This type of problem can be detected by
various means including interface failure, Interior Gateway Protocol (IGP) (Open Shortest Path First
(OSPF) or Intermediate System-to-Intermediate System (IS-IS)), and RSVP hellos. However, sometimes
interface failure cannot be detected; for example, when Router 1 and Router 2 are interconnected
through a Layer 2 switch. The IGP may be slow detecting the failure. Or there may be no IGP running
between Router 1 and Router 2; for example, between two Autonomous System Boundary Routers
(ASBRs) interconnecting two autonomous systems.
If hellos were running between Router 1 and Router 2, each router would notice that communication was
lost and time out the state immediately.
Router 2 sends a delayed PathTear message to Router 3 so that the state can be deleted on all nodes
thereby speeding up the convergence time.
Note The PathTear message is delayed one second because on some platforms data is being forwarded even
after the control plane is down.
Router 1 sends a destructive PathError message upstream to Router 0 with error code
ROUTING_PROBLEM and error value NO_ROUTE.
3
MPLS Traffic Engineering—RSVP Hello State Timer
Information About MPLS Traffic Engineering—RSVP Hello State Timer
LSP1 goes from Router 0 to Router 1 to Router 2 to Router 3; LSP 2 goes from Router 0 to Router 1 to
Router 4 to Router 2 to Router 3.
117935
Router 1 Router 2 Router 3
Merge Point
This TE LSP has a backup tunnel from Router 1 to Router 3 protecting the fast reroutable TE LSP against
a failure in the Router 1 to Router 2 link and node Router 2. However, assume that a failure occurs in the
link connecting Router 1 to Router 2. If hellos were running between Router 1 and Router 2, the routers
would notice that the link is down, but would not time out the state. Router 2 notices the failure, but
cannot time out the TE LSP because Router 2 may be a merge point, or another downstream node may
be a merge point. Router 1 notices the failure and switches to the backup LSP; however, Router 1 cannot
time out the state either.
Note A hello instance is not created in the preceding scenario because the neighbor is down and the hello
instance cannot take action.
Note If both Fast Reroute and hellos for state timeout hello instances are needed on the same link, only one
hello instance is created. It will have the Fast Reroute configuration including interval, missed refreshes,
and differentiated services code point (DSCP). When a neighbor is down, Fast Reroute and the hello state
timer take action.
Figure 3 shows a fast-reroutable TE LSP. without a backup tunnel, from Router 1 (the point of local
repair (PLR)), to Router 2 to Router 3.
4
MPLS Traffic Engineering—RSVP Hello State Timer
How to Configure MPLS Traffic Engineering—RSVP Hello State Timer
117936
Router 1 Router 2 Router 3
PLR Merge Point
Assume that a failure occurs in the link connecting Router 1 to Router 3. Router 1 can time out the state
for the TE LSP because Router 1 knows there is no backup tunnel. However, Router 2 cannot time out
the state because Router 2 does not know whether a backup tunnel exists. Also, Router 2 may be a merge
point, and therefore cannot time out the state.
Note A hello instance is not created in the preceding scenario because the neighbor is down and the hello
instance cannot take action.
Note The following tasks also enable Fast Reroute; however, this section focuses on the RSVP hello state
timer.
SUMMARY STEPS
1. enable
2. configure terminal
3. ip rsvp signalling hello
4. end
5
MPLS Traffic Engineering—RSVP Hello State Timer
How to Configure MPLS Traffic Engineering—RSVP Hello State Timer
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip rsvp signalling hello Enables hellos for state timeout globally on a router.
Example:
Router(config)# ip rsvp signalling hello
Step 4 end Exits to privileged EXEC mode.
Example:
Router(config)# end
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number]
4. ip rsvp signalling hello
5. end
DETAILED STEPS
Example:
Router# configure terminal
6
MPLS Traffic Engineering—RSVP Hello State Timer
How to Configure MPLS Traffic Engineering—RSVP Hello State Timer
Example:
Router(config-if)# ip rsvp signalling hello
Step 5 end Exits to privileged EXEC mode.
Example:
Router(config-if)# end
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number]
4. ip rsvp signalling hello reroute dscp num
5. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type Enters interface configuration mode.
slot/subslot/port[.subinterface-number]
• The type slot/subslot/port[.subinterface-number]
arguments identify the interface to be configured.
Example:
Router(config)# interface FastEthernet 0/0/0
7
MPLS Traffic Engineering—RSVP Hello State Timer
How to Configure MPLS Traffic Engineering—RSVP Hello State Timer
Example:
Router(config-if)# end
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number]
4. ip rsvp signalling hello reroute refresh interval interval-value
5. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type Enters interface configuration mode.
slot/subslot/port[.subinterface-number]
• The type slot/subslot/port[.subinterface-number]
argument identifies the interface to be configured.
Example:
Router(config)# interface FastEthernet 0/0/0
8
MPLS Traffic Engineering—RSVP Hello State Timer
How to Configure MPLS Traffic Engineering—RSVP Hello State Timer
Example:
Router(config-if)# ip rsvp signalling hello
reroute refresh interval 5000
Step 5 end Exits to privileged EXEC mode.
Example:
Router(config-if)# end
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number]
4. ip rsvp signalling hello reroute refresh misses msg-count
5. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type Enters interface configuration mode.
slot/subslot/port[.subinterface-number]
• The type slot/subslot/port[.subinterface-number]
arguments identify the interface to be configured.
Example:
Router(config)# interface FastEthernet 0/0/0
9
MPLS Traffic Engineering—RSVP Hello State Timer
Configuration Examples for MPLS Traffic Engineering—RSVP Hello State Timer
Example:
Router(config-if)# ip rsvp signalling hello
reroute refresh misses 5
Step 5 end Exits to privileged EXEC mode.
Example:
Router(config-if)# end
SUMMARY STEPS
1. enable
2. show ip rsvp hello
DETAILED STEPS
10
MPLS Traffic Engineering—RSVP Hello State Timer
Additional References
The following example verifies the status of the hello state timer (reroute):
Router# show ip rsvp hello
Hello:
Fast-Reroute/Reroute:Enabled
Statistics:Enabled
Graceful Restart:Enabled (help-neighbor only)
Additional References
The following sections provide references related to the MPLS Traffic Engineering—RSVP Hello State
Timer feature.
Related Documents
Related Topic Document Title
RSVP commands: complete command syntax, • Cisco IOS Quality of Service Solutions Command Reference
command mode, defaults, usage guidelines, and • Cisco IOS Multiprotocol Label Switching Command Reference
examples
Stateful Switchover Stateful Switchover
MPLS Label Distribution Protocol MPLS Label Distribution Protocol (LDP) Overview
Cisco nonstop forwarding Cisco Nonstop Forwarding
Information on backup tunnels, link and node failures, MPLS TE: Link and Node Protection, with RSVP Hellos Support
RSVP hellos (with Fast Tunnel Interface Down Detection)
Graceful restart NSF/SSO - MPLS TE and RSVP Graceful Restart
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
11
MPLS Traffic Engineering—RSVP Hello State Timer
Additional References
MIBs
MIB MIBs Link
No new or modified MIBS are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
RFC 3209 RSVP-TE: Extensions to RSVP for LSP Tunnels
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
12
MPLS Traffic Engineering—RSVP Hello State Timer
Feature Information for MPLS Traffic Engineering—RSVP Hello State Timer
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
Table 1 Feature Information for MPLS Traffic Engineering—RSVP Hello State Timer
13
MPLS Traffic Engineering—RSVP Hello State Timer
Glossary
Glossary
autonomous system—A collection of networks that share the same routing protocol and that are under
the same system administration.
ASBR—autonomous system boundary router. A router that connects and exchanges information
between two or more autonomous systems.
backup tunnel—A Multiprotocol Label Switching (MPLS) traffic engineering tunnel used to protect
other (primary) tunnel traffic when a link or node failure occurs.
DSCP—differentiated services code point. Six bits in the IP header, as defined by the Internet
Engineering Task Force (IETF). These bits determine the class of service provided to the IP packet.
FRR—Fast Reroute. A mechanism for protecting Multiprotocol Label Switching (MPLS) traffic
engineering (TE) label switched paths (LSPs) from link and node failure by locally repairing the LSPs
at the point of failure, allowing data to continue to flow on them while their headend routers attempt to
establish end-to-end LSPs to replace them. FRR locally repairs the protected LSPs by rerouting them
over backup tunnels that bypass failed links or nodes.
graceful restart—A process for helping a neighboring Route Processor (RP) restart after a node failure
has occurred.
headend—The router that originates and maintains a given label switched paths (LSP). This is the first
router in the LSP’s path.
IGP—Interior Gateway Protocol. Internet protocol used to exchange routing information within an
autonomous system. Examples of common Internet IGPs include Internal Gateway Routing Protocol
(IGRP), Open Shortest Path First (OSPF), and Routing Information Protocol (RIP).
IS-IS—Intermediate System-to-Intermediate System. Open systems Interconnection (OSI) link-state
hierarchical routing protocol whereby Intermediate System (IS) routers exchange routing information
based on a single metric to determine network topology.
instance—A mechanism that implements the RSVP hello extensions for a given router interface address
and remote IP address. Active hello instances periodically send Hello Request messages, expecting
Hello ACK messages in response. If the expected ACK message is not received, the active hello instance
declares that the neighbor (remote IP address) is unreachable (that is, it is lost). This can cause LSPs
crossing this neighbor to be fast rerouted.
label—A short, fixed-length data identifier that tells switching nodes how to forward data (packets or
cells).
LDP—Label Distribution Protocol. The protocol that supports Multiprotocol Label Switching (MPLS)
hop-by-hop forwarding by distributing bindings between labels and network prefixes. The Cisco
proprietary version of this protocol is the Tag Distribution Protocol (TDP).
LSP—label switched path is a configured connection between two routers, in which Multiprotocol Label
Switching (MPLS) is used to carry packets. The LSP is created by the concatenation of one or more
label-switched hops, allowing a packet to be forwarded by swapping labels from one MPLS node to
another MPLS node.
merge point—The backup tunnel’s tail.
MPLS—Multiprotocol Label Switching. A method for forwarding packets (frames) through a network.
MPLS enables routers at the edge of a network to apply labels to packets (frames). ATM switches or
existing routers in the network core can switch packets according to the labels.
OSPF—Open Shortest Path First. A link-state routing protocol used for routing.
PLR—point of local repair. The headend of the backup tunnel.
14
MPLS Traffic Engineering—RSVP Hello State Timer
Glossary
RSVP—Resource Reservation Protocol. A protocol that supports the reservation of resources across an
IP network. Applications running on IP end systems can use RSVP to indicate to other nodes the nature
(bandwidth, jitter, maximum burst, and so on) of the packet streams they want to receive.
state—Information that a router must maintain about each LSP. The information is used for rerouting
tunnels.
tailend—The router upon which an LSP is terminated. This is the last router in the LSP’s path.
TE—traffic engineering. The techniques and processes used to cause routed traffic to travel through the
network on a path other than the one that would have been chosen if standard routing methods had been
used.
topology—The physical arrangement of network nodes and media within an enterprise networking
structure.
tunnel—Secure communications path between two peers, such as two routers.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
15
MPLS Traffic Engineering—RSVP Hello State Timer
Glossary
16
MPLS Traffic Engineering Forwarding Adjacency
The MPLS Traffic Engineering Forwarding Adjacency feature allows a network administrator to handle
a traffic engineering (TE) label switched path (LSP) tunnel as a link in an Interior Gateway Protocol
(IGP) network based on the Shortest Path First (SPF) algorithm.
Both Intermediate System-to-Intermediate System (IS-IS) and Open Shortest Path First (OSPF) are
supported.
Contents
• Prerequisites for MPLS Traffic Engineering Forwarding Adjacency, page 2
• Restrictions for MPLS Traffic Engineering Forwarding Adjacency, page 2
• Information About MPLS Traffic Engineering Forwarding Adjacency, page 2
• How to Configure MPLS Traffic Engineering Forwarding Adjacency, page 3
• Configuration Examples for MPLS Traffic Engineering Forwarding Adjacency, page 7
• Additional References, page 9
• Feature Information for MPLS Traffic Engineering Forwarding Adjacency, page 11
• Glossary, page 12
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Traffic Engineering Forwarding Adjacency
Prerequisites for MPLS Traffic Engineering Forwarding Adjacency
2
MPLS Traffic Engineering Forwarding Adjacency
How to Configure MPLS Traffic Engineering Forwarding Adjacency
= Routers = Links
= Tunnels
59681
= IGP cloud
As a result, a TE tunnel is advertised as a link in an IGP network with the link’s cost associated with it.
Routers outside of the TE domain see the TE tunnel and use it to compute the shortest path for routing
traffic throughout the network.
3
MPLS Traffic Engineering Forwarding Adjacency
How to Configure MPLS Traffic Engineering Forwarding Adjacency
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. exit
5. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface tunnel number Designates a tunnel interface for the forwarding adjacency, and
enters interface configuration mode.
Example:
Router(config)# interface tunnel 0
Step 4 exit Exits interface configuration mode and returns to global
configuration mode.
Example:
Router(config-if)# exit
Step 5 exit Exits global configuration mode and returns to privileged EXEC
mode.
Example:
Router(config)# exit
Note You must configure a forwarding adjacency on two LSP tunnels bidirectionally, from A to B and B to A.
Otherwise, the forwarding adjacency is advertised, but not used in the IGP network.
4
MPLS Traffic Engineering Forwarding Adjacency
How to Configure MPLS Traffic Engineering Forwarding Adjacency
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. tunnel mpls traffic-eng forwarding-adjacency [holdtime value]
5. isis metric {metric-value | maximum} {level-1 | level-2}
6. exit
7. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface tunnel number Designates a tunnel interface for the forwarding adjacency, and
enters interface configuration mode.
Example:
Router(config)# interface tunnel 0
Step 4 tunnel mpls traffic-eng Advertises a TE tunnel as a link in an IGP network.
forwarding-adjacency [holdtime value]
Example:
Router(config-if)# tunnel mpls
traffic-eng forwarding-adjacency
Step 5 isis metric {metric-value | maximum} Configures the IS-IS metric for a tunnel interface to be used as a
{level-1 | level-2} forwarding adjacency.
• You should specify the isis metric command with level-1 or
Example:
Router(config-if)# isis metric 2 level-1 level-2 to be consistent with the IGP level at which you are
performing traffic engineering. Otherwise, the metric has the
default value of 10.
Step 6 exit Exits interface configuration mode and returns to global
configuration mode.
Example:
Router(config-if)# exit
Step 7 exit Exits global configuration mode and returns to privileged EXEC
mode.
Example:
Router(config)# exit
5
MPLS Traffic Engineering Forwarding Adjacency
How to Configure MPLS Traffic Engineering Forwarding Adjacency
SUMMARY STEPS
1. enable
2. show mpls traffic-eng forwarding-adjacency [id-address]
3. show isis [process-tag] database [level-1] [level-2] [l1] [l2] [detail] [lspid]
4. exit
DETAILED STEPS
Step 1 enable
Use this command to enable privileged EXEC mode. Enter your password if prompted. For example:
Router> enable
Router#
Step 3 show isis [process-tag] database [level-1] [level-2] [l1] [l2] [detail] [lspid]
Use this command to display information about the IS-IS link-state database. For example:
Router# show isis database
6
MPLS Traffic Engineering Forwarding Adjacency
Configuration Examples for MPLS Traffic Engineering Forwarding Adjacency
Step 4 exit
Use this command to exit to user EXEC. For example:
Router# exit
Router>
Following is sample command output when a forwarding adjacency has been configured:
Router# show running-config
Building configuration...
Current configuration :364 bytes
!
interface Tunnel7
ip unnumbered Loopback0
no ip directed-broadcast
tunnel destination 192.168.1.7
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng forwarding-adjacency
tunnel mpls traffic-eng priority 7 7
tunnel mpls traffic-eng path-option 10 explicit name short
isis metric 2 level 1
Note Do not specify the tunnel mpls traffic-eng autoroute announce command in your configuration when
you are using forwarding adjacency.
7
MPLS Traffic Engineering Forwarding Adjacency
Configuration Examples for MPLS Traffic Engineering Forwarding Adjacency
Building configuration...
Current configuration : 310 bytes
interface tunnel 1
!
interface Tunnel1
ip unnumbered Loopback0
ip ospf cost 6
tunnel destination 172.16.255.5
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng forwarding-adjacency tunnel mpls
traffic-eng priority 7 7
tunnel mpls traffic-eng bandwidth 1000
tunnel mpls traffic-eng path-option 10 dynamic
end
Usage Tips
In Figure 2, if you have no forwarding adjacencies configured for the TE tunnels between Band F and C
and F, all the traffic that A must forward to F goes through B because B is the shortest path from A to F.
(The cost from A to F is 15 through B and 20 through C.)
8
MPLS Traffic Engineering Forwarding Adjacency
Additional References
5 5
D G
6 6
5
5 E
B C
62884
5 5
A
5 = IS-IS metric for each physical link
6 = IS-IS metric for the TE tunnels
If you have forwarding adjacencies configured on the TE tunnels between B and F and C and F and also
on the TE tunnels between F and B and F and C, then when A computes the SPF algorithm, A sees two
equal cost paths of 11 to F. As a result, traffic across the A-B and A-C links is shared.
Additional References
The following sections provide references related to the MPLS Traffic Engineering Forwarding
Adjacency feature.
Related Documents
Related Topic Document Title
MPLS traffic engineering commands Cisco IOS Multiprotocol Label Switching Command Reference
IP switching commands Cisco IOS IP Switching Command Reference
IS-IS TLVs Intermediate System-to-Intermediate System (IS-IS) TLVs (white
paper)
9
MPLS Traffic Engineering Forwarding Adjacency
Additional References
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing standards has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
No new or modified RFCs are supported by this —
feature, and support for existing RFCs has not been
modified by this feature.
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
10
MPLS Traffic Engineering Forwarding Adjacency
Feature Information for MPLS Traffic Engineering Forwarding Adjacency
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
11
MPLS Traffic Engineering Forwarding Adjacency
Glossary
Glossary
Cisco Express Forwarding—A scalable, distributed, Layer 3 switching solution designed to meet the
future performance requirements of the Internet and enterprise networks.
forwarding adjacency—A traffic engineering link (or LSP) into an IS-IS/OSPF network.
IGP—Interior Gateway Protocol. Internet protocol used to exchange routing information within an
autonomous system. Examples of common IGPs include Interior Gateway Routing Protocol (IGRP),
Open Shortest Path First (OSPF), and Routing Information Protocol (RIP).
IS-IS—Intermediate System-to-Intermediate System. Open System Interconnection (OSI) link-state
hierarchical routing protocol whereby Intermediate System (IS) routers exchange routing information
based on a single metric to determine network topology.
label switched path (LSP)—A sequence of hops (R0...Rn) in which a packet travels from R0 to Rn
through label switching mechanisms. A switched path can be chosen dynamically, based on normal
routing mechanisms, or through configuration.
label switched path (LSP) tunnel—A configured connection between two routers, using label
switching to carry the packets.
MPLS—Multiprotocol Label Switching. A switching method that forwards IP traffic using a label. This
label instructs the routers and the switches in the network where to forward the packets based on
preestablished IP routing information.
OSPF—Open Shortest Path First. A link-state, hierarchical IGP routing algorithm proposed as a
successor to RIP in the Internet community. OSPF features include least-cost routing, multipath routing,
and load balancing. OSPF was derived from an early version of the IS-IS protocol. See also IS-IS.
SPF—Shortest Path First. A routing algorithm used as the basis for OSPF operations. When an SPF
router is powered up, it initializes its routing-protocol data structures and then waits for indications from
lower-layer protocols that its interfaces are functional.
TLV—type, length, value. A block of information embedded in Cisco Discovery Protocol
advertisements.
traffic engineering—The techniques and processes used to cause routed traffic to travel through the
network on a path other than the one that would have been chosen if standard routing methods had been
applied.
traffic engineering tunnel—A label switched tunnel that is used for traffic engineering. Such a tunnel
is set up through means other than normal Layer 3 routing; it is used to direct traffic over a path different
from the one that Layer 3 routing would cause the tunnel to take.
12
MPLS Traffic Engineering Forwarding Adjacency
Glossary
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
13
MPLS Traffic Engineering Forwarding Adjacency
Glossary
14
MPLS Traffic Engineering (TE)—Automatic
Bandwidth Adjustment for TE Tunnels
The MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels feature allows
you to automatically adjust the bandwidth allocation for traffic engineering tunnels based on the tunnel’s
measured traffic load. The configured bandwidth in the running configuration is changed due to the
automatic bandwidth behavior.
Contents
• Prerequisites for MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels, page 2
• Restrictions for MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels, page 2
• Information About MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels, page 2
• How to Configure MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels, page 3
• Configuration Examples for MPLS TE—Automatic Bandwidth Adjustments for TE Tunnels,
page 15
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels
Prerequisites for MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels
2
MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels
How to Configure MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels
The frequency with which tunnel bandwidth is adjusted and the allowable range of adjustments is
configurable on a per-tunnel basis. In addition, the sampling interval and the interval over which to
average tunnel traffic to obtain the average output rate is user-configurable on a per-tunnel basis.
SUMMARY STEPS
1. enable
2. configure terminal
3. ip cef distributed
4. mpls traffic-eng tunnels
5. exit
3
MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels
How to Configure MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip cef distributed Enables distributed Cisco Express Forwarding operation.
Example:
Router(config)# ip cef distributed
Step 4 mpls traffic-eng tunnels Enables the MPLS traffic engineering tunnel feature on a
device.
Example:
Router(config)# mpls traffic-eng tunnels
Step 5 exit Exits to privileged EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. configure terminal
3. router isis
4. mpls traffic-eng level-1
5. mpls traffic-eng router-id loopback0
6. metric-style wide
7. exit
4
MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels
How to Configure MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels
8. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 router isis Enables IS-IS routing and specifies an IS-IS process for IP.
This command places you in router configuration mode.
Example:
Router(config)# router isis
Step 4 mpls traffic-eng level-1 Turns on MPLS traffic engineering for IS-IS level 1.
Example:
Router(config-router)# mpls traffic-eng level-1
Step 5 mpls traffic-eng router-id loopback0 Specifies that the traffic engineering router identifier for the
node is the IP address associated with interface loopback0.
Example:
Router(config-router)# mpls traffic-eng
router-id loopback0
Step 6 metric-style wide Configures a router to generate and accept only new-style
type, length, value objects (TLVs).
Example:
Router(config-router)# metric-style wide
Step 7 exit Exits to global configuration mode.
Example:
Router(config-router)# exit
Step 8 exit Exits to privileged EXEC mode.
Example:
Router(config)# exit
5
MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels
How to Configure MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels
SUMMARY STEPS
1. enable
2. configure terminal
3. router ospf process-id
4. mpls traffic-eng area number
5. mpls traffic-eng router-id loopback0
6. exit
7. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 router ospf process-id Configures an OSPF routing process for IP and enters
router configuration mode.
Example: • The process-id is an internally used identification
Router(config)# router ospf 200 parameter for an OSPF routing process. It is locally
assigned and can be any positive integer. Assign a
unique value for each OSPF routing process.
Step 4 mpls traffic-eng area number Turns on MPLS traffic engineering for the indicated OSPF
area.
Example:
Router(config-router)# mpls traffic-eng area 0
Step 5 mpls traffic-eng router-id loopback0 Specifies that the traffic engineering router identifier for the
node is the IP address associated with interface loopback0.
Example:
Router(config-router)# mpls traffic-eng
router-id loopback0
6
MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels
How to Configure MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels
Example:
Router(config-router)# exit
Step 7 exit Exits to privileged EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. ip unnumbered interface-type interface-number
5. tunnel destination ip-address
6. tunnel mode mpls traffic-eng
7. tunnel mpls traffic-eng bandwidth bandwidth
8. tunnel mpls traffic-eng path-option [protect] number {dynamic | explicit
{name path-name | identifier path-number}} [lockdown]
9. exit
10. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface tunnel number Configures a tunnel interface and enters interface
configuration mode.
Example:
Router(config)# interface tunnel 1
7
MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels
How to Configure MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels
Example:
Router(config-if)# exit
Step 10 exit Exits to privileged EXEC mode.
Example:
Router(config)# exit
8
MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels
How to Configure MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels
Troubleshooting Tips
Each tunnel mpls traffic-eng auto-bw command supersedes the previous one. Therefore, if you want
to specify multiple options for a tunnel, you must specify them all in a single tunnel mpls traffic-eng
auto-bw command.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number]
4. mpls traffic-eng tunnels
5. ip rsvp bandwidth [interface-kbps] [single-flow-kbps] [sub-pool kbps]
6. exit
7. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type Configures an interface type and enters interface
slot/subslot/port[.subinterface-number] configuration mode
Example:
Router(config)# interface FastEthernet0/0/0
Step 4 mpls traffic-eng tunnels Enables MPLS traffic engineering tunnels on an interface.
Example:
Router(config-if)# mpls traffic-eng tunnels
9
MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels
How to Configure MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels
Example:
Router(config-if)# exit
Step 7 exit Exits to privileged EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls traffic-eng auto-bw timers [frequency seconds]
4. no mpls traffic-eng auto-bw timers
5. exit
DETAILED STEPS
Example:
Router# configure terminal
10
MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels
How to Configure MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. tunnel mpls traffic-eng auto-bw [max-bw number] [min-bw number]
5. exit
6. exit
11
MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels
How to Configure MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface tunnel number Configures a tunnel interface and enters interface
configuration mode.
Example:
Router(config)# interface tunnel 1
Step 4 tunnel mpls traffic-eng auto-bw [max-bw number] Enables automatic bandwidth adjustment for the tunnel.
[min-bw number]
• The max-bw keyword specifies the maximum
automatic bandwidth, in kbps, for this tunnel. The
Example: range is from 0 to 4294967295.
Router(config-if)# tunnel mpls traffic-eng
auto-bw max-bw 2000 min-bw 1000 • The min-bw keyword specifies the minimum automatic
bandwidth, in kbps, for this tunnel. The range is from 0
to 4294967295.
Step 5 exit Exits to global configuration mode.
Example:
Router(config-if)# exit
Step 6 exit Exits to privileged EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. load-interval seconds
5. exit
6. exit
12
MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels
How to Configure MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface tunnel number Configures a tunnel interface and enters interface
configuration mode.
Example:
Router(config)# interface tunnel 1
Step 4 load-interval seconds Configures the interval over which the input and output
rates for the interface are averaged.
Example: • The seconds argument is the length of time for which
Router(config-if)# load-interval 90 data is used to compute load statistics. The value is a
multiple of 30, from 30 to 600 (30, 60, 90, 120, and so
on). The default is 300 seconds.
Step 5 exit Exits to global configuration mode.
Example:
Router(config-if)# exit
Step 6 exit Exits to privileged EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. show mpls traffic-eng tunnels
3. show running-config
4. exit
13
MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels
How to Configure MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels
DETAILED STEPS
Step 1 enable
Use this command to enter privileged EXEC mode. Enter you password if prompted. For example:
Router> enable
Router#
path option 1, type explicit pbr_south (Basis for Setup, path weight 30)
path option 2, type dynamic
Config Parameters:
Bandwidth:5000 kbps (Global) Priority:7 7 Affinity:0x0/0xFFFF
AutoRoute: disabled LockDown:disabled Loadshare:5000 bw-based
auto-bw:(86400/85477) 5347 Bandwidth Requested:5000
14
MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels
Configuration Examples for MPLS TE—Automatic Bandwidth Adjustments for TE Tunnels
Step 4 exit
Use this command to exit to user EXEC mode. For example:
Router# exit
Router>
Router 3
192.168.12.12 /255.255.255.0
192
.0
255
.16
55.
S1/1/0
8.3
S1/0/0
.1
5.2
.2
6.0
/25
/25
Tun
el 2
5.0
5.2
n
8.3
55.
el 2
Tun
.16
255
192
.0
192864
S1/0/0 S1/0/0 S1/3/0 S1/0/0
15
MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels
Additional References
ip cef distributed
mpls traffic-eng tunnels
mpls traffic-eng auto-bw timers frequency 600 !Enable automatic bandwidth adjustment
interface loopback 0
ip address 192.168.11.11 255.255.255.0
Additional References
The following sections provide references related to the MPLS Traffic Engineering—Automatic
Bandwidth Adjustment for TE Tunnels feature.
Related Documents
Related Topic Document Title
IS-IS and OSPF commands Cisco IOS IP Routing Protocols Command Reference
MPLS commands Cisco IOS Multiprotocol Label Switching Command Reference
Quality of service solutions commands Cisco IOS Quality of Service Solutions Command Reference
Quality of service solutions configuration Quality of Service Overview
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
16
MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels
Additional References
MIBs
MIB MIBs Link
MPLS Traffic Engineering MIB To locate and download MIBs for selected platforms, Cisco IOS XE
software releases, and feature sets, use Cisco MIB Locator found at
the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
No new or modified RFCs are supported by this —
feature, and support for existing RFCs has not been
modified.
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
17
MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels
Feature Information for MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
Table 1 Feature Information for MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels
18
MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels
Feature Information for MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels
Table 1 Feature Information for MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels (continued)
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
19
MPLS Traffic Engineering (TE)—Automatic Bandwidth Adjustment for TE Tunnels
Feature Information for MPLS TE—Automatic Bandwidth Adjustment for TE Tunnels
20
RSVP Refresh Reduction and Reliable
Messaging
The RSVP Refresh Reduction and Reliable Messaging feature includes refresh reduction, which
improves the scalability, latency, and reliability of Resource Reservation Protocol (RSVP) signaling to
enhance network performance and message delivery.
Contents
• Prerequisites for RSVP Refresh Reduction and Reliable Messaging, page 2
• Restrictions for RSVP Refresh Reduction and Reliable Messaging, page 2
• Information About RSVP Refresh Reduction and Reliable Messaging, page 2
• How to Configure RSVP Refresh Reduction and Reliable Messaging, page 4
• Configuration Examples for RSVP Refresh Reduction and Reliable Messaging, page 7
• Additional References, page 9
• Feature Information for RSVP Refresh Reduction and Reliable Messaging, page 12
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
RSVP Refresh Reduction and Reliable Messaging
Prerequisites for RSVP Refresh Reduction and Reliable Messaging
Note RSVP packets consist of headers that identify the types of messages, and object fields that contain
attributes and properties describing how to interpret and act on the content.
2
RSVP Refresh Reduction and Reliable Messaging
Information About RSVP Refresh Reduction and Reliable Messaging
Normal
Refresh State
Time
59206
Rrt = Retransmit Time
Rm = Successive Refresh Messages Missed
Reliable Messages
The reliable messages extension supports dependable message delivery among neighboring routers by
implementing an acknowledgment mechanism that consists of a MESSAGE_ID object and a
MESSAGE_ID_ACK object. The acknowledgments can be transmitted in an ACK message or
piggybacked in other RSVP messages.
Each RSVP message contains one MESSAGE_ID object. If the ACK_Desired flag field is set within the
MESSAGE_ID object, the receiver transmits a MESSAGE_ID_ACK object to the sender to confirm
delivery.
Bundle Messages
A bundle message consists of several standard RSVP messages that are grouped into a single RSVP
message.
A bundle message must contain at least one submessage. A submessage can be any RSVP message type
other than another bundle message. Submessage types include Path, PathErr, Resv, ResvTear, ResvErr,
ResvConf, and ACK.
3
RSVP Refresh Reduction and Reliable Messaging
How to Configure RSVP Refresh Reduction and Reliable Messaging
Bundle messages are addressed directly to the RSVP neighbor. The bundle header immediately follows
the IP header, and there is no intermediate transport header.
When a router receives a bundle message that is not addressed to one of its local IP addresses, it forwards
the message.
4
RSVP Refresh Reduction and Reliable Messaging
How to Configure RSVP Refresh Reduction and Reliable Messaging
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number]
4. ip rsvp bandwidth [interface-kbps [sub-pool]]
5. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type Enters interface configuration mode.
slot/subslot/port[.subinterface-number]
• The type and number arguments identify the interface
to be configured.
Example:
Router(config)# interface FastEthernet1/0/0
Step 4 ip rsvp bandwidth [interface-kbps [sub-pool]] Enables RSVP on an interface.
• The optional interface-kbps and sub-pool arguments
Example: specify the amount of bandwidth that can be allocated
Router(config-if)# ip rsvp bandwidth 7500 7500 by RSVP flows or to a single flow, respectively. Values
are from 1 to 10000000, and from 0 to 10000000,
respectively.
Step 5 end Returns to privileged EXEC mode.
Example:
Router(config-if)# end
SUMMARY STEPS
1. enable
5
RSVP Refresh Reduction and Reliable Messaging
How to Configure RSVP Refresh Reduction and Reliable Messaging
2. configure terminal
3. ip rsvp signalling refresh reduction
4. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip rsvp signalling refresh reduction Enables refresh reduction.
Example:
Router(config)# ip rsvp signalling refresh
reduction
Step 4 end Returns to privileged EXEC mode.
Example:
Router(config)# end
SUMMARY STEPS
1. enable
2. clear ip rsvp counters [confirm]
3. show ip rsvp
4. show ip rsvp counters [interface interface-unit | summary | neighbor]
5. show ip rsvp interface [interface-type interface-number] [detail]
6. show ip rsvp neighbor [detail]
7. end
6
RSVP Refresh Reduction and Reliable Messaging
Configuration Examples for RSVP Refresh Reduction and Reliable Messaging
DETAILED STEPS
Example:
Router# end
7
RSVP Refresh Reduction and Reliable Messaging
Configuration Examples for RSVP Refresh Reduction and Reliable Messaging
Building configuration...
Current configuration : 1503 bytes
!
version 12.2
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service internal
!
hostname Router
!
no logging buffered
logging rate-limit console 10 except errors
!
ip subnet-zero
ip cef distributed
!
ip multicast-routing
no ip dhcp-client network-discovery
lcp max-session-starts 0
mpls traffic-eng tunnels
!
!
interface Loopback0
ip address 192.168.1.1 255.255.255.0
ip rsvp bandwidth 1705033 1705033
!
interface Tunnel777
no ip address
shutdown
!
interface FastEthernet0/0/0
ip address 192.168.0.195 255.0.0.0
no ip mroute-cache
media-type 10BaseT
!
interface FastEthernet1/0/0
ip address 192.168.5.2 255.255.255.0
no ip redirects
no ip proxy-arp
ip pim dense-mode
no ip mroute-cache
media-type 10BaseT
ip rsvp bandwidth 7500 7500
8
RSVP Refresh Reduction and Reliable Messaging
Additional References
!
interface FastEthernet2/0/0
ip address 192.168.1.2 255.255.255.0
no ip redirects
no ip proxy-arp
ip pim dense-mode
no ip mroute-cache
media-type 10BaseT
mpls traffic-eng tunnels
ip rsvp bandwidth 7500 7500
!
interface FastEthernet0/3/0
ip address 192.168.2.2 255.255.255.0
ip pim dense-mode
media-type 10BaseT
mpls traffic-eng tunnels
!
!
router eigrp 17
network 192.168.0.0
network 192.168.5.0
network 192.168.12.0
network 192.168.30.0
auto-summary
no eigrp log-neighbor-changes
!
ip classless
no ip http server
ip rsvp signalling refresh reduction
!
!
!
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
login
transport input pad v120 telnet rlogin udptn
!
end
Additional References
The following sections provide references related to the RSVP Refresh Reduction and Reliable
Messaging feature.
Related Documents
Related Topic Document Title
QoS commands: complete command syntax, command Cisco IOS Quality of Service Solutions Command Reference
modes, command history, defaults, usage guidelines,
and examples
9
RSVP Refresh Reduction and Reliable Messaging
Additional References
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
RFC 2205 Resource Reservation Protocol
RFC 2206 RSVP Management Information Base Using SMIv2
RFC 2209 RSVP—Version 1 Message Processing Rules
RFC 2210 The Use of RSVP with IETF Integrated Services
RFC 2211/2212 Specification of the Controlled-Load Network Element Service
RFC 2702 Requirements for Traffic Engineering over MPLS
RFC 2749 Common Open Policy Service (COPS) Usage for RSVP
RFC 2750 RSVP Extensions for Policy Control
RFC 2814 SBM Subnet Bandwidth Manager: A Protocol for RSVP-based
Admission Control over IEEE 802-style Networks
RFC 2961 RSVP Refresh Overhead Reduction Extensions
RFC 2996 Format of the RSVP DCLASS Object
10
RSVP Refresh Reduction and Reliable Messaging
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
11
RSVP Refresh Reduction and Reliable Messaging
Feature Information for RSVP Refresh Reduction and Reliable Messaging
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
Table 1 Feature Information for RSVP Refresh Reduction and Reliable Messaging
12
RSVP Refresh Reduction and Reliable Messaging
Feature Information for RSVP Refresh Reduction and Reliable Messaging
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
13
RSVP Refresh Reduction and Reliable Messaging
Feature Information for RSVP Refresh Reduction and Reliable Messaging
14
MPLS Traffic Engineering: Path Link and
Node Protection
MPLS Traffic Engineering—Fast Reroute Link
and Node Protection
The MPLS Traffic Engineering—Fast Reroute Link and Node Protection feature provides link protection
(backup tunnels that bypass only a single link of the label-switched path (LSP)), node protection (backup
tunnels that bypass next-hop nodes along LSPs), and the following Fast Reroute (FRR) features:
• Backup tunnel support
• Backup bandwidth protection
• Resource Reservation Protocol (RSVP) Hellos
Contents
• Prerequisites for MPLS Traffic Engineering—Fast Reroute Link and Node Protection, page 2
• Restrictions for MPLS Traffic Engineering—Fast Reroute Link and Node Protection, page 2
• Information About MPLS Traffic Engineering—Fast Reroute Link and Node Protection, page 3
• How to Configure MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node Protection,
page 17
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Prerequisites for MPLS Traffic Engineering—Fast Reroute Link and Node Protection
• Configuration Examples for MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node
Protection, page 32
• Additional References, page 35
• Feature Information for MPLS Traffic Engineering—Fast Reroute Link and Node Protection,
page 37
• Glossary, page 39
2
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Information About MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Fast Reroute
Fast Reroute (FRR) is a mechanism for protecting MPLS TE LSPs from link and node failures by locally
repairing the LSPs at the point of failure, allowing data to continue to flow on them while their headend
routers attempt to establish new end-to-end LSPs to replace them. FRR locally repairs the protected
LSPs by rerouting them over backup tunnels that bypass failed links or node.
Link Protection
Backup tunnels that bypass only a single link of the LSP’s path provide link protection. They protect
LSPs if a link along their path fails by rerouting the LSP’s traffic to the next hop (bypassing the failed
link). These are referred to as next-hop (NHOP) backup tunnels because they terminate at the LSP’s next
hop beyond the point of failure. Figure 1 illustrates an NHOP backup tunnel.
Next-hop
backup tunnel
R1 R2 R3 R4
Next hop
59556
Primary Protected
LSP's path link
3
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Information About MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Node Protection
FRR provides node protection for LSPs. Backup tunnels that bypass next-hop nodes along LSP paths are
called next-next-hop (NNHOP) backup tunnels because they terminate at the node following the
next-hop node of the LSP paths, thereby bypassing the next-hop node. They protect LSPs if a node along
their path fails by enabling the node upstream of the failure to reroute the LSPs and their traffic around
the failed node to the next-next hop. FRR supports the use of RSVP Hellos to accelerate the detection of
node failures. NNHOP backup tunnels also provide protection from link failures, because they bypass
the failed link and the node.
Figure 2 illustrates an NNHOP backup tunnel.
Next-next hop
backup tunnel
R1 R2 R3 R4
Next-next hop
Backup tunnel
can protect against
link or node failures 59557
If an LSP is using a backup tunnel and something changes so that the LSP is no longer appropriate for
the backup tunnel, the LSP is torn down. Such changes are the following:
• Backup bandwidth of the backup tunnel is reduced.
• Backup bandwidth type of backup tunnel is changed to a type that is incompatible with the primary
LSP.
• Primary LSP is modified so that FRR is disabled. (The no mpls traffic-eng fast-reroute command
is entered.)
Bandwidth Protection
NHOP and NNHOP backup tunnels can be used to provide bandwidth protection for rerouted LSPs. This
is referred to as backup bandwidth. You can associate backup bandwidth with NHOP or NNHOP backup
tunnels. This informs the router of the amount of backup bandwidth a particular backup tunnel can
protect. When a router maps LSPs to backup tunnels, bandwidth protection ensures that an LSP uses a
given backup tunnel only if there is sufficient backup bandwidth. The router selects which LSPs use
which backup tunnels in order to provide maximum bandwidth protection. That is, the router determines
4
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Information About MPLS Traffic Engineering—Fast Reroute Link and Node Protection
the best way to map LSPs onto backup tunnels in order to maximize the number of LSPs that can be
protected. For information about mapping tunnels and assigning backup bandwidth, see the “Backup
Tunnel Selection Procedure” section on page 10.
LSPs that have the “bandwidth protection desired” bit set have a higher right to select backup tunnels
that provide bandwidth protection; that is, those LSPs can preempt other LSPs that do not have that bit
set. For more information, see the “Prioritizing Which LSPs Obtain Backup Tunnels with Bandwidth
Protection” section on page 8.
RSVP Hello
This section contains the following topics about RSVP Hello:
• RSVP Hello Operation, page 5
• Hello Instance, page 5
Hello Instance
A Hello instance implements RSVP Hello for a given router interface IP address and remote IP address.
A large number of Hello requests are sent; this puts a strain on the router resources. Therefore, create a
Hello instance only when it is necessary and delete it when it is no longer needed.
There are two types of Hello instances:
• Active Hello Instances
• Passive Hello Instances
5
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Information About MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Active Hello instances periodically send Hello Request messages, and expect Hello Ack messages in
response. If the expected Ack message is not received, the active Hello instance declares that the
neighbor (remote IP address) is unreachable (lost). LSPs traversing that neighbor may be fast rerouted.
If there is a Hello instance with no LSPs for an unreachable neighbor, do not delete the Hello instance.
Convert the active Hello instance to a passive Hello instance because there may be an active instance on
the neighboring router that is sending Hello requests to this instance.
6
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Information About MPLS Traffic Engineering—Fast Reroute Link and Node Protection
• Increased backup capacity—If the protected interface is a high-capacity link and no single backup
path exists with an equal capacity, multiple backup tunnels can protect that one high-capacity link.
The LSPs using this link will fail over to different backup tunnels, allowing all of the LSPs to have
adequate bandwidth protection during failure (rerouting). If bandwidth protection is not desired, the
router spreads LSPs across all available backup tunnels (that is, there is load balancing across
backup tunnels). For a more detailed explanation, see the “Backup Tunnel Selection Procedure”
section on page 10.
Examples are shown in the “Backup Tunnels Terminating at Different Destinations” section on page 9
and the “Backup Tunnels Terminating at the Same Destination” section on page 9.
7
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Information About MPLS Traffic Engineering—Fast Reroute Link and Node Protection
RSVP Hello
RSVP Hello enables a router to detect when a neighboring node has gone down but its interface to that
neighbor is still operational. This feature is useful when next-hop node failure is not detectable by link
layer mechanisms, or when notification of link-layer failures is not available (for example, Gigabit
Ethernet). This allows the router to switch LSPs onto its backup tunnels and avoid packet loss.
For a more detailed description of RSVP Hello, see the “RSVP Hello” section on page 5.
Two mechanisms cause routers to switch LSPs onto their backup tunnels:
• Interface down notification
8
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Information About MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Figure 3 illustrates an interface that has multiple backup tunnels terminating at different destinations and
demonstrates why, in many topologies, support for node protection requires supporting multiple backup
tunnels per protected interface.
R1 R2 R3
R4
= Primary tunnels
59558
= Backup tunnels
In this illustration, a single interface on R1 requires multiple backup tunnels. LSPs traverse the following
routes:
• R1, R2, R3
• R1, R2, R4
To provide protection if node R2 fails, two NNHOP backup tunnels are required: one terminating at R3
and one terminating at R4.
Figure 4 shows how backup tunnels terminating at the same location can be used for redundancy and
load balancing. Redundancy and load balancing work for both NHOP and NNHOP backup tunnels.
9
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Information About MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Backup tunnel
T2
T1
R1 R2 R3
59559
Primary
LSP's path
In this illustration, there are three routers: R1, R2, and R3. At R1 two NNHOP backup tunnels (T1 and
T2) go from R1 to R3 without traversing R2.
• Redundancy—If R2 fails or the link from R1 to R2 fails, either backup tunnel can be used. If one
backup tunnel is down, the other can be used. LSPs are assigned to backup tunnels when the LSPs
are first established. This is done before a failure.
• Load balancing—If neither backup tunnel has enough bandwidth to back up all LSPs, both tunnels
can be used. Some LSPs will use one backup tunnel, other LSPs will use the other backup tunnel.
The router decides the best way to fit the LSPs onto the backup tunnels.
When an LSP is signaled, each node along the LSP path that provides FRR protection for the LSP selects
a backup tunnel for the LSP to use if either of the following events occurs:
• The link to the next hop fails.
• The next hop fails.
By having the node select the backup tunnel for an LSP before a failure occurs, the LSP can be rerouted
onto the backup tunnel quickly if there is a failure.
For an LSP to be mapped to a backup tunnel, all of the following conditions must exist:
• The LSP is protected by FRR; that is, the LSP is configured with the tunnel mpls traffic-eng
fast-reroute command.
• The backup tunnel is up.
• The backup tunnel is configured to have an IP address, typically a loopback address.
• The backup tunnel is configured to protect this LSP’s outgoing interface; that is, the interface is
configured with the mpls traffic-eng backup-path command.
• The backup tunnel does not traverse the LSP’s protected interface.
• The backup tunnel terminates at the LSP’s NHOP or NNHOP. If it is an NNHOP tunnel, it does not
traverse the LSP’s NHOP.
• The bandwidth protection requirements and constraints, if any, for the LSP and backup tunnel are
met. For information about bandwidth protection considerations, see the “Bandwidth Protection”
section on page 11.
10
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Information About MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Bandwidth Protection
There may be more than one backup tunnel that has sufficient backup bandwidth to protect a given LSP.
In this case, the router chooses the one that has the least amount of backup bandwidth available. This
algorithm limits fragmentation, maintaining the largest amount of backup bandwidth available.
Specifying limited backup bandwidth does not “guarantee” bandwidth protection if there is a link or
node failure. For example, the set of NHOP and NNHOP backup tunnels that gets triggered when an
interface fails may all share some link on the network topology, and this link may not have sufficient
bandwidth to support all LSPs using this set of backup tunnels.
In Figure 5, both backup tunnels traverse the same links and hop. When the link between routers R1 and
R4 fails, backup tunnels for primary tunnel 1 and primary tunnel 2 are triggered simultaneously. The two
backup tunnels may share a link in the network.
Primary tunnel 2
82033
R1 Primary tunnel 1 R4
Failed link
In Figure 6, the backup tunnel for primary tunnel 1 may traverse routers R1-R2-R3-R4, and the backup
tunnel for primary tunnel 2 may traverse routers R4-R2-R3-R1. In this case, the link R2-R3 may get
overloaded if R1-R4 fails.
11
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Information About MPLS Traffic Engineering—Fast Reroute Link and Node Protection
R2
R3
Primary tunnel 2
82032
R1 Primary tunnel 1 R4
More than one backup tunnel, each having unlimited backup bandwidth, can protect a given interface.
In this case, when choosing a backup tunnel for a given LSP, the router chooses the backup tunnel that
has the least amount of backup bandwidth in use. This algorithm evenly distributes the LSPs across
backup tunnels based on an LSP’s bandwidth. If an LSP is requesting zero bandwidth, the router chooses
the backup tunnel that is protecting the fewest LSPs.
By default, a backup tunnel provides protection for LSPs that allocate from any pool (that is, global or
subpool). However, a backup tunnel can be configured to protect only LSPs that use global-pool
bandwidth, or only those that use subpool bandwidth.
12
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Information About MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Backup Tunnel
Preference Destination Bandwidth Pool Bandwidth Amount
1 (Best) NNHOP Subpool or global pool Limited
2 NNHOP Any Limited
3 NNHOP Subpool or global pool Unlimited
4 NNHOP Any Unlimited
5 NHOP Subpool or global pool Limited
6 NHOP Any Limited
7 NHOP Subpool or global pool Unlimited
8 (Worst) NHOP Any Unlimited
Figure 7 shows an example of the backup tunnel selection procedure based on the designated amount of
global pool and subpool bandwidth currently available.
Note If NHOP and NNHOP backup tunnels do not have sufficient backup bandwidth, no consideration is
given to the type of data that the LSP is carrying. For example, a voice LSP may not be protected unless
it is signaled before a data LSP. To prioritize backup tunnel usage, see the “Backup Protection
Preemption Algorithms” section on page 14.
T1
T2
Subpool 100 T4
Subpool 50
Subpool 10 T5
Global pool, unlimited T6
Subpool 100
LSP subpool R1 R2 R3
59560
bandwidth,
20 units
In this example, an LSP requires 20 units (kilobits per second) of sub-pool backup bandwidth. The best
backup tunnel is selected as follows:
1. Backup tunnels T1 through T4 are considered first because they terminate at the NNHOP.
2. Tunnel T4 is eliminated because it has only ten units of sub-pool backup bandwidth.
3. Tunnel T1 is eliminated because it protects only LSPs using global-pool bandwidth.
13
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Information About MPLS Traffic Engineering—Fast Reroute Link and Node Protection
4. Tunnel T3 is chosen over T2 because, although both have sufficient backup bandwidth, T3 has the
least backup bandwidth available (leaving the most backup bandwidth available on T2).
5. Tunnels T5 and T6 need not be considered because they terminate at an NHOP, and therefore are
less desirable than T3, which terminates at an NNHOP.
Promotion
After a backup tunnel has been chosen for an LSP, conditions may change that will cause us to reevaluate
this choice. This reevaluation, if successful, is called promotion. Such conditions may include:
1. A new backup tunnel comes up.
2. The currently chosen backup tunnel for this LSP goes down.
3. A backup tunnel’s available backup bandwidth increases. For example, an LSP protected by the
tunnel has been reoptimized by the headend to use another path.
For cases 1 and 2, the LSP’s backup tunnel is evaluated immediately. Case 3 is addressed by periodically
reevaluating LSP-to-backup tunnel mappings. By default, background reevaluation is performed every
5 minutes. This interval is configurable via the mpls traffic-eng fast-reroute timers command.
There are numerous ways in which bandwidth protection can be ensured. Table 2 describes the
advantages and disadvantages of three methods.
14
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Information About MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Cisco implementation of FRR does not mandate a particular approach, and it provides the flexibility to
use any of the above approaches. However, given a range of configuration choices, be sure that the
choices are constant with a particular bandwidth protection strategy.
The following sections describe some important issues in choosing an appropriate configuration:
• Using Backup Tunnels with Explicitly Signaled Bandwidth, page 15
• Using Backup Tunnels Signaled with Zero Bandwidth, page 16
15
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Information About MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Protected Bandwidth Pools and the Bandwidth Pool from Which the Backup Tunnel Reserves Its Bandwidth
The tunnel mpls traffic-eng bandwidth command allows you to configure the following:
• Amount of bandwidth a backup tunnel reserves
• The DS-TE bandwidth pool from which the bandwidth needs to be reserved
Note Only one pool can be selected (that is, the backup tunnel can explicitly reserve bandwidth from either
the global pool or the subpool, but not both).
The tunnel mpls traffic-eng backup-bw command allows you to specify the bandwidth pool to which
the traffic must belong for the traffic to use this backup tunnel. Multiple pools are allowed.
There is no direct correspondence between the bandwidth pool that is protected and the bandwidth pool
from which the bandwidth of the backup tunnel draws its bandwidth.
Bandwidth protection for 10 Kbps of subpool traffic on a given link can be achieved by configuring any
of the following command combinations:
• tunnel mpls traffic-eng bandwidth sub-pool 10
tunnel mpls traffic-eng backup-bw sub-pool 10
• tunnel mpls traffic-eng bandwidth global-pool 10
tunnel mpls traffic-eng backup-bw sub-pool 10 global-pool unlimited
• tunnel mpls traffic-eng bandwidth global-pool 40
tunnel mpls traffic-eng backup-bw sub-pool 10 global-pool 30
16
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
How to Configure MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node Protection
Backup tunnels protecting the subpool traffic do now draw bandwidth from any pool. Primary traffic
using the global pool can use the entire global pool, and primary traffic using the subpool can use the
entire subpool. Yet, subpool traffic has a complete bandwidth guarantee if there is a single link failure.
A similar approach can be used for node and SRLG protection. However, the decision of where to put
the backup tunnels is more complicated because both node and SRLG failures effectively result in the
simultaneous failure of several links. Therefore, the backup tunnels protecting traffic traversing all
affected links cannot be computed independently of each other. The backup tunnels protecting groups of
links corresponding to different failures can still be computed independently of each other, which results
in similar bandwidth savings.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
17
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
How to Configure MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node Protection
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 interface tunnel number Enters interface configuration mode for the specified
tunnel.
Example:
Router(config)# interface tunnel 1000
Step 4 tunnel mpls traffic-eng fast-reroute Enables an MPLS TE tunnel to use an established backup
[bw-protect] tunnel if there is a link or node failure.
Example:
Router(config-if)# tunnel mpls traffic-eng
fast-reroute bw-protect
Step 5 exit Exits interface configuration mode and returns to global
configuration mode.
Example:
Router(config-if)# exit
Step 6 exit Exits global configuration mode and returns to privileged
EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. configure terminal
18
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
How to Configure MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node Protection
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 interface tunnel number Creates a new tunnel interface and enters interface
configuration mode.
Example:
Router(config)# interface tunnel 1
Step 4 ip unnumbered interface-type interface-number Gives the tunnel interface an IP address that is the same as
that of interface Loopback0.
Example: Note This command is not effective until Lookback0 has
Router(config-if)# ip unnumbered loopback 0 been configured with an IP address.
Step 5 tunnel destination ip-address Specifies the IP address of the device where the tunnel will
terminate. This address should be the router ID of the
device that is the NHOP or NNHOP of LSPs to be
Example:
Router(config-if)# tunnel destination 10.3.3.3
protected.
Step 6 tunnel mode mpls traffic-eng Sets the encapsulation mode of the tunnel to MPLS TE.
Example:
Router(config-if)# tunnel mode mpls traffic-eng
19
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
How to Configure MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node Protection
Command Purpose
Step 7 tunnel mpls traffic-eng path-option [protect] Configures a path option for an MPLS TE tunnel. Enters
preference-number {dynamic | explicit | {name router configuration mode.
path-name | path-number}}[lockdown]
Example:
Router(config-if)# tunnel mpls traffic-eng
path-option 10 explicit avoid-protected-link
Step 8 exit Exits interface configuration mode and returns to global
configuration mode.
Example:
Router(config-if)# exit
Step 9 ip explicit-path name word Enters the command mode for IP explicit paths and creates
the specified path.
Example:
Router(config)# ip explicit-path name
avoid-protected-link
Step 10 exclude-address ip-address For link protection, specify the IP address of the link to be
protected. For node protection, specify the router ID of the
node to be protected.
Example:
Router(cfg-ip-expl-path)# exclude-address Note Backup tunnel paths can be dynamic or explicit and
10.3.3.3 they do not have to use exclude-address. Because
backup tunnels must avoid the protected link or
node, it is convenient to use the exclude-address
command.
20
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
How to Configure MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node Protection
Note You must configure the interface to have an IP address and to enable the MPLS TE tunnel feature.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number]
4. mpls traffic-eng backup-path tunnel interface
5. exit
6. exit
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 interface type Configures an interface type and enters interface
slot/subslot/port[.subinterface-number] configuration mode.
Example:
Router(config)# interface POS 0/1/0
Step 4 mpls traffic-eng backup-path tunnel interface Allows LSPs going out this interface to use this backup
tunnel if there is a link or node failure.
Example: Note You can enter this command multiple times to
Router(config-if)# mpls traffic-eng backup-path associate multiple backup tunnels with the same
tunnel 2 protected interface.
Step 5 exit Exits interface configuration mode and returns to global
configuration mode.
Example:
Router(config-if)# exit
Step 6 exit Exits global configuration mode and returns to privileged
EXEC mode.
Example:
Router(config)# exit
21
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
How to Configure MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node Protection
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. tunnel mpls traffic-eng backup-bw {bandwidth | [sub-pool {bandwidth | Unlimited}]
[global-pool {bandwidth | Unlimited}]}
5. exit
6. exit
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 interface tunnel number Enters interface configuration mode for the specified
tunnel.
Example:
Router(config)# interface tunnel 2
Step 4 tunnel mpls traffic-eng backup-bw {bandwidth | Associates bandwidth with a backup tunnel and designates
[sub-pool {bandwidth | Unlimited}] [global-pool whether LSPs that allocate bandwidth from the specified
{bandwidth | Unlimited}]}
pool can use the tunnel.
Example:
Router(config-if)# tunnel mpls traffic-eng
backup-bw sub-pool 1000
Step 5 exit Exits interface configuration mode and returns to global
configuration mode.
Example:
Router(config-if)# exit
Step 6 exit Exits global configuration mode and returns to privileged
EXEC mode.
Example:
Router(config)# exit
22
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
How to Configure MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node Protection
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. tunnel mpls traffic-eng-fast-reroute [bw-protect]
5. exit
6. mpls traffic-eng fast-reroute backup-prot-preemption [optimize-bw]
7. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface tunnel number Enters interface configuration mode for the specified
tunnel.
Example:
Router(config)# interface tunnel 1000
Step 4 tunnel mpls traffic-eng fast-reroute Enables an MPLS TE tunnel to use an established backup
[bw-protect] tunnel in the event of a link or node failure.
• The bw-protect keyword gives an LSP priority for
Example: using backup tunnels with bandwidth protection.
Router(config-if)# tunnel mpls traffic-eng Enters global configuration mode.
fast-reroute bw-protect
Step 5 exit Exits interface configuration mode and returns to global
configuration mode.
Example:
Router(config-if)# exit
23
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
How to Configure MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node Protection
Step 6 mpls traffic-eng fast-reroute Changes the backup protection preemption algorithm from
backup-prot-preemption [optimize-bw] minimize the number of LSPs that are demoted to minimize
the amount of bandwidth that is wasted.
Example:
Router(config)# mpls traffic-eng fast-reroute
backup-prot-preemption optimize-bw
Step 7 exit Exits global configuration mode and returns to privileged
EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number]
4. pos ais-shut
5. pos report {b1-tca | b2-tca | b3-tca | lais | lrdi | pais | plop | prdi | rdool | sd-ber
| sf-ber | slof | slos}
6. exit
7. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type Configures an interface type and enters interface
slot/subslot/port[.subinterface-number] configuration mode.
Example:
Router(config)# interface pos0/1/0
Step 4 pos ais-shut Sends the line alarm indication signal (LAIS) when the POS
interface is placed in any administrative shutdown state.
Example:
Router(config-if)# pos ais-shut
24
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
How to Configure MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node Protection
Step 5 pos report {b1-tca | b2-tca | b3-tca | lais | Permits selected SONET alarms to be logged to the console
lrdi | pais | plop | prdi | rdool | sd-ber | for a POS interface.
sf-ber | slof | slos}
Example:
Router(config-if)# pos report lrdi
Step 6 exit Exits interface configuration mode and returns to global
configuration mode.
Example:
Router(config-if)# exit
Step 7 exit Exits global configuration mode and returns to privileged
EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
Note To determine if FRR has been configured correctly, perform Steps 1 and 2.
Note If you created LSPs and performed the required configuration tasks but do not have operational backup
tunnels (that is, the backup tunnels are not up or the LSPs are not associated with those backup tunnels),
perform Step 3.
DETAILED STEPS
Following is sample output from the show mpls traffic-eng tunnels brief command:
Signalling Summary:
LSP Tunnels Process: running
25
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
How to Configure MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node Protection
PATH:
Tun Dest: 10.10.0.6 Tun ID: 100 Ext Tun ID: 10.10.0.1
Tun Sender: 10.10.0.1 LSP ID: 31
Path refreshes:
arriving: from PHOP 10.10.7.1 on Et0/0 every 30000 msecs
Session Attr:
Setup Prio: 7, Holding Prio: 7
Flags: (0x7) Local Prot desired, Label Recording, SE Style
session Name: R1_t100
ERO: (incoming)
10.10.7.2 (Strict IPv4 Prefix, 8 bytes, /32)
10.10.0.6 (Strict IPv4 Prefix, 8 bytes, /32)
RRO:
10.10.7.1/32, Flags:0x0 (No Local Protection)
10.10.4.1/32, Flags:0x9 (Local Prot Avail/to NNHOP) !Available to NNHOP
10.10.1.1/32, Flags:0x0 (No Local Protection)
Traffic params - Rate: 10K bits/sec, Max. burst: 1K bytes
Min Policed Unit: 0 bytes, Max Pkt Size 4294967295 bytes
Fast-Reroute Backup info:
Inbound FRR: Not active
Outbound FRR: No backup tunnel selected
Path ID handle: 50000416.
Incoming policy: Accepted. Policy source(s): MPLS/TE
Status: Proxy-terminated
26
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
How to Configure MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node Protection
If LDP is not enabled, separate prefix items are not shown because all prefixes then use a single rewrite.
To confirm that a particular IP prefix is FRR protected, even though it is not shown in this display, enter
it within the show mpls forwarding-table ip-address detail command. The final line of the display will
tell whether that prefix is protected:
Router# show mpls forwarding-table 10.0.0.11 detail
Router_t578
LSP Head, Tunnel578, Admin: up, Oper: up
Src 10.55.55.55, Dest 10.88.88.88, Instance 1
Fast Reroute Backup Provided:
Protected i/fs: PO0/1/0, PO0/1/1, PO0/1/3
Protected lsps: 1
Backup BW: any pool unlimited; inuse: 100 kbps
Router_t5710
LSP Head, Tunnel5710, Admin: admin-down, Oper: down
Src 10.55.55.55, Dest 10.7.7.7, Instance 0
Fast Reroute Backup Provided:
Protected i/fs: PO0/1/1
Protected lsps: 0
Backup BW: any pool unlimited; inuse: 0 kbps
Router_t5711
LSP Head, Tunnel5711, Admin up, Oper: up
Src 10.55.55.55,, Dest 10.7.7.7, Instance 1
Fast Reroute Backup Provided:
Protected i/fs: PO0/1/0
Protected lsps: 2
Backup BW: any pool unlimited; inuse: 6010 kbps
27
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
How to Configure MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node Protection
traffic-eng bandwidth at the headend of the LSP. To determine the available bandwidth on a backup
tunnel, look at the “cfg” and “inuse” fields. If there is insufficient backup bandwidth to
accommodate the LSPs that would use this backup tunnel in the event of a failure, create an
additional backup tunnel or increase the backup bandwidth of the existing tunnel by using the tunnel
mpls traffic-eng bandwidth command.
Note To determine the sufficient amount of bandwidth, offline capacity planning may be required.
• Backup tunnel has appropriate bandwidth type—If you restricted the type of LSPs (subpool or
global pool) that can use this backup tunnel, verify that the LSP is the appropriate type for the
backup tunnel. The type of the LSP is defined by the line tunnel mpls traffic-eng bandwidth at the
headend of this LSP. If this line contains the word “subpool”, then it uses sub-pool bandwidth;
otherwise, it uses global pool bandwidth. Verify that the type matches the type the backup tunnel
can hold by looking in the output of the tunnel mpls traffic-eng bandwidth command.
You also can enable debug by entering the debug ip rsvp fast-reroute command and the debug mpls
traffic-eng fast-reroute command on the router that is the headend of the backup tunnel. Then do the
following:
1. Enter the shutdown command for the primary tunnel.
2. Enter the no shutdown command for the primary tunnel.
3. View the debug output.
Step 5 show mpls traffic-eng fast-reroute database
Enter the clear ip rsvp hello instance counters command to verify the following:
• MPLS TE FRR node protection has been enabled.
• A certain type of LSP can use a backup tunnel.
The following command output displays the LSPs that are protected:
Router# show mpls traffic-eng fast-reroute database
Note If LDP is not enabled, separate prefix items are not shown because all prefixes then use a single rewrite.
To confirm that a particular IP prefix is FRR protected, even though it is not shown in this display, enter
it within the show mpls forwarding-table ip-address detail command. The final line of the display will
tell whether that prefix is protected:
28
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
How to Configure MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node Protection
Reservation:
Tun Dest: 10.1.1.1 Tun ID: 1 Ext Tun ID: 172.16.1.1
Tun Sender: 172.16.1.1 LSP ID: 104
Next Hop: 172.17.1.2 on POS1/0/0
Label: 18 (outgoing)
Reservation Style is Shared-Explicit, QoS Service is Controlled-Load
Average Bitrate is 0 bits/sec, Maximum Burst is 1K bytes
Min Policed Unit: 0 bytes, Max Pkt Size: 0 bytes
RRO:
172.18.1.1/32, Flags:0x1 (Local Prot Avail/to NHOP)
Label subobject: Flags 0x1, C-Type 1, Label 18
172.19.1.1/32, Flags:0x0 (Local Prot Avail/In Use/Has BW/to NHOP)
Label subobject: Flags 0x1, C-Type 1, Label 16
172.19.1.2/32, Flags:0x0 (No Local Protection)
Label subobject: Flags 0x1, C-Type 1, Label 0
Resv ID handle: CD000404.
Policy: Accepted. Policy source(s): MPLS/TE
Troubleshooting Tips
This section describes the following:
• LSPs Do Not Become Active; They Remain Ready
• Primary Tunnel Does Not Select Backup Tunnel That Is Up
• Enhanced RSVP Commands Display Useful Information
• RSVP Hello Detects When a Neighboring Node Is Not Reachable
• Hello Instances Have Not Been Created
29
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
How to Configure MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node Protection
• “No entry at index” (error may self-correct, RRO may not yet have propagated from downstream
node of interest)” Error Message Is Printed at the Point of Local Repair
• “Couldn’t get rsbs” (error may self-correct when Resv arrives)” Error Message Is Printed at the
Point of Local Repair
30
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
How to Configure MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node Protection
“No entry at index” (error may self-correct, RRO may not yet have propagated from downstream node of interest)”
Error Message Is Printed at the Point of Local Repair
FRR relies on a RRO in Resv messages arriving from downstream. Routers receiving path messages with
the SESSION_ATTRIBUTE bit indicating that the LSP is fast-reroutable should include an RRO in the
corresponding Resv messages.
If an LSP is configured for FRR, but the Resv arriving from a downstream router contains an incomplete
RRO, the “No entry at index (error may self-correct, RRO may not yet have propagated from
downstream node of interest)” message is printed. An incomplete RRO is one in which the NHOP or the
NNHOP did not include an entry in the RRO.
This error typically means that backup tunnels to the NHOP or the NNHOP cannot be selected for this
LSP because there is insufficient information about the NHOP or NNHOP due to the lack of an RRO
entry.
Occasionally there are valid circumstances in which this situation occurs temporarily and the problem
is self-corrected. If subsequent Resv messages arrive with a complete RRO, ignore the error message.
To determine whether the error has been corrected, display the RRO in Resv messages by entering the
clear ip rsvp hello instance counters command. Use an output filter keyword to display only the LSP
of interest.
“Couldn’t get rsbs” (error may self-correct when Resv arrives)” Error Message Is Printed at the Point of Local
Repair
The PLR cannot select a backup tunnel for an LSP until a Resv message has arrived from downstream.
When this error occurs, it typically means that something is wrong. For example, no reservation exists
for this LSP. You can troubleshoot this problem by using the debug ip rsvp reservation command to
enable debug.
Occasionally there are valid circumstances in which this error message occurs and there is no need for
concern. One such circumstance is when an LSP experiences a change before any Resv message has
arrived from downstream. Changes can cause a PLR to try to select a backup tunnel for an LSP, and the
selection will fail (causing this error message) if no Resv message has arrived for this LSP.
31
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Configuration Examples for MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node Protection
10.3.3.3 10.4.4.4
POS1/0//0
R1 R2 R3 R4
Tunnel 172.16.1.2
1000
Tunnel 172.16.1.3
2000
= Primary tunnels
192742
= Backup tunnels
32
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Configuration Examples for MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node Protection
Tunnel 2000 will use five units of bandwidth from the global pool. The “bandwidth protection desired”
bit has been set by specifying bw-prot in the tunnel mpls traffic-eng fast-reroute command.
Router(config)# interface Tunnel 1000
Router(config-if)# tunnel mpls traffic-eng fast-reroute
Router(config-if)# tunnel mpls traffic-eng bandwidth sub-pool 10
33
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Configuration Examples for MPLS Traffic Engineering—Fast Reroute (FRR) Link and Node Protection
Associating Backup Bandwidth and Pool Type with Backup Tunnels: Example
Backup tunnel 1 is to be used only by LSPs that take their bandwidth from the global pool. It does not
provide bandwidth protection. Backup tunnel 2 is to be used only by LSPs that take their bandwidth from
the subpool. Backup tunnel 2 provides bandwidth protection for up to 1000 units.
Router(config)# interface Tunnel 1
Router(config-if)# tunnel mpls traffic-eng backup-bw global-pool Unlimited
Note This global configuration is required only to change the backup protection preemption algorithm from
minimize the number of LSPs that are demoted to minimize the amount of bandwidth that is wasted.
Configuring an Interface for Fast Link and Node Failure Detection: Example
In the following example, pos ais-shut is configured:
Router(config)# interface pos 0/0/0
Router(config-if)# pos ais-shut
34
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Additional References
To configure POS signaling for detecting FRR failures, enter the pos report all command or enter the
following commands to request individual reports:
• pos ais-shut
• pos report rdool
• pos report lais
• pos report lrdi
• pos report pais
• pos report prdi
• pos report sd-ber
Additional References
The following sections provide references related to the MPLS Traffic Engineering—Fast Reroute Link
and Node Protection feature.
Related Documents
Related Topic Document Title
IS-IS • Cisco IOS IP Routing Protocols Command Reference
• Configuring a Basic IS-IS Network
Link protection MPLS TE: Link and Node Protection, with RSVP Hellos Support
(with Fast Tunnel Interface Down Detection)
MPLS traffic engineering commands Cisco IOS Multiprotocol Label Switching Command Reference
OSPF • Cisco IOS IP Routing Protocols Command Reference
• Configuring OSPF
RSVP Cisco IOS Quality of Service Solutions Command Reference
Standards
Standards Title
draft-ietf-mpls-rsvp-lsp-fastreroute-04.txt Fast ReRoute Extensions to RSVP-TE for LSP Tunnels
MIBs
MIBs MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
35
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Additional References
RFCs
RFCs Title
draft-ietf-mpls-rsvp-lsp-fastreroute-06.txt Fast Reroute Extensions to RSVP-TE for LSP Tunnels
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
36
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Feature Information for MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Note Table 3 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
Table 3 Feature Information for MPLS Traffic Engineering—Fast Reroute Link and Node Protection
37
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Feature Information for MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Table 3 Feature Information for MPLS Traffic Engineering—Fast Reroute Link and Node Protection
38
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Glossary
Glossary
backup bandwidth—The usage of NHOP and NNHOP backup tunnels to provide bandwidth protection
for rerouted LSPs.
backup tunnel—An MPLS TE tunnel used to protect other (primary) tunnels’ traffic when a link or node
failure occurs.
bandwidth—The available traffic capacity of a link.
Cisco Express Forwarding—A means for accelerating the forwarding of packets within a router, by
storing route lookup.
enterprise network—A large and diverse network connecting most major points in a company or other
organization.
Fast Reroute—Procedures that enable temporary routing around a failed link or node while a new LSP
is being established at the headend.
global pool—The total bandwidth allocated to an MPLS traffic engineering link or node.
headend—The router that originates and maintains a given LSP. This is the first router in the LSP’s path.
hop—Passage of a data packet between two network nodes (for example, between two routers).
instance—A Hello instance implements the RSVP Hello extensions for a given router interface address
and remote IP address. Active Hello instances periodically send Hello Request messages, expecting
Hello ACK messages in response. If the expected ACK message is not received, the active Hello instance
declares that the neighbor (remote IP address) is unreachable (that is, it is lost). This can cause LSPs
crossing this neighbor to be fast rerouted.
interface—A network connection.
Intermediate System-to-Intermediate System—IS-IS. Link-state hierarchical routing protocol that
calls for intermediate system (IS) routers to exchange routing information based on a single metric to
determine network topology.
link—A point-to-point connection between adjacent nodes. There can be more than one link between
adjacent nodes. A link is a network communications channel consisting of a circuit or transmission path
and all related equipment between a sender and a receiver. Sometimes referred to as a line or a
transmission link.
limited backup bandwidth—Backup tunnels that provide bandwidth protection.
load balancing—A configuration technique that shifts traffic to an alternative link if a certain threshold
is exceeded on the primary link. Load balancing is similar to redundancy in that if an event causes traffic
to shift directions, alternative equipment must be present in the configuration. In load balancing, the
alternative equipment is not necessarily redundant equipment that operates only in the event of a failure.
LSP—label-switched path. A connection between two routers in which MPLS forwards the packets.
merge point—The backup tunnel’s tail.
MPLS—Multiprotocol Label Switching. Packet-forwarding technology, used in the network core, that
applies data link layer labels to tell switching nodes how to forward data, resulting in faster and more
scalable forwarding than network layer routing normally can do.
MPLS global label allocation—There is one label space for all interfaces in the router. For example,
label 100 coming in one interface is treated the same as label 100 coming in a different interface.
NHOP—next hop. The next downstream node along an LSP’s path.
39
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Glossary
NHOP backup tunnel—next-hop backup tunnel. Backup tunnel terminating at the LSP’s next hop
beyond the point of failure, and originating at the hop immediately upstream of the point of failure. It
bypasses a failed link, and is used to protect primary LSPs that were using this link before the failure.
NNHOP—next-next hop. The node after the next downstream node along an LSP’s path.
NNHOP backup tunnel—next-next-hop backup tunnel. Backup tunnel terminating at the LSP’s
next-next hop beyond the point of failure, and originating at the hop immediately upstream of the point
of failure. It bypasses a failed link or node, and is used to protect primary LSPs that were using this link
or node before the failure.
node—Endpoint of a network connection or a junction common to two or more lines in a network. Nodes
can be interconnected by links, and serve as control points in the network. Nodes can be processors,
controllers, or workstations.
OSPF—Open Shortest Path First. A link-state hierarchical Interior Gateway Protocol routing algorithm,
derived from the IS-IS protocol. OSPF features include least-cost routing, multipath routing, and load
balancing.
primary LSP—The last LSP originally signaled over the protected interface before the failure. The
primary LSP is the LSP before the failure.
primary tunnel—Tunnel whose LSP may be fast rerouted if there is a failure. Backup tunnels cannot
be primary tunnels.
promotion—Conditions, such as a new backup tunnel comes up, cause a reevaluation of a backup tunnel
that was chosen for an LSP. If the reevaluation is successful, it is called a promotion.
protected interface—An interface that has one or more backup tunnels associated with it.
redundancy—The duplication of devices, services, or connections so that, in the event of a failure, the
redundant devices, services, or connections can perform the work of those that failed.
RSVP—Resource Reservation Protocol. A protocol used for signaling requests (setting up reservations)
for Internet services by a customer before that customer is permitted to transmit data over that portion
of the network.
scalability—An indicator showing how quickly some measure of resource usage increases as a network
gets larger.
SRLG—shared risk link group. Sets of links that are likely to go down together.
state—Information that a router must maintain about each LSP. The information is used for rerouting
tunnels.
sub-pool—The more restrictive bandwidth in an MPLS traffic engineering link or node. The subpool is
a portion of the link or node’s overall global pool bandwidth.
tailend—The router upon which an LSP is terminated. This is the last router in the LSP’s path.
topology—The physical arrangement of network nodes and media within an enterprise networking
structure.
tunnel—Secure communications path between two peers, such as two routers.
unlimited backup bandwidth—Backup tunnels that provide no bandwidth (best-effort) protection (that
is, they provide best-effort protection).
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
40
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Glossary
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
41
MPLS Traffic Engineering—Fast Reroute Link and Node Protection
Glossary
42
MPLS TE: Link and Node Protection, with RSVP
Hellos Support (with Fast Tunnel Interface Down
Detection)
The MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
Detection) feature provides the following Fast Reroute (FRR) capabilities:
• Backup tunnel that terminates at the next-next hop router to protect both the downstream link and
node to protect link and node failures. There is no limit (except memory limitations) to the number
of backup tunnels that can protect a given interface. A backup tunnel is scalable because it can
protect multiple label switched paths (LSPs) and multiple interfaces.
• Backup bandwidth protection allows a priority to be assigned to backup tunnels for LSPs carrying
certain kinds of data (such as voice).
• Fast Tunnel Interface Down detection, which forces a “generic” interface tunnel (not specifically a
Fast Reroute tunnel) to become disabled immediately if the headend router detects a failed link on
an LSP.
• Resource Reservation Protocol (RSVP) Hellos, which are used to accelerate the detection of node
failures.
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Contents
Contents
• Prerequisites for MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel
Interface Down Detection), page 2
• Restrictions for MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel
Interface Down Detection), page 2
• Information About MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast
Tunnel Interface Down Detection), page 3
• How to Configure MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast
Tunnel Interface Down Detection), page 18
• Configuration Examples for MPLS TE: Link and Node Protection, with RSVP Hellos Support (with
Fast Tunnel Interface Down Detection), page 35
• Additional References, page 38
• Feature Information for MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast
Tunnel Interface Down Detection), page 40
• Glossary, page 42
Prerequisites for MPLS TE: Link and Node Protection, with RSVP
Hellos Support (with Fast Tunnel Interface Down Detection)
Your network must support the following Cisco IOS XE features to support features described in this
document:
• IP Cisco Express Forwarding
• MPLS
Your network must support at least one of the following protocols:
• Intermediate System-to-Intermediate System (IS-IS)
• Open Shortest Path First (OSPF)
Restrictions for MPLS TE: Link and Node Protection, with RSVP
Hellos Support (with Fast Tunnel Interface Down Detection)
• Interfaces must use MPLS Global Label Allocation.
• Backup tunnel headend and tailend routers must implement FRR as described in this document.
• Backup tunnels are not protected. If an LSP is actively using a backup tunnel and the backup tunnel
fails, the LSP is torn down.
• LSPs that are actively using backup tunnels are not considered for promotion. So, if an LSP is
actively using a backup tunnel and a better backup tunnel becomes available, the active LSP is not
switched to the better backup tunnel.
2
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Information About MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
Fast Reroute
Fast Reroute (FRR) is a mechanism for protecting MPLS TE LSPs from link and node failures by locally
repairing the LSPs at the point of failure, allowing data to continue to flow on them while their headend
routers attempt to establish new end-to-end LSPs to replace them. FRR locally repairs the protected
LSPs by rerouting them over backup tunnels that bypass failed links or nodes.
Link Protection
Backup tunnels that bypass only a single link of the LSP’s path provide Link Protection. They protect
LSPs if a link along their path fails by rerouting the LSP’s traffic to the next hop (bypassing the failed
link). These are referred to as next-hop (NHOP) backup tunnels because they terminate at the LSP’s next
hop beyond the point of failure. Figure 1 illustrates an NHOP backup tunnel.
Next-hop
backup tunnel
R1 R2 R3 R4
Next hop
59556
Primary Protected
LSP's path link
3
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Information About MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
Node Protection
FRR provides Node Protection for LSPs. Backup tunnels that bypass next-hop nodes along LSP paths
are called next-next-hop (NNHOP) backup tunnels because they terminate at the node following the
next-hop node of the LSP paths, thereby bypassing the next-hop node. They protect LSPs if a node along
their path fails by enabling the node upstream of the failure to reroute the LSPs and their traffic around
the failed node to the next-next hop. FRR supports the use of RSVP Hellos to accelerate the detection of
node failures. NNHOP backup tunnels also provide protection from link failures, because they bypass
the failed link in addition to the node.
Figure 2 illustrates an NNHOP backup tunnel.
Next-next hop
backup tunnel
R1 R2 R3 R4
Next-next hop
Backup tunnel
can protect against
link or node failures 59557
If an LSP is using a backup tunnel and something changes so that the LSP is no longer appropriate for
the backup tunnel, the LSP is torn down. Such changes include the following:
• Backup bandwidth of the backup tunnel is reduced.
• Backup bandwidth type of backup tunnel is changed to a type that is incompatible with the primary
LSP.
• Primary LSP is modified so that FRR is disabled. (The no mpls traffic-eng fast-reroute command
is entered.)
Bandwidth Protection
NHOP and NNHOP backup tunnels can be used to provide bandwidth protection for rerouted LSPs. This
is referred to as backup bandwidth. You can associate backup bandwidth with NHOP or NNHOP backup
tunnels. This informs the router of the amount of backup bandwidth a particular backup tunnel can
protect. When a router maps LSPs to backup tunnels, bandwidth protection ensures that an LSP uses a
given backup tunnel only if there is sufficient backup bandwidth. The router selects which LSPs use
which backup tunnels to provide maximum bandwidth protection. That is, the router determines the best
way to map LSPs onto backup tunnels to maximize the number of LSPs that can be protected. For
information about mapping tunnels and assigning backup bandwidth, see the “Backup Tunnel Selection
Procedure” section on page 11.
4
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Information About MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
LSPs that have the “bandwidth protection desired” bit set have a higher right to select backup tunnels
that provide bandwidth protection; that is, those LSPs can preempt other LSPs that do not have that bit
set. For more information, see the “Prioritizing Which LSPs Obtain Backup Tunnels with Bandwidth
Protection” section on page 8.
RSVP Hello
RSVP Hellos are described in the following sections:
• RSVP Hello Operation, page 5
• Hello Instance, page 6
• Hello Commands, page 6
Note If a router’s CPU utilization is high due to frequent RSVP Hello processing, there may be false failures
due to Hello messages that are not transmitted.
5
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Information About MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
Hello Instance
A Hello instance implements RSVP Hello for a given router interface address and remote IP address. A
Hello instance is expensive because of the large number of Hello requests that are sent and the strains
they put on the router resources. Therefore, create a Hello instance only when it is necessary and delete
it when it is no longer needed.
There are two types of Hello instances:
• Active Hello Instances
• Passive Hello Instances
Hello Commands
RSVP Hello comprises the following commands. For detailed command descriptions, refer to Cisco IOS
Multiprotocol Label Switching Command Reference.
• RSVP Hello configuration commands
• RSVP Hello statistics commands
• RSVP Hello show commands
• RSVP Hello debug commands
Features of MPLS TE: Link and Node Protection, with RSVP Hellos Support
(with Fast Tunnel Interface Down Detection)
MPLS TE Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
Detection) includes the following features:
• Backup Tunnel Support, page 7
• Backup Bandwidth Protection, page 7
6
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Information About MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
Scalability
A backup tunnel is scalable because it can protect multiple LSPs and multiple interfaces. It provides
many-to-one (N:1) protection, which has significant scalability advantages over one-to-one (1:1)
protection, where a separate backup tunnel must be used for each LSP needing protection.
Example of 1:1 protection: When 5,000 backup tunnels protect 5,000 LSPs, each router along the backup
path must maintain state for an additional 5,000 tunnels.
Example of N:1 protection: When one backup tunnel protects 5,000 LSPs, each router along the backup
path maintains one additional tunnel.
7
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Information About MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
RSVP Hello
RSVP Hello enables a router to detect when a neighboring node has gone down but its interface to that
neighbor is still operational. This feature is useful when next-hop node failure is not detectable by link
layer mechanisms, or when notification of link-layer failures is not available. This allows the router to
switch LSPs onto its backup tunnels and avoid packet loss.
For a more detailed description of RSVP Hello, see the “RSVP Hello” section on page 5.
8
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Information About MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
9
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Information About MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
R1 R2 R3
R4
= Primary tunnels
59558
= Backup tunnels
In this illustration, a single interface on R1 requires multiple backup tunnels. LSPs traverse the following
routes:
• R1, R2, R3
• R1, R2, R4
To provide protection if node R2 fails, two NNHOP backup tunnels are required: one terminating at R3
and one terminating at R4.
Backup tunnel
T2
T1
R1 R2 R3
59559
Primary
LSP's path
In this illustration, there are three routers: R1, R2, and R3. At R1, there are two NNHOP backup tunnels
(T1 and T2) that go from R1 to R3 without traversing R2.
With redundancy, if R2 fails or the link from R1 to R2 fails, either backup tunnel can be used. If one
backup tunnel is down, the other can be used. LSPs are assigned to backup tunnels when the LSPs are
first established. This is done before a failure.
10
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Information About MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
With load balancing, if neither backup tunnel has enough bandwidth to back up all LSPs, both tunnels
can be used. Some LSPs will use one backup tunnel, other LSPs will use the other backup tunnel. The
router decides the best way to fit the LSPs onto the backup tunnels.
Bandwidth Protection
A backup tunnel can be configured to protect two types of backup bandwidth:
• Limited backup bandwidth—A backup tunnel provides bandwidth protection. The sum of the
bandwidth of all LSPs using this backup tunnel cannot exceed the backup tunnel’s backup
bandwidth. When assigning LSPs to this type of backup tunnel, sufficient backup bandwidth must
exist.
• Unlimited backup bandwidth—The backup tunnel does not provide any bandwidth protection (that
is, best-effort protection exists). There is no limit to the amount of bandwidth used by the LSPs that
are mapped to this backup tunnel. LSPs that allocate zero bandwidth can only use backup tunnels
that have unlimited backup bandwidth.
11
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Information About MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
Specifying limited backup bandwidth does not “guarantee” bandwidth protection if there is a link or
node failure. For example, the set of NHOP and NNHOP backup tunnels that gets triggered when an
interface fails may all share some link on the network topology, and this link may not have sufficient
bandwidth to support all LSPs using this set of backup tunnels.
In Figure 5, both backup tunnels traverse the same links and hop. When the link between routers R1 and
R4 fails, backup tunnels for primary tunnel 1 and primary tunnel 2 are triggered simultaneously. The two
backup tunnels may share a link in the network.
Primary tunnel 2
82033
R1 Primary tunnel 1 R4
Failed link
In Figure 6, the backup tunnel for primary tunnel 1 may traverse routers R1-R2-R3-R4, and the backup
tunnel for primary tunnel 2 may traverse routers R4-R2-R3-R1. In this case, the link R2-R3 may get
overloaded if R1-R4 fails.
R2
R3
Primary tunnel 2
82032
R1 Primary tunnel 1 R4
12
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Information About MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
Backup Tunnel
Preference Destination Bandwidth Pool Bandwidth Amount
1 (Best) NNHOP Subpool or global pool Limited
2 NNHOP Any Limited
3 NNHOP Subpool or global pool Unlimited
4 NNHOP Any Unlimited
5 NHOP Subpool or global pool Limited
6 NHOP Any Limited
7 NHOP Subpool or global pool Unlimited
8 (Worst) NHOP Any Unlimited
Figure 7 shows an example of the backup tunnel selection procedure based on the designated amount of
global pool and subpool bandwidth currently available.
Note If NHOP and NNHOP backup tunnels do not have sufficient backup bandwidth, no consideration is
given to the type of data that the LSP is carrying. For example, a voice LSP may not be protected unless
it is signalled before a data LSP. To prioritize backup tunnel usage, see the “Backup Protection
Preemption Algorithms” section on page 15.
13
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Information About MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
T1
T2
Subpool 100 T4
Subpool 50
Subpool 10 T5
Global pool, unlimited T6
Subpool 100
LSP subpool R1 R2 R3
59560
bandwidth,
20 units
In this example, an LSP requires 20 units (kilobits per second) of subpool backup bandwidth. The best
backup tunnel is selected as follows:
1. Backup tunnels T1 through T4 are considered first because they terminate at the NNHOP.
2. Tunnel T4 is eliminated because it only has 10 units of subpool backup bandwidth.
3. Tunnel T1 is eliminated because it protects only LSPs using global pool bandwidth.
4. Tunnel T3 is chosen over T2 because, although both have sufficient backup bandwidth, T3 has the
least backup bandwidth available (leaving the most backup bandwidth available on T2).
5. Tunnels T5 and T6 need not be considered because they terminate at an NHOP, and therefore are
less desirable than T3, which terminates at an NNHOP.
Promotion
After a backup tunnel has been chosen for an LSP, conditions may change that will cause us to reevaluate
this choice. This reevaluation, if successful, is called promotion. Such conditions may include:
1. A new backup tunnel comes up.
2. The currently chosen backup tunnel for this LSP goes down.
3. A backup tunnel’s available backup bandwidth increases. For example, an LSP protected by the
tunnel has been reoptimized by the headend to use another path.
4. A backup tunnel’s available backup-bandwidth decreases.
For cases 1 and 2, the LSP’s backup tunnel is evaluated immediately. Cases 3 and 4 are addressed by
periodically reevaluating LSP-to-backup tunnel mappings. By default, background reevaluation is
performed every 5 minutes. This interval is configurable via the mpls traffic-eng fast-reroute timers
command.
The response to case 4 is as follows:
When the backup tunnel’s bandwidth is reduced, promotion will not be run so long as the remaining
bandwidth is greater than the sum of the bandwidths of all primary paths for which this tunnel is the
backup. This policy prevents unnecessary disruption of protection of the primary paths.
When the backup tunnel’s bandwidth does fall below the required bandwidth needed for it to substitute
for all primary paths to which it has been assigned, promotion is run.
14
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Information About MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
15
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Information About MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
Cisco implementation of FRR does not mandate a particular approach, and it provides the flexibility to
use any of the above approaches. However, given a range of configuration choices, be sure that the
choices are constant with a particular bandwidth protection strategy.
The following sections describe some important issues in choosing an appropriate configuration:
• Backup Tunnels with Explicitly Signaled Bandwidth, page 16
• Backup Tunnels Signaled with Zero Bandwidth, page 17
There are two bandwidth parameters that must be set for a backup tunnel:
• actual signaled bandwidth
• backup-bandwidth
To signal bandwidth requirements of a backup tunnel, configure the bandwidth of the backup tunnel by
using the tunnel mpls traffic-eng bandwidth command.
To configure the backup bandwidth of the backup tunnel, use the tunnel mpls traffic-eng backup-bw
command.
The signaled bandwidth is used by the LSRs on the path of the backup tunnel to perform admission
control and do appropriate bandwidth accounting.
The backup bandwidth is used by the PLR (the headend of the backup tunnel) to decide how much
primary traffic can be rerouted to this backup tunnel if there is a failure.
Both parameters need to be set to ensure proper operation. The numerical value of the signaled
bandwidth and the backup-bandwidth should be the same.
Protected Bandwidth Pools and the Bandwidth Pool from Which the Backup Tunnel Reserves Its Bandwidth
The tunnel mpls traffic-eng bandwidth command allows you to configure the following:
• Amount of bandwidth a backup tunnel reserves
• The DS-TE bandwidth pool from which the bandwidth needs to be reserved
Note Only one pool can be selected (that is, the backup tunnel can explicitly reserve bandwidth from either
the global pool or the subpool, but not both).
The tunnel mpls traffic-eng backup-bw command allows you to specify the bandwidth pool to which
the traffic must belong for the traffic to use this backup tunnel. Multiple pools are allowed.
There is no direct correspondence between the bandwidth pool that is protected and the bandwidth pool
from which the bandwidth of the backup tunnel draws its bandwidth.
Example: In this example, assume the following:
• Bandwidth protection is desired only for subpool traffic, but the best-effort traffic using the global
pool does not require bandwidth protection.
• Scheduling is configured so that subpool traffic uses the priority queue, and global pool traffic is
served at a lower priority.
Bandwidth protection for 10 Kbps of subpool traffic on a given link can be achieved by any of the
following combinations:
• tunnel mpls traffic-eng bandwidth sub-pool 10
tunnel mpls traffic-eng backup-bw sub-pool 10
16
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Information About MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
Frequently it is desirable to use backup tunnels with zero signaled bandwidth, even when bandwidth
protection is required. It may seem that if no bandwidth is explicitly reserved, no bandwidth guarantees
can be provided. However, that is not necessarily true.
In the following situation:
• Only link protection is desired.
• Bandwidth protection is desired only for subpool traffic.
For each protected link AB with a max reservable subpool value of S, there may be a path from node A
to node B such that the difference between max reservable global and max reservable subpool is at least
S. If it is possible to find such paths for each link in the network, you can establish all the backup tunnels
along such paths without any bandwidth reservations. If there is a single link failure, only one backup
tunnel will use any link on its path. Because that path has at least S of available bandwidth (in the
global pool), assuming that marking and scheduling is configured to classify the subpool traffic into a
priority queue, the subpool bandwidth is guaranteed.
The above approach allows sharing of the global pool bandwidth between backup tunnels protecting
independent link failures. The backup tunnels are expected to be used for only a short period of time
after a failure (until the headends of affected LSPs reroute those LSPs to other paths with available
subpool bandwidth). The probability of multiple unrelated link failures is very small (in the absence of
node or SRLG failures, which result in multiple link failures). Therefore, it is reasonable to assume that
link failures are in practice independent with high probability. This “independent failure assumption” in
combination with backup tunnels signaled without explicit bandwidth reservation enables efficient
bandwidth sharing that yields substantial bandwidth savings.
Backup tunnels protecting the subpool traffic do now draw bandwidth from any pool. Primary traffic
using the global pool can use the entire global pool, and primary traffic using the subpool can use the
entire subpool. Yet, subpool traffic has a complete bandwidth guarantee if there is a single link failure.
A similar approach can be used for node and SRLG protection. However, the decision of where to put
the backup tunnels is more complicated because both node and SRLG failures effectively result in the
simultaneous failure of several links. Therefore, the backup tunnels protecting traffic traversing all
affected links cannot be computed independently of each other. The backup tunnels protecting groups of
links corresponding to different failures can still be computed independently of each other, which results
in similar bandwidth savings.
17
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
How to Configure MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. tunnel mpls traffic-eng fast-reroute [bw-protect] [node-protect]
5. end
18
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
How to Configure MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 interface tunnel number Enters interface configuration mode for the
specified tunnel.
Example:
Router(config)# interface tunnel 1000
Step 4 tunnel mpls traffic-eng fast-reroute [bw-protect] Enables an MPLS TE tunnel to use an established
[node-protect] backup tunnel if there is a link or node failure.
Example:
Router(config-if)# tunnel mpls traffic-eng
fast-reroute bw-protect node-protect
Step 5 end Exits to privileged EXEC mode.
Example:
Router(config-if)# end
Note When using the exclude-address command to specify the path for a backup tunnel, you must exclude
an interface address to avoid a link (for creating an NHOP backup tunnel), or a router-ID address to
avoid a node (for creating an NNHOP backup tunnel).
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. ip unnumbered type number
5. tunnel destination A.B.C.D
19
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
How to Configure MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 interface tunnel number Creates a new tunnel interface and enters interface
configuration mode.
Example:
Router(config)# interface tunnel 1
Step 4 ip unnumbered type number Gives the tunnel interface an IP address that is the
same as that of interface Loopback0.
Example: Note This command is not effective until
Router(config-if)# ip unnumbered loopback0 Lookback0 has been configured with an IP
address.
Step 5 tunnel destination A.B.C.D Specifies the IP address of the device where the
tunnel will terminate.
Example: • That address should be the router ID of the
Router(config-if)# tunnel destination 10.3.3.3 device that is the NHOP or NNHOP of LSPs
to be protected.
Step 6 tunnel mode mpls traffic-eng Sets encapsulation mode of the tunnel to MPLS
TE.
Example:
Router(config-if)# tunnel mode mpls traffic-eng
Step 7 tunnel mpls traffic-eng path-option number {dynamic | Configures a path option for an MPLS TE tunnel.
explicit {name path-name | path-number}} [lockdown]
Example:
Router(config-if)# tunnel mpls traffic-eng path-option
300 explicit name avoid-protected-link
20
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
How to Configure MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
Command Purpose
Step 8 ip explicit-path name name Enters the subcommand mode for IP explicit paths
to create the named path.
Example:
Router(config)# ip explicit-path name
avoid-protected-link
Step 9 exclude-address address For Link Protection, specifies the IP address of the
link to be protected.
Example: • For Node Protection, this command specifies
Router(cfg-ip-expl-path)# exclude-address 10.3.3.3 the router ID of the node to be protected.
Note Backup tunnel paths can be dynamic or
explicit and they do not have to use
exclude-address. Because backup tunnels
must avoid the protected link or node, it is
convenient to use an exclude-address.
Step 10 end Exits to privileged EXEC mode.
Example:
Router(cfg-ip-expl-path)# end
Note You must configure the interface to have an IP address and to enable the MPLS TE tunnel feature.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number]
4. mpls traffic-eng backup-path tunnel tunnel-id
5. end
21
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
How to Configure MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 interface type slot/subslot/port[.subinterface-number] Configures an interface type and enters interface
configuration mode.
Example: • The type argument is the type of interface to
Router(config)# interface POS1/0/0 be configured.
• The slot argument is the chassis slot number.
Refer to the appropriate hardware manual for
slot information. For SIPs, refer to the
platform-specific SPA hardware installation
guide or the corresponding “Identifying Slots
and Subslots for SIPs and SPAs” topic in the
platform-specific SPA software configuration
guide.
• The /subslot keyword and argument pair is the
secondary slot number on a SIP where a SPA
is installed. The slash (/) is required.
Refer to the platform-specific SPA hardware
installation guide and the corresponding
“Specifying the Interface Address on a SPA”
topic in the platform-specific SPA software
configuration guide for subslot information.
• The /port keyword and argument pair is the
port or interface number. The slash (/) is
required.
Refer to the appropriate hardware manual for
port information. For SPAs, refer to the
corresponding “Specifying the Interface
Address on a SPA” topics in the
platform-specific SPA software configuration
guide
• The .subinterface-number keyword and
argument pair is the subinterface number in
the range 1 to 4294967293. The number that
precedes the period (.) must match the number
to which this subinterface belongs.
22
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
How to Configure MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
Command Purpose
Step 4 mpls traffic-eng backup-path tunnel tunnel-id Allows LSPs going out this interface to use this
backup tunnel if there is a link or node failure.
Example: Note You can enter this command multiple
Router(config-if)# mpls traffic-eng backup-path times to associate multiple backup tunnels
tunnel2 with the same protected interface.
Step 5e end Exits to privileged EXEC mode.
Example:
Router(config-if)# end
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. tunnel mpls traffic-eng backup-bw {bandwidth | [sub-pool {bandwidth | unlimited}]
[global-pool {bandwidth | unlimited}]} [any {bandwidth | unlimited}]
5. end
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 interface tunnel number Enters interface configuration mode for the
specified tunnel.
Example:
Router(config)# interface tunnel 2
23
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
How to Configure MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
Command Purpose
Step 4 tunnel mpls traffic-eng backup-bw {bandwidth | Associates bandwidth with a backup tunnel and
[sub-pool {bandwidth | unlimited}][global-pool designates whether LSPs that allocate bandwidth
{bandwidth | unlimited}]} [any {bandwidth |
unlimited}]
from the specified pool can use the tunnel.
Example:
Router(config-if)# tunnel mpls traffic-eng backup-bw
sub-pool 1000
Step 5e end Exits to privileged EXEC mode.
Example:
Router(config-if)# end
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. tunnel mpls traffic-eng-fast-reroute [bw-protect]
5. exit
6. mpls traffic-eng fast-reroute backup-prot-preemption [optimize-bw]
7. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface tunnel number Enters interface configuration mode for the
specified tunnel.
Example:
Router(config)# interface tunnel 2
24
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
How to Configure MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
Step 4 tunnel mpls traffic-eng fast-reroute [bw-protect] Enables an MPLS TE tunnel to use an established
backup tunnel in the event of a link or node failure.
Example: • The bw-protect keyword gives an LSP
Router(config-if)# tunnel mpls traffic-eng priority for using backup tunnels with
fast-reroute bw-protect bandwidth protection.
Step 5 exit Exits to global configuration mode.
Example:
Router(config-if)# exit
Step 6 mpls traffic-eng fast-reroute backup-prot-preemption Changes the backup protection preemption
[optimize-bw] algorithm from minimize the number of LSPs that
are demoted to minimize the amount of bandwidth
Example: that is wasted.
Router(config)# mpls traffic-eng fast-reroute
backup-prot-preemption optimize-bw
Step 7e exit Exits to privileged EXEC mode.
Example:
Router(config-if)# exit
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number]
4. pos ais-shut
5. pos report {b1-tca | b2-tca | b3-tca | lais | lrdi | pais | plop | prdi | rdool | sd-ber | sf-ber | slof |
slos}
6. end
DETAILED STEPS
Example:
Router# configure terminal
25
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
How to Configure MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
Step 3 interface type slot/subslot/port[.subinterface-number] Configures an interface type and enters interface
configuration mode.
Example:
Router(config)# interface pos0/0/0
Step 4 pos ais-shut Sends the line alarm indication signal (LAIS)
when the Packet-over-SONET (POS) interface is
placed in any administrative shutdown state.
Example:
Router(config-if)# pos ais-shut
Step 5 pos report {b1-tca | b2-tca | b3-tca | lais | lrdi | Permits selected SONET alarms to be logged to
pais | plop | prdi | rdool | sd-ber | sf-ber | slof | the console for a POS interface.
slos}
Example:
Router(config-if)# pos report lrdi
Step 6 end Exits to privileged EXEC mode.
Example:
Router(config-if)# end
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. tunnel mpls traffic-eng interface down delay time
5. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface tunnel number Configures an interface type and enters interface
configuration mode.
Example:
Router(config)# interface tunnel 1000
26
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
How to Configure MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
Step 4 tunnel mpls traffic-eng interface down delay time Forces a tunnel to go down as soon as the headend
router detects that the LSP is down.
Example:
Router(config-if)# tunnel mpls traffic-eng interface
down delay 0
Step 5 end Exits to privileged EXEC mode.
Example:
Router(config-if)# end
SUMMARY STEPS
Note To determine if FRR has been configured correctly, perform Steps 1 and 2.
Note If you created LSPs and performed the required configuration tasks but do not have operational backup
tunnels (that is, the backup tunnels are not up or the LSPs are not associated with those backup tunnels),
perform Step 3.
DETAILED STEPS
Signalling Summary:
LSP Tunnels Process: running
RSVP Process: running
Forwarding: enabled
Periodic reoptimization: every 3600 seconds, next in 1706 seconds
TUNNEL NAME DESTINATION UP IF DOWN IF STATE/PROT
Router_t1 10.112.0.12 - PO2/0/1 up/up
Router_t2 10.112.0.12 - unknown up/down
Router_t3 10.112.0.12 - unknown admin-down
Router_t1000 10.110.0.10 - unknown up/down
Router_t2000 10.110.0.10 - PO2/0/1 up/up
27
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
How to Configure MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
PATH:
Tun Dest: 10.10.0.6 Tun ID: 100 Ext Tun ID: 10.10.0.1
Tun Sender: 10.10.0.1 LSP ID: 31
Path refreshes:
arriving: from PHOP 10.10.7.1 on FE0/0/0 every 30000 msecs
Session Attr:
Setup Prio: 7, Holding Prio: 7
Flags: (0x7) Local Prot desired, Label Recording, SE Style
session Name: R1_t100
ERO: (incoming)
10.10.7.2 (Strict IPv4 Prefix, 8 bytes, /32)
10.10.0.6 (Strict IPv4 Prefix, 8 bytes, /32)
RRO:
10.10.7.1/32, Flags:0x0 (No Local Protection)
10.10.4.1/32, Flags:0x9 (Local Prot Avail/to NNHOP) !Available to NNHOP
10.10.1.1/32, Flags:0x0 (No Local Protection)
Traffic params - Rate: 10K bits/sec, Max. burst: 1K bytes
Min Policed Unit: 0 bytes, Max Pkt Size 4294967295 bytes
Fast-Reroute Backup info:
Inbound FRR: Not active
Outbound FRR: No backup tunnel selected
Path ID handle: 50000416.
Incoming policy: Accepted. Policy source(s): MPLS/TE
Status: Proxy-terminated
If LDP is not enabled, separate prefix items are not shown because all prefixes then use a single rewrite.
To confirm that a particular IP prefix is FRR protected, even though it is not shown in this display, enter
it within the show mpls forwarding-table ip-address detail command. The final line of the display will
tell whether that prefix is protected:
28
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
How to Configure MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
The following command output displays the LSPs that are protected when the FRR primary tunnel is
over an ATM interface and the backup tunnel is over a POS interface. As shown in Figure 8, interface
ATM2/0/0.100 is protected by backup tunnel 501.
ATM2/0/0.100
R1 R2 R3 R4
POS 0/2/0
192746
Backup tunnel 501
The following command output displays the LSPs that are protected when the FRR backup tunnel is over
an ATM interface:
29
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
How to Configure MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
Router_t578
LSP Head, Tunnel578, Admin: up, Oper: up
Src 10.55.55.55, Dest 10.88.88.88, Instance 1
Fast Reroute Backup Provided:
Protected i/fs: PO1/0/0, PO1/1/0, PO0/3/3
Protected lsps: 1
Backup BW: any pool unlimited; inuse: 100 kbps
Router_t5710
LSP Head, Tunnel5710, Admin: admin-down, Oper: down
Src 10.55.55.55, Dest 10.7.7.7, Instance 0
Fast Reroute Backup Provided:
Protected i/fs: PO1/1/0
Protected lsps: 0
Backup BW: any pool unlimited; inuse: 0 kbps
Router_t5711
LSP Head, Tunnel5711, Admin: up, Oper: up
Src 10.55.55.55, Dest 10.7.7.7, Instance 1
Fast Reroute Backup Provided:
Protected i/fs: PO1/0/0
Protected lsps: 2
Backup BW: any pool unlimited; inuse: 6010 kbps
30
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
How to Configure MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
Note To determine how much bandwidth is sufficient, offline capacity planning may be required.
• Backup tunnel has appropriate bandwidth type—If you restricted the type of LSPs (subpool or
global pool) that can use this backup tunnel, verify that the LSP is the appropriate type for the
backup tunnel. The type of the LSP is defined by the line tunnel mpls traffic-eng bandwidth at the
headend of this LSP. If this line contains the word “subpool”, then it uses subpool bandwidth;
otherwise, it uses global pool bandwidth. Verify that the type matches the type the backup tunnel
can hold by looking in the output of the above command.
If none of the above actions works, enable debug by entering the debug ip rsvp fast-reroute command
and the debug mpls traffic-eng fast-reroute command on the router that is the headend of the backup
tunnel. Then do the following:
1. Enter the shutdown command for the primary tunnel.
2. Enter the no shutdown command for the primary tunnel.
3. View the debug output.
Step 5 show mpls traffic-eng fast-reroute database
Enter the clear ip rsvp hello instance counters command to verify the following:
• MPLS TE FRR Node Protection has been enabled.
• A certain type of LSP can use a backup tunnel.
The following command output displays the LSPs that are protected:
Router# show mpls traffic-eng fast-reroute database
Note If LDP is not enabled, separate prefix items are not shown because all prefixes then use a single rewrite.
To confirm that a particular IP prefix is FRR protected, even though it is not shown in this display, enter
it within the show mpls forwarding-table ip-address detail command. The final line of the display will
tell whether that prefix is protected:
31
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
How to Configure MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
Reservation:
Tun Dest: 10.1.1.1 Tun ID: 1 Ext Tun ID: 10.1.1.1
Tun Sender: 10.1.1.1 LSP ID: 104
Next Hop: 10.1.1.2 on POS1/0/0
Label: 18 (outgoing)
Reservation Style is Shared-Explicit, QoS Service is Controlled-Load
Average Bitrate is 0 bits/sec, Maximum Burst is 1K bytes
Min Policed Unit: 0 bytes, Max Pkt Size: 0 bytes
RRO:
10.1.1.1/32, Flags:0x1 (Local Prot Avail/to NHOP)
Label subobject: Flags 0x1, C-Type 1, Label 18
10.1.1.1/32, Flags:0x0 (Local Prot Avail/In Use/Has BW/to NHOP)
Label subobject: Flags 0x1, C-Type 1, Label 16
10.1.1.2/32, Flags:0x0 (No Local Protection)
Label subobject: Flags 0x1, C-Type 1, Label 0
Resv ID handle: CD000404.
Policy: Accepted. Policy source(s): MPLS/TE
Troubleshooting Tips
This section describes the following:
• LSPs Do Not Become Active; They Remain Ready, page 33
• Primary Tunnel Does Not Select Backup Tunnel That Is Up, page 33
• Enhanced RSVP Commands, page 33
• RSVP Hello, page 34
• Hello Instances Have Not Been Created, page 34
• No entry at index (error may self-correct, RRO may not yet have propagated from downstream node
of interest)” Error Message Is Printed at the Point of Local Repair, page 34
32
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
How to Configure MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
• Couldn’t get rsbs (error may self-correct when Resv arrives)” Error Message Is Printed at the Point
of Local Repair, page 34
Note If you change the status of a backup tunnel, the backup tunnel selection algorithm is rerun for the backup
tunnel. LSPs that have currently selected (that is, are ready to use) that backup tunnel will be
disassociated from it, and then reassociated with that backup tunnel or another backup tunnel. This is
generally harmless and usually results in mapping the same LSPs to that backup tunnel. However, if any
LSPs are actively using that backup tunnel, shutting down the backup tunnel will tear down those LSPs.
33
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
How to Configure MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down
RSVP Hello
The RSVP Hello feature enables RSVP nodes to detect when a neighboring node is not reachable. Use
this feature when notification of link-layer failures is not available and unnumbered links are not used,
or when the failure detection mechanisms provided by the link layer are not sufficient for timely node
failure detection. Hello must be configured both globally on the router and on the specific interface to
be operational.
No entry at index (error may self-correct, RRO may not yet have propagated from downstream node of interest)”
Error Message Is Printed at the Point of Local Repair
FRR relies on a Record Route Object (RRO) in Resv messages arriving from downstream. Routers
receiving Path messages with the SESSION_ATTRIBUTE bit indicating that the LSP is fast-reroutable
should include an RRO in the corresponding Resv messages.
If an LSP is configured for FRR, but the Resv arriving from a downstream router contains an incomplete
RRO, the “No entry at index (error may self-correct, RRO may not yet have propagated from
downstream node of interest)” message is printed. An incomplete RRO is one in which the NHOP or the
NNHOP did not include an entry in the RRO.
This error typically means that backup tunnels to the NHOP or the NNHOP cannot be selected for this
LSP because there is insufficient information about the NHOP or NNHOP due to the lack of an RRO
entry.
Occasionally there are valid circumstances in which this situation occurs temporarily and the problem
is self-corrected. If subsequent Resv messages arrive with a complete RRO, ignore the error message.
To determine whether the error has been corrected, view the RRO in Resv messages by entering the clear
ip rsvp hello instance counters command. Use an output filter keyword to view only the LSP of interest.
Couldn’t get rsbs (error may self-correct when Resv arrives)” Error Message Is Printed at the Point of Local Repair
The PLR cannot select a backup tunnel for an LSP until a Resv message has arrived from downstream.
When this error occurs, it typically means that something is truly wrong. For example, no reservation
exists for this LSP. You can troubleshoot this problem by using the debug ip rsvp reservation command
to enable debug.
Occasionally there are valid circumstances in which this error message occurs and there is no need for
concern. One such circumstance is when an LSP experiences a change before any Resv message has
arrived from downstream. Changes can cause a PLR to try to select a backup tunnel for an LSP, and the
selection will fail (causing this error message) if no Resv message has arrived for this LSP.
34
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Configuration Examples for MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel
10.3.3.3 10.4.4.4
POS1/0/0
R1 R2 R3 R4
Tunnel 172.16.1.2
1000
Tunnel 172.16.1.3
2000
= Primary tunnels
192747
= Backup tunnels
35
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Configuration Examples for MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface
Tunnel 2000 will use 5 units of bandwidth from the global pool. The “bandwidth protection desired” bit
and the “node protection desired bit” have been set by specifying bw-prot and node-prot, respectively,
in the tunnel mpls traffic-eng fast-reroute command.
Router(config)# interface Tunnel1000
Router(config-if)# tunnel mpls traffic-eng fast-reroute
Router(config-if)# tunnel mpls traffic-eng bandwidth sub-pool 10
Router(config-if)# exit
36
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Configuration Examples for MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel
Associating Backup Bandwidth and Pool Type with Backup Tunnels: Example
Backup tunnel 1 is to be used only by LSPs that take their bandwidth from the global pool. It does not
provide bandwidth protection. Backup tunnel 2 is to be used only by LSPs that take their bandwidth from
the subpool. Backup tunnel 2 provides bandwidth protection for up to 1000 units.
Router(config)# interface Tunnel1
Router(config-if)# tunnel mpls traffic-eng backup-bw global-pool Unlimited
Note This global configuration is required only to change the backup protection preemption algorithm from
minimize the number of LSPs that are demoted to minimize the amount of bandwidth that is wasted.
Configuring an Interface for Fast Link and Node Failure Detection: Example
In the following example, pos ais-shut is configured:
Router(config)# interface pos0/0/0
Router(config-if)# pos ais-shut
37
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Additional References
• ip rsvp signalling hello dscp—Sets the DSCP value that is in the IP header of the Hello message.
• ip rsvp signalling hello refresh misses—Specifies how many acknowledgments a node can miss in
a row before the node considers that communication with its neighbor is down.
• ip rsvp signalling hello refresh interval—Configures the Hello request interval.
• ip rsvp signalling hello statistics—Enables Hello statistics on the router.
To configure POS signaling for detecting FRR failures, enter pos report all or enter the following
commands to request individual reports:
• pos ais-shut
• pos report rdool
• pos report lais
• pos report lrdi
• pos report pais
• pos report prdi
• pos report sd-ber
Additional References
The following sections provide references related to the MPLS TE: Link and Node Protection, with
RSVP Hellos Support (with Fast Tunnel Interface Down Detection) feature.
Related Documents
Related Topic Document Title
IS-IS • Cisco IOS IP Routing Protocols Command Reference
• Configuring a Basic IS-IS Network
MPLS traffic engineering commands Cisco IOS Multiprotocol Label Switching Command Reference
OSPF • Cisco IOS IP Routing Protocols Command Reference
• Configuring OSPF
RSVP commands • Cisco IOS Multiprotocol Label Switching Command Reference
• Cisco IOS Quality of Service Solutions Command Reference
Standards
Standards Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
38
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Additional References
MIBs
MIBs MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFCs Title
RFC 4090 Fast Reroute Extensions to RSVP-TE for LSP Tunnels
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
39
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Feature Information for MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface
Feature Information for MPLS TE: Link and Node Protection, with
RSVP Hellos Support (with Fast Tunnel Interface Down
Detection)
Table 3 lists the features in this module and provides links to specific configuration information.
Use Cisco Feature Navigator to find information about platform support and software image support.
Cisco Feature Navigator enables you to determine which Cisco IOS XE software images support a
specific software release, feature set, or platform. To access Cisco Feature Navigator, go to
http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Note Table 3 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
Table 3 Feature Information for MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel
Interface Down Detection
40
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Feature Information for MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface
Table 3 Feature Information for MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel
Interface Down Detection (continued)
41
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Glossary
Glossary
backup bandwidth—The usage of NHOP and NNHOP backup tunnels to provide bandwidth protection
for rerouted LSPs.
backup tunnel—An MPLS TE tunnel used to protect other (primary) tunnels’ traffic when a link or node
failure occurs.
bandwidth—The available traffic capacity of a link.
Cisco Express Forwarding—A means for accelerating the forwarding of packets within a router, by
storing route lookup.
enterprise network—A large and diverse network connecting most major points in a company or other
organization.
Fast Reroute—Procedures that enable temporary routing around a failed link or node while a new LSP
is being established at the head end.
Gigabit Ethernet—Standard for a high-speed Ethernet, approved by the IEEE (Institute of Electrical
and Electronics Engineers) 802.3z standards committee in 1996.
global pool—The total bandwidth allocated to an MPLS Traffic Engineering link or node.
headend—The router that originates and maintains a given LSP. This is the first router in the LSP’s path.
hop—Passage of a data packet between two network nodes (for example, between two routers).
instance—A Hello instance implements the RSVP Hello extensions for a given router interface address
and remote IP address. Active Hello instances periodically send Hello Request messages, expecting
Hello ACK messages in response. If the expected Ack message is not received, the active Hello instance
declares that the neighbor (remote IP address) is unreachable (that is, it is lost). This can cause LSPs
crossing this neighbor to be fast rerouted.
interface—A network connection.
Intermediate System-to-Intermediate System—IS-IS. Link-state hierarchical routing protocol that
calls for intermediate system (IS) routers to exchange routing information based on a single metric to
determine network topology.
link—A point-to-point connection between adjacent nodes. There can be more than one link between
adjacent nodes. A network communications channel consisting of a circuit or transmission path and all
related equipment between a sender and a receiver. Sometimes referred to as a line or a transmission link.
limited backup bandwidth—Backup tunnels that provide bandwidth protection.
load balancing—A configuration technique that shifts traffic to an alternative link if a certain threshold
is exceeded on the primary link. Load balancing is similar to redundancy in that if an event causes traffic
to shift directions, alternative equipment must be present in the configuration. In load balancing, the
alternative equipment is not necessarily redundant equipment that only operates in the event of a failure.
LSP—label switched path. A configured connection between two routers, in which label switching is
used to carry the packets. The purpose of an LSP is to carry data packets.
merge point—The backup tunnel’s tail.
MPLS—Multiprotocol Label Switching. Packet-forwarding technology, used in the network core, that
applies data link layer labels to tell switching nodes how to forward data, resulting in faster and more
scalable forwarding than network layer routing normally can do.
MPLS global label allocation—There is one label space for all interfaces in the router. For example,
label 100 coming in one interface is treated the same as label 100 coming in a different interface.
NHOP—next hop. The next downstream node along an LSP’s path.
42
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Glossary
NHOP backup tunnel—next-hop backup tunnel. Backup tunnel terminating at the LSP’s next hop
beyond the point of failure, and originating at the hop immediately upstream of the point of failure. It
bypasses a failed link, and is used to protect primary LSPs that were using this link before the failure.
NNHOP—next-next hop. The node after the next downstream node along an LSP’s path.
NNHOP backup tunnel—next-next-hop backup tunnel. Backup tunnel terminating at the LSP’s
next-next hop beyond the point of failure, and originating at the hop immediately upstream of the point
of failure. It bypasses a failed link or node, and is used to protect primary LSPs that were using this link
or node before the failure.
node—Endpoint of a network connection or a junction common to two or more lines in a network. Nodes
can be interconnected by links, and serve as control points in the network. Computers on a network, or
any endpoint or a junction common to two or more lines in a network. Nodes can be processors,
controllers, or workstations.
OSPF—Open Shortest Path First. A link-state hierarchical Interior Gateway Protocol routing algorithm,
derived from the IS-IS protocol. OSPF features include least-cost routing, multipath routing, and load
balancing.
primary LSP—The last LSP originally signaled over the protected interface before the failure. The LSP
before the failure.
primary tunnel—Tunnel whose LSP may be fast rerouted if there is a failure. Backup tunnels cannot
be primary tunnels.
promotion—Conditions, such as a new backup tunnel comes up, cause a reevaluation of a backup tunnel
that was chosen for an LSP. If the reevaluation is successful, it is called a promotion.
protected interface—An interface that has one or more backup tunnels associated with it.
redundancy—The duplication of devices, services, or connections so that, in the event of a failure, the
redundant devices, services, or connections can perform the work of those that failed.
RSVP—Resource Reservation Protocol. An IETF protocol used for signaling requests (setting up
reservations) for Internet services by a customer before that customer is permitted to transmit data over
that portion of the network.
scalability—An indicator showing how quickly some measure of resource usage increases as a network
gets larger.
state—Information that a router must maintain about each LSP. The information is used for rerouting
tunnels.
subpool—The more restrictive bandwidth in an MPLS Traffic Engineering link or node. The subpool is
a portion of the link or node’s overall global pool bandwidth.
tailend—The router upon which an LSP is terminated. This is the last router in the LSP’s path.
topology—The physical arrangement of network nodes and media within an enterprise networking
structure.
tunnel—Secure communications path between two peers, such as two routers.
unlimited backup bandwidth—Backup tunnels that provide no bandwidth (best-effort) protection (that
is, they provide best-effort protection).
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
43
MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel Interface Down Detection)
Glossary
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
44
MPLS Traffic Engineering (TE): Path Protection
The MPLS Traffic Engineering (TE): Path Protection feature provides an end-to-end failure recovery
mechanism (that is, full path protection) for Multiprotocol Label Switching (MPLS) traffic engineering
(TE) tunnels.
Contents
• Prerequisites for MPLS Traffic Engineering (TE): Path Protection, page 2
• Restrictions for MPLS Traffic Engineering (TE): Path Protection, page 2
• Information About MPLS Traffic Engineering (TE): Path Protection, page 2
• How to Configure MPLS Traffic Engineering (TE): Path Protection, page 4
• Configuration Examples for MPLS Traffic Engineering (TE): Path Protection, page 10
• Additional References, page 16
• Feature Information for MPLS Traffic Engineering (TE): Path Protection, page 18
• Glossary, page 20
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Traffic Engineering (TE): Path Protection
Prerequisites for MPLS Traffic Engineering (TE): Path Protection
2
MPLS Traffic Engineering (TE): Path Protection
Information About MPLS Traffic Engineering (TE): Path Protection
Path Protection
Path protection provides an end-to-end failure recovery mechanism (that is, full path protection) for
MPLS TE tunnels. A secondary LSP is established, in advance, to provide failure protection for the
protected LSP that is carrying a tunnel’s TE traffic. When there is a failure on the protected LSP, the
headend router immediately enables the secondary LSP to temporarily carry the tunnel’s traffic. If there
is a failure on the secondary LSP, the tunnel no longer has path protection until the failure along the
secondary path is cleared. Path protection can be used with a single area (OSPF or IS-IS), or Inter-AS
(Border Gateway Protocol (BGP), external BGP (eBGP,) and static).
The failure detection mechanisms that trigger a switchover to a secondary tunnel include the following:
• Path error or resv tear from Resource Reservation Protocol (RSVP) signaling
• Notification from the RSVP hello that a neighbor is lost
• Notification from the Bidirectional Forwarding Detection (BFD) protocol that a neighbor is lost
• Notification from the Interior Gateway Protocol (IGP) that the adjacency is down
• Local teardown of the protected tunnel’s LSP due to preemption in order to signal higher priority
LSPs, a Packet over SONET (POS) alarm, online insertion and removal (OIR), and so forth
An alternate recovery mechanism is Fast Reroute (FRR), which protects MPLS TE LSPs only from link
and node failures by locally repairing the LSPs at the point of failure.
Although not as fast as link or node protection, presignaling a secondary LSP is faster than configuring
a secondary primary path option or allowing the tunnel’s headend router to dynamically recalculate a
path. The actual recovery time is topology-dependent, and affected by delay factors such as propagation
delay or switch fabric latency.
ISSU
Cisco ISSU allows you to perform a Cisco IOS XE software upgrade or downgrade while the system
continues to forward packets. ISSU takes advantage of the Cisco IOS XE high availability
infrastructure—Cisco NSF with SSO and hardware redundancy—and eliminates downtime associated
with software upgrades or version changes by allowing changes while the system remains in service.
That lowers the impact that planned maintenance activities have on network service availability; there is
less downtime and better access to critical systems.
When Path Protection is enabled and an ISSU upgrade is performed, path protection performance is
similar to other TE features.
NSF/SSO
Cisco NSF with SSO provides continuous packet forwarding, even during a network processor hardware
or software failure.
SSO takes advantage of Route Processor (RP) redundancy to increase network availability by
establishing one of the RPs as the active processor while the other RP is designated as the secondary
processor, and then synchronizing critical state information between them. Following an initial
synchronization between the two processors, SSO dynamically maintains RP state information between
them. A switchover from the active to the secondary processor occurs when the active RP fails, is
removed from the networking device, or is manually taken down for maintenance.
3
MPLS Traffic Engineering (TE): Path Protection
How to Configure MPLS Traffic Engineering (TE): Path Protection
Cisco NSF works with SSO to minimize the amount of time a network is unavailable to users after a
switchover. The main purpose of NSF is to continue forwarding IP packets after an RP switchover.
Cisco NSF helps to suppress routing flaps in SSO-enabled devices, thus reducing network instability.
The MPLS Traffic Engineering: Path Protection feature can recover after SSO. A tunnel configured for
path protection may have two LSPs signaled simultaneously: the primary LSP that is carrying the traffic
and the secondary LSP that carries traffic in case there is a failure along the primary path. Only
information associated with one of those LSPs, the one that is currently carrying traffic, is synched to
the standby RP. The standby RP, upon recovery, can determine from the checkpointed information
whether the LSP was the primary or secondary.
If the primary LSP was active during the switchover, only the primary LSP is recovered. The secondary
LSP that was signaled and that provided path protection is resignaled after the TE recovery period is
complete. This does not impact traffic on the tunnel because the secondary LSP was not carrying traffic.
R4
10.2.0.2 10.10.0.1
10.2.0.1 10.10.0.2
R1 R2 R3
SUMMARY STEPS
1. enable
2. configure terminal
4
MPLS Traffic Engineering (TE): Path Protection
How to Configure MPLS Traffic Engineering (TE): Path Protection
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip explicit-path {name path-name | identifier Creates or modifies the explicit path and enters IP explicit
number} [enable | disable] path command mode.
Example:
Router(config)# ip explicit-path name path3441
enable
Step 4 index index command ip-address Inserts or modifies a path entry at a specific index. The IP
address represents the node ID.
Example: Note Enter this command once for each router.
Router(cfg-ip-exp1-path)# index 1 next-address
10.0.0.1
Step 5 exit Exits IP explicit path command mode and enters global
configuration mode.
Example:
Router(cfg-ip-exp1-path)# exit
Step 6 exit Exits global configuration mode and enters privileged
EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
5
MPLS Traffic Engineering (TE): Path Protection
How to Configure MPLS Traffic Engineering (TE): Path Protection
4. tunnel mpls traffic-eng path-option protect number explicit {name path-name | identifier
path-number} [verbatim] [attributes string] [bandwidth kb/s | sub-pool kb/s]
5. exit
6. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface tunnel number Configures a tunnel interface and enters interface
configuration mode.
Example:
Router(config)# interface tunnel500
Step 4 tunnel mpls traffic-eng path-option protect Configures a secondary path option for an MPLS TE tunnel.
number explicit {name path-name | identifier
path-number} [verbatim] [attributes string]
[bandwidth kb/s | sub-pool kb/s]
Example:
Router(config-if)# tunnel mpls traffic-eng
path-option protect 10 explicit name path344
Step 5 exit Exits interface configuration mode and returns to global
configuration mode.
Example:
Router(config-if)# exit
Step 6 exit Exits global configuration mode and returns to privileged
EXEC mode.
Example:
Router(config)# exit
6
MPLS Traffic Engineering (TE): Path Protection
How to Configure MPLS Traffic Engineering (TE): Path Protection
R4
10.10.0.1
10.2.0.2
10.2.0.1 10.10.0.2
= Primary path
186181
= Secondary path
SUMMARY STEPS
DETAILED STEPS
Note To show the status of both LSPs (that is, both the primary path and the protected path), use the show
mpls traffic-eng tunnels command with the protection keyword.
Building configuration...
7
MPLS Traffic Engineering (TE): Path Protection
How to Configure MPLS Traffic Engineering (TE): Path Protection
Config Parameters:
Bandwidth: 100 kb/s (Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
AutoRoute: enabled LockDown: disabled Loadshare: 100 bw-based
auto-bw: disabled
Active Path Option Parameters:
State: explicit path option 10 is active
BandwidthOverride: disabled LockDown: disabled Verbatim: disabled
InLabel : -
OutLabel : FastEthernet1/0/0, 16
RSVP Signalling Info:
Src 10.1.1.1, Dst 10.0.0.9, Tun_Id 500, Tun_Instance 19
RSVP Path Info:
My Address: 10.2.0.1
Explicit Route: 10.2.0.2 10.10.0.1 10.10.0.2 10.0.0.9
Record Route: NONE
Tspec: ave rate=100 kbits, burst=1000 bytes, peak rate=100 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=100 kbits, burst=1000 bytes, peak rate=100 kbits
Shortest Unconstrained Path Info:
Path Weight: 20 (TE)
Explicit Route: 10.2.0.1 10.2.0.2 10.10.0.1 10.10.0.2 10.0.0.9
History:
Tunnel:
Time since created: 11 minutes, 17 seconds
Time since path change: 8 minutes, 5 seconds
Number of LSP IDs (Tun_Instances) used: 19
Current LSP:
Uptime: 8 minutes, 5 seconds
Use this command, with the protection keyword specified, to show the status of both LSPs (that is, both
the primary path and the protected path).
8
MPLS Traffic Engineering (TE): Path Protection
How to Configure MPLS Traffic Engineering (TE): Path Protection
Note Deleting a primary path option has the same effect as shutting down a link. Traffic will move to the
protected path in use.
The following command output shows that the primary LSP is up, and the secondary LSP is up and
providing protection:
Router# show mpls traffic-eng tunnels tunnel500 protection
R1_t500
LSP Head, Tunnel500, Admin: up, Oper: up
Src 10.1.1.1, Dest 10.0.0.9, Instance 19
Fast Reroute Protection: None
Path Protection: 0 Common Link(s), 0 Common Node(s)
Primary lsp path:10.2.0.1 10.2.0.2
10.10.0.1 10.10.0.2
10.0.0.9
Protect lsp path:10.0.0.1 10.0.0.2
10.0.1.1 10.0.1.2
10.0.0.9
Path Protect Parameters:
Bandwidth: 100 kbps (Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
InLabel : -
OutLabel : FastEthernet0/0/0, 16
RSVP Signalling Info:
Src 10.1.1.1, Dst 10.0.0.9, Tun_Id 500, Tun_Instance 27
RSVP Path Info:
My Address: 10.0.0.1
Explicit Route: 10.0.0.2 10.0.1.1 10.0.1.2 10.0.0.9
Record Route: NONE
Tspec: ave rate=100 kbits, burst=1000 bytes, peak rate=100 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=100 kbits, burst=1000 bytes, peak rate=100 kbits
The following command output shows that the primary LSP is down, and the secondary LSP is up and
is actively carrying traffic:
Router# show mpls traffic-eng tunnels tunnel500 protection
R1_t500
LSP Head, Tunnel500, Admin: up, Oper: up
Src 10.1.1.1, Dest 10.0.0.9, Instance 27
Fast Reroute Protection: None
Path Protection: Backup lsp in use.
Step 4 show ip rsvp high-availability database {hello | link-management {interfaces | system} | lsp [filter
destination ip-address | filter lsp-id lsp-id | filter source ip-address | filter tunnel-id tunnel-id] |
lsp-head [filter number] | summary}
The show ip rsvp high-availability database command displays the contents of the RSVP high
availability (HA) read and write databases used in TE. If you specify the lsp-head keyword, the
command output includes path protection information.
Router# show ip rsvp high-availability database lsp-head
LSP_HEAD WRITE DB
Tun ID: 500
Header:
State: Checkpointed Action: Add
Seq #: 3 Flags: 0x0
9
MPLS Traffic Engineering (TE): Path Protection
Configuration Examples for MPLS Traffic Engineering (TE): Path Protection
Data:
lsp_id: 5, bandwidth: 100, thead_flags: 0x1, popt: 1
feature_flags: path protection active
output_if_num: 5, output_nhop: 10,0,0,1
RRR path setup info
Destination: 10.0.0.9, Id: 10.0.0.9 Router Node (ospf) flag:0x0
IGP: ospf, IGP area: 0, Number of hops: 5, metric: 2
Hop 0: 10.0.0.1, Id: 10.0.0.1 Router Node (ospf), flag:0x0
Hop 1: 10.0.0.2, Id: 10.0.0.7 Router Node (ospf), flag:0x0
Hop 2: 10.0.1.1, Id: 10.0.0.7 Router Node (ospf), flag:0x0
Hop 3: 10.0.1.2, Id: 10.0.0.9 Router Node (ospf), flag:0x0
Hop 4: 10.0.0.9, Id: 10.0.0.9 Router Node (ospf), flag:0x0
R4
10.10.0.1
10.2.0.2
10.2.0.1 10.10.0.2
= Primary path
186181
= Secondary path
10
MPLS Traffic Engineering (TE): Path Protection
Configuration Examples for MPLS Traffic Engineering (TE): Path Protection
In the following example the explicit path is named path3441. There is an index command for each
router. If there is failure, the secondary path is used.
Router(config)# ip explicit-path name path3441 enable
Router(cfg-ip-expl-path)# index 1 next 10.0.0.1
Explicit Path name path3441:
1: next-address 10.0.0.1
Router(cfg-ip-expl-path)# exit
The following show running interface command output shows that path protection has been configured.
Tunnel 500 has path option 10 using path344 and protected by path 3441, and path option 20 using
path345 and protected by path348.
Router# show running interface tunnel500
Building configuration...
11
MPLS Traffic Engineering (TE): Path Protection
Configuration Examples for MPLS Traffic Engineering (TE): Path Protection
Config Parameters:
Bandwidth: 100 kbps (Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
AutoRoute: enabled LockDown: disabled Loadshare: 100 bw-based
auto-bw: disabled
Active Path Option Parameters:
State: explicit path option 10 is active
BandwidthOverride: disabled LockDown: disabled Verbatim: disabled
InLabel : -
OutLabel : FastEthernet1/0/0, 16
RSVP Signalling Info:
Src 10.1.1.1, Dst 10.0.0.9, Tun_Id 500, Tun_Instance 43
RSVP Path Info:
My Address: 10.2.0.1
Explicit Route: 10.2.0.2 10.10.0.1 10.10.0.2 10.0.0.9
Record Route: NONE
Tspec: ave rate=100 kbits, burst=1000 bytes, peak rate=100 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=100 kbits, burst=1000 bytes, peak rate=100 kbits
Shortest Unconstrained Path Info:
Path Weight: 20 (TE)
Explicit Route: 10.0.0.1 10.0.0.2 10.0.1.1 10.0.1.2
10.0.0.9
History:
Tunnel:
Time since created: 18 minutes, 22 seconds
Time since path change: 19 seconds
Number of LSP IDs (Tun_Instances) used: 43
Current LSP:
Uptime: 22 seconds
Selection: reoptimization
Prior LSP:
ID: path option 10 [27]
Removal Trigger: reoptimization completed
The following show mpls traffic-eng tunnels command output shows information about the secondary
path. Tunnel500 is protected. The protection path is used, and the primary path is down. The command
output shows the IP explicit paths of the primary LSP and the secondary LSP.
Router# show mpls traffic-eng tunnels tunnel500 protection
R1_t500
LSP Head, Tunnel500, Admin: up, Oper: up
Src 10.1.1.1, Dest 10.0.0.9, Instance 43
12
MPLS Traffic Engineering (TE): Path Protection
Configuration Examples for MPLS Traffic Engineering (TE): Path Protection
The following shutdown command shuts down the interface to use path protection:
Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# interface fastethernet1/0/0
Router(config-if)# shutdown
Router(config-if)# end
Router#
The following show mpls traffic-eng tunnels command shows that the protection path is used, and the
primary path is down:
Router# show mpls traffic-eng tunnels tunnel500
Config Parameters:
Bandwidth: 100 kbps (Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
AutoRoute: enabled LockDown: disabled Loadshare: 100 bw-based
auto-bw: disabled
Active Path Option Parameters:
State: explicit path option 10 is active
BandwidthOverride: disabled LockDown: disabled Verbatim: disabled
InLabel : -
OutLabel : FastEthernet0/0/0, 17
RSVP Signalling Info:
Src 10.1.1.1, Dst 10.0.0.9, Tun_Id 500, Tun_Instance 44
RSVP Path Info:
My Address: 10.0.0.1
13
MPLS Traffic Engineering (TE): Path Protection
Configuration Examples for MPLS Traffic Engineering (TE): Path Protection
The up value in the Oper field of the show mpls traffic-eng tunnels command, with the protection
keyword specified, shows that protection is enabled:
Router# show mpls traffic-eng tunnels tunnel500 protection
R1_t500
LSP Head, Tunnel500, Admin: up, Oper: up
Src 10.1.1.1, Dest 10.0.0.9, Instance 44
Fast Reroute Protection: None
Path Protection: Backup lsp in use.
R1#
The no shutdown command in the following command sequence causes the interface to be up again and
activates the primary path:
Router> enable
Router# configure terminal
The following command output shows that path protection has been reestablished and the primary path
is being used:
Router# show mpls traffic-eng tunnels tunnel500
Config Parameters:
Bandwidth: 100 kbps (Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
14
MPLS Traffic Engineering (TE): Path Protection
Configuration Examples for MPLS Traffic Engineering (TE): Path Protection
InLabel : -
OutLabel : FastEthernet1/0/0, 16
RSVP Signalling Info:
Src 10.1.1.1, Dst 10.0.0.9, Tun_Id 500, Tun_Instance 52
RSVP Path Info:
My Address: 10.2.0.1
Explicit Route: 10.2.0.2 10.10.0.1 10.10.0.2 10.0.0.9
Record Route: NONE
Tspec: ave rate=100 kbits, burst=1000 bytes, peak rate=100 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=100 kbits, burst=1000 bytes, peak rate=100 kbits
Shortest Unconstrained Path Info:
Path Weight: 20 (TE)
Explicit Route: 10.0.0.1 10.0.0.2 10.0.1.1 10.0.1.2 10.0.0.9
History:
Tunnel:
Time since created: 25 minutes, 26 seconds
Time since path change: 23 seconds
Number of LSP IDs (Tun_Instances) used: 52
Current LSP:
Uptime: 26 seconds
Selection: reoptimization
Prior LSP:
ID: path option 10 [44]
Removal Trigger: reoptimization completed
R1#
Following is sample show mpls traffic-eng tunnels command output. Tunnel500 is protected. After a
failure, the primary LSP is protected.
Router# show mpls traffic-eng tunnels tunnel500 protection
R1_t500
LSP Head, Tunnel500, Admin: up, Oper: up
Src 10.1.1.1, Dest 10.0.0.9, Instance 52
Fast Reroute Protection: None
Path Protection: 0 Common Link(s), 0 Common Node(s)
Primary lsp path:10.2.0.1 10.2.0.2
10.10.0.1 10.10.0.2
10.0.0.9
Protect lsp path:10.0.0.1 10.0.2
10.0.1.1 10.0.1.2
10.0.0.9
Path Protect Parameters:
Bandwidth: 100 kbps (Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
InLabel : -
OutLabel : FastEthernet0/0/0, 16
RSVP Signalling Info:
Src 10.1.1.1, Dst 10.0.0.9, Tun_Id 500, Tun_Instance 53
RSVP Path Info:
My Address: 10.0.0.1
Explicit Route: 10.0.0.2 10.0.1.1 10.0.1.2 10.0.0.9
Record Route: NONE
Tspec: ave rate=100 kbits, burst=1000 bytes, peak rate=100 kbits
RSVP Resv Info:
15
MPLS Traffic Engineering (TE): Path Protection
Additional References
Additional References
The following sections provide references related to the MPLS Traffic Engineering (TE): Path Protection
feature.
Related Documents
Related Topic Document Title
MPLS traffic engineering commands Cisco IOS Multiprotocol Label Switching Command Reference
RSVP commands Cisco IOS Quality of Service Solutions Command Reference
IS-IS • Cisco IOS IP Routing Protocols Command Reference
• Configuring a Basic IS-IS Network
OSPF • Cisco IOS IP Routing Protocols Command Reference
• Configuring OSPF
ISSU Cisco IOS XE In Service Software Upgrade Support
NSF/SSO • Cisco Nonstop Forwarding
• Stateful Switchover
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
16
MPLS Traffic Engineering (TE): Path Protection
Additional References
RFCs
RFC Title
No new or modified RFCs are supported by this —
feature, and support for existing RFCs has not been
modified by this feature.
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
17
MPLS Traffic Engineering (TE): Path Protection
Feature Information for MPLS Traffic Engineering (TE): Path Protection
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
Table 1 Feature Information for MPLS Traffic Engineering (TE): Path Protection
18
MPLS Traffic Engineering (TE): Path Protection
Feature Information for MPLS Traffic Engineering (TE): Path Protection
Table 1 Feature Information for MPLS Traffic Engineering (TE): Path Protection (continued)
19
MPLS Traffic Engineering (TE): Path Protection
Glossary
Glossary
autotunnel mesh group—An autotunnel mesh group (referred to as a mesh group) is a set of connections
between edge LSRs in a network.
backup tunnel—An MPLS TE tunnel used to protect other (primary) tunnels’ traffic when a link or node
failure occurs.
BGP—Border Gateway Protocol. An interdomain routing protocol designed to provide loop-free routing
between separate routing domains that contain independent routing policies (autonomous systems).
Cisco Express Forwarding—A means for accelerating the forwarding of packets within a router, by
storing route lookup.
Fast Reroute—Procedures that enable temporary routing around a failed link or node while a new LSP
is being established at the headend.
graceful restart—A process for helping an RP restart after a node failure has occurred.
headend—The router that originates and maintains a given LSP. This is the first router in the LSP’s path.
hop—Passage of a data packet between two network nodes (for example, between two routers).
interface—A network connection.
IS-IS—Intermediate System-to-Intermediate System. Link-state hierarchical routing protocol that calls
for intermediate system (IS) routers to exchange routing information based on a single metric to
determine network topology.
ISSU—In Service Software Upgrade. The ISSU process allows Cisco IOS XE software at the router
level to be updated or otherwise modified while packet forwarding continues.
link—A point-to-point connection between adjacent nodes. There can be more than one link between
adjacent nodes. A link is a network communications channel consisting of a circuit or transmission path
and all related equipment between a sender and a receiver. Sometimes referred to as a line or a
transmission link.
LSP—label switched path. A configured connection between two routers, in which label switching is
used to carry the packets. The purpose of an LSP is to carry data packets.
MPLS—Multiprotocol Label Switching. Packet-forwarding technology, used in the network core, that
applies data link layer labels to tell switching nodes how to forward data, resulting in faster and more
scalable forwarding than network layer routing normally can do.
NHOP—next hop. The next downstream node along an LSP’s path.
NHOP backup tunnel—next-hop backup tunnel. The backup tunnel terminating at the LSP’s next hop
beyond the point of failure, and originating at the hop immediately upstream of the point of failure. It
bypasses a failed link, and is used to protect primary LSPs that were using this link before the failure.
NNHOP—next-next hop. The node after the next downstream node along an LSP’s path.
NNHOP backup tunnel—next-next-hop backup tunnel. The backup tunnel terminating at the LSP’s
next-next hop beyond the point of failure, and originating at the hop immediately upstream of the point
of failure. It bypasses a failed link or node, and is used to protect primary LSPs that were using this link
or node before the failure.
node—The endpoint of a network connection or a junction common to two or more lines in a network.
Nodes can be interconnected by links, and serve as control points in the network. Nodes can be
processors, controllers, or workstations.
20
MPLS Traffic Engineering (TE): Path Protection
Glossary
NSF—Cisco nonstop forwarding. Cisco NSF always runs with stateful switchover (SSO) and provides
redundancy for Layer 3 traffic. NSF works with SSO to minimize the amount of time that a network is
unavailable to its users following a switchover. The main purpose of NSF is to continue forwarding IP
packets following a supervisor engine switchover.
OSPF—Open Shortest Path First. A link-state hierarchical Interior Gateway Protocol routing algorithm,
derived from the IS-IS protocol. OSPF features include least-cost routing, multipath routing, and load
balancing.
primary LSP—The last LSP originally signaled over the protected interface before the failure. A
primary LSP is signaled by configuring a primary path option.
primary tunnel—A tunnel whose LSP may be fast rerouted if there is a failure. Backup tunnels cannot
be primary tunnels.
protected interface—An interface that has one or more backup tunnels associated with it.
router—A network layer device that uses one or more metrics to determine the optimal path along which
network traffic should be forwarded. Routers forward packets from one network to another based on
network layer information.
RP—Route Processor. A generic term for the centralized control unit in a chassis.
RSVP—Resource Reservation Protocol. An IETF protocol used for signaling requests (setting up
reservations) for Internet services by a customer before that customer is permitted to transmit data over
that portion of the network.
secondary LSP—The LSP that is signaled to provide path protection. A secondary LSP protects a
primary LSP.
secondary path option—Configuration of the path option that provides protection.
SRLG—Shared Risk Link Group. Sets of links that are likely to go down together (for example, because
they have the same underlying fiber).
state—Information that a router must maintain about each LSP. The information is used for rerouting
tunnels.
tailend—The router upon which an LSP is terminated. This is the last router in the LSP’s path.
TE—traffic engineering. The techniques and processes used to cause routed traffic to travel through the
network on a path other than the one that would have been chosen if standard routing methods had been
used.
topology—The physical arrangement of network nodes and media within an enterprise networking
structure.
tunnel—Secure communications path between two peers, such as two routers.
VoIP—Voice over IP. The capability of a router to carry voice traffic (for example, telephone calls and faxes)
over an IP network. Cisco’s voice support is implemented by using voice packet technology.
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect,
Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good,
Flip Mino, Flip Video, Flip Video (Design), Flipshare (Design), Flip Ultra, and Welcome to the Human Network are trademarks; Changing the Way
We Work, Live, Play, and Learn, Cisco Store, and Flip Gift Card are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting
To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS,
Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch,
Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the
IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy,
Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to
Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the
United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0907R)
21
MPLS Traffic Engineering (TE): Path Protection
Glossary
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
22
MPLS Traffic Engineering: BFD-triggered Fast
Reroute
The MPLS Traffic Engineering: BFD-triggered Fast Reroute feature allows you to obtain link and node
protection by using the Bidirectional Forwarding Detection (BFD) protocol to provide fast forwarding
path failure detection times for all media types, encapsulations, topologies, and routing protocols. In
addition to fast forwarding path failure detection, BFD provides a consistent failure detection method
for network administrators.
To obtain link and node protection by using the Resource Reservation Protocol (RSVP) with Hellos
support, refer to the MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel
Interface Down Detection) process module. RSVP Hellos enable a router to detect when a neighboring
node has gone down but its interface to that neighbor is still operational.
Contents
• Prerequisites for MPLS Traffic Engineering: BFD-triggered Fast Reroute, page 2
• Restrictions for MPLS Traffic Engineering: BFD-triggered Fast Reroute, page 2
• Information About MPLS Traffic Engineering: BFD-triggered Fast Reroute, page 2
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Traffic Engineering: BFD-triggered Fast Reroute
Prerequisites for MPLS Traffic Engineering: BFD-triggered Fast Reroute
2
MPLS Traffic Engineering: BFD-triggered Fast Reroute
Information About MPLS Traffic Engineering: BFD-triggered Fast Reroute
Fast Reroute
Fast Reroute (FRR) is a mechanism for protecting Multiprotocol Label Switching (MPLS) traffic
engineering (TE) label switched paths (LSPs) from link and node failures by locally repairing the LSPs
at the point of failure, allowing data to continue to flow on them while their headend routers attempt to
establish new end-to-end LSPs to replace them. FRR locally repairs the protected LSPs by rerouting
them over backup tunnels that bypass failed links or nodes.
Link Protection
Backup tunnels that bypass only a single link of the LSP’s path provide link protection. They protect
LSPs if a link along their path fails by rerouting the LSP’s traffic to the next hop (bypassing the failed
link). These are referred to as next-hop (NHOP) backup tunnels because they terminate at the LSP’s next
hop beyond the point of failure.
Node Protection
FRR provides node protection for LSPs. Backup tunnels that bypass next-hop nodes along LSP paths are
called next-next-hop (NNHOP) backup tunnels because they terminate at the node following the
next-hop node of the LSP paths, thereby bypassing the next-hop node. They protect LSPs if a node along
their path fails by enabling the node upstream of the failure to reroute the LSPs and their traffic around
the failed node to the next-next hop. FRR supports the use of RSVP Hellos to accelerate the detection of
node failures. NNHOP backup tunnels also provide protection from link failures, because they bypass
the failed link as well as the node.
Bandwidth Protection
NHOP and NNHOP backup tunnels can be used to provide bandwidth protection for rerouted LSPs. This
is referred to as backup bandwidth. You can associate backup bandwidth with NHOP or NNHOP backup
tunnels. This informs the router of the amount of backup bandwidth a particular backup tunnel can
protect. When a router maps LSPs to backup tunnels, bandwidth protection ensures that an LSP uses a
given backup tunnel only if there is sufficient backup bandwidth. The router selects which LSPs use
which backup tunnels in order to provide maximum bandwidth protection. That is, the router determines
the best way to map LSPs onto backup tunnels in order to maximize the number of LSPs that can be
protected.
3
MPLS Traffic Engineering: BFD-triggered Fast Reroute
How to Configure MPLS Traffic Engineering: BFD-triggered Fast Reroute
Note An NNHOP backup tunnel must not go via the NHOP backup tunnel.
SUMMARY STEPS
1. enable
2. configure terminal
3. ip rsvp signalling hello bfd
4. exit
4
MPLS Traffic Engineering: BFD-triggered Fast Reroute
How to Configure MPLS Traffic Engineering: BFD-triggered Fast Reroute
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 ip rsvp signalling hello bfd Enables the BFD protocol on the router for MPLS
TE link and node protection.
Example:
Router(config)# ip rsvp signalling hello bfd
Step 4 exit Exits to privileged EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. tunnel mpls traffic-eng fast-reroute [bw-protect] [node-protect]
5. exit
6. exit
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
5
MPLS Traffic Engineering: BFD-triggered Fast Reroute
How to Configure MPLS Traffic Engineering: BFD-triggered Fast Reroute
Command Purpose
Step 3 interface tunnel number Enters interface configuration mode for the
specified tunnel.
Example: • The number argument is the number of the
Router(config)# interface tunnel 1000 tunnel.
Step 4 tunnel mpls traffic-eng fast-reroute [bw-protect] Enables an MPLS TE tunnel to use an established
[node-protect] backup tunnel if there is a link or node failure.
• The bw-protect keyword sets the “bandwidth
Example: protection desired” bit so that backup
Router(config-if)# tunnel mpls traffic-eng bandwidth protection is enabled.
fast-reroute bw-protect node-protect
• The node-protect keyword sets the “node
protection desired” bit so that backup
bandwidth protection is enabled.
Step 5 exit Exits interface configuration mode and returns to
global configuration mode.
Example:
Router(config-if)# exit
Step 6 exit Exits global configuration mode and returns to
privileged EXEC mode.
Example:
Router(config)# exit
Note When using the exclude-address command to specify the path for a backup tunnel, you must exclude
an interface address to avoid a link (for creating an NHOP backup tunnel), or a router-ID address to
avoid a node (for creating an NNHOP backup tunnel).
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. ip unnumbered type number
5. tunnel destination ip-address
6. tunnel mode mpls traffic-eng
6
MPLS Traffic Engineering: BFD-triggered Fast Reroute
How to Configure MPLS Traffic Engineering: BFD-triggered Fast Reroute
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 interface tunnel number Creates a new tunnel interface and enters interface
configuration mode.
Example: • The number argument is the number of the
Router(config)# interface tunnel 1 tunnel.
Step 4 ip unnumbered type number Enables IP processing on an interface without
assigning an explicit IP address to the interface.
Example: • The type and number arguments name the
Router(config-if)# ip unnumbered loopback 0 type and number of another interface on
which the router has an assigned IP address. It
cannot be another unnumbered interface.
Note The ip unnumbered loopback 0
command gives the tunnel interface an IP
address that is the same as that of interface
loopback 0. This command is not effective
until loopback 0 has been configured with
an IP address.
Step 5 tunnel destination ip-address Specifies the destination for a tunnel interface.
• The ip-address argument specifies the IP
Example: address of the device, expressed in dotted
Router(config-if)# tunnel destination 10.3.3.3 decimal notation, where the tunnel will
terminate. That address should be the router
ID of the device that is the NHOP or NNHOP
of LSPs to be protected.
Step 6 tunnel mode mpls traffic-eng Sets encapsulation mode of the tunnel to
MPLS TE.
Example:
Router(config-if)# tunnel mode mpls traffic-eng
7
MPLS Traffic Engineering: BFD-triggered Fast Reroute
How to Configure MPLS Traffic Engineering: BFD-triggered Fast Reroute
Command Purpose
Step 7 tunnel mpls traffic-eng path-option number {dynamic | Configures the tunnel to use a named IP explicit
explicit {name path-name | path-number}}[lockdown] path or a path dynamically calculated from the
traffic engineering topology database.
Example: • The number argument is the preference for
Router(config-if)# tunnel mpls traffic-eng path-option this path option. When you configure multiple
10 explicit name avoid-protected-link
path options, lower numbered options are
preferred. Valid values are from 1 to 1000.
• The dynamic keyword indicates that the path
of the label switched path (LSP) is
dynamically calculated.
• The explicit keyword indicates that the path
of the LSP is an IP explicit path.
• The name path-name keyword and argument
are the path name of the IP explicit path that
the tunnel uses with this option.
• The identifier path-number keyword and
argument pair names the path number of the
IP explicit path that the tunnel uses with this
option. The range is from 1 to 65535.
• The lockdown keyword specifies that The
LSP cannot be reoptimized.
Note A dynamic path is used if an explicit path
is currently unavailable.
Step 8 exit Exits interface configuration mode and enter
global configuration mode.
Example:
Router(config-if)# exit
Step 9 ip explicit-path name name Enters IP explicit path mode for IP explicit paths
to create the named path.
Example: • The name argument is the name of the explicit
Router(config)# ip explicit-path name path.
avoid-protected-link
Step 10 exclude-address address Excludes an address from an explicit-path.
• The address argument specifies the IP address
Example: of the link to be protected for link protection.
Router(cfg-ip-expl-path)# exclude-address 10.3.3.3 For node protection, it specifies the router ID
of the node to be protected.
Note Backup tunnel paths can be dynamic or
explicit and they do not have to use an
excluded address. Because backup tunnels
must avoid the protected link or node, it is
convenient to use an excluded address.
8
MPLS Traffic Engineering: BFD-triggered Fast Reroute
How to Configure MPLS Traffic Engineering: BFD-triggered Fast Reroute
Command Purpose
Step 11 exit Exits IP explicit path configuration mode and
returns to global configuration mode.
Example:
Router(cfg-ip-expl-path))# exit
Step 12 exit Exits global configuration mode and returns to
privileged EXEC mode.
Example:
Router(config)# exit
Note You must configure the interface to have an IP address and to enable the MPLS TE tunnel feature.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port [.subinterface]
4. mpls traffic-eng backup-path tunnel tunnel-id
5. exit
6. exit
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
9
MPLS Traffic Engineering: BFD-triggered Fast Reroute
How to Configure MPLS Traffic Engineering: BFD-triggered Fast Reroute
Command Purpose
Step 3 interface type slot/subslot/port[.subinterface] Configures an interface type and enters interface
configuration mode.
Example: • The type argument is the type of interface to
Router(config)# interface Gigabitethernet 2/1/0 be configured.
• The slot argument is the chassis slot number.
Refer to the appropriate hardware manual for
slot information. For SIPs, refer to the
platform-specific SPA hardware installation
guide or the corresponding “Identifying Slots
and Subslots for SIPs and SPAs” topic in the
platform-specific SPA software configuration
guide.
• The /subslot keyword and argument pair is the
secondary slot number on a SIP where a SPA
is installed. The slash (/) is required.
Refer to the platform-specific SPA hardware
installation guide and the corresponding
“Specifying the Interface Address on a SPA”
topic in the platform-specific SPA software
configuration guide for subslot information.
• The /port keyword and argument pair is the
port or interface number. The slash (/) is
required.
Refer to the appropriate hardware manual for
port information. For SPAs, refer to the
corresponding “Specifying the Interface
Address on a SPA” topics in the
platform-specific SPA software configuration
guide
• The .subinterface-number keyword and
argument pair is the subinterface number in
the range 1 to 4294967293. The number that
precedes the period (.) must match the number
to which this subinterface belongs.
Step 4 mpls traffic-eng backup-path tunnel tunnel-id Configures the physical interface to use for a
backup tunnel in the event of a detected failure on
that interface.
Example:
Router(config-if)# mpls traffic-eng backup-path • The tunnel-id argument is a string that
tunnel2 identifies a backup tunnel to use if there is a
link or node failure for LSPs going out the
configured interface.
Note You can enter this command multiple
times to associate multiple backup tunnels
with the same protected interface.
10
MPLS Traffic Engineering: BFD-triggered Fast Reroute
How to Configure MPLS Traffic Engineering: BFD-triggered Fast Reroute
Command Purpose
Step 5 exit Exits interface configuration mode and returns to
global configuration mode.
Example:
Router(config-if))# exit
Step 6 exit Exits global configuration mode and returns to
privileged EXEC mode.
Example:
Router(config)# exit
1. enable
2. configure terminal
3. interface type slot/subslot/port [.subinterface]
4. ip rsvp signalling hello bfd
5. bfd interval milliseconds min_rx milliseconds multiplier interval-multiplier
6. exit
7. exit
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
11
MPLS Traffic Engineering: BFD-triggered Fast Reroute
How to Configure MPLS Traffic Engineering: BFD-triggered Fast Reroute
Command Purpose
Step 3 interface type slot/subslot/port[.subinterface] Configures an interface type and enters interface
configuration mode.
Example: • The type argument is the type of interface to
Router(config)# interface Gigabitethernet 2/1/0 be configured.
• The slot argument is the chassis slot number.
Refer to the appropriate hardware manual for
slot information. For SIPs, refer to the
platform-specific SPA hardware installation
guide or the corresponding “Identifying Slots
and Subslots for SIPs and SPAs” topic in the
platform-specific SPA software configuration
guide.
• The /subslot keyword and argument pair is the
secondary slot number on a SIP where a SPA
is installed. The slash (/) is required.
Refer to the platform-specific SPA hardware
installation guide and the corresponding
“Specifying the Interface Address on a SPA”
topic in the platform-specific SPA software
configuration guide for subslot information.
• The /port keyword and argument pair is the
port or interface number. The slash (/) is
required.
Refer to the appropriate hardware manual for
port information. For SPAs, refer to the
corresponding “Specifying the Interface
Address on a SPA” topics in the
platform-specific SPA software configuration
guide
• The .subinterface-number keyword and
argument pair is the subinterface number in
the range 1 to 4294967293. The number that
precedes the period (.) must match the number
to which this subinterface belongs.
Step 4 ip rsvp signalling hello bfd Enables the BFD protocol on an interface for
MPLS TE link and node protection.
Example:
Router(config-if)# ip rsvp signalling hello bfd
12
MPLS Traffic Engineering: BFD-triggered Fast Reroute
How to Configure MPLS Traffic Engineering: BFD-triggered Fast Reroute
Command Purpose
Step 5 bfd interval milliseconds min_rx milliseconds Sets the BFD session parameters for an interface.
multiplier interval-multiplier
• The interval milliseconds keyword and
argument pair specifies the rate at which BFD
Example: control packets will be sent to BFD peers. The
Router(config-if)# bfd interval 100 min_rx 100 configurable time period for the milliseconds
multiplier 4
argument is from 50 to 999.
• The min_rx millisecond keyword and
argument pair specifies the rate at which BFD
control packets will be expected to be
received from BFD peers. The configurable
time period for the milliseconds argument is
from 1 to 999.
• The multiplier interval-multiplier keyword
and argument pair specifies the number of
consecutive BFD control packets that must be
missed from a BFD peer before BFD declares
that the peer is unavailable and the Layer 3
BFD peer is informed of the failure. The
configurable value range for the
multiplier-value argument is from 3 to 50.
Step 6 exit Exits interface configuration mode and returns to
global configuration mode.
Example:
Router(config-if))# exit
Step 7 exit Exits global configuration mode and returns to
privileged EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. tunnel mpls traffic-eng backup-bw {bandwidth | [sub-pool {bandwidth | Unlimited}]
[global-pool {bandwidth | Unlimited}]} [any {bandwidth | Unlimited}]
5. exit
6. exit
13
MPLS Traffic Engineering: BFD-triggered Fast Reroute
How to Configure MPLS Traffic Engineering: BFD-triggered Fast Reroute
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 interface tunnel number Enters interface configuration mode for the
specified tunnel.
Example: • The number argument is the number of the
Router(config)# interface tunnel 2 tunnel.
Step 4 tunnel mpls traffic-eng backup-bw {bandwidth | Associates bandwidth with a backup tunnel and
[sub-pool {bandwidth | Unlimited}] [global-pool designates whether LSPs that allocate bandwidth
{bandwidth | Unlimited}]} [any {bandwidth |
Unlimited}]
from the specified pool can use the tunnel.
Example:
Router(config-if)# tunnel mpls traffic-eng backup-bw
sub-pool 1000
Step 5 exit Exits interface configuration mode and returns to
global configuration mode.
Example:
Router(config-if))# exit
Step 6 exit Exits global configuration mode and returns to
privileged EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. tunnel mpls traffic-eng fast-reroute [bw-protect]
5. exit
6. mpls traffic-eng fast-reroute backup-prot-preemption optimize-bw
7. exit
14
MPLS Traffic Engineering: BFD-triggered Fast Reroute
How to Configure MPLS Traffic Engineering: BFD-triggered Fast Reroute
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface tunnel number Enters interface configuration mode for the
specified tunnel.
Example: • The number argument is the number of the
Router(config)# interface tunnel 2 tunnel.
Step 4 tunnel mpls traffic-eng fast-reroute [bw-protect] Enables an MPLS TE tunnel to use an established
backup tunnel in the event of a link or node failure.
Example: • The bw-protect keyword gives an LSP
Router(config-if)# tunnel mpls traffic-eng priority for using backup tunnels with
fast-reroute bw-protect bandwidth protection.
Step 5 exit Exits interface configuration mode.
Example:
Router(config-if)# exit
Step 6 mpls traffic-eng fast-reroute backup-prot-preemption Changes the backup protection preemption
optimize-bw algorithm from minimize the number of LSPs that
are demoted to minimize the amount of bandwidth
Example: that is wasted.
Router(config)# mpls traffic-eng fast-reroute
backup-prot-preemption optimize-bw
Step 7 exit Exits global configuration mode and returns to
privileged EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
Note To determine if FRR has been configured correctly, perform Steps 1 and 2.
15
MPLS Traffic Engineering: BFD-triggered Fast Reroute
How to Configure MPLS Traffic Engineering: BFD-triggered Fast Reroute
Note If you created LSPs and performed the required configuration tasks but do not have operational backup
tunnels (that is, the backup tunnels are not up or the LSPs are not associated with those backup tunnels),
perform Step 3.
DETAILED STEPS
Signalling Summary:
LSP Tunnels Process: running
RSVP Process: running
Forwarding: enabled
Periodic reoptimization: every 3600 seconds, next in 1706 seconds
TUNNEL NAME DESTINATION UP IF DOWN IF STATE/PROT
Router_t1 10.112.0.12 - Gi4/0/1 up/up
Router_t2 10.112.0.12 - unknown up/down
Router_t3 10.112.0.12 - unknown admin-down
Router_t1000 10.110.0.10 - unknown up/down
Router_t2000 10.110.0.10 - Gi4/0/1 up/up
Displayed 5 (of 5) heads, 0 (of 0) midpoints, 0 (of 0) tails
PATH:
Tun Dest: 10.10.0.6 Tun ID: 100 Ext Tun ID: 10.10.0.1
Tun Sender: 10.10.0.1 LSP ID: 31
16
MPLS Traffic Engineering: BFD-triggered Fast Reroute
How to Configure MPLS Traffic Engineering: BFD-triggered Fast Reroute
Path refreshes:
arriving: from PHOP 10.10.7.1 on Et0/0 every 30000 msecs
Session Attr:
Setup Prio: 7, Holding Prio: 7
Flags: (0x7) Local Prot desired, Label Recording, SE Style
session Name: R1_t100
ERO: (incoming)
10.10.7.2 (Strict IPv4 Prefix, 8 bytes, /32)
10.10.0.6 (Strict IPv4 Prefix, 8 bytes, /32)
RRO:
10.10.7.1/32, Flags:0x0 (No Local Protection)
10.10.4.1/32, Flags:0x9 (Local Prot Avail/to NNHOP) !Available to NNHOP
10.10.1.1/32, Flags:0x0 (No Local Protection)
Traffic params - Rate: 10K bits/sec, Max. burst: 1K bytes
Min Policed Unit: 0 bytes, Max Pkt Size 4294967295 bytes
Fast-Reroute Backup info:
Inbound FRR: Not active
Outbound FRR: No backup tunnel selected
Path ID handle: 50000416.
Incoming policy: Accepted. Policy source(s): MPLS/TE
Status: Proxy-terminated
If Label Distribution Protocol (LDP) is not enabled, separate prefix items are not shown because all
prefixes then use a single rewrite. To confirm that a particular IP prefix is FRR protected, even though
it is not shown in this display, enter it within the show mpls forwarding-table ip-address detail
command. The final line of the display will tell whether that prefix is protected:
Router# show mpls forwarding-table 10.0.0.11 32 detail
17
MPLS Traffic Engineering: BFD-triggered Fast Reroute
How to Configure MPLS Traffic Engineering: BFD-triggered Fast Reroute
The following command output displays the LSPs that are protected when the FRR primary tunnel is
over a Gigabit Ethernet interface and the backup tunnel is over a Gigabit Ethernet interface. As shown
in Figure 1, interface Gigabit Ethernet 2/1/0 is protected by backup tunnel 501.
Gi2/1/0
R1 R2 R3 R4
Gi1/1/0
192705
Backup tunnel 501
The following command output displays the LSPs that are protected when the FRR backup tunnel is over
a Gigabit Ethernet interface.
18
MPLS Traffic Engineering: BFD-triggered Fast Reroute
How to Configure MPLS Traffic Engineering: BFD-triggered Fast Reroute
For backup tunnels to be operational, the LSP must be reroutable. At the headend of the LSP, enter the
show run interface tunnel tunnel-number command. The output should include the tunnel mpls
traffic-eng fast-reroute command. If it does not, enter this command for the tunnel.
On the router where the backup tunnels originate, enter the show mpls traffic-eng tunnels backup
command. Following is sample command output:
Router# show mpls traffic-eng tunnels backup
Router_t578
LSP Head, Tunnel578, Admin: up, Oper: up
Src 10.55.55.55, Dest 10.88.88.88, Instance 1
Fast Reroute Backup Provided:
Protected i/fs: PO1/0, PO1/1, PO3/3
Protected lsps: 1
Backup BW: any pool unlimited; inuse: 100 kbps
Router_t5710
LSP Head, Tunnel5710, Admin: admin-down, Oper: down
Src 10.55.55.55, Dest 10.7.7.7, Instance 0
Fast Reroute Backup Provided:
Protected i/fs: PO1/1
Protected lsps: 0
Backup BW: any pool unlimited; inuse: 0 kbps
Router_t5711
LSP Head, Tunnel5711, Admin: up, Oper: up
Src 10.55.55.55, Dest 10.7.7.7, Instance 1
Fast Reroute Backup Provided:
Protected i/fs: PO1/0
Protected lsps: 2
Backup BW: any pool unlimited; inuse: 6010 kbps
Note In order to determine how much bandwidth is sufficient, offline capacity planning may be required.
Backup tunnel has appropriate bandwidth type—If you restricted the type of LSPs (subpool or global
pool) that can use this backup tunnel, verify that the LSP is the appropriate type for the backup tunnel.
The type of the LSP is defined by the line tunnel mpls traffic-eng bandwidth at the headend of this
LSP. If this line contains the word “sub pool”, then it uses subpool bandwidth; otherwise, it uses global
pool bandwidth. Verify that the type matches the type the backup tunnel can hold by looking in the output
of the tunnel mpls traffic-eng bandwidth command.
19
MPLS Traffic Engineering: BFD-triggered Fast Reroute
How to Configure MPLS Traffic Engineering: BFD-triggered Fast Reroute
If none of the verification actions described succeed, enable debug by entering the debug ip rsvp
fast-reroute command and the debug mpls traffic-eng fast-reroute command on the router that is the
headend of the backup tunnel. Then do the following:
1. Enter the shutdown command for the primary tunnel.
2. Enter the no shutdown command for the primary tunnel.
3. View the debug output.
Note If Label Distribution Protocol (LDP) is not enabled, separate prefix items are not shown because all
prefixes then use a single rewrite. To confirm that a particular IP prefix is FRR protected, even though
it is not shown in this display, enter it within the show mpls forwarding-table ip-address detail
command. The final line of the display will tell whether that prefix is protected.
Reservation:
Tun Dest: 10.1.1.1 Tun ID: 1 Ext Tun ID: 10.1.1.1
Tun Sender: 10.1.1.1 LSP ID: 104
Next Hop: 10.1.1.2 on Gi1/0/2
20
MPLS Traffic Engineering: BFD-triggered Fast Reroute
How to Configure MPLS Traffic Engineering: BFD-triggered Fast Reroute
Label: 18 (outgoing)
Reservation Style is Shared-Explicit, QoS Service is Controlled-Load
Average Bitrate is 0 bits/sec, Maximum Burst is 1K bytes
Min Policed Unit: 0 bytes, Max Pkt Size: 0 bytes
RRO:
10.1.1.1/32, Flags:0x1 (Local Prot Avail/to NHOP)
Label subobject: Flags 0x1, C-Type 1, Label 18
10.1.1.1/32, Flags:0x0 (Local Prot Avail/In Use/Has BW/to NHOP)
Label subobject: Flags 0x1, C-Type 1, Label 16
10.1.1.2/32, Flags:0x0 (No Local Protection)
Label subobject: Flags 0x1, C-Type 1, Label 0
Resv ID handle: CD000404.
Policy: Accepted. Policy source(s): MPLS/TE
Hello:
RSVP Hello for Fast-Reroute/Reroute: Enabled
Statistics: Disabled
BFD for Fast-Reroute/Reroute: Enabled
RSVP Hello for Graceful Restart: Disabled
Gi2/1/1:
RSVP: Enabled
Interface State: Up
Bandwidth:
Curr allocated: 0 bits/sec
Max. allowed (total): 0 bits/sec
Max. allowed (per flow): 0 bits/sec
Max. allowed for LSP tunnels using sub-pools (pool 1): 0 bits/sec
Set aside by policy (total): 0 bits/sec
Signalling:
DSCP value used in RSVP msgs: 0x3F
Number of refresh intervals to enforce blockade state: 4
Authentication: disabled
Key chain: <none>
Type: md5
21
MPLS Traffic Engineering: BFD-triggered Fast Reroute
How to Configure MPLS Traffic Engineering: BFD-triggered Fast Reroute
Window size: 1
Challenge: disabled
FRR Extension:
Backup Path: Configured (or "Not Configured")
BFD Extension:
State: Disabled
Interval: Not Configured
RSVP Hello Extension:
State: Disabled
Refresh Interval: FRR: 200 , Reroute: 2000
Missed Acks: FRR: 4 , Reroute: 4
DSCP in HELLOs: FRR: 0x30 , Reroute: 0x30
22
MPLS Traffic Engineering: BFD-triggered Fast Reroute
Configuration Examples for MPLS Traffic Engineering: BFD-triggered Fast Reroute
10.3.3.3 10.4.4.4
Gi1/1/0
R1 R2 R3 R4
Tunnel 172.16.1.2
1000
Tunnel 172.16.1.3
2000
= Primary tunnels
192706
= Backup tunnels
23
MPLS Traffic Engineering: BFD-triggered Fast Reroute
Configuration Examples for MPLS Traffic Engineering: BFD-triggered Fast Reroute
24
MPLS Traffic Engineering: BFD-triggered Fast Reroute
Additional References
Associating Backup Bandwidth and Pool Type with Backup Tunnels: Example
In Figure 2. backup tunnel 1 is to be used only by LSPs that take their bandwidth from the global pool.
It does not provide bandwidth protection. Backup tunnel 2 is to be used only by LSPs that take their
bandwidth from the subpool. Backup tunnel 2 provides bandwidth protection for up to 1000 units.
Router(config)# interface tunnel 1
Router(config-if)# tunnel mpls traffic-eng backup-bw global-pool Unlimited
Note This global configuration is required only to change the backup protection preemption algorithm from
minimize the number of LSPs that are demoted to minimize the amount of bandwidth that is wasted.
Additional References
The following sections provide references related to the MPLS Traffic Engineering: BFD-triggered Fast
Reroute feature.
25
MPLS Traffic Engineering: BFD-triggered Fast Reroute
Additional References
Related Documents
Related Topic Document Title
Link and node protection MPLS TE: Link and Node Protection, with RSVP Hellos Support (with Fast Tunnel
Interface Down Detection)
Multiprotocol Label Switching Cisco IOS Multiprotocol Label Switching Command Reference
commands
Bidirectional Forwarding Direction “Bidirectional Forwarding Detection” chapter in the Cisco IOS XE IP Routing
configuration information Configuration Guide
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
26
MPLS Traffic Engineering: BFD-triggered Fast Reroute
Additional References
RFCs
RFC Title
No new or modified RFCs are supported by this —
feature, and support for existing RFCs has not been
modified by this feature.
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
27
MPLS Traffic Engineering: BFD-triggered Fast Reroute
Feature Information for MPLS Traffic Engineering: BFD-triggered Fast Reroute
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
28
MPLS Traffic Engineering: BFD-triggered Fast Reroute
Feature Information for MPLS Traffic Engineering: BFD-triggered Fast Reroute
Table 1 Feature Information for MPLS Traffic Engineering: BFD-triggered Fast Reroute
29
MPLS Traffic Engineering: BFD-triggered Fast Reroute
Glossary
Glossary
backup bandwidth—The usage of NHOP and NNHOP backup tunnels to provide bandwidth protection
for rerouted LSPs.
backup tunnel—An MPLS TE tunnel used to protect other (primary) tunnels’ traffic when a link or node
failure occurs.
bandwidth—The available traffic capacity of a link.
fast reroute—Procedures that enable temporary routing around a failed link or node while a new LSP
is being established at the headend.
global pool—The total bandwidth allocated to an MPLS traffic engineering link or node.
headend—The router that originates and maintains a given LSP. This is the first router in the LSP’s path.
hop—Passage of a data packet between two network nodes (for example, between two routers).
instance—A Hello instance implements the RSVP Hello extensions for a given router interface address
and remote IP address. Active Hello instances periodically send Hello Request messages, expecting
Hello ACK messages in response. If the expected Ack message is not received, the active Hello instance
declares that the neighbor (remote IP address) is unreachable (that is, it is lost). This can cause LSPs
crossing this neighbor to be fast rerouted.
interface—A network connection.
link—A point-to-point connection between adjacent nodes. There can be more than one link between
adjacent nodes. A network communications channel consisting of a circuit or transmission path and all
related equipment between a sender and a receiver. Sometimes referred to as a line or a transmission link.
LSP—label-switched path. A configured connection between two routers, in which label switching is
used to carry the packets. The purpose of an LSP is to carry data packets.
MPLS—Multiprotocol Label Switching. Packet-forwarding technology, used in the network core, that
applies data link layer labels to tell switching nodes how to forward data, resulting in faster and more
scalable forwarding than network layer routing normally can do.
NHOP—next hop. The next downstream node along an LSP’s path.
NHOP backup tunnel—next-hop backup tunnel. Backup tunnel terminating at the LSP’s next hop
beyond the point of failure, and originating at the hop immediately upstream of the point of failure. It
bypasses a failed link, and is used to protect primary LSPs that were using this link before the failure.
NNHOP—next-next hop. The node after the next downstream node along an LSP’s path.
NNHOP backup tunnel—next-next-hop backup tunnel. Backup tunnel terminating at the LSP’s
next-next hop beyond the point of failure, and originating at the hop immediately upstream of the point
of failure. It bypasses a failed link or node, and is used to protect primary LSPs that were using this link
or node before the failure.
node—Endpoint of a network connection or a junction common to two or more lines in a network. Nodes
can be interconnected by links, and serve as control points in the network. Computers on a network, or
any endpoint or a junction common to two or more lines in a network. Nodes can be processors,
controllers, or workstations.
primary LSP—The last LSP originally signaled over the protected interface before the failure. The LSP
before the failure.
primary tunnel—Tunnel whose LSP may be fast rerouted if there is a failure. Backup tunnels cannot
be primary tunnels.
protected interface—An interface that has one or more backup tunnels associated with it.
30
MPLS Traffic Engineering: BFD-triggered Fast Reroute
Glossary
redundancy—The duplication of devices, services, or connections so that, in the event of a failure, the
redundant devices, services, or connections can perform the work of those that failed.
RSVP—Resource Reservation Protocol. An IETF protocol used for signaling requests (setting up
reservations) for Internet services by a customer before that customer is permitted to transmit data over
that portion of the network.
state—Information that a router must maintain about each LSP. The information is used for rerouting
tunnels.
subpool—The more restrictive bandwidth in an MPLS traffic engineering link or node. The subpool is
a portion of the link or node’s overall global pool bandwidth.
tailend—The router upon which an LSP is terminated. This is the last router in the LSP’s path.
tunnel—Secure communications path between two peers, such as two routers.
unlimited backup bandwidth—Backup tunnels that provide no bandwidth (best-effort) protection (that
is, they provide best-effort protection).
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
31
MPLS Traffic Engineering: BFD-triggered Fast Reroute
Glossary
32
MPLS Traffic Engineering (TE)—IP Explicit
Address Exclusion
The MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion feature provides a means to
exclude a link or node from the path for a Multiprotocol Label Switching (MPLS) TE label switched
path (LSP).
The feature is enabled through the ip explicit-path command that allows you to create an IP explicit path
and enter a configuration submode for specifying the path. The feature adds to the submode commands
the exclude-address command for specifying addresses to exclude from the path.
If the excluded address for an MPLS TE LSP identifies a flooded link, the constraint-based shortest path
first (CSPF) routing algorithm does not consider that link when computing paths for the LSP. If the
excluded address specifies a flooded MPLS TE router ID, the CSPF routing algorithm does not allow
paths for the LSP to traverse the node identified by the router ID.
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion
Contents
Contents
• Prerequisites for MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion, page 2
• Restrictions for MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion, page 2
• Information About MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion, page 2
• How to Configure MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion, page 3
• Configuration Examples for MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion,
page 6
• Additional References, page 7
• Feature Information for MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion, page 9
• Glossary, page 10
2
MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion
How to Configure MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion
SUMMARY STEPS
1. enable
2. configure terminal
3. ip explicit-path {name path-name | identifier number} [enable | disable]
4. exclude-address ip-address
5. exit
6. exit
7. show ip explicit-path
3
MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion
How to Configure MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 ip explicit-path {name path-name | identifier Specifies the name or number of the explicit path, and
number} [enable | disable] enables the path, and enters explicit-path configuration
mode.
Example:
Router(config)# ip explicit-path name OmitR12
Step 4 exclude-address ip-address Excludes the specified link or node from consideration by
the constraint-based SPF.
Example: • The ip-address is a link address or the router ID for a
Router(cfg-ip-expl-path)# exclude-address node.
10.12.12.12
Step 5 exit Exits from explicit-path configuration mode, and returns to
global configuration mode.
Example:
Router(cfg-ip-expl-path)# exit
Step 6e exit Exits from global configuration mode, and returns to
privileged EXEC mode.
Example:
Router(config)# exit
Step 7 show ip explicit-path Displays information about configured IP explicit paths.
Example:
Router# show ip explicit-path
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel number
4. ip unnumbered loopback0
5. tunnel destination ip-address
4
MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion
How to Configure MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 interface tunnel number Configures an interface type and enters interface
configuration mode.
Example:
Router(config)# interface tunnel11
Step 4 ip unnumbered loopback0 Assigns the tunnel interface an IP address.
• An MPLS traffic engineering tunnel interface should be
Example: unnumbered because it represents a unidirectional link.
Router(config-if)# ip unnumbered loopback0
Step 5 tunnel destination ip-address Specifies the destination for a tunnel.
• The destination of the tunnel must be the MPLS traffic
Example: engineering router ID of the destination device.
Router(config-if)# tunnel destination
10.11.11.11
Step 6 tunnel mode mpls traffic-eng Sets the tunnel encapsulation mode to MPLS traffic
engineering.
Example:
Router(config-if)# tunnel mode mpls traffic-eng
Step 7 tunnel mpls traffic-eng bandwidth bandwidth Configures the bandwidth for the MPLS traffic engineering
tunnel.
Example:
Router(config-if)# tunnel mpls traffic-eng
bandwidth 100
5
MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion
Configuration Examples for MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion
Command Purpose
Step 8 tunnel mpls traffic-eng path-option number Configures the tunnel to use a named IP explicit path or a
{dynamic | explicit {name path-name | ID path dynamically calculated from the traffic engineering
path-number}} [lockdown]
topology database.
• A dynamic path is used if an explicit path is
Example: unavailable.
Router(config-if)# tunnel mpls traffic-eng
path-option 2 dynamic Note To configure a path option that specifies an exclude
address, specify the explicit keyword (not the
dynamic keyword) and specify an IP explicit path
configured according to the steps in the
“Configuring IP Explicit Address Exclusion”
section.
Step 9 exit Exits from interface configuration mode.
Example:
Router(config-if)# exit
Step 10 exit Exits to privileged EXEC mode.
Example:
Router(config)# exit
Step 11 show mpls traffic eng tunnels Shows information about tunnels, including the current
tunnel path if a tunnel is operational.
Example: • By viewing the command output, you can determine
Router# show mpls traffic eng tunnels the path that was used to build a tunnel. If you entered
the exclude-address command, the specified link or
node should not be listed.
6
MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion
Additional References
To verify the configuration of the explicit path, use the show ip explicit-path command.
show ip explicit-paths name OmitR12
PATH OmitR12 (loose source route, path complete, generation 3)
1: exclude-address 10.12.12.12
Note You must know the router IDs for LSRs (nodes) in the network; in this example, that 10.12.12.12 is a
router ID. Otherwise, it will not be apparent whether the specified address is the IP address of a link or
a router ID.
Note There are additional commands for configuring properties for TE tunnels such as bandwidth and priority.
For descriptions of those commands, refer to the Cisco IOS Multiprotocol Label Switching Command
Reference.
Additional References
The following sections provide references related to the MPLS Traffic Engineering (TE)—IP Explicit
Address Exclusion feature.
Related Documents
Related Topic Document Title
MPLS commands Cisco IOS Multiprotocol Label Switching Command Reference
MPLS configuration information Cisco IOS XE Multiprotocol Label Switching Configuration Guide
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
7
MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion
Additional References
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
No new or modified RFCs are supported by this —
feature, and support for existing RFCs has not been
modified by this feature.
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
8
MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion
Feature Information for MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
Table 1 Feature Information for MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion
9
MPLS Traffic Engineering (TE)—IP Explicit Address Exclusion
Glossary
Glossary
Cisco Express Forwarding—A means for accelerating the forwarding of packets within a router, by
storing route lookup information in several data structures instead of in a route cache.
IP explicit path—A list of IP addresses, each representing a node or link in the explicit path.
link—Network communications channel consisting of a circuit or transmission path and all related
equipment between a sender and a receiver. Sometimes referred to as a line or a transmission link.
MPLS—Multiprotocol Label Switching. Switching method that forwards IP traffic using a label. This
label instructs the routers and the switches in the network where to forward the packets based on
preestablished IP routing information.
node—Endpoint of a network connection or a junction common to two or more lines in a network. Nodes
can be interconnected by links, and serve as control points in the network.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
10
MPLS Layer 2 VPNs
Any Transport over MPLS
Any Transport over MPLS (AToM) transports data link layer (Layer 2) packets over a Multiprotocol
Label Switching (MPLS) backbone. AToM enables service providers to connect customer sites with
existing Layer 2 networks by using a single, integrated, packet-based network infrastructure—a Cisco
MPLS network. Instead of using separate networks with network management environments, service
providers can deliver Layer 2 connections over an MPLS backbone. AToM provides a common
framework to encapsulate and transport supported Layer 2 traffic types over an MPLS network core.
AToM supports the following like-to-like transport types:
• ATM Adaptation Layer Type-5 (AAL5) over MPLS
• ATM Cell Relay over MPLS
• Ethernet over MPLS (VLAN and port modes)
• Frame Relay over MPLS
• PPP over MPLS
• High-Level Data Link Control (HDLC) over MPLS
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
Any Transport over MPLS
Contents
Contents
• Prerequisites for Any Transport over MPLS, page 2
• Restrictions for Any Transport over MPLS, page 2
• Information About Any Transport over MPLS, page 3
• How to Configure Any Transport over MPLS, page 12
• Configuration Examples for Any Transport over MPLS, page 68
• Additional References, page 77
• Feature Information for Any Transport over MPLS, page 80
2
Any Transport over MPLS
Information About Any Transport over MPLS
3
Any Transport over MPLS
Information About Any Transport over MPLS
The following example shows the basic configuration steps on a PE router that enable the transport of
Layer 2 packets. Each transport type has slightly different steps.
Step 1 defines the interface or subinterface on the PE router:
Router# interface interface-type interface-number
Step 2 specifies the encapsulation type for the interface, such as dot1q:
Router(config-if)# encapsulation encapsulation-type
As an alternative, you can set up a pseudowire class to specify the tunneling method and other
characteristics. For more information, see the “Configuring the Pseudowire Class” section on page 13.
Benefits of AToM
The following list explains some of the benefits of enabling Layer 2 packets to be sent in the MPLS
network:
• The AToM product set accommodates many types of Layer 2 packets, including Ethernet and Frame
Relay, across multiple Cisco router platforms. This enables the service provider to transport all types
of traffic over the backbone and accommodate all types of customers.
• AToM adheres to the standards developed for transporting Layer 2 packets over MPLS. (See the
“Standards” section on page 77 for the specific standards that AToM follows.) This benefits the
service provider that wants to incorporate industry-standard methodologies in the network. Other
Layer 2 solutions are proprietary, which can limit the service provider’s ability to expand the
network and can force the service provider to use only one vendor’s equipment.
• Upgrading to AToM is transparent to the customer. Because the service provider network is separate
from the customer network, the service provider can upgrade to AToM without disruption of service
to the customer. The customers assume that they are using a traditional Layer 2 backbone.
4
Any Transport over MPLS
Information About Any Transport over MPLS
Note This command does not display output on platforms where AToM fast reroute is implemented in the
forwarding code.
In the following example, the primary link is disabled, which causes the backup tunnel (Tunnel 1) to
become the primary path. In the following example, bolded output show the status of the tunnel:
Router# execute-on slot 3 debug mpls l2transport fast-reroute
Edge MTU
The edge MTU is the MTU for the customer-facing interfaces.
Transport Header
The Transport header depends on the transport type. Table 1 lists the specific sizes of the headers.
5
Any Transport over MPLS
Information About Any Transport over MPLS
AToM Header
The AToM header is 4 bytes (control word). The control word is optional for Ethernet, PPP, HDLC, and
cell relay transport types. However, the control word is required for Frame Relay and ATM AAL5
transport types.
You must configure the P and PE routers in the core to accept packets of 1526 bytes.
Once you determine the MTU size to set on your P and PE routers, you can issue the mtu command on
the routers to set the MTU size. The following example specifies an MTU of 1526 bytes:
Router(config-if)# mtu 1526
6
Any Transport over MPLS
Information About Any Transport over MPLS
Caution Although you can set the MPLS MTU to a value greater than the interface MTU, set the MPLS MTU
less than or equal to the interface MTU to prevent data corruption, dropped packets, and high CPU rates.
If the interface MTU is greater than or equal to 1524 bytes, then you can set the maximum MPLS MTU
as high as the interface MTU. For example, if the interface MTU is set to 1600 bytes, then you can set
the MPLS MTU to a maximum of 1600 bytes. If you set the MPLS MTU higher than the interface MTU,
traffic is dropped.
For interfaces that do not allow you to configure the interface MTU value and the interface MTU is
1500 bytes, the MPLS MTU range is 64 to 1524 bytes.
Frame Relay over MPLS and DTE, DCE, and NNI Connections
You can configure an interface as a DTE device or a DCE switch, or as a switch connected to a switch
with network-to-network interface (NNI) connections. Use the following command in interface
configuration mode:
frame-relay intf-type [dce | dte | nni]
The keywords are explained in Table 2.
.
Table 2 frame-relay intf-type Command Keywords
Keyword Description
dce Enables the router or access server to function as a switch connected to a router.
dte Enables the router or access server to function as a DTE device. DTE is the default.
nni Enables the router or access server to function as a switch connected to a switch.
To determine the PVC status, LMI checks that a PVC is available from the reporting device to the Frame
Relay end-user device. If a PVC is available, LMI reports that the status is “Active,” which means that
all interfaces, line protocols, and core segments are operational between the reporting device and the
Frame Relay end-user device. If any of those components is not available, the LMI reports a status of
“Inactive.”
7
Any Transport over MPLS
Information About Any Transport over MPLS
Note Only the DCE and NNI interface types can report LMI status.
59525
CE1 PE1 P PE2 CE2
DLCI-to-DLCI Connections
If you have DLCI-to-DLCI connections, LMI runs locally on the Frame Relay ports between the PE and
CE devices:
• CE1 sends an active status to PE1 if the PVC for CE1 is available. If CE1 is a switch, LMI checks
that the PVC is available from CE1 to the user device attached to CE1.
• PE1 sends an active status to CE1 if the following conditions are met:
– A PVC for PE1 is available.
– PE1 received an MPLS label from the remote PE router.
– An MPLS tunnel label exists between PE1 and the remote PE.
For DTE or DCE configurations, the following LMI behavior exists: The Frame Relay device accessing
the network (DTE) does not report PVC status. Only the network device (DCE) or NNI can report status.
Therefore, if a problem exists on the DTE side, the DCE is not aware of the problem.
Port-to-Port Connections
If you have port-to-port connections, the PE routers do not participate in the LMI status-checking
procedures. LMI operates between the CE routers only. The CE routers must be configured as DCE-DTE
or NNI-NNI.
8
Any Transport over MPLS
Information About Any Transport over MPLS
9
Any Transport over MPLS
Information About Any Transport over MPLS
10
Any Transport over MPLS
Information About Any Transport over MPLS
Table 5 QoS Features Supported with ATM Cell Relay and AAL5 over MPLS
11
Any Transport over MPLS
How to Configure Any Transport over MPLS
192856
Customer Edge 1 Provider Edge 1 Provider Edge 2 Customer Edge 2
Previous to this feature, the Provider Edge 2 router could not detect a failed remote link. Traffic
forwarded from Customer Edge 2 to Customer Edge 1 would be lost until routing or spanning tree
protocols detected the down remote link. If the link was configured with static routing, the remote link
outage would be even more difficult to detect.
With Book Title, the Provider Edge 2 router detects the remote link failure and causes a shutdown of the
local Customer Edge 2 Ethernet port. When the remote L2 tunnel link is restored, the local interface is
automatically restored as well. The possibility of data loss is thus diminished.
With reference to Figure 2, the Remote Ethernet Shutdown sequence is generally described as follows:
1. The remote link between Customer Edge 1 and Provider Edge 1 fails.
2. Provider Edge 2 detects the remote link failure and disables the transmit laser on the line card
interface connected to Customer Edge 2.
3. An RX_LOS error alarm is received by Customer Edge 2 causing Customer Edge 2 to bring down
the interface.
4. Provider Edge 2 maintains its interface with Customer Edge 2 in an up state.
5. When the remote link and EoMPLS connection is restored, the Provider Edge 2 router enables the
transmit laser.
6. The Customer Edge 2 router brings up its downed interface.
The Book Title feature is enabled by default for Ethernet over MPLS (EoMPLS), and can be disabled
using no remote link failure notification command in the xconnect configuration mode. Use the show
ip interface brief privileged EXEC command to display the status of all remote L2 tunnel links. Use the
show interface slot/number privileged EXEC command to show the status of the L2 tunnel on a specific
interface.
Note The no remote link failure notification command will not give notification to clients for remote
attachment circuit status down.
12
Any Transport over MPLS
How to Configure Any Transport over MPLS
Note In simple configurations, this task is optional. You do not need to specify a pseudowire class if you
specify the tunneling method as part of the xconnect command.
The pseudowire-class configuration group specifies the following characteristics of the tunneling
mechanism:
• Encapsulation type
• Control protocol
• Payload-specific options
You must specify the encapsulation mpls command as part of the pseudowire class or as part of the
xconnect command for the AToM VCs to work properly. If you omit the encapsulation mpls command
as part of the xconnect command, you receive the following error:
% Incomplete command.
Once you specify the encapsulation mpls command, you cannot remove it using the no encapsulation
mpls command. Nor can you change the command's setting using the encapsulation l2tpv3 command.
Those methods result in the following error message:
Encapsulation changes are not allowed on an existing pw-class.
13
Any Transport over MPLS
How to Configure Any Transport over MPLS
To remove the command, you must delete the pseudowire with the no pseudowire-class command. To
change the type of encapsulation, remove the pseudowire with the no pseudowire-class command and
reestablish the pseudowire and specify the new encapsulation type.
SUMMARY STEPS
1. enable
2. configure terminal
3. pseudowire-class name
4. encapsulation mpls
DETAILED STEPS
Example:
Router# configure terminal
Step 3 pseudowire-class name Establishes a pseudowire class with a name that you specify and enters
pseudowire class configuration mode.
Example:
Router(config)# pseudowire-class atom
Step 4 encapsulation mpls Specifies the tunneling encapsulation.
Example:
Router(config-pw)# encapsulation mpls
Restrictions
AAL5 over MPLS is supported only in SDU mode.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface]
14
Any Transport over MPLS
How to Configure Any Transport over MPLS
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type slot/subslot/port[.subinterface] Specifies the interface type and enters interface
configuration mode.
Example:
Router(config)# interface atm1/0/0
Step 4 pvc [name] vpi/vci l2transport Creates or assigns a name to an ATM PVC and enters
L2transport configuration mode.
Example: • The l2transport keyword indicates that the PVC is
Router(config-if)# pvc 1/200 l2transport a switched PVC instead of a terminated PVC.
Step 5 encapsulation aal5 Specifies ATM AAL5 encapsulation for the PVC. Make
sure you specify the same encapsulation type on the PE
and customer edge (CE) routers.
Example:
Router(config-if-atm-l2trans-pvc)# encapsulation
aal5
Step 6 xconnect peer-router-id vcid encapsulation mpls Binds the attachment circuit to a pseudowire VC.
Example:
Router(config-if-atm-l2trans-pvc)# xconnect
10.13.13.13 100 encapsulation mpls
Step 7 exit Exits L2transport configuration mode.
Example:
Router(config-if-atm-l2trans-pvc)# exit
15
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(config-if)# exit
Step 9 exit Exits global configuration mode.
Example:
Router(config)# exit
Step 10 show mpls l2transport vc Displays output that shows ATM AAL5 over MPLS is
configured on a PVC.
Example:
Router# show mpls l2transport vc
Examples
The following example enables ATM AAL5 over MPLS on an ATM PVC:
enable
configure terminal
interface atm1/0/0
pvc 1/200 l2transport
encapsulation aal5
xconnect 10.13.13.13 100 encapsulation mpls
The following is example output from the show mpls l2transport vc, which shows that ATM AAL5 over
MPLS is configured on a PVC:
Router# show mpls l2transport vc
Restriction
AAL5 over MPLS is supported only in SDU mode.
SUMMARY STEPS
1. enable
2. configure terminal
3. vc-class atm vc-class-name
4. encapsulation layer-type
16
Any Transport over MPLS
How to Configure Any Transport over MPLS
5. exit
6. interface type slot/subslot/port[.subinterface]
7. class-int vc-class-name
8. pvc [name] vpi/vci l2transport
9. xconnect peer-router-id vcid encapsulation mpls
10. exit
11. exit
12. exit
13. show atm class-links
DETAILED STEPS
Example:
Router# configure terminal
Step 3 vc-class atm vc-class-name Creates a VC class and enters VC class configuration
mode.
Example:
Router(config)# vc-class atm aal5class
Step 4 encapsulation layer-type Configures the AAL and encapsulation type.
Example:
Router(config-vc-class)# encapsulation aal5
Step 5 exit Exits VC class configuration mode.
Example:
Router(config-vc-class)# exit
Step 6 interface type slot/subslot/port[.subinterface] Specifies the interface type enters interface configuration
mode.
Example:
Router(config)# interface atm1/0/0
Step 7 class-int vc-class-name Applies a VC class to the ATM main interface or
subinterface.
Example: Note You can also apply a VC class to a PVC.
Router(config-if)# class-int aal5class
17
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(config-if-atm-l2trans-pvc)# xconnect
10.13.13.13 100 encapsulation mpls
Step 10 exit Exits L2transport configuration mode.
Example:
Router(config-if-atm-l2trans-pvc)# exit
Step 11 exit Exits interface configuration mode.
Example:
Router(config-if)# exit
Step 12 exit Exits global configuration mode.
Example:
Router(config)# exit
Step 13 show atm class-links Displays the type of encapsulation and that the VC class
was applied to an interface.
Example:
Router# show atm class-links
Examples
The following example configures ATM AAL5 over MPLS in VC class configuration mode. The VC
class is then applied to an interface.
enable
configure terminal
vc-class atm aal5class
encapsulation aal5
interface atm1/0/0
class-int aal5class
pvc 1/200 l2transport
xconnect 10.13.13.13 100 encapsulation mpls
The following example configures ATM AAL5 over MPLS in VC class configuration mode. The VC
class is then applied to a PVC.
enable
configure terminal
vc-class atm aal5class
encapsulation aal5
interface atm1/0/0
pvc 1/200 l2transport
class-vc aal5class
xconnect 10.13.13.13 100 encapsulation mpls
18
Any Transport over MPLS
How to Configure Any Transport over MPLS
In the following example, the command output of the show atm class-links command verifies that ATM
AAL5 over MPLS is configured as part of a VC class. The command output shows the type of
encapsulation and that the VC class was applied to an interface.
Router# show atm class-links 1/100
Configuring OAM Cell Emulation for ATM AAL5 over MPLS on PVCs
Perform this task to configure OAM cell emulation for ATM AAL5 over MPLS on a PVC.
Note For AAL5 over MPLS, you can configure the oam-pvc manage command only after you issue the
oam-ac emulation-enable command.
19
Any Transport over MPLS
How to Configure Any Transport over MPLS
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface]
4. pvc [name] vpi/vci l2transport
5. encapsulation aal5
6. xconnect peer-router-id vcid encapsulation mpls
7. oam-ac emulation-enable [ais-rate]
8. oam-pvc manage [frequency]
9. exit
10. exit
11. exit
12. show atm pvc
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type slot/subslot/port[.subinterface] Specifies the interface type enters interface configuration
mode.
Example:
Router(config)# interface atm1/0/0
Step 4 pvc [name] vpi/vci l2transport Creates or assigns a name to an ATM PVC and enters
L2transport VC configuration mode.
Example: • The l2transport keyword indicates that the PVC is
Router(config-if)# pvc 1/200 l2transport a switched PVC instead of a terminated PVC.
Step 5 encapsulation aal5 Specifies ATM AAL5 encapsulation for the PVC. Make
sure you specify the same encapsulation type on the PE
and CE routers.
Example:
Router(config-if-atm-l2trans-pvc)# encapsulation
aal5
Step 6 xconnect peer-router-id vcid encapsulation mpls Binds the attachment circuit to a pseudowire VC.
Example:
Router(config-if-atm-l2trans-pvc)# xconnect
10.13.13.13 100 encapsulation mpls
20
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(config-if-atm-l2trans-pvc)# exit
Step 10 exit Exits interface configuration mode.
Example:
Router(config-if)# exit
Step 11 exit Exits global configuration mode.
Example:
Router(config)# exit
Step 12 show atm pvc Displays output that shows OAM cell emulation is
enabled on the ATM PVC.
Example:
Router# show atm pvc
Examples
The following example enables OAM cell emulation on an ATM PVC:
interface ATM 1/0/0
pvc 1/200 l2transport
encapsulation aal5
xconnect 10.13.13.13 100 encapsulation mpls
oam-ac emulation-enable
oam-pvc manage
The following example sets the rate at which an AIS cell is sent every 30 seconds:
interface ATM 1/0/0
pvc 1/200 l2transport
encapsulation aal5
xconnect 10.13.13.13 100 encapsulation mpls
oam-ac emulation-enable 30
oam-pvc manage
The output of the show atm pvc command in the following example shows that OAM cell emulation is
enabled on the ATM PVC:
Router# show atm pvc 5/500
21
Any Transport over MPLS
How to Configure Any Transport over MPLS
Configuring OAM Cell Emulation for ATM AAL5 over MPLS in VC Class Configuration Mode
The following steps explain how to configure OAM cell emulation as part of a VC class. You can then
apply the VC class to an interface, a subinterface, or a VC. When you configure OAM cell emulation in
VC class configuration mode and then apply the VC class to an interface, the settings in the VC class
apply to all the VCs on the interface, unless you specify a different OAM cell emulation value at a lower
level, such as the subinterface or VC level. For example, you can create a VC class that specifies OAM
cell emulation and sets the rate of AIS cells to every 30 seconds. You can apply the VC class to an
interface. Then, for one PVC, you can enable OAM cell emulation and set the rate of AIS cells to every
15 seconds. All the PVCs on the interface use the cell rate of 30 seconds, except for the one PVC that
was set to 15 seconds.
Perform this task to enable OAM cell emulation as part of a VC class and apply it to an interface.
Note For AAL5 over MPLS, you can configure the oam-pvc manage command only after you issue the
oam-ac emulation-enable command.
SUMMARY STEPS
1. enable
2. configure terminal
3. vc-class atm name
4. encapsulation layer-type
5. oam-ac emulation-enable [ais-rate]
6. oam-pvc manage [frequency]
7. exit
8. interface type slot/subslot/port[.subinterface]
9. class-int vc-class-name
10. pvc [name] vpi/vci l2transport
22
Any Transport over MPLS
How to Configure Any Transport over MPLS
DETAILED STEPS
Example:
Router# configure terminal
Step 3 vc-class atm name Creates a VC class and enters VC class configuration
mode.
Example:
Router(config)# vc-class atm oamclass
Step 4 encapsulation layer-type Configures the AAL and encapsulation type.
Example:
Router(config-vc-class)# encapsulation aal5
Step 5 oam-ac emulation-enable [ais-rate] Enables OAM cell emulation for AAL5 over MPLS. The
ais-rate argument lets you specify the rate at which AIS
cells are sent. The default is one cell every second. The
Example:
Router(config-vc-class)# oam-ac emulation-enable
range is 0 to 60 seconds.
30
Step 6 oam-pvc manage [frequency] Enables the PVC to generate end-to-end OAM loopback
cells that verify connectivity on the virtual circuit.
Example: The optional frequency argument is the interval between
Router(config-vc-class)# oam-pvc manage transmission of loopback cells and ranges from 0 to
600 seconds. The default value is 10 seconds.
Step 7 exit Exits VC class configuration mode.
Example:
Router(config-vc-class)# exit
Step 8 interface type slot/subslot/port[.subinterface] Specifies the interface type and enters interface
configuration mode.
Example:
Router(config)# interface atm1/0/0
Step 9 class-int vc-class-name Applies a VC class to the ATM main interface or
subinterface.
Example: Note You can also apply a VC class to a PVC.
Router(config-if)# class-int oamclass
23
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(config-if-atm-l2trans-pvc)# xconnect
10.13.13.13 100 encapsulation mpls
Examples
The following example configures OAM cell emulation for ATM AAL5 over MPLS in VC class
configuration mode. The VC class is then applied to an interface.
enable
configure terminal
vc-class atm oamclass
encapsulation aal5
oam-ac emulation-enable 30
oam-pvc manage
interface atm1/0/0
class-int oamclass
pvc 1/200 l2transport
xconnect 10.13.13.13 100 encapsulation mpls
The following example configures OAM cell emulation for ATM AAL5 over MPLS in VC class
configuration mode. The VC class is then applied to a PVC.
enable
configure terminal
vc-class atm oamclass
encapsulation aal5
oam-ac emulation-enable 30
oam-pvc manage
interface atm1/0/0
pvc 1/200 l2transport
class-vc oamclass
xconnect 10.13.13.13 100 encapsulation mpls
The following example configures OAM cell emulation for ATM AAL5 over MPLS in VC class
configuration mode. The VC class is then applied to an interface. One PVC is configured with OAM cell
emulation at an AIS rate of 10. That PVC uses the AIS rate of 10 instead of 30.
enable
configure terminal
vc-class atm oamclass
encapsulation aal5
oam-ac emulation-enable 30
oam-pvc manage
interface atm1/0/0
class-int oamclass
pvc 1/200 l2transport
oam-ac emulation-enable 10
xconnect 10.13.13.13 100 encapsulation mpls
24
Any Transport over MPLS
How to Configure Any Transport over MPLS
SUMMARY STEPS
1. enable
2. configure terminal
3. interface atm slot/subslot/port[.subinterface]
4. pvc vpi/vci l2transport
5. encapsulation aal0
6. xconnect peer-router-id vcid encapsulation mpls
7. exit
8. exit
9. exit
10. show atm vc
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface atm slot/subslot/port[.subinterface] Specifies an ATM interface and enters interface
configuration mode.
Example:
Router(config)# interface atm1/0/0
Step 4 pvc vpi/vci l2transport Assigns a virtual path identifier (VPI) and virtual circuit
identifier (VCI) and enters L2transport VC configuration
mode.
Example:
Router(config-if)# pvc 0/100 l2transport • The l2transport keyword indicates that the PVC is a
switched PVC instead of a terminated PVC.
Step 5 encapsulation aal0 For ATM cell relay, specifies raw cell encapsulation for the
interface. Make sure you specify the same encapsulation
type on the PE and CE routers.
Example:
Router(config-if-atm-l2trans-pvc)#
encapsulation aal0
25
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(config-if-atm-l2trans-pvc)# xconnect
10.13.13.13 100 encapsulation mpls
Step 7 exit Exits L2transport configuration mode.
Example:
Router(config-if-atm-l2trans-pvc)# exit
Step 8 exit Exits interface configuration mode.
Example:
Router(config-if)# exit
Step 9 exit Exits global configuration mode.
Example:
Router(config)# exit
Step 10 show atm vc Verifies that OAM cell emulation is enabled on the ATM
VC.
Example:
Router# show atm vc
Example
The output of the following show atm vc command shows that the interface is configured for VC mode
cell relay:
Router# show atm vc 7
Note You can configure VC class configuration mode only in VC mode. VC class configuration mode is not
supported on VP or port mode.
26
Any Transport over MPLS
How to Configure Any Transport over MPLS
SUMMARY STEPS
1. enable
2. configure terminal
3. vc-class atm name
4. encapsulation layer-type
5. exit
6. interface type slot/subslot/port[.subinterface]
7. class-int vc-class-name
8. pvc [name] vpi/vci l2transport
9. xconnect peer-router-id vcid encapsulation mpls
DETAILED STEPS
Example:
Router# configure terminal
Step 3 vc-class atm name Creates a VC class and enters VC class configuration
mode.
Example:
Router(config)# vc-class atm cellrelay
Step 4 encapsulation layer-type Configures the AAL and encapsulation type.
Example:
Router(config-vc-class)# encapsulation aal0
Step 5 exit Exits VC class configuration mode.
Example:
Router(config-vc-class)# exit
Step 6 interface type slot/subslot/port[.subinterface] Specifies the interface type and enters interface
configuration mode.
Example:
Router(config)# interface atm1/0/0
Step 7 class-int vc-class-name Applies a VC class to the ATM main interface or
subinterface.
Example: Note You can also apply a VC class to a PVC.
Router(config-if)# class-int cellrelay
27
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(config-if-atm-l2trans-pvc)# xconnect
10.13.13.13 100 encapsulation mpls
Examples
The following example configures ATM cell relay over MPLS in VC class configuration mode. The VC
class is then applied to an interface.
enable
configure terminal
vc-class atm cellrelay
encapsulation aal0
interface atm1/0/0
class-int cellrelay
pvc 1/200 l2transport
xconnect 10.13.13.13 100 encapsulation mpls
The following example configures ATM cell relay over MPLS in VC class configuration mode. The VC
class is then applied to a PVC.
enable
configure terminal
vc-class atm cellrelay
encapsulation aal0
interface atm1/0/0
pvc 1/200 l2transport
class-vc cellrelay
xconnect 10.13.13.13 100 encapsulation mpls
28
Any Transport over MPLS
How to Configure Any Transport over MPLS
• VP trunking (mapping multiple VPs to one emulated VC label) is not supported. Each VP is mapped
to one emulated VC.
• Each VP is associated with one unique emulated VC ID. The AToM emulated VC type is ATM VP
cell transport.
• The AToM control word is supported. However, if a peer PE does not support the control word, it is
disabled. This negotiation is done by LDP label binding.
• VP mode (and VC mode) drop idle cells.
Perform this task to configure ATM cell relay in PVP mode.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface atm slot/subslot/port[.subinterface]
4. atm pvp vpi l2transport
5. xconnect peer-router-id vcid encapsulation mpls
6. exit
7. exit
8. exit
9. show atm vp
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface atm Defines the interface and enters interface configuration mode.
slot/subslot/port[.subinterface]
Example:
Router(config)# interface atm1/0/0
Step 4 atm pvp vpi l2transport Specifies that the PVP is dedicated to transporting ATM cells and
enters l2transport PVP configuration submode.
Example: The l2transport keyword indicates that the PVP is for cell relay.
Router(config-if)# atm pvp 1 l2transport This submode is for Layer 2 transport only; it is not for regular
PVPs.
29
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(config-if-atm-l2trans-pvp)#
xconnect 10.0.0.1 123 encapsulation mpls
Step 6 exit Exits L2transport configuration mode.
Example:
Router(config-if-atm-l2trans-pvc)# exit
Step 7 exit Exits interface configuration mode.
Example:
Router(config-if)# exit
Step 8 exit Exits global configuration mode.
Example:
Router(config)# exit
Step 9 show atm vp Displays output that shows OAM cell emulation is enabled on the
ATM VP.
Example:
Router# show atm vp
Examples
The following example transports single ATM cells over a virtual path:
pseudowire-class vp-cell-relay
encapsulation mpls
interface atm 5/0
atm pvp 1 l2transport
xconnect 10.0.0.1 123 pw-class vp-cell-relay
The following show atm vp command in the following example shows that the interface is configured
for VP mode cell relay:
Router# show atm vp 1
ATM5/0 VPI: 1, Cell Relay, PeakRate: 149760, CesRate: 0, DataVCs: 1, CesVCs: 0, Status:
ACTIVE
30
Any Transport over MPLS
How to Configure Any Transport over MPLS
SUMMARY STEPS
1. enable
2. configure terminal
3. interface atm slot/subslot/port[.subinterface]
4. xconnect peer-router-id vcid encapsulation mpls
5. exit
6. exit
7. show atm route
8. show mpls l2transport vc
DETAILED STEPS
Example:
Router# configure terminal
31
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(config-if)# xconnect 10.0.0.1 123
encapsulation mpls
Step 5 exit Exits interface configuration mode.
Example:
Router(config-if)# exit
Step 6 exit Exits global configuration mode.
Example:
Router(config)# exit
Step 7 show atm route Displays output that shows ATM cell relay in port mode
has been enabled.
Example:
Router# show atm route
Step 8 show mpls l2transport vc Displays the attachment circuit and the interface.
Example:
Router# show mpls l2transport vc
Examples
The following example shows interface ATM 5/0/0 configured to transport ATM cell relay packets:
pseudowire-class atm-cell-relay
encapsulation mpls
interface atm 5/0/0
xconnect 10.0.0.1 123 pw-class atm-cell-relay
The show atm route command in the following example displays port mode cell relay state. The
following example shows that atm interface 1/0/0 is for cell relay, the VC ID is 123 and the tunnel is
down.
Router# show atm route
The show mpls l2transport vc command in the following example also shows configuration
information.
32
Any Transport over MPLS
How to Configure Any Transport over MPLS
Troubleshooting Tips
The debug atm l2transport and debug mpls l2transport vc display troubleshooting information.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface atm slot/subslot/port[.subinterface]
4. pvc vpi/vci l2transport
5. encapsulation aal0
6. xconnect peer-router-id vcid encapsulation mpls
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface atm slot/subslot/port[.subinterface] Specifies an ATM interface and enters interface
configuration mode.
Example:
Router(config)# interface atm1/0/0
33
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(config-if-atm-l2trans-pvc)# xconnect
10.0.0.1 123 encapsulation mpls
Restrictions
• The cell-packing command is available only if you use AAL0 encapsulation in VC mode. If the
command is configured with ATM AAL5 encapsulation, the command is not valid.
• Only cells from the same VC, VP, or port can be packed into one MPLS packet. Cells from different
connections cannot be concatenated into the same MPLS packet.
• When you change, enable, or disable the cell-packing attributes, the ATM VC, VP, or port and the
MPLS emulated VC are reestablished.
• If a PE router does not support packed cell relay, the PE router sends only one cell per MPLS packet.
• The number of packed cells does not need to match between the PE routers. The two PE routers
agree on the lower of the two values. For example, if PE1 is allowed to pack 10 cells per MPLS
packet and PE2 is allowed to pack 20 cells per MPLS packet, the two PE routers would agree to send
no more than 10 cells per packet.
• If the number of cells packed by the peer PE router exceeds the limit, the packet is dropped.
• Issue the atm mcpt-timers command on an ATM interface before issuing the cell-packing
command.
34
Any Transport over MPLS
How to Configure Any Transport over MPLS
SUMMARY STEPS
1. enable
2. configure terminal
3. interface atm slot/subslot/port[.subinterface]
4. shutdown
5. atm mcpt-timers [timer1-timeout timer2-timeout timer3-timeout]
6. no shutdown
7. pvc vpi/vci l2transport
8. encapsulation aal0
9. xconnect peer-router-id vcid encapsulation mpls
10. cell-packing [cells] [mcpt-timer timer]
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface atm slot/subslot/port[.subinterface] Specifies an ATM interface and enters interface
configuration mode.
Example:
Router(config)# interface atm1/0/0
Step 4 shutdown Shuts down the interface.
Example:
Router(config-if)# shutdown
35
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(config-if)# no shutdown
Step 7 pvc vpi/vci l2transport Assigns a VPI and VCI and enters L2transport VC
configuration mode.
Example: • The l2transport keyword indicates that the PVC is a
Router(config-if)# pvc 1/100 l2transport switched PVC instead of a terminated PVC.
Step 8 encapsulation aal0 Specifies raw cell encapsulation for the interface. Make
sure you specify the same encapsulation type on the PE
routers.
Example:
Router(config-if-atm-l2trans-pvc)#
encapsulation aal0
36
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(config-if-atm-l2trans-pvc)# xconnect
10.0.0.1 123 encapsulation mpls
Step 10 cell-packing [cells] [mcpt-timer timer] Enables cell packing and specifies the cell-packing
parameters.
Example: The cells argument represents the maximum number of
Router(config-if-atm-l2trans-pvc)# cell-packing cells to be packed into an MPLS packet. The range is from
10 mcpt-timer 1 2 to the MTU of the interface divided by 52. The default is
MTU/52.
The timer argument allows you to specify which timer to
use. The default is timer 1.
See the cell-packing command page for more information.
Examples
The following example shows that ATM PVC 1/100 is an AToM cell relay PVC. There are three timers
set up, with values of 1000 milliseconds, 800 milliseconds, and 500 milliseconds, respectively. The
cell-packing command specifies that five ATM cells are to be packed into an MPLS packet. The
cell-packing command also specifies that timer 1 is to be used.
interface atm 1/0/0
shutdown
atm mcpt-timer 1000 800 500
no shutdown
pvc 1/100 l2transport
encapsulation aal0
xconnect 10.0.0.1 123 encapsulation mpls
cell-packing 5 mcpt-timer 1
Configuring ATM Packed Cell Relay over MPLS in VC Mode Using VC Class Configuration Mode
You can create a VC class that specifies the ATM cell relay encapsulation and the cell packing
parameters and then attach the VC class to an interface, subinterface, or VC. The following task creates
a VC class that specifies the ATM cell relay encapsulation and cell packing and attaches it to a main
interface.
Note You can configure VC class configuration mode only in VC mode. VC class configuration mode is not
supported on VP or port mode.
When you configure cell packing in VC class configuration mode and then apply the VC class to an
interface, the settings in the VC class apply to all the VCs on the interface, unless you specify a different
cell packing value at a lower level, such as the subinterface or VC level. For example, you can create a
VC class that specifies three cells to be packed. You can apply the VC class to an interface. Then, for
one PVC, you can specify two cells to be packed. All the PVCs on the interface pack three cells, except
for the one PVC that was set to set two cells.
37
Any Transport over MPLS
How to Configure Any Transport over MPLS
SUMMARY STEPS
1. enable
2. configure terminal
3. vc-class atm name
4. encapsulation layer-type
5. cell-packing [cells] [mcpt-timer timer]
6. exit
7. interface atm slot/subslot/port[.subinterface]
8. shutdown
9. atm mcpt-timers [timer1-timeout timer2-timeout timer3-timeout]
10. no shutdown
11. class-int vc-class-name
12. pvc [name] vpi/vci l2transport
13. xconnect peer-router-id vcid encapsulation mpls
DETAILED STEPS
Example:
Router# configure terminal
Step 3 vc-class atm name Creates a VC class and enters VC class configuration
mode.
Example:
Router(config)# vc-class atm cellpacking
Step 4 encapsulation layer-type Configures the AAL and encapsulation type.
Example:
Router(config-vc-class)# encapsulation aal0
38
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(config-vc-class)# exit
Step 7 interface atm slot/subslot/port[.subinterface] Specifies the ATM interface and enters interface
configuration mode.
Example:
Router(config)# interface atm1/0/0
Step 8 shutdown Shuts down the interface.
Example:
Router(config-if)# shutdown
39
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(config-if)# no shutdown
Step 11 class-int vc-class-name Applies a VC class to the ATM main interface or
subinterface.
Example: Note You can also apply a VC class to a PVC.
Router(config-if)# class-int cellpacking
Step 12 pvc [name] vpi/vci l2transport Creates or assigns a name to an ATM PVC and enters
L2transport VC configuration mode.
Example: • The l2transport keyword indicates that the PVC is
Router(config-if)# pvc 1/200 l2transport a switched PVC instead of a terminated PVC.
Step 13 xconnect peer-router-id vcid encapsulation mpls Binds the attachment circuit to a pseudowire VC.
Example:
Router(config-if-atm-l2trans-pvc)# xconnect
10.13.13.13 100 encapsulation mpls
40
Any Transport over MPLS
How to Configure Any Transport over MPLS
Examples
The following example configures with cell packing in VC class configuration mode. The VC class is
then applied to an interface.
enable
configure terminal
vc-class atm cellpacking
encapsulation aal0
cell-packing 10 mcpt-timer 1
interface atm1/0/0
shutdown
atm mcpt-timers 100 200 250
no shutdown
class-int cellpacking
pvc 1/200 l2transport
xconnect 10.13.13.13 100 encapsulation mpls
The following example configures in VC class configuration mode. The VC class is then applied to a
PVC.
enable
configure terminal
vc-class atm cellpacking
encapsulation aal0
cell-packing 10 mcpt-timer 1
interface atm1/0/0
shutdown
atm mcpt-timers 100 200 250
no shutdown
pvc 1/200 l2transport
class-vc cellpacking
xconnect 10.13.13.13 100 encapsulation mpls
SUMMARY STEPS
1. enable
2. configure terminal
3. interface atm slot/subslot/port[.subinterface]
4. shutdown
5. atm mcpt-timers [timer1-timeout timer2-timeout timer3-timeout]
6. no shutdown
7. atm pvp vpi l2transport
8. xconnect peer-router-id vcid encapsulation mpls
9. cell-packing [cells] [mcpt-timer timer]
41
Any Transport over MPLS
How to Configure Any Transport over MPLS
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface atm Specifies the ATM interface and enters interface configuration
slot/subslot/port[.subinterface] mode.
Example:
Router(config)# interface atm1/0/0
Step 4 shutdown Shuts down the interface.
Example:
Router(config-if)# shutdown
Step 5 atm mcpt-timers [timer1-timeout Sets up the cell-packing timers, which specify how long the PE
timer2-timeout timer3-timeout] router can wait for cells to be packed into an MPLS packet.
You can set up to three timers. For each timer, you specify the
Example: MCPT. This value gives the cell-packing function a limited
Router(config-if)# atm mcpt-timers 100 amount of time to complete. If the timer expires before the
200 250
maximum number of cells are packed into an AToM packet, the
packet is sent anyway. The timeout’s default and range of
acceptable values depends on the ATM link speed.
The respective default values for the PA-A3 port adapters are:
• OC-3: 30, 60, and 90 microseconds
• T3: 100, 200, and 300 microseconds
• E3: 130, 260, and 390 microseconds
You can specify either the number of microseconds or use the
default.
The respective range of values for the PA-A3 port adapters are:
• OC-3: 10 to 4095 microseconds
• T3: 30 to 4095 microseconds
• E3: 40 to 4095 microseconds
Step 6 no shutdown Enables the interface.
Example:
Router(config-if)# no shutdown
42
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(cfg-if-atm-l2trans-pvp)# xconnect
10.0.0.1 123 encapsulation mpls
Step 9 cell-packing [cells] [mcpt-timer timer] Enables cell packing and specifies the cell-packing parameters.
The cells argument represents the maximum number of cells to be
Example: packed into an MPLS packet. The range is from 2 to the MTU of
Router(cfg-if-atm-l2trans-pvp)# the interface divided by 52. The default is MTU/52.
cell-packing 10 mcpt-timer 1
The timer argument allows you to specify which timer to use. The
default is timer 1.
Examples
The following example shows packed cell relay enabled on an interface configured for PVP mode. The
cell-packing command specifies that 10 ATM cells are to be packed into an MPLS packet. The
cell-packing command also specifies that timer 2 is to be used.
interface atm 1/0
shutdown
atm mcpt-timer 1000 800 500
no shutdown
atm pvp 100 l2transport
xconnect 10.0.0.1 234 encapsulation mpls
cell-packing 10 mcpt-timer 2
SUMMARY STEPS
1. enable
2. configure terminal
3. interface atm slot/subslot/port[.subinterface]
4. shutdown
5. atm mcpt-timers [timer1-timeout timer2-timeout timer3-timeout]
6. no shutdown
7. cell-packing [cells] [mcpt-timer timer]
8. xconnect peer-router-id vcid encapsulation mpls
9. exit
43
Any Transport over MPLS
How to Configure Any Transport over MPLS
10. exit
11. show atm cell-packing
12. show atm vp
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface atm slot/subslot/port[.subinterface] Specifies an ATM interface and enters interface
configuration mode.
Example:
Router(config)# interface atm1/0/0
Step 4 shutdown Shuts down the interface.
Example:
Router(config-if)# shutdown
Step 5 atm mcpt-timers [timer1-timeout timer2-timeout Sets up the cell-packing timers, which specify how long
timer3-timeout] the PE router can wait for cells to be packed into an
MPLS packet.
Example: You can set up to three timers. For each timer, you
Router(config-if)# atm mcpt-timers 100 200 250 specify the MCPT. This value gives the cell-packing
function a limited amount of time to complete. If the
timer expires before the maximum number of cells are
packed into an AToM packet, the packet is sent anyway.
The timeout’s default and range of acceptable values
depends on the ATM link speed.
The respective default values for the PA-A3 port adapters
are:
• OC-3: 30, 60, and 90 microseconds
• T3: 100, 200, and 300 microseconds
• E3: 130, 260, and 390 microseconds
You can specify either the number of microseconds or
use the default.
The respective range of values for the PA-A3 port
adapters are:
• OC-3: 10 to 4095 microseconds
• T3: 30 to 4095 microseconds
• E3: 40 to 4095 microseconds
44
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(config-if)# no shutdown
Step 7 cell-packing [cells] [mcpt-timer timer] Enables cell packing and specifies the cell-packing
parameters.
Example: The cells argument represents the maximum number of
Router(config-if)# cell-packing 10 mcpt-timer 1 cells to be packed into an MPLS packet. The range is
from 2 to the MTU of the interface divided by 52. The
default is MTU/52.
The timer argument allows you to specify which timer to
use. The default is timer 1.
Step 8 xconnect peer-router-id vcid encapsulation mpls Binds the attachment circuit to the interface.
Example:
Router(config-if)# xconnect 10.0.0.1 123
encapsulation mpls
Step 9 exit Exits interface configuration mode.
Example:
Router(config-if)# exit
Step 10 exit Exits global configuration mode.
Example:
Router(config)# exit
Step 11 show atm cell-packing Displays cell-packing statistics.
Example:
Router# show atm cell-packing
Step 12 show atm vp Displays cell-packing information.
Example:
Router#show atm vp
Examples
The following example shows packed cell relay enabled on an interface set up for port mode. The
cell-packing command specifies that 10 ATM cells are to be packed into an MPLS packet. The
cell-packing command also specifies that timer 2 is to be used.
interface atm 5/0/0
shutdown
atm mcpt-timer 1000 800 500
no shutdown
cell-packing 10 mcpt-timer 2
xconnect 10.0.0.1 123 encapsulation mpls
45
Any Transport over MPLS
How to Configure Any Transport over MPLS
The show atm cell-packing command in the following example displays the following statistics:
• The number of cells that are to be packed into an MPLS packet on the local and peer routers
• The average number of cells sent and received
• The timer values associated with the local router
average average
circuit local nbr of cells peer nbr of cells MCPT
type MNCP rcvd in one pkt MNCP sent in one pkt (us)
==============================================================================
atm 1/0/0 vc 1/200 20 15 30 20 60
atm 1/0/0 vp 2 25 21 30 24 100
The show atm vp command in the following example displays the cell packing information at the end
of the output:
Router# show atm vp 12
ATM5/0/0 VPI: 12, Cell Relay, PeakRate: 149760, CesRate: 0, DataVCs: 1, CesVCs: 0, Status:
ACTIVE
Troubleshooting Tips
To debug ATM cell packing, issue the debug atm cell-packing command.
Note You must configure Ethernet over MPLS (VLAN mode) on the subinterfaces.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface gigabitethernet slot/subslot/port.[subinterface]
46
Any Transport over MPLS
How to Configure Any Transport over MPLS
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface gigabitethernet Specifies the Gigabit Ethernet subinterface and enters
slot/subslot/port.[subinterface] subinterface configuration mode. Make sure the
subinterface on the adjoining CE router is on the same
Example: VLAN as this PE router.
Router(config)# interface gigabitethernet4/0/0.1
Step 4 encapsulation dot1q vlan-id Enables the subinterface to accept 802.1Q VLAN
packets.
Example: The subinterfaces between the CE and PE routers that are
Router(config-subif)# encapsulation dot1q 100 running Ethernet over MPLS must be in the same subnet.
All other subinterfaces and backbone routers do not.
Step 5 xconnect peer-router-id vcid encapsulation mpls Binds the attachment circuit to a pseudowire VC. The
syntax for this command is the same as for all other
Layer 2 transports.
Example:
Router(config-subif)# xconnect 10.0.0.1 123
encapsulation mpls
47
Any Transport over MPLS
How to Configure Any Transport over MPLS
SUMMARY STEPS
1. enable
2. configure terminal
3. interface gigabitethernet slot/subslot/port.[subinterface]
4. xconnect peer-router-id vcid encapsulation mpls
5. exit
6. exit
7. show mpls l2transport vc
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface gigabitethernet Specifies the Gigabit Ethernet interface and enters interface
slot/subslot/port.[subinterface] configuration mode. Make sure the interface on the adjoining CE
router is on the same VLAN as this PE router.
Example:
Router(config)# interface
gigabitethernet4/0/0
Step 4 xconnect peer-router-id vcid Binds the attachment circuit to a pseudowire VC. The syntax for
encapsulation mpls this command is the same as for all other Layer 2 transports.
Example:
Router(config-if)# xconnect 10.0.0.1 123
encapsulation mpls
Step 5 exit Exits interface configuration mode.
Example:
Router(config-if)# exit
Step 6 exit Exits router configuration mode.
Example:
Router(config)# exit
Step 7 show mpls l2transport vc Displays information about Ethernet over MPLS port mode.
Example:
Router# show mpls l2transport vc
48
Any Transport over MPLS
How to Configure Any Transport over MPLS
Examples
The following example configures VC 123 in Ethernet port mode:
pseudowire-class ethernet-port
encapsulation mpls
int gigabitethernet1/0/0
xconnect 10.0.0.1 123 pw-class ethernet-port
The command output in the following example shows two VCs for Ethernet over MPLS:
• VC 2 is in Ethernet VLAN mode.
• VC 8 is in Ethernet port mode.
Router# show mpls l2transport vc
If you issue the show mpls l2transport vc detail command, the output is similar:
Router# show mpls l2transport vc detail
SUMMARY STEPS
1. enable
2. configure terminal
3. interface gigabitethernet slot/subslot/port[.subinterface]
4. encapsulation dot1q vlan-id
5. xconnect peer-router-id vcid encapsulation mpls
6. remote circuit id remote-vlan-id
7. exit
8. exit
9. exit
10. show controllers eompls forwarding-table
49
Any Transport over MPLS
How to Configure Any Transport over MPLS
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface gigabitethernet Specifies the Gigabit Ethernet subinterface and enters
slot/subslot/port[.subinterface] subinterface configuration mode.
Make sure the subinterfaces between the CE and PE
Example: routers that are running Ethernet over MPLS are in the
Router(config)# interface gigabitethernet4/0/0.1 same subnet. All other subinterfaces and backbone
routers do not need to be in the same subnet.
Step 4 encapsulation dot1q vlan-id Enables the subinterface to accept 802.1Q VLAN
packets.
Example: Make sure the subinterface on the adjoining CE router is
Router(config-subif)# encapsulation dot1q 100 on the same VLAN as this PE router.
Step 5 xconnect peer-router-id vcid encapsulation mpls Binds the attachment circuit to a pseudowire VC and
enters xconnect configuration mode. The syntax for this
command is the same as for all other Layer 2 transports.
Example:
Router(config-subif)# xconnect 10.0.0.1 123
encapsulation mpls
Step 6 remote circuit id remote-vlan-id (Optional) Enables you to use VLAN interfaces with
different VLAN IDs at both ends of the tunnel.
Example:
Router(config-subif-xconn)# remote circuit id
101
Step 7 exit Exits xconnect configuration mode.
Example:
Router(config-subif-xconn)# exit
Step 8 exit Exits subinterface configuration mode.
Example:
Router(config-subif)# exit
50
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(config)# exit
Step 10 show controllers eompls forwarding-table Displays information about VLAN ID rewrite.
Example:
Router# execute slot 0 show controllers eompls
forwarding-table
Examples
The following example configures VLAN ID rewrite on peer PE routers with 2 3-port Gigabit Ethernet
line cards.
PE1 PE2
interface GigabitEthernet0/0/0.2 interface GigabitEthernet3/0/0.2
encapsulation dot1Q 2 encapsulation dot1Q 3
no ip directed-broadcast no ip directed-broadcast
no cdp enable no cdp enable
xconnect 10.5.5.5 2 encapsulation mpls xconnect 10.3.3.3 2 encapsulation mpls
remote circuit id 3 remote circuit id 2
The command output of the show controllers eompls forwarding-table command in the following
example shows VLAN ID rewrite configured on a router with an engine 2 3-port Gigabit Ethernet line
card. In the following example, the bolded command output show the VLAN ID rewrite information.
On PE1
Router# execute slot 0 show controllers eompls forwarding-table 0 2
On PE2
Router# execute slot 0 show controllers eompls forwarding-table 0 3
51
Any Transport over MPLS
How to Configure Any Transport over MPLS
Leaf entry? = 1
FCR index = 20
**tagrew_psa_addr = 0009EE40
**tagrew_vir_addr = 7009EE40
**tagrew_phy_addr = F009EE40
[0-7] loq 9400 mtu 4458 oq 4000 ai 8 oi 84000002 (encaps size 4)
cw-size 4 vlanid-rew 2
gather A30 (bufhdr size 32 EoMPLS (Control Word) Imposition profile 81)
2 tag: 17 18
counters 1182, 10 reported 1182, 10.
Local OutputQ (Unicast): Slot:5 Port:0 RED queue:0 COS queue:0
Output Q (Unicast): Port:0 RED queue:0 COS queue:0
If the MTU value is not accepted in either xconnect subinterface configuration mode or subinterface
configuration mode, then the command is rejected, as shown in the following example:
Router# configure terminal
Router(config)# interface gigabitethernet0/2/0.1
Router(config-subif)# xconnect 10.10.10.1 100 encapsulation mpls
Router(config-subif-xconn)# mtu ?
<64 - 1500> MTU size in bytes
Router(config-subif-xconn)# mtu 63
% Invalid input detected at ^ marker
Restrictions
Configuring the MTU value in xconnect subinterface configuration mode has the following restrictions:
• The following features do not support MTU values in xconnect subinterface configuration mode:
– Layer 2 Tunnel Protocol Version 3 (L2TPv3)
– Virtual Private LAN services (VPLS)
– L2VPN Pseudowire Switching
52
Any Transport over MPLS
How to Configure Any Transport over MPLS
• The MTU value can be configured in xconnect subinterface configuration mode only on the
following interfaces and subinterfaces:
– Fast Ethernet
– Gigabit Ethernet
• The router uses an MTU validation process for remote VCs established through LDP, which
compares the MTU value configured in xconnect subinterface configuration mode to the MTU value
of the remote customer interface. If an MTU value has not been configured in xconnect subinterface
configuration mode, then the validation process compares the MTU value of the local customer
interface to the MTU value of the remote xconnect, either explicitly configured or inherited from
the underlying interface or subinterface.
• When you configure the MTU value in xconnect subinterface configuration mode, the specified
MTU value is not enforced by the dataplane. The dataplane enforces the MTU values of the interface
(port mode) or subinterface (VLAN mode).
• Ensure that the interface MTU is larger than the MTU value configured in xconnect subinterface
configuration mode. If the MTU value of the customer-facing subinterface is larger than the MTU
value of the core-facing interface, traffic may not be able to travel across the pseudowire.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface gigabitethernet slot/subslot/port[.subinterface]
4. mtu mtu-value
5. interface gigabitethernet slot/subslot/port[.subinterface]
6. encapsulation dot1q vlan-id
7. xconnect peer-router-id vcid encapsulation mpls
8. mtu mtu-value
9. end
10. show mpls l2transport binding
DETAILED STEPS
Example:
Router# configure terminal
53
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(config)# interface gigabitethernet4/0/0
Step 4 mtu mtu-value Specifies the MTU value for the interface. The MTU value
specified at the interface level can be inherited by a
subinterface.
Example:
Router(config-if)# mtu 2000
Step 5 interface gigabitethernet Specifies the Gigabit Ethernet subinterface and enters
slot/subslot/port[.subinterface] subinterface configuration mode.
Make sure the subinterface on the adjoining CE router is on
Example: the same VLAN as this PE router.
Router(config-if)# interface
gigabitethernet4/0/0.1
Step 6 encapsulation dot1q vlan-id Enables the subinterface to accept 802.1Q VLAN packets.
The subinterfaces between the CE and PE routers that are
Example: running Ethernet over MPLS must be in the same subnet.
Router(config-subif)# encapsulation dot1q 100 All other subinterfaces and backbone routers need not be.
Step 7 xconnect peer-router-id vcid encapsulation mpls Binds the attachment circuit to a pseudowire VC.
The syntax for this command is the same as for all other
Example: Layer 2 transports. Enters xconnect subinterface
Router(config-subif)# xconnect 10.0.0.1 123 configuration mode.
encapsulation mpls
Step 8 mtu mtu-value Specifies the MTU for the VC.
Example:
Router(config-if-xconn)# mtu 1400
Step 9 end Exits xconnect subinterface configuration mode and returns
to global configuration mode.
Example:
Router(config-if-xconn)# end
Step 10 show mpls l2transport binding Displays the MTU values assigned to the local and remote
interfaces.
Example:
Router# show mpls l2transport binding
54
Any Transport over MPLS
How to Configure Any Transport over MPLS
SUMMARY STEPS
1. enable
2. configure terminal
3. frame-relay switching
4. interface serial slot/subslot/port[.subinterface]
5. encapsulation frame-relay [cisco | ietf]
6. frame-relay intf-type dce
7. exit
8. connect connection-name interface dlci l2transport
9. xconnect peer-router-id vcid encapsulation mpls
DETAILED STEPS
Example:
Router# configure terminal
Step 3 frame-relay switching Enables PVC switching on a Frame Relay device.
Example:
Router(config)# frame-relay switching
Step 4 interface serial Specifies a serial interface and enters interface configuration
slot/subslot/port[.subinterface] mode.
Example:
Router(config)# interface serial3/1/0
Step 5 encapsulation frame-relay [cisco | ietf] Specifies Frame Relay encapsulation for the interface. You can
specify different types of encapsulations. You can set one interface
to Cisco encapsulation and the other interface to IETF
Example:
Router(config-if)# encapsulation
encapsulation.
frame-relay ietf
Step 6 frame-relay intf-type dce Specifies that the interface is a DCE switch. You can also specify
the interface to support Network-to-Network Interface (NNI) and
DTE connections.
Example:
Router(config-if)# frame-relay intf-type
dce
55
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(config-if)# exit
Step 8 connect connection-name interface dlci Defines connections between Frame Relay PVCs and enters
l2transport connect configuration submode. Using the l2transport keyword
specifies that the PVC will not be a locally switched PVC, but will
Example: be tunneled over the backbone network.
Router(config)# connect fr1 serial5/0 The connection-name argument is a text string that you provide.
1000 l2transport
The interface argument is the interface on which a PVC
connection will be defined.
The dlci argument is the DLCI number of the PVC that will be
connected.
Step 9 xconnect peer-router-id vcid Creates the VC to transport the Layer 2 packets. In a DLCI-to
encapsulation mpls DLCI connection type, Frame Relay over MPLS uses the xconnect
command in connect configuration submode.
Example:
Router(config-fr-pw-switching)# xconnect
10.0.0.1 123 encapsulation mpls
SUMMARY STEPS
1. enable
2. configure terminal
3. interface serial slot/subslot/port[.subinterface]
4. encapsulation hdlc
5. xconnect peer-router-id vcid encapsulation mpls
56
Any Transport over MPLS
How to Configure Any Transport over MPLS
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface serial Specifies a serial interface and enters interface configuration
slot/subslot/port[.subinterface] mode.
Example:
Router(config)# interface serial5/0/0
Step 4 encapsulation hdlc Specifies that Frame Relay PDUs will be encapsulated in HDLC
packets.
Example:
Router(config-if)# encapsulation hdlc
Step 5 xconnect peer-router-id vcid Creates the VC to transport the Layer 2 packets.
encapsulation mpls
Example:
Router(config-if)# xconnect 10.0.0.1 123
encapsulation mpls
Restrictions
The following restrictions pertain to the HDLC over MPLS feature:
• Asynchronous interfaces are not supported.
• You must configure HDLC over MPLS on router interfaces only. You cannot configure HDLC over
MPLS on subinterfaces.
The following restrictions pertain to the PPP over MPLS feature:
• Zero hops on one router is not supported. However, you can have back-to-back PE routers.
• Asynchronous interfaces are not supported. The connections between the CE and PE routers on both
ends of the backbone must have similar link layer characteristics. The connections between the CE
and PE routers must both be synchronous.
• Multilink PPP (MLP) is not supported.
57
Any Transport over MPLS
How to Configure Any Transport over MPLS
• You must configure PPP on router interfaces only. You cannot configure PPP on subinterfaces.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface serial slot/subslot/port[.subinterface]
4. encapsulation encapsulation-type
5. xconnect peer-router-id vcid encapsulation mpls
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface serial Specifies a serial interface and enters interface configuration
slot/subslot/port[.subinterface] mode. You must configure HDLC and PPP over MPLS on router
interfaces only. You cannot configure HDLC over MPLS on
Example: subinterfaces.
Router(config)# interface serial5/0/0
Step 4 encapsulation ppp Specifies HDLC or PPP encapsulation and enters connect
or configuration mode.
encapsulation hdlc
Example:
Router(config-if)# encapsulation ppp
or
Example:
Router(config-if)# encapsulation hdlc
Step 5 xconnect peer-router-id vcid Creates the VC to transport the Layer 2 packets.
encapsulation mpls
Example:
Router(config-fr-pw-switching)# xconnect
10.0.0.1 123 encapsulation mpls
58
Any Transport over MPLS
How to Configure Any Transport over MPLS
SUMMARY STEPS
1. enable
2. configure terminal
3. pseudowire-class name
4. encapsulation mpls
5. preferred-path {interface tunnel tunnel-number | peer {ip-address | host-name}}
[disable-fallback]
6. exit
7. interface type slot/subslot/port[.subinterface]
8. encapsulation encapsulation-type
9. xconnect peer-router-id vcid pw-class name
DETAILED STEPS
Example:
Router# configure terminal
59
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(config-pw)# preferred path
peer 10.18.18.18
Step 6 exit Exits from pseudowire configuration mode.
Example:
Router(config-pw)# exit
Step 7 interface type Specifies an interface type and enters interface configuration mode.
slot/subslot/port[.subinterface]
Example:
Router(config)# interface atm1/1/0
Step 8 encapsulation encapsulation-type Specifies the encapsulation for the interface.
Example:
Router(config-if)# encapsulation aal5
Step 9 xconnect peer-router-id vcid pw-class Binds the attachment circuit to a pseudowire VC.
name
Example:
Router(config-if)# xconnect 10.0.0.1
123 pw-class ts1
60
Any Transport over MPLS
How to Configure Any Transport over MPLS
Examples
The following example sets up two preferred paths for PE1. One preferred path specifies an MPLS traffic
engineering tunnel. The other preferred path specifies an IP address of a loopback address on PE2. There
is a static route configured on PE1 that uses a TE tunnel to reach the IP address on PE2.
PE1 Configuration
mpls label protocol ldp
mpls traffic-eng tunnels
tag-switching tdp router-id Loopback0
pseudowire-class pw1
encapsulation mpls
preferred-path interface Tunnel1 disable-fallback
!
pseudowire-class pw2
encapsulation mpls
preferred-path peer 10.18.18.18
!
interface Loopback0
ip address 10.2.2.2 255.255.255.255
no ip directed-broadcast
no ip mroute-cache
!
interface Tunnel1
ip unnumbered Loopback0
no ip directed-broadcast
tunnel destination 10.16.16.16
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng priority 7 7
tunnel mpls traffic-eng bandwidth 1500
tunnel mpls traffic-eng path-option 1 explicit name path-tu1
!
interface Tunnel2
ip unnumbered Loopback0
no ip directed-broadcast
tunnel destination 10.16.16.16
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng priority 7 7
tunnel mpls traffic-eng bandwidth 1500
tunnel mpls traffic-eng path-option 1 dynamic
!
interface gigabitethernet0/0/0
no ip address
no ip directed-broadcast
no negotiation auto
!
interface gigabitethernet0/0/0.1
encapsulation dot1Q 222
no ip directed-broadcast
xconnect 10.16.16.16 101 pw-class pw1
!
interface ATM1/0/0
no ip address
no ip directed-broadcast
no atm enable-ilmi-trap
no atm ilmi-keepalive
pvc 0/50 l2transport
encapsulation aal5
xconnect 10.16.16.16 150 pw-class pw2
!
interface FastEthernet2/0/1
ip address 10.0.0.1 255.255.255.0
61
Any Transport over MPLS
How to Configure Any Transport over MPLS
no ip directed-broadcast
tag-switching ip
mpls traffic-eng tunnels
ip rsvp bandwidth 15000 15000
!
router ospf 1
log-adjacency-changes
network 10.0.0.0 0.0.0.255 area 0
network 10.2.2.2 0.0.0.0 area 0
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
!
ip route 10.18.18.18 255.255.255.255 Tunnel2
!
ip explicit-path name path-tu1 enable
next-address 10.0.0.1
index 3 next-address 10.0.0.1
PE2 Configuration
mpls label protocol ldp
mpls traffic-eng tunnels
mpls ldp router-id Loopback0
interface Loopback0
ip address 10.16.16.16 255.255.255.255
no ip directed-broadcast
no ip mroute-cache
!
interface Loopback2
ip address 10.18.18.18 255.255.255.255
no ip directed-broadcast
!
interface FastEthernet1/1/0
ip address 10.0.0.2 255.255.255.0
no ip directed-broadcast
mpls traffic-eng tunnels
mpls ip
no cdp enable
ip rsvp bandwidth 15000 15000
!
interface FastEthernet1/1/1
no ip address
no ip directed-broadcast
no cdp enable
!
interface FastEthernet1/1/1.1
encapsulation dot1Q 222
no ip directed-broadcast
no cdp enable
mpls l2transport route 10.2.2.2 101
!
interface ATM5/0/0
no ip address
no ip directed-broadcast
no atm enable-ilmi-trap
no atm ilmi-keepalive
pvc 0/50 l2transport
encapsulation aal5
xconnect 10.2.2.2 150 encapsulation mpls
!
router ospf 1
log-adjacency-changes
network 10.0.0.0 0.0.0.255 area 0
network 10.16.16.16 0.0.0.0 area 0
62
Any Transport over MPLS
How to Configure Any Transport over MPLS
In the following example, the show mpls l2transport vc command shows the following information
about the VCs:
• VC 101 has been assigned a preferred path called Tunnel1. The default path is disabled, because the
preferred path specified that the default path should not be used if the preferred path fails.
• VC 150 has been assigned an IP address of a loopback address on PE2. The default path can be used
if the preferred path fails.
In the following example, command output that is bolded shows the preferred path information.
Router# show mpls l2transport vc detail
Local interface: Gi0/0/0.1 up, line protocol up, Eth VLAN 222 up
Destination address: 10.16.16.16, VC ID: 101, VC status: up
Preferred path: Tunnel1, active
Default path: disabled
Tunnel label: 3, next hop point2point
Output interface: Tu1, imposed label stack {17 16}
Create time: 00:27:31, last status change time: 00:27:31
Signaling protocol: LDP, peer 10.16.16.16:0 up
MPLS VC labels: local 25, remote 16
Group ID: local 0, remote 6
MTU: local 1500, remote 1500
Remote interface description:
Sequencing: receive disabled, send disabled
VC statistics:
packet totals: receive 10, send 10
byte totals: receive 1260, send 1300
packet drops: receive 0, send 0
Local interface: ATM1/0/0 up, line protocol up, ATM AAL5 0/50 up
Destination address: 10.16.16.16, VC ID: 150, VC status: up
Preferred path: 10.18.18.18, active
Default path: ready
Tunnel label: 3, next hop point2point
Output interface: Tu2, imposed label stack {18 24}
Create time: 00:15:08, last status change time: 00:07:37
Signaling protocol: LDP, peer 10.16.16.16:0 up
MPLS VC labels: local 26, remote 24
Group ID: local 2, remote 0
MTU: local 4470, remote 4470
Remote interface description:
Sequencing: receive disabled, send disabled
VC statistics:
packet totals: receive 0, send 0
byte totals: receive 0, send 0
packet drops: receive 0, send 0
Troubleshooting Tips
You can use the debug mpls l2transport vc event command to troubleshoot tunnel selection. For
example, if the tunnel interface that is used for the preferred path is shut down, the default path is
enabled. The debug mpls l2transport vc event command provides the following output:
AToM SMGR [10.2.2.2, 101]: Processing imposition update, vc_handle 62091860, update_action
3, remote_vc_label 16
AToM SMGR [10.2.2.2, 101]: selected route no parent rewrite: tunnel not up
AToM SMGR [10.2.2.2, 101]: Imposition Programmed, Output Interface: Fe3/2/1
63
Any Transport over MPLS
How to Configure Any Transport over MPLS
Restrictions
The following restrictions apply to ATM AAL5 over MPLS with EXP bits:
• ATM AAL5 over MPLS allows you to statically set the experimental bits.
• If you do not assign values to the experimental bits, the priority bits in the header’s “tag control
information” field are set to zero.
The following restrictions apply to with EXP bits:
• allows you to statically set the experimental bits in VC, PVP, and port modes.
• If you do not assign values to the experimental bits, the priority bits in the header’s “tag control
information” field are set to zero.
For Frame Relay over MPLS and EXP bits, if you do not assign values to the experimental bits, the
priority bits in the header's “tag control information” field are set to zero.
For HDLC over MPLS and PPP over MPLS and EXP bits, if you do not assign values to the experimental
bits, zeros are written into the experimental bit fields.
Set the experimental bits in both the VC label and the LSP tunnel label. You set the experimental bits in
the VC label, because the LSP tunnel label might be removed at the penultimate router. Perform this task
to set the experimental bits.
SUMMARY STEPS
1. enable
2. configure terminal
3. class-map class-name
4. match any
5. policy-map policy-name
6. class class-name
7. set mpls experimental value
8. exit
9. exit
10. interface type slot/subslot/port[.subinterface]
11. service-policy input policy-name
12. exit
13. exit
14. show policy-map interface interface-name [vc [vpi/] vci] [dlci dlci] [input | output]
64
Any Transport over MPLS
How to Configure Any Transport over MPLS
DETAILED STEPS
Example:
Router# configure terminal
Step 3 class-map class-name Specifies the user-defined name of the traffic class and enters
class map configuration mode.
Example:
Router(config)# class-map class1
Step 4 match any Specifies that all packets will be matched. Use only the any
keyword. Other keywords might cause unexpected results.
Example:
Router(config-cmap)# match any
Step 5 policy-map policy-name Specifies the name of the traffic policy to configure and
enters policy-map configuration mode.
Example:
Router(config-cmap)# policy-map policy1
Step 6 class class-name Specifies the name of a predefined traffic class, which was
configured with the class-map command, used to classify
traffic to the traffic policy and enters policy-map class
Example:
Router(config-pmap)# class class1
configuration mode.
Step 7 set mpls experimental value Designates the value to which the MPLS bits are set if the
packets match the specified policy map.
Example:
Router(config-pmap-c)# set mpls experimental
7
Step 8 exit Exits policy-map class configuration mode.
Example:
Router(config-pmap-c)# exit
Step 9 exit Exits policy-map configuration mode.
Example:
Router(config-pmap)# exit
Step 10 interface type Specifies the interface type and enters interface configuration
slot/subslot/port[.subinterface] mode.
Example:
Router(config)# interface atm1/0/0
65
Any Transport over MPLS
How to Configure Any Transport over MPLS
Example:
Router(config-if)# service-policy input
policy1
Step 12 exit Exits interface configuration mode.
Example:
Router(config-if)# exit
Step 13 exit Exits global configuration mode.
Example:
Router(config)# exit
Step 14 show policy-map interface interface-name [vc Displays the traffic policy attached to an interface.
[vpi/] vci] [dlci dlci] [input | output]
Example:
Router# show policy-map interface serial3/0/0
SUMMARY STEPS
1. enable
2. configure terminal
3. pseudowire-class [pw-class-name]
4. encapsulation mpls
5. exit
6. interface type slot/subslot/port[.subinterface]
7. xconnect peer-ip-address vc-id pw-class pw-class-name
8. [no] remote link failure notification
9. remote link failure notification
10. end
66
Any Transport over MPLS
How to Configure Any Transport over MPLS
DETAILED STEPS
Example:
Router# configure terminal
Step 3 pseudowire-class [pw-class-name] Specifies the name of a Layer 2 pseudowire class and enters
pseudowire class configuration mode.
Example: • The pw-class-name argument is the name of a Layer 2
Router(config)# pseudowire-class eompls pseudowire class. If you want to configure more than
one pseudowire class, you must enter a value for the
pw-class-name argument.
Step 4 encapsulation mpls Specifies that MPLS is used as the data encapsulation
method for tunneling Layer 2 traffic over the pseudowire.
Example:
Router(config-pw)# encapsulation mpls
Step 5 exit Exits to global configuration mode.
Example:
Router(config-pw)# exit
Step 6 interface type slot/subslot/port[.subinterface] Configures an interface type and enters interface
configuration mode.
Example:
Router# interface GigabitEthernet1/0/0
Step 7 xconnect peer-ip-address vc-id pw-class Binds an attachment circuit to a pseudowire, and configures
pw-class-name an Any Transport over MPLS (AToM) static pseudowire.
Example:
Router(config-if)# xconnect 10.1.1.1 1 pw-class
eompls
Step 8 no remote link failure notification Disables MPLS AToM remote link failure notification and
shutdown.
Example:
Router(config-if-xconn)# remote link failure
notification
67
Any Transport over MPLS
Configuration Examples for Any Transport over MPLS
Example:
Router(config-if-xconn)# end
PE1 PE2
mpls label protocol ldp mpls label protocol ldp
mpls ldp router-id Loopback0 force mpls ldp router-id Loopback0 force
! !
interface Loopback0 interface Loopback0
ip address 10.16.12.12 255.255.255.255 ip address 10.13.13.13 255.255.255.255
!
interface ATM4/0/0 interface ATM4/0/0
pvc 0/100 l2transport pvc 0/100 l2transport
encapsulation aal0 encapsulation aal0
xconnect 10.13.13.13 100 encapsulation mpls xconnect 10.16.12.12 100 encapsulation mpls
! !
interface ATM4/0/0.300 point-to-point interface ATM4/0/0.300 point-to-point
no ip directed-broadcast no ip directed-broadcast
no atm enable-ilmi-trap no atm enable-ilmi-trap
pvc 0/300 l2transport pvc 0/300 l2transport
encapsulation aal0 encapsulation aal0
xconnect 10.13.13.13 300 encapsulation mpls xconnect 10.16.12.12 300 encapsulation mpls
68
Any Transport over MPLS
Configuration Examples for Any Transport over MPLS
Ethernet over MPLS with MPLS Traffic Engineering Fast Reroute: Example
The following configuration example and Figure 3 show the configuration of Ethernet over MPLS with
fast reroute on AToM PE routers.
Routers PE1 and PE2 have the following characteristics:
• A TE tunnel called Tunnel41 is configured between PE1and PE2, using an explicit path through a
link called L1. AToM VCs are configured to travel through the FRR-protected tunnel Tunnel41.
• The link L1 is protected by FRR, the backup tunnel is Tunnel1.
• PE2 is configured to forward the AToM traffic back to PE1 through the L2 link.
88263
L2
PE1 Configuration
mpls label protocol ldp
mpls traffic-eng tunnels
mpls ldp router-id Loopback1 force
!
pseudowire-class T41
encapsulation mpls
preferred-path interface Tunnel41 disable-fallback
!
pseudowire-class IP1
encapsulation mpls
preferred-path peer 10.4.0.1 disable-fallback
!
interface Loopback1
ip address 10.0.0.27 255.255.255.255
!
interface Tunnel1
ip unnumbered Loopback1
tunnel destination 10.0.0.1
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng priority 1 1
tunnel mpls traffic-eng bandwidth 10000
tunnel mpls traffic-eng path-option 1 explicit name FRR
!
interface Tunnel41
ip unnumbered Loopback1
tunnel destination 10.0.0.4
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng priority 1 1
tunnel mpls traffic-eng bandwidth 1000
tunnel mpls traffic-eng path-option 1 explicit name name-1
tunnel mpls traffic-eng fast-reroute
!
interface POS0/0/0
description pe1name POS8/0/0
ip address 10.1.0.2 255.255.255.252
mpls traffic-eng tunnels
mpls traffic-eng backup-path Tunnel1
69
Any Transport over MPLS
Configuration Examples for Any Transport over MPLS
crc 16
clock source internal
pos ais-shut
pos report lrdi
ip rsvp bandwidth 155000 155000
!
interface POS0/3/0
description pe1name POS10/1/0
ip address 10.1.0.14 255.255.255.252
mpls traffic-eng tunnels
crc 16
clock source internal
ip rsvp bandwidth 155000 155000
!
interface gigabitethernet3/0/0.1
encapsulation dot1Q 203
xconnect 10.0.0.4 2 pw-class IP1
!
interface gigabitethernet3/0/0.2
encapsulation dot1Q 204
xconnect 10.0.0.4 4 pw-class T41
!
router ospf 1
network 10.0.0.0 0.255.255.255 area 0
mpls traffic-eng router-id Loopback1
mpls traffic-eng area 0
!
ip classless
ip route 10.4.0.1 255.255.255.255 Tunnel41
!
ip explicit-path name xxxx-1 enable
next-address 10.4.1.2
next-address 10.1.0.10
P Configuration
ip cef
mpls traffic-eng tunnels
!
interface Loopback1
ip address 10.0.0.1 255.255.255.255
!
interface FastEthernet1/0/0
ip address 10.4.1.2 255.255.255.0
mpls traffic-eng tunnels
ip rsvp bandwidth 10000 10000
!
interface POS8/0/0
description xxxx POS0/0
ip address 10.1.0.1 255.255.255.252
mpls traffic-eng tunnels
pos ais-shut
pos report lrdi
ip rsvp bandwidth 155000 155000
!
interface POS10/1/0
description xxxx POS0/3
ip address 10.1.0.13 255.255.255.252
mpls traffic-eng tunnels
ip rsvp bandwidth 155000 155000
!
router ospf 1
network 10.0.0.0 0.255.255.255 area 0
mpls traffic-eng router-id Loopback1
70
Any Transport over MPLS
Configuration Examples for Any Transport over MPLS
PE2 Configuration
ip cef
mpls label protocol ldp
mpls traffic-eng tunnels
mpls ldp router-id Loopback1 force
!
interface Loopback1
ip address 10.0.0.4 255.255.255.255
!
interface loopback 2
ip address 10.4.0.1 255.255.255.255
!
interface Tunnel27
ip unnumbered Loopback1
tunnel destination 10.0.0.27
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng priority 1 1
tunnel mpls traffic-eng bandwidth 1000
tunnel mpls traffic-eng path-option 1 explicit name xxxx-1
!
interface FastEthernet0/0/0.2
encapsulation dot1Q 203
xconnect 10.0.0.27 2 encapsulation mpls
!
interface FastEthernet0/0/0.3
encapsulation dot1Q 204
xconnect 10.0.0.27 4 encapsulation mpls
!
interface FastEthernet1/1/0
ip address 10.4.1.1 255.255.255.0
mpls traffic-eng tunnels
ip rsvp bandwidth 10000 10000
!
router ospf 1
network 10.0.0.0 0.255.255.255 area 0
mpls traffic-eng router-id Loopback1
mpls traffic-eng area 0
!
ip explicit-path name xxxx-1 enable
next-address 10.4.1.2
next-address 10.1.0.10
71
Any Transport over MPLS
Configuration Examples for Any Transport over MPLS
192802
subinterface g0/0/0.1 subinterface g0/0/0.2 interface g1/0/0 subinterface f0/0/0.1
xconnect mode MTU 2000 bytes MTU 2000 bytes MTU 1500 bytes
MTU 1500 bytes
CE1 Configuration
interface gigabitethernet0/0/0
mtu 1500
no ip address
!
interface gigabitethernet0/0/0.1
encapsulation dot1Q 100
ip address 10.181.182.1 255.255.255.0
PE1 Configuration
interface gigabitethernet0/0/0
mtu 2000
no ip address
!
interface gigabitethernet0/0/0.1
encapsulation dot1Q 100
xconnect 10.1.1.152 100 encapsulation mpls
mtu 1500
!
interface gigabitethernet0/0/0.2
encapsulation dot1Q 200
ip address 10.151.100.1 255.255.255.0
mpls ip
PE2 Configuration
interface gigabitethernet1/0/0
mtu 2000
no ip address
!
interface gigabitethernet1/0/0.2
encapsulation dot1Q 200
ip address 10.100.152.2 255.255.255.0
mpls ip
!
interface fastethernet0/0/0
no ip address
!
interface fastethernet0/0/0.1
description default MTU of 1500 for FastEthernet
encapsulation dot1Q 100
xconnect 10.1.1.151 100 encapsulation mpls
72
Any Transport over MPLS
Configuration Examples for Any Transport over MPLS
CE2 Configuration
interface fastethernet0/0/0
no ip address
interface fastethernet0/0/0.1
encapsulation dot1Q 100
ip address 10.181.182.2 255.255.255.0
The show mpls l2transport binding command, issued from router PE1, shows a matching MTU value
of 1500 bytes on both the local and remote routers:
Router# show mpls l2transport binding
Local interface: Gi0/0/0.1 up, line protocol up, Eth VLAN 100 up
Destination address: 10.1.1.152, VC ID: 100, VC status: up
Output interface: Gi0/0/0.2, imposed label stack {202}
Preferred path: not configured
Default path: active
Next hop: 10.151.152.2
Create time: 1d11h, last status change time: 1d11h
Signaling protocol: LDP, peer 10.1.1.152:0 up
Targeted Hello: 10.1.1.151(LDP Id) -> 10.1.1.152
MPLS VC labels: local 100, remote 202
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description:
Sequencing: receive disabled, send disabled
VC statistics:
packet totals: receive 41, send 39
byte totals: receive 4460, send 5346
packet drops: receive 0, send 0
PE1 Configuration
pseudowire-class atom-ipiw
encapsulation mpls
interworking ip
73
Any Transport over MPLS
Configuration Examples for Any Transport over MPLS
!
interface Loopback0
ip address 10.1.1.151 255.255.255.255
!
interface Serial2/0/0
mtu 1492
no ip address
encapsulation ppp
no fair-queue
serial restart-delay 0
xconnect 10.1.1.152 123 pw-class atom-ipiw
!
interface Serial4/0/0
ip address 10.151.100.1 255.255.255.252
encapsulation ppp
mpls ip
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
network 10.1.1.151 0.0.0.0 area 0
network 10.151.100.0 0.0.0.3 area 0
!
mpls ldp router-id Loopback0
PE2 Configuration
pseudowire-class atom-ipiw
encapsulation mpls
interworking ip
!
interface Loopback0
ip address 10.1.1.152 255.255.255.255
!
interface FastEthernet0/0/0
no ip address
xconnect 10.1.1.151 123 pw-class atom-ipiw
mtu 1492
!
interface Serial4/0/0
ip address 10.100.152.2 255.255.255.252
encapsulation ppp
mpls ip
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
network 10.1.1.152 0.0.0.0 area 0
network 10.100.152.0 0.0.0.3 area 0
!
mpls ldp router-id Loopback0
The show mpls l2transport binding command shows that the MTU value for the local and remote
routers is 1492 bytes.
PE1
Router# show mpls l2transport binding
74
Any Transport over MPLS
Configuration Examples for Any Transport over MPLS
PE2
Router# show mpls l2transport binding
75
Any Transport over MPLS
Configuration Examples for Any Transport over MPLS
Configuring Any Transport over MPLS (AToM): Remote Ethernet Port Shutdown:
Examples
The following example show how to enable remote Ethernet port shutdown:
configure terminal
!
pseudowire-class eompls
encapsulation mpls
!
interface GigabitEthernet1/0/0
xconnect 10.1.1.1 1 pw-class eompls
remote link failure notification
The following example show how to disable remote Ethernet port shutdown:
configure terminal
!
pseudowire-class eompls
encapsulation mpls
!
interface GigabitEthernet1/0/0
xconnect 10.1.1.1 1 pw-class eompls
no remote link failure notification
The related show command output reports operational status for all remote L2 Tunnels by interface.
Router# show interface G1/0/0
76
Any Transport over MPLS
Additional References
Additional References
The following sections provide references related to the Any Transport over MPLS feature.
Related Documents
Related Topic Document Title
Description of commands associated with MPLS and MPLS Cisco IOS Multiprotocol Label Switching Command
applications Reference
Standards
Standard Title
draft-martini-l2circuit-trans-mpls-08.txt Transport of Layer 2 Frames Over MPLS
draft-martini-l2circuit-encap-mpls-04.txt Encapsulation Methods for Transport of Layer 2 Frames
Over MPLS
77
Any Transport over MPLS
Additional References
MIBs
MIB MIBs Link
ATM AAL5 over MPLS and : To locate and download MIBs for selected platforms, Cisco IOS XE
• MPLS LDP MIB (MPLS-LDP-MIB.my) software releases, and feature sets, use Cisco MIB Locator found at
the following URL:
• ATM MIB (ATM-MIB.my)
http://www.cisco.com/go/mibs
• CISCO AAL5 MIB (CISCO-AAL5-MIB.my)
• Cisco Enterprise ATM Extension MIB
(CISCO-ATM-EXT-MIB.my)
• Supplemental ATM Management Objects
(CISCO-IETF-ATM2-PVCTRAP-MIB.my)
• Interfaces MIB (IF-MIB.my)
Ethernet over MPLS
• CISCO-ETHERLIKE-CAPABILITIES.my
• Ethernet MIB (ETHERLIKE-MIB.my)
• Interfaces MIB (IF-MIB.my)
• MPLS LDP MIB (MPLS-LDP-MIB.my)
Frame Relay over MPLS
• Cisco Frame Relay MIB
(CISCO-FRAME-RELAY-MIB.my)
• Interfaces MIB (IF-MIB.my)
• MPLS LDP MIB (MPLS-LDP-MIB.my)
HDLC and PPP over MPLS
• MPLS LDP MIB (MPLS-LDP-MIB.my)
• Interface MIB (IF-MIB.my)
RFCs
RFC Title
RFC 3032 MPLS Label Stack Encoding
RFC 3036 LDP Specification
78
Any Transport over MPLS
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
79
Any Transport over MPLS
Feature Information for Any Transport over MPLS
Note Table 6 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
80
Any Transport over MPLS
Feature Information for Any Transport over MPLS
81
Any Transport over MPLS
Feature Information for Any Transport over MPLS
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
82
Any Transport over MPLS
Feature Information for Any Transport over MPLS
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
83
Any Transport over MPLS
Feature Information for Any Transport over MPLS
84
L2VPN Interworking
Layer 2 Virtual Private Network (L2VPN) Interworking allows you to connect disparate attachment
circuits. This feature module explains how to configure the following L2VPN Interworking features:
• Ethernet to VLAN Interworking
• Ethernet/VLAN to ATM virtual channel identifier (VPI) and virtual channel identifier (VCI)
Interworking
Contents
• Prerequisites for L2VPN Interworking, page 2
• Restrictions for L2VPN Interworking, page 2
• Information About L2VPN Interworking, page 3
• How to Configure L2VPN Interworking, page 5
• Configuration Examples for L2VPN Interworking, page 7
• Additional References, page 8
• Feature Information for L2VPN Interworking, page 10
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
L2VPN Interworking
Prerequisites for L2VPN Interworking
2
L2VPN Interworking
Information About L2VPN Interworking
interface to respond to the ICMP RDP solicitation message, issue the ip irdp command in
interface configuration mode. If you do not configure the CE router, traffic is dropped until the
CE router sends traffic toward the PE router.
– To disable the CE routers from running the router discovery protocol, issue the ip irdp
maxadvertinterval 0 command in interface mode.
• When the PE router on the Ethernet side receives a VLAN tagged packet from the CE router, the PE
router removes the VLAN tag from the Ethernet frame from the CE router. In the reverse direction,
the PE router adds the VLAN tag to the frames before sending the frame to the CE router. The VLAN
tag needs to be inserted or removed in this way when you configure VLAN to Ethernet interworking,
VLAN to Frame Relay, or ATM using Ethernet (bridged) interworking.
This restriction applies if you configure interworking between Ethernet and VLAN with Catalyst
switches as the CE routers. The spanning tree protocol is supported for Ethernet interworking.
Ethernet interworking between an Ethernet port and a VLAN supports spanning tree protocol only
on VLAN 1. Configure VLAN 1 as a nonnative VLAN.
• In bridged interworking from VLAN to Frame Relay, the Frame Relay PE router does not strip off
VLAN tags from the Ethernet traffic it receives.
• When you change the interworking configuration on an Ethernet PE router, clear the ARP entry on
the adjacent CE router so that it can learn the new MAC address. Otherwise, you might experience
traffic drops.
3
L2VPN Interworking
Information About L2VPN Interworking
The interworking command causes the attachment circuits to be terminated locally. The two keywords
perform the following functions:
• The ethernet keyword causes Ethernet frames to be extracted from the attachment circuit and sent
over the pseudowire. Ethernet end-to-end transmission is assumed. Attachment circuit frames that
are not Ethernet are dropped. In the case of VLAN, the VLAN tag is removed, leaving an untagged
Ethernet frame.
• The ip keyword causes IP packets to be extracted from the attachment circuit and sent over the
pseudowire. Attachment circuit frames that do not contain IPv4 packets are dropped.
The following sections explain more about Ethernet and IP interworking modes.
Ethernet Interworking
Ethernet Interworking is also called bridged interworking. Ethernet frames are bridged across the
pseudowire. The CE routers could be natively bridging Ethernet or could be routing using a bridged
encapsulation model, such as Bridge Virtual Interface (BVI) or RBE. The PE routers operate in Ethernet
like-to-like mode.
This mode is used to offer the following services:
• LAN services—An example is an enterprise that has several sites, where some sites have Ethernet
connectivity to the service provider (SP) network and others have ATM connectivity. The enterprise
wants LAN connectivity to all its sites. In this case, traffic from the Ethernet or VLAN of one site
can be sent through the IP/MPLS network and encapsulated as bridged traffic over an ATM VC of
another site.
• Connectivity services—An example is an enterprise that has different sites that are running an
Internal Gateway Protocol (IGP) routing protocol, which has incompatible procedures on broadcast
and nonbroadcast links. The enterprise has several sites that are running an IGP, such as Open
Shortest Path First (OSPF) or Intermediate System to Intermediate System (IS-IS), between the
sites. In this scenario, some of the procedures (such as route advertisement or designated router)
depend on the underlying Layer 2 protocol and are different for a point-to-point ATM connection
versus a broadcast Ethernet connection. Therefore, the bridged encapsulation over ATM can be used
to achieve homogenous Ethernet connectivity between the CE routers running the IGP.
IP Interworking
IP Interworking is also called routed interworking. The CE routers encapsulate IP on the link between
the CE and PE routers. A new VC type is used to signal the IP pseudowire in MPLS. Translation between
the Layer 2 and IP encapsulations across the pseudowire is required. Special consideration needs to be
given to address resolution and routing protocol operation, because these are handled differently on
different Layer 2 encapsulations.
This mode is used to provide IP connectivity between sites, regardless of the Layer 2 connectivity to
these sites. It is different from a Layer 3 VPN because it is point-to-point in nature and the service
provider does not maintain any customer routing information.
Address resolution is encapsulation dependent:
• Ethernet uses ARP
• Frame Relay and ATM use Inverse ARP
• PPP uses IPCP
4
L2VPN Interworking
How to Configure L2VPN Interworking
Therefore, address resolution must be terminated on the PE router. End-to-end address resolution is not
supported. Routing protocols operate differently over broadcast and point-to-point media. For Ethernet,
the CE routers must either use static routing or configure the routing protocols to treat the Ethernet side
as a point-to-point network.
SUMMARY STEPS
1. enable
2. configure terminal
3. pseudowire-class name
4. encapsulation {mpls | l2tpv3}
5. interworking {ethernet | ip}
DETAILED STEPS
Example:
Router# configure terminal
Step 3 pseudowire-class name Establishes a pseudowire class with a name that you specify
and enters pseudowire class configuration mode.
Example:
Router(config)# pseudowire-class class1
5
L2VPN Interworking
How to Configure L2VPN Interworking
SUMMARY STEPS
1. show arp
2. ping
3. show mpls l2transport vc detail
DETAILED STEPS
Step 2 ping
You can issue the ping command between the CE routers to ensure that data is being sent:
Router# ping 10.1.1.5
6
L2VPN Interworking
Configuration Examples for L2VPN Interworking
PE1 PE2
Router# show mpls l2transport vc detail Router# show mpls l2transport vc detail
Local interface: Fa1/1/0 up, line protocol up, Local interface: Fa2/0/0.3 up, line protocol up, Eth
FastEthernet up VLAN 10 up
Destination address: 10.9.9.9, VC ID: 123, VC MPLS VC type is FastEthernet, interworking type is
status: up FastEthernet
Preferred path: not configured Destination address: 10.8.8.8, VC ID: 123, VC status:
Default path: active up
Tunnel label: 17, next hop 10.1.1.3 Preferred path: not configured
Output interface: Fa4/0/0, imposed label Default path: active
stack {17 20} Tunnel label: 16, next hop 10.1.1.3
Create time: 01:43:50, last status change time: Output interface: Fa6/0/0, imposed label stack {16
01:43:33 16}
Signaling protocol: LDP, peer 10.9.9.9:0 up Create time: 00:00:26, last status change time:
MPLS VC labels: local 16, remote 20 00:00:06
Group ID: local 0, remote 0 Signaling protocol: LDP, peer 10.8.8.8:0 up
MTU: local 1500, remote 1500 MPLS VC labels: local 20, remote 16
Remote interface description: Group ID: local 0, remote 0
Sequencing: receive disabled, send disabled MTU: local 1500, remote 1500
VC statistics: Remote interface description:
packet totals: receive 15, send 4184 Sequencing: receive disabled, send disabled
byte totals: receive 1830, send 309248 VC statistics:
packet drops: receive 0, send 0 packet totals: receive 5, send 0
byte totals: receive 340, send 0
packet drops: receive 0, send 0
7
L2VPN Interworking
Additional References
PE1 PE2
ip cef ip cef
! !
mpls label protocol ldp mpls label protocol ldp
mpls ldp router-id Loopback0 force mpls ldp router-id Loopback0 force
! !
pseudowire-class atom-eth-iw pseudowire-class atom
encapsulation mpls encapsulation mpls
interworking ethernet !
! interface Loopback0
interface Loopback0 ip address 10.9.9.9 255.255.255.255
ip address 10.8.8.8 255.255.255.255 !
! interface FastEthernet0/0/0
interface FastEthernet1/0/0.1 no ip address
encapsulation dot1q 100 !
xconnect 10.9.9.9 123 pw-class atom-eth-iw interface FastEthernet1/0
xconnect 10.9.9.9 123 pw-class atom
Additional References
The following sections provide references related to the L2VPN Interworking feature.
Related Documents
Related Topic Document Title
MPLS commands Multiprotocol Label Switching Command Reference
Any Transport over MPLS Any Transport over MPLS
Standards
Standards Title
draft-ietf-l2tpext-l2tp-base-03.txt Layer Two Tunneling Protocol (Version 3) 'L2TPv3'
draft-martini-l2circuit-trans-mpls-09.txt Transport of Layer 2 Frames Over MPLS
draft-ietf-pwe3-frame-relay-03.txt. Encapsulation Methods for Transport of Frame Relay over MPLS
Networks
draft-martini-l2circuit-encap-mpls-04.txt. Encapsulation Methods for Transport of Layer 2 Frames Over IP
and MPLS Networks
draft-ietf-pwe3-ethernet-encap-08.txt. Encapsulation Methods for Transport of Ethernet over MPLS
Networks
draft-ietf-pwe3-hdlc-ppp-encap-mpls-03.txt. Encapsulation Methods for Transport of PPP/HDLC over MPLS
Networks
draft-ietf-ppvpn-l2vpn-00.txt. An Architecture for L2VPNs
8
L2VPN Interworking
Additional References
MIBs
MIBs MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFCs Title
No new or modified RFCs are supported by this —
feature, and support for existing RFCs has not been
modified by this feature.
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
9
L2VPN Interworking
Feature Information for L2VPN Interworking
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect,
Cisco Pulse, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels,
Flip for Good, Flip Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network
are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Capital, Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store,
and Flip Gift Card are service marks; and Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP,
CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Continuum, EtherFast, EtherSwitch, Event Center,
Explorer, Fast Step, Follow Me Browsing, FormShare, GainMaker, GigaDrive, HomeLink, iLYNX, Internet Quotient, IOS, iPhone, iQuick Study,
IronPort, the IronPort logo, Laser Link, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers,
Networking Academy, Network Registrar, PCNow, PIX, PowerKEY, PowerPanels, PowerTV, PowerTV (Design), PowerVu, Prisma, ProConnect,
ROSA, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx,
and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0908R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
10
L2VPN Pseudowire Redundancy
The L2VPN Pseudowire Redundancy feature enables you to configure your network to detect a failure
in the network and reroute the Layer 2 (L2) service to another endpoint that can continue to provide
service. This feature provides the ability to recover from a failure either of the remote provider edge (PE)
router or of the link between the PE and customer edge (CE) routers. This feature also provides the
ability to set up multiple backup pseudowires.
Contents
• Prerequisites for L2VPN Pseudowire Redundancy, page 2
• Restrictions for L2VPN Pseudowire Redundancy, page 2
• Information About L2VPN Pseudowire Redundancy, page 3
• How to Configure L2VPN Pseudowire Redundancy, page 4
• Configuration Examples for L2VPN Pseudowire Redundancy, page 11
• Additional References, page 12
• Feature Information for L2VPN Pseudowire Redundancy, page 14
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
L2VPN Pseudowire Redundancy
Prerequisites for L2VPN Pseudowire Redundancy
2
L2VPN Pseudowire Redundancy
Information About L2VPN Pseudowire Redundancy
X2 X4
X1 X3
135057
X2 = PE hardware or software failure
X3 = Attachment circuit failure from a line break
X4 = CE hardware or software failure
The L2VPN Pseudowire Redundancy feature provides the ability to ensure that the CE2 router in
Figure 1 can always maintain network connectivity, even if one or all the failures in the figure occur.
The L2VPN Pseudowire Redundancy feature enables you to set up backup pseudowires. You can
configure the network with redundant pseudowires (PWs) and redundant network elements, which are
shown in Figure 2, Figure 3, and Figure 4.
Figure 2 shows a network with redundant pseudowires and redundant attachment circuits.
Primary
pseudowire
Redundant
CE1 PE1 PE2 attachment CE2
135058
circuits
Backup
pseudowire
Figure 3 shows a network with redundant pseudowires, attachment circuits, and CE routers.
3
L2VPN Pseudowire Redundancy
How to Configure L2VPN Pseudowire Redundancy
Figure 3 L2 VPN Network with Redundant PWs, Attachment Circuits, and CE Routers
Redundant
CE routers
Primary
pseudowire
CE2a
135059
Backup circuits CE2b
pseudowire
Figure 4 shows a network with redundant pseudowires, attachment circuits, CE routers, and PE routers.
Primary
pseudowire
Redundant Redundant
PE routers CE routers
Redundant
PE2a CE2a
attachment
circuits
CE1 PE1
PE2b CE2b
135060
Backup
pseudowire
Note In Cisco IOS XE Release 2.3, only one backup pseudowire is supported. In Cisco IOS XE Release 2.4
and later releases, up to three backup pseudowires are supported.
The following sections explain how to configure the L2VPN Pseudowire Redundancy feature:
• Configuring the Pseudowire Attributes, page 5 (required)
• Configuring a Single Backup Pseudowire, page 6 (required)
• Configuring Multiple Backup Pseudowires, page 7 (required)
• Forcing a Manual Switchover to the Backup Pseudowire VC, page 9 (optional)
• Verifying the L2VPN Pseudowire Redundancy Configuration, page 10 (optional)
4
L2VPN Pseudowire Redundancy
How to Configure L2VPN Pseudowire Redundancy
SUMMARY STEPS
1. enable
2. configure terminal
3. pseudowire-class name
4. encapsulation mpls
5. interworking {ethernet | ip}
DETAILED STEPS
Example:
Router# configure terminal
Step 3 pseudowire-class name Establishes a pseudowire class with a name that you specify. Enters
pseudowire class configuration mode.
Example:
Router(config)# pseudowire-class atom
5
L2VPN Pseudowire Redundancy
How to Configure L2VPN Pseudowire Redundancy
Prerequisites
For each transport type, the xconnect command is configured slightly differently. The following
configuration steps use Ethernet VLAN over MPLS, which is configured in subinterface configuration
mode. See Any Transport over MPLS to determine how to configure the xconnect command for other
transport types.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface gigabitethernet slot/subslot/interface.[subinterface]
4. encapsulation dot1q vlan-id
5. xconnect peer-router-id vcid {encapsulation mpls | pw-class pw-class-name}
6. backup peer peer-router-ip-addr vcid [pw-class pw-class-name]
7. backup delay enable-delay {disable-delay | never}
DETAILED STEPS
Example:
Router# configure terminal
6
L2VPN Pseudowire Redundancy
How to Configure L2VPN Pseudowire Redundancy
Restrictions
In Cisco IOS XE Release 2.4, the L2VPN Pseudowire Redundancy: Multiple Backup Pseudowires
feature supports only ATM interfaces.
SUMMARY STEPS
1. enable
2. configure terminal
7
L2VPN Pseudowire Redundancy
How to Configure L2VPN Pseudowire Redundancy
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface atm slot/port/ Specifies the atm interface and enters interface
configuration mode.
Example:
Router(config)# interface atm1/0
Step 4 pvc vpi/vci l2transport Assigns a VPI and VCI and enters L2transport VC
configuration mode.
Example:
Router(config-if)# pvc 1/100 l2transport
• The l2transport keyword indicates that the PVC is
a switched PVC instead of a terminated PVC.
Example:
Router(config-if-atm-l2trans-pvc)# encapsulation
aal5snap
Step 6 xconnect peer-router-id vcid {encapsulation mpls | Binds the attachment circuit to a pseudowire VC.
pw-class pw-class-name}
The syntax for this command is the same as for all other
Layer 2 transports.
Example:
Router(config-if-atm-l2trans-pvc)# xconnect
Enters xconnect configuration mode.
10.0.0.1 123 pw-class atom
8
L2VPN Pseudowire Redundancy
How to Configure L2VPN Pseudowire Redundancy
SUMMARY STEPS
1. enable
2. xconnect backup force-switchover interface {type number| peer ip-address vcid}
DETAILED STEPS
Example:
Router# xconnect backup force-switchover peer
10.10.10.1 123
9
L2VPN Pseudowire Redundancy
How to Configure L2VPN Pseudowire Redundancy
SUMMARY STEPS
DETAILED STEPS
In this example, the topology is Attachment Circuit 1 to Attachment Circuit 2 with a Pseudowire backup
for Attachment Circuit 2:
Router# show xconnect all
10
L2VPN Pseudowire Redundancy
Configuration Examples for L2VPN Pseudowire Redundancy
When this command is configured, the following messages will be generated during switchover events:
Activating the primary member:
00:01:07: %XCONNECT-5-REDUNDANCY: Activating primary member 10.55.55.2:1000
• L2VPN IP interworking:
pseudowire-class mpls-ip
encapsulation mpls
interworking ip
The following example shows a Frame Relay attachment circuit xconnect with a backup pseudowire:
connect fr-fr-pw Serial6/0/0 225 l2transport
xconnect 10.55.55.2 5225 pw-class mpls
backup peer 10.55.55.3 5226 pw-class mpls
11
L2VPN Pseudowire Redundancy
Additional References
The following example shows an Fast Ethernet VLAN attachment circuit xconnect with L2VPN IP
interworking and a backup pseudowire:
interface FastEthernet1/0/0.1
encapsulation dot1Q 200
no ip directed-broadcast
xconnect 10.55.55.2 5200 pw-class mpls-ip
backup peer 10.55.55.3 5201 pw-class mpls-ip
Additional References
The following sections provide references related to the L2VPN Pseudowire Redundancy feature.
Related Documents
Related Topic Document Title
Description of commands associated with MPLS and Cisco IOS Multiprotocol Label Switching Command Reference
MPLS applications
Any Transport over MPLS Any Transport over MPLS
High Availability for AToM AToM Graceful Restart
Standards
Standards Title
No new or modified standards are supported, and —
support for existing standards has not been modified by
this feature.
12
L2VPN Pseudowire Redundancy
Additional References
MIBs
MIBs MIBs Link
No new or modified MIBs are supported, and support To locate and download MIBs for selected platforms, Cisco IOS XE
for existing MIBs has not been modified. software releases, and feature sets, use Cisco MIB Locator found at
the following URL:
http://www.cisco.com/go/mibs
RFCs
RFCs Title
No new or modified RFCs are supported, and support —
for existing RFCs has not been modified.
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
13
L2VPN Pseudowire Redundancy
Feature Information for L2VPN Pseudowire Redundancy
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a given
Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that Cisco IOS XE
software release train also support that feature.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
14
L2VPN Pseudowire Redundancy
Feature Information for L2VPN Pseudowire Redundancy
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
15
L2VPN Pseudowire Redundancy
Feature Information for L2VPN Pseudowire Redundancy
16
L2VPN: Pseudowire Preferential Forwarding
The L2VPN: Pseudowire Preferential Forwarding feature allows you to configure the pseudowires so
that you can use ping and show commands to find status information of the pseudowires before, during,
and after a switchover.
Contents
• Prerequisites for L2VPN: Pseudowire Preferential Forwarding, page 2
• Restrictions for L2VPN: Pseudowire Preferential Forwarding, page 2
• Information About L2VPN: Pseudowire Preferential Forwarding, page 2
• How to Configure L2VPN: Pseudowire Preferential Forwarding, page 3
• Configuration Examples for L2VPN: Pseudowire Preferential Forwarding, page 5
• Additional References, page 7
• Feature Information for L2VPN: Pseudowire Preferential Forwarding, page 9
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
L2VPN: Pseudowire Preferential Forwarding
Prerequisites for L2VPN: Pseudowire Preferential Forwarding
2
L2VPN: Pseudowire Preferential Forwarding
How to Configure L2VPN: Pseudowire Preferential Forwarding
Note In a single-segment pseudowire, the PE routers at each end of the pseudowire serve as the termination
points. In multisegment pseudowires, the terminating PE routers serve as the termination points.
Note One pseudowire must be the master and the other must be assigned the slave. You cannot configure both
pseudowires as master or slave.
Note You must specify the encapsulation mpls command as part of the pseudowire class for the AToM VCs
to work properly. If you omit the encapsulation mpls command, you receive the following error:
% Incomplete command.
Prerequisites
The PE routers must be configured for the L2VPN Pseudowire Redundancy and NSF/SSO—Any
Transport over MPLS and AToM Graceful Restart features. See the following documents for
configuration instructions.
• L2VPN Pseudowire Redundancy
• NSF/SSO—Any Transport over MPLS and AToM Graceful Restart
3
L2VPN: Pseudowire Preferential Forwarding
How to Configure L2VPN: Pseudowire Preferential Forwarding
SUMMARY STEPS
1. enable
2. configure terminal
3. pseudowire-class name
4. encapsulation mpls
5. status redundancy {master | slave}
6. interworking {ethernet | ip}
DETAILED STEPS
Example:
Router# configure terminal
Step 3 pseudowire-class name Establishes a pseudowire class with a name that you specify, and enters
pseudowire class configuration mode.
Example:
Router(config)# pseudowire-class atom
Step 4 encapsulation mpls Specifies the tunneling encapsulation.
• For AToM, the encapsulation type is mpls.
Example:
Router(config-pw)# encapsulation mpls
Step 5 status redundancy {master | slave} Specifies the pseudowire as the master or slave. This enables the
L2VPN: Pseudowire Preferential Forwarding feature to display the
status of the active and backup pseudowires.
Example:
Router(config-pw)# status redundancy • By default, the PE router is in slave mode.
master
Note One pseudowire must be the master and the other must be
assigned the slave. You cannot configure both pseudowires as
master or slave.
Step 6 interworking {ethernet | ip} (Optional) Enables the translation between the different Layer 2
encapsulations.
Example:
Router(config-pw)# interworking ip
4
L2VPN: Pseudowire Preferential Forwarding
Configuration Examples for L2VPN: Pseudowire Preferential Forwarding
The show mpls l2transport vc command on the backup PE router displays the status of the pseudowires.
The active pseudowire on the backup PE router has the HOTSTANDBY status.
5
L2VPN: Pseudowire Preferential Forwarding
Configuration Examples for L2VPN: Pseudowire Preferential Forwarding
During a switchover, the status of the active and backup pseudowires changes:
Router# show mpls l2transport vc
After the switchover is complete, the recovering pseudowire shows a status of UP:
Router# show mpls l2transport vc
The show xconnect command displays the standby (SB) state for the backup pseudowire, which is
independent of the stateful switchover mode of the router:
Router# show xconnect all
XC ST Segment 1 S1 Segment 2
S2
------+---------------------------------+--+---------------------------------+---------
UP pri ac AT1/1/0/0.1/1/1:220/220(ATM V UP mpls 10.193.193.3:330 UP
IA sec ac AT1/1/0/0.1/1/1:220/220(ATM V UP mpls 10.193.193.3:331 SB
The ping mpls and traceroute mpls commands show that the dataplane is active on the backup
pseudowire:
Router# ping mpls pseudowire 10.193.193.22 331
%Total number of MS-PW segments is less than segment number; Adjusting the segment number
to 1
Sending 5, 100-byte MPLS Echos to 10.193.193.22,
timeout is 2 seconds, send interval is 0 msec:
Tracing MS-PW segments within range [1-1] peer address 10.193.193.22 and timeout 2 seconds
6
L2VPN: Pseudowire Preferential Forwarding
Additional References
Additional References
The following sections provide references related to the L2VPN: Pseudowire Preferential Forwarding
feature.
Related Documents
Related Topic Document Title
Description of commands associated with MPLS and Cisco IOS Multiprotocol Label Switching Command Reference
MPLS applications
L2VPN Pseudowires • L2VPN Pseudowire Redundancy
• MPLS Pseudowire Status Signaling
NSF/SSO for L2VPNs NSF/SSO—Any Transport over MPLS and AToM Graceful Restart
Ping and Traceroute for L2VPNs MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Standards
Standard Title
draft-ietf-pwe3-redundancy-bit-xx.txt Preferential Forwarding Status Bit Definition
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this feature, To locate and download MIBs for selected platforms, Cisco IOS XE
and support for existing MIBs has not been modified by software releases, and feature sets, use Cisco MIB Locator found at
this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
No new or modified RFCs are supported by this —
feature, and support for existing standards has not been
modified by this feature.
7
L2VPN: Pseudowire Preferential Forwarding
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive http://www.cisco.com/techsupport
online resources, including documentation and
tools for troubleshooting and resolving technical
issues with Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various
services, such as the Product Alert Tool (accessed
from Field Notices), the Cisco Technical Services
Newsletter, and Really Simple Syndication (RSS)
Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
8
L2VPN: Pseudowire Preferential Forwarding
Feature Information for L2VPN: Pseudowire Preferential Forwarding
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco Ironport, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect,
Cisco Stackpower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good,
Flip Mino, Flip Video, Flip Video (Design), Flipshare (Design), Flip Ultra, and Welcome to the Human Network are trademarks; Changing the Way
We Work, Live, Play, and Learn, Cisco Store, and Flip Gift Card are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting
To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS,
Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch,
Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the
IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy,
Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to
Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the
United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0907R)
9
L2VPN: Pseudowire Preferential Forwarding
Feature Information for L2VPN: Pseudowire Preferential Forwarding
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
10
L2VPN Multisegment Pseudowires
The L2VPN Multisegment Pseudowires feature enables you to configure two or more Layer 2
pseudowire segments that function as a single pseudowire. The L2VPN Multisegment Pseudowires
feature span multiple cores or autonomous systems of the same or different carrier networks.
Contents
• Prerequisites for L2VPN Multisegment Pseudowires, page 2
• Restrictions for L2VPN Multisegment Pseudowires, page 2
• Information About L2VPN Multisegment Pseudowires, page 2
• How to Configure L2VPN Multisegment Pseudowires, page 4
• Additional References, page 9
• Feature Information for L2VPN Multisegment Pseudowires, page 11
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
L2VPN Multisegment Pseudowires
Prerequisites for L2VPN Multisegment Pseudowires
2
L2VPN Multisegment Pseudowires
Information About L2VPN Multisegment Pseudowires
CE1 CE1
PE1 PE2
PE1 PE2
243510
CE2 CE2
CE1 CE1
T-PE1 T-PE2
S-PE1 S-PE2
243511
CE2 CE2
The end routers are called terminating PE routers (T-PEs), and the switching routers are called S-PE
routers. The S-PE router terminates the tunnels of the preceding and succeeding PW segments in an
MS-PW. The S-PE router can switch the control and data planes of the preceding and succeeding PW
segments of the MS-PW. An MS-PW is declared to be up when all the single-segment PWs are up. For
more information, see the L2VPN Pseudowire Switching document.
3
L2VPN Multisegment Pseudowires
How to Configure L2VPN Multisegment Pseudowires
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls label protocol ldp
4. mpls ldp router-id interface force
5. pseudowire-class name
6. encapsulation mpls
7. switching tlv
8. exit
9. l2 vfi name point-to-point
10. description string
11. neighbor ip-address vcid {encapsulation mpls | pw-class pw-class-name}
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls label protocol ldp Configures the use of Label Distribution Protocol (LDP) on all
interfaces.
Example:
Router(config)# mpls label protocol
ldp
4
L2VPN Multisegment Pseudowires
How to Configure L2VPN Multisegment Pseudowires
Example:
Router(config)# mpls ldp router-id
loopback0 force
Step 5 pseudowire-class name Establishes a pseudowire class with a name that you specify, and enters
pseudowire class configuration mode.
Example:
Router(config)# pseudowire-class atom
Step 6 encapsulation mpls Specifies the tunneling encapsulation.
• For MPLS L2VPNs, the encapsulation type is mpls.
Example:
Router(config-pw-class)#
encapsulation mpls
Step 7 switching tlv (Optional) Enables the advertisement of the switching point
type-length variable (TLV) in the label binding.
Example: • This command is enabled by default.
Router(config-pw-class)# switching
tlv
Step 8 exit Exits pseudowire class configuration mode.
Example:
Router(config-pw-class)# exit
Step 9 l2 vfi name point-to-point Creates a point-to-point Layer 2 virtual forwarding interface (VFI) and
enters VFI configuration mode.
Example:
Router(config)# l2 vfi atomtunnel
point-to-point
Step 10 description string Provides a description of the switching provider edge router for a
multisegment pseudowire.
Example:
Router(config-vfi)# description
segment1
Step 11 neighbor ip-address vcid Sets up an emulated VC.
{encapsulation mpls | pw-class
pw-class-name} • Specify the IP address and the VC ID of the peer router. Also
specify the pseudowire class to use for the emulated VC.
Example: Note Only two neighbor commands are allowed for each l2 vfi
Router(config-vfi)# neighbor 10.0.0.1 point-to-point command.
100 pw-class mpls
5
L2VPN Multisegment Pseudowires
How to Configure L2VPN Multisegment Pseudowires
SUMMARY STEPS
DETAILED STEPS
6
L2VPN Multisegment Pseudowires
How to Configure L2VPN Multisegment Pseudowires
Performing ping mpls and trace mpls Operations on the L2VPN Multisegment
Pseudowires
You can use the ping mpls and trace mpls commands to verify that all the segments of the MPLS
multisegment pseudowire are operating.
You can use the ping mpls command to verify connectivity at the following pseudowire points:
• From one end of the pseudowire to the other
• From one of the pseudowires to a specific segment
• The segment between two adjacent S-PE routers
You can use the trace mpls command to verify connectivity at the following pseudowire points:
• From one end of the pseudowire to the other
• From one of the pseudowires to a specific segment
• The segment between two adjacent S-PE routers
• A range of segments
SUMMARY STEPS
DETAILED STEPS
7
L2VPN Multisegment Pseudowires
How to Configure L2VPN Multisegment Pseudowires
Tracing MS-PW segments within range [1-1] peer address 10.10.10.9 and timeout 2 seconds
Tracing MS-PW segments within range [1-2] peer address 10.10.10.9 and timeout 2 seconds
8
L2VPN Multisegment Pseudowires
Additional References
Additional References
The following sections provide references related to the L2VPN Multisegment Pseudowires feature.
Related Documents
Related Topic Document Title
Description of commands associated with MPLS and Cisco IOS Multiprotocol Label Switching Command Reference
MPLS applications
Layer 2 VPNS • Any Transport over MPLS
• L2VPN Pseudowire Switching
• MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for
VCCV
Standards
Standard Title
RFC 4777 Pseudowire Setup and Maintenance Using the Label Distribution
Protocol (LDP)
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
No new or modified RFCs are supported by this —
feature, and support for existing RFCs has not been
modified by this feature.
9
L2VPN Multisegment Pseudowires
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
10
L2VPN Multisegment Pseudowires
Feature Information for L2VPN Multisegment Pseudowires
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco Ironport, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect,
Cisco Stackpower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good,
Flip Mino, Flip Video, Flip Video (Design), Flipshare (Design), Flip Ultra, and Welcome to the Human Network are trademarks; Changing the Way
We Work, Live, Play, and Learn, Cisco Store, and Flip Gift Card are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting
To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS,
Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch,
Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the
IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy,
Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to
Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the
United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0907R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
11
L2VPN Multisegment Pseudowires
Feature Information for L2VPN Multisegment Pseudowires
12
L2VPN Pseudowire Switching
This feature module explains how to configure L2VPN Pseudowire Switching, which extends layer 2 virtual
private network (L2VPN) pseudowires across an interautonomous system (inter-AS) boundary or across
two separate multiprotocol label switching (MPLS) networks.
Contents
• Restrictions for L2VPN Pseudowire Switching, page 2
• Information About L2VPN Pseudowire Switching, page 2
• How to Configure L2VPN Pseudowire Switching, page 3
• Configuration Examples for L2VPN Pseudowire Switching, page 6
• Additional References, page 7
• Feature Information for L2VPN Pseudowire Switching, page 9
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
L2VPN Pseudowire Switching
Restrictions for L2VPN Pseudowire Switching
2
L2VPN Pseudowire Switching
How to Configure L2VPN Pseudowire Switching
MPLS PW MPLS PW
127912
End-to-End Layer 2 Service
MPLS PW MPLS PW
127913
End-to-End Layer 2 Service
3
L2VPN Pseudowire Switching
How to Configure L2VPN Pseudowire Switching
Prerequisites
• This procedure assumes that you have configured basic AToM L2VPNs. This procedure does not
explain how to configure basic AToM L2VPNs that transport Layer 2 packets over an MPLS
backbone. For information on the basic configuration, see Any Transport over MPLS.
• For inter-Autonomous configurations, ASBRs require a labeled interface.
Restrictions
In this configuration, you are limited to two neighbor commands after entering the l2 vfi command.
SUMMARY STEPS
1. enable
2. configure terminal
3. l2 vfi name point-to-point
4. neighbor ip-address vcid encapsulation mpls | pw-class pw-class-name
5. exit
6. exit
7. show mpls l2transport vc [vcid [vc-id | vc-id-min vc-id-max]] [interface name [local-circuit-id]]
[destination ip-address | name] [detail]
8. show vfi [vfi-name]
9. ping [protocol] [tag] {host-name | system-address}
DETAILED STEPS
Example:
Router# configure terminal
Step 3 l2 vfi name point-to-point Creates a point-to-point Layer 2 virtual forwarding
interface (VFI) and enters VFI configuration mode.
Example:
Router(config)# l2 vfi atomtunnel
point-to-point
4
L2VPN Pseudowire Switching
How to Configure L2VPN Pseudowire Switching
Example:
Router(config-vfi)# exit
Step 6 exit Exits global configuration mode.
Example:
Router(config)# exit
Step 7s show mpls l2transport vc [vcid [vc-id | Verifies that the L2VPN Pseudowire Switching session has
[vc-id-min vc-id-max]] [interface name been established.
[local-circuit-id]] [destination ip-address |
name] [detail]
Example:
Router# show mpls l2transport vc
Step 8 show vfi [vfi-name] Verifies that a point-to-point VFI has been established.
Example:
Router# show vfi atomtunnel
Step 9 ping [protocol] [tag] {host-name | When issued from the CE routers, this command verifies
system-address} end-to-end connectivity.
Example:
Router# ping 10.1.1.1
Examples
The following example displays the output of the show mpls l2transport vc command:
Router# show mpls l2transport vc
The following example displays the output of the show vfi command:
Router# show vfi
5
L2VPN Pseudowire Switching
Configuration Examples for L2VPN Pseudowire Switching
AS 65016 AS 65017
172.16.255.3 172.17.255.3
172.16.255.2 172.17.255.2
A-P1 172.16.0.4/30 172.17.0.4/30 B-P1
.1 .2 .1 .2 S0/0/0 S0/0/0
S0/0/0 S0/0/0 S1/0/0 S1/0/0 .2 .1
.2 S1/0/0 PE-agg1 PE-agg2
PE-agg2 S1/0/0 .2
172.16.0.0/30 192.168.0.0/30 172.17.0.0/30
172.16.255.1 172.17.255.1
.1 S1/0/0 S1/0/0 .1
PE1 PE2
Fe0/0/0 Fe0/0/0
Fe0/0/0 .1 .2 Fe0/0/0
274871
CE1 10.0.0.0/30 10.0.0.0/30 CE2
6
L2VPN Pseudowire Switching
Additional References
CE1 CE2
version 12.0 version 12.0
service timestamps debug uptime service timestamps debug uptime
service timestamps log uptime service timestamps log uptime
service password-encryption service password-encryption
! !
hostname [ce1] hostname [ce2]
! !
boot-start-marker boot-start-marker
boot-end-marker boot-end-marker
! !
enable secret 5 $1$o9N6$LSrxHufTn0vjCY0nW8hQX. enable secret 5 $1$YHo6$LQ4z5PdrF5B9dnL75Xvvm1
! !
ip subnet-zero ip subnet-zero
ip cef ip cef
no ip domain-lookup no ip domain-lookup
! !
interface FastEthernet0/0/0 interface FastEthernet0/0/0
ip address 10.0.0.1 255.255.255.252 ip address 10.0.0.2 255.255.255.252
no ip directed-broadcast no ip directed-broadcast
! !
ip classless ip classless
! !
control-plane control-plane
! !
line con 0 line con 0
exec-timeout 0 0 exec-timeout 0 0
line aux 0 line aux 0
line vty 0 4 line vty 0 4
login login
! !
no cns aaa enable no cns aaa enable
end end
Additional References
The following sections provide references related to L2VPN Pseudowire Switching.
Related Documents
Related Topic Document Title
Description of commands associated with MPLS and Cisco IOS Multiprotocol Label Switching Command Reference
MPLS applications
Any Transport over MPLS Any Transport over MPLS
Pseudowire redundancy L2VPN Pseudowire Redundancy
High availability for AToM AToM Graceful Restart
L2VPN interworking L2VPN Interworking
Layer 2 local switching Layer 2 Local Switching
7
L2VPN Pseudowire Switching
Additional References
Standards
Standard Title
draft-ietf-pwe3-control-protocol-14.txt Pseudowire Setup and Maintenance using LDP
draft-martini-pwe3-pw-switching-01.txt Pseudo Wire Switching
MIBs
MIB MIBs Link
• CISCO-IETF-PW-MIB To locate and download MIBs for selected platforms, Cisco IOS XE
software releases, and feature sets, use Cisco MIB Locator found at
• CISCO-IETF-PW-MPLS-MIB
the following URL:
• CISCO-IETF-PW-ENET-MIB
http://www.cisco.com/go/mibs
• CISCO-IETF-PW-FR-MIB
RFCs
RFCs Title
No new or modified RFCs are supported by this —
feature, and support for existing RFCs has not been
modified by this feature.
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
8
L2VPN Pseudowire Switching
Feature Information for L2VPN Pseudowire Switching
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect,
Cisco Pulse, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels,
Flip for Good, Flip Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network
are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Capital, Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store,
and Flip Gift Card are service marks; and Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP,
CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Continuum, EtherFast, EtherSwitch, Event Center,
Explorer, Fast Step, Follow Me Browsing, FormShare, GainMaker, GigaDrive, HomeLink, iLYNX, Internet Quotient, IOS, iPhone, iQuick Study,
IronPort, the IronPort logo, Laser Link, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers,
Networking Academy, Network Registrar, PCNow, PIX, PowerKEY, PowerPanels, PowerTV, PowerTV (Design), PowerVu, Prisma, ProConnect,
ROSA, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx,
and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0908R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
9
L2VPN Pseudowire Switching
Feature Information for L2VPN Pseudowire Switching
10
QoS Policy Support on L2VPN ATM PVPs
This feature enables you to configure Quality of Service (QoS) service policies in ATM permanent
virtual path (PVP) mode for Layer 2 Virtual Private Networks (L2VPNs).
Contents
• Prerequisites for QoS Policy Support on L2VPN ATM PVPs, page 2
• Restrictions for QoS Policy Support on L2VPN ATM PVPs, page 2
• Information About QoS Policy Support on L2VPN ATM PVPs, page 2
• How to Configure QoS Policy Support on L2VPN ATM PVPs, page 3
• Configuration Examples for QoS Policy Support on L2VPN ATM PVPs, page 7
• Additional References, page 8
• Feature Information for QoS Policy Support on L2VPN ATM PVPs, page 10
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
QoS Policy Support on L2VPN ATM PVPs
Prerequisites for QoS Policy Support on L2VPN ATM PVPs
Step 1 Define a traffic class by using the class-map command. A traffic class is used to classify traffic.
Step 2 Create a traffic policy by using the policy-map command. (The terms traffic policy and policy map are
often synonymous.) A traffic policy (policy map) contains a traffic class and one or more QoS features
that will be applied to the traffic class. The QoS features in the traffic policy determine how to treat the
classified traffic.
Step 3 Attach the traffic policy (policy map) to the interface by using the service-policy command.
2
QoS Policy Support on L2VPN ATM PVPs
How to Configure QoS Policy Support on L2VPN ATM PVPs
Note A packet can match only one traffic class within a traffic policy. If a packet matches more than one traffic
class in the traffic policy, the first traffic class defined in the policy will be used.
Restrictions
The show policy-map interface command does not display service policy information for ATM
interfaces.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface atm slot/subslot/port[.subinterface]
4. atm pvp vpi l2transport
3
QoS Policy Support on L2VPN ATM PVPs
How to Configure QoS Policy Support on L2VPN ATM PVPs
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface atm Defines the interface and enters interface configuration mode.
slot/subslot/port[.subinterface]
Example:
Router(config)# interface atm1/0/0
Step 4 atm pvp vpi l2transport Specifies that the PVP is dedicated to transporting ATM cells and
enters l2transport PVP configuration mode.
Example: • The l2transport keyword indicates that the PVP is for cell
Router(config-if)# atm pvp 1 l2transport relay. This mode is for Layer 2 transport only; it is not for
regular PVPs.
Step 5 service-policy [input | output] Enables a service policy on the specified PVP.
policy-map-name
Example:
Router(config-if-atm-l2trans-pvp)#
service policy input pol1
Step 6 xconnect peer-router-id vcid Binds the attachment circuit to a pseudowire VC.
encapsulation mpls
• The syntax for this command is the same as for all other Layer
2 transports.
Example:
Router(config-if-atm-l2trans-pvp)#
xconnect 10.0.0.1 123 encapsulation mpls
Step 7 end Exits l2transport PVP configuration mode and returns to
privileged EXEC mode.
Example:
Router(config-if-atm-l2trans-pvp)# end
4
QoS Policy Support on L2VPN ATM PVPs
How to Configure QoS Policy Support on L2VPN ATM PVPs
SUMMARY STEPS
1. enable
2. configure terminal
3. interface atm slot/subslot/port[.subinterface]
4. atm pvp vpi l2transport
5. ubr pcr
or
cbr pcr
or
vbr-nrt pcr scr mbs
or
vbr-rt pcr scr mbs
6. xconnect peer-router-id vcid encapsulation mpls
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface atm Defines the interface and enters interface configuration mode.
slot/subslot/port[.subinterface]
Example:
Router(config)# interface atm1/0/0
Step 4 atm pvp vpi l2transport Specifies that the PVP is dedicated to transporting ATM cells and
enters l2transport PVP configuration mode.
Example: • The l2transport keyword indicates that the PVP is for cell
Router(config-if)# atm pvp 1 l2transport relay. This mode is for Layer 2 transport only; it is not for
regular PVPs.
5
QoS Policy Support on L2VPN ATM PVPs
How to Configure QoS Policy Support on L2VPN ATM PVPs
Example:
Router(config-if-atm-l2trans-pvp)# cbr
1000
Step 6 xconnect peer-router-id vcid Binds the attachment circuit to a pseudowire VC.
encapsulation mpls
• The syntax for this command is the same as for all other Layer
2 transports.
Example:
Router(config-if-atm-l2trans-pvp)#
xconnect 10.0.0.1 123 encapsulation mpls
Restrictions
When you configure the match atm-vci command in class-map configuration mode, you can add this
class map to a policy map that can be attached only to an ATM VP.
SUMMARY STEPS
1. enable
2. configure terminal
3. class-map class-map-name [match-all | match-any]
4. match atm-vci vc-id [- vc-id]
5. end
DETAILED STEPS
Example:
Router# configure terminal
6
QoS Policy Support on L2VPN ATM PVPs
Configuration Examples for QoS Policy Support on L2VPN ATM PVPs
Example:
Router(config)# class-map class1
Step 4 match atm-vci vc-id [- vc-id] Enables packet matching on an ATM VCI or range of VCIs. The
range is 32 to 65535.
Example: Note You can use the match not command to remove the match
Router(config-cmap)# match atm-vci 50 criteria.
Step 5 end (Optional) Returns to privileged EXEC mode.
Example:
Router(config-cmap)# end
7
QoS Policy Support on L2VPN ATM PVPs
Additional References
Additional References
The following sections provide references related to the QoS Policy Support on L2VPN ATM PVPs
feature.
Related Documents
Related Topic Document Title
Description of commands associated with MPLS and Cisco IOS Multiprotocol Label Switching Command Reference
MPLS applications
Modular Quality of Service (QoS) Command-Line Applying QoS Features Using the MQC
Interface (CLI) (MQC)
Any Transport over MPLS Any Transport over MPLS
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
No new or modified RFCs are supported by this —
feature, and support for existing RFCs has not been
modified by this feature.
8
QoS Policy Support on L2VPN ATM PVPs
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
9
QoS Policy Support on L2VPN ATM PVPs
Feature Information for QoS Policy Support on L2VPN ATM PVPs
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a given
Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that Cisco IOS XE
software release train also support that feature.
Table 1 Feature Information for QoS Policy Support on L2VPN ATM PVPs
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco Ironport, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect,
Cisco Stackpower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good,
Flip Mino, Flip Video, Flip Video (Design), Flipshare (Design), Flip Ultra, and Welcome to the Human Network are trademarks; Changing the Way
We Work, Live, Play, and Learn, Cisco Store, and Flip Gift Card are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting
To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS,
Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch,
Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the
IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy,
Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to
Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the
United States and certain other countries.
10
QoS Policy Support on L2VPN ATM PVPs
Feature Information for QoS Policy Support on L2VPN ATM PVPs
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0907R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
11
QoS Policy Support on L2VPN ATM PVPs
Feature Information for QoS Policy Support on L2VPN ATM PVPs
12
MPLS Pseudowire Status Signaling
The MPLS Pseudowire Status Signaling feature enables you to configure the router so it can send
pseudowire status to a peer router, even when the attachment circuit is down.
Contents
• Prerequisites for MPLS Pseudowire Status Signaling, page 2
• Restrictions for MPLS Pseudowire Status Signaling, page 2
• Information About MPLS Pseudowire Status Signaling, page 2
• How to Configure MPLS Pseudowire Status Signaling, page 4
• Configuration Examples for MPLS Pseudowire Status Signaling, page 6
• Additional References, page 7
• Feature Information for MPLS Pseudowire Status Signaling, page 9
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Pseudowire Status Signaling
Prerequisites for MPLS Pseudowire Status Signaling
When One Router Does Not Support MPLS Pseudowire Status Signaling
The peer routers must support the ability to send and receive pseudowire status messages in label
advertisement and label notification messages. If one router does not support pseudowire status
messages, Cisco recommends that you disable the messages with the no status command. This returns
the router to label withdraw mode.
2
MPLS Pseudowire Status Signaling
Information About MPLS Pseudowire Status Signaling
If the peer does not support the MPLS Pseudowire Status Signaling feature, the local router changes its
mode of operation to label withdraw mode. You can issue the show mpls l2transport vc detail
command to show that the remote router does not support pseudowire status messages. The following
example shows the line of output to look for:
Router# show mpls l2transport vc detail
.
.
.
status TLV support (local/remote): enabled/not supported
When you issue the following debug mpls l2transport vc commands, the messages show that the peer
router does not supportthe MPLS Pseudowire Status Signaling feature and that the local router is
changing to withdraw mode, as shown in bold in the following example:
Router# debug mpls l2transport vc event
Router# debug mpls l2transport vc status event
Router# debug mpls l2transport vc status fsm
Router# debug mpls l2transport vc ldp
The debug messages also indicate that the attachment circuit is down, as shown in bold in the command
output:
Router# debug mpls l2transport vc event
Router# debug mpls l2transport vc status event
Router# debug mpls l2transport vc status fsm
Router# debug mpls l2transport vc ldp
*Feb 26 11:51:42.427: AToM LDP [10.1.1.1]: Received notif msg, id 88
*Feb 26 11:51:42.427: AToM LDP [10.1.1.1]: Status 0x00000007 [PW Status]
*Feb 26 11:51:42.427: AToM LDP [10.1.1.1]: PW Status 0x00000006 [AC DOWN(rx,tx faults)]
3
MPLS Pseudowire Status Signaling
How to Configure MPLS Pseudowire Status Signaling
The message codes (LruRru, LndRru, and LnuRru) indicate the status of the local and remote routers.
You can use the following key to interpret the message codes:
• L—local router
• R—remote router
• r or n—ready (r) or not ready (n)
• u or d—up (u) or down (d) status
The output also includes other values:
• D—Dataplane
• S—Local shutdown
SUMMARY STEPS
1. enable
2. configure terminal
3. pseudowire-class name
4. status
5. encapsulation mpls
6. exit
7. exit
8. show mpls l2transport vc detail
4
MPLS Pseudowire Status Signaling
How to Configure MPLS Pseudowire Status Signaling
DETAILED STEPS
Example:
Router# configure terminal
Step 3 pseudowire-class name Establishes a pseudowire class with a name that you specify
and enters pseudowire class configuration mode.
Example:
Router(config)# pseudowire-class atom
Step 4 status (Optional) Enables the router to send pseudowire status
messages to the peer router through label advertisement and
label notification messages.
Example:
Router(config-pw)# status Note By default, status messages are enabled. This step is
included only in case status messages have been
disabled.
Example:
Router(config-pw)# encapsulation mpls
Step 6 exit Exits pseudowire class configuration mode.
Example:
Router(config-pw)# exit
Step 7 exit Exits global configuration mode.
Example:
Router(config)# exit
Step 8 show mpls l2transport vc detail Validates that pseudowire messages can be sent and
received.
Example:
Router# show mpls l2transport vc detail
5
MPLS Pseudowire Status Signaling
Configuration Examples for MPLS Pseudowire Status Signaling
PE1
interface Loopback0
ip address 10.1.1.1 255.255.255.255
!
pseudowire-class atomstatus
encapsulation mpls
status
!
interface GigabitEthernet0/0/1
xconnect 10.1.1.2 123 pw-class atomstatus
PE2
interface Loopback0
ip address 10.1.1.2 255.255.255.255
!
pseudowire-class atomstatus
encapsulation mpls
status
!
interface GigabitEthernet3/3/0
xconnect 10.1.1.1 123 pw-class atomstatus
6
MPLS Pseudowire Status Signaling
Additional References
Additional References
The following sections provide references related to the MPLS Pseudowire Status Signaling feature.
Related Documents
Related Topic Document Title
Description of commands associated with MPLS and Cisco IOS Multiprotocol Label Switching Command Reference
MPLS applications
Any Transport over MPLS Any Transport over MPLS
Standards
Standard Title
draft-ietf-pwe3-control-protocol-15.txt Pseudowire Setup and Maintenance Using LDP
draft-ietf-pwe3-iana-allocation-08.txt IANA Allocations for Pseudo Wire Edge to Edge Emulation (PWE3)
draft-martini-pwe3-pw-switching-03.txt Pseudo Wire Switching
MIBs
MIB MIBs Link
Pseudowire Emulation Edge-to-Edge MIBs for To locate and download MIBs for selected platforms, Cisco IOS XE
Ethernet, Frame Relay, and ATM Services software releases, and feature sets, use Cisco MIB Locator found at
the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
No new or modified RFCs are supported by this —
feature, and support for existing RFCs has not been
modified by this feature.
7
MPLS Pseudowire Status Signaling
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
8
MPLS Pseudowire Status Signaling
Feature Information for MPLS Pseudowire Status Signaling
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
9
MPLS Pseudowire Status Signaling
Feature Information for MPLS Pseudowire Status Signaling
10
IEEE 802.1Q Tunneling (QinQ) for AToM
This feature allows you to configure IEEE 802.1Q Tunneling (QinQ) for AToM. It also permits the
rewriting of QinQ tags for Multiple Protocol Label Switching (MPLS) Layer 2 VPNs (L2VPNs).
Contents
• Prerequisites for IEEE 802.1Q Tunneling (QinQ) for AToM, page 2
• Restrictions for IEEE 802.1Q Tunneling (QinQ) for AToM, page 2
• Information About IEEE 802.1Q Tunneling (QinQ) for AToM, page 2
• How to Configure IEEE 802.1Q Tunneling (QinQ) for AToM, page 4
• Configuration Examples for IEEE 801.2 Tunneling (QinQ) for ATM, page 8
• Additional References, page 8
• Feature Information for IEEE 802.1Q Tunneling (QinQ) for AToM, page 11
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
IEEE 802.1Q Tunneling (QinQ) for AToM
Prerequisites for IEEE 802.1Q Tunneling (QinQ) for AToM
Note Ambiguous inner VLAN IDs are not supported in this release.
2
IEEE 802.1Q Tunneling (QinQ) for AToM
Information About IEEE 802.1Q Tunneling (QinQ) for AToM
Stacked ETH
VLAN VLA Port MPLS
PE1 PW PE
192860
Inner vlan Outer vlan or
or Customer- Service Provider-
vlan-id vlan-id
When the outer VLAN tag is the service-delimiting VLAN tag, QinQ packets are processed similar to
the ones with one VLAN tag (case previously named Ethernet VLAN Q-in-Q modified, which is already
supported in the 12.2(31) SB release). However, when a customer must use a combination of the outer
and inner VLAN tags to delimit service for customers, the edge device should be able to choose a unique
pseudowire based on a combination of the inner and outer VLAN IDs on the packet shown in Figure 2.
The customer may want to be able to rewrite both the inner and the outer VLAN IDs on the traffic egress
side.
802.1Q 802.1Q
Type/ Type/
Tag Tag
Length= Length= Type/
Dest MAC SRC MAC Control Control
802.1Q Tag 802.1Q Tag Length Data
(6 Bytes) (6 Bytes) Info Info
Type Type (2 Bytes)
192862
(2 Bytes) (2 Bytes)
(2 Bytes) (2 Bytes)
The IEEE 802.1Q Tunneling (QinQ) for AToM can be further explained as follows:
• QinQ Tunneling Based on Inner and Outer VLAN Tags, page 3
• Rewritten Inner and Outer VLAN Tags on QinQ Frames, page 4
3
IEEE 802.1Q Tunneling (QinQ) for AToM
How to Configure IEEE 802.1Q Tunneling (QinQ) for AToM
PE1 PE2
Outer
vlan id MPLS
PW
Pwire1
Pwire2 Pwire3
Pwire4
192861
Cust Service
Provider
4
IEEE 802.1Q Tunneling (QinQ) for AToM
How to Configure IEEE 802.1Q Tunneling (QinQ) for AToM
SUMMARY STEPS
1. enable
2. configure terminal
3. interface gigabitethernet slot/subslot/port.[subinterface]
4. encapsulation dot1q vlan-id second-dot1q {any | vlan-id[,vlan-id[-vlan-id]]}
5. xconnect peer-router-id vcid encapsulation mpls
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface gigabitethernet Specifies the Gigabit Ethernet interface and enters interface
slot/subslot/port.[subinterface] configuration mode.
Example:
Router(config)# interface
GigabitEthernet1/0/0.100
Step 4 encapsulation dot1q vlan-id Defines the matching criteria to map Q-in-Q ingress frames on an
second-dot1q {any | interface to the appropriate service instance.
vlan-id[,vlan-id[-vlan-id]]}
Example:
Router(config-if)# encapsulation
dot1q 100 second-dot1q 200
Step 5 xconnect peer-router-id vcid Creates the VC to transport the Layer 2 packets.
encapsulation mpls
Example:
Router(config-if)# xconnect 10.0.0.16
410 encapsulation mpls
5
IEEE 802.1Q Tunneling (QinQ) for AToM
How to Configure IEEE 802.1Q Tunneling (QinQ) for AToM
SUMMARY STEPS
1. enable
2. configure terminal
3. interface gigabitethernet slot/subslot/port.[subinterface]
4. encapsulation dot1q vlan-id second-dot1q {any | vlan-id[,vlan-id[-vlan-id]]}
5. xconnect peer-router-id vcid encapsulation mpls
6. exit
7. interface gigabitethernet slot/subslot/port.[subinterface]
8. encapsulation dot1q vlan-id second-dot1q {any | vlan-id[,vlan-id[-vlan-id]]}
9. xconnect peer-router-id vcid encapsulation mpls
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface gigabitethernet Specifies the Gigabit Ethernet subinterface and enters interface
slot/subslot/port.[subinterface] configuration mode.
Example:
Router(config)# interface
GigabitEthernet1/0/0.200
Step 4 encapsulation dot1q vlan-id Defines the matching criteria to map Q-in-Q ingress frames on an
second-dot1q {any | interface to the appropriate service instance.
vlan-id[,vlan-id[-vlan-id]]}
Example:
Router(config-if)# encapsulation
dot1q 200 second-dot1q
1000-2000,3000,3500-4000
Step 5 xconnect peer-router-id vcid Creates the VC to transport the Layer 2 packets.
encapsulation mpls
Example:
Router(config-if)# xconnect 10.0.0.16
420 encapsulation mpls
6
IEEE 802.1Q Tunneling (QinQ) for AToM
How to Configure IEEE 802.1Q Tunneling (QinQ) for AToM
Example:
Router(config-if)# exit
Step 7 interface gigabitethernet Specifies the next Gigabit Ethernet interface and enters interface
slot/subslot/port.[subinterface] configuration mode.
Example:
Router(config)# interface
GigabitEthernet1/0/0.201
Step 8 encapsulation dot1q vlan-id Defines the matching criteria to map Q-in-Q ingress frames on an
second-dot1q {any | interface to the appropriate service instance.
vlan-id[,vlan-id[-vlan-id]]}
Example:
Router(config-if)# encapsulation
dot1q 201 second-dot1q any
Step 9 xconnect peer-router-id vcid Creates the VC to transport the Layer 2 packets.
encapsulation mpls
Example:
Router(config-if)# xconnect 10.0.0.16
430 encapsulation mpls
SUMMARY STEPS
1. enable
2. show mpls l2transport vc
DETAILED STEPS
7
IEEE 802.1Q Tunneling (QinQ) for AToM
Configuration Examples for IEEE 801.2 Tunneling (QinQ) for ATM
Verifying the IEEE 802.1Q Tunneling (QinQ) for ATM: Configuration: Example
The following is sample output of the show mpls l2transport vc command, which is used to verify the
VC set up in EoMPLS QinQ mode.
router# show mpls l2transport vc
Additional References
The following sections provide references related to the IEEE 802.1Q Tunneling (QinQ) for ATM
feature.
8
IEEE 802.1Q Tunneling (QinQ) for AToM
Additional References
Related Documents
Related Topic Document Title
Description of commands associated with MPLS and Cisco IOS Multiprotocol Label Switching Command Reference
MPLS applications
AToM and MPLS Any Transport over MPLS
Standards
Standards Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIBs MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFCs Title
No new or modified RFCs are supported by this —
feature, and support for existing RFCs has not been
modified by this feature.
9
IEEE 802.1Q Tunneling (QinQ) for AToM
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
10
IEEE 802.1Q Tunneling (QinQ) for AToM
Feature Information for IEEE 802.1Q Tunneling (QinQ) for AToM
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
Table 1 Feature Information for IEEE 802.1Q Tunneling (QinQ) for AToM
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
11
IEEE 802.1Q Tunneling (QinQ) for AToM
Feature Information for IEEE 802.1Q Tunneling (QinQ) for AToM
12
NSF/SSO—Any Transport over MPLS and AToM
Graceful Restart
The NSF/SSO—Any Transport over MPLS and AToM Graceful Restart feature allows Any Transport
over MPLS (AToM) to use Cisco nonstop forwarding (NSF), stateful switchover (SSO), and Graceful
Restart (GR) to allow a Route Processor (RP) to recover from a disruption in control plane service
without losing its Multiprotocol Label Switching (MPLS) forwarding state.
NSF with SSO is effective at increasing availability of network services. Cisco NSF with SSO provides
continuous packet forwarding, even during a network processor hardware or software failure. In a
redundant system, the secondary processor recovers control plane service during a critical failure in the
primary processor. SSO synchronizes the network state information between the primary and the
secondary processor.
Note In this document, the NSF/SSO—Any Transport over MPLS and AToM Graceful Restart feature is
referred to as AToM NSF for brevity.
In Cisco IOS XE software, AToM NSF supports the following attachment circuits:
• ATM
• Ethernet to Ethernet VLAN interworking
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
NSF/SSO—Any Transport over MPLS and AToM Graceful Restart
Contents
Contents
• Prerequisites for AToM NSF, page 2
• Restrictions for AToM NSF, page 2
• Information About AToM NSF, page 3
• How to Configure AToM NSF, page 4
• Configuration Examples for AToM NSF, page 6
• Additional References, page 7
• Feature Information for AToM NSF
2
NSF/SSO—Any Transport over MPLS and AToM Graceful Restart
Information About AToM NSF
3
NSF/SSO—Any Transport over MPLS and AToM Graceful Restart
How to Configure AToM NSF
SUMMARY STEPS
1. enable
2. configure terminal
3. ip cef distributed
4. mpls ldp graceful-restart
5. interface type slot/subslot/port[.subinterface-number]
6. mpls ip
7. mpls label protocol ldp
8. exit
9. exit
4
NSF/SSO—Any Transport over MPLS and AToM Graceful Restart
How to Configure AToM NSF
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip cef distributed Enables distributed Cisco Express Forwarding.
Example:
Note In Cisco ASR 1000 Series Aggregation Services
Router(config)# ip cef distributed
Routers, the distributed keyword is mandatory.
Step 4 mpls ldp graceful-restart Enables the router to protect the LDP bindings and MPLS
forwarding state during a disruption in service.
Example:
Router (config)# mpls ldp graceful-restart
Step 5 interface type Specifies an interface and enters interface configuration
slot/subslot/port[.subinterface-number] mode.
Example:
Router(config)# interface pos 0/3/0
Step 6 mpls ip Configures MPLS hop-by-hop forwarding for an interface.
Example:
Router(config-if)# mpls ip
Step 7 mpls label protocol ldp Configures the use of LDP for an interface.
• You can also issue the mpls label protocol ldp
Example: command in global configuration mode, which enables
Router(config-if)# mpls label protocol ldp LDP on all interfaces configured for MPLS.
Step 8 exit Exits interface configuration mode and returns to global
configuration mode.
Example:
Router(config-if)# exit
Step 9 exit Exits global configuration mode and returns to privileged
EXEC mode.
Example:
Router(config)# exit
5
NSF/SSO—Any Transport over MPLS and AToM Graceful Restart
Configuration Examples for AToM NSF
PE1 PE2
ip cef distributed ip cef distributed
! !
redundancy redundancy
mode sso mode sso
! !
boot system flash disk2:rsp-pv-mz boot system flash disk2:rsp-pv-mz
!
mpls ldp graceful-restart mpls ldp graceful-restart
mpls ip mpls ip
mpls label protocol ldp mpls label protocol ldp
mpls ldp router-id Loopback0 force mpls ldp router-id Loopback0 force
mpls ldp advertise-labels mpls ldp advertise-labels
! !
pseudowire-class atom-eth pseudowire-class atom-eth
encapsulation mpls encapsulation mpls
interworking ethernet interworking eth
! !
interface Loopback0 interface Loopback0
ip address 10.8.8.8 255.255.255.255 ip address 10.9.9.9 255.255.255.255
! !
interface FastEthernet1/1/0 interface FastEthernet0/3/0
xconnect 10.9.9.9 123 encap mpls pw-class atom-eth ip route-cache cef
!
interface POS0/1/0 interface FastEthernet0/3/0.3
ip address 10.1.1.1 255.255.255.0 encapsulation dot1Q 10
mpls ip xconnect 10.8.8.8 123 encap mpls pw-class atom-eth
mpls label protocol ldp
clock source internal interface POS1/0/0
crc 32 ip address 10.1.1.2 255.255.255.0
! mpls ip
interface Loopback0 mpls label protocol ldp
ip address 10.8.8.8 255.255.255.255 clock source internal
no shutdown crc 32
! !
router ospf 10 interface Loopback0
nsf ip address 10.9.9.9 255.255.255.255
network 10.8.8.8 0.0.0.0 area 0 !
network 10.19.1.1 0.0.0.0 area 0 router ospf 10
nsf
network 10.9.9.9 0.0.0.0 area 0
network 10.1.1.2 0.0.0.0 area 0
6
NSF/SSO—Any Transport over MPLS and AToM Graceful Restart
Additional References
Additional References
The following sections provide references related to AToM NSF.
Related Documents
Related Topic Document Title
Stateful switchover Stateful Switchover
MPLS Label Distribution Protocol MPLS Label Distribution Protocol (LDP)
Cisco nonstop forwarding Cisco Nonstop Forwarding
Any Transport over MPLS Any Transport over MPLS
L2VPN Interworking configuration L2VPN Interworking
MPLS AToM and LDP commands Cisco IOS Multiprotocol Label Switching Command Reference
High availability commands Cisco IOS High Availability Command Reference
Standards
Standards Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIBs MIBs Link
MPLS Label Distribution Protocol MIB Version 8 To locate and download MIBs for selected platforms, Cisco IOS XE
Upgrade software releases, and feature sets, use Cisco MIB Locator found at
the following URL:
http://www.cisco.com/go/mibs
RFCs
RFCs Title
RFC 3036 LDP Specification
RFC 3478 Graceful Restart Mechanism for Label Distribution
7
NSF/SSO—Any Transport over MPLS and AToM Graceful Restart
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
8
NSF/SSO—Any Transport over MPLS and AToM Graceful Restart
Feature Information for AToM NSF
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
Table 1 Feature Information for AToM NSF Any Transport over MPLS and AToM Graceful Restart
9
NSF/SSO—Any Transport over MPLS and AToM Graceful Restart
Feature Information for AToM NSF
Table 1 Feature Information for AToM NSF Any Transport over MPLS and AToM Graceful Restart
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
10
NSF/SSO—Any Transport over MPLS and AToM Graceful Restart
Feature Information for AToM NSF
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
11
NSF/SSO—Any Transport over MPLS and AToM Graceful Restart
Feature Information for AToM NSF
12
MPLS Layer 3 VPNs
Configuring MPLS Layer 3 VPNs
A Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) consists of a set of sites that
are interconnected by means of an MPLS provider core network. At each customer site, one or more
customer edge (CE) routers attach to one or more provider edge (PE) routers. This module explains how
to create an MPLS VPN.
Contents
• Prerequisites for MPLS Layer 3 VPNs, page 2
• Restrictions for MPLS Layer 3 VPNs, page 2
• Information About MPLS Layer 3 VPNs
• How to Configure MPLS Layer 3 VPNs
• Configuration Examples for MPLS VPNs, page 28
• Additional References, page 34
• Feature Information for MPLS Layer 3 VPNs, page 36
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
Configuring MPLS Layer 3 VPNs
Prerequisites for MPLS Layer 3 VPNs
2
Configuring MPLS Layer 3 VPNs
Restrictions for MPLS Layer 3 VPNs
Unsupported Static Routes in an MPLS VPN Environment that Uses the TFIB
The following ip route command is not supported when you configure static routes in a MPLS VPN
environment, the next hop is in the global table in the MPLS cloud within the core, and you enable load
sharing where the next hop can be reached through two paths:
ip route vrf destination-prefix mask next-hop-address global
The following ip route commands are not supported when you configure static routes in a MPLS VPN
environment, the next hop is in the global table in the MPLS cloud within the core, and you enable load
sharing where the destination can be reached through two next hops:
ip route vrf destination-prefix mask next-hop1 global
ip route vrf destination-prefix mask next-hop2 global
The following ip route vrf commands are not supported when you configure static routes in an MPLS
VPN environment, and the next hop and interface are in the same VRF:
ip route vrf vrf-name destination-prefix mask next-hop1
ip route vrf vrf-name destination-prefix mask next-hop2
Supported Static Routes in an MPLS VPN Environment Where the Next Hop Resides in the Global Table on the CE
Router
The following ip route vrf command is supported when you configure static routes in a MPLS VPN
environment, and the next hop is in the global table on the CE side. For example, the following command
is supported when the destination-prefix is the CE router’s loopback address, as in EBGP multihop cases.
ip route vrf vrf-name destination-prefix mask interface next-hop-address
The following ip route commands are supported when you configure static routes in a MPLS VPN
environment, the next hop is in the global table on the CE side, and you enable load sharing with static
non-recursive routes and a specific outbound interfaces:
ip route destination-prefix mask interface1 nexthop1
ip route destination-prefix mask interface2 nexthop2
3
Configuring MPLS Layer 3 VPNs
Information About MPLS Layer 3 VPNs
4
Configuring MPLS Layer 3 VPNs
Information About MPLS Layer 3 VPNs
MPLS Backbone
103875
How an MPLS VPN Works
MPLS VPN functionality is enabled at the edge of an MPLS network. The PE router performs the
following:
• Exchanges routing updates with the CE router
• Translates the CE routing information into VPNv4 routes
• Exchanges VPNv4 routes with other PE routers through the Multiprotocol Border Gateway Protocol
(MP-BGP)
5
Configuring MPLS Layer 3 VPNs
Information About MPLS Layer 3 VPNs
MPLS Forwarding
Based on routing information stored in the VRF IP routing table and VRF Cisco Express Forwarding
table, packets are forwarded to their destination using MPLS.
A PE router binds a label to each customer prefix learned from a CE router and includes the label in the
network reachability information for the prefix that it advertises to other PE routers. When a PE router
forwards a packet received from a CE router across the provider network, it labels the packet with the
label learned from the destination PE router. When the destination PE router receives the labeled packet,
6
Configuring MPLS Layer 3 VPNs
Information About MPLS Layer 3 VPNs
it pops the label and uses it to direct the packet to the correct CE router. Label forwarding across the
provider backbone is based on either dynamic label switching or traffic engineered paths. A customer
data packet carries two levels of labels when traversing the backbone:
• The top label directs the packet to the correct PE router.
• The second label indicates how that PE router should forward the packet to the CE router.
Connectionless Service
A significant technical advantage of MPLS VPNs is that they are connectionless. The Internet owes its
success to its basic technology, TCP/IP. TCP/IP is built on packet-based, connectionless network
paradigm. This means that no prior action is necessary to establish communication between
hosts, making it easy for two parties to communicate. To establish privacy in a connectionless IP
environment, current VPN solutions impose a connection-oriented, point-to-point overlay on the
network. Even if it runs over a connectionless network, a VPN cannot take advantage of the ease of
connectivity and multiple services available in connectionless networks. When you create a
connectionless VPN, you do not need tunnels and encryption for network privacy, thus eliminating
significant complexity.
Centralized Service
Building VPNs in Layer 3 allows delivery of targeted services to a group of users represented by a VPN.
A VPN must give service providers more than a mechanism for privately connecting users to intranet
services. It must also provide a way to flexibly deliver value-added services to targeted customers.
Scalability is critical, because customers want to use services privately in their intranets and extranets.
Because MPLS VPNs are seen as private intranets, you may use new IP services such as:
• Multicast
• Quality of service (QoS)
• Telephony support within a VPN
• Centralized services including content and web hosting to a VPN
7
Configuring MPLS Layer 3 VPNs
Information About MPLS Layer 3 VPNs
You can customize several combinations of specialized services for individual customers. For example,
a service that combines IP multicast with a low-latency service class enables video conferencing within
an intranet.
Scalability
If you create a VPN using connection-oriented, point-to-point overlays, Frame Relay, or ATM virtual
connections (VCs), the VPN's key deficiency is scalability. Specifically, connection-oriented VPNs
without fully meshed connections between customer sites are not optimal. MPLS-based VPNs instead
use the peer model and Layer 3 connectionless architecture to leverage a highly scalable VPN solution.
The peer model requires a customer site to peer with only one PE router as opposed to all other customer
edge (CE) routers that are members of the VPN. The connectionless architecture allows the creation of
VPNs in Layer 3, eliminating the need for tunnels or VCs.
Other scalability issues of MPLS VPNs are due to the partitioning of VPN routes between PE routers
and the further partitioning of VPN and IGP routes between PE routers and provider (P) routers in a core
network.
• PE routers must maintain VPN routes for those VPNs who are members.
• P routers do not maintain any VPN routes.
This increases the scalability of the provider's core and ensures that no one device is a scalability
bottleneck.
Security
MPLS VPNs offer the same level of security as connection-oriented VPNs. Packets from one VPN do
not inadvertently go to another VPN.
Security is provided in the following areas:
• At the edge of a provider network, ensuring packets received from a customer are placed on the
correct VPN.
• At the backbone, VPN traffic is kept separate. Malicious spoofing (an attempt to gain access to a PE
router) is nearly impossible because the packets received from customers are IP packets. These IP
packets must be received on a particular interface or subinterface to be uniquely identified with a
VPN label.
Easy to Create
To take full advantage of VPNs, customers must be able to easily create new VPNs and user
communities. Because MPLS VPNs are connectionless, no specific point-to-point connection maps or
topologies are required. You can add sites to intranets and extranets and form closed user groups.
Managing VPNs in this manner enables membership of any given site in multiple VPNs, maximizing
flexibility in building intranets and extranets.
Flexible Addressing
To make a VPN service more accessible, customers of a service provider can design their own addressing
plan, independent of addressing plans for other service provider customers. Many customers use private
address spaces, as defined in RFC 1918, and do not want to invest the time and expense of converting to
public IP addresses to enable intranet connectivity. MPLS VPNs allow customers to continue to use their
present address spaces without network address translation (NAT) by providing a public and private view
of the address. A NAT is required only if two VPNs with overlapping address spaces want to
communicate. This enables customers to use their own unregistered private addresses, and communicate
freely across a public IP network.
8
Configuring MPLS Layer 3 VPNs
How to Configure MPLS Layer 3 VPNs
Straightforward Migration
For service providers to quickly deploy VPN services, use a straightforward migration path. MPLS
VPNs are unique because you can build them over multiple network architectures, including IP, ATM,
Frame Relay, and hybrid networks.
Migration for the end customer is simplified because there is no requirement to support MPLS on the
CE router and no modifications are required to a customer's intranet.
SUMMARY STEPS
9
Configuring MPLS Layer 3 VPNs
How to Configure MPLS Layer 3 VPNs
DETAILED STEPS
10
Configuring MPLS Layer 3 VPNs
How to Configure MPLS Layer 3 VPNs
SUMMARY STEPS
1. enable
2. configure terminal
3. router bgp as-number
4. no bgp default ipv4-unicast
5. neighbor {ip-address | peer-group-name} remote-as as-number
6. neighbor {ip-address | peer-group-name} activate
7. address-family vpnv4 [unicast]
8. neighbor {ip-address | peer-group-name} send-community extended
9. neighbor {ip-address | peer-group-name} activate
10. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 router bgp as-number Configures a BGP routing process and enters router
configuration mode.
Example: • The as-number argument indicates the number of an
Router(config)# router bgp 100 autonomous system that identifies the router to other
BGP routers and tags the routing information passed
along. Valid numbers are from 0 to 65535. Private
autonomous system numbers that can be used in
internal networks range from 64512 to 65535.
Step 4 no bgp default ipv4-unicast (Optional) Disables the IPv4 unicast address family on all
neighbors.
Example: • Use the no form of the bgp default ipv4-unicast
Router(config-router)# no bgp default command if you are using this neighbor for MPLS
ipv4-unicast routes only.
Step 5 neighbor {ip-address | peer-group-name} Adds an entry to the BGP or multiprotocol BGP neighbor
remote-as as-number table.
• The ip-address argument specifies the IP address of the
Example: neighbor.
Router(config-router)# neighbor 10.0.0.1
remote-as 100 • The peer-group-name argument specifies the name of a
BGP peer group.
• The as-number argument specifies the autonomous
system to which the neighbor belongs.
11
Configuring MPLS Layer 3 VPNs
How to Configure MPLS Layer 3 VPNs
Example:
Router(config-router-af)# end
Troubleshooting Tips
You can enter a show ip bgp neighbor command to verify that the neighbors are up and running. If this
command is not successful, enter a debug ip bgp x.x.x.x events command, where x.x.x.x is the
IP address of the neighbor.
12
Configuring MPLS Layer 3 VPNs
How to Configure MPLS Layer 3 VPNs
SUMMARY STEPS
1. enable
2. configure terminal
3. ip vrf vrf-name
4. rd route-distinguisher
5. route-target {import | export | both} route-target-ext-community
6. import map route-map
7. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip vrf vrf-name Defines the VPN routing instance by assigning a VRF name
and enters VRF configuration mode.
Example: • The vrf-name argument is the name assigned to a VRF.
Router(config)# ip vrf vpn1
Step 4 rd route-distinguisher Creates routing and forwarding tables.
• The route-distinguisher argument adds an 8-byte value
Example: to an IPv4 prefix to create a VPN IPv4 prefix. You can
Router(config-vrf)# rd 100:1 enter an RD in either of these formats:
– 16-bit AS number: your 32-bit number, for
example, 101:3
– 32-bit IP address: your 16-bit number, for example,
10.0.0.1:1
13
Configuring MPLS Layer 3 VPNs
How to Configure MPLS Layer 3 VPNs
Example:
Router(config-vrf)# exit
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type number
4. ip vrf forwarding vrf-name
5. end
14
Configuring MPLS Layer 3 VPNs
How to Configure MPLS Layer 3 VPNs
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type number Specifies the interface to configure and enters interface
configuration mode.
Example: • The type argument specifies the type of interface to be
Router(config)# interface FastEthernet 1/0/0 configured.
• The number argument specifies the port, connector, or
interface card number.
Step 4 ip vrf forwarding vrf-name Associates a VRF with the specified interface or
subinterface.
Example: • The vrf-name argument is the name assigned to a VRF.
Router(config-if)# ip vrf forwarding vpn1
Step 5 end (Optional) Exits to privileged EXEC mode.
Router(config-if)# end
SUMMARY STEPS
1. enable
2. configure terminal
3. router bgp as-number
15
Configuring MPLS Layer 3 VPNs
How to Configure MPLS Layer 3 VPNs
DETAILED STEPS
Example:
Router# configure terminal
Step 3 router bgp as-number Configures a BGP routing process and enters
router configuration mode.
Example: • The as-number argument indicates the
Router(config)# router bgp 100 number of an autonomous system that
identifies the router to other BGP routers and
tags the routing information passed along.
Valid numbers are from 0 to 65535. Private
autonomous system numbers that can be used
in internal networks range from 64512 to
65535.
Step 4 address-family ipv4 [multicast | unicast | vrf Specifies the IPv4 address family type and enters
vrf-name] address family configuration mode.
• The multicast keyword specifies IPv4
Example: multicast address prefixes.
Router(config-router)# address-family ipv4 vrf vpn1
• The unicast keyword specifies IPv4 unicast
address prefixes.
• The vrf vrf-name keyword and argument
specify the name of the VRF to associate with
subsequent IPv4 address family configuration
mode commands.
Step 5 neighbor {ip-address | peer-group-name} remote-as Adds an entry to the BGP or multiprotocol BGP
as-number neighbor table.
• The ip-address argument specifies the IP
Example: address of the neighbor.
Router(config-router-af)# neighbor 10.0.0.1 remote-as
200 • The peer-group-name argument specifies the
name of a BGP peer group.
• The as-number argument specifies the
autonomous system to which the neighbor
belongs.
16
Configuring MPLS Layer 3 VPNs
How to Configure MPLS Layer 3 VPNs
Example:
Router(config-router-af)# exit-address-family
Step 8 end (Optional) Exits to privileged EXEC mode.
Example:
Router(config-router)# end
SUMMARY STEPS
1. enable
2. configure terminal
3. router rip
4. version {1 | 2}
5. address-family ipv4 [multicast | unicast | vrf vrf-name]
6. network ip-address
7. redistribute protocol [process-id] {level-1 | level-1-2 | level-2} [as-number] [metric metric-value]
[metric-type type-value] [match {internal | external 1 | external 2}] [tag tag-value] [route-map
map-tag] [subnets]
8. exit-address-family
9. end
DETAILED STEPS
Example:
Router# configure terminal
17
Configuring MPLS Layer 3 VPNs
How to Configure MPLS Layer 3 VPNs
Example:
Router(config)# router rip
Step 4 version {1 | 2} Specifies a Routing Information Protocol (RIP)
version used globally by the router.
Example:
Router(config-router)# version 2
Step 5 address-family ipv4 [multicast | unicast | vrf Specifies the IPv4 address family type and enters
vrf-name] address family configuration mode.
• The multicast keyword specifies IPv4
Example: multicast address prefixes.
Router(config-router)# address-family ipv4 vrf vpn1
• The unicast keyword specifies IPv4 unicast
address prefixes.
• The vrf vrf-name keyword and argument
specifies the name of the VRF to associate
with subsequent IPv4 address family
configuration mode commands.
Step 6 network ip-address Enables RIP on the PE-to-CE link.
Example:
Router(config-router-af)# network 192.168.7.0
Step 7 redistribute protocol [process-id] {level-1 | Redistributes routes from one routing domain into
level-1-2 | level-2} [as-number] [metric metric-value] another routing domain.
[metric-type type-value] [match {internal | external 1
| external 2}] [tag tag-value] [route-map map-tag] • For the RIPv2 routing protocol, use the
[subnets] redistribute bgp as-number command.
Example:
Router(config-router-af)# redistribute bgp 200
Step 8 exit-address-family Exits address family configuration mode.
Example:
Router(config-router-af)# exit-address-family
Step 9 end (Optional) Exits to privileged EXEC mode.
Example:
Router(config-router)# end
18
Configuring MPLS Layer 3 VPNs
How to Configure MPLS Layer 3 VPNs
To configure PE-to-CE routing sessions that use static routes, perform this task.
SUMMARY STEPS
1. enable
2. configure terminal
3. ip route vrf vrf-name
4. address-family ipv4 [multicast | unicast | vrf vrf-name]
5. redistribute protocol [process-id] {level-1 | level-1-2 | level-2} [as-number] [metric metric-value]
[metric-type type-value] [match {internal | external 1 | external 2}] [tag tag-value] [route-map
map-tag] [subnets]
6. redistribute protocol [process-id] {level-1 | level-1-2 | level-2} [as-number] [metric metric-value]
[metric-type type-value] [match {internal | external 1 | external 2}] [tag tag-value] [route-map
map-tag] [subnets]
7. exit-address-family
8. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip route vrf vrf-name Defines static route parameters for every
PE-to-CE session.
Example:
Router(config)# ip route vrf 200
Step 4 address-family ipv4 [multicast | unicast | vrf Specifies the IPv4 address family type and enters
vrf-name] address family configuration mode.
• The multicast keyword specifies IPv4
Example: multicast address prefixes.
Router(config-router)# address-family ipv4 vrf vpn1
• The unicast keyword specifies IPv4 unicast
address prefixes.
• The vrf vrf-name keyword and argument
specifies the name of the VRF to associate
with subsequent IPv4 address family
configuration mode commands.
19
Configuring MPLS Layer 3 VPNs
How to Configure MPLS Layer 3 VPNs
Example:
Router(config-router-af)# exit-address-family
Step 8 end (Optional) Exits to privileged EXEC mode.
Example:
Router(config-router)# end
To configure PE-to-CE routing sessions that use OSPF, perform this task.
SUMMARY STEPS
1. enable
2. configure terminal
3. router ospf process-id [vrf vpn-name]
4. network ip-address wildcard-mask area area-id
5. address-family ipv4 [multicast | unicast | vrf vrf-name]
6. redistribute protocol [process-id] {level-1 | level-1-2 | level-2} [as-number] [metric metric-value]
[metric-type type-value] [match {internal | external 1 | external 2}] [tag tag-value] [route-map
map-tag] [subnets]
7. exit-address-family
8. end
20
Configuring MPLS Layer 3 VPNs
How to Configure MPLS Layer 3 VPNs
DETAILED STEPS
Example:
Router# configure terminal
Step 3 router ospf process-id [vrf vpn-name] Enables OSPF routing and enters router
configuration mode.
Example: • The process-id argument identifies the OSPF
Router(config)# router ospf 1 vrf grc process.
• The vrf keyword and vpn-name argument
identify a VPN. Create a separate OSPF
process for each VRF that will receive VPN
routes.
Step 4 network ip-address wildcard-mask area area-id Defines the interfaces on which OSPF runs and to
defines the area ID for those interfaces.
Example: • The ip-address argument identifies the IP
Router(config-router)# network 10.0.0.1 0.0.0.3 area address.
20
• The wildcard-mask argument identifies the
IP-address-type mask that includes “don't
care” bits.
• The area-id argument identifies the area that
is to be associated with the OSPF address
range. It can be specified as either a decimal
value or as an IP address. To associate areas
with IP subnets, specify a subnet address as
the value of the area-id argument.
Step 5 address-family ipv4 [multicast | unicast | vrf Specifies the IPv4 address family type and enters
vrf-name] address family configuration mode.
• The multicast keyword specifies IPv4
Example: multicast address prefixes.
Router(config-router)# address-family ipv4 vrf vpn1
• The unicast keyword specifies IPv4 unicast
address prefixes.
• The vrf vrf-name keyword and argument
specify the name of the VRF to associate with
subsequent IPv4 address family configuration
mode commands.
21
Configuring MPLS Layer 3 VPNs
How to Configure MPLS Layer 3 VPNs
Example:
Router(config-router-af)# exit-address-family
Step 8 end (Optional) Exits to privileged EXEC mode.
Example:
Router(config-router)# end
Using Enhanced Interior Gateway Routing Protocol (EIGRP) between the PE and CE routers allows you
to transparently connect EIGRP customer networks through an MPLS-enabled BGP core network so that
EIGRP routes are redistributed through the VPN across the BGP network as internal BGP (iBGP) routes.
To configure PE-to-CE routing sessions that use EIGRP, perform this task.
Prerequisites
SUMMARY STEPS
1. enable
2. configure terminal
3. router bgp as-number
4. no synchronization
5. neighbor ip-address remote-as as-number
6. neighbor ip-address update-source loopback interface-number
7. address-family vpnv4
8. neighbor ip-address activate
9. neighbor ip-address send-community extended
10. exit-address-family
11. address-family ipv4 vrf vrf-name
12. redistribute eigrp as-number [metric metric-value] [route-map map-name]
13. no synchronization
22
Configuring MPLS Layer 3 VPNs
How to Configure MPLS Layer 3 VPNs
14. exit-address-family
15. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 router bgp as-number Enters router configuration mode, and creates a BGP
routing process.
Example:
Router(config)# router bgp 10
Step 4 no synchronization Configures BGP to send advertisements without waiting to
synchronize with the IGP.
Example:
Router(config-router)# no synchronization
Step 5 neighbor ip-address remote-as as-number Establishes peering with the specified neighbor or
peer-group.
Example: • In this step, you are establishing an iBGP session with
Router(config-router)# neighbor 10.0.0.1 the PE router that is connected to the CE router at the
remote-as 10 other CE site.
Step 6 neighbor ip-address update-source loopback Configures BGP to use any operational interface for TCP
interface-number connections.
• This configuration step is not required. However, the
Example: BGP routing process will be less susceptible to the
Router(config-router)# neighbor 10.0.0.1 affects of interface or link flapping.
update-source loopback 0
Step 7 address-family vpnv4 Enters address family configuration mode for configuring
routing sessions that use standard IPv4 address prefixes,
such as BGP, RIP, and static routing sessions.
Example:
Router(config-router)# address-family vpnv4
Step 8 neighbor ip-address activate Establishes peering with the specified neighbor or
peer-group.
Example: • In this step, you are activating the exchange of VPNv4
Router(config-router-af)# neighbor 10.0.0.1 routing information between the PE routers.
activate
Step 9 neighbor ip-address send-community extended Configures the local router to send extended community
attribute information to the specified neighbor.
Example: • This step is required for the exchange of EIGRP
Router(config-router-af)# neighbor 10.0.0.1 extended community attributes.
send-community extended
23
Configuring MPLS Layer 3 VPNs
How to Configure MPLS Layer 3 VPNs
Perform this task to every PE router that provides VPN services to enable EIGRP redistribution in the
MPLS VPN.
Prerequisites
The metric must be configured for routes from external EIGRP autonomous systems and non-EIGRP
networks before these routes can be redistributed into an EIGRP CE router. The metric can be configured
in the redistribute statement using the redistribute (IP) command or configured with the default-metric
(EIGRP) command. If an external route is received from another EIGRP autonomous system or a
non-EIGRP network without a configured metric, the route will not be advertised to the CE router.
Restrictions
Redistribution between native EIGRP VRFs is not supported. This is designed behavior.
24
Configuring MPLS Layer 3 VPNs
How to Configure MPLS Layer 3 VPNs
SUMMARY STEPS
1. enable
2. configure terminal
3. router eigrp as-number
4. address-family ipv4 [multicast | unicast | vrf vrf-name]
5. network ip-address wildcard-mask
6. redistribute bgp {as-number} [metric bandwidth delay reliability load mtu] [route-map
map-name]
7. autonomous-system as-number
8. exit-address-family
9. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 router eigrp as-number Enters router configuration mode and creates an EIGRP
routing process.
Example: • The EIGRP routing process for the PE router is created
Router(config)# router eigrp 1 in this step.
Step 4 address-family ipv4 [multicast | unicast | vrf Enters address-family configuration mode and creates a
vrf-name] VRF.
• The VRF name must match the VRF name that was
Example: created in the previous section.
Router(config-router)# address-family ipv4 vrf
RED
Step 5 network ip-address wildcard-mask Specifies the network for the VRF.
• The network statement is used to identify which
Example: interfaces to include in EIGRP. The VRF must be
Router(config-router-af)# network 172.16.0.0 configured with addresses that fall within the
0.0.255.255 wildcard-mask range of the network statement.
25
Configuring MPLS Layer 3 VPNs
How to Configure MPLS Layer 3 VPNs
SUMMARY STEPS
1. show ip vrf
DETAILED STEPS
26
Configuring MPLS Layer 3 VPNs
How to Configure MPLS Layer 3 VPNs
SUMMARY STEPS
1. enable
2. ping [protocol] {host-name | system-address}
3. trace [protocol] [destination]
4. show ip route [ip-address [mask] [longer-prefixes] | protocol [process-id] | [list access-list-number
| access-list-name]
5. disable
DETAILED STEPS
Step 1 enable
Use this command to enable privileged EXEC mode.
Step 2 ping [protocol] {host-name | system-address}
Use this command to diagnoses basic network connectivity on AppleTalk, CLNS, IP, Novell, Apollo,
VINES, DECnet, or XNS networks. Use the ping command to verify the connectivity from one CE
router to another.
Step 3 trace [protocol] [destination]
Use this command to discover the routes that packets take when traveling to their destination. Use the
trace command to verify the path that a packet goes through before reaching the final destination. The
trace command can help isolate a trouble spot if two routers cannot communicate.
Step 4 show ip route [ip-address [mask] [longer-prefixes] | protocol [process-id] | [list access-list-number |
access-list-name]
Use this command to display the current state of the routing table. Use the ip-address argument to verify
that CE1 has a route to CE2. Verify the routes learned by CE1. Make sure that the route for CE2 is listed.
Verifying that the Local and Remote CE Routers Are in the Routing Table
Perform this task to check that the local and remote CE routers are in the routing table of the PE routers.
SUMMARY STEPS
1. enable
2. show ip route vrf vrf-name [prefix]
3. show ip cef vrf vrf-name [ip-prefix]
4. exit
Step 1 enable
27
Configuring MPLS Layer 3 VPNs
Configuration Examples for MPLS VPNs
28
Configuring MPLS Layer 3 VPNs
Configuration Examples for MPLS VPNs
PE Configuration CE Configuration
ip vrf vpn1 ip cef
rd 100:1 mpls ldp router-id Loopback0 force
route-target export 100:1 mpls label protocol ldp
route-target import 100:1 !
! interface Loopback0
ip cef ip address 10.0.0.9 255.255.255.255
mpls ldp router-id Loopback0 force !
mpls label protocol ldp interface FastEthernet0/0
! ip address 10.0.0.1 255.0.0.0
interface Loopback0 no cdp enable
ip address 10.0.0.1 255.255.255.255 !
! router bgp 200
interface FastEthernet0/0/0 bgp log-neighbor-changes
ip vrf forwarding vpn1 neighbor 10.0.0.2 remote-as 100
ip address 10.0.0.2 255.0.0.0 !
no cdp enable address-family ipv4
! redistribute connected
interface FastEthernet 1/1/0 neighbor 10.0.0.2 activate
ip address 10.0.0.1 255.0.0.0 neighbor 10.0.0.2 advertisement-interval 5
mpls label protocol ldp no auto-summary
mpls ip no synchronization
! exit-address-family
router ospf 100
network 10.0.0. 0.0.0.0 area 100
network 10.0.0.0 0.255.255.255 area 100
!
router bgp 100
no synchronization
bgp log-neighbor changes
neighbor 10.0.0.3 remote-as 100
neighbor 10.0.0.3 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 send-community extended
bgp scan-time import 5
exit-address-family
!
address-family ipv4 vrf vpn1
redistribute connected
neighbor 10.0.0.1 remote-as 200
neighbor 10.0.0.1 activate
neighbor 10.0.0.1 as-override
neighbor 10.0.0.1 advertisement-interval 5
no auto-summary
no synchronization
exit-address-family
29
Configuring MPLS Layer 3 VPNs
Configuration Examples for MPLS VPNs
PE Configuration CE Configuration
ip vrf vpn1 ip cef
rd 100:1 mpls ldp router-id Loopback0 force
route-target export 100:1 mpls label protocol ldp
route-target import 100:1 !
! interface Loopback0
ip cef ip address 10.0.0.9 255.255.255.255
mpls ldp router-id Loopback0 force !
mpls label protocol ldp interface FastEthernet0/0/0
! ip address 10.0.0.1 255.0.0.0
interface Loopback0 no cdp enable
ip address 10.0.0.1 255.255.255.255
! router rip
interface FastEthernet0/0/0 version 2
ip vrf forwarding vpn1 timers basic 30 60 60 120
ip address 10.0.0.2 255.0.0.0 redistribute connected
no cdp enable network 10.0.0.0
interface FastEthernet 1/1/0 network 10.0.0.1
ip address 10.0.0.1 255.0.0.0 no auto-summary
mpls label protocol ldp
mpls ip
!
router rip
version 2
timers basic 30 60 60 120
!
address-family ipv4 vrf vpn1
version 2
redistribute bgp 100 metric transparent
network 10.0.0.0
distribute-list 20 in
no auto-summary
exit-address-family
!
router bgp 100
no synchronization
bgp log-neighbor changes
neighbor 10.0.0.3 remote-as 100
neighbor 10.0.0.3 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 send-community extended
bgp scan-time import 5
exit-address-family
!
address-family ipv4 vrf vpn1
redistribute connected
redistribute rip
no auto-summary
no synchronization
exit-address-family
30
Configuring MPLS Layer 3 VPNs
Configuration Examples for MPLS VPNs
PE Configuration CE Configuration
ip vrf vpn1 ip cef
rd 100:1 !
route-target export 100:1 interface Loopback0
route-target import 100:1 ip address 10.0.0.9 255.255.255.255
! !
ip cef interface FastEthernet0/0/0
mpls ldp router-id Loopback0 force ip address 10.0.0.1 255.0.0.0
mpls label protocol ldp no cdp enable
! !
interface Loopback0 ip route 10.0.0.9 255.255.255.255 10.0.0.2 3
ip address 10.0.0.1 255.255.255.255 ip route 10.0.0.0 255.0.0.0 10.0.0.2 3
!
interface FastEthernet0/0/0
ip vrf forwarding vpn1
ip address 10.0.0.2 255.0.0.0
no cdp enable
!
interface FastEthernet1/1/0
ip address 10.0.0.1 255.0.0.0
mpls label protocol ldp
mpls ip
!
router ospf 100
network 10.0.0. 0.0.0.0 area 100
network 10.0.0.0 0.255.255.255 area 100
!
router bgp 100
no synchronization
bgp log-neighbor changes
neighbor 10.0.0.3 remote-as 100
neighbor 10.0.0.3 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 send-community extended
bgp scan-time import 5
exit-address-family
!
address-family ipv4 vrf vpn1
redistribute connected
redistribute static
no auto-summary
no synchronization
exit-address-family
!
ip route vrf vpn1 10.0.0.9 255.255.255.255
10.0.0.1
ip route vrf vpn1 10.0.0.0 255.0.0.0 10.0.0.1
31
Configuring MPLS Layer 3 VPNs
Configuration Examples for MPLS VPNs
PE Configuration CE Configuration
ip vrf vpn1 ip cef
rd 100:1 mpls ldp router-id Loopback0 force
route-target export 100:1 mpls label protocol ldp
route-target import 100:1 !
! interface Loopback0
ip cef ip address 10.0.0.9 255.255.255.255
mpls ldp router-id Loopback0 force !
mpls label protocol ldp interface FastEthernet0/0/0
! ip address 10.0.0.1 255.0.0.0
interface Loopback0 no cdp enable
ip address 10.0.0.1 255.255.255.255 !
! router ospf 1000
interface FastEthernet0/0/0 log-adjacency-changes
ip vrf forwarding vpn1 auto-cost reference-bandwidth 1000
ip address 10.0.0.2 255.0.0.0 redistribute connected subnets
no cdp enable network 10.0.0.0 0.255.255.255 area 1000
! network 10.0.0.0 0.0.0.0 area 1000
router ospf 1000 vrf vpn1
log-adjacency-changes
redistribute bgp 100 metric-type 1 subnets
network 10.0.0.13 0.0.0.0 area 10000
network 10.0.0.0 0.255.255.255 area 10000
!
router bgp 100
no synchronization
bgp log-neighbor changes
neighbor 10.0.0.3 remote-as 100
neighbor 10.0.0.3 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 send-community extended
bgp scan-time import 5
exit-address-family
!
address-family ipv4 vrf vpn1
redistribute connected
redistribute ospf 1000 match internal
external 1 external 2
no auto-summary
no synchronization
exit-address-family
32
Configuring MPLS Layer 3 VPNs
Configuration Examples for MPLS VPNs
PE Configuration CE Configuration
ip vrf vpn1 ip cef
rd 100:1 mpls ldp router-id Loopback0 force
route-target export 100:1 mpls label protocol ldp
route-target import 100:1 !
! interface Loopback0
ip cef ip address 10.0.0.9 255.255.255.255
mpls ldp router-id Loopback0 force !
mpls label protocol ldp interface FastEthernet0/0/0
! ip address 10.0.0.1 255.0.0.0
interface Loopback0 no cdp enable
ip address 10.0.0.1 255.255.255.255 !
interface FastEthernet0/0/0 router eigrp 1000
ip vrf forwarding vpn1 network 10.0.0.0
ip address 10.0.0.2 255.0.0.0 auto-summary
no cdp enable
interface FastEthernet1/1/0
ip address 10.0.0.1 255.0.0.0
mpls label protocol ldp
mpls ip
router eigrp 1000
auto-summary
!
address-family ipv4 vrf vpn1
redistribute bgp 100 metric 10000 100 255
1 1500
network 10.0.0.0
distribute-list 20 in
no auto-summary
autonomous-system 1000
exit-address-family
!
router bgp 100
no synchronization
bgp log-neighbor changes
neighbor 10.0.0.3 remote-as 100
neighbor 10.0.0.3 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 send-community extended
bgp scan-time import 5
exit-address-family
!
address-family ipv4 vrf vpn1
redistribute connected
redistribute eigrp
no auto-summary
no synchronization
exit-address-family
33
Configuring MPLS Layer 3 VPNs
Additional References
Additional References
The following sections provide references related to MPLS VPNs.
Related Documents
Related Topic Document Title
Description of commands associated with MPLS and Cisco IOS Multiprotocol Label Switching Command Reference
MPLS applications
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
RFC 2283 Multiprotocol Extensions for BGP-4
RFC 2547 BGP/MPLS VPNs
34
Configuring MPLS Layer 3 VPNs
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
35
Configuring MPLS Layer 3 VPNs
Feature Information for MPLS Layer 3 VPNs
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
36
Configuring MPLS Layer 3 VPNs
Feature Information for MPLS Layer 3 VPNs
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect,
Cisco Pulse, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels,
Flip for Good, Flip Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network
are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Capital, Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store,
and Flip Gift Card are service marks; and Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP,
CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Continuum, EtherFast, EtherSwitch, Event Center,
Explorer, Fast Step, Follow Me Browsing, FormShare, GainMaker, GigaDrive, HomeLink, iLYNX, Internet Quotient, IOS, iPhone, iQuick Study,
IronPort, the IronPort logo, Laser Link, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers,
Networking Academy, Network Registrar, PCNow, PIX, PowerKEY, PowerPanels, PowerTV, PowerTV (Design), PowerVu, Prisma, ProConnect,
ROSA, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx,
and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0908R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
37
Configuring MPLS Layer 3 VPNs
Feature Information for MPLS Layer 3 VPNs
38
Assigning an ID Number to a VPN
You can identify Virtual Private Networks (VPNs) by a VPN identification number, as described in
RFC 2685. This implementation of the VPN ID feature is used for identifying a VPN.
Contents
• Information About VPN ID, page 2
• How to Configure a VPN ID, page 3
• Configuration Examples for Assigning an ID Number to a VPN, page 6
• Additional References, page 7
• Feature Information for Assigning an ID Number to a VPN, page 9
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
Introduction to VPN ID
You can identify VPNs by a VPN identification number, as described in RFC 2685. This implementation
of the VPN ID feature is used for identifying a VPN. The VPN ID feature is not used to control the
distribution of routing information or to associate IP addresses with VPN ID numbers in the MP-BGP
VPNv4 routing updates.
Multiple VPNs can be configured in a router. A VPN is private and uses a private address space that
might also be used by another VPN or by the Internet. The IP address used in a VPN is only significant
to the VPN in which it exists. You can use a VPN name (a unique ASCII string) to reference a specific
VPN configured in the router. Alternately, you can use a VPN ID to identify a particular VPN in the
router. The VPN ID follows a standard specification (RFC 2685). To ensure that the VPN has a consistent
VPN ID, assign the same VPN ID to all the routers in the service provider network that services that
VPN.
Note Configuration of a VPN ID for a VPN is optional. You can still use a VPN name to identify configured
VPNs in the router. The VPN name is not affected by the VPN ID configuration. These are two
independent mechanisms to identify VPNs.
2
Assigning an ID Number to a VPN
How to Configure a VPN ID
3
Assigning an ID Number to a VPN
How to Configure a VPN ID
Specifying a VPN ID
Use this procedure to specify a VPN ID.
Restrictions
The VPN ID feature is not used to control the distribution of routing information or to associate IP
addresses with VPN ID numbers in the MP-BGP VPNv4 routing updates.
Prerequisites
Each VRF configured on a PE router can have a VPN ID configured. Configure all the PE routers that
belong to the same VPN with the same VPN ID. Make sure the VPN ID is unique to the service provider
network.
SUMMARY STEPS
1. enable
2. configure terminal
3. ip vrf vrf-name
4. vpn id oui:vpn-index
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 ip vrf vrf-name Creates a VRF routing table and a CEF forwarding
table and enters VRF configuration mode.
Example: • vrf-name—Name assigned to a VRF.
Router(config)# ip vrf vrf1
Step 4 vpn id oui:vpn-index Assigns the VPN ID to the VRF.
• oui:—An organizationally unique identifier.
Example: The IEEE organization assigns this identifier
Router(config-vrf)# vpn id a1:3f6c to companies. The OUI is restricted to three
octets.
• vpn-index—This value identifies the VPN
within the company. This VPN index is
restricted to four octets.
4
Assigning an ID Number to a VPN
How to Configure a VPN ID
SUMMARY STEPS
1. enable
2. show ip vrf
3. show ip vrf id
4. show ip vrf detail
DETAILED STEPS
Step 1 enable
Step 2 show ip vrf
Use this command to display information about the VRF tables on the PE router. This example displays
three VRF tables called vpn1, vpn2, and vpn5.
Router# show ip vrf
VPN Id Name RD
2:3 vpn2 <not set>
A1:3F6C vpn1 100:1
5
Assigning an ID Number to a VPN
Configuration Examples for Assigning an ID Number to a VPN
No interfaces
Connected addresses are not in global routing table
No Export VPN route-target communities
No Import VPN route-target communities
No import route-map
No export route-map
VRF vpn5; default RD 500:1; default VPNID <not set>
Interfaces:
6
Assigning an ID Number to a VPN
Additional References
Additional References
The following sections provide references related to assigning an ID number to a VPN.
Related Documents
Related Topic Document Title
Description of commands associated with MPLS and Cisco IOS Multiprotocol Label Switching Command Reference
MPLS applications
Basic MPLS VPNs Configuring MPLS Layer 3 VPNs
Standards
Standard Title
IEEE Std 802-1990 IEEE Local and Metropolitan Area Networks: Overview and
Architecture
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
RFC 2685 Virtual Private Networks Identifier
7
Assigning an ID Number to a VPN
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
8
Assigning an ID Number to a VPN
Feature Information for Assigning an ID Number to a VPN
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
9
Assigning an ID Number to a VPN
Feature Information for Assigning an ID Number to a VPN
10
MPLS Multi-VRF (VRF-Lite)
The MPLS Multi-VRF feature allows you to configure and maintain more than one instance of a routing
and forwarding table within the same customer edge (CE) router.
Contents
• Prerequisites for MPLS Multi-VRF, page 2
• Restrictions for MPLS Multi-VRF, page 2
• Information About MPLS Multi-VRF, page 2
• How to Configure MPLS Multi-VRF, page 4
• Configuration Examples for MPLS Multi-VRF, page 12
• Additional References, page 15
• Feature Information for MPLS Multi-VRF, page 17
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Multi-VRF (VRF-Lite)
Prerequisites for MPLS Multi-VRF
2
MPLS Multi-VRF (VRF-Lite)
Information About MPLS Multi-VRF
• The PE router needs to maintain VPN routes only for those VPNs to which it is directly attached,
eliminating the requirement that the PE maintain all of the service provider’s VPN routes. Each PE
router maintains a VRF for each of its directly connected sites. Two or more interfaces on a PE router
can be associated with a single VRF if all the sites participate in the same VPN. Each VPN is
mapped to a specified VRF. After learning local VPN routes from CE routers, the PE router
exchanges VPN routing information with other PE routers through internal BGP (iBPG).
With the MPLS Multi-VRF feature, two or more customers can share one CE router, and only one
physical link is used between the CE and the PE routers. The shared CE router maintains separate VRF
tables for each customer and routes packets for each customer based on that customer’s own routing
table. The MPLS Multi-VRF feature extends limited PE router functionality to a CE router, giving it the
ability, through the maintenance of separate VRF tables, to extend the privacy and security of a VPN to
the branch office.
Figure 1 shows a configuration where each CE router acts as if it were two CE routers. Because the
MPLS Multi-VRF feature is a Layer 3 feature, each interface associated with a VRF must be a Layer 3
interface.
VPN 1 VPN 1
CE PE PE CE
MPLS
network
VPN 2 VPN 2
135228
CE = Customer edge router
PE = Provider edge router
How Packets Are Forwarded in a Network Using the MPLS Multi-VRF Feature
Following is the packet-forwarding process in an MPLS Multi-VRF CE-enabled network, as illustrated
in Figure 1:
• When the CE receives a packet from a VPN, it looks up the routing table based on the input interface.
When a route is found, the CE imposes the MPLS label it received from the PE for that route and
forwards the packet to the PE.
• When the ingress PE receives a packet from the CE, it swaps the incoming label with the
corresponding label stack and sends it to the MPLS network.
• When an egress PE receives a packet from the network, it swaps the VPN label with the label it
earlier had received for the route from the CE, and forwards it to the CE.
• When a CE receives a packet from an egress PE, it uses the incoming label on the packet to forward
the packet to the correct VPN.
To configure Multi-VRF, you create a VRF table and then specify the Layer 3 interface associated with
that VRF. Next, you configure the routing protocols within the VPN, and between the CE and the PE.
BGP is the preferred routing protocol for distributing VPN routing information across the provider's
backbone. For more information, see the “How to Configure MPLS Multi-VRF” section on page 4.
3
MPLS Multi-VRF (VRF-Lite)
How to Configure MPLS Multi-VRF
Configuring VRFs
To configure VRFs, complete the following procedure. Be sure to configure VRFs on both the PE and
the CE routers.
Restrictions
Multicast cannot be configured at the same time on the same Layer 3 interface as the MPLS Multi-VRF
feature.
4
MPLS Multi-VRF (VRF-Lite)
How to Configure MPLS Multi-VRF
SUMMARY STEPS
1. enable
2. configure terminal
3. ip routing
4. ip vrf vrf-name
5. rd route-distinguisher
6. route-target {export | import | both} route-target-ext-community
7. import map route-map
8. exit
9. interface type slot/subslot/port[.subinterface]
10. ip vrf forwarding vrf-name
11. show ip vrf
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip routing Enables IP routing.
Example:
Router(config)# ip routing
Step 4 ip vrf vrf-name Names the VRF, and enters VRF configuration mode.
Example:
Router(config)# ip vrf v1
5
MPLS Multi-VRF (VRF-Lite)
How to Configure MPLS Multi-VRF
Example:
Router(config-vrf)# import map importmap1
Step 8 exit Returns to global configuration mode.
Example:
Router(config-vrf)# exit
Step 9 interface type slot/subslot/port[.subinterface] Specifies the Layer 3 interface to be associated with the
VRF and enters interface configuration mode.
Example: The interface can be a routed port or an SVI.
Router(config)# interface fastethernet3/0/0.10
Step 10 ip vrf forwarding vrf-name Associates the VRF with the Layer 3 interface.
Example:
Router(config-if)# ip vrf forwarding v1
Step 11 show ip vrf Displays the settings of the VRFs.
Example:
Router# show ip vrf
6
MPLS Multi-VRF (VRF-Lite)
How to Configure MPLS Multi-VRF
SUMMARY STEPS
1. enable
2. configure terminal
3. router bgp autonomous-system-number
4. network ip-address mask network-mask
5. redistribute ospf process-id match internal
6. network ip-address area area-id
7. address-family ipv4 vrf vrf-name
8. neighbor {ip-address | peer-group-name} remote-as as-number
9. neighbor address activate
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 router bgp autonomous-system-number Configures the BGP routing process with the autonomous
system number passed to other BGP routers, and enters router
configuration mode.
Example:
Router(config)# router bgp 100
Step 4 network ip-address mask network-mask Specifies a network and mask to announce using BGP.
Example:
Router(config-router)# network 10.0.0.0
mask 255.255.255.0
Step 5 redistribute ospf process-id match internal Sets the router to redistribute OSPF internal routes.
Example:
Router(config-router)# redistribute ospf 2
match internal
Step 6 network ip-address area area-id Identifies the network address and mask on which OSPF is
running, and the area ID of that network address.
Example:
Router(config-router)# network 10.0.0.0
255.255.255.0 area 0
7
MPLS Multi-VRF (VRF-Lite)
How to Configure MPLS Multi-VRF
Command Purpose
Step 7 address-family ipv4 vrf vrf-name Identifies the name of the VRF instance that will be associated
with the next two commands, and enters VRF address-family
mode.
Example:
Router(config-router)# address-family ipv4
vrf v12
Step 8 neighbor {ip-address | peer-group-name} Informs this router’s BGP neighbor table of the neighbor’s
remote-as as-number address (or peer group name) and the neighbor’s autonomous
system number.
Example:
Router(config-router-af)# neighbor 10.0.0.3
remote-as 100
Step 9 neighbor address activate Activates the advertisement of the IPv4 address-family
neighbors.
Example:
Router(config-router-af)# neighbor 10.0.0.3
activate
SUMMARY STEPS
1. enable
2. configure terminal
3. router bgp autonomous-system-number
4. address-family ipv4 vrf vrf-name
5. neighbor address send-label
6. neighbor address activate
7. end
8. configure terminal
9. interface type slot/subslot/port[.subinterface]
10. mpls bgp forwarding
8
MPLS Multi-VRF (VRF-Lite)
How to Configure MPLS Multi-VRF
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 router bgp autonomous-system-number Configures the BGP routing process with the autonomous
system number passed to other BGP routers and enters router
configuration mode.
Example:
Router(config)# router bgp 100
Step 4 address-family ipv4 vrf vrf-name Identifies the name of the VRF instance that will be associated
with the next two commands and enters address family
configuration mode.
Example:
Router(config-router)# address-family ipv4
vrf v12
Step 5 neighbor address send-label Enables the router to use BGP to distribute MPLS labels along
with the IPv4 routes to the peer router(s).
Example: If a BGP session is running when you issue this command, the
Router(config-router-af)# neighbor 10.0.0.3 command does not take effect until the BGP session is
remote-as 100 restarted.
Step 6 neighbor address activate Activates the advertisement of the IPv4 address-family
neighbors.
Example:
Router(config-router-af)# neighbor 10.0.0.3
activate
Step 7 end Returns to privileged EXEC mode.
Example:
Router(config-router-af)# end
Step 8 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
9
MPLS Multi-VRF (VRF-Lite)
How to Configure MPLS Multi-VRF
Command Purpose
Step 9 interface type Enters interface configuration mode for the interface to be used
slot/subslot/port[.subinterface] for the BGP session.
The interface can be a routed port or an SVI.
Example:
Router(config)# interface
fastethernet3/0/0.10
Step 10 mpls bgp forwarding Enables MPLS forwarding on the interface.
Example:
Router(config-if)# mpls bgp forwarding
Restrictions
If OSPF, EIGRP, RIP, or static routing is used, LDP must be used to signal labels.
The MPLS Multi-VRF feature is not supported by IGRP nor IS-IS.
Multicast cannot be configured on the same Layer 3 interface as the MPLS Multi-VRF feature is
configured.
SUMMARY STEPS
1. enable
2. configure terminal
3. router ospf process-id [vrf vrf-name]
4. log-adjacency-changes
5. redistribute bgp autonomous-system-number subnets
6. network ip-address subnet-mask area area-id
7. show ip ospf
10
MPLS Multi-VRF (VRF-Lite)
How to Configure MPLS Multi-VRF
DETAILED STEPS
Example:
Router# configure terminal
Step 3 router ospf process-id [vrf vpn-name] Enables OSPF routing, specifies a VRF table, and enters
router configuration mode.
Example:
Router(config)# router ospf 100 vrf v1
Step 4 log-adjacency-changes (Optional) Logs changes in the adjacency state.
This is the default state.
Example:
Router(config-router)# log-adjacency-changes
Step 5 redistribute bgp autonomous-system-number Sets the router to redistribute information from the BGP
subnets network to the OSPF network.
Example:
Router(config-router)# redistribute bgp 800
subnets
Step 6 network ip-address subnet-mask area area-id Indicates the network address and mask on which OSPF
runs, and the area ID of that network address.
Example:
Router(config-router)# network 10.0.0.0
255.255.255.0 area 0
Step 7 show ip ospf Displays information about the OSPF routing processes.
Example:
Router# show ip ospf
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface]
4. mpls ip
11
MPLS Multi-VRF (VRF-Lite)
Configuration Examples for MPLS Multi-VRF
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type slot/subslot/port[.subinterface] Enters interface configuration mode for the interface
associated with the VRF. The interface can be a routed port
or an SVI.
Example:
Router(config)# interface fastethernet3/0/0.10
Step 4 mpls ip Enables MPLS forwarding of IPv4 packets along normally
routed paths for this interface.
Example:
Router(config-if)# mpls ip
VPN 1 10.0.0.0
fe3/8/0 PE
10.1.1.1 CE
fe3/7/0 fe3/0/0
Core
fe3/11/0 fe3/0/0
192.168.1.1
fe3/3/0
192842
VPN 2
192.168.10.10
12
MPLS Multi-VRF (VRF-Lite)
Configuration Examples for MPLS Multi-VRF
Configuring PE-to-CE Connections Using BGP for Both Routing and Label Exchange
router bgp 100
address-family ipv4 vrf v2
neighbor 10.0.0.8 remote-as 800
neighbor 10.0.0.8 activate
neighbor 10.0.0.8 send-label
exit
address-family ipv4 vrf vl
neighbor 10.0.0.8 remote-as 800
neighbor 10.0.0.8 activate
neighbor 10.0.0.8 send-label
end
configure terminal
interface fastethernet3/0/0.10
ip vrf forwarding v1
ip address 10.0.0.3 255.255.255.0
mpls bgp forwarding
exit
interface fastethernet3/0/0.20
ip vrf forwarding v2
ip address 10.0.0.3 255.255.255.0
mpls bgp forwarding
exit
Configuring PE-to-CE Connections Using OSPF for Routing and LDP for Label Exchange
router ospf 100 vrf v1
network 10.0.0.0 255.255.255.0 area 0
exit
router ospf 101 vrf v2
network 10.0.0.0 255.255.255.0 area 0
exit
interface fastethernet3/0/0.10
ip vrf forwarding v1
ip address 10.0.0.3 255.255.255.0
mpls ip
exit
interface fastethernet3/0/0.20
ip vrf forwarding v2
ip address 10.0.0.3 255.255.255.0
mpls ip
exit
13
MPLS Multi-VRF (VRF-Lite)
Configuration Examples for MPLS Multi-VRF
Note If BGP is used for routing between the PE and CE routers, the BGP-learned routes from the PE router
can be redistributed into OSPF using the commands in the following example.
Configuring PE-to-CE Connections Using BGP for Both Routing and Label Exchange
router bgp 800
address-family ipv4 vrf v12
neighbor 10.0.0.3 remote-as 100
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 send-label
redistribute ospf 2 match internal
exit
address-family ipv4 vrf vl1
neighbor 10.0.0.3 remote-as 100
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 send-label
redistribute ospf 1 match internal
end
14
MPLS Multi-VRF (VRF-Lite)
Additional References
interface fastethernet3/0/0.10
ip vrf forwarding v11
ip address 10.0.0.8 255.255.255.0
mpls bgp forwarding
exit
interface fastethernet3/0/0.20
ip vrf forwarding v12
ip address 10.0.0.8 255.255.255.0
mpls bgp forwarding
exit
Configuring PE-to-CE Connections Using OSPF for Routing and LDP for Label Exchange
router ospf 1 vrf v11
network 10.0.0.0 255.255.255.0 area 0
exit
router ospf 2 vrf v12
network 10.0.0.0 255.255.255.0 area 0
exit
interface fastethernet3/0/0.10
ip vrf forwarding v11
ip address 10.0.0.3 255.255.255.0
mpls ip
exit
interface fastethernet3/0/0.20
ip vrf forwarding v12
ip address 10.0.0.3 255.255.255.0
mpls ip
exit
Additional References
The following sections provide references related to the MPLS Multi-VRF feature.
Related Documents
Related Topic Document Title
Description of commands associated with MPLS Cisco IOS Multiprotocol Label Switching Command Reference
and MPLS application
OSPF with Multi-VRF OSPF Support for Multi-VRF in CE Routers
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
15
MPLS Multi-VRF (VRF-Lite)
Additional References
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
No new or modified RFCs are supported by this —
feature, and support for existing RFCs has not been
modified by this feature.
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
16
MPLS Multi-VRF (VRF-Lite)
Feature Information for MPLS Multi-VRF
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
17
MPLS Multi-VRF (VRF-Lite)
Feature Information for MPLS Multi-VRF
18
Multi-VRF Selection Using Policy-Based Routing
(PBR)
The Multi-VRF Selection Using Policy-Based Routing (PBR) feature allows a specified interface on a
provider edge (PE) router to route packets to Virtual Private Networks (VPNs) based on packet length
or match criteria defined in an IP access list.
You can enable VPN routing and forwarding (VRF) selection by policy routing packets through a route
map, through the global routing table, or to a specified VRF.
You can enable policy-routing packets for VRF instances by using route map commands with set
commands.
Contents
• Prerequisites for Multi-VRF Selection Using Policy-Based Routing (PBR), page 2
• Restrictions for Multi-VRF Selection Using Policy-Based Routing (PBR), page 2
• Information About Multi-VRF Selection Using Policy-Based Routing (PBR), page 2
• How to Configure Multi-VRF Selection Using Policy-Based Routing (PBR), page 5
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
Multi-VRF Selection Using Policy-Based Routing (PBR)
Prerequisites for Multi-VRF Selection Using Policy-Based Routing (PBR)
• Configuration Examples for Multi-VRF Selection Using Policy-Based Routing (PBR), page 13
• Additional References, page 14
• Feature Information for Multi-VRF Selection Using Policy-Based Routing (PBR), page 17
• Glossary, page 18
2
Multi-VRF Selection Using Policy-Based Routing (PBR)
Information About Multi-VRF Selection Using Policy-Based Routing (PBR)
3
Multi-VRF Selection Using Policy-Based Routing (PBR)
Information About Multi-VRF Selection Using Policy-Based Routing (PBR)
• set interface—When packets enter a VRF, routes the packets out of the egress interface under the
same VRF according to the set interface policy, provided that the Layer 2 rewrite information is
available.
• set ip default vrf—Provides inherit-VRF and inter-VRF routing. With inherit-VRF routing, packets
arriving at a VRF interface are routed by the same outgoing VRF interface. With inter-VRF routing,
packets arriving at a VRF interface are routed via any other outgoing VRF interface.
• set ip default global—Provides VRF to global routing.
• set default interface—Indicates where to output packets that pass a match criterion of a route map for
policy routing and have no explicit route to the destination. The interface can belong to any VRF.
• set ip global next-hop—Routes packets through the global routing table, where the next hop lookup
will be in the global routing table.
• set ip default next-hop—Indicates where to output packets that pass a match criterion of a route map
for policy routing and for which the Cisco IOS XE software has no explicit route to a destination.
• set ip precedence—Sets the IP precedence bit in the header of an IP packet.
• set ip default next-hop—Indicates where to output packets that pass a match criterion of a route map
for policy routing and for which the Cisco IOS XE software has no explicit route to a destination.
• set ip next-hop—Indicates where to output packets that pass a match criterion of a route map for policy
routing.
4
Multi-VRF Selection Using Policy-Based Routing (PBR)
How to Configure Multi-VRF Selection Using Policy-Based Routing (PBR)
The Multi-VRF Selection Using Policy-Based Routing (PBR) feature modifies the following set
commands to support inherit-VRF, inter-VRF, and VRF-to-global routing. The commands are listed in
the order in which the router uses them during the routing of packets.
• set global—Routes packets through the global routing table. This command is useful for routing
ingress packets belonging to a specific VRF through the global routing table.
• set ip global next-hop—Indicates where to forward packets that pass a match criterion of a route
map for policy routing and for which the Cisco IOS XE software uses the global routing table.
• set ip vrf next-hop—Causes the router to look up the next hop in the VRF table. If a packet arrives
on an interface that belongs to a VRF and the packet needs to be routed via a different VRF, you can
use the set ip vrf next-hop command.
• set ip default vrf—Provides inherit-VRF and inter-VRF routing. With inherit-VRF routing, packets
arriving at a VRF interface are routed by the same outgoing VRF interface. With inter-VRF routing,
packets arriving at a VRF interface are routed via any other outgoing VRF interface.
• set interface—When packets enter a VRF, routes the packets out of the egress interface under the
same VRF, according to the set interface policy, provided that the Layer 2 rewrite information is
available.
• set default interface—Indicates where to output packets that pass a match criterion of a route map
for policy routing and have no explicit route to the destination. The interface can belong to any VRF.
• set ip next-hop—Routes packets through the global routing table in an IP-to-IP routing and
forwarding environment.
• set vrf—Selects the appropriate VRF after a successful match occurs in the route map. VRS-aware
PSV allows only inter-VRF (or VRF-to-VRF) switching.
5
Multi-VRF Selection Using Policy-Based Routing (PBR)
How to Configure Multi-VRF Selection Using Policy-Based Routing (PBR)
You can define the match criteria based on the packet length by configuring the match length route-map
configuration command. This configuration option is defined entirely within a route map.
Prerequisites
The tasks in the following sections assume that the VRF and associated IP address are already defined.
SUMARY STEPS
1. enable
2. configure terminal
3. access-list access-list-number {deny | permit} [source source-wildcard] [log]
6
Multi-VRF Selection Using Policy-Based Routing (PBR)
How to Configure Multi-VRF Selection Using Policy-Based Routing (PBR)
DETAILED STEPS
Example:
Router# configure terminal
Step 3 access-list access-list-number {deny | permit} Creates an access list and defines the match criteria for the
[source source-wildcard] [log] route map.
• Match criteria can be defined based on IP addresses, IP
Example: address ranges, and other IP packet access list filtering
Router(config)# access-list 40 permit source options. Named, numbered, standard, and extended
10.1.1.0/24 0.0.0.255
access lists are supported. You can use all IP access list
configuration options in Cisco IOS XE software to
define match criteria.
• The example creates a standard access list numbered
40. This filter permits traffic from any host with an IP
address in the 10.1.1.0/24 subnet.
Configuring Multi-VRF Selection Using PBR with a Named Extended Access List
To configure Multi-VRF Selection using PBR with a named extended access list, complete the following
steps.
SUMMARY STEPS
1. enable
2. configure terminal
3. ip access-list {standard | extended} [access-list-name | access-list-number]
4. [sequence-number] {permit | deny} protocol source source-wildcard destination
destination-wildcard [option option-value] [precedence precedence] [tos tos] [ttl operator-value]
[log] [time-range time-range-name] [fragments]
7
Multi-VRF Selection Using Policy-Based Routing (PBR)
How to Configure Multi-VRF Selection Using Policy-Based Routing (PBR)
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip access-list {standard | extended} Specifies the IP access list type and enters the
[access-list-name | access-list-number] corresponding access list configuration mode.
• You can specify a standard, extended, or named access
Example: list.
Router(config)# ip access-list extended
NAMEDACL
Step 4 [sequence-number] {permit | deny} protocol Defines the criteria for which the access list will permit or
source source-wildcard destination deny packets.
destination-wildcard [option
option-value][precedence precedence] [tos tos] • Match criteria can be defined based on IP addresses, IP
[ttl operator-vaue] [log] [time-range address ranges, and other IP packet access list filtering
time-range-name] [fragments]
options. Named, numbered, standard, and extended
access lists are supported. You can use all IP access list
Example: configuration options in Cisco IOS XE software to
Router(config-ext-nacl)# permit ip any any define match criteria.
option any-options
• The example creates a named access list that permits
any configured IP option.
Prerequisites
You must define the VRF before you configure the route map; otherwise an error message appears on
the console.
A receive entry must be added to the VRF selection table with the ip vrf receive command. If a match
and set operation occurs in the route map but there is no receive entry in the local VRF table, the packet
will be dropped if the packet destination is local.
SUMMARY STEPS
1. enable
2. configure terminal
3. route-map map-tag [permit | deny] [sequence-number]
8
Multi-VRF Selection Using Policy-Based Routing (PBR)
How to Configure Multi-VRF Selection Using Policy-Based Routing (PBR)
DETAILED STEPS
Example:
Router# configure terminal
Step 3 route-map map-tag [permit | deny] Defines the conditions for redistributing routes from one
[sequence-number] routing protocol into another, or enables policy routing.
• Enters route-map configuration mode.
Example:
Router(config)# route-map map1 permit 10
9
Multi-VRF Selection Using Policy-Based Routing (PBR)
How to Configure Multi-VRF Selection Using Policy-Based Routing (PBR)
or
Example:
Router(config-route-map)# set ip next-hop
recursive vrf 10.0.0.0
or
Example:
Router(config-route-map)# set ip global
next-hop 10.0.0.0
Step 5 match ip address {acl-number | acl-name | Distributes any routes that have a destination network
acl-number ] number address that is permitted by a standard or extended
access list, and performs policy routing on matched packets.
or
IP access lists are supported.
match length minimum-length maximum-length
• The example configures the route map to use standard
access list 1 to define match criteria.
Example: or
Router(config-route-map)# match ip address 1
Specifies the Layer 3 packet length in the IP header as a
or match criterion in a class map.
• The example configures the route map to match packets
Example: that are 3 to 200 bytes in length.
Router(config-route-map)# match length 3 200
Step 6 end Exits route-map configuration mode and returns to
privileged EXEC mode.
Example:
Router(config-route-map)# end
10
Multi-VRF Selection Using Policy-Based Routing (PBR)
How to Configure Multi-VRF Selection Using Policy-Based Routing (PBR)
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type number [name-tag]
4. ip policy route-map map-tag
5. ip vrf receive vrf-name
6. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type number [name-tag] Configures an interface and enters interface configuration
mode.
Example:
Router(config)# interface FastEthernet 0/1/0
Step 4 ip policy route-map map-tag Identifies a route map to use for policy routing on an
interface.
Example: • The configuration example attaches the route map
Router(config-if)# ip policy route-map map1 named map1 to the interface.
Step 5 ip vrf receive vrf-name Adds the IP addresses that are associated with an interface
into the VRF table.
Example: • This command must be configured for each VRF that
Router(config-if)# ip vrf receive VRF-1 will be used for VRF selection.
Step 6 end Exits interface configuration mode and returns to privileged
EXEC mode.
Example:
Router(config-if)# end
11
Multi-VRF Selection Using Policy-Based Routing (PBR)
How to Configure Multi-VRF Selection Using Policy-Based Routing (PBR)
SUMMARY STEPS
DETAILED STEPS
To verify the configuration of match criteria for PBR multi-VRF selection, use the show ip access-list
command. The following show ip access-list command output displays three subnet ranges defined as
match criteria in three standard access lists:
Router# show ip access-list
To verify the route-map configuration, use the show route-map command. The output displays the
match criteria and set action for each route-map sequence. The output also displays the number of
packets and bytes that have been policy routed per each route-map sequence.
Router# show route-map map1
12
Multi-VRF Selection Using Policy-Based Routing (PBR)
Configuration Examples for Multi-VRF Selection Using Policy-Based Routing (PBR)
Set clauses:
global
Policy routing matches: 0 packets, 0 bytes
The following show route-map command displays output from the set ip vrf next-hop command:
Router(config)# route-map test
Router(config-route-map)# set ip vrf myvrf next-hop
Router(config-route-map)# set ip vrf myvrf next-hop 192.168.3.2
Router(config-route-map)# match ip address 255 101
Router(config-route-map)# end
Router# show route-map
The following show route-map command displays output from the set ip global command:
Router(config)# route-map test
Router(config-route-map)# match ip address 255 101
Router(config-route-map)# set ip global next-hop 192.168.4.2
Router(config-route-map)# end
Router# show route-map
The following show ip policy command output displays the interface and associated route map that is
configured for policy routing:
Router# show ip policy
13
Multi-VRF Selection Using Policy-Based Routing (PBR)
Additional References
Defining the Match Criteria for Multi-VRF Selection Using PBR: Example
In the following example, three standard access lists are created to define match criteria for three
different subnetworks. Any packets received on FastEthernet interface 0/1/0 will be policy routed
through the PBR-VRF-Selection route map to the VRF that is matched in the same route-map sequence.
If the source IP address of the packet is part of the 10.1.0.0/24 subnet, VRF1 will be used for routing
and forwarding.
access-list 40 permit source 10.1.0.0 0.0.255.255
access-list 50 permit source 10.2.0.0 0.0.255.255
access-list 60 permit source 10.3.0.0 0.0.255.255
The following example shows a set ip global command that specifies that the router should use the next
hop address 10.0.0.1 in the global routing table:
Router(config-route-map)# set ip global next-hop 10.0.0.1
Additional References
The following sections provide references related to the Multi-VRF Selection Using Policy-Based
Routing (PBR) feature.
14
Multi-VRF Selection Using Policy-Based Routing (PBR)
Additional References
Related Documents
Related Topic Document Title
MPLS commands: complete command syntax, Cisco IOS Multiprotocol Label Switching Command Reference
command modes, command history, defaults, usage
guidelines, and examples
IP access list commands Cisco IOS Security Command Reference
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
No new or modified RFCs are supported by this —
feature, and support for existing RFCs has not been
modified by this feature.
15
Multi-VRF Selection Using Policy-Based Routing (PBR)
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
16
Multi-VRF Selection Using Policy-Based Routing (PBR)
Feature Information for Multi-VRF Selection Using Policy-Based Routing (PBR)
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
Table 1 Feature Information for Multi-VRF Selection Using Policy-Based Routing (PBR)
17
Multi-VRF Selection Using Policy-Based Routing (PBR)
Glossary
Glossary
CE router—customer edge router. A router that is part of a customer network and that interfaces to a
provider edge (PE) router.
Inherit-VRF routing—Packets arriving at a VRF interface are routed by the same outgoing VRF
interface.
Inter-VRF routing—Packets arriving at a VRF interface are routed via any other outgoing VRF
interface.
IP—Internet Protocol. Network layer protocol in the TCP/IP stack offering a connectionless
internetwork service. IP provides features for addressing, type-of-service specification, fragmentation
and reassembly, and security. Defined in RFC 791.
PBR—policy-based routing. PBR allows a user to manually configure how received packets should be
routed.
PE router—provider edge router. A router that is part of a service provider’s network and that is
connected to a CE router. It exchanges routing information with CE devices by using static routing or a
routing protocol such as BGP, RIPv1, or RIPv2.
VPN—Virtual Private Network. A collection of sites sharing a common routing table. A VPN provides
a secure way for customers to share bandwidth over an ISP backbone network.
VRF—A VPN routing and forwarding instance. A VRF consists of an IP routing table, a derived
forwarding table, a set of interfaces that use the forwarding table, and a set of rules and routing protocols
that determine what goes into the forwarding table.
VRF-lite—A feature that enables a service provider to support two or more VPNs, where IP addresses
can be overlapped among the VPNs.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
18
MPLS VPN: VRF Selection Using Policy-Based
Routing
The MPLS VPN: VRF Selection Using Policy-Based Routing feature is an extension of the MPLS VPN:
VRF Selection Based on Source IP Address feature. This feature introduces a policy-based routing
(PBR) mechanism to classify and forward Virtual Private Network (VPN) traffic based on multiple VPN
routing and forwarding (VRF) selection match criteria.
Contents
• Prerequisites for VRF Selection Using Policy-Based Routing, page 2
• Restrictions for VRF Selection Using Policy-Based Routing, page 2
• Information About VRF Selection Using Policy-Based Routing, page 2
• How to Configure VRF Selection Using Policy-Based Routing, page 3
• Configuration Examples for VRF Selection Using Policy-Based Routing, page 10
• Additional References, page 12
• Feature Information for VRF Selection Using Policy-Based Routing, page 14
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS VPN: VRF Selection Using Policy-Based Routing
Prerequisites for VRF Selection Using Policy-Based Routing
2
MPLS VPN: VRF Selection Using Policy-Based Routing
How to Configure VRF Selection Using Policy-Based Routing
Policy routing is defined in the route map. The route map is applied to the incoming interface with the
ip policy route-map interface configuration command. An IP access list is applied to the route map with
the match ip address route-map configuration command. Packet length match criteria are applied to the
route map with the match length route-map configuration command. The set action is defined with the
set vrf route-map configuration command. The match criteria are evaluated, and the appropriate VRF is
selected by the set clause. This combination allows you to define match criteria for incoming VPN traffic
and policy route VPN packets out to the appropriate VRF.
3
MPLS VPN: VRF Selection Using Policy-Based Routing
How to Configure VRF Selection Using Policy-Based Routing
Prerequisites
Before you perform this task, make sure that the VRF and associated IP address are already defined.
SUMMARY STEPS
1. enable
2. configure terminal
3. access-list access-list-number {deny | permit} source-addr [source-wildcard] [log]
DETAILED STEPS
Example:
Router# configure terminal
Step 3 access-list access-list-number {deny | permit} Creates an access list and defines the match criteria for the
source-addr [source-wildcard] [log] route map.
• Match criteria can be defined based on IP addresses, IP
Example: address ranges, and other IP packet access-list filtering
Router(config)# access-list 40 permit options. Named, numbered, standard, and extended
10.1.0.0/24 0.0.0.255
access lists are supported. All IP access list
configuration options in Cisco IOS XE software can be
used to define match criteria.
• The example creates a standard access list numbered
40. This filter will permit traffic from any host with an
IP address in the 10.1.0.0/24 subnet.
SUMMARY STEPS
1. enable
2. configure terminal
4
MPLS VPN: VRF Selection Using Policy-Based Routing
How to Configure VRF Selection Using Policy-Based Routing
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip access-list {standard | extended} Specifies the IP access list type and enters the
[access-list-name | access-list-number] corresponding access-list configuration mode.
• A standard, extended, or named access list can be used.
Example:
Router(config)# ip access-list extended
NAMEDACL
Step 4 [sequence-number] {permit | deny} protocol Defines the criteria for which the access list will permit or
source-addr source-wildcard destination-addr deny packets.
destination-wildcard [option
option-value][precedence precedence] [tos tos] • Match criteria can be defined based on IP addresses, IP
[log] [time-range time-range-name] [fragments] address ranges, and other IP packet access-list filtering
options. Named, numbered, standard, and extended
Example: access lists are supported. All IP access-list
Router(config-ext-nacl)# permit ip any any configuration options in Cisco IOS XE software can be
option any-options used to define match criteria.
• The example creates a named access list that permits
any configured IP option.
5
MPLS VPN: VRF Selection Using Policy-Based Routing
How to Configure VRF Selection Using Policy-Based Routing
Prerequisites
• The VRF must be defined prior to the configuration of the route map; otherwise an error message is
displayed on the console.
• A receive entry must be added to the VRF selection table with the ip vrf receive command. If a
match and set operation occurs in the route map but there is no receive entry in the local VRF table,
the packet will be dropped if the packet destination is local.
SUMMARY STEPS
1. enable
2. configure terminal
3. route-map map-tag [permit | deny] [sequence-number]
4. match ip address {acl-number [acl-number ... | acl-name ...] | acl-name
[acl-name ... | acl-number ...]}
or
match length minimum-length maximum-length
5. set vrf vrf-name
6. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 route-map map-tag [permit | deny] Enters route map configuration mode.
[sequence-number]
Defines the conditions for redistributing routes from one
routing protocol into another, or enables policy routing.
Example:
Router(config)# route-map map1 permit 10
6
MPLS VPN: VRF Selection Using Policy-Based Routing
How to Configure VRF Selection Using Policy-Based Routing
Restrictions
• The VRF Selection Using Policy-Based Routing feature can coexist with the VRF Selection Based
on Source IP address feature on the same router, but the two features cannot be configured together
on the same interface. This is designed behavior to prevent VRF table selection conflicts that could
occur if these features were misconfigured together. An error message is displayed on the console
if you attempt to configure the ip vrf select source and the ip policy route-map commands on the
same interface.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type number [name-tag]
4. ip policy route-map map-tag
7
MPLS VPN: VRF Selection Using Policy-Based Routing
How to Configure VRF Selection Using Policy-Based Routing
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type number [name-tag] Configures an interface and enters interface configuration
mode.
Example:
Router(config)# interface FastEthernet 0/1/0
Step 4 ip policy route-map map-tag Identifies a route map to use for policy routing on an
interface.
Example: • The configuration example attaches the route map
Router(config-if)# ip policy route-map map1 named map1 to the interface.
Step 5 ip vrf receive vrf-name Adds the IP addresses that are associated with an interface
into the VRF table.
Example: • This command must be configured for each VRF that
Router(config-if)# ip vrf receive VRF1 will be used for VRF selection.
Step 6 exit Exits interface configuration mode and enters global
configuration mode.
Example:
Router(config-if)# exit
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type number [name-tag]
8
MPLS VPN: VRF Selection Using Policy-Based Routing
How to Configure VRF Selection Using Policy-Based Routing
DETAILED STEPS
Command Purpose
Step 1 enable Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
Step 2 configure terminal Enters global configuration mode.
Example:
Router# configure terminal
Step 3 interface type number [name-tag] Configures an interface and enters interface configuration mode.
Example:
Router(config)# interface
FastEthernet 0/1/0
Step 4 ip policy route-map map-tag Identifies a route map to use for policy routing on an interface.
• The configuration example attaches the route map named
Example: map1 to the interface.
Router(config-if)# ip policy route-map
map1
Step 5 ip vrf receive vrf-name Adds the IP addresses that are associated with an interface into
the VRF table.
Example: • This command must be configured for each VRF that will be
Router(config-if)# ip vrf receive VRF1 used for VRF selection.
Step 6 end Exits interface configuration mode, and enters privileged EXEC
mode.
Example:
Router(config-if)# end
SUMMARY STEPS
1. enable
2. show ip access-list [access-list-number | access-list-name]
3. show route-map [map-name]
4. show ip policy
9
MPLS VPN: VRF Selection Using Policy-Based Routing
Configuration Examples for VRF Selection Using Policy-Based Routing
DETAILED STEPS
10
MPLS VPN: VRF Selection Using Policy-Based Routing
Configuration Examples for VRF Selection Using Policy-Based Routing
!
route-map PBR-VRF-Selection permit 30
match ip address 60
set vrf VRF3
!
interface FastEthernet0/1/0
ip address 10.1.0.0/24 255.255.255.252
ip policy route-map PBR-VRF-Selection
ip vrf receive VRF1
ip vrf receive VRF2
ip vrf receive VRF3
11
MPLS VPN: VRF Selection Using Policy-Based Routing
Additional References
Additional References
The following sections provide references related to the MPLS VPN: VRF Selection Using Policy-Based
Routing feature.
Related Documents
Related Topic Document Title
MPLS commands: complete command syntax, Cisco IOS Multiprotocol Label Switching Command Reference
command modes, command history, defaults, usage
guidelines, and examples
Route-map configuration commands Cisco IOS IP Routing Protocols Command Reference
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases , and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
12
MPLS VPN: VRF Selection Using Policy-Based Routing
Additional References
RFCs
RFC Title
No new or modified RFCs are supported by this —
feature, and support for existing standards has not been
modified by this feature.
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
13
MPLS VPN: VRF Selection Using Policy-Based Routing
Feature Information for VRF Selection Using Policy-Based Routing
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
14
MPLS VPN: VRF Selection Using Policy-Based Routing
Glossary
Glossary
PBR—policy-based routing.
VPN—Virtual Private Network.
VRF—virtual routing and forwarding.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
15
MPLS VPN: VRF Selection Using Policy-Based Routing
Glossary
16
VRF Aware System Message Logging (Syslog)
The VRF Aware System Message Logging (Syslog) feature allows a router to send system logging
(syslog) messages to a syslog server host connected through a Virtual Private Network (VPN) routing
and forwarding (VRF) interface.
You can use logging information for network monitoring and troubleshooting. This feature extends this
capability to network traffic connected through VRFs.
Contents
• Prerequisites for VRF Aware System Message Logging, page 2
• Restrictions for VRF Aware System Message Logging, page 2
• Information About VRF Aware System Message Logging, page 2
• How to Configure and Verify VRF Aware System Message Logging, page 5
• Configuration Examples for VRF Aware System Message Logging, page 11
• Additional References, page 12
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
VRF Aware System Message Logging (Syslog)
Prerequisites for VRF Aware System Message Logging
2
VRF Aware System Message Logging (Syslog)
Information About VRF Aware System Message Logging
You can receive system logging messages through a VRF interface on any router where you can
configure a VRF, that is:
• On a provider edge (PE) router that is used with Multiprotocol Label Switching (MPLS) and
multiprotocol Border Gateway Protocol (BGP) to provide a Layer 3 MPLS VPN network service.
• On a customer edge (CE) device (switch or router) that is configured for VRF-Lite, which is a VRF
implementation without multiprotocol BGP.
Figure 1 MPLS VPN and VRF Aware System Message Logging Configured on a Customer Edge
Router
146382
Log file display
VRF Aware System Message Logging on a Customer Edge Device with VRF-Lite
Configured
You can configure the VRF Aware System Message Logging feature on a CE device where you have
configured the VRF-Lite feature. The CE device can then send syslog messages through a VRF interface
to syslog servers in multiple VPNs. The CE device can be either a router or a switch.
Figure 2 shows the VRF Aware System Message Logging feature configured on a VRF-Lite CE device.
The CE device can send VRF syslog messages to syslog servers in VPN1 or VPN2 or to servers in both
VPN1 and VPN2. You can configure multiple VRFs on a VRF-Lite CE device, and the device can serve
many customers.
3
VRF Aware System Message Logging (Syslog)
Information About VRF Aware System Message Logging
Figure 2 VRF Aware System Message Logging Configured on a VRF-Lite Customer Edge
Device
R1
Syslog server1
VPN1
CE Log file display
VRF-lite
VRF router
device R2
VPN2
Syslog server2
146383
Log file display
4
VRF Aware System Message Logging (Syslog)
How to Configure and Verify VRF Aware System Message Logging
SUMMARY STEPS
1. enable
2. configure terminal
3. ip vrf-name
4. rd route-distinguisher
5. route-target {import | export | both} route-target-ext-community
6. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip vrf vrf-name Defines a VRF and enters VRF configuration mode.
• The vrf-name argument is a name assigned to the VRF.
Example:
Router(config)# ip vrf vpn1
5
VRF Aware System Message Logging (Syslog)
How to Configure and Verify VRF Aware System Message Logging
Example:
Router(config-vrf)# end
6
VRF Aware System Message Logging (Syslog)
How to Configure and Verify VRF Aware System Message Logging
Note You cannot configure a source address for VRF system logging messages. The VRF Aware System
Message Logging feature uses the VRF interface address as the source address for all VRF-aware system
logging messages.
After configuring the VRF and associating it with an interface, you can configure the VRF Aware System
Message Logging feature on the routing device.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type number
4. ip vrf forwarding vrf-name
5. end
6. copy running-config startup-config
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type number Configures an interface type and enters interface
configuration mode.
Example: • The type argument is the type of interface to be
Router(config)# interface FastEthernet 0/0/0 configured.
• The number argument is the port, connector, or
interface card number. The numbers are assigned at the
factory at the time of installation or when the port,
connector, or interface card is added to a system, and
can be displayed with the show interfaces command.
Step 4 ip vrf forwarding vrf-name Associates a VRF with an interface or subinterface.
• The vrf-name argument associates the interface with
Example: the specified VRF.
Router(config-if)# ip vrf forwarding vpn1
7
VRF Aware System Message Logging (Syslog)
How to Configure and Verify VRF Aware System Message Logging
Example:
Router(config-if)# end
Step 6 copy running-config startup-config (Optional) Saves configuration changes to NVRAM.
Example:
Router# copy running-config startup-config
Prerequisites
You must perform the following tasks before you perform this task:
• Configuring a VRF on a Routing Device, page 5
• Associating a VRF with an Interface, page 7
SUMMARY STEPS
1. enable
2. configure terminal
3. logging host {ip-address | hostname} [vrf vrf-name]
4. logging trap level
5. logging facility facility-type
6. logging buffered [buffer-size | severity-level]
7. end
DETAILED STEPS
Example:
Router# configure terminal
8
VRF Aware System Message Logging (Syslog)
How to Configure and Verify VRF Aware System Message Logging
Example:
Router(config)# end
SUMMARY STEPS
1. enable
2. show running-config | include logging
9
VRF Aware System Message Logging (Syslog)
How to Configure and Verify VRF Aware System Message Logging
DETAILED STEPS
Step 1 enable
Use this command to enable privileged EXEC mode. You can also enter this command in user EXEC
mode. Enter your password if prompted. For example:
Router> enable
Router#
This example shows the configuration of a syslog server in VRF vpn1 with a server host address of
10.0.0.3.
Step 3 show ip vrf interfaces
Use this command to display the interfaces associated with the VRF that links to a syslog server host.
The following example displays a list of VRF interfaces and their associated IP addresses that are
configured on the router:
Router# show ip vrf interfaces
Building configuration...
Router#
.
.
.
!
Current configuration : 116 bytes
!
10
VRF Aware System Message Logging (Syslog)
Configuration Examples for VRF Aware System Message Logging
interface FastEthernet0/0/0
ip vrf forwarding vpn1
ip address 10.0.0.98 255.0.0.0
duplex half
no cdp enable
end
This example displays configuration information for Fast Ethernet interface 0/0/0 in VRF vpn1.
Step 5 ping vrf vrf-name target-ip-address
Use this command to verify that you can reach the syslog server host, the target-ip-address, through the
specified VRF. For example:
Router# ping vrf vpn1 10.3.0.1
In this example, the syslog server has an IP address of 10.3.0.1 and the VRF is named vpn1. The server
is reached successfully four of five times.
Step 6 exit
Use this command to exit privileged EXEC mode. For example:
Router# exit
Router>
11
VRF Aware System Message Logging (Syslog)
Additional References
The following example shows how to turn off logging to the syslog server:
enable
configure terminal
!
no logging 10.0.1.3
end
Additional References
The following sections provide references related to configuring the VRF Aware System Message
Logging feature.
Related Documents
Related Topic Document Title
Description of commands associated with MPLS and Cisco IOS Multiprotocol Label Switching Command Reference
MPLS applications
Concepts and tasks for configuring MPLS VPNs Configuring MPLS Layer 3 VPNs
12
VRF Aware System Message Logging (Syslog)
Additional References
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
No new or modified RFCs are supported by this —
feature, and support for existing RFCs has not been
modified by this feature.
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
13
VRF Aware System Message Logging (Syslog)
Feature Information for VRF Aware System Message Logging
Note Table 2 Use Cisco Feature Navigator to find information about platform support and software image
support. Cisco Feature Navigator enables you to determine which Cisco IOS XE software images
support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to
http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
14
VRF Aware System Message Logging (Syslog)
Glossary
Glossary
CE router—customer edge router. A router on the border between a VPN provider and a VPN customer
that belongs to the customer.
LSR—label switching router. A device that forwards MPLS packets based on the value of a fixed-length
label encapsulated in each packet.
MPLS—Multiprotocol Label Switching. A method for forwarding packets (frames) through a network.
It enables routers at the edge of a network to apply labels to packets (frames). ATM switches or existing
routers in the network core can switch packets according to the labels with minimal lookup overhead.
MPLS VPN—Multiprotocol Label Switching Virtual Private Network. An IP network infrastructure
delivering private network services over a public infrastructure using a Layer 3 backbone. Using MPLS
VPNs in a Cisco IOS XE network provides the capability to deploy and administer scalable Layer 3 VPN
backbone services including applications, data hosting network commerce, and telephony services to
business customers.
PE router—provider edge router. A router on the border between a VPN provider and a VPN customer
that belongs to the provider.
VPN—Virtual Private Network. A group of sites that, as the result of a set of administrative policies, are
able to communicate with each other over a shared backbone network. A VPN is a secure IP-based
network that shares resources on one or more physical networks. A VPN contains geographically
dispersed sites that can communicate securely over a shared backbone. See also MPLS VPN.
VRF—VPN routing and forwarding instance. A VRF consists of an IP routing table, a derived
forwarding table, a set of interfaces that use the forwarding table, and a set of rules and routing protocols
that determine what goes into the forwarding table. In general, a VRF includes the routing information
that defines a customer VPN site that is attached to a PE router.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
15
VRF Aware System Message Logging (Syslog)
Glossary
16
MPLS VPN—L3VPN over GRE
The MPLS VPN—L3VPN over GRE feature provides a mechanism for tunneling Multiprotocol Label
Switching (MPLS) packets over a non-MPLS network.
The MPLS VPN—L3VPN over GRE feature utilizes MPLS over generic routing encapsulation
(MPLSoGRE) to encapsulate MPLS packets inside IP tunnels. This action creates a virtual
point-to-point link across non-MPLS networks.
Contents
• Prerequisites for MPLS VPN—L3VPN over GRE, page 2
• Restrictions for MPLS VPN—L3VPN over GRE, page 2
• Information About MPLS VPN—L3VPN over GRE, page 2
• How to Configure MPLS VPN—L3VPN over GRE, page 4
• Configuration Examples for MPLS VPN—L3VPN over GRE, page 6
• Additional References, page 8
• Command Reference, page 9
• Feature Information for MPLS VPN—L3VPN over GRE, page 10
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS VPN—L3VPN over GRE
Prerequisites for MPLS VPN—L3VPN over GRE
PE-to-PE Tunneling
The provider edge-to-provider edge (PE-to-PE) tunneling configuration provides a scalable way to
connect multiple customer networks across a non-MPLS network. With this configuration, traffic that is
destined to multiple customer networks is multiplexed through a single GRE tunnel.
2
MPLS VPN—L3VPN over GRE
Information About MPLS VPN—L3VPN over GRE
Note A similar nonscalable alternative is to connect each customer network through separate GRE tunnels (for
example, connecting one customer network for each GRE tunnel).
As shown in Figure 1, the PE routers assign VPN routing and forwarding (VRF) numbers to the customer
edge (CE) routers on each side of the non-MPLS network.
The PE routers use routing protocols such as BGP, OSPF, or Routing Information Protocol (RIP) to learn
about the IP networks behind the CE routers. The routes to the IP networks behind the CE routers are
stored in the associated CE router’s VRF routing table.
The PE router on one side of the non-MPLS network uses the routing protocols (that are operating within
the non-MPLS network) to learn about the PE router on the other side of the non-MPLS network. The
learned routes that are established between the PE routers are then stored in the main or default routing
table.
The opposing PE router uses BGP to learn about the routes that are associated with the customer
networks behind the PE routers. These learned routes are not known to the non-MPLS network.
For this example, BGP defines a static route to the BGP neighbor (the opposing PE router) through the
GRE tunnel that spans the non-MPLS network. Because the routes that are learned by the BGP neighbor
include the GRE tunnel next hop, all customer network traffic is sent using the GRE tunnel.
BGP BGP
OSPF OSPF
RIP BGP RIP
VPN1 VPN1
IPv4 cloud OSPF
CE-11 GRE Tunnel CE-21
188951
CE-12 CE-22
P-to-PE Tunneling
As shown in Figure 2, the provider-to-provider edge (P-to-PE) tunneling configuration provides a way
to connect a PE router (P1) to an MPLS segment (PE-2) across a non-MPLS network. In this
configuration, MPLS traffic that is destined to the other side of the non-MPLS network is sent through
a single GRE tunnel.
MPLS/VPN
MPLS/GRE
IPv4 cloud
MPLS GRE Tunnel
188952
No MPLS
PE-1 P1 PE-2
3
MPLS VPN—L3VPN over GRE
How to Configure MPLS VPN—L3VPN over GRE
P-to-P Tunneling
As shown in Figure 3, the provider-to-provider (P-to-P) configuration provides a method of connecting
two MPLS segments (P1 to P2) across a non-MPLS network. In this configuration, MPLS traffic that is
destined to the other side of the non-MPLS network is sent through a single GRE tunnel.
MPLS/GRE
IPv4 cloud
MPLS GRE Tunnel MPLS
188953
No MPLS
PE-1 P1 P2 PE-2
Prerequisites
Before configuring the MPLS VPN—L3VPN over GRE feature, ensure that your MPLS VPN and the
appropriate routing protocols are configured and working properly. See the “Prerequisites for MPLS
VPN—L3VPN over GRE” section on page 2.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface tunnel tunnel-number
4. ip address ip-address
5. tunnel source source-address
6. tunnel destination destination-address
7. mpls ip
4
MPLS VPN—L3VPN over GRE
How to Configure MPLS VPN—L3VPN over GRE
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface tunnel tunnel-number Creates a tunnel on the specified interface and enters
interface configuration mode.
Example:
Router(config)# interface tunnel 1
Step 4 ip address ip-address Assigns an IP address to the tunnel interface.
Example:
Router(config-if)# ip address 10.0.0.1
255.255.255.0
Step 5 tunnel source source-address Specifies the tunnel’s source IP address.
Example:
Router(config-if)# tunnel source 10.1.1.1
Step 6 tunnel destination destination-address Specifies the tunnel’s destination IP address.
Example:
Router(config-if)# tunnel destination 10.1.1.2
Step 7 mpls ip Enables MPLS on the tunnel’s physical interface.
Example:
Router(config-if)# mpls ip
Examples
The following example shows a GRE tunnel configuration that spans a non-MPLS network. This
example shows the tunnel configuration on the PE devices (PE1 and PE2) located at both ends of the
tunnel:
PE1 Configuration
Router# configure terminal
Router(config)# interface Tunnel 1
Router(config-if)# ip address 10.1.1.1 255.255.255.0
Router(config-if)# tunnel source 10.0.0.1
Router(config-if)# tunnel destination 10.0.0.2
Router(config-if)# mpls ip
5
MPLS VPN—L3VPN over GRE
Configuration Examples for MPLS VPN—L3VPN over GRE
PE2 Configuration
Router# configure terminal
Router(config)# interface Tunnel 1
Router(config-if)# ip address 10.1.1.2 255.255.255.0
Router(config-if)# tunnel source 10.0.0.2
Router(config-if)# tunnel destination 10.0.0.1
Router(config-if)# mpls ip
PE1 Configuration
!
mpls ip
!
ip vrf vpn1
rd 100:1
route-target import 100:1
route-target export 100:1
!
interface loopback 0
ip address 10.2.2.2 255.255.255.255
!
interface GigabitEthernet 0/1/2
ip address 10.1.1.1 255.255.255.0
!
interface Tunnel 1
ip address 10.0.0.1 255.255.255.0
tunnel source 10.1.1.1
tunnel destination 10.1.1.2
mpls ip
!
interface GigabitEthernet 0/1/3
ip vrf forwarding vpn1
ip address 10.10.0.1 255.255.255.0
!
router bgp 100
neighbor 10.5.5.5 remote-as 100
neighbor 10.5.5.5 update-source loopback0
!
address-family vpnv4
neighbor 10.5.5.5 activate
neighbor 10.5.5.5 send community-extended
!
address-family ipv4 vrf vpn1
neighbor 10.10.0.2 remote-as 20
neighbor 10.10.0.2 activate
!
6
MPLS VPN—L3VPN over GRE
Configuration Examples for MPLS VPN—L3VPN over GRE
PE2 Configuration
!
mpls ip
!
ip vrf vpn1
rd 100:1
route-target import 100:1
route-target export 100:1
!
interface loopback 0
ip address 10.5.5.5 255.255.255.255
!
interface GigabitEthernet 0/1/1
ip address 10.1.1.2 255.255.255.0
!
interface Tunnel 1
ip address 10.0.0.2 255.255.255.0
tunnel source 10.1.1.2
tunnel destination 10.1.1.1
mpls ip
!
interface GigabitEthernet 0/0/5
ip vrf forwarding vpn1
ip address 10.1.2.1 255.255.255.0
!
router bgp 100
neighbor 10.2.2.2 remote-as 100
neighbor 10.2.2.2 update-source loopback0
!
address-family vpnv4
neighbor 10.2.2.2 activate
neighbor 10.2.2.2 send community-extended
!
address-family ipv4 vrf vpn1
neighbor 10.1.2.2 remote-as 30
neighbor 10.1.2.2 activate
!
7
MPLS VPN—L3VPN over GRE
Additional References
Additional References
The following sections provide references related to the MPLS VPN—L3VPN over GRE feature.
Related Documents
Related Topic Document Title
Setting up MPLS VPN networks Configuring MPLS Layer 3 VPNs
Label Distribution Protocol MPLS Label Distribution Protocol Overview
Multiprotocol Border Gateway Protocol (MP-BGP) Configuring MPLS Layer 3 VPNs
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS
feature, and support for existing MIBs has not been releases, and feature sets, use Cisco MIB Locator found at the
modified by this feature. following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
None —
8
MPLS VPN—L3VPN over GRE
Command Reference
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
Command Reference
This feature uses no new or modified commands.
9
MPLS VPN—L3VPN over GRE
Feature Information for MPLS VPN—L3VPN over GRE
Note Table 1 lists only the Cisco IOS software release that introduced support for a given feature in a given
Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS
software release train also support that feature.
CCDE, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco StadiumVision, Cisco TelePresence,
Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn and Cisco Store are
service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP,
CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo,
Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive,
HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace,
MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare,
SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo
are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0812R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
10
MPLS VPN Half-Duplex VRF
The MPLS VPN Half-Duplex VRF feature provides scalable hub-and-spoke connectivity for subscribers
of an Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) service. This feature
addresses the limitations of hub-and-spoke topologies by removing the requirement of one virtual
routing and forwarding (VRF) instance per spoke. This feature also ensures that subscriber traffic always
traverses the central link between the wholesale service provider and the Internet service provider (ISP),
whether the subscriber traffic is being routed to a remote network by way of the upstream ISP or to
another locally or remotely connected subscriber.
Contents
• Prerequisites for Configuring MPLS VPN Half-Duplex VRF, page 2
• Restrictions for MPLS VPN Half-Duplex VRF, page 2
• Information About Configuring MPLS VPN Half-Duplex VRF, page 2
• How to Configure MPLS VPN Half-Duplex VRF, page 4
• Configuration Examples for MPLS VPN Half-Duplex VRF, page 10
• Additional References, page 16
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
2
MPLS VPN Half-Duplex VRF
Information About Configuring MPLS VPN Half-Duplex VRF
Spokes
104543
MPLS Core
CE2
Note Although the upstream VRF is typically populated from the hub, it is possible also to have
a separate local upstream interface on the spoke PE for a different local service that would
not be required to go through the hub: for example, a local Domain Name System (DNS) or
game server service.
• The downstream VRF forwards traffic from the hub PE router back to the spokes. This VRF can
contain:
– PPP peer routes for the spokes and per-user static routes received from the authentication,
authorization, and accounting (AAA) server or from the Dynamic Host Control Protocol
(DHCP) server
– Routes imported from the hub PE router
– Border Gateway Protocol (BGP), Open Shortest Path First (OSPF), Routing Information
Protocol (RIP), or Enhanced Interior Gateway Routing Protocol (EIGRP) dynamic routes for
the spokes
The spoke PE router redistributes routes from the downstream VRF into Multiprotocol Border
Gateway Protocol (MP-BGP). That router typically advertises a summary route across the MPLS
core for the connected spokes. The VRF configured on the hub PE router imports the advertised
summary route.
3
MPLS VPN Half-Duplex VRF
How to Configure MPLS VPN Half-Duplex VRF
SUMMARY STEPS
1. enable
2. configure terminal
3. vrf definition vrf-name
4. rd route-distinguisher
5. address-family {ipv4 | ipv6}
6. route-target {import | export | both} route-target-ext-community
7. exit-address-family
8. end
DETAILED STEPS
Example:
Router# configure terminal
4
MPLS VPN Half-Duplex VRF
How to Configure MPLS VPN Half-Duplex VRF
Example:
Router(config-vrf-af)# exit-address-family
Step 8 end Exits to privileged EXEC mode.
Example:
Router(config-vrf)# end
5
MPLS VPN Half-Duplex VRF
How to Configure MPLS VPN Half-Duplex VRF
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type number
4. vrf forwarding vrf-name [downstream vrf-name2]
5. ip address ip-address mask [secondary]
6. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type number Configures an interface type and enters interface
configuration mode.
Example: • The type argument identifies the type of interface to be
Router(config)# interface Ethernet 0/1 configured.
• The number argument identifies the port, connector, or
interface card number.
Step 4 vrf forwarding vrf-name [downstream vrf-name2] Associates a VRF with an interface or subinterface.
• The vrf-name argument is the name of the VRF.
Example: • The downstream vrf-name2 keyword and argument
Router(config-if)# vrf forwarding vrf1
combination is the name of the downstream VRF into
which peer and per-user routes are installed.
6
MPLS VPN Half-Duplex VRF
How to Configure MPLS VPN Half-Duplex VRF
Example:
Router(config-if) end
In standard VPN situations, enter instead the following Cisco attribute value:
ip:vrf-id=U downstream D
SUMMARY STEPS
1. show vrf [ipv4 | ipv6] [brief | detail | id | interfaces | lock | select] [vrf-name]
2. show ip route vrf vrf-name
3. show running-config [interface type number]
DETAILED STEPS
Step 1 show vrf [ipv4 | ipv6] [brief | detail | id | interfaces | lock | select ] [vrf-name]
Use this command to display information about all of the VRFs configured on the router, including the
downstream VRF for each associated interface or virtual access interface (VAI):
Router# show vrf
7
MPLS VPN Half-Duplex VRF
How to Configure MPLS VPN Half-Duplex VRF
Virtual-Access4 [D]
Up 100:2 POS3/0/3
POS3/0/1
100:4 Virtual-Access3
Use the show vrf detail vrf-name command to display detailed information about the VRF you specify,
including all interfaces, subinterfaces, and VAIs associated with the VRF.
If you do not specify a value for the vrf-name argument, detailed information about all of the VRFs
configured on the router appears.
The following example shows how to display detailed information for the VRF called vrf1, in a
broadband or remote access case:
Router# show vrf detail vrf1
The following example shows the VRF detail in a standard VPN situation:
Router# show vrf detail
VRF Down; default RD 100:1; default VPNID <not set> VRF Table ID = 1
Description: import only from hub-pe
Interfaces:
Pos3/0/3 [D] Pos3/0/1:0.1 [D]
Connected addresses are not in global routing table
Export VPN route-target communities
RT:100:0
Import VPN route-target communities
RT:100:1
No import route-map
No export route-map
VRF label distribution protocol: not configured
VRF Up; default RD 100:2; default VPNID <not set> VRF Table ID = 2
Interfaces:
Pos3/0/1 Pos3/0/3
Connected addresses are not in global routing table
No Export VPN route-target communities
Import VPN route-target communities
RT:100:1
No import route-map
No export route-map
VRF label distribution protocol: not configured
8
MPLS VPN Half-Duplex VRF
How to Configure MPLS VPN Half-Duplex VRF
Use this command to display the IP routing table for the VRF you specify, and information about the
per-user routes installed in the downstream VRF.
The following example shows how to display the routing table for the downstream VRF named D, in a
broadband or remote access situation:
Router# show ip route vrf D
Routing Table: D
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS interarea
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
The following example shows how to display the routing table for the downstream VRF named Down,
in a standard VPN situation:
Router# show ip route vrf Down
The following example shows how to display the routing table for the upstream VRF named U in a
broadband or remote access situation:
Router# show ip route vrf U
Routing Table: U
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
9
MPLS VPN Half-Duplex VRF
Configuration Examples for MPLS VPN Half-Duplex VRF
The following example shows how to display the routing table for the upstream VRF named Up in a
standard VPN situation:
Router# show ip route vrf Up
Routing Table: Up
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Building configuration...
10
MPLS VPN Half-Duplex VRF
Configuration Examples for MPLS VPN Half-Duplex VRF
• Configuring the Upstream and Downstream VRFs on the Spoke PE Router: Example, page 11
• Associating a VRF with an Interface: Example, page 11
• Configuring MPLS VPN Half-Duplex VRF: Example Using Static CE-PE Routing, page 11
• Configuring MPLS VPN Half-Duplex VRF: Example Using RADIUS Server and Static CE-PE
Routing, page 13
• Configuring MPLS VPN Half-Duplex VRF: Example Using Dynamic CE-PE Routing, page 14
Configuring MPLS VPN Half-Duplex VRF: Example Using Static CE-PE Routing
This example uses the hub-and-spoke topology shown in Figure 2 with local authentication (that is, the
RADIUS server is not used):
11
MPLS VPN Half-Duplex VRF
Configuration Examples for MPLS VPN Half-Duplex VRF
RADIUS Server
Spokes
242701
MPLS Core
Router B
vrf definition D
rd 1:8
address-family ipv4
route-target export 1:100
exit-address-family
!
vrf definition U
rd 1:0
address-family ipv4
route-target import 1:0
exit-address-family
!
ip cef
vpdn enable
!
vpdn-group U
accept-dialin
protocol pppoe
virtual-template 1
!
interface Loopback 2
vrf forwarding U
ip address 10.0.0.8 255.255.255.255
!
interface ATM 2/0
description Mze ATM3/1/2
no ip address
no atm ilmi-keepalive
pvc 0/16 ilmi
!
pvc 3/100
protocol pppoe
!
pvc 3/101
protocol pppoe
!
12
MPLS VPN Half-Duplex VRF
Configuration Examples for MPLS VPN Half-Duplex VRF
Configuring MPLS VPN Half-Duplex VRF: Example Using RADIUS Server and
Static CE-PE Routing
The following example shows how to connect two Point-to-Point Protocol over Ethernet (PPPoE) clients
to a single VRF pair on the spoke PE router named Router C. Although both PPPoE clients are
configured in the same VRF, all communication occurs using the hub PE router. Half-duplex VRFs are
configured on the spoke PE. The client configuration is downloaded to the spoke PE from the RADIUS
server.
This example uses the hub-and-spoke topology shown in Figure 2.
Note The wholesale provider can forward the user authentication request to the corresponding ISP. If the ISP
authenticates the user, the wholesale provider appends the VRF information to the request that goes back
to the PE router.
aaa new-model
!
aaa group server radius R
server 10.0.20.26 auth-port 1812 acct-port 1813
!
aaa authentication ppp default group radius
aaa authorization network default group radius
!
vrf defintion D
description Downstream VRF - to spokes
rd 1:8
address-family ipv4
route-target export 1:100
exit-address-family
!
vrf definition U
description Upstream VRF - to hub
rd 1:0
address-family ipv4
route-target import 1:0
exit-address-family
!
ip cef
vpdn enable
!
vpdn-group U
accept-dialin
protocol pppoe
virtual-template 1
!
interface Loopback2
vrf forwarding U
ip address 10.0.0.8 255.255.255.255
!
interface ATM2/0
pvc 3/100
protocol pppoe
!
pvc 3/101
protocol pppoe
!
interface virtual-template 1
no ip address
ppp authentication chap
13
MPLS VPN Half-Duplex VRF
Configuration Examples for MPLS VPN Half-Duplex VRF
!
router bgp 1
no synchronization
neighbor 172.16.0.34 remote-as 1
neighbor 172.16.0.34 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 172.16.0.34 activate
neighbor 172.16.0.34 send-community extended
auto-summary
exit-address-family
!
address-family ipv4 vrf U
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 vrf D
redistribute static
no auto-summary
no synchronization
exit-address-family
!
ip local pool U-pool 10.8.1.1 2.8.1.100
ip route vrf D 10.0.0.0 255.0.0.0 Null0
!
radius-server host 10.0.20.26 auth-port 1812 acct-port 1813
radius-server key cisco
Enabling MPLS
mpls ldp graceful-restart
mpls ldp router-id Loopback0 force
mpls label protocol ldp
14
MPLS VPN Half-Duplex VRF
Configuration Examples for MPLS VPN Half-Duplex VRF
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
neighbor 10.13.13.13 remote-as 100
neighbor 10.13.13.13 update-source Loopback0
!
address-family vpnv4
neighbor 10.13.13.13 activate
neighbor 10.13.13.13 send-community extended
bgp scan-time import 5
exit-address-family
15
MPLS VPN Half-Duplex VRF
Additional References
Additional References
The following sections provide references related to the MPLS VPN Half-Duplex VRFs feature.
Related Documents
Related Topic Document Title
MPLS VPNs Configuring MPLS Layer 3 VPNs
MPLS commands Cisco IOS Multiprotocol Label Switching Command Reference
Unicast Reverse Path Forwarding Configuring Unicast Reverse Path Forwarding
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
16
MPLS VPN Half-Duplex VRF
RFCs
RFCs
RFC Title
RFC 2547 BGP/MPLS VPNs
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/cisco/web/support/index.html
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
17
MPLS VPN Half-Duplex VRF
Feature Information for MPLS VPN Half-Duplex VRF
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a given
Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that Cisco IOS XE
software release train also support that feature.
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Nurse Connect, Cisco Pulse, Cisco SensorBase,
Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good,
Flip Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network are trademarks;
Changing the Way We Work, Live, Play, and Learn, Cisco Capital, Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store, Flip Gift Card,
and One Million Acts of Green are service marks; and Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Lumin, Cisco Nexus,
Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Continuum, EtherFast,
EtherSwitch, Event Center, Explorer, Follow Me Browsing, GainMaker, iLYNX, IOS, iPhone, IronPort, the IronPort logo, Laser Link, LightStream,
Linksys, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, PCNow, PIX, PowerKEY, PowerPanels, PowerTV,
PowerTV (Design), PowerVu, Prisma, ProConnect, ROSA, SenderBase, SMARTnet, Spectrum Expert, StackWise, WebEx, and the WebEx logo are
registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0910R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
18
MPLS Embedded Management and MIBs
MPLS Enhancements to Interfaces MIB
This document describes the Multiprotocol Label Switching (MPLS) enhancements to the existing
Interfaces MIB (RFC 2233) to support an MPLS layer. This layer provides counters and statistics
specifically for MPLS.
Contents
• Prerequisites for MPLS Enhancements to Interfaces MIB, page 2
• Restrictions for MPLS Enhancements to Interfaces MIB, page 2
• Information About MPLS Enhancements to Interfaces MIB, page 3
• How to Configure MPLS Enhancements to Interfaces MIB, page 8
• Configuration Examples for the MPLS Enhancements to Interfaces MIB, page 10
• Additional References, page 10
• Feature Information for MPLS Enhancements to Interfaces MIB, page 12
• Glossary, page 13
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Enhancements to Interfaces MIB
Prerequisites for MPLS Enhancements to Interfaces MIB
2
MPLS Enhancements to Interfaces MIB
Information About MPLS Enhancements to Interfaces MIB
Note You must also issue these commands in global configuration mode for MPLS IP or MPLS TE to be
enabled.
3
MPLS Enhancements to Interfaces MIB
Information About MPLS Enhancements to Interfaces MIB
An IF MIB entry is created when you enable either MPLS IP or MPLS TE tunnels on an interface; the
entry is removed when you disable both MPLS IP and MPLS TE.
ifStackTable Objects
Table 1 defines the ifStackTable objects.
Object Definition
ifStackHigherLayer The value of ifIndex corresponding to the higher sublayer of the
relationship; that is, the sublayer that runs on top of the
sublayer identified by the corresponding instance of the
ifStackLowerLayer.
Note Index objects are not accessible in a MIB walk. This
value is part of the object identifier (OID) for every
object in the ifStackTable.
ifStackLowerLayer The value of ifIndex corresponding to the lower sublayer of the
relationship; that is, the sublayer that runs below the sublayer
identified by the corresponding instance of the
ifStackHigherLayer.
Note Index objects are not accessible in a MIB walk. This
value is part of the OID for every object in the
ifStackTable.
ifStackStatus Used to create and delete rows in the ifStackTable; status is
always active(1) for MPLS.
ifRcvAddressTable Objects
Table 2 defines the ifRcvAddressTable objects.
Note Entries for the MPLS layer do not appear in the ifRcvAddressTable.
Object Definition
ifRcvAddressAddress An address for which the system accepts packets and frames on
this entry’s interface.
Note Index objects are not accessible in a MIB walk. This
value is part of the OID for every object in the
ifRcvAddressTable.
ifRcvAddressStatus Used to create and delete rows in the ifRcvAddressTable.
ifRcvAddressType Type of storage used for each entry in the ifRcvAddressTable.
4
MPLS Enhancements to Interfaces MIB
Information About MPLS Enhancements to Interfaces MIB
.0.15
TE Interface
ifIndex 15
.15.10
MPLS Layer
ifIndex 10
.10.5
ATM-AAL5
ifIndex 5
.5.55
ATM Subinterface
ifIndex 55
.55.72
ATM
ifIndex 72
82272
.72.0
ifIndex 0
5
MPLS Enhancements to Interfaces MIB
Information About MPLS Enhancements to Interfaces MIB
Table 3 describes the indexing of the ifStackTable for the layer relationships shown in Figure 1.
Note The order of the entries in Table 3 may not be the same as that seen in the MIB walk, which has to follow
SNMP ordering rules.
6
MPLS Enhancements to Interfaces MIB
Information About MPLS Enhancements to Interfaces MIB
ifStackTable
ifStackTable
15.2
15.2
TE Tunnel *15.1
ifIndex 15 = new
*
ifIndex 2
ifIndex 2
ifIndex 1
82271
ifIndex 1
TE Tunnel
ifIndex 15
Table ifIndex
MPLS interface configuration table mplsInterfaceConfIndex
(mplsInterfaceConfTable)
MPLS in-segment table (mplsInSegmentTable) mplsInSegmentIfIndex
MPLS cross-connect table (mplsXCTable) mplsInSegmentIfIndex
MPLS out-segment table (mplsOutSegmentTable) mplsOutSegmentIfIndex
7
MPLS Enhancements to Interfaces MIB
How to Configure MPLS Enhancements to Interfaces MIB
TE Tunnel Interfaces
For TE tunnel interfaces, the stacking relationship reflects the current underlying MPLS interface that
is in use and dynamically changes as TE tunnels reoptimize and reroute.
MPLS-Specific Information
The MPLS layer shows MPLS-specific information including the following:
• If MPLS is enabled
• MPLS counters
• MPLS MTU
• MPLS operational status
SUMMARY STEPS
1. enable
2. show running-config
3. configure terminal
4. snmp-server community string [view view-name] [ro] [number]
5. end
6. write memory
7. show running-config
8
MPLS Enhancements to Interfaces MIB
How to Configure MPLS Enhancements to Interfaces MIB
DETAILED STEPS
Example:
Router# configure terminal
Step 4 snmp-server community string [view view-name] Configures read-only (ro) community strings for the MPLS
[ro] [number] Label Distribution Protocol (LDP) MIB.
• The string argument functions like a password,
Example: permitting access to SNMP functionality on label
Router(config)# snmp-server community public ro switch routers (LSRs) in an MPLS network.
• The optional ro keyword configures read-only (ro)
access to the objects in the MPLS LDP MIB.
Step 5 end Exits to privileged EXEC mode.
Example:
Router(config)# end
Step 6 write memory Writes the modified SNMP configuration into NVRAM of
the router, permanently saving the SNMP settings.
Example:
Router# write memory
Step 7 show running-config Displays the running configuration of the router so that you
can determine if an SNMP agent is already running on the
device.
Example:
Router# show running-config If you see any snmp-server statements, SNMP has been
enabled on the router.
If any SNMP information is displayed, you can modify the
information or change it as desired.
9
MPLS Enhancements to Interfaces MIB
Configuration Examples for the MPLS Enhancements to Interfaces MIB
In the following example, SNMPv1 and SNMPv2C are enabled. The configuration permits any SNMP
manager to access all objects with read-only permissions using the community string public.
Router(config)# snmp-server community public
In the following example, read-only access is allowed for all objects to members of access list 4 that
specify the comaccess community string. No other SNMP managers have access to any objects.
Router(config)# snmp-server community comaccess ro 4
Additional References
The following sections provide references related to the MPLS Enhancements to Interfaces MIB feature.
Related Documents
Related Topic Document Title
SNMP commands Cisco IOS Network Management Command Reference
SNMP configuration “Configuring SNMP Support” in the Cisco IOS XE
Network Management Configuration Guide, Release 2
A description of SNMP agent support in Cisco IOS XE MPLS Traffic Engineering (TE) MIB
for the MPLS Traffic Engineering MIB (MPLS TE
MIB)
Standards
Standards Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
10
MPLS Enhancements to Interfaces MIB
Additional References
MIBs
MIBs MIBs Link
Interfaces Group MIB (IF MIB) To locate and download MIBs for selected platforms, Cisco IOS XE
software releases, and feature sets, use Cisco MIB Locator found at
the following URL:
http://www.cisco.com/go/mibs
RFCs
RFCs Title
RFC 1156 Management Information Base for Network Management of
TCP/IP-based internets
RFC 1157 A Simple Network Management Protocol (SNMP)
RFC 1213 Management Information Base for Network Management of
TCP/IP-based internets: MIB-II
RFC 1229 Extensions to the Generic-Interface MIB
RFC 2233 Interfaces MIB
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
11
MPLS Enhancements to Interfaces MIB
Feature Information for MPLS Enhancements to Interfaces MIB
Note Table 5 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
12
MPLS Enhancements to Interfaces MIB
Glossary
Glossary
ATM—Asynchronous Transfer Mode. The international standard for cell relay in which multiple service
types (such as voice, video, or data) are conveyed in fixed-length (53-byte) cells. Fixed-length cells
allow cell processing to occur in hardware, thereby reducing transit delays. ATM is designed to take
advantage of high-speed transmission media, such as E3, SONET, and T3.
ATM-AAL5—ATM adaptation layer 5. One of four AALs recommended by the ITU-T. AAL5 supports
connection-oriented variable bit rate (VBR) services and is used predominantly for the transfer of
classical IP over ATM and LAN emulation (LANE) traffic. AAL5 uses simple and efficient AAL (SEAL)
and is the least complex of the current AAL recommendations. It offers low bandwidth overhead and
simpler processing requirements in exchange for reduced bandwidth capacity and error-recovery
capability.
encapsulation—Wrapping of data in a particular protocol header. For example, Ethernet data is wrapped
in a specific Ethernet header before network transit. Also, when bridging dissimilar networks, the entire
frame from one network is simply placed in the header used by the data link layer protocol of the other
network.
IETF—Internet Engineering Task Force. A task force (consisting of more than 80 working groups) that
is developing standards for the Internet and the IP suite of protocols.
interface—The boundary between adjacent layers of the ISO model.
label—A short, fixed-length identifier that is used to determine the forwarding of a packet.
label switching—A term used to describe the forwarding of IP (or other network layer) packets using a
label swapping algorithm based on network layer routing algorithms. The forwarding of these packets
uses the exact match algorithm and rewrites the label.
LSR—label switching router. A device that forwards Multiprotocol Label Switching (MPLS) packets
based on the value of a fixed-length label encapsulated in each packet.
MIB—Management Information Base. A database of network management information that is used and
maintained by a network management protocol such as Simple Network Management Protocol (SNMP).
The value of a MIB object can be changed or retrieved by means of SNMP commands, usually through
a network management system. MIB objects are organized in a tree structure that includes public
(standard) and private (proprietary) branches.
MPLS—Multiprotocol Label Switching. A method for forwarding packets (frames) through a network.
It enables routers at the edge of a network to apply labels to packets (frames). ATM switches or existing
routers in the network core can switch packets according to the labels with minimal lookup overhead.
MPLS interface—An interface on which Multiprotocol Label Switching (MPLS) traffic is enabled.
MTU—maximum transmission unit. Maximum packet size, in bytes, that a particular interface can
handle.
NMS—network management system. System responsible for managing at least part of a network. An
NMS is generally a reasonably powerful and well-equipped computer, such as an engineering
workstation. NMSs communicate with agents to help keep track of network statistics and resources.
OID—object identifier. Values are defined in specific MIB modules. The Event MIB allows you or an
NMS to watch over specified objects and to set event triggers based on existence, threshold, and Boolean
tests. An event occurs when a trigger is fired; this means that a specified test on an object returns a value
of true. To create a trigger, you or a network management system (NMS) configures a trigger entry in
the mteTriggerTable of the Event MIB. This trigger entry specifies the OID of the object to be watched.
For each trigger entry type, corresponding tables (existence, threshold, and Boolean tables) are
13
MPLS Enhancements to Interfaces MIB
Glossary
populated with the information required for carrying out the test. The MIB can be configured so that
when triggers are activated (fired) either a Simple Network Management Protocol (SNMP) Set is
performed, a notification is sent out to the interested host, or both.
SNMP—Simple Network Management Protocol. A management protocol used almost exclusively in
TCP/IP networks. SNMP provides a means for monitoring and controlling network devices, and for
managing configurations, statistics collection, performance, and security.
traffic engineering tunnel—A label-switched tunnel that is used for traffic engineering. Such a tunnel
is set up through means other than normal Layer 3 routing; it is used to direct traffic over a path different
from the one that Layer 3 routing could cause the tunnel to take.
trap—A message sent by a Simple Network Management Protocol (SNMP) agent to a network
management station, console, or terminal, indicating that a significant event occurred. Traps are less
reliable than notification requests, because the receiver does not send an acknowledgment when it
receives a trap. The sender cannot determine if the trap was received.
tunnel—A secure communication path between two peers, such as routers.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
14
MPLS LSP Ping/Traceroute for LDP/TE, and LSP
Ping for VCCV
The MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV feature helps service providers
monitor label switched paths (LSPs) and quickly isolate Multiprotocol Label Switching (MPLS)
forwarding problems.
The feature provides the following capabilities:
• MPLS LSP ping to test LSP connectivity for IPv4 Label Distribution Protocol (LDP) prefixes,
Resource Reservation Protocol (RSVP) traffic engineering (TE), and Any Transport over MPLS
(AToM) forwarding equivalence classes (FECs).
• MPLS LSP traceroute to trace the LSPs for IPv4 LDP prefixes and RSVP TE prefixes.
Contents
• Prerequisites for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV, page 2
• Restrictions for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV, page 2
• Information About MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV, page 3
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Prerequisites for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
• How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV, page 10
• Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV,
page 31
• Additional References, page 58
• Feature Information for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV, page 60
• Glossary, page 61
2
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Information About MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
• A platform must support LSP ping and traceroute in order to respond to an MPLS echo request
packet.
• Unless the MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV feature is enabled
along the entire path, you cannot get a reply if the request fails along the path at any node.
• There are certain limitations when a mixture of draft versions are implemented within a network.
The version of the draft must be compatible with Cisco’s implementation. Due to the way the LSP
Ping draft was written, earlier versions may not be compatible with later versions because of
changes to type, length, values (TLVs) formats without sufficient versioning information. Cisco
attempts to compensate for this in its implementations by allowing the sending and responding
routers to be configured to encode and decode echo packets assuming a certain version.
• If you want to use MPLS LSP traceroute, the network should not use TTL hiding.
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV Functionality
Internet Control Message Protocol (ICMP) ping and traceroute are often used to help diagnose the root
cause when a forwarding failure occurs. However, they are not well suited for identifying LSP failures
because an ICMP packet can be forwarded via IP to the destination when an LSP breakage occurs.
The MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV feature is well suited for
identifying LSP breakages for the following reasons:
• An MPLS echo request packet cannot be forwarded via IP because IP TTL is set to 1 and the IP
destination address field is set to a 127/8 address.
• The FEC being checked is not stored in the IP destination address field (as is the case of ICMP).
MPLS echo request and reply packets test LSPs. There are two methods by which a downstream router
can receive packets:
• The Cisco implementation of MPLS echo request and echo reply that was previously based on the
Internet Engineering Task Force (IETF) Internet Draft Detecting MPLS Data Plane Failures
(draft-ietf-mpls-lsp-ping-03.txt).
3
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Information About MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
• Features described in this document that are based on the IETF RFC 4379 Detecting Multi-Protocol
Label Switched (MPLS) Data Plane Failures:
– Echo request output interface control
– Echo request traffic pacing
– Echo request end-of-stack explicit-null label shimming
– Echo request request-dsmap capability
– Request-fec checking
– Depth limit reporting
Figure 1 MPLS LSP Ping Echo Request and Echo Reply Paths
LSP
If you initiate an MPLS LSP ping request at LSR1 to a FEC at LSR6, you get the results shown in
Table 1.
4
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Information About MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Note When a router traces an IPV4 FEC that goes over a traffic engineering tunnel, intermediate routers may
return U (unreachable) if LDP is not running in those intermediate routers.
Figure 2 shows an MPLS LSP traceroute example with an LSP from LSR1 to LSR4.
5
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Information About MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
LSP
TTL=1 1
LSP
TTL=2 3 4
LSP
TTL=3 6 7 8
103388
LSR1 9 LSR2 LSR3 LSR4
If you enter an LSP traceroute to an FEC at LSR4 from LSR1, you get the results shown in Table 2.
Step Router MPLS Packet Type and Description Router Action (Receive or Send)
1. LSR1 MPLS echo request—With a target • Sets the TTL of the label stack to 1
FEC pointing to LSR4 and to a • Sends the request to LSR2
downstream mapping
2. LSR2 MPLS echo reply • Receives the packet with a TTL = 1
• Processes the User Datagram Protocol (UDP) packet as an
MPLS echo request
• Finds a downstream mapping and replies to LSR1 with its own
downstream mapping, based on the incoming label
3. LSR1 MPLS echo request—With the same • Sets the TTL of the label stack to 2
target FEC and the downstream • Sends the request to LSR2
mapping received in the echo reply
from LSR2
4. LSR2 MPLS echo request • Receives the packet with a TTL = 2
• Decrements the TTL
• Forwards the echo request to LSR3
5. LSR3 MPLS reply packet • Receives the packet with a TTL = 1
• Processes the UDP packet as an MPLS echo request
• Finds a downstream mapping and replies to LSR1 with its own
downstream mapping based on the incoming label
6. LSR1 MPLS echo request—With the same • Sets the TTL of the packet to 3
target FEC and the downstream
• Sends the request to LSR2
mapping received in the echo reply
from LSR3
6
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Information About MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Step Router MPLS Packet Type and Description Router Action (Receive or Send)
7. LSR2 MPLS echo request • Receives the packet with a TTL = 3
• Decrements the TTL
• Forwards the echo request to LSR3
8. LSR3 MPLS echo request • Receives the packet with a TTL = 2
• Decrements the TTL
• Forwards the echo request to LSR4
9. LSR4 MPLS echo reply • Receives the packet with a TTL = 1
• Processes the UDP packet as an MPLS echo request
• Finds a downstream mapping and also finds that the router is
the egress router for the target FEC
• Replies to LSR1
MPLS Network Management with MPLS LSP Ping and MPLS LSP Traceroute
To manage an MPLS network, you must have the ability to monitor LSPs and quickly isolate MPLS
forwarding problems. You need ways to characterize the liveliness of an LSP and reliably detect when
an LSP fails to deliver user traffic.
You can use MPLS LSP ping to verify the LSP that is used to transport packets destined for IPv4 LDP
prefixes, and AToM PW FECs. You can use MPLS LSP traceroute to trace LSPs that are used to carry
packets destined for IPv4 LDP prefixes.
An MPLS echo request is sent through an LSP to validate it. A TTL expiration or LSP breakage causes
the transit router to process the echo request before it gets to the intended destination. The router returns
an MPLS echo reply that contains an explanatory reply code to the originator of the echo request.
The successful echo request is processed at the egress of the LSP. The echo reply is sent via an IP path,
an MPLS path, or a combination of both back to the originator of the echo request.
7
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Information About MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
An AToM VC advertises its AToM VCCV disposition capabilities in both directions: that is, from the
originating router (PE1) to the destination router (PE2), and from PE2 to PE1.
In some instances, AToM VCs might use different switching types if the two endpoints have different
AToM VCCV capabilities. If PE1 supports Type 1 and Type 2 AToM VCCV switching and PE2 supports
only Type 2 AToM VCCV switching, there are two consequences:
• LSP ping packets sent from PE1 to PE2 are encapsulated with Type 2 switching.
• LSP ping packets sent from PE2 to PE1 use Type 1 switching.
8
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Information About MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
You can determine the AToM VCCV capabilities advertised to and received from the peer by entering
the show mpls l2transport binding command at the PE router.
Echo Return
Output Code Code Meaning
x 0 No return code.
M 1 Malformed echo request.
m 2 Unsupported TLVs.
! 3 Success.
F 4 No FEC mapping.
D 5 DS Map mismatch.
I 6 Unknown Upstream Interface index.
U 7 Reserved.
L 8 Labeled output interface.
B 9 Unlabeled output interface.
f 10 FEC mismatch.
N 11 No label entry.
P 12 No receive interface label protocol.
p 13 Premature termination of the LSP.
X unknown Undefined return code.
Note Echo return codes 6 and 7 are accepted only for Version 3 (draft-ieft-mpls-ping-03).
9
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
• If an LSP breakage occurs at a transit router, the MPLS echo packet is not forwarded; it is consumed
by the router.
• If the LSP is intact, the MPLS echo packet reaches the target router and is processed by the terminal
point of the LSP.
Figure 3 shows the path of the MPLS echo request and reply when a transit router fails to label switch a
packet in an LSP.
LSP breakage
103389
MPLS echo
request PE1 PE2
Target router
Note An AToM payload does not contain usable forwarding information at a transit router because the payload
may not be an IP packet. An MPLS VPN packet, although an IP packet, does not contain usable
forwarding information at a transit router because the destination IP address is significant only to the
virtual routing and forwarding (VRF) instances at the endpoints of the MPLS network.
10
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Note We recommend that you use the mpls oam global configuration command instead of the revision option.
Note No images are available on cisco.com to support Revision 2. It is recommended that you use only images
supporting Version 3 and later when configuring TLV encode and decode modes. MPLS Multipath LSP
traceroute requires Cisco Revision 4 or later.
11
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
To enable compatibility between the MPLS LSP and ping or traceroute implementation by customizing
the default behavior of echo packets, perform the following steps.
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls oam
4. echo revision {3 | 4}
5. echo vendor-extension
6. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls oam Enters MPLS OAM configuration mode for customizing the
default behavior of echo packets.
Example:
Router(config)# mpls oam
Step 4 echo revision {3 | 4} Specifies the revision number of the echo packet’s default
values.
Example: • 3—draft-ietf-mpls-ping-03 (Revision 2).
Router(config-mpls)# echo revision 4
• 4—RFC 4379 compliant (default).
Step 5 echo vendor-extension Sends the Cisco-specific extension of TLVs with echo
packets.
Example:
Router(config-mpls)# echo vendor-extension
Step 6 exit Returns to global configuration mode.
Example:
Router(config-mpls)# exit
12
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Validating an FEC by Using MPLS LSP Ping and MPLS LSP Traceroute
An LSP is formed by labels. Routers learn labels through LDP, AToM, or some other MPLS applications.
You can use MPLS LSP ping or traceroute to validate an LSP used for forwarding traffic for a given FEC.
This section describes the following tasks:
• Validating an LDP IPv4 FEC by Using MPLS LSP Ping and MPLS LSP Traceroute, page 13
• Validating a Layer 2 FEC by Using MPLS LSP Ping and MPLS LSP Traceroute, page 14
Validating an LDP IPv4 FEC by Using MPLS LSP Ping and MPLS LSP Traceroute
To ensure that the router will be able to forward MPLS packets for IPv4 FEC prefixes advertised by LDP,
perform the following steps.
SUMMARY STEPS
1. enable
2. ping mpls ipv4 destination-address/destination-mask-length [repeat count] [exp exp-bits]
[verbose]
or
trace mpls ipv4 destination-address/destination-mask-length
3. exit
DETAILED STEPS
13
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
or
trace mpls ipv4 destination-address
/destination-mask-length
Example:
Router# ping mpls ipv4 10.131.191.252/32 exp 5
repeat 5 verbose
or
Example:
Router# trace mpls ipv4 10.131.191.252/32
Step 3 exit Returns to user EXEC mode.
Example:
Router# exit
Validating a Layer 2 FEC by Using MPLS LSP Ping and MPLS LSP Traceroute
To ensure that the router will be able to forward MPLS packets for Layer 2 FEC prefixes advertised by
LDP, perform the following steps.
SUMMARY STEPS
1. enable
2. ping mpls pseudowire ipv4-address vc-id vc-id
3. exit
DETAILED STEPS
14
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Example:
Router# ping mpls pseudowire 10.131.191.252
vc-id 333
Step 3 exit Returns to user EXEC mode.
Example:
Router# exit
Note Before draft Version 8, Cisco implemented the Reply DSCP option as an experimental capability using
a Cisco vendor extension TLV. If a router is configured to encode MPLS echo packets for draft Version 3
implementations, a Cisco vendor extension TLV is used instead of the Reply TOS TLV that was defined
in draft Version 8.
To use DSCP to request a specific CoS in an echo reply, perform the following steps.
SUMMARY STEPS
1. enable
2. ping mpls {ipv4 destination-address/destination-mask-length | pseudowire ipv4-address vc-id
vc-id } [reply dscp dscp-value]
or
trace mpls ipv4 destination-address/destination-mask-length [reply dscp dscp-value]
3. exit
15
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
DETAILED STEPS
or
trace mpls ipv4 destination-address
/destination-mask-length [reply dscp
dscp-value]
Example:
Router# ping mpls ipv4 10.131.191.252/32 reply
dscp 50
or
Example:
Router# trace mpls ipv4 10.131.191.252/32 reply
dscp 50
Step 3 exit Returns to user EXEC mode.
Example:
Router# exit
Reply Modes for an MPLS LSP Ping and LSP Traceroute Echo Request Response
The reply mode controls how a responding router replies to an MPLS echo request sent by a ping mpls
or trace mpls command. There are two reply modes for an echo request packet:
• ipv4—Reply with an IPv4 UDP packet (default)
• router-alert—Reply with an IPv4 UDP packet with router alert
Note It is useful to use ipv4 and router-alert reply modes in conjunction with each other to prevent false
negatives. If you do not receive a reply via the ipv4 mode, it is useful to send a test with the router-alert
reply mode. If both fail, something is wrong in the return path. The problem may be only that the Reply
TOS is not set correctly.
16
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
IPv4 packet is the most common reply mode used with a ping mpls or trace mpls command when you
want to periodically poll the integrity of an LSP. With this option, you do not have explicit control over
whether the packet traverses IP or MPLS hops to reach the originator of the MPLS echo request. If the
originating (headend) router fails to receive a reply to an MPLS echo request when you use the reply
mode ipv4 keywords, use the reply mode router-alert keywords.
The router-alert reply mode adds the router alert option to the IP header. When an IP packet that contains
an IP router alert option in its IP header or an MPLS packet with a router alert label as its outermost label
arrives at a router, the router punts (redirects) the packet to the Route Processor (RP) level for handling.
This forces the Cisco router to handle the packet at each intermediate hop as it moves back to the
destination. Hardware and line-card forwarding inconsistencies are bypassed. Router-alert reply mode
is more expensive than IPv4 mode because the reply goes hop-by-hop. It also is slower, so the sender
receives a reply in a relatively longer period of time.
Table 6 describes how IP and MPLS packets with an IP router alert option are handled by the router
switching path processes.
Incoming Packet Normal Switching Action Process Switching Action Outgoing Packet
IP packet—Router alert Router alert option in IP header Forwards the packet as is IP packet—Router alert
option in IP header causes the packet to be punted to option in IP header
the process switching path.
Forwards the packet as is MPLS packet
MPLS packet— If the router alert label is the Removes the outermost router IP packet—Router alert
Outermost label contains outermost label, it causes the alert label and forwards the option in IP header
a router alert packet to be punted to the process packet as an IP packet
switching path.
Preserves the outermost router MPLS packet—
alert label and forwards the Outermost label contains
MPLS packet a router alert.
SUMMARY STEPS
1. enable
2. ping mpls {ipv4 destination-address/destination-mask-length | pseudowire ipv4-address vc-id
vc-id} reply mode {ipv4 | router-alert}
or
trace mpls ipv4 destination-address/destination-mask reply mode {ipv4 | router-alert}
3. exit
17
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
DETAILED STEPS
Example:
Router# ping mpls ipv4 10.131.191.252/32 reply
mode ipv4
or
Router# trace mpls ipv4 10.131.191.252/32 reply
mode router-alert
Step 3 exit Returns to user EXEC mode.
Example:
Router# exit
Preventing Loops when Using MPLS LSP Ping and LSP Traceroute Command
Options
The interaction of the MPLS Embedded Management—LSP Ping for LDP feature options can cause
loops. See the following sections for a description of the loops you may encounter with the ping mpls
and trace mpls commands:
• Using MPLS LSP Ping to Discover Possible Loops, page 18
• Using MPLS LSP Traceroute to Discover Possible Loops, page 19
18
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
SUMMARY STEPS
1. enable
2. ping mpls {ipv4 destination-address/destination-mask [destination address-start address-end
increment] | [pseudowire ipv4-address vc-id vc-id address-end increment] } [repeat count] [sweep
minimum maximum size-increment]
3. exit
DETAILED STEPS
Example:
Router# ping mpls ipv4 10.131.159.251/32
destination 127.0.0.1 127.0.0.2 1 repeat 2
sweep 1450 1475 25
Step 3 exit Returns to user EXEC mode.
Example:
Router# exit
SUMMARY STEPS
1. enable
2. trace mpls ipv4 destination-address/destination-mask [destination address-start address-end
address-increment] [ttl maximum-time-to-live]
3. exit
19
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
DETAILED STEPS
Example:
Router# trace mpls ipv4 10.131.159.251/32
destination 127.0.0.1 127.0.0.3 1 ttl 5
Step 3 exit Returns to user EXEC mode.
Example:
Router# exit
10.131.191.251 10.131.159.251
10.131.191.253 10.131.191.252 10.131.159.252 10.131.159.253
FE2/0/0 FE0/0/0 FE1/0/0 FE0/0/0 FE2/0/0
FE2/0/0 FE0/0/0 FE1/0/0 FE0/0/0 FE2/0/0
192821
You can determine the maximum receive unit (MRU) at each hop by using the MPLS Traceroute feature
to trace the LSP. The MRU is the maximum size of a labeled packet that can be forwarded through an
LSP.
20
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
SUMMARY STEPS
1. enable
2. trace mpls ipv4 destination-address /destination-mask
3. exit
DETAILED STEPS
Example:
Router# trace mpls ipv4 10.131.159.252/32
Step 3 exit Returns to user EXEC mode.
Example:
Router# exit
21
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
SUMMARY STEPS
1. enable
2. show mpls forwarding-table destination-address/destination-mask
3. show mpls ldp discovery
4. exit
DETAILED STEPS
Example:
Router# exit
22
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
SUMMARY STEPS
1. enable
2. show ip route [ip-address [mask]]
3. show mpls forwarding-table [network {mask | length} | labels label [- label] | interface interface
| next-hop address | lsp-tunnel [tunnel-id]]
4. exit
DETAILED STEPS
Example:
Router# show mpls forwarding-table 10.0.0.1/32
Step 4 exit Returns to user EXEC mode.
Example:
Router# exit
Detecting LSP Breaks when Load Balancing Is Enabled for IPv4 LDP LSPs
An ICMP ping or trace follows one path from the originating router to the target router. Round robin load
balancing of IP packets from a source router discovers the various output paths to the target IP address.
For MPLS ping and traceroute, Cisco routers use the source and destination addresses in the IP header
for load balancing when multiple paths exist through the network to a target router. The Cisco
implementation of MPLS may check the destination address of an IP payload to accomplish load
balancing (the type of checking depends on the platform).
To detect LSP breaks when load balancing is enabled for IPv4 LDP LSPs, perform the following steps.
SUMMARY STEPS
1. enable
2. ping mpls ipv4 destination-address/destination-mask-length [destination address-start
address-end increment]
3. exit
23
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
DETAILED STEPS
Example:
Router# ping mpls ipv4 10.131.159.251/32
destination 127.0.0.1/8
Step 3 exit Returns to user EXEC mode.
Example:
Router# exit
You can control the interface through which packets leave a router. Path output information is used as
input to LSP ping and traceroute.
The echo request output interface control feature allows you to force echo packets through the paths that
perform detailed debugging or characterizing of the LSP. This feature is useful if a PE router connects
to an MPLS cloud and there are broken links. You can direct traffic through a certain link. The feature
also is helpful for troubleshooting network problems.
To specify the output interface for echo requests, perform the following steps.
SUMMARY STEPS
1. enable
2. ping mpls {ipv4 destination-address/destination-mask | pseudowire ipv4-address vc-id vc-id}
[output interface tx-interface]
or
trace mpls ipv4 destination-address/destination-mask [output interface tx-interface]
3. exit
24
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
DETAILED STEPS
Example:
Router# ping mpls ipv4 10.131.159.251/32 output
interface fastethernet0/0/0
or
Router# trace mpls ipv4 10.131.159.251/32
output interface fastethernet0/0/0
Step 3 exit Returns to user EXEC mode.
Example:
Router# exit
SUMMARY STEPS
1. enable
2. ping mpls {ipv4 destination-address/destination-mask | pseudowire ipv4-address vc-id vc-id}
[interval ms]
or
trace mpls ipv4 destination-address/destination-mask
3. exit
25
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
DETAILED STEPS
Example:
Router# ping mpls ipv4 10.131.159.251/32
interval 2
or
Example:
Router# trace mpls ipv4 10.131.159.251/32
Step 3 exit Returns to user EXEC mode.
Example:
Router# exit
Interrogating the Transit Router for Its Downstream Information by Using Echo Request
request-dsmap
The echo request request-dsmap capability troubleshooting feature, used in conjunction with the TTL
flag, allows you to selectively interrogate a transit router. If there is a failure, you do not have to enter
an lsp traceroute command for each previous failure; you can focus just on the failed hop.
A request-dsmap flag in the downstream mapping flags field, and procedures that specify how to trace
noncompliant routers allow you to arbitrarily time-to-live (TTL) expire MPLS echo request packets with
a wildcard downstream map (DSMAP).
Echo request DSMAPs received without labels indicate that the sender did not have any DSMAPs to
validate. If the downstream router ID field of the DSMAP TLV in an echo request is set to the
ALLROUTERs address (224.0.0.2) and there are no labels, the source router can arbitrarily query a
transit router for its DSMAP information.
The ping mpls command allows an MPLS echo request to be TTL-expired at a transit router with a
wildcard DSMAP for the explicit purpose of troubleshooting and querying the downstream router for its
DSMAPs. The default is that the DSMAP has an IPv4 bitmap hashkey. You also can select hashkey 0
(none). The purpose of the ping mpls command is to allow the source router to selectively TTL expire
an echo request at a transit router to interrogate the transit router for its downstream information. The
ability to also select a multipath (hashkey) type allows the transmitting router to interrogate a transit
router for load-balancing information as is done with multipath LSP traceroute, but without having to
26
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
interrogate all subsequent nodes traversed between the source router and the router on which each echo
request TTL expires. Use an echo request in conjunction with the TTL setting because if an echo request
arrives at the egress of the LSP with an echo request, the responding routers never return DSMAPs.
To interrogate the transit router for its downstream information so that you can focus just on the failed
hop if there is a failure, perform the following steps.
SUMMARY STEPS
1. enable
2. ping mpls {ipv4 destination-address/destination-mask | pseudowire ipv4-address vc-id vc-id}
[dsmap [hashkey {none | ipv4 bitmap bitmap-size}]]
3. exit
DETAILED STEPS
Example:
Router# ping mpls ipv4 10.161.251/32 dsmap
hashkey ipv4 bitmap 16
Step 3 exit Returns to user EXEC mode.
Example:
Router# exit
SUMMARY STEPS
1. enable
2. ping mpls {ipv4 destination-address/destination-mask | pseudowire ipv4-address vc-id vc-id} ttl
time-to-live dsmap
27
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
3. exit
DETAILED STEPS
Example:
Router# ping mpls ipv4 10.131.159.252/32 ttl 1
dsmap
Step 3 exit Returns to user EXEC mode.
Example:
Router# exit
SUMMARY STEPS
1. enable
2. ping mpls {ipv4 destination-address/destination-mask | pseudowire ipv4-address vc-id vc-id}
flags fec
or
trace mpls ipv4 destination-address/destination-mask flags fec
3. exit
28
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
DETAILED STEPS
Example:
Router# ping mpls ipv4 10.131.159.252/32 flags
fec
or
Example:
Router# trace mpls ipv4 10.131.159.252/32 flags
fec
Step 3 exit Returns to user EXEC mode.
Example:
Router# exit
29
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
How to Configure MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
SUMMARY STEPS
1. enable
2. ping mpls {ipv4 destination-address/destination-mask | pseudowire ipv4-address vc-id vc-id}
force-explicit-null
or
trace mpls ipv4 destination-address/destination-mask force-explicit-null
3. exit
DETAILED STEP
Example:
Router# ping mpls ipv4 10.131.191.252/32
force-explicit null
or
Example:
Router# trace mpls ipv4 10.131.191.252/32
force-explicit-null
Step 3 exit Returns to user EXEC mode.
Example:
Router# exit
Viewing the AToM VCCV Capabilities Advertised to and Received from the Peer
To view the AToM VCCV capabilities advertised to and received from the peer, perform the following
steps.
SUMMARY STEPS
1. enable
2. show mpls l2transport binding
3. exit
30
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
DETAILED STEPS
Example:
Router# show mpls l2transport binding
Step 3 exit Returns to user EXEC mode.
Example:
Router# exit
192823
FE1/1/0 FE1/1/0 FE0/1/0 FE0/1/0
FE2/0/0 FE0/0/0 FE2/0/0
CE1 10.0.0.1 PE1 P1 P2 PE2 10.0.0.2 CE2
LSP
31
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
The default echo revision number is 4, which corresponds to the IEFT draft 11.
Validating an FEC by Using MPLS LSP Ping and LSP Traceroute: Example
This section describes the following procedures:
• Validating an LDP IPv4 FEC by Using MPLS LSP Ping and MPLS LSP Traceroute: Example,
page 32
• Validating a Layer 2 FEC by Using MPLS LSP Ping: Example, page 32
Validating an LDP IPv4 FEC by Using MPLS LSP Ping and MPLS LSP Traceroute: Example
The following example shows how to use the ping mpls command to test connectivity of an
IPv4 LDP LSP:
Router# ping mpls ipv4 10.131.191.252/32 repeat 5 exp 5 verbose
Codes:
'!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'X' - unknown return code, 'x' - return code 0
32
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Preventing Loops when Using MPLS LSP Ping and LSP Traceroute Command
Options: Example
This section contains the following examples:
• Possible Loops with MPLS LSP Ping: Example, page 34
• Possible Loop with MPLS LSP Traceroute: Example, page 35
33
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Codes:
'!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'X' - unknown return code, 'x' - return code 0
.
.
.
until repeat = count 2
34
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Codes:
'!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'X' - unknown return code, 'x' - return code 0
An mpls trace command is sent for each TTL from 1 to the maximum TTL (ttl maximum-time-to-live
keyword and argument) for each destination address until the address specified with the destination
end-address argument is reached. In this example, the maximum TTL is 5 and the end destination
address is 127.0.0.3. The MPLS LSP traceroute loop sequence is as follows:
destination address 1 (address-start)
for (ttl from 1 to maximum-time-to-live)
send an lsp trace
The following example shows that the trace encountered an LSP problem at the router that has an IP
address of 10.6.1.6:
Router# traceroute mpls ipv4 10.6.7.4/32
Codes:
'!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
35
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
If you know the maximum number of hops in your network, you can set the TTL to a lower value with
the trace mpls ttl maximum-time-to-live command. The following example shows the same traceroute
command as the previous example, except that this time the TTL is set to 5:
Router# traceroute mpls ipv4 10.6.7.4/32 ttl 5
Codes:
'!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'X' - unknown return code, 'x' - return code 0
36
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
These are sample topology configurations for the troubleshooting examples in the following sections
(see Figure 6). There are the six sample router configurations.
37
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
38
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
!
logging snmp-authfail
enable password lab
!
clock timezone EST -5
ip subnet-zero
ip cef
no ip domain-lookup
!
mpls ldp discovery targeted-hello accept
mpls ldp router-id Loopback0 force
mpls label protocol ldp
!
!
!
interface Loopback0
ip address 10.131.191.252 255.255.255.255
no clns route-cache
!
interface FastEthernet0/0/0
ip address 10.131.191.230 255.255.255.252
ip rsvp bandwidth 1500 1500
ip rsvp signalling dscp 0
!
interface FastEthernet1/0/0
ip address 10.131.159.246 255.255.255.252
shutdown
no clns route-cache
ip rsvp bandwidth 1500 1500
ip rsvp signalling dscp 0
!
interface FastEthernet2/0/0
no ip address
no cdp enable
no clns route-cache
!
interface FastEthernet2/0/0.1
encapsulation dot1Q 1000
xconnect 10.131.159.252 333 encapsulation mpls
!
!
router ospf 1
log-adjacency-changes
passive-interface Loopback0
network 10.131.159.244 0.0.0.3 area 0
network 10.131.191.228 0.0.0.3 area 0
network 10.131.191.232 0.0.0.3 area 0
network 10.131.191.252 0.0.0.0 area 0
!
!
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
exec-timeout 0 0
password lab
login
!
!
end
39
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Router P1 Configuration
Following is the configuration for the P1 router:
version 2.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname P1
!
boot-start-marker
boot-end-marker
!
logging snmp-authfail
enable password lab
!
clock timezone EST -5
ip subnet-zero
ip cef
no ip domain-lookup
!
!
mpls ldp discovery targeted-hello accept
mpls ldp router-id Loopback0 force
mpls label protocol ldp
!
!
!
no clns route-cache
!
interface Loopback0
ip address 10.131.191.251 255.255.255.255
no clns route-cache
!
interface FastEthernet0/0/0
ip address 10.131.191.229 255.255.255.252
no clns route-cache
ip rsvp bandwidth 1500 1500
ip rsvp signalling dscp 0
!
interface FastEthernet1/0/0
ip address 10.131.159.226 255.255.255.252
no clns route-cache
ip rsvp bandwidth 1500 1500
ip rsvp signalling dscp 0
!
interface FastEthernet1/1/0
ip address 10.131.159.222 255.255.255.252
no clns route-cache
ip rsvp bandwidth 1500 1500
ip rsvp signalling dscp 0
!
!
router ospf 1
log-adjacency-changes
passive-interface Loopback0
network 10.131.159.220 0.0.0.3 area 0
network 10.131.159.224 0.0.0.3 area 0
network 10.131.191.228 0.0.0.3 area 0
network 10.131.191.251 0.0.0.0 area 0
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
40
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
!
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
exec-timeout 0 0
password lab
login
!
end
Router P2 Configuration
Following is the configuration for the P2 router:
!
version 2.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname P2
!
boot-start-marker
boot-end-marker
!
enable password lab
!
clock timezone EST -5
ip subnet-zero
ip cef
no ip domain-lookup
!
mpls ldp discovery targeted-hello accept
mpls ldp router-id Loopback0 force
mpls label protocol ldp
!
!
!
interface Loopback0
ip address 10.131.159.251 255.255.255.255
no ip directed-broadcast
!
interface FastEthernet0/0/0
ip address 10.131.159.229 255.255.255.252
no ip directed-broadcast
ip rsvp bandwidth 1500 1500
ip rsvp signalling dscp 0
!
interface FastEthernet0/1/0
ip address 10.131.159.233 255.255.255.252
no ip directed-broadcast
ip rsvp signalling dscp 0
!
interface FastEthernet1/0/0
ip address 10.131.159.225 255.255.255.252
no ip directed-broadcast
ip rsvp bandwidth 1500 1500
ip rsvp signalling dscp 0
!
interface FastEthernet1/1/0
ip address 10.131.159.221 255.255.255.252
no ip directed-broadcast
41
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
42
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
43
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
no ip domain-lookup
!
!
interface Loopback0
ip address 10.131.159.253 255.255.255.255
no ip directed-broadcast
no clns route-cache
!
interface FastEthernet3/0/0
no ip address
no ip directed-broadcast
no keepalive
no cdp enable
no clns route-cache
!
interface FastEthernet3/0/0.1
encapsulation dot1Q 1000
ip address 10.0.0.2 255.255.255.0
no ip directed-broadcast
!
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
exec-timeout 0 0
password lab
login
!
end
Use the output from the show commands in this section to verify that the LSP is configured correctly.
A show mpls forwarding-table command shows that tunnel 1 is in the MPLS forwarding table.
PE1# show mpls forwarding-table 10.131.159.252
A trace mpls command issued at PE1 verifies that packets with 16 as the outermost label and 18 as the
end-of-stack label are forwarded from PE1 to PE2.
PE1# trace mpls ipv4 10.131.159.252/32
Codes:
'!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'X' - unknown return code, 'x' - return code 0
44
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
The MPLS LSP Traceroute to PE2 is successful, as indicated by the exclamation point (!).
Use the output of the commands in this section to discover LSP breaks.
An LDP target session is established between routers PE1 and P2, as shown in the output of the following
show mpls ldp discovery command:
PE1# show mpls ldp discovery
The LDP configuration change causes the targeted LDP session between the headend and tailend of the
TE tunnel to go down. Labels for IPv4 prefixes learned by P2 are not advertised to PE1. Thus, all IP
prefixes reachable by P2 are reachable by PE1 only through IP (not MPLS). In other words, packets
destined for those prefixes through Tunnel 1 at PE1 will be IP switched at P2 (which is undesirable).
The following show mpls ldp discovery command shows that the LDP targeted session is down:
PE1# show mpls ldp discovery
Enter the show mpls forwarding-table command at the PE1 router. The display shows that the outgoing
packets are untagged as a result of the LDP configuration changes.
PE1# show mpls forwarding-table 10.131.159.252
45
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
A ping mpls command entered at the PE1 router displays the following:
PE1# ping mpls ipv4 10.131.159.252/32 repeat 1
Codes:
'!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'X' - unknown return code, 'x' - return code 0
The ping mpls command fails. The R indicates that the sender of the MPLS echo reply had a routing
entry but no MPLS FEC. Entering the verbose keyword with the ping mpls command displays the
MPLS LSP echo reply sender address and the return code. You should be able to determine where the
breakage occurred by telnetting to the replying router and inspecting its forwarding and label tables. You
might need to look at the neighboring upstream router as well, because the breakage might be on the
upstream router.
PE1# ping mpls ipv4 10.131.159.252/32 repeat 1 verbose
Codes:
'!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'X' - unknown return code, 'x' - return code 0
Alternatively, use the LSP traceroute command to figure out which router caused the breakage. In the
following example, for subsequent values of TTL greater than 2, the same router keeps responding
(10.131.159.225). This suggests that the MPLS echo request keeps getting processed by the router
regardless of the TTL. Inspection of the label stack shows that P1 pops the last label and forwards the
packet to P2 as an IP packet. This explains why the packet keeps getting processed by P2. MPLS echo
request packets cannot be forwarded by use of the destination address in the IP header because the
address is set to a 127/8 address.
PE1# trace mpls ipv4 10.131.159.252/32 ttl 5
46
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Codes:
'!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'X' - unknown return code, 'x' - return code 0
Codes:
'!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'X' - unknown return code, 'x' - return code 0
You can determine the MRU for the LSP at each hop through the use of the show mpls forwarding detail
command:
PE1# show mpls forwarding 10.131.159.252 detail
To determine how large an echo request will fit on the LSP, first calculate the size of the IP MTU by
using the show interface interface-name command:
PE1# show interface e0/0
47
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
The IP MTU in the show interface interface-name example is 1500 bytes. Subtract the number of bytes
corresponding to the label stack from the MTU number. The output of the show mpls forwarding
command indicates that the Tag stack consists of one label (21). Therefore, the largest MPLS echo
request packet that can be sent in the LSP is 1500 – (2 x 4) = 1492.
You can validate this by using the following mpls ping command:
PE1# ping mpls ipv4 10.131.159.252/32 sweep 1492 1500 1 repeat 1
Codes:
'!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'X' - unknown return code, 'x' - return code 0
In this command, echo packets that have a range in size from 1492 to 1500 bytes are sent to the
destination address. Only packets of 1492 bytes are sent successfully, as indicated by the exclamation
point (!). Packets of byte sizes 1493 to 1500 are source-quenched, as indicated by the Qs.
You can pad an MPLS echo request so that a payload of a given size can be tested. The pad TLV is useful
when you use the MPLS echo request to discover the MTU that is supportable by an LSP. MTU discovery
is extremely important for applications like AToM that contain non-IP payloads that cannot be
fragmented.
48
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Codes:
'!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'X' - unknown return code, 'x' - return code 0
The show mpls ldp discovery command output shows that Fast Ethernet interface 0/0/0, which connects
PE2 to P2, is sending and receiving packets.
If a no mpls ip command is entered on Fast Ethernet interface 0/0/0, this could prevent an LDP session
between the P2 and PE2 routers from being established. A show mpls ldp discovery command entered
on the PE router shows that the MPLS LDP session with the PE2 router is down.
P2# show mpls ldp discovery
If the MPLS LDP session to PE2 goes down, the LSP to 10.131.159.252 becomes untagged, as shown
by the show mpls forwarding-table command:
P2# show mpls forwarding-table 10.131.159.252/32
49
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Untagged cases would provide an MPLS LSP traceroute reply with packets tagged with No Label, as
shown in the following display. You may need to reestablish an MPLS LSP session from interface P2 to
PE2 by entering an mpls ip command on the output interface from P2 to PE2, which is Fast Ethernet
0/0/0 in this example:
PE1# trace mpls ipv4 10.131.159.252/32
Codes:
'!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'X' - unknown return code, 'x' - return code 0
Codes:
'!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'X' - unknown return code, 'x' - return code 0
The following show mpls forwarding-table command and show ip route command demonstrate that
the IPv4 address (10.0.0.1)address is not in the LFIB or RIB routing table. Therefore, the MPLS echo
request is not sent.
PE1# show mpls forwarding-table 10.0.0.1
50
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Detecting LSP Breaks when Load Balancing Is Enabled for IPv4 LSPs: Example
In the following examples, different paths are followed to the same destination. The output from these
examples demonstrates that load balancing occurs between the originating router and the target router.
To ensure that Fast Ethernet interface 1/0/0 on the PE1 router is operational, enter the following
commands on the PE1 router:
PE1# configure terminal
PE1(config-if)# no shutdown
PE1(config-if)# end
The following show mpls forwarding-table command displays the possible outgoing interfaces and
next hops for the prefix 10.131.159.251/32:
PE1# show mpls forwarding-table 10.131.159.251/32
The following ping mpls command to 10.131.159.251/32 with a destination UDP address of 127.0.0.1
shows that the selected path has a path index of 0:
Router# ping mpls ipv4 10.131.159.251/32 destination 127.0.0.1/32
Codes:
'!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'X' - unknown return code, 'x' - return code 0
51
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
*Dec 29 20:42:40.638: 13 01 AB CD AB CD AB CD AB CD AB CD AB CD AB CD
*Dec 29 20:42:40.638: AB CD AB CD
*Dec 29 20:42:40.678: LSPV: Echo packet received: src 10.131.159.225,
dst 10.131.191.252, size 74
*Dec 29 20:42:40.678: AA BB CC 00 98 01 AA BB CC 00 FC 01 08 00 45 C0
*Dec 29 20:42:40.678: 00 3C 32 D6 00 00 FD 11 15 37 0A 83 9F E1 0A 83
*Dec 29 20:42:40.678: BF FC 0D AF 0D AF 00 28 D1 85 00 01 00 00 02 02
*Dec 29 20:42:40.678: 03 00 1A 00 00 1C 00 00 00 01 C3 9B 10 40 A3 6C
*Dec 29 20:42:40.678: 08 D4 C3 9B 10 40 66 F5 C3 C8
The following ping mpls command to 10.131.159.251/32 with a destination UDP address of 127.0.0.3
shows that the selected path has a path index of 1:
PE1# ping mpls ipv4 10.131.159.251/32 destination 127.0.0.3/32
Codes:
'!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'X' - unknown return code, 'x' - return code 0
To see the actual path chosen, enter the debug mpls lspv command with the packet and data keywords.
Note The load balancing algorithm attempts to uniformly distribute packets across the available output paths
by hashing based on the IP header source and destination addresses. The selection of the address-start,
address-end, and address-increment arguments for the destination keyword may not provide the
expected results.
Specifying the Interface Through Which Echo Packets Leave a Router: Example
The following example tests load balancing from the upstream router:
Router# ping mpls ipv4 10.131.161.251/32 ttl 1 repeat 1 dsmap hashkey ipv4 bitmap 8
52
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
The following example validates that the transit router reported the proper results by determining the
Echo Reply sender address two hops away and checking the rx label advertised upstream:
Success rate is 0 percent (0/1)
Password:
Router> enable
The following example shows how the output interface keyword forces an LSP traceroute out
FastEthernet interface 0/0/0:
53
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
54
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
The multipath addresses cause a packet to transit to the router with the output label stack. The ping mpls
command is useful for determining the number of output paths, but when the router is more than one hop
away a router cannot always use those addresses to get the packet to transit through the router being
interrogated. This situation exists because the change in the IP header destination address may cause the
packet to be load-balanced differently by routers between the source router and the responding router.
Load balancing is affected by the source address in the IP header. The following example tests
load-balancing reporting from the upstream router:
Router# ping mpls ipv4 10.131.161.251/32 ttl 1 repeat 1 dsmap hashkey ipv4 bitmap 8
To validate that the transit router reported the proper results, determine the Echo Reply
sender address that is two hops away and consistently check the rx label that is
advertised upstream. The following is sample output:
55
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Router#
Router# telnet 10.131.141.2
Trying 10.131.141.2 ... Open
Password:
Router> enable
Codes:
'!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'X' - unknown return code, 'x' - return code 0
Requesting that a Transit Router Validate the Target FEC Stack: Example
The following example causes a transit router to validate the target FEC stack by which an LSP to be
tested is identified:
Router# trace mpls ipv4 10.5.5.5/32 flags fec
56
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Configuration Examples for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Enabling LSP Ping to Detect LSP Breakages Caused by Untagged Interfaces: Example
The following example shows the extra label that is added to the end of the label stack when there is
explicit-null label shimming:
Router# trace mpls ipv4 10.131.159.252/32 force-explicit-null
Codes:
'!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'X' - unknown return code, 'x' - return code 0
The following example shows the command output when there is not explicit-null label shimming:
Router# trace mpls ipv4 10.131.159.252/32
57
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Additional References
Viewing the AToM VCCV Capabilities Advertised to and Received from the
Peer: Example
The following example shows that router PE1 advertises both AToM VCCV Type 1 and Type 2 switching
capabilities and that the remote router PE2 advertises only a Type 2 switching capability.
Router# show mpls l2transport binding
Additional References
The following sections provide references related to the MPLS LSP Ping/Traceroute for LDP/TE, and
LSP Ping for VCCV feature.
Related Documents
Related Topic Document Title
Description of commands associated with MPLS and Cisco IOS Multiprotocol Label Switching Command Reference
MPLS applications
AToM and MPLS Any Transport over MPLS
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
58
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Additional References
MIBs
MIB MIBs Link
No new or modified MIBs are supported, and support To locate and download MIBs for selected platforms, Cisco IOS XE
for existing MIBs has not been modified. software releases, and feature sets, use Cisco MIB Locator found at
the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
draft-ietf-pwe3-vccv-01.txt Pseudo-Wire (PW) Virtual Circuit Connection Verification (VCCV)
RFC 2113 IP Router Alert Option
RFC 4379 Detecting Multi-Protocol Label Switched (MPLS) Data Plane Failures
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
59
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Feature Information for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Note Table 7 lists only the Cisco IOS XE software release that introduced support for a given feature in a given
Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that Cisco IOS XE
software release train also support that feature.
Table 7 Feature Information for MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
60
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Glossary
Glossary
FEC—forwarding equivalence class. A set of packets that can be handled equivalently for forwarding
purposes and are thus suitable for binding to a single label. Examples include the set of packets destined
for one address prefix and the packets in any flow.
flow—A set of packets traveling between a pair of hosts, or between a pair of transport protocol ports
on a pair of hosts. For example, packets with the same source address, source port, destination address,
and destination port might be considered a flow.
A flow is also a stream of data traveling between two endpoints across a network (for example, from one
LAN station to another). Multiple flows can be transmitted on a single circuit.
fragmentation—The process of breaking a packet into smaller units when they are to be transmitted
over a network medium that cannot support the original size of the packet.
ICMP— Internet Control Message Protocol. A network layer Internet protocol that reports errors and
provides other information relevant to IP packet processing. It is documented in RFC 792.
LFIB—Label Forwarding Information Base. A data structure and way of managing forwarding in which
destinations and incoming labels are associated with outgoing interfaces and labels.
localhost—A name that represents the host router (device). The localhost uses the reserved loopback IP
address 127.0.0.1.
LSP—label switched path. A connection between two routers in which MPLS forwards the packets.
LSPV—Label Switched Path Verification. An LSP Ping subprocess. It encodes and decodes MPLS echo
requests and replies, and it interfaces with IP, MPLS, and AToM switching for sending and receiving
MPLS echo requests and replies. At the MPLS echo request originator router, LSPV maintains a
database of outstanding echo requests for which echo responses have not been received.
MPLS router alert label—An MPLS label of 1. An MPLS packet with a router alert label is redirected
by the router to the Route Processor (RP) processing level for handling. This allows these packets to
bypass any forwarding failures in hardware routing tables.
MRU—maximum receive unit. Maximum size, in bytes, of a labeled packet that can be forwarded
through an LSP.
MTU—maximum transmission unit. Maximum packet size, in bytes, that a particular interface can send
or receive.
punt—Redirect packets with a router alert from the line card or interface to Route Processor (RP) level
processing for handling.
PW—pseudowire. A form of tunnel that carries the essential elements of an emulated circuit from one
provider edge (PE) router to another PE router over a packet-switched network.
RP—Route Processor. The processor module in a Cisco 7000 series router that contains the CPU, system
software, and most of the memory components that are used in the router. It is sometimes called a
supervisory processor.
RSVP—Resource Reservation Protocol. A protocol that supports the reservation of resources across an
IP network. Applications running on IP end systems can use RSVP to indicate to other nodes the nature
(bandwidth, jitter, maximum burst, and so on) of the packet streams they want to receive. RSVP depends
on IPv6. Is is also known as Resource Reservation Setup Protocol.
TLV—type, length, values. A block of information included in a Cisco Discovery Protocol address.
TTL hiding—Time-to-live is a parameter you can set that indicates the maximum number of hops a
packet should take to reach its destination.
61
MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
Glossary
UDP—User Datagram Protocol. Connectionless transport layer protocol in the TCP/IP protocol stack.
UDP is a simple protocol that exchanges datagrams without acknowledgments or guaranteed delivery,
so error processing and retransmission must be handled by other protocols. UDP is defined in RFC 768.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
62
MPLS EM—MPLS LSP Multipath Tree Trace
The MPLS EM—MPLS LSP Multipath Tree Trace feature provides the means to discover all possible
equal-cost multipath (ECMP) routing paths of a label switched path (LSP) between an egress and ingress
router. Once discovered, these paths can be retested on a periodic basis using Multiprotocol Label
Switching (MPLS) LSP ping or traceroute. This feature is an extension to the MPLS LSP traceroute
functionality for the tracing of IPv4 LSPs.
You can use the MPLS EM—MPLS LSP Multipath Tree Trace feature to discover all paths for an IPv4
LSP.
This implementation of the MPLS EM—MPLS LSP Multipath Tree Trace feature is based on RFC 4379,
Detecting Multi-Protocol Label Switched (MPLS) Data Plane Failures.
For information on the use of MPLS LSP ping and traceroute, see the MPLS LSP Ping/Traceroute for
LDP/TE, and LSP Ping for VCCV feature module.
Cisco IOS XE MPLS Embedded Management (EM) is a set of standards and value-added services that
facilitate the deployment, operation, administration, and management of MPLS-based networks
according to the fault, configuration, accounting, performance, and security (FCAPS) model.
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS EM—MPLS LSP Multipath Tree Trace
Contents
Contents
• Prerequisites for MPLS EM—MPLS LSP Multipath Tree Trace, page 2
• Restrictions for MPLS EM—MPLS LSP Multipath Tree Trace, page 2
• Information About MPLS EM—MPLS LSP Multipath Tree Trace, page 3
• How to Configure MPLS EM—MPLS LSP Multipath Tree Trace, page 4
• Configuration Examples for MPLS EM—MPLS LSP Multipath Tree Trace, page 22
• Additional References, page 31
• Feature Information for MPLS EM—MPLS LSP Multipath Tree Trace, page 33
• Glossary, page 35
2
MPLS EM—MPLS LSP Multipath Tree Trace
Information About MPLS EM—MPLS LSP Multipath Tree Trace
Discovery of IPv4 Load Balancing Paths by MPLS LSP Multipath Tree Trace
IPv4 load balancing at a transit router is based on the incoming label stack and the source and destination
addresses in the IP header. The outgoing label stack and IP header source address remain constant for
each branch being traced.
When you execute MPLS LSP multipath tree trace on the source LSR, the router needs to find the set of
IP header destination addresses to use all possible output paths. The source LSR starts path discovery by
sending a transit router a bitmap in an MPLS echo request. The transit router returns information in an
MPLS echo request that contains subsets of the bitmap in a downstream map (DS Map) in an echo reply.
The source router can then use the information in the echo reply to interrogate the next router. The source
router interrogates each successive router until it finds one bitmap setting that is common to all routers
along the path. The router uses TTL expiry to interrogate the routers to find the common bits.
For example, you could start path discovery by entering the following command at the source router:
Router# trace mpls multipath ipv4 10.131.101.129/32 hashkey ipv4 bitmap 16
This command sets the IP address of the target router as 10.131.101.192 255.255.255.255 and
configures:
• The default hash key type to 8, which requests that an IPv4 address prefix and bit mask address set
be returned in the DS Map in the echo reply.
3
MPLS EM—MPLS LSP Multipath Tree Trace
How to Configure MPLS EM—MPLS LSP Multipath Tree Trace
• The bitmap size to 16. This means that MPLS LSP multipath tree trace uses 16 addresses (starting
with 127.0.0.1) in the discovery of all paths of an LSP between the source router and the target
router.
If you enter the trace mpls multipath ipv4 10.131.101.129/32 command, MPLS LSP multipath tree
trace uses the default hash type of 8 or IPv4 and a default bitmap size of 32. Your choice of a bitmap size
depends on the number of routes in your network. If you have a large number of routes, you might need
to use a larger bitmap size.
Echo Reply Return Codes Sent by the Router Processing Multipath LSP Tree
Trace
Table 1 describes the characters that the router processing a multipath LSP tree trace packet returns to
the sender about the failure or success of the request.
Echo Return
Output Code Code Meaning
Period “.” — A timeout occurred before the target router could reply.
x 0 No return code.
M 1 Malformed request.
m 2 Unsupported type, length, values (TLVs).
! 3 Success.
F 4 No Forwarding Equivalence Class (FEC) mapping.
D 5 DS Map mismatch.
R 6 Downstream router but not target.
U 7 Reserved.
L 8 Labeled output interface.
B 9 Unlabeled output interface.
f 10 FEC mismatch.
N 11 No label entry.
P 12 No receive interface label protocol.
p 13 Premature termination of the LSP.
X unknown Undefined return code.
4
MPLS EM—MPLS LSP Multipath Tree Trace
How to Configure MPLS EM—MPLS LSP Multipath Tree Trace
• Monitoring LSP Paths Discovered by MPLS LSP Multipath Tree Trace Using MPLS LSP
Traceroute, page 10 (optional)
• Using DSCP to Request a Specific Class of Service in an Echo Reply, page 13 (optional)
• Controlling How a Responding Router Replies to an MPLS Echo Request, page 14 (optional)
• Specifying the Output Interface for Echo Packets Leaving a Router for MPLS LSP Multipath Tree
Trace, page 16 (optional)
• Setting the Pace of MPLS Echo Request Packet Transmission for MPLS LSP Multipath Tree Trace,
page 17 (optional)
• Enabling MPLS LSP Multipath Tree Trace to Detect LSP Breakages Caused by an Interface That
Lacks an MPLS Configuration, page 18 (optional)
• Requesting That a Transit Router Validate the Target FEC Stack for MPLS LSP Multipath Tree
Trace, page 19 (optional)
• Setting the Number of Timeout Attempts for MPLS LSP Multipath Tree Trace, page 21 (optional)
5
MPLS EM—MPLS LSP Multipath Tree Trace
How to Configure MPLS EM—MPLS LSP Multipath Tree Trace
Prerequisites
MPLS LSP Multipath Tree Trace requires RFC 4379 (Revision 4).
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls oam
4. echo revision {3 | 4}
5. [no] echo vendor-extension
6. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls oam Enters MPLS OAM configuration mode and customizes the
default behavior of echo packets.
Example:
Router(config)# mpls oam
Step 4 echo revision {3 | 4} Customizes the default behavior of echo packets.
• The revision keyword set echo packet attributes to one
Example: of the following:
Router(config-mpls)# echo revision 4
– 3 = draft-ietf-mpls-ping-03 (Revision 2)
– 4 = RFC 4379 compliant (default)
Note The MPLS LSP Multipath Tree Trace feature
requires Revision 4.
6
MPLS EM—MPLS LSP Multipath Tree Trace
How to Configure MPLS EM—MPLS LSP Multipath Tree Trace
Example:
Router(config-mpls)# end
Prerequisites
Cisco LSP ping or traceroute implementations based on draft-ietf-mpls-lsp-ping-11 are capable in some
cases of detecting the formatting of the sender of an MPLS echo request. However, certain cases exist in
which an echo request or echo reply might not contain the Cisco extension TLV. To avoid complications
due to certain cases where the echo packets are decoded assuming the wrong TLV formats, configure all
routers in the network to operate in the same mode.
For an MPLS LSP multipath tree trace to be successful, the implementation in your routers must support
RFC 4379 on all core routers.
If all routers in the network support RFC-4379 and another vendor’s implementation exists that is not
capable of properly handling Cisco’s vendor TLV, the routers supporting the RFC-compliant or later
configuration must include commands to disable the Cisco vendor TLV extensions.
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls oam
4. echo revision 4
5. [no] echo vendor-extension
6. end
7. trace mpls multipath ipv4 destination-ip-address/destination-mask-length
8. debug mpls lspv multipath
7
MPLS EM—MPLS LSP Multipath Tree Trace
How to Configure MPLS EM—MPLS LSP Multipath Tree Trace
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls oam Enters MPLS OAM configuration mode.
Example:
Router(config)# mpls oam
Step 4 echo revision 4 Customizes the default behavior of echo packets.
• The revision 4 keywords set echo packet attributes to
Example: the default Revision 4 (RFC 4379 compliant).
Router(config-mpls)# echo revision 4
Note The MPLS LSP Multipath Tree Trace feature
requires Revision 4.
Step 5 [no] echo vendor-extension (Optional) Customizes the default behavior of echo packets.
• The vendor-extension keyword sends the
Example: Cisco-specific extension of TLVs with the echo
Router(config-mpls) echo vendor-extension packets.
• The no form of the command allows you to disable a
Cisco vendor’s extension TLVs that another vendor’s
noncompliant implementations may not support.
The router default is echo vendor-extension.
Step 6 end Exits to privileged EXEC mode.
Example:
Router(config-mpls)# end
Step 7 trace mpls multipath ipv4 Discovers all LSPs from an egress router to an ingress
destination-ip-address/destination-mask-length router.
• The ipv4 keyword specifies the destination type as an
Example: LDP IPv4 address.
Router# trace mpls multipath ipv4
10.131.161.251/32 • The destination-ip-address argument is the address
prefix of the target to be tested.
• The destination-mask-length argument is the number of
bits in the network mask of the target address. The
/ keyword before this argument is required.
Step 8 debug mpls lspv multipath Displays multipath information related to the MPLS LSP
Multipath Tree Trace feature.
Example:
Router# debug mpls lspv multipath
8
MPLS EM—MPLS LSP Multipath Tree Trace
How to Configure MPLS EM—MPLS LSP Multipath Tree Trace
Discovering IPv4 Load Balancing Paths Using MPLS LSP Multipath Tree Trace
Perform the following task to discover IPv4 load balancing paths using MPLS LSP multipath tree trace.
Figure 1 MPLS LSP Multipath Tree Trace Path Discovery in a Sample Network
Address: 1, 2,
R-120 4, 15 R-131 Address: 1, 4 R-141 Address: 4
Address: 1, 2, 3, 4,
5, 7, 13, 15
Address: 2, 15
Target R-150
Address: 3, 5, 7, 13 R-130 R-140
Address: 15
R-111
Source Address 7, 13 Address 7
Source R-101
R-101
Address: 14
Address: 0, 6, 8, 9, Address: 6, 9, 14
10, 11, 12, 14
170601
R-121 Address: 6, 9, R-132
12, 14
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls oam
4. echo revision 4
5. end
6. trace mpls multipath ipv4 destination-ip-address/destination-mask-length hashkey ipv4 bitmap
bitmap-size
9
MPLS EM—MPLS LSP Multipath Tree Trace
How to Configure MPLS EM—MPLS LSP Multipath Tree Trace
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls oam Enters MPLS OAM configuration mode and sets the echo
packet attribute to Revision 4 (RFC 4379 compliant).
Example:
Router(config)# mpls oam
Step 4 echo revision 4 Customizes the default behavior of echo packets.
• The revision 4 keywords set echo packet attributes to
Example: the default Revision 4 (RFC 4379 compliant).
Router(config-mpls)# echo revision 4
Note The MPLS LSP Multipath Tree Trace feature
requires Revision 4.
Step 5 end Exits to privileged EXEC mode.
Example:
Router(config-mpls)# end
Step 6 trace mpls multipath ipv4 destination-address/ Discovers all MPLS LSPs from an egress router to an
destination-mask-length hashkey ipv4 bitmap ingress router.
bitmap-size
• The ipv4 keyword specifies the destination type as an
LDP IPv4 address.
Example:
Router# trace mpls multipath ipv4 • The destination-address argument is the address prefix
10.131.161.251/32 hashkey ipv4 bitmap 16 of the target to be tested.
• The destination-mask-length argument is the number of
bits in the network mask of the target address. The
/ keyword before this argument is required.
• The hashkey ipv4 keywords set the hashkey type to
IPv4 addresses.
• The bitmap bitmap-size keyword and arguments set the
bitmap size for multipath discovery.
Monitoring LSP Paths Discovered by MPLS LSP Multipath Tree Trace Using
MPLS LSP Traceroute
Perform the following task to monitor LSP paths discovered by MPLS LSP multipath tree trace using
MPLS LSP traceroute. You can take output directly from the trace mpls multipath command and add
it to a trace mpls command periodically to verify that the path is still operating.
10
MPLS EM—MPLS LSP Multipath Tree Trace
How to Configure MPLS EM—MPLS LSP Multipath Tree Trace
Figure 2 shows the mapping of the output of a trace mpls multipath command to a trace mpls
command.
Figure 2 Mapping of trace mpls multipath Command Output to a trace mpls Command
Router# trace mpls ipv4 10.1.1.1.150/32 output interface Et0/0 source 10.1.111.101 destination 127.0.0.7
trace mpls {ipv4 destination -add res s/destina tion-mask [destinatio n ad dres s-start [ad dres s-end]
[address-incremen t]] |traffic-eng tu nnel-interface tu nnel-number} [revis ion {1 | 2 | 3 | 4}]
[so urce source-ad dress] [timeout seconds] [reply dscp dscp-va lu e] [reply pad-tlv]
[reply mode reply-mo de] [ttl ma ximum-time-to-live] [exp exp-bits] [revision
170602
tlv-revision -nu mber] [force-ex plicit-null] [output interface tx-interface] [fla gs fec]
Each path you discover with MPLS LSP Multipath Tree Trace can be tested in this manner periodically
to monitor the LSP paths in your network.
SUMMARY STEPS
1. enable
2. trace mpls multipath ipv4 destination-address/destination-mask-length hashkey ipv4 bitmap
bitmap-size
3. trace mpls ipv4 destination-address/destination-mask-length [output interface tx-interface]
[source source-address] [destination address-start]
4. exit
DETAILED STEPS
Step 1 enable
Use this command to enable privileged EXEC mode. Enter your password if prompted. For example:
Router> enable
Router#
11
MPLS EM—MPLS LSP Multipath Tree Trace
How to Configure MPLS EM—MPLS LSP Multipath Tree Trace
The output of the trace mpls multipath command in the example shows the result of path discovery
with MPLS LSP multipath tree trace. In this example, the command sets the bitmap size to 16. Path
discovery starts by MPLS LSP multipath tree trace using 16 bitmapped addresses as it locates LSP paths
from the source router to the target router with prefix and mask 10.1.1.150/32. MPLS LSP multipath tree
trace starts using the 127.x.y.z/8 address space with 127.0.0.1.
If you put the output for path 0 in the trace mpls command, you see the following results:
Router# trace mpls ipv4 10.1.1.150/32 output interface Fe0/0/0 source 10.1.111.101
destination 127.0.0.0
You can take output directly from the trace mpls multipath command and add it to a trace mpls
command periodically to verify that the path is still operating (see Figure 2).
12
MPLS EM—MPLS LSP Multipath Tree Trace
How to Configure MPLS EM—MPLS LSP Multipath Tree Trace
Step 4 exit
Use this command to exit to user EXEC mode. for example:
Router# exit
Router>
Note Before RFC 4379, Cisco implemented the Reply DSCP option as an experimental capability using a
Cisco vendor extension TLV. If a router is configured to encode MPLS echo packets for draft Version 3
implementations, a Cisco vendor extension TLV is used instead of the = Reply TOS TLV that was
defined in draft Version 8.
To use DSCP to request a specific CoS in an echo reply, perform the following steps.
SUMMARY STEPS
1. enable
2. trace mpls multipath ipv4 destination-address/destination-mask-length [reply dscp dscp-value]
3. exit
13
MPLS EM—MPLS LSP Multipath Tree Trace
How to Configure MPLS EM—MPLS LSP Multipath Tree Trace
DETAILED STEPS
Example:
Router# exit
Reply Modes for an MPLS LSP Multipath Tree Trace Echo Request Response
The reply mode controls how a responding router replies to an MPLS echo request sent by a trace mpls
multipath command. There are two reply modes for an echo request packet:
• ipv4—Reply with an IPv4 User Datagram Protocol (UDP) packet (default)
• router-alert—Reply with an IPv4 UDP packet with router alert
Note Use the ipv4 and router-alert reply modes with each other to prevent false negatives. If you do not receive
a reply via the ipv4 mode, send a test with the router-alert reply mode. If both fail, something is wrong
in the return path. The problem might be due to an incorrect ToS setting.
14
MPLS EM—MPLS LSP Multipath Tree Trace
How to Configure MPLS EM—MPLS LSP Multipath Tree Trace
The IPv4 UDP reply mode is the most common reply mode used with a trace mpls multipath command
when you want to periodically poll the integrity of an LSP. With this option, you do not have explicit
control over whether the packet traverses IP or MPLS hops to reach the originator of the MPLS echo
request. If the originating (headend) router fails to receive a reply to an MPLS echo request when you
use the reply mode ipv4 keywords, use the reply mode router-alert keywords.
The router-alert reply mode adds the router alert option to the IP header. When an IP packet that contains
an IP router alert option in its IP header or an MPLS packet with a router alert label as its outermost label
arrives at a router, the router punts (redirects) the packet to the Route Processor (RP) process level for
handling. This forces the RP of each intermediate router to specifically handle the packet at each
intermediate hop as it moves back to the destination. Hardware and line-card forwarding inconsistencies
are thus bypassed. Router-alert reply mode is slower than IPv4 mode because the reply requires
process-level RP handling at each hop.
Table 2 describes how an incoming IP packet with an IP router alert is handled by the router switching
path processes when the outgoing packet is an IP packet or an MPLS packet. It also describes how an
MPLS packet with a router alert option is handled by the router switching path processes when the
outgoing packet is an IP packet or an MPLS packet.
Incoming Packet Outgoing Packet Normal Switching Action Process Switching Action
IP packet—Router alert IP packet—Router alert Router alert option in IP header Forwards the packet as is
option in IP header option in IP header causes the packet to be punted to
the process switching path.
MPLS packet Forwards the packet as is
MPLS packet— IP packet—Router alert If the router alert label is the Removes the outermost router
Outermost label contains option in IP header outermost label, it causes the alert label and forwards the
a router alert packet to be punted to the process packet as an IP packet
switching path.
MPLS packet— Preserves the outermost router
Outermost label contains alert label and forwards the
a router alert MPLS packet
SUMMARY STEPS
1. enable
2. trace mpls multipath ipv4 destination-address/destination-mask-length reply mode {ipv4 |
router-alert}
3. exit
15
MPLS EM—MPLS LSP Multipath Tree Trace
How to Configure MPLS EM—MPLS LSP Multipath Tree Trace
DETAILED STEPS
Example:
Router# exit
Specifying the Output Interface for Echo Packets Leaving a Router for MPLS
LSP Multipath Tree Trace
Perform the following task to specify the output interface for echo packets leaving a router for the MPLS
LSP Multipath Tree Trace feature. You can use this task to test the LSPs reachable through a given
interface.
16
MPLS EM—MPLS LSP Multipath Tree Trace
How to Configure MPLS EM—MPLS LSP Multipath Tree Trace
SUMMARY STEPS
1. enable
2. trace mpls multipath ipv4 destination-address/destination-mask-length [output interface
tx-interface]
3. exit
DETAILED STEPS
Example:
Router# exit
Setting the Pace of MPLS Echo Request Packet Transmission for MPLS LSP
Multipath Tree Trace
Perform the following task to set the pace of MPLS echo request packet transmission for the MPLS LSP
Multipath Tree Trace feature. Echo request traffic pacing allows you to set the pace of the transmission
of packets so that the receiving router does not drop packets. If you have a large amount of traffic on
your network you might increase the size of the interval to help ensure that the receiving router does not
drop packets.
SUMMARY STEPS
1. enable
2. trace mpls multipath ipv4 destination-address/destination-mask-length [interval milliseconds]
17
MPLS EM—MPLS LSP Multipath Tree Trace
How to Configure MPLS EM—MPLS LSP Multipath Tree Trace
3. exit
DETAILED STEPS
Example:
Router# exit
Enabling MPLS LSP Multipath Tree Trace to Detect LSP Breakages Caused by
an Interface That Lacks an MPLS Configuration
Perform the following task to enable MPLS LSP multipath tree trace to detect LSP breakages caused by
an interface that lacks an MPLS configuration. If an interface is not configured for MPLS, then it cannot
forward MPLS packets.
Explicit Null Label Shimming Tests LSP Ability to Carry MPLS Traffic
For an MPLS LSP multipath tree trace of LSPs carrying IPv4 FECs, you can force an explicit null label
to be added to the MPLS label stack even though the label was unsolicited. This allows MPLS LSP
multipath tree trace to detect LSP breakages caused by an interface that is not configured for MPLS.
MPLS LSP multipath tree trace does not report that an LSP is functioning when it is unable to send
MPLS traffic.
An explicit null label is added to an MPLS label stack if MPLS echo request packets are forwarded from
an interface not configured for MPLS that is directly connected to the destination of the MPLS LSP
multipath tree trace or if the IP TTL value for the MPLS echo request packets is set to 1.
18
MPLS EM—MPLS LSP Multipath Tree Trace
How to Configure MPLS EM—MPLS LSP Multipath Tree Trace
When you enter a trace mpls multipath command, you are looking for all MPLS LSP paths from an
egress router to an ingress router. Failure at output interfaces that are not configured for MPLS at the
penultimate hop are not detected. Explicit-null shimming allows you to test an LSP’s ability to carry
MPLS traffic.
SUMMARY STEPS
1. enable
2. trace mpls multipath ipv4 destination-address/destination-mask-length force-explicit-null
3. exit
DETAILED STEP
Example:
Router# exit
Requesting That a Transit Router Validate the Target FEC Stack for MPLS LSP
Multipath Tree Trace
Perform the following task to request that a transit router validate the target FEC stack for the MPLS
LSP Multipath Tree Trace feature.
An MPLS echo request tests a particular LSP. The LSP to be tested is identified by the FEC stack.
19
MPLS EM—MPLS LSP Multipath Tree Trace
How to Configure MPLS EM—MPLS LSP Multipath Tree Trace
During an MPLS LSP multipath tree trace, the echo packet validation rules do not require that a transit
router validate the target FEC stack TLV. A downstream map TLV containing the correct received labels
must be present in the echo request for target FEC stack checking to be performed.
To request that a transit router validate the target FEC stack, set the V flag from the source router by
entering the flags fec keywords in the trace mpls multipath command. The default is that echo request
packets are sent with the V flag set to 0.
SUMMARY STEPS
1. enable
2. trace mpls multipath ipv4 destination-address/destination-mask-length [flags fec] [ttl
maximum-time-to-live]
3. exit
DETAILED STEPS
Example:
Router# exit
20
MPLS EM—MPLS LSP Multipath Tree Trace
How to Configure MPLS EM—MPLS LSP Multipath Tree Trace
Setting the Number of Timeout Attempts for MPLS LSP Multipath Tree Trace
Perform the following task to set the number of timeout attempts for the MPLS LSP Multipath Tree
Trace feature.
A retry is attempted if an outstanding echo request times out waiting for the corresponding echo reply.
SUMMARY STEPS
1. enable
2. trace mpls multipath ipv4 destination-address/destination-mask-length [retry-count
retry-count-value]
3. exit
DETAILED STEPS
Example:
Router# exit
21
MPLS EM—MPLS LSP Multipath Tree Trace
Configuration Examples for MPLS EM—MPLS LSP Multipath Tree Trace
The echo revision command is included in this example for completeness. The default echo revision
number is 4, which corresponds to RFC 4379.
22
MPLS EM—MPLS LSP Multipath Tree Trace
Configuration Examples for MPLS EM—MPLS LSP Multipath Tree Trace
The echo revision command is included in this example for completeness. The default echo revision
number is 4, which corresponds to the RFC 4379.
Discovering IPv4 Load Balancing Paths Using MPLS LSP Multipath Tree Trace:
Example
The following example shows how to use the MPLS LSP Multipath Tree Trace feature to discover IPv4
load balancing paths. The example is based on the sample network shown in Figure 3. In this example,
the bitmap size is set to 16. Therefore, path discovery starts by the MPLS LSP Multipath Tree Trace
feature using 16 bitmapped addresses as it locates LSP paths from the source router R-101 to the target
router R-150 with prefix and mask 10.1.1.150/32. The MPLS LSP Multipath Tree Trace feature starts
using the 127.x.y.z/8 address space with 127.0.0.0.
Router# trace mpls multipath ipv4 10.1.1.150/32 hashkey ipv4 bitmap 16
The output of the trace mpls multipath command in the example shows the result of path discovery
with the MPLS LSP Multipath Tree Trace feature as shown in Figure 3.
23
MPLS EM—MPLS LSP Multipath Tree Trace
Configuration Examples for MPLS EM—MPLS LSP Multipath Tree Trace
Figure 3 MPLS LSP Multipath Tree Trace Path Discovery in a Sample Network
Address: 1, 2,
R-120 5, 15 R-131 Address: 2, 5
R-141 Address: 5
Address: 1, 2, 3, 4,
5, 7, 13, 15
Address: 1, 15
Target R-150
Address: 3, 5, 7, 13 R-130 R-140
Address: 1
R-111
Source Address 7, 13 Address 7
Source R-101
R-101
Address: 0
Address: 0, 6, 8, 9, Address: 6, 9, 14
10, 11, 12, 14
170603
R-121 Address: 6, 9, R-132
12, 14
24
MPLS EM—MPLS LSP Multipath Tree Trace
Configuration Examples for MPLS EM—MPLS LSP Multipath Tree Trace
Specifying the Output Interface for Echo Packets Leaving a Router for MPLS
LSP Multipath Tree Trace: Example
The following example shows how to specify the output interface for echo packets leaving a router for
the MPLS LSP Multipath Tree Trace feature:
Router# trace mpls multipath ipv4 10.1.1.150/32 output interface fastethernet0/0/0
25
MPLS EM—MPLS LSP Multipath Tree Trace
Configuration Examples for MPLS EM—MPLS LSP Multipath Tree Trace
Setting the Pace of MPLS Echo Request Packet Transmission for MPLS LSP
Multipath Tree Trace: Example
The following examples show how set the pace of MPLS echo request packet transmission for the MPLS
LSP Multipath Tree Trace feature. The time between successive MPLS echo requests is set to
300 milliseconds in the first example and 400 milliseconds in the second example:
Router# trace mpls multipath ipv4 10.131.159.252/32 interval 300
Notice that the elapsed time increases as you increase the interval size.
26
MPLS EM—MPLS LSP Multipath Tree Trace
Configuration Examples for MPLS EM—MPLS LSP Multipath Tree Trace
Enabling MPLS LSP Multipath Tree Trace to Detect LSP Breakages Caused by
an Interface That Lacks an MPLS Configuration: Example
The following examples shows how to enable the MPLS LSP Multipath Tree Trace feature to detect LSP
breakages caused by an interface that lacks an MPLS configuration:
Router# trace mpls multipath ipv4 10.1.1.150/32 force-explicit-null
This example shows the additional information provided when you add the verbose keyword to the
command:
Router# trace mpls multipath ipv4 10.1.1.150/32 force-explicit-null verbose
27
MPLS EM—MPLS LSP Multipath Tree Trace
Configuration Examples for MPLS EM—MPLS LSP Multipath Tree Trace
2 10.2.121.121 10.3.132.132 MRU 1500 [Labels: 34/explicit-null Exp: 0/0] ret code 8
multipaths 1
L
3 10.3.132.132 10.4.140.240 MRU 1500 [Labels: 32/explicit-null Exp: 0/0] ret code 8
multipaths 1
L
4 10.4.140.240 10.5.150.50 MRU 1504 [Labels: explicit-null Exp: 0] ret code 8 multipaths
1 !
5 10.5.150.50, ret code 3 multipaths 0
LLL!
Path 1 found,
output interface Fe0/0/0 source 10.1.111.101 destination 127.0.0.1
0 10.1.111.101 10.1.111.111 MRU 1500 [Labels: 33/explicit-null Exp: 0/0] multipaths 0
L
1 10.1.111.111 10.2.120.120 MRU 1500 [Labels: 33/explicit-null Exp: 0/0] ret code 8
multipaths 2
L
2 10.2.120.120 10.3.131.131 MRU 1500 [Labels: 33/explicit-null Exp: 0/0] ret code 8
multipaths 2
L
3 10.3.131.131 10.4.141.141 MRU 1500 [Labels: 34/explicit-null Exp: 0/0] ret code 8
multipaths 2
L
4 10.4.141.141 10.5.150.150 MRU 1504 [Labels: explicit-null Exp: 0] ret code 8
multipaths 1
!
5 10.5.150.150, ret code 3 multipaths 0
L!
Path 2 found,
output interface Fe0/0/0 source 10.1.111.101 destination 127.0.0.5
0 10.1.111.101 10.1.111.111 MRU 1500 [Labels: 33/explicit-null Exp: 0/0] multipaths 0
L
1 10.1.111.111 10.2.120.120 MRU 1500 [Labels: 33/explicit-null Exp: 0/0] ret code 8
multipaths 2
L
2 10.2.120.120 10.3.131.131 MRU 1500 [Labels: 33/explicit-null Exp: 0/0] ret code 8
multipaths 2
L
3 10.3.131.131 10.4.140.140 MRU 1500 [Labels: 32/explicit-null Exp: 0/0] ret code 8
multipaths 2
L
4 10.4.140.140 10.5.150.50 MRU 1504 [Labels: explicit-null Exp: 0] ret code 8 multipaths
1 ! 5 10.5.150.50, ret code 3 multipaths 0
LL!
Path 3 found,
output interface Fe0/0/0 source 10.1.111.101 destination 127.0.0.7
0 10.1.111.101 10.1.111.111 MRU 1500 [Labels: 33/explicit-null Exp: 0/0] multipaths 0
L
1 10.1.111.111 10.2.120.120 MRU 1500 [Labels: 33/explicit-null Exp: 0/0] ret code 8
multipaths 2
L
2 10.2.120.120 10.3.130.130 MRU 1500 [Labels: 34/explicit-null Exp: 0/0] ret code 8
multipaths 2
L
3 10.3.130.130 10.4.140.40 MRU 1500 [Labels: 32/explicit-null Exp: 0/0] ret code 8
multipaths 1
L
4 10.4.140.40 10.5.150.50 MRU 1504 [Labels: explicit-null Exp: 0] ret code 8 multipaths
1
!
5 10.5.150.50, ret code 3 multipaths 0
28
MPLS EM—MPLS LSP Multipath Tree Trace
Configuration Examples for MPLS EM—MPLS LSP Multipath Tree Trace
Requesting That a Transit Router Validate the Target FEC Stack for MPLS LSP
Multipath Tree Trace: Example
The following example shows how to request that a transit router validate the target FEC stack for the
MPLS LSP Multipath Tree Trace feature:
Router# trace mpls multipath ipv4 10.1.1.150/32 flags fec ttl 5
Target FEC stack validation is always done at the egress router when the flags fec keywords are specified
in the trace mpls multipath command.
Setting the Number of Timeout Attempts for MPLS LSP Multipath Tree Trace:
Example
The following example sets the number of timeout attempts for the MPLS LSP Multipath Tree Trace
feature to four:
Router# trace mpls multipath ipv4 10.1.1.150/32 retry-count 4
29
MPLS EM—MPLS LSP Multipath Tree Trace
Configuration Examples for MPLS EM—MPLS LSP Multipath Tree Trace
The following output shows a trace mpls multipath command that found one unexplored path, one
successful path, and one broken path:
30
MPLS EM—MPLS LSP Multipath Tree Trace
Additional References
Additional References
The following sections provide references related to the MPLS EM—MPLS LSP Multipath Tree Trace
feature.
Related Documents
Related Topic Document Title
Concepts and configuration tasks for MPLS LSP ping MPLS LSP Ping/Traceroute for LDP/TE, and LSP Ping for VCCV
or traceroute
Concepts and configuration for MPLS and other MPLS Cisco IOS XE Multiprotocol Label Switching Configuration Guide,
applications Release 2
MPLS commands Cisco IOS Multiprotocol Label Switching Command Reference
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
RFC 2113 IP Router Alert Option
RFC 3443 Time To Live (TTL) Processing in Multi-Protocol Label Switching (MPLS)
Networks
RFC 4377 Operations and Management (OAM) Requirements for Multi-Protocol Label
Switched (MPLS) Networks
RFC 4378 A Framework for Multi-Protocol Label Switching (MPLS) Operations and
Management (OAM)
RFC 4379 Detecting Multi-Protocol Label Switched (MPLS) Data Plane Failures
31
MPLS EM—MPLS LSP Multipath Tree Trace
Related Documents
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
32
MPLS EM—MPLS LSP Multipath Tree Trace
Feature Information for MPLS EM—MPLS LSP Multipath Tree Trace
Note Table 3 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
Table 3 Feature Information for MPLS EM—MPLS LSP Multipath Tree Trace
33
MPLS EM—MPLS LSP Multipath Tree Trace
Feature Information for MPLS EM—MPLS LSP Multipath Tree Trace
Table 3 Feature Information for MPLS EM—MPLS LSP Multipath Tree Trace (continued)
34
MPLS EM—MPLS LSP Multipath Tree Trace
Glossary
Glossary
ECMP—equal-cost multipath. Multiple routing paths of equal cost that may be used for packet
forwarding.
FEC—Forwarding Equivalence Class. A set of packets that can be handled equivalently for forwarding
purposes and are thus suitable for binding to a single label. Examples include the set of packets destined
for one address prefix and the packets in any flow.
flow—A set of packets traveling between a pair of hosts, or between a pair of transport protocol ports
on a pair of hosts. For example, packets with the same source address, source port, destination address,
and destination port might be considered a flow.
A flow is also a stream of data traveling between two endpoints across a network (for example, from one
LAN station to another). Multiple flows can be transmitted on a single circuit.
localhost—A name that represents the host router (device). The localhost uses the reserved loopback IP
address 127.0.0.1.
LSP—label switched path. A connection between two routers in which Multiprotocol Label Switching
(MPLS) forwards the packets.
LSPV—Label Switched Path Verification. An LSP ping subprocess. It encodes and decodes
Multiprotocol Label Switching (MPLS) echo requests and replies, and it interfaces with IP, MPLS, and
AToM switching for sending and receiving MPLS echo requests and replies. At the MPLS echo request
originator router, LSPV maintains a database of outstanding echo requests for which echo responses
have not been received.
MPLS router alert label—An Multiprotocol Label Switching (MPLS) label of 1. An MPLS packet with
a router alert label is redirected by the router to the Route Processor (PR) processing level for handling.
This allows these packets to bypass any forwarding failures in hardware routing tables.
OAM—Operation, Administration, and Management.
punt—Redirect packets with a router alert from the line card or interface to Route Processor (RP) level
processing for handling.
RP—Route Processor. The processor module contains the CPU, system software, and most of the
memory components that are used in the router.
TTL—time-to-live. A parameter you can set that indicates the maximum number of hops a packet should
take to reach its destination.
TLV—type, length, values. A block of information included in a Cisco Discovery Protocol address.
UDP—User Datagram Protocol. Connectionless transport layer protocol in the TCP/IP protocol stack.
UDP is a simple protocol that exchanges datagrams without acknowledgments or guaranteed delivery,
so error processing and retransmission must be handled by other protocols. UDP is defined in RFC 768.
XDR—eXternal Data Representation. Standard for machine-independent data structures developed by
Sun Microsystems. Used to transport messages between the Route Processor (RP) and the line card.
35
MPLS EM—MPLS LSP Multipath Tree Trace
Glossary
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
36
MPLS Label Distribution Protocol MIB
This document describes the Simple Network Management Protocol (SNMP) agent support provided in
Cisco IOS XE software for the MPLS Label Distribution Protocol Management Information Base
(MPLS LDP MIB).
Contents
• Restrictions for MPLS LDP MIB, page 2
• Information About MPLS LDP MIB, page 2
• How to Configure MPLS LDP MIB, page 8
• Configuration Examples for MPLS LDP MIB, page 13
• Additional References, page 14
• Feature Information for MPLS Label Distribution MIB, page 16
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Label Distribution Protocol MIB
Restrictions for MPLS LDP MIB
2
MPLS Label Distribution Protocol MIB
Information About MPLS LDP MIB
Note Because the MPLS LDP MIB was not given an Internet Assigned Numbers Authority (IANA)
Experimental OID at the time of its implementation, Cisco chose to implement the MIB under the
Cisco Experimental OID number:
ciscoExperiment 1.3.6.1.4.1.9.10
mplsLdpMIB 1.3.6.1.4.1.9.10.65
If the MPLS LDP MIB is assigned an IANA Experimental OID number, Cisco will deprecate all objects
in the MIB under the Cisco Experimental OID and reposition the objects under the IANA Experimental
OID.
3
MPLS Label Distribution Protocol MIB
Information About MPLS LDP MIB
4
MPLS Label Distribution Protocol MIB
Information About MPLS LDP MIB
In effect, the MPLS LDP MIB provides a network management database that supports real-time access
to the various MIB objects within, reflecting the current state of MPLS LDP operations in the network.
This network management information database is accessible by means of standard SNMP commands
issued from an NMS in the MPLS/LDP operating environment.
The MPLS LDP MIB supports the following network management and administrative activities:
• Retrieving MPLS LDP MIB parameters pertaining to LDP operations
• Monitoring the characteristics and the status of LDP peers
• Monitoring the status of LDP sessions between LDP peers
• Monitoring Hello adjacencies in the network
• Gathering statistics regarding LDP sessions
LDP Entities
An LDP entity is uniquely identified by an LDP identifier having the object name mplsLdpEntityLdpId.
This object consists of the router ID (four octets) and an interface number (two octets). The router ID
encodes an IP address assigned to the LSR. The interface number identifies a specific label space
available within the LSR.
An LDP entity represents a label space that is targeted for distribution to an LDP peer. In the case of an
interface-specific LDP entity, the label space is distributed to a single LDP peer by means of a single
LDP session.
Conversely, a platform-wide LDP entity can be associated with multiple LDP peers. In this case, the
label space is distributed to multiple LDP peers by means of a separate LDP session pertaining to each
peer.
LDP Peers
If an LSR has a label space to advertise to another LSR, or to multiple LSRs, there would be one LDP
session for each LSR receiving the label space information. The receiver of the label space information
is referred to as an LDP peer.
Per-interface label spaces are advertised to a single LDP peer by means of a single LDP session.
Per-platform label spaces are advertised to multiple LDP peers by means of multiple LDP sessions.
The possible existence of multiple per-platform LDP peers dictates not only that an LDP entity be
identified by its unique LDP tag, but also by its LDP index. In this case, the label space is the same, but
the LDP Index differentiates the LDP session over which the label space is distributed to multiple LDP
peers.
LDP Sessions
LDP sessions between local entities and remote peers distribute label spaces. There is always a
one-to-one correspondence between an LDP peer and an LDP session. A single LDP session is a label
distribution protocol instance that communicates across one or more network links with a single LDP
peer. In the case of a platform-wide local LDP entity, there may be multiple LDP sessions and a
corresponding number of remote LDP peers.
5
MPLS Label Distribution Protocol MIB
Information About MPLS LDP MIB
6
MPLS Label Distribution Protocol MIB
Information About MPLS LDP MIB
The MPLS LDP MIB objects that announce LDP status transitions and event notifications include the
following:
• mplsLdpSessionUp—This message is generated when an LDP entity (a local LSR) establishes an
LDP session with another LDP entity (an adjacent LDP peer in the network).
• mplsLdpSessionDown—This message is generated when an LDP session between a local LSR and
its adjacent LDP peer is terminated.
The up and down notifications indicate the last active interface in the LDP session.
• mplsLdpPathVectorLimitMismatch—This message is generated when a local LSR establishes an
LDP session with its adjacent peer LSR, but the two LSRs have dissimilar path vector limits.
The value of the path vector limit can range from 0 to 255; a value of 0 indicates that loop detection
is off; any value other than 0 up to 255 indicates that loop detection is on and, in addition, specifies
the maximum number of hops through which an LDP message can pass before a loop condition in
the network is sensed.
We recommend that all LDP-enabled routers in the network be configured with the same path vector
limit. Accordingly, the mplsLdpPathVectorLimitMismatch object exists in the MPLS LDP MIB to
provide a warning message to the NMS when two routers engaged in LDP operations have a
dissimilar path vector limits.
• mplsLdpFailedInitSessionThresholdExceeded—This message is generated when a local LSR and an
adjacent LDP peer attempt to set up an LDP session between them, but fail to do so after a specified
number of attempts. The default number of attempts is 8. This default value is implemented in
Cisco IOS XE software and cannot be changed by either the CLI or an SNMP agent.
Eight failed attempts to establish an LDP session between a local LSR and an LDP peer, due to any
type of incompatibility between the devices, causes this notification message to be generated.
In general, Cisco routers support the same features across multiple platforms. Therefore, the most
likely incompatibility to occur between Cisco LSRs is a mismatch of their respective ATM VPI/VCI
label ranges.
For example, if you specify a range of valid labels for an LSR that does not overlap the range of its
adjacent LDP peer, the routers try eight times to create an LDP session between themselves before
the mplsLdpFailedInitSessionThresholdExceeded notification is generated and sent to the NMS as
an informational message.
Operationally, the LSRs whose label ranges do not overlap continue their attempt to create an LDP
session between themselves after the eight retry limit is exceeded. In such cases, the LDP threshold
exceeded notification alerts the network administrator to the existence of a condition in the network
that may warrant attention.
RFC 3036, LDP Specification, details the incompatibilities that can exist between Cisco routers
and/or other vendor LSRs in an MPLS network. Among such incompatibilities, for example, are the
following:
– Nonoverlapping ATM VPI/VCI ranges (as noted above) or nonoverlapping Frame-Relay DLCI
ranges between LSRs attempting to set up an LDP session
– Unsupported label distribution method
– Dissimilar protocol data unit (PDU) sizes
– Dissimilar LDP feature support
7
MPLS Label Distribution Protocol MIB
How to Configure MPLS LDP MIB
SUMMARY STEPS
1. enable
2. show running-config
3. configure terminal
4. snmp-server community string [view view-name] [ro | rw] [acl-number]
5. do copy running-config startup-config
6. exit
7. show-running config [interface | map-class]
DETAILED STEPS
Example:
Router# configure terminal
8
MPLS Label Distribution Protocol MIB
How to Configure MPLS LDP MIB
Example:
Router(config)# exit
Step 7 show running-config [interface | map-class] (Optional) Displays the configuration information currently
on the router, the configuration for a specific interface, or
map-class information.
Example:
Router# show running-config | include • Use the show running-config command to check that
smnp-server the snmp-server statements appear in the output.
Note Although you can set the community-string argument using the snmp-server host command by itself,
we recommend that you define this string using the snmp-server community command prior to using
the snmp-server host command.
9
MPLS Label Distribution Protocol MIB
How to Configure MPLS LDP MIB
SUMMARY STEPS
1. enable
2. configure terminal
3. snmp-server host host-addr [traps | informs] [version {1 | 2c | 3 [auth | noauth | priv]}]
community-string [udp-port port] [notification-type] [vrf vrf-name]
4. snmp-server enable traps mpls ldp [session-down] [session-up] [pv-limit] [threshold]
5. exit
DETAILED STEPS
Example:
Router# configure terminal
10
MPLS Label Distribution Protocol MIB
How to Configure MPLS LDP MIB
11
MPLS Label Distribution Protocol MIB
How to Configure MPLS LDP MIB
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. show running-config
3. exit
12
MPLS Label Distribution Protocol MIB
Configuration Examples for MPLS LDP MIB
DETAILED STEPS
Step 1 enable
Use this command to enable privileged EXEC mode. Enter your password if prompted. For example:
Router> enable
Router#
The presence of any snmp-server statement in the output that takes the form shown above verifies that
the SNMP agent has been enabled on the host NMS workstation.
Step 3 exit
Use this command to exit to user EXEC mode. For example:
Router# exit
Router>
The following example shows how to enable SNMPv1 and SNMPv2C on the host NMS. The
configuration permits any SNMP agent to access all MPLS LDP MIB objects with read-only permission
using the community string public.
Router(config)# snmp-server community public
The following example shows how to allow read-only access to all MPLS LDP MIB objects relating to
members of access list 4 that specify the comaccess community string. No other SNMP agents will have
access to any of the MPLS LDP MIB objects.
Router(config)# snmp-server community comaccess ro 4
The following example shows how to enable the session up and session down LDP notifications:
13
MPLS Label Distribution Protocol MIB
Additional References
Additional References
The following sections provide references related to the MPLS LDP MIB.
Related Documents
Related Topic Document Title
MPLS LDP configuration tasks MPLS Label Distribution Protocol (LDP)
MPLS LDP commands: complete command syntax, Cisco IOS Multiprotocol Label Switching Command Reference
command mode, command history, defaults, usage
guidelines, and examples
SNMP commands Cisco IOS Network Management Command Reference
SNMP configuration “Configuring SNMP Support” in the Cisco IOS XE
Network Management Configuration Guide, Release 2
Standards
Standards Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIBs MIBs Link
• MPLS LDP MIB To locate and download MIBs for selected platforms, Cisco IOS XE
software releases, and feature sets, use Cisco MIB Locator found at
the following URL:
http://www.cisco.com/go/mibs
RFCs
RFCs Title
RFC 3036 LDP Specification
RFC 3037 LDP Applicability
14
MPLS Label Distribution Protocol MIB
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
15
MPLS Label Distribution Protocol MIB
Feature Information for MPLS Label Distribution MIB
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
16
MPLS Label Distribution Protocol MIB
Feature Information for MPLS Label Distribution MIB
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
17
MPLS Label Distribution Protocol MIB
Feature Information for MPLS Label Distribution MIB
18
MPLS Label Distribution Protocol MIB Version 8
Upgrade
The MPLS Label Distribution Protocol (LDP) MIB Version 8 Upgrade feature enhances the LDP MIB
to support the Internet Engineering Task Force (IETF) draft Version 8.
Contents
• Prerequisites for MPLS LDP MIB Version 8 Upgrade, page 2
• Restrictions for MPLS LDP MIB Version 8 Upgrade, page 2
• Information About MPLS LDP MIB Version 8 Upgrade, page 2
• How to Configure MPLS LDP MIB Version 8 Upgrade, page 24
• Configuration Examples for MPLS LDP MIB Version 8 Upgrade, page 34
• Additional References, page 36
• Feature Information for MPLS LDP MIB Version 8 Upgrade, page 38
• Glossary, page 40
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Label Distribution Protocol MIB Version 8 Upgrade
Prerequisites for MPLS LDP MIB Version 8 Upgrade
2
MPLS Label Distribution Protocol MIB Version 8 Upgrade
Information About MPLS LDP MIB Version 8 Upgrade
A fundamental MPLS principle is that LSRs in an MPLS network must agree on the definition of the
labels being used for packet forwarding operations. Label agreement is achieved in an MPLS network
by means of procedures defined in the LDP.
LDP operations begin with a discovery (hello) process, during which an LDP entity (a local LSR) finds
a cooperating LDP peer in the network, and the two negotiate basic operating procedures. The
recognition and identification of a peer by means of this discovery process results in a hello adjacency,
which represents the context within which label binding information is exchanged between the local
LSR and its LDP peer. LDP then creates an active LDP session between the two LSRs to effect the
exchange of label binding information. When this process is carried to completion with respect to all of
the LSRs in an MPLS network, the result is a label-switched path (LSP), which constitutes an end-to-end
packet transmission pathway between the communicating network devices.
By means of LDP, LSRs can collect, distribute, and release label binding information to other LSRs in
an MPLS network, thereby enabling the hop-by-hop forwarding of packets in the network along
normally routed paths.
The MPLS LDP MIB has been implemented to enable standard, SNMP-based network management of
the label switching features in Cisco IOS XE software. Providing this capability requires SNMP agent
code to execute on a designated network management station (NMS) in the network. The NMS serves
as the medium for user interaction with the network management objects in the MPLS LDP MIB.
The SNMP agent code has a layered structure that is compatible with Cisco IOS XE software and
presents a network administrative and management interface to the objects in the MPLS LDP MIB and,
thence, to the rich set of label switching capabilities supported by Cisco IOS XE software.
By means of an SNMP agent, you can access MPLS LDP MIB objects using standard SNMP GET
operations, and you can use those objects to accomplish a variety of network management tasks. All the
objects in the MPLS LDP MIB follow the conventions defined in the IETF draft MIB entitled
draft-ietf-mpls-ldp-mib-08.txt, which defines network management objects in a structured and
standardized manner. This draft MIB is evolving and is soon expected to be a standard. Accordingly, the
MPLS LDP MIB will be implemented in such a way that it tracks the evolution of this IETF document.
However, slight differences exist between the IETF draft MIB and the implementation of equivalent
Cisco IOS XE functions. As a result, some minor translations between the MPLS LDP MIB objects and
the internal Cisco IOS XE data structures are needed. Such translations are accomplished by the SNMP
agent, which runs in the background on the NMS workstation as a low-priority process.
The extensive Cisco IOS XE label switching capabilities provide an integrated approach to managing the
large volumes of traffic carried by WANs. These capabilities are integrated into the Layer 3 network
services, thus optimizing the routing of high-volume traffic through Internet service provider backbones
while, at the same time, ensuring the resistance of the network to link or node failures.
The MPLS Label Distribution Protocol MIB Version 8 Upgrade supports the following functions:
• Generation and sending of event notification messages that signal changes in the status of LDP
sessions
• Enabling and disabling of event notification messages by means of extensions to existing SNMP CLI
commands
• Specification of the name or the IP address of an NMS workstation in the operating environment to
which Cisco IOS XE event notification messages are to be sent to serve network administrative and
management purposes
• Storage of the configuration pertaining to an event notification message in NVRAM of the NMS
The structure of the MPLS LDP MIB conforms to Abstract Syntax Notation One (ASN.1), so the MIB
forms a highly structured and idealized database of network management objects.
3
MPLS Label Distribution Protocol MIB Version 8 Upgrade
Information About MPLS LDP MIB Version 8 Upgrade
Using any standard SNMP application, you can retrieve and display information from the
MPLS LDP MIB by means of standard SNMP GET and GETNEXT operations.
Note Because the MPLS LDP MIB was not given an Internet Assigned Numbers Authority (IANA)
experimental object identifier (OID) at the time of its implementation, Cisco chose to implement the
MIB under the ciscoExperimental OID number, as follows:
ciscoExperimental
1.3.6.1.4.1.9.10
mplsLdpMIB
1.3.6.1.4.1.9.10.65
If the MPLS LDP MIB is assigned an IANA Experimental OID number, Cisco will replace all objects
in the MIB under the ciscoExperimental OID and reposition the objects under the IANA Experimental
OID.
4
MPLS Label Distribution Protocol MIB Version 8 Upgrade
Description of MPLS LDP MIB Elements for MPLS LDP MIB Version 8 Upgrade
LDP Entities
An LDP entity is uniquely identified by an LDP identifier that consists of the mplsLdpEntityLdpId and
the mplsLdpEntityIndex (see Figure 1).
• The mplsLdpEntityLdpId consists of the local LSR ID (four octets) and the label space ID (two
octets). The label space ID identifies a specific label space available within the LSR.
• The mplsLdpEntityIndex consists of the IP address of the peer active hello adjacency, which is the
32-bit representation of the IP address assigned to the peer LSR.
The mplsldpEntityProtocolVersion is a sample object from the mplsLdpEntityTable.
5
MPLS Label Distribution Protocol MIB Version 8 Upgrade
Description of MPLS LDP MIB Elements for MPLS LDP MIB Version 8 Upgrade
88214
mplsLdpEntityProtocolVersion.10.10.10.10.0.0.3232236034
An LDP entity represents a label space that has the potential for a session with an LDP peer. An LDP
entity is set up when a hello adjacency receives a hello message from an LDP peer.
In Figure 2, Router A has potential sessions with two remote peers, Routers B and C. The
mplsLdpEntityLdpId is 10.10.10.10.0.0, and the IP address of the peer active hello adjacency
(mplsLdpEntityIndex) is 3232235777, which is the 32-bit representation of the IP address 192.168.1.1
for Router B.
IP address 192.168.1.1
mplsLdpEntityLdpId 10.10.10.10.0.0 Potential session
Router A (local LDP) (entity)
Router B (peer)
IP address 192.168.2.2
Potential session
(entity)
88213
Router C (peer)
6
MPLS Label Distribution Protocol MIB Version 8 Upgrade
Description of MPLS LDP MIB Elements for MPLS LDP MIB Version 8 Upgrade
LC-ATM
LC-ATM
Interface-
Platform-wide session specific
sessions
Serial
88215
LSR ID 10.12.12.12
Router C (peer)
Figure 4 shows entries that correspond to the mplsLdpPeerTable and the mplsLdpSessionTable in
Figure 3.
In Figure 4, mplsLdpSesState is a sample object from the mplsLdpSessionTable on Router A. There are
four mplsLdpSesState sample objects shown (top to bottom). The first object represents a platform-wide
session associated with two serial interfaces. The next two objects represent interface-specific sessions
for the LC-ATM interfaces on Routers A and B. These interface-specific sessions have nonzero peer
label space IDs. The last object represents a platform-wide session for the next peer, Router C.
The indexing is based on the entries in the mplsLdpEntityTable. It begins with the indexes of the
mplsLdpEntityTable and adds the following:
• Peer LDP ID = 10.11.11.11.0.0
The peer LDP ID consists of the peer LSR ID (four octets) and the peer label space ID (two octets).
• Peer LSR ID = 10.11.11.11
• Peer label space ID = 0.0
The peer label space ID identifies a specific peer label space available within the LSR.
7
MPLS Label Distribution Protocol MIB Version 8 Upgrade
Description of MPLS LDP MIB Elements for MPLS LDP MIB Version 8 Upgrade
mpIsLdpSesState.10.10.10.10.0.0.3232235777.10.11.11.11.0.0
Indexing of Peer label space ID
Peer LSR ID
mpIsLdpEntityTable
mplsLdpSesState.10.10.10.10.0.0.3232236034.10.12.12.12.0.0
mplsLdpSesState.10.10.10.10.0.1.3232235778.10.11.11.11.0.1
88216
mplsLdpSesState.10.10.10.10.0.2.3232235779.10.11.11.11.0.2
Serial
LSR ID 10.12.12.12
Platform-wide Router C (peer)
session (targeted)
88217
8
MPLS Label Distribution Protocol MIB Version 8 Upgrade
Events Generating MPLS LDP MIB Notifications in MPLS LDP MIB Version 8 Upgrade
88218
mplsLdpHelloAdjHoldTimeRem.10.10.10.10.0.0.3232236034.10.12.12.12.0.0.1
9
MPLS Label Distribution Protocol MIB Version 8 Upgrade
MIB Tables in MPLS LDP MIB Version 8 Upgrade
For example, if you specify a range of valid labels for an LSR that does not overlap the range of its
adjacent LDP peer, the routers try eight times to create an LDP session between themselves before
the mplsLdpFailedInitSessionThresholdExceeded notification is generated and sent to the NMS as
an informational message.
The LSRs whose label ranges do not overlap continue their attempt to create an LDP session
between themselves after the eight-retry threshold is exceeded.
In such cases, the LDP threshold exceeded notification alerts the network administrator about a
condition in the network that might warrant attention.
RFC 3036, LDP Specification, details the incompatibilities that can exist between Cisco routers
and/or other vendor LSRs in an MPLS network.
Among such incompatibilities, for example, are the following:
– Nonoverlapping ATM VPI/VCI ranges (as noted above) or nonoverlapping Frame-Relay DLCI
ranges between LSRs attempting to set up an LDP session
– Unsupported label distribution method
– Dissimilar protocol data unit (PDU) sizes
– Dissimilar types of LDP feature support
10
MPLS Label Distribution Protocol MIB Version 8 Upgrade
MIB Tables in MPLS LDP MIB Version 8 Upgrade
mplsLdpEntityTable
Table 1 lists the mplsLdpEntityTable objects and their descriptions.
Object Description
mplsLdpEntityEntry Represents an LDP entity, which is a potential session between
two peers.
mplsLdpEntityLdpId The LDP identifier (not accessible) consists of the local LSR ID
(four octets) and the label space ID (two octets).
mplsLdpEntityIndex A secondary index that identifies this row uniquely. It consists
of the IP address of the peer active hello adjacency, which is the
32-bit representation of the IP address assigned to the LSR (not
accessible).
mplsLdpEntityProtocolVersion The version number of the LDP protocol to be used in the
session initialization message.
mplsLdpEntityAdminStatus The administrative status of this LDP entity is always up. If the
hello adjacency fails, this entity disappears from the
mplsLdpEntityTable.
11
MPLS Label Distribution Protocol MIB Version 8 Upgrade
MIB Tables in MPLS LDP MIB Version 8 Upgrade
Object Description
mplsLdpEntityOperStatus The operational status of this LDP entity. Values are
unknown(0), enabled(1), and disabled(2).
mplsLdpEntityTcpDscPort The TCP discovery port for LDP or TDP. The default value is
646 (LDP).
mplsLdpEntityUdpDscPort The UDP discovery port for LDP or TDP. The default value is
646 (LDP).
mplsLdpEntityMaxPduLength The maximum PDU length that is sent in the common session
parameters of an initialization message.
mplsLdpEntityKeepAliveHoldTimer The two-octet value that is the proposed keepalive hold time for
this LDP entity.
mplsLdpEntityHelloHoldTimer The two-octet value that is the proposed hello hold time for this
LDP entity.
mplsLdpEntityInitSesThreshold The threshold for notification when this entity and its peer are
engaged in an endless sequence of initialization messages.
The default value is 8 and cannot be changed by SNMP or CLI.
mplsLdpEntityLabelDistMethod The specified method of label distribution for any given LDP
session. Values are downstreamOnDemand(1) and
downstreamUnsolicited(2).
mplsLdpEntityLabelRetentionMode Can be configured to use either conservative(1) for LC-ATM or
liberal(2) for all other interfaces.
mplsLdpEntityPVLMisTrapEnable Indicates whether the mplsLdpPVLMismatch trap should be
generated.
If the value is enabled(1), the trap is generated. If the value is
disabled(2), the trap is not generated. The default is
disabled(2).
Note The mplsLdpPVLMismatch trap is generated only if
mplsLdpEntityLabelDistMethod is
downstreamOnDemand(1).
mplsLdpEntityPVL If the value of this object is 0, loop detection for path vectors is
disabled. Otherwise, if this object has a value greater than zero,
loop detection for path vectors is enabled, and the path vector
limit is this value.
Note The mplsLdpEntityPVL object is non-zero only if
mplsLdpEntityLabelDistMethod is
downstreamOnDemand(1).
mplsLdpEntityHopCountLimit If the value of this object is 0, loop detection using hop counters
is disabled.
If the value of this object is greater than 0, loop detection using
hop counters is enabled, and this object specifies this entity's
maximum allowable value for the hop count.
Note The mplsLdpEntityHopCountLimit object is non-zero
only if mplsLdpEntityLabelDistMethod is
downstreamOnDemand(1).
12
MPLS Label Distribution Protocol MIB Version 8 Upgrade
MIB Tables in MPLS LDP MIB Version 8 Upgrade
Object Description
mplsLdpEntityTargPeer If this LDP entity uses a targeted adjacency, this object is set to
true(1). The default value is false(2).
mplsLdpEntityTargPeerAddrType The type of the internetwork layer address used for the
extended discovery. This object indicates how the value of
mplsLdpEntityTargPeerAddr is to be interpreted.
mplsLdpEntityTargPeerAddr The value of the internetwork layer address used for the
targeted adjacency.
mplsLdpEntityOptionalParameters Specifies the optional parameters for the LDP initialization
message. If the value is generic(1), no optional parameters are
sent in the LDP initialization message associated with this
entity.
LC-ATM uses atmParameters(2) to specify that a row in the
mplsLdpEntityAtmParmsTable corresponds to this entry.
Note Frame Relay parameters are not supported.
mplsLdpEntityDiscontinuityTime The value of sysUpTime on the most recent occasion when one
or more of this entity’s counters suffered a discontinuity. The
relevant counters are the specific instances of any Counter32 or
Counter64 object contained in the mplsLdpEntityStatsTable
that are associated with this entity. If no such discontinuities
have occurred since the last reinitialization of the local
management subsystem, this object contains a 0 value.
mplsLdpEntityStorType The storage type for this entry is a read-only implementation
that is always volatile.
mplsLdpEntityRowStatus This object is a read-only implementation that is always active.
mplsLdpEntityConfGenLRTable
Table 2 lists the mplsLdpEntityConfGenLRTable objects and their descriptions.
Object Description
mplsLdpEntityConfGenLREntry A row in the LDP Entity Configurable Generic Label Range
table. One entry in this table contains information on a single
range of labels; the range is defined by an upper boundary
(VPI/VCI pair) and a lower boundary (VPI/VCI pair).
The current implementation supports one label range per
entity.
mplsLdpEntityConfGenLRMin The minimum label configured for this range (not
accessible).
mplsLdpEntityConfGenLRMax The maximum label configured for this range (not
accessible).
13
MPLS Label Distribution Protocol MIB Version 8 Upgrade
MIB Tables in MPLS LDP MIB Version 8 Upgrade
Object Description
mplsLdpEntityConfGenIfIndxOrZero This value represents the SNMP IF-MIB index for the
platform-wide entity. If the active hello adjacency is targeted,
the value is 0.
mplsLdpEntityConfGenLRStorType The storage type for this entry is a read-only implementation
that is always volatile.
mplsLdpEntityConfGenLRRowStatus This object is a read-only implementation that is always
active.
mplsLdpEntityAtmParmsTable
Table 3 lists the mplsLdpEntityAtmParmsTable objects and their descriptions.
Object Description
mplsLdpEntityAtmParmsEntry Represents the ATM parameters and ATM information for
this LDP entity.
mplsLdpEntityAtmIfIndxOrZero This value represents the SNMP IF-MIB index for the
interface-specific LC-ATM entity.
mplsLdpEntityAtmMergeCap Denotes the merge capability of this entity.
mplsLdpEntityAtmLRComponents Number of label range components in the initialization
message. This also represents the number of entries in the
mplsLdpEntityConfAtmLRTable that correspond to this
entry.
mplsLdpEntityAtmVcDirectionality If the value of this object is bidirectional(0), a given VCI
within a given VPI is used as a label for both directions
independently of one another.
If the value of this object is unidirectional(1), a given VCI
within a VPI designates one direction.
mplsLdpEntityAtmLsrConnectivity The peer LSR can be connected indirectly by means of an
ATM VP, so that the VPI values can be different on the
endpoints. For that reason, the label must be encoded entirely
within the VCI field.
Values are direct(1), the default, and indirect(2).
mplsLdpEntityDefaultControlVpi The default VPI value for the non-MPLS connection.
mplsLdpEntityDefaultControlVci The default VCI value for the non-MPLS connection.
mplsLdpEntityUnlabTrafVpi VPI value of the VCC supporting unlabeled traffic. This
non-MPLS connection is used to carry unlabeled (IP)
packets.
mplsLdpEntityUnlabTrafVci VCI value of the VCC supporting unlabeled traffic. This
non-MPLS connection is used to carry unlabeled (IP)
packets.
14
MPLS Label Distribution Protocol MIB Version 8 Upgrade
MIB Tables in MPLS LDP MIB Version 8 Upgrade
Object Description
mplsLdpEntityAtmStorType The storage type for this entry is a read-only implementation
that is always volatile.
mplsLdpEntityAtmRowStatus This object is a read-only implementation that is always
active.
mplsLdpEntityConfAtmLRTable
Table 4 lists the mplsLdpEntityConfAtmLRTable objects and their descriptions.
Object Description
mplsLdpEntityConfAtmLREntry A row in the LDP Entity Configurable ATM Label Range
Table. One entry in this table contains information on a single
range of labels; the range is defined by an upper boundary
(VPI/VCI pair) and a lower boundary (VPI/VCI pair). This is
the same data used in the initialization message. This label
range should overlap the label range of the peer.
mplsLdpEntityConfAtmLRMinVpi The minimum VPI number configured for this range (not
accessible).
mplsLdpEntityConfAtmLRMinVci The minimum VCI number configured for this range (not
accessible).
mplsLdpEntityConfAtmLRMaxVpi The maximum VPI number configured for this range (not
accessible).
mplsLdpEntityConfAtmLRMaxVci The maximum VCI number configured for this range (not
accessible).
mplsLdpEntityConfAtmLRStorType The storage type for this entry is a read-only implementation
that is always volatile.
mplsLdpEntityConfAtmLRRowStatus This object is a read-only implementation that is always
active.
mplsLdpEntityStatsTable
Table 5 lists the mplsLdpEntityStatsTable objects and their descriptions.
Object Description
mplsLdpEntityStatsEntry These entries augment the mplsLdpEntityTable by providing
additional information for each entry.
mplsLdpAttemptedSessions Not supported in this feature.
mplsLdpSesRejectedNoHelloErrors A count of the session rejected/no hello error notification
messages sent or received by this LDP entity.
15
MPLS Label Distribution Protocol MIB Version 8 Upgrade
MIB Tables in MPLS LDP MIB Version 8 Upgrade
Object Description
mplsLdpSesRejectedAdErrors A count of the session rejected/parameters advertisement
mode error notification messages sent or received by this
LDP entity.
mplsLdpSesRejectedMaxPduErrors A count of the session rejected/parameters max PDU length
error notification messages sent or received by this LDP
entity.
mplsLdpSesRejectedLRErrors A count of the session rejected/parameters label range
notification messages sent or received by this LDP entity.
mplsLdpBadLdpIdentifierErrors A count of the number of bad LDP identifier fatal errors
detected by the session associated with this LDP entity.
mplsLdpBadPduLengthErrors A count of the number of bad PDU length fatal errors
detected by the session associated with this LDP entity.
mplsLdpBadMessageLengthErrors A count of the number of bad message length fatal errors
detected by the session associated with this LDP entity.
mplsLdpBadTlvLengthErrors A count of the number of bad Type-Length-Value (TLV)
length fatal errors detected by the session associated with this
LDP entity.
mplsLdpMalformedTlvValueErrors A count of the number of malformed TLV value fatal errors
detected by the session associated with this LDP entity.
mplsLdpKeepAliveTimerExpErrors A count of the number of session keepalive timer expired
errors detected by the session associated with this LDP entity.
mplsLdpShutdownNotifReceived A count of the number of shutdown notifications received
related to the session associated with this LDP entity.
mplsLdpShutdownNotifSent A count of the number of shutdown notifications sent related
to the session associated with this LDP entity.
mplsLdpPeerTable
Table 6 lists the mplsLdpPeerTable objects and their descriptions.
Object Description
mplsLdpPeerEntry Information about a single peer that is related to a session
(not accessible).
Note This table is augmented by the mplsLdpSessionTable.
mplsLdpPeerLdpId The LDP identifier of this LDP peer (not accessible) consists
of the peer LSR ID (four octets) and the peer label space ID
(two octets).
mplsLdpPeerLabelDistMethod For any given LDP session, the method of label distribution.
Values are downstreamOnDemand(1) and
downstreamUnsolicited(2).
16
MPLS Label Distribution Protocol MIB Version 8 Upgrade
MIB Tables in MPLS LDP MIB Version 8 Upgrade
Object Description
mplsLdpPeerLoopDetectionForPV An indication of whether loop detection based on path
vectors is disabled or enabled for this peer.
For downstream unsolicited distribution
(mplsLdpPeerLabelDistMethod is
downstreamUnsolicited(2)), this object always has a value of
disabled(0) and loop detection is disabled.
For downstream-on-demand distribution
(mplsLdpPeerLabelDistMethod is
downstreamOnDemand(1)), this object has a value of
enabled(1), provided that loop detection based on path
vectors is enabled.
mplsLdpPeerPVL If the value of mplsLdpPeerLoopDetectionForPV for this
entry is enabled(1), this object represents that path vector
limit for this peer.
If the value of mplsLdpPeerLoopDetectionForPV for this
entry is disabled(0), this value should be 0.
mplsLdpHelloAdjacencyTable
Table 7 lists the mplsLdpHelloAdjacencyTable objects and their descriptions.
Object Description
mplsLdpHelloAdjacencyEntry Each row represents a single LDP hello adjacency. An LDP
session can have one or more hello adjacencies (not
accessible).
mplsLdpHelloAdjIndex An identifier for this specific adjacency (not accessible). The
active hello adjacency has mplsLdpHelloAdjIndex equal to 1.
mplsLdpHelloAdjHoldTimeRem The time remaining for this hello adjacency. This interval
changes when the next hello message, which corresponds to
this hello adjacency, is received.
mplsLdpHelloAdjType This adjacency is the result of a link hello if the value of this
object is link(1). Otherwise, this adjacency is a result of a
targeted hello and its value is targeted(2).
mplsLdpSessionTable
Table 8 lists the mplsLdpSessionTable objects and their descriptions.
17
MPLS Label Distribution Protocol MIB Version 8 Upgrade
MIB Tables in MPLS LDP MIB Version 8 Upgrade
Object Description
mplsLdpSessionEntry An entry in this table represents information on a single
session between an LDP entity and an LDP peer. The
information contained in a row is read-only. This table
augments the mplsLdpPeerTable.
mplsLdpSesState The current state of the session. All of the states are based on
the LDP or TDP state machine for session negotiation
behavior.
The states are as follows:
• nonexistent(1)
• initialized(2)
• openrec(3)
• opensent(4)
• operational(5)
mplsLdpSesProtocolVersion The version of the LDP protocol which this session is using.
This is the version of the LDP protocol that has been
negotiated during session initialization.
mplsLdpSesKeepAliveHoldTimeRem The keepalive hold time remaining for this session.
mplsLdpSesMaxPduLen The value of maximum allowable length for LDP PDUs for
this session. This value could have been negotiated during the
session initialization.
mplsLdpSesDiscontinuityTime The value of sysUpTime on the most recent occasion when
one or more of this session’s counters suffered a
discontinuity. The relevant counters are the specific instances
of any Counter32 or Counter64 object contained in the
mplsLdpSesStatsTable associated with this session.
The initial value of this object is the value of sysUpTime
when the entry was created in this table.
mplsLdpAtmSesTable
Table 9 lists the mplsLdpAtmSesTable objects and their descriptions.
Objects Description
mplsLdpAtmSesEntry An entry in this table represents information on a single label
range intersection between an LDP entity and an LDP peer
(not accessible).
mplsLdpAtmSesLRLowerBoundVpi The minimum VPI number for this range (not accessible).
mplsLdpAtmSesLRLowerBoundVci The minimum VCI number for this range (not accessible).
18
MPLS Label Distribution Protocol MIB Version 8 Upgrade
MIB Tables in MPLS LDP MIB Version 8 Upgrade
Objects Description
mplsLdpAtmSesLRUpperBoundVpi The maximum VPI number for this range (read-only).
mplsLdpAtmSesLRUpperBoundVci The maximum VCI number for this range (read-only).
mplsLdpSesStatsTable
Table 10 lists the mplsLdpSesStatsTable objects and their descriptions.
Object Description
mplsLdpSesStatsEntry An entry in this table represents statistical information on a
single session between an LDP entity and an LDP peer. This
table augments the mplsLdpPeerTable.
mplsLdpSesStatsUnkMesTypeErrors This object is the count of the number of unknown message
type errors detected during this session.
mplsLdpSesStatsUnkTlvErrors This object is the count of the number of unknown TLV errors
detected during this session.
SNMP Contexts
SNMP contexts provide VPN users with a secure way of accessing MIB data. When a VPN is associated
with a context, that VPN’s specific MIB data exists in that context. Associating a VPN with a context
enables service providers to manage networks with multiple VPNs. Creating and associating a context
with a VPN enables a provider to prevent the users of one VPN from accessing information about users
of other VPNs on the same networking device.
19
MPLS Label Distribution Protocol MIB Version 8 Upgrade
MIB Tables in MPLS LDP MIB Version 8 Upgrade
VPN-aware SNMP requires that SNMP manager and agent entities operating in a VPN environment
agree on mapping between the SNMP security name and the VPN name. This mapping is created by
using different contexts for the SNMP data of different VPNs, which is accomplished through the
configuration of the SNMP View-based Access Control Model MIB (SNMP-VACM-MIB). The
SNMP-VACM-MIB is configured with views so that a user on a VPN with a security name is allowed
access to the restricted object space within the context of only that VPN.
SNMP request messages undergo three phases of security and access control before a response message
is sent back with the object values within a VPN context:
• The first security phase is authentication of the username. During this phase, the user is authorized
for SNMP access.
• The second phase is access control. During this phase, the user is authorized for SNMP access to the
group objects in the requested SNMP context.
• In the third phase, the user can access a particular instance of a table entry. With this third phase,
complete retrieval can be based on the SNMP context name.
IP access lists can be configured and associated with SNMP community strings. This feature enables you
to configure an association between VRF instances and SNMP community strings. When a VRF instance
is associated with an SNMP community string, SNMP processes requests coming in for a particular
community string only if they are received from the configured VRF. If the community string contained
in the incoming packet does not have a VRF associated with it, it is processed only if it came in through
a non-VRF interface.
You can also enable or disable authentication traps for SNMP packets dropped due to VRF mismatches.
By default, if SNMP authentication traps are enabled, VRF authentication traps are also enabled.
20
MPLS Label Distribution Protocol MIB Version 8 Upgrade
MIB Tables in MPLS LDP MIB Version 8 Upgrade
Figure 7 MPLS LDP Sessions Setup Before VPN Aware LDP MIB Feature
Core
VPN2 VPN2
103281
CE1-2 CE2-2
Site 1 LDP sessions Site 2
A MIB walk prior to this Cisco IOS XE release displayed only global session information.
With the VPN Aware LDP MIB enhancement, an SNMP query to the IETF MPLS-LDP-MIB supports
both global and VPN contexts. This feature allows you to enter LDP queries on any VRF and on the core
(global context). A query can differentiate between LDP sessions from different VPNs. LDP session
information for a VPN stays in the context of that VPN. Therefore, the information from one VPN is not
available to a user of a different VPN. The VPN Aware update to the LDP MIB also allows you to view
LDP processes operating in a Carrier Supporting Carrier (CSC) network.
In an MPLS VPN, a service provider edge router (PE) might contain VRFs for several VPNs as well as
a global routing table. To set up separate LDP processes for different VPNs on the same device, you need
to configure each VPN with a unique securityName, contextName, and View-based Access Control
Model (VACM) view. The VPN securityName must be configured for the IETF MPLS LDP MIB.
Figure 8 shows LDP sessions for a sample MPLS VPN network with the VPN Aware LDP MIB feature.
21
MPLS Label Distribution Protocol MIB Version 8 Upgrade
MIB Tables in MPLS LDP MIB Version 8 Upgrade
Figure 8 MPLS LDP Sessions with the VPN Aware LDP MIB Feature
LDP sessions on PE1 MIB walk on PE1 MIB walk on PE1 MIB walk on PE1
PE1 PE2 (global context) (VPN1 context) (VPN2 context)
PE1 CE1-1 PE1 PE2 PE1 CE1-1 PE1 CE2-1
PE1 CE1-2
Site 1 Site 2
CE1-1 CE2-1
VPN1 VPN1
Core
VPN2 VPN2
103282
CE1-2 CE2-2
Site 1 LDP sessions Site 2
With the VPN Aware LDP MIB feature, you can do MIB queries or MIB walks for an MPLS VPN LDP
session or a global LDP session.
Note To verify LDP session information for a specific VPN, use the show mpls ldp neighbor vrf vpn-name
detail command.
22
MPLS Label Distribution Protocol MIB Version 8 Upgrade
MIB Tables in MPLS LDP MIB Version 8 Upgrade
Figure 9 LDP Notifications Sent Before the VPN Aware LDP MIB Feature
SNMP manager
Core
VPN2 VPN2
103283
CE1-2 LDP session down CE2-2
Site 1 Site 2
Notification sent
The VPN Aware LDP MIB feature supports LDP notifications for multiple LDP contexts for VPNs. LDP
notifications can be generated for the core (global context) and for different VPNs. You can cause
notifications be sent to different NMS hosts for different LDP contexts. LDP notifications associated
with a specific VRF are sent to the NMS designated for that VRF. LDP global notifications are sent to
the NMS configured to receive global traps.
To enable LDP context notifications for the VPN Aware LDP MIB feature, use either the SNMP object
mplsLdpSessionsUpDownEnable (in the global LDP context only) or the following extended global
configuration commands.
To enable LDP notifications for the global context, use the following commands on a PE router:
Router(config)# snmp-server host host-address traps community mpls-ldp
To enable LDP notifications for a VPN context, use the following commands on a PE router:
Router(config)# snmp-server host host-address vrf vrf-name version {v1|v2c|v3}
community community-string udp-port upd-port mpls-ldp
Figure 10 shows LDP notifications with the VPN Aware LDP MIB feature.
23
MPLS Label Distribution Protocol MIB Version 8 Upgrade
How to Configure MPLS LDP MIB Version 8 Upgrade
Figure 10 LDP Notifications With the VPN Aware LDP MIB Feature
Site 1 Site 2
CE1-1 CE2-1
VPN1 VPN1
Core
VPN2 VPN2
103284
CE1-2 LDP session down CE2-2
Site 1 Site 2
Notification sent
SUMMARY STEPS
1. enable
2. show running-config
3. configure terminal
4. snmp-server community string [view view-name] [ro] [number]
24
MPLS Label Distribution Protocol MIB Version 8 Upgrade
How to Configure MPLS LDP MIB Version 8 Upgrade
5. end
6. write memory
DETAILED STEPS
Example:
Router# configure terminal
Step 4 snmp-server community string [view view-name] Configures read-only (ro) community strings for the MPLS
[ro] [number] LDP MIB.
• The string argument functions like a password,
Example: permitting access to SNMP functionality on label
Router(config)# snmp-server community public ro switch routers (LSRs) in an MPLS network.
• The optional ro keyword configures read-only (ro)
access to the objects in the MPLS LDP MIB.
Step 5 end Exits to privileged EXEC mode.
Example:
Router(config)# end
Step 6 write memory Writes the modified SNMP configuration into NVRAM of
the router, permanently saving the SNMP settings.
Example:
Router# write memory
SUMMARY STEPS
1. enable
2. configure terminal
25
MPLS Label Distribution Protocol MIB Version 8 Upgrade
How to Configure MPLS LDP MIB Version 8 Upgrade
3. ip cef distributed
4. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip cef distributed Enables distributed Cisco Express Forwarding.
Example:
Router(config)# ip cef distributed
Step 4 end Exits to privileged EXEC mode.
Example:
Router(config)# end
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls ip
4. end
DETAILED STEPS
Example:
Router# configure terminal
26
MPLS Label Distribution Protocol MIB Version 8 Upgrade
How to Configure MPLS LDP MIB Version 8 Upgrade
Example:
Router(config)# end
SUMMARY STEPS
1. enable
2. configure terminal
3. mpls label protocol ldp
4. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 mpls label protocol ldp Specifies the platform default label distribution protocol.
Example:
Router(config)# mpls label protocol ldp
Step 4 end Exits to privileged EXEC mode.
Example:
Router(config)# end
27
MPLS Label Distribution Protocol MIB Version 8 Upgrade
How to Configure MPLS LDP MIB Version 8 Upgrade
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number]
4. mpls ip
5. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type Configures an interface type and enters interface
slot/subslot/port[.subinterface-number] configuration mode.
Example:
Router(config)# interface FastEthernet 1/0/0
Step 4 mpls ip Enables MPLS forwarding of IPv4 packets along normally
routed paths for a particular interface.
Example:
Router(config-if)# mpls ip
Step 5 end Exits to privileged EXEC mode.
Example:
Router(config-if)# end
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number
4. mpls label protocol ldp |
5. end
28
MPLS Label Distribution Protocol MIB Version 8 Upgrade
How to Configure MPLS LDP MIB Version 8 Upgrade
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type Configures an interface type and enters interface
slot/subslot/port[.subinterface-number] configuration mode.
Example:
Router(config)# interface FastEthernet 1/0/0
Step 4 mpls label protocol ldp Specifies the label distribution protocol to be used on a
given interface.
Example:
Router(config-if)# mpls label protocol ldp
Step 5 end Exits to privileged EXEC mode.
Example:
Router(config-if)# end
SUMMARY STEPS
1. enable
2. configure terminal
3. snmp-server host host-address [traps | informs] [version {1 | 2c | 3 [auth | noauth | priv]}]
community-string [udp-port port] [notification-type] [vrf vrf-name]
4. snmp-server engineID remote ip-address [udp-port udp-port-number] [vrf vrf-name]
engineid-string
5. end
29
MPLS Label Distribution Protocol MIB Version 8 Upgrade
How to Configure MPLS LDP MIB Version 8 Upgrade
DETAILED STEPS
Example:
Router# configure terminal
Step 3 snmp-server host host-address [traps | informs] Specifies the recipient of an SNMP notification operation
[version {1 | 2c | 3 [auth | noauth | priv]}] and specifies the Virtual Private Network (VPN) routing
community-string [udp-port port]
[notification-type] [vrf vrf-name]
and forwarding (VRF) instance table to be used for the
sending of SNMP notifications.
Example:
Router(config)# snmp-server host example.com
vrf trap-vrf
Step 4 snmp-server engineID remote ip-address Configures a name for the remote SNMP engine on a router.
[udp-port udp-port-number] [vrf vrf-name]
engineid-string
Example:
Router(config)# snmp-server engineID remote
172.16.20.3 vrf traps-vrf
80000009030000B064EFE100
Step 5 end Exits to privileged EXEC mode.
Example:
Router(config)# end
What to Do Next
Proceed to the “Configuring an SNMP Context for a VPN” section on page 30.
SNMP Context
SNMP contexts provide VPN users with a secure way of accessing MIB data. When a VPN is associated
with a context, that VPN’s specific MIB data exists in that context. Associating a VPN with a context
enables service providers to manage networks with multiple VPNs. Creating and associating a context
with a VPN enables a provider to prevent the users of one VPN from accessing information about users
of other VPNs on the same networking device.
30
MPLS Label Distribution Protocol MIB Version 8 Upgrade
How to Configure MPLS LDP MIB Version 8 Upgrade
A route distinguisher (RD) creates routing and forwarding tables for a VPN. Cisco IOS XE software
adds the RD to the beginning of the customer’s IPv4 prefixes to change them into globally unique
VPN-IPv4 prefixes.
Either the RD is an autonomous system number (ASN)-relative RD, in which case it is composed of an
autonomous system number and an arbitrary number, or it is an IP-address-relative RD, in which case it
is composed of an IP address and an arbitrary number. You can enter an RD in either of these formats:
• 16-bit ASN: your 32-bit number, for example, 101:3.
• 32-bit IP address: your 16-bit number, for example, 192.168.122.15:1.
SUMMARY STEPS
1. enable
2. configure terminal
3. snmp-server context context-name
4. ip vrf vrf-name
5. rd route-distinguisher
6. context context-name
7. route-target {import | export | both} route-target-ext-community
8. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 snmp-server context context-name Creates and names an SNMP context.
Example:
Router(config)# snmp-server context context1
Step 4 ip vrf vrf-name Configures a Virtual Private Network (VPN) routing and
forwarding instance (VRF) table and enters VRF
configuration mode.
Example:
Router(config)# ip vrf vrf1
Step 5 rd route-distinguisher Creates a VPN route distinguisher.
Example:
Router(config-vrf)# rd 100:120
31
MPLS Label Distribution Protocol MIB Version 8 Upgrade
How to Configure MPLS LDP MIB Version 8 Upgrade
Example:
Router(config-vrf)# context context1
Step 7 route-target {import | export | both} (Optional) Creates a route-target extended community for a
route-target-ext-community VRF.
Example:
Router(config-vrf)# route-target export
100:1000
Step 8 end Exits to privileged EXEC mode.
Example:
Router(config)# end
What to Do Next
Proceed to the “Associating an SNMP VPN Context with SNMPv1 or SNMPv2” section on page 32.
SNMPv1 and SNMPv2 are not as secure as SNMPv3. SNMP Versions 1 and 2 use plain text communities
and do not perform the authentication or security checks that SNMP Version 3 performs.
To configure the VPN Aware LDP MIB feature when using SNMP Version 1 or SNMP Version 2, you
need to associate a community name with a VPN. This association causes SNMP to process requests
coming in for a particular community string only if they come in from the configured VRF. If the
community string contained in the incoming packet does not have an associated VRF, the packet is
processed only if it came in through a non-VRF interface. This process prevents users outside the VPN
from using a clear text community string to query the VPN data. However, this is not as secure as using
SNMPv3.
SUMMARY STEPS
1. enable
2. configure terminal
3. snmp-server user username group-name [remote host [udp-port port]] {v1 | v2c | v3 [encrypted]
[auth {md5 | sha} auth-password]} [access access-list]
4. snmp-server group group-name {v1 | v2c | v3 {auth | noauth | priv}} [context context-name]
[read readview] [write writeview] [notify notifyview] [access access-list]
5. snmp-server view view-name oid-tree {included | excluded}
6. snmp-server enable traps [notification-type]
32
MPLS Label Distribution Protocol MIB Version 8 Upgrade
How to Configure MPLS LDP MIB Version 8 Upgrade
DETAILED STEPS
Example:
Router# configure terminal
Step 3 snmp-server user username group-name [remote Configures a new user to an SNMP group.
host [udp-port port]] {v1 | v2c | v3
[encrypted] [auth {md5 | sha} auth-password]}
[access access-list]
Example:
Router(config)# snmp-server user customer1
group1 v1
Step 4 snmp-server group group-name {v1 | v2c | v3 Configures a new SNMP group or a table that maps SNMP
{auth | noauth | priv}} [context context-name] users to SNMP views.
[read readview] [write writeview] [notify
notifyview] [access access-list] • Use the context context-name keyword and argument
to associate the specified SNMP group with a
configured SNMP context.
Example:
Router(config)# snmp-server group group1 v1
context context1 read view1 write view1 notify
view1
Step 5 snmp-server view view-name oid-tree {included | Creates or updates a view entry.
excluded}
Example:
Router(config)# snmp-server view view1
ipForward included
Step 6 snmp-server enable traps [notification-type] Enables all SNMP notifications (traps or informs) available
on your system.
Example:
Router(config)# snmp-server enable traps
33
MPLS Label Distribution Protocol MIB Version 8 Upgrade
Configuration Examples for MPLS LDP MIB Version 8 Upgrade
Example:
Router(config)# snmp-server host 10.0.0.1 vrf
customer1 public udp-port 7002
Step 8 snmp mib community-map community-name [context Associates an SNMP community with an SNMP context,
context-name] [engineid engine-id] Engine ID, or security name.
[security-name security-name] target-list
vpn-list-name
Example:
Router(config)# snmp mib community-maps
community1 context context1 target-list
commAVpn
Step 9 snmp mib target list vpn-list-name {vrf Creates a list of target VRFs and hosts to associate with an
vrf-name | host ip-address} SNMP community.
Example:
Router(config)# snmp mib target list commAVpn
vrf vrf1
Step 10 no snmp-server trap authentication vrf (Optional) Disables all SNMP authentication notifications
(traps and informs) generated for packets received on VRF
interfaces.
Example:
Router(config)# no snmp-server trap • Use this command to disable authentication traps only
authentication vrf for those packets on VRF interfaces with incorrect
community associations.
Step 11 exit Exits to privileged EXEC mode.
Example:
Router(config) exit
34
MPLS Label Distribution Protocol MIB Version 8 Upgrade
Configuration Examples for MPLS LDP MIB Version 8 Upgrade
The following example shows how to enable SNMPv1 and SNMPv2C on the host NMS. The
configuration permits any SNMP agent to access all MPLS LDP MIB objects that have read-only
permission using the community string public.
Router(config)# snmp-server community public
The following example shows how to allow read-only access to all MPLS LDP MIB objects relating to
members of access list 4 that specify the comaccess community string. No other SNMP agents will have
access to any of the MPLS LDP MIB objects.
Router(config)# snmp-server community comaccess ro 4
The following example shows how to enable LDP globally and then on an interface:
Router# configure terminal
ip vrf CustomerA
rd 100:110
context A
route-target export 100:1000
route-target import 100:1000
!
ip vrf CustomerB
rd 100:120
context B
route-target export 100:2000
route-target import 100:2000
!
interface FastEthernet0/3/1
description Belongs to VPN A
ip vrf forwarding CustomerA
ip address 10.0.0.0 255.255.0.0
35
MPLS Label Distribution Protocol MIB Version 8 Upgrade
Additional References
interface FastEthernet0/3/2
description Belongs to VPN B
ip vrf forwarding CustomerB
ip address 10.0.0.1 255.255.0.0
snmp-server group grp1A v1 context A read viewA write viewA notify viewA
snmp-server group grp1B v1 context B read viewB write viewB notify viewB
Additional References
The following sections provide references related to the MPLS LDP MIB Version 8 Upgrade feature.
Related Documents
Related Topic Document Title
MPLS LDP configuration tasks MPLS Label Distribution Protocol (LDP)
A description of SNMP agent support in Cisco IOS XE MPLS Traffic Engineering (TE) MIB
software for the MPLS Traffic Engineering MIB
(MPLS TE MIB)
A description of MPLS differentiated types of service MPLS Quality of Service
across an MPLS network
SNMP commands Cisco IOS Network Management Command Reference
SNMP configuration Configuring SNMP Support
SNMP Support for VPNs
36
MPLS Label Distribution Protocol MIB Version 8 Upgrade
Additional References
Standards
Standards Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIBs MIBs Link
• MPLS Label Distribution Protocol MIB To locate and download MIBs for selected platforms,
(draft-ietf-mpls-ldp-mib-08.txt) Cisco IOS XE software releases, and feature sets, use
• SNMP-VACM-MIB Cisco MIB Locator found at the following URL:
The View-based Access Control Model (ACM) MIB for http://www.cisco.com/go/mibs
SNMP
RFCs
RFCs Title
RFC 2233 Interfaces MIB
The LDP implementation supporting the MPLS LDP
MIB fully complies with the provisions of Section 10
of RFC 2026, which, in effect, states that the
implementation of LDP is recommended for network
devices that perform MPLS forwarding along normally
routed paths, as determined by destination-based
routing protocols.
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
37
MPLS Label Distribution Protocol MIB Version 8 Upgrade
Feature Information for MPLS LDP MIB Version 8 Upgrade
Note Table 11 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
38
MPLS Label Distribution Protocol MIB Version 8 Upgrade
Feature Information for MPLS LDP MIB Version 8 Upgrade
Table 11 Feature Information for MPLS LDP MIB Version 8 Upgrade (continued)
39
MPLS Label Distribution Protocol MIB Version 8 Upgrade
Glossary
Glossary
ATM—Asynchronous Transfer Mode. The international standard for cell relay in which multiple service
types (such as voice, video, or data) are conveyed in fixed-length (53-byte) cells. Fixed-length cells
allow cell processing to occur in hardware, thereby reducing transit delays. ATM is designed to take
advantage of high-speed transmission media, such as E3, SONET, and T3.
downstream-on-demand distribution—A label distribution method in which a downstream label
switch router (LSR) sends a binding upstream only if the upstream LSR requests it.
downstream unsolicited distribution—A label distribution method in which labels are dispersed if a
downstream label switch router (LSR) needs to establish a new binding with its neighboring upstream
LSR. For example, an edge LSR might enable a new interface with another subnet. The LSR then
announces to the upstream router a binding to reach this network.
informs—A type of notification message that is more reliable than a conventional trap notification
message, because the informs message notification requires acknowledgment, but a trap notification
does not.
label—A short, fixed-length data identifier that tells switching nodes how to forward data (packets or
cells).
label distribution—The techniques and processes that are used by label switch routers (LSRs) to
exchange label binding information for supporting hop-by-hop forwarding along normally routed paths.
LDP—Label Distribution Protocol. The protocol that supports Multiprotocol Label Switching (MPLS)
hop-by-hop forwarding and the distribution of bindings between labels and network prefixes.
LSP—label switched path. A configured connection between two label switch routers (LSRs) in which
label-switching techniques are used for packet forwarding; also a specific path through an Multiprotocol
Label Switching (MPLS) network.
LSR—label switch router. A Multiprotocol Label Switching (MPLS) node that can forward native Layer 3
packets. The LSR forwards a packet based on the value of a label attached to the packet.
MIB—Management Information Base. A database of network management information that is used and
maintained by a network management protocol such as Simple Network Management Protocol (SNMP).
The value of a MIB object can be changed or retrieved by the use of SNMP commands, usually through
a network management system. MIB objects are organized in a tree structure that includes public
(standard) and private (proprietary) branches.
MPLS—Multiprotocol Label Switching. A switching method for the forwarding of IP traffic through
the use of a label. This label instructs the routers and the switches in the network where to forward the
packets based on preestablished IP routing information.
MPLS label distribution—A constraint-based routing algorithm for routing label-switched path (LSP)
tunnels.
NMS—network management station. A powerful, well-equipped computer (typically an engineering
workstation) that is used by a network administrator to communicate with other devices in the network.
An NMS is typically used to manage network resources, gather statistics, and perform a variety of
network administration and configuration tasks. In the context of Simple Network Management Protocol
(SNMP), an NMS is a device that performs SNMP queries to the SNMP agent of a managed device to
retrieve or modify information.
notification—A message sent by a Simple Network Management Protocol (SNMP) agent to a network
management station, console, or terminal to indicate that a significant network event has occurred. See
also trap.
40
MPLS Label Distribution Protocol MIB Version 8 Upgrade
Glossary
RSVP—Resource Reservation Protocol. A protocol that supports the reservation of resources across an IP
network. Applications running on IP end systems can use RSVP to indicate to other nodes the nature of the
packet streams they want to receive by specifying such items as bandwidth, jitter, and maximum burst.
RTR—Response Time Reporter. A tool that allows you to monitor network performance, network
resources, and applications by measuring response times and availability.
SNMP—Simple Network Management Protocol. A network management protocol used almost
exclusively in TCP/IP networks. SNMP enables a user to monitor and control network devices, manage
configurations, collect statistics, monitor performance, and ensure network security.
SNMP communities—Authentication scheme that enables an intelligent network device to validate
SNMP requests.
SNMPv2c—Version 2c of the Simple Network Management Protocol. SNMPv2c supports centralized
as well as distributed network management strategies and includes improvements in the Structure of
Management Information (SMI), protocol operations, management architecture, and security.
SNMPv3—Version 3 of the Simple Network Management Protocol. Interoperable standards-based
protocol for network management. SNMPv3 provides secure access to devices by a combination of
authenticating and encrypting packets over the network.
TLV—Type-Length-Value. A mechanism used by several routing protocols to carry a variety of
attributes. Cisco Discovery Protocol (CDP), Label Discovery Protocol (LDP), and Border Gateway
Protocol (BGP) are examples of protocols that use TLVs. BGP uses TLVs to carry attributes such as
Network Layer Reachability Information (NLRI), Multiple Exit Discriminator (MED), and local
preference.
trap—A message sent by a Simple Network Management Protocol (SNMP) agent to a network
management station, console, or terminal to indicate that a significant network event has occurred. Traps
(notifications) are less reliable than inform requests, because the receiver of the trap does not send an
acknowledgment of receipt; furthermore, the sender of the trap cannot determine if the trap was received.
See also notification.
VCC—virtual channel connection. A logical circuit, made up of virtual channel links (VCLs), that
carries data between two endpoints in an ATM network. Sometimes called a virtual circuit connection.
VCI—virtual channel identifier. A 16-bit field in the header of an ATM cell. The VCI, together with the
virtual path identifier (VPI), is used to identify the next network virtual channel link (VCL) as the cell
passes through a series of ATM switches on its way to its final destination.
VCL—virtual channel link. The logical connection that exists between two adjacent switches in an ATM
network.
VPI—virtual path identifier. An 8-bit field in the header of an ATM cell. The VPI, together with the
virtual channel identifier (VCI), is used to identify the next network virtual channel link (VCL) as the
cell passes through a series of ATM switches on its way to its final destination.
VPN—Virtual Private Network. A network that enables IP traffic to use tunneling to travel securely over
a public TCP/IP network.
VRF—VPN routing and forwarding instance. A VRF consists of an IP routing table, a derived
forwarding table, a set of interfaces that use the forwarding table, and a set of rules and routing protocols
that determine what goes into the forwarding table. In general, a VRF includes the routing information
that defines a customer VPN site that is attached to a PE router.
41
MPLS Label Distribution Protocol MIB Version 8 Upgrade
Glossary
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
42
MPLS VPN—MIB Support
This document describes the Simple Network Management Protocol (SNMP) agent support in
Cisco IOS XE software for Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN)
management, as implemented in the draft MPLS/BGP Virtual Private Network Management Information
Base Using SMIv2 (draft-ietf-ppvpn-mpls-vpn-mib-05.txt). This document also describes the
cMplsNumVrfRouteMaxThreshCleared notification, which is implemented as part of the proprietary
MIB CISCO-IETF-PPVNP-MPLS-VPN-MIB.
Contents
• Prerequisites for MPLS VPN—MIB Support, page 2
• Restrictions for MPLS VPN—MIB Support, page 2
• Information About MPLS VPN—MIB Support, page 2
• How to Configure MPLS VPN—MIB Support, page 19
• Configuration Examples for MPLS VPN—MIB Support, page 25
• Additional References, page 26
• Feature Information for MPLS VPN—MIB Support, page 28
• Glossary, page 29
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS VPN—MIB Support
Prerequisites for MPLS VPN—MIB Support
2
MPLS VPN—MIB Support
Information About MPLS VPN—MIB Support
3
MPLS VPN—MIB Support
Information About MPLS VPN—MIB Support
4
MPLS VPN—MIB Support
Information About MPLS VPN—MIB Support
• Notifications, page 15
Objects that are not supported are listed in the “Unsupported Objects in PPVPN-MPLS-VPN MIB”
section on page 18.
Figure 1 shows a simple MPLS VPN configuration. This configuration includes two customer MPLS
VPNs, labeled VPN1 and VPN2, and a simple provider network that consists of two provider edge (PE)
routers, labeled PE1 and PE2, and a provider core router labeled P. Figure 1 shows the following sample
configuration:
• VRF names—VPN1 and VPN2
• Interfaces associated with VRFs—Fet1/0/0, Fet2/0/0, and Atm3/0/0
• Routing protocols—Open Shortest Path First. Link-state (OSPF), Routing Information Protocol
(RIP), and internal Border Gateway Protocol (IBGP)
• Routes associated with VPN1—10.1.0.0, 10.2.0.0, and 10.3.0.0
• Routes associated with VPN2—172.16.1.0 and 172.16.2.0
• Routes associated with the provider network—192.168.1.0, 192.168.2.0, and 192.168.3.0
This configuration is used in this document to explain MPLS VPN events that are monitored and
managed by the PPVPN-MPLS-VPN MIB.
VPN1 VPN1
CE VPN1
10.1.0.0 OSPF
VPN1, Fet1/0/0 CE VPN1
OSPF 192.168.2.0 10.3.0.0
CE VPN1
VPN1, Fet2/0/0 IBGP IBGP
10.2.0.0 172.16.2.0
PE1 P PE2
192.168.1.0 192.168.3.0
RIP
CE VPN2 VPN2, Atm3/0/0
172.16.1.0 CE VPN2
RIP
193011
VPN2
VPN2
Scalar Objects
Table 1 shows the supported PPVPN-MPLS-VPN MIB scalar objects.
5
MPLS VPN—MIB Support
Information About MPLS VPN—MIB Support
MIB Tables
The PPVPN-MPLS-VPN MIB implementation supports the following tables described in this section:
• mplsVpnVrfTable, page 6
• mplsVpnInterfaceConfTable, page 8
• mplsVpnVrfRouteTargetTable, page 9
• mplsVpnVrfBgpNbrAddrTable, page 11
• mplsVpnVrfSecTable, page 12
• mplsVpnVrfPerfTable, page 12
• mplsVpnVrfRouteTable, page 12
mplsVpnVrfTable
Entries in the VRF configuration table (mplsVpnVrfTable) represent the VRFs that are defined on the
router. This includes recently deleted VRFs. The information in this table is also displayed with the show
ip vrf command.
Each VRF is referenced by its VRF name (mplsVpnVrfName).
Table 2 lists the MIB objects and their functions for this table.
6
MPLS VPN—MIB Support
Information About MPLS VPN—MIB Support
Router(config-vrf)# rd route-distinguisher
mplsVpnVrfCreationTime The value of the sysUpTime when this VRF entry was created.
mplsVpnVrfOperStatus The operational status of this VRF. A VRF is up (1) when at least one interface
associated with the VRF is up. A VRF is down (2) when:
• No interfaces exist whose ifOperStatus = up (1).
• No interfaces are associated with this VRF.
mplsVpnVrfActiveInterfaces The number of interfaces assigned to this VRF that are operationally up.
mplsVpnVrfAssociatedInterfaces The number of interfaces assigned to this VRF, independent of the operational
status.
mplsVpnVrfConfMidRouteThreshold The middle route threshold. If the amount of routes in the VRF crosses this
threshold, an mplsNumVrfRouteMidThreshExceeded notification is sent (if
notifications are enabled and configured). You can set this value in
configuration mode as a percentage of the maximum with the maximum routes
limit {warn-threshold | warn-only} command, as follows:
Router(config)# ip vrf vpn1
The middle or warn threshold is set for VRF vpn1 as 50 percent of the
maximum route threshold.
The following command sets a middle threshold of 1000 routes. An
mplsNumVrfRouteMidThreshExceeded notification is sent when this threshold
is exceeded. However, additional routes are still allowed because a maximum
route threshold is not set with this command.
Router(config-vrf)# maximum routes 1000 warn-only
mplsVpnVrfConfHighRouteThreshold The maximum route threshold. If the number of routes in the VRF crosses this
threshold, an mplsNumVrfRouteMaxThreshExceeded notification is sent (if
notifications are enabled and configured). You can set this value in
configuration mode with the maximum routes limit {warn-threshold |
warn-only} command as follows:
Router(config)# ip vrf vpn2
The maximum route threshold is set for 1000 routes for VRF vpn2 with a
middle or warn threshold of 75 percent of this threshold.
mplsVpnVrfConfMaxRoutes This value is the same as the mplsVpnVrfConfHighRouteThreshold.
mplsVpnVrfConfLastChanged The value of sysUpTime when the configuration of the VRF changes or
interfaces are assigned or unassigned from the VRF.
Note This object is updated only when values in this table change.
7
MPLS VPN—MIB Support
Information About MPLS VPN—MIB Support
mplsVpnInterfaceConfTable
In Cisco IOS XE software, a VRF is associated with one MPLS VPN. Zero or more interfaces can be
associated with a VRF. A VRF uses an interface that is defined in the ifTable of the Interfaces Group of
MIB II (IFMIB). The IFMIB defines objects for managing interfaces. The ifTable of this MIB contains
information on each interface in the network. The mplsVpnInterfaceConfTable associates a VRF from
the mplsVpnVrfTable with a forwarding interface from the ifTable. Figure 2 shows the relationship
between VRFs and interfaces defined in the ifTable and the mplsVpnInterfaceConfTable.
ifTable
mplsL3VpnVrfTable
ifName
VPN1
ifIndex Value
VPN2 5 Et1
6 Et2
A mplsL3VpnVrfName
B mplsL3VpnIfConfIndex 10 At3/0
mplsL3VpnIfConfTable
A B
VPN1 5
VPN1 6
VPN2 10
Entries in the VPN interface configuration table (mplsVpnInterfaceConfTable) represent the interfaces
that are assigned to each VRF. The information available in this table is also displayed with the
show ip vrf command.
The mplsVpnInterfaceConfTable shows how interfaces are assigned to VRFs. A label switch router
(LSR) creates an entry in this table for every interface capable of supporting MPLS VPNs.
8
MPLS VPN—MIB Support
Information About MPLS VPN—MIB Support
mplsVpnVrfRouteTargetTable
The route target table (mplsVpnVrfRouteTargetTable) describes the route target communities that are
defined for a particular VRF. An LSR creates an entry in this table for each target configured for a VRF
supporting an MPLS VPN instance.
The distribution of VPN routing information is controlled through the use of VPN route target
communities, implemented by BGP extended communities. Distribution of VPN routing information
works as follows:
• When a VPN route learned from a customer edge (CE) router is injected into BGP, a list of VPN
route target extended community attributes is associated with it. Typically the list of route target
community values is set from an export list of route targets associated with the VRF from which the
route was learned.
• An import list of route target extended communities is associated with each VRF. The import list
defines route target extended community attributes a route must have for the route to be imported
into the VRF. For example, if the import list for a particular VRF includes route target communities
A, B, and C, then any VPN route that carries any of those route target extended communities—A,
B, or C—is imported into the VRF.
9
MPLS VPN—MIB Support
Information About MPLS VPN—MIB Support
VPN1 VPN1
PE2
PE1
VPN2 100:1 100:2 VPN2
PE3
100:3
A VRF
B mplsL3VpnVrfRTIndex
C mplsL3VpnVrfRTType VRF VPN1
D mplsL3VpnVrfRT import 100:1
export 100:1
import 100:2
mplsL3VpnVrfRTTable
export 100:2
import 100:3
A B C D
export:100:3
VPN1 1 both 100:1 import 100:4
export 100:5
VPN1 2 both 100:2
VRF VPN2
VPN1 3 both 100:3 import 100:1
VPN1 4 import 100:4 export 100:1
import 100:2
VPN1 5 export 100:5 export 100:2
VPN2 1 both 100:1 import 100:3
export 100:3
VPN2 2 both 100:2
62825
VPN2 3 both 100:3
The mplsVpnVrfRouteTargetTable shows the import and export route targets for each VRF. The table is
indexed by the following:
• mplsVpnVrfName—The VRF name
• mplsVpnVrfRouteTargetIndex—The route target entry identifier
• mplsVpnVrfRouteTargetType—A value specifying whether the entry is an import route target, export
route target, or is defined as both
Table 4 lists the MIB objects and their functions for this table.
10
MPLS VPN—MIB Support
Information About MPLS VPN—MIB Support
mplsVpnVrfBgpNbrAddrTable
The BGP neighbor address table (mplsVpnVrfBgpNbrAddrTable) represents the MPLS external Border
Gateway Protocol (eBGP) neighbors that are defined for a particular VRF. An LSR creates an entry for
every BGP neighbor that is defined in the VRF’s address-family.
The mplsVpnVrfBgpNbrAddrTable is indexed by the following:
• mplsVpnVrfName—The VRF name
• mplsVpnInterfaceConfIndex—An identifier that is the same as the ifIndex from the Interface MIB
of the interface assigned to the VRF
• mplsVpnVrfBgpNbrIndex—The IP address of the neighbor
Table 5 lists the MIB objects and their functions for this table.
11
MPLS VPN—MIB Support
Information About MPLS VPN—MIB Support
mplsVpnVrfSecTable
The VRF security table (mplsVpnVrfSecTable) provides information about security for each VRF. An
LSR creates an entry in this table for every VRF capable of supporting MPLS VPN.
The mplsVpnVrfSecTable augments the mplsVpnVrfTable and has the same indexing.
Table 6 lists the MIB objects and their functions for this table.
mplsVpnVrfPerfTable
The VRF performance table (mplsVpnVrfPerfTable) provides statistical performance information for
each VRF. An LSR creates an entry in this table for every VRF capable of supporting MPLS VPN.
The mplsVpnVrfPerfTable augments the mplsVpnVrfTable and has the same indexing.
Table 7 lists the MIB objects and their functions for this table.
mplsVpnVrfRouteTable
The VRF routing table (mplsVpnVrfRouteTable) provides the IP routing table information for each VRF.
The information available in this table can also be accessed with the show ip route vrf vrf-name command.
For example, for PE1 in Figure 1:
• With the show ip route vrf vpn1 command, you would see results like the following:
Router# show ip route vrf vpn1
12
MPLS VPN—MIB Support
Information About MPLS VPN—MIB Support
• With the show ip route vrf vpn2 command, you would see results like the following:
Router# show ip route vrf vpn2
Figure 4 shows the relationship of the routing tables, the VRFs, and the mplsVpnVrfRouteTable. You
can display information about the VPN1 and VPN2 route tables using the show ip route vrf vrf-name
command. The global route table is the same as ipCidrRouteTable in the IP-FORWARD-MIB. You can
display information about the global route table with the show ip route command.
13
MPLS VPN—MIB Support
Information About MPLS VPN—MIB Support
192.168.1.0
Note: The mplsL3VpnVrfName is actually an
octet string that represents the string length 192.168.2.0
(4) and the ASCII codes for each character.
62824
192.168.3.0
For example, VPN1 is represented as
4.86.80.78.49.
(ipCidrRouteTable)
An LSR creates an entry in this table for every route that is configured, either dynamically or statically,
within the context of a specific VRF capable of supporting MPLS VPN.
The mplsVpnVrfRouteTable is indexed by the following:
• mplsVpnVrfName—The VRF name, which provides the VRF routing context
• mplsVpnVrfRouteDest—The IP destination address
• mplsVpnVrfRouteMask—The IP destination mask
• mplsVpnVrfRouteTos—The IP header ToS bits
• mplsVpnVrfRouteNextHop—The IP address of the next hop for each route entry
Note The ToS bits are not supported and, therefore, are always 0.
Table 8 lists the MIB objects and their functions for the mplsVpnVrfRouteTable. This table represents
VRF-specific routes. The global routing table is the ipCidrRouteTable in the IP-FORWARD-MIB.
14
MPLS VPN—MIB Support
Information About MPLS VPN—MIB Support
Notifications
This section provides the following information about supported PPVPN-MPLS-VPN MIB
notifications:
• PPVPN-MPLS-VPN MIB Notification Events, page 15
• Notification Specification, page 17
• Monitoring the PPVPN-MPLS-VPN MIB Notifications, page 18
15
MPLS VPN—MIB Support
Information About MPLS VPN—MIB Support
The warn-threshold argument is a percentage of the maximum routes specified by the limit
argument. You can also configure a middle threshold with the following command, in which the limit
argument represents the warning threshold:
Router(config-vrf)# maximum routes limit warn-only
This notification is sent to the NMS only at the time the threshold is exceeded. (See Figure 5 for a
comparison of the warning and maximum thresholds.) Whenever the number of routes falls below
this threshold and exceeds the threshold again, a notification is sent to the NMS.
• MplsNumVrfRouteMaxThreshExceeded—Generated and sent when you attempt to create a route
on a VRF that already contains the maximum number of routes as defined by the limit argument of
the maximum routes commands:
Router(config)# ip vrf vrf-name
A trap notification is sent to the NMS when you attempt to exceed the maximum threshold. Another
MplsNumVrfRouteMaxThreshExceeded notification is not sent until the number of routes falls
below the maximum threshold and reaches the maximum threshold again. (See Figure 5 for an
example of how this notification works and for a comparison of the maximum and warning
thresholds.)
Note The maximum routes command sets the number of routes for a VRF. You cannot exceed the
number of routes in the VRF that you set with the maximum routes limit warn-threshold
command.
Prior to implementation of the PPVPN-MPLS-VPN MIB, you were not notified when this
threshold (or the warning threshold) was reached.
The following notification of the CISCO-IETF-PPVPN-MPLS-VPN MIB is supported in Cisco IOS XE:
• cMplsNumVrfRouteMaxThreshCleared—Generated and sent when the number of routes on a VRF
attempts to exceed the maximum number of routes and then drops below the maximum number of
routes. If you attempt to create a route on a VRF that already contains the maximum number of
routes, the mplsNumVrfRouteMaxThreshExceeded notification is sent (if enabled). When you
remove routes from the VRF so that the number of routes falls below the set limit, the
16
MPLS VPN—MIB Support
Information About MPLS VPN—MIB Support
cMplsNumVrfRouteMaxThreshCleared notification is sent. You can clear all routes from the VRF
by using the clear ip route vrf command. (See Figure 5 to see when the
cMplsNumVrfRouteMaxThreshCleared notification is sent.)
Maximum threshold
Maximum threshold-1
Number of routes
Time
59562
= Maximum threshold limit cleared
= Notification sent to NMS
For information on the Cisco IOS XE CLI commands for configuring PPVPN-MPLS-VPN MIB
notifications that are to be sent to an NMS, see the “How to Configure MPLS VPN—MIB Support”
section on page 19 and the “Feature Information for MPLS VPN—MIB Support” section on page 28.
Notification Specification
In an SNMPv1 notification, each VPN notification has a generic type identifier and an
enterprise-specific type identifier for identifying the notification type.
• The generic type for all VPN notifications is “enterpriseSpecific” because this is not one of the
generic notification types defined for SNMP.
• The enterprise-specific type is identified as follows:
– 1 for mplsVrfIfUp
– 2 for mplsVrfIfDown
– 3 for mplsNumVrfRouteMidThreshExceeded
– 4 for mplsNumVrfRouteMaxThreshExceeded
– 5 for mplsNumVrfSecIllegalLabelThreshExceeded
– 6 for cMplsNumVrfRouteMaxThreshCleared
17
MPLS VPN—MIB Support
Information About MPLS VPN—MIB Support
In SNMPv2, the notification type is identified by an SnmpTrapOID varbind (variable binding consisting
of an object identifier [OID] type and value) included within the notification message.
Each notification also contains two additional objects from the PPVPN-MPLS-VPN MIB. These objects
provide additional information about the event, as follows:
• The VRF interface up/down notifications provide additional
variables—mplsVpnInterfaceConfIndex and mplsVpnVrfName—in the notification. These variables
describe the SNMP interface index and the VRF name, respectively.
• The mid and max threshold notifications include the mplsVpnVrfName variable (VRF name) and the
mplsVpnVrfPerfCurrNumRoutes variable that indicates the current number of routes within the
VRF.
• The illegal label notification includes the mplsVpnVrfName variable (VRF name) and the
mplsVpnVrfSecIllegalLabelViolations variable that maintains the current count of illegal labels on a
VPN.
When PPVPN-MPLS-VPN MIB notifications are enabled (see the snmp-server enable traps mpls vpn
command in the Cisco IOS Multiprotocol Label Switching Command Reference), notification messages
relating to specific MPLS VPN events within Cisco IOS XE software are generated and sent to a
specified NMS in the network. Any utility that supports SNMPv1 or SNMPv2 notifications can receive
notification messages. X-REF?
To monitor PPVPN-MPLS-VPN MIB notification messages, log in to an NMS that supports a utility that
displays SNMP notifications, and start the display utility.
18
MPLS VPN—MIB Support
How to Configure MPLS VPN—MIB Support
SUMMARY STEPS
1. enable
2. show running-config [options]
3. configure terminal
4. snmp-server community string [view view-name] [ro | rw] [acl-number]
5. do copy running-config startup-config
6. exit
7. show-running config [interface | map-class]
DETAILED STEPS
Example:
Router# configure terminal
19
MPLS VPN—MIB Support
How to Configure MPLS VPN—MIB Support
Example:
Router(config)# exit
Step 7 show running-config [options] (Optional) Displays the configuration information currently
on the router, the configuration for a specific interface, or
map-class information.
Example:
Router# show-running config | include • Use the show running-config command to check that
smnp-server the snmp-server statements appear in the output.
Note Although you can set the community-string argument using the snmp-server host command by itself,
we recommend you define this string using the snmp-server community command before using the
snmp-server host command.
20
MPLS VPN—MIB Support
How to Configure MPLS VPN—MIB Support
SUMMARY STEPS
1. enable
2. configure terminal
3. snmp-server host host-addr [traps | informs] [version {1 | 2c | 3 [auth | noauth | priv]}]
community-string [udp-port port] [notification-type] [vrf vrf-name]
4. snmp-server enable traps mpls vpn [illegal-label] [max-thresh-cleared] [max-threshold]
[mid-threshold] [vrf-down] [vrf-up]
5. end
DETAILED STEPS
Example:
Router# configure terminal
21
MPLS VPN—MIB Support
How to Configure MPLS VPN—MIB Support
22
MPLS VPN—MIB Support
How to Configure MPLS VPN—MIB Support
Example:
Router(config)# end
23
MPLS VPN—MIB Support
How to Configure MPLS VPN—MIB Support
Note The maximum routes command sets the number of routes for a VRF. You cannot exceed the
number of routes in the VRF that you set with the maximum routes limit warn-threshold
command.
Prior to the implementation of the PPVPN-MPLS-VPN MIB, you were not notified when this
threshold (or the warning threshold) was reached.
SUMMARY STEPS
1. enable
2. configure terminal
3. ip vrf vrf-name
4. maximum routes limit {warn-threshold | warn-only}
5. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip vrf vrf-name Configures a VRF routing table and enters VRF
configuration mode.
Example: • The vrf-name argument specifies the name assigned to
Router(config)# ip vrf vpn1 a VRF.
24
MPLS VPN—MIB Support
Configuration Examples for MPLS VPN—MIB Support
Example:
Router(config-vrf)# end
Verify that the SNMP master agent is enabled for the MPLS VPN—MIB Support feature:
Router# show running-config | include snmp-server
Building configuration...
.
snmp-server community comaccess RO
Note If you do not see any “snmp-server” statements, SNMP is not enabled on the router.
25
MPLS VPN—MIB Support
Additional References
The following example shows how to set a warning threshold of 10,000 routes for a VRF named vpn2
on a router. An error message is generated; however, additional routes are still allowed because a
maximum route threshold is not set with this command.
Router(config)# ip vrf vpn2
Router(config-vrf)# maximum routes 10000 warn-only
Additional References
The following sections provide additional references related to the MPLS MPN-MIB Support feature.
Related Documents
Related Topic Document Title
Description of commands associated with MPLS and Cisco IOS Multiprotocol Label Switching Command Reference
MPLS applications
MPLS VPN configuration tasks Configuring MPLS Layer 3 VPNs
A description of SNMP agent support in Cisco IOS XE MPLS Traffic Engineering (TE) MIB
software for the MPLS Traffic Engineering MIB
(MPLS TE MIB)
Overview and configuration tasks for the MPLS MPLS Label Distribution Protocol
distribution protocol
Standards
Standard Title
draft-ietf-ppvpn-mpls-vpn-mib-05 MPLS/BGP Virtual Private Network Management Information Base
Using SMIv2
26
MPLS VPN—MIB Support
Additional References
MIBs
MIB MIBs Link
• MPLS-VPN-MIB To locate and download MIBs for selected platforms, Cisco IOS XE
software releases, and feature sets, use Cisco MIB Locator found at
• CISCO-IETF-PPVPN-MPLS-VPN-MIB
the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
RFC 2233 The Interfaces Group MIB using SMIv2
RFC 2547 BGP/MPLS VPNs
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
27
MPLS VPN—MIB Support
Feature Information for MPLS VPN—MIB Support
Note Table 9 lists only the Cisco IOS XE software release that introduced support for a given feature in a given
Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that Cisco IOS XE
software release train also support that feature.
28
MPLS VPN—MIB Support
Glossary
Glossary
autonomous system—A collection of networks that share the same routing protocol and that are under
the same system administration.
ASN.1—Abstract Syntax Notation One. The data types independent of particular computer structures
and representation techniques. Described by ISO International Standard 8824.
BGP—Border Gateway Protocol. The exterior Border Gateway Protocol used to exchange routing
information between routers in separate autonomous systems. BGP uses TCP. Because TCP is a reliable
protocol, BGP does not experience problems with dropped or fragmented data packets.
BGP prefixes—A route announcement using the BGP. A prefix is composed of a path of autonomous
system numbers, indicating which networks the packet must pass through, and the IP block that is being
routed. A BGP prefix would look something like: 701 1239 42 206.24.14.0/24. (The /24 part is referred
to as a CIDR mask.) The /24 indicates that there are 24 ones in the netmask for this block starting from
the left side. A /24 corresponds to the natural mask 255.255.255.0.
Cisco Express Forwarding—An advanced Layer 3 IP switching technology. Cisco Express Forwarding
optimizes network performance and scalability for networks with large and dynamic traffic patterns.
CE router—customer edge router. A router on the border between a VPN provider and a VPN customer
that belongs to the customer.
CIDR—classless interdomain routing. A technique supported by BGP4 and based on route aggregation.
CIDR allows routers to group routes to reduce the quantity of routing information carried by the core
routers. With CIDR, several IP networks appear to networks outside the group as a single, larger entity.
With CIDR, IP addresses and their subnet masks are written as four octets, separated by periods,
followed by a forward slash and a two-digit number that represents the subnet mask.
community—In SNMP, a logical group of managed devices and NMSs in the same administrative
domain.
community name—See community string.
community string—A text string that acts as a password and is used to authenticate messages sent
between a managed station and a router containing an SNMP agent. The community string is sent in
every packet between the manager and the client. Also called a community name.
IETF—Internet Engineering Task Force. A task force consisting of over 80 working groups responsible
for developing Internet standards. The IETF operates under the auspices of ISOC. See also ISOC.
informs—A type of notification message that is more reliable than a conventional trap notification
message, because the informs message notification requires acknowledgment, and a trap notification
does not.
ISOC—Internet Society. An international nonprofit organization, founded in 1992, that coordinates the
evolution and use of the Internet. In addition, ISOC delegates authority to other groups related to the
Internet, such as the IAB. ISOC is headquartered in Reston, Virginia (United States).
label—A short, fixed-length data construct that tells switching nodes how to forward data (packets or
cells).
LDP—Label Distribution Protocol. A standard protocol between MPLS-enabled routers that is used for
the negotiation of the labels (addresses) used to forward packets.
LFIB—Label Forwarding Information Base. In the Cisco Label Switching system, the data structure for
storing information about incoming and outgoing tags (labels) and associated equivalent packets suitable
for labeling.
LSR—label switch router. A device that forwards MPLS packets based on the value of a fixed-length
label encapsulated in each packet.
29
MPLS VPN—MIB Support
Glossary
MIB—Management Information Base. A database of network management information that is used and
maintained by a network management protocol such as SNMP or CMIP. The value of a MIB object can
be changed or retrieved using SNMP or CMIP commands, usually through a GUI network management
system. MIB objects are organized in a tree structure that includes public (standard) and private
(proprietary) branches.
MPLS—Multiprotocol Label Switching. A method for forwarding packets (frames) through a network.
It enables routers at the edge of a network to apply labels to packets (frames). ATM switches or existing
routers in the network core can switch packets according to the labels with minimal lookup overhead.
MPLS interface—An interface on which MPLS traffic is enabled.
MPLS VPN—Multiprotocol Label Switching Virtual Private Network. An IP network infrastructure
delivering private network services over a public infrastructure using a Layer 3 backbone. Using MPLS
VPNs in a Cisco IOS XE network provides the capability to deploy and administer scalable Layer 3 VPN
backbone services including applications, data hosting network commerce, and telephony services to
business customers.
For an MPLS VPN solution, an MPLS VPN is a set of provider edge routers that are connected by means
of a common “backbone” network to supply private IP interconnectivity between two or more customer
sites for a given customer. Each VPN has a set of provisioning templates and policies and can span
multiple provider administrative domains (PADs).
NMS—network management system. A powerful, well-equipped computer (typically an engineering
workstation) that is used by a network administrator to communicate with other devices in the network.
An NMS is typically used to manage network resources, gather statistics, and perform a variety of
network administration and configuration tasks.
notification—A message sent by an SNMP agent to a network management station, console, or terminal
to indicate that a significant event within Cisco IOS XE software has occurred. See also trap.
PE router—provider edge router. A router on the border between a VPN provider and a VPN customer
that belongs to the provider.
PPVPN—Provider-Provisioned VPN. The name of the IETF working group that is developing the
PPVPN-MPLS-VPN MIB.
QoS—quality of service. A measure of performance for a transmission system that reflects its
transmission quality and service availability.
RSVP—Resource Reservation Protocol. A protocol for reserving network resources to provide quality
of service guarantees to application flows.
RT—route target. An extended community attribute that identifies a group of routers and, in each router
of that group, a subset of forwarding tables maintained by the router that can be populated with a BGP
route carrying that extended community attribute. The RT is a 64-bit value by which Cisco IOS XE
discriminates routes for route updates in VRFs.
SNMP—Simple Network Management Protocol. The network management protocol used almost
exclusively in TCP/IP networks. SNMP provides a means to monitor and control network devices, and
to manage configurations, statistics collection, performance, and security. See also SNMP2.
SNMP2—SNMP Version 2. Version 2 of the popular network management protocol. SNMP2 supports
centralized and distributed network management strategies, and includes improvements in the Structure
of Management Information (SMI), protocol operations, management architecture, and security. See
also SNMP.
traffic engineering—The techniques and processes used to cause routed traffic to travel through the
network on a path other than the one that would have been chosen if standard routing methods had been
used.
30
MPLS VPN—MIB Support
Glossary
trap—A message sent by an SNMP agent to a network management station, console, or terminal,
indicating that a significant event occurred. Traps (notifications) are less reliable than inform requests,
because the receiver does not send an acknowledgment when it receives a trap. The sender cannot
determine if the trap was received. See also notification.
VPN—Virtual Private Network. A group of sites that, as the result of a set of administrative policies, are
able to communicate with each other over a shared backbone network. A VPN is a secure IP-based
network that shares resources on one or more physical networks. A VPN contains geographically
dispersed sites that can communicate securely over a shared backbone. See also MPLS VPN.
VPN ID—A mechanism that identifies a VPN based on RFC 2685. A VPN ID consists of an
Organizational Unique Identifier (OUI), a three-octet hex number assigned by the IEEE Registration
Authority, and a VPN index, a four-octet hex number, which identifies the VPN within the company.
VRF—VPN routing and forwarding instance. A VRF consists of an IP routing table, a derived
forwarding table, a set of interfaces that use the forwarding table, and a set of rules and routing protocols
that determine what goes into the forwarding table. In general, a VRF includes the routing information
that defines a customer VPN site that is attached to a PE router.
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco Ironport, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect,
Cisco Stackpower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good,
Flip Mino, Flip Video, Flip Video (Design), Flipshare (Design), Flip Ultra, and Welcome to the Human Network are trademarks; Changing the Way
We Work, Live, Play, and Learn, Cisco Store, and Flip Gift Card are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting
To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS,
Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch,
Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the
IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy,
Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to
Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the
United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0907R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
31
MPLS VPN—MIB Support
Glossary
32
Pseudowire Emulation Edge-to-Edge MIBs for
Ethernet, Frame Relay, and ATM Services
The Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services feature
provides Simple Network Management Protocol (SNMP) support within an Any Transport over
Multiprotocol Label Switching (AToM) infrastructure emulating Ethernet, Frame Relay, and ATM
services over packet switched networks (PSNs). The Pseudowire Emulation Edge-to-Edge (PWE3)
MIBs are the following:
• CISCO-IETF-PW-MIB (PW-MIB)
• CISCO-IETF-PW-MPLS-MIB (PW-MPLS-MIB)
• CISCO-IETF-PW-ENET-MIB (PW-ENET-MIB)
• CISCO-IETF-PW-FR-MIB (PW-FR-MIB)
• CISCO-IETF-PW-ATM-MIB (PW-ATM-MIB)
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Contents
Contents
• Prerequisites for Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM
Services, page 2
• Restrictions for Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM
Services, page 2
• Information About Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM
Services, page 3
• How to Configure Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM
Services, page 20
• Configuration Examples for the Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame
Relay, and ATM Services, page 23
• Additional References, page 24
• Feature Information for Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and
ATM Services, page 27
• Glossary, page 28
2
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Information About Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Note This feature is not supported over Ethernet, Frame Relay, and ATM in all releases. See the “Feature
Information for Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM
Services” section on page 27 for more detailed information.
3
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Information About Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
PW = Pseudowire
CE = Customer Edge Router
192009
PE = Provider Edge Router
MPLS = Multiprotocol Label Switching
CISCO-IETF-PW-MPLS-MIB
CISCO-IETF-PW-L2TPv3
(PW-MPLS-MIB)
MPLS-LSR-STD-MIB MPLS-TE-STD-MIB
CISCO-IETF-L2TPv3-MIB
(RFC 3813) (RFC 3812)
135236
Exist
Future
The architecture is modular in that once deployed, new emulated service MIB modules or additional
transport MIB modules “plug in” to or extend the existing infrastructure rather than require a new and
unique one. This allows you to build management applications without the concern of a new service
requiring the deployment of a completely different management strategy. Because the architecture is a
generalized association mechanism between existing service and transport MIB modules, native MIB
modules work in the absence of the associated PWE3-specific MIBs. The advantage is that if a
4
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Information About Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
PWE3-specific MIB has not yet been deployed in Cisco IOS XE software, which associates a service or
transport with pseudowires, these MIB modules can still be queried. However, the only drawback is that
the associations with the pseudowires are absent.
5
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Information About Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
The PW-ATM-MIB is defined at the Pseudowire Service Emulation Layer and resides on top of the
generic PW-MIB as shown in Figure 2. Therefore, the PW-ATM-MIB is highly dependent on the
existence and the service provided by the PW-MIB. In addition, an existing PW-ATM connection
entry must associate with an existing VC entry in the PW-MIB.
The PW-ATM-MIB and the generic PW-MIB are logically tied by the PW VC Index, which is an
internal index defined to support the PW-MIB. Each PW VC index uniquely maps into an existing
VC entry in the PW-MIB and the PW-ATM-MIB.
cpwVcTable
Table 1 lists the cpwVcTable objects and their descriptions.
Objects Description
cpwVcType Indicates the service to be carried over this VC. This is circuit
type information.
cpwVcOwner Set by the operator to indicate the protocol responsible for
establishing this VC. Values are the following:
• manual(1)—Used when no maintenance protocol (PW
signaling) is needed to set up the VC, such as configuration
of entries in the VC tables including VC labels, and so
forth.
• maintenanceProtocol(2)—Used for standard signaling of
the VC for the specific PSN; for example, LDP for MPLS
PSN as specified in draft-martini-l2circuit-trans-mpls or
the Layer 2 Tunneling Protocol (L2TP).
• other(3)—Used for all other types of signaling.
6
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Information About Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Objects Description
cpwVcPsnType Set by the operator to indicate the PSN type on which this VC
is carried. Based on this object, the relevant PSN table entries
are created in the PSN-specific MIB modules. For example, if
mpls(1) is defined, the agent creates an entry in the
cpwVcMplsTable, which further defines the MPLS PSN
configuration.
cpwVcSetUpPriority Defines the relative setup priority of the VC in a
lowest-to-highest manner, where 0 is the highest priority. This
value is significant if there are competing resources between
VCs and the implementation supports this feature. Because this
is not implemented in AToM, the value of 0 is used.
cpwVcHoldingPriority Defines the relative holding priority of the VC in a
lowest-to-highest manner, where 0 is the highest priority. This
value is significant if there are competing resources between
VCs and the implementation supports this feature. Because this
is not implemented in AToM, the value of 0 is used.
cpwVcInboundMode Enables greater security for implementations that use
per-platform VC label space. Modes are the following:
• strict(1)
• loose(2)
In strict mode, packets coming from the PSN are accepted only
from tunnels that are associated to the same VC via the inbound
tunnel table in the case of MPLS, or as identified by the source
IP address in the case of L2TP or IP PSN. The entries in the
inbound tunnel table are either explicitly configured or
implicitly known by the maintenance protocol used for VC
setup.
If such association is not known, not configured, or not desired,
loose mode should be configured, and the node should accept
the packet based on the VC label only, regardless of the outer
tunnel used to carry the VC.
cpwVcPeerAddrType Denotes the address type of the peer node maintenance protocol
(signaling) address if the PW maintenance protocol is used for
the VC creation. It should be set to unknown if the PW
maintenance protocol is not used; for example, cpwVcOwner is
set to manual.
cpwVcPeerAddr Contains the value of the peer node address of the PW
maintenance protocol entity. This object should contain a value
of 0 if not relevant (manual configuration of the VC).
cpwVcID Use in the outgoing VC ID field within the VC forward
equivalence class (FEC) element with LDP signaling or the PW
ID attribute-value (AV) pair for the L2TP.
cpwVcLocalGroupID Use in the Group ID field sent to the peer PW within the
maintenance protocol for VC setup; 0 if not used.
7
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Information About Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Objects Description
cpwVcControlWord Defines if the control word is sent with each packet by the local
node.
cpwVcLocalIfMtu If not = 0, the optional IfMtu object in the maintenance protocol
is sent with this value, representing the locally supported
maximum transmission unit (MTU) size over the interface (or
the virtual interface) associated with the VC.
cpwVcLocalIfString Each VC is associated to an interface (or a virtual interface) in
the ifTable of the node as part of the service configuration. This
object defines if the maintenance protocol sends the interface’s
name as it appears in the ifTable in the name object as part of
the maintenance protocol. If this object is set to false, the
optional element is not sent.
cpwVcRemoteGroupID Obtained from the Group ID field as received via the
maintenance protocol used for VC setup; 0 if not used. The
value of 0xFFFF is used if the object is not defined by the VC
maintenance protocol.
cpwVcRemoteControlWord If the maintenance protocol is used for VC establishment, this
parameter indicates the received status of the control word
usage; that is, if packets are received with the control word or
not. The value of notYetKnown is used while the maintenance
protocol has not yet received the indication from the remote
node. In a manual configuration of the VC, this parameter
indicates to the local node the expected encapsulation for the
received packets.
cpwVcRemoteIfMtu The remote interface MTU as received from the remote node
via the maintenance protocol. This object should be 0 if this
parameter is not available or not used.
cpwVcRemoteIfString Indicates the interface description string as received by the
maintenance protocol; it must be a NULL string if not
applicable or not known yet.
cpwVcOutboundVcLabel The VC label used in the outbound direction toward the PSN.
This object may be set up manually if the owner is manual;
otherwise, it is automatic. Examples; for MPLS PSN, the label
represents the 20 bits of the VC tag; for L2TP, it represents the
32 bits of the session ID. If the label is not yet known (signaling
in process), the object should return a value of 0xFFFF.
cpwVcInboundVcLabel The VC label used in the inbound direction for packets received
from the PSN. This object may be set up manually if the owner
is manual; otherwise, it is automatic. Examples; for MPLS
PSN, the label represents the 20 bits of VC tag; for L2TP, the
label represents the 32 bits of the session ID. If the label is not
yet known (signaling in process), the object should return a
value of 0xFFFF.
cpwVcName The canonical name assigned to the VC.
cpwVcDescr A textual string containing information about the VC. If there
is no description, this object contains a 0 length string.
8
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Information About Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Objects Description
cpwVcCreateTime System time when this VC was created.
cpwVcUpTime Number of consecutive ticks that this VC has been up in both
directions together. (Up is observed in cpwVcOperStatus.)
cpwVcAdminStatus The desired operational status of this VC.
cpwVcOperStatus Indicates the actual combined operational status of this VC.
This object is up if both cpwVcInboundOperStatus and
cpwVcOutboundOperStatus are in the up state. For all other
values, if the VCs in both directions are of the same value, this
object reflects that value; otherwise, it is set to the more severe
status of the two. The order of severity from most severe to less
severe is as follows: unknown, notPresent, down,
lowerLayerDown, dormant, testing, and up. The operator can
consult the direction of OperStatus for fault isolation.
cpwVcInboundOperStatus Indicates the actual operational status of this VC in the inbound
direction. Values are the following:
• up—The VC is established and ready to pass packets.
• down—PW signaling has not yet finished or indications
available at the service level show that the VC is not
passing packets.
• testing—AdminStatus at the VC level is set to test.
• dormant—The VC is not available because the required
resources are occupied by higher priority VCs.
• notPresent—Some component needed for the setup of the
VC is missing.
• lowerLayerDown—The underlying PSN is not in
OperStatus up.
cpwVcOutboundOperStatus Indicates the actual operational status of this VC in the
outbound direction. Values are the following:
• up—The VC is established and ready to pass packets.
• down—PW signaling has not yet finished or indications
available at the service level show that the VC is not
passing packets.
• testing—AdminStatus at the VC level is set to test.
• dormant—The VC is not available because the required
resources are occupied by higher priority VCs.
• notPresent—Some component needed for the setup of the
VC is missing.
• lowerLayerDown—The underlying PSN is not in
OperStatus up.
9
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Information About Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Objects Description
cpwVcTimeElapsed The number of seconds, including partial seconds, that have
elapsed since the beginning of the current measurement period.
If, for some reason, such as an adjustment in the system’s
time-of-day clock, and the current interval exceeds the
maximum value, the agent returns the maximum value. Because
cpwVcPerfIntervalTable is not implemented, this is 0.
cpwVcValidIntervals The number of previous 15-minute intervals for which data was
collected. An agent with PW capability must be capable of
supporting at least x intervals. The minimum value of x is 4; the
default of x is 32, and the maximum value of x is 96. The value
is x unless the measurement was (re)started within the last x*15
minutes, in which case the value will be the number of complete
15-minute intervals; for example, in the case where the agent is
a proxy, some intervals may be unavailable. In this case, this
interval is the maximum interval number for which data is
available. This interval is set to 0.
cpwVcRowStatus A read-only implementation that is always active(1). It is used
for creating, modifying, and deleting.
cpwVcStorageType The storage type for this object is a read-only implementation
that is always volatile(2).
cpwVcPerfTotalTable
Table 2 lists the cpwVcPerfTotalTable objects and their descriptions.
Objects Description
cpwVcPerfTotalInHCPackets High-capacity counter for the number of packets received by
the VC from the PSN.
cpwVcPerfTotalInHCBytes High-capacity counter for the number of bytes received by the
VC from the PSN.
cpwVcPerfTotalOutHCPackets High-capacity counter for the number of packets forwarded by
the VC to the PSN.
cpwVcPerfTotalOutHCBytes High-capacity counter for the number of bytes forwarded by the
VC (to the PSN).
cpwVcPerfTotalDiscontinuityTime The value of sysUpTime on the most recent occasion when one
or more of this object’s counters suffered a discontinuity. The
relevant counters are the specific instances of any Counter32 or
Counter64. If no such discontinuities have occurred since the
last reinitialization of the local management subsystem, this
object contains a 0 value.
cpwVcIdMappingTable
Table 3 lists the cpwVcIdMappingTable objects and their descriptions.
10
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Information About Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Objects Description
cpwVcIdMappingVcType The VC type (indicates the service) of this VC.
cpwVcIdMappingVcID The VC ID of this VC; 0 if the VC is configured manually.
cpwVcIdMappingPeerAddrType IP address type of the peer node.
cpwVcIdMappingPeerAddr IP address of the peer node.
cpwVcIdMappingVcIndex The value that represents the VC in the cpwVcTable.
cpwVcPeerMappingTable
Table 4 lists the cpwVcPeerMappingTable objects and their descriptions.
Objects Description
cpwVcPeerMappingPeerAddrType IP address type of the peer node.
cpwVcPeerMappingPeerAddr IP address of the peer node.
cpwVcPeerMappingVcType The VC type (indicates the service) of this VC.
cpwVcPeerMappingVcID The VC ID of this VC; 0 if the VC is configured manually.
cpwVcPeerMappingVcIndex The value that represents the VC in the cpwVcTable.
11
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Information About Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
non-TE MPLS outer tunnel quickly. This table is indexed by the xconnect index for the MPLS
non-TE tunnel and the direction of the VC in the specific entry. The same table is used in both
inbound and outbound directions, but in a different row for each direction. If the inbound association
is not known, no rows should exist for it. Rows are created by the local agent when all the association
data is available for display.
• cpwVcMplsTeMappingTable (Table 9)—Maps an inbound or outbound tunnel to a VC in MPLS-TE
applications. A row in this table represents the association between a PW VC and its MPLS-TE outer
tunnel. An application can use this table to retrieve the PW carried over a specific TE MPLS outer
tunnel quickly. This table is indexed by the four indexes of a TE tunnel, the direction of the VC
specific entry, and the VcIndex. The same table is used in both inbound and outbound directions,
but a different row for each direction. If the inbound association is not known, no rows should exist
for it. Rows are created by the local agent when all the association data is available for display. This
table shows mappings between pseudowires and the xconnect index for non-TE outer tunnel or
index.
cpwVcMplsTable
Table 5 lists the cpwVcMplsTable objects and their descriptions.
Objects Description
cpwVcMplsMplsType Set by the operator to indicate the outer tunnel types, if they
exist. Values are the following:
• mplsTe(0)—Used when the outer tunnel is set up by
MPLS-TE.
• mplsNonTe(1)—Used when the outer tunnel is set up by
LDP or manually.
cpwVcMplsExpBitsMode Set by the operator to indicate the way the VC shim label EXP
bits are to be determined. The value is the following:
• outerTunnel(1)—Used when there is an outer tunnel and
cpwVcMplsMplsType is mplsTe or mplsNonTe.
cpwVcMplsExpBits Set by the operator to indicate the MPLS EXP bits to be used
on the VC shim label if cpwVcMplsExpBitsMode is specified;
value = 0.
cpwVcMplsTtl Set by the operator to indicate the VC time-to-live (TTL) bits to
be used on the VC shim label; value = 0.
cpwVcMplsLocalLdpID The local LDP identifier of the LDP entity creating this VC in
the local node. Because the VC labels are always set from the
per-platform label space, the last two octets in the LDP ID must
be 0s.
cpwVcMplsLocalLdpEntityID The local LDP entity index of the LDP entity to be used for this
VC on the local node; this should be set to all 0s when this
object is not used.
cpwVcMplsPeerLdpID The peer LDP identifier as identified by the LDP session; this
should be zero if not relevant or not known yet.
cpwVcMplsStorageType The storage type for this object is a read-only implementation
that is always volatile(2).
12
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Information About Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
cpwVcMplsOutboundTable
Table 6 lists the cpwVcMplsOutboundTable objects and their descriptions.
Objects Description
cpwVcMplsOutboundIndex An arbitrary index for enabling multiple rows per VC in this
table. The next available free index can be retrieved using
cpwVcMplsOutboundIndexNext. The value = 1, because this
object is not supported.
cpwVcMplsOutboundLsrXcIndex Set by the operator. If the outer label is defined in the
MPL-LSR-MIB, that is, set by LDP or manually, this object
points to the xconnect index of the outer tunnel. Otherwise,
this object is set to 0.
cpwVcMplsOutboundTunnelIndex Part of the set of indexes for an outbound tunnel, specifically
an MPLS-TE outer tunnel; otherwise, this object is set to 0.
cpwVcMplsOutboundTunnelInstance Part of the set of indexes for an outbound tunnel, specifically
an MPLS-TE outer tunnel; otherwise, this object is set to 0.
cpwVcMplsOutboundTunnelLclLSR Part of the set of indexes for an outbound tunnel, specifically
an MPLS-TE outer tunnel; otherwise, this object is set to
NULL.
cpwVcMplsOutboundTunnelPeerLSR Part of the set of indexes for an outbound tunnel, specifically
an MPLS-TE outer tunnel; otherwise, this object is set to
NULL.
cpwVcMplsOutboundIfIndex For a VC only with no outer tunnel, this object holds the
ifIndex of the outbound port. The value = 0.
cpwVcMplsOutboundRowStatus A read-only implementation that is always active(1). It is
used for creating, modifying, and deleting.
cpwVcMplsOutboundStorageType The storage type for this object is a read-only implementation
that is always volatile(2).
cpwVcMplsInboundTable
Table 7 lists the cpwVcMplsInboundTable objects and their descriptions.
Objects Description
cpwVcMplsInboundIndex An arbitrary index for enabling multiple rows per VC in this
table. The next available free index can be retrieved using
cpwVcMplsInboundIndexNext. the value = 1, because this
object is not supported.
cpwVcMplsInboundLsrXcIndex If the outer label is defined in the MPL-LSR-MIB; that is, set
by LDP or manually, this object points to the xconnect index of
the outer tunnel. The xconnect index represents the pseudowire
in the inbound direction retrieving 0 if information for this
object is not known.
13
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Information About Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Objects Description
cpwVcMplsInboundTunnelIndex Part of the set of indexes for an inbound tunnel, specifically an
MPLS-TE outer tunnel; value = 0. This object does not support
TE tunnels at the ingress router.
cpwVcMplsInboundTunnelInstance Part of the set of indexes for an inbound tunnel, specifically an
MPLS-TE outer tunnel; value = 0. This object does not support
TE tunnels at the ingress router.
cpwVcMplsInboundTunnelLclLSR Part of the set of indexes for an inbound tunnel, specifically an
MPLS-TE outer tunnel; otherwise, set to NULL. This object
does not support TE tunnels at the ingress router.
cpwVcMplsInboundTunnelPeerLSR Part of the set of indexes for an inbound tunnel, specifically an
MPLS-TE outer tunnel; otherwise, this object is set to NULL.
This object does not support TE tunnels at the ingress router.
cpwVcMplsInboundIfIndex In the case of a VC only (no outer tunnel), this object holds the
ifIndex of the inbound port. The value = 0.
cpwVcMplsInboundRowStatus A read-only implementation that is always active(1). It is used
for creating, modifying, and deleting.
cpwVcMplsInboundStorageType The storage type for this object is a read-only implementation
that is always volatile(2).
cpwVcMplsNonTeMappingTable
Table 8 lists the cpwVcMplsNonTeMappingTable objects and their descriptions.
Objects Description
cpwVcMplsNonTeMappingTunnelDirection Identifies if the row represents an outbound or inbound
mapping.
cpwVcMplsNonTeMappingXcTunnelIndex XC index in the MPLS-LSR-MIB of the pseudowire
LDP-generated XC entry.
cpwVcMplsNonTeMappingIfIndex Identifies the port on which the VC is carried for VC
only; the value = 0.
cpwVcMplsNonTeMappingVcIndex Represents the VC in the cpwVcTable.
cpwVcMplsTeMappingTable
Table 9 lists the cpwVcMplsTeMappingTable objects and their descriptions.
Objects Description
cpwVcMplsTeMappingTunnelDirection Identifies if the row represents an outbound mapping.
cpwVcMplsTeMappingTunnelIndex Index for the conceptual row identifying an MPLS-TE
tunnel.
14
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Information About Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Objects Description
cpwVcMplsTeMappingTunnelInstance Identifies an instance of an MPLS-TE tunnel.
cpwVcMplsTeMappingTunnelPeerLsrID Identifies a peer LSR when the outer tunnel is MPLS-TE
based.
cpwVcMplsTeMappingTunnelLocalLsrID Identifies the local LSR.
cpwVcMplsTeMappingVcIndex Represents the VC in the cpwVcTable.
cpwVcEnetTable
Table 10 lists the cpwVcEnetTable objects and their descriptions.
Objects Description
cpwVcEnetPwVlan The VLAN value for frames on a VC. This is one of the
indexes to the table so multiple VLAN values can be
configured for a PW VC. This value is 4096 to indicate
untagged frames; that is, if the cpwVcEnetVlanMode
value is removeVlan. This value is the VLAN value of
the access circuit if the cpwVcEnetVlanMode value is
noChange. The value of 4097 is used if the object is not
applicable; for example, when mapping all packets from
an Ethernet port to the VC.
cpwVcEnetVlanMode Indicates the way the VLAN field is handled between the
access circuit and the PW VC. The possible values for
this field are as follows:
• noChange—Indicates that the VC contains the
original user VLAN, as specified in
cpwVcEnetPortVlan.
• changeVlan—Indicates that the VLAN field on the
VC may be different from the VLAN field on the
user’s port.
• removeVlan—Indicates that the encapsulation on
the VC does not include the original VLAN field.
15
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Information About Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Objects Description
cpwVcEnetPortVlan Defines the VLAN value on the physical port (or VPLS
virtual port) if a change is required to the VLAN value
between the VC and the physical or virtual port. It is
equal to cpwVcEnetPwVlan if the cpwVcEnetVlanMode
value is noChange. A value of 4096 indicates that no
VLAN is associated with the VC; that is, assigning
Default VLAN to untagged frames. If all traffic from the
VC is being forwarded to the port, then this value is 4097
indicating it is not relevant.
cpwVcEnetPortIfIndex The ifIndex value of the Ethernet port associated with
this PW VC for point-to-point Ethernet service. For
VPLS, this value is an ifIndex value for a virtual
interface for the VPLS instance.
cpwVcEnetVcIfIndex Models the VC as a virtual interface in the ifTable. This
value is always 0 to indicate no virtual interface is
created.
cpwVcEnetRowStatus A read-only implementation that is always active(1). It is
used for creating, modifying, and deleting.
cpwVcEnetStorageType The storage type for this object is a read-only
implementation that is always volatile(2).
cpwVcFrTable
Table 11 lists the cpwVcFrTable objects and their descriptions.
Objects Description
cpwVcFrIfIndex Returns the interface ifIndex of the Frame Relay (FR)
segment of the FRoPW connection.
cpwVcFrDlci Returns the data-link connection identifier (DLCI) of the
Frame Relay segment of an FRoPW connection.
cpwVcFrAdminStatus Returns the administrative status of an FRoPW
connection.
cpwVcFrOperStatus Returns the combined operational status of an FRoPW
connection.
16
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Information About Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Objects Description
cpwVcFrPw2FrOperStatus Returns the operational status of the PW-to-FR direction
in an FRoPW connection.
cpwVcFrRowStatus A read-only implementation that is always active(1). It is
used for creating, modifying, and deleting.
cpwVcFrStorageType The storage type for this object is a read-only
implementation that is always volatile(2).
cpwVcAtmTable
Table 12 lists the cpwVcAtmTable objects and their descriptions.
Objects Description
cpwAtmIf Specifies the ATM interface that sends and receives cells
from the ATM network.
cpwAtmVpi Specifies the VPI value of the ATM VC.
cpwAtmVci Specifies the VCI value of the ATM VC.
cpwAtmClpQosMapping Indicates the presence of cell loss priority (CLP) bits
determining the value in quality of service (QoS) fields
of the encapsulating protocol. The value could be used
only for outbound traffic, which means traffic going out
to the PSN.
cpwAtmRowStatus A read-only implementation that is always active(1). It is
used for creating, modifying, and deleting.
cpwAtmOamCellSupported Indicates whether operation, administration, and
maintenance (OAM) cells are transported on this VC.
cpwAtmQosScalingFactor Represents the scaling factor to be applied to ATM QoS
rates when calculating QoS rates for the PSN domain.
cpwAtmCellPacking Identifies if the VC is configured to do cell packing.
cpwAtmMncp Identifies the number of cells that need to be packed.
cpwAtmEncap Provides information on whether MPLS or Layer 2
Tunneling Protocol Version 3 (L2TPv3) is used as the
transport.
17
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Information About Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Objects Description
cpwAtmPeerMncp Represents the maximum number of cells that can be
packed in one packet for a peer interface.
cpwAtmMcptTimeout Represents the maximum cell packing timeout (MCPT)
value used.
cpwVcAtmPerfTable
Table 13 lists the cpwVcAtmPerfTable objects and their descriptions.
Objects Description
cpwAtmCellsReceived Obtains information on the number of cells that were
received and sent to the PSN.
cpwAtmCellsSent Provides information on the number of cells sent to the
ATM network.
cpwAtmCellsRejected Indicates the number of cells that were rejected by
this VC because of policing.
cpwAtmCellsTagged Indicates the number of cells that were tagged.
cpwAtmHCCellsReceived Provides the high-capacity counter for the number of
cells received by this VC.
cpwAtmHCCellsRejected Provides the high-capacity counter for the number of
cells rejected by this VC.
cpwAtmHCCellsTagged Provides the high-capacity counter for number of cells
that were tagged.
cpwAtmAvgCellsPacked Provides the average number of cells that were packed.
cpwAtmPktsReceived Indicates the number of ATM AAL5 packets that are
actually sent into the ATM network as packets when the
VC is configured to do AAL5 over PW.
cpwAtmPktsSent Gets the number of packets that are reconstructed from
the cells, assigns a VC label, and sends the packets into
the PSN.
cpwAtmPktsRejected Indicates the number of packets that were rejected
because of policing.
18
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Information About Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
19
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
How to Configure Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
SUMMARY STEPS
1. enable
2. show running-config [interface | map-class]
3. configure terminal
4. snmp-server community string [view view-name] [ro | rw] [ipv6 nacl] [access-list-number]
5. end
6. write memory
DETAILED STEPS
Example:
Router# configure terminal
20
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
How to Configure Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Example:
Router(config)# end
Step 6 write memory Writes the modified SNMP configuration into NVRAM of
the router, permanently saving the SNMP settings.
Example:
Router# write memory
Note In simple configurations, this task is optional. You do not need to specify a pseudowire class if you
specify the tunneling method as part of the xconnect command.
21
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
How to Configure Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
The pseudowire-class configuration group specifies the following characteristics of the tunneling
mechanism:
• Encapsulation type
• Control protocol
• Payload-specific options
You must specify the encapsulation mpls command as part of the pseudowire class or as part of the
xconnect command for the AToM VCs to work properly. If you omit the encapsulation mpls command
as part of the xconnect command, you receive the following error:
% Incomplete command.
Once you specify the encapsulation mpls command, you cannot remove it using the no encapsulation
mpls command. Nor can you change the command's setting using the encapsulation l2tpv3 command.
Those methods result in the following error message:
Encapsulation changes are not allowed on an existing pw-class.
To remove the command, you must delete the pseudowire with the no pseudowire-class command. To
change the type of encapsulation, remove the pseudowire with the no pseudowire-class command and
reestablish the pseudowire and specify the new encapsulation type.
Note There are many options that you can configure. For detailed information, see the “Any Transport over
MPLS” module.
SUMMARY STEPS
1. enable
2. configure terminal
3. pseudowire-class name
4. encapsulation mpls
DETAILED STEPS
Example:
Router# configure terminal
22
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Configuration Examples for the Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM
What to Do Next
Perform a MIB walk using your SNMP management tool on cpwVcMIB, cpwVcMplsMIB,
cpwVcEnetMIB, cpwVcFrMIB, and cpwVcAtmMIB to verify that the PW-MIB, the PW-MPLS-MIB,
the PW-ENET-MIB, the PW-FR-MIB, and the PW-ATM-MIB objects, respectively, are populated
correctly.
Note There is no explicit way to configure the PWE3 MIBs. However, for information on AToM configuration
tasks and examples, see the “Any Transport over MPLS” module.
There are notifications specific to the PWE3 MIBs. For detailed information on the commands used to
configure them, see the “Additional References” section on page 24.
23
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Additional References
Additional References
The following sections provide references related to the Pseudowire Emulation Edge-to-Edge MIBs for
Ethernet, Frame Relay, and ATM Services feature.
Related Documents
Related Topic Document Title
Description of commands associated with MPLS Cisco IOS Multiprotocol Label Switching Command Reference
and MPLS applications
AToM and MPLS “Any Transport over MPLS” module
Pseudowire-related Internet drafts • An Architecture for Multi-Segment Pseudo Wire Emulation
Edge-to-Edge, Internet draft, December 2007
[draft-ietf-pwe3-ms-arch-03.txt]
• Definitions for Textual Conventions and OBJECT-IDENTITIES for
Pseudo-Wires Management, Internet draft, August 10, 2007
[draft-ietf-pwe3-pw-tc-mib-09.txt]
• Ethernet Pseudo Wire (PW) Management Information Base, Internet
draft, August 30, 2007 [draft-pwe3-enet-mib-10.txt]
• Managed Objects for ATM over Packet Switched Network (PSN),
Internet draft, August 8, 2007 [draft-ietf-pwe3-pw-atm-mib-02.txt]
• Pseudo Wire (PW) Management Information Base, Internet draft,
May 31, 2007 [draft-ietf-pwe3-pw-mib-11.txt]
• Pseudo Wire (PW) over MPLS PSN Management Information Base,
Internet draft, August 11, 2007 [draft-ietf-pwe3-pw-mpls-mib-11.txt]
Note For information on using SNMP MIB features, see the appropriate
documentation for your network management system.
24
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Additional References
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIB MIBs Link
SNMP-VACM-MIB To locate and download MIBs for selected platforms, Cisco IOS XE
software releases, and feature sets, use Cisco MIB Locator found at
the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
RFC 1156 Management Information Base for Network Management of
TCP/IP-based Internets
RFC 1157 A Simple Network Management Protocol (SNMP)
RFC 1213 Management Information Base for Network Management of
TCP/IP-based Internets: MIB-II
RFC 1315 Management Information Base for Frame Relay DTEs
RFC 3815 Definitions of Managed Objects for the Multiprotocol Label
Switching (MPLS), Label Distribution Protocol (LDP)
RFC 3916 Requirements for Pseudo-Wire Emulation Edge-to-Edge (PWE3)
RFC 4619 Encapsulation Methods for Transport of Frame Relay over
Multiprotocol Label Switching (MPLS) Networks
25
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
26
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Feature Information for Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Note Table 14 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
Table 14 Feature Information for Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM
Services
27
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Glossary
Glossary
AAL—ATM adaptation layer. AAL defines the conversion of user information into cells. AAL1 and
AAL2 handle isochronous traffic, such as voice and video; AAL3/4 and AAL5 pertain to data
communications through the segmentation and reassembly of packets.
ATM—asynchronous transfer mode. A cell-based data transfer technique in which channel demand
determines packet allocation. This is an international standard for cell relay in which multiple service
types (such as voice, video, or data) are conveyed in fixed-length (53-byte) cells. Fixed-length cells
allow cell processing to occur in hardware, thereby reducing transit delays. ATM is designed to take
advantage of high-speed transmission media such as E3, SONET, and T3.
CE router—customer edge router. A router that is part of a customer network and that interfaces to a
provider edge (PE) router.
DLCI—data-link connection identifier. A unique number assigned to a PVC endpoint in a Frame Relay
network. Identifies a particular PVC endpoint within an access channel in a Frame Relay network and
has local significance only to that channel.
encapsulation—Wrapping of data in a particular protocol header. For example, Ethernet data is wrapped
in a specific Ethernet header before network transit. Also, when bridging occurs in dissimilar networks,
the entire frame from one network is simply placed in the header used by the data link layer protocol of
the other network.
EoMPLS—Ethernet over multiprotocol label switching (MPLS). A tunneling mechanism that allows a
service provider to tunnel customer Layer 2 traffic through a Layer 3 MPLS network. EoMPLS is a
point-to-point solution only. EoMPLS is also known as Layer 2 tunneling.
Frame Relay—The industry standard, switched data link layer protocol that handles multiple virtual
circuits using High-Level Data Link Control (HDLC) encapsulation between connected devices. Frame
Relay is more efficient than X.25, the protocol for which it is generally considered a replacement.
IETF—internet engineering task force. A task force (consisting of more than 80 working groups) that
is developing standards for the Internet and the IP suite of protocols.
LDP—label distribution protocol. The protocol that supports MPLS hop-by-hop forwarding and the
distribution of bindings between labels and network prefixes. The Cisco proprietary version of this
protocol is the Tag Distribution Protocol (TDP).
LSP—label switched path. A configured connection between two label switch routers (LSRs) in which
label-switching techniques are used for packet forwarding; also a specific path through an MPLS network.
LSR—label switch router. A Multiprotocol Label Switching (MPLS) node that can forward native Layer 3
packets. The LSR forwards a packet based on the value of a label attached to the packet.
MIB—management information base. A database of network management information that is used and
maintained by a network management protocol such as simple network management protocol (SNMP).
The value of a MIB object can be changed or retrieved by using SNMP commands, usually through a
network management system. MIB objects are organized in a tree structure that includes public
(standard) and private (proprietary) branches.
MPLS—multiprotocol label switching. A switching method for the forwarding of IP traffic through the
use of a label. This label instructs the routers and the switches in the network where to forward the
packets based on preestablished IP routing information.
MTU—maximum transmission unit. Maximum packet size, in bytes, that a particular interface can
handle.
NMS—network management system. System responsible for managing at least part of a network. An
NMS is generally a reasonably powerful and well-equipped computer, such as an engineering
workstation. An NMS communicates with agents to help keep track of network statistics and resources.
28
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Glossary
notification—A message sent by a Simple Network Management Protocol (SNMP) agent to a network
management station, console, or terminal to indicate that a significant network event has occurred. See
also trap.
OSPF—Open Shortest Path First. A link-state hierarchical Interior Gateway Protocol routing algorithm,
derived from the IS-IS protocol. OSPF features include least-cost routing, multipath routing, and load
balancing.
PE router—provider edge router. A router that is part of a service provider’s network and is connected
to a customer edge (CE) router.
primary tunnel—A tunnel whose label-switched path (LSP) may be fast rerouted if there is a failure.
Backup tunnels cannot be primary tunnels.
pseudowire—PW. A mechanism that carries the elements of an emulated service from one provider edge
(PE) to one or more PEs over a packet switched network (PSN).
SNMP—simple network management protocol. A management protocol used almost exclusively in
TCP/IP networks. SNMP provides a means for monitoring and controlling network devices, and for
managing configurations, statistics collection, performance, and security.
trap—A message sent by an SNMP agent to a network management station, console, or terminal,
indicating that a significant event occurred. Traps are less reliable than notification requests because the
receiver does not send an acknowledgment when it receives a trap. The sender cannot determine if the
trap was received.
tunnel—A secure communication path between two peers, such as routers.
VC—virtual circuit. A logical circuit created to ensure reliable communication between two network
devices. A virtual circuit can be either permanent (PVC) or switched (SVC).
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
29
Pseudowire Emulation Edge-to-Edge MIBs for Ethernet, Frame Relay, and ATM Services
Glossary
30
MPLS Traffic Engineering—Fast Reroute MIB
The MPLS Traffic Engineering—Fast Reroute MIB provides Simple Network Management Protocol
(SNMP)-based network management of the Multiprotocol Label Switching (MPLS) Fast Reroute (FRR)
feature in Cisco IOS XE software.
The Fast Reroute MIB has the following features:
• Notifications can be created and queued.
• Command-line interface (CLI) commands enable notifications, and specify the IP address to where
the notifications will be sent.
• The configuration of the notifications can be written into nonvolatile memory.
The MIB includes objects describing features within MPLS FRR, and it includes the following tables:
• cmplsFrrConstTable
• cmplsFrrLogTable
• cmplsFrrFacRouteDBTable
The MIB also includes scalar objects (that is, objects that are not in a table). For more information, see
the “FRR MIB Scalar Objects” section on page 4.
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Traffic Engineering—Fast Reroute MIB
Contents
Contents
• Prerequisites for the MPLS Traffic Engineering—Fast Reroute MIB, page 2
• Restrictions for the MPLS Traffic Engineering—Fast Reroute MIB, page 2
• Information About the MPLS Traffic Engineering—Fast Reroute MIB, page 3
• How to Configure the MPLS Traffic Engineering—Fast Reroute MIB, page 8
• Configuration Examples for the MPLS Traffic Engineering—Fast Reroute MIB, page 13
• Additional References, page 14
• Feature Information for MPLS Traffic Engineering—Fast Reroute MIB, page 17
• Glossary, page 18
2
MPLS Traffic Engineering—Fast Reroute MIB
Information About the MPLS Traffic Engineering—Fast Reroute MIB
3
MPLS Traffic Engineering—Fast Reroute MIB
Information About the MPLS Traffic Engineering—Fast Reroute MIB
• Application-specific layer—This layer provides the mechanism for retrieving relevant data from the
managed application layer. It includes an entry point function for each table. This function calls two
other functions; one that searches the TE tunnel database that RSVP maintains for the relevant data
according to the indexes, and another function that fills the data into the structure.
• Managed application layer—This layer includes all the structures and mechanisms, and is managed
by the MIB.
4
MPLS Traffic Engineering—Fast Reroute MIB
Information About the MPLS Traffic Engineering—Fast Reroute MIB
Notification Specification
Each FRR notification has a generic type identifier and an enterprise-specific type identifier for
identifying the notification type. The generic type for all FRR notifications is “enterprise Specific”
because this is not one of the generic notification types defined for SNMP. The enterprise-specific type
is 1 for cmplsFrrProtected.
Each notification contains the following objects from the FRR MIB so that the FRR tunnel can be easily
identified:
• cmplsFrrConstNumProtectingTunOnIf
• cmplsFrrConstNumProtectedTunOnIf
• cmplsFrrConstBandwidth
Upon being invoked, the appropriate FRR interface indexes have already been retrieved by existing FRR
code. The FRR interfaces are then used to fill in data for the three objects included in the notification.
5
MPLS Traffic Engineering—Fast Reroute MIB
Information About the MPLS Traffic Engineering—Fast Reroute MIB
Notification Monitoring
When FRR MIB notifications are enabled (see the snmp-server enable traps command), notification
messages relating to specific FRR events within Cisco IOS XE software are generated and sent to a
specified NMS in the network. Any utility that supports SNMPv1 or SNPv2 notifications can receive
notification messages.
To monitor FRR MIB notifications, log in to an NMS that supports a utility that displays SNMP
notifications, and start the display utility.
cmplsFrrConstTable
cmplsFrrConstTable displays the configuration of an FRR-enabled tunnel and the characteristics of its
accompanying backup tunnels. For each protected tunnel, there can be multiple backup tunnels.
The table is indexed by the following:
• cmplsFrrConstIfIndex
• cmplsFrrConstTunnelIndex
• cmplsFrrConstTunnelInstance
Table 2 describes the MIB objects for cmplsFrrConstTable.
6
MPLS Traffic Engineering—Fast Reroute MIB
Information About the MPLS Traffic Engineering—Fast Reroute MIB
cmplsFrrLogTable
cmplsFrrLogTable is indexed by the object cmplsFrrLogIndex. The index corresponds to a log entry in
the FRR feature’s show mpls traffic-eng fast-reroute log reroutes command. That show command
stores up to 32 entries at a time. If entries are added, the oldest entry is overwritten with new log
information.
cmplsFrrLogTable can store up to 32 entries at a time, overwriting older entries as newer ones are added.
The index cmplsFrrLogIndex is incremented to give each log table entry of the MIB a unique index
value. Therefore, it is possible to have indexes greater than 32 even though only 32 entries are displaying.
Table 3 describes the MIB objects for cmplsFrrLogTable.
cmplsFrrFacRouteDBTable
The following indexes specify which interface and tunnel are being protected by the FRR feature:
• cmplsFrrFacRouteProtectedIfIndex
• cmplsFrrFacRouteProtectedTunIndex
The following indexes specify the backup tunnel that provides protection to the protected tunnel:
• cmplsFrrFacRouteProtectedIfIndex
• cmplsFrrFacRouteProtectingTunIndex
• cmplsFrrFacRouteProtectedTunIndex
• cmplsFrrFacRouteProtectedTunInstance
• cmplsFrrFacRouteProtectedTunIngressLSRId
• cmplsFrrFacRouteProtectedTunEgressLSRId
7
MPLS Traffic Engineering—Fast Reroute MIB
How to Configure the MPLS Traffic Engineering—Fast Reroute MIB
This version of the MIB will attempt to leverage the work already done for the MPLS TE MIB because
it contains similar lookup functions for TE tunnels.
Table 4 describes the MIB objects for cmplsFrrFacRouteDBTable.
8
MPLS Traffic Engineering—Fast Reroute MIB
How to Configure the MPLS Traffic Engineering—Fast Reroute MIB
SUMMARY STEPS
1. enable
2. show running-config
3. configure terminal
4. snmp-server community string [view view-name] [ro] [access-list-number]
5. snmp-server enable traps mpls fast-reroute protected
6. end
7. write memory
DETAILED STEPS
Example:
Router# configure terminal
Step 4 snmp-server community string [view view-name] [ro] Configures read-only (ro) SNMP community strings
[access-list-number] for the FRR MIB.
Example:
Router(config)# snmp-server community public ro
Step 5 snmp-server enable traps mpls fast-reroute protected Enables Fast Reroute traps.
Example:
Router(config)# snmp-server enable traps mpls
fast-reroute protected
9
MPLS Traffic Engineering—Fast Reroute MIB
How to Configure the MPLS Traffic Engineering—Fast Reroute MIB
Example:
Router(config)# end
Step 7 write memory Writes the modified SNMP configuration into
NVRAM of the router, permanently saving the
SNMP settings.
Example:
Router# write memory
SUMMARY STEPS
1. enable
2. configure terminal
3. ip cef distributed
4. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip cef distributed Enables distributed Cisco Express Forwarding.
Example:
Router(config)# ip cef distributed
Step 4 end Exits to privileged EXEC mode.
Example:
Router(config)# end
Enabling TE Tunnels
To enable TE tunnels, perform the following steps.
10
MPLS Traffic Engineering—Fast Reroute MIB
How to Configure the MPLS Traffic Engineering—Fast Reroute MIB
SUMMARY STEPS
1. enable
2. configure terminal
3. ip cef
4. mpls traffic-eng tunnels
5. interface type slot/subslot/port[.subinterface]
6. mpls traffic-eng tunnels
7. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip cef Enables standard Cisco Express Forwarding operations.
Example:
Router(config)# ip cef
Step 4 mpls traffic-eng tunnels Enables the MPLS TE tunnel feature on a device.
Example:
Router(config)# mpls traffic-eng tunnels
Step 5 interface type slot/subslot/port[.subinterface] Specifies the interface and enters interface configuration
mode.
Example:
Router(config)# interface POS1/0/0
Step 6 mpls traffic-eng tunnels Enables the MPLS TE tunnel feature on an interface.
Example:
Router(config-if)# mpls traffic-eng tunnels
Step 7 end Returns to privileged EXEC mode.
Example:
Router(config-if)# end
11
MPLS Traffic Engineering—Fast Reroute MIB
How to Configure the MPLS Traffic Engineering—Fast Reroute MIB
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface]
4. tunnel mode mpls traffic-eng
5. tunnel mpls traffic-eng fast-reroute
6. end
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type slot/subslot/port[.subinterface] Specifies the interface and enters interface
configuration mode.
Example:
Router(config)# interface POS1/0/0
Step 4 tunnel mode mpls traffic-eng Sets the mode of a tunnel to MPLS for traffic
engineering.
Example:
Router(config-if)# tunnel mode mpls traffic-eng
Step 5 tunnel mpls traffic-eng fast-reroute Enables Fast Reroute on the TE tunnel being
protected.
Example:
Router(config-if)# tunnel mpls traffic-eng fast-reroute
Step 6 end Exits to privileged EXEC mode.
Example:
Router(config-if)# end
SUMMARY STEPS
1. enable
2. configure terminal
12
MPLS Traffic Engineering—Fast Reroute MIB
Configuration Examples for the MPLS Traffic Engineering—Fast Reroute MIB
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type slot/subslot/port[.subinterface] Specifies the interface and enters interface
configuration mode.
Example:
Router(config)# interface POS1/0/0
Step 4 mpls traffic-eng backup-path tunnel interface Enables a backup tunnel on a specified interface.
Example:
Router(config-if)# mpls traffic-eng backup-path tunnel1
Step 5 end Exits to privileged EXEC mode.
Example:
Router(config-if)# end
13
MPLS Traffic Engineering—Fast Reroute MIB
Additional References
end
write memory
Additional References
The following sections provide references related to the MPLS Traffic Engineering—Fast Reroute MIB
feature.
14
MPLS Traffic Engineering—Fast Reroute MIB
Additional References
Related Documents
Related Topic Document Title
Description of commands associated with MPLS and Cisco IOS Multiprotocol Label Switching Command Reference
MPLS applications
SNMP agent support for the MPLS Traffic Engineering MPLS Traffic Engineering MIB
MIB
Fast Reroute MPLS Traffic Engineering: Fast Reroute Link and Node Protection
Standards
Standard Title
MPLS-FRR-MIB draft-ietf-mpls-fastreroute-mib-02.txt
MIBs
MIB MIBs Link
MPLS Traffic Engineering (TE) MIB To locate and download MIBs for selected platforms, Cisco IOS XE
software releases, and feature sets, use Cisco MIB Locator found at
the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
No new or modified RFCs are supported by this feature, —
and support for existing RFCs has not been modified by
this feature.
15
MPLS Traffic Engineering—Fast Reroute MIB
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
16
MPLS Traffic Engineering—Fast Reroute MIB
Feature Information for MPLS Traffic Engineering—Fast Reroute MIB
Note Table 5 lists only the Cisco IOS XE software release that introduced support for a given feature in a given
Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that Cisco IOS XE
software release train also support that feature.
17
MPLS Traffic Engineering—Fast Reroute MIB
Glossary
Glossary
Cisco Express Forwarding—An advanced Layer 3 IP switching technology. Cisco Express Forwarding
optimizes network performance and scalability for networks with large and dynamic traffic patterns.
index—A method of uniquely identifying a tunnel.
instance—An occurrence. An object can have one or more instances.
IS-IS—Intermediate System-to-Intermediate System. IS-IS is an OSI link-state hierarchical routing
protocol based on DECnet Phase V routing where intermediate system (IS) routers exchange routing
information based on a single metric to determine network topology.
label—A short, fixed-length data construct that tells switching nodes how to forward data (packets or
cells).
LFIB—Label Forwarding Information Base. The data structure for storing information about incoming
and outgoing tags (labels) and associated equivalent packets suitable for labeling.
LSR—label switching router. A device that forwards MPLS packets based on the value of a fixed-length
label encapsulated in each packet.
MIB—Management Information Base. A database of network management information that is used and
maintained by a network management protocol such as Simple Network Management Protocol (SNMP).
The value of a MIB object can be changed or retrieved by using SNMP commands, usually through a
network management system. MIB objects are organized in a tree structure that includes public
(standard) and private (proprietary) branches.
NMS—network management station. A powerful, well-equipped computer (typically an engineering
workstation) that is used by a network administrator to communicate with other devices in the network.
An NMS is typically used to manage network resources, gather statistics, and perform a variety of
network administration and configuration tasks.
notification—A message sent by a Simple Network Management Protocol (SNMP) agent to a network
management station, console, or terminal to indicate that a significant event within Cisco IOS XE
software has occurred.
object—A variable that has a specific instance associated with it.
OSPF—Open Shortest Path First. Link-state, hierarchical Interior Gateway Protocol (IGP) routing
algorithm proposed as a successor to Routing Information Protocol (RIP) in the Internet community.
OSPF features include least-cost routing, multipath routing, and load balancing.
RSVP—Resource Reservation Protocol. Protocol for reserving network resources to provide quality of
service (QoS) guarantees to application flows.
scalar object—Objects that are not instances. A scalar object has one instance.
SNMP—Simple Network Management Protocol. A network management protocol used almost
exclusively in TCP/IP networks. SNMP provides a means to monitor and control network devices,
manage configurations, collect statistics, monitor performance, and ensure network security.
SNMP agent—A managed node or device. The router that has the MIB implementation on it.
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect,
Cisco Pulse, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels,
Flip for Good, Flip Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network
are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Capital, Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store,
and Flip Gift Card are service marks; and Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP,
CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Continuum, EtherFast, EtherSwitch, Event Center,
Explorer, Fast Step, Follow Me Browsing, FormShare, GainMaker, GigaDrive, HomeLink, iLYNX, Internet Quotient, IOS, iPhone, iQuick Study,
IronPort, the IronPort logo, Laser Link, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers,
18
MPLS Traffic Engineering—Fast Reroute MIB
Glossary
Networking Academy, Network Registrar, PCNow, PIX, PowerKEY, PowerPanels, PowerTV, PowerTV (Design), PowerVu, Prisma, ProConnect,
ROSA, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx,
and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0908R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and
figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and
coincidental.
19
MPLS Traffic Engineering—Fast Reroute MIB
Glossary
20
MPLS Traffic Engineering MIB
The MPLS Traffic Engineering MIB enables Simple Network Management Protocol (SNMP) agent
support in Cisco IOS XE software for Multiprotocol Label Switching (MPLS) traffic engineering (TE)
management, as implemented in the MPLS Traffic Engineering MIB (MPLS TE MIB). The SNMP agent
code operating in conjunction with the MPLS TE MIB enables a standardized, SNMP-based approach
to be used in managing the MPLS TE features in Cisco IOS XE software.
Contents
• Restrictions for the MPLS Traffic Engineering MIB, page 2
• Information About the MPLS Traffic Engineering MIB, page 2
• How to Configure the MPLS Traffic Engineering MIB, page 11
• Configuration Examples for the MPLS Traffic Engineering MIB, page 13
• Additional References, page 14
• Feature Information for the MPLS Traffic Engineering MIB, page 15
• Glossary, page 17
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Traffic Engineering MIB
Restrictions for the MPLS Traffic Engineering MIB
2
MPLS Traffic Engineering MIB
Information About the MPLS Traffic Engineering MIB
TE capabilities are essential to effective management of service provider and Internet service provider
(ISP) backbones. Such backbones must support high transmission capacities, and the networks
incorporating backbones must be extremely resilient to link or node failures.
The MPLS TE facilities built into Cisco IOS XE software provide a feature-rich, integrated approach to
managing the large volumes of traffic that typically flow through WANs. The MPLS TE facilities are
integrated into Layer 3 network services, thereby optimizing the routing of IP traffic in the face of
constraints imposed by existing backbone transmission capacities and network topologies.
3
MPLS Traffic Engineering MIB
Information About the MPLS Traffic Engineering MIB
Path options are configurable parameters that you can use to specify the order of priority for establishing
a new tunnel path. For example, you can create a tunnel head configuration and define any one of many
path options numbered 1 through n, with “1” being the highest priority option and “n” being an unlimited
number of lower priority path options. Thus, there is no limit to the number of path options that you can
specify in this manner.
Notification Implementation
When an MPLS TE tunnel interface (or any other device interface, such as an FastEthernet or Packet
over SONET (POS) interface) transitions between an up and down state, an Interfaces MIB (ifMIB) link
notification is generated. When such a notification occurs in an MPLS TE MIB environment, the
interface is checked by software to determine if the notification is associated with an MPLS TE tunnel.
If so, the interfaces MIB link notification is interlinked with the appropriate mplsTunnelUp or
mplsTunnelDown notification to provide notification to the NMS regarding the operational event
occurring on the tunnel interface. Hence, the generation of an Interfaces MIB link notification pertaining
to an MPLS traffic engineering tunnel interface begets an appropriate mplsTunnelUp or
mplsTunnelDown notification that is transmitted to the specified NMS.
An mplsTunnelRerouted notification is generated whenever the signaling path for an MPLS TE tunnel
changes. However, software intelligence in the MPLS TE MIB prevents the reroute notification from
being sent to the NMS when a TE tunnel transitions between an up or down state during an administrative
or operational status check of the tunnel. Either an up or down notification or a reroute notification can
be sent in this instance, but not both. This action prevents unnecessary traffic on the network.
4
MPLS Traffic Engineering MIB
Information About the MPLS Traffic Engineering MIB
• Platform independent layer—This layer is generated primarily by the Cisco IOS XE MIB
development tool set and incorporates platform and implementation independent functions. The
Cisco IOS XE MIB development tool set creates a standard set of files associated with a MIB.
• Application interface layer—The functions, names, and template code for MIB objects in this layer
are also generated by the Cisco IOS XE MIB development tool set.
• Application specific layer—This layer provides an interface between the application interface layer
and the application program interface (API) and data structures layer and performs tasks needed to
retrieve required information from Cisco IOS XE software, such as searching through data
structures.
• API and data structures layer—This layer contains the data structures or APIs within Cisco IOS XE
software that are retrieved or called in order to set or retrieve SNMP management information.
5
MPLS Traffic Engineering MIB
Information About the MPLS Traffic Engineering MIB
The tunnel table is indexed by tunnel ID, tunnel instance, tunnel source address, and tunnel
destination address. The description of each entry has an alphabetic suffix (a), (b), or (c), if
appropriate, to indicate the applicability of the entry:
a. For tunnel head configurations only
b. For LSPs only
c. For both tunnel head configurations and LSPs
Following is a list and description of each entry.
– mplsTunnelIndex—Same as tunnel ID (c).
– mplsTunnelInstance—Tunnel instance of the LSP; 0 for head configurations (b).
– mplsTunnelIngressLSRId—Source IP address of the LSP; 0 for head configurations (b).
– mplsTunnelEgressLSRId—Destination IP address of the tunnel (c).
– mplsTunnelName—Command name for the tunnel interfaces (a).
– mplsTunnelDescr—Descriptive name for tunnel configurations and LSPs (c).
– mplsTunnelIsIf—Indicator of whether the entry represents an interface (c).
– mplsTunnelIfIndex—Index of the tunnel interface within the ifMIB (a).
– mplsTunnelXCPointer—(For midpoints only – no tails) Pointer for the LSP within the
mplsXCTable of the MPLS LSR MIB (b).
– mplsTunnelSignallingProto—Signaling protocol used by tunnels (c).
– mplsTunnelSetupPrio—Setup priority of the tunnel (c).
– mplsTunnelHoldingPrio—Holding priority of the tunnel (c).
– mplsTunnelSessionAttributes—Session attributes (c).
– mplsTunnelOwner—Tunnel owner (c).
– mplsTunnelLocalProtectInUse—Not implemented (c).
– mplsTunnelResourcePointer—Pointer into the Resource Table (b).
– mplsTunnelInstancePriority—Not implemented (b).
– mplsTunnelHopTableIndex—Index into the Hop Table (a).
– mplsTunnelARHopTableIndex—Index into the AR Hop Table (b).
– mplsTunnelCHopTableIndex—Index into the C Hop Table (b).
– mplsTunnelPrimaryTimeUp—Amount of time, in seconds, that the current path has been up (a).
– mplsTunnelPathChanges—Number of times a tunnel has been resignalled (a).
– mplsTunnelLastPathChange—Amount of time, in seconds, since the last path resignaling
occurred (a).
– mplsTunnelCreationTime—Time stamp when the tunnel was created (a).
– mplsTunnelStateTransitions—Number of times the tunnel has changed state (a).
– mplsTunnelIncludeAnyAffinity—Not implemented (a).
– mplsTunnelIncludeAllAffinity—Attribute bits that must be set for the tunnel to traverse a
link (a).
– mplsTunnelExcludeAllAffinity—Attribute bits that must not be set for the tunnel to traverse a
link (a).
6
MPLS Traffic Engineering MIB
Information About the MPLS Traffic Engineering MIB
– mplsTunnelPathInUse—Path option number being used for the tunnel’s path. If no path option
is active, this object will be 0 (a).
– mplsTunnelRole—Role of the tunnel on the router; that is, head, midpoint, or tail (c).
– mplsTunneltotalUptime—Amount of time, in seconds, that the tunnel has been operationally up
(a).
– mplsTunnelInstanceUptime—Not implemented (b).
– mplsTunnelAdminStatus—Administrative status of a tunnel (c).
– mplsTunnelOperStatus—Actual operating status of a tunnel (c).
– mplsTunnelRowStatus—This object is used in conjunction with configuring a new tunnel. This
object will always be seen as “active” (a).
– mplsTunnelStorageType—Storage type of a tunnel entry (c).
• mplsTunnelHopListIndexNext—Next valid index to use as an index in the mplsTunnelHopTable.
• mplsTunnelHopTable—Entries in this table exist only for tunnel configurations and correspond to
the path options defined for the tunnel. Two types of path options exist: explicit and dynamic. This
table shows all hops listed in the explicit path options, while showing only the destination hop for
dynamic path options. The tunnel hop table is indexed by tunnel ID, path option, and hop number.
Following is a list and description of each table entry.
– mplsTunnelHopListIndex—Primary index into the table.
– mplsTunnelHopIndex—Secondary index into the table.
– mplsTunnelHopAddrType—Indicates if the address of this hop is the type IPv4 or IPv6.
– mplsTunnelHopIpv4Addr—The IPv4 address of this hop.
– mplsTunnelHopIpv4PrefixLen—The prefix length of the IPv4 address.
– mplsTunnelHopIpv6Addr—The IPv6 address of this hop.
– mplsTunnelHopIpv6PrefixLen—The prefix length of the IPv6 address.
– mplsTunnelHopAsNumber—This object will contain 0 or the autonomous system number of
the hop, depending on the value of mplsTunnelHopAddrType.
– mplsTunnelHopLspId—This object will contain 0 or the LSPID of the tunnel, depending on the
value of mplsTunnelHopAddrType.
– mplsTunnelHopType—Denotes whether this tunnel hop is routed in a strict or loose fashion.
– mplsTunnelHopRowStatus—This object is used in conjunction with the configuring of a new
row in the table.
– mplsTunnelHopStorageType—The storage type of this MIB object.
• mplsTunnelResourceIndexNext—This object contains the next appropriate value to be used for
mplsTunnelResourceIndex when creating entries in the mplsTunnelResourceTable
• mplsTunnelResourceTable—Entries in this table correspond to the “Tspec” information displayed
when you execute the show mpls traffic-eng tunnels command. These entries exist only for LSPs.
The tunnel resource table is indexed by address and hop number. Following the
mplsTunnelResourcePointer pointer from the tunnel table is the best way to retrieve information
from this table.
Following is a list and description of each table entry.
– mplsTunnelResourceIndex—The primary index into this table.
7
MPLS Traffic Engineering MIB
Information About the MPLS Traffic Engineering MIB
8
MPLS Traffic Engineering MIB
Information About the MPLS Traffic Engineering MIB
9
MPLS Traffic Engineering MIB
Information About the MPLS Traffic Engineering MIB
s
el
s
nn
el
tu
nn
d
an
g
tu
en
m
s
g
th
m
c-
en
pa
co
ffi
c-
it-
in
ffi
s
y tr
ce
ic
tra
e
ar ls
pl
rfa
bl
m p
ex
s
m m
la
pl
te
ai
ip
su how
m
in
av
ow
ow
ow
ot
s
sh
sh
sh
N
mplsTunnelTable x x
mplsTunnelHopTable x x
mplsTunnelResourceTable x
mplsTunnelARHopTable x
mplsTunnelCHopTable x
mplsTunnelPerfTable x x
Scalars x x x
52510
Retrieving Information from the MPLS Traffic Engineering MIB
This section describes how to efficiently retrieve information about TE tunnels. Such information can be
useful in large networks that contain many TE tunnels.
Traverse across a single column of the mplsTunnelTable, such as mplsTunnelName. This action provides
the indexes of every tunnel configuration, and any LSPs involving the host router. Using these indexes,
you can perform a GET operation to retrieve information from any column and row of the
mplsTunnelTable.
The mplsTunnelTable provides pointers to other tables for each tunnel. The column
mplsTunnelResourcePointer, for example, provides an object ID (OID) that you can use to access
resource allocation information in the mplsTunnelResourceTable. The columns
mplsTunnelHopTableIndex, mplsTunnelARHopTableIndex, and mplsTunnelCHopTableIndex provide the
primary index into the mplsTunnelHopTable, mplsTunnelARHopTable, and mplsTunnelCHopTable,
respectively. By traversing the MPLS TE MIB in this manner using a hop table column and primary
index, you can retrieve information pertaining to the hops of that tunnel configuration.
Because tunnels are treated as interfaces, the tunnel table column (mplsTunnelIfIndex) provides an index
into the Interfaces MIB that you can use to retrieve interface-specific information about a tunnel.
10
MPLS Traffic Engineering MIB
How to Configure the MPLS Traffic Engineering MIB
SUMMARY STEPS
1. telnet host
2. enable
3. show running-config
4. configure terminal
5. snmp-server community string [view view-name] [ro | rw] [ipv6 nacl] [access-list-number]
6. snmp-server enable traps [identification-type] [notification-option]
7. exit
8. write memory
DETAILED STEPS
11
MPLS Traffic Engineering MIB
How to Configure the MPLS Traffic Engineering MIB
Example:
Router# configure terminal
Step 5 snmp-server community string [view view-name] Enables the read-only (RO) community string.
[ro | rw] [ipv6 nacl] [access-list-number]
Example:
Router(config)# snmp-server community comaccess
ro 4
Step 6 snmp-server enable traps [identification-type] Enables an LSR to send SNMP notifications or informs to
[notification-option] an SNMP host.
Note This command is optional. After SNMP is enabled,
Example: all MIBs (not just the TE MIB) are available for the
Router(config)# snmp-server enable traps user to query.
Step 7 exit Exits global configuration mode and returns to privileged
EXEC mode.
Example:
Router(config)# exit
Step 8 write memory Writes the modified configuration to NVRAM, permanently
saving the settings.
Example:
Router# write memory
SUMMARY STEPS
1. telnet host
2. enable
3. show running-config
12
MPLS Traffic Engineering MIB
Configuration Examples for the MPLS Traffic Engineering MIB
DETAILED STEPS
Example:
Router# enable
Step 3 show running-config Displays the running configuration on the target device and
is used to examine the output for displayed SNMP
information.
Example:
Router# show running-config
Examples
The follows example displays the running configuration on the target device and its SNMP information.
Router# show running-config
.
.
.
snmp-server community public ro
snmp-server community private ro
Any snmp-server statement that appears in the output and takes the form shown here verifies that SNMP
has been enabled on that device.
The following example shows how to enable SNMPv1 and SNMPv2C. The configuration permits any
SNMP agent to access all MPLS TE MIB objects with read-only permissions using the community string
public.
Router(config)# snmp-server community public
13
MPLS Traffic Engineering MIB
Additional References
The following example shows how to allow read-only access to all MPLS TE MIB objects relating to
members of access list 4 that specify the comaccess community string. No other SNMP agents will have
access to any MPLS TE MIB objects.
Router(config)# snmp-server community comaccess ro 4
Additional References
The following sections provide references related to the MPLS Traffic Engineering MIB.
Related Documents
Related Topic Document Title
Information about MPLS TE and enhancements MPLS Traffic Engineering and Enhancements
MPLS TE commands Cisco IOS Multiprotocol Label Switching Command Reference
SNMP commands Cisco IOS Network Management Command Reference
SNMP configuration “Configuring SNMP Support” in the Cisco IOS XE
Network Management Configuration Guide. Release 2
Standards
Standard Title
draft-ietf-mpls-te-mib-05 MPLS Traffic Engineering Management Information Base Using
SMIv2
MIBs
MIB MIBs Link
• MPLS TE MIB To locate and download MIBs for selected platforms, Cisco IOS XE
software releases, and feature sets, use Cisco MIB Locator found at
• Interfaces MIB
the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
RFC 2026 The Internet Standards Process
14
MPLS Traffic Engineering MIB
Feature Information for the MPLS Traffic Engineering MIB
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
15
MPLS Traffic Engineering MIB
Feature Information for the MPLS Traffic Engineering MIB
16
MPLS Traffic Engineering MIB
Glossary
Glossary
affinity bits—A Multiprotocol Label Switching (MPLS) traffic engineering (TE) tunnel’s requirements
on the attributes of the links it will cross. The tunnel’s affinity bits and affinity mask must match with
the attributes of the various links carrying the tunnel.
call admission precedence—An Multiprotocol Label Switching (MPLS) traffic engineering tunnel with
a higher priority will, if necessary, preempt an MPLS traffic engineering tunnel with a lower priority. An
expected use is that tunnels that are more difficult to route will have a higher priority, and can preempt
tunnels that are less difficult to route, on the assumption that those lower priority tunnels can find another
path.
constraint-based routing—Procedures and protocols used to determine a route across a backbone
taking into account resource requirements and resource availability, instead of simply using the shortest
path.
flow—A traffic load entering the backbone at one point—point of presence (POP)—and leaving it from
another that must be traffic engineered across the backbone. The traffic load will be carried across one
or more LSP tunnels running from the entry POP to the exit POP.
headend—The label switch router (LSR) at which the tunnel originates. The tunnel’s “head” or tunnel
interface will reside at this LSR as well.
informs—A type of notification message that is more reliable than a conventional trap notification
message because an informs message requires acknowledgment.
label—A short, fixed-length data construct that tells switching nodes how to forward data (packets or
cells).
label switched path (LSP) tunnel—A configured connection between two routers, using label
switching to carry the packets.
LSP—label switched path. A path that is followed by a labeled packet over several hops, starting at an
ingress label switch router (LSR) and ending at an egress LSR.
LSR—label switch router. A Layer 3 router that forwards a packet based on the value of a label
encapsulated in the packet.
MIB—Management Information Base. A database of network management information (consisting of
MIB objects) that is used and maintained by a network management protocol such as Simple Network
Management Protocol (SNMP). The value of a MIB object can be changed or retrieved using SNMP
commands, usually by a GUI-based network management system. MIB objects are organized in a tree
structure that includes public (standard) and private (proprietary) branches.
MPLS—Multiprotocol Label Switching. Switching method that forwards IP traffic using a label. This
label instructs the routers and the switches in the network where to forward the packets based on
preestablished IP routing information.
NMS—network management station. An NMS is a powerful, well-equipped computer (typically an
engineering workstation) that is used by a network administrator to communicate with other devices in
the network. An NMS is typically used to manage network resources, gather statistics, and perform a
variety of network administration and configuration tasks.
notification —A message sent by a Simple Network Management Protocol (SNMP) agent to a network
management station, console, or terminal to indicate that a significant event within Cisco IOS XE
software has occurred (see traps).
OSPF—Open Shortest Path First. A link-state routing protocol used for routing IP.
RSVP—Resource Reservation Protocol. Protocol for reserving network resources to provide quality of
service (QoS) guarantees to application flows.
17
MPLS Traffic Engineering MIB
Glossary
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
18
MPLS High Availablity
MPLS LDP Graceful Restart
When a router is configured with Multiprotocol Label Switching (MPLS) Label Distribution Protocol
(LDP) Graceful Restart (GR), it assists a neighboring router that has MPLS LDP Stateful
Switchover/Nonstop Forwarding (SSO/NSF) Support and Graceful Restart to recover gracefully from an
interruption in service. MPLS LDP GR functions strictly in helper mode, which means it can only help
other routers that are enabled with MPLS SSO/NSF and GR to recover. If the router with LDP GR fails,
its peer routers cannot help the router recover.
For brevity, the following are used in this document:
• MPLS LDP SSO/NSF Support and Graceful Restart is called LDP SSO/NSF.
• The MPLS LDP GR feature described in this document refers to helper mode.
When you enable MPLS LDP GR on a router that peers with an MPLS LDP SSO/NSF-enabled router,
the SSO/NSF-enabled router can maintain its forwarding state when the LDP session between them is
interrupted. While the SSO/NSF-enabled router recovers, the peer router forwards packets using stale
information. This enables the SSO/NSF-enabled router to become operational more quickly.
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS LDP Graceful Restart
Contents
Contents
• Prerequisites for MPLS LDP Graceful Restart, page 2
• Restrictions for MPLS LDP Graceful Restart, page 2
• Information About MPLS LDP Graceful Restart, page 2
• How to Configure MPLS LDP Graceful Restart, page 4
• Configuration Examples for MPLS LDP Graceful Restart, page 6
• Additional References, page 10
• Feature Information for MPLS LDP Graceful Restart, page 12
2
MPLS LDP Graceful Restart
Information About MPLS LDP Graceful Restart
95974
Router 1 Router 2 Router 3
The following process shows how Routers 1 and 3, which have been configured with MPLS LDP GR,
help Router 2, which has been configured with LDP SSO/NSF, recover from a disruption in service:
1. Router 1 notices an interruption in service with Router 2. (Router 3 also performs the same actions
in this process.)
2. Router 1 marks all the label bindings from Router 2 as stale, but it continues to use the bindings for
MPLS forwarding.
Router 1 reestablishes an LDP session with Router 2, but keeps its stale label bindings. If you issue a
show mpls ldp neighbor command with the graceful-restart keyword, the command output displays
the recovering LDP sessions.
3. Both routers readvertise their label binding information. If Router 1 relearns a label from Router 2
after the session has been established, the stale flags are removed. The show mpls forwarding-table
command displays the information in the MPLS forwarding table, including the local label,
outgoing label or VC, prefix, label-switched bytes, outgoing interface, and next hop.
You can set various graceful restart timers. See the following commands for more information:
• mpls ldp graceful-restart timers neighbor-liveness
• mpls ldp graceful-restart timers max-recovery
How a Route Processor Advertises That It Supports MPLS LDP Graceful Restart
A Route Processor (RP) that is configured to perform MPLS LDP GR includes the Fault Tolerant (FT)
Type Length Value (TLV) in the LDP initialization message. The RP sends the LDP initialization
message to a neighbor to establish an LDP session.
The FT session TLV includes the following information:
• The Learn from Network (L) flag is set to 1, which indicates that the route processor is configured
to perform MPLS LDP GR.
• The Reconnect Timeout field shows the time (in milliseconds) that the neighbor should wait for a
reconnection if the LDP session is lost. In this release, the timer is set to 0, which indicates that if
the local router fails, its peers should not wait for it to recover. The timer setting indicates that the
local router is working in helper mode.
• The Recovery Time field shows the time (in milliseconds) that the neighbor should retain the MPLS
forwarding state during a recovery. If a neighbor did not preserve the MPLS forwarding state before
the restart of the control plane, the neighbor sets the recovery time to 0.
What Happens If a Route Processor Does Not Have MPLS LDP Graceful Restart
If two route processors establish an LDP session and one route processor is not configured for
MPLS LDP GR, the two route processors create a normal LDP session but do not have the ability to
perform MPLS LDP GR. Both route processors must be configured for MPLS LDP GR.
3
MPLS LDP Graceful Restart
How to Configure MPLS LDP Graceful Restart
Note You can also issue the mpls label protocol ldp command in global configuration mode, which enables
LDP on all interfaces configured for MPLS.
SUMMARY STEPS
1. enable
2. configure terminal
3. ip cef distributed
4. mpls ldp graceful-restart
5. interface type slot/subslot/port[.subinterface-number]
6. mpls ip
7. mpls label protocol ldp
8. exit
9. exit
DETAILED STEPS
Example:
Router# configure terminal
4
MPLS LDP Graceful Restart
How to Configure MPLS LDP Graceful Restart
Example:
Router(config)# ip cef distributed
Step 4 mpls ldp graceful-restart Enables the router to protect the LDP bindings and MPLS
forwarding state during a disruption in service.
Example:
Router(config)# mpls ldp graceful-restart
Step 5 interface type Specifies an interface and enters interface configuration
slot/subslot/port[.subinterface-number] mode.
Example:
Router(config)# interface pos 0/3/0
Step 6 mpls ip Configures MPLS hop-by-hop forwarding for an interface.
Example:
Router(config-if)# mpls ip
Step 7 mpls label protocol ldp Configures the use of LDP for an interface.
Example:
Router(config-if)# mpls label protocol ldp
Step 8 exit Exits interface configuration mode and returns to global
configuration mode.
Example:
Router(config-if)# exit
Step 9 exit Exits global configuration mode and returns to privileged
EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. show mpls ldp neighbor graceful-restart
3. show mpls ldp graceful restart
4. exit
5
MPLS LDP Graceful Restart
Configuration Examples for MPLS LDP Graceful Restart
DETAILED STEPS
Step 1 enable
Use this command to enable privileged ECEC mode. Enter your password if prompted. For example:
Router>? enable
Router#
Step 4 exit
Use this command to exit to user EXEC mode. For example:
Router# exit
Router>
6
MPLS LDP Graceful Restart
Configuration Examples for MPLS LDP Graceful Restart
LDP2
10.20.20.20 172.16.17.17 192.168.19.19
LDP1
95975
Router 1 Router 2 Router 3
TE Tunnel
7
MPLS LDP Graceful Restart
Configuration Examples for MPLS LDP Graceful Restart
encapsulation aal5snap
mpls label protocol ldp
mpls traffic-eng tunnels
mpls ip
ip rsvp bandwidth 1000
!
router ospf 100
log-adjacency-changes
redistribute connected
network 10.12.0.0 0.255.255.255 area 100
network 10.20.20.20 0.0.0.0 area 100
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 100
8
MPLS LDP Graceful Restart
Configuration Examples for MPLS LDP Graceful Restart
9
MPLS LDP Graceful Restart
Additional References
Additional References
The following sections provide references related to MPLS LDP GR.
Related Documents
Related Topic Document Title
MPLS Label Distribution Protocol MPLS Label Distribution Protocol (LDP)
LDP commands Cisco IOS Multiprotocol Label Switching Command Reference
Standards
Standards Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIBs MIBs Link
MPLS Label Distribution Protocol MIB Version 8 To locate and download MIBs for selected platforms, Cisco IOS XE
Upgrade software releases, and feature sets, use Cisco MIB Locator found at
the following URL:
http://www.cisco.com/go/mibs
RFCs
RFCs Title
RFC 3036 LDP Specification
RFC 3478 Graceful Restart Mechanism for Label Distribution
10
MPLS LDP Graceful Restart
Additional References
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
11
MPLS LDP Graceful Restart
Feature Information for MPLS LDP Graceful Restart
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
12
MPLS LDP Graceful Restart
Feature Information for MPLS LDP Graceful Restart
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
13
MPLS LDP Graceful Restart
Feature Information for MPLS LDP Graceful Restart
14
NSF/SSO—MPLS LDP and LDP Graceful Restart
Cisco Nonstop Forwarding (NSF) with Stateful Switchover (SSO) provides continuous packet
forwarding, even during a network processor hardware or software failure. In a redundant system, the
secondary processor recovers control plane service during a critical failure in the primary processor. SSO
synchronizes the network state information between the primary and the secondary processor.
Multiprotocol Label Switching (MPLS) Label Distribution Protocol (LDP) uses SSO, NSF, and graceful
restart to allow a Route Processor (RP) to recover from disruption in control plane service (specifically,
the LDP component) without losing its MPLS forwarding state. LDP NSF works with LDP sessions
between directly connected peers and with peers that are not directly connected (targeted sessions).
Note In this document, the NSF/SSO—MPLS LDP and LDP Graceful Restart feature is called LDP NSF for
brevity.
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
NSF/SSO—MPLS LDP and LDP Graceful Restart
Contents
Contents
• Prerequisites for NSF/SSO—MPLS LDP and LDP Graceful Restart, page 2
• Restrictions for NSF/SSO—MPLS LDP and LDP Graceful Restart, page 2
• Information About NSF/SSO—MPLS LDP and LDP Graceful Restart, page 2
• How to Configure and Use NSF/SSO—MPLS LDP and LDP Graceful Restart, page 5
• Configuration Examples for NSF/SSO—MPLS LDP and LDP Graceful Restart, page 8
• Additional References, page 11
• Feature Information for NSF/SSO—MPLS LDP and LDP Graceful Restart, page 12
2
NSF/SSO—MPLS LDP and LDP Graceful Restart
Information About NSF/SSO—MPLS LDP and LDP Graceful Restart
The following process shows how LDP recovers when one of the routers fails:
1. When an RP fails on Router 2, communications between the routers is interrupted.
2. Router 1 and Router 3 mark all the label bindings from Router 2 as stale, but they continue to use
the bindings for MPLS forwarding.
3. Router 1 and Router 3 attempt to reestablish an LDP session with Router 2.
4. Router 2 restarts and marks all of its forwarding entries as stale. If you enter a show mpls ldp
graceful-restart command, the command output includes the following line:
LDP is restarting gracefully.
5. Router 1 and Router 3 reestablish LDP sessions with Router 2, but they keep their stale label
bindings. If you enter a show mpls ldp neighbor command with the graceful-restart keyword, the
command output displays the recovering LDP sessions.
3
NSF/SSO—MPLS LDP and LDP Graceful Restart
Information About NSF/SSO—MPLS LDP and LDP Graceful Restart
6. All three routers readvertise their label binding information. If a label has been relearned after the
session has been established, the stale flags are removed. The show mpls forwarding-table
command displays the information in the MPLS forwarding table, including the local label,
outgoing label or VC, prefix, label-switched bytes, outgoing interface, and next hop.
You can set various timers to limit how long the routers wait for an LDP session to be reestablished
before restarting the router. See the following commands for more information:
• mpls ldp graceful-restart timers forwarding-holding
• mpls ldp graceful-restart timers max-recovery
• mpls ldp graceful-restart timers neighbor-liveness
What Happens if a Route Processor Does Not Have LDP Graceful Restart
If an RP is not configured for MPLS LDP Graceful Restart and it attempts to establish an LDP session
with an RP that is configured with LDP Graceful Restart, the following events occur:
1. The RP that is configured with MPLS LDP Graceful Restart sends an initialization message that
includes the FT session TLV value to the RP that is not configured with MPLS LDP Graceful
Restart.
2. The RP that is not configured for MPLS LDP Graceful Restart receives the LDP initialization
message and discards the FT session TLV.
3. The two RPs create a normal LDP session but do not have the ability to perform MPLS LDP
Graceful Restart.
You must enable all RPs with MPLS LDP Graceful Restart for an LDP session to be preserved during
an interruption in service.
4
NSF/SSO—MPLS LDP and LDP Graceful Restart
How to Configure and Use NSF/SSO—MPLS LDP and LDP Graceful Restart
For the LDP NSF feature, the checkpointing function copies the active RP’s LDP local label bindings to
the backup RP. The active RP sends updates to the backup RP when local label bindings are modified as
a result of routing changes.
Note Local label bindings that are allocated by BGP and null local label bindings are not included in the
checkpointing operation.
Troubleshooting Tips
You can use the debug mpls ldp graceful-restart command to enable the display of MPLS LDP
checkpoint events and errors.
Prerequisites
• RPs must be configured for SSO. See the Stateful Switchover feature module for more information:
• You must enable Nonstop Forwarding on the routing protocols running between the P, PE, routers,
and CE routers. See the Cisco Nonstop Forwarding feature module for more information.
SUMMARY STEPS
1. enable
2. configure terminal
3. ip cef [distributed]
4. mpls ldp graceful-restart
5. interface type slot/subslot/port[.subinterface-number]
5
NSF/SSO—MPLS LDP and LDP Graceful Restart
How to Configure and Use NSF/SSO—MPLS LDP and LDP Graceful Restart
6. mpls ip
7. mpls label protocol ldp
8. exit
9. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip cef [distributed] Enables distributed Cisco Express Forwarding.
Example:
Router(config)# ip cef distributed
Step 4 mpls ldp graceful-restart Enables the router to protect the LDP bindings and MPLS
forwarding state during a disruption in service.
Example:
Router (config)# mpls ldp graceful-restart
Step 5 interface type Specifies an interface and enters interface configuration
slot/subslot/port[.subinterface-number] mode.
Example:
Router(config)# interface pos 0/3/0
Step 6 mpls ip Configures MPLS hop-by-hop forwarding for an interface.
Example:
Router(config-if)# mpls ip
Step 7 mpls label protocol ldp Configures the use of LDP for an interface. You must use
LDP. You can also issue the mpls label protocol ldp
command in global configuration mode, which enables LDP
Example:
Router(config-if)# mpls label protocol ldp
on all interfaces configured for MPLS.
Step 8 exit Exits interface configuration mode and returns to global
configuration mode.
Example:
Router(config-if)# exit
Step 9 exit Exits global configuration mode and returns to privileged
EXEC mode.
Example:
Router(config)# exit
6
NSF/SSO—MPLS LDP and LDP Graceful Restart
How to Configure and Use NSF/SSO—MPLS LDP and LDP Graceful Restart
SUMMARY STEPS
1. enable
2. show mpls ldp graceful-restart
3. show mpls ldp neighbor graceful restart
4. show mpls ldp checkpoint
5. exit
DETAILED STEPS
Step 1 enable
Use this command to enable privileged EXEC mode. Enter your password if prompted. For example:
Router> enable
Router#
7
NSF/SSO—MPLS LDP and LDP Graceful Restart
Configuration Examples for NSF/SSO—MPLS LDP and LDP Graceful Restart
Step 5 exit
Use this command to return to user EXEC mode. For example:
Router# exit
Router>
Figure 2 MPLS LDP: NSF/SSO Support and Graceful Restart Configuration Example
LDP2
10.20.20.20 172.16.17.17 192.168.19.19
LDP1
95975
TE Tunnel
Router 1
redundancy
mode sso
ip subnet-zero
ip cef distributed
mpls label range 16 10000 static 10001 1048575
mpls label protocol ldp
mpls ldp logging neighbor-changes
mpls ldp graceful-restart
mpls traffic-eng tunnels
no mpls traffic-eng auto-bw timers frequency 0
mpls ldp router-id Loopback0 force
!
interface Loopback0
8
NSF/SSO—MPLS LDP and LDP Graceful Restart
Configuration Examples for NSF/SSO—MPLS LDP and LDP Graceful Restart
Router 2
redundancy
mode sso
!
ip cef distributed
no ip domain-lookup
mpls label range 17 10000 static 10001 1048575
mpls label protocol ldp
mpls ldp logging neighbor-changes
mpls ldp graceful-restart
mpls traffic-eng tunnels
no mpls traffic-eng auto-bw timers frequency 0
no mpls advertise-labels
mpls ldp router-id Loopback0 force
!
interface Loopback0
ip address 172.18.17.17 255.255.255.255
no ip directed-broadcast
!
interface ATM0/3/0
9
NSF/SSO—MPLS LDP and LDP Graceful Restart
Configuration Examples for NSF/SSO—MPLS LDP and LDP Graceful Restart
no ip address
no ip directed-broadcast
no ip mroute-cache
atm clock INTERNAL
atm sonet stm-1
no atm enable-ilmi-trap
no atm ilmi-keepalive
!
interface ATM0/3/0.5 point-to-point
ip address 172.17.0.1 255.255.0.0
no ip directed-broadcast
no atm enable-ilmi-trap
pvc 6/100
encapsulation aal5snap
mpls label protocol ldp
mpls traffic-eng tunnels
mpls ip
ip rsvp bandwidth 1000
!
interface POS0/1/0
ip address 10.0.0.1 255.0.0.0
no ip directed-broadcast
encapsulation ppp
mpls label protocol ldp
mpls traffic-eng tunnels
mpls ip
no peer neighbor-route
clock source internal
ip rsvp bandwidth 1000
!
router ospf 100
log-adjacency-changes
nsf enforce global
redistribute connected
network 10.0.0.0 0.255.255.255 area 100
network 172.17.0.0 0.255.255.255 area 100
network 172.18.17.17 0.0.0.0 area 100
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 100
!
ip classless
Router 3
redundancy
mode sso
!
ip subnet-zero
ip cef distributed
!
no ip finger
no ip domain-lookup
mpls label protocol ldp
mpls ldp neighbor 10.11.11.11 targeted ldp
mpls ldp logging neighbor-changes
mpls ldp graceful-restart
mpls traffic-eng tunnels
no mpls traffic-eng auto-bw timers frequency 0
mpls ldp discovery directed-hello interval 12
mpls ldp discovery directed-hello holdtime 130
mpls ldp discovery directed-hello accept
mpls ldp router-id Loopback0 force
!
10
NSF/SSO—MPLS LDP and LDP Graceful Restart
Additional References
interface Loopback0
ip address 172.19.19.19 255.255.255.255
no ip directed-broadcast
!
interface POS1/1/0
ip address 10.0.0.2 255.0.0.0
no ip directed-broadcast
encapsulation ppp
mpls label protocol ldp
mpls traffic-eng tunnels
mpls ip
no peer neighbor-route
clock source internal
ip rsvp bandwidth 1000
!
router ospf 100
log-adjacency-changes
nsf enforce global
redistribute connected
network 10.0.0.0 0.255.255.255 area 100
network 172.19.19.19 0.0.0.0 area 100
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 100
!
ip classless
Additional References
The following sections provide references related to the NSF/SSO—MPLS LDP and LDP Graceful
Restart feature.
Related Documents
Related Topic Document Title
Stateful switchover Stateful Switchover
MPLS Label Distribution Protocol MPLS Label Distribution Protocol (LDP)
MPLS LDP commands Cisco IOS Multiprotocol Label Switching Command Reference
Cisco nonstop forwarding Cisco Nonstop Forwarding
High availability commands Cisco IOS High Availability Command Reference
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
11
NSF/SSO—MPLS LDP and LDP Graceful Restart
Feature Information for NSF/SSO—MPLS LDP and LDP Graceful Restart
MIBs
MIB MIBs Link
MPLS Label Distribution Protocol MIB Version 8 To locate and download MIBs for selected platforms, Cisco IOS XE
Upgrade software releases, and feature sets, use Cisco MIB Locator found at
the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
RFC 3036 LDP Specification
RFC 3478 Graceful Restart Mechanism for Label Distribution
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
12
NSF/SSO—MPLS LDP and LDP Graceful Restart
Feature Information for NSF/SSO—MPLS LDP and LDP Graceful Restart
Table 1 Feature Information for NSF/SSO—MPLS LDP and LDP Graceful Restart
13
NSF/SSO—MPLS LDP and LDP Graceful Restart
Feature Information for NSF/SSO—MPLS LDP and LDP Graceful Restart
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
14
ISSU MPLS Clients
MPLS applications can be upgraded using the In Service Software Upgrade (ISSU) process. Thus, MPLS
applications are considered ISSU’s MPLS clients. The ISSU process allows Cisco IOS XE software to
be updated or otherwise modified while packet forwarding continues.
Contents
• Prerequisites for ISSU MPLS Clients, page 2
• Information About ISSU MPLS Clients, page 2
• How to Verify that an MPLS Client Can Support an In Service Software Upgrade, page 4
• Configuration Examples for ISSU MPLS Clients, page 5
• Additional References, page 14
• Feature Information for ISSU MPLS Clients, page 16
• Glossary, page 18
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
ISSU MPLS Clients
Prerequisites for ISSU MPLS Clients
This client . . . ...can only work when this client is shown to be compatible
MPLS VPN LSD Label Manager High Availability
LDP LSD Label Manager High Availability
VRF (“Table ID”) LSD Label Manager High Availability
LSD Label Manager High Base clients: Checkpointing and Redundancy Facility
Availability
MFI Pull XDR
MFI Push XDR
LSPV Push within OAM XDR
TE Base clients:
• Checkpointing and Redundancy Facility
• MPLS TE High Availability
2
ISSU MPLS Clients
Information About ISSU MPLS Clients
Note For a complete list of ISSU- compliant protocols and applications that are supported for the
Cisco ASR Series Routers for your release, see the Release Notes for Cisco ASR Series Aggregation
Services Routers.
3
ISSU MPLS Clients
How to Verify that an MPLS Client Can Support an In Service Software Upgrade
Note For the complete task sequence that accomplishes ISSU see the Cisco ASR 1000 Series Aggregation
Services Routers Software Configuration Guide.
Prerequisites
Ensure that you have successfully loaded new Cisco IOS XE software onto the standby processor as
described in the Cisco ASR 1000 Series Aggregation Services Routers Software Configuration Guide.
SUMMARY STEPS
1. enable
2. show issu clients
3. show issu sessions clientID
4. show issu negotiated version sessionID
5. show issu negotiated capability sessionID
6. show issu message types clientID
DETAILED STEPS
4
ISSU MPLS Clients
Configuration Examples for ISSU MPLS Clients
Example:
Router# show issu negotiated version
33
Step 5 show issu negotiated capability Displays results of a negotiation about the client application’s
sessionID capabilities.
Example:
Router# show issu negotiated
capability 33
Step 6 show issu message types clientID Displays the message formats (“types”) and versions supported by the
specified client.
Example:
Router# show issu message types 2002
5
ISSU MPLS Clients
Configuration Examples for ISSU MPLS Clients
6
ISSU MPLS Clients
Configuration Examples for ISSU MPLS Clients
---------------------------------------------------------------------
Client_ID = 2011, Entity_ID = 1 :
Now you can take the session ID displayed in the previous command’s output and enter it into the next
command, to see the negotiated message version:
Router# show issu negotiated version 46
Session_ID = 46 :
Message_Type = 1, Negotiated_Version = 2, Message_MTU = 20
Message_Type = 2, Negotiated_Version = 2, Message_MTU = 20
Message_Type = 3, Negotiated_Version = 2, Message_MTU = 4
Next you can enter the same session ID into the following command to display the capability negotiation
result:
Router# show issu negotiated capability 46
Session_ID = 46 :
Negotiated_Cap_Entry = 1
Finally, to see which message types and versions are supported by this particular client, you enter the
client ID into the following command:
Router# show issu message types 2011
---------------------------------------------------------------------
Client_ID = 2011, Entity_ID = 1 :
Message_Type = 1, Version_Range = 2 ~ 2
7
ISSU MPLS Clients
Configuration Examples for ISSU MPLS Clients
Message_Ver = 2, Message_Mtu = 20
Message_Type = 2, Version_Range = 2 ~ 2
Message_Ver = 2, Message_Mtu = 20
Message_Type = 3, Version_Range = 2 ~ 2
Message_Ver = 2, Message_Mtu = 4
---------------------------------------------------------------------
Client_ID = 2009, Entity_ID = 1 :
Now you can take the session ID displayed in the previous command’s output and enter it into the next
command, in order to see the negotiated message version:
Router# show issu negotiated version 39
Session_ID = 39 :
Message_Type = 1, Negotiated_Version = 1, Message_MTU = 32
Next you can enter the same session ID into the following command to display the capability negotiation
result:
Router# show issu negotiated capability 39
Session_ID = 39 :
Negotiated_Cap_Entry = 1
Finally,= to see which message types and versions are supported by this particular client, you enter the
client ID into the following command:
Router# show issu message types 2009
---------------------------------------------------------------------
Client_ID = 2009, Entity_ID = 1 :
Message_Type = 1, Version_Range = 1 ~ 1
Message_Ver = 1, Message_Mtu = 32
8
ISSU MPLS Clients
Configuration Examples for ISSU MPLS Clients
Verifying the ISSU Process for an MPLS VRF (“Table ID”) Client: Example
This example shows how to verify the ISSU process for an MPLS VRF (“Table ID”) client.
The first command shows you whether the VRF client’s old and new software versions are compatible,
and therefore are able to make use of the ISSU opportunity:
Router# show issu sessions 2008
---------------------------------------------------------------------
Client_ID = 2008, Entity_ID = 1 :
Now you can take the session ID displayed in the previous command’s output and enter it into the next
command, in order to see the negotiated message version:
Router# show issu negotiated version 19
Session_ID = 19 :
Message_Type = 1, Negotiated_Version = 1, Message_MTU = 44
Message_Type = 2, Negotiated_Version = 1, Message_MTU = 4
Next you can enter the same session ID into the following command to display the capability negotiation
result:
Router# show issu negotiated capability 19
Session_ID = 19 :
Negotiated_Cap_Entry = 1
Finally, to see which message types and versions are supported by this particular client, you enter the
client ID into the following command:
Router# show issu message types 2008
---------------------------------------------------------------------
Client_ID = 2008, Entity_ID = 1 :
Message_Type = 1, Version_Range = 1 ~ 1
Message_Ver = 1, Message_Mtu = 44
Message_Type = 2, Version_Range = 1 ~ 1
Message_Ver = 1, Message_Mtu = 4
Verifying the ISSU Process for an MPLS LSD Label Manager HA Client: Example
This example shows how to verify the ISSU process for an MPLS LSD Label Manager HA client.
The first command shows you whether the LSD client’s old and new software versions are compatible,
and therefore are able to make use of the ISSU opportunity:
Router# show issu sessions 2007
9
ISSU MPLS Clients
Configuration Examples for ISSU MPLS Clients
---------------------------------------------------------------------
Client_ID = 2007, Entity_ID = 1 :
Now you can take the session ID displayed in the previous command’s output and enter it into the next
command, in order to see the negotiated message version:
Router# show issu negotiated version 40
Session_ID = 40 :
Message_Type = 1, Negotiated_Version = 2, Message_MTU = 8
Next you can enter the same session ID into the following command to display the capability negotiation
result:
Router# show issu negotiated capability 40
---------------------------------------------------
Client_ID = 2007, Entity_ID = 1, Session_ID = 40 :
Negotiated_Cap_Entry = 1
Finally, to see which message types and versions are supported by this particular client, you enter the
client ID into the following command:
Router# show issu message types 2007
---------------------------------------------------------------------
Client_ID = 2007, Entity_ID = 1 :
Message_Type = 1, Version_Range = 1 ~ 2
Message_Ver = 1, Message_Mtu = 12
Message_Ver = 2, Message_Mtu = 8
Verifying the ISSU Process for an MPLS MFI Pull Client: Example
This example shows how to verify the ISSU process for an MPLS MFI Pull client.
The first command shows you whether the MFI Pull client’s old and new software versions are
compatible, and therefore are able to make use of the ISSU opportunity:
Router# show issu sessions 2030
---------------------------------------------------------------------
Client_ID = 2030, Entity_ID = 1 :
10
ISSU MPLS Clients
Configuration Examples for ISSU MPLS Clients
Now you can take the session ID displayed in the previous command’s output and enter it into the next
command, in order to see the negotiated message version:
Router# show issu negotiated version 131073
Session_ID = 131073:
Message_Type = 1006, Negotiated_Version = 1, Message_MTU = 4
Message_Type = 3003, Negotiated_Version = 1, Message_MTU = 12
Next you can enter the same session ID into the following command to display the capability negotiation
result:
Router# show issu negotiated capability 131073
Session_ID = 131073 :
Negotiated_Cap_Entry = 1
Finally to see which message types and versions are supported by this particular client, you enter the
client ID into the following command:
Router# show issu message types 2030
---------------------------------------------------------------------
Client_ID = 2030, Entity_ID = 1 :
Message_Type = 1006, Version_Range = 1 ~ 1
Message_Ver = 1, Message_Mtu = 4
Message_Type = 2004, Version_Range = 1 ~ 1
Message_Ver = 1, Message_Mtu = 12
Verifying the ISSU Process for an MPLS MFI Push Client: Example
This example shows how to verify the ISSU process for an MPLS MFI Push client.
The first command shows you whether the MFI Push client’s old and new software versions are
compatible, and therefore are able to make use of the ISSU opportunity:
Router# show issu sessions 2031
---------------------------------------------------------------------
Client_ID = 2031, Entity_ID = 1 :
11
ISSU MPLS Clients
Configuration Examples for ISSU MPLS Clients
Now you can take the session ID displayed in the previous command’s output and enter it into the next
command, in order to see the negotiated message version:
Router# show issu negotiated version 196646
Session_ID = 196646:
Message_Type = 101, Negotiated_Version = 1, Message_MTU = 17
Message_Type = 105, Negotiated_Version = 1, Message_MTU = 31
Next you can enter the same session ID into the following command to display the capability negotiation
result:
Router# show issu negotiated capability 196646
Session_ID = 196646 :
Negotiated_Cap_Entry = 1
Finally to see which message types and versions are supported by this particular client, you enter the
client ID into the following command:
Router# show issu message types 2031
---------------------------------------------------------------------
Client_ID = 2031, Entity_ID = 1 :
Message_Type = 5002, Version_Range = 1 ~ 2
Message_Ver = 1, Message_Mtu = 10
Message_Type = 5018, Version_Range = 1 ~ 1
Message_Ver = 1, Message_Mtu = 39
Verifying the ISSU Process for an MPLS LSPV Push Client: Example
This example shows how to verify the ISSU process for an MPLS LSVP Push client.
The first command shows you whether the LSPV Push client’s old and new software versions are
compatible, and therefore are able to make use of the ISSU opportunity:
Router# show issu sessions 2089
---------------------------------------------------------------------
Client_ID = 2089, Entity_ID = 1 :
12
ISSU MPLS Clients
Configuration Examples for ISSU MPLS Clients
Now you can take the session ID displayed in the previous command’s output and enter it into the next
command, in order to see the negotiated message version:
Router# show issu negotiated version 45
Session_ID = 45:
Message_Type = 0, Negotiated_Version = 1, Message_MTU = 74
Message_Type = 1, Negotiated_Version = 1, Message_MTU = 120
Message_Type = 2, Negotiated_Version = 1, Message_MTU = 120
Message_Type = 3, Negotiated_Version = 1, Message_MTU = 5122
Message_Type = 4, Negotiated_Version = 1, Message_MTU = 6
Next you can enter the same session ID into the following command to display the capability negotiation
result:
Router# show issu negotiated capability 45
Session_ID = 45:
Cap_Type = 0 Cap_Result = 1 No cap value assigned
Finally to see which message types and versions are supported by this particular client, you enter the
client ID into the following command:
Router# show issu message types 2089
---------------------------------------------------------------------
Client_ID = 2089, Entity_ID = 1 :
Message_Type = 0, Version_Range = 1 ~ 1
Message_Ver = 1, Message_Mtu = 74
Message_Type = 1, Version_Range = 1 ~ 1
Message_Ver = 1, Message_Mtu = 120
Message_Type = 2, Version_Range = 1 ~ 1
Message_Ver = 1, Message_Mtu = 120
Message_Type = 3, Version_Range = 1 ~ 1
Message_Ver = 1, Message_Mtu = 5122
Message_Type = 4, Version_Range = 1 ~ 1
Message_Ver = 1, Message_Mtu = 6
---------------------------------------------------------------------
Client_ID = 2053, Entity_ID = 1 :
13
ISSU MPLS Clients
Additional References
Now you can take the session ID displayed in the previous command’s output and enter it into the next
command, in order to see the negotiated message version:
Router# show issu negotiated version 84
Session_ID = 84 :
Message_Type = 1, Negotiated_Version = 2, Message_MTU = 1024
Next you can enter the same session ID into the following command to display the capability negotiation
result:
Router# show issu negotiated capability 84
Session_ID = 84 :
Cap_Type = 0, Cap_Result = 1 No cap value assigned
Finally to see which message types and versions are supported by this particular client, you enter the
client ID into the following command:
Router# show issu message types 2053
---------------------------------------------------------------------
Client_ID = 2053, Entity_ID = 1 :
Message_Type = 1, Version_Range = 1 ~ 2
Message_Ver = 1, Message_Mtu = 1024
Message_Ver = 2, Message_Mtu = 1024
Additional References
The following sections provide references related to the ISSU MPLS Clients feature.
Related Documents
Related Topic Document Title
ISSU process • Cisco IOS XE In Service Software Upgrade Process
• Cisco ASR 1000 Series Aggregation Services Routers Software
Configuration Guide
High availability commands Cisco IOS High Availability Command Reference
Standards
Standard Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature
14
ISSU MPLS Clients
Additional References
MIBs
MIB MIBs Link
No new or modified MIBs are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature the following URL:
http://www.cisco.com/go/mibs
RFCs
RFC Title
No new or modified RFCs are supported by this —
feature, and support for existing RFCs has not been
modified by this feature
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
15
ISSU MPLS Clients
Feature Information for ISSU MPLS Clients
Note Table 2 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
16
ISSU MPLS Clients
Feature Information for ISSU MPLS Clients
17
ISSU MPLS Clients
Glossary
Glossary
IS—intermediate system.
ISSU—In Service Software Upgrade.
LACP—Link Aggregration Control Protocol.
LDP—Label Distribution Protocol.
MFI—Multiprotocol Label Switching Forwarding Infrastructure.
MPLS—Multiprotocol Label Switching.
OAM—Operation, Administration, and Management.
PagP—port aggregation Protocol.
PPP—Point to Point protocol.
RP—Route Processor.
RSVP GR—Resource Reservation Protocol graceful restart.
TE—traffic engineering.
VPN—Virtual Private Network.
VRF—virtual routing and forwarding.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
18
MPLS Traffic Engineering—RSVP Graceful
Restart
The MPLS Traffic Engineering—RSVP Graceful Restart feature allows a neighboring Route Processor
(RP) to recover from disruption in control plane service (specifically, the Label Distribution Protocol
[LDP] component) without losing its Multiprotocol Label Switching (MPLS) forwarding state.
Contents
• Prerequisites for MPLS TE—RSVP Graceful Restart, page 2
• Restrictions for MPLS TE—RSVP Graceful Restart, page 2
• Information About MPLS TE—RSVP Graceful Restart, page 2
• How to Configure MPLS TE—RSVP Graceful Restart, page 4
• Configuration Examples for MPLS TE—RSVP Graceful Restart, page 8
• Additional References, page 9
• Feature Information for MPLS Traffic Engineering—RSVP Graceful Restart, page 11
• Glossary, page 12
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
MPLS Traffic Engineering—RSVP Graceful Restart
Prerequisites for MPLS TE—RSVP Graceful Restart
Graceful Restart
Graceful restart allows RSVP TE enabled nodes to start gracefully following a node failure in the
network such that the RSVP state after the failure is restored as quickly as possible. The node failure
may be completely transparent to other nodes in the network as far as the RSVP state is concerned.
Graceful restart preserves the label values and forwarding information and works with third-party or
Cisco routers seamlessly.
Graceful restart depends on RSVP hello messages that include Hello Request or Hello Acknowledgment
(ACK) objects between two neighbors.
Figure 1 shows the graceful restart extension to these messages that an object called Restart_Cap, which
tells neighbors that a node, may be capable of restarting if a failure occurs. The time-to-live (TTL) in
these messages is set to 255 so that adjacencies can be maintained through alternate paths even if the
link between two neighbors goes down.
Book Title
2
MPLS Traffic Engineering—RSVP Graceful Restart
Information About MPLS TE—RSVP Graceful Restart
Router 1 Router 4
Router 2 Router 3
117933
Hello Restart_Cap Hello Restart_Cap
Router 5
The Restart_Cap object has two values—the restart time, which is the sender’s time to restart the
RSVP_TE component and exchange hello messages after a failure; and the recovery time, which is the
desired time that the sender wants the receiver to synchronize the RSVP and MPLS databases.
In Figure 1, graceful restart is enabled on Router 1, Router 2, Router 3, and Router 4. For simplicity,
assume that all routers are restart capable. A TE label switched path (LSP) is signaled from Router 1 to
Router 4.
Router 2 and Router 3 exchange periodic graceful restart hello messages every 10,000 ms (10 seconds),
and so do Router 2 and Router 1 and Router 3 and Router 4. Assume that Router 2 advertises its restart
time as 60,000 ms (60 seconds) and its recovery time as 60,000 ms (60 seconds) as shown in the
following example:
23:33:36: Outgoing Hello:
23:33:36: version:1 flags:0000 cksum:883C ttl:255 reserved:0 length:32
23:33:36: HELLO type HELLO REQUEST length 12:
23:33:36: Src_Instance: 0x6EDA8BD7, Dst_Instance: 0x00000000
23:33:36: RESTART_CAP type 1 length 12:
23:33:36: Restart_Time: 0x0000EA60, Recovery_Time: 0x0000EA60
Note The restart and recovery time are shown in bold in the last entry.
Router 3 records this into its database. Also, both neighbors maintain the neighbor status as UP.
However, Router 3’s control plane fails at some point (for example, a Primary Route Processor failure).
As a result, RSVP and TE lose their signaling information and states although data packets continue to
be forwarded by the line cards.
When four ACK messages are missed from Router 2 (40 seconds), Router 3 declares communication
with Router 2 lost “indicated by LOST” and starts the restart time to wait for the duration advertised in
Router 2’s restart time previously and recorded (60 seconds). Router 1 and Router 2 suppress all RSVP
messages to Router 3 except hellos. Router 3 keeps sending the RSVP Path and Resv refresh messages
to Router 4 and Router 5 so that they do not expire the state for the LSP; however, Router 3 suppresses
these messages for Router 2.
Note A node restarts if it misses four ACKs or its hello src_instance (last source instance sent to its neighbor)
changes so that its restart time = 0.
Before the restart time expires, Router 2 restarts and loads its configuration and graceful restart makes
the configuration of router 2 send the hello messages with a new source instance to all the data links
attached. However, because Router 2 has lost the neighbor states, it does not know what destination
instance it should use in those messages; therefore, all destination instances are set to 0.
Book Title
3
MPLS Traffic Engineering—RSVP Graceful Restart
How to Configure MPLS TE—RSVP Graceful Restart
When Router 3 sees the hello from Router 2, Router 3 stops the restart time for Router 2 and sends an
ACK message back. When Router 3 sees a new source instance value in Router 2’s hello message, Router
3 knows that Router 2 had a control plane failure. Router 2 gets Router 3’s source instance value and
uses it as the destination instance going forward.
Router 3 also checks the recovery time value in the hello message from Router 2. If the recovery time is
0, Router 3 knows that Router 2 was not able to preserve its forwarding information and Router 3 deletes
all RSVP state that it had with Router 2.
If the recovery time is greater than 0, Router 1 sends Router 2 Path messages for each LSP that it had
previously sent through Router 2. If these messages were previously refreshed in summary messages,
they are sent individually during the recovery time. Each of these Path messages includes a
Recovery_Label object containing the label value received from Router 2 before the failure.
When Router 3 receives a Path message from Router 2, Router 3 sends a Resv message upstream.
However, Router 3 suppresses the Resv message until it receives a Path message.
SUMMARY STEPS
1. enable
2. configure terminal
3. ip rsvp signalling hello graceful-restart mode help-neighbor
4. exit
Book Title
4
MPLS Traffic Engineering—RSVP Graceful Restart
How to Configure MPLS TE—RSVP Graceful Restart
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip rsvp signalling hello graceful-restart mode Sets the number of DSCP hello messages on a neighboring
help-neighbor router with restart capability.
Example:
Router(config)# ip rsvp signalling hello
graceful-restart mode help-neighbor
Step 4 exit Exits to privileged EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. configure terminal
3. ip rsvp signalling hello graceful-restart dscp num
4. exit
DETAILED STEPS
Example:
Router# configure terminal
Book Title
5
MPLS Traffic Engineering—RSVP Graceful Restart
How to Configure MPLS TE—RSVP Graceful Restart
Example:
Router(config)# ip rsvp signalling hello
graceful-restart dscp 30
Step 4 exit Exits to privileged EXEC mode.
Example:
Router(config)# exit
SUMMARY STEPS
1. enable
2. configure terminal
3. ip rsvp signalling hello graceful-restart refresh interval interval-value
4. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip rsvp signalling hello graceful-restart Sets a hello refresh interval on a router with graceful restart
refresh interval interval-value enabled.
Example:
Router(config)# ip rsvp signalling hello
graceful-restart refresh interval 5000
Step 4 exit Exits to privileged EXEC mode.
Example:
Router(config)# end
Book Title
6
MPLS Traffic Engineering—RSVP Graceful Restart
How to Configure MPLS TE—RSVP Graceful Restart
SUMMARY STEPS
1. enable
2. configure terminal
3. ip rsvp signalling hello graceful-restart refresh misses msg-count
4. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip rsvp signalling hello graceful-restart Sets a refresh limit on a router with graceful restart enabled.
refresh misses msg-count
Example:
Router(config)# ip rsvp signalling hello
graceful-restart refresh misses 5
Step 4 exit Exits to privileged EXEC mode.
Example:
Router(config)# end
SUMMARY STEPS
1. enable
2. show ip rsvp hello graceful-restart
3. exit
Book Title
7
MPLS Traffic Engineering—RSVP Graceful Restart
Configuration Examples for MPLS TE—RSVP Graceful Restart
DETAILED STEPS
Step 1 enable
Use this command to enable privileged EXEC mode. Enter your password if prompted. For example:
Router> enable
Router#
Step 3 exit
Use this command to exit to user EXEC mode. For example:
Router# exit
Router>
Book Title
8
MPLS Traffic Engineering—RSVP Graceful Restart
Additional References
Additional References
The following sections provide references related to the MPLS TE—RSVP Graceful Restart feature.
Related Documents
Related Topic Document Title
RSVP commands: complete command syntax, Cisco IOS Quality of Service Solutions Command Reference
command mode, defaults, usage guidelines, and
examples
Quality of service (QoS) features including signaling, Cisco IOS XE Quality of Service Solutions Configuration Guide,
classification, and congestion management Release 2
Stateful switchover Stateful Switchover
MPLS Label Distribution Protocol MPLS Label Distribution Protocol (LDP)
Cisco nonstop forwarding Cisco Nonstop Forwarding
Information on stateful switchover, Cisco nonstop MPLS LDP: SSO/NSF Support and Graceful Restart
forwarding, graceful restart
Hellos for state timeout MPLS TE—RSVP Hello State Timer
Standards
Standards Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIBs MIBs Link
No new or modified MIBS are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
Book Title
9
MPLS Traffic Engineering—RSVP Graceful Restart
Additional References
RFCs
RFCs Title
RFC 3209 RSVP-TE: Extensions to RSVP for LSP Tunnels
RFC 3473 Generalized Multi-Protocol Label Switching (GMPLS) Signaling
Resource Reservation Protocol-Traffic Engineering (RSVP-TE)
Extensions
RFC 3478 Graceful Restart Mechanism for Label Distribution
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
Book Title
10
MPLS Traffic Engineering—RSVP Graceful Restart
Feature Information for MPLS Traffic Engineering—RSVP Graceful Restart
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
Book Title
11
MPLS Traffic Engineering—RSVP Graceful Restart
Glossary
Glossary
autonomous system—A collection of networks that share the same routing protocol and that are under
the same system administration.
ASBR—Autonomous System Boundary Router. A router that connects and exchanges information
between two or more autonomous systems.
backup tunnel—A Multiprotocol Label Switching (MPLS) traffic engineering (TE) tunnel used to
protect other (primary) tunnels’ traffic when a link or node failure occurs.
DSCP—differentiated services code point. Six bits in the IP header, as defined by the Internet
Engineering Task Force (IETF). These bits determine the class of service provided to the IP packet.
Fast Reroute—A mechanism for protecting Multiprotocol Label Switching (MPLS) traffic engineering
(TE) label switched paths (LSPs) from link and node failure by locally repairing the LSPs at the point
of failure, allowing data to continue to flow on them while their headend routers attempt to establish
end-to-end LSPs to replace them. Fast Reroute (FRR) locally repairs the protected LSPs by rerouting
them over backup tunnels that bypass failed links or nodes.
graceful restart—A process for helping a neighboring Route Processor (RP) restart after a node failure
has occurred.
headend—The router that originates and maintains a given label switched path (LSP). This is the first
router in the LSP’s path.
IGP—Interior Gateway Protocol. Internet protocol used to exchange routing information within an
autonomous system. Examples of common Internet IGPs include Interior Gateway Routing Protocol
(IGRP), Open Shortest Path First (OSPF), and Routing Information Protocol (RIP).
instance—A mechanism that implements the Resource Reservation Protocol. (RSVP) hello extensions
for a given router interface address and remote IP address. Active hello instances periodically send Hello
Request messages, expecting Hello ACK messages in response. If the expected ACK message is not
received, the active hello instance declares that the neighbor (remote IP address) is unreachable (that is,
it is lost). This can cause label switched paths (LSPs) crossing this neighbor to be fast rerouted.
label—A short, fixed-length data identifier that tells switching nodes how to forward data (packets or
cells).
LDP—Label Distribution Protocol. The protocol that supports Multiprotocol Label Switching (MPLS)
hop-by-hop forwarding by distributing bindings between labels and network prefixes.
LSP—label switched path. A configured connection between two routers, in which Multiprotocol Label
Switching (MPLS) is used to carry packets. A path created by the concatenation of one or more label
switched hops, allowing a packet to be forwarded by swapping labels from an MPLS node to another
MPLS node.
merge point—The tail of the backup tunnel.
MPLS—Multiprotocol Label Switching. A method for forwarding packets (frames) through a network.
MPLS enables routers at the edge of a network to apply labels to packets (frames). ATM switches or
existing routers in the network core can switch packets according to the labels.
PLR—point of local repair. The headend of the backup tunnel.
RSVP—Resource Reservation Protocol. A protocol that supports the reservation of resources across an
IP network. Applications running on IP end systems can use RSVP to indicate to other nodes the nature
(bandwidth, jitter, maximum burst, and so on) of the packet streams they want to receive.
state—Information that a router must maintain about each label switched path (LSP). The information
is used for rerouting tunnels.
Book Title
12
MPLS Traffic Engineering—RSVP Graceful Restart
Glossary
tailend—The router upon which an label switched path (LSP) is terminated. This is the last router in the
LSP’s path.
TE—traffic engineering. The techniques and processes used to cause routed traffic to travel through the
network on a path other than the one that would have been chosen if standard routing methods had been
used.
topology—The physical arrangement of network nodes and media within an enterprise networking
structure.
tunnel—Secure communications path between two peers, such as two routers.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
Book Title
13
MPLS Traffic Engineering—RSVP Graceful Restart
Glossary
Book Title
14
NSF/SSO—MPLS TE and RSVP Graceful Restart
The NSF/SSO—MPLS TE and RSVP Graceful Restart feature allows a Route Processor (RP) to recover
from disruption in control plane service without losing its Multiprotocol Label Switching (MPLS)
forwarding state.
Cisco nonstop forwarding (NSF) with stateful switchover (SSO) provides continuous packet forwarding,
even during a network processor hardware or software failure. In a redundant system, the secondary
processor recovers control plane service during a critical failure in the primary processor. SSO
synchronizes the network state information between the primary and the secondary processor.
Contents
• Prerequisites for NSF/SSO—MPLS TE and RSVP Graceful Restart, page 2
• Restrictions for NSF/SSO—MPLS TE and RSVP Graceful Restart, page 2
• Information About NSF/SSO—MPLS TE and RSVP Graceful Restart, page 3
• How to Configure NSF/SSO—MPLS TE and RSVP Graceful Restart, page 5
• Configuration Examples for NSF/SSO—MPLS TE and RSVP Graceful Restart, page 10
• Additional References, page 11
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
NSF/SSO—MPLS TE and RSVP Graceful Restart
Prerequisites for NSF/SSO—MPLS TE and RSVP Graceful Restart
2
NSF/SSO—MPLS TE and RSVP Graceful Restart
Information About NSF/SSO—MPLS TE and RSVP Graceful Restart
Router 1 Router 4
Router 2 Router 3
117933
The Hello Restart_Cap object has two values: the restart time, which is the sender’s time to restart the
RSVP_TE component and exchange hello messages after a failure; and the recovery time, which is the
desired time that the sender wants the receiver to synchronize the RSVP and MPLS databases.
In Figure 1, RSVP graceful restart help neighbor support is enabled on Routers 1 and 3 so that they can
help a neighbor recover after a failure, but they cannot perform self recovery. Router 2 has full SSO help
support enabled, meaning it can perform self recovery after a failure or help its neighbor to recover.
Router 2 has two RPs, one that is active and one that is standby (backup). A TE LSP is signaled from
Router 1 to Router 4.
Router 2 performs checkpointing; that is, it copies state information from the active RP to the standby
RP, thereby ensuring that the standby RP has the latest information. If an active RP fails, the standby RP
can take over.
3
NSF/SSO—MPLS TE and RSVP Graceful Restart
Information About NSF/SSO—MPLS TE and RSVP Graceful Restart
Routers 2 and 3 exchange periodic graceful restart hello messages every 10,000 milliseconds (ms)
(10 seconds), and so do Routers 2 and 1 and Routers 3 and 4. Assume that Router 2 advertises its restart
time = 60,000 ms (60 seconds) and its recovery time = 60,000 ms (60 seconds) as shown in the following
example:
23:33:36: Outgoing Hello:
23:33:36: version:1 flags:0000 cksum:883C ttl:255 reserved:0 length:32
23:33:36: HELLO type HELLO REQUEST length 12:
23:33:36: Src_Instance: 0x6EDA8BD7, Dst_Instance: 0x00000000
23:33:36: RESTART_CAP type 1 length 12:
23:33:36: Restart_Time: 0x0000EA60, Recovery_Time: 0x0000EA60
Router 3 records this into its database. Also, both neighbors maintain the neighbor status as UP.
However, Router 3’s control plane fails at some point (for example, a primary RP failure). As a result,
RSVP and TE lose their signaling information and states although data packets continue to be forwarded
by the line cards.
When Router 3 declares communication with Router 2 lost, Router 3 starts the restart time to wait for
the duration advertised in Router 2’s restart time previously recorded (60 seconds). Routers 1 and 2
suppress all RSVP messages to Router 3 except hellos. Router 3 keeps sending the RSVP PATH and
RESV refresh messages to Routers 4 and 5 so that they do not expire the state for the LSP; however,
Routers 1 and 3 suppress these messages for Router 2.
When Routers 1 and 3 receive the hello message from Router 2, Routers 1 and 3 check the recovery time
value in the message. If the recovery time is 0, Router 3 knows that Router 2 was not able to preserve its
forwarding information, and Routers 1 and 3 delete all RSVP state that they had with Router 2.
If the recovery time is greater than 0, Router 1 sends Router 2 PATH messages for each LSP that it had
previously sent through Router 2. If these messages were previously refreshed in summary messages,
they are sent individually during the recovery time. Each of these PATH messages includes a
Recovery_Label object containing the label value received from Router 2 before the failure.
When Router 3 receives a PATH message from Router 2, Router 3 sends a RESV message upstream.
However, Router 3 suppresses the RESV message until it receives a PATH message. When Router 2
receives the RESV message, it installs the RSVP state and reprograms the forwarding entry for the LSP.
4
NSF/SSO—MPLS TE and RSVP Graceful Restart
How to Configure NSF/SSO—MPLS TE and RSVP Graceful Restart
SUMMARY STEPS
1. enable
2. configure terminal
3. ip rsvp signalling hello graceful-restart mode {help-neighbor | full}
4. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip rsvp signalling hello graceful-restart mode Enables RSVP TE graceful restart capability on an RP.
(help-neighbor | full)
• Enter the help-neighbor keyword to enable a
neighboring router to restart after a failure.
Example:
Router(config)# ip rsvp signalling hello
• Enter the full keyword to enable a router to perform self
graceful-restart mode full recovery or to help a neighbor recover after a failure.
Step 4 exit (Optional) Returns to privileged EXEC mode.
Example:
Router(config)# exit
5
NSF/SSO—MPLS TE and RSVP Graceful Restart
How to Configure NSF/SSO—MPLS TE and RSVP Graceful Restart
Note You must repeat this procedure for each of the neighbor router’s interfaces.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface type slot/subslot/port[.subinterface-number]
4. Repeat Step 3 as needed to configure additional interfaces.
5. ip rsvp signalling hello graceful-restart neighbor ip-address
6. Repeat Step 5 as needed to configure additional IP addresses on a neighbor router’s interfaces.
7. exit
8. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 interface type Configures the interface type and number and enters
slot/subslot/port[.subinterface-number] interface configuration mode.
Example:
Router(config)# interface POS 1/0/0
Step 4 Repeat Step 3 as needed to configure additional (Optional) Configures additional interfaces.
interfaces.
Step 5 ip rsvp signalling hello graceful-restart Enables support for RSVP graceful restart on routers
neighbor ip-address helping their neighbors recover TE tunnels following SSO.
Note The IP address must be that of the neighbor’s
Example: interface.
Router(config-if)# ip rsvp signalling hello
graceful-restart neighbor 10.0.0.0
Step 6 Repeat Step 5 as needed to configure additional IP (Optional) Configures additional IP addresses on a neighbor
addresses on a neighbor router's interfaces. router’s interfaces.
6
NSF/SSO—MPLS TE and RSVP Graceful Restart
How to Configure NSF/SSO—MPLS TE and RSVP Graceful Restart
SUMMARY STEPS
1. enable
2. configure terminal
3. ip rsvp signalling hello graceful-restart dscp num
4. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip rsvp signalling hello graceful-restart dscp Sets a DSCP value on a router with RSVP graceful restart
num enabled.
Example:
Router(config)# ip rsvp signalling hello
graceful-restart dscp 30
Step 4 exit (Optional) Returns to privileged EXEC mode.
Example:
Router(config)# exit
7
NSF/SSO—MPLS TE and RSVP Graceful Restart
How to Configure NSF/SSO—MPLS TE and RSVP Graceful Restart
Setting a Value to Control the Refresh Interval for RSVP Hello Messages
Perform this task to set a value to control the refresh interval for RSVP hello messages.
SUMMARY STEPS
1. enable
2. configure terminal
3. ip rsvp signalling hello graceful-restart refresh interval interval-value
4. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip rsvp signalling hello graceful-restart Sets the value to control the request interval in graceful
refresh interval interval-value restart hello messages. This interval represents the
frequency at which RSVP hello messages are sent to a
Example: neighbor; for example, one hello message is sent per each
Router(config)# ip rsvp signalling hello interval.
graceful-restart refresh interval 5000
Note If you change the default value for this command
and you also changed the RSVP refresh interval
using the ip rsvp signalling refresh interval
command, ensure that the value for the ip rsvp
signalling hello graceful-restart refresh interval
command is less than the value for the ip rsvp
signalling hello refresh interval command.
Otherwise, some or all of the label-switched paths
(LSPs) may not be recovered after an SSO has
occurred.
Step 4 exit (Optional) Returns to privileged EXEC mode.
Example:
Router(config)# exit
8
NSF/SSO—MPLS TE and RSVP Graceful Restart
How to Configure NSF/SSO—MPLS TE and RSVP Graceful Restart
Setting a Value to Control the Missed Refresh Limit for RSVP Graceful Restart
Hello Acknowledgements
Perform this task to set a value to control the missed refresh limit for RSVP graceful restart hello
acknowledgements.
SUMMARY STEPS
1. enable
2. configure terminal
3. ip rsvp signalling hello graceful-restart refresh misses msg-count
4. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip rsvp signalling hello graceful-restart Specifies how many sequential RSVP TE graceful restart
refresh misses msg-count hello acknowledgments (ACKs) a node can miss before the
node considers communication with its neighbor lost.
Example: Note If you change the default value for this command
Router(config)# ip rsvp signalling hello and you are also using the ip rsvp signalling hello
graceful-restart refresh misses 5
refresh misses command, ensure that the value for
the ip rsvp signalling hello graceful-restart
refresh misses command is less than the value for
the ip rsvp signalling hello refresh misses
command. Otherwise, some or all of the LSPs may
not be recovered after an SSO has occurred.
Step 4 exit (Optional) Returns to privileged EXEC mode.
Example:
Router(config)# exit
9
NSF/SSO—MPLS TE and RSVP Graceful Restart
Configuration Examples for NSF/SSO—MPLS TE and RSVP Graceful Restart
SUMMARY STEPS
1. enable
2. show ip rsvp hello graceful-restart
3. exit
DETAILED STEPS
Example:
Router# exit
10.0.0.1 10.0.0.2
170320
192.168.0.0 192.168.0.1
10
NSF/SSO—MPLS TE and RSVP Graceful Restart
Additional References
enable
configure terminal
ip rsvp signalling hello graceful-restart mode full
interface POS 1/0/0
ip rsvp signalling hello graceful-restart neighbor 10.0.0.1
ip rsvp signalling hello graceful-restart neighbor 10.0.0.2
exit
ip rsvp signalling hello graceful-restart dscp 30
ip rsvp signalling hello graceful-restart refresh interval 50000
ip rsvp signalling hello graceful-restart refresh misses 5
exit
Additional References
The following sections provide references related to the NSF/SSO—MPLS TE and RSVP Graceful
Restart feature.
Related Documents
Related Topic Document Title
RSVP commands: complete command syntax, Cisco IOS Quality of Service Solutions Command Reference
command mode, defaults, usage guidelines, and
examples
Quality of service (QoS) features including signaling, Cisco IOS XE Quality of Service Solutions Configuration Guide,
classification, and congestion management Release 2
Stateful switchover Stateful Switchover
Cisco nonstop forwarding Cisco Nonstop Forwarding
Information on stateful switchover, Cisco nonstop NSF/SSO - MPLS LDP and LDP Graceful Restart
forwarding, graceful restart
Hello messages for state timeout MPLS Traffic Engineering—RSVP Hello State Timer
11
NSF/SSO—MPLS TE and RSVP Graceful Restart
Additional References
Standards
Standards Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
MIBs
MIBs MIBs Link
No new or modified MIBS are supported by this To locate and download MIBs for selected platforms, Cisco IOS XE
feature, and support for existing MIBs has not been software releases, and feature sets, use Cisco MIB Locator found at
modified by this feature. the following URL:
http://www.cisco.com/go/mibs
RFCs
RFCs Title
RFC 3209 RSVP-TE: Extensions to RSVP for LSP Tunnels
RFC 3473 Generalized Multi-Protocol Label Switching (GMPLS) Signaling
Resource Reservation Protocol-Traffic Engineering (RSVP-TE)
Extensions
RFC 4558 Node-ID Based Resource Reservation Protocol (RSVP) Hello: A
Clarification Statement
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
12
NSF/SSO—MPLS TE and RSVP Graceful Restart
Feature Information for NSF/SSO—MPLS TE and RSVP Graceful Restart
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
13
NSF/SSO—MPLS TE and RSVP Graceful Restart
Feature Information for NSF/SSO—MPLS TE and RSVP Graceful Restart
14
NSF/SSO—MPLS TE and RSVP Graceful Restart
Glossary
Glossary
DSCP—differentiated services code point. Six bits in the IP header, as defined by the Internet
Engineering Task Force (IETF). These bits determine the class of service provided to the IP packet.
Fast Reroute—A mechanism for protecting Multiprotocol Label Switching (MPLS) traffic engineering
(TE) label switched paths (LSPs) from link and node failure by locally repairing the LSPs at the point
of failure, allowing data to continue to flow on them while their headend routers attempt to establish
end-to-end LSPs to replace them. Fast reroute (FRR) locally repairs the protected LSPs by rerouting
them over backup tunnels that bypass failed links or nodes.
graceful restart—A process for helping a Route Processor (RP) restart after a node failure has occurred.
headend—The router that originates and maintains a given label switched path (LSP). This is the first
router in the LSP’s path.
hello instance—A mechanism that implements the Resource Reservation Protocol (RSVP) hello
extensions for a given router interface address and remote IP address. Active hello instances periodically
send hello request messages, expecting Hello ACK messages in response. If the expected ACK message
is not received, the active hello instance declares that the neighbor (remote IP address) is unreachable
(that is, it is lost). This can cause LSPs crossing this neighbor to be fast rerouted.
IGP—Interior Gateway Protocol. Internet protocol used to exchange routing information within an
autonomous system. Examples of common Internet IGPs include Interior Gateway Routing Protocol
(IGRP), Open Shortest Path First (OSPF), and Routing Information Protocol (RIP).
ISSU—In Service Software Upgrade. Software upgrade without service interruption.
label—A short, fixed-length data identifier that tells switching nodes how to forward data (packets or
cells).
LSP—label switched path. A configured connection between two routers, in which Multiprotocol Label
Switching (MPLS) is used to carry packets.
MPLS—Multiprotocol Label Switching. A method for forwarding packets (frames) through a network.
MPLS enables routers at the edge of a network to apply labels to packets (frames). ATM switches or
existing routers in the network core can switch packets according to the labels.
RSVP—Resource Reservation Protocol. A protocol that supports the reservation of resources across an
IP network. Applications running on IP end systems can use RSVP to indicate to other nodes the nature
(bandwidth, jitter, maximum burst, and so on) of the packet streams they want to receive.
state—Information that a router must maintain about each label switched path (LSP). The information
is used for rerouting tunnels.
tailend—The router upon which a label switched path (LSP) is terminated. This is the last router in the
LSP’s path.
TE—traffic engineering. The techniques and processes used to cause routed traffic to travel through the
network on a path other than the one that would have been chosen if standard routing methods had been
used.
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
15
NSF/SSO—MPLS TE and RSVP Graceful Restart
Glossary
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
16
AToM Graceful Restart
The AToM Graceful Restart feature assists neighboring routers that have nonstop forwarding (NSF),
stateful switchover (SSO) and graceful restart (GR) for Any Transport over MPLS (AToM) to recover
gracefully from an interruption in service. AToM GR functions strictly in helper mode, which means it
helps other routers that are enabled with the NSF/SSO: Any Transport over MPLS and AToM Graceful
Restart feature to recover. If the router with AToM GR fails, its peers cannot help it recover. AToM GR
is based on the MPLS Label Distribution Protocol (LDP) Graceful Restart feature.
Keep the following points in mind when reading this document:
• The AToM GR feature described in this document refers to helper mode.
• For brevity, the NSF/SSO: Any Transport over MPLS and AToM Graceful Restart feature is called
AToM SSO/NSF in this document.
Contents
• Prerequisites for AToM Graceful Restart, page 2
• Restrictions for AToM Graceful Restart, page 2
• Information About AToM Graceful Restart, page 2
• How to Configure AToM Graceful Restart, page 2
Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
AToM Graceful Restart
Prerequisites for AToM Graceful Restart
2
AToM Graceful Restart
Configuration Examples for AToM Graceful Restart
There is no AToM-specific configuration for AToM GR. You enable LDP GR to assist a neighboring
router configured with AToM NSF/SSO to maintain its forwarding state while the LDP session is
disrupted. See the LDP Graceful Restart document for information about how LDP GR works and how
you can customize it for your network.
SUMMARY STEPS
1. enable
2. configure terminal
3. ip cef distributed
4. mpls ldp graceful-restart
5. exit
DETAILED STEPS
Example:
Router# configure terminal
Step 3 ip cef distributed Enables distributed Cisco Express Forwarding.
Example:
Router(config)# ip cef distributed
Step 4 mpls ldp graceful-restart Enables the router to protect the LDP bindings and MPLS
forwarding state during a disruption in service.
Example: • AToM GR is enabled globally. When you enable AToM
Router(config)# mpls ldp graceful-restart GR, it has no effect on existing LDP sessions. New
LDP sessions that are established can perform AToM
GR.
Step 5 exit Exits to privileged EXEC mode.
Example:
Router(config)# exit
3
AToM Graceful Restart
Configuration Examples for AToM Graceful Restart
4
AToM Graceful Restart
Configuration Examples for AToM Graceful Restart
The following example shows the status of the VC on PE1 with AToM GR while the VC is recovering
from an LDP session disruption. The forwarding state for the circuit remains as it was before the
disruption.
Router# show mpls l2transport vc
The following example shows the status of the VC on PE1 with AToM GR after the LDP session
disruption was cleared. The AToM label bindings were advertised within the allotted time and the status
returned to UP.
Router# show mpls l2transport vc
The following example shows the detailed status of the VC on PE1 with AToM GR during normal
operation:
Router# show mpls l2transport vc detail
5
AToM Graceful Restart
Additional References
The following example shows the detailed status of the VC on PE1 with AToM GR while the VC is
recovering.
Router# show mpls l2transport vc detail
Additional References
The following sections provide references related to the AToM GR feature.
Related Documents
Related Topic Document Title
MPLS LDP graceful restart MPLS LDP Graceful Restart
Configuring AToM Any Transport over MPLS
Nonstop forwarding and stateful switchover for AToM NSF/SSO—Any Transport over MPLS and AToM Graceful Restart
MPLS AToM and LDP commands Cisco IOS Multiprotocol Label Switching Command Reference
High availability commands Cisco IOS HIgh Availability Command Reference
Standards
Standards Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
6
AToM Graceful Restart
Additional References
MIBs
MIBs MIBs Link
MPLS Label Distribution Protocol MIB Version 8 To locate and download MIBs for selected platforms, Cisco IOS XE
Upgrade software releases, and feature sets, use Cisco MIB Locator found at
the following URL:
http://www.cisco.com/go/mib
RFCs
RFCs Title
RFC 3036 LDP Specification
RFC 3478 Graceful Restart Mechanism for Label Distribution
Technical Assistance
Description Link
The Cisco Support website provides extensive online http://www.cisco.com/techsupport
resources, including documentation and tools for
troubleshooting and resolving technical issues with
Cisco products and technologies.
To receive security and technical information about
your products, you can subscribe to various services,
such as the Product Alert Tool (accessed from Field
Notices), the Cisco Technical Services Newsletter, and
Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website
requires a Cisco.com user ID and password.
7
AToM Graceful Restart
Feature Information for AToM Graceful Restart
Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a
given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that
Cisco IOS XE software release train also support that feature.
8
AToM Graceful Restart
Feature Information for AToM Graceful Restart
CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower,
Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA,
CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step,
Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream,
Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX,
PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient,
TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other
countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (0903R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
9
AToM Graceful Restart
Feature Information for AToM Graceful Restart
10