You are on page 1of 590

S2750&S5700&S6700 Series Ethernet Switches

V200R005(C00&C01&C02&C03)

Configuration Guide - MPLS

Issue 07
Date 2015-12-18

HUAWEI TECHNOLOGIES CO., LTD.


Copyright Huawei Technologies Co., Ltd. 2015. All rights reserved.
No part of this document may be reproduced or transmitted in any form or by any means without prior written
consent of Huawei Technologies Co., Ltd.

Trademarks and Permissions

and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective
holders.

Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the
customer. All or part of the products, services and features described in this document may not be within the
purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information,
and recommendations in this document are provided "AS IS" without warranties, guarantees or
representations of any kind, either express or implied.

The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute a warranty of any kind, express or implied.

Huawei Technologies Co., Ltd.


Address: Huawei Industrial Base
Bantian, Longgang
Shenzhen 518129
People's Republic of China

Website: http://e.huawei.com

Issue 07 (2015-12-18) Huawei Proprietary and Confidential i


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS About This Document

About This Document

Intended Audience
This document describes MPLS features on the device and provides configuration procedures
and configuration examples.
This document is intended for:
l Data configuration engineers
l Commissioning engineers
l Network monitoring engineers
l System maintenance engineers

Symbol Conventions
The symbols that may be found in this document are defined as follows.

Symbol Description

Indicates an imminently hazardous situation


which, if not avoided, will result in death or
serious injury.

Indicates a potentially hazardous situation


which, if not avoided, could result in death
or serious injury.

Indicates a potentially hazardous situation


which, if not avoided, may result in minor
or moderate injury.

Indicates a potentially hazardous situation


which, if not avoided, could result in
equipment damage, data loss, performance
deterioration, or unanticipated results.
NOTICE is used to address practices not
related to personal injury.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential ii


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS About This Document

Symbol Description

NOTE Calls attention to important information,


best practices and tips.
NOTE is used to address information not
related to personal injury, equipment
damage, and environment deterioration.

Command Conventions
The command conventions that may be found in this document are defined as follows.

Convention Description

Boldface The keywords of a command line are in boldface.

Italic Command arguments are in italics.

[] Items (keywords or arguments) in brackets [ ] are optional.

{ x | y | ... } Optional items are grouped in braces and separated by


vertical bars. One item is selected.

[ x | y | ... ] Optional items are grouped in brackets and separated by


vertical bars. One item is selected or no item is selected.

{ x | y | ... }* Optional items are grouped in braces and separated by


vertical bars. A minimum of one item or a maximum of all
items can be selected.

[ x | y | ... ]* Optional items are grouped in brackets and separated by


vertical bars. Several items or no item can be selected.

&<1-n> The parameter before the & sign can be repeated 1 to n


times.

# A line starting with the # sign is comments.

Interface Numbering Conventions


Interface numbers used in this manual are examples. In device configuration, use the existing
interface numbers on devices.

Security Conventions
l Password setting

Issue 07 (2015-12-18) Huawei Proprietary and Confidential iii


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS About This Document

When configuring a password, the cipher text is recommended. To ensure device


security, change the password periodically.
When you configure a password in cipher text that starts and ends with %@%@,
%#%# or @%@% (the password can be decrypted by the device), the password is
displayed in the same manner as the configured one in the configuration file. Do not
use this setting.
l Encryption algorithm
Currently, the device uses the following encryption algorithms: 3DES, AES, RSA,
SHA1, SHA2, and MD5. 3DES, RSA and AES are reversible, while SHA1, SHA2, and
MD5 are irreversible. The encryption algorithm depends on actual networking. The
irreversible encryption algorithm must be used for the administrator password.
l Personal data
Some personal data may be obtained or used during operation or fault location of your
purchased products, services, features, so you have an obligation to make privacy
policies and take measures according to the applicable law of the country to protect
personal data.
l The terms mirrored port, port mirroring, traffic mirroring, and mirroing in this manual
are mentioned only to describe the product's function of communication error or failure
detection, and do not involve collection or processing of any personal information or
communication data of users.

Declaration
This manual is only a reference for you to configure your devices. The contents in the manual,
such as web pages, command line syntax, and command outputs, are based on the device
conditions in the lab. The manual provides instructions for general scenarios, but do not cover
all usage scenarios of all product models. The contents in the manual may be different from
your actual device situations due to the differences in software versions, models, and
configuration files. The manual will not list every possible difference. You should configure
your devices according to actual situations.
The specifications provided in this manual are tested in lab environment (for example, the
tested device has been installed with a certain type of boards or only one protocol is run on
the device). Results may differ from the listed specifications when you attempt to obtain the
maximum values with multiple functions enabled on the device.

Mappings between Product Software Versions and NMS


Versions
The mappings between product software versions and NMS versions are as follows.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential iv


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS About This Document

S2750&S5700&S6700 Product eSight


Software Version

V200R005C00SPC300 V200R003C10
V200R005C00SPC500
V200R005C01

V200R005C02 V200R005C00SPC500

V200R005C03 V300R005C00

Change History
Changes between document issues are cumulative. Therefore, the latest document issue
contains all updates made in previous issues.

Changes in Issue 07 (2015-12-18) V200R005(C00&C01&C02&C03)


This version has the following updates:
The documentation is updated according to product feature updates.

Changes in Issue 06 (2015-10-23) V200R005(C00&C01&C02&C03)


This version has the following updates:
The matching software version V200R005C03 is added to the document.

Changes in Issue 05 (2015-07-17) V200R005(C00&C01&C02)


This version has the following updates:
The matching software version V200R005C00SPC500 is added to the document.

Changes in Issue 04 (2015-01-15) V200R005(C00&C01&C02)


This version has the following updates:
The matching software version V200R005C02 is added to the document.

Changes in Issue 03 (2014-06-30) V200R005(C00&C01)


This version has the following updates:
The matching software version V200R005C01 is added to the document.

Changes in Issue 02 (2014-05-25) V200R005C00


This version has the following updates:
The documentation is updated according to product feature updates.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential v


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS About This Document

Changes in Issue 01 (2014-03-20) V200R005C00


Initial commercial release.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential vi


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS Contents

Contents

About This Document.....................................................................................................................ii


1 MPLS Overview.............................................................................................................................1
1.1 Introduction to MPLS..................................................................................................................................................... 2
1.2 Principles........................................................................................................................................................................ 2
1.2.1 Basic MPLS Architecture............................................................................................................................................ 2
1.2.2 MPLS Label.................................................................................................................................................................4
1.2.3 LSP Setup.................................................................................................................................................................... 7
1.2.4 MPLS Forwarding....................................................................................................................................................... 8
1.2.5 LSP Connectivity Check........................................................................................................................................... 13
1.3 Applications..................................................................................................................................................................15
1.3.1 MPLS VPN................................................................................................................................................................15
1.3.2 MPLS TE................................................................................................................................................................... 16
1.3.3 MPLS 6PE................................................................................................................................................................. 17
1.4 References.................................................................................................................................................................... 18

2 Static LSP Configuration............................................................................................................20


2.1 Overview of Static LSPs...............................................................................................................................................21
2.2 Specification................................................................................................................................................................. 21
2.3 Configuration Notes..................................................................................................................................................... 22
2.4 Default Configuration...................................................................................................................................................22
2.5 Configuring Static LSPs............................................................................................................................................... 22
2.5.1 Creating Static LSPs.................................................................................................................................................. 22
2.5.1.1 Configuring LSR ID............................................................................................................................................... 23
2.5.1.2 Enabling MPLS...................................................................................................................................................... 23
2.5.1.3 Establishing a Static LSP........................................................................................................................................24
2.5.1.4 Checking the Configuration....................................................................................................................................26
2.5.2 Configuring Static BFD for Static LSPs....................................................................................................................26
2.5.2.1 Configuring BFD with Specific Parameters on the Ingress Node..........................................................................26
2.5.2.2 Configuring BFD with Specific Parameters on the Egress Node...........................................................................28
2.5.2.3 Checking the Configuration....................................................................................................................................30
2.6 Maintaining Static LSPs............................................................................................................................................... 30
2.6.1 Checking the LSP Connectivity................................................................................................................................ 31
2.7 Configuration Examples............................................................................................................................................... 32

Issue 07 (2015-12-18) Huawei Proprietary and Confidential vii


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS Contents

2.7.1 Example for Configuring Static LSPs....................................................................................................................... 32


2.7.2 Example for Configuring Static BFD to Monitor Static LSPs.................................................................................. 37

3 MPLS LDP Configuration..........................................................................................................45


3.1 Introduction to MPLS LDP.......................................................................................................................................... 47
3.2 Principles...................................................................................................................................................................... 47
3.2.1 Basic Concepts.......................................................................................................................................................... 47
3.2.2 LDP Working Mechanism......................................................................................................................................... 48
3.2.2.1 Overview................................................................................................................................................................ 48
3.2.2.2 LDP Session Setup................................................................................................................................................. 49
3.2.2.3 LDP LSP Setup.......................................................................................................................................................51
3.2.3 LDP Security Mechanisms........................................................................................................................................ 57
3.2.4 LDP Extensions for Inter-Area LSPs........................................................................................................................ 58
3.2.5 LDP Reliability..........................................................................................................................................................60
3.2.5.1 Overview................................................................................................................................................................ 60
3.2.5.2 BFD for LDP LSPs.................................................................................................................................................60
3.2.5.3 Synchronization Between LDP and IGP................................................................................................................ 62
3.2.5.4 LDP GR.................................................................................................................................................................. 64
3.2.5.5 Local-and-Remote LDP Session............................................................................................................................ 66
3.3 Specification................................................................................................................................................................. 67
3.4 Configuration Task Summary.......................................................................................................................................67
3.5 Configuration Notes..................................................................................................................................................... 68
3.6 Default Configuration...................................................................................................................................................69
3.7 Configuring MPLS LDP...............................................................................................................................................69
3.7.1 Configuring Basic Functions of MPLS LDP.............................................................................................................69
3.7.1.1 Configuring the LSR ID......................................................................................................................................... 70
3.7.1.2 Enabling Global MPLS ......................................................................................................................................... 70
3.7.1.3 Enabling Global MPLS LDP.................................................................................................................................. 71
3.7.1.4 Configuring LDP Sessions..................................................................................................................................... 71
3.7.1.5 (Optional) Configuring an LDP Transport Address............................................................................................... 73
3.7.1.6 (Optional) Configuring Timers for LDP Session................................................................................................... 74
3.7.1.7 (Optional) Configuring the PHP Feature................................................................................................................79
3.7.1.8 (Optional) Configuring an LDP Label Advertisement Mode.................................................................................79
3.7.1.9 (Optional) Configuring LDP to Automatically Trigger the Request in DoD Mode...............................................81
3.7.1.10 (Optional) Configuring LDP Loop Detection...................................................................................................... 82
3.7.1.11 (Optional) Configuring MPLS MTU....................................................................................................................83
3.7.1.12 (Optional) Configuring the MPLS TTL Processing Mode...................................................................................84
3.7.1.13 (Optional) Configuring the LDP Label Policies...................................................................................................86
3.7.1.14 (Optional) Disabling a Device from Distributing Labels to Remote Peers.......................................................... 87
3.7.1.15 (Optional) Configuring a Policy for Triggering LDP LSP Establishment........................................................... 88
3.7.1.16 (Optional) Configuring Delayed Transmission of Label Withraw Messages...................................................... 90
3.7.1.17 Checking the Configuration..................................................................................................................................90
3.7.2 Configuring LDP Extensions for Inter-Area LSPs.................................................................................................... 91

Issue 07 (2015-12-18) Huawei Proprietary and Confidential viii


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS Contents

3.7.3 Configuring Static BFD to Detect an LDP LSP........................................................................................................ 92


3.7.3.1 Configuring BFD with Specific Parameters on the Ingress Node..........................................................................93
3.7.3.2 Configuring BFD with Specific Parameters on the Egress Node...........................................................................94
3.7.3.3 Checking the Configuration....................................................................................................................................96
3.7.4 Configuring Dynamic BFD for LDP LSPs................................................................................................................97
3.7.4.1 Enabling Global BFD Capability........................................................................................................................... 97
3.7.4.2 Enabling MPLS to Dynamically Establish BFD Sessions..................................................................................... 98
3.7.4.3 Configuring the Triggering Policy of Dynamic BFD for LDP LSP.......................................................................99
3.7.4.4 (Optional) Adjusting BFD Parameters................................................................................................................. 100
3.7.4.5 Checking the Configuration..................................................................................................................................101
3.7.5 Configuring Synchronization Between LDP and IGP.............................................................................................101
3.7.5.1 Enabling Synchronization Between LDP and IGP...............................................................................................101
3.7.5.2 (Optional) Blocking Synchronization Between LDP and IS-IS on an Interface.................................................. 103
3.7.5.3 (Optional) Setting the Hold-down Timer Value................................................................................................... 104
3.7.5.4 (Optional) Setting the Hold-max-cost Timer Value..............................................................................................105
3.7.5.5 (Optional) Setting the Delay Timer Value............................................................................................................ 107
3.7.5.6 Checking the Configuration..................................................................................................................................108
3.7.6 Configuring LDP GR...............................................................................................................................................108
3.7.7 Configuring LDP Security Mechanisms..................................................................................................................110
3.7.7.1 Configuring LDP MD5 Authentication................................................................................................................ 111
3.7.7.2 Configuring LDP Keychain Authentication......................................................................................................... 112
3.7.7.3 Configuring the LDP GTSM................................................................................................................................ 113
3.7.7.4 Checking the Configuration..................................................................................................................................113
3.7.8 Configuring Non-labeled Public Network Routes to Be Iterated to LSPs.............................................................. 113
3.8 Maintaining MPLS LDP.............................................................................................................................................114
3.8.1 Resetting LDP..........................................................................................................................................................114
3.8.2 Clearing LDP Statistics............................................................................................................................................115
3.8.3 Monitoring the LDP Running Status....................................................................................................................... 115
3.8.4 Checking the LSP Connectivity...............................................................................................................................116
3.8.5 Enabling the MPLS Trap Function.......................................................................................................................... 117
3.9 Configuration Examples............................................................................................................................................. 119
3.9.1 Example for Configuring Local LDP Sessions........................................................................................................119
3.9.2 Example for Configuring Remote MPLS LDP Sessions.........................................................................................123
3.9.3 Example for Configuring Automatic Triggering of a Request for a Label Mapping Message in DoD Mode........127
3.9.4 Example for Configuring a Policy for Triggering LDP LSP Establishment on the Ingress and Egress Nodes...... 134
3.9.5 Example for Configuring a Policy for Triggering LDP LSP Establishment on the Transit Node.......................... 139
3.9.6 Example for Disabling Devices from Distributing LDP Labels to Remote Peers.................................................. 144
3.9.7 Example for Configuring Static BFD to Detect LDP LSPs.................................................................................... 152
3.9.8 Example for Configuring Dynamic BFD to Detect LDP LSPs...............................................................................159
3.9.9 Example for Configuring Synchronization Between LDP and IGP........................................................................165
3.9.10 Example for Configuring LDP GR........................................................................................................................171
3.9.11 Example for Configuring an LDP Inbound Policy................................................................................................ 176

Issue 07 (2015-12-18) Huawei Proprietary and Confidential ix


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS Contents

3.9.12 Example for Configuring LDP Authentication..................................................................................................... 181


3.9.13 Example for Configuring LDP GTSM.................................................................................................................. 188
3.9.14 Example for Configuring LDP Extension for Inter-Area LSP.............................................................................. 192
3.10 Common Configuration Errors................................................................................................................................. 199
3.10.1 LDP Session Alternates Between Up and Down States........................................................................................ 199
3.10.2 LDP Session Is Down............................................................................................................................................200
3.10.3 LDP LSP Alternates Between Up and Down States............................................................................................. 201
3.10.4 LDP LSP Is Down................................................................................................................................................. 201
3.10.5 Inter-Area LSP Fails to Be Established................................................................................................................. 202
3.11 FAQ...........................................................................................................................................................................202
3.11.1 What Information Needs to Be Collected If an MPLS LDP Session Fails to Be Established?.............................202
3.11.2 The Two Ends of an LSP Are Up and Can Send Hello Messages, but the Peer End Cannot Receive Them. Why?
.......................................................................................................................................................................................... 203
3.12 References................................................................................................................................................................ 203

4 MPLS QoS Configuration........................................................................................................205


4.1 MPLS QoS Overview................................................................................................................................................. 206
4.2 Principles.................................................................................................................................................................... 206
4.2.1 MPLS DiffServ........................................................................................................................................................206
4.2.2 MPLS DiffServ Tunnel Modes................................................................................................................................208
4.3 Applications................................................................................................................................................................ 211
4.3.1 Application of MPLS QoS in the VPN Service.......................................................................................................211
4.4 Configuration Notes................................................................................................................................................... 213
4.5 Default Configuration.................................................................................................................................................213
4.6 Configuring MPLS QoS............................................................................................................................................. 215
4.6.1 Configuring the Mapping of the Precedence in the Public MPLS Tunnel Label.................................................... 215
4.6.1.1 Creating a DiffServ Domain and Configuring Priority Mapping.........................................................................215
4.6.1.2 Setting the Priority Mapping for the Public Tunnel............................................................................................. 216
4.6.2 Setting the DiffServ Mode Supported by MPLS private network...........................................................................217
4.6.2.1 Setting the DiffServ Mode Supported by MPLS L3VPN.................................................................................... 218
4.6.2.2 Setting the DiffServ Mode Supported by MPLS L2VPN.................................................................................... 219
4.6.2.3 Checking the Configuration..................................................................................................................................221
4.7 Configuration Examples............................................................................................................................................. 221
4.7.1 Example for Configuring MPLS QoS..................................................................................................................... 221
4.8 References.................................................................................................................................................................. 232

5 MPLS TE Configuration...........................................................................................................233
5.1 Overview.................................................................................................................................................................... 235
5.2 Principles.................................................................................................................................................................... 236
5.2.1 Concepts.................................................................................................................................................................. 236
5.2.2 Implementation........................................................................................................................................................ 242
5.2.3 Information Advertisement......................................................................................................................................244
5.2.4 Path Calculation.......................................................................................................................................................252
5.2.5 CS-LSP Setup.......................................................................................................................................................... 254

Issue 07 (2015-12-18) Huawei Proprietary and Confidential x


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS Contents

5.2.5.1 CR-LSP Setup Overview......................................................................................................................................254


5.2.5.2 Setup of Dynamic CR-LSPs................................................................................................................................. 255
5.2.5.3 Maintenance of Dynamic CR-LSPs..................................................................................................................... 258
5.2.5.4 RSVP-TE Messages............................................................................................................................................. 259
5.2.6 Traffic Forwarding...................................................................................................................................................264
5.2.7 Tunnel Reoptimization............................................................................................................................................ 265
5.2.8 MPLS TE Security...................................................................................................................................................266
5.2.9 MPLS TE Reliability............................................................................................................................................... 269
5.2.9.1 Introduction to MPLS TE Reliability................................................................................................................... 269
5.2.9.2 Make-Before-Break.............................................................................................................................................. 270
5.2.9.3 RSVP Hello.......................................................................................................................................................... 272
5.2.9.4 CR-LSP Backup................................................................................................................................................... 273
5.2.9.5 TE FRR.................................................................................................................................................................278
5.2.9.6 SRLG.................................................................................................................................................................... 284
5.2.9.7 TE Tunnel Protection Group.................................................................................................................................285
5.2.9.8 BFD for MPLS TE............................................................................................................................................... 288
5.2.9.9 RSVP GR..............................................................................................................................................................291
5.3 Applications................................................................................................................................................................293
5.3.1 MPLS TE Application on an IP MAN.................................................................................................................... 293
5.4 Specification............................................................................................................................................................... 296
5.5 Configuration Task Summary.....................................................................................................................................296
5.6 Configuration Notes................................................................................................................................................... 303
5.7 Default Configuration.................................................................................................................................................304
5.8 Configuring MPLS TE............................................................................................................................................... 304
5.8.1 Configuring a Static MPLS TE Tunnel................................................................................................................... 305
5.8.1.1 Enabling MPLS TE.............................................................................................................................................. 305
5.8.1.2 Configuring an MPLS TE Tunnel Interface......................................................................................................... 306
5.8.1.3 (Optional) Configuring Link Bandwidth.............................................................................................................. 307
5.8.1.4 Configuring the Static CR-LSP............................................................................................................................ 308
5.8.1.5 Checking the Configuration..................................................................................................................................310
5.8.2 Configuring a Dynamic MPLS TE Tunnel..............................................................................................................310
5.8.2.1 Enabling MPLS TE and RSVP-TE.......................................................................................................................311
5.8.2.2 Configuring an MPLS TE Tunnel Interface......................................................................................................... 312
5.8.2.3 (Optional) Configuring Link Bandwidth.............................................................................................................. 314
5.8.2.4 Advertising TE Link Information.........................................................................................................................315
5.8.2.5 (Optional) Referencing the CR-LSP Attribute Template to Set Up a CR-LSP....................................................316
5.8.2.6 (Optional) Configuring Tunnel Constraints..........................................................................................................320
5.8.2.7 Configuring Path Calculation............................................................................................................................... 322
5.8.2.8 Checking the Configuration..................................................................................................................................323
5.8.3 Importing Traffic to an MPLS TE Tunnel............................................................................................................... 324
5.8.3.1 Configuring Static Routes.................................................................................................................................... 325
5.8.3.2 Configuring a Tunnel Policy.................................................................................................................................325

Issue 07 (2015-12-18) Huawei Proprietary and Confidential xi


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS Contents

5.8.3.3 Configuring Auto Routes......................................................................................................................................325


5.8.3.4 Checking the Configuration..................................................................................................................................327
5.8.4 Adjusting RSVP-TE Signaling Parameters............................................................................................................. 328
5.8.4.1 Configuring an RSVP Resource Reservation Style..............................................................................................328
5.8.4.2 Enabling Reservation Confirmation Mechanism................................................................................................. 329
5.8.4.3 Configuring RSVP Timers....................................................................................................................................329
5.8.4.4 Configuring RSVP-TE Refresh Mechanism........................................................................................................ 330
5.8.4.5 Configuring RSVP Hello Extension.....................................................................................................................332
5.8.4.6 Configuring the RSVP Message Format.............................................................................................................. 333
5.8.4.7 Configuring RSVP Authentication....................................................................................................................... 334
5.8.4.8 Checking the Configuration..................................................................................................................................338
5.8.5 Adjusting the Path of a CR-LSP..............................................................................................................................338
5.8.5.1 Configuring Tie-Breaking of CSPF......................................................................................................................338
5.8.5.2 Configuring Metrics for Path Calculation............................................................................................................ 340
5.8.5.3 Configuring CR-LSP Hop Limit.......................................................................................................................... 341
5.8.5.4 Configuring Route Pinning...................................................................................................................................342
5.8.5.5 Configuring Administrative Group and Affinity Property................................................................................... 342
5.8.5.6 Configuring SRLG............................................................................................................................................... 343
5.8.5.7 Associating CR-LSP Establishment with the Overload Setting........................................................................... 345
5.8.5.8 Configuring Failed Link Timer.............................................................................................................................346
5.8.5.9 Configuring Flooding Threshold.......................................................................................................................... 347
5.8.5.10 Checking the Configuration................................................................................................................................348
5.8.6 Adjusting the Establishment of an MPLS TE Tunnel............................................................................................. 348
5.8.6.1 Configuring Loop Detection.................................................................................................................................349
5.8.6.2 Configuring Route Record and Label Record...................................................................................................... 349
5.8.6.3 Configuring Re-optimization for CR-LSP........................................................................................................... 350
5.8.6.4 Configuring Tunnel Reestablishment Parameters................................................................................................ 351
5.8.6.5 Configuring the RSVP Signaling Delay-Trigger Function...................................................................................352
5.8.6.6 Configuring the Tunnel Priority........................................................................................................................... 353
5.8.6.7 Checking the Configuration..................................................................................................................................353
5.8.7 Configuring CR-LSP Backup.................................................................................................................................. 354
5.8.7.1 Creating a Backup CR-LSP.................................................................................................................................. 354
5.8.7.2 (Optional) Configuring Forcible Switchover....................................................................................................... 356
5.8.7.3 (Optional) Locking a Backup CR-LSP Attribute Template................................................................................. 357
5.8.7.4 (Optional) Configuring Dynamic Bandwidth for Hot-Standby CR-LSPs............................................................358
5.8.7.5 (Optional) Configuring a Best-Effort Path........................................................................................................... 359
5.8.7.6 Checking the Configuration..................................................................................................................................360
5.8.8 Configuring Manual TE FRR.................................................................................................................................. 361
5.8.8.1 Enabling TE FRR................................................................................................................................................. 361
5.8.8.2 Configuring a Bypass Tunnel............................................................................................................................... 362
5.8.8.3 (Optional) Configuring a TE FRR Scanning Timer............................................................................................. 364
5.8.8.4 (Optional) Changing the PSB and RSB Timeout Multiplier................................................................................ 364

Issue 07 (2015-12-18) Huawei Proprietary and Confidential xii


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS Contents

5.8.8.5 Checking the Configuration..................................................................................................................................365


5.8.9 Configuring Auto TE FRR...................................................................................................................................... 366
5.8.9.1 Enabling Auto TE FRR........................................................................................................................................ 366
5.8.9.2 Enabling the TE FRR and Configuring the Auto Bypass Tunnel Attributes........................................................367
5.8.9.3 (Optional) Configuring a TE FRR Scanning Timer............................................................................................. 368
5.8.9.4 (Optional) Changing the PSB and RSB Timeout Multiplier................................................................................ 369
5.8.9.5 (Optional) Configuring Auto Bypass Tunnel Re-Optimization........................................................................... 369
5.8.9.6 (Optional) Configuring Interworking with a Non-Huawei Device...................................................................... 370
5.8.9.7 Checking the Configuration..................................................................................................................................371
5.8.10 Configuring Association Between TE FRR and CR-LSP Backup........................................................................371
5.8.11 Configuring a Tunnel Protection Group................................................................................................................ 372
5.8.11.1 Creating a Tunnel Protection Group................................................................................................................... 373
5.8.11.2 (Optional) Configuring the Protection Switching Trigger Mechanism.............................................................. 374
5.8.11.3 Checking the Configuration................................................................................................................................375
5.8.12 Configuring Dynamic BFD for RSVP...................................................................................................................376
5.8.12.1 Enabling BFD Globally...................................................................................................................................... 376
5.8.12.2 Enabling BFD for RSVP.................................................................................................................................... 377
5.8.12.3 (Optional) Adjusting BFD Parameters............................................................................................................... 378
5.8.12.4 Checking the Configuration................................................................................................................................379
5.8.13 Configuring Static BFD for CR-LSPs................................................................................................................... 380
5.8.13.1 Enabling BFD Globally...................................................................................................................................... 380
5.8.13.2 Configuring BFD Parameters on the Ingress Node of the Tunnel......................................................................380
5.8.13.3 Configuring BFD Parameters on the Egress Node of the Tunnel.......................................................................382
5.8.13.4 Checking the Configuration................................................................................................................................385
5.8.14 Configuring Dynamic BFD for CR-LSPs............................................................................................................. 386
5.8.14.1 Enabling BFD Globally...................................................................................................................................... 387
5.8.14.2 Enabling the Capability of Dynamically Creating BFD Sessions on the Ingress.............................................. 387
5.8.14.3 Enabling the Capability of Passively Creating BFD Sessions on the Egress..................................................... 388
5.8.14.4 (Optional) Adjusting BFD Parameters............................................................................................................... 389
5.8.14.5 Checking the Configuration................................................................................................................................390
5.8.15 Configuring Static BFD for TE Tunnels................................................................................................................391
5.8.15.1 Enabling BFD Globally...................................................................................................................................... 391
5.8.15.2 Configuring BFD Parameters on the Ingress Node of the Tunnel......................................................................392
5.8.15.3 Configuring BFD Parameters on the Egress Node of the Tunnel.......................................................................394
5.8.15.4 Checking the Configuration................................................................................................................................396
5.8.16 Configuring RSVP GR.......................................................................................................................................... 397
5.8.16.1 Enabling the RSVP Hello Extension Function...................................................................................................398
5.8.16.2 Enabling RSVP GR............................................................................................................................................ 399
5.8.16.3 (Optional) Enabling the RSVP GR Helper Function..........................................................................................399
5.8.16.4 (Optional) Configuring Hello Sessions Between RSVP GR Nodes...................................................................400
5.8.16.5 (Optional) Modifying Basic Time...................................................................................................................... 400
5.8.16.6 Checking the Configuration................................................................................................................................401

Issue 07 (2015-12-18) Huawei Proprietary and Confidential xiii


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS Contents

5.9 Maintaining MPLS TE............................................................................................................................................... 401


5.9.1 Checking the Connectivity of the TE Tunnel.......................................................................................................... 402
5.9.2 Checking a TE Tunnel By Using NQA................................................................................................................... 402
5.9.3 Enabling the MPLS TE Trap Function.................................................................................................................... 402
5.9.4 Clearing the Operation Information........................................................................................................................ 405
5.9.5 Checking Information About TE............................................................................................................................. 405
5.9.6 Resetting the Tunnel Interface.................................................................................................................................405
5.9.7 Resetting the RSVP Process.................................................................................................................................... 406
5.9.8 Deleting or Resetting the Bypass Tunnel................................................................................................................ 406
5.10 Configuration Examples........................................................................................................................................... 406
5.10.1 Example for Configuring a Static MPLS TE Tunnel............................................................................................ 407
5.10.2 Example for Configuring a Dynamic MPLS TE Tunnel.......................................................................................412
5.10.3 Example for Setting Up CR-LSPs Using CR-LSP Attribute Templates............................................................... 418
5.10.4 Example for Configuring IGP Shortcut to Direct Traffic to an MPLS TE Tunnel............................................... 429
5.10.5 Example for Configuring Forwarding Adjacency to Direct Traffic to an MPLS TE Tunnel................................436
5.10.6 Example for Setting Attributes for an MPLS TE Tunnel...................................................................................... 444
5.10.7 Example for Configuring Srefresh Based on Manual TE FRR............................................................................. 453
5.10.8 Example for Configuring RSVP Authentication................................................................................................... 461
5.10.9 Example for Configuring RSVP Authentication Based on Manual TE FRR........................................................466
5.10.10 Example for Configuring SRLG Based on Auto TE FRR.................................................................................. 474
5.10.11 Example for Configuring SRLG Based on CR-LSP Hot Standby...................................................................... 485
5.10.12 Example for Configuring CR-LSP Hot Standby................................................................................................. 495
5.10.13 Example for Configuring Manual TE FRR......................................................................................................... 504
5.10.14 Example for Configuring Auto TE FRR............................................................................................................. 516
5.10.15 Example for Configuring Association Between TE FRR and CR-LSP Backup................................................. 529
5.10.16 Example for Configuring an MPLS TE Tunnel Protection Group......................................................................541
5.10.17 Example for Configuring Dynamic BFD for an MPLS TE Tunnel Protection Group........................................549
5.10.18 Example for Configuring Static BFD for CR-LSPs............................................................................................ 555
5.10.19 Example for Configuring Dynamic BFD for CR-LSPs.......................................................................................562
5.10.20 Example for Configuring RSVP GR................................................................................................................... 568
5.11 References.................................................................................................................................................................574

Issue 07 (2015-12-18) Huawei Proprietary and Confidential xiv


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 1 MPLS Overview

1 MPLS Overview

About This Chapter

1.1 Introduction to MPLS


This section describes the definition, purpose, and functions of MPLS.
1.2 Principles
This section describes the implementation of MPLS.
1.3 Applications
This section describes the application scenario of MPLS.
1.4 References
This section lists references of MPLS.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 1


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 1 MPLS Overview

1.1 Introduction to MPLS


This section describes the definition, purpose, and functions of MPLS.

Definition
The Multiprotocol Label Switching (MPLS) Protocol is used on Internet Protocol (IP)
backbone networks. MPLS uses connection-oriented label switching on connectionless IP
networks. By combining Layer 3 routing technologies and Layer 2 switching technologies,
MPLS leverages the flexibility of IP routing and the simplicity of Layer 2 switching.
MPLS is based on Internet Protocol version 4 (IPv4). The core MPLS technology can be
extended to multiple network protocols, such as Internet Protocol version 6 (IPv6), Internet
Packet Exchange (IPX), and Connectionless Network Protocol (CLNP). "Multiprotocol" in
MPLS means that multiple network protocols are supported.
MPLS is used for tunneling but not a service or an application. MPLS supports multiple
protocols and services. Moreover, it ensures security of data transmission.

Purpose
IP-based routing serves well on the Internet in the mid 90s, but IP technology can be
inefficient at forwarding packets because software must search for routes using the longest
match algorithm. As a result, the forwarding capability of IP technology can act as a
bottleneck.
In contrast, Asynchronous transfer mode (ATM) technology uses labels of fixed length and
maintains a label table that is much smaller than a routing table. Compared to IP, ATM is
more efficient at forwarding packets. ATM is a complex protocol, however, with high
deployment costs, that hinder its widespread use.
Because traditional IP technology is simple and costs little to deploy, a combination of IP and
ATM capabilities would be ideal. This has sparked the emergence of MPLS technology.
MPLS was created to increase forwarding rates. Unlike IP routing and forwarding, MPLS
analyzes a packet header only on the edge of the network and not at each hop. MPLS
therefore reduces packet processing time.
The use of hardware-based functions based on application-specific integrated circuits (ASICs)
has made IP routing far more efficient, so MPLS is no longer needed for its high-speed
forwarding advantages. However, MPLS does support multi-layer labels, and its forwarding
plane is connection-oriented. For these reasons, MPLS is widely used for virtual private
network (VPN), traffic engineering (TE), and quality of service (QoS).

1.2 Principles
This section describes the implementation of MPLS.

1.2.1 Basic MPLS Architecture


MPLS Network Structure
Figure 1-1 shows a typical MPLS network structure. Packets are forwarded on an MPLS
network based on labels. In Figure 1-1, network devices that swap MPLS labels and forward

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 2


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 1 MPLS Overview

packets are label switching routers (LSRs), which form an MPLS domain. LSRs that reside at
the edge of the MPLS domain and connect to other networks are called label edge routers
(LERs), and LSRs within the MPLS domain are core LSRs.

Figure 1-1 MPLS network structure

LER MPLS Domain

Ingress Transit Egress

LER Core LSR LER

IP Network IP Network

LER LER

LSP
Data flow

When IP packets reach an MPLS network, the ingress LER analyzes the packets and then
adds appropriate labels to them. All LSRs on the MPLS network forward packets based on
labels. When IP packets leave the MPLS network, the egress LER pops the labels.
A path along which IP packets are transmitted on an MPLS network is called a label switched
path (LSP). An LSP is a unidirectional path in the same direction data packets traverse.
As shown in Figure 1-1, the LER at the starting point of an LSP is the ingress node, and the
LER at the end of the LSP is the egress node. The LSRs between the ingress node and egress
node along the LSP are transit nodes. An LSP may have zero, one, or several transit nodes
and only one ingress node and one egress node.
On an LSP, MPLS packets are sent from the ingress to the egress. In this transmission
direction, the ingress node is the upstream node of the transit nodes, and the transit nodes are
the downstream nodes of the ingress node. Similarly, transit nodes are the upstream nodes of
the egress node, and the egress node is the downstream node of the transit nodes.

MPLS Architecture
Figure 1-2 shows the MPLS architecture, which consists of a control plane and a forwarding
plane.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 3


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 1 MPLS Overview

Figure 1-2 MPLS architecture

IP routing protocol Control plane

Routing Information Label Distribution Label Information


Base (RIB) Protocol (LDP) Base (LIB)

Forwarding Label Forwarding


Forwarding plane
Information Base Information Base
(FIB) (LFIB)

The MPLS architecture has the following parts:


l Control plane: generates and maintains routing and label information
Routing information base (RIB): is generated by IP routing protocols and used to
select routes.
Label distribution protocol (LDP): allocates labels, creates a label information base
(LIB), and establishes and tears down LSPs.
Label information base (LIB): is generated by LDP and used to manage labels.
l Forwarding plane (data plane): forwards IP packets and MPLS packets
Forwarding information base (FIB): is generated based on routing information
obtained from the RIB and used to forward common IP packets.
Label forwarding information base (LFIB): is created by LDP on an LSR and used
to forward MPLS packets.

1.2.2 MPLS Label


Forwarding Equivalence Class
A forwarding equivalence class (FEC) is a collection of packets with the same characteristics.
Packets of the same FEC are forwarded in the same way on an MPLS network.
FECs can be identified by the source address, destination address, source port, destination
port, and VPN. For example, in IP forwarding, packets matching the same route based on the
longest match algorithm belong to an FEC.

Label
A label is a short, fixed-length (4 bytes) identifier that is only locally significant. A label
identifies an FEC to which a packet belongs. In some cases, such as load balancing, a FEC
can be mapped to multiple incoming labels. Each label, however, represents only one FEC on
a device.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 4


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 1 MPLS Overview

Compared with an IP packet, an MPLS packet has the additional 4-byte MPLS label. The
MPLS label is between the link layer header and the network layer header, and allows use of
any link layer protocol. Figure 1-3 shows position of an MPLS label and fields in the MPLS
label.

Figure 1-3 MPLS label encapsulation format

Link layer header MPLS Label Layer 3 header Layer 3 payload

0 19 22 23 31
Label Exp S TTL

An MPLS label contains the following fields:


l Label: 20-bit label value.
l Exp: 3-bit, used as an extension value. Generally, this field is used as the class of service
(CoS) field. When congestion occurs, devices prioritize packets that have a larger value
in this field.
l S: 1-bit value indicating the bottom of a label stack. MPLS supports nesting of multiple
labels. When the S field is 1, the label is at the bottom of the label stack.
l TTL: time to live. This 8-bit field is the same as the TTL field in IP packets.

A label stack is an arrangement of labels. In Figure 1-4, the label next to the Layer 2 header is
the top of the label stack (outer MPLS label), and the label next to the Layer 3 header is the
bottom of the label stack (inner MPLS label). An MPLS label stack can contain an unlimited
number of labels. Currently, MPLS label stacks can be applied to MPLS VPN and Traffic
Engineering Fast ReRoute (TE FRR).

Figure 1-4 Label stack


Label Stack

Link layer header Outer MPLS label Inner MPLS label Layer3 header Layer3 payload

The label stack organizes labels according to the rule of Last-In, First-Out. The labels are
processed from the top of the stack.

Label Space
The label space is the value range of the label, and the space is organized in the following
ranges:

l 0 to 15: special labels. For details about special labels, see Table 1-1.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 5


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 1 MPLS Overview

l 16 to 1023: label space shared by static LSPs and static constraint-based routed LSPs
(CR-LSPs).
l 1024 or above: label space for dynamic signaling protocols, such as Label Distribution
Protocol (LDP), Resource Reservation Protocol-Traffic Engineering (RSVP-TE), and
MultiProtocol Border Gateway Protocol (MP-BGP).

Table 1-1 Special labels

Label Value Label Description

0 IPv4 Explicit The label must be popped out (removed), and the
NULL Label packets must be forwarded based on IPv4. If the egress
node allocates a label with the value of 0 to the
penultimate hop LSR, the penultimate hop LSR pushes
label 0 to the top of the label stack and forwards the
packet to the egress node. When the egress node detects
that the label of the packet is 0, the egress node pops the
label out.

1 Router Alert A label that is only valid when it is not at the bottom of a
Label label stack. The label is similar to the Router Alert
Option field in IP packets. After receiving such a label,
the node sends it to a local software module for further
processing. Packet forwarding is determined by the next-
layer label. If the packet needs to be forwarded
continuously, the node pushes the Router Alert Label to
the top of the label stack again.

2 IPv6 Explicit The label must be popped out, and the packets must be
NULL Label forwarded based on IPv6. If the egress node allocates a
label with the value of 2 to the LSR at the penultimate
hop, the LSR pushes label 2 to the top of the label stack
and forwards the packet to the egress node. When the
egress node recognizes that the value of the label carried
in the packet is 2, the egress node immediately pops it
out.

3 Implicit When the label with the value of 3 is swapped on an


NULL Label LSR at the penultimate hop, the LSR pops the label out
and forwards the packet to the egress node. Upon
receiving the packet, the egress node forwards the packet
in IP forwarding mode or according to the next layer
label.

4 to 13 Reserved None.

14 OAM Router A label for operation, administration and maintenance


Alert Label (OAM) packets over an MPLS network. MPLS OAM
sends OAM packets to monitor LSPs and report faults.
OAM packets are transparent on transit nodes and the
penultimate LSR.

15 Reserved None.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 6


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 1 MPLS Overview

1.2.3 LSP Setup


Before forwarding packets, MPLS must allocate labels to packets and establish an LSP. LSPs
can be either static or dynamic.

Establishing Static LSPs


You can manually allocate labels to set up static LSPs. A static LSP is valid for only the local
node, and nodes on the LSP are unaware of the entire LSP.

A static LSP is set up without any label distribution protocols or exchange of control packets.
Static LSPs have low costs and are recommended for small-scale networks with simple and
stable topologies. Static LSPs cannot adapt to network topology changes and must be
configured by an administrator.

Establishing Dynamic LSPs


Label Distribution Protocols for Dynamic LSPs

Dynamic LSPs are established using label distribution protocols. As the control protocol or
signaling protocol for MPLS, a label distribution protocol defines FECs, distributes labels,
and establishes and maintains LSPs.

MPLS can use the following protocols for label distribution:

l LDP
The Label Distribution Protocol (LDP) is designed for distributing labels. It sets up an
LSP hop by hop according to Interior Gateway Protocol (IGP) and Border Gateway
Protocol (BGP) routing information.
For details about LDP principles, see Principle Description in the 3 MPLS LDP
Configuration.
l RSVP-TE
Resource Reservation Protocol Traffic Engineering (RSVP-TE) is an extension of RSVP
and is used to set up a constraint-based routed LSP (CR-LSP). In contrast to LDP LSPs,
RSVP-TE tunnels are characterized by bandwidth reservation requests, bandwidth
constraints, link "colors" (designating administrative groups), and explicit paths.
For details about RSVP-TE principles, see Principle Description in the 5 MPLS TE
Configuration.
l MP-BGP
MP-BGP is an extension to BGP and allocates labels to MPLS VPN routes and inter-AS
VPN routes.
For details about MP-BGP principles, see BGP Configuration in S2750&S5700&S6700
Series Ethernet Switches Configuration Guide - IP Routing.

Procedure for Establishing Dynamic LSPs

MPLS labels are distributed from downstream LSRs to upstream LSRs. As shown in Figure
1-5, a downstream LSR identifies FECs based on the IP routing table, allocates a label to each
FEC, and records the mapping between labels and FECs. The downstream LSR then
encapsulates the mapping into a message and sends the message to the upstream LSR. As this
process proceeds on all the LSRs, the LSRs create a label forwarding table and establish an
LSP.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 7


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 1 MPLS Overview

Figure 1-5 Establishing a dynamic LSP


To 4.4.4.2/32 To 4.4.4.2/32 To 4.4.4.2/32
Upstream Label=Z Label=Y Label=3 Downstream

Ingress Transit Transit Egress


4.4.4.2/32

LSP

1.2.4 MPLS Forwarding


MPLS Forwarding Process
Basic Concepts
Label operations involved in MPLS packet forwarding include push, swap, and pop:
l Push: When an IP packet enters an MPLS domain, the ingress node adds a new label to
the packet between the Layer 2 header and the IP header. Alternatively, an LSR adds a
new label to the top of the label stack.
l Swap: When a packet is transferred within the MPLS domain, a local node swaps the
label at the top of the label stack in the MPLS packet for the label allocated by the next
hop according to the label forwarding table.
l Pop: When a packet leaves the MPLS domain, the label is popped out of (removed from)
the MPLS packet.
A label is invalid at the last hop of an MPLS domain. The penultimate hop popping
(PHP) feature applies. On the penultimate node, the label is popped out of the packet to
reduce the size of the packet that is forwarded to the last hop. Then, the last hop directly
forwards the IP packet or forwards the packet by using the second label.
By default, PHP is configured on the egress node. The egress node supporting PHP
allocates the label with the value of 3 to the penultimate hop.
Basic Forwarding Process
LSPs that support PHP are used in the following example to describe how MPLS packets are
forwarded.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 8


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 1 MPLS Overview

Figure 1-6 Basic MPLS forwarding process


FEC FEC FEC
4.4.4.2/32 4.4.4.2/32 4.4.4.2/32
In/Out Label In/Out IF In/Out Label In/Out IF In/Out Label In/Out IF
NULL/Z IF1/IF2 Z/Y IF1/IF2 Y/3 IF1/IF2

PHP

Push Z IP:4.4.4.2 Swap Y IP:4.4.4.2 Pop IP:4.4.4.2 IP


: 4.
4.
.2

4.
.4

2
.4
:4
IP

IF1 IF2 IF1 IF2 IF1 IF2 IF1 IF2

Ingress Transit Transit Egress


4.4.4.2/32

Data flow
LSP

As shown in Figure 1-6, the LSRs have distributed MPLS labels and set up an LSP with the
destination address of 4.4.4.2/32. MPLS packets are forwarded as follows:
1. The ingress node receives an IP packet destined for 4.4.4.2. Then, the ingress node adds
Label Z to the packet and forwards it.
2. When the downstream transit node receives the labeled packet, the node replaces Label Z
by Label Y.
3. When the transit node at the penultimate hop receives the packet with Label Y, the node
pops out Label Y because the label value is 3. The transit node then forwards the packet
to the egress node as an IP packet.
4. The egress node receives the IP packet and forwards it to 4.4.4.2/32.

Detailed MPLS Packet Forwarding Process


Basic Concepts
The following entities are used in MPLS packet forwarding:

l Tunnel ID
Each tunnel is assigned a unique ID to ensure that upper layer applications (such as VPN
and route management) on a tunnel use the same interface. The tunnel ID is 32 bits long
and is valid only on the local end.
l NHLFE
A next hop label forwarding entry (NHLFE) is used to guide MPLS packet forwarding.
An NHLFE specifies the tunnel ID, outbound interface, next hop, outgoing label, and
label operation.
FEC-to-NHLFE (FTN) maps each FEC to a group of NHLFEs. An FTN can be obtained
by searching for tunnel IDs that are not 0x0 in a FIB. The FTN is available on the ingress
only.
l ILM
The incoming label map (ILM) maps each incoming label to a group of NHLFEs.
The ILM specifies the tunnel ID, incoming label, inbound interface, and label operation.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 9


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 1 MPLS Overview

The ILM on a transit node identifies bindings between labels and NHLFEs. Similar a
FIB that provides forwarding information based on destination IP addresses, the ILM
provides forwarding information based on labels.
Detailed Forwarding Process

Figure 1-7 Detailed MPLS packet forwarding process


NHLFE
OUT IF Tunnel ID OPER NEXTHOP Out Label
IF2 0x11 PUSH 1.1.1.2 Z

OUT IF Tunnel ID OPER NEXTHOP Out Label


IF2 0x15 SWAP 2.2.2.2 Y

OUT IF Tunnel ID OPER NEXTHOP Out Label


IF2 0x22 POP 3.3.3.2 3

FIB ILM
DEST Tunnel ID In Label In IF Tunnel ID In Label In IF Tunnel ID
4.4.4.2/32 0x11 Z IF1 0x15 Y IF1 0x22

PHP
Push Z IP:4.4.4.2 Swap Y IP:4.4.4.2 Pop IP:4.4.4.2 IP
:4
.2

.4
.4

.4
.4

.2
:4
IP

IF1 IF2 IF1 IF2 IF1 IF2 IF1 IF2


1.1.1.1/24 1.1.1.2/24 2.2.2.1/24 2.2.2.2/24 3.3.3.1/24 3.3.3.2/24
Ingress Transit Transit Egress 4.4.4.2/32

Figure 1-7 shows the detailed MPLS packet forwarding process.


When an IP packet enters an MPLS domain, the ingress node searches the FIB to check
whether the tunnel ID matching the destination IP address is 0x0.
l If the tunnel ID is 0x0, the packet is forwarded along the IP link.
l If the tunnel ID is not 0x0, the packet is forwarded along an LSP.
During MPLS forwarding, LSRs find the matching FIB entries, ILM entries, and NHLFEs for
MPLS packets based on tunnel IDs.
l The ingress node processes MPLS packets as follows:
a. Searches the FIB to find the tunnel ID matching the destination IP address.
b. Finds the NHLFE matching the tunnel ID in the FIB and associates the FIB entry
with the NHLFE entry.
c. Checks the NHLFE to obtain the outbound interface, next hop, outgoing label, and
label operation.
d. Pushes the label into IP packets, processes the EXP field according to QoS policy,
and processes the TTL field, and then sends the encapsulated MPLS packets to the
next hop.
NOTE

For details on how the ingress node processes the EXP field and TTL field, see Principle
Description in the 4 MPLS QoS Configuration and Processing MPLS TTL.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 10


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 1 MPLS Overview

l A transit node processes MPLS packets as follows:


a. Finds the ILM matching the MPLS label to obtain the Tunnel ID.
b. Finds the NHLFE matching the Tunnel ID in the ILM.
c. Checks the NHLFE to obtain the outbound interface, next hop, outgoing label, and
label operation.
d. Processes the MPLS packets according to the label value:
n If the label value is greater than or equal to 16, the transit node replaces the
label with a new label replaces and processes the EXP field and TTL field.
After that, the transit node forwards the MPLS packet with the new label to the
next hop.
n If the label value is 3, the transit node pops out the label and processes the
EXP field and TTL field. After that, the transit node forwards the packets
through an IP route or based on the next layer label.
l The egress node forwards MPLS packets based on the ILM and forwards IP packets
based on the routing table
When the egress node receives IP packets, it checks the FIB and performs IP
forwarding.
When the egress node receives MPLS packets, it checks the ILM for the label
operation and processes the EXP field and TTL field.
n When the S flag in the label is 1, the label is at the bottom of the label stack,
and the packet is directly forwarded through an IP route.
n When the S field in the label is 0, a next-layer label exists, and the packet is
forwarded based on the next layer label.

MPLS TTL Processing


This section describes how MPLS processes the TTL and responds to TTL timeout.
MPLS TTL Processing Modes
The TTL field in an MPLS label is 8 bits long. The TTL field is the same as that in an IP
packet header. MPLS processes the TTL to prevent loops and implement traceroute.
RFC 3443 defines two modes in which MPLS can process the TTL in MPLS packets:
Uniform and Pipe modes. By default, MPLS processes the TTL in Uniform mode. The two
modes work as follows:
l Uniform mode
When IP packets enter an MPLS network, the ingress node decreases the IP TTL by one
and copies this new value to the MPLS TTL field. The TTL field in MPLS packets is
processed in standard mode. The egress node decreases the MPLS TTL by one and maps
this new value to the IP TTL field. Figure 1-8 shows how the TTL field is processed on
the transmission path.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 11


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 1 MPLS Overview

Figure 1-8 TTL processing in Uniform mode

IP/MPLS
backbone network

CE PE P PE CE

Outer MPLS Outer MPLS


TTL 254 TTL 253
Inner MPLS Inner MPLS
TTL 254 TTL 254
IP TTL IP TTL IP TTL IP TTL
255 254 254 252

l Pipe mode
As shown in Figure 1-9, the ingress node decreases the IP TTL by one and the MPLS
TTL remains constant. The TTL field in MPLS packets is processed in standard mode.
The egress node decreases the IP TTL by one. In Pipe mode, the IP TTL only decreases
by one on the ingress node and one on the egress node when packets travels across an
MPLS network.

Figure 1-9 TTL processing in Pipe mode

IP/MPLS
backbone network

CE PE P PE CE

Outer MPLS Outer MPLS


TTL 254 TTL 253
Inner MPLS Inner MPLS
TTL 254 TTL 254
IP TTL IP TTL IP TTL IP TTL
255 254 254 253

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 12


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 1 MPLS Overview

In MPLS VPN applications, the MPLS backbone network needs to be shielded to ensure
network security. The Pipe mode is recommended for private network packets.
ICMP Response Packet
On an MPLS network, when an LSR receives an MPLS packet with the TTL value of 1, the
LSR generates an ICMP response packet.
The LSR returns the ICMP response packet to the sender in the following ways:
l If the LSR has a reachable route to the sender, the LSR directly sends the ICMP response
packet to the sender through the IP route.
l If the LSR has no reachable route to the sender, the LSR forwards the ICMP response
packet along the LSP. The egress node forwards the ICMP response packet to the sender.
In most cases, the received MPLS packet contains only one label and the LSR responds to the
sender with the ICMP response packet using the first method. If the MPLS packet contains
multiple labels, the LSR uses the second method.
The MPLS VPN packets may contain only one label when they arrive at an autonomous
system boundary router (ASBR) on the MPLS VPN. These devices have no IP routes to the
sender, so they use the second method to reply to the ICMP response packets.

1.2.5 LSP Connectivity Check


Introduction to LSP Connectivity Check
On an MPLS network, the control panel used for setting up an LSP cannot detect the failure in
data forwarding of the LSP. This makes network maintenance difficult. The MPLS ping and
tracert mechanisms detect LSP errors and locate faulty nodes.
MPLS ping is used to check network connectivity. MPLS tracert is used to check the network
connectivity, and to locate network faults. Similar to IP ping and tracert, MPLS ping and
tracert use MPLS echo request packets and MPLS echo reply packets to check LSP
availability. MPLS echo request packets and echo reply packets are both encapsulated into
User Datagram Protocol (UDP) packets. The UDP port number of the MPLS echo request
packet is 3503, which can be identified only by MPLS-enabled devices.
An MPLS echo request packet carries FEC information to be detected, and is sent along the
same LSP as other packets with the same FEC. In this manner, the connectivity of the LSP is
checked. MPLS echo request packets are forwarded to the destination end using MPLS, while
MPLS echo reply packets are forwarded to the source end using IP. Routers set the destination
address in the IP header of the MPLS echo request packets to 127.0.0.1/8 (local loopback
address) and the TTL value is 1. In this way, MPLS echo request packets are not forwarded
using IP forwarding when the LSP fails so that the failure of the LPS can be detected.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 13


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 1 MPLS Overview

MPLS Ping

Figure 1-10 MPLS network


Loopback0 Loopback0
5.5.5.5/32 4.4.4.4/32
LSP

LSR_1 LSR_2 LSR_3 LSR_4

As shown in Figure 1-10, LSR_1 establishes an LSP to LSR_4. LSR_1 performs MPLS ping
on the LSP by performing the following steps:
1. LSR_1 checks whether the LSP exists. (On a TE tunnel, the router checks whether the
tunnel interface exists and the CR-LSP has been established.) If the LSP does not exist,
an error message is displayed and the MPLS ping stops. If the LSP exists, LSR_1
performs the following operations.
2. LSR_1 creates an MPLS echo request packet and adds 4.4.4.4 to the destination FEC in
the packet. In the IP header of the MPLS echo request packet, the destination address is
127.0.0.1/8 and the TTL value is 1. LSR_1 searches for the corresponding LSP, adds the
LSP label to the MPLS echo request packet, and sends the packet to LSR_2.
3. Transit nodes LSR_2 and LSR_3 forward the MPLS echo request packet based on
MPLS. If MPLS forwarding on a transit node fails, the transit node returns an MPLS
echo reply packet carrying the error code to LSR_1.
4. If no fault exists along the MPLS forwarding path, the MPLS echo request packet
reaches the LSP egress node LSR_4. LSR_4 returns a correct MPLS echo reply packet
after verifying that the destination IP address 4.4.4.4 is the loopback interface address.
MPLS ping is complete.

MPLS Tracert
As shown in Figure 1-10, LSR_1 performs MPLS tracert on LSR_4 (4.4.4.4/32) by
performing the following steps:
1. LSR_1 checks whether an LSP exists to LSR_4. (On a TE tunnel, the router checks
whether the tunnel interface exists and the CR-LSP has been established.) If the LSP
does not exist, an error message is displayed and the tracert stops. If the LSP exists,
LSR_1 performs the following operations.
2. LSR_1 creates an MPLS echo request packet and adds 4.4.4.4 to the destination FEC in
the packet. In the IP header of the MPLS echo request packet, the destination address is
127.0.0.1/8. Then LSR_1 adds the LSP label to the packet, sets the MPLS TTL value to
1, and sends the packet to LSR_2. The MPLS echo request packet contains a
downstream mapping TLV that carries downstream information about the LSP at the
current node, such as next-hop address and outgoing label.
3. Upon receiving the MPLS echo request packet, LSR_2 decreases the MPLS TTL by one
and finds that TTL times out. LSR_2 then checks whether the LSP exists and the next-
hop address and whether the outgoing label of the downstream mapping TLV in the

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 14


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 1 MPLS Overview

packet is correct. If so, LSR_2 returns a correct MPLS echo reply packet that carries the
downstream mapping TLV of LSR_2. If not, LSR_2 returns an incorrect MPLS echo
reply packet.
4. After receiving the correct MPLS echo reply packet, LSR_1 resends the MPLS echo
request packet that is encapsulated in the same way as step 2 and sets the MPLS TTL
value to 2. The downstream mapping TLV of this MPLS echo request packet is
replicated from the MPLS echo reply packet. LSR_2 performs common MPLS
forwarding on this MPLS echo request packet. If TTL times out when LSR_3 receives
the MPLS echo request packet, LSR_3 processes the MPLS echo request packet and
returns an MPLS echo reply packet in the same way as step 3.
5. After receiving a correct MPLS echo reply packet, LSR_1 repeats step 4, sets the MPLS
TTL value to 3, replicates the downstream mapping TLV in the MPLS echo reply packet,
and sends the MPLS echo request packet. LSR_2 and LSR_3 perform common MPLS
forwarding on this MPLS echo request packet. Upon receiving the MPLS echo request
packet, LSR_4 repeats step 3 and verifies that the destination IP address 4.4.4.4 is the
loopback interface address. LSR_4 returns an MPLS echo reply packet that does not
carry the downstream mapping TLV. MPLS tracert is complete.
When routers return the MPLS echo reply packet that carries the downstream mapping TLV,
LSR_1 obtains information about each node along the LSP.

1.3 Applications
This section describes the application scenario of MPLS.

1.3.1 MPLS VPN


Traditional VPNs transmit private network data over the public network using tunneling
protocols, such as the Generic Routing Encapsulation (GRE), Layer 2 Tunneling Protocol
(L2TP), and Point to Point Tunneling Protocol (PPTP). MPLS LSPs are set up by swapping
labels, and data packets are not encapsulated or encrypted. Therefore, MPLS is an appropriate
technology for VPN implementation.
MPLS VPN can build a private network with security similar to a Frame Relay (FR) network.
On MPLS VPN networks, customer devices do not need to set up tunnels such as GRE and
L2TP tunnels, so the network delay is minimized.
As shown in Figure 1-11, the MPLS VPN connects private network branches through LSPs to
form a unified network. The MPLS VPN also controls the interconnection between VPNs.
Figure 1-11 shows the devices on an MPLS VPN network.
l A customer edge (CE) is deployed on the edge of a customer network. It can be a router,
a switch, or a host.
l A provider edge (PE) is deployed on the edge of an IP/MPLS backbone network.
l A provider (P) device on an IP/MPLS backbone network is not directly connected to
CEs. The provider device only needs to provide basic MPLS forwarding capabilities and
does not maintain VPN information.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 15


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 1 MPLS Overview

Figure 1-11 MPLS VPN

VPN 1 VPN 2
IP/MPLS backbone CE
Site CE Site
network
P P
PE

PE
PE

VPN 2 P VPN 1
CE P CE
Site Site

An MPLS VPN has the following characteristics:


l PEs manage VPN users, set up LSPs between PEs, and advertise routing information
between users in a VPN.
l PEs use MP-BGP to advertise VPN routing information.
l The MPLS-based VPN supports IP address multiplexing between sites as well as the
interconnection of different VPNs.

1.3.2 MPLS TE
On traditional IP networks, routers select the shortest path as the route regardless of other
factors such as bandwidth. Traffic on a path is not switched to other paths even if the path is
congested. As a result, the shortest path first rule can cause severe problems on networks.
Traffic engineering (TE) monitors network traffic and the load of network components and
then adjusts parameters such as traffic management, routing, and resource restraint parameters
in real time. These adjustments help prevent network congestion caused by unbalanced traffic
distribution.
TE can be implemented on a large-scale backbone network using a simple, scalable solution.
MPLS, an overlay model, allows a virtual topology to be established over a physical topology
and maps traffic to the virtual topology. MPLS can be integrated with TE to implement MPLS
TE.
As shown in Figure 1-12, two paths are set up between LSR_1 and LSR_7: LSR_1 -> LSR_2
-> LSR_3 -> LSR_6 -> LSR_7 and LSR_1 -> LSR_2 -> LSR_4 -> LSR_5 -> LSR_6 ->
LSR_7. Bandwidth of the first path is 30 Mbit/s, and bandwidth of the second path is 80
Mbit/s. TE allocates traffic based on bandwidth, preventing link congestion. For example, 30
Mbit/s and 50 Mbit/s services are running between LSR_1 and LSR_7. TE distributes the 30
Mbit/s traffic to the 30 Mbit/s path and the 50 Mbit/s traffic to the 80 Mbit/s path.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 16


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 1 MPLS Overview

Figure 1-12 MPLS TE


LSR_3

LSR_1 LSR_2 LSR_6 LSR_7

30 Mbit/s bandwidth

LSR_4 LSR_5 80 Mbit/s bandwidth


30 Mbit/s traffic
50 Mbit/s traffic

MPLS TE can reserve resources by setting up LSPs along a specified path to prevent network
congestion and balance network traffic. MPLS TE has the following advantages:
l MPLS TE can reserve resources to ensure the quality of services during the
establishment of LSPs.
l The behaviors of an LSP can be easily controlled based on the attributes of the LSP such
as priority and bandwidth.
l LSP establishment consumes few resources and does not affect other network services.
l Backup path and fast reroute (FRR) protect network communication upon a failure of a
link or a node.
These advantages make MPLS TE the optimal TE solution. MPLS TE allows service
providers (SPs) to fully leverage existing network resources to provide diverse services,
optimize network resources, and efficiently manage the network.

1.3.3 MPLS 6PE


IPv6 Provider Edge (6PE) is an IPv4-to-IPv6 transition technology. This technology allows
ISPs to provide access services for scattered IPv6 networks over existing IPv4 backbone
networks. In this way, CEs on IPv6 islands can communicate with each other through IPv4
PEs.
On an MPLS 6PE network shown in Figure 1-13:
l 6PE routers exchange IPv6 routing information with CEs using IPv6 routing protocols.
l 6PE routers exchange IPv6 routing information with each other using MP-BGP and
allocate MPLS labels to IPv6 prefixes.
l 6PE routers exchange IPv4 routing information with Ps using IPv4 routing protocols and
establish LSPs between 6PE routers and Ps using MPLS.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 17


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 1 MPLS Overview

Figure 1-13 Packet forwarding using MPLS 6PE

IPv4/MPLS
backbone network
CE 6PE 6PE CE

MP-BGP

IPv6 IPv6
site site
P

IPv6 L1 L2 IPv6 L2 IPv6 IPv6

Figure 1-13 shows the IPv6 packet forwarding process on an MPLS 6PE network. IPv6
packets must carry outer and inner labels when being forwarded on the IPv4 backbone
network. The inner label (L2) maps the IPv6 prefix, while the outer label (L1) maps the LSP
between 6PEs.

The MPLS 6PE technology allows ISPs to connect existing IPv4/MPLS networks to IPv6
networks by simply upgrading PEs. To ISPs, the MPLS 6PE technology is an efficient
solution for transition to IPv6.

1.4 References
This section lists references of MPLS.

The following table lists the references.

Document No. Description

RFC3031 Multiprotocol Label Switching Architecture

RFC3032 MPLS Label Stack Encoding

RFC3034 Use of Label Switching on Frame Relay Networks Specification

RFC3036 LDP Specification

RFC3443 Time To Live (TTL) Processing in Multi-Protocol Label


Switching (MPLS) Networks

RFC2702 Requirements for Traffic Engineering Over MPLS

RFC3209 RSVP-TE: Extensions to RSVP for LSP Tunnels

RFC4364 BGP/MPLS IP Virtual Private Networks (VPNs)

RFC2598 An Expedited Forwarding PHB

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 18


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 1 MPLS Overview

Document No. Description

RFC4379 Detecting Multi-Protocol Label Switched (MPLS) Data Plane


Failures

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 19


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

2 Static LSP Configuration

About This Chapter

You can set up a static label switched path (LSP) by manually allocating labels to label
switching routers (LSRs). Static LSPs apply to networks with simple and stable network
topologies.
2.1 Overview of Static LSPs
Static LSPs are manually set up by an administrator and apply to networks with simple and
stable network topologies. They cannot be set up using a label distribution protocol.
2.2 Specification
This section provides Static LSPs specifications supported by the device.
2.3 Configuration Notes
This section describes notes about configuring MPLS.
2.4 Default Configuration
This section provides the default static LSP configuration.
2.5 Configuring Static LSPs
This section describes how to configure static LSPs.
2.6 Maintaining Static LSPs
Maintaining static LSPs includes detecting connectivity of an LSP.
2.7 Configuration Examples
This section provides several configuration examples of static LSP together with the
configuration networking diagrams. The configuration examples explain networking
requirements and configuration roadmap.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 20


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

2.1 Overview of Static LSPs


Static LSPs are manually set up by an administrator and apply to networks with simple and
stable network topologies. They cannot be set up using a label distribution protocol.

As shown in Figure 2-1, the path through which IP packets are transmitted on an MPLS
network is called label switched path (LSP). An LSP can be manually configured or
established using label distribution protocols.

Figure 2-1 Networking of MPLS

PE
VPN 1
Site IP/MPLS backbone
VPN 2
CE network Site

LSP CE

PE P P PE

VPN 2 VPN 1
Site CE CE Site
PE PE

Generally, MPLS uses the Label Distribution Protocol (LDP) to set up LSPs. LDP uses
routing information to set up LSPs. If LDP does not work properly, MPLS traffic may be lost.
Static LSPs are configured to determine the transmission path of some key data or important
services.

A static LSP is set up without using any label distribution protocol to exchange control
packets, so the static LSP consumes few resources. However, a static LSP cannot vary with
the network topology dynamically, and must be adjusted by an administrator according to the
network topology. The static LSP applies to networks with simple and stable network
topologies.

When configuring a static LSP, the administrator needs to manually allocate labels for each
Label Switching Router (LSR) in compliance with the following rule: the value of the
outgoing label of the previous node is equal to the value of the incoming label of the next
node.

In Figure 2-1, a static LSP is set up on the backbone network so that L2VPN or L3VPN
services can be easily deployed.

2.2 Specification
This section provides Static LSPs specifications supported by the device.

Table 2-1 lists the Static LSPs specifications.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 21


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

Table 2-1 Static LSPs specifications


Item Specification

Maximum number of Static LSPs 1000

2.3 Configuration Notes


This section describes notes about configuring MPLS.
When you configure MPLS on the switch, note the following:
l Only the S5700HI, S5710HI, S5710EI, and S6700EI support MPLS.

2.4 Default Configuration


This section provides the default static LSP configuration.

Table 2-2 Default configuration of the static LSP


Parameter Default Setting

Global MPLS capability Disabled

Global BFD capability Disabled

2.5 Configuring Static LSPs


This section describes how to configure static LSPs.

2.5.1 Creating Static LSPs


A static LSP can be established only after each LSR is manually configured.

Pre-configuration Tasks
Before creating static LSPs, complete the following task:
l Configuring a static unicast route or an IGP to connect LSRs at the network layer

Configuration Process
Create static LSPs according to the following sequence.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 22


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

2.5.1.1 Configuring LSR ID

Context
An LSR ID identifies an LSR on a network. An LSR does not have the default LSR ID, and
you must configure an LSR ID for it. To enhance network reliability, you are advised to use
the IP address of a loopback interface on the LSR as the LSR ID.
Perform the following steps on each node in an MPLS domain.

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
mpls lsr-id lsr-id

The LSR ID of the local node is configured.


By default, no LSR ID is set.

----End

Follow-up Procedure
Before changing the configured LSP ID, run the undo mpls command in the system view.

NOTICE
Running the undo mpls command to delete all MPLS configurations will interrupt MPLS
services, so plan the LSR ID of each LSP uniformly to prevent LSR ID change.

2.5.1.2 Enabling MPLS

Context
Perform the following steps on each LSR in an MPLS domain:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
mpls

MPLS is enabled globally and the MPLS view is displayed.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 23


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

By default, no node is enabled with MPLS.

Step 3 Run:
quit

Return to the system view.

Step 4 Run:
interface interface-type interface-number

The interface to participate in MPLS forwarding is specified.

Step 5 (Optional) On an Ethernet interface, run:


undo portswitch

The interface is switched to Layer 3 mode.

By default, an Ethernet interface works in Layer 2 mode.

Step 6 Run:
mpls

MPLS is enabled on the interface.

By default, no interface is enabled with MPLS.

----End

2.5.1.3 Establishing a Static LSP

Context
Static LSPs and static Constraint-based Routed LSPs (CR-LSPs) share the same label space
(16-1023). Note that the value of the outgoing label of the previous node is equal to the value
of the incoming label of the next node.

Perform the following operations on the ingress, transit, and egress nodes of the static LSP.
Figure 2-2 shows planned labels.

Figure 2-2 Networking of establishing a static LSP


Out Label In/Out Label In Label
100 100/200 200
Loopback1 Loopback1 Loopback1
1.1.1.9/32 GE0/0/1 GE0/0/1 2.2.2.9/32 GE0/0/2 GE0/0/1 3.3.3.9/32
VLANIF100 VLANIF100 VLANIF200 VLANIF200
172.1.1.1/24 172.1.1.2/24 172.2.1.1/24 172.2.1.2/24

Ingress Transit Egress

LSP1

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 24


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

Procedure
Step 1 Configure the ingress node.
1. Run:
system-view

The system view is displayed.


2. Run:
static-lsp ingress lsp-name destination ip-address { mask-length | mask }
{ nexthop next-hop-address | outgoing-interface interface-type interface-
number } * out-label out-label

The local node is configured as the ingress node of a specified LSP.

You are advised to set up a static LSP by specifying a next hop. Ensure that the local
routing table contains the route entries, including the destination IP address and the next
hop IP addresses of the LSP to be set up.

As shown in Figure 2-2, the LSP name is LSP1, destination address is 3.3.3.9/32, next
hop address is 172.1.1.2, outbound interface is Vlanif100, and outgoing label is 100.

Step 2 Configure the transit node.


1. Run:
system-view

The system view is displayed.


2. Run:
static-lsp transit lsp-name incoming-interface interface-type interface-
number in-label in-label { nexthop next-hop-address | outgoing-interface
interface-type interface-number } * out-label out-label

The local node is configured as the transit node of a specified LSP.

You are advised to set up a static LSP by specifying a next hop address. In addition,
ensure that the local routing table contains the route entries, including the destination IP
address and the next hop IP address of the LSP to be set up.

As shown in Figure 2-2, the LSP name is LSP1, the inbound interface is Vlanif100,
incoming label is 100, next hop address is 172.2.1.2, outbound interface is Vlanif200,
and outgoing label is 200.

Step 3 Configure the egress node.


1. Run:
system-view

The system view is displayed.


2. Run:
static-lsp egress lsp-name incoming-interface interface-type interface-number
in-label in-label [ lsrid ingress-lsr-id tunnel-id tunnel-id ]

The local node is configured as the egress node of a specified LSP.

As shown in Figure 2-2, the LSP name is LSP1, the inbound interface is Vlanif200, and
incoming label is 200.

----End

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 25


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

2.5.1.4 Checking the Configuration

Prerequisites
The configurations of the static LSP function are complete.

Procedure
l Run the display default-parameter mpls management command to check default
configurations of the MPLS management module.
l Run the display mpls static-lsp [ lsp-name ] [ { include | exclude } ip-address mask-
length ] [ verbose ] command to check the static LSP.
l Run the display mpls label static available [ [ label-from label-index ] label-number
label-number ] command to check information about labels available for transmitting
static services.

----End

2.5.2 Configuring Static BFD for Static LSPs


By configuring static BFD for static LSPs, you can check connectivity of static LSPs.

Context
When configuring static BFD for static LSPs, pay attention to the following points:

l A static BFD session can be created for non-host routes. When the static LSP becomes
Down, the associated BFD session also becomes Down. When the static LSP goes Up, a
BFD session is reestablished.
l The forwarding modes on the forwarding path and reverse path can be different (for
example, an IP packet is sent from the source to the destination through an LSP, and is
sent from the destination to the source in IP forwarding mode), but the forwarding path
and reverse path must be established over the same link. If they use different links, BFD
cannot identify the faulty path when a fault is detected.

Pre-configuration Tasks
Before configuring static BFD for static LSP, complete the following task:

l 2.5.1 Creating Static LSPs

Configuration Process
Configure static BFD for static LSPs according to the following sequence.

2.5.2.1 Configuring BFD with Specific Parameters on the Ingress Node

Context
BFD parameters on the ingress node include the local and remote discriminators, minimum
intervals for sending and receiving BFD packets, and local BFD detection multiplier. The
BFD parameters affect BFD session setup.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 26


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

You can adjust the local detection time according to the network situation. On an unstable
link, if a small detection time is used, a BFD session may flap. You can increase the detection
time of the BFD session.

NOTE

Actual interval for the local device to send BFD packets = MAX {locally configured interval for sending
BFD packets, remotely configured interval for receiving BFD packets}
Actual interval for the local device to receive BFD packets = MAX {remotely configured interval for
sending BFD packets, locally configured interval for receiving BFD packets}
Local detection time = Actual interval for receiving BFD packets x Remotely configured BFD detection
multiplier

Perform the following steps on the ingress node of the static LSP.

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
bfd

This node is enabled with the global BFD function. The global BFD view is displayed.
By default, global BFD is disabled.
Step 3 Run:
quit

Return to the system view.


Step 4 Run:
bfd cfg-name bind static-lsp lsp-name

The BFD session is bound to the static LSP.


Step 5 Set local and remote discriminators of a BFD session.
l Run:
discriminator local discr-value

The local discriminator is configured.


l Run:
discriminator remote discr-value

The remote discriminator is configured.


NOTE

The local and remote discriminators of the two ends on a BFD session must be correctly associated. That
is, the local discriminator of the local device and the remote discriminator of the remote device are the
same, and the remote discriminator of the local device and the local discriminator of the remote device
are the same. Otherwise, the BFD session cannot be correctly set up. In addition, the local and remote
discriminators cannot be modified after being successfully configured.

Step 6 (Optional) Run:


min-tx-interval interval

The interval for sending BFD packets is set on the local device.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 27


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

By default, the interval for sending BFD packets is 1000 ms.


Step 7 (Optional) Run:
min-rx-interval interval

The interval for receiving BFD packets is set on the local device.
By default, the interval for receiving BFD packets is 1000 ms.
Step 8 (Optional) Run:
detect-multiplier multiplier

The local BFD detection multiplier is set.


By default, the value is 3.
Step 9 Run:
process-pst

The changes of the BFD session status can be advertised to the upper-layer application.
By default, a static BFD session cannot report faults of the monitored service module to the
system.
Step 10 Run:
commit

The configuration is committed.

----End

2.5.2.2 Configuring BFD with Specific Parameters on the Egress Node

Context
BFD parameters on the egress node includes the local and remote discriminators, minimum
intervals for sending and receiving BFD packets, and local BFD detection multiplier. The
BFD parameters affect BFD session setup.
You can adjust the local detection time according to the network situation. On an unstable
link, if a small detection time is used, a BFD session may flap. You can increase the detection
time of the BFD session.

NOTE

Actual interval for the local device to send BFD packets = MAX {locally configured interval for sending
BFD packets, remotely configured interval for receiving BFD packets}
Actual interval for the local device to receive BFD packets = MAX {remotely configured interval for
sending BFD packets, locally configured interval for receiving BFD packets}
Local detection time = Actual interval for receiving BFD packets x Remotely configured BFD detection
multiplier

Perform the following steps on the egress node of the LSP.

Procedure
Step 1 Run:
system-view

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 28


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

The system view is displayed.


Step 2 Run:
bfd

This node is enabled with the global BFD function. The global BFD view is displayed.
By default, global BFD is disabled.
Step 3 Run:
quit

Return to the system view.


Step 4 The IP link, LSP, or TE tunnel can be used as the reverse tunnel to inform the egress node of a
fault. To ensure that BFD packets are received and sent along the same path, an LSP or TE
tunnel is preferentially used to inform the egress node of an LSP fault. If the configured
reverse tunnel requires BFD detection, configure a pair of BFD sessions for it. Run the
following commands as required.
l For the IP link, run:
bfd cfg-name bind peer-ip peer-ip [ vpn-instance vpn-instance-name ]
[ interface interface-type interface-number ] [ source-ip source-ip ]

l For the dynamic LSP, run:


bfd cfg-name bind ldp-lsp peer-ip ip-address nexthop ip-address [ interface
interface-type interface-number ]

l For the static LSP, run:


bfd cfg-name bind static-lsp lsp-name

l For MPLS TE, run:


bfd cfg-name bind mpls-te interface tunnel interface-number [ te-lsp
[ backup ] ]

Step 5 Set local and remote discriminators of a BFD session.


l Run:
discriminator local discr-value

The local discriminator is configured.


l Run:
discriminator remote discr-value

The remote discriminator is configured.


NOTE

The local and remote discriminators of the two ends on a BFD session must be correctly associated. That
is, the local discriminator of the local device and the remote discriminator of the remote device are the
same, and the remote discriminator of the local device and the local discriminator of the remote device
are the same. Otherwise, the BFD session cannot be correctly set up. In addition, the local and remote
discriminators cannot be modified after being successfully configured.

Step 6 (Optional) Run:


min-tx-interval interval

The interval for sending BFD packets is set on the local device.
By default, the interval for sending BFD packets is 1000 ms.
Step 7 (Optional) Run:
min-rx-interval interval

The interval for receiving BFD packets is set on the local device.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 29


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

By default, the interval for receiving BFD packets is 1000 ms.

Step 8 (Optional) Run:


detect-multiplier multiplier

The local BFD detection multiplier is set.

By default, the value is 3.

Step 9 (Optional) Run:


process-pst

The changes of the BFD session status can be advertised to the upper-layer application.

By default, a static BFD session cannot report faults of the monitored service module to the
system.

If an LSP is used as a reverse tunnel to notify the ingress of a fault, you can run this command
to allow the reverse tunnel to switch traffic if the BFD session goes Down. If a single-hop IP
link is used as a reverse tunnel, this command can be configured. Because the process-pst
command can be only configured for BFD single-link detection.

Step 10 Run:
commit

The configuration is committed.

----End

2.5.2.3 Checking the Configuration

Prerequisites
The configurations of the static BFD for static LSP function are complete.

Procedure
l Run the display bfd configuration { all | static } command to check the BFD
configuration.
l Run the display bfd session { all | static } command to check information about the
BFD session.
l Run the display bfd statistics session { all | static } command to check statistics about
BFD sessions.
l Run the display mpls static-lsp [ lsp-name ] [ { include | exclude } ip-address mask-
length ] [ verbose ] command to check the status of the static LSP.

----End

2.6 Maintaining Static LSPs


Maintaining static LSPs includes detecting connectivity of an LSP.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 30


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

2.6.1 Checking the LSP Connectivity

Context
In MPLS, the control panel used for setting up an LSP cannot detect data forwarding failures
on the LSP. This makes network maintenance difficult.
MPLS ping checks LSP connectivity, and MPLS traceroute locates network faults in addition
to checking LSP connectivity.
MPLS ping and MPLS traceroute can be performed in any view. MPLS ping and MPLS
traceroute do not support packet fragmentation.

Procedure
Step 1 Run the system-view command to enter the system view.

Step 2 Run the lspv mpls-lsp-ping echo enable command to enable the response to MPLS Echo
Request packets.
By default, the device is enabled to respond to MPLS Echo Request packets.
Step 3 (Optional) Run the lspv packet-filter acl-number command to enable MPLS Echo Request
packet filtering based on source IP addresses. The filtering rule is specified in the ACL.
By default, the device does not filter MPLS Echo Request packets based on their source IP
addresses.
Step 4 Run the following command to check the LSP connectivity.
l Run the ping lsp [ -a source-ip | -c count | -exp exp-value | -h ttl-value | -m interval | -r
reply-mode | -s packet-size | -t time-out | -v ] * ip destination-address mask-length [ ip-
address ] [ nexthop nexthop-address | draft6 ] command to perform an MPLS ping test.
If draft6 is specified, the command is implemented according to draft-ietf-mpls-lsp-
ping-06. By default, the command is implemented according to RFC 4379.
l Run the tracert lsp [ -a source-ip | -exp exp-value | -h ttl-value | -r reply-mode | -t time-
out | -v ] * ip destination-address mask-length [ ip-address ] [ nexthop nexthop-address |
draft6 ] command to perform an MPLS traceroute test.
If draft6 is specified, the command is implemented according to draft-ietf-mpls-lsp-
ping-06. By default, the command is implemented according to RFC 4379.

----End

Postrequisite
l Run the display lspv statistics command to check the LSPV test statistics. A large
amount of statistical information is saved in the system after MPLS ping or traceroute
tests are performed multiple times, which is unhelpful for problem analysis. To obtain
more accurate statistics, run the reset lspv statistics command to clear LSPV test
statistics before running the display lspv statistics command.
l Run the undo lspv mpls-lsp-ping echo enable command to disable response to MPLS
Echo Request packets. It is recommended that you run this command after completing an
MPLS ping or traceroute test to save system resources.
l Run the display lspv configuration command to check the current LSPV configuration.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 31


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

2.7 Configuration Examples


This section provides several configuration examples of static LSP together with the
configuration networking diagrams. The configuration examples explain networking
requirements and configuration roadmap.

2.7.1 Example for Configuring Static LSPs

Networking Requirements
As shown in Figure 2-3, the network topology is simple and stable, and LSR_1, LSR_2, and
LSR_3 are MPLS backbone network devices. A stable public tunnel needs to be created on
the backbone network to transmit L2VPN or L3VPN services.

Figure 2-3 Networking diagram for establishing static LSPs


Loopback1 Loopback1 Loopback1
1.1.1.9/32 GE0/0/1 GE0/0/1 2.2.2.9/32 GE0/0/2 GE0/0/1 3.3.3.9/32
VLANIF100 VLANIF100 VLANIF200 VLANIF200
172.1.1.1/24 172.1.1.2/24 172.2.1.1/24 172.2.1.2/24

LSR_1 LSR_2 LSR_3

Configuration Roadmap
You can configure static LSPs to meet the requirement. Configure two static LSPs: LSP1
from LSR_1 to LSR_3 with LSR_1, LSR_2, and LSR_3 as the ingress, transit, and egress
nodes respectively, and LSP2 from LSR_3 to LSR_1 with LSR_3, LSR_2, and LSR_1 as the
ingress, transit, and egress nodes respectively. The configuration roadmap is as follows:

1. Configure OSPF on the LSRs to ensure IP connectivity on the backbone network.


2. Configure MPLS on LSRs, which is the prerequisite for creating a public tunnel on the
backbone network.
3. Configure static LSPs because a stable public tunnel needs to be created on the backbone
network with simple and stable network topology to transmit L2VPN and L3VPN
services. Perform the following operations:
a. Configure the destination IP address, next hop, value of the outgoing label for the
LSP on the ingress node.
b. Configure the inbound interface, value of the incoming label equivalent to the
outgoing label of the last node, and next hop and value of the outgoing label of the
LSP on the transit node.
c. Configure the inbound interface and value of the incoming label equivalent to the
outgoing label of the last node of the LSP on the egress node.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 32


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

Procedure
Step 1 Create VLANs and VLANIF interfaces on the switch, configure IP addresses for the VLANIF
interfaces, and add physical interfaces to the VLANs.
# Configure LSR_1.
<HUAWEI> system-view
[HUAWEI] sysname LSR_1
[LSR_1] interface loopback 1
[LSR_1-LoopBack1] ip address 1.1.1.9 32
[LSR_1-LoopBack1] quit
[LSR_1] vlan batch 100
[LSR_1] interface vlanif 100
[LSR_1-Vlanif100] ip address 172.1.1.1 24
[LSR_1-Vlanif100] quit
[LSR_1] interface gigabitethernet 0/0/1
[LSR_1-GigabitEthernet0/0/1] port link-type trunk
[LSR_1-GigabitEthernet0/0/1] port trunk allow-pass vlan 100
[LSR_1-GigabitEthernet0/0/1] quit

The configurations of LSR_2 and LSR_3 are similar to the configuration of LSR_1, and are
not mentioned here.
Step 2 Configure OSPF to advertise the network segments that the interfaces are connected to and
the host route of the LSR ID.
# Configure LSR_1.
[LSR_1] ospf 1
[LSR_1-ospf-1] area 0
[LSR_1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0
[LSR_1-ospf-1-area-0.0.0.0] network 172.1.1.0 0.0.0.255
[LSR_1-ospf-1-area-0.0.0.0] quit
[LSR_1-ospf-1] quit

# Configure LSR_2.
[LSR_2] ospf 1
[LSR_2-ospf-1] area 0
[LSR_2-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0
[LSR_2-ospf-1-area-0.0.0.0] network 172.1.1.0 0.0.0.255
[LSR_2-ospf-1-area-0.0.0.0] network 172.2.1.0 0.0.0.255
[LSR_2-ospf-1-area-0.0.0.0] quit
[LSR_2-ospf-1] quit

# Configure LSR_3.
[LSR_3] ospf 1
[LSR_3-ospf-1] area 0
[LSR_3-ospf-1-area-0.0.0.0] network 3.3.3.9 0.0.0.0
[LSR_3-ospf-1-area-0.0.0.0] network 172.2.1.0 0.0.0.255
[LSR_3-ospf-1-area-0.0.0.0] quit
[LSR_3-ospf-1] quit

After the configuration is complete, run the display ip routing-table command on each node,
and you can view that the nodes learn routes from each other.
Step 3 Enable basic MPLS functions on each node.
# Configure LSR_1.
[LSR_1] mpls lsr-id 1.1.1.9
[LSR_1] mpls
[LSR_1-mpls] quit

# Configure LSR_2.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 33


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

[LSR_2] mpls lsr-id 2.2.2.9


[LSR_2] mpls
[LSR_2-mpls] quit

# Configure LSR_3.
[LSR_3] mpls lsr-id 3.3.3.9
[LSR_3] mpls
[LSR_3-mpls] quit

Step 4 Enable MPLS on each VLANIF interface.


# Configure LSR_1.
[LSR_1] interface vlanif 100
[LSR_1-Vlanif100] mpls
[LSR_1-Vlanif100] quit

# Configure LSR_2.
[LSR_2] interface vlanif 100
[LSR_2-Vlanif100] mpls
[LSR_2-Vlanif100] quit
[LSR_2] interface vlanif 200
[LSR_2-Vlanif200] mpls
[LSR_2-Vlanif200] quit

# Configure LSR_3.
[LSR_3] interface vlanif 200
[LSR_3-Vlanif200] mpls
[LSR_3-Vlanif200] quit

Step 5 Configure a static LSP from LSR_1 to LSR_3.


# Configure ingress node LSR_1.
[LSR_1] static-lsp ingress LSP1 destination 3.3.3.9 32 nexthop 172.1.1.2 out-
label 20

# Configure transit node LSR_2.


[LSR_2] static-lsp transit LSP1 incoming-interface vlanif 100 in-label 20 nexthop
172.2.1.2 out-label 40

# Configure egress node LSR_3.


[LSR_3] static-lsp egress LSP1 incoming-interface vlanif 200 in-label 40

After the configuration is complete, run the display mpls static-lsp command on each node
to check the status of the static LSP. Use the command output on LSR_1 as an example.
[LSR_1] display mpls static-lsp
TOTAL : 1 STATIC LSP(S)
UP : 1 STATIC LSP(S)
DOWN : 0 STATIC LSP(S)
Name FEC I/O Label I/O If Status
LSP1 3.3.3.9/32 NULL/20 -/Vlanif100 Up

The LSP is unidirectional, you need to configure a static LSP from LSR_3 to LSR_1.
Step 6 Configure a static LSP from LSR_3 to LSR_1.
# Configure ingress node LSR_3.
[LSR_3] static-lsp ingress LSP2 destination 1.1.1.9 32 nexthop 172.2.1.1 out-
label 30

# Configure transit node LSR_2.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 34


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

[LSR_2] static-lsp transit LSP2 incoming-interface vlanif 200 in-label 30 nexthop


172.1.1.1 out-label 60

# Configure egress node LSR_1.


[LSR_1] static-lsp egress LSP2 incoming-interface vlanif 100 in-label 60

Step 7 Verify the configuration.


After the configuration is complete, run the display mpls static-lsp or display mpls static-
lsp verbose command on each node to check the status and detailed information about the
static LSP. Use the command output on LSR_3 as an example.
[LSR_3] display mpls static-lsp
TOTAL : 2 STATIC LSP(S)
UP : 2 STATIC LSP(S)
DOWN : 0 STATIC LSP(S)
Name FEC I/O Label I/O If Status
LSP1 -/- 40/NULL Vlanif200/- Up
LSP2 1.1.1.9/32 NULL/30 -/Vlanif200 Up
[LSR_3] display mpls static-lsp verbose
No : 1
LSP-Name : LSP1
LSR-Type : Egress
FEC : -/-
In-Label : 40
Out-Label : NULL
In-Interface : Vlanif200
Out-Interface : -
NextHop : -
Static-Lsp Type: Normal
Lsp Status : Up

No : 2
LSP-Name : LSP2
LSR-Type : Ingress
FEC : 1.1.1.9/32
In-Label : NULL
Out-Label : 30
In-Interface : -
Out-Interface : Vlanif200
NextHop : 172.2.1.1
Static-Lsp Type: Normal
Lsp Status : Up

Run the ping lsp ip 1.1.1.9 32 command on LSR_3. The command output shows that the
static LSP can be pinged.
Run the ping lsp ip 3.3.3.9 32 command on LSR_1. The command output shows that the
static LSP can be pinged.

----End

Configuration Files
l Configuration file of LSR_1
#
sysname LSR_1
#
vlan batch 100
#
mpls lsr-id 1.1.1.9
mpls
#
interface Vlanif100
ip address 172.1.1.1 255.255.255.0
mpls

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 35


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 100
#
interface LoopBack1
ip address 1.1.1.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 1.1.1.9 0.0.0.0
network 172.1.1.0 0.0.0.255
#
static-lsp ingress LSP1 destination 3.3.3.9 32 nexthop 172.1.1.2 out-label 20
static-lsp egress LSP2 incoming-interface Vlanif100 in-label 60
#
return
l Configuration file of LSR_2
#
sysname LSR_2
#
vlan batch 100 200
#
mpls lsr-id 2.2.2.9
mpls
#
interface Vlanif100
ip address 172.1.1.2 255.255.255.0
mpls
#
interface Vlanif200
ip address 172.2.1.1 255.255.255.0
mpls
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 100
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 200
#
interface LoopBack1
ip address 2.2.2.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.9 0.0.0.0
network 172.1.1.0 0.0.0.255
network 172.2.1.0 0.0.0.255
#
static-lsp transit LSP1 incoming-interface Vlanif100 in-label 20 nexthop
172.2.1.2 out-label 40
static-lsp transit LSP2 incoming-interface Vlanif200 in-label 30 nexthop
172.1.1.1 out-label 60
#
return
l Configuration file of LSR_3
#
sysname LSR_3
#
vlan batch 200
#
mpls lsr-id 3.3.3.9
mpls
#
interface Vlanif200
ip address 172.2.1.2 255.255.255.0

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 36


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

mpls
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 200
#
interface LoopBack1
ip address 3.3.3.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.9 0.0.0.0
network 172.2.1.0 0.0.0.255
#
static-lsp egress LSP1 incoming-interface Vlanif200 in-label 40
static-lsp ingress LSP2 destination 1.1.1.9 32 nexthop 172.2.1.1 out-label 30
#
return

2.7.2 Example for Configuring Static BFD to Monitor Static LSPs

Networking Requirements
As shown in Figure 2-4, PEs and Ps are backbone network devices, and static LSPs have
been set up on the backbone network to transmit network services.

Network services, such as VoIP, online game, and online video service, have high
requirements for real-timeness. Data loss caused by faulty links will seriously affect services.
It is required that services be fast switched to the backup LSP when the primary LSP becomes
faulty, minimizing packet loss. Static BFD for static LSPs is configured to fast detect static
LSPs.

Figure 2-4 Networking diagram for establishing static LSPs

Loopback1
2.2.2.9/32
G
/0 1
/ 0 VL E0
0 1 0 17 N /0/2
A
GE NIF 2/24 2.2 IF2
L A .1. .1. 00
1 V 2. 1 1/2 G
0
/
/0 00 17 4 VL E0 /
Loopback1 GE NIF1 /24
P_1 17 AN 0/1 Loopback1
1 2 .2 IF 2
1.1.1.9/32 VLA .1.1. .1. 00 4.4.4.9/32
2 /2
7 2 4
1 primary LSP

G backup LSP
PE_1 VL E0/ 2 PE_2
1 7 N 0 /2
A
2 .3 IF 3 0 /0/ 00
4
.1. 00 P_2 GE NIF 2/24
1 /2 GE A .
4 VLA 0/0 /2 VL 2.4.1
17 NI /1 0/0 0 0 17
2.3 F3 GE NIF4 /24
.1. 00 A .1
2/2
4 VL .4.1
72
Loopback1 1
3.3.3.9/32

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 37


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

Configuration Roadmap
The configuration roadmap is as follows:

1. Configure OSPF between the PEs and Ps to implement IP connectivity on the backbone
network.
2. Configure static LSPs on PEs and P to transmit network services.
3. Configure static BFD on PEs to fast detect static LSPs. This is because faults on static
LSPs can only be detected by static BFD.

NOTE

Ensure that STP is disabled in this scenario; otherwise, the active link may be unavailable.

Procedure
Step 1 Create VLANs and VLANIF interfaces on the switch, configure IP addresses for the VLANIF
interfaces, and add physical interfaces to the VLANs.

# Configure PE_1.
<HUAWEI> system-view
[HUAWEI] sysname PE_1
[PE_1] interface loopback 1
[PE_1-LoopBack1] ip address 1.1.1.9 32
[PE_1-LoopBack1] quit
[PE_1] vlan batch 100 300
[PE_1] interface vlanif 100
[PE_1-Vlanif100] ip address 172.1.1.1 24
[PE_1-Vlanif100] quit
[PE_1] interface vlanif 300
[PE_1-Vlanif300] ip address 172.3.1.1 24
[PE_1-Vlanif300] quit
[PE_1] interface gigabitethernet0/0/1
[PE_1-GigabitEthernet0/0/1] port link-type trunk
[PE_1-GigabitEthernet0/0/1] port trunk allow-pass vlan 100
[PE_1-GigabitEthernet0/0/1] quit
[PE_1] interface gigabitethernet0/0/2
[PE_1-GigabitEthernet0/0/2] port link-type trunk
[PE_1-GigabitEthernet0/0/2] port trunk allow-pass vlan 300
[PE_1-GigabitEthernet0/0/2] quit

The configurations of P_1, P_2, and PE_2, are similar to the configuration of PE_1, and are
not mentioned here.

Step 2 Configure OSPF to advertise the network segments that the interfaces are connected to and
the host route of the LSR ID.

# Configure PE_1.
[PE_1] ospf 1
[PE_1-ospf-1] area 0
[PE_1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0
[PE_1-ospf-1-area-0.0.0.0] network 172.1.1.0 0.0.0.255
[PE_1-ospf-1-area-0.0.0.0] network 172.3.1.0 0.0.0.255
[PE_1-ospf-1-area-0.0.0.0] quit
[PE_1-ospf-1] quit

The configurations of P_1, P_2, and PE_2, are similar to the configuration of PE_1, and are
not mentioned here.

Step 3 Set the cost of VLANIF 300 on PE_1 to 1000.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 38


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

[PE_1] interface vlanif 300


[PE_1-Vlanif300] ospf cost 1000
[PE_1-Vlanif300] quit

After the configuration is complete, run the display ip routing-table command on each node.
You can see that the nodes learn routes from each other. The outbound interface of the route
from PE_1 to PE_2 is VLANIF 100.
Step 4 Enable basic MPLS functions on each node.
# Configure PE_1.
[PE_1] mpls lsr-id 1.1.1.9
[PE_1] mpls
[PE_1-mpls] quit

# Configure P_1.
[P_1] mpls lsr-id 2.2.2.9
[P_1] mpls
[P_1-mpls] quit

# Configure P_2.
[P_2] mpls lsr-id 3.3.3.9
[P_2] mpls
[P_2-mpls] quit

# Configure PE_2.
[PE_2] mpls lsr-id 4.4.4.9
[PE_2] mpls
[PE_2-mpls] quit

Step 5 Enable MPLS on each VLANIF interface.


# Configure PE_1.
[PE_1] interface vlanif 100
[PE_1-Vlanif100] mpls
[PE_1-Vlanif100] quit
[PE_1] interface vlanif 300
[PE_1-Vlanif300] mpls
[PE_1-Vlanif300] quit

# Configure P_1.
[P_1] interface vlanif 100
[P_1-Vlanif100] mpls
[P_1-Vlanif100] quit
[P_1] interface vlanif 200
[P_1-Vlanif200] mpls
[P_1-Vlanif200] quit

# Configure P_2.
[P_2] interface vlanif 300
[P_2-Vlanif300] mpls
[P_2-Vlanif300] quit
[P_2] interface vlanif 400
[P_2-Vlanif400] mpls
[P_2-Vlanif400] quit

# Configure PE_2.
[PE_2] interface vlanif 200
[PE_2-Vlanif200] mpls
[PE_2-Vlanif200] quit
[PE_2] interface vlanif 400

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 39


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

[PE_2-Vlanif400] mpls
[PE_2-Vlanif400] quit

Step 6 Create a static LSP named LSP1 with PE_1 being the ingress node, P_1 being the transit
node, and PE_2 being the egress node.

# Configure ingress node PE_1.


[PE_1] static-lsp ingress LSP1 destination 4.4.4.9 32 nexthop 172.1.1.2 out-label
20

# Configure transit node P_1.


[P_1] static-lsp transit LSP1 incoming-interface vlanif 100 in-label 20 nexthop
172.2.1.2 out-label 40

# Configure egress node PE_2.


[PE_2] static-lsp egress LSP1 incoming-interface vlanif 200 in-label 40

Step 7 Create a static LSP named LSP2 with PE_1 being the ingress node, P_2 being the transit
node, and PE_2 being the egress node.

# Configure ingress node PE_1.


[PE_1] static-lsp ingress LSP2 destination 4.4.4.9 32 nexthop 172.3.1.2 out-label
30

# Configure transit node P_2.


[P_2] static-lsp transit LSP2 incoming-interface vlanif 300 in-label 30 nexthop
172.4.1.2 out-label 60

# Configure egress node PE_2.


[PE_2] static-lsp egress LSP2 incoming-interface vlanif 400 in-label 60

After the configuration is complete, run the ping lsp ip 4.4.4.9 32 command on PE_1. The
command output shows that the LSP can be pinged.

Run the display mpls static-lsp verbose command on each node to check the detailed
information about the static LSP. Use the command output on PE_1 as an example.
[PE_1] display mpls static-lsp verbose
No : 1
LSP-Name : LSP1
LSR-Type : Ingress
FEC : 4.4.4.9/32
In-Label : NULL
Out-Label : 20
In-Interface : -
Out-Interface : Vlanif100
NextHop : 172.1.1.2
Static-Lsp Type: Normal
Lsp Status : Up

No : 2
LSP-Name : LSP2
LSR-Type : Ingress
FEC : 4.4.4.9/32
In-Label : NULL
Out-Label : 30
In-Interface : -
Out-Interface : Vlanif300
NextHop : 172.3.1.2
Static-Lsp Type: Normal
Lsp Status : Down

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 40


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

Step 8 Configure the BFD session to detect static LSP LSP1.


# On ingress node PE_1, configure a BFD session, with the local discriminator of 1, the
remote discriminator of 2, and the intervals for sending and receiving packets of 100 ms. The
port state table (PST) can be modified.
[PE_1] bfd
[PE_1-bfd] quit
[PE_1] bfd pe1tope2 bind static-lsp LSP1
[PE_1-bfd-lsp-session-pe1tope2] discriminator local 1
[PE_1-bfd-lsp-session-pe1tope2] discriminator remote 2
[PE_1-bfd-lsp-session-pe1tope2] min-tx-interval 100
[PE_1-bfd-lsp-session-pe1tope2] min-rx-interval 100
[PE_1-bfd-lsp-session-pe1tope2] process-pst
[PE_1-bfd-lsp-session-pe1tope2] commit
[PE_1-bfd-lsp-session-pe1tope2] quit

# On egress node PE_2, configure a BFD session to notify PE_1 of faults on the static LSP.
[PE_2] bfd
[PE_2-bfd] quit
[PE_2] bfd pe2tope1 bind peer-ip 1.1.1.9
[PE_2-bfd-session-pe2tope1] discriminator local 2
[PE_2-bfd-session-pe2tope1] discriminator remote 1
[PE_2-bfd-session-pe2tope1] min-tx-interval 100
[PE_2-bfd-session-pe2tope1] min-rx-interval 100
[PE_2-bfd-session-pe2tope1] commit
[PE_2-bfd-session-pe2tope1] quit

# Run the display bfd session all command on PE_1 to check the configuration. The
command output shows that the BFD session on PE_1 is Up.
[PE_1] display bfd session all
--------------------------------------------------------------------------------
Local Remote PeerIpAddr State Type InterfaceName
--------------------------------------------------------------------------------
1 2 4.4.4.9 Up S_STA_LSP Vlanif100
--------------------------------------------------------------------------------
Total UP/DOWN Session Number : 1/0

# Run the display bfd session all command on PE_2 to check the configuration.
[PE_2] display bfd session all
--------------------------------------------------------------------------------
Local Remote PeerIpAddr State Type InterfaceName
--------------------------------------------------------------------------------
2 1 1.1.1.9 Up S_IP_PEER -
--------------------------------------------------------------------------------
Total UP/DOWN Session Number : 1/0

Step 9 Check the configuration.


# Run the shutdown command on VLANIF 200 of P_1 to simulate a fault on a static LSP.
[P_1] interface vlanif 200
[P_1-Vlanif200] shutdown

# Run the display bfd session all command on PE to check the status of the BFD session.
[PE_1] display bfd session all
--------------------------------------------------------------------------------
Local Remote PeerIpAddr State Type InterfaceName
--------------------------------------------------------------------------------
1 2 4.4.4.9 Down S_STA_LSP -
--------------------------------------------------------------------------------
Total UP/DOWN Session Number : 0/1

[PE_2] display bfd session all


--------------------------------------------------------------------------------

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 41


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

Local Remote PeerIpAddr State Type InterfaceName


--------------------------------------------------------------------------------
2 1 1.1.1.9 Down S_IP_PEER -
--------------------------------------------------------------------------------
Total UP/DOWN Session Number : 0/1

----End

Configuration Files
l Configuration file of PE_1
#
sysname PE_1
#
vlan batch 100 300
#
bfd
#
mpls lsr-id 1.1.1.9
mpls
#
interface Vlanif100
ip address 172.1.1.1 255.255.255.0
mpls
#
interface Vlanif300
ip address 172.3.1.1 255.255.255.0
ospf cost 1000
mpls
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 100
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 300
#
interface LoopBack1
ip address 1.1.1.9 255.255.255.255
#
bfd pe1tope2 bind static-lsp LSP1
discriminator local 1
discriminator remote 2
min-tx-interval 100
min-rx-interval 100
process-pst
commit
#
ospf 1
area 0.0.0.0
network 1.1.1.9 0.0.0.0
network 172.1.1.0 0.0.0.255
network 172.3.1.0 0.0.0.255
#
static-lsp ingress LSP1 destination 4.4.4.9 32 nexthop 172.1.1.2 out-label 20
static-lsp ingress LSP2 destination 4.4.4.9 32 nexthop 172.3.1.2 out-label 30
#
return

l Configuration file of P_1


#
sysname P_1
#
vlan batch 100 200
#
mpls lsr-id 2.2.2.9
mpls

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 42


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

#
interface Vlanif100
ip address 172.1.1.2 255.255.255.0
mpls
#
interface Vlanif200
ip address 172.2.1.1 255.255.255.0
mpls
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 100
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 200
#
interface LoopBack1
ip address 2.2.2.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.9 0.0.0.0
network 172.1.1.0 0.0.0.255
network 172.2.1.0 0.0.0.255
#
static-lsp transit LSP1 incoming-interface Vlanif 100 in-label 20 nexthop
172.2.1.2 out-label 40
#
return

l Configuration file of P_2


#
sysname P_2
#
vlan batch 300 400
#
mpls lsr-id 3.3.3.9
mpls
#
interface Vlanif300
ip address 172.3.1.2 255.255.255.0
mpls
#
interface Vlanif400
ip address 172.4.1.1 255.255.255.0
mpls
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 300
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 400
#
interface LoopBack1
ip address 3.3.3.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.9 0.0.0.0
network 172.3.1.0 0.0.0.255
network 172.4.1.0 0.0.0.255
#
static-lsp transit LSP2 incoming-interface Vlanif 300 in-label 30 nexthop
172.4.1.2 out-label 60
#
return

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 43


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 2 Static LSP Configuration

l Configuration file of PE_2


#
sysname PE_2
#
vlan batch 200 400
#
bfd
#
mpls lsr-id 4.4.4.9
mpls
#
interface Vlanif200
ip address 172.2.1.2 255.255.255.0
mpls
#
interface Vlanif400
ip address 172.4.1.2 255.255.255.0
mpls
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 200
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 400
#
interface LoopBack1
ip address 4.4.4.9 255.255.255.255
#
bfd pe2tope1 bind peer-ip 1.1.1.9
discriminator local 2
discriminator remote 1
min-tx-interval 100
min-rx-interval 100
commit
#
ospf 1
area 0.0.0.0
network 4.4.4.9 0.0.0.0
network 172.2.1.0 0.0.0.255
network 172.4.1.0 0.0.0.255
#
static-lsp egress LSP1 incoming-interface Vlanif 200 in-label 40
static-lsp egress LSP2 incoming-interface Vlanif 400 in-label 60
#
return

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 44


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

3 MPLS LDP Configuration

About This Chapter

The Multiprotocol Label Switching Label Distribution Protocol (MPLS LDP) defines the
messages in and procedures for distributing labels. MPLS LDP is used by Label Switching
Routers (LSRs) to negotiate session parameters, distribute labels, and then establish Label
Switched Paths (LSPs).

3.1 Introduction to MPLS LDP


This section describes the definition, background, and functions of MPLS LDP.
3.2 Principles
This section describes the implementation of MPLS LDP.
3.3 Specification
This section provides MPLS specifications supported by the device.
3.4 Configuration Task Summary
After basic functions of MPLS LDP are configured, you can build an MPLS network using
LDP. To ensure network reliability and security, you need to perform other configuration in
addition to MPLS LDP.
3.5 Configuration Notes
This section describes notes about configuring MPLS.
3.6 Default Configuration
This section provides the default MPLS LDP configuration.
3.7 Configuring MPLS LDP
This section describes how to configure MPLS LDP.
3.8 Maintaining MPLS LDP
Maintaining MPLS LDP includes restarting LDP, clearing LDP statistics, monitoring the LDP
running status, and detecting LSP connectivity.
3.9 Configuration Examples
This section provides several configuration examples of MPLS LDP networking, including
the networking requirements, configuration roadmap, configuration procedures, and
configuration files.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 45


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

3.10 Common Configuration Errors


This section describes common faults caused by incorrect MPLS configurations and provides
the troubleshooting procedure.
3.11 FAQ
This section describes the FAQ of MPLS LDP.
3.12 References
This section lists references of MPLS LDP.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 46


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

3.1 Introduction to MPLS LDP


This section describes the definition, background, and functions of MPLS LDP.

Definition
The Label Distribution Protocol (LDP) is a control protocol of Multiprotocol Label Switching
(MPLS) that functions like a signaling protocol on a traditional network. LDP classifies
FECs, distributes labels, and establishes and maintains LSPs. LDP defines messages used in
the label distribution process as well as procedures for processing these messages.

Purpose
MPLS is highly scalable because it allows multiple labels in a packet and has a connection-
oriented forwarding plane. This scalability enables an MPLS/IP network to provide a variety
of services. Label switching routers (LSRs) on an MPLS network use LDP to map Layer 3
routing information to Layer 2 switched paths, and establish LSPs at the network layer.

LDP is widely used to provide VPN services because of its simple deployment and
configuration, abilities to set up LSPs dynamically based on routing information, and support
for a large number of LSPs.

3.2 Principles
This section describes the implementation of MPLS LDP.

3.2.1 Basic Concepts

LDP Peers
Two LSRs that use LDP to set up an LDP session and exchange label messages are LDP
peers.

LDP peers learn labels from each other over the LDP session between them.

LDP Adjacency
When an LSR receives a Hello message from a peer, an LDP adjacency is set up between the
two LSRs. Two types of LDP adjacencies are used:
l Local adjacency: adjacency discovered by multicasting a Hello message (link Hello
message)
l Remote adjacency: adjacency discovered by unicasting a Hello message (targeted Hello
message)

LDP maintains peer information based on adjacencies. The type of a peer depends on the type
of its adjacency. A peer can be maintained by multiple adjacencies. If a peer is maintained by
both local and remote adjacencies, the peer is a local-and-remote peer.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 47


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

LDP Session
LSRs exchange messages over an LDP session that include label mapping and release
messages. LDP sessions can be set up only between LDP peers. The following types of LDP
sessions are available:

l Local LDP session: set up between two LSRs that are directly connected
l Remote LDP session: set up between two LSRs that are directly or indirectly connected

An LSR can set up local and remote LDP sessions simultaneously.

3.2.2 LDP Working Mechanism

3.2.2.1 Overview
LDP defines the label distribution process and messages transmitted during label distribution.
LSRs use LDP to map Layer 3 routing information to Layer 2 switched paths, and set up an
LSP.

For details about LDP, see RFC 5036 (LDP Specification).

LDP Messages
LDP defines the following messages:

l Discovery message: used to announce or maintain an LSR on a network. For example,


Hello messages are discovery messages.
l Session message: used to establish, maintain, and terminate sessions between LDP peers.
For example, Initialization and Keepalive messages are session messages.
l Advertisement message: used to create, modify, and delete label mappings for FECs.
l Notification message: used to provide advisory and error information.

To ensure the reliability of message transmission, LDP uses Transmission Control Protocol
(TCP) transport for Session, Advertisement, and Notification messages. LDP uses User
Datagram Protocol (UDP) transport only for transmitting the Discovery message.

LDP Working Process


The LDP working process has the following phases:
1. LDP Session Setup
After LSRs send Hello messages to discover LDP peers, the LSRs establish an LDP
session. LDP peers periodically send Hello and Keepalive messages to maintain the LDP
session.
LDP peers periodically send Hello messages to maintain the adjacency. If an LSR
does not receive any Hello message from a peer before the Hello timer expires, the
local LSR deletes the adjacency. After the adjacency is deleted, the local LSR sends
a Notification message to terminate the LDP session.
LDP peers periodically send Keepalive messages over the LDP session to maintain
the LDP session. If an LSR does not receive a Keepalive message from a peer
before the Keepalive timer expires, the local LSR terminates the TCP connection
and sends a Notification message to terminate the LDP session.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 48


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

2. LDP LSP Setup


After a session is established, LDP peers advertise the mappings between FECs and
labels and set up an LSP.

3.2.2.2 LDP Session Setup


LSRs use LDP discovery mechanisms to discover LDP peers and establish an LDP session.
An LDP LSP can be set up to transmit services only after an LDP session is set up.

LDP Discovery Mechanisms


LSRs use LDP discovery mechanisms to discover LDP peers. LSRs can use the following
types of LDP discovery mechanisms:
l Basic discovery mechanism: used to discover directly-connected LSR peers on a link.
An LSR periodically sends LDP Link Hello messages to implement the mechanism and
establish a local LDP session.
LDP Link Hello messages are encapsulated in UDP packets with the multicast
destination address 224.0.0.2. If an LSR receives an LDP Link Hello message on an
interface, an LDP peer is connected to this interface.
l Extended discovery mechanism: used to discover LSR peers that are not directly
connected on a link.
An LSR periodically sends LDP Target Hello messages to a specified destination IP
address according to the mechanism to establish a remote LDP session.
The LDP Target Hello messages are encapsulated in UDP packets with the unicast
destination IP addresses. If an LSR receives an LDP Target Hello message, an LDP peer
is connected to the LSR.

LDP Session Setup Process


Two LSRs exchange Hello messages to trigger the establishment of an LDP session.
Figure 3-1 shows how an LDP session is set up.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 49


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Figure 3-1 Process of establishing an LDP session


LSR_1 (initiator) LSR_2 (responder)
192.168.1.2/32 192.168.1.1/32

Send Hello messages.


Step 1

LSR_1 initiates a TCP connection.


Step 2

LSR_1 sends an Initialization message.


Step 3
If LSR_2 accepts parameters in the Initialization
message, LSR_2 sends an Initialization
message and a Keepalive message to LSR_1.
Step 4
If LSR_1 accepts the parameters in the
Initialization message sent from LSR_2, LSR_1
sends a Keepalive message to LSR_2.
Step 5

The LDP session setup process consists of the following steps:

1. Two LSRs send Hello messages to each other.


Each Hello message contains the transport address (device IP address) that the two LSRs
use to establish an LDP session.
2. The LSR with a larger transport address initiates a TCP connection.
As shown in Figure 3-1, LSR_1 initiates a TCP connection and LSR_2 waits for the
TCP connection request.
3. After the TCP connection is successfully established, LSR_1 sends an Initialization
message to negotiate with LSR_2 about parameters used for establishing the LDP
session.
These parameters include the LDP version, label distribution mode, Keepalive timer
value, maximum PDU length, and label space.
4. If LSR_2 accepts parameters in the Initialization message, LSR_2 sends an Initialization
message and a Keepalive message to LSR_1.
If LSR_2 rejects the parameters in the Initialization message, LSR_2 sends a
Notification message to LSR_1 to stop the establishment of the LDP session.
Parameters in the Initialization message include the LDP version, label distribution
mode, Keepalive timer value, maximum PDU length, and label space.
5. If LSR_1 accepts the parameters in the Initialization message sent from LSR_2, LSR_1
sends a Keepalive message to LSR_2.
If LSR_1 rejects the parameters in the Initialization message, LSR_1 sends a
Notification message to LSR_2 to stop the establishment of the LDP session.

After both LSR_1 and LSR_2 have accepted Keepalive messages from each other, an LDP
session is established between them.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 50


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

3.2.2.3 LDP LSP Setup


LDP peers send Label Request and Mapping messages to advertise FEC-to-label mappings
and establish LSPs based on the mappings. Label distribution and management depend on the
label advertisement mode, label distribution control mode, and label retention mode.

Label Advertisement and Management


Label Advertisement Modes
An LSR assigns a label to a specified FEC and notifies its upstream LSR of the label. This
means that labels are allocated by a downstream LSR and distributed from downstream to
upstream.
As described in Table 3-1, two label advertisement modes are available. The label
advertisement modes on upstream and downstream LSRs must be the same.

Table 3-1 Label advertisement modes


Label Advertisement Definition Description
Mode

Downstream Unsolicited An LSR distributes labels to As shown in Figure 3-2, the


(DU) mode a specified FEC without downstream egress triggers
having to receive Label the establishment of an LSP
Request messages from its destined for the FEC
upstream LSR. 192.168.1.1/32 using a host
route and sends a Label
Mapping message to the
upstream transit node to
advertise the label of the
host route to 192.168.1.1/32.

Downstream on Demand An LSR distributes labels to As shown in Figure 3-2, the


(DoD) mode a specified FEC only after downstream egress triggers
receiving Label Request the establishment of an LSP
messages from its upstream destined for the FEC
LSR. 192.168.1.1/32 in host
mode. The upstream ingress
sends a Label Request
message to the downstream
egress. After receiving the
message, the downstream
egress sends a Label
Mapping message to the
upstream LSR.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 51


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

NOTE

When the DU mode is used, LDP supports label distribution for all peers by default. Each node can send
Label Mapping messages to all peers without distinguishing upstream and downstream nodes. If an LSR
distributes labels only to upstream peers, it must identify its upstream and downstream nodes based on
routing information before sending Label Mapping messages. An upstream node cannot send Label
Mapping messages to its downstream node. If the upstream/downstream roles change because the
corresponding route changes, the new downstream node sends Label Mapping messages to its upstream
node. In this process, network convergence is slow.

Figure 3-2 DU and DoD


Distribute a label to Distribute a label to
DU its upstream device its upstream device
192.168.1.1/32

Ingress Transit Egress


Request a label from Request a label from its
DOD its downstream device downstream device

Send a label after the Send a label after the


request is received request is received

Label Distribution Control Modes


The label distribution control mode refers to a label distribution method used on an LSR
during LSP establishment.
As described in Table 3-2, two label distribution control modes are available.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 52


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Table 3-2 Label distribution control modes


Label Distribution Definition Description
control Mode

Independent mode A local LSR can distribute a l As shown in Figure 3-2,


label bound to an FEC and if the label advertisement
then inform the upstream mode is DU and the label
LSR, without waiting for the distribution control mode
label distributed by the is Independent, a transit
downstream LSR. LSR can assign a label to
the ingress node without
waiting for the label
assigned by the egress
node.
l As shown in Figure 3-2,
if the label advertisement
mode is DoD and the
label distribution control
mode is Independent, the
directly-connected
ingress transit node that
sends a Label Request
message replies with a
label without waiting for
the label assigned by the
egress node.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 53


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Label Distribution Definition Description


control Mode

Ordered mode An LSR advertises the l As shown in Figure 3-2,


mapping between a label the label distribution
and an FEC to its upstream mode is DU and the label
LSR only when this LSR is distribution control mode
the outgoing node of the is ordered. Consequently,
FEC or receives the Label the LSR (the transit LSR
Mapping message of the in Figure 3-2) must
next hop for the FEC. receive a Label Mapping
message from the
downstream LSR (the
egress node in Figure
3-2). Then, the transit
LSR can distribute a
label to the ingress node
in the diagram.
l As shown in Figure 3-2,
if the label distribution
mode is DoD and the
label distribution control
mode is Ordered, the
directly connected transit
node of the ingress node
that sends the Label
Request message must
receive a Label Mapping
message from the
downstream (the egress
node in the diagram).
Then, the transit node
can distribute a label to
the ingress node in
Figure 3-2.

Label Retention Modes


The label retention mode refers to the way an LSR processes the label mapping received but
not immediately used.
The label mapping that an LSR receives may or may not originate at the next hop.
As described in Table 3-3, two label retention modes are available.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 54


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Table 3-3 Label retention modes


Label Retention Mode Definition Description

Liberal mode Upon receiving a Label When the next hop of an


Mapping message from a LSR changes due to a
neighbor LSR, an LSR change in network topology,
retains the message note that:
regardless of whether the l In Liberal mode, the
neighbor LSR is its next LSR can use the previous
hop. label sent by a non-next
Conservative mode Upon receiving a Label hop to quickly
Mapping message from a reestablish an LSP. This
neighbor LSR, an LSR requires more memory
retains the message only and label space than in
when the neighbor LSR is conservative mode.
its next hop. l In Conservative mode,
the LSR only retains
labels sent by the next
hop. This saves memory
and label space but slows
down the reestablishment
of an LSP.
Conservative mode and
DoD mode are used
together to set up LSRs
with limited label space.

Currently, the following combinations are supported:


l DU label advertisement mode, ordered label control mode, and liberal label retention
mode (default mode)
l DoD label advertisement mode, ordered label control mode, and conservative label
retention mode

LDP LSP Setup Process


LSP setup is the process of mapping a forwarding equivalence class (FEC) to a label and
advertising the mapping to neighboring LSRs. Figure 3-3 shows how an LSP is set up in
Downstream Unsolicited (DU) and Ordered mode.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 55


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Figure 3-3 LDP LSP setup process


FEC FEC FEC
3.3.3.3/32 3.3.3.3/32 3.3.3.3/32
In/Out Label In/Out IF In/Out Label In/Out IF In/Out Label In/Out IF
NULL/1025 -/IF2 1025/3 IF1/IF2 3/NULL IF1/-

Loopback 0 Loopback 0 Loopback 0


1.1.1.1/32 2.2.2.2/32 3.3.3.3/32

IF2 IF1 IF2 IF1


Ingress FEC : 3.3.3.3 Transit FEC : 3.3.3.3 Egress

Label: 1025 Label: 3

LSP
Label mapping

The LDP LSP setup process consists of the following steps:


1. By default, upon a route change, if an edge node (egress) finds a new host route that does
not belong to any existing FEC, the egress node creates an FEC for the route.
2. If the egress node has available labels, it distributes a label for the new FEC and sends a
Label Mapping message to the upstream node. The Label Mapping message contains the
distributed label and FEC.
3. After receiving the Label Mapping message, the upstream transit node checks whether
the sender (egress node) is the next hop of the FEC. If so, the transit node adds the label-
to-FEC mapping in the Label Mapping message to its label forwarding table, and then
sends the Label Mapping message of the specified FEC to the upstream LSR (ingress).
4. After receiving the Label Mapping message, the ingress node checks whether the sender
(transit node) is the next hop of the FEC. If so, the ingress node adds the label-to-FEC
mapping in the Label Mapping message to its label forwarding table. An LSP is
established, and the packets of this FEC can be forwarded based on labels.
This process sets up a common LDP LSP. Another type of LSP is the proxy egress LSP. A
proxy egress establishes LSPs using routes in which the next-hop addresses are not local
addresses. If penultimate hop popping (PHP) is enabled, an LSR at the penultimate hop is a
specific proxy egress along an LSP. A proxy egress is configured manually. The proxy egress
applies to a network with MPLS-incapable switches or helps load-balance traffic based on
Border Gateway Protocol (BGP) routes.
On the network shown in Figure 3-4, LSR_1, LSR_2, and LSR_3 are in an MPLS domain.
LSR_4 is not enabled with MPLS LDP or does not support MPLS LDP. If a policy is
configured to use all IGP routes to establish LDP LSPs, LSR_3 functions as a proxy egress
and becomes the penultimate hop of the route. This allows LSR_1, LSR_2, and LSR_3 to
establish LDP LSPs to LSR_4.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 56


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Figure 3-4 Proxy egress


Proxy egress

Loopback 0 Loopback 0 Loopback 0 Loopback 0


1.1.1.1/32 2.2.2.2/32 3.3.3.3/32 4.4.4.4/32

LSR_1 LSR_2 LSR_3 LSR_4

MPLS domain IP domain

3.2.3 LDP Security Mechanisms


To ensure security of LDP packets, MPLS provides three security mechanisms: Message-
digest algorithm 5 (MD5), Keychain, and Generalized TTL Security Mechanism (GTSM).
Keychain is more secure than MD5 authentication, and only one of these mechanisms can be
used for an LDP peer. GTSM protects a device against attacks of invalid LDP packets and can
be used with MD5 authentication or Keychain.

MD5 Authentication
MD5 authentication is a standard digest algorithm defined in RFC 1321. A typical application
of MD5 is to calculate a message digest to prevent message spoofing. The MD5 message
digest is a unique result calculated by an irreversible character string conversion. If a message
is modified during transmission, a different digest is generated. After the message arrives at
the receiver, the receiver can determine whether the packet has been modified by comparing
the received digest with the pre-calculated digest.
MD5 generates a unique digest for an information segment, so LDP MD5 authentication can
prevent LDP packets from being modified. This authentication is stricter than common
checksum verification of TCP. The MD5 authentication process is as follows:
1. Before an LDP session message is sent over a TCP connection, the sender pads the TCP
header with a unique digest. The digest is calculated using the MD5 algorithm based on
the TCP header, LDP message, and configured password.
2. Upon receiving the TCP packet, the receiver obtains the TCP header, digest, and LDP
session message, and then uses MD5 to calculate a digest based on the received TCP
header, LDP session message, and locally stored password. The receiver compares the
calculated digest with the received one to check whether the packet has been modified.
A password can be set in either cipher text or simple text. The simple-text password is directly
saved in the configuration file. The cipher-text password is saved in the configuration file
after being encrypted using a special algorithm. However, the character string entered by the
user is used to calculate the digest, regardless of whether the password is in simple text or
cipher text. That is, the cipher-text password does not participate in MD5 calculation. As
devices from different vendors use proprietary password encryption algorithms, this digest
calculation method shields differences of password encryption algorithms used on different
devices.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 57


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Keychain Authentication
Compared with MD5, Keychain is an enhanced encryption algorithm that calculates a
message digest for the same LDP message to prevent the message from being modified.

During Keychain authentication, a group of passwords are defined to form a password string.
Each password is specified with encryption and decryption algorithms such as MD5 algorithm
and SHA-1, and is configured with the validity period. When sending or receiving a packet,
the system selects a valid password based on the user's configuration. Within the valid period
of the password, the system uses the encryption algorithm matching the password to encrypt
the packet before sending it out, or uses the decryption algorithm matching the password to
decrypt the packet before accepting it. In addition, the system automatically uses a new
password after the previous password expires, preventing the password from being decrypted.

The Keychain authentication password, the encryption and decryption algorithms, and the
password validity period that constitute a Keychain configuration node are configured using
different commands. A Keychain configuration node requires at least one password and
encryption and decryption algorithms.

LDP GTSM
Generalized TTL Security Mechanism (GTSM) protects services by checking whether the
TTL value in the IP header is within the pre-defined range. The prerequisites for using GTSM
are as follows:

l The TTL of normal packets between routers is determined.


l It is difficult to change the TTL value.

LDP GTSM refers to GTSM implementation over LDP.

To protect the device against attacks, GTSM verifies the TTL in a packet. LDP GTSM is
applied to LDP packets between neighbor or adjacent (based on a fixed number of hops)
devices. The TTL range is preset on each device for packets from other devices. With GTSM
enabled, if the TTL of an LDP packet received by a device configured with LDP is out of the
TTL range, the packet is considered invalid and is discarded. This protects the upper-layer
protocols.

3.2.4 LDP Extensions for Inter-Area LSPs


LDP extensions for inter-area LSPs enable LDP to search for routes according to the longest
match principle and use summarized routes to establish LDP LSPs spanning multiple IGP
areas.

Background
On a large-scale network, multiple IGP areas are often configured for flexible network
deployment and fast route convergence. To reduce the number of routes and conserve
resources, area border routers (ABRs) summarize the routes in their areas and advertise the
summarized routes to neighboring IGP areas. However, LDP follows the exact match
principle when establishing LSPs. LDP searches for the route exactly matching a forwarding
equivalence class (FEC) in the received Label Mapping message. If only summarized routes
are available, LDP supports only liberal LSPs and cannot set up inter-area LSPs. LDP
extensions are available to help set up inter-area LDP LSPs.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 58


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

NOTE

A liberal LSP is an LSP that has been assigned labels but fails to be established.

Implementation
The network shown in Figure 3-5 have two IGP areas, Area 10 and Area 20. LSR_2 at the
border of Area 10 has two host routes to LSR_3 and LSR_4. To reduce the resources
consumed by routes, LSR_2 can run IS-IS to summarize the two routes to one route
1.3.0.0/24 and advertise this route to Area 20.

Figure 3-5 Networking topology for LDP extensions for inter-area LSPs

Loopback0
1.3.0.1/32

Loopback0 Loopback0 LSR_3


1.1.0.1/32 1.2.0.1/32
IS-IS
Area10

LSR_1 LSR_2 Loopback0


1.3.0.2/32
IS-IS
Area20

LSR_4

When establishing an LSP, LDP searches the routing table for the route that exactly matches
the FEC in the received Label Mapping message. In Figure 3-5, LSR_1 has only a
summarized route (1.3.0.0/24) but not 32-bit host routes in its routing table. Table 3-4 lists the
route of LSR_1 and routes carried in the FEC.

Table 3-4 Route of LSR_1 and routes carried in the FEC


Route of LSR_1 FEC

1.3.0.0/24 1.3.0.1/32

1.3.0.2/32

If only summarized routes are available, LDP supports only liberal LSPs and cannot set up
inter-area LDP LSPs. In this situation, tunnels cannot be set up on the backbone network.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 59


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

To set up an LSP, LSR_1 must follow the longest match principle to find the route. There is a
summarized route 1.3.0.0/24 in the routing table of LSR_1. When LSR_1 receives a Label
Mapping message (for example, a message carrying FEC 1.3.0.1/32) from Area 10, LSR_1
finds the summarized route 1.3.0.0/24 according to the longest match principle. Then LSR_1
applies the outbound interface and next hop of the summarized route to the route 1.3.0.1/32.
An inter-area LDP LSP is established.

3.2.5 LDP Reliability

3.2.5.1 Overview
LDP LSP reliability technologies are necessary for the following reasons:
l If a node or link on a working LDP LSP fails, reliability technologies are required to set
up a backup LDP LSP and switch traffic to the backup LDP LSP, while minimizing
packet loss in this process.
l When a node on a working LDP LSP encounters a control plane failure but the
forwarding plane is still working, reliability technologies are required to ensure traffic
forwarding during fault recovery on the control plane.
MPLS provides multiple reliability technologies to ensure high reliability of key services
transmitted over LDP LSPs. The following table describes these reliability technologies.

Table 3-5 LDP reliability technologies


Reliability Description Function
Technology

Fault detection Rapidly detects faults on LDP LSPs of an l 3.2.5.2 BFD for
MPLS network and triggers protection LDP LSPs
switching.

Traffic Ensures that traffic is switched to the backup l 3.2.5.3


protection LDP LSP and minimizes packet loss when a Synchronization
working LDP LSP fails. Between LDP and
IGP
l 3.2.5.5 Local-and-
Remote LDP
Session

Ensures nonstop forwarding on the l 3.2.5.4 LDP GR


forwarding plane when the control plane
fails on a node.

3.2.5.2 BFD for LDP LSPs


Bidirectional Forwarding Detection (BFD) can quickly detect faults on an LDP LSP and
trigger a traffic switchover upon an LDP LSP failure to improve network reliability.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 60


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Background
If a node or link along a working LDP LSP fails, traffic is switched to the backup LSP.
Because the fault detection mechanism of LDP is slow, traffic switching takes a relatively
long time, causing traffic loss.
As shown in Figure 3-6, an LSR periodically sends Hello messages to its neighboring LSRs
to advertise its existence on the network and maintain adjacencies. An LSR creates a Hello
timer for each neighbor to maintain an adjacency. Each time the LSR receives a Hello
message, the LSR resets the Hello timer. If the Hello timer expires before the LSR receives a
new Hello message, the LSR considers that the adjacency is terminated. This mechanism
cannot detect link faults quickly, especially when a Layer 2 device is deployed between LSRs.

Figure 3-6 BFD for LDP LSPs


LSR_3

LSR_1 LSR_2 LSR_5 LSR_6

Primary LSP
Backup LSP
Hello message
LSR_4

BFD can quickly detect faults on an LDP LSP and trigger a traffic switchover upon an LDP
LSP failure, minimizing packet loss and improving network reliability.

Implementation
BFD for LDP LSPs can rapidly detect a fault on an LDP LSP and notify the forwarding plane
of the fault to ensure fast traffic switchover.
A BFD session is bound to an LSP. That is, a BFD session is set up between the ingress and
egress nodes. A BFD packet is sent from the ingress node to the egress node along an LSP.
Then, the egress node responds to the BFD packet. In this manner, the ingress node can detect
the LSP status quickly. After BFD detects an LSP failure, BFD notifies the forwarding plane.
Then, the forwarding plane switches traffic to the backup LSP.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 61


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Figure 3-7 BFD for LDP LSPs


LSR_3

LSR_1 LSR_2 LSR_5 LSR_6

Primary LSP
Backup LSP
BFD session
LSR_4

3.2.5.3 Synchronization Between LDP and IGP


Synchronization between LDP and IGP ensures consistent IGP and LDP traffic by
suppressing IGP route advertisement. This minimizes packet loss and improves network
reliability.

Background
Because LDP convergence is slower than IGP route convergence, the following problems
occur on an MPLS network where primary and backup links exist:
l When the primary link fails, the IGP route of the backup link becomes primary and
traffic is switched to the backup LSP over the backup link. After the primary link
recovers, the IGP route of the primary link becomes primary before an LDP session is
established over the primary link. As a result, traffic is dropped during attempts to use
the unreachable LSP.
l When the IGP route of the primary link is reachable and an LDP session between nodes
on the primary link fails, traffic is directed using the IGP route of the primary link, while
the LSP over the primary link is torn down. Because a preferred IGP route of the backup
link is unavailable, an LSP over the backup link cannot be established, causing traffic
loss.
l When the primary/backup switchover occurs on a node, the LDP session is established
after IGP GR completion. IGP advertises the maximum cost of the link, causing route
flapping.

Synchronization between LDP and IGP helps prevent traffic loss caused by these problems.

Related Concepts
Synchronization between LDP and IGP involves three timers:
l Hold-down timer: controls the amount of time before establishing an IGP neighbor
relationship.
l Hold-max-cost timer: controls the interval for advertising the maximum link cost on an
interface.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 62


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

l Delay timer: controls the amount of time before an LSP establishment.

Implementation
l As shown in Figure 3-8, when traffic is switched between primary and backup links,
synchronization between LDP and IGP is implemented as follows.

Figure 3-8 Switching between primary/backup links


LSR_3

LSR_1 LSR_2 LSR_5 LSR_6

Primary LSP
Backup LSP
Link fault
LSR_4
LSP fault

Synchronization between LDP and IGP is implemented as follows:


The primary link recovers from a physical fault.
i. The faulty link between LSR_2 and LSR_3 recovers.
ii. An LDP session is set up between LSR_2 and LSR_3. IGP starts the Hold-
down timer to suppress establishment of the neighbor relationship.
iii. Traffic keeps traveling through the backup LSP.
iv. After the LDP session is set up, Label Mapping messages are exchanged and
then synchronization between LDP and IGP starts.
v. The IGP establishes a neighbor relationship and switches traffic back to the
primary link. The LSP is reestablished and its route converges on the primary
link.
IGP on the primary link is normal and the LDP session is faulty.
i. An LDP session between nodes along the primary link becomes defective.
ii. LDP notifies the primary link of the session fault. IGP starts the Hold-max-
cost timer and advertises the maximum cost on the primary link.
iii. The IGP route of the backup link becomes reachable.
iv. An LSP is established over the backup link and the LDP module on LSR_2
delivers forwarding entries.
The Hold-max-cost timer can be configured to always advertise the maximum cost
of the primary link. This setting allows traffic to keep traveling through the backup
LSP before the LDP session over the primary link is reestablished.
l In Figure 3-9, when an active/standby switchover occurs, synchronization between LDP
and IGP is implemented as follows.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 63


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Figure 3-9 Active/Standby switchover on a node

LSR_3
GR Helper

LSR_1 LSR_2 LSR_5 LSR_6

GR Restarter
Primary LSP
Backup LSP

LSR_4 Active/Standby switchover

Synchronization between LDP and IGP is implemented as follows:


a. An IGP on the GR Restarter advertises the actual cost of the primary link and starts
the GR Delay timer. The GR Restarter does not end the GR process before the GR
delay timer expires. An LDP session can be set up during this period.
b. Before the GR Delay timer expires, the GR Helper retains the original IGP route
and the LSP. When the LDP session goes Down, LDP does not notify the IGP link
of the session Down event. In this case, the IGP still advertises the actual link cost,
ensuring that the IGP route is not switched to the backup link. When the GR Delay
timer expires, GR is complete. If the LDP session is not established, the IGP starts
the Hold-max-cost timer and advertises the maximum cost of the primary link, so
that the IGP route is switched to the backup link.
c. If the LDP session is established or the Hold-max-cost timer expires, the IGP
resumes the actual link cost of the interface. Then the IGP route is switched back to
the primary link.

3.2.5.4 LDP GR
LDP Graceful Restart (GR) ensures uninterrupted traffic transmission during a protocol restart
or active/standby switchover because the forwarding plane is separated from the control
plane.

Background
On an MPLS network, when the GR Restarter restarts a protocol or performs an active/
standby switchover, label forwarding entries on the forwarding plane are deleted, interrupting
data forwarding.

LDP GR can address this issue and therefore improve network reliability. During a protocol
restart or active/standby switchover, LDP GR retains label forwarding entries because the
forwarding plane is separated from the control plane. The device still forwards packets based
on the label forwarding entries, ensuring data transmission. After the protocol restart or
active/standby switchover is complete, the GR Restarter can restore to the original state with
the help of the GR Helper.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 64


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Concepts
LDP GR is a high-reliability technology based on non-stop forwarding (NSF). A GR process
involves GR Restarter and GR Helper devices:
l GR Restarter: has GR capability and restarts a protocol.
l GR Helper: assists in the GR process as a GR-capable neighbor of the GR Restarter.

NOTE

A stack system can function as a GR Restarter, and a standalone device can only function as a GR
Helper.

LDP GR uses the following timers:


l Forwarding State Holding timer: specifies the duration of the LDP GR process.
l Reconnect timer: controls the time during which the GR Helper waits for LDP session
reestablishment. After a protocol restart or active/standby switchover occurs on the GR
Restarter, the GR Helper detects that the LDP session with the GR Restarter is Down.
The GR Helper then starts this timer and waits for the LDP session to be reestablished
before the timer expires.
l Recovery timer: controls the time during which the GR Helper waits for LSP recovery.
After the LDP session is reestablished, the GR Helper starts this timer and waits for the
LSP to recover before the timer expires.

Implementation
Figure 3-10 shows LDP GR implementation.

Figure 3-10 LDP GR implementation


GR Restarter GR Helper

Negotiate GR capability
Active/Standby
switchover or
protocol restart
Send an LDP Initialization message
Reconnect
Reestablish an LDP session timer
Forwarding
State Holding
timer Exchange Label Mapping messages
Recovery
timer

LDP GR works as follows:


1. An LDP session is set up between the GR Restarter and GR Helper. The GR Restarter
and GR Helper negotiate GR capabilities during LDP session setup.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 65


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

2. When restarting a protocol or performing an active/standby switchover, the GR Restarter


starts the Forwarding State Holding timer, retains label forwarding entries, and sends an
LDP Initialization messages to the GR Helper. When the GR Helper detects that the LDP
session with the GR Restarter is Down, the GR Helper retains label forwarding entries of
the GR Restarter and starts the Reconnect timer.
3. After the protocol restart or active/standby switchover, the GR Restarter reestablishes an
LDP session with the GR Helper. If an LDP session is not reestablished before the
Reconnect timer expires, the GR Helper deletes label forwarding entries of the GR
Restarter.
4. After the GR Restarter reestablishes an LDP session with the GR Helper, the GR Helper
starts the Recovery timer. Before the Recovery timer expires, the GR Restarter and GR
Helper exchange Label Mapping messages over the LDP session. The GR Restarter
restores forwarding entries with the help of the GR Helper, and the GR Helper restores
forwarding entries with the help of the GR Restarter. After the Recovery timer expires,
the GR Helper deletes all forwarding entries that have not been restored.
5. After the Forwarding State Holding timer expires, the GR Restarter deletes label
forwarding entries and the GR is complete.

3.2.5.5 Local-and-Remote LDP Session


A local node can set up both local and remote LDP adjacencies with an LDP peer. That is, the
peer is maintained by both local and remote LDP adjacencies.
As shown in Figure 3-11, when the local LDP adjacency is deleted because the link
associated with the adjacency fails, the type of the peer may change but the peer status
remains unchanged. Depending on the adjacency type, the peer type can be local, remote, or
local-and-remote.
When the link is faulty or recovering, the peer type may change as well as the corresponding
session type. However, the session stays Up in this process and is not deleted or set to Down.

Figure 3-11 Local-and-remote LDP session between two nodes


Remote adjacency

Local
CE_1 PE_1 PE_2 CE_2
adjacency

A typical application of local-and-remote LDP is with an L2VPN. As shown in Figure 3-11,


L2VPN services are configured on PE_1 and PE_2. When the direct link between PE_1 and
PE_2 is disconnected and then recovers, the changes in the peer and session types are as
follows:
1. PE_1 and PE_2 have MPLS LDP enabled and establish a local LDP session. Then PE_1
and PE_2 are configured as remote peers and establish a remote LDP session. PE_1 and

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 66


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

PE_2 maintain both local and remote adjacencies. In this case, a local-and-remote LDP
session exists between PE_1 and PE_2. L2VPN messages are transmitted over this LDP
session.
2. When the physical link between PE_1 and PE_2 goes Down, the local LDP adjacency
goes Down. The route between PE_1 and PE_2 is reachable through P, so the remote
LDP adjacency is still Up. The session type changes to a remote session. Since the
session is still Up, L2VPN is uninformed of the session type change and does not delete
the session. This avoids the neighbor disconnection and recovery process and therefore
reduces the service interruption time.
3. When the physical link between PE_1 and PE_2 recovers, the local LDP adjacency goes
Up. The session is restored to a local-and-remote and remains Up. Again L2VPN is not
informed of the session type change and does not delete the session. This reduces the
service interruption time.

3.3 Specification
This section provides MPLS specifications supported by the device.
Table 3-6 lists the MPLS specifications.

Table 3-6 MPLS specifications


Item Specification

Maximum number of LSPs 4000

Maximum number of LDP peers 64 local LDP peers and 128 remote LDP
peers

3.4 Configuration Task Summary


After basic functions of MPLS LDP are configured, you can build an MPLS network using
LDP. To ensure network reliability and security, you need to perform other configuration in
addition to MPLS LDP.
Table 3-7 describes the MPLS LDP configuration tasks.

Table 3-7 Configuration task summary of MPLS LDP


Scenario Description Task

Configure basic You can build an MPLS network 3.7.1 Configuring Basic
functions of and establish LDP LSPs only after Functions of MPLS LDP
MPLS LDP basic functions of MPLS LDP are
configured.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 67


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Scenario Description Task

Configure LDP This function enables LDP to 3.7.2 Configuring LDP


extensions for search for routes according to the Extensions for Inter-Area LSPs
inter-area LSPs longest match principle and to
establish multiple inter-area LDP
LSPs based on the summarized
route.

Configure LDP The following reliability 3.7.3 Configuring Static BFD to


reliability technologies can be used to Detect an LDP LSP
improve MPLS network 3.7.4 Configuring Dynamic BFD
reliability: for LDP LSPs
l BFD for LDP LSPs: quickly 3.7.5 Configuring
detects faults on an LDP LSP Synchronization Between LDP
and triggers a traffic and IGP
switchover upon an LDP LSP
failure, minimizing packet 3.7.6 Configuring LDP GR
loss.
l Synchronization between LDP
and IGP: solves the traffic loss
problem when the primary
LSP is faulty in networking
where there are the primary
and backup LSPs.
l LDP GR: ensures
uninterrupted traffic
transmission when an active/
standby switchover or a
protocol restart occurs on the
neighboring device (GR
Restarter). LDP GR helps GR
Restarter to restart.

Configure LDP LDP security mechanisms ensure 3.7.7 Configuring LDP Security
security security of LDP messages. Mechanisms
mechanisms

Configure non- After this configuration is 3.7.8 Configuring Non-labeled


labeled public performed on access devices, Public Network Routes to Be
network routes to service data is forwarded to the Iterated to LSPs
be iterated to Internet through tunnels. By dong
LSPs this, core devices of the carrier do
not need to learn many Internet
routes, saving the routing table
storage space and CPU resources.

3.5 Configuration Notes


This section describes notes about configuring MPLS.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 68


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

When you configure MPLS on the switch, note the following:


l Only the S5700HI, S5710HI, S5710EI, and S6700EI support MPLS.
l With the default CPCAR, the device supports a maximum of 64 LDP peers.

3.6 Default Configuration


This section provides the default MPLS LDP configuration.

Table 3-8 Default Configuration of MPLS LDP


Parameter Default Setting

Global MPLS capability Disabled

Global MPLS LDP capability Disabled

Link-Hello send timer 5 seconds

Link-Hello hold timer 15 seconds

Target-Hello send timer 15 seconds

Target-Hello hold timer 45 seconds

Keepalive send timer 15 seconds

Keepalive hold timer 45 seconds

Exponential backoff timer Initial value: 15 seconds; maximum value:


120 seconds

Longest-match Disabled

Global BFD capability Disabled

LDP for Open Shortest Path First (OSPF) Disabled

LDP for Intermediate System to Disabled


Intermediate System (IS-IS)

LDP GR Disabled

3.7 Configuring MPLS LDP


This section describes how to configure MPLS LDP.

3.7.1 Configuring Basic Functions of MPLS LDP


You can build an MPLS network only after basic functions of MPLS LDP are configured.

Pre-configuration Tasks
Before configuring basic functions of MPLS LDP, complete the following task:

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 69


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

l Configuring static routes or an IGP to ensure that IP routes between LSRs are reachable
NOTE

When Routing Information Protocol version 1 (RIP-1) is used, you need to enable LDP to search
for routes to establish LSPs according to the longest match principle. For details, see 3.7.2
Configuring LDP Extensions for Inter-Area LSPs.

Configuration Process
Configure basic functions of MPLS LDP according to the following sequence.

3.7.1.1 Configuring the LSR ID

Context
An LSR ID identifies an LSR on a network. An LSR does not have the default LSR ID, and
you must configure an LSR ID for it. To enhance network reliability, you are advised to use
the IP address of a loopback interface on the LSR as the LSR ID.
Perform the following steps on each node in an MPLS domain.

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
mpls lsr-id lsr-id

The LSR ID of the local node is configured.


By default, no LSR ID is set.

----End

Follow-up Procedure
Before changing the configured LSP ID, run the undo mpls command in the system view.

NOTICE
Running the undo mpls command to delete all MPLS configurations will interrupt MPLS
services, so plan the LSR ID of each LSP uniformly to prevent LSR ID change.

3.7.1.2 Enabling Global MPLS

Context
You can perform other MPLS configurations only after enabling global MPLS.
Perform the following steps on each node in an MPLS domain.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 70


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
mpls

MPLS is enabled globally and the MPLS view is displayed.


By default, no node is enabled with MPLS.

----End

3.7.1.3 Enabling Global MPLS LDP

Context
You can perform other MPLS LDP configurations only after enabling global MPLS LDP.
Perform the following steps on each node in an MPLS domain.

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
mpls ldp

MPLS LDP is enabled globally and the MPLS LDP view is displayed.
By default, LDP is not enabled globally.
Step 3 (Optional) Run:
lsr-id lsr-id

The LSR ID is set for an LDP instance.


By default, the LSR ID of the LDP instance is the LSR ID of the local node. It is
recommended that the default value be used.
In certain networking where VPN instances are used, such as BGP/MPLS IP VPN
networking, if the VPN address and the LSR ID overlap, you need to configure LSR IDs for
LDP instances to ensure that TCP connections can be correctly set up.

----End

3.7.1.4 Configuring LDP Sessions

Context
The MPLS LDP session is classified into local LDP sessions and remote LDP sessions. You
can choose one of the following configurations according to your requirements:

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 71


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

l Configuring a local LDP session


In most cases, you need to configure a local LDP session when deploying MPLS LDP
services.
l Configuring a remote LDP session
In most cases, remote LDP sessions are not established between adjacent LSRs. A
remote LDP session is used for configuring a VLL or VPLS in Martini mode.

A local LDP session and a remote LDP session can coexist. That is, two LSRs can establish a
local LDP session and a remote LDP session simultaneously. In this case, configurations of
the local and remote LDP sessions at both ends must be the same.

Procedure
l Configuring a local LDP session

Perform the following steps on two directly connected LSRs.

a. Run:
system-view

The system view is displayed.


b. Run:
interface interface-type interface-number

The view of the interface on which the LDP session is to be set up is displayed.
c. (Optional) On an Ethernet interface, run:
undo portswitch

The interface is switched to Layer 3 mode.

By default, an Ethernet interface works in Layer 2 mode.


d. Run:
mpls

MPLS is enabled on the interface.

By default, no interface is enabled with MPLS.


e. Run:
mpls ldp

MPLS LDP is enabled on the interface.

By default, no interface is enabled with LDP.


l Configuring a remote MPLS LDP session

Perform the following steps on the LSRs on both ends of a remote LDP session.

a. Run:
system-view

The system view is displayed.


b. Run:
mpls ldp remote-peer remote-peer-name

The remote peer is created and the remote peer view is displayed.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 72


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

c. Run:
remote-ip ip-address

The IP address of the remote MPLS LDP peer is configured.

By default, the IP address of the remote LDP peer is not configured.

This IP address must be the LSR ID of the remote MPLS LDP peer. If the LSR IDs
of the LDP instance and the local node are different, use the LSR ID of the LDP
instance.

NOTICE
l Modifying or deleting the IP address of a remote peer leads to deletion of the
remote LDP session and MPLS service interruption.
l After the IP address of the remote peer is configured using the remote-ip ip-
address command, the value of ip-address cannot be used as the IP address of
the local interface. Otherwise, the remote session will be interrupted, causing
MPLS service interruption.

----End

3.7.1.5 (Optional) Configuring an LDP Transport Address

Context
LDP sessions are established based on TCP connections. Before two LSRs establish an LDP
session, they need to check the LDP transport address of each other, and then establish a TCP
connection.

Procedure
Step 1 Run:
system-view

The system view is displayed.

Step 2 Run:
interface interface-type interface-number

The view of the interface on which the LDP session is to be set up is displayed.

Step 3 (Optional) On an Ethernet interface, run:


undo portswitch

The interface is switched to Layer 3 mode.

By default, an Ethernet interface works in Layer 2 mode.

Step 4 Run:
mpls ldp transport-address { interface-type interface-number | interface }

An LDP transport address is specified.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 73


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

The default transport address for a node on a public network is the LSR ID of the node, and
the default transport address for a node on a private network is the primary IP address of an
interface on the node.
If LDP sessions are to be established over multiple links connecting two LSRs, LDP-enabled
interfaces on either LSR must use the default transport address or the same transport address.
If multiple transport addresses are configured on an LSR, only one transport address can be
used to establish only one LDP session.

NOTICE
Changing an LDP transport address interrupts an LDP session. Exercise caution when running
this command.

----End

3.7.1.6 (Optional) Configuring Timers for LDP Session

Context
Table 3-9 describes the timers for an LDP session.

Table 3-9 Timers for an LDP session


LDP Timer Description Suggestion

Hello send Used to send Hello messages On an unstable network, decrease the
timer: periodically to notify a peer value of a Hello send timer, speeding
l Link-Hello LSR of the local LSR's up network fault detection.
send timer presence and establish a Hello
(for only adjacency.
local LDP
sessions)
l Target-
Hello send
timer (for
only remote
LDP
sessions)

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 74


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

LDP Timer Description Suggestion

Hello hold Used to exchange Hello On a network with unstable links or a


timer: messages periodically between large number of packets, increase the
l Link-Hello two LDP peers to maintain the value of the Hello hold timer,
hold timer Hello adjacency. If no Hello preventing the LDP session from
(for only message is received after the being torn down and set up frequently.
local LDP Hello hold timer expires, the
sessions) Hello adjacency is torn down.
l Target-
Hello hold
timer (for
only remote
LDP
sessions)

Keepalive send Used to send Keepalive On an unstable network, set a smaller


timer messages periodically, value for a Keepalive send timer,
maintaining the LDP sessions. speeding up network fault detection.

Keepalive hold Used to send LDP PDUs over On a network with unstable links,
timer an LDP session, maintaining increase the value of the Keepalive
the LDP session. If no LDP hold timer, preventing the LDP
PDU is received after the session from flapping.
Keepalive hold timer expires,
the TCP connection is closed
and the LDP session is
terminated.

Exponential Started by an LSR that plays an l When a device is upgraded,


backoff timer active role after an LDP prolong the period for the active
Initialization message sent by role to retry setting up a session. In
the LSR to another LSR that this case, you can set larger initial
plays a passive role fails to be and maximum values for the
processed or parameters carried Exponential backoff timer.
in the message are rejected. The l When a device that bears services
LSP that plays the active role tends to alternate between Up and
periodically resends an LDP Down, shorten the period for the
Initialization message to initiate active role to retry setting up a
an LDP session before the session. In this case, you can set
Exponential backoff timer smaller initial and maximum
expires. values for the Exponential backoff
timer.

NOTE

When local and remote LDP sessions coexist, the timeout interval of the Keepalive hold timer of the
local and remote LDP sessions must be the same.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 75


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Procedure
l Configuring timers for a local LDP session
a. Run:
system-view

The system view is displayed.


b. Run:
interface interface-type interface-number

The view of an interface on which an LDP session is to be established is displayed.


c. (Optional) On an Ethernet interface, run:
undo portswitch

The interface is switched to Layer 3 mode.

By default, an Ethernet interface works in Layer 2 mode.


d. Run:
mpls ldp timer hello-send interval

A link Hello send timer is configured.

The default value of a link Hello send timer is one third of the value of a link Hello
hold timer.

Effective value of a link Hello send timer = Min {Configured value of the link
Hello send timer, one third of the value of the link Hello hold timer}
e. Run:
mpls ldp timer hello-hold interval

A link Hello hold timer is configured.

The default value of a link Hello hold timer is 15, in seconds.

The smaller value between two configured link Hello hold timers on both ends of
the LDP session takes effect.
f. Run:
mpls ldp timer keepalive-send interval

A Keepalive send timer is configured.

The default value of a Keepalive send timer is one third of the value of the
Keepalive hold timer.

Effective value of a Keepalive send timer = Min { Configured value of the


Keepalive send timer, one third of the value of the Keepalive hold timer }

If more than one LDP-enabled links connect two LSRs, the values of Keepalive
send timers for all links must be the same. Otherwise, LDP sessions become
unstable.
g. Run:
mpls ldp timer keepalive-hold interval

A Keepalive hold timer is configured.

The default value of a Keepalive hold timer is 45, in seconds.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 76


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

The smaller value between two configured Keepalive hold timers on both ends of
the LDP session takes effect.
If more than one LDP-enabled links connect two LSRs, the values of Keepalive
hold timers for all links must be the same. Otherwise, LDP sessions may fail to be
set up.

NOTICE
Changing the Keepalive hold timer value in an instance will interrupt the MPLS
service in the instance because the LDP session must be reestablished.

h. Configure an Exponential backoff timer.


i. Run:
quit

The system view is displayed.


ii. Run:
mpls ldp

The MPLS LDP view is displayed.


iii. Run:
backoff timer init max

An Exponential backoff timer is configured.


By default, the initial value is 15 and the maximum value is 120, in seconds.
Setting the initial value of the Exponential backoff timer to be greater than or
equal to 15s and the maximum value to be greater than or equal to 120s is
recommended.
l Configuring timers for a remote LDP session
a. Run:
system-view

The system view is displayed.


b. Run:
mpls ldp remote-peer remote-peer-name

The remote MPLS LDP peer view is displayed.


c. Run:
mpls ldp timer hello-send interval

The target Hello send timer is configured.


The default value of the target Hello send timer is one third of the value of a target
Hello hold timer that takes effect.
Effective value of a target Hello send timer = Min { Configured value of the target
Hello send timer, One third of the value of the target Hello hold timer }
d. Run:
mpls ldp timer hello-hold interval

The target Hello hold timer is configured.


The default value of the target Hello hold timer is 45, in seconds.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 77


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

The smaller value between two configured target Hello hold timers on both ends of
the LDP session takes effect.
e. Run:
mpls ldp timer keepalive-send interval

A Keepalive send timer is configured.

The default value of a Keepalive send timer is one third of the value of the
Keepalive hold timer.

Effective value of a Keepalive send timer = Min { Configured value of the


Keepalive send timer, one third of the value of the Keepalive hold timer }

If more than one LDP-enabled links connect two LSRs, the values of Keepalive
send timers for all links must be the same. Otherwise, LDP sessions become
unstable.
f. Run:
mpls ldp timer keepalive-hold interval

A Keepalive hold timer is configured.

The default value of a Keepalive hold timer is 45, in seconds.

The smaller value between two configured Keepalive hold timers on both ends of
the LDP session takes effect.

If more than one LDP-enabled links connect two LSRs, the values of Keepalive
hold timers for all links must be the same. Otherwise, LDP sessions may fail to be
set up.

NOTICE
Changing the Keepalive hold timer value in an instance may interrupt the MPLS
service in the instance because the LDP session must be reestablished.

g. Configure an Exponential backoff timer.


i. Run:
quit

The system view is displayed.


ii. Run:
mpls ldp

The MPLS LDP view is displayed.


iii. Run:
backoff timer init max

An Exponential backoff timer is configured.


By default, the initial value is 15 and the maximum value is 120, in seconds.
Setting the initial value of the Exponential backoff timer to be greater than or
equal to 15s and the maximum value to be greater than or equal to 120s is
recommended.

----End

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 78


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

3.7.1.7 (Optional) Configuring the PHP Feature

Context
No label needs to be swapped on the egress node of an LSP. PHP can be configured on the
egress node to allow the LSR at the penultimate hop to pop out the label from an MPLS
packet and send the packet to the egress node. After receiving the packet, the egress node
directly forwards the packet through an IP link or according to the next layer label. PHP helps
reduce the burden on the egress node.

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
mpls

The MPLS view is displayed.


Step 3 Run:
label advertise { explicit-null | implicit-null | non-null }

The label allocated to the LSR at the penultimate hop is configured.


The egress node can allocate different labels to the PHP based on the parameter setting.
l implicit-null: default value, which indicates that PHP is supported. If this parameter is
configured, the egress node allocates an implicit null label with the value of 3 to the LSR
at the penultimate hop.
l explicit-null: PHP is not supported. If this parameter is configured, the egress node
allocates an explicit null label with the value of 0 to the LSR at the penultimate hop.The
explicit-null parameter can be configured when MPLS QoS attributes are used.
l non-null: PHP is not supported. If this parameter is configured, the egress allocates a
common label with a value greater than or equal to 16 to the LSR at the penultimate hop.
NOTE

After the label advertise command is run to change the label distribution mode on the egress node, the
modification takes effect on new LSPs but not on existing LSPs. To enable the modification to take
effect on the existing LSPs, run the reset mpls ldp or lsp-trigger command.

----End

3.7.1.8 (Optional) Configuring an LDP Label Advertisement Mode

Context
By default, a downstream node sends Label Mapping messages to its upstream node. When
faults occur on the network, services can be fast switched to the standby path, improving
network reliability. Edge devices on the MPLS network are low-end devices. To ensure
network reliability, resources must be fully used. You can configure the Downstream on
Demand (DoD) mode to save system resources. In DoD mode, the downstream LSR sends a
Label Mapping message to the upstream LSR only when the upstream LSR sends a Label
Request message to the downstream LSR.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 79


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

NOTE

l Modifying a configured label advertisement mode leads to the reestablishment of an LDP session,
resulting in MPLS service interruption.
l When the local and remote LDP sessions coexist, they must be configured with the same label
advertisement mode.

Procedure
l Configuring an LDP label advertisement mode of local LDP session.
a. Run:
system-view

The system view is displayed.


b. Run:
interface interface-type interface-number

The interface view is displayed.


c. (Optional) On an Ethernet interface, run:
undo portswitch

The interface is switched to Layer 3 mode.

By default, an Ethernet interface works in Layer 2 mode.


d. Run:
mpls ldp advertisement { dod | du }

A label advertisement mode is configured.

By default, the label advertisement mode is downstream unsolicited (DU).

Inconsistency in label advertisement modes leads to failure in establishing LDP


LSPs between the two LDP peers over multiple links.
l Configuring an LDP label advertisement mode of remote LDP session.
a. Run:
system-view

The system view is displayed.


b. Run:
mpls ldp remote-peer remote-peer-name

A remote MPLS LDP peer is created and the remote MPLS LDP peer view is
displayed.
c. Run:
mpls ldp advertisement { dod | du }

A label advertisement mode is configured.

By default, the label advertisement mode is downstream unsolicited (DU).

----End

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 80


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

3.7.1.9 (Optional) Configuring LDP to Automatically Trigger the Request in DoD


Mode

Context
On a large-scale network, to reduce the burden on edge devices, use the DoD mode. Because
edge devices cannot learn the accurate route to the remote peer, an LDP LSP cannot be set up
even if LDP extensions for inter-area LSPs are configured. You can configure the DoD mode
in which the local LSR requests a Label Mapping message from a specified downstream LSR
or all LSRs to set up an LDP LSP.

NOTE

Before configuring LDP to automatically trigger the request in DoD mode, perform the following
operations:
l Configuring a remote LDP session according to 3.7.1 Configuring Basic Functions of MPLS
LDP
l 3.7.2 Configuring LDP Extensions for Inter-Area LSPs
l 3.7.1.8 (Optional) Configuring an LDP Label Advertisement Mode

Procedure
l Configure automatic triggering of a request to a downstream node for a Label Mapping
message associated with all remote LDP peers in DoD mode.
a. Run:
system-view

The system view is displayed.


b. Run:
mpls ldp

The MPLS LDP view is displayed.


c. Run:
remote-peer auto-dod-request

The LDP is configured to automatically trigger a request to the downstream node


for a label mapping message associated with all remote LDP peers in DoD mode.

By default, when the DoD is not used, the local LSR requests Label Mapping
messages from all downstream LSRs.
l Configure automatic triggering of a request to a downstream node for a Label Mapping
message associated with a remote LPD peer with a specified LSR ID in DoD mode.
a. Run:
system-view

The system view is displayed.


b. Run:
mpls ldp remote-peer remote-peer-name

A remote MPLS LDP peer is created and the remote MPLS-LDP peer view is
displayed.
c. Run:
remote-ip auto-dod-request [ block ]

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 81


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

The LDP is configured to automatically trigger a request to the downstream node


for a label mapping message associated with a remote LDP peer with a specified
LSR ID in DoD mode.

By default, when the DoD mode is not used,the local LSR requests a Label
Mapping message from a specified downstream LSR.

If the remote-peer auto-dod-request command is used, you cna specify block to


disable automatic triggering of a request to a downstream node for a label mapping
message associated with a remote LDP peer of a specified LSR ID in DoD mode.

----End

3.7.1.10 (Optional) Configuring LDP Loop Detection

Context
The device does not support LDP loop detection. If the neighbor of a node supports loop
detection and requires the same loop detection function on both ends of an LDP session,
configure LDP loop detection on the local node to ensure the establishment of an LDP
session.

Procedure
Step 1 Run:
system-view

The system view is displayed.

Step 2 Run:
mpls ldp

The MPLS LDP view is displayed.

Step 3 Run:
loop-detect

The device is enabled to advertise the look detection capabily during initialization of LDP
sessions.

By default, a device does not advertise loop detection capability during initialization of LDP
sessions.

NOTE
After the loop-detect command is run, the switch obtains the capability of negotiating LDP loop
detection but still does not support LDP loop detection.

Step 4 (Optional) Run:


path-vectors integer

The maximum value of a path vector is specified.

By default, a maximum of 32 hops of the path vector are used for LDP loop detection.

A path vector is carried in a Mapping message to record the addresses of nodes that an LDP
LSP has passed. By setting the maximum hops that a path vector can record, you can adjust
the sensitivity of LDP loop detection. If the maximum hops of a path vector is n, the egress

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 82


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

LSP triggered by local routes detects a loop after n + 1 hops, and the egress LSP triggered by
non-local routes detects a loop after n hops.

----End

3.7.1.11 (Optional) Configuring MPLS MTU

Context
The size of the maximum transmission unit (MTU) determines the maximum number of bytes
that can be transmitted by the sender at a time. If the MTU exceeds the maximum number of
bytes supported by the receiver or a transit device, packets are fragmented or even discarded,
which increases the network transmission load. In this manner, devices have to calculate the
MTU before the communication to ensure that sent packets reach the receiver successfully.
LDP MTU = Min {All MTUs advertised by all downstream devices, MTU of the local
outbound interface}
A downstream LSR uses the preceding formula to calculate an MTU, adds it to the MTU TLV
in a Label Mapping message, and sends the Label Mapping message to the upstream device.
If an MTU value changes (such as when the local outbound interface or its configuration is
changed), an LSR recalculates an MTU and sends a Label Mapping message carrying the new
MTU to its upstream LSR. The relationships between the MPLS MTU and the interface MTU
are as follows:
l If an interface MTU but not an MPLS MTU is configured on an interface, the interface
MTU is used.
l If both an MPLS MTU and an interface MTU are configured on an interface, the smaller
value between the MPLS MTU and the interface MTU is used.
MPLS determines the size of MPLS packets on the ingress node according to the LDP MTU
to prevent the transit node from forwarding large-sized MPLS packets.

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
mpls ldp

The MPLS LDP view is displayed.


Step 3 Run the following commands as required.
l Run:
undo mtu-signalling

The LSR is disabled from sending Label Mapping messages carrying MTU TLVs.
By default, the switch sends Label Mapping messages carrying the Huawei private MTU
TLV.
If a non-Huawei device does not support the MTU TLV, to implement interworking,
configure the device not to encapsulate the MTU TLV in Label Mapping messages. If the
LSR is disabled from sending the MTU TLV, the configured MPLS MTU does not take
effect.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 83


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

l Run:
mtu-signalling apply-tlv

The LSR is configured to send Label Mapping messages carrying MTU TLVs that
comply with RFC 3988.
By default, the switch sends Label Mapping messages carrying Huawei proprietary MTU
TLV.
If a non-Huawei device supports the MTU TLV, to implement interworking, configure
the device to send Label Mapping messages carrying MTU TLVs that comply with RFC
3988. Otherwise, the configured MPLS MTU may not take effect.

NOTICE
Enabling or disabling the function to send an MTU TLV leads the reestablishment of existing
LDP sessions, resulting in MPLS service interruption.

Step 4 Run:
quit

The system view is displayed.

Step 5 Run:
interface interface-type interface-number

The view of an MPLS-enabled interface is displayed.

Step 6 (Optional) On an Ethernet interface, run:


undo portswitch

The interface is switched to Layer 3 mode.

By default, an Ethernet interface works in Layer 2 mode.

Step 7 Run:
mpls mtu mtu

An MPLS MTU is configured on the interface.

By default, the MTU of MPLS packets is equal to the interface MTU.

----End

3.7.1.12 (Optional) Configuring the MPLS TTL Processing Mode

Context
MPLS processes the TTL in the following modes:

l MPLS TTL processing modes


In MPLS VPN applications, the MPLS backbone network needs to be shielded to ensure
network security. The MPLS Pipe mode on the ingress node is recommended for private
network packets. To reflect the path where packets pass, use the MPLS Uniform mode
on the ingress node.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 84


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

l Path where ICMP response packets are transmitted


By default, when the received MPLS packet contains only one label, the LSR directly
sends an ICMP response packet to the sender using an IP route. When the received
MPLS packet contains multiple labels, the LSR sends an ICMP response packet to the
sender along an LSP.
The MPLS VPN packets may contain only one label when they arrive at an autonomous
system boundary router (ASBR) on the MPLS VPN, or a superstratum PE (SPE) device
in HoVPN networking. These devices have no IP routes to the sender, so they forward
the ICMP response packets along an LSP.
The MPLS VPN packets may contain only one label when they arrive at an autonomous
system boundary router (ASBR) on the MPLS VPN. These devices have no IP routes to
the sender, so they forward the ICMP response packets along an LSP.

Procedure
l Configuring the MPLS TTL processing mode
Perform the following steps on the ingress node.
a. Run:
system-view

The system view is displayed.


b. Run:
undo ttl propagate

The MPLS TTL processing mode is set to Pipe.


Or, run:
ttl propagate

The MPLS TTL processing mode is set to Uniform.


By default, the TTL propagate function is enabled and the MPLS TTL processing
mode is Uniform.

NOTE

The ttl propagate command only take effect on LSPs that are to be set up. Before using the
function on LSPs that have been set up, run the reset mpls ldp command to reestablish the
LSPs.
l Configuring the path where ICMP response packets are transmitted
Perform the following steps on the ingress and egress nodes.
a. Run:
system-view

The system view is displayed.


b. Run:
mpls

The MPLS view is displayed.


c. Run:
undo ttl expiration pop

The device is configured to transmit ICMP response packets along an LSP.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 85


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Or, run:
ttl expiration pop

The device is configured to transmit ICMP response packets using an IP route.

By default, upon receiving an MPLS packet with one label, an LSR returns an
ICMP response packet using a local IP route.

----End

3.7.1.13 (Optional) Configuring the LDP Label Policies

Context
The LSR distributes labels to both upstream and downstream LDP peers, which increases the
LDP LSP convergence speed. However, receiving and sending Label Mapping messages
result in the establishments of a large number of LSPs, which wastes resources. To reduce the
number of LSPs and save memory, use the following policies:

l Configure the LDP inbound policy.


Configure LDP inbound policy to restrict the receiving of Label Mapping messages.
l Configure the LDP split horizon policy.
Access devices on the MPLS network have low performance If LDP distributes labels to
all peers, a large number of LSPs will be established, which cannot be processed by the
LSR. The split horizon policy is recommended.

Procedure
l Configure an inbound LDP policy.
a. Run:
system-view

The system view is displayed.


b. Run:
mpls ldp

The MPLS LDP view is displayed.


c. Run:
inbound peer { peer-id | peer-group peer-group-name | all } fec { none |
host | ip-prefix prefix-name }

An inbound policy for allowing the local LSR to receive Label Mapping messages
from a specified LDP peer for a specified IGP route is configured.

To apply a policy associated with a single Forwarding Equivalence Class (FEC)


range to an LDP peer group or all LDP peers from which the local LSR receives
Label Mapping messages, configure either the peer-group peer-group-name or all
parameter in the command.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 86


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

NOTE

If multiple inbound policies are configured for a specified LDP peer, the first configured one
takes effect. For example, the following two inbound policies are configured:
inbound peer 2.2.2.2 fec host
inbound peer peer-group group1 fec none
As group1 also contains an LDP peer with peer-id of 2.2.2.2, the following inbound policy
takes effect:
inbound peer 2.2.2.2 fec host
If two inbound policies are configured in sequence and the peer parameters in the two
commands are the same, the second command overwrites the first one. For example, the
following two inbound policies are configured:
inbound peer 2.2.2.2 fec host
inbound peer 2.2.2.2 fec none
The second configuration overwrites the first one. This means that the following inbound
policy takes effect on the LDP peer with peer-id of 2.2.2.2:
inbound peer 2.2.2.2 fec none

l Configure an LDP split horizon policy.


a. Run:
system-view

The system view is displayed.


b. Run:
mpls ldp

The MPLS LDP view is displayed.


c. Run:
outbound peer { peer-id | all } split-horizon

A split horizon policy is configured to distribute labels to only upstream LDP peers.
By default, split horizon is not enabled and an LSR distributes labels to both
upstream and downstream LDP peers.

NOTE

The all parameter takes preference over the peer-id parameter. For example, the outbound
peer all split-horizon and then outbound peer 2.2.2.2 split-horizon commands are run, the
outbound peer all split-horizon command can be saved in the configuration file and take
effect, not the outbound peer 2.2.2.2 split-horizon command.

----End

Follow-up Procedure
l To delete all inbound policies simultaneously, run the undo inbound peer all command.
l To delete all outbound policies simultaneously, run the undo outbound peer all
command.

3.7.1.14 (Optional) Disabling a Device from Distributing Labels to Remote Peers

Context
In MPLS L2VPN scenarios using LDP (including Martini VLL, PWE3, and Martini VPLS),
PEs at both ends need to establish a remote LDP session. The remote LDP session is only
used to transmit Label Mapping messages, so LDP is not required. By default, LDP allocates

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 87


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

common LDP labels to remote peers. Many useless idle labels are generated, wasting LDP
labels.

To solve the preceding problem, disable a device from distributing labels to remote peers to
save system resources. You can use either of the following modes:

l In the LDP view, disable the PE from distributing labels to all remote peers.
l In the view of a specified remote peer, disable the PE from distributing labels to the
specified remote peer.

Procedure
l Disable a device from distributing labels to a specified remote peer.
a. Run:
system-view

The system view is displayed.


b. Run:
mpls ldp remote-peer remote-peer-name

The remote MPLS LDP peer view is displayed.


c. Run:
remote-ip ip-address pwe3

LDP is prevented from allocating public network labels to a specified remote peer
device.

By default, the IP address of the remote LDP peer is not configured.


l Disable a device from distributing LDP labels to all remote peers.
a. Run:
system-view

The system view is displayed.


b. Run:
mpls ldp

The MPLS LDP view is displayed.


c. Run:
remote-peer pwe3

LDP is prevented from allocating public network labels to all remote peer devices.

By default, an LSR is permitted to distribute public network labels to all remote


peers.

----End

3.7.1.15 (Optional) Configuring a Policy for Triggering LDP LSP Establishment

Context
After MPLS LDP is enabled, LSPs are automatically established. If no policy is configured,
an increasing number of LSPs are established, wasting resources.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 88


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

l Configure the lsp-trigger command on the ingress and egress nodes to trigger LSP setup
based on routes. This setting controls the number of LSPs and saves network resources.
l Configure the propagate mapping command on the transit node to allow LDP to use
routes matching specified conditions to establish transit LSPs. For the routes that do not
match specified conditions, the local device does not send Label Mapping messages to
the upstream device, which reduces the number of LSPs and saves network resources.

By default, the lsp-trigger command is used. If policies cannot be configured on the ingress
and egress nodes, configure the propagate mapping command.

Procedure
l Perform the following steps on the ingress and egress nodes:
a. Run:
system-view

The system view is displayed.


b. Run:
mpls

The MPLS view is displayed.


c. Run:
lsp-trigger { all | host | ip-prefix ip-prefix-name | none }

A policy for triggering LSP establishment based on static and IGP routes is
configured.

By default, the policy is host. This policy allows LDP to use 32-bit host-address
routes ( except 32-bit host-address of interfaces ) to establish LSPs.

NOTE

LSPs can be established using exactly matching routes on LSRs. For example, an exactly
matching host route to an IP address with a 32-bit mask of a loopback interface can be used
to trigger LSP establishment.
l Perform the following steps on the transit nodes:
a. Run:
system-view

The system view is displayed.


b. Run:
mpls ldp

The MPLS LDP view is displayed.


c. Run:
propagate mapping for ip-prefix ip-prefix-name

A policy for triggering transit LSP establishment is configured.

By default, LDP uses all routes without filtering them to establish transit LSPs.

----End

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 89


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

3.7.1.16 (Optional) Configuring Delayed Transmission of Label Withraw


Messages

Context
An LSP on a local node flaps because an LDP session between the node and its downstream
peer flaps, a route flaps, or an LDP policy is modified. The local node repeatedly sends Label
Withdraw and Label Mapping messages in sequence to upstream nodes. This causes the
upstream nodes to repeatedly tear down and reestablish LSPs. As a result, the entire LDP LSP
flaps. The label withdraw delay function prevents the entire LDP LSP from flapping.

Perform the following steps on each node of an LDP LSP:

Procedure
Step 1 Run:
system-view

The system view is displayed.

Step 2 Run:
mpls ldp

The MPLS-LDP view is displayed.

Step 3 Run:
label-withdraw-delay

The label withdraw delay function is enabled.

By default, the label withdraw delay function is disabled.

Step 4 Run:
label-withdraw-delay timer time

The delay time for a Label Withdraw message to be sent is set.

The default delay time is 5 seconds.

----End

3.7.1.17 Checking the Configuration

Prerequisites
The configurations of the MPLS LDP function are complete.

Procedure
l Run the display default-parameter mpls management command to check default
configurations of the MPLS management module.
l Run the display default-parameter mpls ldp command to check the default
configurations of MPLS LDP.
l Run the display mpls interface [ interface-type interface-number ] [ verbose ]
command to check information about MPLS-enabled interfaces.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 90


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

l Run the display mpls ldp [ all ] [ verbose ] command to check LDP information.
l Run the display mpls ldp interface [ interface-type interface-number | [ all ]
[ verbose ] ] command to check information about LDP-enabled interfaces.
l Run the display mpls ldp adjacency [ interface interface-type interface-number |
remote ] [ peer peer-id ] [ verbose ] command to check information about LDP
adjacencies.
l Run the display mpls ldp adjacency statistics command to check statistics about LDP
adjacencies.
l Run the display mpls ldp session [ [ all ] [ verbose ] | peer-id ] command to check the
LDP session status.
l Run the display mpls ldp session statistics command to check statistics about sessions
between LDP peers.
l Run the display mpls ldp peer [ [ all ] [ verbose ] | peer-id ] command to check
information about LDP peers.
l Run the display mpls ldp peer statistics command to check statistics about LDP peers.
l Run the display mpls ldp remote-peer [ remote-peer-name | peer-id lsr-id ] command
to check information about the LDP remote peer.
l Run the display mpls ldp lsp [ all ] command to check LDP LSP information.
l Run the display mpls ldp lsp statistics command to check statistics about LDP LSPs.
l Run the display mpls route-state [ { exclude | include } { idle | ready | settingup } * |
destination-address mask-length ] [ verbose ] command to check the dynamic LSP route.
l Run the display mpls lsp [ verbose ] command to check LSP information.
l Run the display mpls lsp statistics command to check statistics about the LSPs that are
in the Up state and the number of the LSPs that are activated on the ingress, transit, and
egress nodes.
l Run the display mpls label all summary command to check allocation information
about all MPLS labels.

----End

3.7.2 Configuring LDP Extensions for Inter-Area LSPs


LDP extensions for inter-area LSPs enable LDP to search for routes according to the longest
match principle and use summarized routes to establish LDP LSPs spanning multiple IGP
areas.

Pre-configuration Tasks
Before configuring LDP extensions for inter-area LSPs, complete the following tasks:

l Configuring a local LDP session according to 3.7.1 Configuring Basic Functions of


MPLS LDP
l Configuring a policy for summarizing routes according to S2750&S5700&S6700 Series
Ethernet Switches Configuration Guide - IP Routing

Context
To configure LDP extensions for inter-area LSPs, configure the ingress or transit node.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 91


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Procedure
Step 1 Run:
system-view

The system view is displayed.

Step 2 Run:
mpls ldp

The MPLS LDP view is displayed.

Step 3 Run:
longest-match

LDP is configured to search for routes based on the longest match rule to establish LSPs.

By default, LDP searches for routes to establish LSPs based on the exact matching rule.

----End

Checking the Configuration


Run the display mpls lsp command to check the setup of inter-area LSPs after LDP is
configured to search for routes based on the longest match rule to establish LSPs.

3.7.3 Configuring Static BFD to Detect an LDP LSP


Static BFD for LDP LSPs fast detect faults on an LDP LSP. Static BFD for LDP LSPs can be
flexibly deployed, but needs to be manually controlled.

Context
When static BFD monitors an LDP LSP, pay attention to the following points:
l BFD is bound to only the ingress node of an LDP LSP.
l One LSP is bound to only one BFD session.
l The detection only supports the LDP LSP that is triggered to establish by the host route.
l The forwarding modes on the forwarding path and reverse path can be different (for
example, an IP packet is sent from the source to the destination through an LSP, and is
sent from the destination to the source in IP forwarding mode), but the forwarding path
and reverse path must be established over the same link. If they use different links, BFD
cannot identify the faulty path when a fault is detected.

Pre-configuration Tasks
Before configuring static BFD to detect an LDP LSP, complete the following task:

l Configuring a local LDP session according to 3.7.1 Configuring Basic Functions of


MPLS LDP

Configuration Process
Configure static BFD for LDP LSPs according to the following sequence.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 92


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

3.7.3.1 Configuring BFD with Specific Parameters on the Ingress Node

Context
BFD parameters on the ingress node include the local and remote discriminators, intervals for
sending and receiving BFD packets, and local BFD detection multiplier. The BFD parameters
affect BFD session setup.
You can adjust the local detection time according to the network situation. On an unstable
link, if a small detection time is used, a BFD session may flap. You can increase the detection
time of the BFD session.

NOTE

Actual interval for the local device to send BFD packets = MAX { locally configured interval for
sending BFD packets, remotely configured interval for receiving BFD packets }
Actual interval for the local device to receive BFD packets = MAX { remotely configured interval for
sending BFD packets, locally configured interval for receiving BFD packets }
Local detection time = Actual interval for receiving BFD packets x Remotely configured BFD detection
multiplier

Perform the following steps on the ingress node of an LSP:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
bfd

This node is enabled with the global BFD function. The global BFD view is displayed.
By default, global BFD is disabled.
Step 3 Run:
quit

Return to the system view.


Step 4 Run:
bfd cfg-name bind ldp-lsp peer-ip ip-address nexthop ip-address [ interface
interface-type interface-number ]

The BFD session is bound to a dynamic LSP.


When the IP address of the egress node on the LSP to be detected is borrowed or lent, an
interface must be specified.
Step 5 Set local and remote discriminators of a BFD session.
l Run:
discriminator local discr-value

The local discriminator is configured.


l Run:
discriminator remote discr-value

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 93


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

The remote discriminator is configured.


NOTE

The local and remote identifiers on both ends of a BFD session must be consistent with each other;
otherwise, the session cannot be established correctly. In addition, the local and remote identifiers cannot
be modified after configuration.

Step 6 (Optional) Run:


min-tx-interval interval

The interval for sending BFD packets is set on the local device.

By default, the interval for sending BFD packets is 1000 ms.

Step 7 (Optional) Run:


min-rx-interval interval

The interval for receiving BFD packets is set on the local device.

By default, the interval for receiving BFD packets is 1000 ms.

Step 8 (Optional) Run:


detect-multiplier multiplier

The local BFD detection multiplier is set.

The default value is 3.

Step 9 Run:
process-pst

The changes of BFD session status can be advertised to the application on the upper layer.

By default, a static BFD session cannot report faults of the monitored service module to the
system.

Step 10 Run:
commit

The configuration is committed.

----End

Follow-up Procedure
When the BFD session is established and its status is Up, the BFD starts to detect failure in an
LDP LSP.

When the LDP LSP is deleted, the BFD status turns Down.

3.7.3.2 Configuring BFD with Specific Parameters on the Egress Node

Context
BFD parameters on the egress node includes the local and remote discriminators, intervals for
sending and receiving BFD packets, and local BFD detection multiplier. The BFD parameters
affect BFD session setup.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 94


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

You can adjust the local detection time according to the network situation. On an unstable
link, if a small detection time is used, a BFD session may flap. You can increase the detection
time of the BFD session.

NOTE

Actual interval for the local device to send BFD packets = MAX {locally configured interval for sending
BFD packets, remotely configured interval for receiving BFD packets}
Actual interval for the local device to receive BFD packets = MAX {remotely configured interval for
sending BFD packets, locally configured interval for receiving BFD packets}
Local detection time = Actual interval for receiving BFD packets x Remotely configured BFD detection
multiplier

Perform the following steps on the egress node of the LSP.

Procedure
Step 1 Run:
system-view

The system view is displayed.

Step 2 Run:
bfd

This node is enabled with global BFD. The global BFD view is displayed.

By default, global BFD is disabled.

Step 3 Run:
quit

Return to the system view.

Step 4 Configure a reverse tunnel to inform the ingress node of a fault if the fault occurs. The reverse
tunnel can be the IP link, LSP, or TE tunnel. To ensure that BFD packets are received and sent
along the same path, an LSP or TE tunnel is preferentially used to inform the egress node of
an LSP fault. If the configured reverse tunnel requires BFD detection, configure a pair of BFD
sessions for it. Run the following commands as required.
l For the IP link, run:
bfd cfg-name bind peer-ip peer-ip [ vpn-instance vpn-instance-name ]
[ interface interface-type interface-number ] [ source-ip source-ip ]

l For the dynamic LSP, run:


bfd cfg-name bind ldp-lsp peer-ip ip-address nexthop ip-address [ interface
interface-type interface-number ]

l For the static LSP, run:


bfd cfg-name bind static-lsp lsp-name

l For MPLS TE, run:


bfd cfg-name bind mpls-te interface tunnel interface-number [ te-lsp
[ backup ] ]

Step 5 Set local and remote discriminators of a BFD session.


l Run:
discriminator local discr-value

The local discriminator is configured.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 95


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

l Run:
discriminator remote discr-value

The remote discriminator is configured.


NOTE

The local identifier and remote identifier on both ends of a BFD session must accord with each other.
The session cannot be established correctly otherwise. In addition, the local identifier and remote
identifier cannot be modified after configuration.

Step 6 (Optional) Run:


min-tx-interval interval

The interval for sending BFD packets is set on the local device.
By default, the interval for sending BFD packets is 1000 ms.
Step 7 (Optional) Run:
min-rx-interval interval

The interval for receiving BFD packets is set on the local device.
By default, the interval for receiving BFD packets is 1000 ms.
Step 8 (Optional) Run:
detect-multiplier multiplier

The local BFD detection multiplier is set.


The default value is 3.
Step 9 (Optional) Run:
process-pst

The changes of the BFD session status can be advertised to the upper-layer application.
By default, a static BFD session cannot report faults of the monitored service module to the
system.
If an LSP is used as a reverse tunnel to notify the ingress of a fault, you can run this command
to allow the reverse tunnel to switch traffic if the BFD session goes Down. If a single-hop IP
link is used as a reverse tunnel, this command can be configured. Because the process-pst
command can be only configured for BFD single-link detection.
Step 10 Run:
commit

The configuration is committed.

----End

3.7.3.3 Checking the Configuration

Prerequisites
The configurations of the static BFD for LDP LSP are complete.

Procedure
l Run the display bfd configuration { all | static } command to check the BFD
configuration.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 96


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

l Run the display bfd session { all | static } command to check information about the
BFD session.
l Run the display bfd statistics session { all | static } command to check statistics about
BFD.
----End

3.7.4 Configuring Dynamic BFD for LDP LSPs


You do not need to specify BFD parameters when configuring dynamic BFD for LDP LSPs.
Dynamic BFD for LDP LSPs speeds up link fault detection and reduces the configuration
workload. This configuration is simple and flexible.

Context
When configuring dynamic BFD for LDP LSPs, pay attention to the following points:
l Dynamic BFD only monitors the LDP LSP that is established using a host route.
l The forwarding modes on the forwarding path and reverse path can be different (for
example, an IP packet is sent from the source to the destination through an LSP, and is
sent from the destination to the source in IP forwarding mode), but the forwarding path
and reverse path must be established over the same link. If they use different links, BFD
cannot identify the faulty path when a fault is detected.

Pre-configuration Tasks
Before configuring the dynamic BFD for LDP LSP, complete the following tasks:

l Configuring a local LDP session according to 3.7.1 Configuring Basic Functions of


MPLS LDP

Configuration Process
Configure dynamic BFD for LDP LSPs according to the following sequence.

3.7.4.1 Enabling Global BFD Capability

Context
Perform the following steps on the ingress and egress nodes:

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
bfd

Enable BFD globally.


By default, global BFD is disabled.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 97


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

You can set BFD parameters only after enabling global BFD.

----End

3.7.4.2 Enabling MPLS to Dynamically Establish BFD Sessions

Context
You can enable MPLS to dynamically establish BFD sessions after enabling BFD on the
ingress and egress nodes.

Procedure
l Perform the following steps on the ingress node:
a. Run:
system-view

The system view is displayed.


b. Run:
mpls

The MPLS view is displayed.


c. Run:
mpls bfd enable

An LDP LSP is enabled with the capability of creating BFD session dynamically.

By default, an ingress cannot dynamically create BFD sessions for monitoring LDP
LSPs.

The BFD session is not created after this command is run.


l Perform the following steps on the egress node:
a. Run:
system-view

The system view is displayed.


b. Run:
bfd

The BFD view is displayed.


c. Run:
mpls-passive

The function of creating BFD session passively is enabled.

By default, the egress node of an LSP cannot passively create a BFD session.

Running this command cannot create a BFD session. The BFD session is not
created until the egress node receives the request packet that contains LSP ping of
BFD TLV from the ingress node.

----End

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 98


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

3.7.4.3 Configuring the Triggering Policy of Dynamic BFD for LDP LSP

Context
There are two triggering policies to establish the session of dynamic BFD for LDP LSP:
l Host mode: is used when all host addresses are required to be triggered to create BFD
session. You can specify parameters of nexthop and outgoing-interface to define LSPs
that can create a BFD session.
l FEC list mode: is used when only a part of host addresses are required to be triggered to
create a BFD session. You can use the fec-list command to specify host addresses.
You can configure the triggering policy on the source end of the detected LSP.

Procedure
Step 1 Run:
system-view

The system view is displayed.

Step 2 (Optional) If you need the FEC list triggering policy, perform the following operations in this
step:
1. Run:
fec-list list-name

A FEC list is created, and the FEC list view is displayed.

By default, no FEC list is created.


2. Run:
fec-node ip-address [ nexthop ip-address | outgoing-interface interface-type
interface-number ] *

A FEC node is added to the FEC list.

By default, no FEC node is created.


3. Run:
quit

Return to the system view.

Step 3 Run:
mpls

The MPLS view is displayed.

Step 4 Run:
mpls bfd-trigger [ host [ nexthop next-hop-address | outgoing-interface interface-
type interface-number ] * | fec-list list-name ]

The triggering policy to establish the session of dynamic BFD for LDP LSP is configured.

By default, no trigger policy for an LDP BFD session is configured.

After the command is run, the BFD session is started to create.

----End

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 99


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

3.7.4.4 (Optional) Adjusting BFD Parameters

Context
BFD parameters include the minimum intervals for sending and receiving BFD packets, and
local BFD detection multiplier. The parameters affect BFD session setup.

You can adjust the local detection time according to the network situation. On an unstable
link, if a small detection time is used, a BFD session may flap. You can increase the detection
time of the BFD session.

NOTE

Actual interval for the local device to send BFD packets = MAX {locally configured interval for sending
BFD packets, remotely configured interval for receiving BFD packets}
Actual interval for the local device to receive BFD packets = MAX {remotely configured interval for
sending BFD packets, locally configured interval for receiving BFD packets}
Local detection time = Actual interval for receiving BFD packets x Remotely configured BFD detection
multiplier

Perform the following steps on the ingress node.

Procedure
Step 1 Run:
system-view

The system view is displayed.

Step 2 Run:
bfd

The BFD view is displayed.

Step 3 Run:
mpls ping interval interval

The interval for sending LSP ping packets is adjusted.

By default, the interval at which LSP ping packets are sent in a dynamic BFD session is 60
seconds.

Step 4 Run:
quit

Exit from the BFD view.

Step 5 Run:
mpls

The MPLS view is displayed.

Step 6 Run:
mpls bfd { min-tx-interval interval | min-rx-interval interval | detect-
multiplier multiplier }*

BFD time parameters are set.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 100


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

By default, the interval between BFD packet transmissions and the interval between BFD
packet receipts are 1000 ms, and the detection multiple is 3.

----End

3.7.4.5 Checking the Configuration

Prerequisites
The configurations of the dynamic BFD for LDP LSP function are complete.

Procedure
l Run the display bfd configuration all [ verbose ] command to check the BFD
configuration (ingress).
l Run the display bfd configuration passive-dynamic [ peer-ip peer-ip remote-
discriminator discriminator ] [ verbose ] command to check the BFD configuration
(egress).
l Run the display bfd session all [ verbose ] command to check information about the
BFD session (ingress).
l Run the display bfd session passive-dynamic [ peer-ip peer-ip remote-discriminator
discriminator ] [ verbose ] command to check information about the BFD established
passively (egress).
l Run the display mpls bfd session [ statistics | protocol ldp | outgoing-interface
interface-type interface-number | nexthop ip-address | fec fec-address | verbose |
monitor ] command to check information about MPLS BFD session (ingress).
----End

3.7.5 Configuring Synchronization Between LDP and IGP


Synchronization between LDP and IGP applies to MPLS networks where primary and backup
LSPs exist. LSPs are established between LSRs based on IGP. When the LDP session on the
primary LSP fails (not due to a link failure) or the faulty primary LSP is restored, you can
enable synchronization between LDP and IGP to prevent traffic interruption caused by the
active/standby switchover.

Pre-configuration Tasks
Before configuring synchronization between LDP and IGP, complete the following task:
l Configuring a local LDP session according to 3.7.1 Configuring Basic Functions of
MPLS LDP

Configuration Process
Enabling synchronization between LDP and IGP is mandatory and other tasks are optional.

3.7.5.1 Enabling Synchronization Between LDP and IGP

Context
Synchronization between LDP and IGP can be configured in either of the following modes:

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 101


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

l Enable this function in the interface view.


This mode allows synchronization between LDP and IGP to be enabled on interfaces.
This mode applies to the scenario where a few interfaces need to support this function.
l Enable this function in an IGP process.
This mode allows synchronization between LDP and IGP to be enabled on all interfaces
in the IGP process. This mode applies to the scenario where many interfaces on a node
need to support this function.
NOTE

l Synchronization between LDP and IGP can be enabled in IS-IS processes, not OSPF
processes.
l If the synchronization status between LDP and IS-IS is different on an interface and in an IS-
IS process, the synchronization status on the interface takes effect.

Procedure
l If OSPF is used as an IGP, perform the following steps:
a. Run:
system-view

The system view is displayed.


b. Run:
interface interface-type interface-number

The interface view is displayed.


c. (Optional) On an Ethernet interface, run:
undo portswitch

The interface is switched to Layer 3 mode.

By default, an Ethernet interface works in Layer 2 mode.


d. Run:
ospf ldp-sync

Synchronization between LDP and OSPF is enabled on the specified interface.

By default, synchronization between LDP and OSPF is disabled on an interface.


l If IS-IS is used as an IGP, perform the following steps:
Enable synchronization between LDP and IS-IS on an interface.
a. Run:
system-view

The system view is displayed.


b. Run:
interface interface-type interface-number

The interface view is displayed.


c. (Optional) On an Ethernet interface, run:
undo portswitch

The interface is switched to Layer 3 mode.

By default, an Ethernet interface works in Layer 2 mode.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 102


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

d. Run:
isis enable process-id

IS-IS is enabled.
e. Run:
isis ldp-sync

Synchronization between LDP and IS-IS is enabled on the specified interface.


By default, synchronization between LDP and IS-IS is disabled on an interface.
Enable synchronization between LDP and IS-IS in an IS-IS process.
a. Run:
system-view

The system view is displayed.


b. Run:
isis [ process-id ]

The IS-IS process view is displayed.


process-id specifies an IS-IS process. If process-id is not specified, the default IS-IS
process ID of the system is 1.
c. Run:
ldp-sync enable [ mpls-binding-only ]

Synchronization between LDP and IS-IS is enabled on all interfaces in the specified
IS-IS process.
By default, synchronization between LDP and IS-IS is disabled on all interfaces in
an IS-IS process.
If you want to enable synchronization between LDP and IS-IS on MPLS LDP-
enabled interfaces, please specify the parameter mpls-binding-only.
----End

3.7.5.2 (Optional) Blocking Synchronization Between LDP and IS-IS on an


Interface

Context
The ldp-sync enable command run in an IS-IS process enables synchronization between LDP
and IS-IS on all local IS-IS interfaces. On an IS-IS interface transmits importance services,
LDP and IS-IS synchronization may affect service transmission. If the link is working
properly and an LDP session over the link fails, IS-IS sends link state PDUs (LSPs) to
advertise the maximum cost of the link. As a result, IS-IS does not select the route for the
link, which affects important service transmission.
To prevent the preceding problem, block LDP and IS-IS synchronization on an IS-IS interface
that transmits important services.

Procedure
Step 1 Run:
system-view

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 103


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

The system view is displayed.

Step 2 Run:
interface interface-type interface-number

The IS-IS interface view is displayed.

Step 3 (Optional) On an Ethernet interface, run:


undo portswitch

The interface is switched to Layer 3 mode.

By default, an Ethernet interface works in Layer 2 mode.

Step 4 Run:
isis ldp-sync block

Synchronization between LDP and IS-IS is blocked on the interface.

By default, synchronization between LDP and IS-IS is not blocked on an interface.

----End

3.7.5.3 (Optional) Setting the Hold-down Timer Value

Context
On a device that has LDP-IGP synchronization enabled, if the active physical link recovers,
an IGP enters the Hold-down state, and a Hold-down timer starts. Before the Hold-down
timer expires, the IGP delays establishing an IGP neighbor relationship until an LDP session
is established over the active link so that the LDP session over and IGP route for the active
link can become available simultaneously.

NOTE

If IS-IS is used, you can set the value of the Hold-down timer on a specified interface or set the value of
the Hold-down timer for all IS-IS interfaces in the IS-IS view.
If different Hold-down values on an interface and in an IS-IS process are set, the setting on the interface
takes effect.

Procedure
l If OSPF is used as an IGP, perform the following steps:
a. Run:
system-view

The system view is displayed.


b. Run:
interface interface-type interface-number

The interface view is displayed.


c. (Optional) On an Ethernet interface, run:
undo portswitch

The interface is switched to Layer 3 mode.

By default, an Ethernet interface works in Layer 2 mode.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 104


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

d. Run:
ospf timer ldp-sync hold-down value

The interval during which OSPF waits for an LDP session to be established is set.
By default, the Hold-down timer value is 10 seconds.
l If IS-IS is used as an IGP, perform the following steps:
Set the Hold-down timer on a specified IS-IS interface.
a. Run:
system-view

The system view is displayed.


b. Run:
interface interface-type interface-number

The interface view is displayed.


c. (Optional) On an Ethernet interface, run:
undo portswitch

The interface is switched to Layer 3 mode.


By default, an Ethernet interface works in Layer 2 mode.
d. Run:
isis timer ldp-sync hold-down value

The interval during which IS-IS waits for an LDP session to be established is set.
By default, the Hold-down timer value is 10 seconds.
Set the Hold-down timer on all IS-IS interfaces in a specified IS-IS process.
a. Run:
system-view

The system view is displayed.


b. Run:
isis [ process-id ]

The IS-IS process view is displayed.


c. Run:
timer ldp-sync hold-down value

The Hold-down timer is set, which enables all IS-IS interfaces within an IS-IS
process to delay establishing IS-IS neighbor relationships until LDP sessions are
established.
By default, the Hold-down timer value is 10 seconds.
----End

3.7.5.4 (Optional) Setting the Hold-max-cost Timer Value

Context
If an LDP session over the active link fails but an IGP route for the active link is reachable, a
node that has LDP-IGP synchronization enabled uses a Hold-max-cost timer to enable an IGP

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 105


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

to advertise LSAs or LSPs carrying the maximum route cost, which delays IGP route
convergence until an LDP session is established. Therefore, an IGP route for a standby link
and an LDP session over the standby link can become available simultaneously.

You can set the Hold-max-cost timer value in either of the following methods:
l Setting the Hold-max-cost timer value in the interface view
You can set the Hold-max-cost timer value on a specified interface. This mode applies to
the scenario where a few interfaces need to use the Hold-max-cost timer.
l Setting the Hold-max-cost timer value in the IGP process
After you set the Hold-max-cost timer value in the IGP process, the Hold-max-cost
timers on all interfaces in the IGP process are set to this value. This mode applies to the
scenario where many interfaces on a node need to use the Hold-max-cost timer.
NOTE

A Hold-max-cost timer can be set on either an OSPF or IS-IS interface and can only be set in an
IS-IS process, not an OSPF process.
If different Hold-max-cost values on an interface and in an IS-IS process are set, the setting on the
interface takes effect.

Select parameters based on networking requirements:


l If an IGP carries only LDP services, configure the parameter infinite to ensure that a
selected IGP route is kept consistent with the LDP LSP.
l If an IGP carries multiple types of services including LDP services, set the value of the
parameter value to ensure that a teardown of LDP sessions does not affect IGP route
selection or other services.

Procedure
l If OSPF is used as an IGP, perform the following steps:
a. Run:
system-view

The system view is displayed.


b. Run:
interface interface-type interface-number

The interface view is displayed.


c. (Optional) On an Ethernet interface, run:
undo portswitch

The interface is switched to Layer 3 mode.

By default, an Ethernet interface works in Layer 2 mode.


d. Run:
ospf timer ldp-sync hold-max-cost { value | infinite }

The interval for advertising the maximum cost in the LSAs of local LSRs through
OSPF is set.

By default, the value of the Hold-max-cost timer is 10 seconds.


l If IS-IS is used as an IGP, perform the following steps:
Set the Hold-max-cost timer on a specified IS-IS interface.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 106


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

a. Run:
system-view

The system view is displayed.


b. Run:
interface interface-type interface-number

The interface view is displayed.


c. (Optional) On an Ethernet interface, run:
undo portswitch

The interface is switched to Layer 3 mode.


By default, an Ethernet interface works in Layer 2 mode.
d. Run:
isis timer ldp-sync hold-max-cost { value | infinite }

The value of the Hold-max-cost timer is set.


By default, the value of the Hold-max-cost timer is 10 seconds.
Set the Hold-max-cost timer on all IS-IS interfaces in a specified IS-IS process.
a. Run:
system-view

The system view is displayed.


b. Run:
isis [ process-id ]

The IS-IS process view is displayed.


c. Run:
timer ldp-sync hold-max-cost { infinite | interval }

The Hold-max-cost timer is set, which enables IS-IS to keep advertising LSPs
carrying the maximum route cost on all interfaces within an IS-IS process.
By default, the value of the Hold-max-cost timer is 10 seconds.
----End

3.7.5.5 (Optional) Setting the Delay Timer Value

Context
When an LDP session is reestablished on a faulty link, LDP starts the Delay timer to wait for
the establishment of an LSP. After the Delay timer times out, LDP notifies the IGP that
synchronization between LDP and IGP is complete.

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 107


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

interface interface-type interface-number

The interface view is displayed.


Step 3 (Optional) On an Ethernet interface, run:
undo portswitch

The interface is switched to Layer 3 mode.


By default, an Ethernet interface works in Layer 2 mode.
Step 4 Run:
mpls ldp timer igp-sync-delay value

The period of waiting for the LSP setup after the establishment of the LDP session is set.
By default, the value of the delay timer is 10s.

----End

3.7.5.6 Checking the Configuration

Prerequisites
The configurations of the synchronization between LDP and IGP function are complete.

Procedure
l Run the display ospf ldp-sync interface { all | interface-type interface-number }
command to check information about synchronization between LDP and OSPF on an
interface.
l Run the display isis [ process-id ] ldp-sync interface command to check information
about synchronization between LDP and IS-IS on the interface.
l Run the display rm interface [ interface-type interface-number | vpn-instance vpn-
instance-name ] command to check information about the route management.
----End

3.7.6 Configuring LDP GR


LDP Graceful Restart (GR) ensures uninterrupted traffic transmission during a protocol restart
or active/standby switchover because the forwarding plane is separated from the control
plane.

Pre-configuration Tasks
Before configuring LDP GR, complete the following tasks:
l Configuring a local LDP session according to 3.7.1 Configuring Basic Functions of
MPLS LDP
l Configuring IGP GR (see S2750&S5700&S6700 Series Ethernet Switches Configuration
Guide - IP Routing)

Context
Table 3-10 describes timers used during LDP GR.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 108


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Table 3-10 Timers used during LDP GR


Timer Description Suggestion

Reconnect After the GR Restarter performs When a network with a large number
timer an active/standby switchover, of routes is faulty, you can increase
the GR Helper detects that the the value of the Reconnect timer to
LDP session with the GR avoid that all the LDP sessions cannot
Restarter fails, and then starts recover within the default timeout
the Reconnect timer and waits period 300s.
for reestablishment of the LDP
session.
The value of the Reconnect
timer that takes effect on the
GR Helper is the smaller one
between the value of the
Neighbor-liveness timer set on
the GR Helper and the value of
Reconnect timer set on the GR
Restarter.

Recovery timer After the LDP session is When a network with a large number
reestablished, the GR Helper of routes is faulty, you can increase
starts the Recovery timer and the value of the Recovery timer to
waits for the recovery of the avoid that all the LSPs cannot recover
LSP. within the default timeout period
The value of the Recovery timer 300s.
that takes effect on the GR
Helper is the smaller one
between the value of the
Recovery timer set on the GR
Helper and the value of
Recovery timer set on the GR
Restarter.

Neighbor- The value of the neighbor- When the number of LSPs on a


liveness timer liveness timer defines the LDP network is small, you can set a
GR period. smaller value for the Neighbor-
The value of the Neighbor- liveness timer to shorten the GR
liveness timer on the GR period.
Restarter is the same as that of
the Forwarding State Holding
timer.

NOTE

l If the device supports stacking, the stack device can also function as the GR Restarter. If the device
does not support stacking, the device can only function as the GR Helper.
l Enabling or disabling LDP GR, or changing the LDP GR timer value cause LDP session
reestablishment.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 109


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
mpls ldp

The MPLS LDP view is displayed.


Step 3 Run:
graceful-restart

The LDP GR function is enabled.


By default, the LDP GR function is disabled.
Step 4 (Optional) Run:
graceful-restart timer reconnect time

The Reconnect timer for the LDP session is set.


By default, the Reconnect timer is set to 300 seconds.
Step 5 (Optional) Run:
graceful-restart timer recovery time

The LSP Recovery timer is set.


By default, the LSP Recovery timer is set to 300 seconds.
Step 6 (Optional) Run:
graceful-restart timer neighbor-liveness time

The Neighbor-liveness timer is set.


By default, the Neighbor-liveness timer is 600 seconds.

----End

Checking the Configuration


l Run the display mpls graceful-restart command to check information about GR of all
protocols related to MPLS.
l Run the display mpls ldp event gr-helper command to check GR Helper information.
l Run the display mpls ldp [ all ] [ verbose ] command to check information about LDP.
l Run the display mpls ldp session [ all ] [ verbose ] command to check information
about the LDP session.

3.7.7 Configuring LDP Security Mechanisms


LDP security mechanisms such as LDP MD5 authentication, LDP Keychain authentication,
and LDP GTSM can be configured to meet high network security requirements.

Pre-configuration Tasks
Before configuring LDP security features, complete the following task:

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 110


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

l 3.7.1 Configuring Basic Functions of MPLS LDP

Configuration Process
You can perform the following configuration tasks in any sequence as required.You can
configure only either of LDP MD5 authentication and Keychain authentication for one
neighbor at the same time.

3.7.7.1 Configuring LDP MD5 Authentication

Context
MD5 authentication can be configured for a TCP connection over which an LDP session is
established, improving security. Note that the peers of an LDP session can be configured with
different encryption modes, but must be configured with a single password.
The MD5 algorithm is easy to configure and generates a single password which can be
changed only manually. MD5 authentication applies to the network requiring short-period
encryption.
Keychain authentication and MD5 authentication cannot be both configured on a single LDP
peer. Note that MD5 encryption algorithm cannot ensure security. Keychain authentication is
recommended.

NOTE

Configuring LDP MD5 authentication may causes LDP session reestablishment, deletion of the LSP
associated with the deleted LDP session, and MPLS service interruption.

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
mpls ldp

The MPLS LDP view is displayed.


Step 3 Run:
md5-password { plain | cipher } peer-lsr-id password

MD5 authentication is configured and a password is set.


By default, LDP MD5 authentication is not performed between LDP peers.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 111


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

NOTICE
If plain is selected, the password is saved in the configuration file in plain text. In this case,
users at a lower level can easily obtain the password by viewing the configuration file. This
brings security risks. Therefore, it is recommended that you select cipher to save the
password in cipher text.

----End

3.7.7.2 Configuring LDP Keychain Authentication

Context
To help improve LDP session security, Keychain authentication can be configured for a TCP
connection over which an LDP session has been established.

Keychain authentication involves a set of passwords and uses a new password when the
previous one expires. Keychain authentication is complex to configure and applies to a
network requiring high security.

You cannot configure Keychain authentication and MD5 authentication for a neighbor at the
same time.

Before configuring LDP Keychain authentication, configure keychain globally. For details
about the keychain configuration, see the Keychain Configuration in S2750&S5700&S6700
Series Ethernet Switches Configuration Guide - Security.

NOTE

Configuring LDP Keychain authentication may causes LDP session reestablishment, deletion of the LSP
associated with the deleted LDP session, and MPLS service interruption.

Procedure
Step 1 Run:
system-view

The system view is displayed.

Step 2 Run:
mpls ldp

The MPLS LDP view is displayed.

Step 3 Run:
authentication key-chain peer peer-id name keychain-name

LDP Keychain authentication is enabled and a keychain name is specified.

By default, LDP Keychain authentication is not performed between LDP peers.

----End

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 112


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

3.7.7.3 Configuring the LDP GTSM

Context
To protect device from attacks, Generalized TTL Security Mechanism (GTSM) checks the
TTL value of a packet to check whether the packet is valid. To check the TTL value of an
LDP packet exchanged between LDP peers, enable GTSM on LDP peers and set the TTL
range. If the TLL of an LDP packet is out of the TTL range, the LDP packet is considered as
an invalid attack packet and discarded. This prevents the CPU from processing a large number
of forged LDP packets. In this way, the upper layer protocols are protected.

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
mpls ldp

The MPLS-LDP view is displayed.


Step 3 Run:
gtsm peer ip-address valid-ttl-hops hops

The LDP GTSM is configured.


By default, no LDP peer is configured with the GTSM.
hops is the maximum number of valid hops permitted by the GTSM. If a TTL value carried in
a received packet is in a specified range of [255 - hops + 1, 255], the packet is accepted; if the
TTL value is out of the range, the packet is discarded.

----End

3.7.7.4 Checking the Configuration

Prerequisites
The configurations of LDP security features are complete.

Procedure
l Run the display mpls ldp session verbose command to check the configurations of LDP
MD5 authentication and LDP keychain authentication.
l Run the display gtsm statistics all command to check GTSM statistics.
----End

3.7.8 Configuring Non-labeled Public Network Routes to Be


Iterated to LSPs
By default, non-labeled public network routes can be iterated to outgoing interfaces and next
hops, but cannot be iterated to tunnels. After this feature is configured, non-labeled public
network routes can be iterated to LSPs.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 113


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Pre-configuration Tasks
Before configuring non-labeled public network routes to be iterated to LSPs, complete the
following tasks:
l Configuring a local LDP session according to 3.7.1 Configuring Basic Functions of
MPLS LDP
l Configuring an IP prefix list if non-labeled public network routes to be iterated to LSPs
need to be limited

Procedure
Step 1 Run:
system-view

The system view is displayed.


Step 2 Run:
route recursive-lookup tunnel [ ip-prefix ip-prefix-name ]

The non-label public network route is allowed to be iterated to the LSP to forward through
MPLS.
By default, the non-label public network route can be iterated only to the outbound interface
and the next hop but not the LSP tunnel.
If ip-prefix ip-prefix-name is not set, all static routes and non-labeled public BGP routes will
be preferentially iterated to LSP tunnels.

----End

Checking the Configuration


After non-labeled public routes are iterated to LSPs, you can run the display bgp routing-
table network command to view route iteration information.

3.8 Maintaining MPLS LDP


Maintaining MPLS LDP includes restarting LDP, clearing LDP statistics, monitoring the LDP
running status, and detecting LSP connectivity.

3.8.1 Resetting LDP


Context

NOTICE
l Resetting LDP may temporarily affect the reestablishment of the LSP. Take care to reset
LDP.
l Resetting LDP is prohibited during the LDP GR.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 114


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Procedure
l Run the reset mpls ldp command to reset configurations of the global LDP instance in
the user view.
l Run the reset mpls ldp all command to reset configurations on all LDP instances in the
user view.
l Run the reset mpls ldp peer peer-id command to reset a specified peer in the user view.

----End

3.8.2 Clearing LDP Statistics

Context

NOTICE
The cleared LDP statistics cannot be restored. Exercise caution when you use the following
commands.

Procedure
l Run the reset mpls ldp error packet { tcp | udp | l2vpn | all } command in the user
view to clear statistics on LDP error messages.
l Run the reset mpls ldp event adjacency-down command in the user view to clear
statistics on LDP adjacencies in Down state.
l Run the reset mpls ldp event session-down command in the user view to clear statistics
on LDP sessions in Down state.

----End

3.8.3 Monitoring the LDP Running Status

Context
In routine maintenance, you can run the following commands in any view to view the LDP
running status.

Procedure
l Run the display mpls ldp error packet { tcp | udp | l2vpn } [ number ] command to
check statistics on LDP error messages.
l Run the display mpls ldp error packet state command to check the record status of
LDP-related error messages.
l Run the display mpls ldp event adjacency-down [ interface interface-type interface-
number | remote ] [ peer peer-id ] [ verbose ] command to check information about
LDP adjacencies in Down state.
l Run the display mpls ldp event session-down command to check information about
LDP sessions in Down state.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 115


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

l Run the display mpls last-info lsp-down [ protocol ldp ] [ verbose ] command to check
information about LDP LSPs in Down state.

----End

3.8.4 Checking the LSP Connectivity

Context
In MPLS, the control panel used for setting up an LSP cannot detect data forwarding failures
on the LSP. This makes network maintenance difficult.

MPLS ping checks LSP connectivity, and MPLS traceroute locates network faults in addition
to checking LSP connectivity.

MPLS ping and MPLS traceroute can be performed in any view. MPLS ping and MPLS
traceroute do not support packet fragmentation.

Procedure
Step 1 Run the system-view command to enter the system view.

Step 2 Run the lspv mpls-lsp-ping echo enable command to enable the response to MPLS Echo
Request packets.

By default, the device is enabled to respond to MPLS Echo Request packets.

Step 3 (Optional) Run the lspv packet-filter acl-number command to enable MPLS Echo Request
packet filtering based on source IP addresses. The filtering rule is specified in the ACL.

By default, the device does not filter MPLS Echo Request packets based on their source IP
addresses.

Step 4 Run the following command to check the LSP connectivity.


l Run the ping lsp [ -a source-ip | -c count | -exp exp-value | -h ttl-value | -m interval | -r
reply-mode | -s packet-size | -t time-out | -v ] * ip destination-address mask-length [ ip-
address ] [ nexthop nexthop-address | draft6 ] command to perform an MPLS ping test.
If draft6 is specified, the command is implemented according to draft-ietf-mpls-lsp-
ping-06. By default, the command is implemented according to RFC 4379.
l Run the tracert lsp [ -a source-ip | -exp exp-value | -h ttl-value | -r reply-mode | -t time-
out | -v ] * ip destination-address mask-length [ ip-address ] [ nexthop nexthop-address |
draft6 ] command to perform an MPLS traceroute test.
If draft6 is specified, the command is implemented according to draft-ietf-mpls-lsp-
ping-06. By default, the command is implemented according to RFC 4379.

----End

Postrequisite
l Run the display lspv statistics command to check the LSPV test statistics. A large
amount of statistical information is saved in the system after MPLS ping or traceroute
tests are performed multiple times, which is unhelpful for problem analysis. To obtain
more accurate statistics, run the reset lspv statistics command to clear LSPV test
statistics before running the display lspv statistics command.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 116


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

l Run the undo lspv mpls-lsp-ping echo enable command to disable response to MPLS
Echo Request packets. It is recommended that you run this command after completing an
MPLS ping or traceroute test to save system resources.
l Run the display lspv configuration command to check the current LSPV configuration.

3.8.5 Enabling the MPLS Trap Function


Context
To facilitate operation and maintenance and learn about the running status of the MPLS
network, configure the MPLS trap function so that the device can notify the NMS of the LDP
session status and usage of LDP LSPs, BGP LSPs and dynamic labels.

Procedure
l Configuring the trap function for LDP
a. Run:
system-view

The system view is displayed.


b. Run:
snmp-agent trap enable feature-name ldp trap-name { session-down-mib |
session-pvl | session-retry | session-up-mib }

The trap function is enabled for the MPLS LDP module.


By default, the trap function is disabled for the MPLS LDP module.
l Configuring the trap function for LSPM
a. Run:
system-view

The system view is displayed.


b. Run:
snmp-agent trap enable feature-name mpls_lspm trap-name trapname

The trap function is enabled for the LSPM module.


By default, the trap function is disabled for the LSPM module.
When performing the following steps to configure alarm thresholds, pay attention to
the following points:
n To configure the alarm function for dynamic label usage, specify
hwMplsDynamicLabelThresholdExceed and
hwMplsDynamicLabelThresholdExceedClear to enable the threshold
exceeding alarm and clear alarm when configuring trap-name. When the
usage of dynamic labels exceeds the upper threshold or falls below the lower
threshold, the system generates a threshold exceeding alarm or clear alarm.
n To configure the LSP usage alarm function, specify
hwmplslspthresholdexceed and hwmplslspthresholdexceedclear to enable
the threshold exceeding alarm and clear alarm when configuring trap-name.
When the LSP usage exceeds the upper threshold or falls below the lower
threshold, the system generates a threshold exceeding alarm or clear alarm.
c. Run:

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 117


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

snmp-agent trap suppress feature-name lsp trap-name { mplsxcup |


mplsxcdown } trap-interval trap-interval [ max-trap-number max-trap-
number ]

The interval for suppressing excess LSP traps is set.


By default, the interval for suppressing excess LSP traps is 60 seconds.
d. Run:
mpls

The MPLS view is displayed.


e. Run:
mpls dynamic-label-number threshold-alarm upper-limit upper-limit-value
lower-limit lower-limit-value

Alarm thresholds for dynamic label usage are set.


By default, the upper and lower thresholds are 80% and 70% respectively.
f. Run:
mpls ldp-lsp-number threshold-alarm upper-limit upper-limit-value lower-
limit lower-limit-value

Alarm thresholds for LDP LSP usage are set.


By default, the upper and lower thresholds are 80% and 75% respectively.
g. Run:
mpls bgp-lsp-number threshold-alarm upper-limit upper-limit-value lower-
limit lower-limit-value

The upper and lower alarm thresholds for BGP LSP usage are configured.
The default upper limit of an alarm for BGP LSP usage is 80%. The default lower
threshold for a clear alarm for BGP LSP usage is 75%.
h. Run:
mpls bgpv6-lsp-number threshold-alarm upper-limit upper-limit-value
lower-limit lower-limit-value

The upper and lower alarm thresholds for BGP IPv6 LSP usage are configured.
The default upper threshold of an alarm for BGP IPv6 LSP usage is 80%. The
default lower threshold for a clear alarm for BGP IPv6 LSP usage is 75%.
i. Run:
mpls total-lsp-number threshold-alarm upper-limit upper-limit-value
lower-limit lower-limit-value

The upper and lower thresholds of alarms for total LSP usage are configured.
The default upper limit of an alarm for total LSP usage is 80%. The default lower
limit of a clear alarm for total LSP usage is 75%.
----End

Checking the Configuration


l Run the display snmp-agent trap feature-name ldp all command to check the status of
all traps on the MPLS LDP module.
l Run the display snmp-agent trap feature-name mpls_lspm all command to check all
trap messages on the MPLS LSPM module.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 118


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

l Run the display default-parameter mpls management command to check default


configurations of the MPLS management module.

3.9 Configuration Examples


This section provides several configuration examples of MPLS LDP networking, including
the networking requirements, configuration roadmap, configuration procedures, and
configuration files.

3.9.1 Example for Configuring Local LDP Sessions


Networking Requirements
As shown in Figure 3-12, LSRA and LSRC are PEs of the IP/MPLS backbone network.
MPLS L2VPN or L3VPN services need to be deployed on LSRA and LSRC to connect VPN
sites, so local LDP sessions need to be established between LSRs to trigger LDP LSP setup.
The LDP LSPs then transmit VPN services.

Figure 3-12 Networking diagram for configuring local LDP sessions

IP/MPLS backbone network


Loopback0 Loopback0 Loopback0
1.1.1.1/32 2.2.2.2/32 3.3.3.3/32
GE0/0/1 GE0/0/1 GE0/0/2 GE0/0/1
10.1.1.1/24 10.1.1.2/24 10.2.1.1/24 10.2.1.2/24

VLANIF10 VLANIF10 VLANIF20 VLANIF20


LSRA LSRB LSRC

VPN Site VPN Site

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure OSPF between the LSRs to implement IP connectivity on the backbone
network.
2. Configure local LDP sessions on LSRs so that public tunnels can be set up to transmit
VPN services.

Procedure
Step 1 Create VLANs and VLANIF interfaces on the switch, configure IP addresses for the VLANIF
interfaces, and add physical interfaces to the VLANs.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 119


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

# Configure LSRA. The configurations of LSRB and LSRC are similar to the configuration of
LSRA, and are not mentioned here.
<HUAWEI> system-view
[HUAWEI] sysname LSRA
[LSRA] interface loopback 0
[LSRA-LoopBack0] ip address 1.1.1.1 32
[LSRA-LoopBack0] quit
[LSRA] vlan batch 10
[LSRA] interface vlanif 10
[LSRA-Vlanif10] ip address 10.1.1.1 24
[LSRA-Vlanif10] quit
[LSRA] interface gigabitethernet 0/0/1
[LSRA-GigabitEthernet0/0/1] port link-type trunk
[LSRA-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[LSRA-GigabitEthernet0/0/1] quit

Step 2 Configure OSPF to advertise the network segments connecting to interfaces on each node and
to advertise the routes of hosts with LSR IDs.
# Configure LSRA.
[LSRA] ospf 1
[LSRA-ospf-1] area 0
[LSRA-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0
[LSRA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[LSRA-ospf-1-area-0.0.0.0] quit
[LSRA-ospf-1] quit

# Configure LSRB.
[LSRB] ospf 1
[LSRB-ospf-1] area 0
[LSRB-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0
[LSRB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[LSRB-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255
[LSRB-ospf-1-area-0.0.0.0] quit
[LSRB-ospf-1] quit

# Configure LSRC.
[LSRC] ospf 1
[LSRC-ospf-1] area 0
[LSRC-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0
[LSRC-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255
[LSRC-ospf-1-area-0.0.0.0] quit
[LSRC-ospf-1] quit

After the configuration is complete, run the display ip routing-table command on each node,
and you can view that the nodes learn routes from each other.
Step 3 Enable global MPLS and MPLS LDP on each LSR.
# Configure LSRA.
[LSRA] mpls lsr-id 1.1.1.1
[LSRA] mpls
[LSRA-mpls] quit
[LSRA] mpls ldp
[LSRA-mpls-ldp] quit

# Configure LSRB.
[LSRB] mpls lsr-id 2.2.2.2
[LSRB] mpls
[LSRB-mpls] quit
[LSRB] mpls ldp
[LSRB-mpls-ldp] quit

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 120


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

# Configure LSRC.
[LSRC] mpls lsr-id 3.3.3.3
[LSRC] mpls
[LSRC-mpls] quit
[LSRC] mpls ldp
[LSRC-mpls-ldp] quit

Step 4 Enable MPLS and MPLS LDP on interfaces of each LSR.


# Configure LSRA.
[LSRA] interface vlanif 10
[LSRA-Vlanif10] mpls
[LSRA-Vlanif10] mpls ldp
[LSRA-Vlanif10] quit

# Configure LSRB.
[LSRB] interface vlanif 10
[LSRB-Vlanif10] mpls
[LSRB-Vlanif10] mpls ldp
[LSRB-Vlanif10] quit
[LSRB] interface vlanif 20
[LSRB-Vlanif20] mpls
[LSRB-Vlanif20] mpls ldp
[LSRB-Vlanif20] quit

# Configure LSRC.
[LSRC] interface vlanif 20
[LSRC-Vlanif20] mpls
[LSRC-Vlanif20] mpls ldp
[LSRC-Vlanif20] quit

Step 5 Verify the configuration.


# After the configuration is complete, run the display mpls ldp session command. The
command output shows that the status of local LDP sessions between LSRA and LSRB and
between LSRB and LSRC is Operational.
LSRA is used as an example.
[LSRA] display mpls ldp session

LDP Session(s) in Public Network


Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)
A '*' before a session means the session is being deleted.
------------------------------------------------------------------------------
PeerID Status LAM SsnRole SsnAge KASent/Rcv
------------------------------------------------------------------------------
2.2.2.2:0 Operational DU Passive 0000:00:22 91/91
------------------------------------------------------------------------------
TOTAL: 1 session(s) Found.

----End

Configuration Files
l Configuration file of LSRA
#
sysname LSRA
#
vlan batch 10
#
mpls lsr-id 1.1.1.1
mpls

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 121


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

#
mpls ldp
#
interface Vlanif10
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.1.1.0 0.0.0.255
#
return
l Configuration file of LSRB
#
sysname LSRB
#
vlan batch 10 20
#
mpls lsr-id 2.2.2.2
mpls
#
mpls ldp
#
interface Vlanif10
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif20
ip address 10.2.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 20
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.1.0 0.0.0.255
#
return
l Configuration file of LSRC
#
sysname LSRC
#
vlan batch 20
#
mpls lsr-id 3.3.3.3
mpls

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 122


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

#
mpls ldp
#
interface Vlanif20
ip address 10.2.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 20
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 10.2.1.0 0.0.0.255
#
return

3.9.2 Example for Configuring Remote MPLS LDP Sessions

Networking Requirements
As shown in Figure 3-13, LSRA and LSRC are PEs of the IP/MPLS backbone network.
MPLS L2VPN services need to be deployed on LSRA and LSRC to connect VPN sites at
Layer 2, so remote LDP sessions need to be deployed between LSRA and LSRC to
implement VC label exchange.

Figure 3-13 Networking diagram for configuring remote LDP sessions

IP/MPLS backbone network


Loopback0 Loopback0 Loopback0
1.1.1.1/32 2.2.2.2/32 3.3.3.3/32
GE0/0/1 GE0/0/1 GE0/0/2 GE0/0/1
10.1.1.1/24 10.1.1.2/24 10.2.1.1/24 10.2.1.2/24

VLANIF10 VLANIF10 VLANIF20 VLANIF20


LSRA LSRB LSRC

VPN Site VPN Site

Configuration Roadmap
If LSRA is directly connected to LSRC, local LDP sessions established on LSRs can be used
to set up LDP LSPs to transmit services and exchange VC labels. In this example, LSRA is
indirectly connected to LSRC, so remote LDP sessions must be configured. The configuration
roadmap is as follows:

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 123


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

1. Configure OSPF between the LSRs to implement IP connectivity on the backbone


network.
2. Configure remote LDP sessions on LSRA and LSRC to exchange VC labels.

Procedure
Step 1 Create VLANs and VLANIF interfaces on the switch, configure IP addresses for the VLANIF
interfaces, and add physical interfaces to the VLANs.
# Configure LSRA. The configurations of LSRB and LSRC are similar to the configuration of
LSRA, and are not mentioned here.
<HUAWEI> system-view
[HUAWEI] sysname LSRA
[LSRA] interface loopback 0
[LSRA-LoopBack0] ip address 1.1.1.1 32
[LSRA-LoopBack0] quit
[LSRA] vlan batch 10
[LSRA] interface vlanif 10
[LSRA-Vlanif10] ip address 10.1.1.1 24
[LSRA-Vlanif10] quit
[LSRA] interface gigabitethernet 0/0/1
[LSRA-GigabitEthernet0/0/1] port link-type trunk
[LSRA-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[LSRA-GigabitEthernet0/0/1] quit

Step 2 Configure OSPF to advertise the network segments connecting to interfaces on each node and
to advertise the routes of hosts with LSR IDs.
# Configure LSRA.
[LSRA] ospf 1
[LSRA-ospf-1] area 0
[LSRA-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0
[LSRA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[LSRA-ospf-1-area-0.0.0.0] quit
[LSRA-ospf-1] quit

# Configure LSRB.
[LSRB] ospf 1
[LSRB-ospf-1] area 0
[LSRB-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0
[LSRB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[LSRB-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255
[LSRB-ospf-1-area-0.0.0.0] quit
[LSRB-ospf-1] quit

# Configure LSRC.
[LSRC] ospf 1
[LSRC-ospf-1] area 0
[LSRC-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0
[LSRC-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255
[LSRC-ospf-1-area-0.0.0.0] quit
[LSRC-ospf-1] quit

After the configuration is complete, run the display ip routing-table command on each node,
and you can view that the nodes learn routes from each other.
Step 3 Enable global MPLS and MPLS LDP on each LSR.
# Configure LSRA.
[LSRA] mpls lsr-id 1.1.1.1
[LSRA] mpls

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 124


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

[LSRA-mpls] quit
[LSRA] mpls ldp
[LSRA-mpls-ldp] quit

# Configure LSRB.
[LSRB] mpls lsr-id 2.2.2.2
[LSRB] mpls
[LSRB-mpls] quit
[LSRB] mpls ldp
[LSRB-mpls-ldp] quit

# Configure LSRC.
[LSRC] mpls lsr-id 3.3.3.3
[LSRC] mpls
[LSRC-mpls] quit
[LSRC] mpls ldp
[LSRC-mpls-ldp] quit

Step 4 Specify the name and IP address of the remote peer on the two LSRs of a remote LDP
session.
# Configure LSRA.
[LSRA] mpls ldp remote-peer LSRC
[LSRA-mpls-ldp-remote-lsrc] remote-ip 3.3.3.3
[LSRA-mpls-ldp-remote-lsrc] quit

# Configure LSRC.
[LSRC] mpls ldp remote-peer LSRA
[LSRC-mpls-ldp-remote-lsra] remote-ip 1.1.1.1
[LSRC-mpls-ldp-remote-lsra] quit

Step 5 Verify the configuration.


# After the configuration is complete, run the display mpls ldp session command on the
node. The command output shows that the status of the remote LDP session between LSRA
and LSRC is Operational.
LSRA is used as an example.
[LSRA] display mpls ldp session

LDP Session(s) in Public Network


Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)
A '*' before a session means the session is being deleted.
------------------------------------------------------------------------------
PeerID Status LAM SsnRole SsnAge KASent/Rcv
------------------------------------------------------------------------------
3.3.3.3:0 Operational DU Passive 0000:00:01 6/6
------------------------------------------------------------------------------
TOTAL: 1 session(s) Found.

# Run the display mpls ldp remote-peer command on the two LSRs of the remote LDP
session to view information about the remote peer.
LSRA is used as an example.
[LSRA] display mpls ldp remote-peer

LDP Remote Entity Information


------------------------------------------------------------------------------
Remote Peer Name: lsrc
Remote Peer IP : 3.3.3.3 LDP ID : 1.1.1.1:0
Transport Address : 1.1.1.1 Entity Status : Active

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 125


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Configured Keepalive Hold Timer : 45 Sec


Configured Keepalive Send Timer : ---
Configured Hello Hold Timer : 45 Sec
Negotiated Hello Hold Timer : 45 Sec
Configured Hello Send Timer : ---
Configured Delay Timer : 10 Sec
Hello Packet sent/received : 6347/6307
Label Advertisement Mode : Downstream Unsolicited
Remote Peer Deletion Status : No
Auto-config : ---
------------------------------------------------------------------------------
TOTAL: 1 Peer(s) Found.

----End

Configuration Files
l Configuration file of LSRA
#
sysname LSRA
#
vlan batch 10
#
mpls lsr-id 1.1.1.1
mpls
#
mpls ldp
#
mpls ldp remote-peer lsrc
remote-ip 3.3.3.3
#
interface Vlanif10
ip address 10.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.1.1.0 0.0.0.255
#
return

l Configuration file of LSRB


#
sysname LSRB
#
vlan batch 10 20
#
mpls lsr-id 2.2.2.2
mpls
#
mpls ldp
#
interface Vlanif10
ip address 10.1.1.2 255.255.255.0
#
interface Vlanif20
ip address 10.2.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 126


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 20
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.1.0 0.0.0.255
#
return

l Configuration file of LSRC


#
sysname LSRC
#
vlan batch 20
#
mpls lsr-id 3.3.3.3
mpls
#
mpls ldp
#
mpls ldp remote-peer lsra
remote-ip 1.1.1.1
#
interface Vlanif20
ip address 10.2.1.2 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 20
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 10.2.1.0 0.0.0.255
#
return

3.9.3 Example for Configuring Automatic Triggering of a Request


for a Label Mapping Message in DoD Mode
Networking Requirements
As shown in Figure 3-14, LSRA and LSRD are edge devices of the IP/MPLS backbone
network and have low performance. MPLS L2VPN or L3VPN services need to be deployed
on LSRA and LSRD to connect VPN sites at Layer 2. Because the network scale is large (this
example provides two devices on intermediate nodes), burden on edge devices needs to be
reduced.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 127


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Figure 3-14 Example for configuring automatic triggering of a request for a Label Mapping
message in DoD mode

IP/MPLS backbone network


Loopback0 Loopback0 Loopback0 Loopback0
1.1.1.1/32 2.2.2.2/32 3.3.3.3/32 4.4.4.4/32
GE0/0/1 GE0/0/2 GE0/0/2
VLANIF10 VLANIF20 VLANIF30
10.1.1.1/24 10.1.2.1/24 10.1.3.1/24
GE0/0/1 GE0/0/1 GE0/0/1
LSRA VLANIF10 LSRB VLANIF20 LSRC VLANIF30 LSRD
10.1.1.2/24 10.1.2.2/24 10.1.3.2/24

VPN Site VPN Site

Configuration Roadmap
To connect VPN sites at Layer 2, configure local LDP sessions to establish LDP LSPs to
transmit L2VPN services. Remote LDP sessions need to be configured to exchange VC labels
so that PWs are set up.
To reduce the burden of edge devices, configure the default static route with the next hop
address as the neighbor on the edge device to reduce unnecessary IP entries. In addition, the
label advertisement mode is set up DoD to reduce unnecessary MPLS entries. Though the
burden of edge devices is reduced, LDP LSPs cannot be set up. Configure automatic
triggering of a request for a Label Mapping message in DoD mode so that LDP LSPs can be
set up.

Procedure
Step 1 Configure IP addresses for interfaces on each node and configure the loopback addresses that
are used as LSR IDs.
# Configure LSRA.
<HUAWEI> system-view
[HUAWEI] sysname LSRA
[LSRA] interface loopback 0
[LSRA-LoopBack0] ip address 1.1.1.1 32
[LSRA-LoopBack0] quit
[LSRA] interface gigabitethernet 0/0/1
[LSRA-GigabitEthernet0/0/1] port link-type trunk
[LSRA-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[LSRA-GigabitEthernet0/0/1] quit
[LSRA] vlan 10
[LSRA-vlan10] quit
[LSRA] interface vlanif 10
[LSRA-Vlanif10] ip address 10.1.1.1 24
[LSRA-Vlanif10] quit

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 128


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

The configurations of LSRB, LSRC, and LSRD are similar to the configuration of LSRA, and
are not mentioned here.
Step 2 Configure basic IS-IS functions for backbone devices. Configure static routes for PEs and
their neighbors.
# Configure basic IS-IS functions for LSRB and import a static route.
[LSRB] isis 1
[LSRB-isis-1] network-entity 10.0000.0000.0001.00
[LSRB-isis-1] import-route static
[LSRB-isis-1] quit
[LSRB] interface vlanif 20
[LSRB-Vlanif20] isis enable 1
[LSRB-Vlanif20] quit
[LSRB] interface loopback 0
[LSRB-LoopBack0] isis enable 1
[LSRB-LoopBack0] quit

# Configure basic IS-IS functions for LSRC and import a static route.
[LSRC] isis 1
[LSRC-isis-1] network-entity 10.0000.0000.0002.00
[LSRC-isis-1] import-route static
[LSRC-isis-1] quit
[LSRC] interface vlanif 20
[LSRC-Vlanif20] isis enable 1
[LSRC-Vlanif20] quit
[LSRC] interface loopback 0
[LSRC-LoopBack0] isis enable 1
[LSRC-LoopBack0] quit

# Configure a default route whose next hop IP address is 10.1.1.2 on LSRA.


[LSRA] ip route-static 0.0.0.0 0.0.0.0 10.1.1.2

# On LSRB, configure a static route to LSRA.


[LSRB] ip route-static 1.1.1.1 255.255.255.255 10.1.1.1

# On LSRC, configure a static route to LSRD.


[LSRC] ip route-static 4.4.4.4 255.255.255.255 10.1.3.2

# Configure a default route whose next hop IP address is 10.1.3.1 on LSRD.


[LSRD] ip route-static 0.0.0.0 0.0.0.0 10.1.3.1

# Run the display ip routing-table command on LSRA to view the configure default route.
[LSRA] display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 6 Routes : 6

Destination/Mask Proto Pre Cost Flags NextHop Interface

0.0.0.0/0 Static 60 0 RD 10.1.1.2 Vlanif10


1.1.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack0
10.1.1.0/24 Direct 0 0 D 10.1.1.1 Vlanif10
10.1.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif10
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0

# Run the display ip routing-table command on LSRB to view the route to LSRA.
[LSRB] display ip routing-table
Route Flags: R - relay, D - download to fib

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 129


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 10 Routes : 10

Destination/Mask Proto Pre Cost Flags NextHop Interface

1.1.1.1/32 Static 60 0 RD 10.1.1.1 Vlanif10


2.2.2.2/32 Direct 0 0 D 127.0.0.1 LoopBack0
3.3.3.3/32 ISIS-L1 15 10 D 10.1.2.2 Vlanif20
4.4.4.4/32 ISIS-L2 15 74 D 10.1.2.2 Vlanif20
10.1.1.0/24 Direct 0 0 D 10.1.1.2 Vlanif10
10.1.1.2/32 Direct 0 0 D 127.0.0.1 Vlanif10
10.1.2.0/24 Direct 0 0 D 10.1.2.1 Vlanif20
10.1.2.1/32 Direct 0 0 D 127.0.0.1 Vlanif20
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0

Step 3 Enable MPLS globally and on an interface, and MPLS LDP on each node.

# Configure LSRA.
[LSRA] mpls lsr-id 1.1.1.1
[LSRA] mpls
[LSRA-mpls] quit
[LSRA] mpls ldp
[LSRA-mpls-ldp] quit
[LSRA] interface vlanif 10
[LSRA-Vlanif10] mpls
[LSRA-Vlanif10] mpls ldp
[LSRA-Vlanif10] quit

The configurations of LSRB, LSRC, and LSRD are similar to the configuration of LSRA, and
are not mentioned here.

Step 4 Configure the label advertisement mode as DoD.

# Configure LSRA.
[LSRA] interface Vlanif 10
[LSRA-Vlanif10] mpls ldp advertisement dod
[LSRA-Vlanif10] quit

# Configure LSRB.
[LSRB] interface vlanif 10
[LSRB-Vlanif10] mpls ldp advertisement dod
[LSRB-Vlanif10] quit

# Configure LSRC.
[LSRC] interface vlanif 30
[LSRC-Vlanif30] mpls ldp advertisement dod
[LSRC-Vlanif30] quit

# Configure LSRD.
[LSRD] interface vlanif 30
[LSRD-Vlanif30] mpls ldp advertisement dod
[LSRD-Vlanif30] quit

Step 5 Configure LDP extensions for inter-area LSPs.

# Run the longest-match command on LSRA to configure LDP to search for a route
according to the longest match rule to establish an inter-area LDP LSP.
[LSRA] mpls ldp
[LSRA-mpls-ldp] longest-match
[LSRA-mpls-ldp] quit

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 130


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

# Run the longest-match command on LSRD to configure LDP to search for a route
according to the longest match rule to establish an inter-area LDP LSP.
[LSRD] mpls ldp
[LSRD-mpls-ldp] longest-match
[LSRD-mpls-ldp] quit

Step 6 Configure a remote LDP session and enable LDP to automatically trigger a request for a
Label Mapping message in DoD mode.
# Configure LSRA.
[LSRA] mpls ldp remote-peer lsrd
[LSRA-mpls-ldp-remote-lsrd] remote-ip 4.4.4.4
[LSRA-mpls-ldp-remote-lsrd] remote-ip auto-dod-request
[LSRA-mpls-ldp-remote-lsrd] quit

# Configure LSRD.
[LSRD] mpls ldp remote-peer lsra
[LSRD-mpls-ldp-remote-lsra] remote-ip 1.1.1.1
[LSRD-mpls-ldp-remote-lsra] remote-ip auto-dod-request
[LSRD-mpls-ldp-remote-lsra] quit

Step 7 Verify the configuration.


# After the configuration is complete, run the display ip routing-table 4.4.4.4 command on
LSRA to view route information.
[LSRA] display ip routing-table 4.4.4.4
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Table : Public
Summary Count : 1
Destination/Mask Proto Pre Cost Flags NextHop Interface

0.0.0.0/0 Static 60 0 RD 10.1.1.2 Vlanif10

The command output shows that only a default route exists in the routing table and the route
4.4.4.4 does not exist.
# Run the display mpls ldp lsp command on LSRA to view information about the established
LSP.
[LSRA] display mpls ldp lsp

LDP LSP Information


-------------------------------------------------------------------------------
DestAddress/Mask In/OutLabel UpstreamPeer NextHop OutInterface
-------------------------------------------------------------------------------
1.1.1.1/32 3/NULL 4.4.4.4 127.0.0.1 InLoop0
4.4.4.4/32 NULL/1026 - 10.1.1.2 Vlanif10
-------------------------------------------------------------------------------
TOTAL: 1 Normal LSP(s) Found.
TOTAL: 0 Liberal LSP(s) Found.
TOTAL: 0 Frr LSP(s) Found.
A '*' before an LSP means the LSP is not established
A '*' before a Label means the USCB or DSCB is stale
A '*' before a UpstreamPeer means the session is stale
A '*' before a DS means the session is stale
A '*' before a NextHop means the LSP is FRR LSP

The command output shows that the LSP with the destination address of 4.4.4.4 is
established. LSRA has obtained a Label Mapping message of 4.4.4.4 from LSRB to establish
an LSP.
[LSRA] display tunnel-info all
* -> Allocated VC Token

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 131


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Tunnel ID Type Destination Token


----------------------------------------------------------------------
0x10000001 lsp 4.4.4.4 0

The command output shows that an LSP between LSRA and LSRD is established.

----End

Configuration Files
l Configuration file of LSRA

#
sysname LSRA
#
vlan batch 10
#
mpls lsr-id 1.1.1.1
mpls
#
mpls ldp
longest-match
#
mpls ldp remote-peer lsrd
remote-ip 4.4.4.4
remote-ip auto-dod-request
#
interface Vlanif10
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
mpls ldp advertisement dod
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
ip route-static 0.0.0.0 0.0.0.0 10.1.1.2
#
return

l Configuration file of LSRB


#
sysname LSRB
#
vlan batch 10 20
#
mpls lsr-id 2.2.2.2
mpls
#
mpls ldp
#
isis 1
network-entity 10.0000.0000.0001.00
import-route static
#
interface Vlanif10
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
mpls ldp advertisement dod
#
interface Vlanif20
ip address 10.1.2.1 255.255.255.0
isis enable 1

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 132


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 20
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
isis enable 1
#
ip route-static 1.1.1.1 255.255.255.255 10.1.1.1
#
return
l Configuration file of LSRC
#
sysname LSRC
#
vlan batch 20 30
#
mpls lsr-id 3.3.3.3
mpls
#
mpls ldp
#
isis 1
network-entity 10.0000.0000.0002.00
import-route static
#
interface Vlanif20
ip address 10.1.2.2 255.255.255.0
isis enable 1
mpls
mpls ldp
#
interface Vlanif30
ip address 10.1.3.1 255.255.255.0
mpls
mpls ldp
mpls ldp advertisement dod
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 20
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 30
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
isis enable 1
#
ip route-static 4.4.4.4 255.255.255.255 10.1.3.2
#
return
l Configuration file of LSRD
#
sysname LSRD
#
vlan batch 30
#
mpls lsr-id 4.4.4.4
mpls

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 133


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

#
mpls ldp
longest-match
#
mpls ldp remote-peer lsra
remote-ip 1.1.1.1
remote-ip auto-dod-request
#
interface Vlanif30
ip address 10.1.3.2 255.255.255.0
mpls
mpls ldp
mpls ldp advertisement dod
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 30
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
#
ip route-static 0.0.0.0 0.0.0.0 10.1.3.1
#
return

3.9.4 Example for Configuring a Policy for Triggering LDP LSP


Establishment on the Ingress and Egress Nodes
Networking Requirements
As shown in Figure 3-15, LSRA and LSRD are edge devices of the MPLS backbone network
and have low performance. After MPLS LDP is enabled on each LSR interface, LDP LSPs
are set up automatically. Because the network scale is large (this example provides two
devices on intermediate nodes), many unnecessary LSPs are set up, wasting resources. The
number of LSPs established on edge devices needs to be reduced so that the burden of edge
devices is reduced.

Figure 3-15 Networking diagram for configuring a policy for triggering LDP LSP
establishment
Loopback0 Loopback0
2.2.2.9/32 3.3.3.9/32
GE0/0/2 GE0/0/1
10.2.1.1/24 10.2.1.2/24
LSRB LSRC
VLANIF20 VLANIF20
GE0/0/1 GE0/0/2
10.1.1.2/24 VLANIF10 VLANIF30
10.3.1.1/24
GE0/0/1 GE0/0/1
10.1.1.1/24 VLANIF10 VLANIF30 10.3.1.2/24

LSRA LSRD

Loopback0 Loopback0
1.1.1.9/32 4.4.4.9/32

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 134


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Configuration Roadmap
You can configure a policy for triggering LDP LSP setup to meet the requirement. The
configuration roadmap is as follows:
1. Configure OSPF between the LSRs to implement IP connectivity on the backbone
network.
2. Configure local LDP sessions on LSRs so that LDP LSPs can be set up.
3. Configure a policy for triggering LDP LSP setup on LSRA and LSRD to reduce the
number of LSPs on edge devices so that the burden of edge devices is reduced.

Procedure
Step 1 Create VLANs and VLANIF interfaces on the switch, configure IP addresses for the VLANIF
interfaces, and add physical interfaces to the VLANs.
# Configure LSRA. The configurations of LSRB, LSRC, and LSRD are similar to the
configuration of LSRA, and are not mentioned here.
<HUAWEI> system-view
[HUAWEI] sysname LSRA
[LSRA] interface loopback 0
[LSRA-LoopBack0] ip address 1.1.1.9 32
[LSRA-LoopBack0] quit
[LSRA] vlan batch 10
[LSRA] interface vlanif 10
[LSRA-Vlanif10] ip address 10.1.1.1 24
[LSRA-Vlanif10] quit
[LSRA] interface gigabitethernet 0/0/1
[LSRA-GigabitEthernet0/0/1] port link-type trunk
[LSRA-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[LSRA-GigabitEthernet0/0/1] quit

Step 2 Configure OSPF to advertise the network segments connecting to interfaces on each node and
to advertise the routes of hosts with LSR IDs.
# Configure LSRA. The configurations of LSRB, LSRC, and LSRD are similar to the
configuration of LSRA, and are not mentioned here.
[LSRA] ospf 1
[LSRA-ospf-1] area 0
[LSRA-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0
[LSRA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[LSRA-ospf-1-area-0.0.0.0] quit
[LSRA-ospf-1] quit

Step 3 Configure basic MPLS and MPLS LDP functions on the nodes and interfaces
# Configure LSRA. The configurations of LSRB, LSRC, and LSRD are similar to the
configuration of LSRA, and are not mentioned here.
[LSRA] mpls lsr-id 1.1.1.9
[LSRA] mpls
[LSRA-mpls] quit
[LSRA] mpls ldp
[LSRA-mpls-ldp] quit
[LSRA] interface vlanif 10
[LSRA-Vlanif10] mpls
[LSRA-Vlanif10] mpls ldp
[LSRA-Vlanif10] quit

# Run the display mpls lsp command on each node to view the establishment of the LDP
LSPs. LSRA is used as an example.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 135


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

[LSRA] display mpls lsp


-------------------------------------------------------------------------------
LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
1.1.1.9/32 3/NULL -/-
2.2.2.9/32 NULL/3 -/Vlanif10
2.2.2.9/32 1024/3 -/Vlanif10
3.3.3.9/32 NULL/1025 -/Vlanif10
3.3.3.9/32 1022/1025 -/Vlanif10
4.4.4.9/32 NULL/4118 -/Vlanif10
4.4.4.9/32 4105/4118 -/Vlanif10

Step 4 Configure an IP prefix list to filter routes.


# Configure an IP prefix list on LSRA that allows only 1.1.1.9/32 and 4.4.4.9/32 for LSP
setup.
[LSRA] ip ip-prefix FilterOnIngress permit 1.1.1.9 32
[LSRA] ip ip-prefix FilterOnIngress permit 4.4.4.9 32
[LSRA] mpls
[LSRA-mpls] lsp-trigger ip-prefix FilterOnIngress
[LSRA-mpls] quit

# Configure an IP prefix list on LSRD that allows only 1.1.1.9/32 and 4.4.4.9/32 for LSP
setup.
[LSRD] ip ip-prefix FilterOnEgress permit 1.1.1.9 32
[LSRD] ip ip-prefix FilterOnEgress permit 4.4.4.9 32
[LSRD] mpls
[LSRD-mpls] lsp-trigger ip-prefix FilterOnEgress
[LSRD-mpls] quit

Step 5 Verify the configuration.


# After the configuration is complete, run the display mpls lsp command on LSRA and
LSRD to view LDP LSP establishment.
[LSRA] display mpls lsp
-------------------------------------------------------------------------------
LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
1.1.1.9/32 3/NULL -/-
2.2.2.9/32 1024/3 -/Vlanif10
3.3.3.9/32 1022/1025 -/Vlanif10
4.4.4.9/32 NULL/4118 -/Vlanif10
4.4.4.9/32 4105/4118 -/Vlanif10

After the policy is configured, there are only LDP LSPs to the destination 1.1.1.9/32 and
4.4.4.9/32 with LSRA as the ingress node and other LDP LSPs that do not use LSRA as the
ingress node.
[LSRD] display mpls lsp
-------------------------------------------------------------------------------
LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
1.1.1.9/32 NULL/4110 -/
Vlanif30
1.1.1.9/32 4100/4110 -/Vlanif30
2.2.2.9/32 1023/1028 -/Vlanif30
3.3.3.9/32 1027/3 -/Vlanif30
4.4.4.9/32 3/NULL -/-

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 136


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

After the policy is configured, there are only LDP LSPs to the destination 1.1.1.9/32 and
4.4.4.9/32 with LSRD as the ingress node and other LDP LSPs that do not use LSRD as the
ingress node.

----End

Configuration Files
l Configuration file of LSRA
#
sysname LSRA
#
vlan batch 10
#
mpls lsr-id 1.1.1.9
mpls
lsp-trigger ip-prefix FilterOnIngress
#
mpls ldp
#
interface Vlanif10
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface LoopBack0
ip address 1.1.1.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 1.1.1.9 0.0.0.0
network 10.1.1.0 0.0.0.255
#
ip ip-prefix FilterOnIngress index 10 permit 1.1.1.9 32
ip ip-prefix FilterOnIngress index 20 permit 4.4.4.9 32
#
return

l Configuration file of LSRB


#
sysname LSRB
#
vlan batch 10 20
#
mpls lsr-id 2.2.2.9
mpls
#
mpls ldp
#
interface Vlanif10
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif20
ip address 10.2.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 137


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 20
#
interface LoopBack0
ip address 2.2.2.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.9 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.1.0 0.0.0.255
#
return
l Configuration file of LSRC
#
sysname LSRC
#
vlan batch 20 30
#
mpls lsr-id 3.3.3.9
mpls
#
mpls ldp
#
interface Vlanif20
ip address 10.2.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif30
ip address 10.3.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 20
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 30
#
interface LoopBack0
ip address 3.3.3.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.9 0.0.0.0
network 10.2.1.0 0.0.0.255
network 10.3.1.0 0.0.0.255
#
return
l Configuration file of LSRD
#
sysname LSRD
#
vlan batch 30
#
mpls lsr-id 4.4.4.9
mpls
lsp-trigger ip-prefix FilterOnEgress
#
mpls ldp
#
interface Vlanif30
ip address 10.3.1.2 255.255.255.0
mpls

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 138


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 30
#
interface LoopBack0
ip address 4.4.4.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 4.4.4.9 0.0.0.0
network 10.3.1.0 0.0.0.255
#
ip ip-prefix FilterOnEgress index 10 permit 1.1.1.9 32
ip ip-prefix FilterOnEgress index 20 permit 4.4.4.9 32
#
return

3.9.5 Example for Configuring a Policy for Triggering LDP LSP


Establishment on the Transit Node

Networking Requirements
As shown in Figure 3-16, LSRA and LSRD are edge devices of the MPLS backbone network
and have low performance. After MPLS LDP is enabled on each LSR interface, LDP LSPs
are set up automatically. Because the network scale is large (this example provides two
devices on intermediate nodes), many unnecessary LSPs are set up, wasting resources. The
number of LSPs established on edge devices needs to be reduced so that the burden of edge
devices is reduced.

NOTE

Policies cannot be configured on edge devices.

Figure 3-16 Networking diagram for configuring a policy for triggering LDP LSP
establishment

Loopback0 Loopback0
2.2.2.9/32 3.3.3.9/32
GE0/0/2 GE0/0/1
10.2.1.1/24 10.2.1.2/24
LSRB LSRC
VLANIF20 VLANIF20
GE0/0/1 GE0/0/2
10.1.1.2/24 VLANIF10 VLANIF30
10.3.1.1/24
GE0/0/1 GE0/0/1
10.1.1.1/24 VLANIF10 VLANIF30 10.3.1.2/24

LSRA LSRD

Loopback0 Loopback0
1.1.1.9/32 4.4.4.9/32

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 139


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Configuration Roadmap
You can configure a policy for triggering LDP LSP setup to meet the requirement. The
configuration roadmap is as follows:
1. Configure OSPF between the LSRs to implement IP connectivity on the backbone
network.
2. Configure local LDP sessions on LSRs so that LDP LSPs can be set up.
3. Configure a policy for triggering LDP LSP setup on LSRB and LSRC to reduce the
number of LSPs on edge devices so that the burden of edge devices is reduced.

Procedure
Step 1 Create VLANs and VLANIF interfaces on the switch, configure IP addresses for the VLANIF
interfaces, and add physical interfaces to the VLANs.
# Configure LSRA. The configurations of LSRB, LSRC, and LSRD are similar to the
configuration of LSRA, and are not mentioned here.
<HUAWEI> system-view
[HUAWEI] sysname LSRA
[LSRA] interface loopback 0
[LSRA-LoopBack0] ip address 1.1.1.9 32
[LSRA-LoopBack0] quit
[LSRA] vlan batch 10
[LSRA] interface vlanif 10
[LSRA-Vlanif10] ip address 10.1.1.1 24
[LSRA-Vlanif10] quit
[LSRA] interface gigabitethernet 0/0/1
[LSRA-GigabitEthernet0/0/1] port link-type trunk
[LSRA-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[LSRA-GigabitEthernet0/0/1] quit

Step 2 Configure OSPF to advertise the network segments connecting to interfaces on each node and
to advertise the routes of hosts with LSR IDs.
# Configure LSRA. The configurations of LSRB, LSRC, and LSRD are similar to the
configuration of LSRA, and are not mentioned here.
[LSRA] ospf 1
[LSRA-ospf-1] area 0
[LSRA-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0
[LSRA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[LSRA-ospf-1-area-0.0.0.0] quit
[LSRA-ospf-1] quit

Step 3 Configure basic MPLS and MPLS LDP functions on the nodes and interfaces
# Configure LSRA. The configurations of LSRB, LSRC, and LSRD are similar to the
configuration of LSRA, and are not mentioned here.
[LSRA] mpls lsr-id 1.1.1.9
[LSRA] mpls
[LSRA-mpls] quit
[LSRA] mpls ldp
[LSRA-mpls-ldp] quit
[LSRA] interface vlanif 10
[LSRA-Vlanif10] mpls
[LSRA-Vlanif10] mpls ldp
[LSRA-Vlanif10] quit

# Run the display mpls ldp lsp command on each node to view the establishment of the LDP
LSPs. LSRA is used as an example.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 140


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

[LSRA] display mpls ldp lsp

LDP LSP Information


-------------------------------------------------------------------------------
DestAddress/Mask In/OutLabel UpstreamPeer NextHop OutInterface
-------------------------------------------------------------------------------
1.1.1.9/32 3/NULL 2.2.2.9 127.0.0.1 InLoop0
*1.1.1.9/32 Liberal/3 DS/2.2.2.9
2.2.2.9/32 NULL/3 - 10.1.1.2 Vlanif10
2.2.2.9/32 1024/3 2.2.2.9 10.1.1.2 Vlanif10
3.3.3.9/32 NULL/1025 - 10.1.1.2 Vlanif10
3.3.3.9/32 1022/1025 2.2.2.9 10.1.1.2 Vlanif10
4.4.4.9/32 NULL/4118 - 10.1.1.2 Vlanif10
4.4.4.9/32 4105/4118 2.2.2.9 10.1.1.2 Vlanif10
------------------------------------------------------------------------------
TOTAL: 7 Normal LSP(s) Found.
TOTAL: 1 Liberal LSP(s) Found.
TOTAL: 0 Frr LSP(s) Found.
A '*' before an LSP means the LSP is not established
A '*' before a Label means the USCB or DSCB is stale
A '*' before a UpstreamPeer means the session is stale
A '*' before a DS means the session is stale
A '*' before a NextHop means the LSP is FRR LSP

Step 4 Configure an IP prefix list to filter routes.

# Configure the IP prefix list on transit node LSRB to allow only 1.1.1.9/32 and 4.4.4.9/32 for
LSP setup.
[LSRB] ip ip-prefix FilterOnTransit permit 1.1.1.9 32
[LSRB] ip ip-prefix FilterOnTransit permit 4.4.4.9 32
[LSRB] mpls ldp
[LSRB-mpls-ldp] propagate mapping for ip-prefix FilterOnTransit
[LSRB-mpls-ldp] quit

# Configure the IP prefix list on transit node LSRC to allow only 1.1.1.9/32 and 4.4.4.9/32 for
LSP setup.
[LSRC] ip ip-prefix FilterOnTransit permit 1.1.1.9 32
[LSRC] ip ip-prefix FilterOnTransit permit 4.4.4.9 32
[LSRC] mpls ldp
[LSRC-mpls-ldp] propagate mapping for ip-prefix FilterOnTransit
[LSRC-mpls-ldp] quit

Step 5 Verify the configuration.

# After the configuration is complete, run the display mpls ldp lsp command on LSRA and
LSRD to view LDP LSP establishment.
[LSRA] display mpls ldp lsp

LDP LSP Information


-------------------------------------------------------------------------------
DestAddress/Mask In/OutLabel UpstreamPeer NextHop OutInterface
-------------------------------------------------------------------------------
1.1.1.9/32 3/NULL 2.2.2.9 127.0.0.1 InLoop0
*1.1.1.9/32 Liberal/3 DS/2.2.2.9
2.2.2.9/32 NULL/3 - 10.1.1.2 Vlanif10
2.2.2.9/32 1024/3 2.2.2.9 10.1.1.2 Vlanif10
4.4.4.9/32 NULL/4118 - 10.1.1.2 Vlanif10
4.4.4.9/32 4105/4118 2.2.2.9 10.1.1.2 Vlanif10
------------------------------------------------------------------------------
TOTAL: 5 Normal LSP(s) Found.
TOTAL: 1 Liberal LSP(s) Found.
TOTAL: 0 Frr LSP(s) Found.
A '*' before an LSP means the LSP is not established
A '*' before a Label means the USCB or DSCB is stale
A '*' before a UpstreamPeer means the session is stale

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 141


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

A '*' before a DS means the session is stale


A '*' before a NextHop means the LSP is FRR LSP

Because the policy for triggering LDP LSP setup is configured on LSRB, the LDP LSP
destined for 3.3.3.9/32 is filtered on LSRA.
[LSRD] display mpls ldp lsp

LDP LSP Information


-------------------------------------------------------------------------------
DestAddress/Mask In/OutLabel UpstreamPeer NextHop OutInterface
-------------------------------------------------------------------------------
1.1.1.9/32 NULL/4110 - 10.3.1.1 Vlanif30
1.1.1.9/32 4100/4110 3.3.3.9 10.3.1.1 Vlanif30
3.3.3.9/32 NULL/3 - 10.3.1.1 Vlanif30
3.3.3.9/32 1026/3 3.3.3.9 10.3.1.1 Vlanif30
4.4.4.9/32 3/NULL 3.3.3.9 127.0.0.1 InLoop0
*4.4.4.9/32 Liberal/3 DS/3.3.3.9
------------------------------------------------------------------------------
TOTAL: 5 Normal LSP(s) Found.
TOTAL: 1 Liberal LSP(s) Found.
TOTAL: 0 Frr LSP(s) Found.
A '*' before an LSP means the LSP is not established
A '*' before a Label means the USCB or DSCB is stale
A '*' before a UpstreamPeer means the session is stale
A '*' before a DS means the session is stale
A '*' before a NextHop means the LSP is FRR LSP

Because the policy for triggering LDP LSP setup is configured on LSRC, the LDP LSP
destined for 2.2.2.9/32 is filtered on LSRD.
----End

Configuration Files
l Configuration file of LSRA
#
sysname LSRA
#
vlan batch 10
#
mpls lsr-id 1.1.1.9
mpls
#
mpls ldp
#
interface Vlanif10
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface LoopBack0
ip address 1.1.1.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 1.1.1.9 0.0.0.0
network 10.1.1.0 0.0.0.255
#
return

l Configuration file of LSRB


#
sysname LSRB

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 142


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

#
vlan batch 10 20
#
mpls lsr-id 2.2.2.9
mpls
#
mpls ldp
propagate mapping for ip-prefix FilterOnTransit
#
interface Vlanif10
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif20
ip address 10.2.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 20
#
interface LoopBack0
ip address 2.2.2.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.9 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.1.0 0.0.0.255
#
ip ip-prefix FilterOnTransit index 10 permit 1.1.1.9 32
ip ip-prefix FilterOnTransit index 20 permit 4.4.4.9 32
#
return
l Configuration file of LSRC
#
sysname LSRC
#
vlan batch 20 30
#
mpls lsr-id 3.3.3.9
mpls
#
mpls ldp
propagate mapping for ip-prefix FilterOnTransit
#
interface Vlanif20
ip address 10.2.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif30
ip address 10.3.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 20
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 30

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 143


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

#
interface LoopBack0
ip address 3.3.3.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.9 0.0.0.0
network 10.2.1.0 0.0.0.255
network 10.3.1.0 0.0.0.255
#
ip ip-prefix FilterOnTransit index 10 permit 1.1.1.9 32
ip ip-prefix FilterOnTransit index 20 permit 4.4.4.9 32
#
return

l Configuration file of LSRD


#
sysname LSRD
#
vlan batch 30
#
mpls lsr-id 4.4.4.9
mpls
#
mpls ldp
#
interface Vlanif30
ip address 10.3.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 30
#
interface LoopBack0
ip address 4.4.4.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 4.4.4.9 0.0.0.0
network 10.3.1.0 0.0.0.255
#
return

3.9.6 Example for Disabling Devices from Distributing LDP


Labels to Remote Peers
Networking Requirements
As shown in Figure 3-17, PE1, PE2, and PE3 connect to the P of the MPLS backbone
network and IS-IS is used. Public LSPs are used to transmit L2VPN services, PE1 establishes
remote LDP sessions with PE2 and PE3 to exchange private labels, and dynamic Pseudo
Wires (PWs) are set up between PE1 and PE2 and between PE1 and PE3.
On an MPLS network, LDP transmits private network label and distributes common LDP
labels to remote peers. Multiple remote LDP peers on the network lead to a large number of
null labels, which occupies many system resources. The label distribution to remote LDP
peers needs to be controlled to save system resources.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 144


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Figure 3-17 Networking diagram for disabling devices from distributing LDP labels to
remote peers
Loopback 0
5.5.5.5/32

PE2

AN 1.1 /3
Loopback 0

AN 1.2 /1
IF /24
VL .1. 0/0

IF /24
VL .1. 0/0
20
1.1.1.1/32

20 GE

20
20 GE
GE0/0/1
40.1.1.2/24
VLANIF10 Loopback 0
GE0/0/1 2.2.2.2/32
P G G
PE1 40.1.1.1/24 30 E 30 E
VLANIF10 VL .1. 0/0 V .1. 0/0
AN 1.1 /2 LA 1.2 /1
IF /24 N /2
IF 4
30 30

PE3

Loopback 0
4.4.4.4/32

Configuration Roadmap
To meet the preceding requirements, disable devices from distributing LDP labels to remote
peers. The configuration roadmap is as follows:
1. Configure IS-IS between on PEs and P to implement IP connectivity on the backbone
network.
2. Configure local LDP sessions on PEs and P so that public LSPs can be set up to transmit
L2VPN services.
3. Configure remote LDP sessions on PEs to exchange private labels so that dynamic PWs
are set up.
4. Disable PEs from allocating labels to remote peers so that PE1 cannot allocate LDP
labels to PE2 and PE3. This setting saves system resources.

Procedure
Step 1 Create VLANs and VLANIF interfaces on the switch, configure IP addresses for the VLANIF
interfaces, and add physical interfaces to the VLANs.
# Configure PE1. The configurations of P, PE2, and PE3 are similar to the configuration of
PE1, and are not mentioned here.
<HUAWEI> system-view
[HUAWEI] sysname PE1
[PE1] interface loopback 0
[PE1-LoopBack0] ip address 1.1.1.1 32
[PE1-LoopBack0] quit

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 145


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

[PE1] vlan batch 10


[PE1] interface vlanif 10
[PE1-Vlanif10] ip address 40.1.1.1 24
[PE1-Vlanif10] quit
[PE1] interface gigabitethernet 0/0/1
[PE1-GigabitEthernet0/0/1] port link-type trunk
[PE1-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[PE1-GigabitEthernet0/0/1] quit

Step 2 Configure IS-IS to advertise the network segments connecting to interfaces on each node and
to advertise the routes of hosts with LSR IDs.

# Configure PE1.
[PE1] isis 1
[PE1-isis-1] is-level level-2
[PE1-isis-1] network-entity 86.4501.0010.0100.0001.00
[PE1-isis-1] quit
[PE1] interface vlanif 10
[PE1-Vlanif10] isis enable 1
[PE1-Vlanif10] quit
[PE1] interface loopback 0
[PE1-LoopBack0] isis enable 1
[PE1-LoopBack0] quit

# Configure P.
[P] isis 1
[P-isis-1] is-level level-2
[P-isis-1] network-entity 86.4501.0030.0300.0003.00
[P-isis-1] quit
[P] interface vlanif 10
[P-Vlanif10] isis enable 1
[P-Vlanif10] quit
[P] interface vlanif 20
[P-Vlanif20] isis enable 1
[P-Vlanif20] quit
[P] interface vlanif 30
[P-Vlanif30] isis enable 1
[P-Vlanif30] quit
[P] interface loopback 0
[P-LoopBack0] isis enable 1
[P-LoopBack0] quit

# Configure PE2.
[PE2] isis 1
[PE2-isis-1] is-level level-2
[PE2-isis-1] network-entity 86.4501.0050.0500.0005.00
[PE2-isis-1] quit
[PE2] interface vlanif 20
[PE2-Vlanif20] isis enable 1
[PE2-Vlanif20] quit
[PE2] interface loopback 0
[PE2-LoopBack0] isis enable 1
[PE2-LoopBack0] quit

# Configure PE3.
[PE3] isis 1
[PE3-isis-1] is-level level-2
[PE3-isis-1] network-entity 86.4501.0040.0400.0004.00
[PE3-isis-1] quit
[PE3] interface vlanif 30
[PE3-Vlanif30] isis enable 1
[PE3-Vlanif30] quit
[PE3] interface loopback 0
[PE3-LoopBack0] isis enable 1
[PE3-LoopBack0] quit

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 146


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Step 3 Configure local LDP sessions.


# Configure PE1.
[PE1] mpls lsr-id 1.1.1.1
[PE1] mpls
[PE1-mpls] quit
[PE1] mpls ldp
[PE1-mpls-ldp] quit
[PE1] interface vlanif 10
[PE1-Vlanif10] mpls
[PE1-Vlanif10] mpls ldp
[PE1-Vlanif10] quit

# Configure P.
[P] mpls lsr-id 2.2.2.2
[P] mpls
[P-mpls] quit
[P] mpls ldp
[P-mpls-ldp] quit
[P] interface vlanif 10
[P-Vlanif10] mpls
[P-Vlanif10] mpls ldp
[P-Vlanif10] quit
[P] interface vlanif 20
[P-Vlanif20] mpls
[P-Vlanif20] mpls ldp
[P-Vlanif20] quit
[P] interface vlanif 30
[P-Vlanif30] mpls
[P-Vlanif30] mpls ldp
[P-Vlanif30] quit

# Configure PE2.
[PE2] mpls lsr-id 5.5.5.5
[PE2] mpls
[PE2-mpls] quit
[PE2] mpls ldp
[PE2-mpls-ldp] quit
[PE2] interface vlanif 20
[PE2-Vlanif20] mpls
[PE2-Vlanif20] mpls ldp
[PE2-Vlanif20] quit

# Configure PE3.
[PE3] mpls lsr-id 4.4.4.4
[PE3] mpls
[PE3-mpls] quit
[PE3] mpls ldp
[PE3-mpls-ldp] quit
[PE3] interface vlanif 30
[PE3-Vlanif30] mpls
[PE3-Vlanif30] mpls ldp
[PE3-Vlanif30] quit

After the configuration is complete, LDP sessions and public network LSPs are established
between neighboring nodes. Run the display mpls ldp session command on each node. The
command output shows that the LDP session status is Operational. PE1 is used as an
example
[PE1] display mpls ldp session

LDP Session(s) in Public Network


Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)
A '*' before a session means the session is being deleted.
------------------------------------------------------------------------------

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 147


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

PeerID Status LAM SsnRole SsnAge KASent/Rcv


------------------------------------------------------------------------------
2.2.2.2:0 Operational DU Passive 0000:00:01 6/6
------------------------------------------------------------------------------
TOTAL: 1 session(s) Found.

Run the display mpls ldp lsp command to check the LSP setup result and label distribution.
[PE1] display mpls ldp lsp

LDP LSP Information


-------------------------------------------------------------------------------
DestAddress/Mask In/OutLabel UpstreamPeer NextHop OutInterface
-------------------------------------------------------------------------------
1.1.1.1/32 3/NULL 2.2.2.2 127.0.0.1 InLoop0
*1.1.1.1/32 Liberal/1025 DS/2.2.2.2
2.2.2.2/32 NULL/3 - 40.1.1.2 Vlanif10
2.2.2.2/32 1024/3 2.2.2.2 40.1.1.2 Vlanif10
4.4.4.4/32 NULL/1024 - 40.1.1.2 Vlanif10
4.4.4.4/32 1025/1024 2.2.2.2 40.1.1.2 Vlanif10
5.5.5.5/32 NULL/1026 - 40.1.1.2 Vlanif10
5.5.5.5/32 1022/1026 2.2.2.2 40.1.1.2 Vlanif10
-------------------------------------------------------------------------------
TOTAL: 7 Normal LSP(s) Found.
TOTAL: 1 Liberal LSP(s) Found.
TOTAL: 0 Frr LSP(s) Found.
A '*' before an LSP means the LSP is not established
A '*' before a Label means the USCB or DSCB is stale
A '*' before a UpstreamPeer means the session is stale
A '*' before a DS means the session is stale
A '*' before a NextHop means the LSP is FRR LSP

Step 4 Set up the remote MPLS LDP peer relationship between PEs at both ends of the PW.
# Configure PE1.
[PE1] mpls ldp remote-peer pe2
[PE1-mpls-ldp-remote-pe2] remote-ip 5.5.5.5
[PE1-mpls-ldp-remote-pe2] quit
[PE1] mpls ldp remote-peer pe3
[PE1-mpls-ldp-remote-pe3] remote-ip 4.4.4.4
[PE1-mpls-ldp-remote-pe3] quit

# Configure PE2.
[PE2] mpls ldp remote-peer pe1
[PE2-mpls-ldp-remote-pe1] remote-ip 1.1.1.1
[PE2-mpls-ldp-remote-pe1] quit

# Configure PE3.
[PE3] mpls ldp remote-peer pe1
[PE3-mpls-ldp-remote-pe1] remote-ip 1.1.1.1
[PE3-mpls-ldp-remote-pe1] quit

After the configuration is complete, remote LDP sessions are established between
neighboring PEs. Run the display mpls ldp session command on each node. The command
output shows that the LDP session status is Operational. PE1 is used as an example
[PE1] display mpls ldp session

LDP Session(s) in Public Network


Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)
A '*' before a session means the session is being deleted.
------------------------------------------------------------------------------
PeerID Status LAM SsnRole SsnAge KASent/Rcv
------------------------------------------------------------------------------
2.2.2.2:0 Operational DU Passive 0000:00:18 75/75
4.4.4.4:0 Operational DU Passive 0000:00:10 43/43

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 148


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

5.5.5.5:0 Operational DU Passive 0000:00:12 50/50


------------------------------------------------------------------------------
TOTAL: 3 session(s) Found.

Run the display mpls ldp lsp command to view the label distribution. The command output
shows that PEs have distributed liberal labels to their own remote neighbors. These labels,
however, are idle and occupy many system resources in MPLS L2VPN applications that use
PWE3 technology.
[PE1] display mpls ldp lsp

LDP LSP Information


-------------------------------------------------------------------------------
DestAddress/Mask In/OutLabel UpstreamPeer NextHop OutInterface
-------------------------------------------------------------------------------
1.1.1.1/32 3/NULL 2.2.2.2 127.0.0.1 InLoop0
1.1.1.1/32 3/NULL 5.5.5.5 127.0.0.1 InLoop0
1.1.1.1/32 3/NULL 4.4.4.4 127.0.0.1 InLoop0
*1.1.1.1/32 Liberal/1025 DS/2.2.2.2
*1.1.1.1/32 Liberal/1024 DS/5.5.5.5
*1.1.1.1/32 Liberal/1025 DS/4.4.4.4
2.2.2.2/32 NULL/3 - 40.1.1.2 Vlanif10
2.2.2.2/32 1024/3 2.2.2.2 40.1.1.2 Vlanif10
2.2.2.2/32 1024/3 5.5.5.5 40.1.1.2 Vlanif10
2.2.2.2/32 1024/3 4.4.4.4 40.1.1.2 Vlanif10
4.4.4.4/32 NULL/1024 - 40.1.1.2 Vlanif10
4.4.4.4/32 1025/1024 2.2.2.2 40.1.1.2 Vlanif10
4.4.4.4/32 1025/1024 5.5.5.5 40.1.1.2 Vlanif10
4.4.4.4/32 1025/1024 4.4.4.4 40.1.1.2 Vlanif10
*4.4.4.4/32 Liberal/1026 DS/5.5.5.5
*4.4.4.4/32 Liberal/3 DS/4.4.4.4
5.5.5.5/32 NULL/1026 - 40.1.1.2 Vlanif10
5.5.5.5/32 1022/1026 2.2.2.2 40.1.1.2 Vlanif10
5.5.5.5/32 1022/1026 5.5.5.5 40.1.1.2 Vlanif10
5.5.5.5/32 1022/1026 4.4.4.4 40.1.1.2 Vlanif10
*5.5.5.5/32 Liberal/3 DS/5.5.5.5
*5.5.5.5/32 Liberal/1026 DS/4.4.4.4
-------------------------------------------------------------------------------
TOTAL: 15 Normal LSP(s) Found.
TOTAL: 9 Liberal LSP(s) Found.
TOTAL: 0 Frr LSP(s) Found.
A '*' before an LSP means the LSP is not established
A '*' before a Label means the USCB or DSCB is stale
A '*' before a UpstreamPeer means the session is stale
A '*' before a DS means the session is stale
A '*' before a NextHop means the LSP is FRR LSP

Step 5 Disable devices from distributing LDP labels to remote peers on PEs at both ends of a PW.
# Configure PE1.
[PE1] mpls ldp remote-peer pe2
[PE1-mpls-ldp-remote-pe2] remote-ip 5.5.5.5 pwe3
[PE1-mpls-ldp-remote-pe2] quit
[PE1] mpls ldp remote-peer pe3
[PE1-mpls-ldp-remote-pe3] remote-ip 4.4.4.4 pwe3
[PE1-mpls-ldp-remote-pe3] quit

# Configure PE2.
[PE2] mpls ldp remote-peer pe1
[PE2-mpls-ldp-remote-pe1] remote-ip 1.1.1.1 pwe3
[PE2-mpls-ldp-remote-pe1] quit

# Configure PE3.
[PE3] mpls ldp remote-peer pe1
[PE3-mpls-ldp-remote-pe1] remote-ip 1.1.1.1 pwe3
[PE3-mpls-ldp-remote-pe1] quit

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 149


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

After the configuration is complete, PEs do not distribute labels to remote LDP peers. Run the
display mpls ldp lsp command on each node to view the established LSP after devices from
distributing LDP labels to remote peers is disabled. PE1 is used as an example.
[PE1] display mpls ldp lsp

LDP LSP Information


-------------------------------------------------------------------------------
DestAddress/Mask In/OutLabel UpstreamPeer NextHop OutInterface
-------------------------------------------------------------------------------
1.1.1.1/32 3/NULL 2.2.2.2 127.0.0.1 InLoop0
2.2.2.2/32 NULL/3 - 40.1.1.2 Vlanif10
2.2.2.2/32 1024/3 2.2.2.2 40.1.1.2 Vlanif10
*2.2.2.2/32 Liberal/1025 DS/5.5.5.5
4.4.4.4/32 NULL/1024 - 40.1.1.2 Vlanif10
4.4.4.4/32 1025/1024 2.2.2.2 40.1.1.2 Vlanif10
5.5.5.5/32 NULL/1026 - 40.1.1.2 Vlanif10
5.5.5.5/32 1022/1026 2.2.2.2 40.1.1.2 Vlanif10
-------------------------------------------------------------------------------
TOTAL: 7 Normal LSP(s) Found.
TOTAL: 1 Liberal LSP(s) Found.
TOTAL: 0 Frr LSP(s) Found.
A '*' before an LSP means the LSP is not established
A '*' before a Label means the USCB or DSCB is stale
A '*' before a UpstreamPeer means the session is stale
A '*' before a DS means the session is stale
A '*' before a NextHop means the LSP is FRR LSP

A large number of idle remote labels and LSPs are disabled. The LSPs are established based
on the local LDP sessions.

----End

Configuration Files
l Configuration file of PE1
#
sysname PE1
#
vlan batch 10
#
mpls lsr-id 1.1.1.1
mpls
#
mpls ldp
#
mpls ldp remote-peer pe2
remote-ip 5.5.5.5 pwe3
#
mpls ldp remote-peer pe3
remote-ip 4.4.4.4 pwe3
#
isis 1
is-level level-2
network-entity 86.4501.0010.0100.0001.00
#
interface Vlanif10
ip address 40.1.1.1 255.255.255.0
isis enable 1
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface LoopBack0

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 150


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

ip address 1.1.1.1 255.255.255.255


isis enable 1
#
return
l Configuration file of the P
#
sysname P
#
vlan batch 10 20 30
#
mpls lsr-id 2.2.2.2
mpls
#
mpls ldp
#
isis 1
is-level level-2
network-entity 86.4501.0030.0300.0003.00
#
interface Vlanif10
ip address 40.1.1.2 255.255.255.0
isis enable 1
mpls
mpls ldp
#
interface Vlanif20
ip address 20.1.1.1 255.255.255.0
isis enable 1
mpls
mpls ldp
#
interface Vlanif30
ip address 30.1.1.1 255.255.255.0
isis enable 1
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 30
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 20
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
isis enable 1
#
return
l Configuration file of PE2
#
sysname PE2
#
vlan batch 20
#
mpls lsr-id 5.5.5.5
mpls
#
mpls ldp
#
mpls ldp remote-peer pe1
remote-ip 1.1.1.1 pwe3
#

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 151


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

isis 1
is-level level-2
network-entity 86.4501.0050.0500.0005.00
#
interface Vlanif20
ip address 20.1.1.2 255.255.255.0
isis enable 1
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 20
#
interface LoopBack0
ip address 5.5.5.5 255.255.255.255
isis enable 1
#
return

l Configuration file of PE3


#
sysname PE3
#
vlan batch 30
#
mpls lsr-id 4.4.4.4
mpls
#
mpls ldp
#
mpls ldp remote-peer pe1
remote-ip 1.1.1.1 pwe3
#
isis 1
is-level level-2
network-entity 86.4501.0040.0400.0004.00
#
interface Vlanif30
ip address 30.1.1.2 255.255.255.0
isis enable 1
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 30
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
isis enable 1
#
return

3.9.7 Example for Configuring Static BFD to Detect LDP LSPs

Networking Requirements
As shown in Figure 3-18, the network topology is simple and stable, PEs and P are MPLS
backbone network devices, and LDP LSPs are set up on the backbone network to transmit
network services.

Network services, such as VoIP, online game, and online video service, have high
requirements for real-timeness. Data loss caused by faulty links will seriously affect services.
It is required that services be fast switched to the backup LSP when the primary LSP becomes

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 152


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

faulty, minimizing packet loss. Static BFD for LDP LSPs is configured to fast detect LDP
LSPs.

Figure 3-18 Networking diagram of configuring static BFD for LDP LSPs
Loopback1
2.2.2.2/32
G
/ 0/1 4 10 E0/
0 /2 .2 0/
GE .1.2 0 VL .1.1/ 2
.1 1 AN 24 G
Loopback1 /1 10 NIF P1 IF2 10 E0/ Loopback1
0
/ /24 A 0
1.1.1.1/32 E .1 0 V L . 2.1 0/1 4.4.4.4/32
G .1 VL .
0 .1 IF10 AN 2/24
1 AN primary LSP IF2
VL 0
VL
AN 0
PE1 10 GE0 IF30 backup LSP N IF4 2 PE2
A /
.3 . /0 /2
1 .1 VL VL E0/0 /24
/2 4 AN 40 G .1.2
IF3 I F .4
G 0
P2 AN 10
1 0 E0 / V L /2
.3. 0/1
1.2 E 0/0 /24
/24 G .1.1
.4
10
Loopback1
3.3.3.3/32

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure OSPF between the PEs and P to implement IP connectivity on the backbone
network.
2. Configure local LDP sessions on PEs and P so that LDP LSPs can be set up to transmit
network services.
3. Configure static BFD on PEs to fast detect LDP LSPs.
NOTE

Ensure that STP is disabled in this scenario; otherwise, the primary LSP may be unavailable.

Procedure
Step 1 Create VLANs and VLANIF interfaces on the switch, configure IP addresses for the VLANIF
interfaces, and add physical interfaces to the VLANs.
# Configure PE1.
<HUAWEI> system-view
[HUAWEI] sysname PE1
[PE1] interface loopback 1
[PE1-LoopBack1] ip address 1.1.1.1 32
[PE1-LoopBack1] quit
[PE1] vlan batch 10 30
[PE1] interface vlanif 10

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 153


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

[PE1-Vlanif10] ip address 10.1.1.1 24


[PE1-Vlanif10] quit
[PE1] interface vlanif 30
[PE1-Vlanif30] ip address 10.3.1.1 24
[PE1-Vlanif30] quit
[PE1] interface gigabitethernet 0/0/1
[PE1-GigabitEthernet0/0/1] port link-type trunk
[PE1-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[PE1-GigabitEthernet0/0/1] quit
[PE1] interface gigabitethernet 0/0/2
[PE1-GigabitEthernet0/0/2] port link-type trunk
[PE1-GigabitEthernet0/0/2] port trunk allow-pass vlan 30
[PE1-GigabitEthernet0/0/2] quit

The configurations of P1, P2, and PE2 are similar to the configuration of PE1, and are not
mentioned here.

Step 2 Configure OSPF to advertise the network segments connecting to interfaces on each node and
to advertise the routes of hosts with LSR IDs.

# Configure PE1.
[PE1] ospf 1
[PE1-ospf-1] area 0
[PE1-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0
[PE1-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] network 10.3.1.0 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] quit
[PE1-ospf-1] quit

The configurations of P1, P2, and PE2 are similar to the configuration of PE1, and are not
mentioned here.

Step 3 Set the cost of VLANIF 30 on PE1 to 1000.


[PE1] interface vlanif 30
[PE1-Vlanif30] ospf cost 1000
[PE1-Vlanif30] quit

After the configuration is complete, run the display ip routing-table command on each node.
You can see that the nodes learn routes from each other. The outbound interface of the route
from PE1 to PE2 is VLANIF 10.

Step 4 Configure local LDP sessions.

# Configure PE1.
[PE1] mpls lsr-id 1.1.1.1
[PE1] mpls
[PE1-mpls] quit
[PE1] mpls ldp
[PE1-mpls-ldp] quit
[PE1] interface vlanif 10
[PE1-Vlanif10] mpls
[PE1-Vlanif10] mpls ldp
[PE1-Vlanif10] quit
[PE1] interface vlanif 30
[PE1-Vlanif30] mpls
[PE1-Vlanif30] mpls ldp
[PE1-Vlanif30] quit

The configurations of P1, P2, and PE2 are similar to the configuration of PE1, and are not
mentioned here.

# Run the display mpls ldp lsp command. The command output shows that an LDP LSP
destined for 4.4.4.4/32 is set up on PE1.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 154


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

[PE1] display mpls ldp lsp

LDP LSP Information


-------------------------------------------------------------------------------
DestAddress/Mask In/OutLabel UpstreamPeer NextHop OutInterface
-------------------------------------------------------------------------------
1.1.1.1/32 3/NULL 2.2.2.2 127.0.0.1 InLoop0
1.1.1.1/32 3/NULL 3.3.3.3 127.0.0.1 InLoop0
*1.1.1.1/32 Liberal/1024 DS/2.2.2.2
*1.1.1.1/32 Liberal/1024 DS/3.3.3.3
2.2.2.2/32 NULL/3 - 10.1.1.2 Vlanif10
2.2.2.2/32 1024/3 2.2.2.2 10.1.1.2 Vlanif10
2.2.2.2/32 1024/3 3.3.3.3 10.1.1.2 Vlanif10
*2.2.2.2/32 Liberal/1025 DS/3.3.3.3
3.3.3.3/32 NULL/1026 - 10.1.1.2 Vlanif10
3.3.3.3/32 1026/1026 2.2.2.2 10.1.1.2 Vlanif10
3.3.3.3/32 1026/1026 3.3.3.3 10.1.1.2 Vlanif10
*3.3.3.3/32 Liberal/3 DS/3.3.3.3
*3.3.3.9/32 Liberal/3 DS/3.3.3.3
4.4.4.4/32 NULL/1025 - 10.1.1.2 Vlanif10
4.4.4.4/32 1025/1025 2.2.2.2 10.1.1.2 Vlanif10
4.4.4.4/32 1025/1025 3.3.3.3 10.1.1.2 Vlanif10
*4.4.4.4/32 Liberal/1026 DS/3.3.3.3
-------------------------------------------------------------------------------
TOTAL: 11 Normal LSP(s) Found.
TOTAL: 6 Liberal LSP(s) Found.
TOTAL: 0 Frr LSP(s) Found.
A '*' before an LSP means the LSP is not established
A '*' before a Label means the USCB or DSCB is stale
A '*' before a UpstreamPeer means the session is stale
A '*' before a DS means the session is stale
A '*' before a NextHop means the LSP is FRR LSP

Step 5 Enable global BFD on the two nodes of the detected link.
# Configure PE1.
[PE1] bfd
[PE1-bfd] quit

# Configure PE2.
[PE2] bfd
[PE2-bfd] quit

Step 6 Bind the BFD session destined for the LDP LSP on PE1. Set the interval for sending and
receiving packets to both 100 ms. Configure the port status table to be changeable.
# Configure PE1.
[PE1] bfd pe1tope2 bind ldp-lsp peer-ip 4.4.4.4 nexthop 10.1.1.2 interface vlanif
10
[PE1-bfd-lsp-session-pe1tope2] discriminator local 1
[PE1-bfd-lsp-session-pe1tope2] discriminator remote 2
[PE1-bfd-lsp-session-pe1tope2] min-tx-interval 100
[PE1-bfd-lsp-session-pe1tope2] min-rx-interval 100
[PE1-bfd-lsp-session-pe1tope2] process-pst
[PE1-bfd-lsp-session-pe1tope2] commit
[PE1-bfd-lsp-session-pe1tope2] quit

Step 7 On PE2, configure a BFD session that is bound to the IP link to notify PE1 of the detected
faults on the LDP LSP.
# Configure PE2.
[PE2] bfd pe2tope1 bind peer-ip 1.1.1.1
[PE2-bfd-session-pe2tope1] discriminator local 2
[PE2-bfd-session-pe2tope1] discriminator remote 1
[PE2-bfd-session-pe2tope1] min-tx-interval 100

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 155


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

[PE2-bfd-session-pe2tope1] min-rx-interval 100


[PE2-bfd-session-pe2tope1] commit
[PE2-bfd-session-pe2tope1] quit

Step 8 Verify the configuration.


# Run the display bfd session all command on PE1. The command output shows that the
State field is displayed as Up.
[PE1] display bfd session all
--------------------------------------------------------------------------------
Local Remote PeerIpAddr State Type InterfaceName
--------------------------------------------------------------------------------
1 2 4.4.4.4 Up S_LDP_LSP Vlanif10
--------------------------------------------------------------------------------
Total UP/DOWN Session Number : 1/0

# Run the display bfd session all command on PE2, and the command output that the State
field is displayed as Up.
[PE2] display bfd session all
--------------------------------------------------------------------------------
Local Remote PeerIpAddr State Type InterfaceName
--------------------------------------------------------------------------------
2 1 1.1.1.1 Up S_IP_PEER -
--------------------------------------------------------------------------------
Total UP/DOWN Session Number : 1/0

----End

Configuration Files
l Configuration file of PE1
#
sysname PE1
#
vlan batch 10 30
#
bfd
#
mpls lsr-id 1.1.1.1

mpls
#
mpls ldp
#
interface Vlanif10
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface Vlanif30
ip address 10.3.1.1 255.255.255.0
ospf cost 1000
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 30
#
interface LoopBack1
ip address 1.1.1.1 255.255.255.255
#

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 156


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.3.1.0 0.0.0.255
#
bfd pe1tope2 bind ldp-lsp peer-ip 4.4.4.4 nexthop 10.1.1.2 interface Vlanif 10
discriminator local 1
discriminator remote 2
min-tx-interval 100
min-rx-interval 100
process-pst
commit
#
return
l Configuration file of P1
#
sysname P1
#
vlan batch 10 20
#
mpls lsr-id 2.2.2.2
mpls
#
mpls ldp
#
interface Vlanif10
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif20
ip address 10.2.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 20
#
interface LoopBack1
ip address 2.2.2.2 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.1.0 0.0.0.255
#
return
l Configuration file of P2
#
sysname P2
#
vlan batch 30 40
#
mpls lsr-id 3.3.3.3
mpls
#
mpls ldp
#
interface Vlanif30
ip address 10.3.1.2 255.255.255.0
mpls

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 157


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

mpls ldp
#
interface Vlanif40
ip address 10.4.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 30
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 40
#
interface LoopBack1
ip address 3.3.3.3 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 10.3.1.0 0.0.0.255
network 10.4.1.0 0.0.0.255
#
return
l Configuration file of PE2
#
sysname PE2
#
vlan batch 20 40
#
bfd
#
mpls lsr-id 4.4.4.4
mpls
#
mpls ldp
#
interface Vlanif20
ip address 10.2.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif40
ip address 10.4.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 20
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 40
#
interface LoopBack1
ip address 4.4.4.4 255.255.255.255
#
ospf 1
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 10.2.1.0 0.0.0.255
network 10.4.1.0 0.0.0.255
#
bfd pe2tope1 bind peer-ip 1.1.1.1
discriminator local 2
discriminator remote 1
min-tx-interval 100

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 158


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

min-rx-interval 100
commit
#
return

3.9.8 Example for Configuring Dynamic BFD to Detect LDP LSPs

Networking Requirements
As shown in Figure 3-19, the network topology is complex and unstable, PEs and P are
MPLS backbone network devices, and LDP LSPs are set up on the backbone network to
transmit network services.

Network services, such as VoIP, online game, and online video service, have high
requirements for real-timeness. Data loss caused by faulty links will seriously affect services.
It is required that services be fast switched to the backup LSP when the primary LSP becomes
faulty, minimizing packet loss. Dynamic BFD for LDP LSPs is configured to fast detect LDP
LSPs.

Figure 3-19 Networking diagram of dynamic BFD for LDP LSPs


Loopback1
2.2.2.2/32
G
/ 0/1 4 10 E0/
0 /2 .2 0/
GE .1.2 0 VL .1.1/ 2
.1 1 AN 24 G
Loopback1 / 1 10 NIF P1 IF2 10 E0/ Loopback1
/ 0 4 A 0 . 0
1.1.1.1/32 E0 .1/2 L 2 / 4.4.4.4/32
G .1 0
V VL .1.2 1
. 1 1 A / 2
10 ANIF primary LSP NI
F2
4
V L 0
VL
AN 0
G I F backup LSP IF4
PE1 10 0 E 3 AN /2 PE2
.3 . /0 /2 0 V VL E0/0 /24
1 .1 LA G .1.2
/2 4 NI I F40 .4
GE F30 P2 L AN 10
10 0/ V /2
.3. 0/1
1.2 E 0/0 /24
/24 G .1.1
.4
10
Loopback1
3.3.3.3/32

Configuration Roadmap
The configuration roadmap is as follows:

1. Configure OSPF between the PEs and P to implement IP connectivity on the backbone
network.
2. Configure local LDP sessions on PEs and P so that LDP LSPs can be set up to transmit
network services.
3. Configure dynamic BFD on PEs to fast detect LDP LSPs.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 159


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

NOTE

Ensure that STP is disabled in this scenario; otherwise, the primary LSP may be unavailable.

Procedure
Step 1 Create VLANs and VLANIF interfaces on the switch, configure IP addresses for the VLANIF
interfaces, and add physical interfaces to the VLANs.
# Configure PE1.
<HUAWEI> system-view
[HUAWEI] sysname PE1
[PE1] interface loopback 1
[PE1-LoopBack1] ip address 1.1.1.1 32
[PE1-LoopBack1] quit
[PE1] interface gigabitethernet 0/0/1
[PE1-GigabitEthernet0/0/1] port link-type trunk
[PE1-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[PE1-GigabitEthernet0/0/1] quit
[PE1] interface gigabitethernet 0/0/2
[PE1-GigabitEthernet0/0/2] port link-type trunk
[PE1-GigabitEthernet0/0/2] port trunk allow-pass vlan 30
[PE1-GigabitEthernet0/0/2] quit
[PE1] vlan batch 10 30
[PE1] interface vlanif 10
[PE1-Vlanif10] ip address 10.1.1.1 24
[PE1-Vlanif10] quit
[PE1] interface vlanif 30
[PE1-Vlanif30] ip address 10.3.1.1 24
[PE1-Vlanif30] quit

The configurations of P1, P2, and PE2 are similar to the configuration of PE1, and are not
mentioned here.
Step 2 Configure OSPF to advertise the network segments connecting to interfaces on each node and
to advertise the routes of hosts with LSR IDs.
# Configure PE1.
[PE1] ospf 1
[PE1-ospf-1] area 0
[PE1-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0
[PE1-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] network 10.3.1.0 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] quit
[PE1-ospf-1] quit

The configurations of P1, P2, and PE2 are similar to the configuration of PE1, and are not
mentioned here.
Step 3 Set the cost of VLANIF 30 on PE1 to 1000.
[PE1] interface vlanif 30
[PE1-Vlanif30] ospf cost 1000
[PE1-Vlanif30] quit

After the configuration is complete, run the display ip routing-table command on each node.
You can see that the nodes learn routes from each other. The outbound interface of the route
from PE1 to PE2 is VLANIF 10.
Step 4 Configure local LDP sessions.
# Configure PE1.
[PE1] mpls lsr-id 1.1.1.1
[PE1] mpls

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 160


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

[PE1-mpls] quit
[PE1] mpls ldp
[PE1-mpls-ldp] quit
[PE1] interface vlanif 10
[PE1-Vlanif10] mpls
[PE1-Vlanif10] mpls ldp
[PE1-Vlanif10] quit
[PE1] interface vlanif 30
[PE1-Vlanif30] mpls
[PE1-Vlanif30] mpls ldp
[PE1-Vlanif30] quit

The configurations of P1, P2, and PE2 are similar to the configuration of PE1, and are not
mentioned here.

# Run the display mpls ldp lsp command. The command output shows that an LDP LSP
destined for 4.4.4.4/32 is set up on PE1.
[PE1] display mpls ldp lsp

LDP LSP Information


-------------------------------------------------------------------------------
DestAddress/Mask In/OutLabel UpstreamPeer NextHop OutInterface
-------------------------------------------------------------------------------
1.1.1.1/32 3/NULL 2.2.2.2 127.0.0.1 InLoop0
1.1.1.1/32 3/NULL 3.3.3.3 127.0.0.1 InLoop0
*1.1.1.1/32 Liberal/1024 DS/2.2.2.2
*1.1.1.1/32 Liberal/1024 DS/3.3.3.3
2.2.2.2/32 NULL/3 - 10.1.1.2 Vlanif10
2.2.2.2/32 1024/3 2.2.2.2 10.1.1.2 Vlanif10
2.2.2.2/32 1024/3 3.3.3.3 10.1.1.2 Vlanif10
*2.2.2.2/32 Liberal/1025 DS/3.3.3.3
3.3.3.3/32 NULL/1026 - 10.1.1.2 Vlanif10
3.3.3.3/32 1026/1026 2.2.2.2 10.1.1.2 Vlanif10
3.3.3.3/32 1026/1026 3.3.3.3 10.1.1.2 Vlanif10
*3.3.3.3/32 Liberal/3 DS/3.3.3.3
*3.3.3.9/32 Liberal/3 DS/3.3.3.3
4.4.4.4/32 NULL/1025 - 10.1.1.2 Vlanif10
4.4.4.4/32 1025/1025 2.2.2.2 10.1.1.2 Vlanif10
4.4.4.4/32 1025/1025 3.3.3.3 10.1.1.2 Vlanif10
*4.4.4.4/32 Liberal/1026 DS/3.3.3.3
-------------------------------------------------------------------------------
TOTAL: 11 Normal LSP(s) Found.
TOTAL: 6 Liberal LSP(s) Found.
TOTAL: 0 Frr LSP(s) Found.
A '*' before an LSP means the LSP is not established
A '*' before a Label means the USCB or DSCB is stale
A '*' before a UpstreamPeer means the session is stale
A '*' before a DS means the session is stale
A '*' before a NextHop means the LSP is FRR LSP

Step 5 Configure dynamic BFD to detect the connectivity of the LDP LSP between PE1 and PE2.

# Configure an FEC list on PE1 to ensure that BFD detects only the connectivity of the LDP
LSP between PE1 and PE2.
[PE1] fec-list tortc
[PE1-fec-list-tortc] fec-node 4.4.4.4
[PE1-fec-list-tortc] quit

# Enable BFD on PE1, specify the FEC list that triggers BFD session establishment
dynamically, and adjust BFD parameters.
[PE1] bfd
[PE1-bfd] quit
[PE1] mpls
[PE1-mpls] mpls bfd-trigger fec-list tortc
[PE1-mpls] mpls bfd enable

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 161


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

[PE1-mpls] mpls bfd min-tx-interval 100 min-rx-interval 100


[PE1-mpls] quit

# Enable BFD for LSPs passively on PE2.


[PE2] bfd
[PE2-bfd] mpls-passive
[PE2-bfd] quit

Step 6 Verify the configuration.


# Run the display bfd session all command to view the BFD session status that is created
dynamically. The command output shows that the State field is displayed as Up.
[PE1] display bfd session all
--------------------------------------------------------------------------------
Local Remote PeerIpAddr State Type InterfaceName
--------------------------------------------------------------------------------
8192 8192 4.4.4.4 Up D_LDP_LSP Vlanif10
--------------------------------------------------------------------------------
Total UP/DOWN Session Number : 1/0

# Check the status of the BFD session created dynamically on PE2. The command output
shows that the State field is displayed as Up.
[PE2] display bfd session passive-dynamic
--------------------------------------------------------------------------------
Local Remote PeerIpAddr State Type InterfaceName
--------------------------------------------------------------------------------
8192 8192 1.1.1.1 Up E_Dynamic -
--------------------------------------------------------------------------------
Total UP/DOWN Session Number : 1/0

----End

Configuration Files
l Configuration file of PE1
#
sysname PE1
#
vlan batch 10 30
#
bfd
#
mpls lsr-id 1.1.1.1
mpls
mpls bfd enable
mpls bfd-trigger fec-list tortc
mpls bfd min-tx-interval 100 min-rx-interval 100
#
fec-list tortc
fec-node 4.4.4.4
#
mpls ldp
#
interface Vlanif10
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface Vlanif30
ip address 10.3.1.1 255.255.255.0
ospf cost 1000
mpls
mpls ldp
#
interface GigabitEthernet0/0/1

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 162


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

port link-type trunk


port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 30
#
interface LoopBack1
ip address 1.1.1.1 255.255.255.255
#
ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.3.1.0 0.0.0.255
#
return
l Configuration file of P1
#
sysname P1
#
vlan batch 10 20
#
mpls lsr-id 2.2.2.2
mpls
#
mpls ldp
#
interface Vlanif10
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif20
ip address 10.2.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 20
#
interface LoopBack1
ip address 2.2.2.2 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.1.0 0.0.0.255
#
return
l Configuration file of P2
#
sysname P2
#
vlan batch 30 40
#
mpls lsr-id 3.3.3.3
mpls
#
mpls ldp
#
interface Vlanif30

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 163


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

ip address 10.3.1.2 255.255.255.0


mpls
mpls ldp
#
interface Vlanif40
ip address 10.4.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 30
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 40
#
interface LoopBack1
ip address 3.3.3.3 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 10.3.1.0 0.0.0.255
network 10.4.1.0 0.0.0.255
#
return
l Configuration file of PE2
#
sysname PE2
#
vlan batch 20 40
#
bfd
mpls-passive
#
mpls lsr-id 4.4.4.4
mpls
#
mpls ldp
#
interface Vlanif20
ip address 10.2.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif40
ip address 10.4.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 20
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 40
#
interface LoopBack1
ip address 4.4.4.4 255.255.255.255
#
ospf 1
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 10.2.1.0 0.0.0.255
network 10.4.1.0 0.0.0.255
#
return

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 164


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

3.9.9 Example for Configuring Synchronization Between LDP and


IGP

Networking Requirements
As shown in Figure 3-20, P1, P2, P3, and PE2 exist on the MPLS backbone network and
OSPF runs between devices. Two LSPs are set up between PE1 and PE2 to transmit services:
primary LSP (PE1 -> P1 -> P2 -> PE2) and backup LSP (PE1 -> P1 -> P3 -> PE2). After the
primary link recovers, the IGP route of the primary link becomes active before an LDP
session is established over the primary link. As a result, traffic is dropped during attempts to
use the unreachable LSP. Short-time interruption of delay-sensitive services such as VoIP,
online game, and online video service is unacceptable. It is required that the MPLS traffic loss
be solved in this networking.

Figure 3-20 Networking diagram for configuring synchronization between LDP and IGP

Lookback1
2.2.2.9/32
0 /1 4 G
/
0 2/2 10 E0/
E . 0
G .1. 10
1 F VL 2.1. /2
. I A 1
NI /24 GE
1 10 N
0/0/ /24 VLA P2
F2 1 0 0
0 /0
.
GE .1.1 10 VL 2.1. /1
.1 IF A N /2 2
10 LAN IF2 4
V 0 PE2
Lookback1 Lookback1
1.1.1.9/32 4.4.4.9/32
PE1 P1 1 E0 G /2
0.3 /0 Lookback1 0 /0 /24
VL .1 /2 3.3.3.9/32 GE .1.2 F40
AN .1/2 .4 I
IF 4 1 GE / 2 10 LAN
30 0 0/
VL .3.1. 0/1 E 0 /0 1 /2 4 V
primary link AN 2/2 G .1 . 4 0
IF3 4 .4 IF
10 LAN
backup link 0 P3 V

Configuration Roadmap
To meet the preceding requirements, configure synchronization between LDP and IGP. The
configuration roadmap is as follows:

1. Configure OSPF on Ps and PE2 to implement IP connectivity on the backbone network.


2. Configure local LDP sessions on Ps and PE2 so that LDP LSPs can be set up to transmit
network services.
3. Configure synchronization between LDP and IGP on P1 and P2 to prevent traffic loss.

NOTE

Ensure that STP is disabled in this scenario; otherwise, the primary LSP may be unavailable.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 165


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Procedure
Step 1 Create VLANs and VLANIF interfaces on the switch, configure IP addresses for the VLANIF
interfaces, and add physical interfaces to the VLANs.
# Configure P1.
<HUAWEI> system-view
[HUAWEI] sysname P1
[P1] interface loopback 1
[P1-LoopBack1] ip address 1.1.1.9 32
[P1-LoopBack1] quit
[P1] vlan batch 10 30
[P1] interface vlanif 10
[P1-Vlanif10] ip address 10.1.1.1 24
[P1-Vlanif10] quit
[P1] interface vlanif 30
[P1-Vlanif30] ip address 10.3.1.1 24
[P1-Vlanif30] quit
[P1] interface gigabitethernet 0/0/1
[P1-GigabitEthernet0/0/1] port link-type trunk
[P1-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[P1-GigabitEthernet0/0/1] quit
[P1] interface gigabitethernet 0/0/2
[P1-GigabitEthernet0/0/2] port link-type trunk
[P1-GigabitEthernet0/0/2] port trunk allow-pass vlan 30
[P1-GigabitEthernet0/0/2] quit

The configurations of P2, P3, and PE2 are similar to the configuration of P1, and are not
mentioned here.
Step 2 Configure OSPF to advertise the network segments connecting to interfaces on each node and
to advertise the routes of hosts with LSR IDs.
# Configure P1.
[P1] ospf 1
[P1-ospf-1] area 0
[P1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0
[P1-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[P1-ospf-1-area-0.0.0.0] network 10.3.1.0 0.0.0.255
[P1-ospf-1-area-0.0.0.0] quit
[P1-ospf-1] quit

The configurations of P2, P3, and PE2 are similar to the configuration of P1, and are not
mentioned here.
Step 3 Set the cost of VLANIF 30 on P1 to 1000.
[P1] interface vlanif 30
[P1-Vlanif30] ospf cost 1000
[P1-Vlanif30] quit

After the configuration is complete, run the display ip routing-table command on each node.
The command output shows that the nodes have learned routes from each other. The outbound
interface of P1-to-PE2 route is VLANIF 10.
Step 4 Enable MPLS and MPLS LDP on each node and each interface.
# Configure P1.
[P1] mpls lsr-id 1.1.1.9
[P1] mpls
[P1-mpls] quit
[P1] mpls ldp
[P1-mpls-ldp] quit
[P1] interface vlanif 10

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 166


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

[P1-Vlanif10] mpls
[P1-Vlanif10] mpls ldp
[P1-Vlanif10] quit
[P1] interface vlanif 30
[P1-Vlanif30] mpls
[P1-Vlanif30] mpls ldp
[P1-Vlanif30] quit

# Configure P2.
[P2] mpls lsr-id 2.2.2.9
[P2] mpls
[P2-mpls] quit
[P2] mpls ldp
[P2-mpls-ldp] quit
[P2] interface vlanif 10
[P2-Vlanif10] mpls
[P2-Vlanif10] mpls ldp
[P2-Vlanif10] quit
[P2] interface vlanif 20
[P2-Vlanif20] mpls
[P2-Vlanif20] mpls ldp
[P2-Vlanif20] quit

# Configure P3.
[P3] mpls lsr-id 3.3.3.9
[P3] mpls
[P3-mpls] quit
[P3] mpls ldp
[P3-mpls-ldp] quit
[P3] interface vlanif 30
[P3-Vlanif30] mpls
[P3-Vlanif30] mpls ldp
[P3-Vlanif30] quit
[P3] interface vlanif 40
[P3-Vlanif40] mpls
[P3-Vlanif40] mpls ldp
[P3-Vlanif40] quit

# Configure PE2.
[PE2] mpls lsr-id 4.4.4.9
[PE2] mpls
[PE2-mpls] quit
[PE2] mpls ldp
[PE2-mpls-ldp] quit
[PE2] interface vlanif 20
[PE2-Vlanif20] mpls
[PE2-Vlanif20] mpls ldp
[PE2-Vlanif20] quit
[PE2] interface vlanif 40
[PE2-Vlanif40] mpls
[PE2-Vlanif40] mpls ldp
[PE2-Vlanif40] quit

After the configuration is complete, LDP sessions are established between neighboring nodes.
Run the display mpls ldp session command on each node. The command output shows that
the LDP session status is Operational. Use the display on P1 as an example.
[P1] display mpls ldp session

LDP Session(s) in Public Network


Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)
A '*' before a session means the session is being deleted.
------------------------------------------------------------------------------
PeerID Status LAM SsnRole SsnAge KASent/Rcv
------------------------------------------------------------------------------
2.2.2.9:0 Operational DU Active 000:00:56 227/227

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 167


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

3.3.3.9:0 Operational DU Active 000:00:56 227/227


------------------------------------------------------------------------------
TOTAL: 2 session(s) Found.

Step 5 Enable synchronization between LDP and IGP on the interfaces at both ends of the link
between P1 and P2.

# Configure P1.
[P1] interface vlanif 10
[P1-Vlanif10] ospf ldp-sync
[P1-Vlanif10] quit

# Configure P2.
[P2] interface vlanif 10
[P2-Vlanif10] ospf ldp-sync
[P2-Vlanif10] quit

Step 6 Set the value of Hold-down timer on the interfaces at both ends of the link between P1 and
P2.

# Configure P1.
[P1] interface vlanif 10
[P1-Vlanif10] ospf timer ldp-sync hold-down 8
[P1-Vlanif10] quit

# Configure P2.
[P2] interface vlanif 10
[P2-Vlanif10] ospf timer ldp-sync hold-down 8
[P2-Vlanif10] quit

Step 7 Set the value of Hold-max-cost timer on the interfaces at both ends of the link between P1 and
P2.

# Configure P1.
[P1] interface vlanif 10
[P1-Vlanif10] ospf timer ldp-sync hold-max-cost 9
[P1-Vlanif10] quit

# Configure P2.
[P2] interface vlanif 10
[P2-Vlanif10] ospf timer ldp-sync hold-max-cost 9
[P2-Vlanif10] quit

Step 8 Set the value of Delay timer on the interfaces at both ends of the link between P1 and P2.

# Configure P1.
[P1] interface vlanif 10
[P1-Vlanif10] mpls ldp timer igp-sync-delay 6
[P1-Vlanif10] quit

# Configure P2.
[P2] interface vlanif 10
[P2-Vlanif10] mpls ldp timer igp-sync-delay 6
[P2-Vlanif10] quit

Step 9 Verify the configuration.

Run the display ospf ldp-sync command on P1. The command output shows that the
interface status is Sync-Achieved.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 168


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

[P1] display ospf ldp-sync interface vlanif 10


Interface Vlanif10
HoldDown Timer: 8 HoldMaxCost Timer: 9
LDP State: Up OSPF Sync State: Sync-Achieved

----End

Configuration Files
l Configuration file of P1
#
sysname P1
#
vlan batch 10 30
#
mpls lsr-id 1.1.1.9
mpls
#
mpls ldp
#
interface Vlanif10
ip address 10.1.1.1 255.255.255.0
ospf ldp-sync
ospf timer ldp-sync hold-down 8
ospf timer ldp-sync hold-max-cost 9
mpls
mpls ldp
mpls ldp timer igp-sync-delay 6
#
interface Vlanif30
ip address 10.3.1.1 255.255.255.0
ospf cost 1000
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 30
#
interface LoopBack1
ip address 1.1.1.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 1.1.1.9 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.3.1.0 0.0.0.255
#
return

l Configuration file of P2
#
sysname P2
#
vlan batch 10 20
#
mpls lsr-id 2.2.2.9
mpls
#
mpls ldp
#
interface Vlanif10
ip address 10.1.1.2 255.255.255.0
ospf ldp-sync

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 169


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

ospf timer ldp-sync hold-down 8


ospf timer ldp-sync hold-max-cost 9
mpls
mpls ldp
mpls ldp timer igp-sync-delay 6
#
interface vlanif20
ip address 10.2.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 20
#
interface LoopBack1
ip address 2.2.2.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.9 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.1.0 0.0.0.255
#
return

l Configuration file of P3
#
sysname P3
#
vlan batch 30 40
#
mpls lsr-id 3.3.3.9
mpls
#
mpls ldp
#
interface Vlanif30
ip address 10.3.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif40
ip address 10.4.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 30
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 40
#
interface LoopBack1
ip address 3.3.3.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.9 0.0.0.0
network 10.3.1.0 0.0.0.255
network 10.4.1.0 0.0.0.255
#
return

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 170


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

l Configuration file of PE2


#
sysname PE2
#
vlan batch 20 40
#
mpls lsr-id 4.4.4.9
mpls
#
mpls ldp
#
interface Vlanif20
ip address 10.2.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif40
ip address 10.4.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 20
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 40
#
interface LoopBack1
ip address 4.4.4.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 4.4.4.9 0.0.0.0
network 10.2.1.0 0.0.0.255
network 10.4.1.0 0.0.0.255
#
return

3.9.10 Example for Configuring LDP GR


Networking Requirements
As shown in Figure 3-21, LSRA, LSRB, and LSRC are devices on the MPLS backbone
network. Each of the three devices is a member in a stack, and it is required that services are
not interrupted when an active/standby switchover occurs on LSRA, LSRB, and LSRC.

Figure 3-21 Networking diagram for configuring LDP GR


Loopback0 Loopback0 Loopback0
1.1.1.1/32 2.2.2.2/32 3.3.3.3/32
GE0/0/1 GE0/0/1 GE0/0/2 GE0/0/1
10.1.1.1/24 10.1.1.2/24 10.2.1.1/24 10.2.1.2/24
VLANIF10 VLANIF10 VLANIF20 VLANIF20
LSRA LSRB LSRC

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 171


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Configuration Roadmap
To meet the preceding requirements, configure LDP GR. The configuration roadmap is as
follows:
1. Configure OSPF on LSRs to implement IP connectivity on the backbone network.
2. Configure local LDP sessions on LSRs so that LDP LSPs can be set up to transmit
network services.
3. Configure LDP GR on LSRs to prevent short-time traffic interruption.

Procedure
Step 1 Create VLANs and VLANIF interfaces on the switch, configure IP addresses for the VLANIF
interfaces, and add physical interfaces to the VLANs.
# Configure LSRA.
<HUAWEI> system-view
[HUAWEI] sysname LSRA
[LSRA] interface loopback 0
[LSRA-LoopBack0] ip address 1.1.1.1 32
[LSRA-LoopBack0] quit
[LSRA] vlan batch 10
[LSRA] interface vlanif 10
[LSRA-Vlanif10] ip address 10.1.1.1 24
[LSRA-Vlanif10] quit
[LSRA] interface gigabitethernet 0/0/1
[LSRA-GigabitEthernet0/0/1] port link-type trunk
[LSRA-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[LSRA-GigabitEthernet0/0/1] quit

The configurations of LSRB and LSRC are similar to the configuration of LSRA, and are not
mentioned here.
Step 2 Configure OSPF to advertise the network segments connecting to interfaces on each node and
to advertise the routes of hosts with LSR IDs.
# Configure LSRA.
[LSRA] ospf 1
[LSRA-ospf-1] area 0
[LSRA-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0
[LSRA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[LSRA-ospf-1-area-0.0.0.0] quit
[LSRA-ospf-1] quit

# Configure LSRB.
[LSRB] ospf 1
[LSRB-ospf-1] area 0
[LSRB-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0
[LSRB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[LSRB-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255
[LSRB-ospf-1-area-0.0.0.0] quit
[LSRB-ospf-1] quit

# Configure LSRC.
[LSRC] ospf 1
[LSRC-ospf-1] area 0
[LSRC-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0
[LSRC-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255
[LSRC-ospf-1-area-0.0.0.0] quit
[LSRC-ospf-1] quit

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 172


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

After the configuration is complete, run the display ip routing-table command on each node,
and you can view that the nodes learn routes from each other.
Step 3 Configure OSPF GR.
# Configure LSRA.
[LSRA] ospf 1
[LSRA-ospf-1] opaque-capability enable
[LSRA-ospf-1] graceful-restart
[LSRA-ospf-1] quit

# Configure LSRB.
[LSRB] ospf 1
[LSRB-ospf-1] opaque-capability enable
[LSRB-ospf-1] graceful-restart
[LSRB-ospf-1] quit

# Configure LSRC.
[LSRC] ospf 1
[LSRC-ospf-1] opaque-capability enable
[LSRC-ospf-1] graceful-restart
[LSRC-ospf-1] quit

Step 4 Configure local LDP sessions.


# Configure LSRA.
[LSRA] mpls lsr-id 1.1.1.1
[LSRA] mpls
[LSRA-mpls] quit
[LSRA] mpls ldp
[LSRA-mpls-ldp] quit
[LSRA] interface vlanif 10
[LSRA-Vlanif10] mpls
[LSRA-Vlanif10] mpls ldp
[LSRA-Vlanif10] quit

The configurations of LSRB and LSRC are similar to the configuration of LSRA, and are not
mentioned here.
After the configuration is complete, local LDP sessions are established between LSRA and
LSRB, and between LSRB and LSRC.
Run the display mpls ldp session command on each node to view the establishment of the
LDP session. LSRA is used as an example.
[LSRA] display mpls ldp session

LDP Session(s) in Public Network


Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)
A '*' before a session means the session is being deleted.
--------------------------------------------------------------------------
PeerID Status LAM SsnRole SsnAge KASent/Rcv
--------------------------------------------------------------------------
2.2.2.2:0 Operational DU Passive 0000:00:02 9/9
--------------------------------------------------------------------------
TOTAL: 1 session(s) Found.

Step 5 Configure LDP GR.


# Configure LSRA.
[LSRA] mpls ldp
[LSRA-mpls-ldp] graceful-restart
Warning: All the related sessions will be deleted if the operation is performed

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 173


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

!Continue? (y/n)y
[LSRA-mpls-ldp] quit

# Configure LSRB.
[LSRB] mpls ldp
[LSRB-mpls-ldp] graceful-restart
Warning: All the related sessions will be deleted if the operation is performed
!Continue? (y/n)y
[LSRB-mpls-ldp] quit

# Configure LSRC.
[LSRC] mpls ldp
[LSRC-mpls-ldp] graceful-restart
Warning: All the related sessions will be deleted if the operation is performed
!Continue? (y/n)y
[LSRC-mpls-ldp] quit

Step 6 Verify the configuration.


# Run the display mpls ldp session verbose command on the LSRs. The command output
shows that the Session FT Flag field is displayed as On. LSRA is used as an example.
[LSRA] display mpls ldp session verbose

LDP Session(s) in Public Network


------------------------------------------------------------------------------
Peer LDP ID : 2.2.2.2:0 Local LDP ID : 1.1.1.1:0
TCP Connection : 1.1.1.1 <- 2.2.2.2
Session State : Operational Session Role : Passive
Session FT Flag : On MD5 Flag : Off
Reconnect Timer : 300 Sec Recovery Timer : 300 Sec
Keychain Name : ---

Negotiated Keepalive Hold Timer : 45 Sec


Configured Keepalive Send Timer : ---
Keepalive Message Sent/Rcvd : 1/1 (Message Count)
Label Advertisement Mode : Downstream Unsolicited
Label Resource Status(Peer/Local) : Available/Available
Session Age : 0000:00:00 (DDDD:HH:MM)
Session Deletion Status : No

Capability:
Capability-Announcement : Off
mLDP P2MP Capability : Off
mLDP MBB Capability : Off

Outbound&Inbound Policies applied : NULL

Addresses received from peer: (Count: 3)


10.1.1.2 10.2.1.1 2.2.2.2
------------------------------------------------------------------------------

# Or run the display mpls ldp peer verbose command on the LSRs. The command output
shows that the Peer FT Flag field is displayed as On. LSRA is used as an example.
[LSRA] display mpls ldp peer verbose

LDP Peer Information in Public network


------------------------------------------------------------------------------
Peer LDP ID : 2.2.2.2:0
Peer Max PDU Length : 4096 Peer Transport Address : 2.2.2.2
Peer Loop Detection : Off Peer Path Vector Limit : ----
Peer FT Flag : On Peer Keepalive Timer : 45 Sec
Recovery Timer : 300 Sec Reconnect Timer : 300 Sec
Peer Type : Local

Peer Label Advertisement Mode : Downstream Unsolicited

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 174


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Peer Discovery Source : Vlanif10


Peer Deletion Status : No
Capability-Announcement : Off
Peer mLDP P2MP Capability : Off
Peer mLDP MBB Capability : Off
------------------------------------------------------------------------------

----End

Configuration Files
l Configuration file of LSRA
#
sysname LSRA
#
vlan batch 10
#
mpls lsr-id 1.1.1.1
mpls
#
mpls ldp
graceful-restart
#
interface Vlanif10
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
ospf 1
opaque-capability enable
graceful-restart
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.1.1.0 0.0.0.255
#
return

l Configuration file of LSRB


#
sysname LSRB
#
vlan batch 10 20
#
mpls lsr-id 2.2.2.2
mpls
#
mpls ldp
graceful-restart
#
interface Vlanif10
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif20
ip address 10.2.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 175


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

port trunk allow-pass vlan 10


#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 20
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
ospf 1
opaque-capability enable
graceful-restart
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.1.0 0.0.0.255
#
return

l Configuration file of LSRC


#
sysname LSRC
#
vlan batch 20
#
mpls lsr-id 3.3.3.3
mpls
#
mpls ldp
graceful-restart
#
interface Vlanif20
ip address 10.2.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 20
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
ospf 1
opaque-capability enable
graceful-restart
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 10.2.1.0 0.0.0.255
#
return

3.9.11 Example for Configuring an LDP Inbound Policy


Networking Requirements
On a network shown in Figure 3-22, MPLS LDP is deployed. LSRD functions as the access
device and has low performance. If the number of received labels on LSRD is not controlled,
many LSPs are established, which occupy memory resources and cause LSRD overload.
Therefore, LSRD establishes LDP LSPs with only LSRC. The number of LSPs needs to be
reduced to save LSRD memory resources.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 176


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Figure 3-22 Networking diagram for configuring the LDP inbound policy

Loopback1 Loopback1 Loopback1


1.1.1.9/32 GE0/0/1 GE0/0/1 2.2.2.9/32 GE0/0/3 GE0/0/1 3.3.3.9/32
10.1.1.1/24 10.1.1.2/24 10.1.2.1/24 10.1.2.2/24
VLANIF10 VLANIF10 VLANIF20 VLANIF20
LSRB
LSRA GE0/0/2 LSRC
10.1.3.2/24
Loopback1 VLANIF30
4.4.4.9/32

GE0/0/1
10.1.3.1/24
MPLS Network
VLANIF30
LSRD

Configuration Roadmap
To meet the preceding requirements, configure an LDP inbound policy. The configuration
roadmap is as follows:
1. Configure OSPF on LSRs to implement IP connectivity on the backbone network.
2. Configure local LDP sessions on the LSR so that LDP LSPs can be set up.
3. Configure an LDP inbound policy so that the LSRD receives only Label Mapping
messages from LSRB to LSRC. This setting saves the memory of the LSRD and saves
resources.

Procedure
Step 1 Create VLANs and VLANIF interfaces on the switch, and configure IP addresses for the
VLANIF interfaces.
# Configure LSRA.
<HUAWEI> system-view
[HUAWEI] sysname LSRA
[LSRA] interface loopback 1
[LSRA-LoopBack1] ip address 1.1.1.9 32
[LSRA-LoopBack1] quit
[LSRA] interface gigabitethernet 0/0/1
[LSRA-GigabitEthernet0/0/1] port link-type trunk
[LSRA-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[LSRA-GigabitEthernet0/0/1] quit
[LSRA] vlan 10
[LSRA-vlan10] quit
[LSRA] interface vlanif 10
[LSRA-Vlanif10] ip address 10.1.1.1 24
[LSRA-Vlanif10] quit

The configurations of LSRB, LSRC, and LSRD are similar to the configuration of LSRA, and
are not mentioned here.
Step 2 Configure OSPF to advertise the network segments connecting to interfaces on each node and
to advertise the routes of hosts with LSR IDs.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 177


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

# Configure LSRA.
[LSRA] ospf 1
[LSRA-ospf-1] area 0
[LSRA-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0
[LSRA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[LSRA-ospf-1-area-0.0.0.0] quit
[LSRA-ospf-1] quit

The configurations of LSRB, LSRC, and LSRD are similar to the configuration of LSRA, and
are not mentioned here.
Step 3 Configure local LDP sessions.
# Configure LSRA.
[LSRA] mpls lsr-id 1.1.1.9
[LSRA] mpls
[LSRA-mpls] quit
[LSRA] mpls ldp
[LSRA-mpls-ldp] quit
[LSRA] interface vlanif 10
[LSRA-Vlanif10] mpls
[LSRA-Vlanif10] mpls ldp
[LSRA-Vlanif10] quit

# Configure LSRB.
[LSRB] mpls lsr-id 2.2.2.9
[LSRB] mpls
[LSRB-mpls] quit
[LSRB] mpls ldp
[LSRB-mpls-ldp] quit
[LSRB] interface vlanif 10
[LSRB-Vlanif10] mpls
[LSRB-Vlanif10] mpls ldp
[LSRB-Vlanif10] quit
[LSRB] interface vlanif 20
[LSRB-Vlanif20] mpls
[LSRB-Vlanif20] mpls ldp
[LSRB-Vlanif20] quit
[LSRB] interface vlanif 30
[LSRB-Vlanif30] mpls
[LSRB-Vlanif30] mpls ldp
[LSRB-Vlanif30] quit

# Configure LSRC.
[LSRC] mpls lsr-id 3.3.3.9
[LSRC] mpls
[LSRC-mpls] quit
[LSRC] mpls ldp
[LSRC-mpls-ldp] quit
[LSRC] interface vlanif 20
[LSRC-Vlanif20] mpls
[LSRC-Vlanif20] mpls ldp
[LSRC-Vlanif20] quit

# Configure LSRD.
[LSRD] mpls lsr-id 4.4.4.9
[LSRD] mpls
[LSRD-mpls] quit
[LSRD] mpls ldp
[LSRD-mpls-ldp] quit
[LSRD] interface vlanif 30
[LSRD-Vlanif30] mpls
[LSRD-Vlanif30] mpls ldp
[LSRD-Vlanif30] quit

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 178


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

# After the configuration is complete, run the display mpls lsp command on LSRD to view
the established LSP.
[LSRD] display mpls lsp
-------------------------------------------------------------------------------
LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
1.1.1.9/32 NULL/1024 -/Vlanif30
1.1.1.9/32 1024/1024 -/Vlanif30
2.2.2.9/32 NULL/3 -/Vlanif30
2.2.2.9/32 1025/3 -/Vlanif30
3.3.3.9/32 NULL/1025 -/Vlanif30
3.3.3.9/32 1026/1025 -/Vlanif30
4.4.4.9/32 3/NULL -/-

The command output shows that the LSPs from LSRD to LSRA, LSRB, and LSRC are
established.
Step 4 Configure an LDP inbound policy.
# Configure an IP prefix list on LSRD to allow only routes to LSRC to pass.
[LSRD] ip ip-prefix prefix1 permit 3.3.3.9 32

# Configure the LDP inbound policy on LSRD so that LSRC accepts only Label Mapping
messages from LSRD.
[LSRD] mpls ldp
[LSRD-mpls-ldp] inbound peer 2.2.2.9 fec ip-prefix prefix1
[LSRD-mpls-ldp] quit

Step 5 Verify the configuration.


# Run the display mpls lsp command on LSRD to view the established LSP to LSRC.
[LSRD] display mpls lsp
-------------------------------------------------------------------------------
LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
3.3.3.9/32 NULL/1025 -/Vlanif30
3.3.3.9/32 1026/1025 -/Vlanif30
4.4.4.9/32 3/NULL -/-

----End

Configuration Files
l Configuration file of LSRA

#
sysname LSRA
#
vlan batch 10
#
mpls lsr-id 1.1.1.9
mpls
#
mpls ldp
#
interface Vlanif10
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 179


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

port link-type trunk


port trunk allow-pass vlan 10
#
interface LoopBack1
ip address 1.1.1.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 1.1.1.9 0.0.0.0
network 10.1.1.0 0.0.0.255
#
return
l Configuration file of LSRB

#
sysname LSRB
#
vlan batch 10 20 30
#
mpls lsr-id 2.2.2.9
mpls
#
mpls ldp
#
interface Vlanif10
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif20
ip address 10.1.2.1 255.255.255.0
mpls
mpls ldp
#
interface Vlanif30
ip address 10.1.3.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 20
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 30
#
interface LoopBack1
ip address 2.2.2.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.9 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.1.2.0 0.0.0.255
network 10.1.3.0 0.0.0.255
#
return
l Configuration file of LSRC

#
sysname LSRC
#
vlan batch 20

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 180


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

#
mpls lsr-id 3.3.3.9
mpls
#
mpls ldp
#
interface Vlanif20
ip address 10.1.2.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 20
#
interface LoopBack1
ip address 3.3.3.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.9 0.0.0.0
network 10.1.2.0 0.0.0.255
#
return
l Configuration file of LSRD

#
sysname LSRD
#
vlan batch 30
#
mpls lsr-id 4.4.4.9
mpls
#
mpls ldp
inbound peer 2.2.2.9 fec ip-prefix prefix1
#
interface Vlanif30
ip address 10.1.3.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 30
#
interface LoopBack1
ip address 4.4.4.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 4.4.4.9 0.0.0.0
network 10.1.3.0 0.0.0.255
#
ip ip-prefix prefix1 index 10 permit 3.3.3.9 32
#
return

3.9.12 Example for Configuring LDP Authentication


Networking Requirements
On the network shown in Figure 3-23, LDP sessions between PE_1 and the P and between
PE_2 and the P are established. LDP LSPs are to be established over the LDP sessions. As the
user network connected to PE_1 and PE_2 transmits important services, the LDP sessions
between PE_1 and the P and between PE_2 and the P have high security requirements.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 181


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Figure 3-23 Networking diagram for LDP authentication

Loopback1
1.1.1.9/32
CE_1 GE0/0/1
VLANIF100
172.1.1.1/24 Loopback1
PE_1 2.2.2.9/32
GE0/0/1
VLANIF100 P
172.1.1.2/24
GE0/0/2
Loopback1 VLANIF200
3.3.3.9/32 172.2.1.1/24
GE0/0/1 IP/MPLS
VLANIF200 backbone
172.2.1.2/24 network
PE_2
CE_2

Configuration Roadmap
To meet the security requirements of LDP sessions, configure LDP Keychain authentication
between PE_1 and the P and between PE_2 and the P. The configuration roadmap is as
follows:

1. Configure OSPF between the PEs and P to implement IP connectivity on the backbone
network.
2. Configure local LDP sessions on PEs and P so that LDP LSPs can be set up to transmit
network services.
3. Configure LDP Keychain authentication between PE_1 and the P and between PE_2 and
the P to meet high security requirements.

Procedure
Step 1 Create VLANs and VLANIF interfaces on the switch, configure IP addresses for the VLANIF
interfaces, and add physical interfaces to the VLANs.

# Configure PE_1.
<HUAWEI> system-view
[HUAWEI] sysname PE_1
[PE_1] interface loopback 1
[PE_1-loopback1] ip address 1.1.1.9 32
[PE_1-loopback1] quit
[PE_1] vlan batch 100
[PE_1] interface vlanif 100
[PE_1-Vlanif100] ip address 172.1.1.1 24
[PE_1-Vlanif100] quit
[PE_1] interface gigabitethernet 0/0/1
[PE_1-GigabitEthernet0/0/1] port link-type trunk

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 182


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

[PE_1-GigabitEthernet0/0/1] port trunk allow-pass vlan 100


[PE_1-GigabitEthernet0/0/1] quit

The configurations of P, and PE_2 are similar to the configuration of PE_1, and are not
mentioned here.
Step 2 Configure OSPF to advertise the network segments connecting to interfaces on each node and
to advertise the routes of hosts with LSR IDs.
# Configure PE_1.
[PE_1] ospf 1
[PE_1-ospf-1] area 0
[PE_1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0
[PE_1-ospf-1-area-0.0.0.0] network 172.1.1.0 0.0.0.255
[PE_1-ospf-1-area-0.0.0.0] quit
[PE_1-ospf-1] quit

The configurations of P, and PE_2 are similar to the configuration of PE_1, and are not
mentioned here.
After the configuration is complete, run the display ip routing-table command on each node,
and you can view that the nodes learn routes from each other.
Step 3 Configure local LDP sessions.
# Configure PE_1.
[PE_1] mpls lsr-id 1.1.1.9
[PE_1] mpls
[PE_1-mpls] quit
[PE_1] mpls ldp
[PE_1-mpls-ldp] quit
[PE_1] interface vlanif 100
[PE_1-Vlanif100] mpls
[PE_1-Vlanif100] mpls ldp
[PE_1-Vlanif100] quit

The configurations of P, and PE_2 are similar to the configuration of PE_1, and are not
mentioned here.
Step 4 Configure Keychain.
# Configure PE_1.
[PE_1] keychain kforldp1 mode periodic weekly
[PE_1-keychain-kforldp1] tcp-kind 180
[PE_1-keychain-kforldp1] tcp-algorithm-id sha-256 8
[PE_1-keychain-kforldp1] receive-tolerance 15
[PE_1-keychain-kforldp1] key-id 1
[PE_1-keychain-kforldp1-keyid-1] algorithm sha-256
[PE_1-keychain-kforldp1-keyid-1] key-string cipher huaweiwork
[PE_1-keychain-kforldp1-keyid-1] send-time day mon to thu
[PE_1-keychain-kforldp1-keyid-1] receive-time day mon to thu
[PE_1-keychain-kforldp1-keyid-1] quit
[PE_1-keychain-kforldp1] key-id 2
[PE_1-keychain-kforldp1-keyid-2] algorithm sha-256
[PE_1-keychain-kforldp1-keyid-2] key-string cipher testpass
[PE_1-keychain-kforldp1-keyid-2] send-time day fri to sun
[PE_1-keychain-kforldp1-keyid-2] receive-time day fri to sun
[PE_1-keychain-kforldp1-keyid-2] quit
[PE_1-keychain-kforldp1] quit

# Configure the P.
[P] keychain kforldp1 mode periodic weekly
[P-keychain-kforldp1] tcp-kind 180

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 183


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

[P-keychain-kforldp1] tcp-algorithm-id sha-256 8


[P-keychain-kforldp1] receive-tolerance 15
[P-keychain-kforldp1] key-id 1
[P-keychain-kforldp1-keyid-1] algorithm sha-256
[P-keychain-kforldp1-keyid-1] key-string cipher huaweiwork
[P-keychain-kforldp1-keyid-1] send-time day mon to thu
[P-keychain-kforldp1-keyid-1] receive-time day mon to thu
[P-keychain-kforldp1-keyid-1] quit
[P-keychain-kforldp1] key-id 2
[P-keychain-kforldp1-keyid-2] algorithm sha-256
[P-keychain-kforldp1-keyid-2] key-string cipher testpass
[P-keychain-kforldp1-keyid-2] send-time day fri to sun
[P-keychain-kforldp1-keyid-2] receive-time day fri to sun
[P-keychain-kforldp1-keyid-2] quit
[P-keychain-kforldp1] quit

Step 5 Configure LDP Keychain authentication.

# Configure PE_1.
[PE_1] mpls ldp
[PE_1-mpls-ldp] authentication key-chain peer 2.2.2.9 name kforldp1
[PE_1-mpls-ldp] quit

# Configure the P.
[P] mpls ldp
[P-mpls-ldp] authentication key-chain peer 1.1.1.9 name kforldp1
[P-mpls-ldp] quit

Step 6 Configure Keychain.

# Configure PE_2.
[PE_2] keychain kforldp2 mode periodic weekly
[PE_2-keychain-kforldp2] tcp-kind 180
[PE_2-keychain-kforldp2] tcp-algorithm-id sha-256 8
[PE_2-keychain-kforldp2] receive-tolerance 15
[PE_2-keychain-kforldp2] key-id 1
[PE_2-keychain-kforldp2-keyid-1] algorithm sha-256
[PE_2-keychain-kforldp2-keyid-1] key-string cipher huaweiwork
[PE_2-keychain-kforldp2-keyid-1] send-time day mon to thu
[PE_2-keychain-kforldp2-keyid-1] receive-time day mon to thu
[PE_2-keychain-kforldp2-keyid-1] quit
[PE_2-keychain-kforldp2] key-id 2
[PE_2-keychain-kforldp2-keyid-2] algorithm sha-256
[PE_2-keychain-kforldp2-keyid-2] key-string cipher testpass
[PE_2-keychain-kforldp2-keyid-2] send-time day fri to sun
[PE_2-keychain-kforldp2-keyid-2] receive-time day fri to sun
[PE_2-keychain-kforldp2-keyid-2] quit
[PE_2-keychain-kforldp2] quit

# Configure the P.
[P] keychain kforldp2 mode periodic weekly
[P-keychain-kforldp2] tcp-kind 180
[P-keychain-kforldp2] tcp-algorithm-id sha-256 8
[P-keychain-kforldp2] receive-tolerance 15
[P-keychain-kforldp2] key-id 1
[P-keychain-kforldp2-keyid-1] algorithm sha-256
[P-keychain-kforldp2-keyid-1] key-string cipher huaweiwork
[P-keychain-kforldp2-keyid-1] send-time day mon to thu
[P-keychain-kforldp2-keyid-1] receive-time day mon to thu
[P-keychain-kforldp2-keyid-1] quit
[P-keychain-kforldp2] key-id 2
[P-keychain-kforldp2-keyid-2] algorithm sha-256
[P-keychain-kforldp2-keyid-2] key-string cipher testpass
[P-keychain-kforldp2-keyid-2] send-time day fri to sun
[P-keychain-kforldp2-keyid-2] receive-time day fri to sun

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 184


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

[P-keychain-kforldp2-keyid-2] quit
[P-keychain-kforldp2] quit

Step 7 Configure LDP Keychain authentication.


# Configure PE_2.
[PE_2] mpls ldp
[PE_2-mpls-ldp] authentication key-chain peer 2.2.2.9 name kforldp2
[PE_2-mpls-ldp] quit

# Configure the P.
[P] mpls ldp
[P-mpls-ldp] authentication key-chain peer 3.3.3.9 name kforldp2
[P-mpls-ldp] quit

Step 8 Verify the configuration.


# Run the display mpls ldp session verbose command on the P. You can see that LDP
Keychain authentication and referenced Keychain names are configured in the LDP sessions
between PE_1 and the P and between PE_2 and the P.
[P] display mpls ldp session verbose

LDP Session(s) in Public Network


------------------------------------------------------------------------------
Peer LDP ID : 1.1.1.9:0 Local LDP ID : 2.2.2.9:0
TCP Connection : 2.2.2.9 -> 1.1.1.9
Session State : Operational Session Role : Active
Session FT Flag : Off MD5 Flag : Off
Reconnect Timer : --- Recovery Timer : ---
Keychain Name : kforldp1

Negotiated Keepalive Hold Timer : 45 Sec


Configured Keepalive Send Timer : ---
Keepalive Message Sent/Rcvd : 19/19 (Message Count)
Label Advertisement Mode : Downstream Unsolicited
Label Resource Status(Peer/Local) : Available/Available
Session Age : 0000:00:04 (DDDD:HH:MM)
Session Deletion Status : No

Capability:
Capability-Announcement : Off
mLDP P2MP Capability : Off
mLDP MBB Capability : Off

Outbound&Inbound Policies applied : NULL

Addresses received from peer: (Count: 2)


1.1.1.9 172.1.1.1
------------------------------------------------------------------------------
Peer LDP ID : 3.3.3.9:0 Local LDP ID : 2.2.2.9:0
TCP Connection : 2.2.2.9 <- 3.3.3.9
Session State : Operational Session Role : Active
Session FT Flag : Off MD5 Flag : Off
Reconnect Timer : --- Recovery Timer : ---
Keychain Name : kforldp2

Negotiated Keepalive Hold Timer : 45 Sec


Configured Keepalive Send Timer : ---
Keepalive Message Sent/Rcvd : 18/18 (Message Count)
Label Advertisement Mode : Downstream Unsolicited
Label Resource Status(Peer/Local) : Available/Available
Session Age : 0000:00:04 (DDDD:HH:MM)
Session Deletion Status : No

Capability:
Capability-Announcement : Off
mLDP P2MP Capability : Off

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 185


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

mLDP MBB Capability : Off

Outbound&Inbound Policies applied : NULL

Addresses received from peer: (Count: 2)


3.3.3.9 172.2.1.2
------------------------------------------------------------------------------

----End

Configuration Files
l Configuration file of PE_1
#
sysname PE_1
#
vlan batch 100
#
mpls lsr-id 1.1.1.9
mpls
#
mpls ldp
authentication key-chain peer 2.2.2.9 name kforldp1
#
keychain kforldp1 mode periodic weekly
receive-tolerance 15
tcp-kind 180
#
key-id 1
algorithm sha-256
key-string cipher @%@%&Fk0W2VMD'IN*GAqQS20R*6}@%@%
send-time day mon to thu
receive-time day mon to thu
#
key-id 2
algorithm sha-256
key-string cipher @%@%p7gySOm*BNl=LS.o.!;.&gW5@%@%
send-time day fri to sun
send-time day fri to sun
#
interface Vlanif100
ip address 172.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 100
#
interface loopback1
ip address 1.1.1.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 1.1.1.9 0.0.0.0
network 172.1.1.0 0.0.0.255
#
return

l Configuration file of P
#
sysname P
#
vlan batch 100 200
#
mpls lsr-id 2.2.2.9
mpls
#

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 186


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

mpls ldp
authentication key-chain peer 1.1.1.9 name kforldp1
authentication key-chain peer 3.3.3.9 name kforldp2
#
keychain kforldp1 mode periodic weekly
receive-tolerance 15
tcp-kind 180
#
key-id 1
algorithm sha-256
key-string cipher @%@%l'7C8D71T$.[UxEvuRSOuSGc@%@%
send-time day mon to thu
receive-time day mon to thu
#
key-id 2
algorithm sha-256
key-string cipher @%@%RBtnHmbv%'obk\Sx/VnAuS7Y@%@%
send-time day fri to sun
receive-time day fri to sun
#
keychain kforldp2 mode periodic weekly
receive-tolerance 15
tcp-kind 180
#
key-id 1
algorithm sha-256
key-string cipher @%@%^;2E~Wr.,*\(x$Jmxg&!,4KJ@%@%
send-time day mon to thu
receive-time day mon to thu
#
key-id 2
algorithm sha-256
key-string cipher @%@%tT.TBtoDmLXzJNPL9@fR,4U.@%@%
send-time day fri to sun
receive-time day fri to sun
#
interface Vlanif100
ip address 172.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif200
ip address 172.2.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 100
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 200
#
interface loopback1
ip address 2.2.2.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.9 0.0.0.0
network 172.1.1.0 0.0.0.255
network 172.2.1.0 0.0.0.255
#
return
l Configuration file of PE_2
#
sysname PE_2
#
vlan batch 200

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 187


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

#
mpls lsr-id 3.3.3.9
mpls
#
mpls ldp
authentication key-chain peer 2.2.2.9 name kforldp2
#
keychain kforldp2 mode periodic weekly
receive-tolerance 15
tcp-kind 180
#
key-id 1
algorithm sha-256
key-string cipher @%@%KY%A-5HYPU3\Ju/3bdS<,1P1@%@%
send-time day mon to thu
receive-time day mon to thu
#
key-id 2
algorithm sha-256
key-string cipher @%@%%/aU'CP~m>6Dqb:u.(k1,1Z|@%@%
send-time day fri to sun
send-time day fri to sun
#
interface Vlanif200
ip address 172.2.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 200
#
interface loopback1
ip address 3.3.3.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.9 0.0.0.0
network 172.2.1.0 0.0.0.255
#
return

3.9.13 Example for Configuring LDP GTSM

Networking Requirements
On an MPLS network shown in Figure 3-24, MPLS and MPLS LDP run between each two
nodes. Attackers may simulate LDP unicast packets and send the packets to LSRB. LSRB
becomes busy processing these packets, causing high CPU usage. The preceding problems
need to be addressed to protect nodes and enhance system security.

Figure 3-24 Networking diagram for configuring LDP GTSM

Loopback0 Loopback0 Loopback0


1.1.1.1/32 2.2.2.2/32 3.3.3.3/32
GE0/0/1 GE0/0/1 GE0/0/2 GE0/0/1
10.1.1.1/24 10.1.1.2/24 10.2.1.1/24 10.2.1.2/24
VLANIF10 VLANIF10 VLANIF20 VLANIF20
LSRA LSRB LSRC

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 188


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Configuration Roadmap
To meet the preceding requirements, configure LDP GTSM. The configuration roadmap is as
follows:

1. Configure OSPF on LSRs to implement IP connectivity on the backbone network.


2. Enable MPLS and MPLS LDP globally and interfaces of LSRs.
3. Configure the LDP GTSM function on LSRs and set the TTL range.

Procedure
Step 1 Create VLANs and VLANIF interfaces on the switch, configure IP addresses for the VLANIF
interfaces, and add physical interfaces to the VLANs.

# Configure LSRA.
<HUAWEI> system-view
[HUAWEI] sysname LSRA
[LSRA] interface loopback 0
[LSRA-LoopBack0] ip address 1.1.1.1 32
[LSRA-LoopBack0] quit
[LSRA] vlan batch 10
[LSRA] interface vlanif 10
[LSRA-Vlanif10] ip address 10.1.1.1 24
[LSRA-Vlanif10] quit
[LSRA] interface gigabitethernet 0/0/1
[LSRA-GigabitEthernet0/0/1] port link-type trunk
[LSRA-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[LSRA-GigabitEthernet0/0/1] quit

The configurations of LSRB and LSRC are similar to the configuration of LSRA, and are not
mentioned here.

Step 2 Configure OSPF to advertise the network segments connecting to interfaces on each node and
to advertise the routes of hosts with LSR IDs.

# Configure LSRA.
[LSRA] ospf 1
[LSRA-ospf-1] area 0
[LSRA-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0
[LSRA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[LSRA-ospf-1-area-0.0.0.0] quit
[LSRA-ospf-1] quit

# Configure LSRB.
[LSRB] ospf 1
[LSRB-ospf-1] area 0
[LSRB-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0
[LSRB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[LSRB-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255
[LSRB-ospf-1-area-0.0.0.0] quit
[LSRB-ospf-1] quit

# Configure LSRC.
[LSRC] ospf 1
[LSRC-ospf-1] area 0
[LSRC-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0
[LSRC-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255
[LSRC-ospf-1-area-0.0.0.0] quit
[LSRC-ospf-1] quit

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 189


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

After the configuration is complete, run the display ip routing-table command on each node,
and you can view that the nodes learn routes from each other.

Step 3 Enable MPLS and MPLS LDP on each node and each interface of nodes.

# Configure LSRA.
[LSRA] mpls lsr-id 1.1.1.1
[LSRA] mpls
[LSRA-mpls] quit
[LSRA] mpls ldp
[LSRA-mpls-ldp] quit
[LSRA] interface vlanif 10
[LSRA-Vlanif10] mpls
[LSRA-Vlanif10] mpls ldp
[LSRA-Vlanif10] quit

The configurations of LSRB and LSRC are similar to the configuration of LSRA, and are not
mentioned here.

After the configuration is complete, run the display mpls ldp session command on each node
to view the established LDP session. LSRA is used as an example.
[LSRA] display mpls ldp session

LDP Session(s) in Public Network


Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)
A '*' before a session means the session is being deleted.
------------------------------------------------------------------------------
PeerID Status LAM SsnRole SsnAge KASent/Rcv
------------------------------------------------------------------------------
2.2.2.2:0 Operational DU Passive 0000:00:02 9/9
------------------------------------------------------------------------------
TOTAL: 1 session(s) Found.

Step 4 Configure LDP GTSM.

# On LSRA, configure the TTL values carried in LDP packets received from LSRB to range
from 253 to 255.
[LSRA] mpls ldp
[LSRA-mpls-ldp] gtsm peer 2.2.2.2 valid-ttl-hops 3
[LSRA-mpls-ldp] quit

# On LSRB, configure the TTL values carried in the LDP packets received from LSRA to
range from 252 to 255, and the TTL values carried in LDP packets received from LSRC to
range from 251 to 255.
[LSRB] mpls ldp
[LSRB-mpls-ldp] gtsm peer 1.1.1.1 valid-ttl-hops 4
[LSRB-mpls-ldp] gtsm peer 3.3.3.3 valid-ttl-hops 5
[LSRB-mpls-ldp] quit

# On LSRC, configure the TTL values carried in LDP packets received from LSRB to range
from 250 to 255.
[LSRC] mpls ldp
[LSRC-mpls-ldp] gtsm peer 2.2.2.2 valid-ttl-hops 6
[LSRC-mpls-ldp] quit

If a host simulates the LDP packets of LSRA to attack LSRB, LSRB directly discards the
packets because the TTL values carried in the LDP packets are beyond the range of 252 to
255. In the GTSM statistics on LSRB, the number of discarded packets increases.

----End

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 190


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Configuration Files
l Configuration file of LSRA
#
sysname LSRA
#
vlan batch 10
#
mpls lsr-id 1.1.1.1
mpls
#
mpls ldp
gtsm peer 2.2.2.2 valid-ttl-hops 3
#
interface Vlanif10
ip address 10.1.1.1 255.255.255.252
mpls
mpls ldp
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.1.1.0 0.0.0.3
#
return

l Configuration file of LSRB


#
sysname LSRB
#
vlan batch 10 20
#
mpls lsr-id 2.2.2.2
mpls
#
mpls ldp
gtsm peer 1.1.1.1 valid-ttl-hops 4
gtsm peer 3.3.3.3 valid-ttl-hops 5
#
interface Vlanif10
ip address 10.1.1.2 255.255.255.252
mpls
mpls ldp
#
interface Vlanif20
ip address 10.2.1.1 255.255.255.252
mpls
mpls ldp
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 20
#
ospf 1
area 0.0.0.0

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 191


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

network 2.2.2.2 0.0.0.0


network 10.1.1.0 0.0.0.3
network 10.2.1.0 0.0.0.3
#
return

l Configuration file of LSRC


#
sysname LSRC
#
vlan batch 20
#
mpls lsr-id 3.3.3.3
mpls
#
mpls ldp
gtsm peer 2.2.2.2 valid-ttl-hops 6
#
interface Vlanif20
ip address 10.2.1.2 255.255.255.252
mpls
mpls ldp
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 20
#
ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 10.2.1.0 0.0.0.3
#
return

3.9.14 Example for Configuring LDP Extension for Inter-Area LSP


Networking Requirements
On a large network, multiple IGP areas need to be configured for flexible network
deployment and fast route convergence. When advertising routes between IGP areas, to
prevent a large number of routes from consuming too many resources, an Area Border Router
(ABR) needs to aggregate the routes in the area and advertises the aggregated route to the
neighboring IGP areas. By default, when establishing LSPs, LDP searches the routing table
for the route that exactly matches the FEC in the received Label Mapping message. If the
route is an aggregated route, LDP establishes only a liberal LSP, not an inter-area LSP.
As shown in Figure 3-25, IS-IS runs between devices. Two IGP areas Area 10 and Area 20
exist. LSRD aggregates routes from LSRB and LSRC and sends the aggregated route to Area
20. Two inter-area LSPs need to be established: one is from LSRA to LSRB and the other is
from LSRA to LSRC.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 192


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Figure 3-25 Networking diagram for configuring LDP extension for inter-area LSP

Loopback0
1.3.0.1/32

/3
E 0/0 /24
Loopback0 Loopback0 G .1.1 0 /1
. 1 I F 3 E0/0 /24 LSRB
1.1.0.1/32 GE0/0/1 1.2.0.1/32 20 N G . 1. 2 30
A
10.1.1.1/24 VL G 0.1 NIF IS-IS
VLANIF10 20 E0/ 2 LA
.1. 0/2 V Area10
VL 2 .
GE0/0/1 AN 1 / 2
LSRA 10.1.1.2/24 LSRD IF 2 4
0 Loopback0
VLANIF10 1.3.0.2/32
IS-IS GE
Area20 20 0/
. 0
V L 1 .2 . /1
AN 2/2
IF 2 4
0 LSRC

Configuration Roadmap
To meet the preceding requirements, configure LDP extension for inter-area LSP. The
configuration roadmap is as follows:
1. Configure IS-IS on LSRs to implement IP connectivity on the backbone network.
2. Enable MPLS and MPLS LDP globally and interfaces of LSRs.
3. Configure LDP extension for inter-area LSP on LSRA to enable LDP to search for a
route according to the longest match rule to establish an LDP LSP.

Procedure
Step 1 Create VLANs and VLANIF interfaces on the switch, configure IP addresses for the VLANIF
interfaces, and add physical interfaces to the VLANs.
# Configure LSRA.
<HUAWEI> system-view
[HUAWEI] sysname LSRA
[LSRA] interface loopback 0
[LSRA-LoopBack0] ip address 1.1.0.1 32
[LSRA-LoopBack0] quit
[LSRA] vlan batch 10
[LSRA] interface vlanif 10
[LSRA-Vlanif10] ip address 10.1.1.1 24
[LSRA-Vlanif10] quit
[LSRA] interface gigabitethernet 0/0/1
[LSRA-GigabitEthernet0/0/1] port link-type trunk
[LSRA-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[LSRA-GigabitEthernet0/0/1] quit

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 193


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

The configurations of LSRB, LSRC, and LSRD are similar to the configuration of LSRA, and
are not mentioned here.
Step 2 Configure basic IS-IS functions.
# Configure LSRA.
[LSRA] isis 1
[LSRA-isis-1] is-level level-2
[LSRA-isis-1] network-entity 20.0010.0100.0001.00
[LSRA-isis-1] quit
[LSRA] interface vlanif 10
[LSRA-Vlanif10] isis enable 1
[LSRA-Vlanif10] quit
[LSRA] interface loopback 0
[LSRA-LoopBack0] isis enable 1
[LSRA-LoopBack0] quit

# Configure LSRD.
[LSRD] isis 1
[LSRD-isis-1] network-entity 10.0010.0200.0001.00
[LSRD-isis-1] quit
[LSRD] interface vlanif 10
[LSRD-Vlanif10] isis enable 1
[LSRD-Vlanif10] isis circuit-level level-2
[LSRD-Vlanif10] quit
[LSRD] interface vlanif 20
[LSRD-Vlanif20] isis enable 1
[LSRD-Vlanif20] isis circuit-level level-1
[LSRD-Vlanif20] quit
[LSRD] interface vlanif 30
[LSRD-Vlanif30] isis enable 1
[LSRD-Vlanif30] isis circuit-level level-1
[LSRD-Vlanif30] quit
[LSRD] interface loopback 0
[LSRD-LoopBack0] isis enable 1
[LSRD-LoopBack0] quit

# Configure LSRB.
[LSRB] isis 1
[LSRB-isis-1] is-level level-1
[LSRB-isis-1] network-entity 10.0010.0300.0001.00
[LSRB-isis-1] quit
[LSRB] interface vlanif 30
[LSRB-Vlanif30] isis enable 1
[LSRB-Vlanif30] quit
[LSRB] interface loopback 0
[LSRB-LoopBack0] isis enable 1
[LSRB-LoopBack0] quit

# Configure LSRC.
[LSRC] isis 1
[LSRC-isis-1] is-level level-1
[LSRC-isis-1] network-entity 10.0010.0300.0002.00
[LSRC-isis-1] quit
[LSRC] interface vlanif 20
[LSRC-Vlanif20] isis enable 1
[LSRC-Vlanif20] quit
[LSRC] interface loopback 0
[LSRC-LoopBack0] isis enable 1
[LSRC-LoopBack0] quit

# Run the display ip routing-table command on LSRA to check routing information.


[LSRA] display ip routing-table
Route Flags: R - relay, D - download to fib

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 194


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 10 Routes : 10

Destination/Mask Proto Pre Cost Flags NextHop Interface

1.1.0.1/32 Direct 0 0 D 127.0.0.1 LoopBack0


1.2.0.1/32 ISIS-L2 15 10 D 10.1.1.2 Vlanif10
1.3.0.1/32 ISIS-L2 15 20 D 10.1.1.2 Vlanif10
1.3.0.2/32 ISIS-L2 15 20 D 10.1.1.2 Vlanif10
10.1.1.0/24 Direct 0 0 D 10.1.1.1 Vlanif10
10.1.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif10
20.1.1.0/24 ISIS-L2 15 20 D 10.1.1.2 Vlanif10
20.1.2.0/24 ISIS-L2 15 20 D 10.1.1.2 Vlanif10
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0

Step 3 Configure a policy for generating the aggregated route.


# Run the summary command on LSRD to aggregate host routes that are destined for LSRB
and LSRC.
[LSRD] isis 1
[LSRD-isis-1] summary 1.3.0.0 255.255.255.0 avoid-feedback

# Run the display ip routing-table command on LSRA to check routing information.


[LSRA] display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 9 Routes : 9

Destination/Mask Proto Pre Cost Flags NextHop Interface

1.1.0.1/32 Direct 0 0 D 127.0.0.1 LoopBack0


1.2.0.1/32 ISIS-L2 15 10 D 10.1.1.2 Vlanif10
1.3.0.0/24 ISIS-L2 15 20 D 10.1.1.2 Vlanif10
10.1.1.0/24 Direct 0 0 D 10.1.1.1 Vlanif10
10.1.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif10
20.1.1.0/24 ISIS-L2 15 20 D 10.1.1.2 Vlanif10
20.1.2.0/24 ISIS-L2 15 20 D 10.1.1.2 Vlanif10
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0

The command output shows that host routes that are destined for LSRB and LSRC are
aggregated.
Step 4 Configure global and interface-based MPLS and MPLS LDP on each node so that the
network can forward MPLS traffic. Then check the LSP setup result.
# Configure LSRA.
[LSRA] mpls lsr-id 1.1.0.1
[LSRA] mpls
[LSRA-mpls] quit
[LSRA] mpls ldp
[LSRA-mpls-ldp] quit
[LSRA] interface vlanif 10
[LSRA-Vlanif10] mpls
[LSRA-Vlanif10] mpls ldp
[LSRA-Vlanif10] quit

# Configure LSRD.
[LSRD] mpls lsr-id 1.2.0.1
[LSRD] mpls
[LSRD-mpls] quit
[LSRD] mpls ldp

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 195


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

[LSRD-mpls-ldp] quit
[LSRD] interface vlanif 10
[LSRD-Vlanif10] mpls
[LSRD-Vlanif10] mpls ldp
[LSRD-Vlanif10] quit
[LSRD] interface vlanif 20
[LSRD-Vlanif20] mpls
[LSRD-Vlanif20] mpls ldp
[LSRD-Vlanif20] quit
[LSRD] interface vlanif 30
[LSRD-Vlanif30] mpls
[LSRD-Vlanif30] mpls ldp
[LSRD-Vlanif30] quit

# Configure LSRB.
[LSRB] mpls lsr-id 1.3.0.1
[LSRB] mpls
[LSRB-mpls] quit
[LSRB] mpls ldp
[LSRB-mpls-ldp] quit
[LSRB] interface vlanif 30
[LSRB-Vlanif30] mpls
[LSRB-Vlanif30] mpls ldp
[LSRB-Vlanif30] quit

# Configure LSRC.
[LSRC] mpls lsr-id 1.3.0.2
[LSRC] mpls
[LSRC-mpls] quit
[LSRC] mpls ldp
[LSRC-mpls-ldp] quit
[LSRC] interface vlanif 20
[LSRC-Vlanif20] mpls
[LSRC-Vlanif20] mpls ldp
[LSRC-Vlanif20] quit

# After the configuration is complete, run the display mpls lsp command on LSRA to view
the established LSP.
[LSRA] display mpls lsp
-------------------------------------------------------------------------------
LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
1.2.0.1/32 NULL/3 -/Vlanif10
1.2.0.1/32 1024/3 -/Vlanif10
1.1.0.1/32 3/NULL -/-

The command output shows that by default, LDP does not establish the inter-area LSPs from
LSRA to LSRB and from LSRA to LSRC.
Step 5 Configure LDP extensions for inter-area LSPs.
# Run the longest-match command on LSRA to configure LDP to search for a route
according to the longest match rule to establish an inter-area LDP LSP.
[LSRA] mpls ldp
[LSRA-mpls-ldp] longest-match
[LSRA-mpls-ldp] quit

Step 6 Verify the configuration.


# Run the display mpls lsp command on LSRA to view the established LSP.
[LSRA] display mpls lsp
-------------------------------------------------------------------------------
LSP Information: LDP LSP

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 196


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
1.2.0.1/32 NULL/3 -/Vlanif10
1.2.0.1/32 1024/3 -/Vlanif10
1.3.0.1/32 NULL/1025 -/Vlanif10
1.3.0.1/32 1025/1025 -/Vlanif10
1.3.0.2/32 NULL/1026 -/Vlanif10
1.3.0.2/32 1026/1026 -/Vlanif10
1.1.0.1/32 3/NULL -/-

The command output shows that LDP establishes the inter-area LSPs from LSRA to LSRB
and from LSRA to LSRC.

----End

Configuration Files
l Configuration file of LSRA
#
sysname LSRA
#
vlan batch 10
#
mpls lsr-id 1.1.0.1
mpls
#
mpls ldp
longest-match
#
isis 1
is-level level-2
network-entity 20.0010.0100.0001.00
#
interface Vlanif10
ip address 10.1.1.1 255.255.255.0
isis enable 1
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface LoopBack0
ip address 1.1.0.1 255.255.255.255
isis enable 1
#
return

l Configuration file of LSRD


#
sysname LSRD
#
vlan batch 10 20 30
#
mpls lsr-id 1.2.0.1
mpls
#
mpls ldp
#
isis 1
network-entity 10.0010.0200.0001.00
summary 1.3.0.0 255.255.255.0 avoid-feedback
#
interface Vlanif10
ip address 10.1.1.2 255.255.255.0
isis enable 1
isis circuit-level level-2

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 197


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

mpls
mpls ldp
#
interface Vlanif20
ip address 20.1.2.1 255.255.255.0
isis enable 1
isis circuit-level level-1
mpls
mpls ldp
#
interface Vlanif30
ip address 20.1.1.1 255.255.255.0
isis enable 1
isis circuit-level level-1
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 30
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 20
#
interface LoopBack0
ip address 1.2.0.1 255.255.255.255
isis enable 1
#
return
l Configuration file of LSRB
#
sysname LSRB
#
vlan batch 30
#
mpls lsr-id 1.3.0.1
mpls
#
mpls ldp
#
isis 1
is-level level-1
network-entity 10.0010.0300.0001.00
#
interface Vlanif30
ip address 20.1.1.2 255.255.255.0
isis enable 1
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 30
#
interface LoopBack0
ip address 1.3.0.1 255.255.255.255
isis enable 1
#
return
l Configuration file of LSRC
#
sysname LSRC
#

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 198


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

vlan batch 20
#
mpls lsr-id 1.3.0.2
mpls
#
mpls ldp
#
isis 1
is-level level-1
network-entity 10.0010.0300.0002.00
#
interface Vlanif20
ip address 20.1.2.2 255.255.255.0
isis enable 1
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 20
#
interface LoopBack0
ip address 1.3.0.2 255.255.255.255
isis enable 1
#
return

3.10 Common Configuration Errors


This section describes common faults caused by incorrect MPLS configurations and provides
the troubleshooting procedure.

3.10.1 LDP Session Alternates Between Up and Down States


Fault Description
An LDP session alternates between Up and Down states when you add, change, or delete the
LDP GR timer, LDP MTU, LDP authentication, LDP Keepalive timer, or LDP transport
address.

Procedure
Step 1 Run the display this command in the LDP view to check whether LDP GR or LDP MTU is
configured.
l If the following information is displayed:
mpls ldp
graceful-restart
LDP GR is configured.
l If the following information is displayed:
mpls ldp
mtu-signalling apply-tlv
LDP MTU is configured.
l If information similar to the following is displayed:
mpls ldp
md5-password cipher 2.2.2.2 @%@%p7gySOm*BNl=LS.o.!;.&gW5@%@%
or
mpls ldp
authentication key-chain peer 2.2.2.2 name kc1
LDP authentication is configured.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 199


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Step 2 Run the display this command in the interface view to check whether the LDP Keepalive
timer or LDP transport address is configured.
l If information similar to the following is displayed:
mpls ldp
mpls ldp timer keepalive-hold 30
The LDP Keepalive timer is configured.
l If information similar to the following is displayed:
mpls ldp
mpls ldp transport-address interface
The LDP transport address is configured.
Step 3 After the preceding configurations are complete, wait for 10s and the LDP session becomes
stable.

----End

3.10.2 LDP Session Is Down


Fault Description
An LDP session is Down after being established.

Procedure
Step 1 Check whether the interface where the LDP session is established is shut down.
Run the display this command in the interface view. If the following information is
displayed:
shutdown

The interface is shut down.


If the interface is shut down, run the undo shutdown command to start the interface.
Step 2 Check whether the MPLS-related configurations are deleted.
Run the display current-configuration command to check whether MPLS-related
configurations exist.
l If the output does not include the following information:
mpls
The MPLS configuration is deleted.
l If the output does not include the following information:
mpls ldp
The MPLS LDP configuration is deleted.
l If the output does not include the following information:
mpls ldp remote-peer
The remote LDP session is deleted.
l If MPLS-related configurations are deleted, run the corresponding commands to restore
the configurations.

----End

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 200


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

3.10.3 LDP LSP Alternates Between Up and Down States

Fault Description
An LDP LSP alternates between Up and Down states after being established.

Procedure
l Check whether the LDP session flaps.
Run the display mpls ldp session command to check the displayed Status field. You are
advised to run this command once every 1s. If the LDP session status switches between
Operational and non-operational, the LDP session flap occurs.

If the LDP session flap occurs, rectify the fault by referring to LDP Session Alternates
Between Up and Down States.

----End

3.10.4 LDP LSP Is Down

Fault Description
An LDP LSP is Down after being established.

Procedure
Step 1 Check whether the LDP session is correctly established.
Run the display mpls ldp session command to check the displayed Status field. If LDP
session status is Operational, the LDP session is established and in Up state. If LDP session
status is not Operational, the LDP session is not established.
l If the LDP session is not established, rectify the fault by referring to LDP Session Is
Down.

Step 2 Check whether the LSP establishment policy is configured.


l Run the display this command in the MPLS view. If information similar to the following
is displayed:
lsp-trigger ip-prefix abc
Check whether the Down LSP is filtered out based on the IP prefix list abc.
l Run the display this command in the MPLS-LDP view. If information similar to the
following is displayed:
propagate mapping for ip-prefix abc
Check whether the Down LSP is filtered out based on the IP prefix list abc.
l Run the display ip ip-prefix command in the system view. If information similar to the
following is displayed:
index: 10 permit 1.1.1.1/32
index: 20 permit 2.2.2.2/32
The LSP can be established only based on routes 1.1.1.1/32 and 2.2.2.2/32.
l If the preceding IP prefix list is configured, add routing information of the Down LSP to
the IP prefix list.

----End

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 201


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

3.10.5 Inter-Area LSP Fails to Be Established

Fault Description
An inter-area LSP fails to be established after LDP extension for inter-area LSP is configured.

Procedure
Step 1 Check whether LDP extension for inter-area LSP is configured.
Run the display mpls ldp command to check the displayed Longest-match field. If the field
is displayed as On, LDP extension for inter-area LSP is enabled. If the field is displayed as
Off, LDP extension for inter-area LSP is disabled.
l If LDP extension for inter-area LSP is disabled, run the longest-match command to
enable this function.

Step 2 Check whether the LDP session is correctly established.


Run the display mpls ldp session command to check the displayed Status field. If LDP
session status is Operational, the LDP session is established and in Up state. If LDP session
status is not Operational or no LDP session information is displayed, the LDP session is not
established.
l If the LDP session is not established, rectify the fault by referring to LDP Session Is
Down.

Step 3 Check whether the LDP session matches the route.

Run the display ip routing-table command to check the fields NextHop and Interface.

Run the display mpls ldp session verbose command to check the Addresses received from
peer field.

Run the display mpls ldp peer command to check the DiscoverySource field.

If the field NextHop is contained in the field Addresses received from peer and the values
of fields Interface and DiscoverySource are the same, the LDP session matches the route.

l If the LDP session does not match the route, locate the fault by referring to LDP LSP Is
Down.

----End

3.11 FAQ
This section describes the FAQ of MPLS LDP.

3.11.1 What Information Needs to Be Collected If an MPLS LDP


Session Fails to Be Established?

After an MPLS LDP session fails to be established, R&D personnel need to collect the
following information for analysis:

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 202


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Command Description

display mpls ldp session verbose Displays detailed information about the
session status.

display mpls ldp peer verbose Displays the LDP status: local or remote.

display mpls ldp interface [verbose] Displays sent and received LDP packets on
the interface. If MPLS LDP is disabled on
the interface, no command output is
displayed.

display mpls ldp remote-peer peer-name Displays sent and received LDP protocol
packets after the remote session is
established.

display ip routing-table x.x.x.x verbose Displays whether the route to the peer
display fib x.x.x.x verbose exists.

display tcp status Displays whether the TCP connection is in


Established state.

display mpls ldp event session-down Displays the reason for LDP Session Down.

3.11.2 The Two Ends of an LSP Are Up and Can Send Hello
Messages, but the Peer End Cannot Receive Them. Why?

If the two ends of an LSP are Up and can send Hello messages, but the peer end cannot
receive the messages, the possible causes are as follows:
l Devices do not support sending of large packets, for example, the device can send
packets whose maximum size is 180 bytes. To check whether the peer end can send large
packets, ping the IP address of the peer end using large packets.
l Run the display cpu-defend statistics slot slot-id command to check whether Hello
messages are dropped due to attack defense policies or Hello messages do not reach the
cpu-defend module.
l Check whether statistics on MPLS-related ACL packets exist and ACLs are correctly
delivered.

3.12 References
This section lists references of MPLS LDP.

The following table lists the references.

Document No. Description

RFC5036 LDP Specification

RFC3215 LDP State Machine

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 203


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 3 MPLS LDP Configuration

Document No. Description

RFC5443 LDP IGP Synchronization

RFC3478 Graceful Restart Mechanism for Label Distribution


Protocol

RFC1321 The MD5 Message-Digest Algorithm

RFC3037 LDP Applicability

RFC3899 Maximum Transmission Unit Signalling Extensions


for the Label Distribution Protocol

RFC3270 Multi-Protocol Label Switching (MPLS) Support of


Differentiated Services

RFC4379 Detecting Multi-Protocol Label Switched (MPLS)


Data Plane Failures

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 204


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

4 MPLS QoS Configuration

About This Chapter

On an MPLS network, MPLS QoS controls enterprise network traffic, and implements
congestion avoidance and congestion management to reduce packet loss. In addition, MPLS
QoS provides dedicated bandwidth for enterprise users or differentiated services (such as
voice, video, and data services).

4.1 MPLS QoS Overview


This section describes the definition, background, and functions of MPLS QoS.
4.2 Principles
This section describes the implementation of MPLS QoS.
4.3 Applications
This section describes application scenarios of MPLS QoS.
4.4 Configuration Notes
This section describes notes about configuring MPLS QoS.
4.5 Default Configuration
This section describes the priority mapping table and default settings.
4.6 Configuring MPLS QoS
This section describes how to configure MPLS QoS.
4.7 Configuration Examples
This section provides several configuration examples of MPLS QoS networking, including
the networking requirements, configuration roadmap, configuration procedures, and
configuration files.
4.8 References
This section lists references of MPLS QoS.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 205


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

4.1 MPLS QoS Overview


This section describes the definition, background, and functions of MPLS QoS.

Definition
MPLS quality of service (MPLS QoS) is implemented using the Differentiated Services
(DiffServ) model on an MPLS network. MPLS QoS provides differentiated services to meet
diversified requirements.

Purpose
MPLS uses label-based forwarding to replace route-based forwarding and provides powerful
and flexible functions to meet requirements of new applications. In addition, MPLS supports
multiple network protocols including IPv4 and IPv6. MPLS has been widely used for building
large-scale networks. On an MPLS network, IP QoS cannot be used to guarantee quality of
services, so MPLS QoS is used.
Similar to the way IP QoS differentiates services based on priorities of IP packets, MPLS QoS
differentiates data flows based on the EXP field and provides differentiated services for data
flows. The use of MPLS QoS helps minimize delays and ensure low packet loss ratios for
voice and video data streams.

4.2 Principles
This section describes the implementation of MPLS QoS.

4.2.1 MPLS DiffServ


Implementation
In the DiffServ model, network edge nodes map a service to a service class based on QoS
requirements of the service. A service class is identified by the differentiated service (DS)
field (Type of Service (ToS) field) in IP packets or the PRI field (802.1p priority) in VLAN
packets. Nodes on a backbone network apply preset policies to the service based on the DS or
PRI field to ensure service quality. For details, see Priority Mapping Configuration in
S2750&S5700&S6700 Series Ethernet Switches Configuration Guide - QoS. The service
classification and label distribution mechanisms of DiffServ are similar to MPLS label
distribution. MPLS DiffServ combines DS or PRI distribution with MPLS label distribution.

Figure 4-1 Fields in an MPLS packet

Link layer header MPLS Label Layer 3 header Layer 3 payload

0 19 22 23 31
Label Exp S TTL

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 206


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

MPLS DiffServ maps the EXP field (as shown in Figure 4-1) to a per-hop behavior (PHB).
LSRs forward MPLS packets based on EXP fields in the MPLS packets. MPLS DiffServ
provides the following solutions for LSP setup:
l E-LSP: an LSP whose PHB is determined by the EXP field. E-LSP applies to a network
with less than eight PHBs. A differentiated services code point (DSCP) or 802.1p
priority is mapped to a specified EXP value that identifies a PHB. Table 4-1 describes
the mapping between PHBs and EXP values. Packets are forwarded based on labels, and
the EXP field determines the packet scheduling algorithm and drop priority at each hop.
An LSP transmits a maximum of eight PHB flows that are identified by the EXP field in
the MPLS packet header. The EXP value can be configured by the ISP or mapped from
the DSCP or 802.1p priority in a packet. In E-LSP, PHB information does not need to be
transmitted by signaling protocols. Additionally, the label efficiency is high, and the
label status is easy to maintain.

Table 4-1 Mapping between DiffServ PHBs and EXP values

PHB EXP Value

BE 0

AF1 1

AF2 2

AF3 3

AF4 4

EF 5

CS6 6

CS7 7

l L-LSP: an LSP whose PHB is determined by both the label and EXP value. L-LSP
applies to a network with any number of PHBs. During packet forwarding, the label of a
packet determines the forwarding path and scheduling algorithm, whereas the EXP field
determines the drop priority of the packet. Labels differentiate service flows, so service
flows of a specified type are transmitted over the same LSP. This solution requires more
labels and occupies a large number of system resources.
NOTE

The device supports only E-LSP.

DiffServ Domain
As shown in Figure 4-2, DiffServ domains include MPLS DiffServ and IP DiffServ domains.

In the E-LSP solution, MPLS DiffServ manages and schedules the two DiffServ domains and
implements bidirectional mapping between DSCP or 802.1p priorities and EXP priorities at
the MPLS network edge.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 207


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

Figure 4-2 DiffServ domain

MPLS
PE DiffServ Domain PE

CE CE

IP IP
DiffServ Domain DiffServ Domain

As shown in Figure 4-3, the MPLS DiffServ domain forwards MPLS packets based on EXP
values and provides differentiated services.
When MPLS packets enter the P device, the P device classifies packets and maps EXP values
in packets to CoS values and drop priorities. After traffic classification, QoS implementations
including traffic shaping, traffic policing, and congestion avoidance are the same as those on
an IP network. When MPLS packets leave the P device, the P device maps CoS values and
drop priorities to EXP values so that the downstream device of the P device can provide
differentiated services based on EXP values.

Figure 4-3 E-LSP


PE_1 P PE_2

EXP=5 EXP=0 EXP=0 EXP=5

E-LSP

BE queue

EF queue

4.2.2 MPLS DiffServ Tunnel Modes


An MPLS VPN DiffServ domain supports three tunnel modes:
l Uniform: Packet priorities are uniformly defined on the IP network and the MPLS
network, so the priorities are globally valid. On the ingress node, each packet is assigned
a label and its DSCP or 802.1p priority is mapped to an EXP value. A change in the EXP

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 208


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

value on the MPLS network determines the PHB used when the packet leaves the MPLS
network. The egress node maps the EXP value to the DSCP or 802.1p priority. Figure
4-4 shows priority mapping in a uniform tunnel using an L3VPN network as an example.
P_1 changes the outer MPLS EXP value to 6. P_2 pops out the outer MPLS label and
changes the inner MPLS EXP value to the outer MPLS EXP value. PE_2 changes the
DSCP priority to 48.

Figure 4-4 Uniform mode

IP/MPLS backbone
network
CE_1 PE_1 P_1 P_2 PE_2 CE_2

Outer MPLS Outer MPLS


EXP 5 EXP 6
Inner MPLS Inner MPLS Inner MPLS
EXP 5 EXP 5 EXP 6
IP DSCP IP DSCP IP DSCP IP DSCP IP DSCP IP DSCP
40 40 40 40 48 48

l Pipe: The EXP value can be manually configured, and the ingress node adds this EXP
value to MPLS packets. Any change in the EXP value is valid only on the MPLS
network. The egress node selects the PHB for MPLS packets according to the EXP
value. When the packets leave the MPLS network, their DSCP or 802.1p priority is still
valid. Figure 4-5 shows priority mapping in a pipe tunnel using an L3VPN network as
an example. PE_1 changes the outer and inner MPLS EXP values to 1 and 2. PE_2
retains the DSCP priority of packets and selects a PHB based on the inner MPLS EXP
value.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 209


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

Figure 4-5 Pipe mode

IP/MPLS backbone
network

CE_1 PE_1 P_1 P_2 PE_2 CE_2

Outer MPLS Outer MPLS PHB


EXP 1 EXP 1 Inner MPLS
EXP 1 determined by
Inner MPLS Inner MPLS Inner MPLS the EXP priority
EXP 2 EXP 2 EXP 1
IP DSCP IP DSCP IP DSCP IP DSCP IP DSCP IP DSCP
40 40 40 40 40 40

l Short pipe: The EXP value can be manually configured, and the ingress node adds this
EXP value to MPLS packets. Any change in the EXP value is valid only on the MPLS
network. The egress node selects the PHB for MPLS packets according to the DSCP or
802.1p priority. When the packets leave the MPLS network, their DSCP or 802.1p
priority is still valid. Figure 4-6 shows priority mapping in a short-pipe tunnel using an
L3VPN network as an example. PE_1 changes the outer and inner MPLS EXP values to
1 and 2. PE_2 retains the DSCP priority of packets and selects a PHB on the DSCP
priority.

Figure 4-6 Short pipe mode

IP/MPLS backbone
network

CE_1 PE_1 P_1 P_2 PE_2 CE_2

Outer MPLS Outer MPLS


EXP 1 EXP 1
PHB determined by
Inner MPLS Inner MPLS Inner MPLS the DSCP priority
EXP 2 EXP 2 EXP 1
IP DSCP IP DSCP IP DSCP IP DSCP IP DSCP IP DSCP
40 40 40 40 40 40

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 210


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

4.3 Applications
This section describes application scenarios of MPLS QoS.

4.3.1 Application of MPLS QoS in the VPN Service


With the wide application of the MPLS technology, service providers provide VPN services to
enterprises through MPLS networks. VPN is used to connect employees on a business trip,
users in remote branches, and partners to connect to the enterprise headquarters. However,
VPN needs to timely and effectively transmit enterprise operation data to provide QoS
guarantee for and effectively serve enterprise services. For example, bandwidth for
applications such as voice and video services must be ensured so that devices can
preferentially process voice and video flows. The best effort service applies to services such
as World Wide Web (WWW) and email to which timely transmission and reliability cannot be
guaranteed.
MPLS QoS can be deployed to meet these requirements.

Differentiating Priorities of Services in a VPN


As shown in Figure 4-7, two VPN sites are the branches of the same enterprise. The
enterprise network transmits voice, video, and data services, with priorities in descending
order. When different VPN service flows enter the MPLS network, devices on the MPLS
network must differentiate priorities of the three services to provide differentiated services.
Packets carry different precedence fields depending on the network type. For example,
packets carry the 802.1p field on a Layer 2 network, the DSCP field on a Layer 3 network,
and the EXP field on an MPLS network. As on a L3VPN shown in Figure 4-7, PE_1, P, and
PE_2 process packets as follows:
l The ingress node PE_1 maps DSCP priorities carried in IP packets to internal priorities
and colors and provides different QoS services according to the internal priorities and
colors. When packets leave PE_1, it re-marks the internal priorities and colors to EXP
priorities so that devices on the MPLS network can provide differentiated services based
on the EXP priorities.
l The transit node P maps EXP priorities carried in received packets to internal priorities
and colors and provides different QoS services according to the internal priorities and
colors. When packets leave P, it re-marks the internal priorities and colors to EXP
priorities.
l The egress node PE_2 maps EXP or DSCP priorities carried in received packets to
internal priorities and colors and provides different QoS services according to the
internal priorities and colors. When packets leave PE_2, it re-marks the internal priorities
and colors to DSCP priorities so that downstream devices can provide differentiated
services based on packet priorities.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 211


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

Figure 4-7 Differentiating priorities of services in a VPN

IP/MPLS backbone
network
PE_1 P PE_2

CE_1 CE_2

VPN site VPN site

Voice Data Video Voice Data Video


flow flow flow flow flow flow

Differentiating Priorities of Services in Different VPNs


As shown in Figure 4-8, CE_1 and CE_3 belong to VPN_1 and connect to two branches of
enterprise A. CE_2 and CE_4 belong to VPN_2 and connect to two branches of enterprise B.

When service flows from different VPNs enter the MPLS network, devices on the MPLS
network must differentiate priorities of the services to ensure that service flows from
enterprise A have higher priorities than those from enterprise B. The devices then provide
differentiated services to the service flows based on their priorities.

Packets carry different precedence fields depending on the network type. For example,
packets carry the 802.1p field on a Layer 2 network, the DSCP field on a Layer 3 network,
and the EXP field on an MPLS network. As on a L3VPN shown in Figure 4-8, PE_1, P, and
PE_2 process packets as follows:

l The ingress node PE_1 maps priorities of packets from enterprises A and B to EXP
priorities in descending order, so that devices on the MPLS network can provide
differentiated services based on the EXP priorities.
l The transit node P maps EXP priorities carried in received packets to internal priorities
and colors and provides different QoS services according to the internal priorities and
colors. When packets leave P, it re-marks the internal priorities and colors to EXP
priorities.
l The egress node PE_2 maps EXP or DSCP priorities carried in received packets to
internal priorities and colors and provides different QoS services according to the
internal priorities and colors. When packets leave PE_2, it re-marks the internal priorities
and colors to DSCP priorities so that downstream devices can provide differentiated
services based on packet priorities.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 212


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

Figure 4-8 Differentiating priorities of services in different VPNs

VPN_1 VPN_1
site site

IP/MPLS
CE_1 backbone network CE_3
Enterprise A PE_1 P PE_2 Enterprise A

Enterprise B Enterprise B
CE_2 CE_4

VPN_2 VPN_2
site site

4.4 Configuration Notes


This section describes notes about configuring MPLS QoS.

When you configure MPLS QoS on the switch, note the following:

l Only the S5700HI, S5710HI, S5710EI, and S6700EI support MPLS.

4.5 Default Configuration


This section describes the priority mapping table and default settings.

By default, the mappings in the DiffServ domain are as follows:

l Table 4-2 lists the mappings from PHBs and colors to EXP priorities in MPLS packets.
l Table 4-3 lists the mappings from EXP priorities in MPLS packets to PHBs and colors.

Table 4-2 Mappings from PHBs and colors to EXP priorities of outgoing packets in the
DiffServ domain
PHB Color EXP Priority

BE green 0

BE yellow 0

BE red 0

AF1 green 1

AF1 yellow 1

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 213


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

PHB Color EXP Priority

AF1 red 1

AF2 green 2

AF2 yellow 2

AF2 red 2

AF3 green 3

AF3 yellow 3

AF3 red 3

AF4 green 4

AF4 yellow 4

AF4 red 4

EF green 5

EF yellow 5

EF red 5

CS6 green 6

CS6 yellow 6

CS6 red 6

CS7 green 7

CS7 yellow 7

CS7 red 7

Table 4-3 Mappings from EXP priorities to PHBs and colors of incoming packets in the
DiffServ domain
EXP Priority PHB Color

0 BE green

1 AF1 green

2 AF2 green

3 AF3 green

4 AF4 green

5 EF green

6 CS6 green

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 214


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

EXP Priority PHB Color

7 CS7 green

4.6 Configuring MPLS QoS


This section describes how to configure MPLS QoS.

4.6.1 Configuring the Mapping of the Precedence in the Public


MPLS Tunnel Label
To implement certain QoS functions on an MPLS network, the device needs to determine the
packet precedence according to the tunnel label of the MPLS public network. Therefore, you
need to map the tunnel label to the EXP field.

Pre-configuration Tasks
Before configuring the mapping of the precedence in the tunnel label, complete the following
tasks:

l Configuring a local LDP session according to 3.7.1 Configuring Basic Functions of


MPLS LDP
l Creating a DiffServ domain (see "Priority Mapping Configuration" in the
S2750&S5700&S6700 Series Ethernet Switches Configuration Guide - QoS)

Configuration Process
Configure the mapping of the precedence in the tunnel label according to the following
sequence.

4.6.1.1 Creating a DiffServ Domain and Configuring Priority Mapping

Context
A DiffServ domain comprises the connected DiffServ nodes, which use the same service
policy and implement the same PHBs.

When traffic enters a device, the device maps packet priorities to PHBs and colors, and
performs congestion management based on PHBs and congestion avoidance based on colors.
When traffic flows out of the device, the device maps PHBs and colors of packets to
priorities. The downstream device provides QoS services based on packet priorities.

Procedure
Step 1 Run:
system-view

The system view is displayed.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 215


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

Step 2 Run:
diffserv domain { default | ds-domain-name }

A DiffServ domain is created and the DiffServ domain view is displayed.

The default domain defines the default mappings from packet priorities to PHBs and colors.
You can modify the mappings defined in the default domain but cannot delete the default
domain.

Step 3 Define a traffic policy on the device.


l Run:
mpls-exp-inbound exp-value phb service-class [ color ]

The inbound interface is configured to map EXP priorities of MPLS packets to the PHBs
and colors.
l Run:
mpls-exp-outbound service-class color map exp-value

The outbound interface is configured to map PHBs and colors to EXP priorities of
MPLS packets.

To check the default mappings between PHBs and colors of MPLS packets and EXP
priorities, see mpls-exp-inbound and mpls-exp-outbound commands.

----End

4.6.1.2 Setting the Priority Mapping for the Public Tunnel

Context
To map priorities of incoming packets to PHBs and colors based on the mappings defined in a
DiffServ domain, bind the DiffServ domain to the inbound interface of the packets. The
system then maps priorities of packets to PHBs and colors based on the mappings in the
DiffServ domain.

To map PHBs and colors of outgoing packets to priorities based on the mappings defined in a
DiffServ domain, bind the DiffServ domain to the outbound interface of the packets. The
system then maps PHBs and colors of outgoing packets to priorities based on the mappings in
the DiffServ domain.

NOTE

This command must be run before the public tunnel is set up. If the command is run after the public
tunnel is set up, you must restart MPLS LDP; otherwise, the command cannot take effect.

Procedure
l Perform the following steps on the ingress node.
a. Run:
system-view

The system view is displayed.


b. Run:
mpls-qos ingress { use vpn-label-exp | trust upstream { ds-name |
default | none } }

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 216


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

The PHB/color of packet is mapped to the EXP priority of the public tunnel on the
ingress node.

By default, mapping from the PHB/color to the EXP priority of the public tunnel is
performed according to the settings in the default domain.

If you want to perform priority mapping based on the EXP priority of the private
tunnel, specify the vpn-label-exp parameter in the command.
l Perform the following steps on the transit node.
a. Run:
system-view

The system view is displayed.


b. Run:
mpls-qos transit trust upstream { ds-name | default | none }

Priority mapping is performed based on the EXP priority of the public tunnel on the
transit node.

By default, mapping of the EXP priority of the public tunnel is performed according
to the settings in the default domain.
l Perform the following steps on the egress node.
a. Run:
system-view

The system view is displayed.


b. Run:
mpls-qos egress trust upstream { ds-name | default | none }

The EXP priority of the public tunnel is mapped to the PHB/color on the egress
node.

By default, mapping from the EXP priority of the public tunnel to the PHB/color is
performed according to the settings in the default domain.

----End

4.6.2 Setting the DiffServ Mode Supported by MPLS private


network
This section describes how to set the DiffServ mode supported by the MPLS L3VPN and the
MPLS L2VPN.

Pre-configuration Tasks
Before configuring the DiffServ mode for the MPLS private network, complete the following
task:

l 4.6.1 Configuring the Mapping of the Precedence in the Public MPLS Tunnel Label

Configuration Process
You can perform the following configuration tasks in any sequence as required.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 217


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

4.6.2.1 Setting the DiffServ Mode Supported by MPLS L3VPN

Context
To provide QoS guarantee for VPN traffic on an MPLS VPN network, set the DiffServ mode
based on actual needs.
l If you want to differentiate priorities of different services in a VPN, set the DiffServ
mode to uniform. You can also set the DiffServ mode to pipe or short pipe, but you need
to specify the DiffServ domain in which the mode applies.
l If you want to differentiate priorities of services in different VPNs but not priorities of
services in a VPN, set the DiffServ mode to pipe or short pipe and specify EXP values in
private labels.

If you do not want to change priorities carried in original packets, you are advised to set the
DiffServ mode to pipe or short pipe. In uniform and pipe modes, the egress node determines
the per-hop behavior (PHB) based on EXP priorities of packets. In short pipe mode, the egress
node determines the PHB based on DSCP priorities of packets.

Procedure
Step 1 Run:
system-view

The system view is displayed.

Step 2 Run:
ip vpn-instance vpn-instance-name

The VPN instance view is displayed.

Step 3 Run:
diffserv-mode { pipe { mpls-exp mpls-exp | domain ds-name } | short-pipe [ mpls-
exp mpls-exp ] domain ds-name | uniform [ domain ds-name ] }

The DiffServ mode supported by the MPLS L3VPN is set.

By default, the DiffServ mode supported by the MPLS L3VPN is uniform.

l If the mpls-qos ingress trust upstream none or mpls-qos egress trust upstream none
command is configured, the device on the private network does not perform EXP priority
mapping even if you run the diffserv-mode command.
l When the DiffServ mode is set to uniform on the ingress node, the ingress node performs
priority mapping in the DiffServ domain specified by the domain parameter in this
command. If the domain parameter is not specified, the ingress node performs priority
mapping in the DiffServ domain specified by the mpls-qos ingress trust upstream { ds-
name | default } command.
l In a non-PHP scenario, the egress node performs priority mapping in the DiffServ
domain specified by the mpls-qos egress trust upstream { ds-name | default }
command. In a PHP scenario, the egress node performs priority mapping in the DiffServ
domain specified by the domain parameter in this command. If the domain parameter is
not specified, the egress node performs priority mapping in the DiffServ domain
specified by the mpls-qos egress trust upstream { ds-name | default } command.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 218


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

NOTE

This command must be configured before the instance takes effect; otherwise, you must reset BGP
connections to make the configuration take effect.

----End

4.6.2.2 Setting the DiffServ Mode Supported by MPLS L2VPN

Context
To provide QoS guarantee for VPN traffic on an MPLS VPN network, set the DiffServ mode
based on actual needs.
l If you want to differentiate priorities of different services in a VPN, set the DiffServ
mode to uniform. You can also set the DiffServ mode to pipe or short pipe, but you need
to specify the DiffServ domain in which the mode applies.
l If you want to differentiate priorities of services in different VPNs but not priorities of
services in a VPN, set the DiffServ mode to pipe or short pipe and specify EXP values in
private labels.

If you do not want to change priorities carried in original packets, you are advised to set the
DiffServ mode to pipe or short pipe. In uniform and pipe modes, the egress node determines
the per-hop behavior (PHB) based on EXP priorities of packets. In short pipe mode, the egress
node determines the PHB based on 802.1p priorities of packets.

Procedure
l In VLL networking
a. Run:
system-view

The system view is displayed.


b. Run:
interface interface-type interface-number

The AC-side interface view is displayed.


c. (Optional) On an Ethernet interface, run:
undo portswitch

The interface is switched to Layer 3 mode.

By default, an Ethernet interface works in Layer 2 mode.


d. Run:
diffserv-mode { pipe { mpls-exp mpls-exp | domain ds-name } | short-pipe
[ mpls-exp mpls-exp ] domain ds-name | uniform [ domain ds-name ] }

The DiffServ mode applied to the VLL network is set.

By default, the DiffServ mode applied to the VLL network is uniform.

n If the mpls-qos ingress trust upstream none or mpls-qos egress trust


upstream none command is configured, the device on the private network
does not perform EXP priority mapping even if you run the diffserv-mode
command.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 219


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

n When the DiffServ mode is set to uniform on the ingress node, the ingress
node performs priority mapping in the DiffServ domain specified by the
domain parameter in this command. If the domain parameter is not specified,
the ingress node performs priority mapping in the DiffServ domain specified
by the mpls-qos ingress trust upstream { ds-name | default } command.
n In a non-PHP scenario, the egress node performs priority mapping in the
DiffServ domain specified by the mpls-qos egress trust upstream { ds-name |
default } command. In a PHP scenario, the egress node performs priority
mapping in the DiffServ domain specified by the domain parameter in this
command. If the domain parameter is not specified, the egress node performs
priority mapping in the DiffServ domain specified by the mpls-qos egress
trust upstream { ds-name | default } command.
NOTE

This command must be run before the VC is set up; otherwise, you must unbind the bound
AC interface and bind the AC interface again to make the command take effect.
l In VPLS networking
a. Run:
system-view

The system view is displayed.


b. Run:
vsi vsi-name

The VSI view is displayed.


c. Run:
diffserv-mode { pipe { mpls-exp mpls-exp | domain ds-name } | short-pipe
[ mpls-exp mpls-exp ] domain ds-name | uniform [ domain ds-name ] }

The DiffServ mode applied to the VPLS network is set.


By default, the DiffServ mode applied to the VPLS network is uniform.
n If the mpls-qos ingress trust upstream none or mpls-qos egress trust
upstream none command is configured, the device on the private network
does not perform EXP priority mapping even if you run the diffserv-mode
command.
n When the DiffServ mode is set to uniform on the ingress node, the ingress
node performs priority mapping in the DiffServ domain specified by the
domain parameter in this command. If the domain parameter is not specified,
the ingress node performs priority mapping in the DiffServ domain specified
by the mpls-qos ingress trust upstream { ds-name | default } command.
n In a non-PHP scenario, the egress node performs priority mapping in the
DiffServ domain specified by the mpls-qos egress trust upstream { ds-name |
default } command. In a PHP scenario, the egress node performs priority
mapping in the DiffServ domain specified by the domain parameter in this
command. If the domain parameter is not specified, the egress node performs
priority mapping in the DiffServ domain specified by the mpls-qos egress
trust upstream { ds-name | default } command.
NOTE

This command must be configured before the instance takes effect; otherwise, you must
enable or disable the VSI to make the configuration take effect.

----End

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 220


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

4.6.2.3 Checking the Configuration

Prerequisites
The DiffServ mode supported by the MPLS private network has been configured.

Procedure
l Run the display mpls l2vc [ vc-id | interface interface-type interface-number | remote-
info [ vc-id | verbose ] | state { down | up } ] command to check information about the
MPLS DiffServ mode used by a VLL.
l Run the display vsi [ name vsi-name ] [ verbose ] command to check information about
the MPLS DiffServ mode used by a VPLS.
----End

4.7 Configuration Examples


This section provides several configuration examples of MPLS QoS networking, including
the networking requirements, configuration roadmap, configuration procedures, and
configuration files.

4.7.1 Example for Configuring MPLS QoS


Networking Requirements
Enterprises A and B connect their headquarters to branches by deploying the BGP/MPLS IP
VPN. As shown in Figure 4-9, CE1 and CE3 connect branches to the headquarters of
Enterprise A, and CE2 and CE4 connect branches to the headquarters of Enterprise B.
Enterprise A uses vpna and Enterprise B uses vpnb.
Enterprise A requires a higher service level, so better QoS guarantee must be provided for
Enterprise A.

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 221


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

Figure 4-9 Networking diagram for configuring MPLS QoS

AS: 65410 AS: 65430


vpna vpna

GE0/0/1 CE1 CE3


GE0/0/1
VLANIF 10 VLANIF 40
10.1.1.1/24 10.3.1.1/24
Loopback1
GE0/0/1 2.2.2.9/32 GE0/0/1
VLANIF10 GE0/0/1 GE0/0/2 VLANIF40
10.1.1.2/24 PE1 VLANIF30 VLANIF60 PE2 10.3.1.2/24
Loopback1 172.1.1.2/24 172.2.1.1/24 Loopback1
1.1.1.9/32 GE0/0/3 GE0/0/3 3.3.3.9/32
GE0/0/2 VLANIF30 P VLANIF60 GE0/0/2
VLANIF20 172.1.1.1/24 AS: 100 172.2.1.2/24 VLANIF50
10.2.1.2/24 10.4.1.2/24
MPLS backbone

GE0/0/1 GE0/0/1
VLANIF 20 VLANIF 50
10.2.1.1/24 10.4.1.1/24
CE2 CE4

vpnb vpnb
AS: 65420 AS: 65440

Configuration Roadmap
Configure MPLS QoS on PE1 and PE2. Enable the pipe mode on vpna and vpnb. Set the
MPLS EXP values of vpna and vpnb to 4 and 3 respectively to provide better QoS guarantee
for services of Enterprise A.

Procedure
Step 1 Configure OSPF on the MPLS backbone network so that PE and P can communicate with
each other.
# Configure PE1.
<HUAWEI> system-view
[HUAWEI] sysname PE1
[PE1] interface loopback 1
[PE1-LoopBack1] ip address 1.1.1.9 32
[PE1-LoopBack1] quit
[PE1] vlan batch 10 20 30
[PE1] interface gigabitethernet 0/0/1
[PE1-GigabitEthernet0/0/1] port link-type trunk
[PE1-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[PE1-GigabitEthernet0/0/1] quit

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 222


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

[PE1] interface gigabitethernet 0/0/2


[PE1-GigabitEthernet0/0/2] port link-type trunk
[PE1-GigabitEthernet0/0/2] port trunk allow-pass vlan 20
[PE1-GigabitEthernet0/0/2] quit
[PE1] interface gigabitethernet 0/0/3
[PE1-GigabitEthernet0/0/3] port link-type trunk
[PE1-GigabitEthernet0/0/3] port trunk allow-pass vlan 30
[PE1-GigabitEthernet0/0/3] quit
[PE1] interface vlanif 30
[PE1-Vlanif30] ip address 172.1.1.1 24
[PE1-Vlanif30] quit
[PE1] ospf 1
[PE1-ospf-1] area 0
[PE1-ospf-1-area-0.0.0.0] network 172.1.1.0 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0
[PE1-ospf-1-area-0.0.0.0] quit
[PE1-ospf-1] quit

# Configure P.
<HUAWEI> system-view
[HUAWEI] sysname P
[P] interface loopback 1
[P-LoopBack1] ip address 2.2.2.9 32
[P-LoopBack1] quit
[P] vlan batch 30 60
[P] interface gigabitethernet 0/0/1
[P-GigabitEthernet0/0/1] port link-type trunk
[P-GigabitEthernet0/0/1] port trunk allow-pass vlan 30
[P-GigabitEthernet0/0/1] quit
[P] interface gigabitethernet 0/0/2
[P-GigabitEthernet0/0/2] port link-type trunk
[P-GigabitEthernet0/0/2] port trunk allow-pass vlan 60
[P-GigabitEthernet0/0/2] quit
[P] interface vlanif 30
[P-Vlanif30] ip address 172.1.1.2 24
[P-Vlanif30] quit
[P] interface vlanif 60
[P-Vlanif60] ip address 172.2.1.1 24
[P-Vlanif60] quit
[P] ospf
[P-ospf-1] area 0
[P-ospf-1-area-0.0.0.0] network 172.1.1.0 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 172.2.1.0 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0
[P-ospf-1-area-0.0.0.0] quit
[P-ospf-1] quit

# Configure PE2.
<HUAWEI> system-view
[HUAWEI] sysname PE2
[PE2] interface loopback 1
[PE2-LoopBack1] ip address 3.3.3.9 32
[PE2-LoopBack1] quit
[PE2] vlan batch 40 50 60
[PE2] interface gigabitethernet 0/0/1
[PE2-GigabitEthernet0/0/1] port link-type trunk
[PE2-GigabitEthernet0/0/1] port trunk allow-pass vlan 40
[PE2-GigabitEthernet0/0/1] quit
[PE2] interface gigabitethernet 0/0/2
[PE2-GigabitEthernet0/0/2] port link-type trunk
[PE2-GigabitEthernet0/0/2] port trunk allow-pass vlan 50
[PE2-GigabitEthernet0/0/2] quit
[PE2] interface gigabitethernet 0/0/3
[PE2-GigabitEthernet0/0/3] port link-type trunk
[PE2-GigabitEthernet0/0/3] port trunk allow-pass vlan 60
[PE2-GigabitEthernet0/0/3] quit
[PE2] interface vlanif 60
[PE2-Vlanif60] ip address 172.2.1.2 24

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 223


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

[PE2-Vlanif60] quit
[PE2] ospf
[PE2-ospf-1] area 0
[PE2-ospf-1-area-0.0.0.0] network 172.2.1.0 0.0.0.255
[PE2-ospf-1-area-0.0.0.0] network 3.3.3.9 0.0.0.0
[PE2-ospf-1-area-0.0.0.0] quit
[PE2-ospf-1] quit

After the configuration is complete, OSPF neighbor relationships are set up between PE1, P,
and PE2. Run the display ip routing-table command. The command output shows that PEs
have learned the routes to Loopback1 of each other.
Step 2 Configure basic MPLS functions, enable MPLS LDP, and establish LDP LSPs on the MPLS
backbone network.
# Configure PE1.
[PE1] mpls lsr-id 1.1.1.9
[PE1] mpls
[PE1-mpls] quit
[PE1] mpls ldp
[PE1-mpls-ldp] quit
[PE1] interface vlanif 30
[PE1-Vlanif30] mpls
[PE1-Vlanif30] mpls ldp
[PE1-Vlanif30] quit

# Configure P.
[P] mpls lsr-id 2.2.2.9
[P] mpls
[P-mpls] quit
[P] mpls ldp
[P-mpls-ldp] quit
[P] interface vlanif 30
[P-Vlanif30] mpls
[P-Vlanif30] mpls ldp
[P-Vlanif30] quit
[P] interface vlanif 60
[P-Vlanif60] mpls
[P-Vlanif60] mpls ldp
[P-Vlanif60] quit

# Configure PE2.
[PE2] mpls lsr-id 3.3.3.9
[PE2] mpls
[PE2-mpls] quit
[PE2] mpls ldp
[PE2-mpls-ldp] quit
[PE2] interface vlanif 60
[PE2-Vlanif60] mpls
[PE2-Vlanif60] mpls ldp
[PE2-Vlanif60] quit

After the configuration is complete, LDP sessions are set up between PE1 and P and between
P and PE2. Run the display mpls ldp session command. The command output shows that the
LDP session status is Operational.
PE1 is used as an example
[PE1] display mpls ldp session

LDP Session(s) in Public Network


Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)
A '*' before a session means the session is being deleted.
------------------------------------------------------------------------------
PeerID Status LAM SsnRole SsnAge KASent/Rcv

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 224


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

------------------------------------------------------------------------------
2.2.2.9:0 Operational DU Active 0000:00:01 6/6
------------------------------------------------------------------------------
TOTAL: 1 session(s) Found.

Step 3 Configure a VPN instance on each PE and connect the CEs to the PEs.
# Configure PE1.
[PE1] ip vpn-instance vpna
[PE1-vpn-instance-vpna] ipv4-family
[PE1-vpn-instance-vpna-af-ipv4] route-distinguisher 100:1
[PE1-vpn-instance-vpna-af-ipv4] vpn-target 111:1 both
[PE1-vpn-instance-vpna-af-ipv4] quit
[PE1-vpn-instance-vpna] quit
[PE1] ip vpn-instance vpnb
[PE1-vpn-instance-vpnb] ipv4-family
[PE1-vpn-instance-vpnb-af-ipv4] route-distinguisher 100:2
[PE1-vpn-instance-vpnb-af-ipv4] vpn-target 222:2 both
[PE1-vpn-instance-vpnb-af-ipv4] quit
[PE1-vpn-instance-vpnb] quit
[PE1] interface vlanif 10
[PE1-Vlanif10] ip binding vpn-instance vpna
[PE1-Vlanif10] ip address 10.1.1.2 24
[PE1-Vlanif10] quit
[PE1] interface vlanif 20
[PE1-Vlanif20] ip binding vpn-instance vpnb
[PE1-Vlanif20] ip address 10.2.1.2 24
[PE1-Vlanif20] quit

# Configure PE2.
[PE2] ip vpn-instance vpna
[PE2-vpn-instance-vpna] ipv4-family
[PE2-vpn-instance-vpna-af-ipv4] route-distinguisher 200:1
[PE2-vpn-instance-vpna-af-ipv4] vpn-target 111:1 both
[PE2-vpn-instance-vpna-af-ipv4] quit
[PE2-vpn-instance-vpna] quit
[PE2] ip vpn-instance vpnb
[PE2-vpn-instance-vpnb] ipv4-family
[PE2-vpn-instance-vpnb-af-ipv4] route-distinguisher 200:2
[PE2-vpn-instance-vpnb-af-ipv4] vpn-target 222:2 both
[PE2-vpn-instance-vpnb-af-ipv4] quit
[PE2-vpn-instance-vpnb] quit
[PE2] interface vlanif 40
[PE2-Vlanif40] ip binding vpn-instance vpna
[PE2-Vlanif40] ip address 10.3.1.2 24
[PE2-Vlanif40] quit
[PE2] interface vlanif 50
[PE2-Vlanif50] ip binding vpn-instance vpnb
[PE2-Vlanif50] ip address 10.4.1.2 24
[PE2-Vlanif50] quit

# Assign IP addresses to the interfaces on the CEs according to Figure 4-9. The configuration
procedure is not mentioned here.
After the configurations are complete, each PE can ping its connected CE.

NOTE

If a PE has multiple interfaces bound to the same VPN instance, specify a source IP addresses by
specifying -a source-ip-address in the ping -vpn-instance vpn-instance-name -a source-ip-address dest-
ip-address command to ping the CE connected to the remote PE. If you do not specify a source IP
address, the ping fails.

Use the command output on PE1 and CE1 as an example.


[PE1] ping -vpn-instance vpna 10.1.1.1
PING 10.1.1.1: 56 data bytes, press CTRL_C to break

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 225


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

Reply from 10.1.1.1: bytes=56 Sequence=1 ttl=255 time=5 ms


Reply from 10.1.1.1: bytes=56 Sequence=2 ttl=255 time=3 ms
Reply from 10.1.1.1: bytes=56 Sequence=3 ttl=255 time=3 ms
Reply from 10.1.1.1: bytes=56 Sequence=4 ttl=255 time=3 ms
Reply from 10.1.1.1: bytes=56 Sequence=5 ttl=255 time=16 ms

--- 10.1.1.1 ping statistics ---


5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 3/6/16 ms

Step 4 Set up an MP-IBGP peer relationship between PEs.


# Configure PE1.
[PE1] bgp 100
[PE1-bgp] peer 3.3.3.9 as-number 100
[PE1-bgp] peer 3.3.3.9 connect-interface loopback 1
[PE1-bgp] ipv4-family vpnv4
[PE1-bgp-af-vpnv4] peer 3.3.3.9 enable
[PE1-bgp-af-vpnv4] quit
[PE1-bgp] quit

# Configure PE2.
[PE2] bgp 100
[PE2-bgp] peer 1.1.1.9 as-number 100
[PE2-bgp] peer 1.1.1.9 connect-interface loopback 1
[PE2-bgp] ipv4-family vpnv4
[PE2-bgp-af-vpnv4] peer 1.1.1.9 enable
[PE2-bgp-af-vpnv4] quit
[PE2-bgp] quit

After the configuration is complete, run the display bgp peer command on PEs. The
command output shows that the BGP peer relationships have been established between the
PEs.
[PE1] display bgp peer

BGP local router ID : 1.1.1.9


Local AS number : 100
Total number of peers : 1 Peers in established state : 1

Peer V AS MsgRcvd MsgSent OutQ Up/Down


State PrefRcv

3.3.3.9 4 100 12 6 0 00:02:21


Established 0

Step 5 Set up the EBGP peer relationships between the PEs and CEs and import VPN routes.
# Configure CE1.
[CE1] bgp 65410
[CE1-bgp] peer 10.1.1.2 as-number 100
[CE1-bgp] import-route direct

The configurations of CE2, CE3, and CE4 are similar to the configuration of CE1, and are not
mentioned here.
# Configure PE1.
[PE1] bgp 100
[PE1-bgp] ipv4-family vpn-instance vpna
[PE1-bgp-vpna] peer 10.1.1.1 as-number 65410
[PE1-bgp-vpna] import-route direct
[PE1-bgp-vpna] quit
[PE1-bgp] ipv4-family vpn-instance vpnb

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 226


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

[PE1-bgp-vpnb] peer 10.2.1.1 as-number 65420


[PE1-bgp-vpnb] import-route direct
[PE1-bgp-vpnb] quit
[PE1-bgp] quit

The configuration of PE2 is similar to that of PE1, and is not mentioned here.
After the configurations are complete, run the display bgp vpnv4 vpn-instance peer
command on the PEs. The command output shows that BGP peer relationships between PEs
and CEs have been established.
Use the peer relationship between PE1 and CE1 as an example.
[PE1] display bgp vpnv4 vpn-instance vpna peer

BGP local router ID : 1.1.1.9


Local AS number : 100
Total number of peers : 1 Peers in established state : 1

Peer V AS MsgRcvd MsgSent OutQ Up/Down State


PrefRcv

10.1.1.1 4 65410 11 9 0 00:07:25 Established


1

Step 6 Configure MPLS QoS.


#Configure PE1.
[PE1] mpls-qos ingress use vpn-label-exp
[PE1] ip vpn-instance vpna
[PE1-vpn-instance-vpna] diffserv-mode pipe mpls-exp 4
[PE1-vpn-instance-vpna] quit
[PE1] ip vpn-instance vpnb
[PE1-vpn-instance-vpnb] diffserv-mode pipe mpls-exp 3
[PE1-vpn-instance-vpnb] quit

#Configure PE2.
[PE2] mpls-qos ingress use vpn-label-exp
[PE2] ip vpn-instance vpna
[PE2-vpn-instance-vpna] diffserv-mode pipe mpls-exp 4
[PE2-vpn-instance-vpna] quit
[PE2] ip vpn-instance vpnb
[PE2-vpn-instance-vpnb] diffserv-mode pipe mpls-exp 3
[PE2-vpn-instance-vpnb] quit

NOTE

After the configurations are complete, you must reset MPLS LDP and BGP connections to make the
configuration take effect.

----End

Configuration Files
l Configuration file of PE1
#
sysname PE1
#
vlan batch 10 20 30
#
mpls-qos ingress use vpn-label-exp
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 100:1
vpn-target 111:1 export-extcommunity

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 227


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

vpn-target 111:1 import-extcommunity


diffserv-mode pipe mpls-exp 4
#
ip vpn-instance vpnb
ipv4-family
route-distinguisher 100:2
vpn-target 222:2 export-extcommunity
vpn-target 222:2 import-extcommunity
diffserv-mode pipe mpls-exp 3
#
mpls lsr-id 1.1.1.9
mpls
#
mpls ldp
#
interface Vlanif10
ip binding vpn-instance vpna
ip address 10.1.1.2 255.255.255.0
#
interface Vlanif20
ip binding vpn-instance vpnb
ip address 10.2.1.2 255.255.255.0
#
interface Vlanif30
ip address 172.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 20
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 30
#
interface LoopBack1
ip address 1.1.1.9 255.255.255.255
#
bgp 100
peer 3.3.3.9 as-number 100
peer 3.3.3.9 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 3.3.3.9 enable
#
ipv4-family vpnv4
policy vpn-target
peer 3.3.3.9 enable
#
ipv4-family vpn-instance vpna
import-route direct
peer 10.1.1.1 as-number 65410
#
ipv4-family vpn-instance vpnb
import-route direct
peer 10.2.1.1 as-number 65420
#
ospf 1
area 0.0.0.0
network 1.1.1.9 0.0.0.0
network 172.1.1.0 0.0.0.255
#
return

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 228


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

l Configuration file of the P


#
sysname P
#
vlan batch 30 60
#
mpls lsr-id 2.2.2.9
mpls
#
mpls ldp
#
interface Vlanif30
ip address 172.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif60
ip address 172.2.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 30
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 60
#
interface LoopBack1
ip address 2.2.2.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.9 0.0.0.0
network 172.1.1.0 0.0.0.255
network 172.2.1.0 0.0.0.255
#
return

l Configuration file of PE2


#
sysname PE2
#
vlan batch 40 50 60
#
mpls-qos ingress use vpn-label-exp
#
ip vpn-instance
vpna
ipv4-family
route-distinguisher 200:1
vpn-target 111:1 export-extcommunity
vpn-target 111:1 import-extcommunity
diffserv-mode pipe mpls-exp 4
#
ip vpn-instance
vpnb
ipv4-family
route-distinguisher 200:2
vpn-target 222:2 export-extcommunity
vpn-target 222:2 import-extcommunity
diffserv-mode pipe mpls-exp 3
#
mpls lsr-id 3.3.3.9
mpls
#
mpls ldp
#

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 229


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

interface Vlanif40
ip binding vpn-instance vpna
ip address 10.3.1.2 255.255.255.0
#
interface Vlanif50
ip binding vpn-instance vpnb
ip address 10.4.1.2 255.255.255.0
#
interface Vlanif60
ip address 172.2.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 40
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 50
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 60
#
interface LoopBack1
ip address 3.3.3.9 255.255.255.255
#
bgp 100
peer 1.1.1.9 as-number 100
peer 1.1.1.9 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 1.1.1.9 enable
#
ipv4-family vpnv4
policy vpn-target
peer 1.1.1.9 enable
#
ipv4-family vpn-instance vpna
import-route direct
peer 10.3.1.1 as-number 65430
#
ipv4-family vpn-instance vpnb
import-route direct
peer 10.4.1.1 as-number 65440
#
ospf 1
area 0.0.0.0
network 3.3.3.9 0.0.0.0
network 172.2.1.0 0.0.0.255
#
return
l Configuration file of CE1
#
sysname CE1
#
vlan batch 10
#
interface Vlanif10
ip address 10.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
bgp 65410
peer 10.1.1.2 as-number 100

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 230


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

#
ipv4-family unicast
undo synchronization
import-route direct
peer 10.1.1.2 enable
#
return
l Configuration file of CE2
#
sysname CE2
#
vlan batch 20
#
interface Vlanif20
ip address 10.2.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 20
#
bgp 65420
peer 10.2.1.2 as-number 100
#
ipv4-family unicast
undo synchronization
import-route direct
peer 10.2.1.2 enable
#
return
l Configuration file of CE3
#
sysname CE3
#
vlan batch 40
#
interface Vlanif40
ip address 10.3.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 40
#
bgp 65430
peer 10.3.1.2 as-number 100
#
ipv4-family unicast
undo synchronization
import-route direct
peer 10.3.1.2 enable
#
return
l Configuration file of CE4
#
sysname CE4
#
vlan batch 50
#
interface Vlanif50
ip address 10.4.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 50
#
bgp 65440
peer 10.4.1.2 as-number 100
#

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 231


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 4 MPLS QoS Configuration

ipv4-family unicast
undo synchronization
import-route direct
peer 10.4.1.2 enable
#
return

4.8 References
This section lists references of MPLS QoS.
The following table lists the references.

Document No. Description

RFC2475 An Architecture for Differentiated Services

RFC3031 Multiprotocol Label Switching Architecture

RFC3270 Multi-Protocol Label Switching (MPLS) Support of


Differentiated Services

Issue 07 (2015-12-18) Huawei Proprietary and Confidential 232


Copyright Huawei Technologies Co., Ltd.
S2750&S5700&S6700 Series Ethernet Switches
Configuration Guide - MPLS 5 MPLS TE Configuration

5 MPLS TE Configuration

About This Chapter

MPLS TE tunnels transmit MPLS L2VPN (VLL and VPLS) services and MPLS L3VPN
services and provide high security and guarantees reliable QoS for VPN services.

5.1 Overview
This section describes the definition and functions of MPLS TE.
5.2 Principles
This section describes the implementation of MPLS TE.
5.3 Applications
This section describes the applicable scenario of MPLS TE.
5.4 Specification
This section provides MPLS TE specifications supported by the device.
5.5 Configuration Task Summary
MPLS TE is implemented after an MPLS TE tunnel is created and traffic is imported to the
TE tunnel. To adjust MPLS TE parameters and deploy some security solutions,