B EPN Implementguide E2E Program SR 5-0-23062017

Cisco Evolved Programmable Network Implementation Guide for
Large Network with End to End Programmable Segment Routing,

Release 5.0
First Published: 2017-06-22
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS,
INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH
THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY,
CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version
of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS.
CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT
LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS
HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network
topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional
and coincidental.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: http://
www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership
relationship between Cisco and any other company. (1110R)
© 2017 Cisco Systems, Inc. All rights reserved.

CONTENTS
CHAPTER 1 Overview 1
Cisco Evolved Programmable Network 1
Related Documentation 1
Large Network End to End Programmable Segment Routing Deployment Model 2
CHAPTER 2 Transport Configuration 3

Device Roles 3
Core Node Configuration 4
Core ABR Node Configuration 5
IGP Configuration 6
IGP for Core Facing Ring 6
IGP for Aggregation Facing Ring 6
MPLS Traffic Engineering 7
BGP Configuration 7
BGP Labeled Unicast Neighborship to Transport Route Reflector 7
BGP Labeled Unicast Neighborship with Aggregation ABR 8
BGP Prefix Independent Convergence 8
Aggregation ABR Node Configuration 9
IGP Configuration 10
IGP for Aggregation Facing Ring 10
IGP for Pre-Aggregation Facing Ring 10
BGP Configuration 11
BGP-LU Neighborship to Core ABR 11
BGP-LU Neighborship to Pre-aggregation ABR 11
BGP Prefix-Independent Convergence Configuration 12
Advertisement of Loopback into BGP with Prefix Segment Identifier 12
BGP Labeled Unicast Neighborship to Service Route Reflector for L3VPN 12
BGP Configuration for L3VPN on Psuedowire Headend Interface 14
Cisco Evolved Programmable Network Implementation Guide for Large Network with End to End Programmable
Segment Routing, Release 5.0
iii
Contents
MPLS Traffic Engineering and PCE Configuration 14

Transport Route Reflector Configuration 15
Core IGP Configuration 16
BGP Labeled Unicast Neighborship to Service Route Reflector 16
BGP Labeled Unicast Neighborship to Core ABR 17
BGP Sessions with XTC 17
BGP Configuration for Add Path Functionality 18
XR Traffic Controller Configuration 19
PCE Server Configuration 19
Advertisement of XTC Loopbacks into BGP with Prefix-SID 20
Service Route Reflector Configuration 21
Core IGP Configuration 21
BGP Labeled Unicast Neighborship to Transport Route Reflector 22
BGP Neighborship to Service Provider Edge 23
Advertisement of Service Route Reflector Loopbacks into BGP with Prefix-SID 23
BGP Configuration for Add Path Functionality 24
Access Provider Edge Configuration 24
BGP Labeled Unicast Neighborship to Pre-aggregation ABR with Prefix List 26
BGP Prefix Independent Convergence 26
Multiprotocol Label Switching Configuration 27
CHAPTER 3 Service Configuration 29

Configuration Settings 29
Access Node Configuration 29
Label Distribution Protocol Based VPWS Configuration 30
Aggregation ABR Configuration for L3-VPN on Pseudowire Headend Interface 31
L3-VPN on Pseudowire Headend Interface 31
iv
CHAPTER 1
Overview
This chapter contains the following sections:
• Cisco Evolved Programmable Network, page 1

• Related Documentation, page 1
• Large Network End to End Programmable Segment Routing Deployment Model, page 2
Cisco Evolved Programmable Network

Cisco Evolved Programmable Network (EPN) is built towards the successful Cisco EPN architecture framework,
to bring greater programmability and automation. The Cisco EPN system design follows a layered design to
simplify the end-to-end transport and service architecture. By decoupling the transport and service infrastructure
layers of the network, it allows these two distinct entities to be provisioned and managed independently. The
Cisco EPN allows programmatic interaction between the service and transport layers.
This guide explains how a part of the lab network is pertinent to a programmable network – segment routing
deployment model.
Related Documentation
To explore the transport design, service design, reference Network Service Orchestrator (NSO) user guide
and reference system test topology of Cisco EPN, you can refer to the guides given below:
• Transport Design Guide
• Services Design Guide
• Network Service Orchestrator User Guide
• System Test Topology Reference Guide
In addition to the Large Network End to End Programmable Segment Routing deployment model, the Cisco
EPN can be implemented with one of the following deployment models:
• Large Network - End to End Segment Routing
1
Overview
Large Network End to End Programmable Segment Routing Deployment Model
• Small Network - End to End Segment Routing

• Large Network - Inter-AS End to End Segment Routing
• Large Network - Segment Routing and LDP Interworking
• Large Network - Layer2 Access to Segment Routing Transport
Large Network End to End Programmable Segment Routing

Deployment Model
In this deployment model, the transport and service are built programmatically when the customer service is
requested and customer IP is reachable. The network path is pre-programmed through controllers and selected
based on the customer service level agreement (SLA) such as low latency path and high bandwidth path. This
model comprises access, pre-aggregation, aggregation, and core domains. The building blocks for this
deployment model are:
• XR traffic controller (XTC) is running Path Computation Element Protocol (PCEP).
• Aggregation devices – These are ASR9000 routers running Cisco IOS-XR configured with Segment
Routing - Traffic Engineering (SR-TE). This SR-TE gets the path information from the XTC through
PCEP. As the Cisco IOS-XR 6.1.4 does not support Segment Routing On-Demand Next-hop (SR-ODN)
for Layer-2 Virtual Private Network (L2-VPN), the SR-TE carries the Layer-3 VPN traffic from one
aggregation router to another.
• Access devices – These are ASR920 routers running Cisco IOS XE that does not support SR-TE. The
customers are hosted on the access routers. To build the end-to-end service, the access Provider Edge
(PE) forwards the customer traffic through Pseudowire Headend (PWHE) interface to the aggregation
PE of the Layer-3 VPN (L3-VPN).
• Programmable trigger – To build the end-to-end service, the BGP community value mapped to a customer
IP address is identified and used to build the SR-TE with the aid of XTC.
• Route reflectors with the combination of BGP labeled unicast (LU), BGP link-state (LS), and BGP
L3VPN Subsequent Address Family Identifiers (SAFI) – To create route reflection between the
aggregation routers using L3VPN circuit and feed the topology status to XTC.
2
CHAPTER 2
Transport Configuration
• Device Roles, page 3

• Core Node Configuration, page 4
• Core ABR Node Configuration , page 5
• Aggregation ABR Node Configuration, page 9
• Transport Route Reflector Configuration, page 15
• XR Traffic Controller Configuration, page 19
• Service Route Reflector Configuration, page 21
• Access Provider Edge Configuration, page 24
Device Roles
Each deployment model has various device roles such as access PE, pre-aggregation PE, aggregation PE, core
PE, route reflector, and so on. In the following section, the transport configuration pertinent to
programmable-transport with segment routing deployment model is captured. Multiple nodes take a particular
role in the network. Here, the sample transport configuration of one of those nodes is captured. It does not
provide the entire configuration such as IGP, BGP, route-policy, and prefix-list for a particular node. The
configuration such as IGP configuration associated to one of the interfaces is only captured to avoid duplication.
3
Core Node Configuration
Core Node Configuration

All core network nodes are either ASR9000 or NCS6000 devices. In the figure shown below, the core node,
for example, node 001 is configured for data collection. Similarly, the other core nodes such as node 002,
node 003, and node 004 can be configured.
Figure 1: Large Network End to End Programmable Segment Routing
The core nodes are running IGP with segment routing, traffic engineering and Topology-Independent loop
free alternative for faster convergence.
segment-routing
global-block 16000 32000
!
router isis core

set-overload-bit on-startup 360
is-type level-2-only
net 49.0000.0000.0000.0001.00
address-family ipv4 unicast
metric-style wide
ispf
mpls traffic-eng level-2-only
mpls traffic-eng router-id 100.0.1.0
segment-routing mpls
segment-routing prefix-sid-map receive
!
interface Bundle-Ether21
circuit-type level-2-only
bfd minimum-interval 15
bfd multiplier 3
point-to-point
fast-reroute per-prefix
4
Core ABR Node Configuration
fast-reroute per-prefix ti-lfa

metric 100
!
Traffic Engineering Configuration
ipv4 unnumbered mpls traffic-eng Loopback0
mpls traffic-eng
!
!
!
Core ABR Node Configuration

The core ABR is a node on both the core and aggregation rings. All the core ABRs are ASR9000 devices and
act as inline route reflectors.
In the figure shown below, the core ABR node, for example, node 005 is configured for data collection.
Similarly, the other nodes such as node 006, node 009, and node 010 can be configured for data collection.
The core ABR nodes are running separate IGP instances for the core and aggregation domains, while configuring
the BGP to do inter-domain routing.
5
IGP Configuration
IGP Configuration
Two separate IGP instances are configured on the core ABR nodes towards the core and aggregation domains.
Segment routing are enabled for both the instances with redistribution enabled for ISIS link state into BGP-LS.
IGP for Core Facing Ring

The IGP configuration for core facing ring is given below:
segment-routing
!
router isis core
net 49.0000.0000.0000.0005.00
distribute bgp-ls instance-id 100
metric-style wide
segment-routing prefix-sid-map receive
!
bfd multiplier 3
point-to-point
!
interface Loopback0
passive
prefix-sid index 5
!
!
IGP for Aggregation Facing Ring

The configuration of the aggregation facing IGP instance is given below:
router isis ring9

net 49.009.0000.0009.0005.00
metric-style wide
!
interface Loopback9
passive
prefix-sid index 905
!
!
interface TenGigE0/0/0/20
6
BGP Configuration
bfd multiplier 3
bfd fast-detect ipv4
point-to-point
!
MPLS Traffic Engineering

The IGP configuration for MPLS Traffic Engineering (MPLS TE) is given below:
ipv4 unnumbered mpls traffic-eng Loopback0
mpls traffic-eng
!
!
!
!
BGP Configuration
The BGP configuration involves implementing the following:
• BGP-LU session with transport route reflector.
• BGP-LU session with pre-aggregation inline route reflector.
• BGP Prefix-Independent Convergence (BGP-PIC).
BGP Labeled Unicast Neighborship to Transport Route Reflector

The BGP configuration for transport route reflector is given below:
router bgp 100

nsr
bgp router-id 100.0.5.0
bgp graceful-restart
ibgp policy out enforce-modifications
additional-paths receive
allocate-label all
!
address-family link-state link-state
!
neighbor-group T-RR
remote-as 100
update-source Loopback0
address-family ipv4 labeled-unicast
multipath
next-hop-self
!
next-hop-self
7
BGP Configuration
!
!
neighbor 100.0.11.0
use neighbor-group T-RR
description Transport RR1
!
neighbor 100.0.21.0
description Transport RR2
!
BGP Labeled Unicast Neighborship with Aggregation ABR

The BGP-LU configuration is given below:
router bgp 100

allocate-label all
!
!
neighbor-group RRC1
remote-as 100
route-reflector-client
next-hop-self
!
next-hop-self
!
!
neighbor 100.9.8.0
use neighbor-group RRC1
!
neighbor 100.9.9.0
use neighbor-group RRC1
!
BGP Prefix Independent Convergence

The BGP PIC configuration is used to provide node redundancy for aggregation ABR nodes acting as inline
route reflectors.
router bgp 100

additional-paths send
additional-paths selection route-policy ADDPATH
allocate-label all
!
route-policy ADDPATH
set path-selection backup 1 install multipath-protect advertise
end-policy
!
8
Aggregation ABR Node Configuration
Aggregation ABR Node Configuration

The aggregation ABR is a node on both the aggregation and pre-aggregation rings. All the aggregation ABR
nodes are ASR9000 devices, that act as inline route reflectors. The rest of the pre-aggregation nodes on the
ring are ASR903 devices.
In the figure shown below, the node 0909 is configured for data collection. Similarly, the other nodes such
as node 0908, node 3003, and node 3004 can be configured.
The aggregation ABR nodes are running separate IGP instances for the aggregation and pre-aggregation
domains, while the BGP LU is configured for inter-domain routing.
The aggregation ABR node acts as a service edge node, to provide L3VPN service on PWHE interface.
To achieve programmable transport at the service edge, the configuration of BGP community, Multi-protocol
Label Switching Traffic Engineering (MPLS-TE) for Path Computation Element (PCE), and pertinent route
policies is required.
To ensure one way traffic, the configuration at the two service edge PEs, for example, aggregation ABRs is
required.
The source PE is a PE from which the SR-TE originates. The destination PE is the PE which is closer to the
customer. In this example, the source PE is 0909 and destination PE is 3004. The destination PE is configured
for traffic data collection from node 1107 to node 3103.
9
IGP Configuration
IGP Configuration
Two separate IGP instances are configured on the aggregation ABR nodes towards the aggregation and
pre-aggregation domains. The segment routing and TI-LFA are enabled for both the instances with redistribution
enabled for ISIS link state into BGP LS.
IGP for Aggregation Facing Ring

The configuration of the aggregation facing IGP instance is given below:
segment-routing
!
router isis ring9

net 49.009.0000.0009.0008.00
metric-style wide
!
interface Loopback9
passive
!
!
bfd multiplier 3
bfd fast-detect ipv4
point-to-point
!
IGP for Pre-Aggregation Facing Ring

The pre-aggregation facing IGP configuration is given below:
router isis ring10

net 49.0010.0000.0010.0008.00
metric-style wide
!
interface Loopback10
passive
!
!
point-to-point
10
BGP Configuration

!
!
BGP Configuration
The BGP configuration can be implemented with the following:
• BGP-LU session with core ABR.
• BGP-LU session with pre-aggregation ABR.
• BGP-PIC.
• Redistribution of ABR’s loopback into BGP.
To achieve programmable transport, it needs BGP configuration from both the source PE and destination PE.
For example, the source PE is 0909 and destination PE is 3004. All the pieces of BGP configuration are
captured from node 0909. From the destination PE 3004, only the configuration needed to enable the
programmable transport with community is captured. For destination PE, the rest of the BGP configuration
is similar to source PE.
BGP-LU Neighborship to Core ABR

The configuration is given below:
router bgp 100

allocate-label all
!
neighbor-group RR-Ring9
remote-as 100
next-hop-self
!
next-hop-self
!
neighbor 100.9.5.0
use neighbor-group RR-Ring9
!
neighbor 100.9.6.0
use neighbor-group RR-Ring9
!
BGP-LU Neighborship to Pre-aggregation ABR

router bgp 100
11
BGP Configuration
neighbor-group RRC-Ring10
remote-as 100
next-hop-self
!
!
neighbor 100.10.3.0
use neighbor-group RRC-Ring10
!
neighbor 100.10.4.0
use neighbor-group RRC-Ring10
!
BGP Prefix-Independent Convergence Configuration

The BGP-PIC configuration provides node redundancy for pre-aggregation ABR nodes acting as inline route
reflectors.
router bgp 100

allocate-label all
!
set path-selection backup 1 install multipath-protect advertise
end-policy
Advertisement of Loopback into BGP with Prefix Segment Identifier

The configuration for loopback advertisement is as follows:
Note This configuration is required only for L3VPN on PWHE service, as the aggregation ABR nodes are
acting as service PE for PWHE interface. It is used to advertise the ABR's loopback to the service route
reflectors, to ensure reachability. For all other services, this neighborship configuration is not required.
router bgp 100

network 100.9.9.0/32 route-policy SET-SID(909)
allocate-label all
!
route-policy SET-SID($SID)
set label-index $SID
end-policy
BGP Labeled Unicast Neighborship to Service Route Reflector for L3VPN

The BGP-LU neighborship to service route reflector is needed for L3VPN on PWHE interface where the
aggregation ABR nodes act as service PE.
12
BGP Configuration
Note The route-policy with BGP community is sent to the source PE along with the vpnv4 unicast SAFI, and
the Segment Routing On-Demand Next-hop (SR-ODN) attribute is set for MPLS-TE. The BGP community
is set by the destination PE, which is the aggregation ABR on Ring30. The set SR-ODN attribute requests
the PCE path for SR-TE tunnel from the XTC. For the XTC to provide the optimal path for SR-TE tunnel,
the XTC needs to be aware of the link state database of Ring9 and Ring30. The BGP link-state (BGP-LS)
is enabled on the transport route reflectors, aggregation and core ABR's. The aggregation and core ABRs
feed the link state database to transport route reflector through BGP-LS. The XTC being the client of
transport route reflector receives the link state information to build SRTE path.
router bgp 100

address-family vpnv4 unicast
!
!
neighbor-group RR-Ring9
remote-as 100
next-hop-self
!
!
neighbor-group SvRR
remote-as 100
route-policy SR_ODN in
!
!
neighbor 100.0.12.0
use neighbor-group SvRR
!
neighbor 100.0.22.0
!
route-policy SR_ODN
if community matches-any (999:999) then
set mpls traffic-eng attributeset SET_SR_ODN
pass
else
pass
endif
end-policy
!
13
MPLS Traffic Engineering and PCE Configuration
BGP Configuration for L3VPN on Psuedowire Headend Interface
Note To trigger the programmable transport, setup the prefix list matching to the customer IP address at the
destination PE. As per the prefix-list, the community list is populated and passed as route-policy to the
source PE through virtual routing and forwarding (VRF). In this example, the destination PE is 3004 and
source PE is 0909 as depicted in the below figure.
MPLS Traffic Engineering and PCE Configuration

The MPLS traffic engineering on the source PE, to build the SRTE tunnel with the destination PE involves
the following:
• Interfaces for traffic engineering.
• XTC server to get PCE path information for the SRTE tunnel.
• Attribute set to trigger PCE path creation based on BGP attributes.
mpls traffic-eng
!
!
14
Transport Route Reflector Configuration
!
pce
peer source ipv4 100.9.9.0
peer ipv4 100.0.100.0
!
segment-routing
stateful-client
!
!
auto-tunnel p2p
tunnel-id min 2000 max 3000
!
attribute-set p2p-te SET_SR_ODN
pce
!
path-selection
metric te
!
!
!
Transport Route Reflector Configuration

All the transport route reflector nodes are ASR9001 devices. This deployment model has two transport route
reflectors and two service route reflectors. The transport route reflector configuration data is collected from
node T-RR1, on the network topology depicted in below figure. Similar configuration is applicable for node
T-RR2.
The transport route reflectors are deployed to advertise and learn the loopbacks of service route reflectors and
service edge nodes. The service edge nodes are access and aggregation ABRs.
15
Core IGP Configuration

The core nodes, transport route reflectors, and service route reflectors are running on the core IGP. The core
IGP is configured with segment routing and TI-LFA.
router isis core

net 49.0000.0000.0000.0011.00
metric-style wide
!
interface Loopback0
passive
prefix-sid index 11
!
!
interface GigabitEthernet0/0/0/0
metric 10000
!
!
!
segment-routing
!
BGP Configuration
The transport route reflectors have:
• BGP-LU & LS sessions with all core ABRs, that act as inline route reflectors.
• BGP-LU sessions with service route reflectors.
• BGP LU & LS session with XTC.
Note For service route reflector redundancy, each transport route reflector is connected to both the service route
reflectors.
BGP Labeled Unicast Neighborship to Service Route Reflector

The BGP-LU session is established with the service route reflectors.
router bgp 100
table-policy skip-fib-download
!
neighbor-group RR-Client
remote-as 100
16
BGP Configuration
!
!
!
neighbor 100.0.12.0
use neighbor-group RR-Client
!
neighbor 100.0.22.0
!
!
route-policy skip-fib-download
drop
end-policy
BGP Labeled Unicast Neighborship to Core ABR

The BGP-LU session is established with all the core ABRs, that act as inline route reflectors for the aggregation
domain.
router bgp 100

!
remote-as 100
!
!
!
neighbor 100.0.5.0
!
neighbor 100.0.6.0
!
neighbor 100.0.9.0
!
neighbor 100.0.10.0
!
!
BGP Sessions with XTC

The BGP sessions is established with XTC
router bgp 100

nsr
!
!
17
BGP Configuration
remote-as 100
multipath
!
!
!
neighbor 100.0.100.0
!
drop
end-policy
!
!
BGP Configuration for Add Path Functionality

The redundancy of inline route reflector, transport route reflector, and service route reflector is implemented
by enabling a particular prefix to be learned through multiple paths at the route reflector and service edge
nodes such as access nodes, pre-aggregation ABR, and aggregation ABR.
To achieve path diversity and redundancy, the following configuration is required at the route reflector.
router bgp 100

nsr
!
!
remote-as 100
multipath
!
!
!
neighbor 100.0.100.0
!
drop
end-policy
!
!
18
XR Traffic Controller Configuration
XR Traffic Controller Configuration

XRv9000 is configured as XR traffic controller. XTC will compute the path from a source to a destination
and share the path information to PCC client using PCEP protocol. Service edge nodes 9008, 9009, 3003 and
3004 are configured as PCC client here to establish an SR-ODN tunnel.
PCE Server Configuration

XR9000v is used with the PCE controller.
pce
address ipv4 100.0.100.0
IGP Configuration
IGP is configured with segment routing to connect to the core network.
router isis core

net 49.0000.0000.0000.0100.00
metric-style wide
!
interface Loopback0
passive
!
!
!
bfd multiplier 3
point-to-point
metric 1000
!
BGP Configuration
BGP LU and LS neighborship is configured towards transport route reflector to learn the PCC client's loopback
and the topology link state information.
router bgp 100

allocate-label all
!
!
neighbor-group T-RR
remote-as 100
19
BGP Configuration

!
!
!
neighbor 100.0.11.0
!
neighbor 100.0.21.0
!
!
Advertisement of XTC Loopbacks into BGP with Prefix-SID

The below configuration is required to make the PCC server available for service edge nodes, which are acting
as PCC clients.
router bgp 100

end-policy
!
20
Service Route Reflector Configuration
Service Route Reflector Configuration

This network model has two service route reflectors for redundancy. The service route reflector nodes are
ASR9001 devices. The following configuration data is collected from S-RR1 on the network topology depicted
in the below figure. Similar configuration is applicable for S-RR2.
The service route reflectors are deployed in the network to exchange the customer service routes such as
vpnv4, vpnv6, and l2vpn among the service edge nodes. The service edge nodes are access PE and aggregation
ABR.

The core nodes, transport route reflectors, and service route reflectors are running on the core IGP. The core
IGP is configured with segment routing and TI-LFA.
router isis core

net 49.0000.0000.0000.0012.00
!
interface Loopback0
passive
prefix-sid index 12
!
!
21
BGP Configuration
metric 10000
!
!
segment-routing
!
BGP Configuration
The objectives of the service route reflector are as follows:
• To get all the service PE loopbacks, so that the services can be built end-to-end using the configuration
for BGP-LU neighborship with transport route reflector.
• To build BGP neighborship with service PE for various services such as vpnv4 and l2vpn. The service
edge node in this use case is aggregation ABR.
• It needs to be reachable to the service edge nodes through transport route reflector. For this, it is required
to redistribute the loopback into BGP with prefix-SID.
• Each service PE is connected to two service route reflectors. Each service route reflector is connected
to two transport route reflectors for creating path redundancy. The add path configuration is required to
create path redundancy.
Note For transport route reflector redundancy, each service route reflector is connected to both the transport
route reflectors.
BGP Labeled Unicast Neighborship to Transport Route Reflector

The service route reflector establishes BGP-LU session with the transport route reflector, to learn the loopback
of service edge nodes. For redundancy, each service route reflector peer with transport route reflectors namely
T-RR1 and T-RR2.
router bgp 100

allocate-label all
!
neighbor-group vRR
remote-as 100
next-hop-self
!
!
neighbor 100.0.11.0
use neighbor-group vRR
description CN-P-0011-XRv9K
!
neighbor 100.0.21.0
use neighbor-group vRR
description CN-P-0021-XRv9K
!
22
BGP Configuration
BGP Neighborship to Service Provider Edge

To build end-to-end service connectivity, the service route reflectors have BGP neighborships with all the
service edge nodes in the network. The BGP neighborship is required to propagate the service specific routes
for the end-to-end services deployed at the service edge nodes such as vpnv4.
Note For service route reflector to build the BGP neighborship with service PE, it needs to have reachability
to the service edge nodes programmed in its forwarding table or forwarding information base (FIB). For
this reason, download to FIB is not prevented with any route-policy or routing-table policy on the services
route reflectors. In contrast, the FIB download can be safely disabled on the transport route reflectors.
router bgp 100

allocate-label all
!
!
address-family l2vpn vpls-vpws
!
address-family l2vpn evpn
!
neighbor-group SvRR
remote-as 100
!
!
address-family l2vpn vpls-vpws
!
address-family l2vpn evpn
!
!
neighbor 100.11.7.0
!
neighbor 100.31.3.0
!
!
Advertisement of Service Route Reflector Loopbacks into BGP with Prefix-SID

The below configuration is required to make the service route reflector loopback available for service edge
nodes through transport route reflector and inline route reflectors.
router bgp 100

allocate-label all
23
Access Provider Edge Configuration
!
end-policy
BGP Configuration for Add Path Functionality

The configuration to enable the path diversity for the network is given below:
router bgp 100

!
neighbor-group vRR
remote-as 100
next-hop-self
!
!
set path-selection backup 1 install
end-policy
!
Access Provider Edge Configuration

All the access PE in the network are ASR920 router running Cisco IOS-XE. The access nodes have:
• IGP in the ring to learn BGP next-hop.
• BGP to learn the loopback of Aggregation ABR, where the PWHE terminates on an L3VPN vrf.
24
IGP Configuration
Multiple nodes act as access PE in Ring11 and Ring31 shown in the below figure. Here, the configuration
data is collected from node 1107 of Ring11. Similar configuration is applicable for other access PE nodes,
for example, node 3103 in the network.
IGP Configuration
The access PEs’ have just one instance of the IGP.
router isis ring11

net 49.0011.1000.1100.7000.00
metric-style wide
fast-reroute per-prefix level-2 all
fast-reroute ti-lfa level-2
microloop avoidance protected
passive-interface Loopback11
!
!
set-attributes
address-family ipv4
sr-label-preferred
exit-address-family
!
!
connected-prefix-sid-map
address-family ipv4
100.11.7.0/32 index 1107 range 1
exit-address-family
25
BGP Configuration
!
!
BGP Configuration
The components of the access node BGP configuration are:
• BGP-LU neighborship towards pre-aggregation ABR nodes, which are acting as inline route reflector
with ingress prefix filter.
• BGP-PIC configuration to provide pre-aggregation ABR redundancy.
Note The ingress prefix list permits only the loopbacks of the service edge nodes where PWHE interface
terminates. The prefix list gets modified as part of service provisioning by NSO, to append the loopback
address of the service edge nodes on which the service is being configured.
BGP Labeled Unicast Neighborship to Pre-aggregation ABR with Prefix List

The configuration to enable BGP-LU neighborship with pre-aggregation ABR is given below:
router bgp 100

no bgp default ipv4-unicast
neighbor IBR peer-group
neighbor IBR remote-as 100
neighbor IBR update-source Loopback11
neighbor 100.11.3.0 peer-group IBR
neighbor 100.11.4.0 peer-group IBR
!
address-family ipv4
neighbor IBR send-community both
neighbor IBR next-hop-self all
neighbor IBR prefix-list BGP-Prefix-Filter in
neighbor IBR send-label
neighbor 100.11.3.0 activate
neighbor 100.11.4.0 activate
exit-address-family
!
!
!
ip prefix-list BGP-Prefix-Filter seq 5 permit 100.9.8.0/32
BGP Prefix Independent Convergence

The configuration to enable pre-aggregation ABR redundancy is given below:
router bgp 100

!
address-family ipv4
bgp additional-paths select backup
bgp additional-paths install
exit-address-family
!
26
Multiprotocol Label Switching Configuration

The IGP protocol on the access node is enabled with segment routing. The access node does not need MPLS
LDP for IGP or any label for services such as vpnv4 and l2vpn.
The MPLS configuration is required to build targeted LDP sessions for the VPWS pseudowire.
mpls ldp discovery targeted-hello accept

mpls ldp router-id loopback 11 force
27
28
CHAPTER 3
Service Configuration
• Configuration Settings, page 29

• Access Node Configuration, page 29
• Aggregation ABR Configuration for L3-VPN on Pseudowire Headend Interface, page 31
Configuration Settings
In this chapter, the configuration for all the applicable services in this deployment model are captured. The
services can be configured using the traditional CLI method or orchestrated by Cisco NSO with Yet Another
Next Generation (YANG) model.
Access Node Configuration

For this deployment model, the LDP based VPWS is configured from access PE to the aggregation PE. This
access pseudowire gets terminated on the PWHE interface to provide an L3VPN service
29
Label Distribution Protocol Based VPWS Configuration
The access PEs are on rings, such as Ring11 and Ring 31 as shown in below figure. The node 1107 and node
3103 are configured for VPWS and the configuration data from 1107 is captured here.
Label Distribution Protocol Based VPWS Configuration

The following configuration is required to provide LDP based VPWS on access node.
mpls ldp discovery targeted-hello accept
ethernet evc MAN_UC3_VPWS_SRODN_R11_N7_R9_N3

!
interface GigabitEthernet0/0/2
service instance 2500 ethernet MAN_UC3_VPWS_SRODN_R11_N7_R9_N3
encapsulation dot1q 2500
xconnect 100.9.9.0 3909116301 encapsulation mpls pw-class MAN-PW-CLASS-MPLS
!
router bgp 100

address-family ipv4
neighbor IBR prefix-list BGP-Prefix-Filter in
ip prefix-list BGP-Prefix-Filter seq 10 permit 100.9.9.0/32
30
Aggregation ABR Configuration for L3-VPN on Pseudowire Headend Interface
Aggregation ABR Configuration for L3-VPN on Pseudowire

Headend Interface
For this deployment model, the access PE carries customer traffic through pseudowire to the aggregation
ABR. On aggregation ABR, the pseudowire terminates on the PWHE interface. The two aggregation ABRs
transport the customer traffic through L3VPN.
L3-VPN on Pseudowire Headend Interface

The configuration to provide IPv4 VRF, include components such as vrf definition, PWHE interface
configuration, BGP SAFI configuration and l2vpn configuration. The prefix-list needs to be modified to enable
the service edge nodes that are part of this VPN.
This deployment model has two aggregation ABRs. Here, the configuration data is collected from the node
0909 as shown in the below figure. Similarly, the configuration data can be collected from node 3004.
vrf MAN_UC3_SRODN_L3VPN_VRF1
import route-target
100:2500
!
export route-target
100:2500
!
!
31
L3-VPN on Pseudowire Headend Interface
interface PW-Ether1107
attach generic-interface-list Ring10-IL
!
interface PW-Ether1107.2500
ipv4 address 200.9.9.1 255.255.255.0
encapsulation dot1q 2500
!
generic-interface-list Ring10-IL
!
l2vpn
pw-class PWHE
encapsulation mpls
control-word
xconnect group PWHE-Ring11
p2p 1107
interface PW-Ether1107
neighbor ipv4 100.11.7.0 pw-id 3909116301
pw-class PWHE
!
!
router bgp 100
rd auto
redistribute connected route-policy SR_ODN_SET_Community
!
!
!
32

B EPN Implementguide E2E Program SR 5-0-23062017

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

B EPN Implementguide E2E Program SR 5-0-23062017

Uploaded by

Copyright:

Available Formats

Cisco Evolved Programmable Network Implementation Guide for

Large Network with End to End Programmable Segment Routing,

© 2017 Cisco Systems, Inc. All rights reserved.

CHAPTER 2 Transport Configuration 3

MPLS Traffic Engineering and PCE Configuration 14

CHAPTER 3 Service Configuration 29

• Cisco Evolved Programmable Network, page 1

Cisco Evolved Programmable Network

• Small Network - End to End Segment Routing

Large Network End to End Programmable Segment Routing

• Device Roles, page 3

Core Node Configuration

Figure 1: Large Network End to End Programmable Segment Routing

router isis core

fast-reroute per-prefix ti-lfa

ipv4 unnumbered mpls traffic-eng Loopback0

Core ABR Node Configuration

Figure 2: Large Network End to End Programmable Segment Routing

IGP for Core Facing Ring

IGP for Aggregation Facing Ring

router isis ring9

MPLS Traffic Engineering

ipv4 unnumbered mpls traffic-eng Loopback0

BGP Labeled Unicast Neighborship to Transport Route Reflector

router bgp 100

BGP Labeled Unicast Neighborship with Aggregation ABR

router bgp 100

BGP Prefix Independent Convergence

router bgp 100

Aggregation ABR Node Configuration

Figure 3: Large Network End to End Programmable Segment Routing

IGP for Aggregation Facing Ring

router isis ring9

IGP for Pre-Aggregation Facing Ring

router isis ring10

address-family ipv4 unicast

BGP-LU Neighborship to Core ABR

router bgp 100

BGP-LU Neighborship to Pre-aggregation ABR

BGP Prefix-Independent Convergence Configuration

router bgp 100

Advertisement of Loopback into BGP with Prefix Segment Identifier

router bgp 100

BGP Labeled Unicast Neighborship to Service Route Reflector for L3VPN

router bgp 100

BGP Configuration for L3VPN on Psuedowire Headend Interface

Figure 4: Large Network End to End Programmable Segment Routing

MPLS Traffic Engineering and PCE Configuration

Transport Route Reflector Configuration

Figure 5: Large Network End to End Programmable Segment Routing

Core IGP Configuration

router isis core

BGP Labeled Unicast Neighborship to Service Route Reflector

BGP Labeled Unicast Neighborship to Core ABR

router bgp 100

BGP Sessions with XTC

router bgp 100

BGP Configuration for Add Path Functionality

router bgp 100

XR Traffic Controller Configuration

PCE Server Configuration

router isis core

router bgp 100