Professional Documents
Culture Documents
Agile + DevOps
24123
24010 24035
24024 24045
• Distributed by ISIS/OSPF
16004 16004
5
16004
16004
3 4
1.1.1.4/32
16004
All nodes use default SRGB
16,000 – 23,999
24024
5
3 4
H C E
Red
Green
Blue
24010 24035
24024 24045
R7
16003 16003
16004 16004 16004
SR Tunnel Path 16005 16005 16005 16005
Data Data Data Data Data Data
R1 R2 R4 R5
R7
R7
SR Tunnel 16004
16005
16004
16005
16004
16005 16005
Data Data Data Data Data Data
Path
Using lable stack,
full TE path No Additional state
Implicitly able to
programmed at maintained in Mid-
source (SDN use ECMP
Point (Scalability!!)
friendly!)
SR-TE RSVP-TE
TE state only at head-end Yes No
Engineered for SDN Yes Yes/No
ECMP-capability for TE Yes No
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
Agenda
TE
DB
• Build TE-DB for Multi-area Optimal Path Computation
• Scalable Solution is BGP, not IGP. SR-PCE
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
SR PCE Implementation
HyperVisor
Physical HW (x86)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
Agenda
16000 4 16004
Wide Metrics
router isis 1
address-family ipv4 unicast
metric-style wide
segment-routing mpls sr-prefer enable SR IPv4 control plane and SR
MPLS data plane on all ipv4
!
interfaces in this IS-IS instance
interface Loopback0
passive
address-family ipv4 unicast
prefix-sid index 1
! Ipv4 Prefix-SID value for loopback0
(Index translate to 16001 absolute
value)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
Segment Routing Configuration Example – OSPF
router ospf 1
enable SR IPv4 control plane and SR
router-id 1.1.1.1
MPLS data plane on all ipv4
segment-routing mpls
interfaces in this IS-IS instance
area 0
interface Loopback0
passive enable
prefix-sid index 1
! Ipv4 Prefix-SID value for loopback0
! (Index translate to 16001 absolute
! value)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
Segment Routing Configuration Example
segment-routing
Enable SRTE
traffic-eng
policy POLICY1
color 20 end-point ipv4 1.1.1.4 Local Configured SRTE Policy
binding-sid mpls 1000
candidate-paths
preference 100 Color (C) & End-Point (E)
dynamic mpls
metric
type te Binding SID for Selected C-Path
affinity
exclude-any red Candidate Path List
!
preference 50
explicit segment-list SIDLIST1 Candidate Path Preference
!
segment-list name SIDLIST1
index 10 mpls label 16002
index 20 mpls label 30203
index 30 mpls label 16004
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
SR-PCE Configuration
ABR ABR
Metro Area 01 Core Network Metro Area 02
SR-
Apps Apps
PCE
ABR ABR
Metro Area 01 Core Network Metro Area 02
SR-
Apps Apps
PCE
6.1.1.101 6.1.1.100
G0/ 6.1.1.4 RR
SR-PCE1 0
G0 /5 0
6.1.1.2 /7 G0 G0/ 6.1.1.6 6.1.1.8
G0/0 G0/3 G0/0 G0/0 G0/3 G0/0
R2 R4 R6 R8 G0
/3 /3
G0
G0
G0
G0
/2
/4
/2
G0/1
G0/2
G0/1
G0/1
/2
/5
G0
G0
/1
G0
0 G0
6.1.1.1 G0 /0 6.1.1.10
R1 R10
/1
G0
G0
/1
G0/1
G0/2
G0/0
G0/0
G0
G0
/5
G0
/1
/2
G0
G0
/4
/2
G0
/3
/2
G0
/3
G0/3 G0
R3 G0/0 R5 G0/0 G0/1 R7 G0/3 G0/1 R9
6.1.1.3 6.1.1.7 6.1.1.9
G0/
/0
G0
0
G0
/6
6.1.1.2 6.1.1.6 6.1.1.8
G0
/7
G0/0 G0/3 G0/0 G0/0 G0/3 G0/0
R2 R4 R6 R8 G0
/3 /3
G0
G0
G0
G0
/2
/4
/2
G0/1
G0/2
G0/1
G0/1
/2
/5
G0
G0
G0
/1
6.1.1.1 /1 G0 6.1.1.10
G0 /0
Access Core Access
R1 ISIS L1 R10
ISIS L1 ISIS L2
/1
G0
G0
/0
G0/1
G0/2
G0/0
G0/0
G0
/5
G0
G0
/1
/2
G0
G0
/4
G0
/3
/2
/2
G0
/3
G0/3 G0
R3 G0/0 R5 G0/0 G0/1 R7 G0/3 G0/1 R9
6.1.1.3 6.1.1.9
G0/6
6.1.1.7
vrf C-Blue
vrf C-Blue
ipv4 address 1.0.0.6 /24 XTC2 ipv4 address 2.0.0.6 /24
6.1.1.102
• The purpose of this lab exercise is to establish this connectivity using SR-MPLS End to End
R2 R4 R6 R8
Access Core Access
R1 ISIS L1 ISIS L2 ISIS L1 R10
R3 R5 R7 R9
R2 R4 R6 R8
Access Core Access
R1 ISIS L1 ISIS L2 ISIS L1 R10
R3 R5 R7 R9
segment-routing segment-routing
global-block 16000 17000 global-block 16000 17000
C 1.0.0.0/24 is directly connected, 1d02h, Gig/0/0/0/2 C 2.0.0.0/24 is directly connected, 1d02h, Gig/0/0/0/2
L 1.0.0.6/32 is directly connected, 1d02h, Gig 0/0/0/2 L 2.0.0.6/32 is directly connected, 1d02h, Gig 0/0/0/2
R2 R4 R6 R8
Access Core Access
R1 ISIS L1 ISIS L2 ISIS L1 R10
R3 R5 SR-PCE2
R7 R9
R2 R4 R6 R8
Access Core Access
R1 ISIS L1 ISIS L2 ISIS L1 R10
R3 R5 SR-PCE2
R7 R9
• We will configure R1 and R10 to advertise their loopbacks so that they both learn each other’s SR labels/SID through BGP.
• Once the configuration is done, did you notice the following message pop up on inline Route Reflectors (R4, R5, R6, R7)
On R1 On R10
On R1 On R10
Even though routes are valid, ping between vpn and “ping sr-mpls” between R1/R10 Loopbacks will fail. This is due to
error message received on inline RRs in the previous step. Check next slide for more details
RP/0/0/CPU0:R1# ping sr-mpls 6.1.1.10/32 source 6.1.1.1 RP/0/0/CPU0:R10# ping sr-mpls 6.1.1.1/32 source 6.1.1.10
Type escape sequence to abort. Type escape sequence to abort.
NNNNN NNNNN
Success rate is 0 percent (0/5) Success rate is 0 percent (0/5)
R2 R4 R6 R8
Access Core Access
R1 ISIS L1 ISIS L2 ISIS L1 R10
• Ping between R1 and R10, for MPLS as well as for L3VPN to check connectivity
RP/0/RP0/CPU0:R1#ping sr-mpls 6.1.1.10/32 sou 6.1.1.1
Sending 5, 100-byte MPLS Echos to 6.1.1.10/32,
timeout is 2 seconds, send interval is 0 msec:
Type escape sequence to abort.
RP/0/RP0/CPU0:R1#traceroute sr-mpls 6.1.1.10/32 source 6.1.1.1
!!!!!
Success rate is 100 percent (5/5),
0 192.1.2.1 MRU 1500 [Labels: 16004/16010 Exp: 0/0]
L 1 192.1.2.2 MRU 1500 [Labels: implicit-null/16010 Exp: 0/0] 6 ms
L 2 192.2.4.4 MRU 1500 [Labels: 16010 Exp: 0] 15 ms
RP/0/RP0/CPU0:R1#ping vrf C-Blue 2.0.0.6 L 3 192.4.7.7 MRU 1500 [Labels: 16010 Exp: 0] 16 ms
. 4 *
Sun Feb 17 01:24:38.600 UTC
! 5 192.8.10.10 26 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.0.0.6, timeout is 2 sec
!!!!!
Success rate is 100 percent (5/5),
SR-PCE1 RR
2 4
R2 R4 6
R6 8
R8
1
R1 10
R10
3
R3 5
R5 7
R7 9
R9
SR-PCE2
Make sure R4 and R5 distributes Instance-id is needed for SR-PCE to distinguish topologies belonging Make sure R6 and R7 distributes
only L1 routers with instance-id to different domains. Otherwise certain algorithms may operate only L1 routers with instance-id
incorrectly. Future SR-PCE releases may use ISIS domain-id for this
101 purpose. 110
SR-PCE1 RR
2 4
R2 R4 6
R6 8
R8
1
R1 10
R10
3
R3 5
R5 7
R7 9
R9
SR-PCE2
Make sure SR-PCE distributes
RR should reflect BGP-LS AF to SR-PCE ingests L2 toplogy directly, via distribute link-state directive. only L2 routers with instance-id
SR-PCEs L1 topologies received via BGP-LS 220
SR-PCE1 RR
2 4
R2 R4 6
R6 8
R8
1
R1 10
R10
3
R3 5
R5 7
R7 9
R9
SR-PCE2
RR
RP/0/0/CPU0:RR#sh bgp link-state link-state summary
Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd
6.1.1.4 0 65001 2834 2782 1075 0 0 00:04:44 61
6.1.1.5 0 65001 2839 2781 1075 0 0 00:04:42 61
6.1.1.6 0 65001 2841 2781 1075 0 0 00:04:42 61
6.1.1.7 0 65001 2842 2781 1075 0 0 00:04:42 61
6.1.1.101 0 65001 2637 2781 1075 0 0 00:04:44 0
6.1.1.102 0 65001 2636 2780 1075 0 0 00:04:44 0
conf
router isis 100
distribute link-state
address-family ipv4 unicast
mpls traffic-eng level-1-2
mpls traffic-eng router-id Loopback0
commit
end
Without TE information advertised along with the link-state in BGP-LS, SR-PCE won’t be able to compute policy paths
Example Only
show bgp link link
[E][L1][I0x65][N[c65001][b0.0.0.0][s1921.5500.0001.00]][R[c65001][b0.0.0.0][s1921.5500.0002.00]][L[i192.1.2.1][n192.1.2.2]]/
696
<snip>
Local
6.1.1.4 (metric 10) from 6.1.1.100 (6.1.1.4)
Origin IGP, localpref 100, valid, internal, best, group-best
Received Path ID 0, Local Path ID 1, version 259
Originator: 6.1.1.4, Cluster list: 6.1.1.100
Link-state: MSD: Type 1 Value 10, Local TE Router-ID:
6.1.1.1 Remote TE Router-ID: 6.1.1.2, admin-group: 0x00000000
max-link-bw (kbits/sec): 1000000, max-reserv-link-bw (kbits/sec): 0
max-unreserv-link-bw (kbits/sec): 0 0 0 0 0 0 0 0,
TE-default-metric: 10 metric: 10, ADJ-SID: 24002(30)
Link Delay: 10 us Flags: 0x00, Min Delay: 10 us Max Delay: 10 us Flags: 0x00
Delay Variation: 0 us
SR-PCE1
RR
2 4
R2 R4 6
R6 8
R8
1
R1 10
R10
3
R3 5
R5 7
R7 9
R9
On SR-PCE1
pce
address ipv4 6.1.1.101
rest
!
!
R1 R1
R10
SR-PCE1
2 4
R2 R4 6
R6 8
R8
6.1.1.1
6.1.1.10
1
R1 10
R10
3
R3 5
R5 7
R7 9
R9
• On R1 and R10: Configure Route Policy to set color 2 for Matching Traffic
3
R3 5
R5 7
R7 9
R9
RP/0/0/CPU0:R1#sh bgp vrf C-Blue 2.0.0.0 R1 RP/0/0/CPU0:R10#sh bgp vrf C-Blue 1.0.0.0 R10
<snip> <snip>
6.1.1.10 (metric 20) from 6.1.1.4 (6.1.1.10) 6.1.1.1 (metric 20) from 6.1.1.6 (6.1.1.1)
Received Label 24004 Received Label 24000
<snip> <snip>
Extended community: Color:2 RT:65000:1 Extended community: Color:2 RT:65000:1
<snip> <snip>
6.1.1.10 (metric 20) from 6.1.1.5 (6.1.1.10) 6.1.1.10 (metric 20) from 6.1.1.5 (6.1.1.10)
Received Label 24004 Received Label 24004
<snip> <snip>
Extended community: Color:2 RT:65000:1 Extended community: Color:2 RT:65000:1
<snip> <snip>
segment-routing segment-routing
traffic-eng traffic-eng
on-demand color 2 on-demand color 2
dynamic dynamic
pcep pcep
! !
metric metric
type igp type igp
R1 R10
RP/0/0/CPU0:R1#sh segment-routing traffic-eng policy RP/0/0/CPU0:R10#sh segment-routing traffic-eng policy
SR-TE policy database SR-TE policy database
--------------------- ---------------------
Name: bgp_AP_5 (Color: 2, End-point: 6.1.1.10) Name: bgp_AP_3 (Color: 2, End-point: 6.1.1.1)
Status: Status:
Admin: up Operational: up Admin: up Operational: up
Candidate-paths: Candidate-paths:
Preference 100: Preference 100:
Path Metrics: Path Metrics:
Margin Absolute: 0 Margin Absolute: 0
Margin Relative: 0% Margin Relative: 0%
Maximum SID Depth: 10 Maximum SID Depth: 10
Dynamic (pce 6.1.1.101) (active) Dynamic (pce 6.1.1.101) (active)
Metric Type: IGP, Path Accumulated Metric: 50 Metric Type: IGP, Path Accumulated Metric: 50
16004 [Prefix-SID, 6.1.1.4] 16006 [Prefix-SID, 6.1.1.6]
16006 [Prefix-SID, 6.1.1.6] 16004 [Prefix-SID, 6.1.1.4]
16010 [Prefix-SID, 6.1.1.10] 16001 [Prefix-SID, 6.1.1.1]
Attributes: Attributes:
Binding SID: 24012 Binding SID: 24010
Allocation mode: dynamic Allocation mode: dynamic
State: Programmed State: Programmed
Policy selected: yes Policy selected: yes
Forward Class: 0 Forward Class: 0
Steering BGP disabled: no Steering BGP disabled: no
IPv6 caps enable: yes IPv6 caps enable: yes
Distinguisher: 0 Distinguisher: 0
Auto-policy info: Auto-policy info:
Creator: BGP Creator: BGP
R3 R5 R7 R9
R1 ßà R10 MPLS and L3VPN Service Verification
• Ping between R1 and R10, for MPLS as well as for L3VPN to check connectivity through On-Demand Next Hop
RP/0/0/CPU0:R1#ping sr-mpls 6.1.1.10/32 source 6.1.1.1
RP/0/0/CPU0:R1#trace vrf C-Blue 2.0.0.6
Sending 5, 100-byte MPLS Echos to 6.1.1.10/32,
Type escape sequence to abort.
!!!!!
Tracing the route to 2.0.0.6
RP/0/0/CPU0:R10#ping sr-mpls 6.1.1.1/32 source 6.1.1.10 1 192.1.2.2 [MPLS: Labels 16004/16006/16010/24000 Exp 0]
Sending 5, 100-byte MPLS Echos to 6.1.1.1/32, 2 192.2.4.4 [MPLS: Labels 16006/16010/24000 Exp 0]
!!!!! 3 192.4.6.6 [MPLS: Labels 16010/24000 Exp 0]
4 192.6.8.8 [MPLS: Labels 16010/24000 Exp 0]
RP/0/0/CPU0:R1#ping vrf C-Blue 2.0.0.6 5 192.8.10.10 59 msec * 39 msec
Sending 5, 100-byte ICMP Echos to 2.0.0.6, timeout is 2 seconds:
!!!!! RP/0/0/CPU0:R10# trace vrf C-Blue 1.0.0.6
Type escape sequence to abort.
RP/0/0/CPU0:R10#ping vrf C-Blue 1.0.0.6
Tracing the route to 1.0.0.6
Sending 5, 100-byte ICMP Echos to 1.0.0.6, timeout is 2 seconds:
!!!!!
1 192.8.10.8 [MPLS: Labels 16006/16004/16001/24000 Exp 0]
2 192.6.8.6 [MPLS: Labels 16004/16001/24000 Exp 0]
3 192.4.6.4 [MPLS: Labels 16001/24000 Exp 0]
4 192.2.4.2 [MPLS: Labels 16001/24000 Exp 0]
5 192.1.2.1 39 msec * 49 msec