VPN MPLS Transport Options

EVPN-MPLS and IP-VPN sample topologies illustrate co-existing LDP, BGP-SR, and ISIS-SR on the core.

Figure 1. Physical Topology For ISIS-SR, LDP and BGP-SR Transport

LDP, ISIS-SR, and BGP-LU (BGP-SR) demonstrate the corresponding Label Switched Paths (LSPs) as the MPLS transport LSPs for Layer 3 EVPN and IP VPN services.

EVPN sample Topology

In the figures below Tenant-A DCI and Tenant-B DCI, the prefixes from each DC are transported over the WAN/DCI domain, maintaining the Layer 3 multi-tenancy in tenant-a and tenant-b.

Figure 2. Tenant-A DCI

Figure 3. Tenant-B DCI

To provide external connectivity from the DC into the MPLS domain, leaf-11 and leaf-12 are eBGP peering via the tenants VRFs with the border routers. Both core routers are advertise external prefixes for Internet and any remote site connectivity (default route and ip-prefixes from the other DC for the tenant). To provide connectivity within the EVPN domain, the leaf switches (leaf-21 and leaf-2) re-advertise the prefixes into the tenant’s VRF via a type-5 route advertisement, with a next-hop equal to the advertising PE.

Let us review the concepts of transport labels, advertised to provide the label switched path, or LSP, across the back-bone and the VPN, or tenant label, used by the Provider Edge (PE) routers to identify a particular tenant.

EVPN MPLS sample Configuration displays BGP route updates and how the tenant VRF is transported over these transport LSPs.

IP VPN sample Topology

Let us review the concepts of transport labels, advertised to provide the label switched path, or LSP, across the back-bone and the VPN, or tenant label, used by the Provider Edge (PE) routers to identify a particular tenant.

Figure 4. IPv4 & IPv6 VPN sample Topology

In the figures, Tenant-D IPv4 VPN and Tenant-D IPv6 VPN, the prefixes for VRF tenant-d are transported over the MPLS WAN between North Edge and South Edge routers.

Figure 5. Tenant-D IPv4 VPN

Figure 6. Tenant-D IPv6 VPN

LDP

The figure below illustrates how LDP neighbor relationships are built. First each router sends a discovery to a destination multicast address (TTL=1) 224.0.0.2 on port 646. This discovery contains the router-id and the transport IPv4 address the router wants to use. The second stage is building the TCP peering session using the specified transport IP addresses. This is normally loopback to loopback.

Figure 7. LDP Peering Establishment

Examples

  • The show mpls ldp neighbor command on the North Edge router displays more detail on TCP session establishment, and the local addresses of the LDP neighbor for which it is binding a label.
    Note: All connected interfaces are advertised as bound. However, eos currently advertised labels for /32 addresses, and FEC filter is configured to install only x.x.x.200/32 prefixes.
    North Edge.17:51:17# show mpls ldp neighbor
    Peer LDP ID: 2.2.2.200:0; Local LDP ID: 1.1.1.200:0
       TCP Connection: 2.2.2.200:38395 - 1.1.1.200:646
       State: oper; Msgs sent/rcvd: 46/46; downstream unsolicited
       Uptime: 0:06:17
       KeepAlive expires in: 20.27 sec
       LDP discovery sources:
          Ethernet1/1
       Addresses bound to peer:
          2.2.2.200           2.2.2.2             192.168.1.177    192.168.62.11
          192.168.1.181       192.168.58.12       192.168.60.11    192.168.61.11
    Peer LDP ID: 3.3.3.200:0; Local LDP ID: 1.1.1.200:0
       TCP Connection: 3.3.3.200:38510 - 1.1.1.200:646
       State: oper; Msgs sent/rcvd: 42/42; downstream unsolicited
       Uptime: 0:05:51
       KeepAlive expires in: 20.02 sec
       LDP discovery sources:
          Ethernet2/1
       Addresses bound to peer:
          192.168.65.11       192.168.59.12       3.3.3.200        192.168.60.12
          192.168.63.11       3.3.3.3             192.168.64.11
  • The show mpls lfib route 116384 command on the North Edge router displays the label POP and swap operations for any traffic traversing North Edge. If traffic came in with label 116384 it would be swapped to the labels seen in the tunnel table.
    North Edge.23:38:28(config)# show mpls lfib route 116384
    MPLS forwarding table (Label [metric] Vias) - 1 routes
    MPLS next-hop resolution allow default route: False
    Via Type Codes:
              M - Mpls Via, P - Pseudowire Via,
              I - IP Lookup Via, V - Vlan Via,
              VA - EVPN Vlan Aware Via, ES - EVPN Ethernet Segment Via,
              VF - EVPN Vlan Flood Via, AF - EVPN Vlan Aware Flood Via
    Source Codes:
              S - Static MPLS Route, B2 - BGP L2 EVPN,
              B3 - BGP L3 VPN, P - Pseudowire,
              L - LDP, IP - IS-IS SR Prefix Segment,
              IA - IS-IS SR Adjacency Segment, IL - IS-IS SR Segment to LDP,
              LI - LDP to IS-IS SR Segment, BL - BGP LU,
              DE - Debug LFIB
    
     L   116384   [1], 6.6.6.200/32
                    via M, 192.168.58.12, swap 132768
                        payload autoDecide, ttlMode autoDecide, apply egress-acl
                        interface Ethernet1/1
                    via M, 192.168.59.12, swap 100000
                        payload autoDecide, ttlMode autoDecide, apply egress-acl
                        interface Ethernet2/1

ISIS-SR

The following figure illustrates how ISIS-SR distributes the SID index information in the ISIS TLVs and sub-TLVs

Figure 8. ISIS Neighbor Adj and TLVs

The Prefix SID index, SRGB, and ADJ SID values are populated in the sub-TLVs in the ISIS neighbor updates. Each router then builds its database of Node (Prefix) segments (Labels) and locally assigned ADJ labels.

Examples
  • The show isis neighbors detail command on the North Edge router displays the detailed information of all ISIS neighbors.
    north-edge# show isis neighbors detail
    Instance  VRF      System Id        Type Interface          SNPA              State Hold time   Circuit Id
    sr_instan default  nw-core          L2   Ethernet1/1        P2P               UP    30          1D
      Area Address(es): 49.0001
      SNPA: P2P
      Advertised Hold Time: 30
      State Changed: 6d17h ago
      IPv4 Interface Address: 192.168.58.12
      IPv6 Interface Address: none
      Interface name: Ethernet1/1
      Graceful Restart: Supported
      Segment Routing Enabled
        Router ID: 2.2.2.2
        SRGB Base: 408000 Range: 4096
        Adjacency Label IPv4: 953252
    sr_instan default  sw-core          L2   Ethernet2/1        P2P               UP    28          1E
      Area Address(es): 49.0001
      SNPA: P2P
      Advertised Hold Time: 30
      State Changed: 00:06:06 ago
      IPv4 Interface Address: 192.168.59.12
      IPv6 Interface Address: none
      Interface name: Ethernet2/1
      Graceful Restart: Supported
      Segment Routing Enabled
        Router ID: 3.3.3.3
        SRGB Base: 408000 Range: 4096
        Adjacency Label IPv4: 953253
  • The show isis segment-routing adjacency-segments command on the North Edge router displays the locally assigned Adjacency Segment Identifier (Adj-SIDs).
    North Edge# show isis segment-routing adjacency-segments
    
    System ID: north-edge                   Instance: sr_instance
    SR supported Data-plane: MPLS                   SR Router ID: 1.1.1.111
    Adj-SID allocation mode: SR-adjacencies
    Adj-SID allocation pool: Base: 953249     Size: 16384
    Adjacency Segment Count: 5
    Flag Descriptions: F: Ipv6 address family, B: Backup, V: Value
                       L: Local, S: Set
    
    Segment Status codes: L1 - Level-1 adjacency, L2 - Level-2 adjacency, P2P - Point-to-Point adjacency, LAN - 
    Broadcast adjacency
    
    Locally Originated Adjacency Segments
       Adj IP Address       Local Intf          SID       SID Source                     Flags      Type
    -------------------- ---------------- ------------ ---------------- ------------------------- ------
        192.168.1.154           Et36/1       953249          Dynamic       F:0 B:0 V:1 L:1 S:0    P2P L2
        192.168.1.174           Et23/1       953250          Dynamic       F:0 B:0 V:1 L:1 S:0    P2P L2
        192.168.58.12            Et1/1       953252          Dynamic       F:0 B:0 V:1 L:1 S:0    P2P L2
        192.168.59.12            Et2/1       953253          Dynamic       F:0 B:0 V:1 L:1 S:0    P2P L2
        192.168.1.165            Et8/1       953254          Dynamic       F:0 B:0 V:1 L:1 S:0    P2P L2

BGP-LU (BGP-SR)

BGP-LU Label Distribution illustrates how BGP-LU distributes the label information in BGP.

Figure 9. BGP-LU Label Distribution

BGP-SR Index and SRGB Distribution illustrates how BGP-LU distributes the Label SRGB and SID index information in BGP. This is known as BGP-SR.

Figure 10. BGP-SR Index and SRGB Distribution

The Prefix SID index and SRGB values are populated in the TLVs in the BGP neighbor updates. Each router then builds its own database of Node (Prefix) segments (Labels).

Examples
  • The show bgp neighbor command displays BGP-SR neighbors.
    north-edge# show bgp neighbor | include BGP neighbor|Multiprotocol IPv4 MplsLabel
    
    BGP neighbor is 192.168.2.10, remote AS 64512, internal link
        Multiprotocol IPv4 MplsLabel: received
    BGP neighbor is 192.168.3.9, remote AS 64512, internal link
        Multiprotocol IPv4 MplsLabel: advertised and received and negotiated
    BGP neighbor is 192.168.3.10, remote AS 64512, internal link
        Multiprotocol IPv4 MplsLabel: advertised
    BGP neighbor is 192.168.58.12, remote AS 2, external link
        Multiprotocol IPv4 MplsLabel: advertised and received and negotiated
    BGP neighbor is 192.168.59.12, remote AS 3, external link
  • The show ip bgp labeled-unicast 6.6.6.66/32 detail command displays the detailed information of BGP labeled routes unicast with 6.6.6.66/32.
    north-edge(config-if-Et2/1)# show ip bgp labeled-unicast 6.6.6.66/32 detail
    BGP routing table information for VRF default
    Router identifier 1.1.1.111, local AS number 64512
    BGP routing table entry for 6.6.6.66/32
     Paths: 2 available
      2 4 6
        192.168.58.12 labels [ 200066 ] from 192.168.58.12 (2.2.2.222)
          Origin IGP, metric -, localpref 100, weight 0, valid, external, ECMP head, best, ECMP contributor
          Local MPLS label: 200066, SR Label Index: 66
      3 4 6
        192.168.59.12 labels [ 200066 ] from 192.168.59.12 (3.3.3.200)
          Origin IGP, metric -, localpref 100, weight 0, valid, external, ECMP, ECMP contributor
          Not best: ECMP-Fast configured
          Local MPLS label: 200066, SR Label Index: 66
     Advertised to 2 peers:
        192.168.3.9       192.168.59.12