VPN MPLS Transport Options
EVPN-MPLS and IP-VPN sample topologies illustrate co-existing LDP, BGP-SR, and ISIS-SR on the core.
LDP, ISIS-SR, and BGP-LU (BGP-SR) demonstrate the corresponding Label Switched Paths (LSPs) as the MPLS transport LSPs for Layer 3 EVPN and IP VPN services.
EVPN sample Topology
In the figures below Tenant-A DCI and Tenant-B DCI, the prefixes from each DC are transported over the WAN/DCI domain, maintaining the Layer 3 multi-tenancy in tenant-a and tenant-b.
To provide external connectivity from the DC into the MPLS domain, leaf-11 and leaf-12 are eBGP peering via the tenants VRFs with the border routers. Both core routers are advertise external prefixes for Internet and any remote site connectivity (default route and ip-prefixes from the other DC for the tenant). To provide connectivity within the EVPN domain, the leaf switches (leaf-21 and leaf-2) re-advertise the prefixes into the tenant’s VRF via a type-5 route advertisement, with a next-hop equal to the advertising PE.
Let us review the concepts of transport labels, advertised to provide the label switched path, or LSP, across the back-bone and the VPN, or tenant label, used by the Provider Edge (PE) routers to identify a particular tenant.
EVPN MPLS sample Configuration displays BGP route updates and how the tenant VRF is transported over these transport LSPs.
IP VPN sample Topology
Let us review the concepts of transport labels, advertised to provide the label switched path, or LSP, across the back-bone and the VPN, or tenant label, used by the Provider Edge (PE) routers to identify a particular tenant.
In the figures, Tenant-D IPv4 VPN and Tenant-D IPv6 VPN, the prefixes for VRF tenant-d are transported over the MPLS WAN between North Edge and South Edge routers.
LDP
The figure below illustrates how LDP neighbor relationships are built. First each router sends a discovery to a destination multicast address (TTL=1) 224.0.0.2 on port 646. This discovery contains the router-id and the transport IPv4 address the router wants to use. The second stage is building the TCP peering session using the specified transport IP addresses. This is normally loopback to loopback.
Examples
- The show mpls ldp neighbor command on the North Edge router
displays more detail on TCP session establishment, and the local addresses of the LDP
neighbor for which it is binding a label. Note: All connected interfaces are advertised as bound. However, eos currently advertised labels for /32 addresses, and FEC filter is configured to install only x.x.x.200/32 prefixes.
North Edge.17:51:17# show mpls ldp neighbor Peer LDP ID: 2.2.2.200:0; Local LDP ID: 1.1.1.200:0 TCP Connection: 2.2.2.200:38395 - 1.1.1.200:646 State: oper; Msgs sent/rcvd: 46/46; downstream unsolicited Uptime: 0:06:17 KeepAlive expires in: 20.27 sec LDP discovery sources: Ethernet1/1 Addresses bound to peer: 2.2.2.200 2.2.2.2 192.168.1.177 192.168.62.11 192.168.1.181 192.168.58.12 192.168.60.11 192.168.61.11 Peer LDP ID: 3.3.3.200:0; Local LDP ID: 1.1.1.200:0 TCP Connection: 3.3.3.200:38510 - 1.1.1.200:646 State: oper; Msgs sent/rcvd: 42/42; downstream unsolicited Uptime: 0:05:51 KeepAlive expires in: 20.02 sec LDP discovery sources: Ethernet2/1 Addresses bound to peer: 192.168.65.11 192.168.59.12 3.3.3.200 192.168.60.12 192.168.63.11 3.3.3.3 192.168.64.11
- The show mpls lfib route 116384 command on the North Edge
router displays the label POP and swap operations for any traffic traversing North Edge.
If traffic came in with label 116384 it would be swapped to
the labels seen in the tunnel
table.
North Edge.23:38:28(config)# show mpls lfib route 116384 MPLS forwarding table (Label [metric] Vias) - 1 routes MPLS next-hop resolution allow default route: False Via Type Codes: M - Mpls Via, P - Pseudowire Via, I - IP Lookup Via, V - Vlan Via, VA - EVPN Vlan Aware Via, ES - EVPN Ethernet Segment Via, VF - EVPN Vlan Flood Via, AF - EVPN Vlan Aware Flood Via Source Codes: S - Static MPLS Route, B2 - BGP L2 EVPN, B3 - BGP L3 VPN, P - Pseudowire, L - LDP, IP - IS-IS SR Prefix Segment, IA - IS-IS SR Adjacency Segment, IL - IS-IS SR Segment to LDP, LI - LDP to IS-IS SR Segment, BL - BGP LU, DE - Debug LFIB L 116384 [1], 6.6.6.200/32 via M, 192.168.58.12, swap 132768 payload autoDecide, ttlMode autoDecide, apply egress-acl interface Ethernet1/1 via M, 192.168.59.12, swap 100000 payload autoDecide, ttlMode autoDecide, apply egress-acl interface Ethernet2/1
ISIS-SR
The following figure illustrates how ISIS-SR distributes the SID index information in the ISIS TLVs and sub-TLVs
The Prefix SID index, SRGB, and ADJ SID values are populated in the sub-TLVs in the ISIS neighbor updates. Each router then builds its database of Node (Prefix) segments (Labels) and locally assigned ADJ labels.
- The show isis neighbors detail command on the North Edge
router displays the detailed information of all ISIS
neighbors.
north-edge# show isis neighbors detail Instance VRF System Id Type Interface SNPA State Hold time Circuit Id sr_instan default nw-core L2 Ethernet1/1 P2P UP 30 1D Area Address(es): 49.0001 SNPA: P2P Advertised Hold Time: 30 State Changed: 6d17h ago IPv4 Interface Address: 192.168.58.12 IPv6 Interface Address: none Interface name: Ethernet1/1 Graceful Restart: Supported Segment Routing Enabled Router ID: 2.2.2.2 SRGB Base: 408000 Range: 4096 Adjacency Label IPv4: 953252 sr_instan default sw-core L2 Ethernet2/1 P2P UP 28 1E Area Address(es): 49.0001 SNPA: P2P Advertised Hold Time: 30 State Changed: 00:06:06 ago IPv4 Interface Address: 192.168.59.12 IPv6 Interface Address: none Interface name: Ethernet2/1 Graceful Restart: Supported Segment Routing Enabled Router ID: 3.3.3.3 SRGB Base: 408000 Range: 4096 Adjacency Label IPv4: 953253
- The show isis segment-routing adjacency-segments command on
the North Edge router displays the locally assigned Adjacency Segment Identifier
(Adj-SIDs).
North Edge# show isis segment-routing adjacency-segments System ID: north-edge Instance: sr_instance SR supported Data-plane: MPLS SR Router ID: 1.1.1.111 Adj-SID allocation mode: SR-adjacencies Adj-SID allocation pool: Base: 953249 Size: 16384 Adjacency Segment Count: 5 Flag Descriptions: F: Ipv6 address family, B: Backup, V: Value L: Local, S: Set Segment Status codes: L1 - Level-1 adjacency, L2 - Level-2 adjacency, P2P - Point-to-Point adjacency, LAN - Broadcast adjacency Locally Originated Adjacency Segments Adj IP Address Local Intf SID SID Source Flags Type -------------------- ---------------- ------------ ---------------- ------------------------- ------ 192.168.1.154 Et36/1 953249 Dynamic F:0 B:0 V:1 L:1 S:0 P2P L2 192.168.1.174 Et23/1 953250 Dynamic F:0 B:0 V:1 L:1 S:0 P2P L2 192.168.58.12 Et1/1 953252 Dynamic F:0 B:0 V:1 L:1 S:0 P2P L2 192.168.59.12 Et2/1 953253 Dynamic F:0 B:0 V:1 L:1 S:0 P2P L2 192.168.1.165 Et8/1 953254 Dynamic F:0 B:0 V:1 L:1 S:0 P2P L2
BGP-LU (BGP-SR)
BGP-LU Label Distribution illustrates how BGP-LU distributes the label information in BGP.
BGP-SR Index and SRGB Distribution illustrates how BGP-LU distributes the Label SRGB and SID index information in BGP. This is known as BGP-SR.
The Prefix SID index and SRGB values are populated in the TLVs in the BGP neighbor updates. Each router then builds its own database of Node (Prefix) segments (Labels).
- The show bgp neighbor command displays BGP-SR
neighbors.
north-edge# show bgp neighbor | include BGP neighbor|Multiprotocol IPv4 MplsLabel BGP neighbor is 192.168.2.10, remote AS 64512, internal link Multiprotocol IPv4 MplsLabel: received BGP neighbor is 192.168.3.9, remote AS 64512, internal link Multiprotocol IPv4 MplsLabel: advertised and received and negotiated BGP neighbor is 192.168.3.10, remote AS 64512, internal link Multiprotocol IPv4 MplsLabel: advertised BGP neighbor is 192.168.58.12, remote AS 2, external link Multiprotocol IPv4 MplsLabel: advertised and received and negotiated BGP neighbor is 192.168.59.12, remote AS 3, external link
- The show ip bgp labeled-unicast 6.6.6.66/32 detail
command displays the detailed information of BGP labeled routes unicast with
6.6.6.66/32.
north-edge(config-if-Et2/1)# show ip bgp labeled-unicast 6.6.6.66/32 detail BGP routing table information for VRF default Router identifier 1.1.1.111, local AS number 64512 BGP routing table entry for 6.6.6.66/32 Paths: 2 available 2 4 6 192.168.58.12 labels [ 200066 ] from 192.168.58.12 (2.2.2.222) Origin IGP, metric -, localpref 100, weight 0, valid, external, ECMP head, best, ECMP contributor Local MPLS label: 200066, SR Label Index: 66 3 4 6 192.168.59.12 labels [ 200066 ] from 192.168.59.12 (3.3.3.200) Origin IGP, metric -, localpref 100, weight 0, valid, external, ECMP, ECMP contributor Not best: ECMP-Fast configured Local MPLS label: 200066, SR Label Index: 66 Advertised to 2 peers: 192.168.3.9 192.168.59.12