In the last videos we mainly focused on explicit path capability of the segment routing traffic engineering, but path can be dynamically selected by routers themselves based on the lowest metric and taking into account any constraint, if any exist. Segment Routing Traffic Engineering Dynamic path is the topic of this video.
Some of the constraints that you can configure are including or excluding a specific IP in the dynamic path, including or excluding links with a specific tag or affinity, including or excluding links with specific shared risk link group, paths with a metric less than the maximum pre-defined value , or paths that have no more SID than the maximum predefined value.
Segment Routing Traffic Enginnering Explicit Path Configuration
Segment Routing Traffic Engineering Dynamic Path Topology
As an example in this section we will define some constraints based on link tag or affinity. With this method we can mark a link as GOLD, SILVER, RED, BLUE and whatever which has a meaning to our infrastructure. Then we can ask the router to find a path that includes or excludes certain tags. With segment routing traffic engineering, routers have the ability to dynamically choose the path based on the lowest metrics and considering any constraint.
In this topology we have three PE routers, PE1, PE2 and PE3 with the IP addresses 1.1.1.1, 2.2.2.2 and 3.3.3.3 and two P routers, P1 and P2 with the IP addresses 11.11.11.11 and 12.12 .12.12. PE routers, of course, can communicate with each other through two routers, P1 or P2 router. There is also one link between P1 and P2 router in our topology.
metric of all links are 10 by default in our topology. We change the metric of the two links PE1-P1 and P2-PE2 to the value 25. So the best path from PE1 to PE2 is through PE1-P2-P1-PE2, if we do not consider any other constraint to our PE1 router.
For a better understanding, let’s assume that we mark the links of the network connected to P1 with the GOLD affinity and the links of the network connected to P2 with the SILVER affinity. We also mark the connection between P1-PE2 with the RED affinity and We do not mark the connection between P1-P2. As you noticed, we can mark a link with more than one affinity. The link between P1-PE2 has two affinities, GOLD and RED.
Now we want to write two Policies from PE1 to PE2. One for SILVER customers, in which we ask router to dynamically choose the best path with the condition that exclude any link with GOLD affinity. We write also other policy for GOLD customers in which the constraint is to exclude any link with RED affinity.
As you know, the best path from PE1 to PE2 without considering any constraint is PE1-P2-P1-PE2, but the GOLD and SILVER policies choose a different path because this path does not meet the constraint. In GOLD politics we are not allowed to choose a path with RED affinity. In the SILVER policy, we are not allowed to choose a path with a GOLD affinity. Since the connection between P1-PE2 has both tags, it cannot choose this path, instead the traffic of both customers goes through PE1-P2-PE2.
Segment Routing Traffic Engineering Reference
Segment Routing Traffic Engineering Dynamic Path Configuration
For the implementation of Segment Routing Traffic Engineering Dynamic Path from PE1 to PE2, I have shown here the configuration of PE1 and P1 here as an example.
The configuration of PE1 is divided in three parts. The ISIS IGP protocol with the address family IPv4 is activated in all interfaces. The point-to-point network type is enabled in Ethernet interfaces to ignore the DIS selection. The metric of all interfaces is 10 by default. But the metric of GE0/0/0/0 is changed to 25.
!!! PE1
mpls traffic-eng
!
mpls oam
!
router isis LAB
is-type level-2-only
net 49.0001.0000.0000.0001.00
distribute link-state
address-family ipv4 unicast
metric-style wide
mpls traffic-eng level-2-only
mpls traffic-eng router-id Loopback0
segment-routing mpls sr-prefer
!
interface Loopback0
address-family ipv4 unicast
prefix-sid absolute 16001
!
!
interface GigabitEthernet0/0/0/0
point-to-point
address-family ipv4 unicast
metric 25
!
!
interface GigabitEthernet0/0/0/1
point-to-point
address-family ipv4 unicast
!
segment-routing
traffic-eng
interface GigabitEthernet0/0/0/0
affinity
name GOLD
!
!
interface GigabitEthernet0/0/0/1
affinity
name SILVER
!
!
policy GOLD
color 10 end-point ipv4 2.2.2.2
candidate-paths
preference 100
dynamic
metric
type igp
!
!
constraints
affinity
exclude-any
name RED
!
!
!
!
!
!
policy SILVER
color 20 end-point ipv4 2.2.2.2
candidate-paths
preference 100
dynamic
metric
type igp
!
!
constraints
affinity
exclude-any
name GOLD
!
!
!
!
!
!
affinity-map
name RED bit-position 2
name GOLD bit-position 0
name SILVER bit-position 1“mpls traffic-eng” is activated globally and also activated in ISIS context mode with two commands “mpls traffic-eng level-2-only”, since ISIS itself is activated in level-2 only and “mpls traffic-eng router-id loopback0”.
segment routing is also activated in the ISIS context mode with the command “segment-routing mpls”. Prefix SID of 16001 is configured in In Loopback 0 interface.
The “distribute link-state” command is required in the PE1 router that wants to find a dynamic path for segment routing. with this command, all links information including the affinity is distributed in the PE1 router database
The “mpls oam” command is only used for ping and traceroute in the MPLS network for better troubleshooting which is configured in all routers but is not required.
In the second part, I configured segment routing traffic engineering with dynamic policy for both GOLD and SILVER customers and for the destination PE2 with IP address 2.2.2.2. for PE3, similar policies can be configured which I have not configured.
Both policies are to route traffic on the best path with the lowest IGP metric. in addition to IGP metric, We also have the option of TE metric and also Delay for choosing the best path. by default, TE metric is the same as IGP metric which can be changed by configuration.
But the constraint is different for GOLD and SILVER customers. for GOLD customers, we need to ensure that traffic does not go through links with RED affinity. For SILVER customers, we need to ensure that traffic does not go through links with GOLD affinity.
In the third part of the PE1 configuration, we mark the links based on our definition. In PE1 GE0/0/0/0 is marked with GOLD affinity and GE0/0/0/1 with SILVER affinity. How is the marking mapped in the corresponding field in the ISIS database? The first bit is to be set if a link is GOLD. The second bit is for SILVER links and the third bit is for links with RED marking.
The configuration of P1 router is also displayed here. The configuration of ISIS in P1 is the same as PE1. I do not explain more. But we do not need to configure “distribute link-state” command in P1 since we do not want to configure traffic engineering policy in P1 router. The prefix SID of 16011 is configured for the loopback 0 interface of the P1 router since the IP address of the loopback0 interface is 11.11.11.11.
I also marked the links in P1 routers. GE0/0/0/0 is not marked at all. GE0/0/0/1 and GE0/0/0/3 are marked with GOLD affinity. GE0/0/0/2, which is connected to PE2, is marked with both RED and GOLD affinity.
!!! P1
mpls traffic-eng
!
mpls oam
!
router isis LAB
is-type level-2-only
net 49.0001.0000.0000.0011.00
address-family ipv4 unicast
metric-style wide
mpls traffic-eng level-2-only
mpls traffic-eng router-id Loopback0
segment-routing mpls sr-prefer
!
interface Loopback0
address-family ipv4 unicast
prefix-sid absolute 16011
!
!
interface GigabitEthernet0/0/0/0
point-to-point
address-family ipv4 unicast
!
!
interface GigabitEthernet0/0/0/1
point-to-point
address-family ipv4 unicast
metric 25
!
!
interface GigabitEthernet0/0/0/2
point-to-point
address-family ipv4 unicast
!
!
interface GigabitEthernet0/0/0/3
point-to-point
address-family ipv4 unicast
!
!
!
segment-routing
traffic-eng
interface GigabitEthernet0/0/0/0
!
interface GigabitEthernet0/0/0/1
affinity
name GOLD
!
!
interface GigabitEthernet0/0/0/2
affinity
name RED
name GOLD
!
!
interface GigabitEthernet0/0/0/3
affinity
name GOLD
!
!
affinity-map
name RED bit-position 2
name GOLD bit-position 0
name SILVER bit-position 1
!
!
!
Let’s now check the result of the configuration
First we traceroute from PE1 to PE2 to check the best IGP path. as you can see it goes through PE1-P1-P2-PE2.
RP/0/RP0/CPU0:PE1# traceroute 2.2.2.2
Tue Aug 24 10:54:54.048 UTC
Type escape sequence to abort.
Tracing the route to 2.2.2.2
1 10.1.12.12 [MPLS: Label 16002 Exp 0] 111 msec 96 msec 106 msec
2 10.11.12.11 [MPLS: Label 16002 Exp 0] 90 msec 86 msec 84 msec
3 10.2.11.2 86 msec
* 97 msec Now let’s check the path chosen dynamically by the policies configured in PE1.
RP/0/RP0/CPU0:PE1#show segment-routing traffic-eng policy
Tue Aug 24 10:55:19.516 UTC
SR-TE policy database
---------------------
Color: 10, End-point: 2.2.2.2
Name: srte_c_10_ep_2.2.2.2
Status:
Admin: up Operational: up for 01:06:55 (since Aug 24 09:48:24.408)
Candidate-paths:
Preference: 100 (configuration) (active)
Name: GOLD
Requested BSID: dynamic
Constraints:
Affinity:
exclude-any:
RED
Dynamic (valid)
Metric Type: IGP, Path Accumulated Metric: 35
16012 [Prefix-SID, 12.12.12.12]
24003 [Adjacency-SID, 10.2.12.12 - 10.2.12.2]
Attributes:
Binding SID: 24004
Forward Class: Not Configured
Steering BGP disabled: no
IPv6 caps enable: yes
Color: 20, End-point: 2.2.2.2
Name: srte_c_20_ep_2.2.2.2
Status:
Admin: up Operational: up for 01:06:55 (since Aug 24 09:48:24.408)
Candidate-paths:
Preference: 100 (configuration) (active)
Name: SILVER
Requested BSID: dynamic
Constraints:
Affinity:
exclude-any:
GOLD
Dynamic (valid)
Metric Type: IGP, Path Accumulated Metric: 35
16012 [Prefix-SID, 12.12.12.12]
24003 [Adjacency-SID, 10.2.12.12 - 10.2.12.2]
Attributes:
Binding SID: 24005
Forward Class: Not Configured
Steering BGP disabled: no
IPv6 caps enable: yesAs you can see we have two policies. The result of dynamic path in both policies are different from IGP best path. first prefix-SID 16012 which points to P2 and then adjacency-SID 24003 which points to the link between P2 and PE2 and you can check with command “show isis adjacency detail”
RP/0/RP0/CPU0:P2#show isis adjacency detail
Wed Aug 25 16:07:58.877 UTC
IS-IS LAB Level-2 adjacencies:
System Id Interface SNPA State Hold Changed NSF IPv4 IPv6
BFD BFD
PE1 Gi0/0/0/1 *PtoP* Up 29 1d06h Yes None None
Area Address: 49.0001
Neighbor IPv4 Address: 10.1.12.1*
Adjacency SID: 24004
Non-FRR Adjacency SID: 24005
Topology: IPv4 Unicast
PE2 Gi0/0/0/2 *PtoP* Up 28 2d00h Yes None None
Area Address: 49.0001
Neighbor IPv4 Address: 10.2.12.2*
Adjacency SID: 24002
Non-FRR Adjacency SID: 24003
Topology: IPv4 Unicast
PE3 Gi0/0/0/3 *PtoP* Up 29 2d00h Yes None None
Area Address: 49.0001
Neighbor IPv4 Address: 10.3.12.3*
Adjacency SID: 24006
Non-FRR Adjacency SID: 24007
Topology: IPv4 Unicast
P1 Gi0/0/0/0 *PtoP* Up 23 2d00h Yes None None
Area Address: 49.0001
Neighbor IPv4 Address: 10.11.12.11*
Adjacency SID: 24000
Non-FRR Adjacency SID: 24001
Topology: IPv4 Unicast
Total adjacency count: 4
RP/0/RP0/CPU0:P2# You see also here Binding-SID of two policies which is dynamically created.
With the command “show mpls forwarding”, you can see that the binding-SIDs are mapped to the corresponding policy.
RP/0/RP0/CPU0:PE1#show mpls forwarding
Wed Aug 25 16:08:46.229 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16002 16002 SR Pfx (idx 2) Gi0/0/0/1 10.1.12.12 504
16003 16003 SR Pfx (idx 3) Gi0/0/0/1 10.1.12.12 0
16011 16011 SR Pfx (idx 11) Gi0/0/0/1 10.1.12.12 0
16012 Pop SR Pfx (idx 12) Gi0/0/0/1 10.1.12.12 0
24000 Pop SR Adj (idx 1) Gi0/0/0/1 10.1.12.12 0
24001 Pop SR Adj (idx 3) Gi0/0/0/1 10.1.12.12 0
24002 Pop SR Adj (idx 1) Gi0/0/0/0 10.1.11.11 0
24003 Pop SR Adj (idx 3) Gi0/0/0/0 10.1.11.11 0
24004 Pop No ID srte_c_10_ep point2point 0
24005 Pop No ID srte_c_20_ep point2point 0
24006 24003 SR TE: 1 [TE-INT] Gi0/0/0/1 10.1.12.12 0
24009 24003 SR TE: 2 [TE-INT] Gi0/0/0/1 10.1.12.12 0
RP/0/RP0/CPU0:PE1# Also you can check the path of GOLD and SILVER policy with traceroute command in mpls network.
RP/0/RP0/CPU0:PE1#traceroute sr-mpls nil-fec policy binding-sid 24004
Wed Aug 25 16:10:24.080 UTC
Tracing MPLS Label Switched Path with Nil FEC with Binding SID Label [24004], timeout is 2 seconds
Codes: '!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'I' - unknown upstream index,
'X' - unknown return code, 'x' - return code 0
Type escape sequence to abort.
0 10.1.12.1 MRU 1500 [Labels: 24003/explicit-null Exp: 0/0]
L 1 10.1.12.12 MRU 1500 [Labels: implicit-null/explicit-null Exp: 0/0] 19 ms
! 2 10.2.12.2 33 ms
RP/0/RP0/CPU0:PE1#traceroute sr-mpls nil-fec policy binding-sid 24005
Wed Aug 25 16:10:28.633 UTC
Tracing MPLS Label Switched Path with Nil FEC with Binding SID Label [24005], timeout is 2 seconds
Codes: '!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'I' - unknown upstream index,
'X' - unknown return code, 'x' - return code 0
Type escape sequence to abort.
0 10.1.12.1 MRU 1500 [Labels: 24003/explicit-null Exp: 0/0]
L 1 10.1.12.12 MRU 1500 [Labels: implicit-null/explicit-null Exp: 0/0] 31 ms
! 2 10.2.12.2 21 ms
P/0/RP0/CPU0:PE1#With command “show mpls traffic-eng topology”, you can check that TE metric is equal to IGP metric by default.
In the configuration of segment-routing traffic-engineering dynamic path, you can three other options in addition to “igp metric” which they are “te metric”, “hopcount” and also “delay”.
RP/0/RP0/CPU0:PE1(config)#segment-routing traffic-eng
RP/0/RP0/CPU0:PE1(config-sr-te)#policy GOLD
RP/0/RP0/CPU0:PE1(config-sr-te-policy)#color 10 end-point ipv4 2.2.2.2
RP/0/RP0/CPU0:PE1(config-sr-te-policy)#candidate-paths
RP/0/RP0/CPU0:PE1(config-sr-te-policy-path)#preference 100
RP/0/RP0/CPU0:PE1(config-sr-te-policy-path-pref)#dynamic
RP/0/RP0/CPU0:PE1(config-sr-te-pp-info)#metric
RP/0/RP0/CPU0:PE1(config-sr-te-path-metric)#type ?
hopcount Hopcount metric type
igp IGP metric type
latency Latency metric type
te TE metric type
RP/0/RP0/CPU0:PE1(config-sr-te-path-metric)# type