Cisco IOS XR Labeled Unicast

Hi,

I hope you can help me understand how Labeled-unicast SAFI works on Cisco IOS XR.

I noted that routes learned via IPv4 ucast SAFI (1) are not propagte to another iBGP Labeled unicast neigbor and I can't understand why.

can you please help me?

thx

R18---ebgp_ucast(safi 1)-----x12----iBGP_Lucast(safi 4)--x14---iBGP_Lucast(safi 4)---r2

 

RP/0/0/CPU0:x14.as100#sh bgp ipv4 unicast 

Tue Sep 16 14:08:14.479 UTC

BGP router identifier 100.0.0.14, local AS number 100

BGP generic scan interval 60 secs

BGP table state: Active

Table ID: 0xe0000000   RD version: 196

BGP main routing table version 196

BGP scan interval 60 secs

 

Status codes: s suppressed, d damped, h history, * valid, > best

              i - internal, r RIB-failure, S stale, N Nexthop-discard

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network            Next Hop            Metric LocPrf Weight Path

*>i0.0.0.0/0          100.0.0.26                    100      0 i

*>i8.8.8.8/32         100.0.0.26                    100      0 i

*>i100.0.0.12/32      100.0.0.12               0    100      0 i

*>i100.0.0.13/32      100.0.0.13               0    100      0 i

*>i100.0.0.24/32      100.0.0.24                    100      0 i

*>i192.168.1.0/24     100.0.0.26                    100      0 i

 

Processed 6 prefixes, 6 paths

RP/0/0/CPU0:x14.as100#

 

RP/0/0/CPU0:x12.as100#sh bgp ipv4 unicast 

Fri Sep 16 17:08:08.272 UTC

BGP router identifier 100.0.0.12, local AS number 100

BGP generic scan interval 60 secs

BGP table state: Active

Table ID: 0xe0000000   RD version: 323

BGP main routing table version 323

BGP scan interval 60 secs

 

Status codes: s suppressed, d damped, h history, * valid, > best

              i - internal, r RIB-failure, S stale, N Nexthop-discard

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network            Next Hop            Metric LocPrf Weight Path

*>i0.0.0.0/0          100.0.0.26                    100      0 i

*>i8.8.8.8/32         100.0.0.26                    100      0 i

*> 10.1.1.0/24        100.12.18.18             0             0 65101 ?

*> 10.1.2.0/24        100.12.18.18             3             0 65101 ?

*> 10.1.3.0/24        100.12.18.18             3             0 65101 ?

*> 10.1.4.0/24        100.12.18.18             3             0 65101 ?

*> 10.19.19.19/32     100.12.18.18             3             0 65101 ?

*> 100.0.0.12/32      0.0.0.0                  0         32768 i

*>i100.0.0.13/32      100.0.0.13               0    100      0 i

*>i100.0.0.24/32      100.0.0.24                    100      0 i

*> 100.10.1.18/32     100.12.18.18             0             0 65101 ?

*> 100.10.1.19/32     100.12.18.18             2             0 65101 ?

*> 100.10.2.18/32     100.12.18.18             3             0 65101 ?

*> 100.10.2.19/32     100.12.18.18             4             0 65101 ?

*> 100.10.3.18/32     100.12.18.18             3             0 65101 ?

*> 100.10.3.19/32     100.12.18.18             4             0 65101 ?

*> 100.10.4.18/32     100.12.18.18             3             0 65101 ?

*> 100.10.4.19/32     100.12.18.18             4             0 65101 ?

*> 100.12.128.0/24    100.12.18.18             2             0 65101 ?

*> 100.13.19.0/24     100.12.18.18             2             0 65101 ?

*> 100.13.193.0/24    100.12.18.18             2             0 65101 ?

*> 100.18.12.0/24     100.12.18.18             0             0 65101 ?

*> 100.18.23.0/24     100.12.18.18             4             0 65101 ?

*> 100.19.22.0/24     100.12.18.18             2             0 65101 ?

*> 100.22.229.0/24    100.12.18.18             4             0 65101 ?

*> 100.23.238.0/24    100.12.18.18             5             0 65101 ?

*>i192.168.1.0/24     100.0.0.26                    100      0 i

 

Processed 27 prefixes, 27 paths

RP/0/0/CPU0:x12.as100#sh bgp ipv4 unicast labels 

Fri Sep 16 17:08:14.192 UTC

BGP router identifier 100.0.0.12, local AS number 100

BGP generic scan interval 60 secs

BGP table state: Active

Table ID: 0xe0000000   RD version: 323

BGP main routing table version 323

BGP scan interval 60 secs

 

Status codes: s suppressed, d damped, h history, * valid, > best

              i - internal, r RIB-failure, S stale, N Nexthop-discard

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network            Next Hop        Rcvd Label      Local Label

*>i0.0.0.0/0          100.0.0.26      302080          16039           

*>i8.8.8.8/32         100.0.0.26      302080          16037           

*> 100.0.0.12/32      0.0.0.0         nolabel         3               

*>i100.0.0.13/32      100.0.0.13      3               16020           

*>i100.0.0.24/32      100.0.0.24      3               16008           

*>i192.168.1.0/24     100.0.0.26      3               16038  

 

 

 

RP/0/0/CPU0:x14.as100#sh run router bgp

Tue Sep 16 14:07:48.881 UTC

router bgp 100

 address-family ipv4 unicast

  allocate-label all

 !

 neighbor 100.0.0.12

  apply-group iBGP_AS100

 !

 neighbor 100.0.0.13

  apply-group iBGP_AS100

 !

 neighbor 100.0.0.24

  remote-as 100

  password encrypted 12383646425B

  update-source Loopback0

  address-family ipv4 unicast

   route-policy PASS in

   route-policy PASS out

  !

  address-family ipv4 labeled-unicast

   route-policy PASS in

   route-policy PASS out

  !

 

RP/0/0/CPU0:x12.as100#sh run router bgp

Fri Sep 16 17:07:09.206 UTC

router bgp 100

 address-family ipv4 unicast

  network 100.0.0.12/32

  allocate-label all

 !

 neighbor 100.0.0.14

  remote-as 100

  password encrypted 0325685A565F

  update-source Loopback0

  address-family ipv4 labeled-unicast

   route-policy PASS in

   route-policy PASS out

   next-hop-self 

 !

 neighbor 100.12.18.18

  remote-as 65101

  address-family ipv4 unicast

   route-policy PASS in

   route-policy PASS out

  !

 

Comments


  • You only need a RPL for eBGP peering's not iBGP

    One of you're peering's has ipv4 unicast + ipv4 labelled unicast, why?

    Also be more specific on what peering it is there's a lot of unnecessary output

    SAFI has nothing to do with what will or will not be advertised as regular iBGP rules apply

    Only caveat on XR is an AS_PATH loop prevention check is done prior to advertising the routes, can be disabled as below (but can obviously cause loops)

    RP/0/RP0/CPU0:router#configure
    RP/0/RP0/CPU0:router(config)#router bgp 100
    RP/0/RP0/CPU0:router(config-bgp)#address-family ipv6 unicast
    RP/0/RP0/CPU0:router(config-bgp-af)#as-path-loopcheck out disable

    --
    BR

    Sukhjit Hayre

    Sent from my iPhone on 3

    On 16 Sep 2014, at 19:40, yust <[email protected]> wrote:

    Hi,

    I hope you can help me understand how Labeled-unicast SAFI works on Cisco IOS XR.

    I noted that routes learned via IPv4 ucast SAFI (1) are not propagte to another iBGP Labeled unicast neigbor and I can't understand why.

    can you please help me?

    thx

    R18---ebgp_ucast(safi 1)-----x12----iBGP_Lucast(safi 4)--x14---iBGP_Lucast(safi 4)---r2

     

    RP/0/0/CPU0:x14.as100#sh bgp ipv4 unicast 

    Tue Sep 16 14:08:14.479 UTC

    BGP router identifier 100.0.0.14, local AS number 100

    BGP generic scan interval 60 secs

    BGP table state: Active

    Table ID: 0xe0000000   RD version: 196

    BGP main routing table version 196

    BGP scan interval 60 secs

     

    Status codes: s suppressed, d damped, h history, * valid, > best

                  i - internal, r RIB-failure, S stale, N Nexthop-discard

    Origin codes: i - IGP, e - EGP, ? - incomplete

       Network            Next Hop            Metric LocPrf Weight Path

    *>i0.0.0.0/0          100.0.0.26                    100      0 i

    *>i8.8.8.8/32         100.0.0.26                    100      0 i

    *>i100.0.0.12/32      100.0.0.12               0    100      0 i

    *>i100.0.0.13/32      100.0.0.13               0    100      0 i

    *>i100.0.0.24/32      100.0.0.24                    100      0 i

    *>i192.168.1.0/24     100.0.0.26                    100      0 i

     

    Processed 6 prefixes, 6 paths

    RP/0/0/CPU0:x14.as100#

     

    RP/0/0/CPU0:x12.as100#sh bgp ipv4 unicast 

    Fri Sep 16 17:08:08.272 UTC

    BGP router identifier 100.0.0.12, local AS number 100

    BGP generic scan interval 60 secs

    BGP table state: Active

    Table ID: 0xe0000000   RD version: 323

    BGP main routing table version 323

    BGP scan interval 60 secs

     

    Status codes: s suppressed, d damped, h history, * valid, > best

                  i - internal, r RIB-failure, S stale, N Nexthop-discard

    Origin codes: i - IGP, e - EGP, ? - incomplete

       Network            Next Hop            Metric LocPrf Weight Path

    *>i0.0.0.0/0          100.0.0.26                    100      0 i

    *>i8.8.8.8/32         100.0.0.26                    100      0 i

    *> 10.1.1.0/24        100.12.18.18             0             0 65101 ?

    *> 10.1.2.0/24        100.12.18.18             3             0 65101 ?

    *> 10.1.3.0/24        100.12.18.18             3             0 65101 ?

    *> 10.1.4.0/24        100.12.18.18             3             0 65101 ?

    *> 10.19.19.19/32     100.12.18.18             3             0 65101 ?

    *> 100.0.0.12/32      0.0.0.0                  0         32768 i

    *>i100.0.0.13/32      100.0.0.13               0    100      0 i

    *>i100.0.0.24/32      100.0.0.24                    100      0 i

    *> 100.10.1.18/32     100.12.18.18             0             0 65101 ?

    *> 100.10.1.19/32     100.12.18.18             2             0 65101 ?

    *> 100.10.2.18/32     100.12.18.18             3             0 65101 ?

    *> 100.10.2.19/32     100.12.18.18             4             0 65101 ?

    *> 100.10.3.18/32     100.12.18.18             3             0 65101 ?

    *> 100.10.3.19/32     100.12.18.18             4             0 65101 ?

    *> 100.10.4.18/32     100.12.18.18             3             0 65101 ?

    *> 100.10.4.19/32     100.12.18.18             4             0 65101 ?

    *> 100.12.128.0/24    100.12.18.18             2             0 65101 ?

    *> 100.13.19.0/24     100.12.18.18             2             0 65101 ?

    *> 100.13.193.0/24    100.12.18.18             2             0 65101 ?

    *> 100.18.12.0/24     100.12.18.18             0             0 65101 ?

    *> 100.18.23.0/24     100.12.18.18             4             0 65101 ?

    *> 100.19.22.0/24     100.12.18.18             2             0 65101 ?

    *> 100.22.229.0/24    100.12.18.18             4             0 65101 ?

    *> 100.23.238.0/24    100.12.18.18             5             0 65101 ?

    *>i192.168.1.0/24     100.0.0.26                    100      0 i

     

    Processed 27 prefixes, 27 paths

    RP/0/0/CPU0:x12.as100#sh bgp ipv4 unicast labels 

    Fri Sep 16 17:08:14.192 UTC

    BGP router identifier 100.0.0.12, local AS number 100

    BGP generic scan interval 60 secs

    BGP table state: Active

    Table ID: 0xe0000000   RD version: 323

    BGP main routing table version 323

    BGP scan interval 60 secs

     

    Status codes: s suppressed, d damped, h history, * valid, > best

                  i - internal, r RIB-failure, S stale, N Nexthop-discard

    Origin codes: i - IGP, e - EGP, ? - incomplete

       Network            Next Hop        Rcvd Label      Local Label

    *>i0.0.0.0/0          100.0.0.26      302080          16039           

    *>i8.8.8.8/32         100.0.0.26      302080          16037           

    *> 100.0.0.12/32      0.0.0.0         nolabel         3               

    *>i100.0.0.13/32      100.0.0.13      3               16020           

    *>i100.0.0.24/32      100.0.0.24      3               16008           

    *>i192.168.1.0/24     100.0.0.26      3               16038  

     

     

     

    RP/0/0/CPU0:x14.as100#sh run router bgp

    Tue Sep 16 14:07:48.881 UTC

    router bgp 100

     address-family ipv4 unicast

      allocate-label all

     !

     neighbor 100.0.0.12

      apply-group iBGP_AS100

     !

     neighbor 100.0.0.13

      apply-group iBGP_AS100

     !

     neighbor 100.0.0.24

      remote-as 100

      password encrypted 12383646425B

      update-source Loopback0

      address-family ipv4 unicast

       route-policy PASS in

       route-policy PASS out

      !

      address-family ipv4 labeled-unicast

       route-policy PASS in

       route-policy PASS out

      !

     

    RP/0/0/CPU0:x12.as100#sh run router bgp

    Fri Sep 16 17:07:09.206 UTC

    router bgp 100

     address-family ipv4 unicast

      network 100.0.0.12/32

      allocate-label all

     !

     neighbor 100.0.0.14

      remote-as 100

      password encrypted 0325685A565F

      update-source Loopback0

      address-family ipv4 labeled-unicast

       route-policy PASS in

       route-policy PASS out

       next-hop-self 

     !

     neighbor 100.12.18.18

      remote-as 65101

      address-family ipv4 unicast

       route-policy PASS in

       route-policy PASS out

      !

     




    INE - The Industry Leader in CCIE Preparation

    http://www.INE.com



    Subscription information may be found at:

    http://www.ieoc.com/forums/ForumSubscriptions.aspx
  • YOu also need a static route to the physical interface (/32) see the Doc CD


  • Yes agree but that would be for data-plane forwarding... for control-plane it's not required, his problems is initially control-plane it seems...

    --
    BR

    Sukhjit Hayre

    Sent from my iPhone on 3

    On 16 Sep 2014, at 21:29, yelfathi <[email protected]> wrote:

    YOu also need a static route to the physical interface (/32) see the Doc CD




    INE - The Industry Leader in CCIE Preparation

    http://www.INE.com



    Subscription information may be found at:

    http://www.ieoc.com/forums/ForumSubscriptions.aspx
  • ok when you run label unicast for bgp it propogates its label via bgp, coz you are learning labels from bgp 

    and depending your ibgp peers what they are running if with igp they will be running ldp , remmebr XR bgp cant run ldp thus you use bgp label unicast

    and ebgp peers most of the time peer with directly connected /24, and for label to work properly u neeed /32 , thus you specify a static route to create /32 for your connected peer

    watch ine videos or the ref doc 

     

     

     

  • OK keeps us informed

     

    thnx

  • as Sukhjit Hayre pointed out, it is control plane issue, IOS XR treats its address families in a different manner than regular IOS, if IOS XR establishes a labeled-unicast peering it will only send prefix which contains labels on its IOS XR bgp RIB ( it is why if you are advertising local networks you must config allocate label), but if you received a prefix from a non-labeled peering, you will only advertise the prefix if you have established both IPv4 unicast (SAFI 1) and labeled-unicast (SAFI 4) (which is not my case).


    what do you do if you have an I-AS solution which is based on 3 labels (VPN-LABEL, iBGP-LU, LDP/RSVP) (because redistribution on ASBR between BGP and IGP is dangerous) and also needs to provide normal IPv4 unicast routing exchanging?

    When I setup the following config my Juniper's RR complains that Cisco IOS XR wants to use 3 SAFI when it should be 2, unless Cisco says it can only support 2 labels solution (VPN-LABEL, LDP/RSVP).

    log from my other Juniper's RR.

     bgp_process_caps: mismatch NLRI with 100.0.0.14 (Internal AS 100): peer: <inet-unicast inet-vpn-unicast inet-labeled-unicast>(133) us: <inet-vpn-unicast inet-labeled-unicast>(132)

    (example)

    RP/0/0/CPU0:x12.as100#sh run router bgp

    Fri Sep 16 17:07:09.206 UTC

    router bgp 100

     address-family ipv4 unicast

      network 100.0.0.12/32

      allocate-label all

     !

     neighbor 100.0.0.14

      remote-as 100

      password encrypted 0325685A565F

      update-source Loopback0

      address-family ipv4 labeled-unicast

       route-policy PASS in

       route-policy PASS out

       next-hop-self 

     !

      address-family ipv4 unicast

       route-policy PASS in

       route-policy PASS out


  • Hi Yust

    Remember Inter-AS Options A,B or C (or Cisco AB) only come into play on eBGP peerings, you can certainly have iBGP labelled unicast Intra-AS in place of (LDP/TDP/Static/RSVP) but this job is normally down to LDP+IGP

    You're AS numbers above indicate AS100 for both XR and Juniper devices hence this is Intra-AS and you should be able to form an iBGP IPv4 unicast labelled peering between the two boxes for labelled paths upto the ASBR/PE routers (transport labels)

    AFI 1 = IPv4 Unicast & SAFI 4 = NLRI with MPLS labels (RFC 3107)


    You're logs indicate in Juniper terms....

    AFI=1, SAFI=132, RT-Constrain
    AFI=1, SAFI=133, Flow-spec

    But you need.....

    AFI=1, SAFI=4, labeled IPv4


    Config example below....

    family inet {
    (any | flow | labeled-unicast | multicast | unicast) {
    accepted-prefix-limit {
    maximum number;
    teardown <percentage> <idle-timeout (forever | minutes)>;
    }
    <loops number>;
    prefix-limit {
    maximum number;
    teardown <percentage> <idle-timeout (forever | minutes)>;
    }
    rib-group group-name;


    If you have RSVP labels for TE-Tunnels Inter-AS end-to-end then you would need to consider a few design options best described in XE documentation here:


    Best thing if you don't want to leak routes would be....

    Loose path reoptimization — Allows a Multiprotocol Label Switching (MPLS) traffic engineering (TE) tunnel's LSPs to traverse hops that are not in the tunnel headend router's topology database (that is, they are not in the same Open Shortest Path First (OSPF) area, Intermediate System-to-Intermediate System (IS-IS) level, or autonomous system as the tunnel's headend router).

    So you need to specify all ASBRs with loose option, example

    PE(config)# ip explicit-path name route1 enable
    PE(cfg-ip-expl-path)# next-address loose 10.10.0.2
    PE(cfg-ip-expl-path)# next-address loose 10.10.0.4
    PE(cfg-ip-expl-path)# next-address loose 10.10.0.6


    HTH

    Sukhjit Hayre

    On Thu, Sep 18, 2014 at 4:22 PM, yust <[email protected]> wrote:

    as Sukhjit Hayre pointed out, it is control plane issue, IOS XR treats its address families in a different manner than regular IOS, if IOS XR establishes a labeled-unicast peering it will only send prefix which contains labels on its IOS XR bgp RIB ( it is why if you are advertising local networks you must config allocate label), but if you received a prefix from a non-labeled peering, you will only advertise the prefix if you have established both IPv4 unicast (SAFI 1) and labeled-unicast (SAFI 4) (which is not my case).


    what do you do if you have an I-AS solution which is based on 3 labels (VPN-LABEL, iBGP-LU, LDP/RSVP) (because redistribution on ASBR between BGP and IGP is dangerous) and also needs to provide normal IPv4 unicast routing exchanging?

    When I setup the following config my Juniper's RR complains that Cisco IOS XR wants to use 3 SAFI when it should be 2, unless Cisco says it can only support 2 labels solution (VPN-LABEL, LDP/RSVP).

    log from my other Juniper's RR.

     bgp_process_caps: mismatch NLRI with 100.0.0.14 (Internal AS 100): peer: <inet-unicast inet-vpn-unicast inet-labeled-unicast>(133) us: <inet-vpn-unicast inet-labeled-unicast>(132)

    (example)

    RP/0/0/CPU0:x12.as100#sh run router bgp

    Fri Sep 16 17:07:09.206 UTC

    router bgp 100

     address-family ipv4 unicast

      network 100.0.0.12/32

      allocate-label all

     !

     neighbor 100.0.0.14

      remote-as 100

      password encrypted 0325685A565F

      update-source Loopback0

      address-family ipv4 labeled-unicast

       route-policy PASS in

       route-policy PASS out

       next-hop-self 

     !

      address-family ipv4 unicast

       route-policy PASS in

       route-policy PASS out




    INE - The Industry Leader in CCIE Preparation

    http://www.INE.com



    Subscription information may be found at:

    http://www.ieoc.com/forums/ForumSubscriptions.aspx

  • what do you do if you have an I-AS solution which is based on 3 labels (VPN-LABEL, iBGP-LU, LDP/RSVP) (because redistribution on ASBR between BGP and IGP is dangerous) and also needs to provide normal IPv4 unicast routing exchanging?

    advertise the prefixes into bgp !!!!!!!!!!


  • I presume you mean Intra-AS?

    If so it's more straightforward for either MPLS L3 VPN or 6VPE services

    You will have a transport label assigned by IGP+LDP or iBGP labelled unicast RFC 3107 upto the originating PE router 

    The inner label with be either VPNv4 or VPNv6 assigned by MPBGP that the originating PE assigns.

    Now for TE then RSVP will replace the LDP or iBGP assigned labels, so stack should look like

    Example

    100 (RSVP outer transport label upto tunnel destination PE tailend router)

    200 (inner VPNv4 v6 label) Note* if your using the global route tables on the PEs then VPNv4 or v6 is not applicable.

    Basically were just programming the data plane with RSVP admission control overriding what we were using (LDP/BGP) once we put the constraints into the headend.

    --
    BR

    Sukhjit Hayre

    On 18 Sep 2014, at 19:08, soud.suleiman <[email protected]> wrote:

    what do you do if you have an I-AS solution which is based on 3 labels (VPN-LABEL, iBGP-LU, LDP/RSVP) (because redistribution on ASBR between BGP and IGP is dangerous) and also needs to provide normal IPv4 unicast routing exchanging?

    advertise the prefixes into bgp !!!!!!!!!!




    INE - The Industry Leader in CCIE Preparation

    http://www.INE.com



    Subscription information may be found at:

    http://www.ieoc.com/forums/ForumSubscriptions.aspx
  • its simple watch ine videos for SP they are the best in explaining this!!!!!!

Sign In or Register to comment.