The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This document describes the purpose of Unified Multiprotocol Label Switching (MPLS) and provides a configuration example in Cisco IOS® XR.
There are no specific requirements for this document.
This document is specific to Cisco IOS XR, but it is not restricted to a specific software release or hardware.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
The purpose of Unified MPLS is all about scaling. In order to scale an MPLS network, where there are different types of platforms and services in parts of the network, it makes sense to split the network into different areas. A typical design introduces a hierarchy that has a core in the center with aggregation on the side. In order to scale, there can be different Interior Gateway Protocols (IGPs) in the core versus the aggregation. In order to scale, you cannot distribute the IGP prefixes from one IGP into the other. If you do not distribute the IGP prefixes from one IGP into the other IGP, the end-to-end Label-Switched Paths (LSPs) are not possible.
In order to deliver the MPLS services end-to-end, you need the LSP to be end-to-end. The goal is to keep the MPLS services (MPLS VPN, MPLS L2VPN) as they are, but introduce greater scalability. In order to do this, move some of the IGP prefixes into Border Gateway Protocol (BGP) (the loopback prefixes of the Provider Edge (PE) routers), which then distributes the prefixes end-to-end.
Note: See Best Practices for searching Commands (registered customers only) in order to obtain more information on how to research commands.
Figure 1 shows a network with three different areas: one core and two aggregation areas on the side. Each area runs its own IGP, with no redistribution between them on the Area Border Router (ABR). Use of BGP is needed in order to provide an end-to-end MPLS LSP. BGP advertises the loopbacks of the PE routers with a label across the whole domain, and provides an end-to-end LSP. BGP is deployed between the PEs and ABRs with RFC 3107 (BGP Labeled Unicast), which means that BGP sends the IPv4 prefix + label (Address Family Identifier (AFI) 1 and Subsequent Address Family Identifier (SAFI) 4).
Figure 1
Since the core and aggregation parts of the network are integrated and end-to-end LSPs are provided, the Unified MPLS solution is also referred to as "Seamless MPLS."
New technologies or protocols are not used here, only MPLS, Label Distribution Protocol (LDP), IGP, and BGP. Since you do not want to distribute the loopback prefixes of the PE routers from one part of the network into another part, you need to carry the prefixes in BGP. The Internal Border Gateway Protocol (iBGP) is used in one network, so the next hop address of the prefixes is the loopback prefixes of the PE routers, which is not known by the IGP in the other parts of the network. This means that the next hop address cannot be used to recurse to an IGP prefix. The trick is to make the ABR routers Route Reflectors (RR) and set the next hop to self, even for the reflected iBGP prefixes.
Only the RRs need software to support this architecture. Since the RRs advertise the BGP prefixes with the next hop set to themselves, they assign a local MPLS label to the BGP prefixes. This means that in the data plane, the packets forwarded on these end-to-end LSPs have an extra MPLS label in the label stack. The RRs are in the forwarding path.
Note: Over this architecture, any MPLS service is provided. For instance, the service MPLS VPN or MPLS L2VPN is provided between the PE routers. The difference in the data plane for these packets is that they now have three labels in the label stack, whereas they had two labels in the label stack when Unified MPLS was not used.
There are two possible scenarios:
In both scenarios, the ABR sets the next hop to self for the prefixes advertised (reflected by BGP) by the ABR from the aggregation part of the network into the core part. If this is not done, the ABR needs to redistribute the loopback prefixes of the PEs from the aggregation IGP into the core IGP. If this is done, there is no scalability.
Different configurations can be applied to set the next hop to self for reflected iBGP Labeled Unicast routes on the ABRs.
These solutions do not work in order to enable RFC 3107 in Cisco IOS XR:
For example:
router bgp 1
neighbor 10.100.1.1
remote-as 1
update-source Loopback0
address-family ipv4 labeled-unicast
route-reflector-client
next-hop-self
!
For example:
router bgp 1
neighbor 10.100.1.1
remote-as 1
update-source Loopback0
address-family ipv4 labeled-unicast
route-reflector-client
route-policy nhs-ibgp-3107 out
!
route-policy nhs-ibgp-3107
set next-hop self
end-policy
For example:
router bgp 1
neighbor 10.100.1.1
address-family ipv4 labeled-unicast
route-policy nhs-ibgp-3107-peer out
!!% Could not find entry in list: Policy [nhs-ibgp-3107-peer]
uses 'set-to-peer-address next-hop'. 'set' is not a valid
operator for the 'next-hop' attribute at the bgp neighbor-out-dflt attach point.
!
!
!
route-policy nhs-ibgp-3107-peer
set next-hop peer-address
end-policy
For example:
router bgp 1
ibgp policy out enforce-modifications
!
neighbor 10.100.1.1
remote-as 1
update-source Loopback0
address-family ipv4 labeled-unicast
route-reflector-client
route-policy nhs-ibgp-3107 out
!
!
route-policy nhs-ibgp-3107-peer
set next-hop 10.100.1.3
end-policy
These solutions do work.
Make sure to have ibgp policy out enforce-modifications!
For example:
router bgp 1
ibgp policy out enforce-modifications
!
neighbor 10.100.1.1
remote-as 1
update-source Loopback0
address-family ipv4 labeled-unicast
route-reflector-client
next-hop-self
!
!
For example:
router bgp 1
ibgp policy out enforce-modifications
!
neighbor 1.100.1.1
remote-as 1
update-source Loopback0
address-family ipv4 labeled-unicast
route-reflector-client
route-policy nhs-ibgp-3107 out
!
!
route-policy nhs-ibgp-3107
set next-hop self
end-policy
For example:
router bgp 1
ibgp policy out enforce-modifications
!
neighbor 10.100.1.1
remote-as 1
update-source Loopback0
address-family ipv4 labeled-unicast
route-reflector-client
route-policy nhs-ibgp-3107 out
next-hop-self
!
!
!
route-policy nhs-ibgp-3107
set next-hop self
end-policy
For example:
router bgp 1
ibgp policy out enforce-modifications
!
neighbor 10.100.1.1
remote-as 1
update-source Loopback0
address-family ipv4 labeled-unicast
route-reflector-client
route-policy nhs-ibgp-3107 out
next-hop-self
!
!
!
route-policy nhs-ibgp-3107
set next-hop 10.100.1.3
end-policy
hostname PE1
!
vrf one <<< MPLS service is MPLS VPN
address-family ipv4 unicast
import route-target
1:1
!
export route-target
1:1
!
!
address-family ipv6 unicast
import route-target
1:1
!
export route-target
1:1
!
!
interface Loopback0
ipv4 address 10.100.1.1 255.255.255.255
!
!
interface GigabitEthernet0/0/0/0
ipv4 address 10.1.1.1 255.255.255.0
!
!
interface GigabitEthernet0/0/0/1 <<< VRF interface to CE1
vrf one
ipv4 address 10.9.1.3 255.255.255.0
!
!
router ospf 1
router-id 10.100.1.1
area 0
interface Loopback0
!
interface GigabitEthernet0/0/0/0
network point-to-point
!
!
!
router bgp 1
address-family ipv4 unicast
network 10.100.1.1/32 <<< advertise PE loopback in BGP
allocate-label all
!
address-family vpnv4 unicast
!
neighbor 10.100.1.3
remote-as 1
update-source Loopback0
address-family ipv4 labeled-unicast
!
!
neighbor 10.100.1.7 <<< vpnv4 iBGP session to PE2
remote-as 1
update-source Loopback0
address-family vpnv4 unicast
!
!
vrf one
rd 1:1
address-family ipv4 unicast
!
neighbor 10.9.1.2 <<< eBGP session to CE1
remote-as 65001
address-family ipv4 unicast
route-policy pass in
route-policy pass out
!
!
!
!
mpls ldp
mldp
logging notifications
address-family ipv4
!
!
router-id 10.100.1.1
address-family ipv4
!
interface GigabitEthernet0/0/0/0
address-family ipv4
!
!
!
hostname ABR1
!
interface Loopback0
ipv4 address 10.100.1.3 255.255.255.255
!
!
interface GigabitEthernet0/0/0/0
ipv4 address 10.1.3.3 255.255.255.0
!
interface GigabitEthernet0/0/0/1
ipv4 address 10.1.2.3 255.255.255.0
!
route-policy nhs-ibgp-3107
set next-hop 10.100.1.3 <<< set next hop to loopback
end-policy
!
route-policy connected-into-ospf2
if destination in (10.100.1.3/32) then
pass
endif
end-policy
!
router ospf 1
router-id 10.100.1.3
area 0
interface Loopback0
!
interface GigabitEthernet0/0/0/1
network point-to-point
!
!
!
router ospf 2
redistribute connected route-policy connected-into-ospf2
area 0
interface GigabitEthernet0/0/0/0
network point-to-point
!
!
!
router bgp 1
ibgp policy out enforce-modifications
address-family ipv4 unicast
allocate-label all
!
neighbor 10.100.1.1 <<< iBGP neighbor PE1
remote-as 1
update-source Loopback0
address-family ipv4 labeled-unicast
route-reflector-client
route-policy nhs-ibgp-3107 out
next-hop-self
!
!
neighbor 10.100.1.5 <<< iBGP neighbor ABR2
remote-as 1
update-source Loopback0
address-family ipv4 labeled-unicast
route-policy nhs-ibgp-3107 out
next-hop-self
!
!
!
mpls ldp
mldp
address-family ipv4
!
!
router-id 10.100.1.3
interface GigabitEthernet0/0/0/0
address-family ipv4
discovery transport-address interface
!
!
interface GigabitEthernet0/0/0/1
address-family ipv4
!
!
Note: allocate-label all or allocate-label route-policy is needed. Otherwise the labeled unicast routes do not have a local label which they need since the ABR is the next-hop for the iBGP reflected routes.
Note: Redistribution of the core IGP (OSPF 2) into the aggregation IGP (OSPF 1 or OSPF 3) or vice-versa is not performed. However, the loopback prefix of the RR must be known in the aggregation IGP also, so that BGP on the PE router can peer with the loopback of the ABR/RR. For this, redistribution of connected routes into the aggregation IGP is performed with RPL. The redistributed connected routes are limited to the loopback prefix of the ABR with RPL.
See Figure 2 in order to verify the control plane operation:
Figure 2
See Figure 3 in order to verify the MPLS label advertisements:
Figure 3
See Figure 4 in order to the verify the packet forwarding:
Figure 4
This is how packets are forwarded from PE1 to PE2. The loopback prefix of PE2 is 10.100.1.7/32, so that prefix is of interest.
RP/0/0/CPU0:PE1#traceroute
Protocol [ipv4]:
Target IP address: 10.100.1.7
Source address: 10.100.1.1
Numeric display? [no]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 10.100.1.7
1 10.1.1.2 [MPLS: Labels 24000/24005 Exp 0] 439 msec 119 msec 109 msec
2 10.1.2.3 [MPLS: Label 24005 Exp 0] 109 msec 109 msec 109 msec
3 10.1.3.4 [MPLS: Labels 24001/24003 Exp 0] 99 msec 99 msec 149 msec
4 10.1.4.5 [MPLS: Label 24003 Exp 0] 119 msec 119 msec 99 msec
5 10.1.5.6 [MPLS: Label 24001 Exp 0] 109 msec 139 msec 99 msec
6 10.1.6.7 109 msec * 109 msec
Label 24000 is the LDP label learned from P2 for the prefix 10.100.1.3/32. Label 24005 is the BGP RFC 3107 label learned for the prefix 10.100.1.7/32.
RP/0/0/CPU0:PE1#show route 10.100.1.7/32
Routing entry for 10.100.1.7/32
Known via "bgp 1", distance 200, metric 0, [ei]-bgp, type internal
BIER rid=0x0, flags=0x0, count=0
Installed May 27 02:52:07.184 for 00:08:52
Routing Descriptor Blocks
10.100.1.3, from 10.100.1.3 <<< next-hop is ABR1
Route metric is 0
No advertising protos.
RP/0/0/CPU0:PE1#show cef 10.100.1.7/32
10.100.1.7/32, version 89, internal 0x1000001 0x0 (ptr 0xa1470f74)
[1], 0x0 (0xa1456614), 0xa08 (0xa16181e0)
Updated May 27 02:52:07.203
Prefix Len 32, traffic index 0, precedence n/a, priority 4
via 10.100.1.3, 3 dependencies, recursive [flags 0x6000]
path-idx 0 NHID 0x0 [0xa16806f4 0x0]
recursion-via-/32
next hop 10.100.1.3 via 24001/0/21
local label 24003
next hop 10.1.1.2/32 Gi0/0/0/0 labels imposed {24000 24005}
RP/0/0/CPU0:PE1#show bgp ipv4 unicast labels
BGP router identifier 10.100.1.1, local AS number 1
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0xe0000000 RD version: 44
BGP main routing table version 44
BGP NSR Initial initsync version 2 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
*> 10.100.1.1/32 0.0.0.0 nolabel 3
*>i10.100.1.7/32 10.100.1.3 24005 24003
Processed 2 prefixes, 2 paths
There is penultimate-hop popping (PHP) towards ABR1.
RP/0/0/CPU0:P2#show mpls forwarding labels 24000
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24000 Pop 10.100.1.3/32 Gi0/0/0/1 10.1.2.3 694765
Label 24005 is swapped with label 24003 on ABR1.
RP/0/0/CPU0:ABR1#show bgp ipv4 unicast labels
BGP router identifier 10.100.1.3, local AS number 1
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0xe0000000 RD version: 60
BGP main routing table version 60
BGP NSR Initial initsync version 2 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
*>i10.100.1.1/32 10.100.1.1 3 24003
*>i10.100.1.7/32 10.100.1.5 24003 24005
Processed 2 prefixes, 2 paths
RP/0/0/CPU0:ABR1#show mpls forwarding labels 24005
Wed May 27 04:08:24.255 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24005 24003 10.100.1.7/32 10.100.1.5 6347
There is PHP from P1 to ABR2.
RP/0/0/CPU0:P1#show mpls forwarding labels 24001
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24001 Pop 10.100.1.5/32 Gi0/0/0/1 10.1.4.5 348835
The BGP label for the RFC 3107 route 10.100.1.7/32 receivd by ABR2 from PE2 is 3. This is the implicit null label that indicates PHP.
RP/0/0/CPU0:ABR2#show bgp ipv4 unicast labels
BGP router identifier 10.100.1.5, local AS number 1
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0xe0000000 RD version: 47
BGP main routing table version 47
BGP NSR Initial initsync version 2 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
*>i10.100.1.1/32 10.100.1.3 24003 24005
*>i10.100.1.7/32 10.100.1.7 3 24003
Processed 2 prefixes, 2 paths
Label 24003 is swapped with label 24001 on ABR2.
RP/0/0/CPU0:ABR2#show mpls forwarding labels 24003
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24003 24001 10.100.1.7/32 Gi0/0/0/0 10.1.5.6 403676
There is PHP from P3 to PE2.
RP/0/0/CPU0:P3#show mpls forwarding labels 24001
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24001 Pop 10.100.1.7/32 Gi0/0/0/1 10.1.6.7 685191
RP/0/0/CPU0:PE2#show bgp ipv4 unicast labels
BGP router identifier 10.100.1.7, local AS number 1
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0xe0000000 RD version: 42
BGP main routing table version 42
BGP NSR Initial initsync version 2 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
*>i10.100.1.1/32 10.100.1.5 24005 24004
*> 10.100.1.7/32 0.0.0.0 nolabel 3
Processed 2 prefixes, 2 paths
There is currently no specific troubleshooting information available for this configuration.
Revision | Publish Date | Comments |
---|---|---|
1.0 |
31-Jul-2015 |
Initial Release |