NSF SSO and ISSU--MPLS VPN 6VPE and 6PE

Last Updated: October 5, 2012

This document provides information about configuring nonstop forwarding (NSF), stateful switchover (SSO), and In Service Software Upgrade (ISSU) support for Cisco IOS Virtual Private Network (VPN) IPv6 provider edge router (6VPE) and Cisco IOS IPv6 provider edge router (6PE) over Multiprotocol Label Switching (MPLS).

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Prerequisites for NSF SSO and ISSU--MPLS VPN 6VPE and 6PE

Ensure that the following are supported for the NSF/SSO and ISSU--MPLS VPN 6VPE and 6PE feature to work:

  • IPv6 NSF
  • IPv6 Cisco Express Forwarding
  • Label Distribution Protocol (LDP) Graceful Restart

LDP Graceful Restart should be enabled if LDP is the protocol used in the MPLS core

You must enable NSF on the following routing protocol that run between the provider (P) routers, PE routers, and the customer edge (CE) routers:

  • Border Gateway Protocol (BGP)
  • Static routes

Before enabling the NSF/SSO and ISSU--MPLS VPN 6VPE and 6PE feature, you must have a supported MPLS VPN network configuration. See 1the configuration information included in the following modules: Configuring MPLS Layer 3 VPNs , Implementing IPv6 over MPLS , and Implementing IPv6 VPN over MPLS .

Restrictions for NSF SSO and ISSU--MPLS VPN 6VPE and 6PE

The NSF/SSO and ISSU--MPLS VPN 6VPE and 6PE feature has the following restrictions:

  • Tag Distribution Protocol (TDP) sessions are not supported. Only LDP sessions are supported.
  • MPLS VPN 6VPE and 6PE Carrier Supporting Carrier (CSC) VPNs support only BGP. CSC configurations that use LDP are not supported.
  • Only BGP and static routes are supported for 6VPE and 6PE in Cisco IOS Release 12.2(33)SRE.

Information About NSF SSO and ISSU--MPLS VPN 6VPE and 6PE

Elements Supporting NSF SSO and ISSU--MPLS VPN 6VPE and 6PE Features

The major elements supporting the functionality of the NSF/SSO and ISSU for Cisco IOS VPN 6vPE and 6PE feature are the following:

  • MPLS VPN--A supported MPLS VPN network must be configured before you enable the NSF/SSO and ISSU--MPLS VPN 6VPE and 6PE feature
  • BGP Graceful Restart--The BGP Graceful Restart feature is responsible for negotiating graceful restart capabilities, exchanging forwarding preservation states, and coordinating advertisements after session restarts. MPLS VPNs interact with BGP to exchange Virtual Private Network (VPN) routing and forwarding (VRF) routes and labels.
  • IPv6 NSF--IPv6 NSF support enables IPv6 cache rebuilds during switchover using checkpointed Cisco Express Forwarding adjacencies.
  • CEF/MFI--Cisco Express Forwarding and the MPLS Forwarding Infrastructure are responsible for preserving forwarding entries and local labels across Route Processor (RP) switchover.

How BGP Graceful Restart Works for MPLS VPN 6vPE and 6PE

BGP Graceful Restart behavior for IPv6 and VPNv6 is essentially the same as Graceful Restart behavior for IPv4 and VPNv4; the only difference is the addition of support for IPv6 and VPNv6 address families.

When you configure BGP Graceful Restart, BGP includes the Graceful Restart capability and negotiates the preservation states of address families, that is, IPv4/VPNv4 and IPv6/VPNv6 address families.

Both BGP peers must agree on a Graceful Restart timer, which you can set with the bgp graceful-restart restart-timer seconds command. After a BGP session comes up and finishes sending initial updates, each BGP peer sends an end-of-Routing Information Base (RIB) marker.

The NSF/SSO and ISSU--MPLS VPN 6VPE and 6PE feature uses the mechanisms defined in the RFC 4724, Graceful Restart Mechanism for BGP , and in the Cisco Nonstop Forwarding feature module.

How BGP Graceful Restart Preserves Prefix Information During a Restart

When a router that is capable of BGP Graceful Restart loses connectivity, the following happens to the restarting router:

  1. The router establishes BGP sessions with other routers and relearns the BGP routes from other routers that are also capable of Graceful Restart. The restarting router waits to receive updates from the neighboring routers. When the neighboring routers send end-of-RIB markers to indicate that they are done sending updates, the restarting router starts sending its own updates.
  2. The restarting router recovers labels from the MPLS Forwarding Infrastructure (MFI) database for each prefix. If the router finds the label, it advertises the label to the neighboring router. If the router does not find the label, it allocates a new label from the database and advertises it.
  3. The restarting router removes any stale prefixes after a timer for stale entries expires.

When a peer router that is capable of BGP Graceful Restart encounters a restarting router, it does the following:

  1. The peer router sends all of the routing updates to the restarting router. When it has finished sending updates, the peer router sends an end-of RIB marker to the restarting router.
  2. The peer router does not immediately remove the BGP routes learned from the restarting router from its BGP routing table. As it learns the prefixes from the restarting router, the peer refreshes the stale routes if the new prefix and label information matches the old information.

ISSU Support for MPLS VPN 6vPE and 6PE

In Cisco IOS Release 12.2(33)SRE and future releases, ISSU supports MPLS VPN 6vPE and 6PE. The Cisco IOS ISSU process allows Cisco IOS software to be updated or otherwise modified while packet forwarding continues. In most networks, planned software upgrades are a significant cause of downtime. ISSU allows Cisco IOS software to be modified while packet forwarding continues, which increases network availability and reduces downtime caused by planned software upgrades.

ISSU support for MPLS 6vPE and 6PE relies on 6vPE and 6PE NFS/SSO capability on the platform to minimize disruption on the forwarding plane.

For more information about ISSU, see Cisco IOS In Service Software Upgrade Process .

NSF SSO Support for MPLS VPN 6VPE and 6PE

In Cisco IOS Release 12.2(33)SRE and future releases, NFS/SSO supports MPLS VPN 6vPE and 6PE.

NSF/SSO for 6VPE and 6PE supports the following configurations:

  • NSF/SSO for IPv4 and VPNv4 coexistence
  • Basic 6VPE and 6PE over MPLS core technology
  • BGP multipath configuration

NSF/SSO for 6VPE supports the following configurations:

  • Per-VRF label configuration
  • Interautonomous systems (Inter-AS) topologies, including options B and C
  • CSC when IPv6 + labels is configured on the PE-customer edge (CE) link

Because the SSO feature maintains stateful protocol and application information, user session information is maintained during a switchover, and line cards continue to forward network traffic with no loss of sessions, providing improved network availability. SSO initializes and configures the standby RP and synchronizes state information, which can reduce the time required for routing protocols to converge. Network stability may be improved with the reduction in the number of route flaps created when routers in the network failed and lost their routing tables.

When RP switchover happens, forwarding information is preserved by MFI and Cisco Express Forwarding on both line cards and the standby RP. VPNv6 prefix and local label mapping is preserved in the forwarding database. When the standby RP becomes the new active RP, 6PE and 6vPE traffic continues to be forwarded with minimal interruption.

When a BGP session restarts on the new active RP, the new active RP does not have any prior state information about prefixes or labels. The new active RP will have to relearn VPNv6 prefixes from its peers. As the new active RP learns the VPNv6 prefixes, it tries to get new local labels the same way it does when it first comes up. If the MFI database has the preserved copy of the local label for a prefix, the MFI database gives the local label to BGP. Then, BGP maintains the same local label. If the MFI database does not have a preserved local label for the prefix, MFI allocates a new one.

BGP Graceful Restart Support for MPLS VPN Configurations

The section describes BGP Graceful Restart support for a basic 6VPE setup and for a CSC setup and interautonomous system setup.

Graceful Restart Support for a Basic 6VPE Setup

For PE- to-CE external BGP (eBGP), Graceful Restart capability is supported for IPv6 address families. For PE-to-PE interior BGP (iBGP) sessions with or without a route reflector (RR) in the core, BGP Graceful Restart capability supports VPNv6 address families.

When the PE router resets, the connected CE router retains IPv6 prefixes that it received from the PE router and marks the prefixes as stale. If the eBGP session does not reestablish within the specified restart time or the session reestablishes, but does not set the restart or forwarding state bit, the CE router removes the staled IPv6 routes. If the eBGP session reestablishes within the specified restart time and has both the forwarding and restart bits set, the CE router removes the stale state from the IPv6 routes when it receives the updates from PE router. After the CE router receives the end-of-RIB marker, it removes or withdraws the rest of the staled information, if any exists.

The restarting PE router waits for an end-of-RIB marker from all BGP-capable peers including iBGP peers and eBGP peers. Only after receiving an end-of-RIB marker from all BGP capable peers will the PE router start to calculate the best path and send out initial updates.

Graceful Restart for 6VPE in Carrier Supporting Carrier and Interautonomous System Setups

The same Graceful Restart capabilities for route preservation that apply to a basic 6VPE setup apply to a CSC and Inter-AS setup. IPv6 or VPNv6 routes and labels are preserved during switchover.

In a CSC configuration, when send-labels are configured between a CSC-PE and CSC-CE eBGP connection, labels are preserved along with IPv6 BGP routes when one of the peers restarts.

In Inter-AS option B and options C setups, VPNv6 routes and labels are preserved on an Autonomous System Border Router (ASBR) or route reflector when the VPNv6 peer restarts.

What Happens If a Router Does Not Support NSF SSO and ISSU--MPLS VPN 6VPE and 6PE

If a router does not support the NSF/SSO and ISSU--MPLS VPN 6VPE and 6PE feature, prefix and label information is not preserved. After a switchover, BGP has to restart, relearn all routes, and install labels in the forwarding database. This might result in the loss of some network traffic.

How to Configure NSF SSO and ISSU--MPLS VPN 6VPE and 6PE

For information on how to configure ISSU, see the Cisco IOS In Service Software Upgrade Process module.

Configuring NSF SSO for Basic MPLS 6VPEs and 6PEs

Perform this task to configure NSF/SSO for basic MPLS 6VPE and 6PEs.


Note
You can use the bgp graceful-restart command to configure BGP Graceful Restart for all available address families.
Before You Begin

Route Processors must be configured for SSO. See Stateful Switchover for more information.

If you use LDP in the core, you must enable the MPLS LDP: NSF/SSO Support and Graceful Restart feature. See NSF/SSO-MPLS LDP and MPLS LDP Graceful Restart for more information.

You must enable nonstop forwarding on the routing protocols running between the P, PE, and CE routers. The routing protocols between the CE router and the PE router are Static and BGP. See Cisco Nonstop Forwarding for more information.

Before enabling the NSF/SSO--MPLS VPN feature, you must have a supported MPLS VPN network configuration. See configuration information included in the following: Configuring MPLS Layer 3 VPNs , Implementing IPv6 over MPLS , and Implementing IPv6 VPN over MPLS .


SUMMARY STEPS

1.    enable

2.    configure terminal

3.    ip cef distributed

4.    ipv6 unicast-routing

5.    ipv6 cef distributed

6.    redundancy

7.    mode sso

8.    exit

9.    router bgp autonomous-system-number

10.    bgp graceful-restart restart-time seconds

11.    bgp graceful-restart stalepath-time seconds

12.    bgp graceful-restart

13.    end


DETAILED STEPS
  Command or Action Purpose
Step 1
enable


Example:

Router> enable

 

Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2
configure terminal


Example:

Router# configure terminal

 

Enters global configuration mode.

 
Step 3
ip cef distributed


Example:

Router(config)# ip cef distributed

 

Enables distributed Cisco Express Forwarding.

 
Step 4
ipv6 unicast-routing


Example:

Router(config)# ipv6 unicast-routing

 

Enables the forwarding of IPv6 unicast datagrams.

 
Step 5
ipv6 cef distributed


Example:

Router(config)# ipv6 cef distributed

 

Enables distributed Cisco Express Forwarding for IPv6.

 
Step 6
redundancy


Example:

Router(config)# redundancy

 

Enters redundancy configuration mode.

 
Step 7
mode sso


Example:

Router(red-config)# mode sso

 

Sets the redundancy configuration mode to SSO.

 
Step 8
exit


Example:

Router(red-config)# exit

 

Exits to global configuration mode.

 
Step 9
router bgp autonomous-system-number


Example:

Router(config)# router bgp 1000

 

Enters router configuration mode and configures the BGP routing process.

  • The autonomous-system-numberargument is the number of an autonomous system that identifies the router to other BGP routers and tags the routing information that is passed along. Number is in the range from 1 to 65535.
 
Step 10
bgp graceful-restart restart-time seconds


Example:

Router(config-router)# bgp graceful-restart restart-time 180

 

Enables the BGP graceful restart timer capability globally for all BGP neighbors.

  • The restart-time seconds keyword and argument sets the maximum time period that the local router will wait for a graceful-restart-capable neighbor to return to normal operation after a restart event occurs. The default value for the seconds argument is 120. The configurable range of values is from 1 to 3600.
 
Step 11
bgp graceful-restart stalepath-time seconds


Example:

Router(config-router)# bgp graceful-restart stalepath-time 420

 

Enables the BGP graceful restart stale path timer capability globally for all BGP neighbors.

  • The stalepath-time seconds keyword and argument sets the maximum time period that the local router will hold stale paths for a restarting peer. All stale paths are deleted after this timer expires. The default value for the seconds argument is 360. The configurable range of values is from 1 to 3600.
 
Step 12
bgp graceful-restart


Example:

Router(config-router)# bgp graceful-restart

 

Enables the BGP graceful restart capability globally for all BGP neighbors.

 
Step 13
end

Example:

Router(config-router)# end

 

Exits to privileged EXEC mode.

 

Verifying NSF SSO and ISSU Support for MPLS VPN 6VPE and 6PE

Perform this task to verify NSF/SSO and ISSU support for 6VPE and 6PE.

SUMMARY STEPS

1.    enable

2.    show ip bgp neighbor

3.    show ip bgp vpnv6 unicast vrf vrf-name

4.    show ip bgp ipv6 unicast

5.    show mpls forwarding

6.    show ipv6 cef vrf vrf-name


DETAILED STEPS
Step 1   enable

Use this command to enable privileged EXEC mode. Enter your password if prompted. For example:



Example: 
Router> enable
Router#
Step 2   show ip bgp neighbor

Use this command to verify that the IPv6 address family and VPNv6 address family entries are preserved. For example:



Example: 
Router# show ip bgp neighbor
BGP neighbor is 10.2.2.2, remote AS 100, internal link
  BGP version 4, remote router ID 10.2.2.2
  BGP state = Established, up for 00:02:42
  Last read 00:00:36, last write 00:00:36, hold time is 180, keepalive
.
.
.
  Neighbor capabilities:
.
.
.
    Graceful Restart Capability: advertised and received
      Remote Restart timer is 120 seconds
      Address families advertised by peer:
        IPv6 Unicast (was preserved), VPNv6 Unicast (was preserved)

IPv6 Unicast (was preserved), VPNv6 Unicast (was preserved) is displayed in the Graceful Restart Capability section of the output only after the peer restarts.
Step 3   show ip bgp vpnv6 unicast vrf vrf-name

Use this command to verify that VPNv6 entries are marked as staled during switchover. For example:



Example: 
Router# show ip bgp vpnv6 unicast vrf vpn1
BGP table version is 10, local router ID is 10.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 1:1 (default for vrf vpn1)
S>iA::1/128         ::FFFF:10.2.2.2          0    100      0 200 ?
*> A::5/128         A::4:5:5                 0             0 200 ?
S>iA::1:2:0/112     ::FFFF:10.2.2.2          0    100      0 ?
*  A::4:5:0/112     A::4:5:5                 0             0 200 ?
Step 4   show ip bgp ipv6 unicast

Use this command to verify that VPNv6 entries are marked as staled during switchover. For example:



Example: 
Router# show ip bgp ipv6 unicast 
BGP table version is 9, local router ID is 10.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
   Network          Next Hop            Metric LocPrf Weight Path
*> A::1/128         ::                       0         32768 ?
S  A::1:2:0/112     A::1:2:2                 0             0 100 ?
*>                  ::                       0         32768 ?
S> A::4:5:0/112     A::1:2:2                               0 100 ?
Router#
Step 5   show mpls forwarding

Use this command to show preserved forwarding entries for IPv6 and VPNv6 prefixes. The sample output is from a PE router in a CSC configuration. Enter the command on the active and the standby router. Compare the sample output from the active router with the sample output from the standby router. Following is sample output from the active router;



Example: 
Router# show mpls forwarding
Local      Outgoing   Prefix           Bytes Label   Outgoing   Next Hop    
Label      Label      or Tunnel Id     Switched      interface              
18         Pop Label      10.3.3.3/32      0             Et1/0      10.2.3.3    
19         Pop Label      10.3.4.0/24      0             Et1/0      10.2.3.3    
20         17             10.4.4.4/32      0             Et1/0      10.2.3.3    
21         Pop Label      10.1.2.1/32[V]   0             Et0/0      10.1.2.1    
22         Pop Label      A::1:2:0/112[V]  0             aggregate/vpn1 
23         Pop Label      A::1:2:1/128[V]  0             Et0/0      A::1:2:1    
24         Pop Label      10.1.2.0/24[V]   0             aggregate/vpn1 
25         Pop Label      A::1:2:2/128[V]  0             aggregate/vpn1 
26         18             A::1/128[V]      0             Et0/0 
FE80::A8BB:CCFF:FE03:2101
27         26             10.4.5.5/32[V]   0             Et1/0      10.2.3.3    
28         25             10.4.5.0/24[V]   0             Et1/0      10.2.3.3    
29         22             A::4:5:5/128[V]  0             Et1/0      10.2.3.3    
30         21             A::4:5:0/112[V]  0             Et1/0      10.2.3.3    
31         23             A::4:5:4/128[V]  0             Et1/0      10.2.3.3    
32         24             A::5/128[V]      0             Et1/0      10.2.3.3    
33         Pop Label      10.1.2.2/32[V]   0             aggregate/vpn1 
34         Pop Label      10.1.1.1/32[V]   0             Et0/0      10.1.2.1    
35         27             10.4.5.4/32[V]   0             Et1/0      10.2.3.3    
Local      Outgoing   Prefix           Bytes Label   Outgoing   Next Hop    
Label      Label      or Tunnel Id     Switched      interface              
36         28             10.5.5.5/32[V]   0             Et1/0      10.2.3.3

Following is sample output from the standby router:



Example: 
Standby-Router# show mpls forwarding
Local      Outgoing   Prefix           Bytes Label   Outgoing   Next Hop    
Label      Label      or Tunnel Id     Switched      interface              
18         Pop Label      10.3.3.3/32      0             Et1/0      10.2.3.3    
19         Pop Label      10.3.4.0/24      0             Et1/0      10.2.3.3    
20         17             10.4.4.4/32      0             Et1/0      10.2.3.3    
21         Pop Label      10.1.2.1/32[V]   0             Et0/0      10.1.2.1    
22         Pop Label      A::1:2:0/112[V]  0             aggregate/vpn1 
23         Pop Label      A::1:2:1/128[V]  0             Et0/0      A::1:2:1    
24         Pop Label      10.1.2.0/24[V]   0             aggregate/vpn1 
25         Pop Label      A::1:2:2/128[V]  0             aggregate/vpn1 
26         18             A::1/128[V]      0             Et0/0      
FE80::A8BB:CCFF:FE03:2101
27         26             10.4.5.5/32[V]   0             Et1/0      10.2.3.3    
28         25             10.4.5.0/24[V]   0             Et1/0      10.2.3.3    
29         22             A::4:5:5/128[V]  0             Et1/0      10.2.3.3    
30         21             A::4:5:0/112[V]  0             Et1/0      10.2.3.3    
31         23             A::4:5:4/128[V]  0             Et1/0      10.2.3.3    
32         24             A::5/128[V]      0             Et1/0      10.2.3.3    
33         Pop Label      10.1.2.2/32[V]   0             aggregate/vpn1 
34         Pop Label      10.1.1.1/32[V]   0             Et0/0      10.1.2.1    
35         27             10.4.5.4/32[V]   0             Et1/0      10.2.3.3    
Local      Outgoing   Prefix           Bytes Label   Outgoing   Next Hop    
Label      Label      or Tunnel Id     Switched      interface              
36         28             10.5.5.5/32[V]   0             Et1/0      10.2.3.3
Step 6   show ipv6 cef vrf vrf-name

Use this command to show preserved forwarding entries for IPv6 and VPNv6 prefixes. This sample output is also from a PE router in a CSC configuration. Enter the command on the active and the standby router. Compare the sample output from the active router with the sample output from the standby router. Following is the output from the active router:



Example: 
Router# show ipv6 cef vrf vrf1
::/0
  no route
::/127
  discard
A::1/128
  nexthop FE80::A8BB:CCFF:FE03:2101 Ethernet0/0 label 18
A::5/128
  nexthop 10.2.3.3 Ethernet1/0 label 17 24
A::1:2:0/112
  attached to Ethernet0/0
A::1:2:1/128
  attached to Ethernet0/0
A::1:2:2/128
  receive for Ethernet0/0
A::4:5:0/112
  nexthop 10.2.3.3 Ethernet1/0 label 17 21
A::4:5:4/128
  nexthop 10.2.3.3 Ethernet1/0 label 17 23
A::4:5:5/128
  nexthop 10.2.3.3 Ethernet1/0 label 17 22
FE80::/10

Following is sample output from the standby router:



Example: 
Standby-Router# show ipv6 cef vrf vrf1
::/0
  no route
::/127
  discard
A::1/128
  nexthop FE80::A8BB:CCFF:FE03:2101 Ethernet0/0 label 18
A::5/128
  nexthop 10.2.3.3 Ethernet1/0 label 17 24
A::1:2:0/112
  attached to Ethernet0/0
A::1:2:1/128
  attached to Ethernet0/0
A::1:2:2/128
  receive for Ethernet0/0
A::4:5:0/112
  nexthop 10.2.3.3 Ethernet1/0 label 17 21
A::4:5:4/128
  nexthop 10.2.3.3 Ethernet1/0 label 17 23
A::4:5:5/128
  nexthop 10.2.3.3 Ethernet1/0 label 17 22
FE80::/10

Configuration Examples for Configuring NSF SSO and ISSU--MPLS VPN 6VPE and 6PE

Configuring NSF SSO for a Basic 6VPE Setup Example

This section shows the NSF/SSO configuration for a basic 6VPE setup. The figure below show a sample basic 6VPE network configuration.

Figure 1 Sample Basic 6VPE Network Configuration


PE1 Configuration in a Basic 6VPE Setup

Following is a configuration example for a PE1 router (see the figure above) in a basic 6VPE setup that includes VPNv6 and VPNv6 address families: 

vrf definition vpn1
 rd 1:1
 route-target export 1:1
 route-target import 1:1
 !
 address-family ipv4
 exit-address-family
 !
 address-family ipv6
 exit-address-family
!
!
ip cef distributed
!
ipv6 unicast-routing
ipv6 cef distributed
mpls ldp graceful-restart ! <==+ Command to configure LDP Graceful Restart
mpls label protocol ldp
redundancy
 mode sso
interface Loopback0
 ip address 10.2.2.2 255.255.255.255
 ipv6 address A::2/128
!
interface Ethernet0/0
 vrf forwarding vpn1
 ip address 10.1.2.2 255.255.255.0
 ipv6 address A::1:2:2/112
!interface Ethernet1/0
 ip address 10.2.3.2 255.255.255.0
 mpls label protocol ldp
 mpls ip
!router ospf 10
 log-adjacency-changes
 nsf
 network 0.0.0.0 255.255.255.255 area 0
!
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 bgp graceful-restart restart-time 120      ! <=== This command,
 bgp graceful-restart stalepath-time 360    ! <=== this command, and 
 bgp graceful-restart            ! <=== this command configures NFS/SSO for a 6VPE router.
 neighbor 10.4.4.4 remote-as 100
 neighbor 10.4.4.4 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
  neighbor 10.4.4.4 activate
  neighbor 10.4.4.4 send-community extended
 exit-address-family
 !
 address-family vpnv6
  neighbor 10.4.4.4 activate
  neighbor 10.4.4.4 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf vpn1
  no synchronization
  redistribute connected
  redistribute static
  neighbor 10.1.2.1 remote-as 200
  neighbor 10.1.2.1 update-source Ethernet0/0
  neighbor 10.1.2.1 activate
 exit-address-family
 !
 address-family ipv6 vrf vpn1
  redistribute connected
  redistribute static
  no synchronization
  neighbor A::1:2:1 remote-as 200
  neighbor A::1:2:1 update-source Ethernet0/0
  neighbor A::1:2:1 activate
 exit-address-family

Configuring NSF SSO for a Basic 6PE Setup Example

This section shows the NSF/SSO configuration for a basic 6PE setup. The figure below shows a sample basic 6PE network configuration.

Figure 2 Sample Basic 6PE Network Configuration


PE1 Configuration in a Basic 6PE Setup

Following is a configuration example for the PE1 router (see the figure above) in a basic 6PE setup: 

ip cef distributed 
!
ipv6 unicast-routing
ipv6 cef distributed
mpls ldp graceful-restart ! <=== Command to configure LDP Graceful Restart
mpls label protocol ldp
redundancy
 mode sso
interface Loopback0
 ip address 10.11.11.1 255.255.255.255
 ipv6 address BEEF:11::1/64
interface Ethernet0/0
 ip address 10.50.1.2 255.255.255.0
 ipv6 address 4000::72B/64
 ipv6 address 8008::72B/64
!
interface Ethernet1/0
 ip address 10.40.1.2 255.255.255.0
 mpls ip
!
router ospf
nsf
network 0.0.0.0 0.0.0.0 area 0
!
router bgp 100
 bgp log-neighbor-changes
 bgp graceful-restart restart-time 120               ! <=== This command, 
 bgp graceful-restart stalepath-time 360             ! <=== this command, and 
 bgp graceful-restart              ! <=== this command configures NFS/SSO for a 6PE router.
 neighbor 8008::72A remote-as 200
 neighbor 10.10.10.1 remote-as 100
 neighbor 10.10.10.1 update-source Loopback0
 !
 address-family ipv4
  no synchronization
  redistribute connected
  no neighbor 8008::72A activate
  neighbor 10.10.10.1 activate
  no auto-summary
 exit-address-family
 !
 address-family ipv6
  redistribute connected
  no synchronization
  neighbor 8008::72A activate
  neighbor 10.10.10.1 activate
  neighbor 10.10.10.1 send-label
 exit-address-family

Additional References

The following sections provide references related to the NSF/SSO and ISSU--MPLS VPN 6VPE and 6PE feature.

Related Documents

Related Topic

Document Title

Information about NFS/SSO for MPLS VPN

NSF/SSO--MPLS VPN

Information about and configuration tasks for Cisco nonstop forwarding

Cisco Nonstop Forwarding

Information about and configuration tasks for MPLS VPNs

Configuring MPLS Layer 3 VPNs

Information about and configuration tasks for 6VPE over MPLS

Implementing IPv6 VPN over MPLS

Information about and configuration tasks for 6PE over MPLS

Implementing IPv6 over MPLS

Information about and configuration tasks for ISSU

Cisco IOS In Service Software Upgrade Process

Information about and configuration tasks for SSO

Stateful Switchover

Information about and configuration tasks for MPLS LDP NSF/SSO and Graceful Restart

NSF/SSO-MPLS LDP and MPLS LDP Graceful Restart

Standards

Standard

Title

No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.

--

MIBs

MIB

MIBs Link

No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature.

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs

RFCs

RFC

Title

RFC 4659

BGP-MPLS IP Virtual Private Network (VPN) Extension for IPv6 VPN

RFC 4724

Graceful Restart Mechanism for BGP

RFC 4781

Graceful Restart Mechanism for BGP with MPLS

FRC 4798

Connecting IPv6 Islands over IPv4 MPLS Using IPv6 Provider Edge Routers (6PE)

Technical Assistance

Description

Link

The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies.

To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.

Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html

Feature Information for NSF SSO and ISSU--MPLS VPN 6VPE and 6PE

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Table 1 Feature Information for NSF/SSO and ISSU--MPLS VPN 6VPE and 6PE

Feature Name

Releases

Feature Information

ISSU--MPLS VPN 6VPE and 6PE ISSU Support

12.2(33)SRE

12.2(33)XNE

15.0(1)SY

This feature provides In Service Software Upgrade (ISSU) support for Cisco IOS Virtual Private Network (VPN) IPv6 provider edge router (6VPE) over Multiprotocol Label Switching (MPLS) and Cisco IOS IPv6 provider edge router (6PE) over MPLS.

In 12.2(33)SRE, this feature was introduced on the Cisco 7600 series routers.

The following sections provide information about this feature:

This feature introduced no new or modified commands.

SSO--MPLS VPN 6VPE and 6PE SSO Support

12.2(33)SRE

12.2(33)XNE

15.0(1)SY

This feature provides stateful switchover (SSO) support for Cisco IOS Virtual Private Network (VPN) IPv6 provider edge router (6VPE) over Multiprotocol Label Switching (MPLS) and Cisco IOS IPv6 provider edge router (6PE) over MPLS.

In 12.2(33)SRE, this feature was introduced on the Cisco 7600 series routers.

The following sections provide information about this feature:

This feature introduced no new or modified commands.

Glossary

6PE router --IPv6 provider edge (PE) router. A router running a Border Gateway Protocol (BGP)-based mechanism to interconnect IPv6 islands over a Multiprotocol Label Switching (MPLS)-enabled IPv4 cloud.

6VPE router --Provider edge router providing Border Gateway Protocol (BGP)-Multiprotocol Label Switching (MPLS) IPv6 Virtual Private Network (VPN) service over an IPv4-based MPLS core. It is a IPv6 VPN provider edge (PE), dual-stack router that implements 6PE concepts on the core-facing interfaces.

BGP --Border Gateway Protocol. An interdomain routing protocol designed for the global Internet. Exterior Border Gateway Protocols (eBGPs) communicate among different autonomous systems. Interior Border Gateway Protocols (iBGPs) communicate among routers within a single autonomous system.

CE router --customer edge router. A router that is part of a customer network and interfaces to a provider edge (PE) router.

Cisco Express Forwarding --An advanced Layer 3 IP switching technology. It optimizes network performance and scalability for all kinds of networks.

eBGP --external Border Gateway Protocol.

graceful restart --A process for helping an RP restart after a node failure has occurred.

iBGP --Interior Border Gateway Protocol.

ISSU --In Service Software Upgrade. Software upgrade without service interruption.

LDP --Label Distribution Protocol. A standard protocol between Multiprotocol Label Switching (MPLS)-enabled routers to negotiate the labels (addresses) used to forward packets.

MPLS --Multiprotocol Label Switching. A switching method that forwards IP traffic using a label. This label instructs the routers and switches in the network where to forward the packets based on preestablished IP routing information.

NSF --nonstop forwarding. The ability of a router to continue to forward traffic to a router that may be recovering from a failure. Also, the ability of a router recovering from a failure to continue to correctly forward traffic sent to it by a peer.

PE router --provider edge router. The PE router is the entry point into the service provider network. The PE router is typically deployed on the edge of the network and is administered by the service provider. The PE router is the redistribution point between EIGRP and BGP in PE to CE networking.

RIB --Routing Information Base. Also called the routing table.

SSO --stateful switchover. SSO refers to the implementation of Cisco IOS software that allows applications and features to maintain a defined state between an active and standby RP. When a switchover occurs, forwarding and sessions are maintained. Along with NSF, SSO makes an RP failure undetectable to the network.

VPN --Virtual Private Network. Enables IP traffic to travel securely over a public TCP/IP network by encrypting traffic from one network to another. A VPN uses tunneling to encrypt all information at the IP level.

VRF --Virtual Private Network (VPN) routing and forwarding instance. A VRF consists of an IP routing table, a derived routing table, a set of interfaces that use the forwarding table. and a set of rules and routing information that defines a customer VPN site that is attached to a provider edge (PE) router.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

© 2012 Cisco Systems, Inc. All rights reserved.