MPLS TE FRR & some BFD

Similar Messages

• MPLS TE FRR IOS support

  Dear Sir!
  Can you tell, is there some technology IOS for 36xx/37xx
  to test MPLS TE FRR in our lab
  (not in real network)?
  Because we haven't 720x/7600 etc. in our lab.
  Best regards,
  Max

  Hi Max,
  In my opinion, MPLS FRR is not supported in 36xx/37xx.
  Thanks,
  Vikas

• MPLS TE/FRR on ME 3600X

  Hi,
  Can ME 3600X provides 50-ms rerouting time upon link failure with MPLS TE/FRR?
  There are many failure detection mechanisms cause the routers to switch LSPs onto their backup tunnels:
  1.Interface Down Notification 
  (When a router’s link or neighboring node fails, the router often detects this failure by an interface down notification.
    On a Packet over SONET (POS) interface, this notification is very fast.)
  2.Loss of Signal
  (Unlike POS interfaces, Gigabit Ethernet does not have any alarms to detect link failures. If a link is down
  due to a cut cable or because the remote end shuts its laser, the optics module (GBIC or SFPs) on the
  Gigabit Ethernet card detects a loss of signal (LOS). The LOS is used as a mechanism to detect the
  failure and begin the switchover.)
  3.Notification from the RSVP hello that a neighbor is lost
  4.Notification from the Bidirectional Forwarding Detection (BFD) protocol that a neighbor is lost
  5.Notification from the Interior Gateway Protocol (IGP) that the adjacency is down
  6.For point-to-point link, PPP or HDLC keepalives
  I know the 1st and 6th failure detection mechanism can't be applied with ME 3600X. Which failure detection mechanisms
  cause ME 3600X to switch LSPs onto their backup tunnels to achieve 50-ms rerouting time upon link failure with MPLS TE/FRR?
  My customer want to implement Ring Topology with ME 3600X to provide MPLS L2/L3 VPN services with MPLS TE/FRR.
  What is the best pracetice design for Ring Topology with MPLS TE/FRR to provide link protection?
  Regards,
  Pipatpong

  Hello Pipatpong
  Below are the answers to your questions:
  2. Should be able to detect and cutover.
  3. Should be able to detect based on timer configuration. However the recommended value for RSVP hellos is 200 msec
  From the config guide :
  (http://www.cisco.com/en/US/docs/switches/metro/me3600x_3800x/software/release/12.2_52_ey/configuration/guide/swmpls.html#wp1183359)
  To prevent false detection of a down neighbor and unnecessarily triggering fast reroute, we recommend configuring a minimum frequency of 200 ms.
  4. BFD support not yet available
  5.Dont think IGP will be able to do 50ms on any platform.

• Link Bundle - MPLS TE & FRR Support

  Hi Sir,
  Platform Cisco 12406 PRP, current running IOS 12.0(32)SY3.
  May I know what is latest IOS that can support MPLS TE & FRR over link bundle (L3 Etherchannel) ?
  Regards

  Hi,
  12.0(33)S is the last IOS version for GSR and doesn't support this feature. New development focus on XR only and only few of them like 4B ASN are ported to 33S.
  Laurent.

• MPLS TE FRR IOS for 7200 platform

  Hi,
  I could not find in the feature navigation for 7200 platform that have mpls te frr. Does the services support on these platform?
  thanks in advance.
  maher

  Yes, look for S train, and consider your NPE series.
  Pls rate helpful posts
  Best Regards,
  Mounir Mohamed

• MPLS-TE FRR NNHOP protection (positioning of the NNHOP node)

  Hi All,
  I have a conception question about MPLS-TE FRR NNHOP protection.  Does the NNHOP need to be along the path of the originally protected TE LSP but just downstream of the protected node?
  David

  Hi David,
  Yes thats Correct. The Next Hop in a FRR TE LSP needs to be a long the path of the Protected TE LSP from the Headend Label Switch router to the Tailend LSR of the TE LSP.
  You would normally have more than one Path OR a TE tunnel between the Headend and Tailend LSRs with FRR enabled. The Priority assigned to those tunnels selects the Primary Tunnel. and with FRR feature, if the first tunnel experience failure along the path with ANY of the intermediate next hops to the Tailend LSR of that LSP, the Secondary TE tunnel takes place with faster convergence time.
  Regards,
  Mohamed

• How to preempt MPLS TE FRR

  Hi,
  I have an Explicit Path configured on a tunnel as 1 and a dynamic path as 2.
  If a link fails in the core FRR fails over, then after a while the tunnel takes teh dynamic path. However when the link recovers the tunnel stays on the dynamic path.
  My question is: how can i force to take the explicit path again?
  R1#show mpls traffic-eng tunnels tunnel 1
  Name: R1_t1                               (Tunnel1) Destination: 2.2.2.2
    Status:
      Admin: up         Oper: up     Path: valid       Signalling: connected
      path option 2, type dynamic (Basis for Setup, path weight 3)
      path option 1, type explicit 1
    Config Parameters:
      Bandwidth: 0        kbps (Global)  Priority: 7  7   Affinity: 0x0/0xFFFF
      Metric Type: TE (default)
      AutoRoute: disabled LockDown: disabled Loadshare: 0 [0] bw-based
      auto-bw: disabled
    Active Path Option Parameters:
      State: dynamic path option 2 is active
      BandwidthOverride: disabled  LockDown: disabled  Verbatim: disabled
    InLabel  :  -
    OutLabel : FastEthernet0/1, 28
    Next Hop : 10.15.0.5
    RSVP Signalling Info:
         Src 1.1.1.1, Dst 2.2.2.2, Tun_Id 1, Tun_Instance 32
      RSVP Path Info:
        My Address: 10.15.0.1
        Explicit Route: 10.15.0.5 10.56.0.5 10.56.0.6 10.26.0.6
                        10.26.0.2 2.2.2.2
        Record   Route:   NONE
        Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
      RSVP Resv Info:
        Record   Route:  5.5.5.5(28) 6.6.6.6(33)
                         2.2.2.2(3)
        Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
    Shortest Unconstrained Path Info:
      Path Weight: 3 (TE)
      Explicit Route: 10.15.0.1 10.15.0.5 10.56.0.5 10.56.0.6
                      10.26.0.6 10.26.0.2 2.2.2.2
    History:
      Tunnel:
        Time since created: 1 hours, 48 minutes
        Time since path change: 55 seconds
        Number of LSP IDs (Tun_Instances) used: 32
      Current LSP: [ID: 32]
        Uptime: 58 seconds
        Selection: reoptimization
      Prior LSP: [ID: 30]
        ID: path option 1 [30]
        Removal Trigger: re-route path error
        Last Error: RSVP:: Path Error from 10.13.0.3: Notify: Tunnel locally repaired (flags 0)
  Thx!

  Hi,
  By default, the re-optimization is around 1 hour. You can use the below command to speed up the re-optimization,
  mpls traffic-eng reoptimize timers frequence <seconds>
  With this command, the router after the seconds mentioned will check for better path for existing LSP (to see if primary path option is available) and use it if available.
  -Nagendra

• MPLS LDP FRR

  HI all,
  I'm aware that you can enable MPLS FRR with RSVP. But how do you achieve FRR capabilities with LDP ??
  Many Thanks

  Hi Per,
  From RFC 4090 (Fast Reroute Extensions to RSVP-TE for LSP Tunnels):
  "A protected LSP is an explicitly-routed LSP that is provided with protection. The repair methods described here are applicable only to explicitly-routed LSPs. Application of these methods to LSPs that dynamically change their routes, such as LSPs used in unicast IGP routing, is beyond the scope of this document."
  So currently there is no standard covering the required functionality. Imho the underlying reason is avoidance of routing loops. As TE tunnels have fixed starting and endpoints, you might reroute them in any way without creating loops, if preventing loops for the backup tunnel. When it comes to IGP based LSPs the problems are not that easy to solve. Example: R1-R2-R3 Assume the link from R2 to R3 is protected by a tunnel from R2 to R1 ... In IGP based LSPs a routing loop will be created and is hard to detect/avoid.
  In case you have a feature request for your customer, drop me an email and we can discuss things offline.
  Regards, Martin

• At which interfaces MPLS TE FRR supported?

  Dear Sir!
  In my last thread "Problem with FRR" I cannot to make FRR begin working.
  So can you tell me (I cannot find it at www.cisco.com) at which interfaces are FRR supported?
  Because in "Problem with FRR"
  PE1 - 7204VXR with 12.0(29)S installed,
  P1 - 7206VXR with 12.0(29)S installed, and use
  Gi-interface to P2,
  P2 - 3662 with 12.3.4(T) installed and use
  Fa-interface to P1
  Is it true, that FRR supports only on PoS interfaces?
  Hope you help,
  Maxim Denisov

  FRR is supported on GigE interface. The issue is usually with failure detection. You need
  to use RSVP Hellos or tune down the IGP hellos to ensure you quickly detect the link failure. Once you detect the failure, everything else works well.
  Hope this helps,

• MPLS TE Fast ReRoute

  Hi Experts,
  I'm just getting started with MPLS TE and wondering on how fast the "fast reroute" feature can be.
  I'm planning to create two tunnels for a specific traffic of my network, and looks like MPLS TE with FRR is the most reliable option if we are talking about a really 0% packet loss network.
  I saw on some documentations that with MPLS TE is possible to reroute the traffic with 50 ms of RTT  and no packet loss at all, considering that the backup tunnel is so reliable as the primary is.
  Is this true? I'm new on this subject so I would like to know more about what I could achieve in terms of high availability.
  Regards
  Paulo Varanda

  Hi,
  Yes MPLS-TE with FRR gives faster convergence in range of 50ms (usually 50ms is standard convergence time for SDH/Sonet network). But there are some pre-requisities for MPLS-TE FRR to provide that faster convergence.
  Tunnel Headend -- Router 1 --- Router 2 ---- Router 3--- Tunnel Tailend
                          -- Router 4 ---- Router 5----
  MPLS-TE FRR protects a particular link or a particular node.
  For link protection, the concept is to have a primary tunnel protected by a backup tunnel. The backup tunnel path should be on completely different and fault tolerant physical path when the primary tunnel path fails i.e. both the tunnels should not be in same SRLG links. In the above case if link between Router1-Router2-Router3 fails the tunnel should fallback over Router 4 and Router 5.
  Detecting the link or node goes down should require a keepalive mechanism, usually RSVP hellos are used to detect the failure.
  Node protection by default provides link protection. So when Router 2 goes down the traffic falls back over backup path.
  MPLS-TE FRR wokrs by pre-signalling LSP over both primary and secondary paths even before the failure occurs. In normal conditions (with multiple path-option), only when primary LSP on primary path goes down, LSP gets signalled over secondary path option.
  HTH
  Arun

• MPLS TE over Port-channel interfaces

  I get the following 'warning' when configuring MPLS TE on a port-channel interface. Any comments on what the limitations to using TE on a port-channel interface are?
  7606(config)#interface port-channel99
  7606(config-if)#mpls traffic-eng tunnels
  %Warning: MPLS TE support is limited for port-channel interfaces.
  For additional information, please contact the MPLS TE product manager.

  Hi,
  I configured TE and FRR on Port-Channel also. I saw some TE Tunnels worked with FRR, some didn't. I enclose here for reference.
  Router#sho mpls traffic-eng fast-reroute database
  Headend frr information:
  Protected tunnel In-label Out intf/label FRR intf/label Status
  Tunnel1000 Tun hd Po1:implicit-nul Tu1004:implicit- ready
  Tunnel1001 Tun hd Po2:implicit-nul Tu1005:implicit- ready
  LSP midpoint frr information:
  LSP identifier In-label Out intf/label FRR intf/label Status
  Router#show mpls traffic-eng tunnels brief
  Signalling Summary:
  LSP Tunnels Process: running
  Passive LSP Listener: running
  RSVP Process: running
  Forwarding: enabled
  Periodic reoptimization: every 10 seconds, next in 8 seconds
  Periodic FRR Promotion: every 300 seconds, next in 146 seconds
  Periodic auto-bw collection: every 300 seconds, next in 133 seconds
  TUNNEL NAME DESTINATION UP IF DOWN IF STATE/PROT
  CISCO ISC-P139 172.16.254.253 - Po1 up/up
  CISCO ISC-P141 172.16.254.252 - Po2 up/up
  CISCO ISC-P145 172.16.254.251 - Po1 up/up
  CISCO ISC-P147 172.16.254.250 - Po2 up/up
  CISCO ISC-B181 172.16.254.253 - Po2 up/up
  CISCO ISC-B182 172.16.254.252 - Po1 up/up
  CISCO ISC-P166 172.16.254.254 Po2 - up/up
  CISCO ISC-B187 172.16.254.252 Po1 Po2 up/up
  CISCO ISC-B188 172.16.254.251 Po2 Po1 up/up
  CISCO ISC-P159 172.16.254.254 Po1 - up/up
  CISCO ISC-B185 172.16.254.250 Po1 Po2 up/up
  CISCO ISC-B186 172.16.254.253 Po2 Po1 up/up
  CISCO ISC-P173 172.16.254.254 Po2 - up/up
  CISCO ISC-P174 172.16.254.253 Po2 Po1 up/up
  CISCO ISC-B189 172.16.254.254 Po1 - up/up
  CISCO ISC-B190 172.16.254.250 Po2 Po1 up/up
  CISCO ISC-P153 172.16.254.252 Po1 Po2 up/up
  CISCO ISC-P155 172.16.254.254 Po1 - up/up
  CISCO ISC-B183 172.16.254.251 Po1 Po2 up/up
  CISCO ISC-B184 172.16.254.254 Po2 - up/up
  Displayed 6 (of 6) heads, 8 (of 8) midpoints, 6 (of 6) tails
  Can you explain more detail about the limited support for TE on Port-channel?
  Many thanks

• MPLS TE + IGP,BGP Convergence timers

  Hi,
  In case I am implementing MPLS TE FRR using RSVP hellos in my mpls backbone for speedy convergence against link/node failures. Do I still need to teak my IGP,BGP & LDP convergence timers or make my IGP,BGP,LDP to converge based on trigger from BFD in addition to implementation of MPLS TE FRR.

  Hi,
  Tuning IGP and BGP will help to improve convergence in other scenarios:
  - Lost of a primary PE-CE link
  - Lost of a primary PE
  - Lost of a core link not protected by MPLS TE FRR.
  FRR allows you to have a very fast data-plane convergence without waiting for your control-plane converge.
  There is no need to tune LDP timers because by default the router is in liberal label retention mode meaning it stores the labels even if the LSR is not the IGP next-hop.
  HTH
  Laurent.

• The mpls path or ip path?

  If a network is not a "pure" mpls network, with some links is mpls enabled, and the others is not. A ip packet enters the ingress lsr, from the ingress lsr to the destination maybe lots of path in the cef table, some of them are mpls links, and some of them is ip link without the mpls enables, all of the paths "looks like" with the "equal cost" , which path will the lsr select? Will it load balancing among these links,or load balancing among the mpls links only?

  The path selection on an IP or MPLS N/w is always with an IGP. So the path selected will be based on IGP. So if ur path is half tag-switched, the routers will perform tag-switching as well as other router will do IP-Switcing.Hope this clarifies. Ofcourse AtoM and L3 VPN will not work as they need end-to-end LSP.

• Has some one Integrated File System & SAP Business One using B1iSN?

  I have to create a Proof of Concept where, I have to pick up a file from A file System, do some transformation & then call SAP B1 APIs to post documents in SAP Business One.
  I am new to B1iSN Technology and  was wondering if this is feasible. If Yes, I would appreciate if you can give me some logical steps to follow.
  Thanks,
  Yogesh

  Hi Yogesh,
  You find all of the available documentation for B1iP SAP Business One Integration for SAP NetWeaver (B1iSN) [original link is broken] [original link is broken].
  Additionally, I can mail you some BFD samples to give you and idea of B1iP coding.  If Edward or another SAP employee can send you the IPO samples, that would be ideal, since I believe that they have an implementation of a basic file adapter proto-type.
  HTH,
  Dhruv

• MPLS VRF Management

  Hi,
  After upgrading the network to MPLS, i have some problems about the management Ps and PEs routers. I want to use "VRF Management" to manage these devices but i have no infomation how to config it.
  - For PEs i think i should use the second loopback to add to VRF admin;
  - For Ps no solution.
  Please show me some links or example useful.
  Thanks for your help

  Hi,
  To access P routers from a VRF environment you can use two scenarios:
  1) connect a P router interface to the PE in the Mgmt VRF
  2) use packet leaking.
  For managing other dveices in different VRFs:
  3) central service VPN
  Option 1) is giving you plain IP connectivity into the core and you could also connect your Mgmt LAN directly to the core. The advantage of a direct connection: you do not rely on VRF related features to be configured correctly on the access PE to connect to P (and PE) routers.
  An example: if someone deletes the Mgmt VRF, all IP addresses on all VRF interfaces in that VRF will be removed. You might end up with no connectivity even to the PE, where the "accident" happened.
  Option 2) allows access to the global routing table through a VRF. The configuration could look like this:
  ip vrf Mgmt
  rd 65000:161
  export map MgmtLAN
  route-target import 65000:162
  interface Serial0/0
  description to a P router
  ip address 10.1.1.1 255.255.255.252
  interface Serial 0/1
  description to the Mgmt LAN
  ip vrf forwarding Mgmt
  ip address 192.168.1.1 255.255.255.252
  ip route vrf Mgmt 10.1.1.0 255.255.255.0 10.1.1.2 global
  ! Assuming the core IP adresses for management are from 10.1.1.0/24 this will send packets arriving in the VRF to the P routers
  ip route 192.168.161.0/24 Serial0/1
  ! assuming the Mgmt LAN is 192.168.161.0/24 this will forward packets arriving from the P routers to the Mgmt LAN behind Serial0/1
  Option 3) central service VPN for managing devices in different VRFs
  ip vrf Mgmt
  rd 65000:161
  export map MgmtLAN
  route-target import 65000:162
  ip vrf Customer
  rd 65000:666
  route-target export 65000:666
  route-target import 65000:666 !normal customer RTs
  route-target import 65000:161 ! this will import the Mgmt LAN network
  export map MgmtLoopbacks
  ! this will ensure only management IPs will be imported into the Mgmt VRF and not all customer routes from all VRFs.
  interface Loopback161
  description PE Mgmt IP
  ip vrf forwarding Mgmt
  ip address 10.1.2.123 255.255.255.255
  interface Serial 0/1
  description to the Mgmt LAN
  ip vrf forwarding Mgmt
  ip address 192.168.1.1 255.255.255.252
  route-map MgmtLAN
  match ip address 1
  set extcommunity rt 65000:161
  route-map MgmtLoopbacks
  match ip address 2
  set extcommunity rt 65000:162 additive
  access-list 1 permit host 192.168.161.0
  !Only announce the Mgmt LAN
  access-list 2 permit host 192.168.162.1
  access-list 2 permit host 192.168.162.2
  access-list 2 permit host 192.168.162.3
  ! list the Loopback IPs of devices to manage
  From a routing point of view you would need to make sure to route all required IPs with BGP and IGP in the Mgmt environment, as well as the core.
  Hope this helps! Please use the rating system.
  Regards, Martin