LDP to Segment Routing Migration 1

    MPLS has been the leader in providing VPN service in the past days with the association of LDP for label distribution to achieve the necessary operation for traffic forwarding (not to forget that BGP is used in some cases for label assignment, but the focus in this example is LDP).

    We will be using to the below topology to demonstrate the scope of this document and we will be starting with normal MPLS L3VPN service with dependence on LDP for label distribution.


    Segment Routing 1.png

     

    Let us describe the topology in brief: We have two CEs that needs to communicate over MPLS backbone and they are using BGP as their protocol with AS # 10.

    As well, we have two MPLS service PEs who are handling the transport of the prefixes of concern with flat ISIS level 2 as the IGP running inside the backbone.

    The relations involved in setting up the communication path are illustrated simply in the below figure:

     

    Segment Routing 2.png

     

    Talking from design perspective and choosing the running protocols assuming unmanaged CE option and direct communication between MPLS service PEs , please refer to the below figure:

     

    Segment Routing 3.png

     

    Now, let us dig deep in the label assignments (for the sake of demonstration, I have changed the label allocation range for each device following the scheme: PE1 (16100 – 16199), PE2 (16200 – 16299) and so on.

    Note: IOS XR label assignment range starts with 16000, on contrary IOS software starts from the range of 16.

    RP/0/0/CPU0:PE1#show cef vrf MSSK 10.10.7.0

    Tue Apr  9 06:59:44.570 UTC

    1. 10.10.7.0/24, version 7, internal 0x1000001 0x0 (ptr 0xa13b0f74) [1], 0x0 (0x0), 0x200 (0xa152c0f0)

    Updated Apr 8 13:21:40.189

    local adjacency 172.16.17.7

    Prefix Len 24, traffic index 0, precedence n/a, priority 3

    via 172.16.17.7, 2 dependencies, recursive, bgp-ext [flags 0x6020]

        path-idx 0 NHID 0x0 [0xa13b0ef4 0x0]

        next hop 172.16.17.7 via 172.16.17.7/32

         local label 16100

         next hop 172.16.17.7/32 Gi0/0/0/2    labels imposed {None}

     

    RP/0/0/CPU0:PE1# show bgp vpnv4 unicast labels

    Tue Apr  9 08:34:32.380 UTC

    BGP router identifier 1.1.1.1, local AS number 1

    BGP generic scan interval 60 secs

    Non-stop routing is enabled

    BGP table state: Active

    Table ID: 0x0   RD version: 0

    BGP main routing table version 7

    BGP NSR Initial initsync version 3 (Reached)

    BGP NSR/ISSU Sync-Group versions 0/0

    BGP scan interval 60 secs

     

    Status codes: s suppressed, d damped, h history, * valid, > best

                  i - internal, r RIB-failure, S stale, N Nexthop-discard

    Origin codes: i - IGP, e - EGP, ? - incomplete

    Network            Next Hop        Rcvd Label      Local Label

    Route Distinguisher: 1:1 (default for vrf MSSK)

    *> 10.10.7.0/24       172.16.17.7     nolabel         16100

    *>i10.10.8.0/24       2.2.2.2         16200           nolabel

     

    RP/0/0/CPU0:PE1#show mpls forwarding

    Tue Apr  9 06:59:03.893 UTC

    Local  Outgoing Prefix             Outgoing     Next Hop        Bytes

    Label  Label or ID              Interface                    Switched

    ------ ----------- ------------------ ------------ --------------- ------------

    16100  Unlabelled  10.10.7.0/24[V]    Gi0/0/0/2 172.16.17.7     17330

    16101  Pop 3.3.3.3/32         Gi0/0/0/0    192.168.13.3    115899

    16102  Pop 192.168.36.0/24    Gi0/0/0/0    192.168.13.3    0

    16103  Pop 192.168.34.0/24    Gi0/0/0/0    192.168.13.3    0

    16104  16302 4.4.4.4/32         Gi0/0/0/0    192.168.13.3    0

    16105  16303 192.168.24.0/24    Gi0/0/0/0    192.168.13.3    0

    16106  16304       2.2.2.2/32         Gi0/0/0/0    192.168.13.3    97699

           16504       2.2.2.2/32         Gi0/0/0/1    192.168.15.5    668

    16107  16305 192.168.26.0/24    Gi0/0/0/0    192.168.13.3    0

           16507       192.168.26.0/24    Gi0/0/0/1 192.168.15.5    0

    16108  Pop 192.168.56.0/24    Gi0/0/0/1    192.168.15.5    0

    16109  16307 6.6.6.6/32         Gi0/0/0/0    192.168.13.3    0

           16509       6.6.6.6/32         Gi0/0/0/1    192.168.15.5    0

    16110  Pop 5.5.5.5/32         Gi0/0/0/1    192.168.15.5    71344

     

    RP/0/0/CPU0:PE2#show mpls forwarding

    Tue Apr  9 07:04:02.402 UTC

    Local  Outgoing Prefix             Outgoing     Next Hop        Bytes

    Label  Label or ID              Interface                    Switched

    ------ ----------- ------------------ ------------ --------------- ------------

    16200  Unlabelled  10.10.8.0/24[V]    Gi0/0/0/2 172.16.28.8     18514

    16201  Pop 4.4.4.4/32         Gi0/0/0/0    192.168.24.4    115664

    16202  Pop 192.168.34.0/24    Gi0/0/0/0    192.168.24.4    0

    16203  16400 3.3.3.3/32         Gi0/0/0/0    192.168.24.4    0

           16600       3.3.3.3/32         Gi0/0/0/1    192.168.26.6    0

    16204  16403 1.1.1.1/32         Gi0/0/0/0    192.168.24.4    107684

           16606       1.1.1.1/32         Gi0/0/0/1    192.168.26.6    14204

    16205  Pop 192.168.36.0/24    Gi0/0/0/1    192.168.26.6    0

    16206  16602 192.168.15.0/24    Gi0/0/0/1    192.168.26.6    0

    16207  16402 192.168.13.0/24    Gi0/0/0/0    192.168.24.4    1032

           16604       192.168.13.0/24    Gi0/0/0/1 192.168.26.6    1432

    16208  Pop 192.168.56.0/24    Gi0/0/0/1    192.168.26.6    0

    16209  Pop 6.6.6.6/32         Gi0/0/0/1    192.168.26.6    1980

    16210  16608 5.5.5.5/32         Gi0/0/0/1    192.168.26.6    0

     

    RP/0/0/CPU0:XR6-P4#show mpls forwarding

    Tue Apr  9 07:06:42.561 UTC

    Local  Outgoing Prefix             Outgoing     Next Hop        Bytes

    Label  Label or ID              Interface                    Switched

    ------ ----------- ------------------ ------------ --------------- ------------

    16600  Pop 3.3.3.3/32         Gi0/0/0/2    192.168.36.3    2216

    16601  Pop         2.2.2.2/32         Gi0/0/0/1    192.168.26.2    13237

    16602  Pop 192.168.15.0/24    Gi0/0/0/0    192.168.56.5    0

    16603  Pop 192.168.34.0/24    Gi0/0/0/2    192.168.36.3    0

    16604  Pop 192.168.13.0/24    Gi0/0/0/2    192.168.36.3    1392

    16605  Pop 192.168.24.0/24    Gi0/0/0/1    192.168.26.2    0

    16606  16500 1.1.1.1/32         Gi0/0/0/0    192.168.56.5    9214

           16300       1.1.1.1/32         Gi0/0/0/2    192.168.36.3    1026

    16607  16201 4.4.4.4/32         Gi0/0/0/1    192.168.26.2    0

           16302       4.4.4.4/32         Gi0/0/0/2    192.168.36.3    0

    16608  Pop 5.5.5.5/32         Gi0/0/0/0    192.168.56.5    145824

     

    CE1#traceroute 10.10.8.8 source lo1 numeric

    Type escape sequence to abort.

    Tracing the route to 10.10.8.8

    VRF info: (vrf in name/id, vrf out name/id)

    1 172.16.17.1 12 msec 12 msec 8 msec

    2 192.168.13.3 [MPLS: Labels 16304/16200 Exp 0] 28 msec 20 msec 20 msec

    3 192.168.36.6 [MPLS: Labels 16601/16200 Exp 0] 20 msec 20 msec 20 msec

    4 192.168.26.2 [MPLS: Label 16200 Exp 0] 20 msec 20 msec 20 msec

    5 172.16.28.8 20 msec *  20 msec

     

    Segment Routing 4.png

     

    Now as we have a converged network and communication is in place between the CEs, we will now start with the migration process from LDP to SR (Segment-Routing).

     

    Let us follow the steps one by one, but before moving forward it is worthy to mention that we have two migration strategies:

     

    • Ships in the night: in which we will replace LDP by SR.
    • Interworking: In which interaction between LDP and SR to take place (SR will exist and LDP will still be running in some parts of the network).

     

    What we will start with is ships in the night migration strategy.

     

    The basic lines needed to enable segment-routing are (not to forget that wide metrics are needed):

     

    router isis 1

    address-family ipv4 unicast

    segment-routing mpls

     

    Monitoring the console screen, I have faced the below log message:

     

    RP/0/0/CPU0:PE1#RP/0/0/CPU0:Apr  9 07:26:58.288 : isis[1006]: %ROUTING-ISIS-4-SRGB_ALLOC_FAIL : SRGB allocation failed: 'SRGB reservation not successful for [16000,23999], srgb=(16000 23999, SRGB_ALLOC_CONFIG_PENDING, 0x2) (So far 64 attempts). Make sure label range is free'

     

    That means we are facing some issues in the SRBG range used by segment routing.

     

    RP/0/0/CPU0:PE1(config-isis)#segment-routing global-block ?

    <16000-1048574>  The lower bound of the SRGB

     

    As we can see from the above command, the SRGB block assignments starts with 16000

     

    It is recommended to use the same range of SRGB among all devices within a network, so the command to use for this purpose is:

     

    router isis 1

    segment-routing global-block 90000 99000

     

    RP/0/0/CPU0:PE1#show isis database verbose | include SRGB

    Tue Apr  9 09:28:00.491 UTC

    Segment Routing: I:1 V:0, SRGB Base: 90000 Range: 9001

        Segment Routing: I:1 V:0, SRGB Base: 90000 Range: 9001

        Segment Routing: I:1 V:0, SRGB Base: 90000 Range: 9001

        Segment Routing: I:1 V:0, SRGB Base: 90000 Range: 9001

        Segment Routing: I:1 V:0, SRGB Base: 90000 Range: 9001

        Segment Routing: I:1 V:0, SRGB Base: 90000 Range: 9001

     

    The status now is that both LDP and SR are working together inside the network and the communication is still in place , what next to be done is to instruct the routers to prefer SR label assignments/bindings over the already used ones generated by LDP.

     

    router isis 1

    address-family ipv4 unicast

    segment-routing mpls sr-prefer

     

    Let us check now the MPLS forwarding table to see the result:

     

    RP/0/0/CPU0:PE1#show mpls forwarding

    Tue Apr  9 09:30:36.650 UTC

    Local  Outgoing Prefix             Outgoing     Next Hop        Bytes

    Label  Label or ID              Interface                    Switched

    ------ ----------- ------------------ ------------ --------------- ------------

    16100  Unlabelled 10.10.7.0/24[V]    Gi0/0/0/2    172.16.17.7     35514

    16101  Pop 3.3.3.3/32         Gi0/0/0/0    192.168.13.3    1020

    16102  Pop 192.168.36.0/24    Gi0/0/0/0    192.168.13.3    0

    16103  Pop 192.168.34.0/24    Gi0/0/0/0    192.168.13.3    0

    16104  16302 4.4.4.4/32         Gi0/0/0/0    192.168.13.3    0

    16105  16303 192.168.24.0/24    Gi0/0/0/0    192.168.13.3    0

    16106  16304 2.2.2.2/32         Gi0/0/0/0    192.168.13.3    189

           16504       2.2.2.2/32         Gi0/0/0/1    192.168.15.5    0

    16107  16305 192.168.26.0/24    Gi0/0/0/0    192.168.13.3    0

           16507       192.168.26.0/24    Gi0/0/0/1 192.168.15.5    0

    16108  Pop 192.168.56.0/24    Gi0/0/0/1    192.168.15.5    0

    16109  16307 6.6.6.6/32         Gi0/0/0/0    192.168.13.3    0

           16509       6.6.6.6/32         Gi0/0/0/1    192.168.15.5    0

    16110  Pop 5.5.5.5/32         Gi0/0/0/1    192.168.15.5    0

    16111  Pop No ID              Gi0/0/0/0    192.168.13.3    0

    16112  Pop No ID              Gi0/0/0/1    192.168.15.5    0

    90200  90200 No ID              Gi0/0/0/0    192.168.13.3    5312

           90200       No ID              Gi0/0/0/1    192.168.15.5    0

    90400  90400 No ID              Gi0/0/0/0    192.168.13.3    0

    90500  Pop No ID              Gi0/0/0/0    192.168.13.3    450

    90600  90600 No ID              Gi0/0/0/0 192.168.13.3    0

           90600       No ID              Gi0/0/0/1    192.168.15.5    0

     

    Checking from the CE side:

     

    CE1#traceroute 10.10.8.8 source lo1 numeric

    Type escape sequence to abort.

    Tracing the route to 10.10.8.8

    VRF info: (vrf in name/id, vrf out name/id)

    1 172.16.17.1 4 msec 8 msec 12 msec

    2 192.168.13.3 [MPLS: Labels 90200/16200 Exp 0] 24 msec 20 msec 20 msec

    3 192.168.36.6 [MPLS: Labels 90200/16200 Exp 0] 20 msec 20 msec 20 msec

    4 192.168.26.2 [MPLS: Label 16200 Exp 0] 20 msec 20 msec 20 msec

    5 172.16.28.8 20 msec *  20 msec

     

    RP/0/0/CPU0:PE1#show cef vrf MSSK 10.10.8.0

    Tue Apr  9 09:32:25.053 UTC

    1. 10.10.8.0/24, version 12, internal 0x5000001 0x0 (ptr 0xa13b11f4) [1], 0x0 (0x0), 0x208 (0xa152c118)

    Updated Apr 9 09:22:50.843

    Prefix Len 24, traffic index 0, precedence n/a, priority 3

    via 2.2.2.2, 3 dependencies, recursive [flags 0x6000]

        path-idx 0 NHID 0x0 [0xa1594674 0x0]

        recursion-via-/32

        next hop VRF - 'default', table - 0xe0000000

        next hop 2.2.2.2 via 90200/0/21

         next hop 192.168.13.3/32 Gi0/0/0/0    labels imposed {90200 16200}

         next hop 192.168.15.5/32 Gi0/0/0/1    labels imposed {90200 16200}

     

    Let us now remove LDP from the network to make sure that everything is working as expected and running a continuous reachability test between the CEs to check.

     

    CE1#ping 10.10.8.8 source lo1 repeat 1000000

    Type escape sequence to abort.

    Sending 1000000, 100-byte ICMP Echos to 10.10.8.8, timeout is 2 seconds:

    Packet sent with a source address of 10.10.7.7

    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!


    We are great! No packet loss and we have successfully migrated without any caveats.

     

    RP/0/0/CPU0:PE1#show mpls forwarding

    Tue Apr  9 09:38:14.609 UTC

    Local  Outgoing Prefix             Outgoing     Next Hop        Bytes

    Label  Label or ID              Interface                    Switched

    ------ ----------- ------------------ ------------ --------------- ------------

    16100  Unlabelled 10.10.7.0/24[V]    Gi0/0/0/2    172.16.17.7     295262

    16111  Pop No ID              Gi0/0/0/0    192.168.13.3    0

    16112  Pop No ID              Gi0/0/0/1    192.168.15.5    0

    90200  90200 No ID              Gi0/0/0/0    192.168.13.3    285240

           90200       No ID              Gi0/0/0/1    192.168.15.5    0

    90400  90400 No ID              Gi0/0/0/0    192.168.13.3    0

    90500  Pop No ID              Gi0/0/0/0    192.168.13.3    1221

    90600  90600 No ID              Gi0/0/0/0    192.168.13.3    0

           90600       No ID              Gi0/0/0/1    192.168.15.5    0

     

    The below flow diagram briefly describe what we have done to migrate successfully from LDP to SR:

     

    Migration Steps.png

     

    Relevant configurations:

     

    XR1:

    router isis 1

    is-type level-2-only

    net 49.0001.0000.0000.0001.00

    segment-routing global-block 90000 99000

    address-family ipv4 unicast

    metric-style wide

    segment-routing mpls sr-prefer

    !

    interface Loopback0

    address-family ipv4 unicast

    prefix-sid index 1001

    !

    !

    interface GigabitEthernet0/0/0/0

    address-family ipv4 unicast

    !

    !

    interface GigabitEthernet0/0/0/1

    address-family ipv4 unicast