Hello folks,
If you have visited my site earlier you might have seen an MPLS post related to the below network. I have been working on this network for around a month now and I plan to keep integrating different technologies in it until it breaks 🙂 (let’s see how much GNS3 on a 16 GB laptop can take. Until now it has been working perfectly).
In this network, I am going to configure MPLS TE tunnel between PE1 and PE3. For IGP connectivity I have enabled ospf . IGP is needed because we need to exchange link characteristics and underlay connectivity. If ISIS is used we have TLVs to exchange that info and for ospf LSA type 10 for intra-area (opaque lsa) is available.
Before are few checklists and noteworthy points.
- CEF should be enabled throughout the core network.
- RSVP is the protocol that is used for path reservation and exchange labels so it needs to be enabled on all the physical interfaces.
- Traffic engg should be enabled under ospf and globally.
- MPLS TE tunnels are unidirectional tunnels so you need one tunnel each direction to send the traffic. Headend of a tunnel is the router from where the tunnel starts for a particular path. For example, for Tunnel 13 on PE1 in the below PE1 config we have an explicit path configured as :
ip explicit-path name PE1-PE3 enable next-address 20.20.20.2 next-address 30.30.30.6 next-address 40.40.40.6 next-address 50.50.50.2
So here the headend of tunnel 13 will be PE1 because it has 20.20.20.1 configured which can be considered as the start of the tunnel. Tailend is definitely 50.50.50.2 which is configured on PE3. Similarly, for tunnel 31 (PE3) the headend is PE3 and the tailend is PE1.
- I am not configuring autoroute announce in this example. If you configure autoroute announce then all the prefixes learned via ospf will have MPLS TE tunnel configured as the destination, for now, this isn’t my requirement.
- Notice the Loopback1 configured on both the PE routers, do not get confused with it as I will be using this to test the connectivity, it is not related to MPLS TE rather it will use MPLS TE network to reach the other side. With this loopback, I will demonstrate how we can send normal traffic over the TE network.
Now lets get started with the config.
Traffic engineering tunnel config:
PE1 Configuration: ! ip cef mpls traffic-eng tunnels ! interface Loopback0 ip address 2.2.2.2 255.255.255.255 ! interface Loopback1 ip address 192.168.1.1 255.255.255.0 ! interface GigabitEthernet2/0 ip address 20.20.20.1 255.255.255.252 mpls traffic-eng tunnels ip rsvp bandwidth 512 512 ! router ospf 1 mpls traffic-eng router-id Loopback0 mpls traffic-eng area 0 router-id 2.2.2.2 network 2.2.2.2 0.0.0.0 area 0 network 20.20.20.1 0.0.0.0 area 0 ! ip explicit-path name PE1-PE3 enable next-address 20.20.20.2 next-address 30.30.30.6 next-address 40.40.40.6 next-address 50.50.50.2 ! interface Tunnel13 ip unnumbered Loopback0 tunnel destination 8.8.8.8 tunnel mode mpls traffic-eng tunnel mpls traffic-eng priority 2 2 tunnel mpls traffic-eng bandwidth 128 tunnel mpls traffic-eng path-option 1 explicit name PE1-PE3 no routing dynamic ! PE3 Configuration: ! ip cef mpls traffic-eng tunnels ! interface Loopback0 ip address 8.8.8.8 255.255.255.255 ! interface Loopback1 ip address 192.168.2.1 255.255.255.0 ! interface GigabitEthernet1/0 ip address 50.50.50.2 255.255.255.252 mpls traffic-eng tunnels ip rsvp bandwidth 512 512 ! router ospf 1 mpls traffic-eng router-id Loopback0 mpls traffic-eng area 0 router-id 8.8.8.8 network 8.8.8.8 0.0.0.0 area 0 network 50.50.50.0 0.0.0.3 area 0 ! ip explicit-path name PE3-PE1 enable next-address 50.50.50.1 next-address 40.40.40.1 next-address 30.30.30.1 next-address 20.20.20.1 ! interface Tunnel31 ip unnumbered Loopback0 tunnel destination 2.2.2.2 tunnel mode mpls traffic-eng tunnel mpls traffic-eng priority 2 2 tunnel mpls traffic-eng bandwidth 128 tunnel mpls traffic-eng path-option 1 explicit name PE3-PE1 no routing dynamic ! P(P1,P2,P3,P4) Routers config: ! ip cef mpls traffic-eng tunnels ! router ospf 1 mpls traffic-eng router-id Loopback0 mpls traffic-eng area 0 router-id x.x.x.x network 0.0.0.0 255.255.255.255 area 0 ! !for all the interfaces connected to core network, enable traffic engg and rsvp !bandwidth reservation, like below ! interface GigabitEthernet x/y ip address 20.20.20.2 255.255.255.252 mpls traffic-eng tunnels ip rsvp bandwidth 512 512 end
With the above configuration MPLS TE is up, now let’s verify…
Verification:
PE1#sh mpls traffic-eng tunnels tunnel 13 Name: PE1_t13 (Tunnel13) Destination: 8.8.8.8 Status: Admin: up Oper: up Path: valid Signalling: connected path option 1, type explicit PE1-PE3 (Basis for Setup, path weight 4) Config Parameters: Bandwidth: 128 kbps (Global) Priority: 2 2 Affinity: 0x0/0xFFFF Metric Type: TE (default) AutoRoute: disabled LockDown: disabled Loadshare: 128 bw-based auto-bw: disabled Active Path Option Parameters: State: explicit path option 1 is active BandwidthOverride: disabled LockDown: disabled Verbatim: disabled InLabel : - OutLabel : GigabitEthernet2/0, 211-----> Label used by PE1 while sending data out RSVP Signalling Info: Src 2.2.2.2, Dst 8.8.8.8, Tun_Id 13, Tun_Instance 1 RSVP Path Info: My Address: 20.20.20.1 Explicit Route: 20.20.20.2 30.30.30.5 30.30.30.6 40.40.40.5 40.40.40.6 50.50.50.1 50.50.50.2 8.8.8.8 Record Route: NONE Tspec: ave rate=128 kbits, burst=1000 bytes, peak rate=128 kbits RSVP Resv Info: Record Route: 4.4.4.4(211) 6.6.6.6(401) ------> Label used by each hop in path 7.7.7.7(512) 8.8.8.8(0) Fspec: ave rate=128 kbits, burst=1000 bytes, peak rate=128 kbits Shortest Unconstrained Path Info: Path Weight: 4 (TE) Explicit Route: 20.20.20.1 20.20.20.2 30.30.30.1 30.30.30.2 40.40.40.1 40.40.40.2 50.50.50.1 50.50.50.2 8.8.8.8 History: Tunnel: Time since created: 17 hours, 34 minutes Time since path change: 8 hours, 13 minutes Number of LSP IDs (Tun_Instances) used: 1 Current LSP: Uptime: 8 hours, 13 minutes PE3#sh mpls traffic-eng tunnel tun31 Name: PE3_t31 (Tunnel31) Destination: 2.2.2.2 Status: Admin: up Oper: up Path: valid Signalling: connected path option 1, type explicit PE3-PE1 (Basis for Setup, path weight 4) Config Parameters: Bandwidth: 128 kbps (Global) Priority: 2 2 Affinity: 0x0/0xFFFF Metric Type: TE (default) AutoRoute: disabled LockDown: disabled Loadshare: 128 bw-based auto-bw: disabled Active Path Option Parameters: State: explicit path option 1 is active BandwidthOverride: disabled LockDown: disabled Verbatim: disabled InLabel : - OutLabel : GigabitEthernet1/0, 513 RSVP Signalling Info: Src 8.8.8.8, Dst 2.2.2.2, Tun_Id 31, Tun_Instance 1 RSVP Path Info: My Address: 50.50.50.2 Explicit Route: 50.50.50.1 40.40.40.2 40.40.40.1 30.30.30.2 30.30.30.1 20.20.20.2 20.20.20.1 2.2.2.2 Record Route: NONE Tspec: ave rate=128 kbits, burst=1000 bytes, peak rate=128 kbits RSVP Resv Info: Record Route: 7.7.7.7(513) 5.5.5.5(302) 4.4.4.4(212) 2.2.2.2(0) Fspec: ave rate=128 kbits, burst=1000 bytes, peak rate=128 kbits Shortest Unconstrained Path Info: Path Weight: 4 (TE) Explicit Route: 50.50.50.2 50.50.50.1 40.40.40.6 40.40.40.5 30.30.30.6 30.30.30.5 20.20.20.2 20.20.20.1 2.2.2.2 History: Tunnel: Time since created: 17 hours, 10 minutes Time since path change: 8 hours, 14 minutes Number of LSP IDs (Tun_Instances) used: 1 Current LSP: Uptime: 8 hours, 14 minutes
Put traffic on MPLS TE tunnel.
As we see that tunnel is up but yet we have not started using it for any traffic so to start with I will use the Loopback1 configured on both side of the tunnels on PE1 and PE3 to test the connectivity and for this, I will use the simplest way i.e. a static route.
PE1# sh run | sec ip route ip route 192.168.2.0 255.255.255.0 Tunnel13 PE3#sh run | sec ip route ip route 192.168.1.0 255.255.255.0 Tunnel31 Check the connectivity from PE1: PE1#ping 192.168.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 52/83/100 ms PE1#traceroute 192.168.2.1 Type escape sequence to abort. Tracing the route to 192.168.2.1 1 20.20.20.2 [MPLS: Label 211 Exp 0] 64 msec 48 msec 60 msec 2 30.30.30.6 [MPLS: Label 401 Exp 0] 64 msec 68 msec 48 msec 3 40.40.40.6 [MPLS: Label 512 Exp 0] 64 msec 64 msec 52 msec 4 50.50.50.2 52 msec 60 msec 60 msec PE1# You can verify the labels assign here with the reserv path labels in above section.This will confirm that indeed the traffic is passing over the TE tunnel. There is also an accounting command, with which you can check the rate of traffic over MPLS TE tunnel. PE1#sh mpls traffic-eng tunnels tunnel 13 accounting Tunnel13 (Destination 8.8.8.8; Name PE1_t13) 5 minute output rate 5 kbits/sec, 5 packets/sec Check the connectivity from PE3: PE3#ping 192.168.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 20/40/52 ms PE3#traceroute 192.168.1.1 Type escape sequence to abort. Tracing the route to 192.168.1.1 1 50.50.50.1 [MPLS: Label 513 Exp 0] 40 msec 40 msec 40 msec 2 40.40.40.1 [MPLS: Label 302 Exp 0] 40 msec 40 msec 48 msec 3 30.30.30.1 [MPLS: Label 212 Exp 0] 48 msec 40 msec 52 msec 4 20.20.20.1 48 msec 52 msec 44 msec
Conclusion:
MPLS TE is more powerful than normal MPLS as with TE tunnels you can have the same kind of capability as MPLS but with more control. Like in the above example I have set up a path that I think is perfect for the network. Although this has a drawback that “what if the path fails ?” For that reason, there are more provisions in MPLS TE like FRR node and link protection which will allow using alternate paths if the primary fails. So a well-thought-out network in MPLS TE can improve experiences significantly. I will be covering FRR configs in the same network in upcoming blogs so stay tuned…Thank you.
Check the Youtube video for MPLS TE , FRR Link Protection and Node protection Demo:
