We start with R1 which is the ingress PE router that R2 sends traffic towards. We know from the previous post that the L3 VPN is working.
First thing we need to know is what VPN label R3 allocated to routes learned from R4 and sent over to R1.
R1#sh bgp vpnv4 unicast all 192.0.2.4/32
BGP routing table entry for 1:1:192.0.2.4/32, version 148
Paths: (1 available, best #1, table UMPLS)
Advertised to update-groups:
3
Refresh Epoch 1
65004
192.0.2.3 (metric 10) (via default) from 192.0.2.3 (192.0.2.3)
Origin IGP, metric 0, localpref 100, valid, internal, best
Extended Community: RT:1:1
mpls labels in/out nolabel/22
rx pathid: 0, tx pathid: 0x0
In this case, we see that the Out label is 22 for the prefix 192.0.2.4/32. Now we need to know what the transport label and BGP labels are, they technically all come from the same label space. We see a next hop of 192.0.2.3 and that is what we do a look up on.
R1#sh ip route 192.0.2.3
Routing entry for 192.0.2.3/32
Known via "bgp 50693", distance 200, metric 0, type internal
Last update from 192.0.2.8 00:34:13 ago
Routing Descriptor Blocks:
* 192.0.2.8, from 192.0.2.8, 00:34:13 ago
Route metric is 0, traffic share count is 1
AS Hops 0
MPLS label: 28
Here we see that label 28 was allocated via LDP to reach R3's loopback. So from R1 to R8 we'll see a 2 label stack, label 28 is the transport label to get us to R8 and label 22 is the VPN label that remains unchanged. There needs to be a RIB lookup in order to determine the outgoing interface and only then can a label value be found to reach the next hop. We now need to check the CEF table to see what label value to use to reach the next hop, we already know it, label 28, but the IP stack needs to swap the label values between interfaces.
R1#sh ip cef 192.0.2.3
192.0.2.3/32
nexthop 100.64.18.8 GigabitEthernet1.18 label 28
Label 28 is applied to the outgoing traffic with a next hop of R8. If we check the LDP or mpls forwarding table, there are no outgoing labels, as R8 is directly connected to R1 and signals with label 3 or the implicit null which triggers PHP. Instead we need to look at the BGP label database to see the outgoing label.
R1#sh bgp ipv4 unicast labels
Network Next Hop In label/Out label
192.0.2.1/32 0.0.0.0 imp-null/nolabel
192.0.2.3/32 192.0.2.8 nolabel/28
192.0.2.7 nolabel/30
We see label 28 and we can now move forward to R8. If traffic was going towards R7, the transport label would be 30 and the VPN label would remain 22.
R8#sh ip route 192.0.2.3
Routing entry for 192.0.2.3/32
Known via "bgp 50693", distance 200, metric 0, type internal
Last update from 192.0.2.16 00:41:49 ago
Routing Descriptor Blocks:
* 192.0.2.16, from 192.0.2.16, 00:41:49 ago
Route metric is 0, traffic share count is 1
AS Hops 0
MPLS label: 24000
Same process on R1 happens on R8, RIB lookup for 192.0.2.3, FIB lookup and then BGP label lookup. The difference here is that R8 is the edge of the IS-IS routing domain. We are peering with R9 and XR6 via IPv4 label unicast and BGP is allocating label values.
R8#sh ip cef 192.0.2.3
192.0.2.3/32
nexthop 100.64.85.5 GigabitEthernet1.85 label 20 24000
To expand on that, labels 20 and 24000 are present in the FIB. Label 20 gets us to XR6 and label 24000 gets us to R3. Since IGP is not end to end here, R1 and R3 can't follow an end to end LDP learned LSP, therefore we need to BGP learned labels to get the traffic from the ABR or R8 to XR6 over the OSPF core. That is why we see 2 label values to reach R3, the first, 20 gets us to the iBGP next hop which is XR6 and the second, 24000, gets us to R3 which is the next hop for that iBGP peering. We are effectively using iBGP to extend the LSP since LDP can't do it for us end to end.
R8#show mpls forwarding-table labels 26
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
26 20 192.0.2.16/32 0 Gi1.85 100.64.85.5
R8#show mpls forwarding-table labels 28
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
28 24000 192.0.2.3/32 42152 Gi1.85 100.64.85.5
R8#show bgp ipv4 unicast labels
Network Next Hop In label/Out label
192.0.2.1/32 192.0.2.1 18/imp-null
192.0.2.3/32 192.0.2.16 28/24000
At this point, R5 and R6 are cluless of what is happening as they only have labels allocated for their connected ABRs.
R5#sh mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
17 Pop Label 192.0.2.7/32 1193853 Gi1.75 100.64.75.7
20 18 192.0.2.16/32 232601 Gi1.56 100.64.56.6
21 Pop Label 192.0.2.8/32 70821 Gi1.85 100.64.85.8
22 17 192.0.2.9/32 977587 Gi1.56 100.64.56.6
RP/0/0/CPU0:XR6#sh route 192.0.2.3
Thu Apr 5 11:10:27.498 UTC
Routing entry for 192.0.2.3/32
Known via "isis 50693", distance 115, metric 20, type level-1
Installed Apr 4 18:32:49.918 for 16:37:37
Routing Descriptor Blocks
100.64.63.3, from 192.0.2.3, via GigabitEthernet0/0/0/0.63
Route metric is 20
No advertising protos.
XR6 receives this traffic, does a RIB lookup and finds the outgoing interface. Checks the LFIB for the outgoing label but since its connected it R3, R3 is advertising implicit null and the transport label is PHPd.
RP/0/0/CPU0:XR6#show cef 192.0.2.3
Thu Apr 5 11:10:34.327 UTC
192.0.2.3/32, version 861, internal 0x1000001 0x0 (ptr 0xa13c73f4) [1], 0x0 (0xa1391b90), 0xa20 (0xa15274b0)
Updated Apr 4 19:45:27.409
local adjacency 100.64.63.3
Prefix Len 32, traffic index 0, precedence n/a, priority 3
via 100.64.63.3/32, GigabitEthernet0/0/0/0.63, 5 dependencies, weight 0, class 0 [flags 0x0]
path-idx 0 NHID 0x0 [0xa0f65694 0xa0f656e8]
next hop 100.64.63.3/32
local adjacency
local label 24000 labels imposed {ImplNull}
RP/0/0/CPU0:XR6#show mpls forwarding labels 24000
Thu Apr 5 11:11:14.185 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24000 Pop 192.0.2.3/32 Gi0/0/0/0.63 100.64.63.3 480179
The incoming label or local label is 24000 and the outgoing label is Pop or PHP so R3 will only get the VPN label inbound from XR6.
R3#show mpls forwarding-table labels 22
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
22 No Label 192.0.2.4/32[V] 76186 Gi1.34 100.64.34.4
Label 22 is received which is removed and traffic towards R4 is sent via native IP.
R2#traceroute 192.0.2.4 so lo0 num
Type escape sequence to abort.
Tracing the route to 192.0.2.4
VRF info: (vrf in name/id, vrf out name/id)
1 100.64.21.1 5 msec 4 msec 3 msec
2 100.64.18.8 [MPLS: Labels 28/22 Exp 0] 11 msec 12 msec 11 msec
3 100.64.85.5 [MPLS: Labels 20/24000/22 Exp 0] 20 msec 32 msec 32 msec
4 100.64.56.6 [MPLS: Labels 18/24000/22 Exp 0] 33 msec 39 msec 32 msec
5 100.64.66.16 [MPLS: Labels 24000/22 Exp 0] 22 msec 31 msec 31 msec
6 100.64.34.3 [AS 65004] [MPLS: Label 22 Exp 0] 16 msec 15 msec 18 msec
7 100.64.34.4 [AS 65004] 22 msec * 10 msec
Hop 2 is a 2 label stack consisting of the BGP label to reach R7 (28) and 22 is the VPN label allocated by R3 and sent to R1.
Hop 3 is a 3 label stack where label 20 is the LDP label used to reach XR6 allocated by R5, Label 24000 is allocated by BGP to reach R3 and label 22 is the VPN label.
Hop 4 is a 3 label stack where label 18 is the LDP label used to reach XR6 allocated by R6, Label 24000 is allocated by BGP to reach R3 and label 22 is the VPN label.
Hop 5 is a 2 label stack from XR6 towards R3, 24000 is the transport label and label 22 is the VPN label.
Hop 6 is a 1 label stack, the BoS or bottom of stack bit is set to 1, PHPing the transport label on XR6 and sending just the VPN label towards R3.
No comments:
Post a Comment