Table of contents
Under what circumstances is tunnel iteration required?
MPLS tunnel iteration
Under what circumstances is tunnel iteration required?
Solution
two solutions
Change the IBGP neighbor to the IBGP neighbor of Vpnv4 (generate a private network label for the target network segment, and then this labeled BGP route directly enters the label tunnel for forwarding)
Enable tunnel iteration (so that non-labeled BGP routes enter the labeled tunnel for forwarding, which will not be forwarded by default)
Specific working principle
When there is no label for the target network segment, encapsulate the access with the label of the next hop to the target network segment
After reaching the next hop, pop up the label to see the target network segment, which is tunnel iteration
(LDP generates an LSP for the next hop, and does not generate an LSP for the target network segment, but only encapsulates the packet of the target network segment in a label)
Precautions
LDP will generate LSP for 1.1.1.1, but by default it will not encapsulate non-labeled BGP routes into labeled tunnels
After the tunnel iteration is enabled, the non-labeled route of 10.0.0.1 will be encapsulated into the labeled tunnel of 1.1.1.1
Configure tunnel iteration
系统视图下 route recursive-lookup tunnel 将非标签公网路由迭代进LSP隧道进行MPLS转发
MPLS high reliability
VPN FRR
Establish a tunnel between PEs, and establish a backup LSP (private network label-vpnv4 route) for a certain LSP (private network label-vpnv4 route)
In the MPLS VPN network where CE is dual-homed to PE, the path between PE nodes can be quickly converged
In CE multi-homing scenarios, when the RD value of the VPN instance on the local PE is different from that on multiple remote PEs, if multiple destination addresses from multiple PEs have the same vpnv4 address, only the optimal The route is crossed to the vpn instance. At this time, it is necessary to enable multiple vpnv4 routes that are different from the RD of the vpn instance to be added to the routing table of the vpn instance.
Configure static VPN FRR - not dependent on dynamic FRR on IGP
配置route-policy并指定备份下一跳 route-policy 1 permit node 10 apply backup-nexthop 1.1.1.1 在VPN实例中使能FRR ip vpn-instance 1 vpn frr route-policy 1
Configure dynamic VPN FRR - does not depend on dynamic FRR on IGP
配置route-policy并自动寻找下一跳 route-policy 1 permit node 10 apply backup-nexthop auto 在VPN实例中使能FRR ip vpn-instance 1 vpn frr route-policy 1 将多条与此VPN实例不同RD值的Vpnv4路由都添加到此VPN实例路由中(默认只收一条) bgp 100 ipv4-family vpn-instance 1 vpn-route cross multipath
Disable vpn frr for all vpn instances
undo vpn frr all
VPN GR
Make the VPN traffic uninterrupted when the device carrying the VPN service undergoes active/standby switchover
Configure VPN GR—depend on IGP GR and BGP GR
1. Configure the GR of the IGP protocol
Configuring GR for the ISIS protocol
isis 10 graceful-restart 使能IS-IS协议的GR能力。 graceful-restart no-impact-holdtime 使IS-IS邻居的老化时间不受GR影响,保持原来的数据 graceful-restart suppress-sa 配置GR Restarter来置位SA(SA用来抑制发布邻接关系,可以避免短暂的黑洞)
Configuring GR for OSPF
ospf 10 opaque-capability enable 使能opaque-LSA特性 graceful-restart 使能OSPF GR特性 graceful-restart partial 配置ospf restarter支持partial gr,缺省支持totallygr graceful-restart planned-only 配置ospf restarter只支持planned gr,缺省支持planned gr和unplanned gr graceful-restart helper-role ignore-external-lsa 配置Helper不对5类LSA进行检查
2. Configure the GR of the BGP protocol
bgp 100 graceful-restart 使能bgp的gr graceful-restart peer-reset 配置设备以GR方式复位BGP连接
3. Configure MPLS tunnel GR (LDP GR)
mpls ldp graceful-restart 使能ldp的gr