Segment Routing is as of mid 2017 available on multiple vendors service provider routing platforms (Cisco, Juniper, Nokia, Arista). In this post I’m going to show how to configure MPLS Segment Routing in Cisco IOS XR as well as take a closer look at the adjacency and prefix segments.
Topology
The example topology consist of six XRv routers with IP addresses configured as seen in the figure above.
IGP configuration
IGP segments are the most fundamental segment types in Segment Routing. They are used in SR domain to forward traffic to destination through IGP calculated shortest path or through certain nodes/links. As the name implies, these segments are distributed by IGP (link-state IGP to be precise).
I’m using IS-IS in this example but OSPF could also be used. Here is IS-IS configuration from XRv-1:
router isis 1
is-type level-2-only
net 49.0001.0001.0001.1001.00
address-family ipv4 unicast
metric-style wide
segment-routing mpls
!
interface Loopback0
passive
address-family ipv4 unicast
!
!
interface GigabitEthernet0/0/0/1
point-to-point
address-family ipv4 unicast
!
!
interface GigabitEthernet0/0/0/2
point-to-point
address-family ipv4 unicast
!
!
!
All the other routers have similar configuration. IS-IS is enabled on connecting interfaces as well as on loopbacks. Only level-2 adjacencies are enable for simplicity.
The key command here is the segment-routing mpls which enables Segment Routing in all IS-IS interfaces for IPv4 address family. The router also starts advertising local adjacency and prefix segments to its neighbors.
Adjacency Segments
Let’s take a look at adjacency segments first. Adjacency segments are local to each router and represent IGP adjacencies to other routers. When router receives packet with adjacency-SID as the top label, it pops the label and forwards the packet over a link that the adjacency is attached.
The adjacency-SIDs can be verified by show isis adjacency detail command:
RP/0/0/CPU0:XRv-1#show isis adjacency detail
IS-IS 1 Level-2 adjacencies:
System Id Interface SNPA State Hold Changed NSF IPv4 IPv6
BFD BFD
XRv-2 Gi0/0/0/1 *PtoP* Up 27 00:01:58 Yes None None
Area Address: 49.0001
Neighbor IPv4 Address: 172.16.1.2*
Adjacency SID: 24002
Non-FRR Adjacency SID: 24003
Topology: IPv4 Unicast
XRv-3 Gi0/0/0/2 *PtoP* Up 26 00:01:55 Yes None None
Area Address: 49.0001
Neighbor IPv4 Address: 172.16.2.2*
Adjacency SID: 24000
Non-FRR Adjacency SID: 24001
Topology: IPv4 Unicast
Here we can see that XRv-1 has allocated two SIDs for each of its IS-IS adjacencies: protected and non-protected. The protected adjacency-SID is used for fast reroute mechanisms such as TI-LFA.
Adjacency-SIDs can also be verified from IS-IS LSDB:
RP/0/0/CPU0:XRv-1#show isis database verbose XRv-1
IS-IS 1 (Level-2) Link State Database
LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL
XRv-1.00-00 * 0x0000000a 0xd6f8 918 0/0/0
Area Address: 49.0001
NLPID: 0xcc
Hostname: XRv-1
IP Address: 1.1.1.1
Router Cap: 1.1.1.1, D:0, S:0
Segment Routing: I:1 V:0, SRGB Base: 16000 Range: 8000
Metric: 10 IS-Extended XRv-2.00
Interface IP Address: 172.16.1.1
Neighbor IP Address: 172.16.1.2
ADJ-SID: F:0 B:1 V:1 L:1 S:0 weight:0 Adjacency-sid:24002
ADJ-SID: F:0 B:0 V:1 L:1 S:0 weight:0 Adjacency-sid:24003
Metric: 10 IS-Extended XRv-3.00
Interface IP Address: 172.16.2.1
Neighbor IP Address: 172.16.2.2
ADJ-SID: F:0 B:1 V:1 L:1 S:0 weight:0 Adjacency-sid:24000
ADJ-SID: F:0 B:0 V:1 L:1 S:0 weight:0 Adjacency-sid:24001
Metric: 0 IP-Extended 1.1.1.1/32
Metric: 10 IP-Extended 172.16.1.0/24
Metric: 10 IP-Extended 172.16.2.0/24
Here is a snippet from packet capture of IS-IS Link-state PDU advertised by Xrv-1:
Ajacency-SIDs are advertised using Extended IS reachability TLV and Adj-SID sub-TLV. The Adj-SID sub-TLV consist of flags, weight and the SID value.
Encapsulation flag specifies address family of the outgoing encapsulation.
Backup flag indicates that the SID is eligible for protection (for FRR as mentioned above).
Value flag is set if the SID is an absolute value and not index. Set-flag indicates if the SID refers to a set of multiple adjacencies.
Local Significance flag indicates that this SID value is locally significant to the advertising node.
Set flag is set when SID refers to a set of multiple adjacencies.
Weight value is used for load balancing between multiple adjacencies.
The SID value field itself can contain absolute value or index depending if the local significance and value flags are set. These flags are always set in IOS XR for adjacency segments, so the SID is an absolute label value.
If we run the show mpls forwarding command, we see that each router has associated the SID labels in LFIB with pop action and outgoing interface + next hop address of the adjacent neighbor:
RP/0/0/CPU0:XRv-1#show mpls forwarding
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24000 Pop SR Adj (idx 1) Gi0/0/0/1 172.16.1.2 0
24001 Pop SR Adj (idx 3) Gi0/0/0/1 172.16.1.2 0
24002 Pop SR Adj (idx 1) Gi0/0/0/2 172.16.2.2 0
24003 Pop SR Adj (idx 3) Gi0/0/0/2 172.16.2.2 0
Prefix Segments
Prefix segments are global segments that use the SRGB as label allocation range. Prefix-SID value can be configured as absolute or index but it has to be unique within a SR domain. IOS XR uses SRGB range 16000 - 23999 by default.
Unlike adjacency segments, prefix segments are not automatically allocated and advertised. The administrator manually assigns prefix-SIDs to IGP enabled loopback interfaces.
I assigned prefix-SID for every routers loopback interface with index value of the routers number. Here is the configuration from XRv-1:
router isis 1
interface Loopback0
address-family ipv4 unicast
prefix-sid index 1
Prefix-SIDs can be verified from LSDB:
RP/0/0/CPU0:XRv-1#show isis database verbose XRv-1
IS-IS 1 (Level-2) Link State Database
LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL
XRv-1.00-00 * 0x00000008 0x8a0e 853 0/0/0
...
Metric: 0 IP-Extended 1.1.1.1/32
Prefix-SID Index: 1, Algorithm:0, R:0 N:1 P:0 E:0 V:0 L:0
Let’s take a look at some packet captures. Every router advertises its Segment Routing capability and SRGB in IS-IS SR-Capabilities sub-TLV:
The I and V flags specify if the router can process IPv4 or IPv6 packets on all interfaces. SID/Label sub-TLV contain the first label value of the SRGB and the range contains the number of labels.
Prefix-SIDs are advertised in Prefix-SID sub-TLV which is associated with a prefix:
In this case XRv-1 is advertising prefix 1.1.1.1/32 with SID index value 1 as I configured before. Based on the default SRGB range, other routers will associate prefix 1.1.1.1/32 with SID value 16001.
Re-advertisement flag is set when prefix is propagated from another level or redistributed from another protocol.
Node-SID flag is set when prefix-SID is a Node-SID.
no-PHP flag is used to control penultimate hop popping behavior. If the flag is set, then penultimate router must not pop the label before forwarding. IOS XR does not set the flag by default (PHP is enabled).
Explicit-Null flag instructs penultimate router to replace the Prefix-SID label with Explicit-Null label. Unset by default in IOS XR.
Value and Local flags are used in same way as in Adj-SID sub-TLV.
We can view the prefix-SIDs in the routers LFIB:
RP/0/0/CPU0:XRv-1#show mpls forwarding
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16002 Pop SR Pfx (idx 2) Gi0/0/0/1 172.16.1.2 0
16003 Pop SR Pfx (idx 3) Gi0/0/0/2 172.16.2.2 0
16004 16004 SR Pfx (idx 4) Gi0/0/0/1 172.16.1.2 0
16005 16005 SR Pfx (idx 5) Gi0/0/0/1 172.16.1.2 0
16005 SR Pfx (idx 5) Gi0/0/0/2 172.16.2.2 0
16006 16006 SR Pfx (idx 6) Gi0/0/0/1 172.16.1.2 0
16006 SR Pfx (idx 6) Gi0/0/0/2 172.16.2.2 0
Interesting thing here is that SIDs 16005 and 16006 have two outgoing interfaces associated with them. This happens because IS-IS has calculated two equal cost paths from XRv-1 to XRv-5 and XRv-6 and Segment Routing is able to automatically take advantage of both of these paths for load balancing.
RP/0/0/CPU0:XRv-1#show isis route 6.6.6.6/32 detail
L2 6.6.6.6/32 [30/115] medium priority
via 172.16.2.2, GigabitEthernet0/0/0/2, XRv-3, SRGB Base: 16000, Weight: 0
via 172.16.1.2, GigabitEthernet0/0/0/1, XRv-2, SRGB Base: 16000, Weight: 0
src XRv-6.00-00, 6.6.6.6, prefix-SID index 6, R:0 N:1 P:0 E:0 V:0 L:0
As a last verification, we can run traceroute from XRv-1 to 6.6.6.6 and see that the correct SID labels get pushed to the packets.
RP/0/0/CPU0:XRv-1#traceroute 6.6.6.6
Type escape sequence to abort.
Tracing the route to 6.6.6.6
1 172.16.2.2 [MPLS: Label 16006 Exp 0] 9 msec 0 msec 0 msec
2 172.16.4.2 [MPLS: Label 16006 Exp 0] 0 msec 0 msec 0 msec
3 172.16.7.2 0 msec * 0 msec
As the traceroute illustrates, global SID stays constantly same on every hop to the destination. This simplifies troubleshooting compared to traditional MPLS where labels are locally significant and can change at every hop.
Summary
I hope this post has demonstrated how simple basic Segment Routing functionality is and how easy it is to get running. If you only require basic MPLS connectivity between service end-points relying on the IGP shortest path, you can just advertise loopback prefix-SID from each router.
Of course there is much more to Segment Routing than this basic example shows. In a future post I’m going to cover one of the most interesting use case of SR: traffic engineering.