Genie's Tech Blog

Where knowledge has no dimensions

mLDP on IOS XR - Profile 1 mVPN on IOS-XR

Hello Friends,

Today we are going to discuss about mLDP (Multicast label distribution protocol).  Multicast LDP is an extension to Unicast LDP that allows the creation of Multi-Point LSPs. MLDP as defined in IETF draft draft-ietf-mpls-ldp-p2mp-xx supports P2MP and MP2MP LSPs. These MP-LSPs are used in a variety of multicast application, like Global table Multicast, Multicast VPN’s and VPLS. With the introduction to mLDP, the Service Provider core is now a PIM free core. Only PE routers now need to run PIM towards the CE facing interfaces. 

LDP RFC introduced the mechanism to setup point-to-point LSP (P2P) in the MPLS network where there is a single source and single destination. However, a P2MP LSP allows traffic from a single ingress router (root node) to be delivered to multiple egress routers (leaf nodes). A MP2MP LSP allows traffic from multiple ingress routers to multiple egress routers. At any point, a single copy of packet is sent to any LSP without any multicast routing protocol in the network.

In MLDP, there will be a VPN-ID used instead of MDT default multicast group address. The default MDT will be created using MP2MP LSP to support low bandwidth and control traffics between the VRFs. The data MDT will be created using P2MP LSP to support high bandwidth traffic from a particular source. There will be PIM neighbor relationships between the VRFs which are seen in LSP-VIF. At the edge towards the customer (CE) PIM multicast routing will be enabled for that VRF.

The Default MDT will be created using MP2MP LSP. Static root has to be defined for MP2MP LSP. Normally two roots will be configured for redundancy. MDT will use LSP-VIF to transmit VPN multicast packets.

We shall now understand how mLDP works with the help of an example. Consider the below topology:

 

In the above topology, we have XR-PE1 and XR-PE2 as the two PE routers between which we shall be running mLDP and basic MPLS VPN. Lets now have a look at the configuration from all the routers:

Config on XR-PE1:
============
hostname XR-PE1
vrf ABC
 vpn id 1:1
 address-family ipv4 unicast
  import route-target
   1:1
  !
  export route-target
   1:1
  !
 !
!
interface Loopback0
 ipv4 address 1.1.1.1 255.255.255.255
!
interface GigabitEthernet0/2/0/0
 ipv4 address 12.12.12.1 255.255.255.252
!
interface GigabitEthernet0/2/0/1
 vrf ABC
 ipv4 address 192.168.100.1 255.255.255.252
!
route-policy use_mdt
  set core-tree mldp-default
end-policy
!
router ospf 1
 vrf ABC
  redistribute bgp 100
  area 0
   interface GigabitEthernet0/2/0/1
   !
  !
 !
!
router ospf 100
 router-id 1.1.1.1
 area 0
  interface Loopback0
  !
  interface GigabitEthernet0/2/0/0
  !
 !
!
router bgp 100
 bgp router-id 1.1.1.1
 address-family ipv4 unicast
 !
 address-family vpnv4 unicast
 !
 address-family ipv4 mdt
 !
 neighbor 2.2.2.2
  remote-as 100
  update-source Loopback0
  address-family vpnv4 unicast
   next-hop-self
  !
  address-family ipv4 mdt
  !
 !
 vrf ABC
  rd 1:1
  address-family ipv4 unicast
   redistribute ospf 1 match internal external
  !
 !
!
mpls ldp
 router-id 1.1.1.1
 mldp
 !
 interface GigabitEthernet0/2/0/0
 !
!
multicast-routing
 address-family ipv4
  mdt source Loopback0
  interface all enable
  accounting per-prefix
 !
 vrf ABC
  address-family ipv4
   mdt default mldp ipv4 1.1.1.1
   interface all enable
  !
 !
!
router pim
 vrf ABC
  address-family ipv4
   rpf topology route-policy use_mdt
   rp-address 192.168.100.1
   interface GigabitEthernet0/0/0/1
    enable
   !
  !
 !
!
end

Config on XR-PE2:
============
hostname XR-PE2
vrf ABC
 vpn id 1:1
 address-family ipv4 unicast
  import route-target
   1:1
  !
  export route-target
   1:1
  !
 !
!
interface Loopback0
 ipv4 address 2.2.2.2 255.255.255.255
!
interface GigabitEthernet0/2/0/0
 ipv4 address 12.12.12.2 255.255.255.252
!
interface GigabitEthernet0/2/0/1
 vrf ABC
 ipv4 address 192.168.200.1 255.255.255.252
!
route-policy use_mdt
  set core-tree mldp-default
end-policy
!
router ospf 1
 vrf ABC
  redistribute bgp 100
  area 0
   interface GigabitEthernet0/2/0/1
   !
  !
 !
!
router ospf 100
 router-id 2.2.2.2
 area 0
  interface Loopback0
  !
  interface GigabitEthernet0/2/0/0
  !
 !
!
router bgp 100
 bgp router-id 2.2.2.2
 address-family ipv4 unicast
 !
 address-family vpnv4 unicast
 !
 address-family ipv4 mdt
 !
 neighbor 1.1.1.1
  remote-as 100
  update-source Loopback0
  address-family vpnv4 unicast
   next-hop-self
  !
  address-family ipv4 mdt
  !
 !
 vrf ABC
  rd 1:1
  address-family ipv4 unicast
   redistribute ospf 1 match internal external
  !
 !
!
mpls ldp
 router-id 2.2.2.2
 mldp
 !
 interface GigabitEthernet0/2/0/0
 !
!
multicast-routing
 address-family ipv4
  mdt source Loopback0
  interface all enable
  accounting per-prefix
 !
 vrf ABC
  address-family ipv4
   mdt default mldp ipv4 1.1.1.1
   interface all enable
  !
 !
!
router pim
 vrf ABC
  address-family ipv4
   rpf topology route-policy use_mdt
   rp-address 192.168.100.1
   interface GigabitEthernet0/0/0/1
    enable
   !
  !
 !
!
end

Config on CE1:
=========
ip multicast-routing 
!
interface Loopback0
 ip address 172.16.1.1 255.255.255.255
 ip pim sparse-mode
!
interface GigabitEthernet0/2
 ip address 192.168.100.2 255.255.255.252
 ip pim sparse-mode
 duplex auto
 speed auto
!
router ospf 100
 router-id 172.16.1.1
 network 172.16.1.1 0.0.0.0 area 0
 network 192.168.100.2 0.0.0.0 area 0
!
ip pim rp-address 192.168.100.1
!

Config on CE2:
=========
ip multicast-routing 
!
interface Loopback0
 ip address 172.16.2.1 255.255.255.255
 ip pim sparse-mode
 ip igmp join-group 239.0.0.1
!
interface GigabitEthernet0/2
 ip address 192.168.200.2 255.255.255.252
 ip pim sparse-mode
 duplex auto
 speed auto
!
router ospf 100
 router-id 172.16.2.1
 network 172.16.2.1 0.0.0.0 area 0
 network 192.168.200.2 0.0.0.0 area 0
!
ip pim rp-address 192.168.100.1
!

From the above configuration we can see that on both the XR nodes, we have configured the mdt default group to be as the mldp root node i.e. 1.1.1.1 in this case. Also, under the PIM we define that the rpf for the core tree needs to be defined as the mldp-default which is based on the Rosen draft. We are configuring CE1 as the Multicast Source for the group 239.0.0.1 and CE2 as the client with a static group-join on the loopback interface. First we shall check the connectivity between CE1 and CE2 routers;

Output on CE1:
==========
CE1# sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      172.16.0.0/32 is subnetted, 2 subnets
O IA     172.16.2.1 [110/3] via 192.168.100.1, 00:12:02, GigabitEthernet0/2
      192.168.200.0/30 is subnetted, 1 subnets
O IA     192.168.200.0 [110/2] via 192.168.100.1, 00:12:09, GigabitEthernet0/2
CE1#ping 172.16.1.1 sou
CE1#ping 172.16.2.1 sou    
CE1#ping 172.16.2.1 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.2.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.1.1 
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
CE1#

Since now we have the end to end connectivity, its confirmed that the MPLS VPN is configured properly. Lets now have a look at the core devices for mLDP peering and PIM neighborship.

Output on XR-PE1:
============
RP/0/5/CPU0:XR-PE1#show pim vrf ABC neighbor 
Wed Oct  8 17:18:28.303 UTC

PIM neighbors in VRF ABC

Neighbor Address             Interface              Uptime    Expires  DR pri   Flags

192.168.100.1*               GigabitEthernet0/2/0/1 00:19:02  00:01:42 1      B P
192.168.100.2                GigabitEthernet0/2/0/1 00:13:32  00:01:31 1 (DR) P
1.1.1.1*                     LmdtABC                00:18:59  00:01:17 1     
2.2.2.2                      LmdtABC                00:16:27  00:01:35 1 (DR)
RP/0/5/CPU0:XR-PE1#

RP/0/5/CPU0:XR-PE1#show mpls mldp neighbors 
Wed Oct  8 17:18:41.117 UTC
mLDP neighbor database
 MLDP peer ID      : 2.2.2.2:0, uptime 00:16:50 Up, 
  Capabilities     : Typed Wildcard FEC, P2MP, MP2MP
  Target Adj       : No
  Upstream count   : 0
  Branch count     : 1
  Label map timer  : never
  Policy filter in : None
  Path count       : 1
  Path(s)          : 12.12.12.2        GigabitEthernet0/2/0/0 LDP 
  Adj list         : 12.12.12.2        GigabitEthernet0/2/0/0
  Peer addr list   : 10.122.166.155   
                   : 2.2.2.2          
                   : 12.12.12.2       
RP/0/5/CPU0:XR-PE1#

RP/0/5/CPU0:XR-PE1#show mpls mldp status 
Wed Oct  8 17:19:00.447 UTC

mLDP statistics
 Process status         : Active, Running and Ready
 Multipath upstream     : Enabled
 Multipath downstream   : Enabled
 Logging notifications  : Disabled
 Database count         : 1
 Label release scan in  : never
 LSM ID scan in         : never
 RIB connection status  : Connected
 RIB connection open    : Yes
 TE Intact              : Disabled
 Active RIB table       : default/IPv4/Unicast

Table Name              : default
  AFI                   : IPv4
  SAFI                  : Unicast
  RIB converged         : Yes
  Table ID              : E0000000

Table Name              : default
  AFI                   : IPv4
  SAFI                  : Multicast
  RIB converged         : Yes
  Table ID              : E0100000
RP/0/5/CPU0:XR-PE1#

RP/0/5/CPU0:XR-PE1#show mpls mldp database 
Wed Oct  8 17:19:13.818 UTC
mLDP database
LSM-ID: 0x00001 (RNR LSM ID: 0x00002)   Type: MP2MP   Uptime: 00:19:45
  FEC Root           : 1.1.1.1 (we are the root)    <<<<<<<<<
  Opaque decoded     : [mdt 1:1 0]       <<<<<<<<<<
  RNR active LSP     : (this entry)
  Candidate RNR ID(s): 
  Upstream neighbor(s) :
    None
  Downstream  client(s): 
    LDP 2.2.2.2:0      Uptime: 00:17:22
      Next Hop         : 12.12.12.2
      Interface        : GigabitEthernet0/2/0/0 
      Remote label (D) : 16002             Local label (U) : 16003
    PIM MDT            Uptime: 00:19:45
      Egress intf     : LmdtABC
      Table ID        : IPv4: 0xe0000001 IPv6: 0xe0800001
      HLI             : 0x00002
      RPF ID          : 1
      Local Label     : 16000 (internal)
RP/0/5/CPU0:XR-PE1#

From the above outputs we can see that the root of mLDP within the core is 1.1.1.1 as defined and the MDT is defined by the vpn-id that we have set while configuring the vrf ABC. Lets now verify the Multicast stream with the help of a ping from CE1.

Output from CE1:
===========
CE1#ping 239.0.0.1 source lo0 repeat 3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 239.0.0.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.1.1 
.
Reply to request 1 from 172.16.2.1, 48 ms
Reply to request 2 from 172.16.2.1, 1 ms
Reply to request 2 from 172.16.2.1, 1 ms
Reply to request 3 from 172.16.2.1, 1 ms
Reply to request 3 from 172.16.2.1, 1 ms
CE1#

Thus, its confirmed that the Multicast stream is running properly now. Lets now have a look at the mrib and mfib entries in the core router:

Output on XR-PE1:
============
RP/0/5/CPU0:XR-PE1#show mrib vrf ABC route 239.0.0.1 detail 
Wed Oct  8 17:23:35.958 UTC

IP Multicast Routing Information Base
Entry flags: L - Domain-Local Source, E - External Source to the Domain,
    C - Directly-Connected Check, S - Signal, IA - Inherit Accept,
    IF - Inherit From, D - Drop, MA - MDT Address, ME - MDT Encap,
    MD - MDT Decap, MT - MDT Threshold Crossed, MH - MDT interface handle
    CD - Conditional Decap, MPLS - MPLS Decap, MF - MPLS Encap, EX - Extranet
    MoFE - MoFRR Enabled, MoFS - MoFRR State
Interface flags: F - Forward, A - Accept, IC - Internal Copy,
    NS - Negate Signal, DP - Don't Preserve, SP - Signal Present,
    II - Internal Interest, ID - Internal Disinterest, LI - Local Interest,
    LD - Local Disinterest, DI - Decapsulation Interface
    EI - Encapsulation Interface, MI - MDT Interface, LVIF - MPLS Encap,
    EX - Extranet, A2 - Secondary Accept

(*,239.0.0.1) Ver: 0xd8b RPF nbr: 192.168.100.1 Flags: C EID, FMA: 0x40000
  Up: 00:18:01
  RPF-ID: 0, Encap-ID: 1
  Incoming Interface List
    Decapstunnel0 Flags: A, Up: 00:18:01
  Outgoing Interface List
    LmdtABC Flags: F NS LMI, Up: 00:18:01, Head LSM-ID: 0x00002

(172.16.1.1,239.0.0.1) Ver: 0x6296 RPF nbr: 192.168.100.2 Flags: L EID, FMA: 0x40000
  Up: 00:01:58
  RPF-ID: 0, Encap-ID: 1
  Incoming Interface List
    GigabitEthernet0/2/0/1 Flags: A, Up: 00:01:58
  Outgoing Interface List
    LmdtABC Flags: F NS LMI, Up: 00:01:58, Head LSM-ID: 0x00002
RP/0/5/CPU0:XR-PE1#

RP/0/5/CPU0:XR-PE1#show mfib vrf ABC route 239.0.0.1 detail 
Wed Oct  8 17:23:56.736 UTC

IP Multicast Forwarding Information Base
Entry flags: C - Directly-Connected Check, S - Signal, D - Drop,
  IA - Inherit Accept, IF - Inherit From, MA - MDT Address,
  ME - MDT Encap, MD - MDT Decap, MT - MDT Threshold Crossed,
  MH - MDT interface handle, CD - Conditional Decap,
  DT - MDT Decap True, EX - Extranet
  MoFE - MoFRR Enabled, MoFS - MoFRR State
Interface flags: F - Forward, A - Accept, IC - Internal Copy,
  NS - Negate Signal, DP - Don't Preserve, SP - Signal Present,
  EG - Egress, EI - Encapsulation Interface, MI - MDT Interface,
  EX - Extranet, A2 - Secondary Accept
Forwarding/Replication Counts: Packets in/Packets out/Bytes out
Failure Counts: RPF / TTL / Empty Olist / Encap RL / Other

(*,239.0.0.1),   Flags:  C EID , FMA: 0x40000 ,
  Up: 00:18:22
  Last Used: never
  SW Forwarding Counts: 0/0/0
  SW Replication Counts: 0/0/0
  SW Failure Counts: 0/0/0/0/0
  Route ver: 0xd8b
  MVPN Info :- 
    Associated Table ID : 0xe0000000
    MDT Handle: 0x6000580, MDT Probe:N [N], Rate:N, Acc:N
    MDT SW Ingress Encap V4/V6, Egress decap: 0 / 0, 0
    Encap ID: 1 RPF ID: 0
    Local Receiver: False Turnaround: False
  LmdtABC Flags:  F NS LMI, Up:00:18:22
  Decapstunnel0 Flags:  A, Up:00:18:22

(172.16.1.1,239.0.0.1),   Flags:  EID , FMA: 0x40000 ,
  Up: 00:02:18
  Last Used: never
  SW Forwarding Counts: 0/0/0
  SW Replication Counts: 0/0/0
  SW Failure Counts: 0/0/0/0/0
  Route ver: 0x6296
  MVPN Info :- 
    Associated Table ID : 0xe0000000
    MDT Handle: 0x6000580, MDT Probe:N [N], Rate:N, Acc:N
    MDT SW Ingress Encap V4/V6, Egress decap: 0 / 0, 0
    Encap ID: 1 RPF ID: 0
    Local Receiver: False Turnaround: False
  LmdtABC Flags:  F NS LMI, Up:00:02:18
  GigabitEthernet0/2/0/1 Flags:  A, Up:00:02:18
RP/0/5/CPU0:XR-PE1#

Output on XR-PE2:
============
RP/0/5/CPU0:XR-PE2#show mrib vrf ABC route 239.0.0.1 detail 
Wed Oct  8 09:58:14.500 UTC

IP Multicast Routing Information Base
Entry flags: L - Domain-Local Source, E - External Source to the Domain,
    C - Directly-Connected Check, S - Signal, IA - Inherit Accept,
    IF - Inherit From, D - Drop, MA - MDT Address, ME - MDT Encap,
    MD - MDT Decap, MT - MDT Threshold Crossed, MH - MDT interface handle
    CD - Conditional Decap, MPLS - MPLS Decap, MF - MPLS Encap, EX - Extranet
    MoFE - MoFRR Enabled, MoFS - MoFRR State
Interface flags: F - Forward, A - Accept, IC - Internal Copy,
    NS - Negate Signal, DP - Don't Preserve, SP - Signal Present,
    II - Internal Interest, ID - Internal Disinterest, LI - Local Interest,
    LD - Local Disinterest, DI - Decapsulation Interface
    EI - Encapsulation Interface, MI - MDT Interface, LVIF - MPLS Encap,
    EX - Extranet, A2 - Secondary Accept

(*,239.0.0.1) Ver: 0x2993 RPF nbr: 1.1.1.1 Flags: C RPFID, FMA: 0x40000
  Up: 00:18:54
  RPF-ID: 1, Encap-ID: 0
  Incoming Interface List
    LmdtABC Flags: A LMI, Up: 00:18:54
  Outgoing Interface List
    GigabitEthernet0/2/0/1 Flags: F NS, Up: 00:18:54

(172.16.1.1,239.0.0.1) Ver: 0x251e RPF nbr: 1.1.1.1 Flags: RPFID, FMA: 0x40000
  Up: 00:02:49
  RPF-ID: 1, Encap-ID: 0
  Incoming Interface List
    LmdtABC Flags: A LMI, Up: 00:02:49
  Outgoing Interface List
    GigabitEthernet0/2/0/1 Flags: F NS, Up: 00:02:49
RP/0/5/CPU0:XR-PE2#

RP/0/5/CPU0:XR-PE2#show mfib vrf ABC route 239.0.0.1 detail 
Wed Oct  8 09:58:32.369 UTC

IP Multicast Forwarding Information Base
Entry flags: C - Directly-Connected Check, S - Signal, D - Drop,
  IA - Inherit Accept, IF - Inherit From, MA - MDT Address,
  ME - MDT Encap, MD - MDT Decap, MT - MDT Threshold Crossed,
  MH - MDT interface handle, CD - Conditional Decap,
  DT - MDT Decap True, EX - Extranet
  MoFE - MoFRR Enabled, MoFS - MoFRR State
Interface flags: F - Forward, A - Accept, IC - Internal Copy,
  NS - Negate Signal, DP - Don't Preserve, SP - Signal Present,
  EG - Egress, EI - Encapsulation Interface, MI - MDT Interface,
  EX - Extranet, A2 - Secondary Accept
Forwarding/Replication Counts: Packets in/Packets out/Bytes out
Failure Counts: RPF / TTL / Empty Olist / Encap RL / Other

(*,239.0.0.1),   Flags:  C RPFID , FMA: 0x40000 ,
  Up: 00:19:12
  Last Used: never
  SW Forwarding Counts: 0/0/0
  SW Replication Counts: 0/0/0
  SW Failure Counts: 0/0/0/0/0
  Route ver: 0x2993
  MVPN Info :- 
    Associated Table ID : 0xe0000000
    MDT Handle: 0x6000480, MDT Probe:N [N], Rate:N, Acc:N
    MDT SW Ingress Encap V4/V6, Egress decap: 0 / 0, 0
    Encap ID: 0 RPF ID: 1
    Local Receiver: True Turnaround: False
  LmdtABC Flags:  A LMI, Up:00:19:12
  GigabitEthernet0/2/0/1 Flags:  NS, Up:00:19:12

(172.16.1.1,239.0.0.1),   Flags:  RPFID , FMA: 0x40000 ,
  Up: 00:03:07
  Last Used: never
  SW Forwarding Counts: 0/0/0
  SW Replication Counts: 0/0/0
  SW Failure Counts: 0/0/0/0/0
  Route ver: 0x251e
  MVPN Info :- 
    Associated Table ID : 0xe0000000
    MDT Handle: 0x6000480, MDT Probe:N [N], Rate:N, Acc:N
    MDT SW Ingress Encap V4/V6, Egress decap: 0 / 0, 0
    Encap ID: 0 RPF ID: 1
    Local Receiver: True Turnaround: False
  LmdtABC Flags:  A LMI, Up:00:03:07
  GigabitEthernet0/2/0/1 Flags:  NS, Up:00:03:07
RP/0/5/CPU0:XR-PE2#

From the above outputs, we can see that on the XR-PE1 router, the incoming interface is the Gig0/2/0/1 (CE facing interface) and the outgoing interface is the mdt interface and vice versa on the XR-PE2 router with all the proper flags set.

Hope this clarifies how to setup mLDP based mVPN in a Service Provider environment.

Please feel free to reach out to us in case you have any queries.

Cheers...!!!

Genie

www.codergenie.com

Comments are closed