NETWORKING NOTES 1 BGP LABELED-UNICAST

___ ___ ___ __ _ _ _ _ _

/ __\ / _ \ / _ \ / / __ _| |__ ___| | ___ __| | /\ /\ _ __ (_) ___ __ _ ___| |_
/__\// / /_\// /_)/ / / / _` | '_ \ / _ \ |/ _ \/ _` |_____/ / \ \ '_ \| |/ __/ _` / __| __|
/ \/ \/ /_\\/ ___/ / /__| (_| | |_) | __/ | __/ (_| |_____\ \_/ / | | | | (_| (_| \__ \ |_
\_____/\____/\/ \____/\__,_|_.__/ \___|_|\___|\__,_| \___/|_| |_|_|\___\__,_|___/\__|

BGP LU Behavior on IOS-XE ............................................................. 2

> LU Configuration in IOS .......................................................................... 2
> IOS Advertised Capabilities ...................................................................... 2
BGP LU Behavior on IOS-XR ............................................................. 3
> LU Configuration in IOS-XR ....................................................................... 3
> IOS-XR Advertised Capabilities ................................................................... 4
> Only one SAFI Per NLRI ........................................................................... 5

2018 N E W A G E Q U A N T A
NETWORKING NOTES 2 BGP LABELED-UNICAST

BGP LU Behavior on IOS-XE

> LU Configuration in IOS

>> LU in IOS seems to only work in conjunction with Unicast
>> No separate address-family

>> LU can only be activated on a per-neighbor basis with the use of send-label under address-family ipv4 unicast

router bgp 100

bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 20.4.19.19 remote-as 17819
neighbor 20.20.20.20 remote-as 100
neighbor 20.20.20.20 update-source Loopback0
!
address-family ipv4
neighbor 20.4.19.19 activate
neighbor 20.4.19.19 allowas-in 1
neighbor 20.4.19.19 send-label
neighbor 20.20.20.20 activate
neighbor 20.20.20.20 next-hop-self
neighbor 20.20.20.20 send-label
exit-address-family

> IOS Advertised Capabilities

>> When BGP peers with these neighbors, it will advertise both capabilities
>> AFI 1, SAFI 1 and AFI 1, SAFI 4
>> If send-label keyword is not used, AFI 1, SAFI 4 capability is not advertised

R4#show bgp ipv4 unicast neighbors 20.4.19.19

BGP neighbor is 20.4.19.19, remote AS 17819, external link
<SNIP>
Neighbor capabilities:
Route refresh: advertised and received(new)
Four-octets ASN Capability: advertised and received
Address family IPv4 Unicast: advertised and received
2018 N E W A G E Q U A N T A
NETWORKING NOTES 3 BGP LABELED-UNICAST

ipv4 MPLS Label capability: advertised

Enhanced Refresh Capability: advertised
<SNIP>
R4#
R4#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#router bgp 100
R4(config-router)#address-family ipv4 unicast
R4(config-router-af)#no neighbor 20.4.19.19 send-label
R4(config-router-af)#
%BGP-5-ADJCHANGE: neighbor 20.4.19.19 Down Capability changed
%BGP_SESSION-5-ADJCHANGE: neighbor 20.4.19.19 IPv4 Unicast topology base removed from session Capability changed
%BGP-5-NBR_RESET: Neighbor 20.4.19.19 active reset (Peer closed the session)
%BGP_SESSION-5-ADJCHANGE: neighbor 20.4.19.19 IPv4 Unicast topology base removed from session Peer closed the session
%BGP-5-ADJCHANGE: neighbor 20.4.19.19 Up
R4(config-router-af)#
R4(config-router-af)#end
R4#
%SYS-5-CONFIG_I: Configured from console by console
R4#show bgp ipv4 unicast neighbors 20.4.19.19
BGP neighbor is 20.4.19.19, remote AS 17819, external link
<SNIP>
Neighbor capabilities:
Route refresh: advertised and received(new)
Four-octets ASN Capability: advertised and received
Address family IPv4 Unicast: advertised and received
Enhanced Refresh Capability: advertised
<SNIP>
R4#

>> Because of the way the configuration occurs, I am unaware of another way to only advertise LU and not unicast
>> This is in stark contrast with IOS-XR (discussed below)

BGP LU Behavior on IOS-XR

> LU Configuration in IOS-XR

>> BGP LU is “activated” under BGP only via address-family ipv4 unicast
2018 N E W A G E Q U A N T A
NETWORKING NOTES 4 BGP LABELED-UNICAST

>> There is no separate address-family ipv4 labeled-unicast in the global BGP process
>> Instead, there is a particular knob under ipv4 unicast that must be turned to activate label distribution
>> allocate labels [all|route-policy <ROUTE_POLICY>]
> IOS-XR Advertised Capabilities
>> However, this does not mean that there is no control at all when it comes to capability advertisement
>> In XR, the AFI/SAFI must also be activated under each neighbor

>> Under the neighbor hierarchy, both address-family ipv4 unicast and address-family ipv4 labeled-unicast are available
>> If both are activated, both AFI 1, SAFI 1 and SAFI 4 capabilities are advertised
>> If either one is activated, only that particular SAFI is advertised

router bgp 100

address-family ipv4 unicast
network 20.20.20.20/32
allocate-label all
!
neighbor 4.4.4.4
remote-as 100
update-source Loopback0
address-family ipv4 labeled-unicast
!
!
RP/0/0/CPU0:XR2(config-bgp-vrf)#do show bgp neighbor 4.4.4.4
Wed Feb 28 11:56:28.866 UTC

BGP neighbor is 4.4.4.4

Remote AS 100, local AS 100, internal link
Remote router ID 4.4.4.4
<SNIP>
Neighbor capabilities:
Route refresh: advertised (old + new) and received (old + new)
4-byte AS: advertised and received
Address family IPv4 Labeled-unicast: advertised and received
Received 1402 messages, 1 notifications, 0 in queue
Sent 1266 messages, 0 notifications, 0 in queue
2018 N E W A G E Q U A N T A
NETWORKING NOTES 5 BGP LABELED-UNICAST

<SNIP>
!
RP/0/0/CPU0:XR2(config-bgp-vrf)#router bgp 100 neighbor 4.4.4.4 address-family ipv4 unicast
RP/0/0/CPU0:XR2(config-bgp-nbr-af)#commit
Wed Feb 28 11:58:15.958 UTC
RP/0/0/CPU0:XR2(config-bgp-nbr-af)#RP/0/0/CPU0:Feb 28 11:58:17.998 : bgp[1052]: %ROUTING-BGP-4-INCOMPATIBLE_AFI : IPv4
Unicast and IPv4 Labeled-unicast Address families together are not supported under the same neighbor.
!
RP/0/0/CPU0:XR2(config-bgp-nbr-af)#do sho bgp neighbor 4.4.4.4
Wed Feb 28 11:58:50.096 UTC

BGP neighbor is 4.4.4.4

<SNIP>
Neighbor capabilities:
Route refresh: advertised (old + new) and received (old + new)
4-byte AS: advertised and received
Address family IPv4 Unicast: advertised and received
Address family IPv4 Labeled-unicast: advertised and received
Received 1411 messages, 1 notifications, 0 in queue
Sent 1272 messages, 0 notifications, 0 in queue
<SNIP>

>> In the above example, as SAFI 1 is activated under the neighbor, XR starts advertising both SAFI 1 and SAFI 4
>> NOTE: The apparent warning is a cosmetic bug as both families are supported under the same neighbor
> Only one SAFI Per NLRI
>> One BIG caveat is that the same NLRI CANNOT be advertised under both unicast and LU
>> Another BIGGER caveat is that allocate-label is TWO-WAY configuration when VRFs are concerned
>>> Explanation below after the LU allocate-label description
>> If the NLRI matches the allocate-label policy (via all or via RPL), it will only be advertised as LU
>> If the NLRI does NOT match the allocate-label policy, it will only be advertised as unicast
>>> Initially one might see both NLRIs being advertised but if BGP is cleared, it falls back to only one family

RP/0/0/CPU0:XR2(config)#sho run router bgp 100 address-family ipv4 unicast

Wed Feb 28 12:16:24.144 UTC
router bgp 100

2018 N E W A G E Q U A N T A
NETWORKING NOTES 6 BGP LABELED-UNICAST

address-family ipv4 unicast

network 20.20.20.20/32
allocate-label all
!
!
RP/0/0/CPU0:XR2(config)#end
RP/0/0/CPU0:XR2#sho bgp ipv4 unicast neigh 4.4.4.4 advertised-routes
Wed Feb 28 12:17:16.430 UTC
RP/0/0/CPU0:XR2#show bgp ipv4 labeled-unicast neigh 4.4.4.4 advertised-routes
Wed Feb 28 12:17:29.209 UTC
Network Next Hop From AS Path
20.20.20.20/32 20.20.20.20 Local i

Processed 1 prefixes, 1 paths

!
RP/0/0/CPU0:XR2(config)#router bgp 100 address-family ipv4 unicast
RP/0/0/CPU0:XR2(config-bgp-af)#no allocate-label
RP/0/0/CPU0:XR2(config-bgp-af)#commit
Wed Feb 28 12:18:03.967 UTC
RP/0/0/CPU0:XR2(config-bgp-af)#end
RP/0/0/CPU0:XR2#sho bgp ipv4 unicast neigh 4.4.4.4 advertised-routes
Wed Feb 28 12:18:11.186 UTC
Network Next Hop From AS Path
20.20.20.20/32 20.20.20.20 Local i

Processed 1 prefixes, 1 paths

RP/0/0/CPU0:XR2#show bgp ipv4 labeled-unicast neigh 4.4.4.4 advertised-routes
Wed Feb 28 12:18:17.936 UTC
RP/0/0/CPU0:XR2#

>>> For the global RT, if a LU NLRI is known, XR will impose a label in data plane
>>> This renders the data plane working (BGP, ICMP etc.)

RP/0/0/CPU0:XR2#show bgp ipv4 labeled-unicast 2.2.2.2

Wed Feb 28 17:44:35.745 UTC
BGP routing table entry for 2.2.2.2/32
Versions:
Process bRIB/RIB SendTblVer
Speaker 87 87
2018 N E W A G E Q U A N T A
NETWORKING NOTES 7 BGP LABELED-UNICAST

Last Modified: Feb 28 17:39:36.786 for 00:04:59

Paths: (1 available, best #1)
Not advertised to any peer
Path #1: Received by speaker 0
Not advertised to any peer
17819 100
4.4.4.4 (metric 30) from 4.4.4.4 (4.4.4.4)
Received Label 23
Origin IGP, metric 0, localpref 100, valid, internal, best, group-best
Received Path ID 0, Local Path ID 0, version 87
!
RP/0/0/CPU0:XR2#show cef 2.2.2.2 detail
Wed Feb 28 17:46:38.796 UTC
2.2.2.2/32, version 187, internal 0x1000001 0x0 (ptr 0xa1422974) [1], 0x0 (0xa13ed908), 0xa08 (0xa1583320)
Updated Feb 28 17:39:36.965
Prefix Len 32, traffic index 0, precedence n/a, priority 4
gateway array (0xa12b661c) reference count 3, flags 0x78, source rib (7), 0 backups
[4 type 5 flags 0x8441 (0xa159d4c4) ext 0x0 (0x0)]
LW-LDI[type=5, refc=1, ptr=0xa13ed908, sh-ldi=0xa159d4c4]
gateway array update type-time 1 Feb 28 12:11:50.492
LDI Update time Feb 28 12:11:50.492
LW-LDI-TS Feb 28 17:39:36.965
via 4.4.4.4/32, 3 dependencies, recursive [flags 0x6000]
path-idx 0 NHID 0x0 [0xa15eb6f4 0x0]
recursion-via-/32
next hop 4.4.4.4/32 via 24001/0/21
next hop 20.6.20.6/32 Gi0/0/0/0.620 labels imposed {16 23}

Load distribution: 0 (refcount 4)

Hash OK Interface Address

0 Y Unknown 24001/0
!
RP/0/0/CPU0:XR2#ping 2.2.2.2 so lo0
Wed Feb 28 17:49:09.636 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/5/9 ms
2018 N E W A G E Q U A N T A
NETWORKING NOTES 8 BGP LABELED-UNICAST

RP/0/0/CPU0:XR2#traceroute 2.2.2.2 so 20.20.20.20

Wed Feb 28 17:49:32.214 UTC

Type escape sequence to abort.

Tracing the route to 2.2.2.2

1 20.6.20.6 [MPLS: Labels 16/23 Exp 0] 9 msec 0 msec 0 msec

2 20.4.6.4 [MPLS: Label 23 Exp 0] 0 msec 0 msec 0 msec
3 20.4.19.19 [MPLS: Label 24005 Exp 0] 0 msec 0 msec 0 msec
4 10.8.19.8 [MPLS: Labels 17/21 Exp 0] 0 msec 0 msec 79 msec
5 10.7.8.7 [MPLS: Labels 16/21 Exp 0] 29 msec 29 msec 29 msec
6 20.1.3.1 [MPLS: Label 21 Exp 0] 29 msec 29 msec 29 msec
7 20.1.3.3 [MPLS: Label 17 Exp 0] 29 msec 29 msec 39 msec
8 * * *
9 20.2.5.2 0 msec * 9 msec

>>> But this is not true for lookups inside VRFs (unknown, undocumented reason)

RP/0/0/CPU0:XR2#show bgp vpnv4 unicast vrf VPN_A 30.9.9.9

Wed Feb 28 17:51:37.346 UTC
BGP routing table entry for 30.9.9.9/32, Route Distinguisher: 100:1
<SNIP>
Local
2.2.2.2 (metric 30) from 2.2.2.2 (2.2.2.2)
Received Label 20
Origin incomplete, metric 1, localpref 100, valid, internal, best, group-best, import-candidate, imported
Received Path ID 0, Local Path ID 0, version 105
Extended community: RT:100:1
Source AFI: VPNv4 Unicast, Source VRF: VPN_A, Source Route Distinguisher: 100:1
!
RP/0/0/CPU0:XR2#show route vrf VPN_A ipv4 30.9.9.9
Wed Feb 28 17:53:38.888 UTC

Routing entry for 30.9.9.9/32

Known via "bgp 100", distance 200, metric 1, type internal
Installed Feb 28 14:17:02.478 for 03:36:36
Routing Descriptor Blocks
2.2.2.2, from 2.2.2.2
Nexthop in Vrf: "default", Table: "default", IPv4 Unicast, Table Id: 0xe0000000
Route metric is 1
2018 N E W A G E Q U A N T A
NETWORKING NOTES 9 BGP LABELED-UNICAST

No advertising protos.

>>> Initially, from the outputs above, it might seem like the information is good and should be working
>>> But the LSP and the data-plane end up being broken

RP/0/0/CPU0:XR2#show mpls forwarding

Wed Feb 28 17:56:36.155 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24000 Pop 6.6.6.6/32 Gi0/0/0/0.620 20.6.20.6 318498
24001 16 4.4.4.4/32 Gi0/0/0/0.620 20.6.20.6 413315
24002 Pop 20.4.6.0/24 Gi0/0/0/0.620 20.6.20.6 0
24004 Unlabelled 30.10.10.10/32[V] Gi0/0/0/0.1020 30.10.20.10 22574
24005 Aggregate VPN_A: Per-VRF Aggr[V] \
VPN_A 0
24006 Unlabelled 40.9.9.9/32[V] Gi0/0/0/0.920 40.9.20.9 5780
24007 Aggregate VPN_B: Per-VRF Aggr[V] \
VPN_B 0

>>> Notice that 2.2.2.2 is not in the MPLS forwarding table

RP/0/0/CPU0:XR2#show cef vrf VPN_A 30.9.9.9

Wed Feb 28 17:55:36.350 UTC
30.9.9.9/32, version 55, internal 0x5000001 0x0 (ptr 0xa14228f4) [1], 0x0 (0x0), 0x208 (0xa1583370)
Updated Feb 28 14:17:02.499
Prefix Len 32, traffic index 0, precedence n/a, priority 3
via 2.2.2.2/32, 0 dependencies, recursive [flags 0x6000]
path-idx 0 NHID 0x0 [0xa0fa9294 0x0]
recursion-via-/32
next hop VRF - 'default', table - 0xe0000000
unresolved
labels imposed {20}

>>> Allocating a local label for the next-hop works

RP/0/0/CPU0:XR2(config)#show
Wed Feb 28 17:58:54.786 UTC
Building configuration...
2018 N E W A G E Q U A N T A
NETWORKING NOTES 10 BGP LABELED-UNICAST

!! IOS XR Configuration 6.1.2

!
route-policy RP_ALLOCATE_LABEL
if destination in (2.2.2.2, 20.20.20.20) then
pass
endif
end-policy
!
end

RP/0/0/CPU0:XR2(config)#router bgp 100

RP/0/0/CPU0:XR2(config-bgp)#address-family ipv4 unicast
RP/0/0/CPU0:XR2(config-bgp-af)#allocate-label route-policy RP_ALLOCATE_LABEL
RP/0/0/CPU0:XR2(config-bgp-af)#commit
Wed Feb 28 17:59:29.924 UTC
RP/0/0/CPU0:XR2(config-bgp-af)#end
RP/0/0/CPU0:XR2#show mpls forwarding
Wed Feb 28 17:59:41.463 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24000 Pop 6.6.6.6/32 Gi0/0/0/0.620 20.6.20.6 318850
24001 16 4.4.4.4/32 Gi0/0/0/0.620 20.6.20.6 414134
24002 Pop 20.4.6.0/24 Gi0/0/0/0.620 20.6.20.6 0
24003 23 2.2.2.2/32 4.4.4.4 0
24004 Unlabelled 30.10.10.10/32[V] Gi0/0/0/0.1020 30.10.20.10 22574
24005 Aggregate VPN_A: Per-VRF Aggr[V] \
VPN_A 0
24006 Unlabelled 40.9.9.9/32[V] Gi0/0/0/0.920 40.9.20.9 5780
24007 Aggregate VPN_B: Per-VRF Aggr[V] \
VPN_B 0
RP/0/0/CPU0:XR2#show cef vrf VPN_A 30.9.9.9
Wed Feb 28 17:59:48.742 UTC
30.9.9.9/32, version 55, internal 0x5000001 0x0 (ptr 0xa14228f4) [1], 0x0 (0x0), 0x208 (0xa1583370)
Updated Feb 28 14:17:02.498
Prefix Len 32, traffic index 0, precedence n/a, priority 3
via 2.2.2.2/32, 3 dependencies, recursive [flags 0x6000]
path-idx 0 NHID 0x0 [0xa15ebdf4 0x0]
recursion-via-/32
next hop VRF - 'default', table - 0xe0000000
2018 N E W A G E Q U A N T A
NETWORKING NOTES 11 BGP LABELED-UNICAST

next hop 2.2.2.2/32 via 24003/0/21

next hop 20.6.20.6/32 Gi0/0/0/0.620 labels imposed {16 23 20}
RP/0/0/CPU0:XR2#

>>> Now the data-plane is functional and end to end connectivity will be achieved for VRF customer

2018 N E W A G E Q U A N T A