Download Print this page

Nokia 7450 Advanced Configuration Manual

Ethernet service switch / service router / extensible routing.
Hide thumbs
   
1
2
Table of Contents
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990

Advertisement

Advanced Configuration Guide - Part I Releases Up To 15.0.R5
7450 Ethernet Service Switch
7750 Service Router
7950 Extensible Routing System
Advanced Configuration Guide - Part I
Releases Up To 15.0.R5
3HE 13717 AAAA TQZZA 01
Issue: 01
November 2017
Nokia — Proprietary and confidential.
Use pursuant to applicable agreements.

Advertisement

   Related Manuals for Nokia 7450

   Summary of Contents for Nokia 7450

  • Page 1

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 7450 Ethernet Service Switch 7750 Service Router 7950 Extensible Routing System Advanced Configuration Guide - Part I Releases Up To 15.0.R5 3HE 13717 AAAA TQZZA 01 Issue: 01 November 2017 Nokia —...

  • Page 2

    © 2017 Nokia. Contains proprietary/trade secret information which is the property of Nokia and must not be made available to, or copied or used by anyone outside Nokia without its written authorization. Not to be used or disclosed except in accordance with applicable agreements.

  • Page 3: Table Of Contents

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Table of Contents Preface ......................23 About This Guide.........................23 Basic System .................... 27 IEEE 1588 for Frequency, Phase, and Time Distribution .........29 Applicability ........................29 Overview ........................29 Configuration ........................42 Conclusion ........................62 Synchronous Ethernet..................63 Applicability ........................63 Summary...

  • Page 4: Table Of Contents

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Configuration .........................144 Conclusion .........................161 Port Cross-Connect (PXC).................163 Applicability .........................163 Overview .........................163 Configuration .........................165 Conclusion .........................193 Router Configuration ................195 6PE Next-Hop Resolution ..................197 Applicability .........................197 Overview .........................197 Configuration .........................199 Conclusion .........................218 Aggregate Route Indirect Next-Hop Option .............219 Applicability...

  • Page 5: Table Of Contents

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Rate Limit Filter Action ..................347 Applicability .........................347 Overview .........................347 Configuration .........................349 Conclusion .........................355 Unicast Routing Protocols ..............357 Associating Communities with Static and Aggregate Routes .......359 Applicability .........................359 Overview .........................360 Configuration .........................361 Conclusion...

  • Page 6: Table Of Contents

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Conclusion .........................500 BGP Multipath.....................501 Applicability .........................501 Overview .........................501 Configuration .........................503 Conclusion .........................524 BGP Optimal Route Reflection for Hierarchical Networks ......525 Applicability .........................525 Overview .........................525 Configuration .........................529 Conclusion .........................538 BGP Optimal Route Reflection for Non-Hierarchical Networks .....539 Applicability .........................539 Overview...

  • Page 7: Table Of Contents

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Conclusion .........................651 IS-IS Link Bundling ....................653 Applicability .........................653 Overview .........................653 Configuration .........................657 Conclusion .........................669 Policy Chaining and Logical Expressions ............671 Applicability .........................671 Overview .........................671 Configuration .........................675 Conclusion .........................692 Separate BGP RIBs for Labeled Routes............693 Applicability .........................693 Overview...

  • Page 8: Table Of Contents

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Overview .........................853 Configuration .........................856 Conclusion .........................866 IGP Shortcuts .....................867 Applicability .........................867 Overview .........................867 Configuration .........................870 Conclusion .........................918 Inter-Area TE Point-to-Point LSPs ..............919 Applicability .........................919 Summary .........................919 Overview .........................921 Configuration .........................922 Conclusion .........................940 LDP FEC to BGP Label Route Stitching ............941...

  • Page 9: Table Of Contents

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 MPLS LDP FRR using ISIS as IGP ..............1051 Applicability .......................1051 Overview .......................1051 Configuration .......................1052 Conclusion .......................1076 MPLS Transport Profile ..................1077 Applicability .......................1077 Summary .......................1077 Overview .......................1078 Configuration .......................1079 Conclusion .......................1101 Multicast Label Distribution Protocol.............1103 Applicability .......................1103...

  • Page 10: Table Of Contents

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Segment Routing – Traffic Engineered Tunnels ...........1291 Applicability .......................1291 Overview .......................1291 Configuration .......................1293 Conclusion .......................1310 Segment Routing with IS-IS Control Plane ............1311 Applicability .......................1311 Overview .......................1311 Configuration .......................1313 Conclusion .......................1335 Shared Risk Link Groups for RSVP-Based LSP ..........1337 Applicability .......................1337...

  • Page 11: Table Of Contents

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 List of tables Synchronous Ethernet..................63 Table 1 Revertive, Non-Revertive Timing Reference Switching Operation ..68 Hybrid OpenFlow Switch ...................271 Table 2 OpenFlow Messages ................274 Table 3 FLOW_MOD Cookie Value ..............277 Table 4 FLOW_MOD Flags ................287 Table 5 Supported Redirect Actions..............297...

  • Page 12

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Table 22 MTU Values for Ethernet Frames............1138 Segment Routing with IS-IS Control Plane ............1311 Table 23 Mode Comparison .................1315 3HE 13717 AAAA TQZZA 01 Issue: 01...

  • Page 13: Table Of Contents

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 List of figures IEEE 1588 for Frequency, Phase, and Time Distribution .........29 Figure 1 PTP Messages and Timestamp Exchange ..........31 Figure 2 1588 Topology for Frequency Distribution..........33 Figure 3 1588 Topology for Time Distribution............33 Figure 4 Frequency Distribution with 1588 as Last Mile ..........34 Figure 5...

  • Page 14: Table Of Contents

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Figure 34 ICB Spoke SDPs and Their Association with the Endpoints ....155 Figure 35 Additional Setup Example 1 ..............158 Figure 36 Additional Setup Example 2 ..............159 Port Cross-Connect (PXC).................163 Figure 37 Example Topology...................164 Figure 38 Non-Redundant PXC................167...

  • Page 15: Table Of Contents

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 PBR/PBF Redundancy ..................321 Figure 69 PBF in VPLS 1 on PE-1................323 Figure 70 Example Topology...................328 Figure 71 PBR in a VPRN ..................342 Rate Limit Filter Action ..................347 Figure 72 Filter Based Rate Limiting ...............347 Figure 73 Rate Limit Filters and FlexPaths..............349 Figure 74...

  • Page 16: Table Of Contents

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 BGP Multipath.....................501 Figure 100 Example Topology...................503 Figure 101 BGP Multipath with eBGP Limit 2............506 Figure 102 eBGP Multipath with Limit 2 and ECMP Disabled ........506 Figure 103 BGP Multipath with iBGP Limit 3 and ECMP Limit 8 .......508 Figure 104 BGP Multipath with Limit 6 and eBGP Preferred........510 Figure 105...

  • Page 17: Table Of Contents

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Figure 132 BGP IPv4 Route Leaking from VPRN to GRT.........580 Figure 133 BGP IPv4 Route Leaking from GRT to VPRN.........586 Figure 134 BGP IPv6 Route Leaking between VPRNs ..........590 Figure 135 BGP IPv6 Route Leaking from GRT and VPRN to VPRN.......595 BGP Weighted ECMP ..................605 Figure 136...

  • Page 18: Table Of Contents

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Figure 165 Updates from Unlabeled Sessions Not Propagated to Labeled Sessions (Default) ...................715 Figure 166 RIB Leaking from IPv4 BGP RIB to Labeled-IPv4 BGP RIB ....717 Automatic Bandwidth Adjustment in P2P LSPs..........723 Figure 167 Auto-Bandwidth Adjustment Implementation...........725 Figure 168...

  • Page 19: Table Of Contents

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Entropy Label .....................853 Figure 200 Load-Balancing of Flows Based on Hash Label or Entropy Label ..854 Figure 201 Label Stack with Hash Label versus Label Stack with EL and ELI..855 Figure 202 Downstream LERs Signal EL Capability to ILER ........855 Figure 203...

  • Page 20: Table Of Contents

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 LDP-SR Stitching for IPv4 Prefixes (IS-IS) .............1035 Figure 233 Example Topology.................1036 MPLS LDP FRR using ISIS as IGP ..............1051 Figure 234 Initial Topology ..................1053 Figure 235 Data Verification in the Direction from PE-1 to PE-5 Using Epipe Service....................1063 Figure 236 LFA Computation, Inequality 1 for Prefix PE-5 (D) on PE-1 (S) ....1070...

  • Page 21: Table Of Contents

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Figure 264 LSP with Dynamic Path Takes IGP Best Route ........1195 Figure 265 RSVP-TE LSP with Dynamic Path Using TE Metric......1198 Figure 266 Fast Reroute One-to-One Detour Tunnels ..........1201 Figure 267 Fast-Reroute Facility Bypass Tunnels...........1204 Figure 268 FRR Facility without Node Protection............1208...

  • Page 22: Table Of Contents

    Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Static Point-to-Point LSPs ................1357 Figure 300 Generic MPLS Network, MPLS Label Operations.........1359 Figure 301 MPLS Example Topology ..............1360 Figure 302 Static LSP Running over PE-1, PE-2, PE-5, PE-6 ........1361 Tunneling of ICMP Reply Packets over MPLS LSPs ........1369 Figure 303 Use of TTL: Uniform versus Pipe ............1370 Figure 304...

  • Page 23: About This Guide

    List of Technical Publications The 7x50 series documentation set also includes the following guides: • 7450 ESS, 7750 SR, 7950 XRS, and VSR Basic System Configuration Guide Issue: 01 3HE 13717 AAAA TQZZA 01...

  • Page 24

    Service Access Points (SAPs), Service Distribution Points (SDPs), customer information, and user services. • 7450 ESS, 7750 SR, 7950 XRS, and VSR Layer 2 Services and EVPN Guide: VLL, VPLS, PBB, and EVPN 3HE 13717 AAAA TQZZA 01...

  • Page 25

    Lines (VLLs), Virtual Private LAN Service (VPLS), Provider Backbone Bridging (PBB), and EVPN. • 7450 ESS, 7750 SR, 7950 XRS, and VSR Layer 3 Services Guide: IES and VPRN Describes Layer 3 service functionality and provides examples to configure and implement Internet Enhanced Services (IES) and Virtual Private Routed Network (VPRN) services.

  • Page 26

    Preface Advanced Configuration Guide - Part I Releases Up To 15.0.R5 3HE 13717 AAAA TQZZA 01 Issue: 01...

  • Page 27: Basic System

    Advanced Configuration Guide - Part I Basic System Releases Up To 15.0.R5 Basic System In this section This section provides configuration information for the following topics: • IEEE 1588 for Frequency, Phase, and Time Distribution • Synchronous Ethernet Issue: 01 3HE 13717 AAAA TQZZA 01...

  • Page 28

    Basic System Advanced Configuration Guide - Part I Releases Up To 15.0.R5 3HE 13717 AAAA TQZZA 01 Issue: 01...

  • Page 29: Ieee 1588 For Frequency, Phase, And Time Distribution

    Conclusion Applicability This section is applicable to all of the 7750 SR and 7450 ESS series, except for the SR-1, ESS-1, and ESS-6/6v. It is not applicable to t.he 7710 SR nor the 7950 XRS series. Description and examples are based on release 12.0.R2. The only software pre-requisites are IP reachability between the node and neighboring 1588 clocks.

  • Page 30

    This is useful in environments where the transport network does not provide physical layer synchronization services. The following 1588 capabilities are provided within the 7750 SR and 7450 ESS nodes: • CPM/CFM based 1588 master, boundary, and slave clock functionality •...

  • Page 31: Figure 1 Ptp Messages And Timestamp Exchange

    Advanced Configuration Guide - Part I IEEE 1588 for Frequency, Phase, and Time Releases Up To 15.0.R5 Distribution Figure 1 PTP Messages and Timestamp Exchange Master Slave Data at Slave t1, t2 t1, t2, t3 t1, t2, t3, t4 al_0541 The master sends a PTP Sync message containing a timestamp of when the Sync message is transmitted (t1) to the slave.

  • Page 32

    IEEE 1588 for Frequency, Phase, and Time Advanced Configuration Guide - Part I Distribution Releases Up To 15.0.R5 These calculations can occur on every message exchange or some initial packet selection can be performed so that only optimal message exchanges are used. The latter is useful if there is variable delay between the master and slave ports.

  • Page 33: Figure 3 1588 Topology For Time Distribution

    Advanced Configuration Guide - Part I IEEE 1588 for Frequency, Phase, and Time Releases Up To 15.0.R5 Distribution Figure 2 1588 Topology for Frequency Distribution Master Slave Synchronous Ethernet Input Port 5/1/3 Int-PE-1-PE-2 Int-PE-2-PE-1 Port 1/1/1 Port 1/1/1 192.168.1.1 192.168.1.2 PE-1 PE-2 192.0.2.183...

  • Page 34: Figure 4 Frequency Distribution With 1588 As Last Mile

    IEEE 1588 for Frequency, Phase, and Time Advanced Configuration Guide - Part I Distribution Releases Up To 15.0.R5 The 1588 standard itself includes a default profile that can be used for either time or frequency distribution. The default profile was defined principally for multicast operation.

  • Page 35

    Advanced Configuration Guide - Part I IEEE 1588 for Frequency, Phase, and Time Releases Up To 15.0.R5 Distribution Note: SSM stands for Synchronization Status Messages and ESMC stands for Ethernet Synchronization Messaging Channel. These are two capabilities in SDH/SONET and Synchronous Ethernet respectively for the relaying of source clock quality information.

  • Page 36

    IEEE 1588 for Frequency, Phase, and Time Advanced Configuration Guide - Part I Distribution Releases Up To 15.0.R5 Figure 5 Unicast Message Negotiation Master_1 Slave Clock Master_2 Execution of the BMCA selects Master_1 as the Grandmaster Clock al_0545 A slave clock initiates unicast discovery by sending a Signaling message to one of its configured master clocks requesting the master send unicast Announce messages to the slave.

  • Page 37

    Advanced Configuration Guide - Part I IEEE 1588 for Frequency, Phase, and Time Releases Up To 15.0.R5 Distribution Network Limits A common concern around 1588 is whether it will work on or over a specific customer network. For time distribution using full OPS as shown in Figure 3, there are well defined limits on the number of network elements allowed in the distribution chain...

  • Page 38

    IEEE 1588 for Frequency, Phase, and Time Advanced Configuration Guide - Part I Distribution Releases Up To 15.0.R5 QoS prioritization of packets helps reduce PDV significantly during congestion periods, but does not remove the PDV effects during lighter loading. This is due to the fact that a timing packet may be delivered to the egress queue for an interface while the interface is busy transmitting a packet.

  • Page 39: Figure 6 Floor Packet Counting For Fpp (n, W, δ)

    Advanced Configuration Guide - Part I IEEE 1588 for Frequency, Phase, and Time Releases Up To 15.0.R5 Distribution • Floor Delay is a value that is as close as possible to the absolute minimum transit delay across the network. Every actual delay measurement must be equal to or larger than this value.

  • Page 40

    IEEE 1588 for Frequency, Phase, and Time Advanced Configuration Guide - Part I Distribution Releases Up To 15.0.R5 ITU-T Budget for Frequency The network limit on PDV for frequency distribution is defined in G.8271.1 using the FPP metrics defined above. In general most carrier grade networks with spans of up to 10 nodes and which do not exceed 80% load on their internode links should meet the requirement.

  • Page 41: Figure 7 G.8271.1 Time Error Budget

    Advanced Configuration Guide - Part I IEEE 1588 for Frequency, Phase, and Time Releases Up To 15.0.R5 Distribution Figure 7 G.8271.1 Time Error Budget ±100ns (PRTC/ T-GM) ±500ns cTE (node asymmetry, ±50ns per node) ±200ns dTE (random network variation) ±300ns cTE (uncompensated link asymmetry) ±250ns...

  • Page 42: Configuration

    IEEE 1588 for Frequency, Phase, and Time Advanced Configuration Guide - Part I Distribution Releases Up To 15.0.R5 Note there is discussion that some of these elements could be traded-off against each other. For example, if the link asymmetry needs a higher budget then the holdover budget would have to be less –...

  • Page 43

    The 7750 SR and the 7450 ESS can be configured as a 1588 slave clock for frequency recovery. In real deployments, it is more likely for the slave devices to be smaller cell site routers or basestations instead of another 7750 SR or 7450 ESS.

  • Page 44

    IEEE 1588 for Frequency, Phase, and Time Advanced Configuration Guide - Part I Distribution Releases Up To 15.0.R5 Ordinary Master Configuration The steps to configure PE-1 as a PTP ordinary-clock master for frequency distribution using the G.8265.1 Telecom profile are outlined below: Configure a /32 IPv4 system address on PE-1 and an interface to reach PE-2.

  • Page 45

    Advanced Configuration Guide - Part I IEEE 1588 for Frequency, Phase, and Time Releases Up To 15.0.R5 Distribution The default clock type is set to ordinary slave so that must be changed to ordinary master. The only other relevant configuration parameter for the master clock running the G.8265.1 profile is the network-type.

  • Page 46

    IEEE 1588 for Frequency, Phase, and Time Advanced Configuration Guide - Part I Distribution Releases Up To 15.0.R5 exit no shutdown exit exit Usually a 1588 slave has at least two peers configured in order to provide redundant sources. Configure PTP as the reference for the central clock on PE-2. *A:PE-2# configure system...

  • Page 47

    Advanced Configuration Guide - Part I IEEE 1588 for Frequency, Phase, and Time Releases Up To 15.0.R5 Distribution Router IP Address Dir Type Rate Duration State Time ------------------------------------------------------------------------------- Base 192.0.2.183 Announce 1 pkt/2 s Granted 05/30/2014 09:08:38 192.0.2.183 Sync 64 pkt/s Granted 05/30/2014 09:08:43 192.0.2.183...

  • Page 48

    IEEE 1588 for Frequency, Phase, and Time Advanced Configuration Guide - Part I Distribution Releases Up To 15.0.R5 =============================================================================== In addition PTP packet statistics can be checked to verify reception of the PTP messages and the execution of the frequency slave: *A:PE-2# show system ptp statistics =============================================================================== IEEE 1588/PTP Packet Statistics...

  • Page 49

    Advanced Configuration Guide - Part I IEEE 1588 for Frequency, Phase, and Time Releases Up To 15.0.R5 Distribution Hold-over =============================================================================== =============================================================================== IEEE 1588/PTP Event Statistics =============================================================================== Event Sync Flow Delay Flow ------------------------------------------------------------------------------- Packet Loss Excessive Packet Loss Excessive Phase Shift Detected Too Much Packet Delay Variation =============================================================================== Secondly, the central clock status on the system can be checked:...

  • Page 50

    IEEE 1588 for Frequency, Phase, and Time Advanced Configuration Guide - Part I Distribution Releases Up To 15.0.R5 Rx Quality Level : failed Quality Level Override : none Qualified For Use : No Not Qualified Due To disabled Selected For Use : No Not Selected Due To disabled...

  • Page 51

    Advanced Configuration Guide - Part I IEEE 1588 for Frequency, Phase, and Time Releases Up To 15.0.R5 Distribution When using the system as a 1588 slave for frequency distribution, it is strongly recommended to use the default message rate of 64 pps for Sync and Delay_Resp messages.

  • Page 52: Figure 9 Boundary Clock

    IEEE 1588 for Frequency, Phase, and Time Advanced Configuration Guide - Part I Distribution Releases Up To 15.0.R5 Boundary Clock With the increase interest in high accuracy time distribution across networks, the system most likely takes on the role of a 1588 boundary clock. In this role, the system requests time from a GNSS driven grandmaster clock or from a neighboring boundary clock.

  • Page 53

    Advanced Configuration Guide - Part I IEEE 1588 for Frequency, Phase, and Time Releases Up To 15.0.R5 Distribution On PE-2, configure a /32 IPv4 system address and an interface to reach PE-1. *A:PE-2# configure router interface "system" address 192.0.2.182/32 no shutdown exit interface "int-PE-2-PE-1"...

  • Page 54

    IEEE 1588 for Frequency, Phase, and Time Advanced Configuration Guide - Part I Distribution Releases Up To 15.0.R5 no shutdown exit commit exit Next configure PE-1 as a boundary clock requesting service from GM-1 using the default profile. In this example, the interface address of GM-1 is used for the PTP communication.

  • Page 55

    Advanced Configuration Guide - Part I IEEE 1588 for Frequency, Phase, and Time Releases Up To 15.0.R5 Distribution exit On PE-1, validate the status of the PTP topology by checking the unicast sessions. Also validate the PTP process has elected GM-1 as both the parentClock and the grandmaster clock.

  • Page 56

    IEEE 1588 for Frequency, Phase, and Time Advanced Configuration Guide - Part I Distribution Releases Up To 15.0.R5 Frequency Traceable : yes Time Traceable : yes Time Source : GPS On PE-2, validate the PTP process has elected PE-1 as its parentClock and that the grandmaster clock is GM-1.

  • Page 57: Figure 10 Boundary Clocks With Edge Vprn Access

    Advanced Configuration Guide - Part I IEEE 1588 for Frequency, Phase, and Time Releases Up To 15.0.R5 Distribution Figure 10 Boundary Clocks with Edge VPRN Access GNSS Antenna Boundary Boundary Clock Clock GNSS Driven Grandmaster Clock Int-PE-1-GM-1 Int-PE-1-PE-2 BASE Port 1/1/10 Port 1/1/1 Int-PE-2-PE-1 GM-1...

  • Page 58

    IEEE 1588 for Frequency, Phase, and Time Advanced Configuration Guide - Part I Distribution Releases Up To 15.0.R5 *A:PE-2# show system ptp unicast router 10 *A:PE-2# show service id 10 ptp unicast These two commands provide the same information as shown below. *A:PE-2# show system ptp unicast router 10 =============================================================================== IEEE 1588/PTP Unicast Negotiation Information...

  • Page 59

    Advanced Configuration Guide - Part I IEEE 1588 for Frequency, Phase, and Time Releases Up To 15.0.R5 Distribution *A:PE-2# configure router interface "int-PE-2-PE-1" ptp-hw-assist exit exit exit configure service vprn 10 customer 1 interface "int-PE-2-CE-1" ptp-hw-assist exit exit To verify 1588 PBT is active on the 1588 messages to the peers, check the timestamp point for the specific peer.

  • Page 60

    IEEE 1588 for Frequency, Phase, and Time Advanced Configuration Guide - Part I Distribution Releases Up To 15.0.R5 In order to configure the system loopback address for PTP, enter the following on PE-1: *A:PE-1# configure system security source-address application ptp "system" exit exit Now the timestamp point on PE-1 will be the port.

  • Page 61

    Advanced Configuration Guide - Part I IEEE 1588 for Frequency, Phase, and Time Releases Up To 15.0.R5 Distribution On PE-2, a loopback address must assigned for PTP communication as follows: *A:PE-2# configure service vprn 10 interface "ptp_loopback" address 172.16.1.1/32 loopback exit source-address application ptp "ptp_loopback"...

  • Page 62: Conclusion

    IEEE 1588 for Frequency, Phase, and Time Advanced Configuration Guide - Part I Distribution Releases Up To 15.0.R5 State Reference ID St Type Poll Reach Offset(ms) Remote ------------------------------------------------------------------------------- chosen srvr ..YY 0.000 =============================================================================== =============================================================================== NTP Clients =============================================================================== vRouter Time Last Request Rx Address ------------------------------------------------------------------------------- ===============================================================================...

  • Page 63: Synchronous Ethernet

    Advanced Configuration Guide - Part I Synchronous Ethernet Releases Up To 15.0.R5 Synchronous Ethernet This chapter provides information about Synchronous Ethernet (SyncE). Topics in this chapter include: • Applicability • Summary • Overview • Configuration • Conclusion Applicability This chapter was initially written for SR OS release 8.0.R7. The CLI in the current edition is based on SR OS release 14.0.R6.

  • Page 64: Overview

    Synchronous Ethernet Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Overview Synchronous Ethernet Traditionally, Ethernet based networks employ the physical layer transmitter clock to be derived from an inexpensive +/-100ppm crystal oscillator and the receiver locks onto it. There is no need for long term frequency stability because the data is packetized and can be buffered.

  • Page 65

    Advanced Configuration Guide - Part I Synchronous Ethernet Releases Up To 15.0.R5 Figure 11 SyncE Hypothetical Reference Network Architecture S SDH E Eth H Hybrid 25994 Many Tier 1 carriers are looking to migrate their synchronization infrastructure to a familiar and manageable model. In order to enable rapid migration of these networks, SyncE may be the easiest to deploy in order to ensure robust frequency synchronization.

  • Page 66: Figure 12 Packet Based Network Timing Infrastructure

    Telcordia GR-1244 and ITU-T G.781. The system can select from up to three (7950 XRS) or four (7450 ESS and 7750 SR) timing inputs to train the local oscillator. The priority order of these references must be specified.

  • Page 67: Figure 13 Cpm Clock Synchronization Reference Selection

    • BITS port on the CPM, CFM, or CCM module • 10GE ports in WAN PHY mode • IEEE 1588v2 slave port (PTP) (7450 ESS and 7750 SR only) On 7750 SR-12 and 7750 SR-7 systems with redundant CPMs, the system has two BITS input ports (one per CPM).

  • Page 68: Table 1 Revertive, Non-revertive Timing Reference Switching Operation

    Synchronous Ethernet Advanced Configuration Guide - Part I Releases Up To 15.0.R5 All settings of the signal characteristics for the BITS input apply to both ports. When the active CPM considers the BITS input as a possible reference, it will consider first the BITS input port on the active CPM followed the BITS input port on the standby CPM in that relative priority order.

  • Page 69

    Advanced Configuration Guide - Part I Synchronous Ethernet Releases Up To 15.0.R5 Table 1 Revertive, Non-Revertive Timing Reference Switching Operation (Continued) Status of Reference Status of Reference Active Reference Active Reference Non-revertive Case Revertive Case Failed Failed Failed holdover holdover Failed Failed Failed...

  • Page 70

    Synchronous Ethernet Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Figure 14 Network Considerations for Ethernet Timing Distribution Acceptable for clock distribution Not acceptable for clock distribution 25997 Configuration Configuration 1 - QL-Selection Mode Disabled The following example shows the configuration options for SyncE when ql-selection mode is disabled.

  • Page 71

    Advanced Configuration Guide - Part I Synchronous Ethernet Releases Up To 15.0.R5 *A:PE-1# configure card 1 mda 1 sync-e After syncE is enabled, the configuration of MDA 1 is as follows *A:PE-1# configure card 1 mda 1 *A:PE-1>config>card>mda# info detail ---------------------------------------------- mda-type m4-10gb-xp-xfp sync-e...

  • Page 72

    Synchronous Ethernet Advanced Configuration Guide - Part I Releases Up To 15.0.R5 The synchronous interface timing can be configured with the following parameters: *A:PE-1# configure system sync-if-timing - sync-if-timing abort - Discard the changes that have been made to sync interface timing during a session begin - Switch to edit mode for sync interface timing - use commit to...

  • Page 73

    Advanced Configuration Guide - Part I Synchronous Ethernet Releases Up To 15.0.R5 *A:PE-1>config>system>sync-if-timing# info detail ---------------------------------------------- no ql-minimum no ql-selection ref-order bits ref1 ref2 ptp ref1 source-port 1/1/2 no shutdown no ql-override exit ref2 shutdown no source-port no ql-override exit bits interface-type ds1 esf no ql-override...

  • Page 74

    Synchronous Ethernet Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Not Qualified Due To Selected For Use : No Not Selected Due To not qualified Reference Input 1 Admin Status : up Rx Quality Level : unknown Quality Level Override : none Qualified For Use : Yes...

  • Page 75

    Advanced Configuration Guide - Part I Synchronous Ethernet Releases Up To 15.0.R5 Configuration 2 - QL Selection Mode Enabled The following example shows the configuration options for SyncE when ql-selection mode is enabled. This is the normal case for European SDH networks. SyncE is enabled as follows: *A:PE-1# configure card 1 mda 1 sync-e On port 1/1/2, the Synchronization Status Message (SSM) channel is configured to...

  • Page 76

    Synchronous Ethernet Advanced Configuration Guide - Part I Releases Up To 15.0.R5 *A:PE-1>config>system>sync-if-timing# info detail ---------------------------------------------- no ql-minimum ql-selection ref-order bits ref1 ref2 ptp ref1 source-port 1/1/2 no shutdown no ql-override exit ref2 shutdown no source-port no ql-override exit bits interface-type e1 pcm31crc ssm-bit 8 ql-override prc...

  • Page 77

    Advanced Configuration Guide - Part I Synchronous Ethernet Releases Up To 15.0.R5 Selected For Use : No Not Selected Due To not qualified Reference Input 1 Admin Status : up Rx Quality Level : failed Quality Level Override : none Qualified For Use : Yes Selected For Use...

  • Page 78

    SONET/SDH-like frequency synchronization capability in the inherently asynchronous Ethernet network. SyncE, natively supported on the Nokia SR OS routers, is an ITU-T standardized PHY-level way of transmitting frequency synchronization across Ethernet packet networks that fulfills that need in a reliable, secure, scalable, efficient, and cost- effective manner.

  • Page 79: System Management

    Advanced Configuration Guide - Part I System Management Releases Up To 15.0.R5 System Management In This Section This section provides configuration information for the following topics: • Distributed CPU Protection • Event Handling System Issue: 01 3HE 13717 AAAA TQZZA 01...

  • Page 80

    System Management Advanced Configuration Guide - Part I Releases Up To 15.0.R5 3HE 13717 AAAA TQZZA 01 Issue: 01...

  • Page 81: Distributed Cpu Protection

    Advanced Configuration Guide - Part I Distributed CPU Protection Releases Up To 15.0.R5 Distributed CPU Protection This chapter describes Distributed CPU Protection (DCP) configurations. Topics in this chapter include: • Applicability • Overview • Configuration • Conclusion Applicability This chapter was originally written for SR OS release 11.0R1. The CLI in the current edition corresponds to release 15.0.R1.

  • Page 82

    Distributed CPU Protection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Configuration The test topology is shown in Figure 15. A 10Gb Ethernet link is used between the tester and the router. Figure 15 Test Topology Port 4/1/1 interface “int-R1-T1.4.4”...

  • Page 83

    Advanced Configuration Guide - Part I Distributed CPU Protection Releases Up To 15.0.R5 configure log-id 15 from security to memory 1024 no shutdown exit exit exit This chapter was originally developed on a 7750 SR-c12 platform but it is equally applicable to other platforms such as the 7750 SR-7/12. If other platforms, such as the 7750 SR-7/12 that support centralized CPU Protection, are used to explore DCP then the centralized CPU Protection should be disabled (for the purposes of this chapter) so that it does not...

  • Page 84

    Distributed CPU Protection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 protocol igmp create enforcement static "sp-igmp" exit exit exit exit exit exit For the dcp-policy-count policy configuration: − The policy contains three static policers: sp-arp, sp-icmp and sp-igmp. These policers are then used by the three configured protocols that are part of the policy: arp, icmp and igmp.

  • Page 85

    Advanced Configuration Guide - Part I Distributed CPU Protection Releases Up To 15.0.R5 =============================================================================== CPU Utilization (Sample period: 1 second) =============================================================================== Name CPU Time CPU Usage Capacity (uSec) Usage ------------------------------------------------------------------------------- ~0.00% ~0.00% 30,892 0.34% 0.62% BGP PE-CE 0.00% 0.00% CALLTRACE 5,210 0.05% 0.51%...

  • Page 86

    Distributed CPU Protection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 The DCP feature is reporting no violations for interfaces on card 4. *A:R1# tools dump security dist-cpu-protection violators enforcement interface card 4 =============================================================================== Distributed Cpu Protection Current Interface Enforcer Policer Violators =============================================================================== Interface Policer/Protocol...

  • Page 87

    Advanced Configuration Guide - Part I Distributed CPU Protection Releases Up To 15.0.R5 Detec. Time Remain : 0 seconds Hold-Down Remain. : none ------------------------------------------------------------------------------- ------------------------------------------------------------------------------- Local-Monitoring Policer ------------------------------------------------------------------------------- No entries found ------------------------------------------------------------------------------- ------------------------------------------------------------------------------- Dynamic-Policer (Protocol) ------------------------------------------------------------------------------- No entries found ------------------------------------------------------------------------------- =============================================================================== *A:R1# Step 5.

  • Page 88

    Distributed CPU Protection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Figure 16 Count Traffic with DCP Policy Count ICMP Configured Rate = 0 pps IGMP Tester Sending: • 2 pps ARP • 4 pps ICMP • 8 pps IGMP al_0280 Step 6.

  • Page 89

    Advanced Configuration Guide - Part I Distributed CPU Protection Releases Up To 15.0.R5 =============================================================================== Interface "int-R1-T1.4.4" (Router: Base) =============================================================================== Distributed CPU Protection Policy : dcp-policy-count ------------------------------------------------------------------------------- Statistics/Policer-State Information =============================================================================== ------------------------------------------------------------------------------- Static Policer ------------------------------------------------------------------------------- Policer-Name : sp-arp Card/FP : 4/1 Policer-State : Exceed Protocols Mapped : arp...

  • Page 90

    Distributed CPU Protection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 exit static-policer "sp-igmp" create rate packets 10 within 1 exceed-action discard exit protocol arp create enforcement static "sp-arp" exit protocol icmp create enforcement static "sp-icmp" exit protocol igmp create enforcement static "sp-igmp"...

  • Page 91

    Advanced Configuration Guide - Part I Distributed CPU Protection Releases Up To 15.0.R5 Number of interfaces : 1 =============================================================================== *A:R1# Step 8. Increase the rate of IGMP packets that the tester is sending to 1000pps (keep ARP and ICMP at 2pps and 4pps). Figure 17 Limit Traffic with dcp-static-policy-1 Rate = 10 pps...

  • Page 92

    Distributed CPU Protection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Event Log 15 =============================================================================== Description : (Not Specified) Memory Log contents [size=1024 next event=2 (not wrapped)] 1 2017/04/27 09:47:53.21 CEST WARNING: SECURITY #2066 Base DCPUPROT "Non conformant network_if "int-R1-T1.4.4" on fp 4/1 detected at 04/27/2017 09:47:07. Policy "dcp-static-policy-1".

  • Page 93

    Advanced Configuration Guide - Part I Distributed CPU Protection Releases Up To 15.0.R5 The CPU utilization of the IGMP task group is not impacted since DCP is discarding packets that are non-conformant to the configure rate. *A:R1# show system cpu =============================================================================== CPU Utilization (Sample period: 1 second) ===============================================================================...

  • Page 94

    Distributed CPU Protection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Total 8,925,786 100.00% Idle 8,123,698 91.01% Usage 802,088 8.98% Busiest Core Utilization 170,131 17.15% =============================================================================== *A:R1# Step 11. Increase the rate of IGMP traffic from the tester to 5000 pps. See the CPU utilization increase further.

  • Page 95

    Advanced Configuration Guide - Part I Distributed CPU Protection Releases Up To 15.0.R5 IMSI Db Appl ~0.00% ~0.00% 0.00% 0.00% IP Stack 60,407 0.67% 0.55% IS-IS 50,966 0.57% 0.58% --- snipped --- Subscriber Mgmt 5,847 0.06% 0.09% System 96,233 1.07% 2.23% Traffic Eng 0.00%...

  • Page 96

    Distributed CPU Protection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 *A:R1# show router interface "int-R1-T1.4.4" dist-cpu-protection =============================================================================== Interface "int-R1-T1.4.4" (Router: Base) =============================================================================== Distributed CPU Protection Policy : dcp-static-policy-1 ------------------------------------------------------------------------------- Statistics/Policer-State Information =============================================================================== ------------------------------------------------------------------------------- Static Policer ------------------------------------------------------------------------------- Policer-Name : sp-arp Card/FP : 4/1...

  • Page 97

    Advanced Configuration Guide - Part I Distributed CPU Protection Releases Up To 15.0.R5 In order to use dynamic enforcement policers, a number of dynamic policers must be allocated to the DCP pool for the particular card being used. *A:R1# configure card 4 fp dist-cpu-protection dynamic-enforcement-policer-pool 1000 *A:R1# The number allocated should be greater than the maximum number of dynamic policers expected to be in use on the card at one time.

  • Page 98

    Distributed CPU Protection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 enforcement dynamic "local-mon" dynamic-parameters rate packets 20 within 10 exceed-action discard exit exit protocol igmp create enforcement dynamic "local-mon" dynamic-parameters rate packets 20 within 10 exceed-action discard exit exit protocol all-unspecified create...

  • Page 99

    Advanced Configuration Guide - Part I Distributed CPU Protection Releases Up To 15.0.R5 Step 15. Configure the tester to send: − 1pps of ARP − 4pps of ICMP − 1000pps of IGMP Start the tester. Figure 18 Dynamic Policing – Local Monitor Rate = 100 ICMP Packets within...

  • Page 100

    Distributed CPU Protection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Distributed Cpu Protection Current Interface Enforcer Policer Violators =============================================================================== Interface Policer/Protocol Hld Rem ------------------------------------------------------------------------------- ------------------------------------------------------------------------------- Violators on Slot-4 Fp-1 ------------------------------------------------------------------------------- int-R1-T1.4.4 icmp [D] none int-R1-T1.4.4 igmp [D] none ------------------------------------------------------------------------------- [S]-Static [D]-Dynamic [M]-Monitor -------------------------------------------------------------------------------...

  • Page 101

    Advanced Configuration Guide - Part I Distributed CPU Protection Releases Up To 15.0.R5 Protocol(Dyn-Plcr) : igmp Card/FP : 4/1 Protocol-State : Exceed Exceed-Count : 56190 Detec. Time Remain : 29 seconds Hold-Down Remain. : none Dyn-Policer Alloc. : True Protocol(Dyn-Plcr) : all-unspecified Card/FP : 4/1...

  • Page 102

    Distributed CPU Protection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 ------------------------------------------------------------------------------- No entries found ------------------------------------------------------------------------------- ------------------------------------------------------------------------------- Local-Monitoring Policer ------------------------------------------------------------------------------- Policer-Name : local-mon Card/FP : 4/1 Policer-State : Exceed Protocols Mapped : arp, icmp, igmp, all-unspecified Exceed-Count : 5072 All Dyn-Plcr Alloc.

  • Page 103

    Advanced Configuration Guide - Part I Distributed CPU Protection Releases Up To 15.0.R5 The dynamic policer pool Hi-WaterMark for card 1 fp 1 shows 4 since the highest number of dynamic policers allocated at any one time on the card/fp was 4. *A:R1# show card 4 fp 1 dist-cpu-protection =============================================================================== Card : 4 Forwarding Plane(FP) : 1...

  • Page 104

    Distributed CPU Protection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 DCP can also be deployed in scenarios where per-SAP-per-protocol rate limiting is useful, such as for subscriber management in a subscriber per-VLAN scenario. A DCP policy can be assigned to an MSAP policy on a Broadband Network Gateway, for example, to limit traffic related to certain protocols and to discard certain protocols.

  • Page 105: Event Handling System

    Advanced Configuration Guide - Part I Event Handling System Releases Up To 15.0.R5 Event Handling System This chapter provides information about Event Handling Systems (EHS). Topics in this chapter include: • Applicability • Overview • Configuration • Conclusion Applicability This chapter was initially written for SR OS release 13.0.R3. The CLI in the current edition is based on SR OS release 15.0.R5.

  • Page 106

    Event Handling System Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Configuration The topology shown in Figure 20 provides an example of an EHS configuration. All routers within the example topology participate in the same IS-IS Level-2 area and run LDP.

  • Page 107

    Advanced Configuration Guide - Part I Event Handling System Releases Up To 15.0.R5 exit exit no shutdown exit The objective is to ensure that both upstream and downstream traffic are always routed through the same PE router. That is, if PE-3 is VRRP Master, it will attract upstream traffic from CE-1 using the VRRP virtual IP/MAC.

  • Page 108

    Event Handling System Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Script Control The first step in configuring event handling is to configure a script containing the CLI commands to be executed when the event is triggered. This script can be stored locally on the compact flash, or it can be stored off-node at a defined remote URL, where it can be accessed using FTP or TFTP.

  • Page 109

    Advanced Configuration Guide - Part I Event Handling System Releases Up To 15.0.R5 recorded in a file with the name specified for results, followed by an underscore and the date and time when the script was run. A results file must be specified in order for the script to successfully run.

  • Page 110

    Event Handling System Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Max lifetime allowed : 248d 13:13:56 (21474836 seconds) Completed run histories Executing run histories Initializing run histories Max time run history saved : 0d 01:00:00 (3600 seconds) Script start error : N/A Last change...

  • Page 111

    Advanced Configuration Guide - Part I Event Handling System Releases Up To 15.0.R5 action-list entry 10 script-policy "vrrp-master-policy" no shutdown exit exit no shutdown exit exit Event Trigger The final step in configuring event handling is to configure the event-trigger. The event-trigger defines the event that triggers the running of the script.

  • Page 112

    Event Handling System Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Therefore, the event-trigger configuration is based on an application of VRRP and an event number of 2001 (vrrptrapNewMaster). In the following snippet, vrrp 2001 is configured as the event. The trigger-entry is defined as 1, and in this example, there is only one trigger event.

  • Page 113

    Advanced Configuration Guide - Part I Event Handling System Releases Up To 15.0.R5 • The second indicates that EHS handler event-handler-1 was invoked by a CLI user. • The third indicates that a script file has initiated an attempt to execute CLI commands contained in script file vrrp-master.txt.

  • Page 114

    Event Handling System Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Interface Name VR Id Own Adm State Base Pri Msg Int Pol Id InUse Pri Inh Int ------------------------------------------------------------------------------- redundant-interface Master IPv4 Backup Addr: 172.16.1.1 ------------------------------------------------------------------------------- Instances : 1 =============================================================================== *A:PE-3# Also, the local preference attribute for prefix 172.16.1.0/29 has changed to a value...

  • Page 115

    Advanced Configuration Guide - Part I Event Handling System Releases Up To 15.0.R5 ------------------------------------------------------------------------------- Handler Action-List Entry ------------------------------------------------------------------------------- Entry-id : 10 Description : (Not Specified) Admin State : up Oper State : up Script Policy Name : vrrp-master-policy Policy Owner : TiMOS CLI Min Delay Last Exec...

  • Page 116

    Event Handling System Advanced Configuration Guide - Part I Releases Up To 15.0.R5 script-control script "vrrp-backup-script" location "cf1:/vrrp-backup.txt" no shutdown exit script-policy "vrrp-backup-policy" results "cf1:/script-revert-results.txt" script "vrrp-backup-script" max-completed 4 lifetime forever no shutdown exit exit The event-handler acts as the interface between the configured script-policy and event-trigger.

  • Page 117

    Advanced Configuration Guide - Part I Event Handling System Releases Up To 15.0.R5 event-handler "event-handler-2" log-filter 2 no shutdown exit no shutdown exit exit exit The configuration of the example event handling for the revertive failure event (PE-3 transitions to VRRP backup) is now complete. By re-enabling the spoke-SDP between PE-1 and PE-2, the VRRP message path is restored, and PE-2 again becomes the VRRP master.

  • Page 118

    Event Handling System Advanced Configuration Guide - Part I Releases Up To 15.0.R5 =============================================================================== *A:PE-3# *A:PE-3# show router bgp routes 172.16.1.0/29 hunt | match expression "Network|Nexthop|To|Local Pref" Network : 172.16.1.0/29 Nexthop : 192.0.2.2 Res. Nexthop : 192.168.23.1 Local Pref. : 100 Interface Name : int-PE-3-PE-2 Network : 172.16.1.0/29...

  • Page 119: Interface Configuration

    Advanced Configuration Guide - Part I Interface Configuration Releases Up To 15.0.R5 Interface Configuration In This Section This section provides interface configuration information for the following topics: • Multi-Chassis APS and Pseudowire Redundancy Interworking • Multi-Chassis LAG and Pseudowire Redundancy Interworking •...

  • Page 120

    Interface Configuration Advanced Configuration Guide - Part I Releases Up To 15.0.R5 3HE 13717 AAAA TQZZA 01 Issue: 01...

  • Page 121: Multi-chassis Aps And Pseudowire Redundancy Interworking

    Advanced Configuration Guide - Part I Multi-Chassis APS and Pseudowire Redundancy Releases Up To 15.0.R5 Interworking Multi-Chassis APS and Pseudowire Redundancy Interworking This chapter describes multi-chassis APS and pseudowire redundancy interworking. Topics in this chapter include: • Applicability • Overview •...

  • Page 122

    Multi-Chassis APS and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 Signaling functionality includes support for: • APS group matching between service routers. • Verification that one side is configured as a working circuit and the other side is configured as the protect circuit.

  • Page 123: Figure 21 Mc-aps Network Topology

    Advanced Configuration Guide - Part I Multi-Chassis APS and Pseudowire Redundancy Releases Up To 15.0.R5 Interworking Figure 21 MC-APS Network Topology System IP System IP 192.168.13.0/30 192.0.2.1 192.0.2.3 Active Standby PE-1 PE-3 MSAN MSAN 1+1 APS 1+1 APS 192.168.12.0/30 192.168.34.0/30 System IP System IP Standby...

  • Page 124

    Multi-Chassis APS and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 Figure 23 Access Node and Network Resilience (Part 2) TLDP Aggregation Aggregation Node Node Active Standby PE-1 PE-3 Inter-chassis Inter-chassis MSAN MSAN 1+1 APS 1+1 APS PW for VLL PW for VLL...

  • Page 125

    Advanced Configuration Guide - Part I Multi-Chassis APS and Pseudowire Redundancy Releases Up To 15.0.R5 Interworking 192.168.12.2 192.0.2.3/32 Remote OSPF 00h01m05s 192.168.13.2 192.0.2.4/32 Remote OSPF 00h01m08s 192.168.12.2 192.168.12.0/30 Local Local 00h02m13s int-PE-1-PE-2 192.168.13.0/30 Local Local 00h02m12s int-PE-1-PE-3 192.168.24.0/30 Remote OSPF 00h01m17s 192.168.12.2 192.168.34.0/30...

  • Page 126

    Multi-Chassis APS and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 Wait-To-Restore Timer : 5 minute(s) Step 2. MC-APS configuration on PE-1 and PE-2 Assuming the link between MSAN and PE-1 is working circuit and the link between MSAN and PE-2 is protection circuit.

  • Page 127

    Advanced Configuration Guide - Part I Multi-Chassis APS and Pseudowire Redundancy Releases Up To 15.0.R5 Interworking − advertise-interval — This command specifies the time interval, in 100s of milliseconds, between 'I am operational' messages sent by both protect and working circuits to their neighbor for multi-chassis APS. −...

  • Page 128

    Multi-Chassis APS and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 Step 4. Verify the MC-APS status and parameters on PE-1 and PE-2 Detailed parameters of the APS configuration on PE-1 can be verified, as follows.

  • Page 129

    Advanced Configuration Guide - Part I Multi-Chassis APS and Pseudowire Redundancy Releases Up To 15.0.R5 Interworking Working Circuit : N/A Protection Circuit : 1/2/1 Switching-mode : Bi-directional Switching-arch : 1+1(sig-only) Annex B : No Revertive-mode : Non-revertive Revert-time (min) Rx K1/K2 byte : 0x00/0x05 (No-Req on Protect) Tx K1/K2 byte : 0x00/0x05 (No-Req on Protect)

  • Page 130: Figure 24 Association Of Saps/sdps And Endpoints

    Multi-Chassis APS and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 Figure 24 Association of SAPs/SDPs and Endpoints PE-1 PE-3 Apipe Apipe Active Standby MSAN MSAN 1+1 APS 1+1 APS Active Standby Apipe Apipe PE-2 PE-4 OSSG631 *A:PE-1# configure...

  • Page 131

    Advanced Configuration Guide - Part I Multi-Chassis APS and Pseudowire Redundancy Releases Up To 15.0.R5 Interworking 2147483649 intVpls Down 1 _tmnx_InternalVplsService ------------------------------------------------------------------------------- Matching Services : 3 ------------------------------------------------------------------------------- =============================================================================== *A:PE-1# The Apipe service is down in PE-2 (MC-APS protect circuit), as follows: *A:PE-2# show service service-using =============================================================================== Services...

  • Page 132

    Multi-Chassis APS and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 Note: After configuring ICB spoke-SDPs, the Apipe will be up on all PEs. Step 8. Verify SDP status The status of SDP 23:1 on PE-2 can be verified as follows. Peer Pw Bits shows the status of the pseudowire on the peer node.

  • Page 133: Figure 25 Icb Spoke Sdps And Association With The Endpoints

    Advanced Configuration Guide - Part I Multi-Chassis APS and Pseudowire Redundancy Releases Up To 15.0.R5 Interworking ---snip--- ------------------------------------------------------------------------------- Number of SDPs : 1 ------------------------------------------------------------------------------- =============================================================================== *A:PE-2# In case of failure, the access link can be protected by MC-APS. An MPLS network failure can be protected by pseudowire redundancy.

  • Page 134

    Multi-Chassis APS and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 Two ICB spoke SDPs must be configured in the Apipe service on each PE router, one in each endpoint. The same SDP IDs can be used for the ICBs since the far-end will be the same.

  • Page 135

    Advanced Configuration Guide - Part I Multi-Chassis APS and Pseudowire Redundancy Releases Up To 15.0.R5 Interworking *A:PE-1# show service id 1 endpoint =============================================================================== Service 1 endpoints =============================================================================== Endpoint name Description : (Not Specified) Creation Origin : manual Revert time Act Hold Delay Tx Active : aps-1:0/32 Tx Active Up Time...

  • Page 136

    Multi-Chassis APS and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 Figure 26 Additional Setup Example 1 (Part 1) PE-1 Apipe 1+1 APS MSAN MSAN MC-APS ICB Spoke-SDP Apipe PE-2 OSSG634 Figure 27 Additional Setup Example 1 (Part 2) PE-1 Apipe SDP SDP...

  • Page 137: Figure 28 Additional Setup Example 2 (part 1a)

    Advanced Configuration Guide - Part I Multi-Chassis APS and Pseudowire Redundancy Releases Up To 15.0.R5 Interworking Figure 28 Additional Setup Example 2 (Part 1a) PE-1 PE-3 Apipe Apipe 1+1 APS Spoke-SDP MSAN Active MSAN MC-APS ICB Spoke-SDP Spoke-SDP Standby Apipe PE-2 OSSG636 Figure 29...

  • Page 138

    Multi-Chassis APS and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 Figure 30 Additional Setup Example 2 (Part 2) PE-3 Apipe Spoke-SDP MSAN MC-APS ICB Spoke-SDP PE-1 Spoke-SDP Apipe Spoke-SDP Apipe Spoke-SDP PE-4 MSAN MC-APS Spoke-SDP PE-5 Apipe...

  • Page 139

    It supports ATM VLL and Ethernet VLL with ATM SAP. Access links and PE nodes are protected by APS and the MPLS network is protected by pseudowire redundancy/FRR. With this feature, Nokia can provide resilient end-to-end solutions. Issue: 01 3HE 13717 AAAA TQZZA 01...

  • Page 140

    Multi-Chassis APS and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 3HE 13717 AAAA TQZZA 01 Issue: 01...

  • Page 141: Multi-chassis Lag And Pseudowire Redundancy Interworking

    MC-LAG MC-LAG is an extension to the LAG feature to provide not only link redundancy but also node-level redundancy. This feature provides a Nokia added value solution which is not defined in any IEEE standard. A proprietary messaging system between redundant-pair nodes supports coordinating the LAG switchover.

  • Page 142

    Multi-Chassis LAG and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 Pseudowire Redundancy Pseudowire (PW) redundancy provides the ability to protect a pseudowire with a pre- provisioned pseudowire and to switch traffic over to the secondary standby pseudowire in case of a SAP and/or network failure condition.

  • Page 143: Figure 32 Network Resiliency

    Advanced Configuration Guide - Part I Multi-Chassis LAG and Pseudowire Redundancy Releases Up To 15.0.R5 Interworking Figure 32 shows the use of both MC-LAG in the access network and pseudowire redundancy in the core network to provide a resilient end-to-end VLL service between CE-5 and CE-6.

  • Page 144

    Multi-Chassis LAG and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 Configuration It is assumed that the following base configuration has been implemented on the PEs: • Cards, MDAs and ports • Interfaces • IGP configured and converged •...

  • Page 145

    Advanced Configuration Guide - Part I Multi-Chassis LAG and Pseudowire Redundancy Releases Up To 15.0.R5 Interworking =============================================================================== *A:PE-1# The following command shows that the SDPs are up: *A:PE-1# show service sdp ============================================================================ Services: Service Destination Points ============================================================================ SdpId AdmMTU OprMTU Far End ---------------------------------------------------------------------------- 1556...

  • Page 146

    Multi-Chassis LAG and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 The LAG encapsulation type (null | dot1q | qinq) must match the port encapsulation type of the LAG members. Auto-negotiation must be switched off or configured to limited. Configure LACP on the LAG.

  • Page 147

    Advanced Configuration Guide - Part I Multi-Chassis LAG and Pseudowire Redundancy Releases Up To 15.0.R5 Interworking no shutdown exit no shutdown exit exit Step 4. MC-LAG verification. Verify MC peers showing that the authentication and admin state are enabled. *A:PE-1# show redundancy multi-chassis sync =============================================================================== Multi-chassis Peer Table ===============================================================================...

  • Page 148

    Multi-Chassis LAG and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 There is a fixed keepalive timer of 1 second. The hold-on-neighbor- failure multiplier command indicates the interval that the standby node will wait for packets from the active node before assuming a redundant- neighbor failure.

  • Page 149

    Advanced Configuration Guide - Part I Multi-Chassis LAG and Pseudowire Redundancy Releases Up To 15.0.R5 Interworking The selection criteria by default is highest number of links and priority. In this example, the number of links and the priority of the links is the same on both redundant PEs.

  • Page 150

    Multi-Chassis LAG and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 Subgrp hold time : 0.0 sec Remaining time : 0.0 sec Subgrp selected Subgrp candidate Subgrp count System Id : 4a:c4:ff:00:00:00 System Priority : 32768 Admin Key : 32768 Oper Key...

  • Page 151

    Advanced Configuration Guide - Part I Multi-Chassis LAG and Pseudowire Redundancy Releases Up To 15.0.R5 Interworking Figure 33 Association of SAPs/SDPs and Endpoints PE-3 PE-1 epipe epipe MC-LAG MC-LAG CE-6 CE-5 PE-4 PE-2 epipe epipe OSSG382 *A:PE-1# configure service epipe 1 customer 1 create endpoint "X"...

  • Page 152

    Multi-Chassis LAG and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 2147483649 intVpls Down 1 _tmnx_InternalVplsService ------------------------------------------------------------------------------- Matching Services : 3 ------------------------------------------------------------------------------- =============================================================================== *A:PE-1# *A:PE-2# show service service-using =============================================================================== Services =============================================================================== ServiceId Type CustomerId Service Name ------------------------------------------------------------------------------- Epipe Down 1...

  • Page 153

    Advanced Configuration Guide - Part I Multi-Chassis LAG and Pseudowire Redundancy Releases Up To 15.0.R5 Interworking Step 11. Verify SDP status Local pseudowire bits indicate the status of the pseudowire on the PE node. These pseudowire bits will be sent to the peer. Peer pseudowire bits indicate the status of the pseudowire on the peer, as sent by the peer.

  • Page 154

    Multi-Chassis LAG and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 In this example, the remote side of the SDP is sending lacIngressFault lacEgressFault pwFwdingStandby flags. This is because the Epipe service on PE-3 is down because the MC-LAG is in standby/down status. Link and node protection can be tested.

  • Page 155

    Advanced Configuration Guide - Part I Multi-Chassis LAG and Pseudowire Redundancy Releases Up To 15.0.R5 Interworking Figure 34 ICB Spoke SDPs and Their Association with the Endpoints PE-3 PE-1 epipe epipe SDP SDP SDP MC-LAG MC-LAG ICB Spoke-SDP ICB Spoke-SDP CE-5 CE-6 SDP SDP SDP...

  • Page 156

    Multi-Chassis LAG and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 spoke-sdp 21:1 endpoint "Y" icb create exit spoke-sdp 21:2 endpoint "X" icb create exit *A:PE-3# configure service epipe 1 spoke-sdp 34:1 endpoint "X" icb create exit spoke-sdp 34:2 endpoint "Y"...

  • Page 157

    Advanced Configuration Guide - Part I Multi-Chassis LAG and Pseudowire Redundancy Releases Up To 15.0.R5 Interworking Last Tx Active Change : 10/25/2016 07:45:31 ------------------------------------------------------------------------------- Members ------------------------------------------------------------------------------- Spoke-sdp: 12:2 Prec:4 (icb) Oper Status: Up Spoke-sdp: 13:1 Prec:4 Oper Status: Up Spoke-sdp: 14:1 Prec:4 Oper Status: Up =============================================================================== ===============================================================================...

  • Page 158

    Multi-Chassis LAG and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 Figure 35 Additional Setup Example 1 PE-1 epipe MC-LAG MC-LAG ICB Spoke-SDP ICB Spoke-SDP CE-1 CE-2 epipe = SDP PE-2 = SAP PE-1 epipe CE-2 MC-LAG ICB Spoke-SDP...

  • Page 159: Figure 36 Additional Setup Example 2

    Advanced Configuration Guide - Part I Multi-Chassis LAG and Pseudowire Redundancy Releases Up To 15.0.R5 Interworking Figure 36 Additional Setup Example 2 PE-1 PE-3 epipe epipe Spoke- MC-LAG CE-2 ICB Spoke-SDP ICB Spoke-SDP CE-1 Spoke-SDP epipe = SDP PE-2 = SAP PE-1 PE-3 epipe...

  • Page 160

    Multi-Chassis LAG and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 MC-LAG in VPLS Services MC-LAG can also be configured in VPLS services. When the MC-LAG converges, the PE that transitions to standby state for the MC-LAG will send out an LDP address withdrawal message to all peers configured in the VPLS service.

  • Page 161

    *A:PE-1# tools perform lag clear-force lag-id 1 Conclusion MC-LAG is a Nokia added value redundancy feature that offers fast access link convergence in Epipe and VPLS services for CE devices that support standard LACP. PE node convergence for VPLS services is enhanced by using LDP address withdrawal messages to flush the FDB on the PE peers.

  • Page 162

    Multi-Chassis LAG and Pseudowire Redundancy Advanced Configuration Guide - Part I Interworking Releases Up To 15.0.R5 3HE 13717 AAAA TQZZA 01 Issue: 01...

  • Page 163: Port Cross-connect (pxc)

    Advanced Configuration Guide - Part I Port Cross-Connect (PXC) Releases Up To 15.0.R5 Port Cross-Connect (PXC) This chapter provides information about Port Cross-Connect (PXC). Topics in this chapter include: • Applicability • Overview • Configuration • Conclusion Applicability The information and configuration in this chapter are based on SR OS Release 14.0.R5.

  • Page 164: Figure 37 Example Topology

    Port Cross-Connect (PXC) Advanced Configuration Guide - Part I Releases Up To 15.0.R5 • The AS mode creates a Forwarding Path Extension (FPE) context through which the system can automatically create cross-connects to simplify user provisioning. Use-case examples for AS mode include PW port for business VPN services, VXLAN termination on a non-system interface, ESM over Pseudowire, and GRE tunnel termination.

  • Page 165

    Advanced Configuration Guide - Part I Port Cross-Connect (PXC) Releases Up To 15.0.R5 ------------------------------------------------------------------------------- imm-2pac-fp3 =============================================================================== Configuration PXC Configuration A PXC can consist of a single non-redundant port, or for redundancy and increased capacity, can consist of multiple ports that form member links of a Link Aggregation Group (LAG).

  • Page 166

    Port Cross-Connect (PXC) Advanced Configuration Guide - Part I Releases Up To 15.0.R5 encapsulation is set to dot1q, which is the default for hybrid ports. Q-in-Q encapsulation is also supported. It is also possible to configure dot1q encapsulation on one PXC sub-port and Q-in-Q encapsulation on the opposing PXC sub-port if, for example, there is a requirement to expose more VLAN tags on one side of the loop than the other side of the loop.

  • Page 167: Figure 38 Non-redundant Pxc

    Advanced Configuration Guide - Part I Port Cross-Connect (PXC) Releases Up To 15.0.R5 =============================================================================== Ethernet Interface =============================================================================== Description : Port cross-connect Interface : pxc-1.a Oper Speed : 10 Gbps Link-level : Ethernet Config Speed : N/A Admin State : up Oper Duplex : full Oper State...

  • Page 168

    Port Cross-Connect (PXC) Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Redundant PXC For a redundant PXC, the fundamental building blocks are identical to those of the non-redundant PXC, but there are a few additional configuration steps required to construct the LAGs to which the redundant PXC ports belong.

  • Page 169

    Advanced Configuration Guide - Part I Port Cross-Connect (PXC) Releases Up To 15.0.R5 The PXC sub-ports, together with the physical port, must then all be put into a no shutdown state: *A:PE-7# configure port pxc-2.a no shutdown *A:PE-7# configure port pxc-2.b no shutdown *A:PE-7# configure port pxc-3.a no shutdown *A:PE-7# configure port pxc-3.b no shutdown *A:PE-7# configure port 1/2/2 no shutdown...

  • Page 170: Figure 39 Pxc Redundant Mode With Lag

    Port Cross-Connect (PXC) Advanced Configuration Guide - Part I Releases Up To 15.0.R5 exit Figure 39 shows a representation of the redundant PXC with LAG. Both upstream and downstream traffic will pass twice through the FP data-path and port. Figure 39 PXC Redundant Mode with LAG Port FP3 complex...

  • Page 171

    Advanced Configuration Guide - Part I Port Cross-Connect (PXC) Releases Up To 15.0.R5 LACP : disabled Standby Signaling : lacp Port weight speed : 0 gbps Number/Weight Up Weight Threshold Threshold Action : down ------------------------------------------------------------------------------- Port-id Act/Stdby Opr Primary Sub-group Forced Prio -------------------------------------------------------------------------------...

  • Page 172

    Port Cross-Connect (PXC) Advanced Configuration Guide - Part I Releases Up To 15.0.R5 As shown in the following output, the Epipe service uses PXC 1, which is the non- redundant PXC port. This is only an example; it could similarly use the redundant PXC port, in which case the SAP syntax would be the conventional LAG syntax (for example, lag-1:100, lag-2:100).

  • Page 173

    Advanced Configuration Guide - Part I Port Cross-Connect (PXC) Releases Up To 15.0.R5 exit interface "to-CE-4" create address 192.168.100.1/30 sap pxc-1.b:100 create exit exit group "EBGP" ---snip--- no shutdown exit PXC Port Dimensioning When the VPRN service at PE-7 is put into a no shutdown state, the EBGP session to CE-4 is established.

  • Page 174

    Port Cross-Connect (PXC) Advanced Configuration Guide - Part I Releases Up To 15.0.R5 QoS Continuity The application of ingress/egress SAP QoS policies is fundamentally the same for a PXC-based SAP as it is for a conventional SAP. However, there is a difference with regard to how ingress Forwarding Class (FC) mappings are maintained throughout the PXC in DVSM mode.

  • Page 175

    Advanced Configuration Guide - Part I Port Cross-Connect (PXC) Releases Up To 15.0.R5 fc af create queue 2 dot1p 3 exit fc be create queue 1 dot1p 1 exit fc ef create queue 3 dot1p 5 exit exit The configuration of the Tier 1 scheduler "aggregate-rate" referenced by the child queues in the preceding SAP-egress QoS policy is shown in the following output.

  • Page 176

    Port Cross-Connect (PXC) Advanced Configuration Guide - Part I Releases Up To 15.0.R5 configure service vprn 10 customer 1 create interface "to-CE-4" create address 192.168.100.1/30 sap pxc-1.b:100 create egress scheduler-policy "egress-hqos-scheduler" scheduler-override scheduler "aggregate-rate" create rate 20000 exit exit qos 2 exit exit exit...

  • Page 177

    Advanced Configuration Guide - Part I Port Cross-Connect (PXC) Releases Up To 15.0.R5 ingress qos 11 exit no shutdown exit exit The previous configuration show the required QoS policies for downstream traffic (VPRN egress to Epipe ingress). Corresponding QoS policies must also be configured for upstream traffic (Epipe egress to VPRN ingress).

  • Page 178

    Port Cross-Connect (PXC) Advanced Configuration Guide - Part I Releases Up To 15.0.R5 exit As in the previous configuration example, LAG 1 and LAG 2 are used for PXC redundancy. LAG 1 has the PXC sub-ports pxc-2.a and pxc-3.a as member links, while LAG 2 has the PXC sub-ports pxc-2.b and pxc-3.b as member links.

  • Page 179

    Advanced Configuration Guide - Part I Port Cross-Connect (PXC) Releases Up To 15.0.R5 *A:PE-7# show fwd-path-ext fpe 1 =============================================================================== FPE Id: 1 =============================================================================== Description : (Not Specified) Path : lag 1, lag 2 Pw Port : Enabled Oper : up Vxlan Termination : Disabled Oper...

  • Page 180

    Port Cross-Connect (PXC) Advanced Configuration Guide - Part I Releases Up To 15.0.R5 no shutdown exit no shutdown exit The following output shows the SDPs belonging to the preceding vc-switched Epipe service configured. The first SDP with identifier 2004:13 is the pseudowire toward PE-4 with VC-ID 13.

  • Page 181: Figure 40 As Mode With Redundant Fpe

    Advanced Configuration Guide - Part I Port Cross-Connect (PXC) Releases Up To 15.0.R5 Service Destination Point (Sdp Id : 17281) ============================================================================ SdpId AdmMTU OprMTU Far End ---------------------------------------------------------------------------- 17281 8678 fpe_1.a MPLS None ============================================================================ In SR OS, the combination of SDP ID and VC-ID is always associated with a service. When using AS mode, the system automatically creates an internal VPLS service with ID 2147383649 and a name of _tmns_InternalVplsService.

  • Page 182

    Port Cross-Connect (PXC) Advanced Configuration Guide - Part I Releases Up To 15.0.R5 address 172.31.107.1/24 sap 1/1/3:100 create exit exit interface "to-CE-4" create address 192.168.100.1/30 sap pw-1:100.1024 create exit exit group "EBGP" ---snip--- no shutdown exit exit FPE Port Dimensioning After the VPRN service at PE-7 is put into a no shutdown state, the EBGP session to CE-4 is established.

  • Page 183

    Advanced Configuration Guide - Part I Port Cross-Connect (PXC) Releases Up To 15.0.R5 ------------------------------------------------------------------------------- At time t = 18 sec (Mode: Rate) ------------------------------------------------------------------------------- 1/2/2! 22041 22041 % Util ~0.00 ~0.00 1/2/3! 32159 32159 % Util ~0.00 ~0.00 ------------------------------------------------------------------------------- Totals 54200 54200 % Util ~0.00...

  • Page 184

    Port Cross-Connect (PXC) Advanced Configuration Guide - Part I Releases Up To 15.0.R5 QoS Continuity When using AS mode, the FPE construct creates internal cross-connects between the vc-switching Epipe and the pw-port. These internal cross-connects function as MPLS tunnels that transit through internal network interfaces on the PXC sub-ports. The internal network interfaces use the default network policy 1 for egress marking and ingress classification/FC mapping.

  • Page 185

    Advanced Configuration Guide - Part I Port Cross-Connect (PXC) Releases Up To 15.0.R5 First, QoS continuity for downstream traffic is validated. The following output shows the relatively simple SAP-egress QoS policy that is applied to the egress of the VPRN interface (pw-port) toward CE-4. No classification of traffic and mapping to FCs are present in the policy, because the classification and mapping have already taken place on the SAP ingress at PE-7 (the SAP facing the test port C).

  • Page 186

    Port Cross-Connect (PXC) Advanced Configuration Guide - Part I Releases Up To 15.0.R5 exit exit exit port pxc-2.b ethernet egress-scheduler-policy "port-scheduler" exit no shutdown exit Finally, the SAP-egress QoS policy is applied to the pw-port SAP within the VPRN. The egress H-QoS scheduler is also attached and an override of the rate is configured.

  • Page 187

    Advanced Configuration Guide - Part I Port Cross-Connect (PXC) Releases Up To 15.0.R5 Monitoring of network interfaces does not show queue statistics (and is not supported on PXC sub-ports), but a verification of the sub-port statistics on the transit side (LAG 1) shows that packets are incrementing in ingress queue 6 on both sub- ports, as follows: *A:PE-7# show port pxc-2.a detail | match "Ingress Queue 6"...

  • Page 188

    Port Cross-Connect (PXC) Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Out/Exc Prof fwded Out/Exc Prof dropped *A:PE-7# show port pxc-3.a detail | match "Egress Queue 6" post-lines 4 Egress Queue Packets Octets In/Inplus Prof fwded 12893 6936434 In/Inplus Prof dropped: Out/Exc Prof fwded Out/Exc Prof dropped...

  • Page 189

    Advanced Configuration Guide - Part I Port Cross-Connect (PXC) Releases Up To 15.0.R5 For completeness, the configuration of the Tier 1 scheduler "aggregate-rate" referenced by the child queues in the preceding SAP-ingress QoS policy is as follows. Unlike the egress counterpart, there is no parenting to a port-scheduler because this is an egress function only.

  • Page 190

    Port Cross-Connect (PXC) Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Packets Octets ---snip--- Ingress Queue 3 (Unicast) (Priority) Off. HiPrio 0.00 Off. LowPrio : 100 51647 0.04 Dro. HiPrio 0.00 Dro. LowPrio 0.00 For. InProf 0.00 For. OutProf : 100 51647 0.04...

  • Page 191

    Advanced Configuration Guide - Part I Port Cross-Connect (PXC) Releases Up To 15.0.R5 spoke-sdp 2002:13 endpoint "redundant-Layer3" create precedence primary no shutdown exit spoke-sdp 2007:13 endpoint "redundant-Layer3" create no shutdown exit no shutdown exit As shown in the following output, PE-4 has the spoke-SDP to PE-7 (sdp 2007:13) as administratively and operationally up, but is signaling a status of standby (pwFwdingStandby).

  • Page 192

    Port Cross-Connect (PXC) Advanced Configuration Guide - Part I Releases Up To 15.0.R5 The pw-port 1 used throughout in this example is internally bound to SDP 17281, as shown in the first of the following outputs. The second output shows that this SDP is operationally down with the flag "stitchingSvcTxDown".

  • Page 193

    Advanced Configuration Guide - Part I Port Cross-Connect (PXC) Releases Up To 15.0.R5 To verify a failover, the state of the active/standby pseudowire is transitioned by failing the active pseudowire between PE-4 and PE-2. This causes PE-4 to declare the pseudowire to PE-7 active, which clears the standby status bits. This action causes the SDP (17281) bound to pw-port 1 to become operationally up, followed by pw-port 1 and its associated SAPs, followed by the VPRN IP interface "to-CE-4".

  • Page 194

    Port Cross-Connect (PXC) Advanced Configuration Guide - Part I Releases Up To 15.0.R5 3HE 13717 AAAA TQZZA 01 Issue: 01...

  • Page 195: Router Configuration

    Advanced Configuration Guide - Part I Router Configuration Releases Up To 15.0.R5 Router Configuration In This Section This section provides configuration information for the following topics: • 6PE Next-Hop Resolution • Aggregate Route Indirect Next-Hop Option • Bi-Directional Forwarding Detection •...

  • Page 196

    Router Configuration Advanced Configuration Guide - Part I Releases Up To 15.0.R5 3HE 13717 AAAA TQZZA 01 Issue: 01...

  • Page 197: Pe Next-hop Resolution

    Advanced Configuration Guide - Part I 6PE Next-Hop Resolution Releases Up To 15.0.R5 6PE Next-Hop Resolution This chapter provides information about 6PE Next-Hop Resolution. Topics in this chapter include: • Applicability • Overview • Configuration • Conclusion Applicability The information and configuration in this chapter are based on SR OS Release 14.0.R7.

  • Page 198: Figure 41 Ipv6 Provider Edge (6pe)

    6PE Next-Hop Resolution Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Figure 41 IPv6 Provider Edge (6PE) RR-3 MPLS 2001::10:10:1:0/120 2001::10:10:4:0/120 MPLS tunnel CE-1 CE-4 PE-1 PE-4 Dual stack Dual stack 6PE router 6PE router IPv6 IPv4 IPv6 26333 The 6PE route next-hop resolution is configured using the following command: *A:PE-1# configure router bgp next-hop-resolution label-route-transport-...

  • Page 199

    Advanced Configuration Guide - Part I 6PE Next-Hop Resolution Releases Up To 15.0.R5 With 6PE next-hop resolution set to filter, a subset of protocols is required, and LDP is automatically added to the protocol list in the resolution filter. The following example shows that when one tries to create a resolution filter that includes the BGP protocol only, the resolution filter includes LDP and BGP.

  • Page 200: Figure 42 Example Topology

    6PE Next-Hop Resolution Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Figure 42 Example Topology RR-3 192.0.2.3 MPLS 192.168.23.0/30 2001::10:10:1:0/120 2001::10:10:4:0/120 192.168.12.0/30 192.168.24.0/30 CE-1 CE-4 PE-1 PE-4 192.0.2.1 192.0.2.2 192.0.2.4 IPv6 IPv4 IPv6 26334 The initial configuration on the nodes is as follows: •...

  • Page 201

    Advanced Configuration Guide - Part I 6PE Next-Hop Resolution Releases Up To 15.0.R5 sr-isis exit resolution filter exit exit exit group "iBGP" export "export-6pe" peer-as 64496 neighbor 192.0.2.3 family label-ipv6 exit exit The export policy "export-6pe" exports the IPv6 prefixes that are local to the PE, for example, on PE-1: 2001::10:10:1:0/120, and is defined as follows: configure router...

  • Page 202

    6PE Next-Hop Resolution Advanced Configuration Guide - Part I Releases Up To 15.0.R5 IES Configuration On PE-1, an IES is configured with IPv6 addresses on the interface toward CE-1, as follows: configure service ies 1 customer 1 create description "6PE" interface "int-PE-1-CE-1"...

  • Page 203

    Advanced Configuration Guide - Part I 6PE Next-Hop Resolution Releases Up To 15.0.R5 6PE Next Hop Resolved to an LDP Tunnel On PE-1, the route for prefix 2001::10:10:4:0/120 uses a tunnel to 6PE next hop 192.0.2.4, as follows: *A:PE-1# show router route-table 2001::10:10:4:0/120 =============================================================================== IPv6 Route Table (Router: Base) ===============================================================================...

  • Page 204: Figure 43 6pe Next Hop Resolved To An Ldp Tunnel

    6PE Next-Hop Resolution Advanced Configuration Guide - Part I Releases Up To 15.0.R5 ------------------------------------------------------------------------------- Total Entries : 1 The extended route information for IPv6 prefix 2001::10:10:4:0/120 shows that the 6PE next hop 192.0.2.4 is resolved to an LDP tunnel: *A:PE-1# show router route-table 2001::10:10:4:0/120 extensive =============================================================================== Route Table (Router: Base) ===============================================================================...

  • Page 205

    Advanced Configuration Guide - Part I 6PE Next-Hop Resolution Releases Up To 15.0.R5 6PE Next Hop Resolved to an RSVP-TE Tunnel MPLS and RSVP are enabled on the interfaces between the PEs and P-2. On both PEs, an RSVP-TE LSP is configured toward the peer PE; for example, on PE-1: configure router mpls...

  • Page 206: Figure 44 6pe Next Hop Resolved To An Rsvp-te Tunnel

    6PE Next-Hop Resolution Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Indirect Next-Hop : 192.0.2.4 Label : Priority=n/c, FC=n/c Source-Class Dest-Class ECMP-Weight : N/A Resolving Next-Hop : 192.0.2.4 (RSVP tunnel:1) Metric : 20 ECMP-Weight : N/A ------------------------------------------------------------------------------- No. of Destinations: 1 Figure 44 shows that the 6PE next hop 192.0.2.4 is resolved to an RSVP-TE tunnel, even though an LDP tunnel is available too.

  • Page 207

    Advanced Configuration Guide - Part I 6PE Next-Hop Resolution Releases Up To 15.0.R5 segment-routing prefix-sid-range start-label 20000 max-index 99 no shutdown exit exit For more information about SR-ISIS, see chapter Segment Routing with IS-IS Control Plane. The following output shows that three tunnels are available toward 6PE next hop 192.0.2.4/32: *A:PE-1# show router fp-tunnel-table 1 192.0.2.4/32 ===============================================================================...

  • Page 208

    6PE Next-Hop Resolution Advanced Configuration Guide - Part I Releases Up To 15.0.R5 To verify that LDP tunnels are preferred over SR-ISIS tunnels, the RSVP-TE LSPs are put in a shutdown state, as follows: *A:PE-1# configure router mpls lsp "LSP-PE-1-PE-4" shutdown *A:PE-4# configure router mpls lsp "LSP-PE-4-PE-1"...

  • Page 209

    Advanced Configuration Guide - Part I 6PE Next-Hop Resolution Releases Up To 15.0.R5 *A:PE-1# show router fp-tunnel-table 1 192.0.2.4/32 =============================================================================== Tunnel Table Display Legend: B - FRR Backup =============================================================================== Destination Protocol Tunnel-ID NextHop Intf/Tunnel ------------------------------------------------------------------------------- 192.0.2.4/32 SR-ISIS-0 20004 192.168.12.2 1/1/1 ------------------------------------------------------------------------------- Total Entries : 1 The 6PE next hop 192.0.2.4 is resolved to an SR-ISIS tunnel, as follows:...

  • Page 210: Figure 45 6pe Next Hop Resolved To An Sr-isis Tunnel

    6PE Next-Hop Resolution Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Figure 45 6PE Next Hop Resolved to an SR-ISIS Tunnel RR-3 SR-ISIS 2001::10:10:1:0/120 2001::10:10:4:0/120 SR-ISIS tunnel CE-1 CE-4 PE-1 PE-4 Dual stack Dual stack 6PE router 6PE router IPv6 IPv4 IPv6...

  • Page 211: Figure 46 Example Topology For Seamless Mpls

    Advanced Configuration Guide - Part I 6PE Next-Hop Resolution Releases Up To 15.0.R5 Figure 46 Example Topology for Seamless MPLS 192.168.12.0/30 192.168.23.0/30 192.168.34.0/30 2001::10:10:1:0/120 2001::10:10:4:0/120 CE-1 CE-4 PE-1 ABR-2 ABR-3 PE-4 Dual stack 192.0.2.2/32 192.0.2.3/32 Dual stack 6PE router 6PE router 192.0.2.1/32 192.0.2.4/32 IPv6...

  • Page 212: Figure 47 Configured Protocols For Seamless Mpls

    6PE Next-Hop Resolution Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Figure 47 shows the configured protocols for this example: IS-IS instances, LDP, BGP labeled IPv4 with the ABRs as route reflector with next-hop-self (NHS) option, and BGP labeled IPv6 peering between PE-1 and PE-4. Figure 47 Configured Protocols for Seamless MPLS Aggregation...

  • Page 213

    Advanced Configuration Guide - Part I 6PE Next-Hop Resolution Releases Up To 15.0.R5 interface "system" exit interface "int-ABR-2-ABR-3" interface-type point-to-point exit exit interface-parameters interface "int-ABR-2-PE-1" exit interface "int-ABR-2-ABR-3" exit exit exit The configuration is similar on the other nodes. Only the ABRs have two IS-IS instances configured;...

  • Page 214

    6PE Next-Hop Resolution Advanced Configuration Guide - Part I Releases Up To 15.0.R5 neighbor 192.0.2.4 family label-ipv6 exit exit The configuration is similar on PE-4, but the neighbor IP addresses are different. The resolution filter will include LDP as well as BGP, because it is added automatically.

  • Page 215

    Advanced Configuration Guide - Part I 6PE Next-Hop Resolution Releases Up To 15.0.R5 The BGP configuration on ABR-2 has two different groups for BGP labeled IPv4 peering: one toward the aggregation network-with the ABR as RR-and one toward the core, as follows: configure router autonomous-system 64496...

  • Page 216

    6PE Next-Hop Resolution Advanced Configuration Guide - Part I Releases Up To 15.0.R5 =============================================================================== Legend : D - Dynamic Neighbor =============================================================================== Neighbor Description ServiceId AS PktRcvd InQ Up/Down State|Rcv/Act/Sent (Addr Family) PktSent OutQ ------------------------------------------------------------------------------- 192.0.2.2 Def. Instance 64496 0 00h00m08s 1/1/1 (Lbl-IPv4) 192.0.2.4 Def.

  • Page 217

    Advanced Configuration Guide - Part I 6PE Next-Hop Resolution Releases Up To 15.0.R5 ------------------------------------------------------------------------------- 192.0.2.4/32 262135 192.0.2.2 ------------------------------------------------------------------------------- Total Entries : 1 On ABR-2, the BGP labeled route to 192.0.2.4/32 has next hop 192.0.2.3 and uses an LDP tunnel in the core network to reach ABR-3, as follows: *A:ABR-2# show router fp-tunnel-table 1 192.0.2.4/32 =============================================================================== Tunnel Table Display...

  • Page 218

    6PE Next-Hop Resolution Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Figure 48 BGP Labeled IPv4 Tunnel for 192.0.2.4/32 Using LDP Tunnels Aggregation Core Aggregation 2001::10:10:1:0/120 2001::10:10:4:0/120 CE-1 CE-4 PE-1 ABR-2 ABR-3 PE-4 Dual stack Dual stack 6PE router 6PE router Legend: LDP tunnel...

  • Page 219: Aggregate Route Indirect Next-hop Option

    Advanced Configuration Guide - Part I Aggregate Route Indirect Next-Hop Option Releases Up To 15.0.R5 Aggregate Route Indirect Next-Hop Option This chapter provides information about aggregate route indirect next-hop option configurations. Topics in this chapter include: • Applicability • Overview •...

  • Page 220

    Aggregate Route Indirect Next-Hop Option Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Figure 49 Aggregate Routes 10.16.12.0/24 10.16.13.0/24 10.16.14.0/24 10.16.12.0/22 Router A Router B Routing Table Routing Table 10.16.15.0/24 10.16.12.0/24 10.16.12.0/22 10.16.13.0/24 10.16.14.0/24 10.16.15.0/24 al_0294 Figure 49, Router A could choose to advertise all the four routes or one aggregate route.

  • Page 221: Figure 50 Example Topology

    Advanced Configuration Guide - Part I Aggregate Route Indirect Next-Hop Option Releases Up To 15.0.R5 Figure 50 Example topology Aggregate Route with Indirect Next Hop Resolved Indirect Next Hop PE-1 PE-2 192.168.12.0/30 192.0.2.1/32 192.0.2.1/32 192.0.2.2/32 192.168.14.0/30 192.168.23.0/30 al_0295 Initial Configuration The nodes have the following basic configuration: •...

  • Page 222

    Aggregate Route Indirect Next-Hop Option Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Aggregate Route with Indirect Next Hop Option This feature adds a keyword indirect and an associated IP address parameter to the aggregate command in these configuration contexts: —...

  • Page 223

    Advanced Configuration Guide - Part I Aggregate Route Indirect Next-Hop Option Releases Up To 15.0.R5 • <ip-address> — Installing an aggregate route with an indirect next-hop is supported for both IPv4 and IPv6 prefixes. However if the aggregate prefix is IPv6 the indirect next-hop must be an IPv6 address and if the aggregate prefix is IPv4 the indirect next-hop must be an IPv4 address.

  • Page 224

    Aggregate Route Indirect Next-Hop Option Advanced Configuration Guide - Part I Releases Up To 15.0.R5 ------------------------------------------------------------------------------- No. of Aggregates: 1 =============================================================================== *A:PE-1# The inactive aggregate route does not appear in the routing table: *A:PE-1# show router route-table =============================================================================== Route Table (Router: Base) =============================================================================== Dest Prefix[Flags] Type...

  • Page 225

    Advanced Configuration Guide - Part I Aggregate Route Indirect Next-Hop Option Releases Up To 15.0.R5 *A:PE-1# show router aggregate =============================================================================== Legend: G - generate-icmp enabled =============================================================================== Aggregates (Router: Base) =============================================================================== Prefix Aggr IP-Address Aggr AS Summary AS Set State NextHop Community NextHopType -------------------------------------------------------------------------------...

  • Page 226

    Aggregate Route Indirect Next-Hop Option Advanced Configuration Guide - Part I Releases Up To 15.0.R5 *A:PE-1# configure router static-route-entry 192.168.11.0/24 next-hop 192.168.12.2 no shutdown exit exit In the route table, the aggregate route is no longer black-holed. The next hop for the indirect next hop is 192.168.12.2 (PE-2).

  • Page 227

    Advanced Configuration Guide - Part I Aggregate Route Indirect Next-Hop Option Releases Up To 15.0.R5 ------------------------------------------------------------------------------- 10.16.12.0/22 Remote Static 00h00m00s 192.168.23.2 192.0.2.2/32 Local Local 00h13m44s system 192.168.12.0/30 Local Local 00h13m44s int-PE-2-PE-1 192.168.23.0/30 Local Local 00h13m44s int-PE-2-PE-3 ------------------------------------------------------------------------------- No. of Routes: 4 Conclusion Aggregate routes offer several advantages, the key being reduction in the routing table size and overcoming routing loops, among other things.

  • Page 228

    Aggregate Route Indirect Next-Hop Option Advanced Configuration Guide - Part I Releases Up To 15.0.R5 3HE 13717 AAAA TQZZA 01 Issue: 01...

  • Page 229: Bi-directional Forwarding Detection

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 Bi-Directional Forwarding Detection This chapter provides information about bi-directional forwarding (BFD) detection. Topics in this chapter include: • Applicability • Overview • Configuration • Conclusion Applicability This chapter is applicable to the 7x50 series. BFD timing differences among platforms will be indicated.

  • Page 230

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 BFD protocol provides rapid link continuity checking between network devices, and the state of BFD can be propagated to IP routing protocols to drastically reduce convergence time in cases where a physical network error occurs in a transport network.

  • Page 231

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 Figure 51 BFD Multi-Scenarios BFD Session Transport Transport Netw or IES Netw or IES Device Device Supported Protocols: • OSPF • IS-IS System i/f • BGP • PIM •...

  • Page 232: Figure 52 Bfd Centralized Sessions

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 − Minimum 300 ms in 7x50 SR-1 and ESS-1 − Minimum 100 ms in 7x50 equipped with SF/CPM 1 and in every 7x50 up to Release 7.0 −...

  • Page 233: Figure 53 Bfd Interface Configuration

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 On the other end, when the two peers are directly connected, the BFD session is local by default, but in a 7x50 equipped with SF/CPM 2 or higher, the user can choose what session type (local or centralized) to implement.

  • Page 234

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 exit exit On PE2: configure router interface "int-PE-2-PE-1" address 192.168.1.2/30 port 1/1/2 bfd 100 receive 100 multiplier 3 no shutdown exit exit exit The following show commands are used to verify the BFD configuration on the router interfaces on PE1 and PE2.

  • Page 235

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 bfd <transmit-interval> [receive <receive-interval>] [multiplier <multiplier>] [echo-receive <echo-interval>] [type <cpm-np>] no bfd <transmit-interval> : [10..100000] in milliseconds <receive-interval> : [10..100000] in milliseconds <multiplier> : [3..20] <echo-interval> : [100..100000] in milliseconds <cpm-np>...

  • Page 236

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 int-PE-1-PE-2 192.168.1.2 ospf2 ------------------------------------------------------------------------------- No. of BFD sessions: 1 =============================================================================== *A:PE-1# If the command gives a negative output, troubleshoot it by firstly checking that the protocol that is bound to it is up: for instance, check the OSPF neighbor adjacency as shown in following example.

  • Page 237

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 Rx Interval : 100 Tx Interval : 100 Multiplier Echo Interval Recd Msgs : 996 Sent Msgs : 1031 Up Time : 0d 00:00:07 Up Transitions Down Time : None Down Transitions : 1 Version Mismatch : 0...

  • Page 238

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 exit exit On PE2: configure router isis interface "int-PE-2-PE-1" bfd-enable ipv4 exit exit exit exit Finally, verify that the BFD session is operational between PE1 and PE2. On PE1: *A:PE-1# show router bfd session ===============================================================================...

  • Page 239

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 BFD for OSPF The goal of this section is to configure BFD on a network interlink between two 7750 nodes that are OSPF peers. For this scenario, the topology is shown in Figure Figure 55 BFD for OSPF...

  • Page 240

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Verify that the BFD session is operational between PE1 and PE2. On PE1: *A:PE-1# show router bfd session =============================================================================== Legend: wp = Working path pp = Protecting path =============================================================================== BFD Session ===============================================================================...

  • Page 241

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 Figure 56 BFD for OSPF and PIM Same BFD Session Bound To Both OSPF and PIM Transport Transport int-PE-1-PE-2 int-PE-2-PE-1 Device Device port 1/1/1 port 1/1/2 192.168.1.1 192.168.1.2 OSPF and PIM OSSG558...

  • Page 242: Figure 57 Bfd For Static Routes

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 LAG port LAG ID ------------------------------------------------------------------------------- int-PE-1-PE-2 192.168.1.2 ospf2 pim ------------------------------------------------------------------------------- No. of BFD sessions: 1 =============================================================================== *A:PE-1# On PE2: *A:PE-2# show router bfd session =============================================================================== Legend: wp = Working path pp = Protecting path =============================================================================== BFD Session...

  • Page 243

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 configure router static-route 10.1.2.0/24 next-hop 192.168.1.2 exit exit On PE2: configure router static-route 10.1.1.0/24 next-hop 192.168.1.1 exit exit Next, verify that static routes are populated in the routing table. On PE1: *A:PE-1# show router route-table protocol static ===============================================================================...

  • Page 244

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 The next step is to configure the base level BFD on PE1 and PE2. Refer to paragraph BFD Base Parameter Configuration and Troubleshooting. Then apply BFD to the static routing entries using the BFD interfaces as next-hop. On PE1: configure router...

  • Page 245

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 If/Lsp Name/Svc-Id/RSVP-sess State Tx Intvl Rx Intvl Multipl Rem Addr/Info/SdpId:VcId Protocols Tx Pkts Rx Pkts Type LAG port LAG ID ------------------------------------------------------------------------------- int-PE-2-PE-1 192.168.1.1 static ------------------------------------------------------------------------------- No. of BFD sessions: 1 =============================================================================== *A:PE-2# BFD for IES...

  • Page 246

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 On PE-2: configure service ies 2 customer 1 create interface int-IES-PE-2-PE-1 create address 192.168.3.2/30 spoke-sdp 2010:1 create exit exit no shutdown exit exit exit The next step is to add the IES interfaces to the OSPF area domain. On PE-1: configure router...

  • Page 247

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 Service Basic Information =============================================================================== Service Id Vpn Id Service Type : IES Name : (Not Specified) Description : (Not Specified) Customer Id Creation Origin : manual Last Status Change: 12/09/2015 10:25:21 Last Mgmt Change : 12/09/2015 10:25:08 Admin State...

  • Page 248

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 =============================================================================== *A:PE-2# *A:PE-2# show router ospf neighbor =============================================================================== Rtr Base OSPFv2 Instance 0 Neighbors =============================================================================== Interface-Name Rtr Id State RetxQ Area-Id ------------------------------------------------------------------------------- int-PE-2-PE-1 192.0.2.1 Full 0.0.0.0 int-IES-PE-2-PE-1 192.0.2.1 Full 0.0.0.0...

  • Page 249

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 Note that in case of BFD over spoke SDP, a centralized BFD session is created even if a physical link exists between the two nodes. In fact, the next output shows that BFD session type is cpm-np.

  • Page 250

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Figure 59 BFD for RSVP BFD Session for RSVP RSVP RSVP int-PE-2-PE-1 int-PE-1-PE-2 LSP-PE-1-PE-2 LSP-PE-2-PE-1 RSVP-TE OSSG561 To enable the BFD session between the two RSVP peers, the user should follow these steps: First, configure BFD on interfaces between PE-1 and PE-2 as described in BFD Base...

  • Page 251

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 no shutdown exit exit exit On PE-2: configure router mpls interface "system" no shutdown exit interface "int-PE-2-PE-1" no shutdown exit exit rsvp interface "system" no shutdown exit interface "int-PE-2-PE-1"...

  • Page 252

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Then, apply BFD on the RSVP Interfaces. On PE1: configure router rsvp interface "int-PE-1-PE-2" bfd-enable exit exit exit exit On PE2: configure router rsvp interface "int-PE-2-PE-1" bfd-enable exit exit exit...

  • Page 253: Figure 60 Bfd For T-ldp

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 If/Lsp Name/Svc-Id/RSVP-sess State Tx Intvl Rx Intvl Multipl Rem Addr/Info/SdpId:VcId Protocols Tx Pkts Rx Pkts Type LAG port LAG ID ------------------------------------------------------------------------------- int-PE-2-PE-1 192.168.1.1 rsvp ------------------------------------------------------------------------------- No. of BFD sessions: 1 =============================================================================== *A:PE-2# BFD for T-LDP...

  • Page 254

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 When using BFD over other links with the ability to reroute, such as spoke-SDPs, the interval and multiplier values configuring BFD should be set to allow sufficient time for the underlying network to re-converge before the associated BFD session expires.

  • Page 255

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 configure router targeted-session peer 192.0.2.2 bfd-enable exit exit exit exit exit Note that the loopback interface can be used to source BFD sessions to many peers in the network. Finally, check that the BFD session is up.

  • Page 256

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 When the T-LDP session comes up, a centralized BFD session is always created (cpm-np) even if the local interface has a direct link to the peer. BFD for OSPF PE-CE Adjacencies This feature extends BFD support to OSPF within a VPRN context when OSPF is used as the PE-CE protocol.

  • Page 257

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 configure router interface "int-CE-1-PE-1" address 172.16.0.2/24 port 1/1/1:1 bfd 100 receive 100 multiplier 3 no shutdown exit ospf area 0 interface int-CE-1-PE-1 exit exit exit exit exit Then, ensure that OSPF adjacency is up.

  • Page 258

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Enable BFD on the CE-1-PE-1 interface on CE-1. configure router ospf area 0 interface int-CE-1-PE-1 bfd-enable Finally, check that the BFD sessions are up in both PE-1 and CE-1. *A:PE-1# show router 1 bfd session =============================================================================== Legend:...

  • Page 259: Figure 62 Bfd Sessions Within Ipsec Tunnels

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 Figure 62 BFD Sessions within IPSec Tunnels Interface Private-ipsec 192.168.2.254/24 Interface Public-ipsec ISA-IPsec 192.168.2.1/24 Interface to Internet SAP ipsec-1.public:1 SAP ipsec-1.private:1 192.168.1.1/24 VPRN 2 BFD Session Loopback i/f 172.16.2.1/32 10.1.1.0/24 172.16.1.1...

  • Page 260

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 interface "public-ipsec" create address 192.168.2.1/24 sap tunnel-1.public:1 create exit exit no shutdown exit exit exit configure service vprn 2 customer 1 create ipsec security-policy 1 create entry 10 create local-ip 192.168.3.1/32 remote-ip any exit...

  • Page 261

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 static-route 10.1.2.0/24 ipsec-tunnel "t2" metric 1 static-route 10.1.2.0/24 ipsec-tunnel "t3" metric 5 no shutdown exit exit exit Then configure the BFD parameters within loopback interface loop (refer to Base Parameter Configuration and Troubleshooting).

  • Page 262: Figure 63 Logic For Shared Bfd Sessions

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 • BFD over IPSec sessions are centralized, managed by the hardware on the CPM. • Only BFD over static lan-to-lan tunnel is supported in Release 8.0 (not dynamic). •...

  • Page 263: Figure 64 Bfd For Vrrp

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 BFD for VRRP This feature assigns a BFD session to provide a heart-beat mechanism for the given VRRP instance. It should be noted that there can be only one BFD session assigned to any given VRRP instance, but there can be multiple VRRP sessions using the same BFD session.

  • Page 264

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 On PE-2: configure service ies 10 customer 1 create interface "int-vrrp-ies-PE-2" create address 192.168.1.2/24 sap 1/1/3:10 create exit exit no shutdown exit exit exit Verify that the IES services are operational (show service service-using) and verify that you can ping the remote interface IP address.

  • Page 265

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 no shutdown exit exit exit On PE-2: configure service ies 10 customer 1 create interface "int-vrrp-ies-PE-2" create vrrp 10 backup 192.168.1.1 ping-reply telnet-reply ssh-reply exit vrrp 30 owner backup 192.168.1.2 exit exit...

  • Page 266

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 exit exit no shutdown exit exit exit The parameters used for the BFD are set by the BFD command under the IP interface. Note that unlike the previous scenarios, the user can enter the commands above, enabling the BFD session, even if the specified interface (vrrp_ies_PE1) has not been configured with BFD parameters.

  • Page 267

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 =============================================================================== =============================================================================== *A:PE-1# This session is shared by all the VRRP instances configured between the specified interfaces. When BFD is configured in a VRRP instance, the following command gives details of BFD related to every instance: *A:PE-1# show router vrrp instance interface "int-vrrp-ies-PE-1"...

  • Page 268

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Pri Zero Pkts Sent Pri Zero Pkts Rcvd: 0 Preempt Events Preempted Events Mesg Intvl Discards : 0 Mesg Intvl Errors : 0 Addr List Discards Addr List Errors Auth Type Mismatch Auth Failures Invalid Auth Type...

  • Page 269

    Advanced Configuration Guide - Part I Bi-Directional Forwarding Detection Releases Up To 15.0.R5 Preempt Events Preempted Events Mesg Intvl Discards : 0 Mesg Intvl Errors : 0 Addr List Discards Addr List Errors Auth Type Mismatch Auth Failures Invalid Auth Type Invalid Pkt Type IP TTL Errors Pkt Length Errors : 0...

  • Page 270

    Bi-Directional Forwarding Detection Advanced Configuration Guide - Part I Releases Up To 15.0.R5 BFD is linked to a protocol state. For BFD session to be established, the prerequisite condition is that the protocol to which the BFD is linked must be operationally active. Once the BFD session is established, the state of the protocol to which BFD is tied to is then determined based on the BFD session’s state.

  • Page 271: Hybrid Openflow Switch

    Advanced Configuration Guide - Part I Hybrid OpenFlow Switch Releases Up To 15.0.R5 Hybrid OpenFlow Switch This chapter provides information about Hybrid OpenFlow Switch. Topics in this chapter include: • Applicability • Overview • Configuration • Conclusion Applicability The information and configuration in this chapter are based on SR OS Release 14.0.R5.

  • Page 272

    Hybrid OpenFlow Switch Advanced Configuration Guide - Part I Releases Up To 15.0.R5 An OpenFlow switch may have one or more flow tables, each of which contains one or more flow entries. A flow is a sequence of packets that matches a specific entry in a flow table.

  • Page 273

    Advanced Configuration Guide - Part I Hybrid OpenFlow Switch Releases Up To 15.0.R5 The Datapath ID is an 8-byte value used to uniquely identify the switch. To construct it, SR OS uses a concatenation of the OpenFlow switch instance ID (2 bytes) and the chassis MAC (6 bytes).

  • Page 274

    Hybrid OpenFlow Switch Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Table 2 OpenFlow Messages Message Type Message Description Controller-to-switch Feature [OFPT_FEATURES_REQUEST/REPLY] Used by controller to query capabilities of the switch. Typically used on session establishment. Configuration [OFPT_GET_CONFIG_REQUEST/REPL Y, OFPT_SET_CONFIG] Used to set and query configuration parameters in the switch.

  • Page 275: Table 2 Openflow Messages

    Advanced Configuration Guide - Part I Hybrid OpenFlow Switch Releases Up To 15.0.R5 Table 2 OpenFlow Messages (Continued) Message Type Message Description Asynchronous Packet-In [OFPT_PACKET_IN] Used to transfer a packet to the controller (for example, a table-miss flow entry). Flow-Removed [OFPT_FLOW_REMOVED] Used to notify the controller that a flow entry has been removed from the flow table.

  • Page 276

    Hybrid OpenFlow Switch Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Configuration Figure 65 shows an example topology to demonstrate the use of OpenFlow. PE routers PE-1 through PE-8 form part of AS 65545 and run IS-IS and RSVP. All PE routers are IBGP clients of a Route Reflector situated at PE-2 for the IPv4 and VPN- IPv4 address families.

  • Page 277: Table 3 Flow_mod Cookie Value

    Advanced Configuration Guide - Part I Hybrid OpenFlow Switch Releases Up To 15.0.R5 OpenFlow Switch Configuration OpenFlow specification 1.3.1 allows for multiple flow tables within an OpenFlow switch that are sequentially numbered starting at zero. A function referred to as pipeline processing subsequently matches packets, first against flow entries of flow table 0, but allows for instructions to optionally direct a packet to another flow table, where the process is repeated.

  • Page 278

    Hybrid OpenFlow Switch Advanced Configuration Guide - Part I Releases Up To 15.0.R5 aux-channel-enable controller 192.0.2.224:6653 flowtable 0 switch-defined-cookie max-size 4096 exit logical-port-status rsvp-te no shutdown exit exit The of-switch command allows for the creation of a switch instance and requires a name of 1 to 32 characters.

  • Page 279

    Advanced Configuration Guide - Part I Hybrid OpenFlow Switch Releases Up To 15.0.R5 =============================================================================== Open Flow Switch Information =============================================================================== Switch Name : ofs-1 Data Path ID : 00030ca40202d401 Admin Status : Up Echo Interval : 10 seconds Echo Multiple Logical Port Type : rsvp-te Buffer Size Num.

  • Page 280

    Hybrid OpenFlow Switch Advanced Configuration Guide - Part I Releases Up To 15.0.R5 (Master or Equal): table-miss apply-action (Slave) : (Not Specified) Async Fltr Port Status (Master or Equal): port-add port-delete port-modify (Slave) : port-add port-delete port-modify Async Fltr Flow Rem (Master or Equal): idle-time-out hard-time-out flow-mod-delete group-delete (Slave) : (Not Specified)

  • Page 281

    Advanced Configuration Guide - Part I Hybrid OpenFlow Switch Releases Up To 15.0.R5 The version, connection type, and Auxiliary ID have been previously described. The output shows asynchronous filters (Async Fltr), dependent on the role that the controller is playing. A controller may use Asynchronous Configuration (OFPT_SET_ASYNC) messages to set a filter on the asynchronous messages that it receives from the switch.

  • Page 282: Figure 66 Openflow Operation In Base Routing Context

    Hybrid OpenFlow Switch Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Figure 66 OpenFlow Operation in Base Routing Context OpenFlow Controller 192.0.2.224 PE-1 PE-2 AS 65545 192.0.2.43 192.0.2.13 PE-3 PE-4 192.168.1.0/30 IES 1 192.0.2.45 192.0.2.19 EBGP Test Port B IES 1 172.31.100.0/24 172.31.200.0/24...

  • Page 283

    Advanced Configuration Guide - Part I Hybrid OpenFlow Switch Releases Up To 15.0.R5 configure service ies 1 customer 1 create interface "Test-Port-A" create address 172.16.48.1/24 sap 3/1/4:10 create ingress filter ip 10 exit exit Before any flow entries are initiated from the controller, a single entry with ID 65535 (maximum) is automatically populated in the embedding filter.

  • Page 284

    Hybrid OpenFlow Switch Advanced Configuration Guide - Part I Releases Up To 15.0.R5 TCP-syn : Off TCP-ack : Off Option-pres : Off Egress PBR : Disabled Primary Action : Forward Ing. Matches : 0 pkts Egr. Matches : 0 pkts =============================================================================== An OpenFlow IP filter is also automatically created by the system with a filter ID of _tmnx_ofs_<name>:<number>, where <name>...

  • Page 285

    Advanced Configuration Guide - Part I Hybrid OpenFlow Switch Releases Up To 15.0.R5 *B:PE-4# show router bgp routes 172.31.0.0/16 longer =============================================================================== BGP Router ID:192.0.2.19 AS:65545 Local AS:65545 =============================================================================== Legend - Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid l - leaked, x - stale, >...

  • Page 286

    Hybrid OpenFlow Switch Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Util. Egress Queue 1 For. In/InplusProf ~0.00 For. Out/ExcProf : 2000 1023907 0.08 Dro. In/InplusProf 0.00 Dro. Out/ExcProf 0.00 The controller initiates an OFPT_FLOW_MOD message containing an OFPFC_ADD command to the switch to create a new flow entry.

  • Page 287

    Advanced Configuration Guide - Part I Hybrid OpenFlow Switch Releases Up To 15.0.R5 Flow Flags: IPv4 [FR] Up Time : 0d 00:01:57 Add TS : 405858646 Mod TS Stats TS : 405870241 #Packets : 115951 #Bytes : 59366912 ------------------------------------------------------------------------------- Number of flows: 2 =============================================================================== The first flow entry shown is the table-miss entry with an action of fall-through (or forward).

  • Page 288

    Hybrid OpenFlow Switch Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Table 4 FLOW_MOD Flags (Continued) Flag Meaning Description Default SEND_FLOW_REM If set, the switch must send a Flow-Removed message when the flow entry is deleted. CHECK_OVERLAP If set, the switch must check that there are no conflicting entries with the same priority before inserting it into the flow entry table.

  • Page 289

    Advanced Configuration Guide - Part I Hybrid OpenFlow Switch Releases Up To 15.0.R5 For. Out/ExcProf : 1000 512186 0.04 Dro. In/InplusProf 0.00 Dro. Out/ExcProf 0.00 FLOW_MOD messages allow for flow entries to be associated with hard and idle timeouts, which are not currently used by SR OS. Although timeout values can be passed by a controller in a FLOW_MOD message, they are effectively ignored.

  • Page 290: Figure 67 Example Topology For Openflow Within A Service Routing Context

    Hybrid OpenFlow Switch Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Figure 67 Example Topology for OpenFlow within a Service Routing Context OpenFlow Controller 192.0.2.224 PE-1 PE-2 AS 65545 192.0.2.43 192.0.2.13 PE-3 PE-4 192.168.5.0/30 VPRN 5 192.0.2.45 192.0.2.19 EBGP 192.168.5.8/30 Test Port B...

  • Page 291

    Advanced Configuration Guide - Part I Hybrid OpenFlow Switch Releases Up To 15.0.R5 The filter is applied at PE-4 on the SAP connecting test port A, as follows: configure service vprn 5 customer 1 create interface "Test-Port-A" create address 192.168.5.9/30 sap 3/1/4:5 create ingress filter ip 20...

  • Page 292

    Hybrid OpenFlow Switch Advanced Configuration Guide - Part I Releases Up To 15.0.R5 =============================================================================== An OpenFlow IP filter, _tmnx_ofs_ofs-1:16, is also automatically created by the system and contains all of the flow entries dynamically created by the OpenFlow switch ofs-1 for service ID 5. This filter acts as a repository for active flow entries specific to that service context and its purpose has been previously described.

  • Page 293

    Advanced Configuration Guide - Part I Hybrid OpenFlow Switch Releases Up To 15.0.R5 PE-1 is egressing traffic at a rate of 2000 packets/s toward test port B, representing the sum of the two 1000 packets/s test streams, as follows: B:PE-1# monitor service id 1 sap 5/1/3:10 rate =============================================================================== Monitor statistics for Service 1 SAP 5/1/3:10 ===============================================================================...

  • Page 294

    Hybrid OpenFlow Switch Advanced Configuration Guide - Part I Releases Up To 15.0.R5 In Port Outer VID : * EthType : 0x0800 Src IP : 172.16.2.128/25 Dst IP IP Proto DSCP Src Port Dst Port ICMP Type : * ICMP Code : * Label Action : Forward On Nhop(Indirect)

  • Page 295

    Advanced Configuration Guide - Part I Hybrid OpenFlow Switch Releases Up To 15.0.R5 The preferred next-hop for traffic destined to prefix 172.16.1.0/24 is PE-1. The indirect next-hop address of 192.168.5.6 represents the (simulated) CE WAN address of test port C, and is known in the routing table of VPRN 5 with a next-hop of PE-5 (192.0.2.46), as follows: B:PE-4# show router 5 route-table 192.168.5.6 ===============================================================================...

  • Page 296

    Hybrid OpenFlow Switch Advanced Configuration Guide - Part I Releases Up To 15.0.R5 =============================================================================== Monitor statistics for Service 5 SAP lag-1:5 =============================================================================== ---snip--- Packets Octets % Port Util. Egress Queue 1 For. In/InplusProf 0.00 For. Out/ExcProf : 1000 512000 0.04 Dro.

  • Page 297: Table 5 Supported Redirect Actions

    Advanced Configuration Guide - Part I Hybrid OpenFlow Switch Releases Up To 15.0.R5 Table 5 Supported Redirect Actions Action Applicability Action Type Remarks Redirect to IP IPv4/IPv6 traffic OFPAT_EXPERIMENTER Next-hop can be direct or Next-Hop ingressing an IP interface (ALU_AXN_REDIRECT_TO_N indirect EXTHOP) Redirect to...

  • Page 298

    Hybrid OpenFlow Switch Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Table 5 Supported Redirect Actions Action Applicability Action Type Remarks Redirect to SAP Traffic ingressing a VPLS Action 1: OFPAT_OUTPUT TmnxPortId encoding in interface <port> TIMETRA-CHASSIS-MIB (port) or LAG TIMETRA-TC- <port>...

  • Page 299

    Advanced Configuration Guide - Part I Hybrid OpenFlow Switch Releases Up To 15.0.R5 B:PE-4# tools dump system-resources 3 Resource Manager info at 049 d 12/01/16 09:10:18.148: Hardware Resource Usage for Slot #3, CardType imm12-10gb-sf+, Cmplx #0: Total | Allocated | Free -------------------------------|-----------|-----------|------------ ---snip---...

  • Page 300

    Hybrid OpenFlow Switch Advanced Configuration Guide - Part I Releases Up To 15.0.R5 3HE 13717 AAAA TQZZA 01 Issue: 01...

  • Page 301: Lfa Policies Using Ospf As Igp

    Advanced Configuration Guide - Part I LFA Policies Using OSPF as IGP Releases Up To 15.0.R5 LFA Policies Using OSPF as IGP This chapter provides information about LFA policies using OSPF as IGP. Topics in this chapter include: • Applicability •...

  • Page 302

    LFA Policies Using OSPF as IGP Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Implementation The SROS LFA policy implementation is built around the concept of route-next-hop (NH) templates which are applied to IP interfaces. A route-next-hop template specifies criteria which influence the selection of an LFA backup NH for either: •...

  • Page 303

    Advanced Configuration Guide - Part I LFA Policies Using OSPF as IGP Releases Up To 15.0.R5 Figure 68 Example Topology PE-1 PE-2 PE-3 192.0.2.1/32 192.0.2.2/32 192.0.2.3/32 1/1/1 1/1/2 1/1/1 1/1/2 192.168.12.0/30 192.168.23.0/30 1/1/3 1/2/1 1/1/2 1/1/1 1/1/4 1/1/3 1/1/3 1/1/3 1/1/1 1/1/4 1/1/2...

  • Page 304

    LFA Policies Using OSPF as IGP Advanced Configuration Guide - Part I Releases Up To 15.0.R5 =============================================================================== Destination Owner Encap TunnelId Pref Nexthop Metric ------------------------------------------------------------------------------- 192.0.2.1/32 MPLS 65537 192.168.12.1 192.0.2.3/32 MPLS 65538 192.168.23.2 192.0.2.4/32 MPLS 65539 192.168.24.2 192.0.2.5/32 MPLS 65540 192.168.12.1 192.0.2.6/32 MPLS...

  • Page 305

    Advanced Configuration Guide - Part I LFA Policies Using OSPF as IGP Releases Up To 15.0.R5 Alt-NextHop Alt- Metric ------------------------------------------------------------------------------- 192.0.2.1/32 Remote OSPF 00h11m32s 192.168.12.1 192.168.26.2 (LFA) 192.0.2.2/32 Local Local 00h11m44s system 192.0.2.3/32 Remote OSPF 00h11m18s 192.168.23.2 192.168.24.2 (LFA) 192.0.2.4/32 Remote OSPF 00h11m12s...

  • Page 306

    LFA Policies Using OSPF as IGP Advanced Configuration Guide - Part I Releases Up To 15.0.R5 =============================================================================== LDP Bindings (IPv4 LSR ID 192.0.2.2) (IPv6 LSR ID ::) =============================================================================== Legend: U - Label In Use, N - Label Not In Use, W - Label Withdrawn WP - Label Withdraw Pending, BU - Alternate For Fast Re-Route LF - Lower FEC, UF - Upper FEC (S) - Static...

  • Page 307

    Advanced Configuration Guide - Part I LFA Policies Using OSPF as IGP Releases Up To 15.0.R5 192.0.2.5/32 Push 262139BU 192.168.24.2 1/2/1 192.0.2.5/32 Swap 262139 262139 192.168.12.1 1/1/2 192.0.2.5/32 Swap 262139 262139BU 192.168.24.2 1/2/1 192.0.2.6/32 Push 262143 192.168.26.2 1/1/3 192.0.2.6/32 Push 262138BU 192.168.12.1 1/1/2...

  • Page 308

    LFA Policies Using OSPF as IGP Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Commands within a route-next-hop policy template follow the begin- abort-commit model. After a commit, the IGP re-evaluates the template and schedules a new LFA SPF to re-compute the LFA NH for the prefixes associated with this template.

  • Page 309

    Advanced Configuration Guide - Part I LFA Policies Using OSPF as IGP Releases Up To 15.0.R5 *A:PE-x# configure router route-next-hop-policy template <template-name> exclude- group <group-name> *A:PE-x# configure router route-next-hop-policy template <template-name> include- group <group-name> [pref <preference>] Step 4. Configure SRLG constraints in route-next-hop policy. This is an optional step in the context of LFA policies.

  • Page 310

    LFA Policies Using OSPF as IGP Advanced Configuration Guide - Part I Releases Up To 15.0.R5 This is an optional step in the context of LFA policies. With the use of LFA policies, the user can also select if tunnel backup NH or IP backup NH is preferred for IP prefixes and LDP FEC prefixes protected by a backup LFA NH.

  • Page 311

    Advanced Configuration Guide - Part I LFA Policies Using OSPF as IGP Releases Up To 15.0.R5 =============================================================================== Prefix IngLbl EgrLbl EgrNextHop EgrIf/LspId ------------------------------------------------------------------------------- 192.0.2.1/32 Push 262143 192.168.12.1 1/1/2 192.0.2.1/32 Push 262142BU 192.168.26.2 1/1/3 192.0.2.1/32 Swap 262142 262143 192.168.12.1 1/1/2 192.0.2.1/32 Swap 262142 262142BU...

  • Page 312

    LFA Policies Using OSPF as IGP Advanced Configuration Guide - Part I Releases Up To 15.0.R5 This default LFA NH can be changed by adding specific selection criteria inside a route-next-hop policy template. Example 1: LFA Policy with Admin Group Constraint The objective is to force the LFA NH for both LDP FEC prefixes to use the path between PE-2 and PE-5.

  • Page 313

    Advanced Configuration Guide - Part I LFA Policies Using OSPF as IGP Releases Up To 15.0.R5 (I) - SR-ISIS Next Hop (O) - SR-OSPF Next Hop (C) - FEC resolved with class-based-forwarding =============================================================================== LDP IPv4 Prefix Bindings (Active) =============================================================================== Prefix IngLbl EgrLbl EgrNextHop...

  • Page 314

    LFA Policies Using OSPF as IGP Advanced Configuration Guide - Part I Releases Up To 15.0.R5 *A:PE-2# Example 2: LFA Policy with SRLG Constraint The objective is to force the LFA NH for both LDP FEC prefixes to use the path from PE-2 to PE-5.

  • Page 315

    Advanced Configuration Guide - Part I LFA Policies Using OSPF as IGP Releases Up To 15.0.R5 (B) - BGP Next Hop (BU) - Alternate Next-hop for Fast Re-Route (I) - SR-ISIS Next Hop (O) - SR-OSPF Next Hop (C) - FEC resolved with class-based-forwarding =============================================================================== LDP IPv4 Prefix Bindings (Active) ===============================================================================...

  • Page 316

    LFA Policies Using OSPF as IGP Advanced Configuration Guide - Part I Releases Up To 15.0.R5 The LFA policy mapping is removed from the OSPF interfaces as follows: *A:PE-2# configure router ospf area 0 interface "int-PE-2-PE-1" no lfa-policy-map *A:PE-2# configure router ospf area 0 interface "int-PE-2-PE-6" no lfa-policy-map Example 3: LFA Policy with NH-type Constraint The objective is to force the LFA NH for IP prefix 192.0.2.6/32 to use an RSVP tunnel.

  • Page 317

    Advanced Configuration Guide - Part I LFA Policies Using OSPF as IGP Releases Up To 15.0.R5 *A:PE-2# show router tunnel-table 192.0.2.6 =============================================================================== IPv4 Tunnel Table (Router: Base) =============================================================================== Destination Owner Encap TunnelId Pref Nexthop Metric ------------------------------------------------------------------------------- 192.0.2.6/32 rsvp MPLS 192.168.24.2 16777215 192.0.2.6/32 MPLS...

  • Page 318

    LFA Policies Using OSPF as IGP Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Define a route-next-hop policy template “LFA_NH_Tunnel”, where nh-type is set to tunnel. *A:PE-2# configure router route-next-hop-policy begin template "LFA_NH_Tunnel" nh-type tunnel exit commit Apply the policy template to the interface toward PE-6, as follows: *A:PE-2# configure router ospf area 0 interface "int-PE-2-PE-6"...

  • Page 319

    Advanced Configuration Guide - Part I LFA Policies Using OSPF as IGP Releases Up To 15.0.R5 Example 4: Exclude Prefix from LFA Policy The objective is to force no LFA NH for LDP FEC prefix 192.0.2.1/32 where PE-2 is the PLR. The IP/LDP FRR implementation in SR OS allows to exclude an IGP interface, IGP area (OSPF), or IGP level (IS-IS) from the LFA SPF computation.

  • Page 320

    LFA Policies Using OSPF as IGP Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Prefix IngLbl EgrLbl EgrNextHop EgrIf/LspId ------------------------------------------------------------------------------- 192.0.2.1/32 Push 262143 192.168.12.1 1/1/2 192.0.2.1/32 Swap 262142 262143 192.168.12.1 1/1/2 ------------------------------------------------------------------------------- No. of IPv4 Prefix Active Bindings: 2 =============================================================================== *A:PE-2# Conclusion...

  • Page 321: Pbr/pbf Redundancy

    Advanced Configuration Guide - Part I PBR/PBF Redundancy Releases Up To 15.0.R5 PBR/PBF Redundancy This chapter provides information about PBR/PBF Redundancy. Topics in this chapter include: • Applicability • Overview • Configuration • Conclusion Applicability The information and configuration in this chapter are based on SR OS Release 14.0.R7.

  • Page 322

    PBR/PBF Redundancy Advanced Configuration Guide - Part I Releases Up To 15.0.R5 • Different QoS treatment can be provided, based on additional criteria • Cost saving: time-sensitive traffic can be sent over higher-speed links at a higher cost, while bulk file transfers are sent over lower-speed links at a lower cost •...

  • Page 323

    Advanced Configuration Guide - Part I PBR/PBF Redundancy Releases Up To 15.0.R5 Figure 69 PBF in VPLS 1 on PE-1 PE-1 PE-2 CE-10 172.16.10.1/24 1/1/3:1 1/1/1:1 1/1/2:1 VPLS 1 VPLS 1 1/1/2:1 1/1/1:1 Ingress filter 1/1/1:1 1/1/2:1 1/1/2:1 1/1/1:1 1/1/3:1 VPLS 1 VPLS 1 CE-40...

  • Page 324

    PBR/PBF Redundancy Advanced Configuration Guide - Part I Releases Up To 15.0.R5 [no] log - Configure log for the filter entry [no] match + Configure match criteria for this mac filter entry [no] pbr-down-actio* - Configure action that overrides default PBR/PBF down action. 'no pbr-down-action-override' preserves default PBR/PBF down action, which varies for different actions.

  • Page 325

    Advanced Configuration Guide - Part I PBR/PBF Redundancy Releases Up To 15.0.R5 exit This IPv4 filter only affects packets with IPv4 SA 172.16.10.1/24 and IPv4 DA 172.16.10.4/24. When the primary action SAP 1/1/1:1 is operationally up, the primary action is executed; when SAP 1/1/1:1 is operationally down, the secondary action is executed, until SAP 1/1/1:1 is operationally up again.

  • Page 326

    PBR/PBF Redundancy Advanced Configuration Guide - Part I Releases Up To 15.0.R5 When the primary action SAP 1/1/1:1 is operationally up (PBR Target Status: Up), the primary action is executed (Downloaded Action: Primary), as follows: *A:PE-1# show filter ip 10 =============================================================================== IP Filter ===============================================================================...

  • Page 327

    Advanced Configuration Guide - Part I PBR/PBF Redundancy Releases Up To 15.0.R5 *A:PE-1# configure filter ip-filter 10 entry 10 sticky-dest - no sticky-dest - sticky-dest <hold-time-up> - sticky-dest no-hold-time-up <hold-time-up> : 0..65535 seconds When both the primary action SAP 1/1/1:1 and the secondary action SAP 1/1/2:1 are down, the default action is drop, unless the pbr-down-action-override <filter- action>...

  • Page 328: Figure 70 Example Topology

    PBR/PBF Redundancy Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Figure 70 Example Topology PE-1 PE-2 192.168.0.1/32 192.168.0.2/32 CE-10 1/1/3 1/1/1 192.168.12.0/30 1/1/2 1/1/2 1/1/1 192.168.13.0/30 192.168.24.0/30 1/1/1 1/1/2 1/1/2 192.168.34.0/30 1/1/1 1/1/3 CE-40 PE-3 PE-4 192.168.0.3/32 192.168.0.4/32 26308 The initial configuration is as follows: •...

  • Page 329

    Advanced Configuration Guide - Part I PBR/PBF Redundancy Releases Up To 15.0.R5 6. The primary action SAP 1/1/1:1 is put in a no shutdown state. The primary action is executed. 7. Stickiness is configured with a hold timer of 60 seconds. At timer expiry, stickiness takes effect.

  • Page 330

    PBR/PBF Redundancy Advanced Configuration Guide - Part I Releases Up To 15.0.R5 filter ip 10 exit exit spoke-sdp 12:1 create exit spoke-sdp 13:1 create exit no shutdown exit When all SAPs are up, all packets from CE-10 enter SAP 1/1/3:1 and are forwarded to primary action SAP 1/1/1:1.

  • Page 331

    Advanced Configuration Guide - Part I PBR/PBF Redundancy Releases Up To 15.0.R5 All traffic is forwarded from ingress SAP 1/1/3:1 to SAP 1/1/1:1 and the reply messages from SAP 1/1/1:1 to SAP 1/1/3:1. No packets are forwarded via SAP 1/1/2:1. When the primary action SAP 1/1/1:1 is operationally up, the primary action is executed, as follows: *A:PE-1# show filter ip 10...

  • Page 332

    PBR/PBF Redundancy Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Next Hop : 1/1/1:1 Service Id PBR Target Status : Down Secondary Action : Forward (SAP) Next Hop : 1/1/2:1 Service Id PBR Target Status : Up PBR Down Action : Drop (entry-default) Downloaded Action : Secondary...

  • Page 333

    Advanced Configuration Guide - Part I PBR/PBF Redundancy Releases Up To 15.0.R5 Egr. Matches : 0 pkts =============================================================================== PBR Down Action Override Both SAPs remain in a shutdown state. The default PBR down action is drop, but that can be overruled by configuring the pbr-down-action-override parameter, as follows: *A:PE-1# configure filter ip-filter 10 entry 10 pbr-down-action-override forward With this configuration added in entry 10 of IPv4 filter 10, the PBR down action will...

  • Page 334

    PBR/PBF Redundancy Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Secondary Action : Forward (SAP) Next Hop : 1/1/2:1 Service Id PBR Target Status : Down PBR Down Action : Forward (pbr-down-action-override) Downloaded Action : Forward Dest. Stickiness : None Hold Remain Ing.

  • Page 335

    Advanced Configuration Guide - Part I PBR/PBF Redundancy Releases Up To 15.0.R5 Primary Action Up - Revertive Behavior As well as the secondary action SAP, also the primary action SAP 1/1/1:1 is re- enabled, as follows: *A:PE-1# configure service vpls 1 sap 1/1/1:1 no shutdown The default PBR/PBF behavior is revertive;...

  • Page 336

    PBR/PBF Redundancy Advanced Configuration Guide - Part I Releases Up To 15.0.R5 The hold remain timer starts counting down when stickiness is configured and at least one PBR target is up. If the primary action SAP 1/1/1:1 remains operationally up for the configured 60 seconds, the primary action will be active, and at timer expiry, stickiness applies.

  • Page 337

    Advanced Configuration Guide - Part I PBR/PBF Redundancy Releases Up To 15.0.R5 Secondary Action : Forward (SAP) Next Hop : 1/1/2:1 Service Id PBR Target Status : Up PBR Down Action : Forward (pbr-down-action-override) Downloaded Action : Secondary Dest. Stickiness : 60 Hold Remain : 29...

  • Page 338

    PBR/PBF Redundancy Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Force Primary Action Stickiness can be enabled without any delay, as follows: *A:PE-1# configure filter ip-filter 10 entry 10 sticky-dest no-hold-time-up *A:PE-1# configure filter *A:PE-1>config>filter# info ---------------------------------------------- ip-filter 10 create entry 10 create action forward sap 1/1/1:1...

  • Page 339

    Advanced Configuration Guide - Part I PBR/PBF Redundancy Releases Up To 15.0.R5 The secondary action is active and will remain active as long as the secondary action SAP 1/1/2:1 is up. The hold remain timer is not enabled (== value 0). When the primary action SAP 1/1/1:1 is operationally up again, the secondary action remains active, as follows: *A:PE-1# configure service vpls 1 sap 1/1/1:1 no shutdown...

  • Page 340

    PBR/PBF Redundancy Advanced Configuration Guide - Part I Releases Up To 15.0.R5 PBR Target Status : Up PBR Down Action : Forward (pbr-down-action-override) Downloaded Action : Primary Dest. Stickiness Hold Remain Ing. Matches : 11000 pkts (1166000 bytes) Egr. Matches : 0 pkts =============================================================================== This tools command can also be used in combination with a running sticky-...

  • Page 341

    Advanced Configuration Guide - Part I PBR/PBF Redundancy Releases Up To 15.0.R5 *A:PE-1# show filter mac 20 =============================================================================== Mac Filter =============================================================================== Filter Id : 20 Applied : Yes Scope : Template Def. Action : Drop Entries Type : normal Description : (Not Specified) ------------------------------------------------------------------------------- Filter Match Criteria : Mac...

  • Page 342

    PBR/PBF Redundancy Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Figure 71 PBR in a VPRN PE-1 PE-2 CE-11 172.16.111.2/30 1/1/3:2 1/1/1:2 172.16.12.0/30 VPRN 2 VPRN 2 1/1/2:2 Ingress filter 172.16.13.0/30 172.16.24.0/30 172.16.34.0/30 VPRN 2 VPRN 2 CE-41 172.16.114.2/30 PE-3 PE-4...

  • Page 343

    Advanced Configuration Guide - Part I PBR/PBF Redundancy Releases Up To 15.0.R5 exit action secondary forward next-hop 172.16.13.2 router 2 exit exit configure service vprn 2 interface "int-PE-1-CE-11_VPRN2" sap 1/1/3:2 ingress filter ip 30 The primary action forwards packets from CE-11 to next-hop 172.16.12.2, which is an interface in VPRN 2 on PE-2;...

  • Page 344

    PBR/PBF Redundancy Advanced Configuration Guide - Part I Releases Up To 15.0.R5 *A:PE-1# configure service vprn 2 interface "int-PE-1-PE-2_VPRN2" sap 1/1/1:2 shutdown *A:PE-1# show filter ip 30 =============================================================================== IP Filter =============================================================================== Filter Id : 30 Applied : Yes Scope : Template Def.

  • Page 345

    Advanced Configuration Guide - Part I PBR/PBF Redundancy Releases Up To 15.0.R5 Conclusion Operators can define two targets for L2 and L3 traffic steering (PBF and PBR): primary and secondary. The primary target is used when both targets are up; the secondary target is used when the primary is down.

  • Page 346

    PBR/PBF Redundancy Advanced Configuration Guide - Part I Releases Up To 15.0.R5 3HE 13717 AAAA TQZZA 01 Issue: 01...

  • Page 347: Rate Limit Filter Action

    Advanced Configuration Guide - Part I Rate Limit Filter Action Releases Up To 15.0.R5 Rate Limit Filter Action This chapter provides information about Rate Limit Filter Action. Topics in this chapter include: • Applicability • Overview • Configuration • Conclusion Applicability This chapter is applicable to SR OS routers and is based on SR OS Release 14.0.R7.

  • Page 348

    Rate Limit Filter Action Advanced Configuration Guide - Part I Releases Up To 15.0.R5 QoS Interaction On ingress, if the MAC or IPv4/IPv6 filter action indicates that traffic must be rate limited, this traffic is redirected to a rate-limiting filter policer before delivery to the switching fabric.

  • Page 349

    Advanced Configuration Guide - Part I Rate Limit Filter Action Releases Up To 15.0.R5 Figure 73 Rate Limit Filters and FlexPaths Rate Limit int-1 int-1 Policer-1 filter-1 filter-1 Rate Limit Policer-1 Rate int-2 int-2 Limit filter-1 filter-2 Policer-2 26369 Use caution when applying filter-based rate limiting to SAPs on group interfaces, because group interfaces can host many ESM subscribers, which could defeat per- subscriber and per-ESM host rate limiting.

  • Page 350

    Rate Limit Filter Action Advanced Configuration Guide - Part I Releases Up To 15.0.R5 Figure 74 Example Configuration VPRN-1 10.10.1.1 10.10.2.1 3/2/13 3/2/14 Tester T1 PE-1 Tester T2 traffic source 192.0.2.1 traffic sink 26370 The configuration of VPRN-1 on PE-1 is as follows: # R1 configure service...

  • Page 351

    Advanced Configuration Guide - Part I Rate Limit Filter