JunosE 11.3.x BGP and MPLS Configuration Guide
Figure 63: Bypass Tunnel
Configuration Example
296
Suppose you have configured both LER 1 and LER 2 to request bypass protection, and
have configured the following two bypass tunnels:
LSR 5 –> LSR 8 –> LSR 6
LSR 6 –> LSR 9 –> LSR 7
If link LSR 5 –> LSR 6 fails, RSVP-TE redirects traffic through LSR 5 –> LSR 8 –> LSR 6.
If link LSR 6 –> LSR 7 fails, RSVP-TE redirects traffic through LSR 6 –> LSR 9 –> LSR 7.
These two bypass tunnels therefore protect all LSPs routed from LER 1 or LER 2 through
LSRs 5, 6, and 7. Notice in Figure 63 on page 296 that if both protected links fail, traffic is
still safely redirected through LSR 5 –> LSR 8 –> LSR 6 –> LSR 9 –> LSR 7.
If you want to protect an LSP that traverses N nodes against a failure in any link, then
you must configure N-1 bypass tunnels. As shown in Figure 63 on page 296, each of those
bypass tunnels in turn can protect multiple tunnels.
On detecting the link failure, the PLR redirects traffic arriving on all of the protected
primary tunnels to the bypass tunnel that protects the failed link. An additional label
representing the bypass tunnel is stacked on the redirected packets. This label is popped
either at the router that is the remote end of the protected link or at the penultimate hop.
The merge point therefore sees traffic with the original label representing the primary
tunnel.
When the ingress router learns by RSVP-TE signaling that local protection (a bypass
tunnel) is in use, it attempts to find a new optimal path for the tunnel, based on the
configured path options. The ingress router sets up the new tunnel before it tears down
the old tunnel with the failed link, and switches its traffic to the new tunnel.
You can use the tunnel mpls path-option command to configure path options on the
bypass tunnel. However, the link being protected by the bypass tunnel must not be in
the path if you specify an explicit path.
The following steps show a partial configuration using the topology in Figure 63 on
page 296:
Copyright © 2010, Juniper Networks, Inc.