Introduction, Theory Pt.1

The authors of Segment Routing argued that running both LDP and IGP was redundant. LDP advertises labels for the exact prefixes that the IGP advertises. Why not just advertise the MPLS labels for the associated prefixes in the IGP itself? Segment Routing extends the IGP (ISIS or OSPF) to essentially do this, so you can get rid of LDP altogether. You’ll see that Segment Routing does not necessarily advertise a label per prefix, but instead it advertises a label per router, and a label per router link. More on this later.

The benefit of removing LDP is not just adminstrative. (You no longer have to maintain LDP neighborships and configure LDP). But you also need not worry about the LDP/IGP sync issue any longer. The IGP is now responisble for the labels and prefixes, so these two aspects are always synchronized.

Segment Routing also offers a very robust MPLS-TE solution which replaces RSVP-TE. With RSVP-TE you have lots of state in the network. Also, if there are two equal cost paths from CSPF’s point of view, only one path can be used. Segment routing creates no additional state in the network, and is ECMP-aware. Your traffic engineered paths, by default, will be ECMP-capable.

Using Segment Routing for MPLS-TE is called SR-TE, and is referred to as a source routing technique. The source router can program the path that a packet takes by creating a label stack of every necessary label to ensure traffic is steered along that exact path. The source decides what the path is, hence the term source routing. None of the hops in the path need to create any state for the LSP that results. They will simply see a packet with the label they advertised into the IGP, and preform a pop/swap operation.

Segment routing also handles FRR, which we saw with MPLS-TE. In MPLS-TE the backup path had to be signaled using RSVP-TE. With SR, the backup path is pre-computed by the PLR as a list of labels, and under failure conditions, traffic is “source routed” along the backup path by imposing the necessary list of labels to the packet. This functionality is enabled with a single command!

Terms

Before we see SR in action, we need to understand a few terms. Don’t worry if you don’t fully understand everything right now. After you configure SR in the lab you will gain a better understanding of how SR works. Come back to this section again afterwards to solidify your learning.

Segment

This is analogous to an MPLS label. A segment represents a forwarding instruction, such as forward to 1.1.1.1/32. The reason it is called a Segment instead of a label is that you can use SR directly in IPv6, without MPLS.

Using IPv6 for SR is called SRv6. In this case, the segment is an IPv6 address, not an MPLS label. A stack of IPv6 addresses is analogous to an MPLS label stack. The list of IPv6 addresses is present in an IPv6 extension header, called the SRH (Segment Routing Header). Routing is done based on the segment list, similar to how MPLS forwarding is done based on the label stack. A source router controls the path a packet takes by pushing a stack of segments, or segment list, to the packet in the SRH.

From here on out, we will refer to SR in the MPLS dataplane case, but understand that SPv6 (SR for IPv6) does exist, in which IPv6 is the dataplane.

Segment ID

This is the identifier for a segment. Strictly speaking, the segment is the instruction a label represents, such as forward to some other router, or forward on out a link. The segment ID is the MPLS label or IPv6 adress which is used to ID that segment. Segment and segment ID are generally interchangable. In MPLS terms, I would say that segment is roughly similar to FEC and segment ID is roughly similar to label.

Global Segment

All routers in the IGP domain support the same segment if it is a global segment. For example, label 16005 means the same thing to every router in the domain. Every router agress that label 16005 means to forward to 10.0.0.5/32 along the IGP shortest path. The label has global significance.

Local Segment

Only the node that advertised this segment supports the instruction for this segment. For example, label 34251 might be advertised by R8 and it means that R8 will forward a packet with this label out interface Gi1. Label 34251 could mean something completely different to router R6. A local segment only has significance at the router that advertised it. The router advertised it by using the IGP extensions for SR, which we will see later.

A local segment generally will only be seen as the second label under the global segment that represents that router pushed as the top label. So for label 34251 for R8, the top label will likely be the global label representing R8, and the second label will be the label that is locally significant to R8. This gets the packet to R8, and when the penultimate hop pops the R8 global label, R8 sees only the label 34251.

Prefix Segment

This is a global segment which is advertised by the IGP, and is associated with a prefix. The instruction represented by a prefix segment is to route the packet along the ECMP-aware IGP shortest path. If any router recevies a prefix segment, they all agree that it means to route the packet along their local IGP bestpath to that prefix. If they have ECMP routes to that prefix, they will do normal ECMP load-sharing.

You the administrator assign the segment to a prefix when you configure segment routing. Generally, only the loopback needs a prefix segment, as iBGP runs on the loopback, so PEs only need to form LSPs based on their loopbacks. You will see how to configure the prefix segment of a loopback later in the lab.

The fact that the prefix segment follows the IGP bestpath is actually very similar to LDP. LDP-allocated labels also represent the IGP best path to a prefix. The main difference is that LDP will by default allocate labels for every IGP prefix, including /30 transit subnets between routers. This is not really needed, as no services actually use the IPs of the physical interfaces. In SR, you can config a prefix segment only for the loopback, which actually terminates MPLS services. The /30 transit subnets do not need labels, as they are not sources/destinations for service traffic between PEs.

Segment Routing Global Block (SRGB)

Now is a good time to bring up the SRGB. This is the label range that is used by SR. Generally you want to make this the same on every router. The default label range for the SRGB is 16000-23999.

A prefix segment has a label index value, which when added to the base number of the SRGB produces the label value. For example, if we assigned R2’s loopback label index 2, then R2 will advertise that Lo0 has a label index of 2 via the IGP. Every router will individually add its SRGB base number, which is 16000 if using the default, to the index. So R2’s loopback will have label 16002 associated with it.

Why the reason for this indexing instead of just advertising the actual label? This allows routers in a domain to have different SRGBs. The SRGB is locally significant to each router, but a global segment’s index value is globally significant to the domain. Each router also advertises its SRGB in the IGP, which means that every router knows what label value every router expects for a global label such as a prefix segment. If R3 uses SRGB=30000-34999, then all routers will know that R3 has label 30002 installed in the FIB for R2’s loopback. R3’s neighbors will use this knowledge to program the correct label value that R3 will expect to see into their LFIB.

Generally, if you can help it, you want to configure all routers with the same SRGB for ease of troubleshooting. If all routers have the same SRGB, then a prefix segment essentially has a global MPLS label. If not all routers have the same SRGB, then a prefix segment only has a globally significant index value, not a globally significant MPLS label value.

Adjacency Segment

This is a local segment which is associaed with an IGP adjancency. The instruction represented by an adjacency segment is to route the packet out the link associated with the adjacency represented by this segment. In practical terms, I think it is useful to think of this as representing an IGP-enabled link. The instruction is then just to send the packet out this specific link. The label repsenting the link is only created when an adjancecy is actually formed on that link. (When a neighbor is discovered on the link).

Because this is a local segment, routers can allocate labels that overlap with one another, as the label is only signficant to the router that advertised it. Other nodes can use the same label value, but the meaning will be different to each node.

As an example, if R1 has an adjacency to R2 on Gi2, and to R3 on Gi3, each interface will have an adjacency segmented allocated to it. 32012 might represent the adjacency to R2 on Gi2, and 32048 might represent R3 on Gi3. If R1 receives a packet with label 32012, it will simply send the packet out that interface. It will have to pop the label first, as 32012 will be meaningless to Gi2. R1 locally programs (32012 —> pop —> Gi2) into its LFIB.

Other routers in the topology can create TE paths by steering traffic on certain links using adjacency segments. The source router pre-programs a list of segments that represents each router’s adjacency segment for that link along the path.

Routers allocate labels for adjacency segments automatically from the dynamic label space. The administrator does not need to do anything to create this dynamic allocation. In ISIS, an adjacency SID is automatically created for each adjacency that is in the Up state. In OSPF, an adjacency SID is automatically created for each adjacency that is at least in the “2 way” state.

The label advertised into the IGP for an adjacency SID is not an index like in the global prefix segment. It is the MPLS label value itself, and it is not taken from the SRGB. So for a router with SRGB 16000-23999, you may seen an adjacency segment label value of 24012.

Test Your Understanding

Q: Under what circumstances does a packet have an adjacency-SID label?

A: Only when used for TE or fast-reroute. A prefix will never be associated with an adjacency SID. The adjacency SID represents a link, not a prefix. So adjacency SIDs are only used when traffic needs to be steered along the non-IGP best path, which would be when using TE or during a fast-reroute condition.

Q: What is the MPLS operation of an adjacency-SID label in the LFIB?

A: The operation is always “pop.” This is because the adjacency SID only has meaning to that local router, and means to remove the label and steer the packet out the interface for that adjacency.