The (Unofficial) CCNP-SP Study Guide
  • About
    • About the Author
    • About This Study Guide
  • MPLS
    • LDP
      • LDP Transport Address
      • LDP Conditional Advertisement
      • LDP Authentication
      • LDP/IGP Sync
      • LDP Session Protection
    • MPLS-TE
      • MPLS-TE Basics, Pt. 1 (TED)
      • MPLS-TE Basics, Pt.2 (RSVP)
      • MPLS-TE Basics, Pt.3 (CSPF)
      • MPLS-TE Basics, Pt.4 (Routing)
      • MPLS-TE Fast Reroute (FRR)
      • MPLS-TE with OSPF
    • Unified MPLS
    • Segment Routing
      • Introduction, Theory Pt.1
      • Introduction, Lab (OSPF) Pt.2
      • Introduction, Lab (ISIS) Pt. 3
      • Multi-Area/Level Segment Routing
      • Segment Routing using BGP
      • Migrating LDP to SR
      • LDP/SR Interworking
      • TI-LFA Pt. 1 (Theory)
      • TI-LFA Pt. 2 (Implementation)
      • TI-LFA Pt. 3 (Node and SRLG Protection)
      • SR-TE Pt. 1 (Overview)
      • SR-TE Pt. 2 (Creating an SR-TE Policy)
      • SR-TE Pt. 3 (Using a PCE)
      • SR-TE Pt. 4 (Automated Steering)
      • SR-TE Pt. 5 (On-Demand Nexthop)
      • SR-TE Pt. 6 (Flex Algo)
    • MPLS OAM
      • Classic Traceroute Behavior in MPLS Networks
      • LSP Ping
      • LSP Traceroute
  • Routing
    • BGP
      • BGP Synchronization
      • BGP Load Sharing (Multipath)
      • An Intuitive Look at Path Attributes
      • AS Path Prepending on XE and XR
      • RPL
    • BGP Security
      • BGP TTL Security, Pt. 1
      • BGP TTL Security, Pt. 2 (IOS-XE)
      • BGP TTL Security, Pt. 3 (IOS-XR)
      • BGP MD5 Authentication
      • BGP Maximum Prefixes
      • BGP RFD (Route Flap Dampening)
      • RTBH
      • Flowspec
      • BGPsec
    • L3VPN
      • An In-Depth Look at RD and RT, Pt. 1
      • An In-Depth Look at RD and RT, Pt. 2
      • An In-Depth Look at RD and RT, Pt. 3
      • An In-Depth Look at RD and RT, Pt. 4
      • Inter-AS L3VPN Pt. 1, Overview
      • Inter-AS L3VPN Pt. 2, Option A
      • Inter-AS L3VPN Pt. 3, Option B
      • Inter-AS L3VPN Pt. 4, Option C
      • CSC (Carrier Supporting Carrier)
      • PE NAT
    • OSPF
      • Type 7 to Type 5 Translation
      • OSPF Authentication
      • Troubleshooting OSPF Adjacencies
      • OSPFv3 LSA Types
      • OSPFv3 LSAs Example (Single Area)
    • ISIS
      • The Potential for Asymmetric Routing with Multi-Area ISIS
      • Interarea Routing is Distance-Vector
      • Basic ISIS - LSPDB
      • Multitopology
      • What is the role of CLNS and CLNP in ISIS?
      • Troubleshooting ISIS Adjacencies
    • IPv6 Transition
      • Overview
      • NAT64
      • 6to4
      • 6RD (IPv6 Rapid Deployment)
      • DS Lite (Dual Stack Lite)
      • MAP (Mapping of Address and Port)
      • Tunneling IPv6 Dynamic Routing Protocols over IPv4
    • Multicast
      • Introduction
      • IP and MAC Addressing
      • Tree Formation and Packet Forwarding
      • IGMP
      • PIM-DM (Dense Mode)
      • PIM-SM (Sparse Mode)
      • PIM-SM SPT Switchover
      • PIM-SM Tunnel Interfaces
      • PIM DR and the Assert Message
      • PIM-SM RP Discovery
      • PIM-BiDir
      • PIM-SSM (Source-Specific Multicast)
      • Interdomain Multicast (PIM-SM)
      • IPv6 Multicast
      • mVPN Introduction
      • mVPN Profile 0
      • mVPN Profile 1
      • Multicast Routing on IOS-XR
  • L2VPN & Ethernet
    • IOS-XE Ethernet Services
      • Service Instances
      • E-Line
      • E-LAN (VPLS)
      • E-Tree
      • E-Access
      • VPLS with BGP Autodiscovery
      • Martini/Kompella Circuits
    • EVPN
      • Introduction to EVPN
      • Learning EVPN VXLAN First
      • E-Line (EVPN VPWS)
      • E-Line (EVPN VPWS) on IOS-XR
      • E-Line (EVPN VPWS) Multi-Homed
      • E-LAN (EVPN Single-Homed)
    • Carrier Ethernet
      • 802.1ah (MAC-in-MAC)
      • 802.3ah (Ethernet OAM)
      • 802.1ag (CFM)
      • Cisco REP (Resilient Ethernet Protocol)
      • ITU G.8032 ERPS (Ethernet Ring Protection Switching)
  • Security
    • CoPP (Control Plane Policing)
    • LPTS (Local Packet Transport Services)
  • Misc
    • QoS
      • QoS Introduction (Part 1)
      • QoS Tools Overview and QoS Models (Part 2)
      • QoS Classification and Marking (Part 3)
      • QoS Queuing/Congestion Management (Part 4)
      • QoS Shaping and Policing (Part 5)
      • QoS for IPv6
      • MPLS QoS Basics
      • MPLS QoS Modes
      • MPLS TE QoS (DS-TE)
      • MPLS TE CBTS/PBTS
    • Automation and Assurance
      • NSO
      • NSO Command Cheat Sheet
      • Intro to YANG/NETCONF
      • YANG In-Depth
      • NETCONF In-Depth
      • RESTCONF
      • Model-Driven Telemetry
      • Automation Tool Comparison
      • Netflow
      • SNMP
    • Virtualization
      • NFV (Network Function Virtualization)
      • OpenStack
    • Transport
      • xPON
      • SONET/SDH
      • WDM
      • 4G and 5G RAN
    • High Availability (HA)
      • NSF/GR
      • NSR
      • NSF/NSR Whitepapers
      • BFD
      • Link Aggregation on IOS-XE
      • Link Aggregation on IOS-XR
    • IOS Software Overview
  • Labs
    • Lab Challenges
      • How to Use These Labs
      • Basic LDP
      • Advanced LDP
      • BGP Security
      • Unified MPLS
      • BGP Fundamentals
      • Ethernet Services
      • L3VPN Extranet
      • Multicast
      • Inter-area OSPF
      • ISIS
      • MPLS-TE
      • Control Plane Policing
      • QoS
Powered by GitBook
On this page
  • Lab
  • Further Reading
  1. MPLS
  2. Segment Routing

SR-TE Pt. 5 (On-Demand Nexthop)

On-Demand Nexthop (ODN) solves the scalability problem we noticed in the last article, in which an SR-TE policy is needed for every single endpoint a router may have as a BGP nexthop. ODN is essentially a candidate path with no specific endpoint. ODN only specifies the color value. If any BGP route matches the color value, the router dynamically creates an SR-TE policy with the BGP nexthop as the SR-TE policy endpoint. Once the policy is dynamically created, it is no different than a regular policy. A BSID is created and BGP traffic is Auto-Steered using the policy.

A manual or “regular” policy looks like this;

segment-routing
 traffic-eng
  policy RED
   color 20 end-point ipv4 6.6.6.6
   candidate-paths
    preference 100
     dynamic
     constraints
      affinity
       include-all name RED
  • This policy only matches a BGP nexthop of 6.6.6.6

  • This policy can have multiple candidate paths. (Each candidate path has a different preference, highest is best).

A corresponding ODN candidate path looks like this. With this ODN definition, you no longer need the policy above. The policy above would be generated dynamically upon a BGP route with color=20, nexthop=6.6.6.6

segment-routing
 traffic-eng
  on-demand color 20
   dynamic
    affinity 
     include-all name RED
  • This policy matches any BGP nexthop, the only matching criteria is the color

  • The ODN policy has no candidate paths. Essentially the ODN policy itself is a candidate-path, which is used to create the policy dynamically. If there were multiple candidate paths (such as pref 100, include RED, pref 200 include BLUE) then the ODN policy could mean different things on different routers.

Once the last BGP route that matches an ODN-generated policy is withdrawn, the policy is also torn down.

The idea is that you would have a template of ODN candidate paths that are identical on every router. For example 10=low delay, 20=use RED links, etc. Each PE would just need this minimum set of ODN templates, and now any PE can generate a policy towards any other PE, simply matching on the color value of the BGP route.

Lab

In order to use the On-Demand Nexthop feature, we need to remove the current policies on R1 and replace them with on-demand poclies. We’ll also shutdown the R2 BGP neighborship so that we can watch the ODN policy “come to life” as the routes are received from R6.

#R1
segment-routing
 traffic-eng
  no policy RED
  no policy BLUE
  no policy GREEN
  on-demand color 20
   dynamic
    pcep
    exit
    affinity include-all name RED
  on-demand color 30
   dynamic
    pcep
    exit
    affinity include-all name BLUE
!
router bgp 100
 neighbor 2.2.2.2 shutdown

Currently there are no SR-TE policies on R1, because there are no BGP routes matching color 20 or 30.

RP/0/RP0/CPU0:R1#show segment-routing traffic-eng policy         
Tue Sep  6 22:22:14.709 UTC

Bring up the BGP neighborship with the RR and check the SR-TE policies again.

#R1
router bgp 100
 neighbor 2.2.2.2
  no shut

RP/0/RP0/CPU0:R1#show segment-routing traffic-eng policy tabular 
Tue Sep  6 22:23:55.767 UTC

 Color             Endpoint  Admin   Oper              Binding
                             State  State                  SID
------ -------------------- ------ ------ --------------------
    20              6.6.6.6     up     up                24009

RP/0/RP0/CPU0:R1#show segment-routing traffic-eng policy         
Tue Sep  6 22:24:06.008 UTC

SR-TE policy database
---------------------

Color: 20, End-point: 6.6.6.6
  Name: srte_c_20_ep_6.6.6.6
  Status:
    Admin: up  Operational: up for 00:00:18 (since Sep  6 22:23:47.565)
  Candidate-paths:
    Preference: 200 (BGP ODN) (shutdown)
      Requested BSID: dynamic
      Constraints:
        Affinity:
          include-all:
          RED
        Maximum SID Depth: 10 
      Dynamic (invalid)
        Metric Type: TE,   Path Accumulated Metric: 0 
    Preference: 100 (BGP ODN) (active)
      Requested BSID: dynamic
      PCC info:
        Symbolic name: bgp_c_20_ep_6.6.6.6_discr_100
        PLSP-ID: 5
      Constraints:
        Affinity:
          include-all:
          RED
        Maximum SID Depth: 10 
      Dynamic (pce 2.2.2.2) (valid)
        Metric Type: TE,   Path Accumulated Metric: 4 
          16002 [Prefix-SID, 2.2.2.2]
          16003 [Prefix-SID, 3.3.3.3]
          16006 [Prefix-SID, 6.6.6.6]
  Attributes:
    Binding SID: 24009
    Forward Class: Not Configured
    Steering labeled-services disabled: no
    Steering BGP disabled: no
    IPv6 caps enable: yes

Only one SR-TE policy is up, which is color 20. This is because we have no BGP routes with color 30. Upon receiving the BGP route with color 20 for nexthop R6, R1 tries to dynamically calculate the path itself (preference 200 above) and this fails because it is an inter-domain path. R1 then consults the PCE (preference 100) and the PCE replies with the path seen above.

This is clearly more scalable, as now R1 can calculate a path that only includes RED links to any other router in the network (inter-domain wide). In a real world deployment, all routers would have an identical set of on-demand color policies, so that any router could signal the SLA for any given BGP route using the color extcommunity attribute.

Notice that Automated Steering works with either manually configured policies, or ODN policies. The process of automated steering does not change either way. The difference is simply whether the policy has an explicit endpoint, or has no endpoint (ODN). For ODN, the router matches only on the color value of the BGP route, and dynamically creates a policy using the nexthop as the endpoint. (The policy is calculated on-demand using the BGP nexthop, hence the name “On-Demand Nexthop”).

Further Reading

PreviousSR-TE Pt. 4 (Automated Steering)NextSR-TE Pt. 6 (Flex Algo)

Last updated 2 years ago

https://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k-r6-6/segment-routing/configuration/guide/b-segment-routing-cg-asr9000-66x/b-segment-routing-cg-asr9000-66x_chapter_01000.html#id_105617