Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Example: Tunneling LDP over SR-TE

 

Use this example to learn how to tunnel LDP LSPs over SR-TE in your core network.

Requirements

This example uses the following hardware and software components:

  • MX Series routers as CE, PE, and core routers.

  • Junos OS Release 20.3R1 or later running on all devices.

Overview

The following topology (Figure 1) shows two LDP domains (LDP Domain A and LDP Domain B) connected to the SR-TE core network, which extends the LSP session over the core by tunneling them over SR-TE.

Topology

Figure 1: Tunneling LDP over SR-TE in the Core Network
Tunneling LDP
over SR-TE in the Core Network

Table 1: Describes the domains, routers, and connections in the Topology

Domain

Devices

Router ID/lo0 Address

Connection Details

LDP Domain A

CE1

192.168.11.11

Connected to PE1 through interface ge-0/0/1, assigned IP address 192.168.1.1/24.

PE1

192.168.22.22

Connected to CE1 through interface ge-0/0/1, assigned IP address 192.168.1.2/24.

Connected to R1 through interface ge-0/0/3, assigned IP address 192.168.2.1/24.

SR-TE Domain

(core network)

R1

192.168.33.33

Connected to R2 through interface ge-0/0/1, assigned IP address 192.168.3.1/24.

Connected to R3 through interface ge-0/0/2, assigned IP address 192.168.4.1/24.

Connected to PE1 through interface ge-0/0/3, assigned IP address 192.168.2.2/24.

R2

192.168.44.44

Connected to R1 through interface ge-0/0/1, assigned IP address 192.168.3.2/24.

Connected to R4 through interface ge-0/0/2, assigned IP address 192.168.6.2/24.

Connected to PE2 through interface ge-0/0/3, assigned IP address 192.168.7.2/24.

R3

192.168.55.55

Connected to R4 through interface ge-0/0/1, assigned IP address 192.168.5.1/24.

Connected to R1 through interface ge-0/0/2, assigned IP address 192.168.4.2/24.

R4

192.168.66.66

Connected to R3 through the interface ge-0/0/1 assigned with IP address 192.168.5.2/24.

Connected to R2 through the interface ge-0/0/2 assigned with IP address 192.168.6.1/24.

LDP Domain B

PE2

192.168.77.77

Connected to CE2 through the interface ge-0/0/2 assigned with IP address 192.168.8.1/24.

Connected to R2 through the interface ge-0/0/3 assigned with IP address 192.168.7.2/24.

CE2

192.168.88.88

Connected to PE2 through the interface ge-0/0/2 assigned with IP address 192.168.8.2/24.

Configuration

To tunnel LDP LSP over SR-TE in your core network, perform these tasks:

CLI Quick Configuration

To quickly configure this example, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, copy and paste the commands into the CLI at the [edit] hierarchy level, and then enter commit from configuration mode.

Device CE1

Device PE1

Device R1

Device R2

Device R3

Device R4

Device PE2

Device CE2

Configuring CE1

Step-by-Step Procedure

The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.

To configure device CE1:

  1. Configure the network services mode as Enhanced IP. Enhanced IP sets the router's network services to enhanced Internet Protocol and uses enhanced mode capabilities.

    After you configure the enhanced-ip statement and commit the configuration, the following warning message appears prompting you to reboot the router:

    The reboot brings up the FPCs on the router.

  2. Configure the interfaces to enable IP transport.
  3. Configure the loopback interface to enable service endpoints.
  4. Configure routing options to identify the router in the domain.
  5. Enable OSPF protocols on the interface.

Results

From configuration mode, confirm your configuration by entering the show chassis, show interfaces, show routing-options, and show protocols commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

Configuring PE1

Step-by-Step Procedure

The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.

To configure device PE1:

  1. Configure the network services mode as Enhanced IP. Enhanced IP sets the router's network services to enhanced Internet Protocol and uses enhanced mode capabilities.

    After you configure the enhanced-ip statement and commit the configuration, the following warning message appears prompting you to reboot the router:

    The reboot brings up the FPCs on the router.

  2. Configure the interfaces to enable IP and MPLS transport.
  3. Configure the loopback interface to provide an LSP tunnel and BGP peering endpoint.
  4. Configure policy options to export BGP routes to the CE router, which runs the OSPF protocol in this example.
  5. Configure a Layer 3 VPN routing instance to support the OSPF-based CE1 device.
  6. Configure routing options to identify the router in the domain.
  7. Configuring ISIS and LDP on the interfaces connected to the core network.
  8. Configure BGP between the provider edge routers.

Results

From configuration mode, confirm your configuration by entering the show chassis, show interfaces, show policy-options, show routing-instances,show routing-options, and show protocols commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

Configuring R1 Device

Step-by-Step Procedure

The following example requires you to navigate various levels in the configuration hierarchy.For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.

To configure device R1:

  1. Configure the network services mode as Enhanced IP. Enhanced IP sets the router's network services to enhanced Internet Protocol and uses enhanced mode capabilities.

    After you configure the enhanced-ip statement and commit the configuration, the following warning message appears prompting you to reboot the router:

    The reboot brings up the FPCs on the router.

  2. Configure the interfaces to enable IP and MPLS transport.
  3. Configure the loopback interface to enable tunnel endpoints and service endpoints.
  4. Configure routing options to identify the router in the domain.
  5. Configure ISIS adjacency SIDs on the interfaces and allocate SRGB labels to enable segment routing. The labels in the entire SRGB are available for ISIS. Prefix SIDs (and Node SIDs) are indexed from the SRGB.
  6. Configure TI-LFA to enable protection against link and node failures. SR using TI-LFA provides faster restoration of network connectivity by routing the traffic instantly to a backup or an alternate path if the primary path fails or becomes unavailable.
  7. Configure ISIS traffic engineering parameters.
  8. Enable LDP tunneling over SR-TE.
  9. Configure MPLS and LDP protocols on the interfaces in the LDP domain to exchange labels in the LDP domain.
  10. Enable targeted LDP session between the edge routers in the LDP domain.
  11. Configure a segment list to route the traffic to a specific path.
  12. Configure SR-TE LSP to the remote edge routers to enable LDP tunneling over SR-TE.

Results

From configuration mode, confirm your configuration by entering the show chassis, show interfaces, show routing-options, and show protocols commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

Configuring R2 Device

Step-by-Step Procedure

The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide..

To configure device R2:

  1. Configure the network services mode as Enhanced IP. Enhanced IP sets the router's network services to enhanced Internet Protocol and uses enhanced mode capabilities.

    After you configure the enhanced-ip statement and commit the configuration, the following warning message appears prompting you to reboot the router:

    The reboot brings up the FPCs on the router.

  2. Configure the interfaces to enable IP and MPLS transport.
  3. Configure the loopback interface to enable tunnel endpoints and service endpoints.
  4. Configure routing options to identify the router in the domain.
  5. Configure ISIS adjacency SIDs on the interfaces and allocate SRGB labels to enable segment routing. The labels in the entire SRGB are available for ISIS. Prefix SIDs (and Node SIDs) are indexed from the SRGB.
  6. Configure TI-LFA to enable protection against link and node failures. SR using TI-LFA provides faster restoration of network connectivity by routing the traffic instantly to a backup or an alternate path if the primary path fails or becomes unavailable.
  7. Configure ISIS traffic engineering parameters.
  8. Enable LDP tunneling over SR-TE.
  9. Configure MPLS and LDP protocols on the interfaces in the LDP domain to exchange labels in the LDP domain.
  10. Configure a segment list to route the traffic to a specific path.
  11. Configure SR-TE LSP to the remote edge routers to enable LDP tunneling over SR-TE.

Results

From configuration mode, confirm your configuration by entering the show chassis, show interfaces, show routing-options, and show protocols commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

Configuring R3 Device

Step-by-Step Procedure

The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.

To configure device R3:

  1. Configure the network services mode as Enhanced IP. Enhanced IP sets the router's network services to enhanced Internet Protocol and uses enhanced mode capabilities.

    After you configure the enhanced-ip statement and commit the configuration, the following warning message appears prompting you to reboot the router:

    The reboot brings up the FPCs on the router.

  2. Configure the interfaces to enable IP and MPLS transport.
  3. Configure the loopback interface to enable tunnel endpoints and service endpoints.
  4. Configure routing options to identify the router in the domain.
  5. Configure ISIS adjacency SIDs on the interfaces and allocate SRGB labels to enable segment routing. The labels in the entire SRGB are available for ISIS. Prefix SIDs (and Node SIDs) are indexed from the SRGB.
  6. Configure TI-LFA to enable protection against link and node failures. SR using TI-LFA provides faster restoration of network connectivity by routing the traffic instantly to a backup or an alternate path if the primary path fails or becomes unavailable.
  7. Configure ISIS traffic engineering parameters.
  8. Configure MPLS protocols on the interfaces.

Results

From configuration mode, confirm your configuration by entering the show interfaces, show interfaces, show routing-options, and show protocols commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

Configuring R4 Device

Step-by-Step Procedure

The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.

To configure device R4:

  1. Configure the network services mode as Enhanced IP. Enhanced IP sets the router's network services to enhanced Internet Protocol and uses enhanced mode capabilities.

    After you configure the enhanced-ip statement and commit the configuration, the following warning message appears prompting you to reboot the router:

    The reboot brings up the FPCs on the router.

  2. Configure the interfaces to enable IP and MPLS transport.
  3. Configure the loopback interface to enable tunnel endpoints and service endpoints.
  4. Configure routing options to identify the router in the domain.
  5. Configure ISIS adjacency SIDs on the interfaces and allocate SRGB labels to enable segment routing. The labels in the entire SRGB are available for ISIS. Prefix SIDs (and Node SIDs) are indexed from the SRGB.
  6. Configure TI-LFA to enable protection against link and node failures. SR using TI-LFA provides faster restoration of network connectivity by routing the traffic instantly to a backup or an alternate path if the primary path fails or becomes unavailable.
  7. Configure ISIS traffic engineering parameters.
  8. Configure MPLS protocols on the interfaces.

Results

From configuration mode, confirm your configuration by entering the show interfaces, show interfaces, show routing-options, and show protocols commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

Configuring PE2

Step-by-Step Procedure

The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.

To configure device PE2:

  1. Configure the network services mode as Enhanced IP. Enhanced IP sets the router's network services to enhanced Internet Protocol and uses enhanced mode capabilities.

    After you configure the enhanced-ip statement and commit the configuration, the following warning message appears prompting you to reboot the router:

    The reboot brings up the FPCs on the router.

  2. Configure the interfaces to enable IP and MPLS transport.
  3. Configure the loopback interface to provide an LSP tunnel and BGP peering endpoint.
  4. Configure policy options to export BGP routes to the CE router, which runs the OSPF protocol in this example.
  5. Configure a Layer 3 VPN routing instance to support the OSPF-based CE2 device.
  6. Configure routing options to identify the router in the domain.
  7. Configuring ISIS, LDP, and MPLS protocols on the interfaces connected to the core network.
  8. Configure BGP between the provider edge routers.

Results

From configuration mode, confirm your configuration by entering the show chassis, show interfaces, show policy-options, show routing-instances,show routing-options, and show protocols commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

Configuring CE2

Step-by-Step Procedure

The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.

To configure device CE2:

  1. Configure the network services mode as Enhanced IP. Enhanced IP sets the router's network services to enhanced Internet Protocol and uses enhanced mode capabilities.

    After you configure the enhanced-ip statement and commit the configuration, the following warning message appears prompting you to reboot the router:

    The reboot brings up the FPCs on the router.

  2. Configure the interfaces to enable IP transport.
  3. Configure the loopback interface to enable service endpoints.
  4. Configure routing options to identify the router in the domain.
  5. Enable OSPF protocols on the interface.

Results

From configuration mode, confirm your configuration by entering the show chassis, show interfaces, show routing-options, and show protocols commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

Verification

To confirm that the configuration is working properly, perform the following tasks:

Verifying LDP Tunneling over SR-TE

Purpose

Verify that the LDP over SR-TE tunnel is enabled and the LDP tunnel to the remote edge router is taking the right path.

Action

From operational mode, run the show spring-traffic-engineering lsp detail command.

On R1

user@R1>show spring-traffic-engineering lsp detail

On R2

user@R2>show spring-traffic-engineering lsp detail

Meaning

  • On R1, the LDP tunnel is established with the remote edge router 192.168.66.66 in the SR-TE core network. You can also see the SID label values 80104, 80204, 80304 in the output.

  • On R2, the LDP tunnel is established with the remote edge router 192.168.33.33 in the SR-TE core network. You can also see the SID label values 80504, 80300, 80200 in the output.

Verifying LDP Forwarding to the Remote PE Device

Purpose

Verify that the route to the remote PE router uses LDP forwarding and is tunneled over SR-TE.

Action

From operational mode, run the show route destination-prefix table inet.3 command.

On R1

Verify that the route to the remote PE (PE2) router is through LDP over SR-TE tunnel.

user@R1>show route 192.168.77.77 table inet.3

On R2

Verify that the route to the remote PE (PE1) router is through LDP over SR-TE tunnel.

user@R2>show route 192.168.22.22 table inet.3

On PE1

Verify that the route to the remote PE (PE2) router is through a targeted LDP session to the remote PE.

user@PE1>show route 192.168.77.77 table inet.3

On PE2

Verify that the route to the remote PE (PE1) router is through a targeted LDP session to the remote PE.

user@PE2>show route 192.168.22.22 table inet.3

Meaning

  • On R1, you can see the LDP label as 17 and the SR-TE label stacks as 80304, 80204, 85003, 85004.

  • On R2, you can see the LDP label as 17 and the SR-TE label stacks as 80200, 80300, 85004, 85003.

  • On PE1, you can see the LDP label as 18.

  • On PE2, you can see the LDP label as 19.

Verifying LDP Sessions Between Edge and PE Routers

Purpose

Verify that LDP sessions are established between the PE and Edge routers, between the edge routers (through SR-TE tunneling), and between the CE devices over the SR-TE core.

Action

From operational mode, run the show ldp session command.

On R1

Verify that the LDP sessions are established with the connected PE (PE1) router and the remote edge router (R2).

user@R1>show ldp session

On R2

Verify that the LDP sessions are established with the connected PE (PE2) router and the remote edge router (R1).

user@R2>show ldp session

On PE1

Verify that the LDP session is established with the connected edge router in the SR-TE core.

user@PE1>show ldp session

On PE2

Verify that the LDP session is established with the connected edge router in the SR-TE core.

user@PE2>show ldp session

Meaning

  • On R1, LDP sessions are established with the connected PE1 (192.168.22.22) router and with the remote edge router R2 (192.168.66.66), which is a tunneled LDP session that extends the LDP domain over the SR-TE core.

  • On R2, LDP sessions are established with the connected PE2 (192.168.77.77) router and with the remote edge router R2 (192.168.33.33), which is a tunneled LDP session that extends the LDP domain over the SR-TE core.

  • On PE1, LDP sessions are established with the connected edge router R1 (192.168.33.33), which is a tunneled LDP session that extends the LDP domain over the SR-TE core.

  • On PE2, LDP sessions are established with the connected edge router R2 (192.168.66.66), which is a tunneled LDP session that extends the LDP domain over the SR-TE core.

Verifying the Advertised Label

Purpose

Verify the labels advertised for the forwarding equivalence class (FEC).

Action

From operational mode, run the show ldp database command.

On R1

Verify the labels advertised towards the directly connected PE (PE1) and the labels received from remote edge router (R2).

user@R1>show ldp database

On R2

Verify the labels advertised towards the directly connected PE (PE2) and the labels received from remote edge router (R1).

user@R2>show ldp database

On PE1

Verify the label for the remote PE (PE2) device's loopback address is advertised by edge device R1 to the local PE (PE1) device.

user@PE1>show ldp database

On PE2

Verify the label for the remote PE (PE1) device's loopback address is advertised by edge device R2 to the local PE (PE2) device.

user@PE2>show ldp database

Meaning

  • On R1, you can see label 18 is advertised towards the directly connected PE (PE1) and the label 17 is received from remote edge router (R2).

  • On R2, you can see label 19 is advertised towards the directly connected PE (PE2) and the label 17 is received from remote edge router (R1).

  • On PE1, you can see label 18 is received from the remote edge router (R2).

  • On PE2, you can see label 19 is received from the remote edge router (R1).