ON THIS PAGE
Example: Configuring Topology Independent Loop-Free Alternate with Segment Routing for IS-IS
This example shows topology-independent loop-free alternate (TI-LFA) with segment routing for the IS-IS protocol to provide MPLS fast reroute (FRR) backup paths corresponding to the post-convergence path for a given failure by using deeper label stacks to construct backup paths. TI-LFA provides protection against link failure, node failure, and fate-sharing failures. In link failure mode, the destination is protected if the link fails. In node protection mode, the destination is protected if the neighbor connected to the primary link fails. To determine the node-protecting post-convergence path, the cost of all the links leaving the neighbor is assumed to increase by a configurable amount. With fate-sharing protection, a list of fate-sharing groups are configured on each PLR with the links in each fate-sharing group identified by their respective IP addresses.
TI-LFA supports protection of routes for both IPv4 and IPv6 prefixes. This example demonstrates protection of routes for IPv4 prefixes.
Requirements
This example uses the following hardware and software components:
Nine MX Series routers
Junos OS Release 17.4 or later running on all devices
Before you configure TI-LFA routes using SPRING for IS-IS, be sure you configure SPRING or segment routing.
Overview
Junos OS allows you to enable TI-LFA for IS-IS by configuring
the use-post-convergence-lfa
statement at the [edit
protocols isis backup-spf-options]
hierarchy level. TI-LFA provides
protection against link failure, node failure, and failures of fate-sharing
groups. You can enable the creation of post-convergence backup paths
for a given interface by configuring the post-convergence-lfa statement
at the [edit protocols isis interface interface-name level level]
hierarchy level. The post-convergence-lfa
statement enables
link-protection mode. You can enable node-protection
mode,
or fate-sharing-protection
mode ,or both modes, for a given
interface at the [edit protocols isis interface interface-name
level level post-convergence-lfa]
hierarchy level. To ensure
that the fate-sharing protection is enabled for a given fate-sharing
group, you need to configure the use-for-post-convergence-lfa
statement at the [edit routing-options fate-sharing group group-name]
hierarchy level
Topology
Figure 1 shows TI-LFA with segment routing for IS-IS configured on Device R1.

Configuration
CLI Quick Configuration
To quickly configure link-protection in this example, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, copy and paste the commands into the CLI at the [edit] hierarchy level, and then enter commit from configuration mode.
R1
set interfaces ge-0/0/0 unit 0 family inet address 10.10.20.1/30 set interfaces ge-0/0/0 unit 0 family iso set interfaces ge-0/0/0 unit 0 family mpls set interfaces ge-0/0/1 unit 0 family inet address 10.10.30.1/30 set interfaces ge-0/0/1 unit 0 family iso set interfaces ge-0/0/1 unit 0 family mpls set interfaces ge-0/0/2 unit 0 family inet address 10.10.10.1/30 set interfaces ge-0/0/2 unit 0 family iso set interfaces ge-0/0/2 unit 0 family mpls set interfaces lo0 unit 0 family inet address 198.168.0.1/32 set interfaces lo0 unit 0 family iso address 49.0000.2222.0001.00 set interfaces lo0 unit 0 family mpls set routing-options router-id 198.168.0.1 set protocols mpls interface ge-0/0/0 set protocols mpls interface ge-0/0/1 set protocols mpls interface ge-0/0/2 set protocols isis backup-spf-options use-post-convergence-lfa maximum-labels 5 set protocols isis source-packet-routing node-segment ipv4-index 1 set protocols isis source-packet-routing node-segment index-range 512 set protocols isis level 2 wide-metrics-only set protocols isis interface ge-0/0/0 point-to-point set protocols isis interface ge-0/0/0 level 2 metric 10 set protocols isis interface ge-0/0/1 point-to-point set protocols isis interface ge-0/0/1 level 2 metric 10 set protocols isis interface ge-0/0/2 point-to-point set protocols isis interface ge-0/0/2 level 2 metric 10 set protocols isis interface ge-0/0/2 level 2 post-convergence-lfa set protocols isis interface lo0.0
R2
set interfaces ge-0/0/1 unit 0 family inet address 10.10.50.1/30 set interfaces ge-0/0/1 unit 0 family iso set interfaces ge-0/0/1 unit 0 family mpls set interfaces ge-0/0/2 unit 0 family inet address 10.10.10.2/30 set interfaces ge-0/0/2 unit 0 family iso set interfaces ge-0/0/2 unit 0 family mpls set interfaces ge-0/0/3 unit 0 family inet address 10.10.40.1/30 set interfaces ge-0/0/3 unit 0 family iso set interfaces ge-0/0/3 unit 0 family mpls set interfaces lo0 unit 0 family inet address 192.168.0.2/32 set interfaces lo0 unit 0 family iso address 49.0000.2222.0002.00 set interfaces lo0 unit 0 family mpls set routing-options router-id 192.168.0.2 set protocols mpls interface ge-0/0/1 set protocols mpls interface ge-0/0/2 set protocols mpls interface ge-0/0/3 set protocols isis source-packet-routing node-segment ipv4-index 2 set protocols isis source-packet-routing node-segment index-range 512 set protocols isis level 2 wide-metrics-only set protocols isis interface ge-0/0/1 point-to-point set protocols isis interface ge-0/0/1 level 1 disable set protocols isis interface ge-0/0/1 level 2 metric 10 set protocols isis interface ge-0/0/2 point-to-point set protocols isis interface ge-0/0/2 level 2 metric 10 set protocols isis interface ge-0/0/3 point-to-point set protocols isis interface ge-0/0/3 level 2 metric 10 set protocols isis interface lo0.0
R3
set interfaces ge-0/0/0 unit 0 family inet address 10.10.60.1/30 set interfaces ge-0/0/0 unit 0 family iso set interfaces ge-0/0/0 unit 0 family mpls set interfaces ge-0/0/1 unit 0 family inet address 10.10.70.1/30 set interfaces ge-0/0/1 unit 0 family iso set interfaces ge-0/0/1 unit 0 family mpls set interfaces ge-0/0/3 unit 0 family inet address 10.10.40.2/30 set interfaces ge-0/0/3 unit 0 family iso set interfaces ge-0/0/3 unit 0 family mpls set interfaces lo0 unit 0 family inet address 192.168.0.3/32 set interfaces lo0 unit 0 family iso address 49.0000.2222.0003.00 set interfaces lo0 unit 0 family mpls set routing-options router-id 192.168.0.3 set protocols mpls interface ge-0/0/0 set protocols mpls interface ge-0/0/1 set protocols mpls interface ge-0/0/3 set protocols isis source-packet-routing node-segment ipv4-index 3 set protocols isis source-packet-routing node-segment index-range 512 set protocols isis level 2 wide-metrics-only set protocols isis interface ge-0/0/0 point-to-point set protocols isis interface ge-0/0/0 level 2 metric 10 set protocols isis interface ge-0/0/1 point-to-point set protocols isis interface ge-0/0/1 level 2 metric 10 set protocols isis interface ge-0/0/3 point-to-point set protocols isis interface ge-0/0/3 level 2 metric 10 set protocols isis interface lo0.0
R21
set interfaces ge-0/0/0 unit 0 family inet address 10.10.29.2/30 set interfaces ge-0/0/0 unit 0 family iso set interfaces ge-0/0/0 unit 0 family mpls set interfaces ge-0/0/1 unit 0 family inet address 10.10.80.1/30 set interfaces ge-0/0/1 unit 0 family iso set interfaces ge-0/0/1 unit 0 family mpls set interfaces lo0 unit 0 family inet address 192.168.0.21/32 set interfaces lo0 unit 0 family iso address 49.0000.2222.0021.00 set interfaces lo0 unit 0 family mpls set routing-options router-id 192.168.0.21 set protocols mpls interface ge-0/0/0 set protocols mpls interface ge-0/0/1 set protocols isis source-packet-routing node-segment ipv4-index 21 set protocols isis source-packet-routing node-segment index-range 512 set protocols isis level 2 wide-metrics-only set protocols isis interface ge-0/0/0 point-to-point set protocols isis interface ge-0/0/0 level 2 metric 10 set protocols isis interface ge-0/0/1 point-to-point set protocols isis interface ge-0/0/1 level 2 metric 10 set protocols isis interface lo0.0
R22
set interfaces ge-0/0/0 unit 0 family inet address 10.10.90.1/30 set interfaces ge-0/0/0 unit 0 family iso set interfaces ge-0/0/0 unit 0 family mpls set interfaces ge-0/0/1 unit 0 family inet address 10.10.80.2/30 set interfaces ge-0/0/1 unit 0 family iso set interfaces ge-0/0/1 unit 0 family mpls set interfaces lo0 unit 0 family inet address 192.168.0.22/32 set interfaces lo0 unit 0 family iso address 49.0000.2222.0022.00 set interfaces lo0 unit 0 family mpls set routing-options router-id 192.168.0.22 set protocols isis source-packet-routing node-segment ipv4-index 22 set protocols isis source-packet-routing node-segment index-range 512 set protocols isis level 2 wide-metrics-only set protocols isis interface ge-0/0/0 point-to-point set protocols isis interface ge-0/0/0 level 2 metric 90 set protocols isis interface ge-0/0/1 point-to-point set protocols isis interface ge-0/0/1 level 2 metric 10 set protocols isis interface lo0.0
R23
set interfaces ge-0/0/0 unit 0 family inet address 10.10.90.2/30 set interfaces ge-0/0/0 unit 0 family iso set interfaces ge-0/0/0 unit 0 family mpls set interfaces ge-0/0/1 unit 0 family inet address 10.10.50.2/30 set interfaces ge-0/0/1 unit 0 family iso set interfaces ge-0/0/1 unit 0 family mpls set interfaces ge-0/0/2 unit 0 family inet address 10.10.100.1/30 set interfaces ge-0/0/2 unit 0 family iso set interfaces ge-0/0/2 unit 0 family mpls set interfaces lo0 unit 0 family inet address 192.168.0.23/32 set interfaces lo0 unit 0 family iso address 49.0000.2222.0023.00 set interfaces lo0 unit 0 family mpls set routing-options router-id 192.168.0.23 set protocols mpls interface ge-0/0/0 set protocols mpls interface ge-0/0/1 set protocols mpls interface ge-0/0/2 set protocols isis source-packet-routing node-segment ipv4-index 23 set protocols isis source-packet-routing node-segment index-range 512 set protocols isis level 2 wide-metrics-only set protocols isis interface ge-0/0/2 point-to-point set protocols isis interface ge-0/0/2 level 2 metric 20 set protocols isis interface ge-0/0/1 point-to-point set protocols isis interface ge-0/0/1 level 2 metric 10 set protocols isis interface ge-0/0/0 point-to-point set protocols isis interface ge-0/0/0 level 2 metric 90 set protocols isis interface lo0.0
R24
set interfaces ge-0/0/0 unit 0 family inet address 10.10.60.2/30 set interfaces ge-0/0/0 unit 0 family iso set interfaces ge-0/0/0 unit 0 family mpls set interfaces ge-0/0/2 unit 0 family inet address 1.23.24.2/30 set interfaces ge-0/0/2 unit 0 family iso set interfaces ge-0/0/2 unit 04 family mpls set interfaces lo0 unit 0 family inet address 192.168.0.24/32 set interfaces lo0 unit 0 family iso address 49.0000.2222.0024.00 set interfaces lo0 unit 0 family mpls set routing-options router-id 192.168.0.24 set protocols mpls interface ge-0/0/0 set protocols mpls interface ge-0/0/2 set protocols isis source-packet-routing node-segment ipv4-index 24 set protocols isis source-packet-routing node-segment index-range 512 set protocols isis level 2 wide-metrics-only set protocols isis interface ge-0/0/0 point-to-point set protocols isis interface ge-0/0/0 level 2 metric 10 set protocols isis interface ge-0/0/2 point-to-point set protocols isis interface ge-0/0/2 level 2 metric 20 set protocols isis interface lo0.0
R31
set interfaces ge-0/0/1 unit 0 family inet address 10.10.30.2/30 set interfaces ge-0/0/1 unit 0 family iso set interfaces ge-0/0/1 unit 0 family mpls set interfaces ge-0/0/0 unit 0 family inet address 10.10.110.1/30 set interfaces ge-0/0/0 unit 0 family iso set interfaces ge-0/0/0 unit 10 family mpls set interfaces lo0 unit 0 family inet address 198.162.0.31/32 set interfaces lo0 unit 0 family iso address 49.0000.2222.0031.00 set interfaces lo0 unit 0 family mpls set routing-options router-id 198.162.0.31 set protocols mpls interface ge-0/0/1 set protocols mpls interface ge-0/0/0 set protocols isis source-packet-routing node-segment ipv4-index 31 set protocols isis source-packet-routing node-segment index-range 512 set protocols isis level 2 wide-metrics-only set protocols isis interface ge-0/0/0 point-to-point set protocols isis interface ge-0/0/0 level 2 metric 500 set protocols isis interface ge-0/0/1 point-to-point set protocols isis interface ge-0/0/1 level 2 metric 10 set protocols isis interface lo0.0
R34
set interfaces ge-0/0/0 unit 0 family inet address 10.10.110.2/30 set interfaces ge-0/0/0 unit 0 family iso set interfaces ge-0/0/0 unit 0 family mpls set interfaces ge-0/0/1 unit 11 family inet address 10.10.70.2/30 set interfaces ge-0/0/1 unit 11 family iso set interfaces ge-0/0/1 unit 11 family mpls set interfaces lo0 unit 0 family inet address 192.168.0.34/32 set interfaces lo0 unit 0 family iso address 49.0000.2222.0034.00 set interfaces lo0 unit 0 family mpls set routing-options router-id 192.168.0.34 set protocols mpls interface ge-0/0/0 set protocols mpls interface ge-0/0/1 set protocols isis source-packet-routing node-segment ipv4-index 34 set protocols isis source-packet-routing node-segment index-range 512 set protocols isis level 2 wide-metrics-only set protocols isis interface ge-0/0/0 point-to-point set protocols isis interface ge-0/0/0 level 2 metric 500 set protocols isis interface ge-0/0/1 point-to-point set protocols isis interface ge-0/0/1 level 2 metric 10 set protocols isis interface lo0.0
Configuring R1
Step-by-Step Procedure
The following example requires that you navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the Junos OS CLI User Guide.
To configure Device R1:
1. Configure the interfaces.
[edit interfaces] user@R1# set ge-0/0/0 unit 0 family inet address 10.10.20.1/30 user@R1# set ge-0/0/0 unit 0 family iso user@R1# set ge-0/0/0 unit 0 family mpls user@R1# set ge-0/0/1 unit 0 family inet address 10.10.30.1/30 user@R1# set ge-0/0/1 unit 0 family iso user@R1# set ge-0/0/1 unit 0 family mpls user@R1# set ge-0/0/2 unit 0 family inet address 10.10.10.1/30 user@R1# set ge-0/0/2 unit 0 family iso user@R1# set ge-0/0/2 unit 0 family mpls user@R1# set lo0 unit 0 family inet address 192.168.0.1/32 user@R1# set lo0 unit 0 family iso address 49.0000.2222.0001.00 user@R1# set lo0 unit 0 family mpls
2. Configure the router ID.
[edit routing-options] user@R1# set router-id 192.168.0.1
Configure the MPLS protocol on the interfaces.
[edit protocols mpls] user@R1# set interface ge-0/0/0 user@R1# set interface ge-0/0/1 user@R1# set interface ge-0/0/2
Configure the maximum number of labels for segment routing routed paths for protection of backup shortest-path-first attributes.
[edit protocols isis] user@R1# set backup-spf-options use-post-convergence-lfa maximum-labels 5
Configure IPv4 index and index range for node segments in segment routing for the IS-IS protocol.
[edit protocols isis] user@R1# set source-packet-routing node-segment ipv4-index 1 user@R1# set source-packet-routing node-segment index-range 512
Configure wide metrics attribute of global level for the IS-IS protocol.
[edit protocols isis] user@R1# set level 2 wide-metrics-only
Configure the interfaces to be point to point. Configure to install backup route along the link-protecting post-convergence path on the interface ge-0/0/2.
[edit protocols isis] user@R1# set interface ge-0/0/0 point-to-point user@R1# set interface ge-0/0/0 level 2 metric 10 user@R1# set interface ge-0/0/1 point-to-point user@R1# set interface ge-0/0/1 level 2 metric 10 user@R1# set interface ge-0/0/2 point-to-point user@R1# set interface ge-0/0/2 level 2 metric 10 user@R1# set interface ge-0/0/2 level 2 post-convergence-lfa user@R1# set interface lo0.0
Results
From configuration mode, confirm your configuration
by entering the show interfaces
, show protocols
, and show routing-options
commands. If the output does
not display the intended configuration, repeat the instructions in
this example to correct the configuration.
user@R1# show interfaces ge-0/0/0 { unit 0 { family inet { address 10.10.20.1/30; } family iso; family mpls; } ge-0/0/1 { unit 0 { family inet { address 10.10.30.1/30; } family iso; family mpls; } ge-0/0/2 { unit 0 { family inet { address 10.10.10.1/30; } family iso; family mpls; } lo0 { unit 0 { family inet { address 192.168.0.1/32; } family iso { address 49.0000.2222.0001.00; } family mpls; }
user@R1# show routing-options router-id 192.168.0.1;
user@R1# show protocols mpls { interface ge-0/0/0; interface ge-0/0/1; interface ge-0/0/2; } isis { backup-spf-options { use-post-convergence-lfa { maximum-labels 5; } } source-packet-routing { node-segment { ipv4-index 1; index-range 512; } } level 2 wide-metrics-only; interface ge-0/0/0 { point-to-point; level 2 metric 10; } interface ge-0/0/1 { point-to-point; level 2 metric 10; } interface ge-0/0/2 { point-to-point; level 2 { post-convergence-lfa; metric 10; } } interface lo0.0; }
If you are done configuring the device, enter commit
from configuration mode.
Procedure
CLI Quick Configuration
To quickly add node-protection for interface ge-0/0/2 to the above example configuration on Device R1, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy level.
R1
set protocols isis interface ge-0/0/2 level 2 post-convergence-lfa node-protection cost 2000
Step-by-Step Procedure
The following example requires that you navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the Junos OS CLI User Guide.
Enable node-protection on interface ge-0/0/2.
[edit protocols isis interface ge-0/0/2 level 2 post-convergence-lfa] user@R1# set node-protection cost 2000
Results
user@R1# show protocols mpls { interface ge-0/0/0; interface ge-0/0/1; interface ge-0/0/2; } isis { backup-spf-options { use-post-convergence-lfa { maximum-labels 5; } } source-packet-routing { node-segment { ipv4-index 1; index-range 512; } } level 2 wide-metrics-only; interface ge-0/0/0 { point-to-point; level 2 { metric 10; } } interface ge-0/0/1 { point-to-point; level 2 { metric 10; } } interface ge-0/0/2 { point-to-point; level 2 { post-convergence-lfa { node-protection cost 20000; } metric 10; } } interface lo0.0; }
If you are done configuring the device, enter commit
from configuration mode.
Procedure
CLI Quick Configuration
To quickly configure define fate-sharing protection on Device R1, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy level.
Device R1
set routing-options fate-sharing group fs-group-1 cost 3000 set routing-options fate-sharing group fs-group-1 from 10.10.10.1 to 10.10.10.2 set routing-options fate-sharing group fs-group-1 from 10.10.80.1 to 10.10.80.2 set routing-options fate-sharing group fs-group-1 use-for-post-convergence-lfa set protocols isis interface ge-0/0/2 level 2 post-convergence-lfa fate-sharing-protection
Step-by-Step Procedure
The following example requires that you navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the Junos OS CLI User Guide.
Configure the fate-sharing group cost.
[edit routing-options fate-sharing group fs-group-1] user@R1# set cost 3000
Configure the fate-sharing group to indicate that link from Device R1 to Device R2 and the link from Device R21 to Device R22 share fate and allow it to be used for post-convergence-lfa.
[edit routing-options fate-sharing group fs-group-1] user@R1# set from 10.10.10.1 to 10.10.10.2 user@R1# set from 10.10.80.1 to 10.10.80.2 user@R1# set use-for-post-convergence-lfa
Enable fate-sharing protection for ge-0/0/2 on Device R1.
[edit protocols isis interface ge-0/0/2 level 2 post-convergence-lfa] user@R1# set fate-sharing-protection
Results
From configuration mode, confirm your configuration
by entering the show protocols
and show routing-options
commands. If the output does not display the intended configuration,
repeat the instructions in this example to correct the configuration.
user@R1# show routing-options router-id 192.168.0.1; fate-sharing { group fs-group-1 { cost 3000; from { 10.10.10.1 to 10.10.10.2; 10.10.80.1 to 10.10.80.2; } use-for-post-convergence-lfa; }
user@R1# show protocols mpls { interface ge-0/0/0; interface ge-0/0/1; interface ge-0/0/2; } isis { backup-spf-options { use-post-convergence-lfa { maximum-labels 5; } } source-packet-routing { node-segment { ipv4-index 1; index-range 512; } } level 2 wide-metrics-only; interface ge-0/0/0 { point-to-point; level 2 { metric 10; } } interface ge-0/0/1 { point-to-point; level 2 { metric 10; } } interface ge-0/0/2 { point-to-point; level 2 { post-convergence-lfa { fate-sharing-protection; metric 10; } } } interface lo0.0; }
If you are done configuring the device, enter commit
from configuration mode.
Verification
Confirm that the configuration is working properly.
- Verify the Link-protecting Backup Path for an Ingress Route
- Verify the Adjacency SID used in the Link-protecting Backup Path
- Verify the Link-protecting Backup Path for a Node SID label
- Verify the Link-protecting Backup Path for an Adjacency SID Label
Verify the Link-protecting Backup Path for an Ingress Route
Purpose
Verify the link-protecting backup path for primary next hops on interface ge-0/0/2 for Device R1 and verify if the backup path to reach 192.168.0.3/32 has been created and has the correct label stack.
Action
From operational mode, run the show route table
inet.3 192.168.0.3
command to display the routing table information.
user@R1> show route table inet.3 192.168.0.3 inet.3: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.0.3/32 *[L-ISIS/14] 18:09:19, metric 20 > to 10.10.10.2 via ge-0/0/2, Push 800003 to 10.10.20.2 via ge-0/0/0, Push 800003, Push 299792, Push 800022(top)
Meaning
The primary path to reach 198.162.0.3/32 (corresponding to Device R3) is through the interface ge-0/0/2 with a label of 800003, corresponding to the node-SID of Device R3. If the interface ge-0/0/2 fails, the backup path using the interface ge-0/0/0 using the label stack [800022, 299792, 800003] becomes active. The link-protecting post-convergence path is R1-R21-R22-R23-R2-R3. The top label on the label stack is 800022 and corresponds to the node SID to reach R22 on the shortest path R1-R2-R22. The next label (299792) corresponds to the adjacency SID for the interface R22-R23. The last label (800003) corresponds to the node SID on R23 to reach R3 on the shortest path R23-R2-R3.
Verify the Adjacency SID used in the Link-protecting Backup Path
Purpose
Verify that the adjacency SID 299792 corresponds to the interface between R22-R23.
Action
From operational mode, run the show isis adjacency
detail R23
command to display the adjacency information.
user@R22> show isis adjacency detail R23 R23 Interface: ge-0/0/0, Level: 2, State: Up, Expires in 23 secs Priority: 0, Up/Down transitions: 1, Last transition: 00:24:28 ago Circuit type: 2, Speaks: IP Topologies: Unicast Restart capable: Yes, Adjacency advertisement: Advertise IP addresses: 10.10.90.2 Level 2 IPv4 Adj-SID: 299792
Meaning
The Device R22 has assigned the value of 299792 to represent the level 2 adjacency to Device R23 for IPv4 traffic.
Verify the Link-protecting Backup Path for a Node SID label
Purpose
Verify that the transit route in mpls.0 corresponding to the node SID to reach Device R3 has a link-protecting backup path.
Action
From operational mode, run the show route table
mpls.0 label 800003
command to display the adjacency information.
user@R1> show route table mpls.0 label 800003 mpls.0: 38 destinations, 38 routes (38 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 800003 *[L-ISIS/14] 00:14:29, metric 20 > to 10.10.10.2 via ge-0/0/2, Swap 800003 to 10.10.20.2 via ge-0/0/0, Swap 800003, Push 299776, Push 800022(top)
Meaning
An incoming label of 800003 corresponds to the node SID for Device R3. The primary route entry in mpls.0 corresponds to the swap of the incoming label 800003 with the outgoing label 800003 on interface ge-0/0/2, corresponding to the shortest path from Device R1 to Device R3 in the pre-failure topology. If interface ge-0/0/2 fails, the backup route entry causes a packet with the incoming label 800003 to leave interface ge-0/0/0 with that incoming label replaced by the label stack [800022, 299776, 800003]. This corresponds to the link-protecting post-convergence path to reach R3 (R1-R21-R22-R23-R2-R3). The top label on the label stack is 800022 and corresponds to the node SID to reach Device R22 on the shortest path R1-R2-R22. The next label (299792) corresponds to the adjacency SID for the interface on R22-R23. The last label (800003) corresponds to the node SID on Device R23 to reach Device R3 on the shortest path R23-R2-R3.
Verify the Link-protecting Backup Path for an Adjacency SID Label
Purpose
Verify that the route in mpls.0 corresponding to the adjacency SID from Device R1 to Device R2 has a link-protecting backup path.
Action
From operational mode, run the show route table
mpls.0 label 299808
command to display the adjacency information.
user@R1> show route table mpls.0 label 299808 mpls.0: 38 destinations, 38 routes (38 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 299808 *[L-ISIS/14] 01:10:05, metric 0 > to 10.10.10.2 via ge-0/0/2, Pop to 10.10.20.2 via ge-0/0/0, Swap 800002, Push 299792, Push 800022(top) 299808(S=0) *[L-ISIS/14] 00:10:02, metric 0 > to 10.10.10.2 via ge-0/0/2, Pop to 10.10.20.2 via ge-0/0/0, Swap 800002, Push 299792, Push 800022(top)
Meaning
An incoming label of 299808 corresponds to the adjacency SID from Device R1 to Device R2. The primary route entry in mpls.0 corresponds to popping the incoming label 299808 and sending the packet out interface ge-0/0/2. If interface ge-0/0/2 fails, the backup route entry causes a packet with the incoming label 299808 to leave on interface ge-0/0/0 with that incoming label replaced by the label stack [800022, 299776, 800002]. This corresponds to the link-protecting post-convergence path to reach Device R2 (R1-R21-R22-R23-R2). The top label on the label stack is 800022 and corresponds to the node SID to reach Device R22 on the shortest path R1-R2-R22. The next label (299792) corresponds to the adjacency SID for the interface on R22-R23. The last label (800002) corresponds to the node SID on Device R23 to reach Device R2 on the shortest path R23-R2.
Verification
Verify the Backup Route on Device R1
Purpose
Verify that the backup route to reach 192.168.0.3 passes through R1-R31-R34-R3. This shows that the node-protection is enabled.
Action
From operational mode, run the show route table
inet.3 192.168.0.3
command to display the routing table information.
user@R1> show route table inet.3 192.168.0.3 inet.3: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.0.3/32 *[L-ISIS/14] 00:05:34, metric 20 > to 10.10.10.2 via ge-0/0/2, Push 800003 to 1.1.31.2 via ge-0/0/1, Push 800003, Push 299776(top)
Meaning
The backup path to reach 192.168.0.3 now uses the interface ge-0/0/1 (the interface to reach R31). The top label on the stack (299776) corresponds to the adjacency SID on Device R31 to reach Device R34. The bottom label (800003) takes the packet from R34 . This ensures that node-protection is enabled.
Verification
Confirm that the configuration is working properly.
Verify the Backup Path on Device R1
Purpose
Verify that the backup route to reach 192.168.0.3 is through path R1-R31-R34-R3. This shows that fate-sharing is enabled.
Action
From operational mode, run the show route table
inet.3 192.168.0.3
command to display the routing table information.
user@R1# show route table inet.3 192.168.0.3 inet.3: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.0.3/32 *[L-ISIS/14] 00:05:34, metric 20 > to 1.1.2.2 via ge-0/0/0.1, Push 800003 to 1.1.31.2 via ge-0/0/0.9, Push 800003, Push 299776(top)
Meaning
The backup path to reach 192.168.0.3 now uses ge-0/0/1 (the interface to reach R31). The top label on the stack (299776) corresponds to the adjacency-SID on Device R31 to reach Device R34. The bottom label (800003) takes the packet from Device R34 to Device R3.