Lesson Contents
MPLS Traffic Engineering (TE) Forwarding Adjacency allows you to advertise a TE tunnel as a link in your IGP.
Why would you want to use this? Let’s take a look at the following scenario:
Imagine we want to load balance traffic from CE1 to CE2. All interfaces have the same metric. We have two paths, but because the path through PE1 is the shortest path, that’s the only path we will use. You could solve this by configuring two MPLS TE tunnels on CE1 destined for CE2:
This would solve the issue. CE1 will have two TE tunnels and can load balance all traffic using both paths. This solution has two problems, though:
- You need to configure MPLS TE on the CE routers.
- It doesn’t scale.
The topology above is a small network. Now imagine we have 25 Points of Presence (POP), where each POP has two PE routers and ten CE routers.
25 POPs x 10 CE routers = 250 CE routers.
All CE routers have to communicate with each other, so we need a full mesh of TE tunnels. The full mesh formula looks like this:
number of TE tunnels = N * (N-1) / 2
Where N is the number of CE routers. This means we’ll have the following:
250 x (250 - 1) / 2 = 31.125 unidirectional TE tunnels.
TE tunnels are unidirectional, so you’ll need two tunnels if you want to load balance from CE1 to CE2 and vice versa. We’ll have 31.125 x 2 = 62.250 bidirectional TE tunnels. That is a lot of LSPs!
We can solve the scalability issue by moving the TE tunnels up one level in the hierarchy:
We now have a TE tunnel between PE1/PE3 and PE2/PE4. The CE routers won’t have to run MPLS TE anymore. This also dramatically reduces the number of required TE tunnels.
With 25 POPs and 50 PE routers, we’ll have the following:
50 x (50 - 1) / 2 = 1.225 undirectional TE tunnels.
We want to load balance in both ways, so we’ll have 1.225 x 2 = 2.450 bidirectional TE tunnels. That is a significant improvement.
However, this introduces another issue…
The problem is that our CE routers don’t know about the TE tunnels on the PE routers. Enabling autoroute doesn’t solve this issue because it’s a local change in the routing table of the PE routers. The PE routers won’t advertise anything to other routers.
This is why we need forwarding adjacency. It allows the PE routers to advertise the TE tunnel as a link in your IGP.
Configuration
Let’s take a look at this in action.
This is the topology we’ll use:
All P routers run MPLS TE. We have four TE tunnels:
- PE1 to PE3
- PE2 to PE4
- PE3 to PE1
- PE4 to PE1
MPLS TE tunnels are unidirectional, but IS-IS or OSPF assume links are bidirectional. Because forwarding adjacency advertises the TE tunnel as a link in your IGP, we need tunnels in both directions. If you only configure unidirectional TE tunnels and enable forwarding adjacency, the IGP won’t use the link.
The CE routers only run IS-IS. Our goal is to load balance traffic from CE1 to CE2 using both paths.
Configurations
Want to take a look for yourself? Here you will find the startup configuration of each device.
CE1
hostname CE1
!
ip cef
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ip router isis
isis circuit-type level-2-only
!
interface GigabitEthernet0/0
ip address 192.168.12.1 255.255.255.0
ip router isis
isis circuit-type level-2-only
!
interface GigabitEthernet0/1
ip address 192.168.13.1 255.255.255.0
ip router isis
isis circuit-type level-2-only
!
router isis
net 49.0001.0001.0001.0001.0001.00
is-type level-2-only
metric-style wide
!
endCE2
hostname CE2
!
ip cef
!
interface Loopback0
ip address 7.7.7.7 255.255.255.255
ip router isis
isis circuit-type level-2-only
!
interface GigabitEthernet0/0
ip address 192.168.57.7 255.255.255.0
ip router isis
isis circuit-type level-2-only
!
interface GigabitEthernet0/1
ip address 192.168.67.7 255.255.255.0
ip router isis
isis circuit-type level-2-only
!
router isis
net 49.0007.0007.0007.0007.0007.00
is-type level-2-only
metric-style wide
!
endP1
hostname P1
!
ip cef
!
mpls traffic-eng tunnels
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
ip router isis
isis circuit-type level-2-only
!
interface GigabitEthernet0/0
ip address 192.168.34.4 255.255.255.0
ip router isis
mpls traffic-eng tunnels
mpls ip
isis circuit-type level-2-only
ip rsvp bandwidth 1000000
!
interface GigabitEthernet0/1
ip address 192.168.46.4 255.255.255.0
ip router isis
mpls traffic-eng tunnels
mpls ip
isis circuit-type level-2-only
ip rsvp bandwidth 1000000
!
router isis
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2
net 49.0001.0004.0004.0004.0004.00
is-type level-2-only
metric-style wide
!
mpls ldp router-id Loopback0 force
!
endPE1
hostname PE1
!
ip cef
!
mpls traffic-eng tunnels
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ip router isis
isis circuit-type level-2-only
!
interface Tunnel1
ip unnumbered Loopback0
isis metric 4 level-2
tunnel mode mpls traffic-eng
tunnel destination 5.5.5.5
tunnel mpls traffic-eng priority 7 7
tunnel mpls traffic-eng bandwidth 750
tunnel mpls traffic-eng path-option 1 dynamic
no routing dynamic
!
interface GigabitEthernet0/0
ip address 192.168.12.2 255.255.255.0
ip router isis
isis circuit-type level-2-only
!
interface GigabitEthernet0/1
ip address 192.168.25.2 255.255.255.0
ip router isis
mpls traffic-eng tunnels
mpls ip
isis circuit-type level-2-only
ip rsvp bandwidth 1000000
!
router isis
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2
net 49.0001.0002.0002.0002.0002.00
is-type level-2-only
metric-style wide
!
mpls ldp router-id Loopback0 force
!
endPE2
hostname PE2
!
ip cef
!
mpls traffic-eng tunnels
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
ip router isis
isis circuit-type level-2-only
!
interface Tunnel1
ip unnumbered Loopback0
isis metric 4 level-2
tunnel mode mpls traffic-eng
tunnel destination 6.6.6.6
tunnel mpls traffic-eng priority 7 7
tunnel mpls traffic-eng bandwidth 750
tunnel mpls traffic-eng path-option 1 dynamic
no routing dynamic
!
interface GigabitEthernet0/0
ip address 192.168.13.3 255.255.255.0
ip router isis
isis circuit-type level-2-only
!
interface GigabitEthernet0/1
ip address 192.168.34.3 255.255.255.0
ip router isis
mpls traffic-eng tunnels
mpls ip
isis circuit-type level-2-only
ip rsvp bandwidth 1000000
!
router isis
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2
net 49.0001.0003.0003.0003.0003.00
is-type level-2-only
metric-style wide
!
mpls ldp router-id Loopback0 force
!
endPE3
hostname PE3
!
ip cef
!
mpls traffic-eng tunnels
!
interface Loopback0
ip address 5.5.5.5 255.255.255.255
ip router isis
isis circuit-type level-2-only
!
interface Tunnel1
ip unnumbered Loopback0
isis metric 4 level-2
tunnel mode mpls traffic-eng
tunnel destination 2.2.2.2
tunnel mpls traffic-eng priority 7 7
tunnel mpls traffic-eng bandwidth 750
tunnel mpls traffic-eng path-option 1 dynamic
no routing dynamic
!
interface GigabitEthernet0/0
ip address 192.168.57.5 255.255.255.0
ip router isis
isis circuit-type level-2-only
!
interface GigabitEthernet0/1
ip address 192.168.25.5 255.255.255.0
ip router isis
mpls traffic-eng tunnels
mpls ip
isis circuit-type level-2-only
ip rsvp bandwidth 1000000
!
router isis
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2
net 49.0001.0005.0005.0005.0005.00
is-type level-2-only
metric-style wide
!
mpls ldp router-id Loopback0 force
!
endPE4
hostname PE4
!
ip cef
!
mpls traffic-eng tunnels
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ip router isis
isis circuit-type level-2-only
!
interface Tunnel1
ip unnumbered Loopback0
isis metric 4 level-2
tunnel mode mpls traffic-eng
tunnel destination 3.3.3.3
tunnel mpls traffic-eng priority 7 7
tunnel mpls traffic-eng bandwidth 750
tunnel mpls traffic-eng path-option 1 dynamic
no routing dynamic
!
interface GigabitEthernet0/0
ip address 192.168.67.6 255.255.255.0
ip router isis
isis circuit-type level-2-only
!
interface GigabitEthernet0/1
ip address 192.168.46.6 255.255.255.0
ip router isis
mpls traffic-eng tunnels
mpls ip
isis circuit-type level-2-only
ip rsvp bandwidth 1000000
!
router isis
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2
net 49.0001.0006.0006.0006.0006.00
is-type level-2-only
metric-style wide
!
mpls ldp router-id Loopback0 force
!
endI use IOSv Software (VIOS-ADVENTERPRISEK9-M), Version 15.9(3)M4.
Without Forwarding Adjacency
This is how CE1 can reach CE2’s loopback interface:
CE1#show ip route 7.7.7.7
Routing entry for 7.7.7.7/32
Known via "isis", distance 115, metric 40, type level-2
Redistributing via isis
Last update from 192.168.12.2 on GigabitEthernet0/0, 01:38:06 ago
Routing Descriptor Blocks:
* 192.168.12.2, from 7.7.7.7, 01:38:06 ago, via GigabitEthernet0/0
Route metric is 40, traffic share count is 1CE1 uses IGP routing, and the shortest path is through PE1. We can verify this with a traceroute:
CE1#traceroute 7.7.7.7 numeric probe 1
Type escape sequence to abort.
Tracing the route to 7.7.7.7
VRF info: (vrf in name/id, vrf out name/id)
1 192.168.12.2 2 msec
2 192.168.25.5 1 msec
3 192.168.57.7 3 msecEnabling autoroute won’t do us any good here because this only changes the routing table of the PE routers. Autoroute doesn’t advertise anything to other routers.
With Forwarding Adjacency
Let’s fix this so that CE1 learns about both TE tunnels. Let’s enable forwarding adjacency on all PE routers:
PE1, PE2, PE3 & PE4
(config)#interface Tunnel 1
(config-if)#tunnel mpls traffic-eng forwarding-adjacency
(config-if)#isis metric 4 level-2I also set the IS-IS metric of the tunnel interface. We want to ensure the metric is attractive enough for CE1 to use the tunnel interfaces.
Optionally, we can configure a holdtime timer:
PE1(config-if)#tunnel mpls traffic-eng forwarding-adjacency holdtime ?
<0-4294967295> Holdtime on MPLS TE Down.The holdtime is important when the tunnel goes down. When a TE tunnel goes down, the router calculates a new path, and the TE tunnel comes back up. This causes the link to be withdrawn and readvertised in your IGP. The holdtime defines how long the tunnel must be down before telling the IGP it is down.
You can verify forwarding adjacency has been enabled with this command:
PE1#show mpls traffic-eng forwarding-adjacency
destination 0005.0005.0005.00, area isis level-2, has 1 tunnels
Tunnel1 (load balancing metric 2666666, nexthop 5.5.5.5)
(flags: Forward-Adjacency, holdtime 0)PE2#show mpls traffic-eng forwarding-adjacency
destination 0006.0006.0006.00, area isis level-2, has 1 tunnels
Tunnel1 (load balancing metric 2666666, nexthop 6.6.6.6)
(flags: Forward-Adjacency, holdtime 0)We can see that the TE tunnels are advertised as links in our IS-IS LSP. Here’s the LSP of PE1:
PE1#show isis database detail PE1.00-00
IS-IS Level-2 LSP PE1.00-00
LSPID LSP Seq Num LSP Checksum LSP Holdtime/Rcvd ATT/P/OL
PE1.00-00 * 0x000000F0 0x6763 1014/* 0/0/0
Area Address: 49.0001.0002
NLPID: 0xCC
Router ID: 2.2.2.2
Hostname: PE1
Metric: 10 IS-Extended PE1.01
Metric: 10 IS-Extended PE3.02
Metric: 4 IS-Extended PE3.00
IP Address: 2.2.2.2
Metric: 10 IP 2.2.2.2/32
Metric: 10 IP 192.168.12.0/24
Metric: 10 IP 192.168.25.0/24Above, you see the link with a metric of 4. Here is the LSP of PE2:
