Figure 1 shows a sample network topology that uses the OSPF routing protocol and in which the user assigns an SRLG ID to each group of OSPF links to represent fate-sharing among the links in the group. Assume the router ecmp value is set to 1.
The user wants to enforce that the LFA backup computed and programmed by each node for a given destination prefix avoids the SRLG ID of the primary next hop of that prefix. To that effect, the user applies an LFA policy to each link that is used as a primary next hop to reach destination prefixes.
For instance, node F uses the top interface to node C as the primary next hop for the SR-OSPF tunnel to the SID of node C. The LFA policy states that the LFA backup must exclude outgoing interfaces which are member of SRLG ID of the interface of the primary next hop. Therefore, node F must select an LFA backup that avoids SRLG ID=SrlgGroup_1.
Node F enabled base LFA, remote LFA with node-protect, and TI-LFA with node-protect on the OSPF routing instance. The LFA SPF yields the following candidate LFA backup paths for the tunnel to the SID of node C:
Base LFA returns two backup paths: next hop over the second interface to C (cost 10) and next hop over the interface to node E (cost 20).
After applying the LFA policy, only next hop over the interface to node E (cost 20) remains. The second interface to node C is also a member of SRLG ID=SrlgGroup_1 and therefore the LFA next hop using it is excluded.
TI-LFA returns a single backup path: the next hop over the second interface to C (cost 10).
After applying the LFA policy, no LFA backup path remains.
Remote LFA returns two backup paths: one backup path by PQ node C over the second interface to C (cost 10) and one by PQ node E over the interface to node E (cost 20).
After applying the LFA policy, only the backup path by PQ node E over the interface to node E (cost 20) remains.
The LFA backup paths found by all three LFA methods are only link-protecting because node C is a neighbor of node F.
The final outcome is the selection among the LFA methods and base LFA is preferred to RLFA; therefore, next hop over the interface to node E (cost 20) is selected and programmed by node F as the backup path for the SR-OSPF tunnel to the SID of node C.
The adjacency from node F to node C over first interface to node C also inherits the same LFA backup path as the node SID of C since the same LFA policy applies.
The following are excerpts of the CLI configuration of node F in this specific example. The commands relevant to the LFA policy applied to link F-C as identified by arrows.
In addition, the output of show commands in node F highlights both the primary and the link-protect base LFA backup for both the node SID tunnel to C and the adjacency SID tunnel over the first interface to node C.
Because C is the termination for both its node SID and the adjacency SID tunnels from node F, only link protection can be provided as shown by the output of show command tools>dump>router>ospf sr-database (field L(R)). However, the output of the same show command for the tunnel to the SID of node D indicates the base LFA backup over the direct interface to node D is node-protecting (field Tn(R)).
*A:Dut-F>config>router# info
----------------------------------------------
#--------------------------------------------------
echo "IP Configuration"
#--------------------------------------------------
if-attribute <-------
srlg-group "SrlgGroup_1" value 1 <-------
srlg-group "SrlgGroup_2" value 2
srlg-group "SrlgGroup_3" value 3
exit
route-next-hop-policy <-------
begin <-------
template "templateSrlgGroup_1" <-------
srlg-enable
exit
template "templateSrlgGroup_2"
srlg-enable
exit
template "templateSrlgGroup_3"
srlg-enable
exit
commit
exit
interface "DUTF_TO_DUTC.1.0" <-------
address 1.0.36.6/24
secondary 51.0.36.6/24
port 1/1/4:1
mac 00:00:00:00:00:06
ipv6
address 3ffe::100:2406/120 primary-preference 1
address 3ffe::3300:2406/120 primary-preference 2
exit
if-attribute <-------
srlg-group "SrlgGroup_1" <-------
exit
no shutdown
exit
interface "DUTF_TO_DUTC.2.0" <-------
address 2.0.36.6/24
secondary 52.0.36.6/24
port 1/1/4:2
mac 00:00:00:00:00:06
ipv6
address 3ffe::200:2406/120 primary-preference 1
address 3ffe::3400:2406/120 primary-preference 2
exit
if-attribute <-------
srlg-group "SrlgGroup_1" <-------
exit
no shutdown
exit
interface "DUTF_TO_DUTD.1.0"
address 1.0.46.6/24
secondary 51.0.46.6/24
port 1/1/1:1
mac 00:00:00:00:00:06
ipv6
address 3ffe::100:2e06/120 primary-preference 1
address 3ffe::3300:2e06/120 primary-preference 2
exit
if-attribute
srlg-group "SrlgGroup_2"
exit
no shutdown
exit
interface "DUTF_TO_DUTD.2.0"
address 2.0.46.6/24
secondary 52.0.46.6/24
port 1/1/1:2
mac 00:00:00:00:00:06
ipv6
address 3ffe::200:2e06/120 primary-preference 1
address 3ffe::3400:2e06/120 primary-preference 2
exit
if-attribute
srlg-group "SrlgGroup_2"
exit
no shutdown
exit
interface "DUTF_TO_DUTE.1.0" <-------
address 1.0.56.6/24
secondary 51.0.56.6/24
port 1/1/2:1
mac 00:00:00:00:00:06
ipv6
address 3ffe::100:3806/120 primary-preference 1
address 3ffe::3300:3806/120 primary-preference 2
exit
if-attribute <-------
srlg-group "SrlgGroup_3" <-------
exit
no shutdown
exit
interface "DUTF_TO_DUTE.2.0" <-------
address 2.0.56.6/24
secondary 52.0.56.6/24
port 1/1/2:2
mac 00:00:00:00:00:06
ipv6
address 3ffe::200:3806/120 primary-preference 1
address 3ffe::3400:3806/120 primary-preference 2
exit
if-attribute <-------
srlg-group "SrlgGroup_3" <-------
exit
no shutdown
exit
interface "loopbackF.1.0"
address 1.0.66.6/32
secondary 51.0.66.6/32
loopback
ipv6
address 3ffe::100:4206/128 primary-preference 1
address 3ffe::3300:4206/128 primary-preference 2
exit
no shutdown
exit
interface "loopbackF.2.0"
address 2.0.66.6/32
secondary 52.0.66.6/32
loopback
ipv6
address 3ffe::200:4206/128 primary-preference 1
address 3ffe::3400:4206/128 primary-preference 2
exit
no shutdown
exit
interface "system"
address 10.20.1.6/32
ipv6
address 3ffe::a14:106/128
exit
no shutdown
exit
ip-fast-reroute
router-id 10.20.1.6
#--------------------------------------------------
echo "MPLS Label Range Configuration"
#--------------------------------------------------
mpls-labels
sr-labels start 20000 end 80000
exit
#--------------------------------------------------
echo "OSPFv2 Configuration"
#--------------------------------------------------
ospf 0 10.20.1.6
traffic-engineering
database-export identifier 0
advertise-router-capability area
loopfree-alternates <-------
remote-lfa <-------
node-protect <-------
exit <-------
ti-lfa max-sr-frr-labels 3 <-------
node-protect <-------
exit <-------
exit <-------
segment-routing
prefix-sid-range start-label 70000 max-index 999
egress-statistics
adj-set
adj-sid
node-sid
exit
ingress-statistics
adj-set
adj-sid
node-sid
exit
no shutdown
exit
area 0.0.0.0
interface "system"
node-sid index 9
no shutdown
exit
interface "DUTF_TO_DUTC.1.0" <-------
interface-type point-to-point
hello-interval 2
dead-interval 10
metric 10
lfa-policy-map route-nh-template "templateSrlgGroup_1" <-------
no shutdown
exit
interface "DUTF_TO_DUTD.1.0"
interface-type point-to-point
hello-interval 2
dead-interval 10
metric 1000
lfa-policy-map route-nh-template "templateSrlgGroup_2"
no shutdown
exit
interface "DUTF_TO_DUTE.1.0"
interface-type point-to-point
hello-interval 2
dead-interval 10
metric 10
lfa-policy-map route-nh-template "templateSrlgGroup_3"
no shutdown
exit
interface "loopbackF.1.0"
node-sid index 3
no shutdown
exit
interface "DUTF_TO_DUTC.2.0"
interface-type point-to-point
hello-interval 2
dead-interval 10
metric 10
lfa-policy-map route-nh-template "templateSrlgGroup_4"
no shutdown
exit
interface "DUTF_TO_DUTD.2.0"
interface-type point-to-point
hello-interval 2
dead-interval 10
metric 1000
lfa-policy-map route-nh-template "templateSrlgGroup_5"
no shutdown
exit
interface "DUTF_TO_DUTE.2.0"
interface-type point-to-point
hello-interval 2
dead-interval 10
metric 10
lfa-policy-map route-nh-template "templateSrlgGroup_6"
no shutdown
exit
interface "loopbackF.2.0"
node-sid index 15
no shutdown
exit
exit
no shutdown
exit
----------------------------------------------
*A:Dut-F# tools dump router segment-routing tunnel
===================================================================================================
Legend: (B) - Backup Next-hop for Fast Re-Route
(D) - Duplicate
label stack is ordered from top-most to bottom-most
===================================================================================================
--------------------------------------------------------------------------------------------------+
Prefix |
Sid-Type Fwd-Type In-Label Prot-Inst |
Next Hop(s) Out-Label(s) Interface/Tunnel-ID |
--------------------------------------------------------------------------------------------------+
1.0.33.3 <-------
Node Orig/Transit 70000 OSPF-0 <-------
1.0.36.3 40000 DUTF_TO_DUTC.1.0 <-------
(B)1.0.56.5 60000 DUTF_TO_DUTE.1.0 <-------
1.0.44.4 <-------
Node Orig/Transit 70001 OSPF-0 <-------
1.0.36.3 40001 DUTF_TO_DUTC.1.0 <-------
(B)1.0.46.4 50001 DUTF_TO_DUTD.1.0 <-------
1.0.55.5
Node Orig/Transit 70002 OSPF-0
1.0.56.5 60002 DUTF_TO_DUTE.1.0
(B)1.0.36.3 40002 DUTF_TO_DUTC.1.0
1.0.66.6
Node Terminating 70003 OSPF-0
1.0.11.1
Node Orig/Transit 70004 OSPF-0
1.0.36.3 40004 DUTF_TO_DUTC.1.0
(B)1.0.46.4 50004 DUTF_TO_DUTD.1.0
1.0.22.2
Node Orig/Transit 70005 OSPF-0
1.0.36.3 40005 DUTF_TO_DUTC.1.0
(B)1.0.46.4 50005 DUTF_TO_DUTD.1.0
10.20.1.3
Node Orig/Transit 70006 OSPF-0
1.0.36.3 40006 DUTF_TO_DUTC.1.0
(B)1.0.56.5 60006 DUTF_TO_DUTE.1.0
10.20.1.4
Node Orig/Transit 70007 OSPF-0
1.0.36.3 40007 DUTF_TO_DUTC.1.0
(B)1.0.46.4 50007 DUTF_TO_DUTD.1.0
10.20.1.5
Node Orig/Transit 70008 OSPF-0
1.0.56.5 60008 DUTF_TO_DUTE.1.0
(B)1.0.36.3 40008 DUTF_TO_DUTC.1.0
10.20.1.6
Node Terminating 70009 OSPF-0
10.20.1.1
Node Orig/Transit 70010 OSPF-0
1.0.36.3 40010 DUTF_TO_DUTC.1.0
(B)1.0.46.4 50010 DUTF_TO_DUTD.1.0
10.20.1.2
Node Orig/Transit 70011 OSPF-0
1.0.36.3 40011 DUTF_TO_DUTC.1.0
(B)1.0.46.4 50011 DUTF_TO_DUTD.1.0
2.0.33.3
Node Orig/Transit 70012 OSPF-0
1.0.36.3 40012 DUTF_TO_DUTC.1.0
(B)1.0.56.5 60012 DUTF_TO_DUTE.1.0
2.0.44.4
Node Orig/Transit 70013 OSPF-0
1.0.36.3 40013 DUTF_TO_DUTC.1.0
(B)1.0.46.4 50013 DUTF_TO_DUTD.1.0
2.0.55.5
Node Orig/Transit 70014 OSPF-0
1.0.56.5 60014 DUTF_TO_DUTE.1.0
(B)1.0.36.3 40014 DUTF_TO_DUTC.1.0
2.0.66.6
Node Terminating 70015 OSPF-0
2.0.11.1
Node Orig/Transit 70016 OSPF-0
1.0.36.3 40016 DUTF_TO_DUTC.1.0
(B)1.0.46.4 50016 DUTF_TO_DUTD.1.0
2.0.22.2
Node Orig/Transit 70017 OSPF-0
1.0.36.3 40017 DUTF_TO_DUTC.1.0
(B)1.0.46.4 50017 DUTF_TO_DUTD.1.0
2.0.56.5
Adjacency Transit 524282 OSPF-0
2.0.56.5 3 DUTF_TO_DUTE.2.0
(B)1.0.56.5 3 DUTF_TO_DUTE.1.0
2.0.46.4
Adjacency Transit 524283 OSPF-0
2.0.46.4 3 DUTF_TO_DUTD.2.0
(B)1.0.36.3 40001 DUTF_TO_DUTC.1.0
2.0.36.3
Adjacency Transit 524284 OSPF-0
2.0.36.3 3 DUTF_TO_DUTC.2.0
(B)1.0.36.3 3 DUTF_TO_DUTC.1.0
1.0.56.5
Adjacency Transit 524285 OSPF-0
1.0.56.5 3 DUTF_TO_DUTE.1.0
(B)1.0.36.3 40002 DUTF_TO_DUTC.1.0
1.0.46.4
Adjacency Transit 524286 OSPF-0
1.0.46.4 3 DUTF_TO_DUTD.1.0
(B)1.0.36.3 40001 DUTF_TO_DUTC.1.0
1.0.36.3 <-------
Adjacency Transit 524287 OSPF-0 <-------
1.0.36.3 3 DUTF_TO_DUTC.1.0 <----
(B)1.0.56.5 60000 DUTF_TO_DUTE.1.0 <----
--------------------------------------------------------------------------------------------------+
No. of Entries: 24
--------------------------------------------------------------------------------------------------+
*A:Dut-F#
*A:Dut-F# tools dump router ospf sr-database
===============================================================================
Rtr Base OSPFv2 Instance 0 Segment Routing Database
===============================================================================
SID Label St Type Prefix Stitching
AdvRtr Area Flags FRR
-------------------------------------------------------------------------------
0 70000 +R T1 1.0.33.3/32 - <-------
10.20.1.3 0.0.0.0 [NnP ] L(R) <-------
1 70001 +R T1 1.0.44.4/32 - <-------
10.20.1.4 0.0.0.0 [NnP ] Tn(R) <-------
2 70002 +R T1 1.0.55.5/32 -
10.20.1.5 0.0.0.0 [NnP ] L(R)
3 70003 +R LT1 1.0.66.6/32 -
10.20.1.6 0.0.0.0 [NnP ] -
4 70004 +R T1 1.0.11.1/32 -
10.20.1.1 0.0.0.0 [NnP ] Tn(R)
5 70005 +R T1 1.0.22.2/32 -
10.20.1.2 0.0.0.0 [NnP ] Tn(R)
6 70006 +R T1 10.20.1.3/32 -
10.20.1.3 0.0.0.0 [NnP ] L(R)
7 70007 +R T1 10.20.1.4/32 -
10.20.1.4 0.0.0.0 [NnP ] Tn(R)
8 70008 +R T1 10.20.1.5/32 -
10.20.1.5 0.0.0.0 [NnP ] L(R)
9 70009 +R LT1 10.20.1.6/32 -
10.20.1.6 0.0.0.0 [NnP ] -
10 70010 +R T1 10.20.1.1/32 -
10.20.1.1 0.0.0.0 [NnP ] Tn(R)
11 70011 +R T1 10.20.1.2/32 -
10.20.1.2 0.0.0.0 [NnP ] Tn(R)
12 70012 +R T1 2.0.33.3/32 -
10.20.1.3 0.0.0.0 [NnP ] L(R)
13 70013 +R T1 2.0.44.4/32 -
10.20.1.4 0.0.0.0 [NnP ] Tn(R)
14 70014 +R T1 2.0.55.5/32 -
10.20.1.5 0.0.0.0 [NnP ] L(R)
15 70015 +R LT1 2.0.66.6/32 -
10.20.1.6 0.0.0.0 [NnP ] -
16 70016 +R T1 2.0.11.1/32 -
10.20.1.1 0.0.0.0 [NnP ] Tn(R)
17 70017 +R T1 2.0.22.2/32 -
10.20.1.2 0.0.0.0 [NnP ] Tn(R)
-------------------------------------------------------------------------------
No. of Entries: 18
-------------------------------------------------------------------------------
St: R:reported I:incomplete W:wrong N:not reported F:failed
+:SR-ack -:no route
Type: L:local M: mapping Srv Tx: route type
FRR: L:Lfa R:RLfa T:TiLfa (R):Reported (F):Failed
Ln, Rn, Tn: FRR providing node-protection
===============================================================================
*A:Dut-F#