The following are the CLI commands to configure the remote LFA and TI-LFA node protection feature.
configure
— router
— [no] isis
— [no] loopfree-alternates
— [no] remote-lfa [max-pq-cost 0..4294967295, default=4261412864]
— [no] node-protect [max-pq-nodes 1..32, default=16]
— [no] ti-lfa [max-sr-frr-labels 0..3, default=2]
— [no] node-protect
— exclude
— [no] prefix-policy prefix-policy [prefix-policy…(up to 5 max)]
— exit
— exit
A command is added to enable node-protect calculation to both Remote LFA (node-protect [max-pq-nodes <1..32, default=16>]) and TI-LFA (node-protect).
When the node-protect command is enabled, the router prefers a node-protect over a link-protect repair tunnel for a given prefix if both are found in the Remote LFA or TI-LFA SPF computations. The SPF computations may only find a link-protect repair tunnel for prefixes owned by the protected node. This feature protects against the failure of a downstream node in the path of the prefix of a node SID except for the node owner of the node SID.
The parameter max-pq-nodes in Remote LFA controls the maximum number of candidate PQ nodes found in the LFA SPFs for which the node protection check is performed. As explained in Remote LFA Node-Protect Operation, the node-protect condition means the router must run the original link-protect Remote LFA algorithm plus one extra forward SPF on behalf of each PQ node found, potentially after applying the max-pq-cost parameter, to check if the path from the PQ node to the destination does not traverse the protected node. Setting this parameter to a lower value means the LFA SPFs uses less computation time and resources but may result in not finding a node-protect repair tunnel. The default value is 16.