Figure 1 illustrates the traffic forwarding from a Virtual Network Function (VNF1) residing in a host in a Data Center (DC1) to VNF2 residing in a host in DC2 over the segment routing capable backbone network. DC1 and DC2 do not support segment routing and MPLS while the DC Edge routers do not support segment routing. Hence, MPLS packets of VNF1 flows are tunneled over a UDP/IP or GRE/IP tunnel and a static label route is configured on DC Edge1/2 to steer the decapsulated packets to the remote DC Edge3/4.
The following are the data path manipulations of a packet across this network:
Host in DC1 pushes MPLS-over-UDP (or MPLS-over-GRE) header with outer IP destination address matching its local DC Edge1/2. It also pushes a static label 21000 which corresponds to the binding label of the MPLS forwarding policy configured in DC Edge1/2 to reach remote DC Edge3/4 (anycast address). The bottom of the label stack is the anycast SID for the remote LER3/4.
The label 21000 is configured on both DC Edge1 and DC Edge2 using a label-binding policy with an indirect next-hop pointing to the static route to the destination prefix of DC Edge3/4. The backup next-hop points to the static route to reach some DC Edge5/6 in another remote DC (not shown).
There is EBGP peering between DC Edge1/2 and LER1/2 and between DC Edge3/4 and LER3/4.
DC Edge1/2 removes the UDP/IP header (or GRE/IP header) and swaps label 21000 to implicit-null and forwards (ECMP spraying) to all resolved next-hops of the static route of the primary or backup next-hop of the label-binding policy.
LER1/2 forwards based on the anycast SID to remote LER3/4.
LER3/4 removes the anycast SID label and forwards the inner IP packet to DC Edge3/4 which then forwards to Host2 in DC2.
The following CLI commands configure the static label route to achieve this use case. It creates a label-binding policy with a single NHG that is pointing to the first route as its primary indirect next-hop and the second route as its backup indirect next-hop. The primary static route corresponds to a prefix of remote DC Edge3/4 router and the backup static route to the prefix of a pair of edge routers in a different remote DC. The policy is applied to routers DC Edge1/2 in DC1.
— config>router
— static-route-entry fd84:a32e:1761:1888::1/128
— next-hop 3ffe::e0e:e05
— no shutdown
— next-hop 3ffe::f0f:f01
— no shutdown
— static-route-entry fd22:9501:806c:2387::2/128
— next-hop 3ffe::1010:1002
— no shutdown
— next-hop 3ffe::1010:1005
— no shutdown
—
— config>router>mpls-labels
— reserved-label-block static-label-route-lbl-block
— start-label 20000 end-label 25000
—
— config>router>mpls
— forwarding-policies
— reserved-label-block static-label-route-lbl-block
— forwarding-policy static-label-route-indirect
— binding-label 21000
— revert-timer 5
— next-hop-group 1 resolution-type indirect
— primary-next-hop
— next-hop fd84:a32e:1761:1888::1
— backup-next-hop
— next-hop fd22:9501:806c:2387::2