MPLS over GRE on NCS5500

For the artical, will summary how to mpls over gre on NCS5500, NCS5500 only enable decap mode of GRE(6.1.x support the feature), that feature will flexible terminal GRE session that from DC servers. Btw, in order to verify packets from the tester, will capture packets by ERSPAN on NCS55A1.

Topology

  • NCS55A1-2 learn eBGP route 200.1.0.0/24 from tester 5/2
  • Ony IPv4/IGP forwarding from Terster 5/1 -> 55A1-1 -> 55A1-2
  • Send traffics(GRE + EPE ) from tester 5/1, and terminate at NCS55A1-2, then forward to EPE link

NCS55A1-2 Config

Basic config that include EPE config

RP/0/RP0/CPU0:55A1-2#sh run router bgp
Thu Aug  8 12:25:30.715 UTC
router bgp 11
 bgp router-id 192.168.0.2
 address-family ipv4 unicast
 !
 neighbor 52.1.1.1
  remote-as 100
  egress-engineering  <<< enable EPE
  address-family ipv4 unicast
   route-policy pass in
   route-policy pass out
  !
 !
!

RP/0/RP0/CPU0:55A1-2#sh run router isis  
Thu Aug  8 12:37:25.495 UTC
router isis frank
 is-type level-2-only
 net 49.1921.6800.0002.00
 address-family ipv4 unicast
  metric-style wide
  router-id Loopback0
 !
 interface Loopback0
  passive
  circuit-type level-2-only
  address-family ipv4 unicast
  !
 !
 interface HundredGigE0/0/0/10
  circuit-type level-2-only
  point-to-point
  address-family ipv4 unicast
   metric 1
  !
 !
!

Enable GRE and only decap mode

RP/0/RP0/CPU0:55A1-2#sh run int tunnel-ip 1
Thu Aug  8 12:45:44.154 UTC
interface tunnel-ip1
 ipv4 unnumbered Loopback0
 tunnel mode gre ipv4 decap
 tunnel source Loopback0
!

Enable MPLS forwarding for GRE

At default, even if you enable EPE on BGP, but GRE port is only IPv4, so only check FIB when packets com in and terminate GRE, but not check LFIB, that will drop packets that with EPE label. We need to let traffics check LFIB, but not FIB, so enable MPLS for the GRE port. That only local enable, no any LDP neighbor, that likes a switch that from FIB to LFIB.

RP/0/RP0/CPU0:55A1-2#sh run mpls ldp
Thu Aug  8 12:37:40.608 UTC
mpls ldp
 router-id 192.168.0.2
 address-family ipv4
 !
 interface tunnel-ip1
 !
!

Tester 5/1 Config

Check Traffics status

EPE label info on NCS55A1-2

RP/0/RP0/CPU0:55A1-2#sh bgp egress-engineering 
Fri Aug  9 08:01:08.736 UTC

 Egress Engineering Peer Set: 52.1.1.1/32 (0x7ff14309ee80)
        Nexthop: 52.1.1.1
        Version: 10, rn_version: 10
          Flags: 0x00000006
      Local ASN: 11
     Remote ASN: 100
      Local RID: 192.168.0.2
     Remote RID: 192.0.0.1
  Local Address: 52.1.1.2
      First Hop: 52.1.1.1
           NHID: 2
            IFH: 0x128
          Label: 24002, Refcount: 3    <<<<<
        rpc_set: 0x7ff104001208, ID: 4
RP/0/RP0/CPU0:55A1-2#
RP/0/RP0/CPU0:55A1-2#sh route bgp
Fri Aug  9 08:02:00.538 UTC

B    200.1.0.0/24 [20/0] via 52.1.1.1, 00:01:40 <<<
B    200.2.0.0/24 [20/0] via 52.1.1.1, 00:01:40
RP/0/RP0/CPU0:55A1-2#sh mpls for
Fri Aug  9 08:02:08.841 UTC
Local  Outgoing    Prefix             Outgoing     Next Hop        Bytes       
Label  Label       or ID              Interface                    Switched    
------ ----------- ------------------ ------------ --------------- ------------
24000  Unlabelled  192.168.0.1/32     Hu0/0/0/10   12.1.1.1        1688        
24002  Pop         No ID              Hu0/0/0/11   52.1.1.1        0   <<<

Input/output rate on NCS55A1-1, about 930M

RP/0/RP0/CPU0:55A1-1#monitor interface hundredGigE 0/0/0/10 hundredGigE 0/0/0/11
Fri Aug  9 08:04:44.675 UTC
55A1-1               Monitor Time: 00:01:42          SysUptime: 913:04:28
                     Last Clear:   00:01:00
Protocol:General
Interface             In(bps)      Out(bps)     InBytes/Delta  OutBytes/Delta
Hu0/0/0/10             1000/  0%   933.0M/  0%     7821/0          5.0G/238.4M
Hu0/0/0/11           933.0M/  0%        0/  0%     5.0G/238.4M      133/0     

Quit='q',     Clear='c',    Freeze='f', Thaw='t',
Next set='n', Prev set='p', Bytes='y',  Packets='k'
(General='g', IPv4 Uni='4u', IPv4 Multi='4m', IPv6 Uni='6u', IPv6 Multi='6m')

Input/output rate on NCS55A1-2, about 900M(gre+ip header)

RP/0/RP0/CPU0:55A1-2#monitor interface hundredGigE 0/0/0/10 hundredGigE 0/0/0/11
Fri Aug  9 08:07:22.480 UTC
55A1-2               Monitor Time: 00:01:18          SysUptime: 913:04:34
                     Last Clear:   00:00:26
Protocol:General
Interface             In(bps)      Out(bps)     InBytes/Delta  OutBytes/Delta
Hu0/0/0/10           953.9M/  0%     1000/  0%     6.2G/238.5M     9217/0     
Hu0/0/0/11                0/  0%   900.1M/  0%      266/0          5.8G/225.1M

Quit='q',     Clear='c',    Freeze='f', Thaw='t',
Next set='n', Prev set='p', Bytes='y',  Packets='k'
(General='g', IPv4 Uni='4u', IPv4 Multi='4m', IPv6 Uni='6u', IPv6 Multi='6m')

After checked, both porta belong to NPU0

RP/0/RP0/CPU0:55A1-2#show contr npu voq-usage interface all instance all location 0/0/CPU0
Fri Aug  9 08:12:35.181 UTC

-------------------------------------------------------------------
Node ID: 0/0/CPU0
Intf         Intf     NPU NPU  PP   Sys   VOQ   Flow   VOQ    Port 
name         handle    #  core Port Port  base  base   port   speed
             (hex)                                     type        
----------------------------------------------------------------------
Hu0/0/0/0    d0        0   1   21    21   1024   5384 local   100G
Hu0/0/0/1    d8        0   0   17    17   1032   5400 local   100G
Hu0/0/0/2    e0        0   1   13    13   1040   5400 local   100G
Hu0/0/0/3    e8        0   0    9     9   1048   5416 local   100G
Hu0/0/0/4    f0        0   1    5     5   1056   5416 local   100G
Hu0/0/0/5    f8        0   0    1     1   1064   5432 local   100G
Hu0/0/0/6    100       0   1   69    69   1072   5432 local   100G
Hu0/0/0/7    108       0   0   65    65   1080   5448 local   100G
Hu0/0/0/8    110       0   1   61    61   1088   5448 local   100G
Hu0/0/0/9    118       0   0   57    57   1096   5464 local   100G
Hu0/0/0/10   120       0   1   53    53   1104   5464 local   100G <<<
Hu0/0/0/11   128       0   0   49    49   1112   5480 local   100G <<<
Hu0/0/0/12   130       1   1   21   121   1120   5384 local   100G
Hu0/0/0/13   138       1   0   17   117   1128   5384 local   100G
Hu0/0/0/14   140       1   1   13   113   1136   5400 local   100G
Hu0/0/0/15   148       1   0    9   109   1144   5400 local   100G
Hu0/0/0/16   150       1   1    5   105   1152   5416 local   100G
Hu0/0/0/17   158       1   0    1   101   1160   5416 local   100G
Hu0/0/0/18   160       1   1   69   169   1168   5432 local   100G
Hu0/0/0/19   168       1   0   65   165   1176   5432 local   100G
Hu0/0/0/20   170       1   1   61   161   1184   5448 local   100G
Hu0/0/0/21   178       1   0   57   157   1192   5448 local   100G
Hu0/0/0/22   180       1   1   53   153   1200   5464 local   100G
Hu0/0/0/23   188       1   0   49   149   1208   5464 local   100G

After changing the label to 24003 at tester 5/1

RP/0/RP0/CPU0:55A1-2#show controllers npu stats traps-all instance 0 location 0/0/cpu0 | ex "0         0"
Fri Aug  9 08:48:48.065 UTC

Trap Type                                     NPU  Trap TrapStats   Policer Packet    Packet
                                              ID    ID      ID              Accepted  Dropped
==============================================================================================
RxTrapL2Cache_CDP                             0    30   0x1e        32002   1         0         
RxTrapMplsUnknownLabel                        0    90   0x5a        32020   2995      14419817 <<<  
RxTrapReceive                                 0    150  0x96        32019   5         0         
RxTrapUserDefine_RECEIVE_L2                   0    161  0xa1        32019   7         0         
RP/0/RP0/CPU0:55A1-2#
RP/0/RP0/CPU0:55A1-2#monitor interface hundredGigE 0/0/0/10 hundredGigE 0/0/0/11                         
Fri Aug  9 08:48:58.651 UTC

55A1-2               Monitor Time: 00:00:16          SysUptime: 913:45:08

Protocol:General
Interface             In(bps)      Out(bps)     InBytes/Delta  OutBytes/Delta
Hu0/0/0/10           958.2M/  0%     1000/  0%     2.7T/238.4M    14.6M/0     <<< no output
Hu0/0/0/11                0/  0%        0/  0%   149737/0          2.0T/0     

Quit='q',     Clear='c',    Freeze='f', Thaw='t',
Next set='n', Prev set='p', Bytes='y',  Packets='k'
(General='g', IPv4 Uni='4u', IPv4 Multi='4m', IPv6 Uni='6u', IPv6 Multi='6m')

RP/0/RP0/CPU0:55A1-2#sh mpls for  <<< no 24003
Fri Aug  9 08:49:24.449 UTC
Local  Outgoing    Prefix             Outgoing     Next Hop        Bytes       
Label  Label       or ID              Interface                    Switched    
------ ----------- ------------------ ------------ --------------- ------------
24000  Unlabelled  192.168.0.1/32     Hu0/0/0/10   12.1.1.1        1688        
24002  Pop         No ID              Hu0/0/0/11   52.1.1.1        0  

Capture packets by ERSPAN at NCS55A1-1

IXIA couldn’t capture output data traffic that generates from the port, so we monitor input traffic on 0/0/0/11 of ncs55A1-1, then loop back to IXIA by ERSPAN, then capture income packets on the IXIA port~ 🙂  Attached capture file: erspan.pcapng

Due to only testing, so not add acl on erspan, in production network, maybe need the acl.

RP/0/RP0/CPU0:55A1-1(config-static-afi)#show config
Fri Aug  9 09:05:04.725 UTC
Building configuration...
!! IOS XR Configuration 6.6.1
monitor-session frank ethernet
 destination interface tunnel-ip1
!
interface tunnel-ip1
 ipv4 unnumbered Loopback0
 tunnel mode gre ipv4 encap
 tunnel source Loopback0
 tunnel destination 192.168.0.10
!
router static
 address-family ipv4 unicast
  192.168.0.10/32 HundredGigE0/0/0/11 51.1.1.2
 !
!
interface HundredGigE0/0/0/11
 monitor-session frank ethernet direction rx-only port-level
 !
!
end

RP/0/RP0/CPU0:55A1-1(config-static-afi)# commit

本文出自 Frank's Blog

版权声明:


本文链接:MPLS over GRE on NCS5500
版权声明:本文为原创文章,仅代表个人观点,版权归 Frank Zhao 所有,转载时请注明本文出处及文章链接
你可以留言,或者trackback 从你的网站

留言哦

blonde teen swallows load.xxx videos