LDP VPLS Using BGP Auto-Discovery — Prefer Provisioned SDP

This chapter provides information about LDP VPLS using BGP auto-discovery — prefer provisioned SDP.

Topics in this chapter include:

Applicability

This chapter was initially written for SR OS Release 14.0.R6, but the CLI in the current edition is based on SR OS Release 21.2.R1. BGP Auto-Discovery (BGP-AD) based on RFC 6074 is supported in SR OS Release 6.0, and later. The prefer-provisioned-sdp option is supported in SR OS Release 14.0.R1, and later.

Overview

As described in chapter LDP VPLS Using BGP Auto-Discovery, BGP-AD based on RFC 6074 can auto-create SDP bindings, but an operator can force the system to use a provisioned SDP by specifying the use-provisioned-sdp option. This chapter compares the use-provisioned-sdp option with the prefer-provisioned-sdp option. The chapter describes a migration scenario for a VPLS service with a pseudowire (PW) template binding, restricted to using provisioned SDPs toward a PW template binding preferring to use provisioned SDPs, but auto-creating SDPs in case there is no suitable manually created SDP available.

PW templates

PW templates can be configured with the following command:

*A:PE-1>config>service# pw-template ?
  - pw-template <policy-id> [create] [prefer-provisioned-sdp] [name <name>] 
                                                                      [auto-gre-sdp]
  - no pw-template <policy-id>
  - pw-template <policy-id> use-provisioned-sdp [create] [name <name>]
 
 <policy-id>          : [1..2147483647]
 <use-provisioned-s*> : keyword
 <create>             : keyword - mandatory while creating an entry.
 <prefer-provisione*> : keyword
 <name>               : [64 chars max]
 <auto-gre-sdp>       : keyword
---snip---
  • When the use-provisioned-sdp keyword is added at creation time, the tunnel manager is forced to look for a provisioned and active SDP to the far-end PE. The far-end PE is auto-discovered from the BGP next hop. If multiple SDPs are active to this far-end PE, the tunnel manager chooses the SDP template with the best metric. If there is a tie, the SDP ID is used as a tie-breaker and the highest SDP ID wins. However, if no provisioned SDP exists, the SDP binding will not be instantiated.

  • When the prefer-provisioned-sdp keyword is added at creation time, the behavior is the same as when a provisioned SDP exists. When the tunnel manager finds an existing matching SDP, it will use it even if it is operationally down. Only when no provisioned SDP exists, will the SDP binding be auto-created.

  • When a PW template is created without the use-provisioned-sdp or prefer-provisioned-sdp keyword, the SDP bindings will be auto-created.

LDP VPLS using BGP-AD with use-provisioned-sdp option shows the following use case: the metro Ethernet networks were initially built with provisioned SDPs. Intra-metro services are provisioned using provisioned SDPs; for example, customer X has a VPLS service defined in the metro Ethernet networks, using BGP-AD with a PW template to use the provisioned SDPs in the metro Ethernet networks.

Figure 1. LDP VPLS using BGP-AD with use-provisioned-sdp option

The service provider initially started with PE-10 and PE-11 in metro Ethernet 1, but now wants to add PE-20 and PE-30 as new sites to the VPLS service. Therefore, the BGP-AD routes should propagate beyond the boundaries of the metro Ethernet network. The backbone network may be in a different AS, but in this example, all networks are in the same AS. VPLS 1 of customer X can have sites added to the service on PEs in different metro Ethernet networks. A new PW template is created with the prefer-provisioned-sdp option and applied to the VPLS service.

  • When a new site within the metro Ethernet network is added, an SDP is already provisioned to this site and this SDP is used for the SDP binding in the VPLS.

  • When a new site in a different metro Ethernet network is added, no SDP is available to the site in the remote metro Ethernet network and the SDP binding is auto-created.

LDP VPLS using BGP-AD with prefer-provisioned-sdp option shows the SDP bindings in VPLS 1 between PE-10 and the other PEs. For simplicity, the SDP bindings between the other PEs are not shown.

Figure 2. LDP VPLS using BGP-AD with prefer-provisioned-sdp option

The prefer-provisioned-sdp and use-provisioned-sdp options can only be defined at creation time, implying that existing PW templates cannot be changed from prefer-provisioned-sdp to use-provisioned-sdp and vice versa. To support migration from one PW template to another with minimal service impact, two PW templates can be applied in parallel, as shown in the Configuration section.

Configuration

Example topology shows the example topology. For simplicity, all nodes are in the same AS.

Figure 3. Example topology

The initial configuration includes the following:

  • Cards, MDAs, ports

  • Router interfaces

  • IS-IS as IGP (or OSPF) on all interfaces

  • MPLS and RSVP on all interfaces, except "int-P-4-P-6" and "int-P-5-P-6".

  • LDP on all interfaces

BGP is configured on all PE routers for address family l2-vpn, as follows:

# on PE-1, PE-2, PE-3:
configure
    router Base
        autonomous-system 64496
        bgp
            group "internal"
                family l2-vpn
                peer-as 64496
                neighbor 192.0.2.6
                exit
            exit

The BGP configuration on the route reflector (RR) P-6 is as follows:

# on P-6:
configure
    router Base
        autonomous-system 64496
        bgp
            group "rr-internal"
                family l2-vpn
                cluster 1.1.1.1
                peer-as 64496
                neighbor 192.0.2.1
                exit
                neighbor 192.0.2.2
                exit
                neighbor 192.0.2.3
                exit
            exit

On PE-1 and PE-2 in metro Ethernet network 1, an RSVP LSP is created that is used in a manually created SDP. The LSP configuration on PE-1 is as follows:

# on PE-1:
configure 
    router Base
        mpls
            path "loose"
                no shutdown
            exit
            lsp "LSP-PE-1-PE-2"
                to 192.0.2.2
                primary "loose"
                exit
                no shutdown
            exit
            no shutdown

On PE-1, SDP 12 is configured as follows:

# on PE-1:
configure
    service
        sdp 12 mpls create
            description "SDP12 to 192.0.2.2"
            far-end 192.0.2.2
            lsp "LSP-PE-1-PE-2"
            keep-alive
                shutdown
            exit
            no shutdown
        exit

The configuration on PE-2 is similar.

LDP VPLS using AD without prefer-provisioned-sdp option

Initially, the following two PW templates are created on all PEs: PW template 1 has the use-provisioned-sdp option and PW template 2 is created without any option; therefore, SDP bindings will be auto-created.

# on PE-1, PE-2, PE-3:
configure
    service
        pw-template 1 name "PW 1" use-provisioned-sdp create
        exit
        pw-template 2 name "PW 2" create
        exit

The following lists the PW templates configured on PE-1:

*A:PE-1# show service pw-template
 
===============================================================================
PW Template information
===============================================================================
PW Template Id      SDP                           Last Update
-------------------------------------------------------------------------------
1                   Use-provisioned               04/01/2021 08:47:29
2                   Auto-mpls                     04/01/2021 08:07:06
===============================================================================

On all PEs, two VPLS services are created: VPLS 1 with BGP-AD PW template 1 and VPLS 2 with PW template 2, as follows:

# on PE-1, PE-2, PE-3:
configure 
    service
        vpls 1 name "VPLS 1" customer 1 create
            bgp
                route-distinguisher 64496:1
                route-target export target:64496:1 import target:64496:1
                pw-template-binding 1
                exit
            exit
            bgp-ad
                vpls-id 64496:1
                no shutdown
            exit
            stp
                shutdown
            exit
            sap 1/2/1:1 create
                no shutdown
            exit
            no shutdown
        exit
        vpls 2 name "VPLS 2" customer 1 create
            bgp
                route-distinguisher 64496:2
                route-target export target:64496:2 import target:64496:2
                pw-template-binding 2 import-rt "target:64496:2"
                exit
            exit
            bgp-ad
                vpls-id 64496:2
                no shutdown
            exit
            stp
                shutdown
            exit
            sap 1/2/1:2 create
                no shutdown
            exit
            no shutdown
        exit

On PE-1, the following SDP bindings have been created:

*A:PE-1# show service sdp-using
 
===============================================================================
SDP Using
===============================================================================
SvcId      SdpId              Type   Far End              Opr   I.Label E.Label
                                                          State
-------------------------------------------------------------------------------
1          12:4294967295      BgpAd  192.0.2.2            Up    524280  524280
2          32766:4294967293   BgpAd  192.0.2.3            Up    524278  524280
2          32767:4294967294   BgpAd  192.0.2.2            Up    524279  524279
-------------------------------------------------------------------------------
Number of SDPs : 3
-------------------------------------------------------------------------------
===============================================================================

The first SDP binding is created by BGP-AD in VPLS 1 and uses the configured SDP 12 with far-end PE-2; the other two SDP bindings have been auto-created by BGP-AD in VPLS 2 and have far-end PE-2 and PE-3.

The list of SDP bindings on PE-2 looks similar:

*A:PE-2# show service sdp-using
 
===============================================================================
SDP Using
===============================================================================
SvcId      SdpId              Type   Far End              Opr   I.Label E.Label
                                                          State
-------------------------------------------------------------------------------
1          21:4294967295      BgpAd  192.0.2.1            Up    524280  524280
2          32766:4294967293   BgpAd  192.0.2.3            Up    524278  524281
2          32767:4294967294   BgpAd  192.0.2.1            Up    524279  524279
-------------------------------------------------------------------------------
Number of SDPs : 3
-------------------------------------------------------------------------------
===============================================================================

On PE-3, there are only two SDP bindings, both in VPLS 2:

*A:PE-3# show service sdp-using
 
===============================================================================
SDP Using
===============================================================================
SvcId      SdpId              Type   Far End              Opr   I.Label E.Label
                                                          State
-------------------------------------------------------------------------------
2          32766:4294967294   BgpAd  192.0.2.1            Up    524280  524278
2          32767:4294967295   BgpAd  192.0.2.2            Up    524281  524278
-------------------------------------------------------------------------------
Number of SDPs : 2
-------------------------------------------------------------------------------
===============================================================================

Log "99" on PE-3 shows that the system failed to create a dynamic BGP-L2VPN SDP binding because no provisioned SDP was found, as follows:

77 2021/04/01 08:49:00.672 UTC MAJOR: SVCMGR #2322 Base 
"The system failed to create a dynamic bgp-l2vpn SDP Bind  in service 1 with SDP 
pw-template policy 1 for the following reason: suitable manual SDP not found."

SDP bindings in VPLS 1 with use-provisioned-sdp option shows the SDPs used in VPLS 1. PE-1 and PE-2 both used the provisioned SDP. PE-3 has no SDP bindings in VPLS 1.

Figure 4. SDP bindings in VPLS 1 with use-provisioned-sdp option

Auto-created SDP bindings in VPLS 2 shows the auto-created SDP bindings in VPLS 2. Each PE has two auto-created SDP bindings to each other PE.

Figure 5. Auto-created SDP bindings in VPLS 2

Migrate VPLS 1 to prefer-provisioned-sdp option

VPLS 1 uses PW template 1 with the use-provisioned-sdp option. This option is defined at creation time and cannot be modified afterward, as follows:

*A:PE-1>config>service# pw-template 1 prefer-provisioned-sdp
MINOR: CLI The prefer-provisioned-sdp option cannot be modified after creation.

The following steps are needed to migrate to another PW template with the prefer-provisioned-sdp option without service outage:

  1. Create new PW template with prefer-provisioned-sdp option.

  2. Add new PW template binding to VPLS and verify which PW template is used.

  3. Modify old PW template binding to make it not usable.

  4. Launch tools command to re-evaluate old PW template in the VPLS.

  5. When the old PW template is not used anymore, remove PW template binding from the VPLS configuration.

A new PW template with the prefer-provisioned-sdp option is configured on all PEs, as follows:

# on PE-1, PE-2, PE-3:
configure
    service
        pw-template 10 name "PW 10" prefer-provisioned-sdp create
        exit

An additional PW template binding is configured in VPLS 1 on all PEs, as follows:

# on PE-1, PE-2, PE-3:
configure
    service
        vpls "VPLS 1"
            bgp
                pw-template-binding 10
                exit

The configuration of VPLS 1 includes two PW template bindings, as follows:

*A:PE-1>config>service>vpls# info 
----------------------------------------------
            bgp
                route-distinguisher 64496:1
                route-target export target:64496:1 import target:64496:1
                pw-template-binding 1
                exit
                pw-template-binding 10
                exit
            exit
            bgp-ad
                vpls-id 64496:1
                no shutdown
            exit
            stp
                shutdown
            exit
            sap 1/2/1:1 create
                no shutdown
            exit
            no shutdown

The following shows that no additional SDP bindings have been created. The only SDP binding in VPLS 1 on PE-1 uses the provisioned SDP 12.

*A:PE-1# show service id 1 sdp
 
===============================================================================
Services: Service Destination Points
===============================================================================
SdpId            Type     Far End addr    Adm     Opr       I.Lbl     E.Lbl
-------------------------------------------------------------------------------
12:4294967295    BgpAd    192.0.2.2       Up      Up        524280    524280
-------------------------------------------------------------------------------
Number of SDPs : 1
-------------------------------------------------------------------------------
===============================================================================

The following shows that PW template 1 was used for the creation of the SDP binding:

*A:PE-1# show service id 1 sdp detail | match "SDP Id|PW-Template Id" expression 
SDP Id             : 12:4294967295            Type              : BgpAd
PW-Template Id     : 1                        

The PW template 10 has a higher ID than PW template 1 and is not used. Re-evaluating the PW template binding for PW template 1 in VPLS 1 will make no difference if both PW templates are usable. However, PW template 1 can be made unusable by adding a dummy import-rt not matching any route in the VPLS, as follows:

# on PE-1, PE-2, PE-3:
configure 
    service 
        vpls "VPLS 1" 
            bgp 
                pw-template-binding 1 import-rt "target:111:111"
                exit
            exit

As a result, PW template 10 with the prefer-provisioned-sdp option is used for the automatic creation of SDP bindings where no provisioned SDP is available, as follows:

*A:PE-1# show service id 1 sdp
 
===============================================================================
Services: Service Destination Points
===============================================================================
SdpId            Type     Far End addr    Adm     Opr       I.Lbl     E.Lbl
-------------------------------------------------------------------------------
12:4294967295    BgpAd    192.0.2.2       Up      Up        524280    524280
32766:4294967292 BgpAd    192.0.2.3       Up      Up        524277    524278
-------------------------------------------------------------------------------
Number of SDPs : 2
-------------------------------------------------------------------------------
===============================================================================

For the first SDP binding, PW template 1 is used, and for the second SDP binding, PW template 10 is used, as follows:

*A:PE-1# show service id 1 sdp detail | match "SDP Id|PW-Template Id" expression
SDP Id             : 12:4294967295            Type              : BgpAd
PW-Template Id     : 1
SDP Id             : 32766:4294967292         Type              : BgpAd
PW-Template Id     : 10

The following command forces the system to re-evaluate PW template 1 in VPLS 1:

*A:PE-1# tools perform service id 1 eval-pw-template 1 allow-service-impact
eval-pw-template succeeded for Svc 1 12:4294967295 Policy 1

As a result, only PW template 10 is used for the creation of SDP bindings in VPLS 1, as follows:

*A:PE-1# show service id 1 sdp detail | match "SDP Id|PW-Template Id" expression
SDP Id             : 12:4294967291            Type              : BgpAd
PW-Template Id     : 10
SDP Id             : 32766:4294967292         Type              : BgpAd
PW-Template Id     : 10

PW template 1 is not used anymore and can be removed from the VPLS configuration, as follows:

# on PE-1, PE-2, PE-3:
configure 
    service 
        vpls "VPLS 1"
            bgp 
                no pw-template-binding 1
            exit

The configuration of VPLS 1 on PE-1 contains only a PW template binding for PW template 10, as follows:

*A:PE-1>config>service>vpls# info
----------------------------------------------
            bgp
                route-distinguisher 64496:1
                route-target export target:64496:1 import target:64496:1
                pw-template-binding 10
                exit
            exit
            bgp-ad
                vpls-id 64496:1
                no shutdown
            exit
            stp
                shutdown
            exit
            sap 1/2/1:1 create
                no shutdown
            exit
            no shutdown
----------------------------------------------

SDP bindings in VPLS 1 with prefer-provisioned-sdp option shows the SDP bindings in VPLS 1 with the prefer-provisioned-sdp option. Within metro Ethernet network 1, the provisioned SDP is used, and between metro Ethernet networks, auto-created SDP bindings are used.

Figure 6. SDP bindings in VPLS 1 with prefer-provisioned-sdp option

Conclusion

LDP VPLS using BGP-AD allows the creation of SDP bindings that are either auto-created or that use provisioned SDPs. When the prefer-provisioned-sdp option is used, the tunnel manager will look for a provisioned and active SDP to the far end and use it, if available, even if it is down. When no provisioned SDP is available, the system will auto-create an SDP binding.