FRRouting added basic Segment Routing support, see Issue 2639 in the FRRouting version 7.x. In this blog is a networking lab setup using the OSPF SR implementation.

This demo shows the Segment Routing working using MPLS data plane and IS-IS. FRRouting 8.3.1 supports following features in context of the IS-IS SR segment routing:

  • IPv4
  • IPv6
  • ECMP

Segment Routing SR used here relies on the MPLS linux kernel modules to be available and loaded in the kernel. Main focus is SR running using MPLS data plane.

Using MPLS dataplane, segments are encoded as a list of MPLS labels. But using IPv6 dataplane, a new header called a Segment Routing Header (SRH) is used. Segments in a SRH are encoded as a list of IPv6 addresses. Read RFC8287 - Label Switched Path (LSP) Ping/Traceroute for Segment Routing (SR) IGP-Prefix and IGP-Adjacency Segment Identifiers (SIDs) with MPLS Data Planes.

Network topology

Network topology with IP adressing:

       lo                                          lo
    192.0.2.1                                   192.0.2.2
  2001:db8:1111::                             2001:db8:2222::
    +-------+                                   +-------+
    |       | eth0                         eth0 |       | eth2
    |  R1   |-----------------------------------|  R2   |---------------+
    |       | .1/30                       .2/30 |       | .17/30        |
    +-------+                                   +-------+               |
   eth1 | .14/30                              .5/30 | eth1              |
        |                                           |                   |
        |                                           |                   |
        |                                           |            .18/30 | eth2
        |                                           |               +-------+
        |                                           |               |       |     lo
        |                                           |               |  R5   |   192.0.2.5
        |                                           |               |       | 2001:db8:5555::
        |                                           |                +-------+
        |                                           |             .21/30 | eth3
        |                                           |                    |
        |                                           |                    |
   eth1 | .13/30                              .6/30 | eth1               |
    +-------+                                   +-------+                |
    |       | .10/30                      .9/30 |       | .22/30         |
    |  R4   |-----------------------------------|  R3   |----------------+
    |       | eth0                         eth0 |       | eth3
    +-------+                                   +-------+
       lo                                          lo
    192.0.2.4                                   192.0.2.3
  2001:db8:4444::                             2001:db8:3333::

5 routers. Partial mesh network topology. Point-to-point links.

IP address overview:

  • FRR1 - 192.0.2.1/2001:db8:1111::/128
  • FRR2 - 192.0.2.2/2001:db8:2222::/128
  • FRR3 - 192.0.2.3/2001:db8:3333::/128
  • FRR4 - 192.0.2.4/2001:db8:4444::/128
  • FRR5 - 192.0.2.5/2001:db8:5555::/128

NSAP address overview:

  • FRR1 - NET 49.0001.1111.1111.1111.00
  • FRR2 - NET 49.0001.2222.2222.2222.00
  • FRR3 - NET 49.0001.3333.3333.3333.00
  • FRR4 - NET 49.0001.4444.4444.4444.00
  • FRR5 - NET 49.0001.5555.5555.5555.00

Setup this topology using the GNS3 network simulator.

Configuration

Current implementation uses the IS-IS SPF algorithm to calculate the network topology. The configuration consists of 2 parts:

  • 1st part - Configure IS-IS on routers to get IPv4 and IPv6 reachability in the network
  • 2nd part - Enable SR IS-IS MPLS dataplane forwarding

IS-IS process

  • Create IS-IS router process and assign a net address.
  • Create lo IPv4/IPv6 address and announce to L2.
  • Configure IPv4 point-to-point links between network routers use (/30) transfer networks.

Initial router configuration for FRR1

  • Point-to-point topology
  • IS-type level-2-only
  • Interface lo isis passive

Explanation why lo isis passive, and what it does, in short:

advertise prefix, but do NOT try to establish IS-IS neighborship using the loopback interface-

Initial FRR1 router configuration:

configure
!
hostname FRR1
log syslog
!
router isis 1
 is-type level-2-only
 net 49.0001.1111.1111.1111.00
 log-adjacency-changes
    exit 
!
interface lo
 ip address 192.0.2.1/32
 ipv6 address 2001:db8:1111::/128
 ipv6 router isis 1
 isis passive
exit
!
interface eth0
 ip address 10.0.0.1/30
 ip router isis 1
 ipv6 router isis 1
 isis network point-to-point
exit
!
interface eth1
 ip address 10.0.0.14/30
 ip router isis 1
 ipv6 router isis 1
 isis network point-to-point
end
write

Configuration steps shown for FRR1, need to be adjusted to match correct settings for other routers in the network topology. Initial configuration for all 5 routers is available below:

Verification

Verify reachability of the IPv4 loopback prefixes:

show ip route

FRR1# show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR,
       f - OpenFabric,
       > - selected route, * - FIB route, q - queued, r - rejected, b - backup
       t - trapped, o - offload failure

I   10.0.0.0/30 [115/20] via 10.0.0.2, eth0 inactive, weight 1, 00:16:10
C>* 10.0.0.0/30 is directly connected, eth0, 00:16:41
I>* 10.0.0.4/30 [115/20] via 10.0.0.2, eth0, weight 1, 00:16:10
I>* 10.0.0.8/30 [115/20] via 10.0.0.13, eth1, weight 1, 00:15:05
I   10.0.0.12/30 [115/20] via 10.0.0.13, eth1 inactive, weight 1, 00:15:05
C>* 10.0.0.12/30 is directly connected, eth1, 00:16:41
I>* 10.0.0.16/30 [115/20] via 10.0.0.2, eth0, weight 1, 00:16:10
I>* 10.0.0.20/30 [115/30] via 10.0.0.2, eth0, weight 1, 00:12:32
*                       via 10.0.0.13, eth1, weight 1, 00:12:32
C>* 192.0.2.1/32 is directly connected, lo, 00:16:41
I>* 192.0.2.2/32 [115/20] via 10.0.0.2, eth0, label implicit-null, weight 1, 00:15:58
I>* 192.0.2.3/32 [115/30] via 10.0.0.2, eth0, label 16003, weight 1, 00:15:05
*                       via 10.0.0.13, eth1, label 16003, weight 1, 00:15:05
I>* 192.0.2.4/32 [115/20] via 10.0.0.13, eth1, label implicit-null, weight 1, 00:15:05
I>* 192.0.2.5/32 [115/30] via 10.0.0.2, eth0, label 16005, weight 1, 00:14:43

show ipv6 route

Verify if the IPv6 loopback prefixes are in the routing table:

FRR1# show ipv6 route
Codes: K - kernel route, C - connected, S - static, R - RIPng,
       O - OSPFv3, I - IS-IS, B - BGP, N - NHRP, T - Table,
       v - VNC, V - VNC-Direct, A - Babel, F - PBR,
       f - OpenFabric,
       > - selected route, * - FIB route, q - queued, r - rejected, b - backup
       t - trapped, o - offload failure

C>* 2001:db8:1111::/128 is directly connected, lo, 00:16:38
I>* 2001:db8:2222::/128 [115/20] via fe80::e62:32ff:fe9c:0, eth0, label implicit-null, weight 1, 00:15
I>* 2001:db8:3333::/128 [115/30] via fe80::e2c:92ff:feaa:1, eth1, label 16333, weight 1, 00:15:02
*                              via fe80::e62:32ff:fe9c:0, eth0, label 16333, weight 1, 00:15:02
I>* 2001:db8:4444::/128 [115/20] via fe80::e2c:92ff:feaa:1, eth1, label implicit-null, weight 1, 00:12
I>* 2001:db8:5555::/128 [115/30] via fe80::e62:32ff:fe9c:0, eth0, label 16555, weight 1, 00:14:40
C * fe80::/64 is directly connected, eth0, 00:32:13
C>* fe80::/64 is directly connected, eth1, 00:32:14

show isis interface

Verify all interfaces are L2, and have network type p2p:

FRR1# show isis interface
Area 1:
  Interface   CircId   State    Type     Level
  eth0        0x0      Up       p2p      L2
  eth2        0x0      Up       p2p      L2
  lo          0x0      Up       loopback L2

Area 1 term refers to the NSAP set for the router isis 1 net 49.0001.1111.1111.1111.00address AFI set to 49, Area number is set to 0001; System-id is set to 1111.1111.1111, and SEL is set to 00.

show isis hostname

Show the routers in the 0001 Area 1 with Level and the VRF assigned, here default vrf, primary default global routing table:

FRR1# show isis hostname
vrf     : default
Level  System ID      Dynamic Hostname
2      4444.4444.4444 FRR4
2      2222.2222.2222 FRR2
2      3333.3333.3333 FRR3
2      5555.5555.5555 FRR5
     * 1111.1111.1111 FRR1

The *symbol shows the router running the command.

show isis database detail

Every IS-IS router has full visibilty of the area neighbor and its advertised and connected links. Interestingly the TE Router ID is already set per default for IPv4 and IPv6 address family. Notice in the output shown below, only IP information is available in the database, this will change once IS-IS SR is enabled.

FRR1# show isis database detail
Area 1:
IS-IS Level-2 link-state database:
LSP ID                  PduLen  SeqNumber   Chksum  Holdtime  ATT/P/OL
FRR1.00-00           *    139   0x0000000a  0x8e8e    1010    0/0/0
  Protocols Supported: IPv4, IPv6
  Area Address: 49.0001
  Hostname: FRR1
  TE Router ID: 192.0.2.1
  Router Capability: 192.0.2.1 , D:0, S:0
  Extended Reachability: 2222.2222.2222.00 (Metric: 10)
  Extended Reachability: 4444.4444.4444.00 (Metric: 10)
  IPv4 Interface Address: 192.0.2.1
  Extended IP Reachability: 10.0.0.0/30 (Metric: 10)
  Extended IP Reachability: 10.0.0.12/30 (Metric: 10)
  Extended IP Reachability: 192.0.2.1/32 (Metric: 10)
  IPv6 Reachability: 2001:db8:1111::/128 (Metric: 10)

FRR2.00-00                159   0x00000007  0x0ef8     495    0/0/0
  Protocols Supported: IPv4, IPv6
  Area Address: 49.0001
  Hostname: FRR2
  TE Router ID: 192.0.2.2
  Router Capability: 192.0.2.2 , D:0, S:0
  Extended Reachability: 1111.1111.1111.00 (Metric: 10)
  Extended Reachability: 3333.3333.3333.00 (Metric: 10)
  Extended Reachability: 5555.5555.5555.00 (Metric: 10)
  IPv4 Interface Address: 192.0.2.2
  Extended IP Reachability: 10.0.0.0/30 (Metric: 10)
  Extended IP Reachability: 10.0.0.4/30 (Metric: 10)
  Extended IP Reachability: 10.0.0.16/30 (Metric: 10)
  Extended IP Reachability: 192.0.2.2/32 (Metric: 10)
  IPv6 Reachability: 2001:db8:2222::/128 (Metric: 10)

FRR3.00-00                159   0x00000007  0x4f51     465    0/0/0
  Protocols Supported: IPv4, IPv6
  Area Address: 49.0001
  Hostname: FRR3
  TE Router ID: 192.0.2.3
  Router Capability: 192.0.2.3 , D:0, S:0
  Extended Reachability: 4444.4444.4444.00 (Metric: 10)
  Extended Reachability: 2222.2222.2222.00 (Metric: 10)
  Extended Reachability: 5555.5555.5555.00 (Metric: 10)
  IPv4 Interface Address: 192.0.2.3
  Extended IP Reachability: 10.0.0.8/30 (Metric: 10)
  Extended IP Reachability: 10.0.0.4/30 (Metric: 10)
  Extended IP Reachability: 10.0.0.20/30 (Metric: 10)
  Extended IP Reachability: 192.0.2.3/32 (Metric: 10)
  IPv6 Reachability: 2001:db8:3333::/128 (Metric: 10)

FRR4.00-00                139   0x00000007  0x2f0d     414    0/0/0
  Protocols Supported: IPv4, IPv6
  Area Address: 49.0001
  Hostname: FRR4
  TE Router ID: 192.0.2.4
  Router Capability: 192.0.2.4 , D:0, S:0
  Extended Reachability: 3333.3333.3333.00 (Metric: 10)
  Extended Reachability: 1111.1111.1111.00 (Metric: 10)
  IPv4 Interface Address: 192.0.2.4
  Extended IP Reachability: 10.0.0.8/30 (Metric: 10)
  Extended IP Reachability: 10.0.0.12/30 (Metric: 10)
  Extended IP Reachability: 192.0.2.4/32 (Metric: 10)
  IPv6 Reachability: 2001:db8:4444::/128 (Metric: 10)

FRR5.00-00                139   0x00000007  0x3ff8     466    0/0/0
  Protocols Supported: IPv4, IPv6
  Area Address: 49.0001
  Hostname: FRR5
  TE Router ID: 192.0.2.5
  Router Capability: 192.0.2.5 , D:0, S:0
  Extended Reachability: 2222.2222.2222.00 (Metric: 10)
  Extended Reachability: 3333.3333.3333.00 (Metric: 10)
  IPv4 Interface Address: 192.0.2.5
  Extended IP Reachability: 10.0.0.16/30 (Metric: 10)
  Extended IP Reachability: 10.0.0.20/30 (Metric: 10)
  Extended IP Reachability: 192.0.2.5/32 (Metric: 10)
  IPv6 Reachability: 2001:db8:5555::/128 (Metric: 10)

  5 LSPs

show mpls table

The MPLS table is at this point empty. No LDP labels, no segment routing ID:

show mpls table

Empty MPLS table.

iproute2

Exit vtysh:

exit

Show the ip routing table using iproute2. Notice the information in the linux kernel IP routing table that are attached to the different paths:

user % ip route

10.0.0.0/30 dev eth0 proto kernel scope link src 10.0.0.1 10.0.0.4/30 nhid 18 via 10.0.0.2 dev eth0 proto isis metric 20 10.0.0.8/30 nhid 17 via 10.0.0.13 dev eth1 proto isis metric 20 10.0.0.12/30 dev eth1 proto kernel scope link src 10.0.0.14 10.0.0.16/30 nhid 18 via 10.0.0.2 dev eth0 proto isis metric 20 10.0.0.20/30 nhid 25 proto isis metric 20 nexthop via 10.0.0.13 dev eth1 weight 1 nexthop via 10.0.0.2 dev eth0 weight 1 192.0.2.2 nhid 18 via 10.0.0.2 dev eth0 proto isis metric 20 192.0.2.3 nhid 25 proto isis metric 20 nexthop via 10.0.0.13 dev eth1 weight 1 nexthop via 10.0.0.2 dev eth0 weight 1 192.0.2.4 nhid 17 via 10.0.0.13 dev eth1 proto isis metric 20

Show the IPv6 show ipv6 routing table. The IS-IS neighborship is establishe via LL addressing in IPv6. Transfer networks are missing from the routing table, less configuration overhead. This results in smaller routing table and less routing entries:

user % ip -6 route

2001:db8:1111:: dev lo proto kernel metric 256 pref medium 2001:db8:2222:: nhid 19 via fe80::e83:8ff:fee0:0 dev eth0 proto isis metric 20 pref medium 2001:db8:3333:: nhid 26 proto isis metric 20 pref medium nexthop via fe80::e83:8ff:fee0:0 dev eth0 weight 1 nexthop via fe80::e21:b0ff:fe24:1 dev eth1 weight 1 2001:db8:4444:: nhid 20 via fe80::e21:b0ff:fe24:1 dev eth1 proto isis metric 20 pref medium 2001:db8:5555:: nhid 19 via fe80::e83:8ff:fee0:0 dev eth0 proto isis metric 20 pref medium fe80::/64 dev eth1 proto kernel metric 256 pref medium fe80::/64 dev eth0 proto kernel metric 256 pref medium

At this point IPv4 and IPv6 and ECMP are working using IS-IS. Next step enable IS-IS segment routing.

SR Segment Routing

Each prefix needs to have a index assigned. Index configured in the SR MUST be a uniq accross the segment routing domain:

configure
!
router isis 1
 segment-routing on
 segment-routing node-msd 8
 segment-routing prefix 192.0.2.1/32 index 3
 segment-routing prefix 2001:db8:3333::/128 index 333
end

Segment-routing node-msd 8 sets, this router sets the maximal count of SR labels, labels, network instructions, encoded in the MPLS plane, this router is willing to accept. Inline help says: Maximum Stack Depth for this router.

The default SR global block is set to the default range of 16000 - 23999. 8000 uniqe segments per SR area to assign. This is a SR default out of the box setting across all networking vendors.

Configuration should be adjusted to match the network topology setup. All router fully working configurations are available below:

Verification

Following commands are used to show the routing protocol information using IS-IS:

show isis database

FRR1# show isis database
Area 1:
IS-IS Level-2 link-state database:
LSP ID                  PduLen  SeqNumber   Chksum  Holdtime  ATT/P/OL
FRR1.00-00           *    273   0x0000001b  0x5102     370    0/0/0
FRR2.00-00                290   0x00000017  0x1d7b     384    0/0/0
FRR3.00-00                290   0x00000019  0xefcf     414    0/0/0
FRR4.00-00                242   0x0000000c  0x2351     325    0/0/0
FRR5.00-00                273   0x0000001b  0x70b0     377    0/0/0
    5 LSPs

show mpls table

Display MPLS label distribution. Take a look at the Inbound Label ID. It is assigning Labels for IPv4 and IPv6 prefixes. Sements Routing labels using the IPv4 MPLS dataplane.

FRR1# show mpls table
 Inbound Label  Type        Nexthop                Outbound Label
 ------------------------------------------------------------------
 15000          SR (IS-IS)  10.0.0.2               implicit-null
 15001          SR (IS-IS)  fe80::e62:32ff:fe9c:0  implicit-null
 15002          SR (IS-IS)  10.0.0.13              implicit-null
 15003          SR (IS-IS)  fe80::e2c:92ff:feaa:1  implicit-null
 16002          SR (IS-IS)  10.0.0.2               implicit-null
 16003          SR (IS-IS)  10.0.0.13              16003
 16003          SR (IS-IS)  10.0.0.2               16003
 16004          SR (IS-IS)  10.0.0.13              implicit-null
 16005          SR (IS-IS)  10.0.0.2               16005
 16222          SR (IS-IS)  fe80::e62:32ff:fe9c:0  implicit-null
 16333          SR (IS-IS)  fe80::e2c:92ff:feaa:1  16333
 16333          SR (IS-IS)  fe80::e62:32ff:fe9c:0  16333
 16444          SR (IS-IS)  fe80::e2c:92ff:feaa:1  implicit-null
 16555          SR (IS-IS)  fe80::e62:32ff:fe9c:0  16555

Note the Inbound labels prefixed with 15xxx shown in the table. This is the SRLB range label

show isis summary

FRR1# show isis summary
vrf             : default
Process Id      : 1830
System Id       : 1111.1111.1111
Up time         : 03:02:23 ago
Number of areas : 1
Area 1:
  Net: 49.0001.1111.1111.1111.00
  TX counters per PDU type:
    P2P IIH: 7682
     L2 LSP: 17
    L2 CSNP: 2432
    L2 PSNP: 11
   LSP RXMT: 0
  RX counters per PDU type:
    P2P IIH: 7671
     L2 LSP: 15
    L2 CSNP: 2428
    L2 PSNP: 12
  Level-2:
    LSP0 regenerated: 5
         LSPs purged: 0
    SPF:
      minimum interval  : 5r
    IPv4 route computation:
      last run elapsed  : 03:00:18 ago
      last run duration : 186 usec
      run count         : 11
    IPv6 route computation:
      last run elapsed  : 03:00:18 ago
      last run duration : 68 usec
      run count         : 11

show isis neighbor detail

FRR1# show isis neighbor detail
Area 1:
 FRR2
    Interface: eth0, Level: 2, State: Up, Expires in 30s
    Adjacency flaps: 1, Last: 1h22m25s ago
    Circuit type: L2, Speaks: IPv4, IPv6
    SNPA: 2020.2020.2020
    Area Address(es):
      49.0001
    IPv4 Address(es):
      10.0.0.2
    IPv6 Address(es):
      fe80::e83:8ff:fee0:0
    IPv4 Adjacency-SID: 15002
    IPv6 Adjacency-SID: 15003

 FRR3
    Interface: eth1, Level: 2, State: Up, Expires in 28s
    Adjacency flaps: 1, Last: 1h22m33s ago
    Circuit type: L2, Speaks: IPv4, IPv6
    SNPA: 2020.2020.2020
    Area Address(es):
      49.0001
    IPv4 Address(es):
      10.0.0.13
    IPv6 Address(es):
      fe80::e21:b0ff:fe24:1
    IPv4 Adjacency-SID: 15000
    IPv6 Adjacency-SID: 15001

show isis database

Display the database information about the FRR5 router. Notice now the added database information since the addition of SR:

  • SRGB
  • SR Algorithm
  • SR Prefix-SID
  • Adjenceny-SID
  • Additional FLAGS

This is the database of FRR5 known to FRR1:

FRR1# show isis database detail FRR5.00-00
Area 1:
IS-IS Level-2 link-state database:
LSP ID                  PduLen  SeqNumber   Chksum  Holdtime  ATT/P/OL
FRR5.00-00                214   0x00000009  0xed02     777    0/0/0
  Protocols Supported: IPv4, IPv6
  Area Address: 49.0001
  Hostname: FRR5
  TE Router ID: 192.0.2.5
  Router Capability: 192.0.2.5 , D:0, S:0
    Segment Routing: I:1 V:1, Global Block Base: 16000 Range: 8000
    SR Local Block Base: 15000 Range: 1000
    SR Algorithm:
      0: SPF
    Node Maximum SID Depth: 8
  Extended Reachability: 2222.2222.2222.00 (Metric: 10)
    Adjacency-SID: 15000, Weight: 0, Flags: F:0 B:0, V:1, L:1, S:0, P:0
    Adjacency-SID: 15001, Weight: 0, Flags: F:1 B:0, V:1, L:1, S:0, P:0
  Extended Reachability: 3333.3333.3333.00 (Metric: 10)
    Adjacency-SID: 15002, Weight: 0, Flags: F:0 B:0, V:1, L:1, S:0, P:0
    Adjacency-SID: 15003, Weight: 0, Flags: F:1 B:0, V:1, L:1, S:0, P:0
  IPv4 Interface Address: 192.0.2.5
  Extended IP Reachability: 10.0.0.16/30 (Metric: 10)
  Extended IP Reachability: 10.0.0.20/30 (Metric: 10)
  Extended IP Reachability: 192.0.2.5/32 (Metric: 10)
    Subtlvs:
      SR Prefix-SID Index: 5, Algorithm: 0, Flags: NODE PHP
  IPv6 Reachability: 2001:db8:5555::/128 (Metric: 10)
    Subtlvs:
      SR Prefix-SID Index: 555, Algorithm: 0, Flags: NODE PHP

All routers in L2 have full visibility of the Level-2. Each router calculates paths from its own point of view.

show isis topology

The show isis topology command, indicates that using the MPLS dataplane, it does it even for IPv6:

FRR1# show isis topology
Area 1:
IS-IS paths to level-2 routers that speak IP
Vertex               Type         Metric Next-Hop             Interface Parent
FRR1
10.0.0.0/30          IP internal  0                                     FRR1(4)
10.0.0.12/30         IP internal  0                                     FRR1(4)
192.0.2.1/32         IP internal  0                                     FRR1(4)
FRR2                 TE-IS        10     FRR2                 eth0      FRR1(4)
FRR4                 TE-IS        10     FRR4                 eth1      FRR1(4)
FRR3                 TE-IS        20     FRR2                 eth0      FRR2(4)
                                        FRR4                 eth1      FRR4(4)
FRR5                 TE-IS        20     FRR2                 eth0      FRR2(4)
10.0.0.0/30          IP TE        20     FRR2                 eth0      FRR2(4)
10.0.0.4/30          IP TE        20     FRR2                 eth0      FRR2(4)
10.0.0.16/30         IP TE        20     FRR2                 eth0      FRR2(4)
192.0.2.2/32         IP TE        20     FRR2                 eth0      FRR2(4)
10.0.0.8/30          IP TE        20     FRR4                 eth1      FRR4(4)
10.0.0.12/30         IP TE        20     FRR4                 eth1      FRR4(4)
192.0.2.4/32         IP TE        20     FRR4                 eth1      FRR4(4)
10.0.0.20/30         IP TE        30     FRR2                 eth0      FRR3(4)
                                        FRR4                 eth1      FRR5(4)
192.0.2.3/32         IP TE        30     FRR2                 eth0      FRR3(4)
                                        FRR4                 eth1
192.0.2.5/32         IP TE        30     FRR2                 eth0      FRR5(4)

IS-IS paths to level-2 routers that speak IPv6
Vertex               Type         Metric Next-Hop             Interface Parent
FRR1
2001:db8:1111::/128  IP6 internal 0                                     FRR1(4)
FRR2                 TE-IS        10     FRR2                 eth0      FRR1(4)
FRR4                 TE-IS        10     FRR4                 eth1      FRR1(4)
FRR3                 TE-IS        20     FRR2                 eth0      FRR2(4)
                                        FRR4                 eth1      FRR4(4)
FRR5                 TE-IS        20     FRR2                 eth0      FRR2(4)
2001:db8:2222::/128  IP6 internal 20     FRR2                 eth0      FRR2(4)
2001:db8:4444::/128  IP6 internal 20     FRR4                 eth1      FRR4(4)
2001:db8:3333::/128  IP6 internal 30     FRR2                 eth0      FRR3(4)
                                        FRR4                 eth1
2001:db8:5555::/128  IP6 internal 30     FRR2                 eth0      FRR5(4)

show isis route

Verify the Label stack output assigned to prefixes.

  • Prefix 192.0.2.3/32 has path cost 30 is reachable via eth0 AND eth1 (ECMP) and its segement SID is 16003. 16000 + configured index = 16003.
  • Prefix 2001:db8:3333::/128 has path cost 30 is reachable via eth0 and eth1 (ECMP) and its segment ID (SID) is 16333. 16000 + configured index = 16333.

And this is the output of FRR1:

FRR1# show isis route
Area 1:
IS-IS L2 IPv4 routing table:

 Prefix        Metric  Interface  Nexthop    Label(s)
 -----------------------------------------------------------
 10.0.0.0/30   20      eth0       10.0.0.2   -
 10.0.0.4/30   20      eth0       10.0.0.2   -
 10.0.0.8/30   20      eth1       10.0.0.13  -
 10.0.0.12/30  20      eth1       10.0.0.13  -
 10.0.0.16/30  20      eth0       10.0.0.2   -
 10.0.0.20/30  30      eth0       10.0.0.2   -
                       eth1       10.0.0.13  -
 192.0.2.1/32  0       -          -          -
 192.0.2.2/32  20      eth0       10.0.0.2   implicit-null
 192.0.2.3/32  30      eth0       10.0.0.2   16003
                       eth1       10.0.0.13  16003
 192.0.2.4/32  20      eth1       10.0.0.13  implicit-null
 192.0.2.5/32  30      eth0       10.0.0.2   16005

IS-IS L2 IPv6 routing table:

 Prefix               Metric  Interface  Nexthop                Label(s)
 ------------------------------------------------------------------------------
 2001:db8:1111::/128  0       -          -                      -
 2001:db8:2222::/128  20      eth0       fe80::e83:8ff:fee0:0   implicit-null
 2001:db8:3333::/128  30      eth0       fe80::e83:8ff:fee0:0   16333
                              eth1       fe80::e21:b0ff:fe24:1  16333
 2001:db8:4444::/128  20      eth1       fe80::e21:b0ff:fe24:1  implicit-null
 2001:db8:5555::/128  30      eth0       fe80::e83:8ff:fee0:0   16555

show isis segment-routing node

It took me some time to find the command to verify SR operation itself. Following commands are currently available to check IS-IS SR status.

user $ show isis segment-routing node
FRR1# show isis segment-routing node
Area 1:
 IS-IS L1 SR-Nodes:

 IS-IS L2 SR-Nodes:

 System ID       SRGB           SRLB           Algorithm  MSD
 --------------------------------------------------------------
 1111.1111.1111  16000 - 23999  15000 - 15999  SPF        8
 2222.2222.2222  16000 - 23999  15000 - 15999  SPF        8
 3333.3333.3333  16000 - 23999  15000 - 15999  SPF        8
 4444.4444.4444  16000 - 23999  15000 - 15999  SPF        8
 5555.5555.5555  16000 - 23999  15000 - 15999  SPF        8

show isis route prefix-sid

This is the segment routing table showing assinged SID its next hop interface, metric and the label operation. Label operation naming conventions:

+-------------------+--------------------+
|LDP label operation|SR segment operation|
|-------------------|--------------------|
|PUSH               |PUSH                |
|SWAP               |CONTINUE            |
|POP                |NEXT                |
+-------------------+--------------------+

Notice the Label operations show int the display below and compare it to the table shown:

FRR1# show isis route prefix-sid
Area 1:
IS-IS L2 IPv4 routing table:

 Prefix        Metric  Interface  Nexthop    SID  Label Op.
 ---------------------------------------------------------------------
 10.0.0.0/30   20      eth0       10.0.0.2   -    -
 10.0.0.4/30   20      eth0       10.0.0.2   -    -
 10.0.0.8/30   20      eth1       10.0.0.13  -    -
 10.0.0.12/30  20      eth1       10.0.0.13  -    -
 10.0.0.16/30  20      eth0       10.0.0.2   -    -
 10.0.0.20/30  30      eth0       10.0.0.2   -    -
                       eth1       10.0.0.13  -    -
 192.0.2.1/32  0       -          -          -    -
 192.0.2.2/32  20      eth0       10.0.0.2   2    Pop(16002)
 192.0.2.3/32  30      eth0       10.0.0.2   3    Swap(16003, 16003)
                       eth1       10.0.0.13  3    Swap(16003, 16003)
 192.0.2.4/32  20      eth1       10.0.0.13  4    Pop(16004)
 192.0.2.5/32  30      eth0       10.0.0.2   5    Swap(16005, 16005)

IS-IS L2 IPv6 routing table:

 Prefix               Metric  Interface  Nexthop                SID  Label Op.
 ----------------------------------------------------------------------------------------
 2001:db8:1111::/128  0       -          -                      -    -
 2001:db8:2222::/128  20      eth0       fe80::e83:8ff:fee0:0   222  Pop(16222)
 2001:db8:3333::/128  30      eth0       fe80::e83:8ff:fee0:0   333  Swap(16333, 16333)
                              eth1       fe80::e21:b0ff:fe24:1  333  Swap(16333, 16333)
 2001:db8:4444::/128  20      eth1       fe80::e21:b0ff:fe24:1  444  Pop(16444)
 2001:db8:5555::/128  30      eth0       fe80::e83:8ff:fee0:0   555  Swap(16555, 16555)

Conclusion, the label operation is executed correctly, but the output shown using MPLS dataplane might still be hardcoded in the linux kernel, probably the reason why POP label operation is displayed, instead of the formaly correct NEXT operation.

The MPLS label distribution is done using the IGP, here IS-IS SR. LDP is not used. Following commands will show empty output, since no LDP is working:

show mpls ldp binding

show mpls ldp interface

SR is the control plane and MPLS is the data plane.

Verify the routing table using linux iproute2 tool. Look at the added encap mpls and the SID 16003 via dev ethX:

user % ip route

10.0.0.0/30 dev eth0 proto kernel scope link src 10.0.0.1 10.0.0.4/30 nhid 18 via 10.0.0.2 dev eth0 proto isis metric 20 10.0.0.8/30 nhid 17 via 10.0.0.13 dev eth1 proto isis metric 20 10.0.0.12/30 dev eth1 proto kernel scope link src 10.0.0.14 10.0.0.16/30 nhid 18 via 10.0.0.2 dev eth0 proto isis metric 20 10.0.0.20/30 nhid 25 proto isis metric 20 nexthop via 10.0.0.13 dev eth1 weight 1 i nexthop via 10.0.0.2 dev eth0 weight 1 192.0.2.2 nhid 30 via 10.0.0.2 dev eth0 proto isis metric 20 192.0.2.3 nhid 49 proto isis metric 20 nexthop encap mpls 16003 via 10.0.0.2 dev eth0 weight 1 nexthop encap mpls 16003 via 10.0.0.13 dev eth1 weight 1 192.0.2.4 nhid 51 via 10.0.0.13 dev eth1 proto isis metric 20 192.0.2.5 nhid 57 encap mpls 16005 via 10.0.0.2 dev eth0 proto isis metric 20

This output of the routing table, will not display like shown above is the linux tool route would be used here.

This is output of the IP routing table using the route -n command. A lot of the "new" IP information is missing compared to the upper output. Now this is good example to why route command on linux is deprecated, and iproute2 should be always used instead.

user % route -n

Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.0.0.0 0.0.0.0 255.255.255.252 U 0 0 0 eth0 10.0.0.4 10.0.0.2 255.255.255.252 UG 20 0 0 eth0 10.0.0.8 10.0.0.13 255.255.255.252 UG 20 0 0 eth1 10.0.0.12 0.0.0.0 255.255.255.252 U 0 0 0 eth1 10.0.0.16 10.0.0.2 255.255.255.252 UG 20 0 0 eth0 10.0.0.20 10.0.0.2 255.255.255.252 UG 20 0 0 eth0 192.0.2.2 10.0.0.2 255.255.255.255 UGH 20 0 0 eth0 192.0.2.3 10.0.0.2 255.255.255.255 UGH 20 0 0 eth0 192.0.2.4 10.0.0.13 255.255.255.255 UGH 20 0 0 eth1 192.0.2.5 10.0.0.2 255.255.255.255 UGH 20 0 0 eth0 198.51.100.0 10.0.0.2 255.255.255.252 UG 20 0 0 eth0 198.51.100.4 0.0.0.0 255.255.255.252 U 0 0 0 eth3

not implemented yet

This is a tech demo, and in experimental state. It lacks some advanced features, A short overview of the not running features with a short explanation how they could be used in a SR running backbone:

L1 L2 redistribution

  • No support for level redistribution (IS-IS L1 to L2 redistribution)

The network lab is runningis-type level2-only. IS-IS runs in the default setting L1 and L2 databases at same time. L1 routers receive only the default route in a L1-L2 design, and do not have the full visibility of the network, like the L2 routers have. For the IS-IS SR lab the L2-only setting is mandatory to be able to run SR. L1 IS-IS is out of scope .

Binding SID

  • No support for Binding SID (Segment ID)

Binding SID is a path instruction for a tunnel interface, TE interface.

  • Send packet to the SID
  • Forward packet using SR-TE policy

Both upper instructions in this send destination are united using one binding SID, the Binding SID works like a symlink for a network function. This implies MPLS-TE working or here SR-TE. A path instruction for a Binding SID would be insterted by a central controller, not the manual manner in the CLI. Not used in this netlab.

SRMS

Segment Routing Message Server

  • No support for SRMS Segment Routing Preference TLV

SRMS is used in networks, where LDP only routers need to be reachable from SR domain. LDP is not used here.

SRLB

Segment Routing Local Block

  • No support for SRLB

The SR Local Block TLV. A SR node assigns lables from range 15000 - 15999 to local links. This is done by every node. In the netlab FRRouting assings SRLB's. Not sure how this particular entry is meant, perhaps SRLB are not fully implemented according to the RFC, this is my personal speculation. Verify the debug output show below:

debug isis sr-events

SRLB `ISIS-Sr (1): Got new SRLB [15000/15999]. Take a close look what at the debug output and notice what isis does with the 15xxx prefixed labels of the SRLB. Another hint that some code is already there. and

This is a debug isis sr-events command output. The router FRR2 has been shutdown. The sequence of sr events shown int the /var/log/messages file. Use tail -f /var/log/messages to watch the debugging output appearing interactively:

user % tail -f /var/log/messages

Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [SZEFX-K7QHS] ISIS-Sr (1): Delete Adjacency SID Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [JHS07-MXHFV] |- Delete label 15000 for interface eth0 Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [SZEFX-K7QHS] ISIS-Sr (1): Delete Adjacency SID Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [JHS07-MXHFV] |- Delete label 15001 for interface eth0 Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [SZEFX-K7QHS] ISIS-Sr (1): Delete Adjacency SID Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [JHS07-MXHFV] |- Delete label 15004 for interface eth0 Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [SZEFX-K7QHS] ISIS-Sr (1): Delete Adjacency SID Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [JHS07-MXHFV] |- Delete label 15006 for interface eth0 Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [SZEFX-K7QHS] ISIS-Sr (1): Delete Adjacency SID Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [JHS07-MXHFV] |- Delete label 15005 for interface eth1 Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [SZEFX-K7QHS] ISIS-Sr (1): Delete Adjacency SID Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [JHS07-MXHFV] |- Delete label 15007 for interface eth1 Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [XQ9NN-675DD] ISIS-Sr (1): update label 16002 for prefix 192.0.2.2/32 Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [XQ9NN-675DD] ISIS-Sr (1): update label 16003 for prefix 192.0.2.3/32 Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [XQ9NN-675DD] ISIS-Sr (1): update label 16004 for prefix 192.0.2.4/32 Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [XQ9NN-675DD] ISIS-Sr (1): update label 16005 for prefix 192.0.2.5/32 Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [XQ9NN-675DD] ISIS-Sr (1): update label 16222 for prefix 2001:db8:2222::/128 Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [XQ9NN-675DD] ISIS-Sr (1): update label 16333 for prefix 2001:db8:3333::/128 Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [XQ9NN-675DD] ISIS-Sr (1): update label 16444 for prefix 2001:db8:4444::/128 Nov 10 12:58:10 FRR1 daemon.debug isisd[1832]: [XQ9NN-675DD] ISIS-Sr (1): update label 16555 for prefix 2001:db8:5555::/128 Nov 10 12:58:11 FRR1 daemon.debug isisd[1832]: [ZGTBT-7CBRV] ISIS-Sr (1): delete label 16002 for prefix 192.0.2.2/32 Nov 10 12:58:11 FRR1 daemon.debug isisd[1832]: [ZGTBT-7CBRV] ISIS-Sr (1): delete label 16222 for prefix 2001:db8:2222::/128

SR debug events after FRR2 has been powered on:

user % tail -f /var/log/messages

Nov 10 13:02:10 FRR1 daemon.debug isisd[1832]: [M10RP-EXYDD] ISIS-Sr (1): Add Primary Adjacency SID Nov 10 13:02:10 FRR1 daemon.debug isisd[1832]: [JHS07-MXHFV] |- Add label 15000 for interface eth0 Nov 10 13:02:12 FRR1 daemon.debug isisd[1832]: [M10RP-EXYDD] ISIS-Sr (1): Add Primary Adjacency SID Nov 10 13:02:12 FRR1 daemon.debug isisd[1832]: [JHS07-MXHFV] |- Add label 15001 for interface eth0 Nov 10 13:02:12 FRR1 daemon.debug isisd[1832]: [M10RP-EXYDD] ISIS-Sr (1): Add Backup Adjacency SID Nov 10 13:02:12 FRR1 daemon.debug isisd[1832]: [JHS07-MXHFV] |- Add label 15004 for interface eth0 Nov 10 13:02:12 FRR1 daemon.debug isisd[1832]: [M10RP-EXYDD] ISIS-Sr (1): Add Backup Adjacency SID Nov 10 13:02:12 FRR1 daemon.debug isisd[1832]: [JHS07-MXHFV] |- Add label 15005 for interface eth0 Nov 10 13:02:12 FRR1 daemon.debug isisd[1832]: [XQ9NN-675DD] ISIS-Sr (1): update label 16002 for prefix 192.0.2.2/32 Nov 10 13:02:12 FRR1 daemon.debug isisd[1832]: [XQ9NN-675DD] ISIS-Sr (1): update label 16222 for prefix 2001:db8:2222::/128 Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [SZEFX-K7QHS] ISIS-Sr (1): Delete Adjacency SID Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [JHS07-MXHFV] |- Delete label 15004 for interface eth0 Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [SZEFX-K7QHS] ISIS-Sr (1): Delete Adjacency SID Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [JHS07-MXHFV] |- Delete label 15005 for interface eth0 Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [M10RP-EXYDD] ISIS-Sr (1): Add Backup Adjacency SID Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [JHS07-MXHFV] |- Add label 15004 for interface eth0 Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [M10RP-EXYDD] ISIS-Sr (1): Add Backup Adjacency SID Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [JHS07-MXHFV] |- Add label 15005 for interface eth1 Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [M10RP-EXYDD] ISIS-Sr (1): Add Backup Adjacency SID Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [JHS07-MXHFV] |- Add label 15006 for interface eth0 Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [M10RP-EXYDD] ISIS-Sr (1): Add Backup Adjacency SID Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [JHS07-MXHFV] |- Add label 15007 for interface eth1 Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [XQ9NN-675DD] ISIS-Sr (1): update label 16002 for prefix 192.0.2.2/32 Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [XQ9NN-675DD] ISIS-Sr (1): update label 16003 for prefix 192.0.2.3/32 Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [XQ9NN-675DD] ISIS-Sr (1): update label 16004 for prefix 192.0.2.4/32 Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [XQ9NN-675DD] ISIS-Sr (1): update label 16005 for prefix 192.0.2.5/32 Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [XQ9NN-675DD] ISIS-Sr (1): update label 16222 for prefix 2001:db8:2222::/128 Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [XQ9NN-675DD] ISIS-Sr (1): update label 16333 for prefix 2001:db8:3333::/128 Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [XQ9NN-675DD] ISIS-Sr (1): update label 16444 for prefix 2001:db8:4444::/128 Nov 10 13:02:13 FRR1 daemon.debug isisd[1832]: [XQ9NN-675DD] ISIS-Sr (1): update label 16555 for prefix 2001:db8:5555::/128

Routers FRR1 and FRR2 are directly connected. Interactive configuration debugging in FRRouting is explained in FRRouting routing protocol debugging article.

Further reading

Basic tutorials using SR can found at the official website. Detailed configuration steps and examples of IS-IS segment routing can be found is the official documentation. Everything related to building a working FRRouting GNS3 appliance and how to configure it is explained in previous blog entry.

See also

References