This documentation has been moved
Cisco IOS Software Modularity: MPLS Layer 3 VPNs
Downloads: This chapterpdf (PDF - 188.0KB) | Feedback

Cisco IOS Software Modularity: MPLS Layer 3 VPNs

Table Of Contents

Cisco IOS Software Modularity: MPLS Layer 3 VPNs

Contents

Prerequisites for Cisco IOS Software Modularity: MPLS Layer 3 VPNs

Restrictions for Cisco IOS Software Modularity: MPLS Layer 3 VPNs

Information About Cisco IOS Software Modularity: MPLS Layer 3 VPNs

Introduction to the Cisco IOS Software Modularity: MPLS Layer 3 VPNs Feature

Cisco IOS Software Modularity and High Availability

How Cisco IOS Software Modularity Processes Work with Software That Is Not Modular

MPLS LDP

MPLS Traffic Engineering

MPLS Traffic Engineering and RSVP-TE Messages

How Processes Are Restarted on Cisco IOS Software Modularity: MPLS Layer 3 VPNs

How Patching Works on Cisco IOS Software Modularity: MPLS Layer 3 VPNs

Best Practice for IP Routing Process Restarts with the Cisco IOS Software Modularity: MPLS Layer 3 VPNs Feature

Best Practice for SSO/NSF on Peer Route Processors with Cisco IOS Software Modularity: MPLS Layer 3 VPNs Feature

Best Practices for Scalability and Convergence in the Cisco IOS Software Modularity: MPLS Layer 3 VPNs Feature

CLI Changes Due to the Cisco IOS Software Modularity: Layer 3 VPNs Feature

New Commands

Modified Commands

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Feature Information for Cisco IOS Software Modularity: MPLS Layer 3 VPNs


Cisco IOS Software Modularity: MPLS Layer 3 VPNs


First Published: May 31, 2007
Last Updated: May 31, 2007

In Cisco IOS Release 12.2(33)SXH, the Cisco IOS Software Modularity feature has been extended to include Multiprotocol Label Switching (MPLS) Virtual Private Networks (VPNs). Through software infrastructure enhancements, the Cisco IOS Software Modularity: MPLS Layer 3 VPNs feature reduces both planned and unplanned downtime and boosts operational efficiency. You can restart, upgrade, and patch modularized components and processes without interrupting service.

Identifying and fixing faults and failures is also easier, because you can isolate components and processes. The software modularity capabilities integrate with and make use of High Availability (HA) features already in place.

Finding Feature Information in This Module

Your Cisco IOS software release may not support all of the features documented in this module. To reach links to specific feature documentation in this module and to see a list of the releases in which each feature is supported, use the "Feature Information for Cisco IOS Software Modularity: MPLS Layer 3 VPNs" section.

Finding Support Information for Platforms and Cisco IOS and Catalyst OS Software Images

Use Cisco Feature Navigator to find information about platform support and Cisco IOS and Catalyst OS software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Contents

Prerequisites for Cisco IOS Software Modularity: MPLS Layer 3 VPNs

Restrictions for Cisco IOS Software Modularity: MPLS Layer 3 VPNs

Information About Cisco IOS Software Modularity: MPLS Layer 3 VPNs

Additional References

Feature Information for Cisco IOS Software Modularity: MPLS Layer 3 VPNs

Feature Information for Cisco IOS Software Modularity: MPLS Layer 3 VPNs

Prerequisites for Cisco IOS Software Modularity: MPLS Layer 3 VPNs

The following are prerequisites for the Cisco IOS Software Modularity: MPLS Layer 3 VPNs feature:

Before implementing the Cisco IOS Software Modularity: MPLS Layer 3 VPN feature, you should understand the concepts and tasks related to Cisco IOS Software Modularity. See the Installing and Configuring Cisco IOS Software Modularity feature module.

The Cisco IOS Software Modularity: MPLS Layer 3: VPNs feature works with the MPLS HA features. See the following MPLS HA documentation for information about configuring MPLS HA:

MPLS High Availability: Overview

MPLS High Availability: Command Changes

Cisco Express Forwarding: Command Changes

NSF/SSO: MPLS VPN

NSF/SSO: MPLS LDP and LDP Graceful Restart

NSF/SSO: Any Transport over MPLS and AToM Graceful Restart

NSF/SSO—MPLS TE and RSVP Graceful Restart

Restrictions for Cisco IOS Software Modularity: MPLS Layer 3 VPNs

The software components that make up MPLS Layer 3 VPNs—that is, routing protocols, the master virtual routing and forwarding (VRF) database, and the Routing Information Bases (RIBs) for IPv4 and IPv6—were rewritten to work with the Cisco IOS software modularity infrastructure. The software modularity changes included moving the MPLS Layer 3 VPN infrastructure to the restartable routing process. However, other MPLS components, such as the MPLS Forwarding Information Base (FIB), Label Distribution Protocol (LDP), and traffic engineering (TE) have not been rewritten to conform with Cisco IOS software modularity. As a result, those components run in processes that cannot be restarted in the event of an error.

This Cisco IOS Software Modularity: MPLS Layer 3: VPNs feature is supported on Cisco Catalyst 6500 series switches.

You can patch and restart the MPLS Layer 3 VPN software without service disruptions. However, you cannot patch and restart without service disruption other MPLS components that are not compliant with the software modularity infrastructure.

The Cisco IOS Software Modularity: MPLS Layer 3: VPNs feature uses 10 to 20 percent more memory than the Cisco IOS software without software modularity. For guidelines on memory requirements for modularization features, see the Installing and Configuring Cisco IOS Software Modularity feature module.

The Cisco IOS Software Modularity: MPLS Layer 3: VPNs feature minimally reduces the number of targeted LDP sessions you can have. It also slightly increases tunnel setup times and marginally reduces convergence times.

For information on performance factors, see the "Best Practices for Scalability and Convergence in the Cisco IOS Software Modularity: MPLS Layer 3 VPNs Feature" section.

Information About Cisco IOS Software Modularity: MPLS Layer 3 VPNs

To use the Cisco IOS Software Modularity: MPLS Layer 3 VPNs feature, you should understand the following concepts:

Introduction to the Cisco IOS Software Modularity: MPLS Layer 3 VPNs Feature

Cisco IOS Software Modularity and High Availability

How Cisco IOS Software Modularity Processes Work with Software That Is Not Modular

How Processes Are Restarted on Cisco IOS Software Modularity: MPLS Layer 3 VPNs

How Patching Works on Cisco IOS Software Modularity: MPLS Layer 3 VPNs

Best Practice for IP Routing Process Restarts with the Cisco IOS Software Modularity: MPLS Layer 3 VPNs Feature

Best Practice for SSO/NSF on Peer Route Processors with Cisco IOS Software Modularity: MPLS Layer 3 VPNs Feature

Best Practices for Scalability and Convergence in the Cisco IOS Software Modularity: MPLS Layer 3 VPNs Feature

CLI Changes Due to the Cisco IOS Software Modularity: Layer 3 VPNs Feature

Introduction to the Cisco IOS Software Modularity: MPLS Layer 3 VPNs Feature

Cisco IOS Software Modularity code is partitioned into multiple processes that run in their own protected memory space and that can independently restart. The control plane components for the Layer 3 VPNs moved from the tightly coupled and interdependent Cisco IOS code to the restartable routing process.

Some of the Cisco IOS modular processes that MPLS uses include:

TCP is a separate restartable process that is important to MPLS because Border Gateway Protocol (BGP) and LDP sessions run over TCP connections.

Routing is a restartable process that contains the following control plane components:

Open Shortest Path First (OSPF)

Intermediate System-to-Intermediate System (IS-IS)

BGP

RIB

Layer 3 VPN control plane components

User Datagram Protocol (UDP) is a restartable process that is important for MPLS because LDP hello messages are transmitted in UDP packets. Further, MPLS embedded management applications may use UDP packets to transmit data.

Cisco IOS software includes more than 37 other modular processes so that restarts in the control plane components do not affect the transmission of data in the forwarding plane.

MPLS components that have not been made modular include:

IP FIB

MPLS Forwarding Infrastructure (MFI)

Other MPLS control plane components, including LDP, Resource Reservation Protocol-traffic engineering (RSVP-TE), and IP Rewrite Manager (IPRM).

If an error occurs in one of those software components, the transmission of data is interrupted.

Cisco IOS Software Modularity and High Availability

Unplanned downtime can be caused by software or hardware faults, such as control plane errors, control processor or line card failures. Most unplanned down time is caused by software faults related to the control plane.

To reduce unplanned downtime, Cisco IOS HA, nonstop forwarding (NSF) and stateful switchover (SSO) features work with routers that have primary and backup Route Processors (RPs). The following MPLS features are highly available through NSF and SSO:

MPLS VPNs

MPLS LDP

MPLS TE and RSVP

With NSF and SSO, the primary and backup RPs keep identical copies of the label and state information by checkpointing. Checkpointing is a function that copies state information from the active RP to the backup RP, thereby ensuring that the backup has the latest information. If a control plane error causes the primary RP to fail, the backup RP takes over without disrupting the forwarding plane. This enables MPLS VPN, LDP, and TE features to keep running during a switchover.

Cisco IOS software modularity improves on the HA functionality by applying NSF and SSO to individual processes running within the Cisco IOS software. Cisco IOS software modularity provides the following improvements:

For routers with a single RP, Cisco IOS software modularity enables individual processes to restart. If a process restarts successfully, it recovers its state either from a neighboring router that has Graceful Restart or from a database that checkpointed the state information. The process resumes normal operation without interrupting the forwarding plane. If the process cannot restart, the process is declared dead and the RP must be restarted.

For routers with primary and backup RPs, Cisco IOS software modularity enables individual processes to restart. If the process cannot restart and is a mandatory process, the router switches to a backup RP, which takes over the processing without interruption.

To reduce unplanned downtime, enable the following HA features on the routers with Cisco IOS software modularity installed:

SSO for routers with primary and backup RPs

NSF for all supported routing protocols, that is, BGP, Enhanced Interior Routeway Gating Protocol (EIGRP), OSPF, and IS-IS

GR for all MPLS features, that is, MPLS VPNs, MPLS LDP, MPLS TE, and RSVP

How Cisco IOS Software Modularity Processes Work with Software That Is Not Modular

The processes that have been made modular through Cisco IOS software modularity can fail and restart without interrupting the transmission of data in the forwarding plane. These modular processes are used within MPLS applications that have not been made modular, such as MPLS LDP and MPLS TE. The following sections explain the interactions between the MPLS applications and the modular processes.

MPLS LDP

MPLS LDP uses UDP to transmit LDP hello messages to discover neighbors and uses TCP to establish LDP sessions and exchange LDP label-binding information. Both TCP and UDP are modular processes.

If LDP is protected by GR functionality, when a TCP process fails the following events occur:

1. TCP is disconnected.

2. The LDP session is terminated.

3. LDP GR initiates and does the following:

Saves LDP session information and marks it stale.

Starts the reconnect timer, which indicates how long it will wait for the neighbor to reconnect.

After the neighbor reconnects, it starts the recovery timer, which indicates how long it will wait for the neighbor to readvertise label-binding information.

4. If the TCP process restarts before the reconnect timer expires and LDP can establish a new session and complete an information exchange before the respective timer expires, the LDP GR process completes successfully.

If the TCP process does not restart before the reconnect timer expires, a restart of the RP is necessary.

If an LDP session has been protected by GR functionality, when a UDP process fails the following events occur:

1. If the UDP process restarts and LDP starts to exchange hello messages with neighbors before the LDP discovery hold timer expires, the LDP session continues without interruption.

2. If the UDP process does not restart before the LDP discovery hold timer expires, the LDP hello adjacency with the neighbor is torn down, which terminates the LDP session.

3. When the LDP session terminates, LDP GR initiates.


Note The MPLS LDP Session Protection feature works with the Cisco IOS Software Modularity feature, but cannot protect an LDP session if a UDP process fails.


MPLS Traffic Engineering

If you ensure that MPLS TE is configured with the NSF/SSO: MPLS TE and RSVP GR feature, MPLS TE can recover from a failure without disrupting the forwarding plane. See NSF/SSO—MPLS TE and RSVP Graceful Restart for more information.

The recovery behaviors of the failing RP and its neighboring RPs depend on the versions of Cisco IOS software running on the routers:

Cisco IOS Release 12.0(29)S introduced the MPLS TE: RSVP GR feature, which allowed a router to assist a neighboring router that has SSO/NSF support and GR to recover gracefully from an interruption in service. In Cisco IOS Release 12.0(29)S, RSVP GR operates strictly in helper mode, which means it can help only other routers that are enabled with MPLS SSO/NSF and GR to recover. If the router running 12.0(29)S (or later 12.0S release) with RSVP GR fails, its peer routers cannot help it recover.

Cisco IOS Release 12.2(33)SRA and later releases introduced SSO/NSF support for MPLS TE so that an RP can use failover techniques to recover from a disruption in control plane service without losing its MPLS forwarding state. The feature is called NSF/SSO: MPLS TE and RSVP GR.

Cisco IOS Release 12.2(33)SXH also supports the NSF/SSO: MPLS TE and RSVP GR feature. Enabling this feature in the MPLS Cisco IOS software modularity environment ensures that MPLS TE can recover gracefully from control plane faults.

Routers running Cisco IOS Releases 12.2(33)SXH or 12.2(33)SRA or a later require the NSF/SSO: MPLS TE and RSVP GR feature to recover from a process restart or an SSO failover without disruption. All LSPs remain intact. If you do not enable the NSF/SSO: MPLS TE and RSVP GR feature, MPLS TE may encounter the following conditions:

During an IP process restart, packets may be lost.

During an SSO failover, the neighboring router tears down the LSPs to and through the router that has the SSO event.

Routers running the RSVP GR feature in Cisco IOS Release 12.0(29)S or later cannot exchange GR hello messages with routers running the NSF/SSO: MPLS TE and RSVP GR feature in Cisco IOS Releases 12.2(33)SXH, 12.2(33)SRA, or later releases. Those routers cannot assist a neighboring router during a process restart or SSO failover.

MPLS Traffic Engineering and RSVP-TE Messages

MPLS TE uses RSVP-TE extensions to explicitly route traffic over label switched paths. The RSVP-TE signaling protocol runs over IP. During an IP process restart, RSVP-TE messages can be dropped.

How Processes Are Restarted on Cisco IOS Software Modularity: MPLS Layer 3 VPNs

The restarting capability of the Cisco IOS Software Modularity: MPLS Layer 3 VPNs feature allows the restarting of any modular process, such as the IP routing process, while the rest of the system continues to operate normally.

The following sequence shows how a system can recover without any user interaction:


Note Assume that all routing protocols (control plane) have converged and that the forwarding plane is forwarding traffic. The routing protocols have been configured for NSF.


The IP routing process fails.

The routing protocols that have been configured with NSF reestablish sessions and exchange routing information as the IP routing process restarts. The forwarding plane continues to forward traffic without interruption.

The IP routing process recovers and sends an NSF message to its neighbors indicating that it is recovering.

NSF-aware neighbors keep the entries they learned from the recovering system in their tables and send their information back to the recovering system.

When the control plane has processed all routing updates it received from its neighbors, it programs the changes to the data plane.

Forwarding on the data plane is being performed at all times during this sequence.

Generally users do not need to restart processes. The integrated HA constantly monitors all processes and automatically initiates a restart when needed.

How Patching Works on Cisco IOS Software Modularity: MPLS Layer 3 VPNs

The Cisco IOS Software Modularity: MPLS Layer 3 VPNs feature allows you to do selective system maintenance with individual patches. You can download, verify, install, and activate a patch for a component without restarting an entire system. Because patches affect only the component they are required to fix, they need less code-certification time than if an entire system had to be verified. You have to verify only the portion of software associated with the fix.

Best Practice for IP Routing Process Restarts with the Cisco IOS Software Modularity: MPLS Layer 3 VPNs Feature

Restarting the IP routing process restarts all the routing protocols and causes MPLS LDP to invoke the graceful restart routine. Wait until all the routing protocols have converged and LDP is back to a normal state before restarting the IP routing process again. Otherwise, traffic could be lost.

Best Practice for SSO/NSF on Peer Route Processors with Cisco IOS Software Modularity: MPLS Layer 3 VPNs Feature

See the NSF/SSO: MPLS VPN for information on configuring MPLS VPN GR on peer RPs to ensure that routing and forwarding is not disrupted if there is a hardware failure on the primary RP.

Best Practices for Scalability and Convergence in the Cisco IOS Software Modularity: MPLS Layer 3 VPNs Feature

The Cisco IOS Software Modularity: MPLS Layer 3 VPNs feature is designed to have LDP and TE scalability and overall convergence values that are within 20 percent of comparable values in nonmodularized images. Routers that have enough memory to cover some 10 to 20 percent greater memory usage should not experience diminished performance.

See the Installing and Configuring Cisco IOS Software Modularity feature module, for guidelines on memory requirements for software modularization.

The following are the LDP and TE scalability and convergence effects:

LDP scalability:

The Cisco IOS Software Modularity: MPLS Layer 3 VPNs feature is very effective in reducing link flaps in link sessions.

Images with the Cisco IOS Software Modularity: MPLS Layer 3 VPNs feature can scale to up to 900 targeted LDP sessions, compared to 1200 sessions on nonmodularized images.

TE scalability:

Tunnel setup times are longer and setup times increase as the number of tunnels increases but both times are within 20 percent of those on nonmodularized images.

Convergence:

Convergence times on images with the Cisco IOS Software Modularity: MPLS Layer 3 VPNs feature are within 20 percent of those on nonmodularized images.

CLI Changes Due to the Cisco IOS Software Modularity: Layer 3 VPNs Feature

The Cisco IOS Software Modularity: MPLS Layer 3 VPNs feature introduces the following two new commands:

debug mpls traffic-eng process-restart

show mpls traffic-eng process-restart iprouting

It modifies the following four commands.

show ip route

show mpls forwarding-table

show mpls traffic-eng link-management advertisements

show mpls traffic-eng link-management summary

New Commands

The show mpls traffic-eng process-restart iprouting command displays statistics about the resynchronization of the information shared between TE and the Internet Gateway Protocols after an IP routing process restart.

The debug mpls traffic-eng process-restart command displays messages related to the transfer of information between TE and the IGPs, and the resynchronization of this information, including the flushing of any stale information, after an IP Routing process restart.

See "Feature Information for Cisco IOS Software Modularity: MPLS Layer 3 VPNs" section for more information on the new commands.

Modified Commands

The output of the show mpls traffic-eng link-management summary and the show mpls traffic-eng link-management advertisements commands are enhanced to show when an IP routing process restart is in progress.

The detailed output of the show ip route command (when you specify a prefix or mask) is enhanced to show remote label information and MPLS flags for prefixes that have a remote label stored in RIB. Remote MPLS labels used for forwarding that were formerly stored in IPRM working with BGP are now stored in RIB. This enhanced output can be used for troubleshooting.

The output of the show mpls forwarding-table command is enhanced to display troubleshooting information in the first column, Local Label, as follows:

An [H] notation indicates local labels that are temporarily in holddown, that is, the application that requested the labels no longer needs them and stops advertising them to its labeling peers.

A [T] notation indicates forwarding through a label switched path (LSP).

An [HT] notation indicates that both conditions apply.

These outputs are shown whether or not users specify the detail or the internal keywords. You can use the detail or the internal keyword to display more information.

See the "Feature Information for Cisco IOS Software Modularity: MPLS Layer 3 VPNs" section for more information on the modified commands.

Additional References

Related Documents


Standards

Standard
Title

draft-ietf-mpls-bgp-mpls-restart.txt

Graceful Restart Mechanism for BGP with MPLS

draft-ietf-mpls-idr-restart.txt

Graceful Restart Mechanism for BGP


MIBs

MIB
MIBs Link

MPLS VPN MIB

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs


RFCs

RFC
Title

RFC 1163

A Border Gateway Protocol

RFC 1164

Application of the Border Gateway Protocol in the Internet

RFC 2283

Multiprotocol Extensions for BGP-4

RFC 2547

BGP/MPLS VPNs


Technical Assistance

Description
Link

The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password. If you have a valid service contract but do not have a user ID or password, you can register on Cisco.com.

http://www.cisco.com/techsupport


Feature Information for Cisco IOS Software Modularity: MPLS Layer 3 VPNs

Table 1 lists the release history for this feature.

Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation.

Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS and Catalyst OS software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.


Note Table 1 lists only the Cisco IOS software release that introduced support for a given feature in a given Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS software release train also support that feature.


Table 1 Feature Information for Cisoc IOS Software Modularity: MPLS Layer 3 VPNs 

Feature Name
Releases
Feature Information

Cisco IOS Software Modularity: MPLS Layer 3 VPNs

12.2(33)SXH

This feature extends software modularity to MPLS VPNs. The following commands are introduced or modified in the feature or features documented in this module.

debug mpls traffic-eng process-restart

show ip route vrf

show mpls forwarding-table

show mpls traffic-eng link-management advertisements

show mpls traffic-eng link-management summary

show mpls traffic-eng process-restart iprouting