Cisco Nexus 3000 Series NX-OS Label Switching Configuration Guide, Release 10.1(x)

About Segment Routing

Segment routing is a technique by which the path followed by a packet is encoded in the packet itself, similar to source routing. A node steers a packet through a controlled set of instructions, called segments, by prepending the packet with a segment routing header. Each segment is identified by a segment ID (SID) consisting of a flat unsigned 32-bit integer.

Border Gateway Protocol (BGP) segments, a subclass of segments, identify a BGP forwarding instruction. Prefix segments steer packets along the shortest path to the destination, using all available equal-cost multi-path (ECMP) paths.

Border Gateway Protocol - Link State (BGP-LS) is an extension to BGP for distributing the network’s Link-State (LS) topology model to external entities. BGP-LS advertise routing updates only when they occur which uses bandwidth more effectively. They advertise only the incremental change to all routers as a multicast update. They use variable length subnet masks, which are scalable and use addressing more efficiently.

The segment routing architecture is applied directly to the MPLS data plane.

Segment Routing Application Module

Segment Routing Application (SR-APP) module is used to configure the segment routing functionality. Segment Routing Application (SR-APP) is a separate internal process that handles all the CLIs related to segment routing. It is responsible for reserving the SRGB range and for notifying the clients about it. It is also responsible for maintaining the prefix to SID mappings. The SR-APP support is also available for the BGP, IS-IS, and OSPF protocols.

The SR-APP module maintains the following information:

Segment routing operation state
Segment routing global block label ranges
Prefix SID mappings

For more information, see Configuring Segment Routing.

Guidelines and Limitations for Segment Routing

Segment routing has the following guidelines and limitations:

Beginning with Cisco NX-OS Release 9.3(1), the segment-routing MPLS command has been changed to segment-routing.
You can configure segment routing using Segment Routing Application (SR-APP) module. SR-APP is a separate internal process that handles all the CLIs related to segment routing. SR-APP reserves the SRGB range for notifying the clients and it maintains SID mappings prefixes.
BGP allocates an SRGB label for Internal Border Gateway Protocol route-reflector clients only when next-hop-self is in effect (for example, the prefix is advertised with the next hop being one of the local IP/IPv6 addresses on RR). When you have configured next-hop-self on a RR, the next hop is changed for the routes that are being affected (subject to route-map filtering).
Static MPLS, MPLS segment routing, and MPLS stripping cannot be enabled at the same time.
Because static MPLS, MPLS segment routing, and MPLS stripping are mutually exclusive, the only segment routing underlay for multihop BGP is single-hop BGP. Internal Border Gateway Protocol multi-hop topologies with eBGP running as an overlay are not supported.
MPLS pop followed by a forward to a specific interface is not supported. The penultimate hop pop (PHP) is avoided by installing the Explicit NULL label as the outlabel in the label FIB (LFIB) even when the control plane installs an IPv4 Implicit NULL label.
BGP labeled unicast and BGP segment routing are not supported for IPv6 prefixes.
BGP labeled unicast and BGP segment routing are not supported over tunnel interfaces (including GRE and VXLAN) or with vPC access interfaces.
MTU path discovery (RFC 2923) is not supported over MPLS label switched paths (LSPs) or segment routed paths.
The BGP configuration commands neighbor-down fib-accelerate and suppress-fib-pending are not supported for MPLS prefixes.
The uniform model as defined in RFC 2973 and RFC 3270 is not supported. Hence, the IP DSCP bits are not copied into the imposed MPLS header.
Reconfiguration of the segment routing global block (SRGB) results in an automatic restart of the BGP process to update the existing URIB and ULIB entries. Traffic loss occurs for a few seconds, so you should not reconfigure the SRGB in production.
If the segment routing global block (SRGB) is set to a range but the route-map label-index delta value is outside of the configured range, the allocated label is dynamically generated. For example, if the SRGB is set to a range of 16000-23999 but a route-map label-index is set to 9000, the label is dynamically allocated.
For network scalability, Cisco recommends using a hierarchical routing design with multi-hop BGP for advertising the attached prefixes from a top-of-rack (ToR) or border leaf switch.
BGP sessions are not supported over MPLS LSPs or segment routed paths.
The Layer 3 forwarding consistency checker is not supported for MPLS routes.
Cisco Nexus 3000 switches support Link-State distribution and Egress Peer Engineering (EPE) using BGP.
Segment routing and SR-EVPN are supported on Cisco Nexus C31108PC-V, Cisco Nexus C31108TC-V and Cisco Nexus C3132Q-V switches.
Deleting the segment routing configuration removes all the related segment routing configurations.
If you downgrade the Cisco Nexus device from Cisco NX-OS Release 9.3(1) to the previous NX-OS releases by setting the boot variables and reloading the switch, all earlier configurations of the segment-routing MPLS will be lost.
Before performing an ISSD from Cisco NX-OS Release 9.3(1), you must disable the segment routing configuration. Failure to do so results in the loss of the existing segment routing configurations.

Configuring Segment Routing

Before you begin

Confirm that the following conditions are met before configuring segment routing.

The install feature-set mpls , feature-set mpls and feature mpls segment-routing commands should be present before configuring the segment-routing command.
If the global block is configured, the specified range is used. Otherwise, the default 16000 – 23999 range is used.
BGP now uses both set label-index <value> configuration and the new connected-prefix-sid-map CLI. In case of a conflict, the configuration in SR-APP is preferred.

Procedure

	Command or Action	Purpose
Step 1	configure terminal Example: `switch# configure terminal switch(config)#`	Enters global configuration mode.
Step 2	segment-routing Example: `switch(config)# segment-routing switch(config-sr)# mpls switch(config-sr-mpls)#`	Enables the MPLS segment routing functionality. The no form of this command disables the MPLS segment routing feature.
Step 3	connected-prefix-sid-map Example: `switch(config-sr-mpls)# connected-prefix-sid-map switch(config-sr-mpls)#`	Configures the connected prefix segment identifier mappings.
Step 4	global-block <`min`> <`max`> Example: `switch(config-sr-mpls)# global-block <min> <max> switch(config-sr-mpls)#`	Specifies the global block range for the segment routing bindings.
Step 5	connected-prefix-sid-map Example: `switch(config-sr-mpls)# connected-prefix-sid-map switch(config-sr-mpls-conn-pfsid)#`	Configures the connected prefix segment identifier mappings.
Step 6	address-family ipv4 Example: `switch(config-sr-mpls-conn-pfsid)#address-family ipv4`	Configures the IPv4 address family.
Step 7	<`prefix`>/<`masklen`> [index\|absolute ] <`label`> Example: `switch(config-sr-mpls)# 2.1.1.5/32 absolute 201101`	The optional keywords index or absolute indicate whether the label value entered should be interpreted as an index into the SRGB or as an absolute value.

Example

See the following configuration examples of the show commands:


switch# show segment-routing mpls
Segment-Routing Global info 
Service Name: segment-routing 
State: Enabled 
Process Id: 29123 
Configured SRGB: 17000 – 24999 
SRGB Allocation status: Alloc-Successful 
Current SRGB: 17000 – 24999 
Cleanup Interval: 60 
Retry Interval: 180

The following CLI displays the clients that are registered with SR-APP. It lists the VRFs, for which the clients have registered interest.


switch# show segment-routing mpls clients
            Segment-Routing Mpls Client Info

Client: isis-1
    PIB index: 1    UUID: 0x41000118    PID: 29463    MTS SAP: 412
    TIBs registered:
        VRF: default Table: base

Client: bgp-1
    PIB index: 2    UUID: 0x11b    PID: 18546    MTS SAP: 62252
    TIBs registered:
        VRF: default Table: base

Total Clients: 2

In the show segment-routing mpls ipv4 connected-prefix-sid-map CLI command example, SRGB indicates whether the prefix SID is within the configured SRGB. The Indx field indicates that the configured label is an index into the global block. The Abs field indicates that the configured label is an absolute value.

If the SRGB field displays N, it means that the configured prefix SID is not within the SRGB range and it is not provided to the SR-APP clients. Only the prefix SIDs that fall into the SRGB range are given to the SR-APP clients.


switch# show segment-routing mpls ipv4 connected-prefix-sid-map
            Segment-Routing Prefix-SID Mappings
Prefix-SID mappings for VRF default Table base
Prefix             SID   Type Range SRGB
13.11.2.0/24       713   Indx 1     Y   
30.7.7.7/32        730   Indx 1     Y   
59.3.24.0/30       759   Indx 1     Y   
150.101.1.0/24     801   Indx 1     Y   
150.101.1.1/32     802   Indx 1     Y   
150.101.2.0/24     803   Indx 1     Y
1.1.1.1/32         16013 Abs  1     Y

The following CLI displays the show running-config segment-routing output.


switch# show running-config segment-routing ?

> Redirect it to a file
>> Redirect it to a file in append mode
all Show running config with defaults
| Pipe command output to filter

switch# show running-config segment-routing
switch# show running-config segment-routing

!Command: show running-config segment-routing
!Running configuration last done at: Thu Dec 12 19:39:52 2019
!Time: Thu Dec 12 20:06:07 2019

version 9.3(3) Bios:version 05.39
segment-routing
    mpls
        connected-prefix-sid-map
            address-family ipv4
                2.1.1.1/32 absolute 100100

switch#

Enabling MPLS on an Interface

You can enable MPLS on an interface for use with segment routing.

Before you begin

You must install and enable the MPLS feature set using the install feature-set mpls and feature-set mpls commands.

Procedure

	Command or Action	Purpose
Step 1	configure terminal Example: `switch# configure terminal switch(config)#`	Enters global configuration mode.
Step 2	interface `type slot/port` Example: `switch(config)# interface ethernet 2/2 switch(config-if)#`	Enters the interface configuration mode for the specified interface.
Step 3	[no] mpls ip forwarding Example: `switch(config-if)# mpls ip forwarding`	Enables MPLS on the specified interface. The no form of this command disables MPLS on the specified interface.
Step 4	(Optional) copy running-config startup-config Example: `switch(config-if)# copy running-config startup-config`	(Optional) Copies the running configuration to the startup configuration.

Configuring the Segment Routing Global Block

You can configure the beginning and ending MPLS labels in the segment routing global block (SRGB).

Before you begin

You must install and enable the MPLS feature set using the install feature-set mpls and feature-set mpls commands.

You must enable the MPLS segment routing feature.

Procedure

Command or Action Purpose

Step 1

configure terminal

Example:

switch# configure terminal
switch(config)#

Enters global configuration mode.

Step 2

[no] segment-routing

Example:

switch(config)# segment-routing
switch(config-sr)# mpls

Enters the segment routing configuration mode and enables the default SRGB of 16000 to 23999. The no form of this command unallocates that block of labels.

If the configured dynamic range cannot hold the default SRGB, an error message appears, and the default SRGB will not be allocated. If desired, you can configure a different SRGB in the next step.

Step 3

[no] global-block beginning-label ending-label

Example:

switch(config-sr-mpls)# global-block 16000 471804

Specifies the MPLS label range for the SRGB. Use this command if you want to change the default SRGB label range that is configured with the segment-routing command.

The permissive values for the beginning MPLS label and the ending MPLS label are from 16000 to 471804. The mpls label range command permits 16 as the minimum label, but the SRGB can start only from 16000.

Note

The minimum value for the global-block command starts from 16000. If you upgrading from previous releases, you should modify the SRGB so that it falls within the supported range before triggering an upgrade.

Step 4

(Optional) show mpls label range

Example:

switch(config-sr-mpls)# show mpls label range

(Optional)

Displays the SRGB, only if the SRGB allocation is successful.

Step 5

show segment-routing

Displays the configured SRGB.

Step 6

show segment-routing mpls

Example:

switch(config-sr-mpls)# show segment-routing mpls

Displays the configured SRGB.

Step 7

(Optional) copy running-config startup-config

Example:

switch(config-sr-mpls)# copy running-config startup-config

(Optional)

Copies the running configuration to the startup configuration.

Configuring the Label Index

You can set the label index for routes that match the network command. Doing so causes the BGP prefix SID to be advertised for local prefixes that are configured with a route map that includes the set label-index command, provided the route map is specified in the network command that specifies the local prefix.

Note

Segment Routing Application (SR-APP) module is used to configure the segment routing functionality. BGP now uses both set label-index <value> configuration under route-map and the new connected-prefix-sid-map CLI for prefix SID configuration. In case of a conflict, the configuration in SR-APP is preferred.

Note

Route-map label indexes are ignored when the route map is specified in a context other than the network command. Also, labels are allocated for prefixes with a route-map label index independent of whether the prefix has been configured by the allocate-label route-map route-map-name command.

Procedure

	Command or Action	Purpose
Step 1	configure terminal Example: `switch# configure terminal switch(config)#`	Enters global configuration mode.
Step 2	route-map `map-name` Example: `switch(config)# route-map SRmap switch(config-route-map)#`	Creates a route map or enters route-map configuration mode for an existing route map.
Step 3	[no] set label-index `index` Example: `switch(config-route-map)# set label-index 10`	Sets the label index for routes that match the network command. The range is from 0 to 471788. By default, a label index is not added to the route.
Step 4	exit Example: `switch(config-route-map)# exit switch(config)#`	Exits route-map configuration mode.
Step 5	router bgp `autonomous-system-number` Example: `switch(config)# router bgp 64496 switch(config-router)#`	Enables BGP and assigns the AS number to the local BGP speaker. The AS number can be a 16-bit integer or a 32-bit integer in the form of a higher 16-bit decimal number and a lower 16-bit decimal number in xx.xx format.
Step 6	address-family ipv4 unicast Example: `switch(config-router)# address-family ipv4 unicast switch(config-router-af)#`	Enters global address family configuration mode for the IPv4 address family.
Step 7	network `ip-prefix` [route-map `map-name`] Example: `switch(config-router-af)# network 10.10.10.10/32 route-map SRmap`	Specifies a network as local to this autonomous system and adds it to the BGP routing table.
Step 8	(Optional) show route-map [`map-name`] Example: `switch(config-router-af)# show route-map`	(Optional) Displays information about route maps, including the label index.
Step 9	(Optional) copy running-config startup-config Example: `switch(config-router-af)# copy running-config startup-config`	(Optional) Copies the running configuration to the startup configuration.

Configuration Examples for Segment Routing

The examples in this section show a common BGP prefix SID configuration between two routers.

This example shows how to advertise a BGP speaker configuration of 10.10.10.10/32 and 20.20.20.20/32 with a label index of 10 and 20, respectively. It uses the default segment routing global block (SRGB) range of 16000 to 23999.

hostname s1
install feature-set mpls
feature-set mpls

feature telnet
feature bash-shell
feature scp-server
feature bgp
feature mpls segment-routing

segment-routing 
  mpls
  vlan 1
segment-routing
  mpls
    connected-prefix-sid-map
    address-family ipv4
    2.1.1.1/32 absolute 100100

route-map label-index-10 permit 10
  set label-index 10
route-map label-index-20 permit 10
  set label-index 20

vrf context management
  ip route 0.0.0.0/0 10.30.108.1

interface Ethernet1/1
  no switchport
  ip address 10.1.1.1/24
  no shutdown

interface mgmt0
  ip address dhcp
  vrf member management
 
interface loopback1
  ip address 10.10.10.10/32

interface loopback2
  ip address 20.20.20.20/32

line console
line vty

router bgp 1
  address-family ipv4 unicast
    network 10.10.10.10/32 route-map label-index-10
    network 20.20.20.20/32 route-map label-index-20
    allocate-label all
  neighbor 10.1.1.2 remote-as 2
    address-family ipv4 labeled-unicast

This example shows how to receive the configuration from a BGP speaker.

hostname s2
install feature-set mpls
feature-set mpls

feature telnet
feature bash-shell
feature scp-server
feature bgp
feature mpls segment-routing

segment-routing mpls
vlan 1

vrf context management
  ip route 0.0.0.0/0 10.30.97.1
  ip route 0.0.0.0/0 10.30.108.1

interface Ethernet1/1
  no switchport
  ip address 10.1.1.2/24
  ipv6 address 10:1:1::2/64
  no shutdown

interface mgmt0
  ip address dhcp
  vrf member management

interface loopback1
  ip address 2.2.2.2/32
line console

line vty

router bgp 2
  address-family ipv4 unicast
    allocate-label all
  neighbor 10.1.1.1 remote-as 1
    address-family ipv4 labeled-unicast

This example shows how to display the configuration from a BGP speaker. The show command in this example displays the prefix 10.10.10.10 with label index 10 mapping to label 16010 in the SRGB range of 16000 to 23999.

switch# show bgp ipv4 labeled-unicast 10.10.10.10/32

BGP routing table information for VRF default, address family IPv4 Label Unicast
BGP routing table entry for 10.10.10.10/32, version 7
Paths: (1 available, best #1)
Flags: (0x20c001a) on xmit-list, is in urib, is best urib route, is in HW, , has label
  label af: version 8, (0x100002) on xmit-list
  local label: 16010

  Advertised path-id 1, Label AF advertised path-id 1
  Path type: external, path is valid, is best path, no labeled nexthop, in rib
  AS-Path: 1 , path sourced external to AS
    10.1.1.1 (metric 0) from 10.1.1.1 (10.10.10.10)
      Origin IGP, MED not set, localpref 100, weight 0
      Received label 0
      Prefix-SID Attribute: Length: 10
        Label Index TLV: Length 7, Flags 0x0 Label Index 10

  Path-id 1 not advertised to any peer
  Label AF advertisement
  Path-id 1 not advertised to any peer

This example shows how to configure egress peer engineering on a BGP speaker.

hostname epe-as-1
install feature-set mpls
feature-set mpls

feature telnet
feature bash-shell
feature scp-server
feature bgp
feature mpls segment-routing

segment-routing mpls
vlan 1

vrf context management
  ip route 0.0.0.0/0 10.30.97.1
  ip route 0.0.0.0/0 10.30.108.1

interface Ethernet1/1
  no switchport
  ip address 10.1.1.1/24
  no shutdown

interface Ethernet1/2
  no switchport
  ip address 11.1.1.1/24
  no shutdown

interface Ethernet1/3
  no switchport
  ip address 12.1.1.1/24
  no shutdown

interface Ethernet1/4
  no switchport
  ip address 13.1.1.1/24
  no shutdown

interface Ethernet1/5
  no switchport
  ip address 14.1.1.1/24
  no shutdown

The following is an example of show ip route vrf 2 command.

show ip route vrf 2
IP Route Table for VRF "2"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

41.11.2.0/24, ubest/mbest: 1/0
    *via 1.1.1.9%default, [20/0], 13:26:48, bgp-2, external, tag 11 (mpls-vpn)
42.11.2.0/24, ubest/mbest: 1/0, attached
    *via 42.11.2.1, Vlan2, [0/0], 13:40:52, direct
42.11.2.1/32, ubest/mbest: 1/0, attached
    *via 42.11.2.1, Vlan2, [0/0], 13:40:52, local

The following is an example of show forwarding route vrf 2 command.


slot  1
=======

IPv4 routes for table 2/base

------------------+-----------------------------------------+----------------------+-----------------+-----------------
Prefix            | Next-hop                                | Interface            | Labels          | Partial Install 
------------------+-----------------------------------------+----------------------+-----------------+-----------------
0.0.0.0/32           Drop                                      Null0
127.0.0.0/8          Drop                                      Null0
255.255.255.255/32   Receive                                   sup-eth1
*41.11.2.0/24        27.1.31.4                                 Ethernet1/3            PUSH  30002 492529 
                     27.1.32.4                                 Ethernet1/21           PUSH  30002 492529 
                     27.1.33.4                                 port-channel23         PUSH  30002 492529 
                     27.11.31.4                                Ethernet1/3.11         PUSH  30002 492529 
                     27.11.33.4                                port-channel23.11      PUSH  30002 492529 
                     37.1.53.4                                 Ethernet1/53/1         PUSH  29002 492529 
                     37.1.54.4                                 Ethernet1/54/1         PUSH  29002 492529 
                     37.2.53.4                                 Ethernet1/53/2         PUSH  29002 492529 
                     37.2.54.4                                 Ethernet1/54/2         PUSH  29002 492529 
                     80.211.11.1                               Vlan801                PUSH  30002 492529

The following is an example of show bgp l2vpn evpn summary command.


show bgp l2vpn evpn summary 
BGP summary information for VRF default, address family L2VPN EVPN
BGP router identifier 2.2.2.3, local AS number 2
BGP table version is 17370542, L2VPN EVPN config peers 4, capable peers 1
1428 network entries and 1428 paths using 268464 bytes of memory
BGP attribute entries [476/76160], BGP AS path entries [1/6]
BGP community entries [0/0], BGP clusterlist entries [0/0]
476 received paths for inbound soft reconfiguration
476 identical, 0 modified, 0 filtered received paths using 0 bytes

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
1.1.1.1         4    11       0       0        0    0    0 23:01:53 Shut (Admin)
1.1.1.9         4    11    4637    1836 17370542    0    0 23:01:40 476       
1.1.1.10        4    11       0       0        0    0    0 23:01:53 Shut (Admin)
1.1.1.11        4    11       0       0        0    0    0 23:01:52 Shut (Admin)

The following is an example of show bgp l2vpn evpn command.

show bgp l2vpn evpn 41.11.2.0 
BGP routing table information for VRF default, address family L2VPN EVPN
Route Distinguisher: 14.1.4.1:115
BGP routing table entry for [5]:[0]:[0]:[24]:[41.11.2.0]:[0.0.0.0]/224, version 17369591
Paths: (1 available, best #1)
Flags: (0x000002) on xmit-list, is not in l2rib/evpn, is not in HW

  Advertised path-id 1
  Path type: external, path is valid, received and used, is best path
             Imported to 2 destination(s)
  AS-Path: 11 , path sourced external to AS
    1.1.1.9 (metric 0) from 1.1.1.9 (14.1.4.1)
      Origin incomplete, MED 0, localpref 100, weight 0
      Received label 492529
      Extcommunity: RT:2:20

  Path-id 1 not advertised to any peer

Route Distinguisher: 2.2.2.3:113
BGP routing table entry for [5]:[0]:[0]:[24]:[41.11.2.0]:[0.0.0.0]/224, version 17369595
Paths: (1 available, best #1)
Flags: (0x000002) on xmit-list, is not in l2rib/evpn, is not in HW

  Advertised path-id 1
  Path type: external, path is valid, is best path
             Imported from 14.1.4.1:115:[5]:[0]:[0]:[24]:[41.11.2.0]:[0.0.0.0]/224 
  AS-Path: 11 , path sourced external to AS
    1.1.1.9 (metric 0) from 1.1.1.9 (14.1.4.1)

About IS-IS

IS-IS is an Interior Gateway Protocol (IGP) based on Standardization (ISO)/International Engineering Consortium (IEC) 10589 and RFC 1995. Cisco NX-OS supports Internet Protocol version 4 (IPv4) and IPv6. IS-IS is a dynamic link-state routing protocol that can detect changes in the network topology and calculate loop-free routes to other nodes in the network. Each router maintains a link-state database that describes the state of the network and sends packets on every configured link to discover neighbors. IS-IS floods the link-state information across the network to each neighbor. The router also sends advertisements and updates on the link-state database through all the existing neighbors

Segment routing on the IS-IS protocol supports the following:

IPv4
Level 1, level 2, and multi-level routing
Prefix SIDs
Multiple IS-IS instances on the same loopback interface for domain border nodes
Adjacency SIDs for adjacencies

Configuring Segment Routing with IS-IS Protocol

You can configure segment routing with IS-IS protocol.

Before you begin

Ensure the following conditions are met to enable IS-IS Segment Routing:

The mpls segment-routing feature is enabled.
The IS-IS feature is enabled.
Segment routing is enabled for at least one address family under IS-IS.

Procedure

Command or Action

Purpose

Step 1

configure terminal

Enters global configuration mode.

Step 2

router isis instance-tag

Creates a new IS-IS instance with the configured instance tag.

Step 3

net network-entity-title

Configures the NET for this IS-IS instance.

Step 4

address-family ipv4 unicast

Enters address family configuration mode.

Step 5

segment-routing

Configures segment routing with IS-IS protocol.

Note

The IS-IS command is supported only on the IPv4 address family. It is not supported on the IPv6 address family.
Redistribution is not supported from any other protocol to ISIS for the SR prefixes. You need to enable ip router isis command on all the prefix SID interfaces.

Step 6

(Optional) show running-config segment-routing

(Optional)

Displays the status of the segment routing.

About OSPF

Open Shortest Path First (OSPF) is an Interior Gateway Protocol (IGP) developed by the OSPF working group of the Internet Engineering Task Force (IETF). Designed expressly for IP networks, OSPF supports IP subnetting and tagging of externally derived routing information. OSPF also allows packet authentication and uses IP multicast when sending and receiving packets.

Segment routing configuration on the OSPF protocol can be applied at the process or the area level. If you configure segment routing at the process level, it is enabled for all the areas. However, you can enable ore disable it per area level.

Segment routing on the OSPF protocol supports the following:

OSPFv2 control plane
Multi-area
IPv4 prefix SIDs for host prefixes on loopback interfaces
Adjacency SIDs for adjacencies

Adjacency SID Advertisement

OSPF supports the advertisement of segment routing adjacency SID. An Adjacency Segment Identifier (Adj-SID) represents a router adjacency in Segment Routing.

A segment routing-capable router may allocate an Adj-SID for each of its adjacencies and an Adj-SID sub-TLV is defined to carry this SID in the Extended Opaque Link LSA.

OSPF allocates the adjacency SID for each OSPF neighbor if the OSPF adjacency which are in two way or in FULL state. OSPF allocates the adjacency SID only if the segment routing is enabled. The label for adjacency SID is dynamically allocated by the system. This eliminates the chances of misconfiguration, as this has got only the local significance.

Connected Prefix-SID

OSPFv2 supports the advertisement of prefix SID for address associated with the loopback interfaces. In order to achieve this, OSPF uses Extended Prefix Sub TLV in its opaque Extended prefix LSA. When OSPF receives this LSA from its neighbor, SR label is added to the RIB corresponding to received prefix based upon the information present in extended prefix sub TLV.

For configuration, segment-routing has to be enabled under OSPF and corresponding to loopback interface that is configured with OSPF, prefix-sid mapping is required under the segment routing module.

Note

SID will only be advertised for loopback addresses and only for intra-area and inter-area prefix types. No SID value will be advertised for external or NSSA prefixes.

Prefix Propagation Between Areas

To provide segment routing support across the area boundary, OSPF is required to propagate SID values between areas. When OSPF advertises the prefix reachability between areas, it checks if the SID has been advertised for the prefix. In a typical case, the SID value come from the router, which contributes to the best path to the prefix in the source area. In this case, OSPF uses such SID and advertises it between the areas. If the SID value is not advertised by the router which contributes to the best path inside the area, OSPF will use the SID value coming from any other router inside the source area.

Segment Routing Global Range Changes

OSPF advertises it's segment routing capability in terms of advertising the SID/Label Range TLV. In OSPFv2, SID/Label Range TLV is a carried in Router Information LSA.

The segment routing global range configuration will be under the “segment-routing mpls” configuration. When the OSPF process comes, it will get the global range values from segment-routing and subsequent changes should be propagated to it.

When OSPF segment routing is configured, OSPF must request an interaction with the segment routing module before OSPF segment routing operational state can be enabled. If the SRGB range is not created, OSPF will not be enabled. When an SRGB change event occurs, OSPF makes the corresponding changes in it's sub-block entries.

Conflict Handling of SID Entries

In an ideal situation, each prefix should have unique SID entries assigned.

When there is a conflict between the SID entries and the associated prefix entries use any of the following methods to resolve the conflict:

Multiple SIDs for a single prefix - If the same prefix is advertised by multiple sources with different SIDs, OSPF will install the unlabeled path for the prefix. The OSPF takes into consideration only those SIDs that are from reachable routers and ignores those from unreachable routers. When multiple SIDs are advertised for a prefix, which is considered as a conflict, no SID will be advertised to the attached-areas for the prefix. Similar logic will be used when propagating the inter-area prefixes between the backbone and the non-backbone areas.
Out of Range SID - For SIDs that do not fit in our SID range, labels are not used while updating the RIB.

MPLS Forwarding on an Interface

MPLS forwarding must be enabled before segment routing can use an interface. OSPF is responsible for enabling MPLS forwarding on an interface.

When segment routing is enabled for a OSPF topology, or OSPF segment routing operational state is enabled, it enables MPLS for any interface on which the OSPF topology is active. Similarly, when segment routing is disabled for a OSPF topology, it disables the MPLS forwarding on all interfaces for that topology.

Configuring Segment Routing with OSPFv2

Configure segment routing with OSPFv2 protocol.

Before you begin

Confirm that the following conditions are met before configuring segment routing with OSPFv2:

The OSPFv2 feature is enabled.
The segment-routing feature is enabled.
Segment routing is enabled under OSPF.

Procedure

Command or Action Purpose

Step 1

configure terminal

Example:

switch# configure terminal
switch(config)#

Enters global configuration mode.

Step 2

[no]router ospf process

Example:

switch(config)# router ospf test

Enables the OSPF mode.

Step 3

segment-routing

Example:

switch(config-router)# segment-routing mpls

Configures the segment routing functionality under OSPF.

Configuring Segment Routing on OSPF Network- Area Level

Before you begin

Before you configure segment routing on OSPF network, OSPF must be enabled on your network.

Procedure

	Command or Action	Purpose
Step 1	router ospf process Example: `switch(config)# router ospf test`	Enables the OSPF mode.
Step 2	area `<area id>` segment-routing [mpls \| disable] Example: `switch(config-router)# area 1 segment-routing mpls`	Configures segment routing mpls mode in a specific area.
Step 3	[no]area `<area id>` segment-routing [mpls \| disable] Example: `switch(config-router)#area 1 segment-routing disable`	Disables segment routing mpls mode for the specified area.
Step 4	show ip ospf `process` segment-routing Example: `switch(config-router)# show ip ospf test segment-routing`	Shows the output for configuring segment routing under OSPF.

Configuring Prefix-SID for OSPF

This task explains how to configure prefix segment identifier (SID) index under each interface.

Before you begin

Segment routing must be enabled on the corresponding address family.

Procedure

	Command or Action	Purpose
Step 1	configure terminal Example: `switch# configure terminal`	Enters global configuration mode.
Step 2	[no]router ospf `process` Example: `switch(config)# router ospf test`	Configures OSPF.
Step 3	segment-routing Example: `switch(config-router)# segment-routing switch(config-sr)#mpls switch(config-sr-mpls)#`	Configures the segment routing functionality under OSPF.
Step 4	interface loopback `interface_number` Example: `switch(config-sr-mpls)# Interface loopback 0`	Specifies the interface where OSPF is enabled.
Step 5	ip address 1.1.1.1/32 Example: `switch(config-sr-mpls)# ip address 1.1.1.1/32`	Specifies the IP address configured on the ospf interface.
Step 6	ip router ospf 1 area 0 Example: `switch(config-sr-mpls)# ip router ospf 1 area 0`	Specifies the OSPF enabled on the interface in area.
Step 7	segment-routing Example: `switch(config-router)#segment-routing (config-sr)#mpls`	Configures prefix-sid mapping under SR module.
Step 8	connected-prefix-sid-map Example: `switch(config-sr-mpls)# connected-prefix-sid-map switch(config-sr-mpls-conn-pfxsid)#`	Configures the prefix SID mapping under the segment routing module.
Step 9	address-family ipv4 Example: `switch(config-sr-mpls-conn-pfxsid)# address-family ipv4 switch(config-sr-mpls-conn-pfxsid-af)#`	Specifies the IPv4 address family configured on the OSPF interface.
Step 10	1.1.1.1/32 index 10 Example: `switch(config-sr-mpls-conn-af)# 1.1.1.1/32 index 10`	Associates SID 10 with the address 1.1.1.1/32.
Step 11	exit Example: `switch(config-sr-mpls-conn-af)# exit`	Exits segment routing mode and returns to the configuration terminal mode.

Configuring Prefix Attribute N-flag-clear

OSPF advertises prefix SIDs via Extended Prefix TLV in its opaque LSAs. It carries flags for the prefix and one of them is N flag (Node) indicating that any traffic sent along to the prefix is destined to the router originating the LSA. This flag typically marks host routes of router's loopback.

Procedure

Command or Action Purpose

Step 1

configure terminal

Example:

switch# configure terminal
switch(config)#

Enters global configuration mode.

Step 2

interface loopback3

Example:

switch(config)# interface loopback3

Specifies the interface loopback.

Step 3

ip ospf prefix-attributes n-flag-clear

Example:

switch#(config-if)# ip ospf prefix-attributes n-flag-clear

Clears the prefix N-flag.

Configuration Examples for Prefix SID for OSPF

This example shows the configuration for prefix SID for OSPF.

Router ospf 10
     Segment-routing mpls    
Interface loop 0
    Ip address 1.1.1.1/32
    Ip router ospf 10 area 0
Segment-routing
   Mpls
      connected-prefix-sid-m  
          address-family ipv4
              1.1.1.1/32 index 10

BGP Prefix SID

In order to support segment routing, BGP requires the ability to advertise a segment identifier (SID) for a BGP prefix. A BGP prefix SID is always global within the segment routing BGP domain and identifies an instruction to forward the packet over the ECMP-aware best path computed by BGP to the related prefix. The BGP prefix SID identifies the BGP prefix segment.

Adjacency SID

The adjacency segment Identifier (SID) is a local label that points to a specific interface and a next hop out of that interface. No specific configuration is required to enable adjacency SIDs. Once segment routing is enabled over BGP for an address family, for any interface that BGP runs over, the address family automatically allocates an adjacency SID toward every neighbor out of that interface.

High Availability for Segment Routing

In-service software upgrades (ISSUs) are minimally supported with BGP graceful restart. All states (including the segment routing state) must be relearned from the BGP router's peers. During the graceful restart period, the previously learned route and label state are retained.

Overview of BGP Egress Peer Engineering With Segment Routing

Cisco Nexus 3000 Series switches are often deployed in massive scale data centers (MSDCs). In such environments, there is a requirement to support BGP Egress Peer Engineering (EPE) with Segment Routing (SR).

Segment Routing (SR) leverages source routing. A node steers a packet through a controlled set of instructions, known as segments, by prepending the packet with an SR header. A segment can represent any topological or service-based instruction. SR allows steering a flow through any topological path or any service chain while maintaining per-flow state only at the ingress node of the SR domain. For this feature, the Segment Routing architecture is applied directly to the MPLS data plane.

In order to support Segment Routing, BGP requires the ability to advertise a Segment Identifier (SID) for a BGP prefix. A BGP-Prefix is always global within the SR or BGP domain and it identifies an instruction to forward the packet over the ECMP-aware best-path that is computed by BGP to the related prefix. The BGP-Prefix-SID is the identifier of the BGP prefix segment.

The SR-based Egress Peer Engineering (EPE) solution allows a centralized (SDN) controller to program any egress peer policy at ingress border routers or at hosts within the domain.

In the following example, all three routers run iBGP and they advertise NRLI to one another. The routers also advertise their loopback as the next-hop and it is recursively resolved. This provides an ECMP between the routers as displayed in the illustration.

Figure 1. Example of Egress Peer Engineering

The SDN controller receives the Segment IDs from the egress router 1.1.1.1 for each of its peers and adjacencies. It can then intelligently advertise the exit points to other routers and hosts within the controller’s routing domain. As displayed in the illustration, the BGP Network Layer Reachability Information (NLRI) contains both the Node-SID to the Router 1.1.1.1 and the Peer-Adjacency-SID 24003, indicating that the traffic to 7.7.7.7 should egress over 12.1.1.1->12.1.1.3.

Guidelines and Limitations for BGP Egress Peer Engineering

See the following guidelines and limitations for BGP Egress Peer Engineering:

BGP Egress Peer Engineering is only supported for IPv4 BGP peers. IPv6 BGP peers are not supported.
BGP Egress Peer Engineering is only supported in the default VPN Routing and Forwarding (VRF) instance.
Any number of Egress Peer Engineering (EPE) peers may be added to an EPE peer set. However, the installed resilient per-CE FEC is limited to 32 peers.
A given BGP neighbor can only be a member of a single peer-set. Peer-sets are configured. Multiple peer-sets are not supported. An optional peer-set name may be specified to add neighbor to a peer-set. The corresponding RPC FEC load-balances the traffic across all the peers in the peer-set. The peer-set name is a string that is a maximum length of 63 characters (64 NULL terminated). This length is consistent with the NX-OS policy name lengths. A peer can only be a member of a single peer-set.
Adjacencies for a given peer are not separately assignable to different peer-sets.

Configuring Neighbor Egress Peer Engineering Using BGP

You can configure Egress Peer Engineering (EPE). The feature is valid only for external BGP neighbors and is not configured by default. EPE uses RFC 7752 encoding.

Before you begin

You must enable BGP.
After an upgrade, configure the TCAM region before configuring Egress Peer Engineering (EPE) on Cisco Nexus 3000 Series switches using the following commands:
1. switch# hardware access-list tcam region vpc-convergence 0
2. switch# hardware access-list tcam region racl 0
3. switch# hardware access-list tcam region mpls 256 double-wide

For more information, see the Using Templates to Configure ACL TCAM Region Sizes and Configuring ACL TCAM Region Sizes sections in the Cisco Nexus 3000 Series NX-OS Security Configuration Guide..

Procedure

	Command or Action	Purpose
Step 1	configure terminal Example: `switch# configure terminal switch(config)#`	Enters global configuration mode.
Step 2	router bgp <`bgp autonomous number`>	Specifies the autonomous router BGP number.
Step 3	neighbor <`IP address`>	Configures the IP address for the neighbor.
Step 4	[no\|default] egress-engineering [peer-set `peer-set-name`] Example: `switch(config)# router bgp 64497 switch(config-router)# neighbor 30.1.1.1 switch(config-router)# egress-engineering peer-set NewPeer`	Specifies whether a Peer-Node-SID is allocated for the neighbor and advertised in an instance of a BGP Link-State (BGP-LS) address family Link NLRI. If the neighbor is a multi-hop neighbor, a BGP-LS Link NLRI instance will also be advertised for each Equal-Cost-MultiPath (ECMP) path to the neighbor and will include a unique Peer-Adj-SID. Optionally, you can add the neighbor to a peer-set. The Peer-Set-SID will also be advertised in the BGP-LS Link NLRI in the same instance as the Peer-Node-SID. BGP Link-State NLRI will be advertised to all neighbors with the link-state address family configured. See RFC 7752 and draft-ietf-idr-bgpls-segment-routing-epe-05 for more information on EPE.

Configuration Example for Egress Peer Engineering

See the Egress Peer Engineering sample configuration for the BGP speaker 1.1.1.1. Note that the neighbor 20.20.20.20 is the SDN controller.

 hostname epe-as-1
install feature-set mpls
feature-set mpls

feature telnet
feature bash-shell
feature scp-server
feature bgp
feature mpls segment-routing

segment-routing mpls
vlan 1

vrf context management
  ip route 0.0.0.0/0 10.30.97.1
  ip route 0.0.0.0/0 10.30.108.1

interface Ethernet1/1
  no switchport
  ip address 10.1.1.1/24
  no shutdown

interface Ethernet1/2
  no switchport
  ip address 11.1.1.1/24
  no shutdown

interface Ethernet1/3
  no switchport
  ip address 12.1.1.1/24
  no shutdown

interface Ethernet1/4
  no switchport
  ip address 13.1.1.1/24
  no shutdown

interface Ethernet1/5
  no switchport
  ip address 14.1.1.1/24
  no shutdown

interface mgmt0
  ip address dhcp
  vrf member management


interface loopback1
  ip address 1.1.1.1/32
line console

line vty
ip route 2.2.2.2/32 10.1.1.2
ip route 3.3.3.3/32 11.1.1.3
ip route 3.3.3.3/32  12.1.1.3
ip route 4.4.4.4/32  13.1.1.4
ip route 20.20.20.20/32 14.1.1.20 

router bgp 1
  address-family ipv4 unicast
  address-family link-state
 neighbor 10.1.1.2
    remote-as 2
    address-family ipv4
    egress-engineering
 neighbor 3.3.3.3
   remote-as 3
   address-family ipv4
   update-source loopback1
   ebgp-multihop 2
   egress-engineering
 neighbor 4.4.4.4
   remote-as 4
   address-family ipv4
   update-source loopback1
   ebgp-multihop 2
   egress-engineering
neighbor 20.20.20.20
   remote-as 1
   address-family link-state
   update-source loopback1
   ebgp-multihop 2

Configuring EVPN Over Segment Routing or MPLS

You can configure EVPN over segment routing or MPLS.

Follow these steps to configure EVPN over segment routing or MPLS:

Before you begin

You must enable the command feature interface-vlan before configuring EVPN over segment routing or MPLS.

Procedure

	Command or Action	Purpose
Step 1	feature bgp	Enables BGP feature and configurations.
Step 2	install feature-set mpls	Enables MPLS configuration commands.
Step 3	feature-set mpls	Enables MPLS configuration commands.
Step 4	feature mpls segment-routing	Enables segment routing configuration commands.
Step 5	feature mpls evpn	Enables EVPN over MPLS configuration commands. This command is mutually exclusive with the feature-nv command.

Example

This example shows how to configure a VRF:

vrf context customer1
    rd auto  
    address-family ipv4 unicast
        route-target import auto 
        route-target export auto
        route-target import auto evpn  
        route-target export auto evpn

This example shows how to configure a SRBGP over segment routing:

mpls label range 1000 25000
 segment-routing mpls
  global-block 11000 20000
!
int lo1
  ip address 200.0.0.1/32
!
interface e1/13
  description “MPLS interface towards Core”
  ip address 192.168.5.1/24
  mpls ip forwarding
  no shut
route-map label_index_pol_100 permit 10
  set label-index 100
route-map label_index_pol_101 permit 10
  set label-index 101
route-map label_index_pol_102 permit 10
  set label-index 102
route-map label_index_pol_103 permit 10
  set label-index 103

router bgp 65000
 address-family ipv4 unicast
   network 200.0.0.1/32 route-map label_index_pol_100
    network 192.168.5.1/32 route-map label_index_pol_101
    network 101.0.0.0/24 route-map label_index_pol_103
    allocate-label all
  neighbor 192.168.5.6 remote-as 65000
      address-family ipv4 labeled-unicast
         send-community extended

Configuring the BGP Link State Address Family

You can configure the BGP link state address family for a neighbor session with a controller to advertise the corresponding SIDs. You can configure this feature in global configuration mode and neighbor address family configuration mode.

Before you begin

You must enable BGP.

Procedure

Command or Action Purpose

Step 1

configure terminal

Example:

switch# configure terminal 
switch(config)#

Enters global configuration mode.

Step 2

router bgp <bgp autonomous number>

Specifies the autonomous router BGP number.

Step 3

[no] address-family link-state

Example:

switch(config)# router bgp 64497
switch (config-router af)# address-family link-state

Enters address-family interface configuration mode.

Note

This command can also be configured in neighbor address-family configuration mode.

Step 4

neighbor <IP address>

Configures the IP address for the neighbor.

Step 5

[no] address-family link-state

Example:

switch(config)#router bgp 1
switch(config-router)#address-family link-state
switch(config-router)#neighbor 20.20.20.20
switch(config-router)#address-family link-state

Enters address-family interface configuration mode.

Note

This command can also be configured in neighbor address-family configuration mode.

Configuring MPLS Label Allocation

You can configure MPLS label allocation for the IPv4 unicast address family.

Before you begin

You must install and enable the MPLS feature set using the install feature-set mpls and feature-set mpls commands.

You must enable the MPLS segment routing feature.

Procedure

	Command or Action	Purpose
Step 1	configure terminal Example: `switch# configure terminal switch(config)#`	Enters global configuration mode.
Step 2	[no] router bgp `autonomous-system-number` Example: `switch(config)# router bgp 64496 switch(config-router)#`	Enables BGP and assigns the AS number to the local BGP speaker. The AS number can be a 16-bit integer or a 32-bit integer in the form of a higher 16-bit decimal number and a lower 16-bit decimal number in xx.xx format. Use the no option with this command to remove the BGP process and the associated configuration.
Step 3	address-family ipv4 unicast Example: `switch(config-router)# address-family ipv4 unicast switch(config-router-af)#`	Enters global address family configuration mode for the IPv4 address family.
Step 4	[no] allocate-label {all \| route-map `route-map-name`} Example: `switch(config-router-af)# allocate-label route-map map1`	Configures local label allocation for routes matching the specified route map or for all routes advertised in this address family.
Step 5	exit Example: `switch(config-router-af)# exit switch(config-router)#`	Exits global address family configuration mode.
Step 6	neighbor `ipv4-address` remote-as `autonomous-system-number` Example: `switch(config-router)# neighbor 10.1.1.1 remote-as 64497 switch(config-router-neighbor)#`	Configures the IPv4 address and AS number for a remote BGP peer.
Step 7	address-family ipv4 labeled-unicast Example: `switch(config-router-neighbor)# address-family ipv4 labeled-unicast switch(config-router-neighbor-af)#`	Advertises the labeled IPv4 unicast routes as specified in RFC 3107.
Step 8	(Optional) show bgp ipv4 labeled-unicast `prefix` Example: `switch(config-router-neighbor-af)# show bgp ipv4 labeled-unicast 10.10.10.10/32`	(Optional) Displays the advertised label index and the selected local label for the specified IPv4 prefix.
Step 9	(Optional) copy running-config startup-config Example: `switch(config-router-neighbor-af)# copy running-config startup-config`	(Optional) Copies the running configuration to the startup configuration.

Configuring BGP EVPN and Label Allocation Mode

You can use MPLS tunnel encapsulation using the encapsulation mpls command. You can configure the label allocation mode for the EVPN address family.

Advertisement of (IP or Label) bindings from a Cisco Nexus 9000 Series switch via BGP EVPN enables a remote switch to send the routed traffic to that IP using the label for that IP to the switch that advertised the IP over MPLS.

The IP prefix routes (Type-5) are:

Type-5 route with VXLAN encapsulation


RT-5 Route – IP Prefix

RD:	 L3 RD
IP Length: 	prefix length
IP address: 	IP (4 bytes)
Label1: 	L3VNI
Route Target

RT for IP-VRF
Tunnel Type	VxLAN
Router MAC

Type-5 route with MPLS encapsulation


RT-5 Route – IP Prefix

RD:	 L3 RD
IP Length: 	prefix length
IP address: 	IP (4 bytes)
Label1: 	BGP MPLS Label
Route Target
RT for IP-VRF

VPN labels can be per-prefix or aggregate (per-VRF). It is recommended to have per-VRF label for Layer 3 EVPN over MPLS.

Complete the following steps to configure BGP EVPN and label allocation mode:

Before you begin

You must install and enable the MPLS feature set using the install feature-set mpls and feature-set mpls commands.

You must enable the MPLS segment routing feature. See About Segment Routing.

Procedure

Command or Action Purpose

Step 1

configure terminal

Enters global configuration mode.

Step 2

[no] router bgp autonomous-system-number

Example:

switch(config)# router bgp 64496
switch(config-router)#

Enables BGP and assigns the AS number to the local BGP speaker. The AS number can be a 16-bit integer or a 32-bit integer in the form of a higher 16-bit decimal number and a lower 16-bit decimal number in xx.xx format.

Use the no option with this command to remove the BGP process and the associated configuration.

Step 3

address-family l2vpn evpn

Example:


switch(config-router)# address-family l2vpn evpn
switch(config-router-af)#

Enters global address family configuration mode for the Layer 2 VPN EVPN.

Step 4

exit

Example:

switch(config-router-af)# exit
switch(config-router)#

Exits global address family configuration mode.

Step 5

neighbor ipv4-address remote-as autonomous-system-number

Example:

switch(config-router)# neighbor 10.1.1.1 remote-as 64497
switch(config-router-neighbor)#

Configures the IPv4 address and AS number for a remote BGP peer.

Step 6

address-family l2vpn evpn

Example:

switch(config-router-neighbor)# address-family l2vpn evpn
switch(config-router-neighbor-af)#

Advertises the labeled Layer 2 VPN EVPN.

Step 7

encapsulation mpls

Example:


router bgp 100
  address-family l2vpn evpn
neighbor NVE2 remote-as 100
    address-family l2vpn evpn
      send-community extended
      encapsulation mpls
  vrf foo
    address-family ipv4 unicast
      advertise l2vpn evpn

BGP segment routing configuration:


router bgp 100
 address-family ipv4 unicast
   network 200.0.0.1/32 route-map label_index_pol_100
    network 192.168.5.1/32 route-map label_index_pol_101
    network 101.0.0.0/24 route-map label_index_pol_103
    allocate-label all
  neighbor 192.168.5.6 remote-as 20
      address-family ipv4 labeled-unicast
         send-community extended

Enables BGP EVPN address family and sends EVPN type-5 route update to the neighbors.

Note

The default tunnel encapsulation in EVPN for the IP route type in NX-OS is VXLAN. To override that, a new CLI is introduced to indicate MPLS tunnel encapsulation.

Step 8

vrf <customer_name>

Configures the VRF.

Step 9

send-community

To send the Border Gateway Protocol (BGP) community attribute to a peer, use the send-community command. To revert to the defaults, use the no form of this command.

Step 10

send-community extended

Provides an extended range to the send-community command, ensuring that communities can be assigned for many purposes, without overlap.

Step 11

address-family ipv4 unicast

Enters global address family configuration mode for the IPv4 address family.

Step 12

advertise l2vpn evpn

Advertises Layer 2 VPN EVPN.

Step 13

redistribute direct route-map DIRECT_TO_BGP

Redistributes the directly connected routes into BGP-EVPN.

Step 14

label-allocation-mode per-vrf

Sets the label allocation mode. The default label allocation is per VRF. You have to configure per-vrf label allocation mode explicitly.

For the EVPN address family, the default label allocation is per-vrf, compared to per-prefix mode for the other address-families where the label allocation CLI is supported. No form of CLI is displayed in the running configuration.

Example

See the following example for configuring per-prefix label allocation:

router bgp 65000
    [address-family l2vpn evpn]
    neighbor 10.1.1.1
        remote-as 100
        address-family l2vpn evpn
    neighbor 20.1.1.1
        remote-as 65000
        address-family l2vpn evpn
	encapsulation mpls
    vrf customer1
        address-family ipv4 unicast
            advertise l2vpn evpn
            redistribute direct route-map DIRECT_TO_BGP
            no label-allocation-mode per-vrf

BGP Prefix SID Deployment Example

In the simple example below, all three routers are running iBGP and advertising Network Layer Reachability Information (NRLI) to one another. The routers are also advertising their loopback interface as the next hop, which provides the ECMP between routers 2.2.2.2 and 3.3.3.3.

Verifying the Segment Routing Configuration

To display the segment routing configuration, perform one of the following tasks:

Command

Purpose

show bgp ipv4 labeled-unicast prefix

Displays the advertised label index and the selected local label for the specified IPv4 prefix.

show bgp paths

Displays the BGP path information, including the advertised label index.

show mpls label range

Displays the configured SRGB range of labels.

show route-map [map-name]

Displays information about a route map, including the label index.

show running-config | inc 'feature segment-routing'

Displays the status of the MPLS segment routing feature.

show ip ospf neighbors detail

Displays the list of OSPFv2 neighbors and the adjacency SID allocatte, laong with the corresponding flags.

show ip ospf database opaque-area

Displays the LSAs for the adjacency SID.

show ip ospf segment-routing adj-sid-database

Displays all locally allocated adjacency SIDs.

show running-config segment-routing

Displays the status of the segment routing feature.

show segment-routing mpls

Displays segment routing mpls information

show segment-routing mpls clients

Displays the clients registered with the SR-APP.

show segment-routing mpls details

Displays detailed information.

show segment-routing ipv4

Displays the information for the IPv4 address family.

show segment-routing ipv4 connected-prefix-sid

Displays the MPLS label range for the SRGB.

Note

This command is only available in Cisco NX-OS Release 9.3(1) .

show ip ospf process

Displays the OSPF mode.

show ip ospf process segment-routing sid-database

Displays the segment routing database details.

show ip ospf process segment-routing global block

Displays the segment routing global block information.

Bias-Free Language

Results

Chapter: Configuring Segment Routing

Configuring Segment Routing

About Segment Routing

Segment Routing Application Module

Guidelines and Limitations for Segment Routing

Configuring Segment Routing

Configuring Segment Routing

Before you begin

Procedure

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example

Enabling MPLS on an Interface

Before you begin

Procedure

Example:

Example:

Example:

Example:

Configuring the Segment Routing Global Block

Before you begin

Procedure

Example:

Example:

Example:

Example:

Example:

Example:

Configuring the Label Index

Procedure

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Configuration Examples for Segment Routing

About IS-IS

Configuring Segment Routing with IS-IS Protocol

Before you begin

Procedure

About OSPF

Adjacency SID Advertisement

Connected Prefix-SID

Prefix Propagation Between Areas

Segment Routing Global Range Changes

Conflict Handling of SID Entries

MPLS Forwarding on an Interface

Configuring Segment Routing with OSPFv2

Before you begin

Procedure

Example:

Example:

Example:

Configuring Segment Routing on OSPF Network- Area Level

Before you begin

Procedure

Example:

Example:

Example:

Example:

Configuring Prefix-SID for OSPF

Before you begin

Procedure

Example:

Example:

Example:

Example:

Example: