Ruijie Network Devices and Solutions Provider User Guide

Q: How to enable targeted hello packet receiving on an LDP instance?
A: Refer to section 1.6.8 of the Configuration Guide for detailed instructions.

View Fullscreen

Introduction

Multiprotocol Label Switching (MPLS) is a tunneling technology that uses labels for efficient data transmission on backbone networks. MPLS supports multiple network layer protocols, such as Internet Protocol (IP), IPv6, and Internetwork Packet Exchange (IPX) and is compatible with various link layer technologies, such as Asynchronous Transfer Mode (ATM), frame relay, Ethernet, and Point-to-Point Protocol (PPP). MPLS was first introduced to enhance the forwarding rate of routing devices.

With MPLS, a device needs to analyze only the headers of forwarding IP packets at the MPLS network edge and does not need to analyze each hop on the MPLS network. This reduces the processing time when compared with traditional IP routing. With the development of hardware technologies and network processors, MPLS has gradually lost its appeal in efficient forwarding. However, MPLS provides connection-oriented label switching attributes to connectionless IP networks and integrates the flexibility of IP routing and the simplicity of Layer 2 switching. Due to the innate advantage of combining Layer 2 switching and Layer 3 routing technologies, MPLS still has unprecedented edges over other technologies in terms of virtual private networks (VPNs) and traffic engineering (TE). Therefore, MPLS is widely used in VPN and TE scenarios.

MPLS Network Structure
An MPLS network comprises label edge routers (LERs) and label switching routers (LSRs). LERs are located at the edges of an MPLS network. An ingress LER classifies packets entering the MPLS
network, adds labels to the packets, and encapsulates the packets into MPLS packets to forward. An egress LER pops the labels off outgoing MPLS packets and restores the packets to original ones. An LER provides traffic classification, label mapping, and label removal functions. LSRs are located at the core of an MPLS network, run an MPLS signaling protocol, and forward packets based on labels.
Figure 1-1 MPLS Network Structure

Configuring MPLS Basics

Devices running MPLS are MPLS nodes. As shown in Figure 1-1, the LERs and LSRs on the MPLS network are MPLS nodes. MPLS nodes can identify MPLS signaling protocols, run one or more Layer 3 routing protocols (including static routing protocols), and forward packets based on MPLS labels. Generally, MPLS nodes are also capable of forwarding original Layer 3 packets (such as IP packets). The LER at the entry of an LSP is called the ingress LER, an LSR in the middle of the LSP is called a transit
LSR, and the LER at the exit of the LSP is called the egress LER. An LSP may have no, one, or multiple transit LSRs but can have only one ingress LER and one egress LER. An LSP is a unidirectional path based on the data flow. According to the LSP direction, MPLS packets are forwarded from the ingress LER to the egress LER. Therefore, the ingress LER is an upstream node of the transit LSR, and the transit LSR is a downstream node of the ingress LER. In the same way, the transit LSR is an upstream node of the egress LER, and the egress LER is a downstream node of the transit LSR.

1.1.2 MPLS Label

1. FEC

MPLS groups packets with the same characteristics into an FEC. In IP unicast routing, FECs are classified based on the destination address prefixes. All packets to the same destination belong to the same FEC. That is, one route corresponds to one FEC. Packets of the same FEC are handled in the same way on an MPLS network.
2. Label

A label is a short identifier with fixed length and of local significance. Labels are distributed and transmitted only between two adjacent MPLS nodes. Therefore, they are valid only between the adjacent MPLS nodes.

Figure 1-2 MPLS Label Structure

Layer 2 header

MPLS Label

Layer 3 header

Layer 3 payload

0 Label

22 23

Exp S

31 TTL

A label is 32-bit long and consists of the following four fields: Label field
This field is 20-bit long and used to store the label value. Each label uniquely identifies an FEC. The Internet Engineering Task Force (IETF) defines 0 to 15 as special labels. The following table describes the meanings of these special labels.

Configuration Guide

Configuring MPLS Basics

Table 1-1 Special Labels Label Description

Indicates the IPv4 explicit null label. During IPv4 packet forwarding, if the outgoing label of the penultimate LSR is 0, the penultimate LSR must push label 0 to the top of the label stack before 0 forwarding the packet to the next hop. When the last hop receives the packet with label 0, it pops label 0 off.

Indicates the router alert label. This label is not allowed at the bottom of the label stack. It is similar

to the Router Alert Option of IP packets. When receiving packets with label 1, a router must send

the packets to the local software module to process. Actually, the packets are forwarded based on

the label below label 1. Before packet forwarding, however, label 1 must be pushed to the label

stack again. Each LSR must check MPLS packets that carry label 1.

Indicates the IPv6 explicit null label. During IPv6 packet forwarding, if the outgoing label of the penultimate LSR is 2, the penultimate LSR must push label 2 to the top of the label stack before 2 forwarding the packet to the next hop. When the last hop receives the packet with label 2, it pops label 2 off.

Indicates the implicit null label. This label can be distributed by the Label Distribution Protocol (LDP) but can never be transmitted in the label stacks of MPLS packets. When an LSR swaps the 3 label for an MPLS packet and finds that the top label to be swapped is 3, the LSR pops the top label off rather than replacing it. Label 3 is used in the Penultimate Hop Popping (PHP) function.

415

Reserved

Exp field This field is 3-bit long and used to store the MPLS quality of service (QoS) information.
S tag This field is 1-bit long and used to identify the stack bottom. MPLS supports label nesting. When multiple labels exist, the S bit is set to 1 for the stack bottom label and to 0 for other labels. When only one label exists, the S bit is set to 1.
TTL This field is 8-bit long and similar to the time to live (TTL) value in IP packet headers.
3. Label Stack
An MPLS packet can carry multiple layers of labels, that is, a label stack. The label stack enables MPLS to support hierarchical network systems. As shown in Figure 1-3, the label that is close to the link layer header is the top label, and the label that is next to the IP header is the bottom label. An LSR always swaps labels based on the top label. When multiple labels exist, each label must be complete and have 32 bits.

Configuration Guide Figure 1-3 MPLS Label Stack

Configuring MPLS Basics

Layer 2 header Outer MPLS label Inner MPLS label Layer 3 header Layer 3 payload

Label Stack

4. Operation Methods of Labels MPLS nodes can push, swap, and pop labels.

Figure 1-4 Basic Label Operations

Push

100 IP

300 IP

Push

200 300 IP

100 IP

Swap

200 IP

100 300 IP

Swap

200 300 IP

Pop

100 IP

200 300 IP

Pop 300 IP

Push The ingress LER inserts a label between the link layer header and network layer header, or a transit LSR pushes a new label to the stack top of an MPLS packet.
Swap A transit LSR swaps the top label of an MPLS packet based on the incoming label map (ILM).
Pop The egress LER pops labels off an MPLS packet to restore the IP packet, or a transit LSR pops the top label off to reduce the layers of a label stack.
1.1.3 MPLS Forwarding
1. MPLS Forwarding Tables During MPLS forwarding, three tables are involved: Next Hop Label Forwarding Entry (NHLFE), FEC-To-NHLFE (FTN), and Incoming Label Map (ILM). NHLFE
4

Configuration Guide

Configuring MPLS Basics

The NHLFE table is used to store the next-hop information of MPLS packets. Generally, it contains the following content: Next hop of data packets Link layer encapsulation of data packets to be forwarded Encoding method in the label stack of data packets to be forwarded Operations to the label stack of data packets FTN
The FTN table maps each FEC to a series of NHLFEs (multiple NHLFEs indicate multiple paths). The FTN table is used when an LER receives packets to be forwarded without labels. When an LER receives an IP data packet without labels, the LER matches the destination address of the IP data packet using the maximum matching rule according to the FTN table. If a next hop is found, the LER encapsulates the IP data packet with a label and forwards it. ILM
The ILM table maps each incoming label to a series of NHLFEs (multiple NHLFEs indicate multiple paths). The ILM table is applied when an LSR receives and forwards labeled MPLS packets.
2. MPLS LSP Setup

MPLS nodes can forward packets between each other only after they have reached a consensus on the labels used for the packets and set up an LSP. LSPs can be manually configured or dynamically set up using an MPLS signaling protocol. Static LSPs
Static LSPs are set up by manually distributing labels on MPLS nodes. Static LSPs do not need control packet exchange and consume fewer resources than dynamic LSPs. However, you need to manually configure static LSPs one by one. In addition, static LSPs cannot automatically adapt to network topology changes. Therefore, static LSPs are suitable only for small-scale networks with simple and stable topologies. Dynamic LSPs
MPLS signaling protocols classify FECs, distribute labels, and set up and maintain LSPs. MPLS signaling protocols include protocols designed specifically for label distribution, such as LDP, and protocols extended to support label distribution, such as Multiprotocol Border Gateway Protocol (MP-BGP).
3. MPLS Packet Forwarding Process
On an MPLS network, the MPLS nodes enable traditional IP routing protocols (such as OSPF and IS-IS) and create IP routing tables. The LDP creates LSPs based on IP routing tables and distributes labels to MPLS nodes.

Configuration Guide Figure 1-5 MPLS Packet Forwarding Process

Configuring MPLS Basics

L1 IP

L2 IP

L3 IP

Ingress

Transit

Egress

IP Network

LER1

LSR1

MPLS Network

LSR2

LER2

IP Network

As shown in Figure 1-5, the MPLS packet forwarding process is as follows: (1) The ingress LER (LER1) receives an IP packet, analyses the packet header, associates it with an FEC, adds
label L1 corresponding to the FEC to the packet, and sends the labeled packet to the next-hop LSR through the LSP of Layer 1. (2) After receiving the labeled packet, the next-hop transit LSR (LSR1) searches the ILM based on the top label L1, replaces L1 with new label L2, and forwards the packet to the next-hop LSR (LSR2). (3) LSR2 processes the packet similar to LSR1. (4) After receiving the labeled packet, the egress LER (LER2) pops the label off the packet and forwards the packet based on the IP routing table.
4. PHP
After receiving a labeled packet, the egress LER on an MPLS network needs to search the ILM and pop the label off before forwarding the packet. To reduce the burden of the egress LER, the PHP function is introduced. The PHP function is implemented by assigning a null label. It ensures that labels are popped off on the penultimate LSR. In this case, the egress LER only needs to perform one table lookup. PHP-assigned null labels include explicit and implicit null labels. The explicit null label is 0. When the penultimate LSR receives a labeled packet and finds that the outgoing
label of the packet is 0 according to the ILM, the penultimate LSR replaces the outermost label of the packet with label 0 and sends the packet to the egress LER. After receiving the packet with label 0, the egress LER pops label 0 off the packet and forwards the packet based on the IP routing table. The implicit null label is 3. When the penultimate LSR receives a labeled packet and finds that the outgoing label of the packet is 3 according to the ILM, the penultimate LSR pops the label off and sends the original IP packet to the egress LER. After receiving the original IP packet, the egress LER forwards the packet based on the IP routing table.
5. TTL Processing Mode
The TTL field in MPLS packets is processed using two modes: Uniform mode and Pipe mode. Uniform mode
When an IP packet enters an MPLS network, the ingress LER pushes a label to the IP packet by decreasing the TTL value of the IP packet by 1 and then copying the TTL value to the TTL field of the new label. The TTL value in the top label is decreased by 1 each time the packet passes through an LSR. When the egress LER pops the label off, it decreases the TTL value in the label by 1 and copies the TTL value to
6

Configuration Guide

Configuring MPLS Basics

the TTL field of the IP packet. In Uniform mode, the TTL value of the inner header is not copied but retained if it is smaller than the TTL value of the outer header.

Figure 1-6 Packet Processing in Uniform Mode

Label TTL
Pipe mode When an IP packet enters an MPLS network, the ingress LER pushes a label to the IP packet by decreasing the TTL value in the IP packet by 1 and setting the TTL value in the new label to 255. The TTL value in the top label is decreased by 1 each time the packet passes through an LSR, and the TTL value of the IP packet remains unchanged. When the egress LER pops the label off, it decreases the TTL value of the IP packet by 1.
Figure 1-7 Packet Processing in Pipe Mode
Label TTL
In Pipe mode, a customer edge (CE) can use the tracert tool to trace all nodes that a packet passes through on an MPLS backbone network. To ensure network security, you are advised to use the Pipe mode. In this case, the TTL value of an IP packet is decreased by 1 only at the ingress LER and egress LER regardless of how many hops the packet passes through on an MPLS network. This helps hide the MPLS network structure. 6. LSP Connectivity Test When a data forwarding fault occurs along an LSP on an MPLS network, the control plane that is responsible for establishing the LSP cannot perceive the fault. This results in complex network maintenance. To reduce the
7

Configuration Guide

Configuring MPLS Basics

network maintenance costs and improve the MPLS network availability, two LSP connectivity test tools are introduced, that is, MPLS ping and MPLS traceroute. Similar to traditional ping and traceroute, LSP connectivity test is based on the echo request and echo reply mode. The only difference is that MPLS ping and MPLS traceroute are implemented based on User Datagram Protocol (UDP) instead of Internet Control Message Protocol (ICMP). Echo requests use UDP port 3503, and only devices with MPLS enabled can identify this port. MPLS ping
MPLS ping is used to check the LSP connectivity. The ingress LER pushes the label of the LSP to be tested to an MPLS Echo Request packet and forwards the packet to the egress LER along the LSP. The egress LER returns an MPLS Echo Reply packet. If the MPLS Echo Reply packet received by the ingress LER is normal, the LSP forwards data normally. If the MPLS Echo Reply packet received by the ingress LER carries an error code, the LSP is faulty. MPLS traceroute
MPLS traceroute is used to trace LSRs between the ingress LER and egress LER. In addition to checking the LSP connectivity, MPLS traceroute can locate the network fault. The ingress LER sends MPLS Echo Request packets continuously along the LSP. Each LSR along the LSP returns an MPLS Echo Reply packet after receiving a Request packet. Therefore, the ingress LER can collect information of each LSR and locate the fault position. In addition, MPLS traceroute can collect labels assigned to LSRs and other important information.
1.1.4 MPLS Static LSPs

To implement basic MPLS forwarding functions, you can statically configure LSPs rather than using the LDP. On each hop of an MPLS network, you can statically configure the incoming and outgoing labels, next hop, and other information to generate an ILM and set up an MPLS LSP, which is called a static LSP.

Note Static LSP configuration is independent of the LDP and does not rely on IPv4 routes. Even if no IPv4 routes exist on a network, a static LSP takes effect as long as the physical network is reachable.

A static LSP is set up as follows: (1) Create a static FTN entry (including the outgoing label of the destination network segment and LSP next hop
or the outbound interface to the next hop) for an FEC on the ingress LER and bind the FEC to a label. When receiving an IP data packet, the ingress LER queries the FTN table for the next hop using the maximum matching rule based on the destination address of the packet. If a next hop is found, the ingress LER adds the outgoing label of the FEC to the packet, imports the IP traffic to the LSP, and forwards the packet to the specified next hop or through the outbound interface. (2) Create a static ILM entry (including the outgoing label corresponding to the incoming label and LSP next hop or the outbound interface to the next hop) on the transit LSR and map the incoming label to the outgoing label. When the transit LSR receives a labeled data packet, it queries the ILM table for the next hop based on the label value carried in the packet. If a next hop is found, the transit LSR replaces the label in the packet with the outgoing label corresponding to this label and forwards the packet to the specified next hop or through the outbound interface. If PHP is enabled on the penultimate LSR (that is, the ILM outgoing label on the LSR is the implicit null label 3), the penultimate LSR pops the label off before forwarding the packet.
8

Configuration Guide

Configuring MPLS Basics

(3) If the outgoing label of the penultimate LSR is not set to 0 or 3, configure a static ILM entry on the egress LER. The packet received by the egress LER still carries a label value. The egress LER needs to pop the label off based on the ILM entry and forward the packet. If the outgoing label of the penultimate LSR is set to 0 or 3, the egress LER receives a common IP packet and can directly forward it.
1.1.5 MPLS LDP

1. Introduction
LDP is a process of reaching a consensus on the meaning of labels used for traffic transmission between two LSRs. With the LDP, an LSR can map IP routing information to an MPLS LSP and advertise the label binding information to the adjacent LSR to establish a dynamic LSP.
2. Basic Concepts LDP peers
LDP peers are LDP instances on two LSRs that exchange label binding information. LDP router ID
An LDP router ID, that is, an LSR ID, uniquely identifies an LSR in a domain. It is expressed in IPv4 address format. The system router ID is used as the LDP router ID by default. The LDP router ID must be globally unique. LDP session An LDP session is established between LDP peers to exchange label binding information. Transmission Control Protocol (TCP) connections are used to establish LDP sessions.
3. Working Process

The LDP working process includes three phases: LDP peer discovery and maintenance, LDP session establishment and maintenance, and LSP setup. LDP peer discovery and maintenance
An LDP instance periodically sends Hello packets to advertise itself and monitors the Hello packets to discover LDP peers. If no Hello packet is received from an LDP peer within a specified time, it is regarded that the LDP peer is invalid. This period is called the hold time of Hello packets. LDP session establishment and maintenance
After an LDP instance finds an LDP peer by using Hello packets, the LDP instance establishes a TCP connection based on the transport address advertised in the Hello packets and exchanges initial messages on the connection to negotiate LDP session parameters and establish an LDP session.
After an LDP session is established, both parties periodically send keepalive packets to monitor the TCP connection. If no keepalive packet is received from the peer within a specified time, the other party regards that the connection is invalid and proactively disconnects the session. This period is called the hold time of keepalive packets.
To enhance the security of LDP sessions, you can configure the MD5 authentication for the TCP connections used by the LDP sessions. LSP setup
After an LDP session is established, the LDP peers exchange label messages and bind labels to create LSPs for FECs.

Configuration Guide

Configuring MPLS Basics

LSP setup is in fact the process of binding FECs to labels and notifying adjacent LSRs of the bindings. For details about the LDP implementation process, see RFC 3036.
4. LDP Label Management Policy

LDP label management policies include the label distribution control policy and label reception control policy. Label distribution control
The LDP distributes labels to all valid interior gateway protocol (IGP) routes (excluding BGP routes) by default. In some special situations, you may want to distribute labels only to some routes or only to certain LDP peers. To reduce the device and network burden, you can use the label distribution control policy to reduce the using of labels and the number of LSPs. The label distribution control policy achieves the following effects: The policy distributes label mapping messages only for FECs corresponding to specified IP routes. The policy distributes label mapping messages only to specified LDP peers. The policy achieves both of the preceding two effects at the same time. Label reception control
By default, an LDP instance receives all label mapping messages in LDP sessions regardless of the session mode (DU or DoD). For sessions in DoD mode, the LDP will send label request messages for LDP peers to an LDP peer with this peer as the next hop. The label reception control policy achieves the following effects: The policy receives only label mapping messages of FECs corresponding to specified IP routes from
specified peers. The policy sends label request messages of specified FECs only to specified LDP peers. The policy rejects label mapping messages from specified peers. The policy does not send label request messages to specified peers.
5. LSP Traffic Diversion Policy Control

LDP diverts traffic of all valid IGP routes (except BGP routes) to LSPs by default. In some specific situations, LDP diverts traffic of specific routes to reduce the number of LSPs and reduce the workload of devices and the network. Traffic diversion policies can be configured to achieve the following effects:
Divert traffic only for specific IP routes matched by ACL. Divert traffic only for host routes. Divert traffic for all routes. Do not divert traffic for any routes.
6. Iterating IP Routes to LDP LSPs

The next hop of an IP route is not always directly connected. For example, the next hops between IBGP neighbors are the router IDs of two BGP nodes. Because the network between IBGP neighbors and the BGP routes are isolated, traffic match the BGP routes cannot be directly forwarded to the remote BGP neighbors. In this case, a tunnel needs to be established between IBGP neighbors to ensure that traffic match the route can be forwarded to the remote BGP neighbors through the tunnel. An MPLS LSP is a natural tunnel that can meet this requirement.

Configuration Guide Figure 1-8 Iterating IGP Routes to LDP LSPs

Configuring MPLS Basics

LDP session

IP routing

As shown in Figure 1-8, LER2 learns the route of CE2 through the IBGP or static routing protocol and advertises the CE2 route to LER1 using IBGP. LER1 releases the CE2 route to CE1. A route entry is generated on LER1 for the CE2 route, and the next hop is the next-hop address advertised by the IBGP neighbor. Because LSR1 does not learn the CE2 route, it cannot forward the traffic from LER1 to CE2 based on IP routing. In this case, an MPLS LSP needs to be set up between LER1 and LER2 to forward traffic from LER1 to LER2. Then, IP routing is performed to send the traffic to CE2. The process of iterating IP routes to LDP LSPs is as follows: (1) Set up an LDP LSP. Establish LDP neighbor relationship among LER1, LSR1, and LER2 and set up an LDP
LSP. For the detailed process, see 1.1.5 MPLS LDP. (2) Iterate IP routes to the LDP LSP. (3) Enable the function of iterating IP routes to LDP LSPs on LER1 to iterate the CE2 route on LER1 to the LDP
LSP. To ensure successful iteration, an FTN entry with the IP route next hop as the FEC must exist on LER1.
1.1.6 MPLS Tunnel Policies
Tunnel policies instruct VPN routes to select dependent public network tunnels. As shown in Figure 1-1, there are two types of labeled tunnels on the MPLS core network: LSP tunnel and TE tunnel. Generally, a common LSP is used as the carrier tunnel for VPN traffic, but the LSP tunnel cannot guarantee the bandwidth. To meet the bandwidth requirements of VPN services, the tunnel selection method can be used to select a TE tunnel. However, one TE tunnel can be selected by different VPNs, so some bandwidth will be consumed by other VPNs.
Figure 1-1 MPLS Labeled Tunnels

VPN1 CE1

PE1

MPLS Network
LS P1
LS P2
TE

PE2

VPN1 CE2

VPN2 CE3

VPN2 CE4

Configuration Guide

Configuring MPLS Basics

1. LSP Tunnel

LSP tunnels are common labeled tunnels established by a label distribution protocol (such as LDP or BGP) to IP unicast routes.
2. GRE Tunnel

GRE tunnels are common IP tunnels. Generally, the MPLS network is rarely deployed in the public network environment, and VPN cannot traverse the IP public network. A binding policy for a tunnel policy can implement VPN over GRE to allow VPN to traverse the IP public network.
3. Tunnel Selection Method
The tunnel selection method is used on the MPLS core network. You can configure tunnel priorities based on which VPN services select public network tunnels. LSP tunnels and MPLS TE tunnels are available for selection. Tunnels of a type with high priority are selected preferentially by VPN routes.
1.1.7 GTSM

To improve the security of LDP sessions, you can configure GTSM for LDP sessions.
Basic principles of GTSM: In common public networks, LDP sessions are usually established between directly connected neighbors. In this case, the IP TTL value of received LDP packets remains unchanged (the packet is not forwarded, so the value does not decrease by 1). That is, if the TTL value is set to 255 when a packet is sent, the device receiving the packet can determine whether the packet is sent by a directly connected neighbor by checking whether the TTL value is still 255. In addition to LDP, you can apply GTSM to most network protocols that are established between directly connected neighbors, effectively defending against denial of service (DoS) attacks from remote devices.
Because GTSM is simple and robust (the TTL value cannot be forged), LDP IPv4 can support GTSM through a simple add-on. Considering compatibility, if you want to enable GTSM for LDP IPv4 sessions, both session parties need to support GTSM (see the negotiation mechanism in RFC 6720). In addition, the TTL value is set to 1 when an IPv4 link Hello packet is sent, so IPv4 link Hello packets do not support GTSM.
Considering the robustness of GTSM, if GTSM is performed based on the rule of directly connected neighbors (that is, the TTL value must be 255 when a packet is received), the LDP-IGP synchronization mechanism may fail, as shown in the following topology.

Figure 1-9 GTSM

LSR A

LSR B

LSR C 12

Configuration Guide

Configuring MPLS Basics

In LDP-IGP synchronization, if the link between LSRA and LSRB recovers, IGP suppresses traffic transmission through the direct link before the session between LSRA and LSRB is established. As a result, the TCP unicast packets between LSRA and LSRB are transmitted along the LSRA-LSRC-LSRB link. When the packets arrive, the TTL value is 254 and the packets are filtered out by GTSM. As a result, the session cannot be established, and IGP continues to suppress traffic on the link. (Note that link Hello packets are multicast packets and are not affected by IGP routes. They are still transmitted over direct links.)
To address the preceding issue, disable GTSM during device running or relax the protection conditions (for example, you can set the hop count of the preceding topology to two so that packets with a TTL value of 255 or 254 are not filtered out).
In summary, LDP requires GTSM in the following scenario: You can enable or disable GTSM for IPv4 sessions separately. After GTSM is enabled, the TTL value is set
to 255 when a packet is sent, and GTSM check is performed on the received packet. The destination port number is 646, the source address is the IPv4 address of the session peer, the destination address is the IPv4 address of the local device of the session, and the packet is an IPv4 TCP packet. The packet is discarded if the TTL value of the matched packet is smaller than the specified value (255 by default).
1.1.8 Protocols and Standards

RFC 3032: MPLS Label Stack Encoding RFC 3036: LDP Specification RFC 4182: Removing a Restriction on the use of MPLS Explicit NULL RFC 5283: LDP Extension for Inter-Area Label Switched Paths (LSPs)

1.2 Restrictions and Guidelines
MPLS interface-related commands can be configured on Layer 3 interfaces only. Non-Layer 3 interfaces can configure MPLS related commands only after they are converted to Layer 3 interfaces.
On some platforms, if an MPLS signaling protocol, such as LDP is enabled when MPLS forwarding is disabled globally, IP packet forwarding may be invalid. If MPLS forwarding is not required, you are advised to disable the related MPLS signaling protocol at the same time.

1.3 Configuration Task Summary
MPLS configuration includes the following tasks: (1) Configuring a Static LSP (2) Configuring Basic LDP Functions (3) (Optional) Configuring an LDP LSP (4) Iterating IP Routes to LDP LSPs (5) (Optional) Configuring LSP Connectivity Detection (6) Configuring LSP Connectivity Detection (7) Configuring GTSM

Configuration Guide

Configuring MPLS Basics

1.4 Configuring MPLS Public Functions

1.4.1 Configuration Tasks
MPLS public function configuration includes the following tasks: (1) Configuring MPLS Forwarding (2) (Optional) Configuring the MPLS MTU for an Interface (3) (Optional) Configuring the Processing Method for ICMP Error Messages (4) (Optional) Configuring an MPLS TTL Processing Mode (5) (Optional) Configuring DiffServ Mode for MPLS Penultimate Hop
1.4.2 Configuring MPLS Forwarding
1. Overview
After MPLS forwarding is enabled, a device preferentially forwards packets according to their labels. If packet forwarding based on labels fails, the device then attempts to forward the packets according to their IP addresses.
2. Restrictions and Guidelines Unless otherwise specified, enable MPLS forwarding globally on each LSR that an LSP passes through. Unless otherwise specified, enable MPLS forwarding on each interface that an LSP passes through. When labeled MPLS packet forwarding is enabled on an interface, adjust the maximum transmission unit
(MTU) on the interface based on the service type. Otherwise, transmission of large packets may be affected.
This feature controls MPLS incoming label map (ILM) entry forwarding on an inbound interface but not
an outbound interface. 3. Procedure
(1) Enter the privileged EXEC mode. enable
(2) Enter the global configuration mode. configure terminal
(3) Enable MPLS forwarding globally. mpls enable MPLS forwarding is disabled globally by default. To implement MPLS forwarding on a device, enable MPLS forwarding globally first.
(4) Enter the interface configuration mode. Enter the Layer 3 Ethernet interface configuration mode. interface ethernet-type interface-number Enter the Layer 3 link aggregation configuration mode. interface aggregateport interface-number Enter the Layer 3 Ethernet subinterface configuration mode. interface ethernet-type interface-number.subnumber

Configuration Guide

Configuring MPLS Basics

Enter the Layer 3 aggregated subinterface configuration mode. interface aggregateport interface-number.subnumber
(5) Enable an interface to forward labeled MPLS packets. label-switching Labeled MPLS packet forwarding is disabled on an interface by default.

1.4.3 Configuring the MPLS MTU for an Interface

1. Overview

The MPLS MTU determines whether MPLS packets need be fragmented when being forwarded. The MPLS MTU indicates the overall length of the MPLS encapsulation and encapsulated (such as IP) layers. Devices that support MPLS packet fragmentation will fragment MPLS packets based on the MPLS MTU of an interface when the packet length is longer than the MPLS MTU of the interface after MPLS label encapsulation. Devices that do not support MPLS packet fragmentation will discard packets whose length is longer than the MTU of an interface after MPLS label encapsulation.

2. Restrictions and Guidelines
The mpls mtu command is used to configure an interface MTU for MPLS packets. When you run the mtu-check-mode ip slot slot-id command, the MPLS MTU contains the length of the encapsulated layer (such as IP) but not the MPLS encapsulation layer. When you run the mtu-check-mode label-contained-length slot slot-id command, the MPLS MTU is the sum of the MPLS encapsulation layer length and the encapsulated layer (such as IP) length.
The mpls mtu command is valid to outgoing traffic but not incoming traffic. You can run the mpls path-mtu independent command to determine whether the MPLS MTU takes effect
independently. (The smaller one between the IP MTU and MPLS MTU is used by default.) When you run the interface range command to configure an MPLS MTU for interfaces in a batch, the
maximum value of mpls-mtu is the largest MTU of all the interfaces.

3. Procedure

(1) Enter the privileged EXEC mode. enable
(2) Enter the global configuration mode. configure terminal
(3) (Optional) Enable the MPLS MTU to take effect independently. mpls path-mtu independent The MPLS MTU does not take effect independently by default.
(4) (Optional) Configure an interface MTU check method. mtu-check-mode { ip | label-contained-length } slot slot-id The device checks the interface MTU based on the IP packet length by default.
(5) Enter the interface configuration mode. Enter the Layer 3 Ethernet interface configuration mode.

Configuration Guide

Configuring MPLS Basics

interface ethernet-type interface-number Enter the Layer 3 link aggregation configuration mode.
interface aggregateport interface-number Enter the Layer 3 Ethernet subinterface configuration mode.
interface ethernet-type interface-number.subnumber Enter the Layer 3 aggregated subinterface configuration mode.
interface aggregateport interface-number.subnumber Enter the loopback interface configuration mode.
interface loopback (6) Configure the MPLS MTU for an interface.
mpls mtu mpls-mtu The MTU of MPLS packets that can be transmitted by an interface is the same as the MTU of the interface by default.

1.4.4 Configuring the Processing Method for ICMP Error Messages

1. Overview

Configure the processing method for Internet Control Message Protocol (ICMP) error messages (such as typical MPLS TTL timeout messages) generated during the forwarding of MPLS packets. ICMP error messages are encapsulated with the original label stack and forwarded along the original LSP to the egress LER by default. The egress LER pops the label stack off and selects a route based on the IP addresses to forward the messages. However, you can specify the number of labels carried in packets to be forwarded to process ICMP error messages in different ways. When the number of labels carried in packets to be forwarded is greater than the configured label quantity,
ICMP error messages are forwarded along the LSP of the original label stack. When the number of labels carried in packets to be forwarded is less than or equal to the configured label
quantity, ICMP error messages are forwarded according to the IP routing table where the FEC corresponding to the top label resides.
2. Procedure

(1) Enter the privileged EXEC mode. enable
(2) Enter the global configuration mode. configure terminal
(3) Configure the processing method for ICMP error messages generated during the forwarding of MPLS packets. mpls icmp-error pop labels ICMP error messages are encapsulated with the original label stack and forwarded along the original LSP by default.

Configuration Guide

Configuring MPLS Basics

1.4.5 Configuring an MPLS TTL Processing Mode

1. Overview You can configure an MPLS TTL processing mode to control transmission of the TTL value between the IP packet header and the label stack. MPLS provides two modes for TTL processing: Uniform and Pipe. 2. Configuring a TTL Processing Mode for MPLS LDP (1) Enter the privileged EXEC mode.
enable (2) Enter the global configuration mode.
configure terminal (3) Configure a TTL processing mode for MPLS LDP.
mpls ttl-mode ldp { pipe | uniform } The TTL processing mode for MPLS LDP is Uniform by default. 3. Configuring a TTL Processing Mode for Explicit Null Labels (2) Enter the privileged EXEC mode. enable (1) Enter the global configuration mode. configure terminal (2) Configure a TTL processing mode for explicit null labels. mpls ttl-mode explict-null-label { pipe | uniform } The TTL processing mode for explicit null labels is Uniform by default. 4. Configuring a TTL Copy Mode for the BGP LSP Egress Node (1) Enter the privileged EXEC mode. enable (2) Enter the global configuration mode. configure terminal (3) Configure a TTL copy mode for the BGP LSP egress node. mpls ttl-mode bgp-egress { pipe | uniform } The TTL copy mode for the BGP LSP egress node is Uniform by default.
1.4.6 Configuring DiffServ Mode for MPLS Penultimate Hop

1. Overview
Configure the DiffServ mode for MPLS penultimate hop: When the MPLS DiffServ mode is set to Pipe, the EXP field in outer labels is not copied to inner labels. When the MPLS DiffServ mode is set to Uniform, the EXP field in outer labels is copied to inner labels. 2. Procedure
(1) Enter the privileged EXEC mode.

Configuration Guide
enable (2) Enter the global configuration mode.
configure terminal (3) Configure the Uniform/Pipe mode for the MPLS penultimate hop.
mpls lsp exp-type { pipe | uniform } The MPLS DiffServ mode on the MPLS penultimate hop is Uniform by default.

Configuring MPLS Basics

1.5 Configuring a Static LSP

1.5.1 Overview
To implement basic MPLS forwarding functions, you can configure static LSPs. Static LSP configuration is independent of the LDP and does not rely on IPv4 routes. Even if no IPv4 routes exist on the network, a static LSP takes effect as long as the physical network is reachable. On the ingress LER, set up an FTN entry for an FEC, that is, bind the FEC to a label. On the transit LSRs, configure ILM entries to map incoming labels to outgoing ones to forward labeled packets based on labels. On the penultimate LSR, enable PHP. In this case, the ILM entry of the penultimate LSR is different from other transit LSRs. The outgoing label of the penultimate LSR must be implicit null label 3.
1.5.2 Restrictions and Guidelines
For two adjacent LSRs, the outgoing label of the upstream LSR must be the same as the incoming label of the downstream LSR.
LSP is a unidirectional path. Therefore, you need to configure static LSPs in both data transmission directions.
The static FTN entry with the outgoing label set to 3 takes effect only after an IP route with the same prefix as the FTN entry is configured.
An FTN entry with the destination address and mask set to 0 takes effect when the corresponding default route exists in the IP routing forwarding table.
It is recommended that the outgoing label of the penultimate LSR be set to 3. In this case, the egress LER can directly receive IP packets. Otherwise, the egress LER needs to configure the corresponding static ILM entry.
1.5.3 Prerequisites
MPLS forwarding has been configured on all LSRs. MPLS forwarding has been enabled globally and on an interface.
1.5.4 Procedure
(1) Enter the privileged EXEC mode. enable
(2) Enter the global configuration mode. configure terminal
(3) Configure a static FTN entry on the ingress LER.

Configuration Guide

Configuring MPLS Basics

mpls static ftn ipv4-address/mask-length out-label label nexthop interface-type interface-number nexthop-ipv4-address No static FTN entry is configured by default. To import IP traffic to an LSP, an ingress LER must be configured with an FTN entry. (4) Configure static ILM entries on transit LSRs. Configure one of the following tasks. Configure static ILM entries applied to L3VPN.
(IPv4 network) mpls static ilm in-label in-label forward-action pop-l3vpn-nexthop vrf-name nexthop interface-type interface-number nexthop-ipv4-address fec ipv4-address/mask-length Configure static ILM entries applied to the public network. (IPv4 network) mpls static ilm in-label in-label forward-action swap-label swap-label nexthop interface-type interface-number nexthop-ipv4-address fec ipv4-address/mask-length A transit LSR can forward MPLS packets only after an ILM entry is configured on it.

1.6 Configuring Basic LDP Functions
1.6.1 Overview
An LDP session can be established between adjacent LSRs to switch label bindings.
1.6.2 Configuration Tasks
The configuration of LDP basic functions includes the following tasks: (1) Enabling LDP Globally (2) (Optional) Configuring the LDP Router ID (3) Enabling LDP on an Interface (4) (Optional) Configuring the Transport Address (5) Configuring an LDP Remote Peer (6) Configuring Targeted Hello Packet Receiving on an LDP Instance (7) Configuring the Time Interval for Hello Packets (8) (Optional) Configuring the Hold Time of Hello Packets (9) (Optional) Configuring the Hold Time of Keepalive Packets (10) (Optional) Configuring the Maximum PDU (11) (Optional) Configuring LDP MD5 Authentication
1.6.3 Enabling LDP Globally
1. Restrictions and Guidelines LDP needs to be enabled globally on the LSRs at both ends of an LDP session. The number of LDP instances supported on a device is limited by the number of VPN Routing and
Forwarding (VRF) tables on the device. Each VRF instance can start an LDP instance.

Configuration Guide

Configuring MPLS Basics

2. Procedure

(1) Enter the privileged EXEC mode. enable
(2) Enter the global configuration mode. configure terminal
(3) Enable LDP globally and enter the LDP configuration mode. mpls router ldp [ vrf-name ] LDP is disabled by default. If no VRF instance is specified, LDP is enabled or disabled for the global VRF instance by default.
1.6.4 Configuring the LDP Router ID

1. Restrictions and Guidelines
In actual applications, the LDP router ID needs to be configured. If the LDP router ID is not configured, LDP may use the router ID elected by the current device as the LSR ID for communication by default. If the remote device does not have a route to this LSR ID, the LDP session cannot be established and the router ID may be changed after the LDP is restarted, resulting in invalidity of some functions, for example, LDP MD5 authentication configured using the original router ID.
It is recommended that the router ID be configured on LSRs at both ends of a session to ensure stable and reliable LDP functions.
2. Procedure

(1) Enter the privileged EXEC mode. enable
(2) Enter the global configuration mode. configure terminal
(3) Enter the LDP configuration mode. mpls router ldp [ vrf-name ] (4) Configure the LDP router ID. ldp router-id { ipv4-address | interface interface-type interface-number [ force ] } The system router ID is used as the LDP router ID by default. If force is specified, the new router ID is forced to take effect immediately. Otherwise, the system prompts that the current operation may cause LDP session re-establishment and asks whether you want to modify the router ID.
1.6.5 Enabling LDP on an Interface

1. Restrictions and Guidelines

If a local LDP session is established, enable LDP on an interface in interface configuration mode. 2. Procedure

(1) Enter the privileged EXEC mode.

Configuration Guide

Configuring MPLS Basics

enable (2) Enter the global configuration mode.
configure terminal (3) Enter the interface configuration mode.
Enter the Layer 3 Ethernet interface configuration mode. interface ethernet-type interface-number
Enter the Layer 3 link aggregation configuration mode. interface aggregateport interface-number
Enter the Layer 3 Ethernet subinterface configuration mode. interface ethernet-type interface-number.subnumber
Enter the Layer 3 aggregated subinterface configuration mode. interface aggregateport interface-number.subnumber
(4) Enable LDP on an interface. mpls ldp enable LDP is disabled on an interface by default.

1.6.6 Configuring the Transport Address

1. Restrictions and Guidelines
If a local LDP session is established, you can configure the global transport address in LDP configuration mode. If a neighbor requires a specified transport address, configure the specified transport address on the interface connected to the neighbor.
If a remote LDP session is established, no transport address needs to be configured. You can use the primary address of an interface or specify an IP address as the transport address to set up
an LDP session on the interface. There are two configuration methods. Use the transport address configuration command in interface configuration mode or use the command in LDP configuration mode to globally configure a transport address for all LDP sessions. The global transport address configuration command for local LDP sessions takes effect only to local LDP sessions established using the LDP basic discovery mechanism. It is invalid to remote LDP sessions established using the LDP extended discovery mechanism. Remote LDP sessions always use the LDP router ID as the transport address. The transport address configuration command for local LDP sessions on an interface takes effect only to local LDP sessions established using the LDP basic discovery mechanism. It is invalid to remote LDP sessions established using the LDP extended discovery mechanism. The transport address configuration command on an interface takes effect only to local LDP sessions established after this command is configured. It is invalid to previously established local LDP sessions. If a transport address is configured on an interface and globally, the transport address configured on the interface takes effect preferentially.

2. Prerequisites

For the configuration of a transport address for LDP peers, a reachable IP route is required. You can configure a static route in global configuration mode or establish a route using an IGP, such as OSPF.

Configuration Guide

Configuring MPLS Basics

3. Procedure

(1) Enter the privileged EXEC mode. enable
(2) Enter the global configuration mode. configure terminal
(3) Enter the LDP configuration mode. mpls router ldp [ vrf-name ] (4) Configure a global transport address for local LDP sessions. transport-address { interface | ipv4-address | interface-type interface-number } The LDP router ID is used as the LDP session transport address by default.
(5) Exit the LDP configuration mode. exit
(6) Enter the interface configuration mode. Enter the Layer 3 Ethernet interface configuration mode. interface ethernet-type interface-number Enter the Layer 3 link aggregation configuration mode. interface aggregateport interface-number Enter the Layer 3 Ethernet subinterface configuration mode. interface ethernet-type interface-number.subnumber Enter the Layer 3 aggregated subinterface configuration mode. interface aggregateport interface-number.subnumber
(7) Configure the transport address for local LDP sessions on an interface. mpls ldp transport-address { interface | ipv4-address } The LDP router ID is used as the LDP session transport address by default.
1.6.7 Configuring an LDP Remote Peer

1. Overview

Create an LDP remote peer. 2. Restrictions and Guidelines

To establish a remote LDP session, you must configure remote peers in LDP configuration mode. 3. Procedure

(1) Enter the privileged EXEC mode. enable
(2) Enter the global configuration mode. configure terminal
(3) Enter the LDP configuration mode.

Configuration Guide

Configuring MPLS Basics

mpls router ldp [ vrf-name ] (4) Configure an LDP remote peer.
neighbor ipv4-address No LDP remote peer is configured by default.
1.6.8 Configuring Targeted Hello Packet Receiving on an LDP Instance

1. Restrictions and Guidelines
When you configure two devices as remote peers, you can configure neighbor on one end and enable targeted Hello packet receiving on the other end. To delete remote peers, you only need to delete the neighbor configuration.
2. Procedure

(1) Enter the privileged EXEC mode. enable
(2) Enter the global configuration mode. configure terminal
(3) Enter the LDP configuration mode. mpls router ldp [ vrf-name ] (4) Configure targeted Hello packet receiving on an LDP instance. discovery targeted-hello accept [ from acl-name ] An LDP instance receives targeted Hello packets only from remote peers by default. Only targeted Hello packets from neighbors that meet access control list (ACL) rules will be received.
1.6.9 Configuring the Time Interval for Hello Packets

1. Restrictions and Guidelines If a local LDP session is established, configure the time interval for Hello packets in interface configuration
mode. If a remote LDP session is established, configure the time interval for Hello packets in LDP configuration
mode.
2. Procedure

Configuration Guide

Configuring MPLS Basics

interface aggregateport interface-number (4) Configure the interval for sending link Hello packets.
mpls ldp hello-interval hello-interval The default interval for sending link Hello packets is 5s. (5) Enter the LDP configuration mode. mpls router ldp [ vrf-name ] (6) Configure the interval for sending targeted Hello packets. discovery targeted-hello interval targeted-hello-interval The default interval for sending targeted Hello packets in the extended LDP discovery mechanism is 1/9 of the hold time of the packets, that is, 5s.
1.6.10 Configuring the Hold Time of Hello Packets

1. Restrictions and Guidelines If a local LDP session is established, configure the hold time of Hello packets in interface configuration
mode. If a remote LDP session is established, configure the hold time of Hello packets in LDP configuration mode.
2. Procedure

(1) Enter the privileged EXEC mode. enable
(2) Enter the global configuration mode. configure terminal
(3) Enter the interface configuration mode. Enter the Layer 3 Ethernet interface configuration mode. interface ethernet-type interface-number Enter the Layer 3 link aggregation configuration mode. interface aggregateport interface-number Enter the Layer 3 Ethernet sub-interface configuration mode. interface ethernet-type interface-number.subnumber Enter the Layer 3 aggregate sub-interface configuration mode. interface aggregateport interface-number.subnumber
(4) Configure the hold time of link Hello packets. mpls ldp hello-holdtime hello-holdtime The default hold time of link Hello packets is 15s.
(5) Enter the LDP configuration mode. mpls router ldp [ vrf-name ] (6) Configure the hold time of targeted Hello packets. discovery targeted-hello holdtime targeted-hello-holdtime

Configuration Guide

Configuring MPLS Basics

The default hold time of targeted Hello packets is 45s.
1.6.11 Configuring the Hold Time of Keepalive Packets

1. Restrictions and Guidelines
If a local LDP session is established, configure the hold time of keepalive packets in interface configuration mode.
If a remote LDP session is established, configure the hold time of keepalive packets in LDP configuration mode.
2. Procedure

(1) Enter the privileged EXEC mode. enable
(2) Enter the global configuration mode. configure terminal
(3) Enter the interface configuration mode. Enter the Layer 3 Ethernet interface configuration mode. interface ethernet-type interface-number Enter the Layer 3 link aggregation configuration mode. interface aggregateport interface-number Enter the Layer 3 Ethernet sub-interface configuration mode. interface ethernet-type interface-number.subnumber Enter the Layer 3 aggregate sub-interface configuration mode. interface aggregateport interface-number.subnumber
(4) Configure the hold time of keepalive packets in local LDP sessions on an interface. mpls ldp keepalive-holdtime keepalive-holdtime The default hold time of keepalive packets on an interface is 45s. The default interval for sending keepalive packets is one third of the hold time.
(5) Enter the LDP configuration mode. mpls router ldp [ vrf-name ] (6) Configure the hold time of keepalive packets in remote LDP sessions. targeted-session holdtimehold-time The default hold time of keepalive packets in remote LDP session established using the LDP extended discovery mechanism is 180s, and the interval for sending keepalive packets is one third of the hold time.
1.6.12 Configuring the Maximum PDU

1. Overview
The messages exchanged between LDP devices are all contained in protocol data units (PDUs). This function allows you to specify the maximum PDU length allowed for each LDP message.

Configuration Guide

Configuring MPLS Basics

2. Procedure

1. Overview

To enhance the security of LDP sessions, you can configure LDP-MD5 authentication on LSRs at both ends of an LDP session.
2. Procedure

(1) Enter the privileged EXEC mode. enable
(2) Enter the global configuration mode. configure terminal
(3) Enter the LDP configuration mode. mpls router ldp [ vrf-name ] (4) Configure a device to adopt MD5 authentication for the TCP connections with its peer. neighbor ipv4-address password [ 0 | 7 ] password-string The LDP MD5 authentication function is disabled by default.
1.6.14 Enabling LDP to Delay Label Mapping

1. Overview

Enabling LDP to delay label mapping can improve the LDP entry processing capability. This capability prevents repeated addition and deletion of downstream-related entries during route update through delayed processing of label mapping information.

Configuration Guide
2. Procedure (1) Enter the privileged EXEC mode.
enable (2) Enter the global configuration mode.
configure terminal (3) Enter the LDP configuration mode.
mpls router ldp [ vrf-name ] (4) Enable LDP to delay label mapping.
route wait label-mapping wait-time LDP does not delay label mapping by default.

Configuring MPLS Basics

1.7 Configuring an LDP LSP

1.7.1 Overview
Set up an LSP for an IPv4 unicast route by using LDP.
1.7.2 Restrictions and Guidelines
The LDP needs to use existing unicast routes on the network. Therefore, IP unicast routes must be configured on the network.
1.7.3 Configuration Tasks
All the configuration tasks below are optional. Select them based on your requirement. LDP LSP configuration includes the following tasks: (1) Configuring LDP Loop Detection (2) Configuring a Label Distribution Policy for an LDP Instance (3) Configuring a Label Reception Policy for an LDP Instance
1.7.4 Configuring LDP Loop Detection
1. Overview
Loop detection will affect the parameters in the interaction packets during Session Init.
2. Restrictions and Guidelines If an IP route is statically configured instead of being dynamically generated by using IGP, you are advised to enable the loop detection function on all LSRs that an LSP passes through to prevent loops caused by incorrect configuration. 3. Procedure (1) Enter the privileged EXEC mode.
enable (2) Enter the global configuration mode.

Configuration Guide

Configuring MPLS Basics

configure terminal (3) Enter the LDP configuration mode.
mpls router ldp [ vrf-name ] (4) Enable loop detection.
loop-detection Loop detection is disabled by default. (5) Exit the LDP configuration mode and return to the global configuration mode. exit (6) Enter the interface configuration mode. Enter the Layer 3 Ethernet interface configuration mode.
interface ethernet-type interface-number Enter the Layer 3 link aggregation configuration mode.
interface aggregateport interface-number Enter the Layer 3 Ethernet sub-interface configuration mode.
interface ethernet-type interface-number.subnumber Enter the Layer 3 aggregate sub-interface configuration mode.
interface aggregateport interface-number.subnumber (7) Configure the maximum number of hops allowed for loop detection.
mpls ldp max-hop-count max-hop-count The maximum number of hops allowed for loop detection on an interface is 254 by default. (8) Configure the maximum path vector value allowed for loop detection on an interface. mpls ldp max-path-vector number The maximum path vector value allowed for loop detection on an interface is 254 by default.
1.7.5 Configuring a Label Distribution Policy for an LDP Instance

1. Overview

Configure a policy for distributing labels to IP route FECs.
2. Restrictions and Guidelines
You can run the advertise-labels for bgp-routes command to enable the function of distributing labels to BGP routes.
You can run the advertise-labels for host-routes command to configure the device to process only the FECs of host IP routes.
LDP processes FECs of host IP routes and distributes all the labels to all LDP peers by default. 3. Procedure

(1) Enter the privileged EXEC mode. enable
(2) Enter the global configuration mode. configure terminal

Configuration Guide

Configuring MPLS Basics

(3) Enter the LDP configuration mode. mpls router ldp [ vrf-name ] (4) Configure a label distribution policy. advertise-labels for { acl acl-name [ to peer-acl-name ] | bgp-routes [ acl bgp-routes-acl-name ] | host-routes } By default, LDP distributes labels to host IP routes but not IGP routes, distributes all the labels to all LDP peers, but does not add FTN entries to BGP routes.
1.7.6 Configuring a Label Reception Policy for an LDP Instance

1. Restrictions and Guidelines
The neighbor command takes effect only to label mapping messages with IP route FECs. It is invalid to other types of FECs, such as pseudo wire (PW) FECs.
After an ACL rule for incoming label mapping messages is configured by running the neighbor command, an LDP instance receives FEC-label mapping messages that come from specified neighbors and meet the ACL rule, and discards FEC-label messages not meeting the ACL rule. However, the LDP instance can receive label mapping messages from other neighbors.
If the neighbor command is configured for a neighbor but no ACL rule is specified, the LDP instance discards all FEC-label mapping messages sent from the neighbor. After an ACL rule is canceled by running the no form of the neighbor command, FEC-label mapping messages that have been discarded based on the ACL rule cannot be re-obtained, and only newly received FEC-label mapping messages are affected. You need to run the clear mpls ldp neighbor command to reset the LDP session to restore it to the normal status.
Only one rule can be configured for each neighbor, and the newly configured rule will overwrite the existing one.
Each LDP instance can configure ACL rules for a maximum of 64 neighbors.
2. Procedure

(1) Enter the privileged EXEC mode. enable
(2) Enter the global configuration mode. configure terminal
(3) Enter the LDP configuration mode. mpls router ldp [ vrf-name ] (4) Configure a label reception policy. neighbor ipv4-address labels accept acl-name No ACL rule is configured by default. The configured policy applies only to standard and extended IP ACLs.

Configuration Guide

Configuring MPLS Basics

1.7.7 Configuring a Label Distribution Policy for the Penultimate Hop

1. Restrictions and Guidelines A policy for distributing explicit null labels can be configured only for global LDP instances. This function is not supported on VRF instances. 2. Procedure (1) Enter the privileged EXEC mode.
enable (2) Enter the global configuration mode.
configure terminal (3) Enter the LDP configuration mode.
mpls router ldp [ vrf-name ] (4) Distribute labels to IP route prefixes on the penultimate hop.
php-mode { explicit | implicit } Implicit null labels are distributed to IP route prefixes on the penultimate hop by default.

1.8 Iterating IP Routes to LDP LSPs

1.8.1 Overview
Iterate non-direct IP routes to LDP LSPs to forward traffic to the remote ends through the LSPs.
1.8.2 Restrictions and Guidelines
The FEC of an LDP LSP to which an IP route is iterated must be a host route. The function of iterating IP routes to LDP LSPs needs to be enabled only on the LERs and does not need to
be enabled on the LSRs. All IP routes can be iterated, including but not limited to static routes and BGP routes.
1.8.3 Prerequisites
LDP is configured in global configuration mode. LDP is enabled on each LSR that an LSP passes through. MPLS forwarding is enabled on each interface that an LSP passes through. (Optional) A remote peer is configured to establish an extended LDP session.
1.8.4 Procedure
(1) Enter the privileged EXEC mode. enable
(2) Enter the global configuration mode. configure terminal
(3) Iterate IP routes to LDP LSPs.

Configuration Guide

Configuring MPLS Basics

recursive-route to mpls The function of recurring and iterating IP routes to LDP LSPs is disabled by default.

1.9 Configuring LSP Connectivity Detection
1.9.1 Overview
In an MPLS network, common LSP connectivity detection tools include MPLS ping and MPLS traceroute. MPLS ping is used to manually detect the connectivity of an LSP. MPLS traceroute is used to trace LSRs between the ingress LER and egress LER. In addition to detecting LSP connectivity, MPLS traceroute can locate the network fault.
1.9.2 Restrictions and Guidelines
Both ping mpls and traceroute mpls support the following two parameter specification methods: Enter a command with specified parameters. Enter ping mpls or traceroute mpls and press Enter to enter the interactive input mode and then specify
parameters.
1.9.3 Procedure
(1) Enter the privileged EXEC mode. enable
(2) Detect the connectivity of an MPLS LSP. ping mpls ipv4 ipv4-address/mask-length [ destination destination-ipv4-address | exp exp-value | flags fec | force-explicit-null | interval interval | nexthop nexthop-ipv4-address | nil-fec | pad pattern | repeat repeat-count | reply mode { no-reply | router-alert | udp } | size size | source source-ipv4-address | timeout timeout | ttl time-to-live | verbose ] *
(3) Trace the MPLS nodes that an LSP passes through. traceroute mpls ipv4 ipv4-address/mask-length [ ddmap | destination destination-ipv4-address | exp exp-value | flags fec | force-explicit-null | nexthop nexthop-ipv4-address | nil-fec | pad pattern | reply mode { no-reply | router-alert | udp } | size size | source source-ipv4-address | timeout timeout | ttl time-to-live ] *

1.10 Configuring an MPLS Tunnel Policy

1.10.1 Overview
Set up public network tunnels.
1.10.2 Restrictions and Guidelines
The MPLS forwarding capability must be enabled globally and on interfaces of the ingress and egress devices of a tunnel.
When the TE tunnel binding method is used, you must specify the TE tunnel for VPN binding.
1.10.3 Configuration Tasks
The LDP basic feature configuration includes the following tasks: Configuring a Tunnel Policy

Configuration Guide

Configuring MPLS Basics

Configuring and Applying a Tunnel Policy Method Configuring a Tunnel Selection Policy
1.10.4 Configuring a Tunnel Policy

1. Restrictions and Guidelines
Generally, tunnel policies are configured on PEs. A tunnel policy name uniquely identifies a tunnel policy. 2. Procedure

(1) Enter the privileged EXEC mode. enable
(2) Enter the global configuration mode. configure terminal
(3) Create a tunnel policy. tunnel-policy policy-name No tunnel policy is created by default. The value of policy-name is a string of 1 to 31 case-sensitive characters, including letters, digits, or symbols (excluding spaces).
1.10.5 Configuring and Applying a Tunnel Policy Method

1. Restrictions and Guidelines Generally, a tunnel policy method is configured and applied to a PE.
1.10.6 Configuring a Tunnel Selection Policy

1. Overview
The tunnel selection method is used on the MPLS core network. 2. Restrictions and Guidelines If a VPN service does not need bandwidth assurance, select a common LSP tunnel preferentially when you
deploy this VPN service to reduce the cost. If a VPN service requires certain control on the traffic (such as the path for the traffic) but does not need
bandwidth assurance, select a TE tunnel preferentially when you deploy this VPN service. 3. Procedure

(1) Enter the privileged EXEC mode. enable
(2) Enter the global configuration mode. configure terminal
(3) Enter the tunnel policy configuration mode. tunnel-policy policy-name
(4) Configure a tunnel selection policy. tunnel select { ipv6 { srv6-policy | srv6-policy-group }* | lsp [ loadbalance loadbalance-number ] }

Configuration Guide No tunnel selection policy is configured by default.

Configuring MPLS Basics

1.11 Configuring GTSM

1.11.1 Configuration Procedure
(1) Enter the privileged EXEC mode. enable
(2) Enter the global configuration mode. configure terminal
(3) Enter the LDP configuration mode. mpls router ldp [ vrf-name ] (4) Configure the GTSM hop count for a specified LDP session. neighbor ipv4-address valid-hops hops By default, no hop count is configured for an LDP session. That is, GTSM does not take effect on LDP sessions.

1.12 Enabling MPLS-related Trap Switches

1.12.1 Overview
Simple Network Management Protocol (SNMP) is used for network monitoring and management. Network administrators can use SNMP to perform information query, network configuration, fault locating, and capacity planning for network nodes. SNMP exchanges information between a network management system (NMS) and an agent and defines six operation types, one of which is trap. The trap operation means that the agent actively sends a packet to inform the NMS of the situation occurs on the agent. To use the trap function, you need to enable MPLS-related trap switches.
1.12.2 Procedure
(1) Enter the privileged EXEC mode. enable
(2) Enter the global configuration mode. configure terminal
(3) Enable MPLS-related trap switches. snmp-server enable traps mpls l3vpn [ max-thresh-cleared | max-threshold | mid-threshold | vrf-down | vrf-up ] * snmp-server enable traps mpls ldp [ pv-limit | session-down | session-up ] * No MPLS trap is sent by default.

1.13 Monitoring
Run the show commands to check the running status of a configured function to verify the configuration effect.

Configuration Guide

Configuring MPLS Basics

Run the clear commands to clear information.

Caution Running the clear commands may lose vital information and thus interrupt services.

Run the debug command to output debugging information.
Caution The output debugging information occupies system resources. Therefore, disable the debugging function immediately after use.

Table 1-2 Monitoring Command
show mpls forwarding-table [ frr ] [ detail ] show mpls forwarding-table { ipv4-address/mask- length | ipv6-address/prefix-length } [ frr ] [ detail ] show mpls forwarding-table { ftn | ilm } [ ip | ipv6 ] [ frr ] [ detail ] show mpls forwarding-table { global | vrf vrf-name } [ ftn | ilm ] [ frr ] [ detail ] show mpls forwarding-table interface interface-type interface-number [ frr ] [ detail ] show mpls forwarding-table label label [ frr ] [ detail ] show mpls forwarding-table next-hop { ipv4-address | ipv6-address } [ frr ] [ detail ] show mpls forwarding-table summary
show mpls interface [ interface-type interface-number ] show mpls interface [ interface-type interface-number ] [ detail ] show mpls label-pool [ label-space ] show mpls ldp backup-frr [ all | vrf vrf-name ] [ ipv4-address/mask-length | ipv4 ] show mpls ldp bindings [ all | vrf vrf-name ] [ ipv4 | label label ] [ local | remote ] show mpls ldp discovery [ all | vrf vrf-name ] [ detail ]

Purpose
Displays MPLS forwarding table information.
Displays information about an interface
that is enabled to forward labeled MPLS packets. Displays label pool usage of a specified label space. Displays information about master and backup LDP FRR entries. Displays LDP label binding information. Displays LDP neighbor discovery information of all or specified VRF instances.

Configuration Guide

Configuring MPLS Basics

Command

Purpose

show mpls ldp interface [ all | vrf vrf-name | interface-type interface-number ]

Displays interfaces enabled with LDP.

show mpls ldp neighbor [ all | vrf vrf-name ] [ ipv4-address ] Displays LDP neighbors of all or specified

[ detail ]

VRF instances.

show mpls ldp parameters [ all | vrf vrf-name ]

Displays LDP parameters of all or specified VRF instances.

show mpls psn notify-entry [ all | l3vpn { global | vrf vrf-name } ]

Displays the L3VPN instances that register public network reachability information to the MPLS platform.

show mpls ref ftn-ipv4 [ global | vrf vrf-name ] [ ipv4-address/mask-length [ detail ] ] show mpls ref ftn-ipv6 [ global | vrf vrf-name ] [ ipv6-address/prefix-length [ detail ] ] show mpls ref ilm [ in-label in-label [ detail ] | summary ] show mpls ref nhlfe [ nhlfe-id [ detail ] | summary ] show mpls ref summary

Displays MPLS quick forward information.

show mpls rib [ all | vrf vrf-name ] [ ipv6 ]

Displays MPLS RIB routing table information.

show mpls statistics [ lsp [ bgp | isis | l3vpn | ldp | ospf ] ]

Displays statistics on MPLS routing entries, MPLS forwarding entries, and MPLS LSPs.

show mpls summary

Displays MPLS global configurations.

show mpls tunnel-info { tunnel-id | all | dest ipv4-address/mask-length }

Displays the public network tunnel information.

show mpls vrf [ name vrf-name ] [ detail ]

Displays MPLS VRF information.

show mpls vrf-table-i [ vrf vrf-name ] [ fec ipv4-address/mask-length | owner protocol-name ] show mpls vrf-table-i ipv6 [ vrf vrf-name ] [ fec ipv6-address/mask-length | owner protocol-name ]

Displays MPLS VRF entries.

show tunnel-policy { all | name policy-name }

Displays tunnel policy information.

clear mpls ldp neighbor [ all | vrf vrf-name ] [ ipv4-address ] Clears established LDP sessions.

debug mpls

Debugs MPLS entry internal processing.

debug mpls ldp binding

Debugs LDP label binding.

Configuration Guide

Configuring MPLS Basics

Command debug mpls ldp internal-log prefix-whitelist [ ipv4-address/mask | * ] debug mpls ldp message [ hello | keepalive ] [ received | sent ] debug mpls lspv { all | error | event | packet | tlv }
debug mpls msg [ send | recv ] debug mpls ref [ control | packet ]

Purpose Debugs the LDP prefix whitelist.
Debugs LDP session messages.
Debugs the ping mpls and traceroute mpls execution processes. Debugs MPLS messages. Debugs MPLS quick forwarding (control plane or forwarding plane).

1.14 Configuration Examples

1.14.1 Configuring a Static LSP
1. Requirements Configure static MPLS entries on LER A, LSR B, and LER C to set up an LSP and ensure that VPN sites can interconnect with each other through the MPLS network. LER A, LSR B, and LER C need to support the MPLS function. 2. Topology

Figure 1-10 Configuring a Static LSP

192.168.100.0/24

192.168.200.0/24

G0/1 192.168.1.1/24

G0/2 192.168.2.1/24

LER A

G0/1 192.168.1.2/24
LSR B

G0/1 192.168.2.2/24
LER C

3. Notes Configure interface IP addresses and an IPv4 unicast routing protocol (for example, OSPF) on the devices
to ensure that the routes between the devices are reachable. Enable MPLS forwarding globally and label forwarding on an interface. Configure static FTN entries on LER A and LER C, configure static ILM entries on LSR B, and set up static
LSPs from LER A to LER C and from LER C to LER A. The outgoing label of the ILM entries on LSR B is implicit null label 3.
4. Procedure
(1) Configure interface IP addresses and OSPF on the devices to ensure that the routes between the devices are reachable.
36

Configuration Guide
Configure LER A.
LERA> enable LERA# configure terminal LERA(config)# interface gigabitethernet 0/1 LERA(config-if-GigabitEthernet 0/1)# ip address 192.168.1.1 255.255.255.0 LERA(config-if-GigabitEthernet 0/1)# exit LERA(config)# router ospf 10 LERA(config-router)# network 192.168.1.0 0.0.0.255 area 0 LERA(config-router)# network 192.168.100.0 0.0.0.255 area 0 LERA(config-router)# exit Configure LSR B.
LSRB> enable LSRB# configure terminal LSRB(config)# interface gigabitethernet 0/1 LSRB(config-if-GigabitEthernet 0/1)# ip address 192.168.1.2 255.255.255.0 LSRB(config-if-GigabitEthernet 0/1)# exit LSRB(config)# interface gigabitethernet 0/2 LSRB(config-if-GigabitEthernet 0/2)# ip address 192.168.2.1 255.255.255.0 LSRB(config-if-GigabitEthernet 0/2)# exit LSRB(config)# router ospf 10 LSRB(config-router)# network 192.168.1.0 0.0.0.255 area 0 LSRB(config-router)# network 192.168.2.0 0.0.0.255 area 0 LSRB(config-router)# exit Configure LER C.
LERC> enable LERC# configure terminal LERC(config)# interface gigabitethernet 0/1 LERC(config-if-GigabitEthernet 0/1)# ip address 192.168.2.2 255.255.255.0 LERC(config-if-GigabitEthernet 0/1)# exit LERC(config)# router ospf 10 LERC(config-router)# network 192.168.2.0 0.0.0.255 area 0 LERC(config-router)# network 192.168.200.0 0.0.0.255 area 0 LERC(config-router)# exit (2) Enable MPLS forwarding globally and label forwarding on an interface.
Configure LER A.
LERA(config)# mpls enable LERA(config)# interface gigabitethernet 0/1 LERA(config-if-GigabitEthernet 0/1)# label-switching LERA(config-if-GigabitEthernet 0/1)# exit Configure LSR B.
LSRB(config)# mpls enable LSRB(config)# interface gigabitethernet 0/1 LSRB(config-if-GigabitEthernet 0/1)# label-switching LSRB(config-if-GigabitEthernet 0/1)# exit
37

Configuring MPLS Basics

Configuration Guide

Configuring MPLS Basics

LSRB(config)# interface gigabitethernet 0/2 LSRB(config-if-GigabitEthernet 0/2)# label-switching LSRB(config-if-GigabitEthernet 0/2)# exit Configure LER C.

LERC(config)# mpls enable LERC(config)# interface gigabitethernet 0/1 LERC(config-if-GigabitEthernet 0/1)# label-switching LERC(config-if-GigabitEthernet 0/1)# exit (3) Configure static FTN entries on LER A and LER C, configure static ILM entries on LSR B, and set up static LSPs from LER A to LER C and from LER C to LER A.
Configure LER A.

LERA(config)# mpls static ftn 192.168.200.0/24 out-label 16 nexthop gigabitethernet 0/1 192.168.1.2 LERA(config)# exit Configure LSR B.

LSRB(config)# mpls static ilm in-label 16 forward-action swap-label 3 nexthop gigabitethernet 0/2 192.168.2.2 fec 192.168.200.0/24 LSRB(config)# mpls static ilm in-label 17 forward-action swap-label 3 nexthop gigabitethernet 0/1 192.168.1.1 fec 192.168.100.0/24 LSRB(config)# exit Configure LER C.

LERC(config)# mpls static ftn 192.168.100.0/24 out-label 17 nexthop gigabitethernet 0/1 192.168.2.1 LERC(config)# exit 5. Verification

After the configuration is completed, run the show mpls forwarding-table command on devices to display MPLS entries. Display MPLS entries on LER A.

LERA# show mpls forwarding-table Label Operation Code: PH–PUSH label PP–POP label SW–SWAP label SP–SWAP topmost label and push new label DP–DROP packet PC–POP label and continue lookup by IP or Label PI–POP label and do ip lookup forward PN–POP label and forward to nexthop PM–POP label and do MAC lookup forward PV–POP label and output to VC attach interface IP–IP lookup forward
s–stale Local Outgoing OP FEC label label

Outgoing interface

Nexthop Uptime

Configuration Guide

Configuring MPLS Basics

—

PH 192.168.200.0/24

Display MPLS entries on LSR B.

Gi0/1

192.168.1.2 00:01:32

LSRB# show mpls forwarding-table

Label Operation Code:

PH–PUSH label

PP–POP label

SW–SWAP label

SP–SWAP topmost label and push new label

DP–DROP packet

PC–POP label and continue lookup by IP or Label

PI–POP label and do ip lookup forward

PN–POP label and forward to nexthop

PM–POP label and do MAC lookup forward

PV–POP label and output to VC attach interface

IP–IP lookup forward

s–stale

Local Outgoing OP FEC

Outgoing

label label

interface

imp-null PP 192.168.200.0/24 Gi0/2

imp-null PP 192.168.100.0/24 Gi0/1

Display MPLS entries on LER C.

Nexthop

Uptime

192.168.2.2 192.168.1.1

00:01:39 00:01:39

LERC# show mpls forwarding-table

Label Operation Code:

PH–PUSH label

PP–POP label

SW–SWAP label

SP–SWAP topmost label and push new label

DP–DROP packet

PC–POP label and continue lookup by IP or Label

PI–POP label and do ip lookup forward

PN–POP label and forward to nexthop

PM–POP label and do MAC lookup forward

PV–POP label and output to VC attach interface

IP–IP lookup forward

s–stale

Local Outgoing OP FEC

label label

—

PH 192.168.100.0/24

6. Configuration Files

Outgoing interface
Gi0/1

Nexthop Uptime 192.168.2.1 00:02:04

LER A configuration file

hostname LERA ! mpls enable !

Configuration Guide

Configuring MPLS Basics

interface gigabitethernet 0/1 mpls ldp enable ip address 192.168.1.1 255.255.255.0 label-switching
! router ospf 10
network 192.168.1.0 0.0.0.255 area 0 network 192.168.100.0 0.0.0.255 area 0 ! mpls static ftn 192.168.200.0/24 out-label 16 nexthop GigabitEthernet 0/1 192.168.1.2 ! LSR B configuration file
hostname LSRB ! mpls enable ! interface gigabitethernet 0/1
mpls ldp enable ip address 192.168.1.2 255.255.255.0 label-switching ! interface gigabitethernet 0/2 mpls ldp enable ip address 192.168.2.1 255.255.255.0 label-switching ! router ospf 10 network 192.168.1.0 0.0.0.255 area 0 network 192.168.2.0 0.0.0.255 area 0 ! mpls static ilm in-label 16 forward-action swap-label 3 nexthop GigabitEthernet 0/2 192.168.2.2 fec 192.168.200.0/24 mpls static ilm in-label 17 forward-action swap-label 3 nexthop GigabitEthernet 0/1 192.168.1.1 fec 192.168.100.0/24 ! LER C configuration file
hostname LERC ! mpls enable ! interface gigabitethernet 0/1
mpls ldp enable ip address 192.168.2.2 255.255.255.0 label-switching !

Configuration Guide

Configuring MPLS Basics

router ospf 10 network 192.168.2.0 0.0.0.255 area 0 network 192.168.200.0 0.0.0.255 area 0
! mpls static ftn 192.168.100.0/24 out-label 17 nexthop GigabitEthernet 0/1 192.168.2.1 ! 7. Common Errors
MPLS forwarding is not enabled globally. MPLS forwarding is not enabled on an interface.
1.14.2 Configuring an LDP LSP
1. Requirements
Configure local LDP sessions among LER A, LSR B, and LER C to set up an LDP LSP and ensure that VPN sites can interconnect with each other through the MPLS network. LER A, LSR B, and LER C need to support the MPLS function.
2. Topology

Figure 1-11 Configuring an LDP LSP

Loopback0 192.168.0.1/32

Loopback0 192.168.0.2/32

Loopback0 192.168.0.3/32

192.168.100.0/24

192.168.200.0/24

G0/1 192.168.1.1/24

G0/2 192.168.2.1/24

LER A

G0/1 192.168.1.2/24
LSR B

G0/1 192.168.2.2/24
LER C

3. Notes Configure interface IP addresses and an IPv4 unicast routing protocol (for example, OSPF) on the devices
to ensure that the routes between the devices are reachable. Enable MPLS forwarding globally. Configure the LDP and LDP router ID. Enable the LDP function and label forwarding capability on an interface. 4. Procedure
(1) Configure interface IP addresses and OSPF on the devices to ensure that the routes between the devices are reachable. Configure LER A. LERA> enable LERA# configure terminal LERA(config)# interface gigabitethernet 0/1 LERA(config-if-GigabitEthernet 0/1)# mpls ldp enable
41

Configuration Guide
LERA(config-if-GigabitEthernet 0/1)# ip address 192.168.1.1 255.255.255.0 LERA(config-if-GigabitEthernet 0/1)# exit LERA(config)# interface loopback 0 LERA(config-if-Loopback 0)# ip address 192.168.0.1 255.255.255.255 LERA(config-if-Loopback 0)# exit LERA(config)# router ospf 10 LERA(config-router)# network 192.168.1.0 0.0.0.255 area 0 LERA(config-router)# network 192.168.0.1 0.0.0.0 area 0 LERA(config-router)# network 192.168.100.0 0.0.0.255 area 0 LERA(config-router)# exit Configure LSR B.
LSRB> enable LSRB# configure terminal LSRB(config)# interface gigabitethernet 0/1 LSRB(config-if-GigabitEthernet 0/1)# mpls ldp enable LSRB(config-if-GigabitEthernet 0/1)# ip address 192.168.1.2 255.255.255.0 LSRB(config-if-GigabitEthernet 0/1)# exit LSRB(config)# interface gigabitethernet 0/2 LSRB(config-if-GigabitEthernet 0/2)# mpls ldp enable LSRB(config-if-GigabitEthernet 0/2)# ip address 192.168.2.1 255.255.255.0 LSRB(config-if-GigabitEthernet 0/2)# exit LSRB(config)# interface loopback 0 LSRB(config-if-Loopback 0)# ip address 192.168.0.2 255.255.255.255 LSRB(config-if-Loopback 0)# exit LSRB(config)# router ospf 10 LSRB(config-router)# network 192.168.1.0 0.0.0.255 area 0 LSRB(config-router)# network 192.168.2.0 0.0.0.255 area 0 LSRB(config-router)# network 192.168.0.2 0.0.0.0 area 0 LSRB(config-router)# exit Configure LER C.
LERC> enable LERC# configure terminal LERC(config)# interface gigabitethernet 0/1 LERC(config-if-GigabitEthernet 0/1)# mpls ldp enable LERC(config-if-GigabitEthernet 0/1)# ip address 192.168.2.2 255.255.255.0 LERC(config-if-GigabitEthernet 0/1)# exit LERC(config)# interface loopback 0 LERC(config-if-Loopback 0)# ip address 192.168.0.3 255.255.255.255 LERC(config-if-Loopback 0)# exit LERC(config)# router ospf 10 LERC(config-router)# network 192.168.2.0 0.0.0.255 area 0 LERC(config-router)# network 192.168.0.3 0.0.0.0 area 0 LERC(config-router)# network 192.168.200.0 0.0.0.255 area 0 LERC(config-router)# exit

Configuring MPLS Basics

Configuration Guide

Configuring MPLS Basics

(2) Enable MPLS forwarding globally. LER A is used as an example. Configurations on LSR B and LER C are similar to those on LER A.
LERA(config)# mpls enable (3) Configure the LDP and LDP router ID. LER A is used as an example. Configurations on LSR B and LER C
are similar to those on LER A.
LERA(config)# mpls router ldp LERA(config-mpls-router)# ldp router-id interface loopback 0 force LERA(config-mpls-router)# exit (4) Enable the LDP function and label forwarding capability on an interface.
Configure LER A.
LERA(config)# interface gigabitethernet 0/1 LERA(config-if-GigabitEthernet 0/1)# mpls enable LERA(config-if-GigabitEthernet 0/1)# label-switching LERA(config-if-GigabitEthernet 0/1)# end Configure LSR B.
LSRB(config)# interface gigabitethernet 0/1 LSRB(config-if-GigabitEthernet 0/1)# mpls enable LSRB(config-if-GigabitEthernet 0/1)# label-switching LSRB(config-if-GigabitEthernet 0/1)# exit LSRB(config)# interface gigabitethernet 0/2 LSRB(config-if-GigabitEthernet 0/2)# mpls enable LSRB(config-if-GigabitEthernet 0/2)# label-switching LSRB(config-if-GigabitEthernet 0/2)# end Configure LER C.
LERC (config)# interface gigabitethernet 0/1 LERC(config-if-GigabitEthernet 0/1)# mpls enable LERC(config-if-GigabitEthernet 0/1)# label-switching LERC(config-if-GigabitEthernet 0/1)# end
5. Verification
(1) After the configuration is completed, run the show mpls ldp neighbor command to check whether the status of LDP sessions among LER A, LSR B, and LER C is “OPERATIONAL.”
Display LDP session information on LER A.
LERA# show mpls ldp neighbor global-vrf:
Peer LDP Ident: 192.168.0.2:0; Local LDP Ident: 192.168.0.1:0 TCP connection: 192.168.0.2.45063 – 192.168.0.1.646 State: OPERATIONAL; Msgs sent/recv: 606/606; UNSOLICITED Up time: 02:28:09 Graceful Restart enabled; Peer reconnect time (msecs): 300000 LDP discovery sources: Link Peer on GigabitEthernet 0/1, Src IP addr: 192.168.1.2 Addresses bound to peer LDP Ident: ( Count: 3 )

Configuration Guide

Configuring MPLS Basics

192.168.1.2 192.168.2.1 192.168.0.2 Display LDP session information on LSR B.
LSRB# show mpls ldp neighbor global-vrf:
Peer LDP Ident: 192.168.0.1:0; Local LDP Ident: 192.168.0.2:0 TCP connection: 192.168.0.1.646 – 192.168.0.2.45063 State: OPERATIONAL; Msgs sent/recv: 650/653; UNSOLICITED Up time: 02:39:26 Graceful Restart enabled; Peer reconnect time (msecs): 300000 LDP discovery sources: Link Peer on GigabitEthernet 0/1, Src IP addr: 192.168.1.1 Addresses bound to peer LDP Ident: ( Count: 2 ) 192.168.0.1 192.168.1.1
Peer LDP Ident: 192.168.0.3:0; Local LDP Ident: 192.168.0.2:0 TCP connection: 192.168.0.3.41299 – 192.168.0.2.646 State: OPERATIONAL; Msgs sent/recv: 335/336; UNSOLICITED Up time: 01:21:20 Graceful Restart enabled; Peer reconnect time (msecs): 300000 LDP discovery sources: Link Peer on GigabitEthernet 0/2, Src IP addr: 192.168.2.2 Addresses bound to peer LDP Ident: ( Count: 3 ) 192.168.2.2 192.168.0.3 192.168.200.1
Display LDP session information on LER C.
LERC# show mpls ldp neighbor global-vrf:
Peer LDP Ident: 192.168.0.2:0; Local LDP Ident: 192.168.0.3:0 TCP connection: 192.168.0.2.646 – 192.168.0.3.41299 State: OPERATIONAL; Msgs sent/recv: 344/345; UNSOLICITED Up time: 01:23:33 Graceful Restart enabled; Peer reconnect time (msecs): 300000 LDP discovery sources: Link Peer on GigabitEthernet 0/1, Src IP addr: 192.168.2.1 Addresses bound to peer LDP Ident: ( Count: 3 ) 192.168.1.2 192.168.2.1 192.168.0.2
(2) Run the show mpls forwarding-table command to display MPLS forwarding entries on LER A, LSR B, and LER C and verify that the LDP LSP is set up.
Display MPLS forwarding entries on LER A.
LERA# show mpls forwarding-table Label Operation Code: PH–PUSH label PP–POP label SW–SWAP label SP–SWAP topmost label and push new label DP–DROP packet

Configuration Guide

PC–POP label and continue lookup by IP or Label

PI–POP label and do ip lookup forward

PN–POP label and forward to nexthop

PM–POP label and do MAC lookup forward

PV–POP label and output to VC attach interface

IP–IP lookup forward

s–stale

Local Outgoing OP FEC

Outgoing

label label

interface

—

imp-null PH 192.168.0.2/32 Gi0/1

—

11265 PH 192.168.0.3/32 Gi0/1

—

imp-null PH 192.168.2.0/24 Gi0/1

11265 imp-null PP 192.168.0.2/32 Gi0/1

11266 11265 SW 192.168.0.3/32 Gi0/1

11267 imp-null PP 192.168.2.0/24 Gi0/1

Display MPLS forwarding entries on LSR B.

LSRB# show mpls forwarding-table

Label Operation Code:

PH–PUSH label

PP–POP label

SW–SWAP label

SP–SWAP topmost label and push new label

DP–DROP packet

PC–POP label and continue lookup by IP or Label

PI–POP label and do ip lookup forward

PN–POP label and forward to nexthop

PM–POP label and do MAC lookup forward

PV–POP label and output to VC attach interface

IP–IP lookup forward

s–stale

Local Outgoing OP FEC

Outgoing

label label

interface

—

imp-null PH 192.168.0.1/32 Gi0/1

—

imp-null PH 192.168.0.3/32 Gi0/2

11265 imp-null PP 192.168.0.3/32 Gi0/2

11267 imp-null PP 192.168.0.1/32 Gi0/1

Display MPLS forwarding entries on LER C.

LERC# show mpls forwarding-table Label Operation Code: PH–PUSH label PP–POP label SW–SWAP label SP–SWAP topmost label and push new label DP–DROP packet PC–POP label and continue lookup by IP or Label

Configuring MPLS Basics

Nexthop

Uptime

192.168.1.2 00:06:29 192.168.1.2 00:06:29
192.168.1.2 00:06:29 192.168.1.2 00:06:29
192.168.1.2 00:06:29 192.168.1.2 00:06:29

Nexthop

Uptime

192.168.1.1 192.168.2.2 192.168.2.2 192.168.1.1

00:03:08 00:03:08 00:03:08 00:03:08

Configuration Guide

PI–POP label and do ip lookup forward

PN–POP label and forward to nexthop

PM–POP label and do MAC lookup forward

PV–POP label and output to VC attach interface

IP–IP lookup forward

s–stale

Local Outgoing OP FEC

Outgoing

label label

interface

—

11267 PH 192.168.0.1/32 Gi0/1

—

imp-null PH 192.168.0.2/32 Gi0/1

—

imp-null PH 192.168.1.0/24 Gi0/1

11265 11267 SW 192.168.0.1/32 Gi0/1

11266 imp-null PP 192.168.0.2/32 Gi0/1

11267 imp-null PP 192.168.1.0/24 Gi0/1

6. Configuration Files

LER A configuration file

hostname LERA ! mpls enable ! interface gigabitethernet 0/1
mpls ldp enable ip address 192.168.1.1 255.255.255.0 mpls ldp enable label-switching ! interface loopback 0 ip address 192.168.0.1 255.255.255.255 ! router ospf 10 network 192.168.0.1 0.0.0.0 area 0 network 192.168.1.0 0.0.0.255 area 0 network 192.168.100.0 0.0.0.255 area 0 ! mpls router ldp ldp router-id interface loopback 0 force ! LSR B configuration file

hostname LSRB ! mpls enable ! interface gigabitethernet 0/1
mpls ldp enable

Configuring MPLS Basics

Nexthop

Uptime

192.168.2.1 00:09:16 192.168.2.1 00:09:16 192.168.2.1 00:09:16
192.168.2.1 00:09:16 192.168.2.1 00:09:16 192.168.2.1 00:09:16

Configuration Guide
ip address 192.168.1.2 255.255.255.0 mpls enable label-switching ! interface gigabitethernet 0/2 mpls ldp enable ip address 192.168.2.1 255.255.255.0 mpls enable label-switching ! interface loopback 0 ip address 192.168.0.2 255.255.255.255 ! router ospf 10 network 192.168.0.2 0.0.0.0 area 0 network 192.168.1.0 0.0.0.255 area 0 network 192.168.2.0 0.0.0.255 area 0 ! mpls router ldp ldp router-id interface loopback 0 force ! LER C configuration file
hostname LERC ! mpls enable ! interface gigabitethernet 0/1
mpls ldp enable ip address 192.168.2.2 255.255.255.0 mpls ldp enable label-switching ! interface loopback 0 ip address 192.168.0.3 255.255.255.255 ! router ospf 10 network 192.168.0.3 0.0.0.0 area 0 network 192.168.2.0 0.0.0.255 area 0 network 192.168.200.0 0.0.0.255 area 0 ! mpls router ldp ldp router-id interface loopback 0 force !
7. Common Errors
An IPv4 unicast route is incorrectly configured.
47

Configuring MPLS Basics

Configuration Guide MPLS forwarding is not enabled globally. LDP is not configured. LDP is not enabled on an interface. The label forwarding capability is not enabled on an interface.
1.14.3 Configuring a Remote LDP Session
1. Requirements Establish a remote LDP session. 2. Topology

Configuring MPLS Basics

Figure 1-12 Establishing a Remote LDP Session

Loopback0 192.168.0.1/32

Loopback0 192.168.0.2/32

Loopback0 192.168.0.3/32

192.168.100.0/24

192.168.200.0/24

G0/1 192.168.1.1/24

G0/2 192.168.2.1/24

LER A

G0/1 192.168.1.2/24
LSR B

G0/1 192.168.2.2/24
LER C

3. Notes
Configure an IPv4 unicast routing protocol (such as OSPF) on the devices and ensure that the loopback interfaces are accessible via unicast routes.
Enable MPLS forwarding and LDP globally and configure the LDP router ID. Configure remote peers.
4. Procedure
(1) Configure interface IP addresses and OSPF on the devices to ensure communication between them. Configure LER A.
LERA> enable LERA# configure terminal LERA(config)# interface gigabitethernet 0/1 LERA(config-if-GigabitEthernet 0/1)# mpls ldp enable LERA(config-if-GigabitEthernet 0/1)# ip address 192.168.1.1 255.255.255.0 LERA(config-if-GigabitEthernet 0/1)# exit LERA(config)# interface loopback 0 LERA(config-if-Loopback 0)# ip address 192.168.0.1 255.255.255.255 LERA(config-if-Loopback 0)# exit LERA(config)# router ospf 10 LERA(config-router)# network 192.168.1.0 0.0.0.255 area 0 LERA(config-router)# network 192.168.0.1 0.0.0.0 area 0 LERA(config-router)# network 192.168.100.0 0.0.0.255 area 0 LERA(config-router)# exit
48

Configuration Guide

Configuring MPLS Basics

Configure LSR B.
LSRB> enable LSRB# configure terminal LSRB(config)# interface gigabitethernet 0/1 LSRB(config-if-GigabitEthernet 0/1)# mpls ldp enable LSRB(config-if-GigabitEthernet 0/1)# ip address 192.168.1.2 255.255.255.0 LSRB(config-if-GigabitEthernet 0/1)# exit LSRB(config)# interface gigabitethernet 0/2 LSRB(config-if-GigabitEthernet 0/2)# mpls ldp enable LSRB(config-if-GigabitEthernet 0/2)# ip address 192.168.2.1 255.255.255.0 LSRB(config-if-GigabitEthernet 0/2)# exit LSRB(config)# interface loopback 0 LSRB(config-if-Loopback 0)# ip address 192.168.0.2 255.255.255.255 LSRB(config-if-Loopback 0)# exit LSRB(config)# router ospf 10 LSRB(config-router)# network 192.168.1.0 0.0.0.255 area 0 LSRB(config-router)# network 192.168.0.2 0.0.0.0 area 0 LSRB(config-router)# network 192.168.2.0 0.0.0.255 area 0 LSRB(config-router)# exit# Configure LER C.
LERC> enable LERC# configure terminal LERC(config)# interface gigabitethernet 0/1 LERC(config-if-GigabitEthernet 0/1)# mpls ldp enable LERC(config-if-GigabitEthernet 0/1)# ip address 192.168.2.2 255.255.255.0 LERC(config-if-GigabitEthernet 0/1)# exit LERC(config)# interface loopback 0 LERC(config-if-Loopback 0)# ip address 192.168.0.3 255.255.255.255 LERC(config-if-Loopback 0)# exit LERC(config)# router ospf 10 LERC(config-router)# network 192.168.2.0 0.0.0.255 area 0 LERC(config-router)# network 192.168.0.3 0.0.0.0 area 0 LERC(config-router)# network 192.168.200.0 0.0.0.255 area 0 LERC(config-router)# exit (2) Enable MPLS forwarding and LDP globally and configure the LDP router ID. LER A is used as an example. Configurations on LER C are similar to those on LER A.
Configure LER A.
LERA(config)# mpls enable LERA(config)# mpls router ldp LERA(config-mpls-router)# ldp router-id interface loopback 0 force (3) Configure remote peers.
Configure LER A.
LERA(config-mpls-router)# neighbor 192.168.0.3 LERA(config-mpls-router)# end

Configuration Guide

Configuring MPLS Basics

Configure LER C.
LERC(config-mpls-router)# neighbor 192.168.0.1 LERC(config-mpls-router)# end 5. Verification

Run the show mpls ldp neighbor command to check whether an LDP session is established between LER A and LER C.
Check whether an LDP session to LER C is established on LER A.
LERA# show mpls ldp neighbor global-vrf:
Peer LDP Ident: 192.168.0.3:0; Local LDP Ident: 192.168.0.1:0 TCP connection: 192.168.0.3.36809 – 192.168.0.1.646 State: OPERATIONAL; Msgs sent/recv: 15/16; UNSOLICITED Up time: 00:10:52 Graceful Restart enabled; Peer reconnect time (msecs): 300000 LDP discovery sources: Targeted Hello 192.168.0.1 -> 192.168.0.3, active, passive; Addresses bound to peer LDP Ident: ( Count: 2 ) 192.168.2.2 192.168.0.3
Check whether an LDP session to LER A is established on LER C.
LERC# show mpls ldp neighbor global-vrf:
Peer LDP Ident: 192.168.0.1:0; Local LDP Ident: 192.168.0.3:0 TCP connection: 192.168.0.1.646 – 192.168.0.3.36809 State: OPERATIONAL; Msgs sent/recv: 17/18; UNSOLICITED Up time: 00:12:02 Graceful Restart enabled; Peer reconnect time (msecs): 300000 LDP discovery sources: Targeted Hello 192.168.0.3 -> 192.168.0.1, active, passive; Addresses bound to peer LDP Ident: ( Count: 2 ) 192.168.1.1 192.168.0.1
6. Configuration Files
LER A configuration file
hostname LERA ! mpls enable ! interface GigabitEthernet 0/1
mpls ldp enable ip address 192.168.1.1 255.255.255.0 ! interface Loopback 0 ip address 192.168.0.1 255.255.255.255 !

Configuration Guide
router ospf 10 network 192.168.0.1 0.0.0.0 area 0 network 192.168.1.0 0.0.0.255 area 0 network 192.168.100.0 0.0.0.255 area 0
! mpls router ldp
ldp router-id interface Loopback 0 force neighbor 192.168.0.3 ! LSR B configuration file
hostname LSRB ! interface GigabitEthernet 0/1
mpls ldp enable ip address 192.168.1.2 255.255.255.0 ! interface GigabitEthernet 0/2 mpls ldp enable ip address 192.168.2.1 255.255.255.0 ! interface Loopback 0 ip address 192.168.0.2 255.255.255.255 ! router ospf 10 network 192.168.0.2 0.0.0.0 area 0 network 192.168.1.0 0.0.0.255 area 0 network 192.168.2.0 0.0.0.255 area 0 ! LER C configuration file
hostname LERC ! mpls enable ! interface GigabitEthernet 0/1
mpls ldp enable ip address 192.168.2.2 255.255.255.0 ! interface Loopback 0 ip address 192.168.0.3 255.255.255.255 ! router ospf 10 network 192.168.0.3 0.0.0.0 area 0 network 192.168.2.0 0.0.0.255 area 0 network 192.168.200.0 0.0.0.255 area 0 !
51

Configuring MPLS Basics

Configuration Guide

Configuring MPLS Basics

mpls router ldp ldp router-id interface Loopback 0 force neighbor 192.168.0.1
! 7. Common Errors An IPv4 unicast route is incorrectly configured. MPLS forwarding is not enabled globally. LDP is not configured. Remote peers are not configured.
1.14.4 Iterating IP Routes to LDP LSPs
1. Requirements
Iterate IP routes to LDP LSPs.
2. Topology

Figure 1-13 Iterating IP Routes to LDP LSPs

Loopback1 3.3.3.3/32

Loopback1 4.4.4.4/32

Loopback1 5.5.5.5/32

G0/1 192.168.1.1/24
1.1.1.0/24

G0/2 192.168.2.1/24
G0/1 LER1 192.168.2.2/24

G0/2 192.168.3.1/24
G0/2 LSR1 192.168.3.2/24 LER2

G0/1 192.168.4.1/24
2.2.2.0/24

Site-a

Site-b

G0/1 192.168.1.2/24 CE1

G0/1 192.168.4.2/24
CE2

Loopback1 1.1.1.1/32

Loopback1 2.2.2.2/32

3. Notes
Configure IP addresses and IS-IS on LER1, LSR1, and LER2 and establish IS-IS unicast neighbors. Configure the LDP on LER1, LSR1, and LER2 and establish LDP neighbors. Configure IP addresses and OSPF and establish OSPF neighbors between CE1 and LER1, and between
CE2 and LER2, respectively. Configure a static route from LER1 to CE2, configure a static route from LER2 to CE1, and re-distribute the
static routes to OSPF. Enable the function of iterating IP routes to LDP LSPs on LER1 and LER2.

Configuration Guide

Configuring MPLS Basics

4. Procedure

(1) Configure IP addresses and IS-IS on LER1, LSR1, and LER2 and establish IS-IS unicast neighbors.
Configure LER1.
LER1> enable LER1# configure terminal LER1(config)# router isis LER1(config-router)# net 49.0001.0000.0000.0001.00 LER1(config-router)# exit LER1(config)# interface loopback 1 LER1(config-if-Loopback 1)# ip address 3.3.3.3 255.255.255.255 LER1(config-if-Loopback 1)# ip router isis LER1(config-if-Loopback 1)# exit LER1(config)# interface gigabitethernet 0/2 LER1(config-if-GigabitEthernet 0/2)# mpls ldp enable LER1(config-if-GigabitEthernet 0/2)# ip address 192.168.2.1 255.255.255.0 LER1(config-if-GigabitEthernet 0/2)# ip router isis LER1(config-if-GigabitEthernet 0/2)# exit Configure LSR1.
LSR1> enable LSR1# configure terminal LSR1(config)# router isis LSR1(config-router)# net 49.0001.0000.0000.0002.00 LSR1(config-router)# exit LSR1(config)# interface loopback 1 LSR1(config-if-Loopback 1)# ip address 4.4.4.4 255.255.255.255 LSR1(config-if-Loopback 1)# ip router isis LSR1(config-if-Loopback 1)# exit LSR1(config)# interface gigabitethernet 0/1 LSR1(config-if-GigabitEthernet 0/1)# mpls ldp enable LSR1(config-if-GigabitEthernet 0/1)# ip address 192.168.2.2 255.255.255.0 LSR1(config-if-GigabitEthernet 0/1)# ip router isis LSR1(config-if-GigabitEthernet 0/1)# exit LSR1(config)# interface gigabitethernet 0/2 LSR1(config-if-GigabitEthernet 0/2)# mpls ldp enable LSR1(config-if-GigabitEthernet 0/2)# ip address 192.168.3.1 255.255.255.0 LSR1(config-if-GigabitEthernet 0/2)# ip router isis LSR1(config-if-GigabitEthernet 0/2)# exit Configure LER2.
LER2> enable LER2# configure terminal LER2(config)# router isis LER2(config-router)# net 49.0001.0000.0000.0003.00 LER2(config-router)# exit LER2(config)# interface loopback 1

Configuration Guide

Configuring MPLS Basics

LER2(config-if-Loopback 1)# ip address 5.5.5.5 255.255.255.255 LER2(config-if-Loopback 1)# ip router isis LER2(config-if-Loopback 1)# exit LER2(config)# interface gigabitethernet 0/2 LER2(config-if-GigabitEthernet 0/2)# mpls ldp enable LER2(config-if-GigabitEthernet 0/2)# ip address 192.168.3.2 255.255.255.0 LER2(config-if-GigabitEthernet 0/2)# ip router isis LER2(config-if-GigabitEthernet 0/2)# exit (2) Configure the LDP on LER1, LSR1, and LER2 and establish LDP neighbors.
Configure LER1.
LER1(config)# mpls router ldp LER1(config-mpls-router)# ldp router-id interface loopback 1 force LER1(config-mpls-router)# exit LER1(config)# interface gigabitethernet 0/2 LER1(config-if-GigabitEthernet 0/2)# mpls ldp enable LER1(config-if-GigabitEthernet 0/2)# label-switching LER1(config-if-GigabitEthernet 0/2)# exit Configure LSR1.
LSR1(config)# mpls router ldp LSR1(config-mpls-router)# ldp router-id interface loopback 1 force LSR1(config-mpls-router)# exit LSR1(config)# interface gigabitethernet 0/1 LSR1(config-if-GigabitEthernet 0/1)# mpls ldp enable LSR1(config-if-GigabitEthernet 0/1)# label-switching LSR1(config-if-GigabitEthernet 0/1)# exit LSR1(config)# interface gigabitethernet 0/2 LSR1(config-if-GigabitEthernet 0/2)# mpls ldp enable LSR1(config-if-GigabitEthernet 0/2)# label-switching LSR1(config-if-GigabitEthernet 0/2)# exit Configure LER2.
LER2(config)# mpls router ldp LER2(config-mpls-router)# ldp router-id interface loopback 1 force LER2(config-mpls-router)# exit LER2(config)# interface gigabitethernet 0/2 LER2(config-if-GigabitEthernet 0/2)# mpls ldp enable LER2(config-if-GigabitEthernet 0/2)# label-switching LER2(config-if-GigabitEthernet 0/2)# exit (3) Configure IP addresses and OSPF and establish OSPF neighbors between CE1 and LER1, and between CE2 and LER2, respectively.
Configure CE1.
CE1> enable CE1# configure terminal CE1(config)# interface gigabitethernet 0/1 CE1(config-if-GigabitEthernet 0/1)# mpls ldp enable

Configuration Guide

Configuring MPLS Basics

CE1(config-if-GigabitEthernet 0/1)# ip address 192.168.1.2 255.255.255.0 CE1(config-if-GigabitEthernet 0/1# exit CE1(config)# interface loopback 1 CE1(config-if-Loopback 1)# ip address 1.1.1.1 255.255.255.255 CE1(config-if-Loopback 1)# exit CE1(config)# router ospf 1 CE1(config-router)# network 192.168.1.0 0.0.0.255 area 0 CE1(config-router)# network 1.1.1.0 0.0.0.255 area 0 CE1(config-router)# end Configure LER1.
LER1(config)# interface gigabitethernet 0/1 LER1(config-if-GigabitEthernet 0/1)# mpls ldp enable LER1(config-if-GigabitEthernet 0/1)# ip address 192.168.1.1 255.255.255.0 LER1(config-if-GigabitEthernet 0/1)# exit LER1(config)# router ospf 1 LER1(config-router)# network 192.168.1.0 0.0.0.255 area 0 LER1(config-router)# exit Configure LER2.
LER2(config)# interface gigabitethernet 0/1 LER2(config-if-GigabitEthernet 0/1)# mpls ldp enable LER2(config-if-GigabitEthernet 0/1)# ip address 192.168.4.1 255.255.255.0 LER2(config-if-GigabitEthernet 0/1)# exit LER2(config)# router ospf 1 LER2(config-router)# network 192.168.4.0 0.0.0.255 area 0 LER2(config-router)# exit Configure CE2.
CE2> enable CE2# configure terminal CE2(config)# interface gigabitethernet 0/1 CE2(config-if-GigabitEthernet 0/1)# mpls ldp enable CE2(config-if-GigabitEthernet 0/1)# ip address 192.168.4.2 255.255.255.0 CE2(config-if-GigabitEthernet 0/1# exit CE2(config)# interface loopback 1 CE2(config-if-Loopback 1)# ip address 2.2.2.2 255.255.255.255 CE2(config-if-Loopback 1)# exit CE2(config)# router ospf 1 CE2(config-router)# network 192.168.4.0 0.0.0.255 area 0 CE2(config-router)# network 2.2.2.0 0.0.0.255 area 0 (4) Configure a static route from LER1 to CE2, configure a static route from LER2 to CE1, and re-distribute the static routes to OSPF.
Configure LER1.
LER1(config)# ip route 2.2.2.0 255.255.255.0 5.5.5.5 LER1(config)# router ospf 1 LER1(config-router)# redistribute static subnets

Configuration Guide

Configuring MPLS Basics

LER1(config-router)# exit Configure LER2.

LER2(config)# ip route 1.1.1.0 255.255.255.0 3.3.3.3 LER2(config)# router ospf 1 LER2(config-router)# redistribute static subnets LER2(config-router)# exit (5) Enable the function of iterating IP routes to LDP LSPs on LER1 and LER2. LER1 is used as an example. Configurations on LER2 are similar to those on LER1.
Configure LER1.

LER1(config)# recursive-route to mpls LER1(config)# end 5. Verification

Run the show mpls forwarding-table command to check that LER1 and LER2 have public FTN entries to the peer and traffic forwarding between CE1 and CE2 is normal. Display LER1 entries.

LER1# show mpls forwarding-table

Label Operation Code:

PH–PUSH label

PP–POP label

SW–SWAP label

SP–SWAP topmost label and push new label

DP–DROP packet

PC–POP label and continue lookup by IP or Label

PI–POP label and do ip lookup forward

PN–POP label and forward to nexthop

PM–POP label and do MAC lookup forward

PV–POP label and output to VC attach interface

IP–IP lookup forward

s–stale

Local Outgoing OP FEC

Outgoing

label label

interface

—

imp-null PH 4.4.4.4/32

Gi0/2

—

11266 PH 5.5.5.5/32

Gi0/2

—

imp-null PH 192.168.3.0/24 Gi0/2

11265 —

PI 1.1.1.1/32

Gi0/1

11266 imp-null PP 4.4.4.4/32

Gi0/2

11267 imp-null PP 192.168.3.0/24 Gi0/2

11268 11266 SW 5.5.5.5/32

Gi0/2

11269 —

PI 2.2.2.0/24

Gi0/2

Display LER2 entries.

Nexthop

Uptime

192.168.2.2 01:28:43

192.168.1.2 01:28:43

192.168.2.2 01:28:43

5.5.5.5

01:28:43

LER2# show mpls forwarding-table Label Operation Code: PH–PUSH label

Configuration Guide

Configuring MPLS Basics

PP–POP label

SW–SWAP label

SP–SWAP topmost label and push new label

DP–DROP packet

PC–POP label and continue lookup by IP or Label

PI–POP label and do ip lookup forward

PN–POP label and forward to nexthop

PM–POP label and do MAC lookup forward

PV–POP label and output to VC attach interface

IP–IP lookup forward

s–stale

Local Outgoing OP FEC

Outgoing

label label

interface

—

11265 PH 3.3.3.3/32

Gi0/2

—

imp-null PH 4.4.4.4/32

Gi0/2

—

imp-null PH 192.168.2.0/24 Gi0/2

92162 —

PI 2.2.2.2/32

Gi0/1

92163 11265 SW 3.3.3.3/32

Gi0/2

92164 imp-null PP 4.4.4.4/32

Gi0/2

92168 imp-null PP 192.168.2.0/24 Gi0/2

92169 —

PI 1.1.1.0/24

Gi0/2

Check that CE1 can access CE2.

Nexthop

Uptime

192.168.3.1 01:29:05

192.168.4.2 01:29:05

192.168.3.1 01:29:05

3.3.3.3

01:29:05

CE1# ping 2.2.2.2 source 1.1.1.1 Sending 5, 100-byte ICMP Echoes to 2.2.2.2, timeout is 2 seconds:
< press Ctrl+C to break > !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/6 ms.
6. Configuration Files

CE1 configuration file

hostname CE1 ! interface gigabitethernet 0/1
mpls ldp enable ip address 192.168.1.2 255.255.255.0 ! interface Loopback 1 ip address 1.1.1.1 255.255.255.255 ! router ospf 1 network 1.1.1.0 0.0.0.255 area 0 network 192.168.1.0 0.0.0.255 area 0 ! LER1 configuration file

hostname LER1

Configuration Guide
! mpls enable ! interface gigabitethernet 0/1
mpls ldp enable ip address 192.168.1.1 255.255.255.0 ! interface gigabitethernet 0/2 mpls ldp enable ip address 192.168.2.1 255.255.255.0 ip router isis mpls ldp enable label-switching ! interface Loopback 1 ip address 3.3.3.3 255.255.255.255 ip router isis ! router isis net 49.0001.0000.0000.0001.00 ! router ospf 1 redistribute static subnets network 192.168.1.0 0.0.0.255 area 0 ! mpls router ldp ldp router-id interface Loopback 1 force ! recursive-route to mpls ! ip route 2.2.2.0 255.255.255.0 5.5.5.5 LSR1 configuration file
hostname LSR1 ! mpls enable ! interface gigabitethernet 0/1
ip address 192.168.2.2 255.255.255.0 ip router isis mpls ldp enable label-switching ! interface gigabitethernet 0/2 ip address 192.168.3.1 255.255.255.0 ip router isis mpls ldp enable
58

Configuring MPLS Basics

Configuration Guide
label-switching ! interface Loopback 1
ip address 4.4.4.4 255.255.255.255 ip router isis ! mpls router ldp ldp router-id interface Loopback 1 force ! router isis net 49.0001.0000.0000.0002.00 ! mpls router ldp ldp router-id interface Loopback 1 force ! LER2 configuration file
hostname LER2 ! mpls enable ! interface gigabitethernet 0/1
mpls ldp enable ip address 192.168.4.1 255.255.255.0 ! interface gigabitethernet 0/2 mpls ldp enable ip address 192.168.3.2 255.255.255.0 ip router isis mpls ldp enable label-switching ! interface Loopback 1 ip address 5.5.5.5 255.255.255.255 ip router isis ! router isis net 49.0001.0000.0000.0003.00 ! router ospf 1 redistribute static subnets network 192.168.4.0 0.0.0.255 area 0 ! mpls router ldp ldp router-id interface Loopback 1 force ! recursive-route to mpls
59

Configuring MPLS Basics

Configuration Guide

Configuring MPLS Basics

! ip route 1.1.1.0 255.255.255.0 3.3.3.3 CE2 configuration file
hostname CE2 ! interface gigabitethernet 0/1
mpls ldp enable ip address 192.168.4.2 255.255.255.0 ! interface Loopback 1 ip address 2.2.2.2 255.255.255.255 ! router ospf 1 network 2.2.2.0 0.0.0.255 area 0 network 192.168.4.0 0.0.0.255 area 0 ! 7. Common Errors
MPLS forwarding is not enabled globally. LDP is not enabled on an interface.
1.14.5 Configuring an MPLS Tunnel Policy
1. Requirements
Configure an MPLS tunnel policy.
2. Topology

Figure 1-2 Configuring an MPLS Tunnel Policy

Loopback0 192.168.0.1/32

Loopback0 192.168.0.2/32

Loopback0 192.168.0.3/32

192.168.100.0/24

192.168.200.0/24

G0/1 192.168.1.1/24

G0/2 192.168.2.1/24

LER A

G0/1 192.168.1.2/24
LSR B

G0/1 192.168.2.2/24
LER C

3. Notes
Configure interface IP addresses and an IPv4 unicast routing protocol (such as OSPF) on each device to implement route reachability between the devices.
Enable the MPLS forwarding capability globally and configure LDP and an LDP router ID. Enable LDP and the ability to forward labeled packets on interfaces. Create a tunnel policy and configure a tunnel selection policy. 4. Procedure
(1) Configure interface IP addresses and OSPF on each device to implement route reachability between the devices.
60

Configuration Guide
Configure LER A.
LERA> enable LERA# configure terminal LERA(config)# interface gigabitethernet 0/1 LERA(config-if-GigabitEthernet 0/1)# ip address 192.168.1.1 255.255.255.0 LERA(config-if-GigabitEthernet 0/1)# exit LERA(config)# interface loopback 0 LERA(config-if-Loopback 0)# ip address 192.168.0.1 255.255.255.255 LERA(config-if-Loopback 0)# exit LERA(config)# router ospf 10 LERA(config-router)# network 192.168.1.0 0.0.0.255 area 0 LERA(config-router)# network 192.168.0.1 0.0.0.0 area 0 LERA(config-router)# network 192.168.100.0 0.0.0.255 area 0 LERA(config-router)# exit Configure LSR B.
LSRB> enable LSRB# configure terminal LSRB(config)# interface gigabitethernet 0/1 LSRB(config-if-GigabitEthernet 0/1)# ip address 192.168.1.2 255.255.255.0 LSRB(config-if-GigabitEthernet 0/1)# exit LSRB(config)# interface gigabitethernet 0/2 LSRB(config-if-GigabitEthernet 0/2)# ip address 192.168.2.1 255.255.255.0 LSRB(config-if-GigabitEthernet 0/2)# exit LSRB(config)# interface loopback 0 LSRB(config-if-Loopback 0)# ip address 192.168.0.2 255.255.255.255 LSRB(config-if-Loopback 0)# exit LSRB(config)# router ospf 10 LSRB(config-router)# network 192.168.1.0 0.0.0.255 area 0 LSRB(config-router)# network 192.168.2.0 0.0.0.255 area 0 LSRB(config-router)# network 192.168.0.2 0.0.0.0 area 0 LSRB(config-router)# exit Configure LER C.
LERC> enable LERC# configure terminal LERC(config)# interface gigabitethernet 0/1 LERC(config-if-GigabitEthernet 0/1)# ip address 192.168.2.2 255.255.255.0 LERC(config-if-GigabitEthernet 0/1)# exit LERC(config)# interface loopback 0 LERC(config-if-Loopback 0)# ip address 192.168.0.3 255.255.255.255 LERC(config-if-Loopback 0)# exit LERC(config)# router ospf 10 LERC(config-router)# network 192.168.2.0 0.0.0.255 area 0 LERC(config-router)# network 192.168.0.3 0.0.0.0 area 0 LERC(config-router)# network 192.168.200.0 0.0.0.255 area 0 LERC(config-router)# exit
61

Configuring MPLS Basics

Configuration Guide

Configuring MPLS Basics

(2) Enable the MPLS forwarding capability globally and configure LDP and an LDP router ID. LER A is used as an example. Configurations on LER B and LER C are similar to those on LER A, and are omitted here.

LERA(config)# mpls enable LERA(config)# mpls router ldp LERA(config-mpls-router)# ldp router-id interface loopback 0 force LERA(config-mpls-router)# exit (3) Enable LDP and the ability to forward labeled packets on interfaces.
Configure LER A.

LERA(config)# interface gigabitethernet 0/1 LERA(config-if-GigabitEthernet 0/1)# mpls ldp enable LERA(config-if-GigabitEthernet 0/1)# label-switching LERA(config-if-GigabitEthernet 0/1)# exit Configure LER B.

LSRB(config)# interface gigabitethernet 0/1 LSRB(config-if-GigabitEthernet 0/1)# mpls ldp enable LSRB(config-if-GigabitEthernet 0/1)# label-switching LSRB(config-if-GigabitEthernet 0/1)# exit LSRB(config)# interface gigabitethernet 0/2 LSRB(config-if-GigabitEthernet 0/2)# mpls ldp enable LSRB(config-if-GigabitEthernet 0/2)# label-switching LSRB(config-if-GigabitEthernet 0/2)# end Configure LER C.

LERC (config)# interface gigabitethernet 0/1 LERC(config-if-GigabitEthernet 0/1)# mpls ldp enable LERC(config-if-GigabitEthernet 0/1)# label-switching (4) Create a tunnel policy and configure a tunnel selection policy.
Configure LER A.

LERA(config)# tunnel-policy tun-pol LERA(config-tunnel-policy)# tunnel select lsp LERA(config-tunnel-policy)# end
5. Verification

Run the show mpls tunnel-info all command to check the public network tunnel information on LER A.

LERA# show mpls tunnel-info all

Total tunnel-info num: 3

SRP tunnel-info num: 0

LSP tunnel-info num: 3

TE tunnel-info num: 0

BE tunnel-info num: 0

GRE tunnel-info num: 0

TP tunnel-info num: 0

Tunnel-ID

Type

Destination

0x00000001 LSP

192.168.0.2/32

Configuration Guide

Configuring MPLS Basics

0x00000003 LSP

192.168.0.3/32

0x00000002 LSP

192.168.2.0/24

Run the show mpls forwarding-table command to check MPLS forwarding entries on LER A.

LERA# show mpls forwarding-table

Label Operation Code:

PH–PUSH label

PP–POP label

SW–SWAP label

SP–SWAP topmost label and push new label

DP–DROP packet

PC–POP label and continue lookup by IP or Label

PI–POP label and do ip lookup forward

PN–POP label and forward to nexthop

PM–POP label and do MAC lookup forward

PV–POP label and output to VC attach interface

IP–IP lookup forward

s–stale

Local Outgoing OP FEC

Outgoing

label label

interface

—

imp-null PH 192.168.0.2/32 Gi0/1

—

92163 PH 192.168.0.3/32 Gi0/1

—

imp-null PH 192.168.2.0/24 Gi0/1

92162 imp-null PP 192.168.0.2/32 Gi0/1

92163 imp-null PP 192.168.2.0/24 Gi0/1

92164 92163 SW 192.168.0.3/32 Gi0/1

6. Configuration Files

Nexthop

Uptime

192.168.1.2 00:06:32 192.168.1.2 00:06:32
192.168.1.2 00:06:32 192.168.1.2 00:06:32 192.168.1.2 00:06:32 192.168.1.2 00:06:32

LER A configuration file hostname LERA ! mpls enable ! interface gigabitethernet 0/1 ip address 192.168.1.1 255.255.255.0 mpls ldp enable label-switching ! interface loopback 0 ip address 192.168.0.1 255.255.255.255 ! router ospf 10 network 192.168.0.1 0.0.0.0 area 0 network 192.168.1.0 0.0.0.255 area 0 network 192.168.100.0 0.0.0.255 area 0 ! mpls router ldp

Configuration Guide
ldp router-id interface loopback 0 force ! tunnel-policy tun-pol
tunnel select lsp ! LSR B configuration file hostname LSRB ! mpls enable ! interface gigabitethernet 0/1
ip address 192.168.1.2 255.255.255.0 mpls ldp enable label-switching ! interface gigabitethernet 0/2 ip address 192.168.2.1 255.255.255.0 mpls ldp enable label-switching ! interface loopback 0 ip address 192.168.0.2 255.255.255.255 ! router ospf 10 network 192.168.0.2 0.0.0.0 area 0 network 192.168.1.0 0.0.0.255 area 0 network 192.168.2.0 0.0.0.255 area 0 ! mpls router ldp ldp router-id interface loopback 0 force ! LER C configuration file hostname LERC ! mpls enable ! interface gigabitethernet 0/1 ip address 192.168.2.2 255.255.255.0 mpls ldp enable label-switching ! interface loopback 0 ip address 192.168.0.3 255.255.255.255 ! router ospf 10 network 192.168.0.3 0.0.0.0 area 0
64

Configuring MPLS Basics

Configuration Guide
network 192.168.2.0 0.0.0.255 area 0 network 192.168.200.0 0.0.0.255 area 0 ! mpls router ldp ldp router-id interface loopback 0 force !

Configuring MPLS Basics

Configuration Guide

Contents

1 Configuring MPLS GR…………………………………………………………………………………………………………1 1.1 Introduction ……………………………………………………………………………………………………………….. 1 1.1.1 Overview ………………………………………………………………………………………………………… 1 1.1.2 GR Devices …………………………………………………………………………………………………….. 1 1.1.3 MPLS GR ……………………………………………………………………………………………………….. 2 1.1.4 Protocols and Standards ………………………………………………………………………………….. 4 1.2 Configuration Task Summary ………………………………………………………………………………………. 4 1.3 Configuring LDP GR …………………………………………………………………………………………………… 4 1.3.1 Overview ………………………………………………………………………………………………………… 4 1.3.2 Restrictions and Guidelines ………………………………………………………………………………. 5 1.3.3 Prerequisites …………………………………………………………………………………………………… 5 1.3.4 Procedure………………………………………………………………………………………………………..5 1.4 Monitoring …………………………………………………………………………………………………………………. 6 1.5 Configuration Examples……………………………………………………………………………………………….6 1.5.1 Configuring LDP GR ………………………………………………………………………………………… 6 1.5.2 Configuring L3VPN GR……………………………………………………………………………………12 1.6 Common Errors…………………………………………………………………………………………………………22
2 MPLS BFD ……………………………………………………………………………………………………………………… 23 2.1 Overview …………………………………………………………………………………………………………………. 23 2.1.1 MPLS BFD ……………………………………………………………………………………………………. 23 2.1.2 Basic Concepts ……………………………………………………………………………………………… 23 2.1.3 BFD Session Establishment ……………………………………………………………………………. 24

Configuration Guide

Contents

2.1.4 Protocols and Standards ………………………………………………………………………………… 27

2.2 Configuration Task Summary …………………………………………………………………………………….. 27

2.3 Configuring BFD for Static LSP ………………………………………………………………………………….. 27

2.4 Configuring BFD for LDP LSP ……………………………………………………………………………………. 28

2.5 Configuring BFD for LDP Tunnel ………………………………………………………………………………… 29

2.6 Configuring BFD for BGP LSP …………………………………………………………………………………… 29

2.7 Configuring BFD for BGP Tunnel ……………………………………………………………………………….. 30

2.8 Configuring BFD for LSP …………………………………………………………………………………………… 31

2.9 Monitoring ……………………………………………………………………………………………………………….. 32

2.10 Configuration Examples……………………………………………………………………………………………32

2.10.1 Configuring BFD for LDP LSP ……………………………………………………………………….. 32

2.10.2 Configuring BFD for LDP FRR………………………………………………………………………..37

2.10.3 Configuring BFD for BGP LSP………………………………………………………………………..43

3 L3VPN FRR……………………………………………………..

Documents / Resources

	Ruijie Network Devices and Solutions Provider [pdf] User Guide Network Devices and Solutions Provider, Devices and Solutions Provider, Solutions Provider, Provider
	RUIJIE Network Devices and Solutions Provider [pdf] User Guide Network Devices and Solutions Provider, Network Devices and Solutions Provider, Devices and Solutions Provider, Solutions Provider, Provider