The Label Distribution Protocol (LDP) allocates a local label for every route learned from the IGP.
But the question is, do we really need a label for every route? The short answer is no! We can optimize LDP and save resources by allocating labels only to the Provider Edge (PE) routers. Let’s test in the lab on IOS and IOS XR devices.
Diagram
- Every router has a Loopback0 configured with IP address X.X.X.X/32, where X is the router number, i.e R2 (2.2.2.2/32)
- Transit links are configured with IP addresses 10.X.Y.0/24, where X and Y are adjacent router numbers, i.e. the link between R1 and R2 is 10.1.2.0/24
- R1-R4, R6, R7 are IOS devices and R5 is running IOS XRv
- In SP 65000 network IS-IS is configured as IGP with MPLS enabled on every core link
Configuration
R1-PE
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0.12
encapsulation dot1Q 12
ip address 10.1.2.1 255.255.255.0
ip router isis 1
!
interface FastEthernet0/0.16
encapsulation dot1Q 16
vrf forwarding A
ip address 10.1.6.1 255.255.255.0
!
router isis 1
mpls ldp autoconfig
net 49.0001.0000.0000.0001.00
is-type level-2-only
passive-interface Loopback0
R2
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0.12
encapsulation dot1Q 12
ip address 10.1.2.2 255.255.255.0
ip router isis 1
!
interface FastEthernet0/0.23
encapsulation dot1Q 23
ip address 10.2.3.2 255.255.255.0
ip router isis 1
!
router isis 1
mpls ldp autoconfig
net 49.0001.0000.0000.0002.00
is-type level-2-only
passive-interface Loopback0
R3
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0.23
encapsulation dot1Q 23
ip address 10.2.3.3 255.255.255.0
ip router isis 1
!
interface FastEthernet0/0.34
encapsulation dot1Q 34
ip address 10.3.4.3 255.255.255.0
ip router isis 1
!
router isis 1
mpls ldp autoconfig
net 49.0001.0000.0000.0003.00
is-type level-2-only
passive-interface Loopback0
R4
interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface FastEthernet0/0.34
encapsulation dot1Q 34
ip address 10.3.4.4 255.255.255.0
ip router isis 1
!
interface FastEthernet0/0.45
encapsulation dot1Q 45
ip address 10.4.5.4 255.255.255.0
ip router isis 1
!
router isis 1
mpls ldp autoconfig
net 49.0001.0000.0000.0004.00
is-type level-2-only
passive-interface Loopback0
R5-XRv-PE
interface Loopback0
ipv4 address 5.5.5.5 255.255.255.255
!
interface GigabitEthernet0/0/0/1.45
ipv4 address 10.4.5.5 255.255.255.0
encapsulation dot1q 45
!
interface GigabitEthernet0/0/0/1.57
vrf A
ipv4 address 10.5.7.5 255.255.255.0
encapsulation dot1q 57
!
router isis 1
is-type level-2-only
net 49.0001.0000.0000.0005.00
address-family ipv4 unicast
mpls ldp auto-config
!
interface Loopback0
passive
address-family ipv4 unicast
!
!
interface GigabitEthernet0/0/0/1.45
address-family ipv4 unicast
!
!
!
mpls ldp
Verification
R1-PE has learned through the IS-IS all of the core routes as well as host routes.
R1-PE#show ip route isis | begin Gateway
Gateway of last resort is not set
2.0.0.0/32 is subnetted, 1 subnets
i L2 2.2.2.2 [115/10] via 10.1.2.2, 00:00:15, FastEthernet0/0.12
3.0.0.0/32 is subnetted, 1 subnets
i L2 3.3.3.3 [115/20] via 10.1.2.2, 00:00:38, FastEthernet0/0.12
4.0.0.0/32 is subnetted, 1 subnets
i L2 4.4.4.4 [115/30] via 10.1.2.2, 00:02:42, FastEthernet0/0.12
5.0.0.0/32 is subnetted, 1 subnets
i L2 5.5.5.5 [115/40] via 10.1.2.2, 00:02:42, FastEthernet0/0.12
10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks
i L2 10.2.3.0/24 [115/20] via 10.1.2.2, 00:00:15, FastEthernet0/0.12
i L2 10.3.4.0/24 [115/30] via 10.1.2.2, 00:00:38, FastEthernet0/0.12
i L2 10.4.5.0/24 [115/40] via 10.1.2.2, 00:02:42, FastEthernet0/0.12
As stated before, routers allocate a local label for every routes learned from the IGP (in our case IS-IS). We can verify this by looking on the Label Information Base (LIB).
R1-PE#show mpls ldp bindings
lib entry: 1.1.1.1/32, rev 2
local binding: label: imp-null
remote binding: lsr: 2.2.2.2:0, label: 16
lib entry: 2.2.2.2/32, rev 20
local binding: label: 22
remote binding: lsr: 2.2.2.2:0, label: imp-null
lib entry: 3.3.3.3/32, rev 18
local binding: label: 21
remote binding: lsr: 2.2.2.2:0, label: 21
lib entry: 4.4.4.4/32, rev 4
local binding: label: 16
remote binding: lsr: 2.2.2.2:0, label: 18
lib entry: 5.5.5.5/32, rev 6
local binding: label: 17
remote binding: lsr: 2.2.2.2:0, label: 19
lib entry: 10.1.2.0/24, rev 8
local binding: label: imp-null
remote binding: lsr: 2.2.2.2:0, label: imp-null
lib entry: 10.1.6.0/24, rev 10
local binding: label: imp-null
lib entry: 10.2.3.0/24, rev 12
local binding: label: 18
remote binding: lsr: 2.2.2.2:0, label: imp-null
lib entry: 10.3.4.0/24, rev 14
local binding: label: 19
remote binding: lsr: 2.2.2.2:0, label: 17
lib entry: 10.4.5.0/24, rev 16
local binding: label: 20
remote binding: lsr: 2.2.2.2:0, label: 20
By default, these local labels are advertised to all LDP peers. In Layer 3 VPN networks we need label switched paths created between Provider Edge Loopbacks (in our case R1 and R5). The reason that we don’t need labels for transit links is that we don’t send traffic to these links; we only send traffic through these links. Also allocating labels for Loopbacks of the P routers (R2, R3, R4) is not necessary.
We can optimize and scale our network by allocating labels only for PE loopbacks. The number of messages exchanged between peers will be reduced. This helps to achieve faster convergence.
Let’s configure.
R1-PE, R2, R3, R4
ip prefix-list PE_LOOPBACKS seq 5 permit 1.1.1.1/32
ip prefix-list PE_LOOPBACKS seq 10 permit 5.5.5.5/32
!
mpls ldp label
allocate global prefix-list PE_LOOPBACKS
R5-XRv-PE
ipv4 access-list PE_LOOPBACKS
10 permit ipv4 host 1.1.1.1 any
20 permit ipv4 host 5.5.5.5 any
!
mpls ldp
address-family ipv4
label
local
allocate for PE_LOOPBACKS
Let’s see how LIB table looks after this configuration.
R1-PE
R1-PE#show mpls ldp bindings
lib entry: 1.1.1.1/32, rev 2
local binding: label: imp-null
remote binding: lsr: 2.2.2.2:0, label: 16
lib entry: 5.5.5.5/32, rev 6
local binding: label: 17
remote binding: lsr: 2.2.2.2:0, label: 19
R2
R2#show mpls ldp bindings
lib entry: 1.1.1.1/32, rev 2
local binding: label: 16
remote binding: lsr: 3.3.3.3:0, label: 16
remote binding: lsr: 1.1.1.1:0, label: imp-null
lib entry: 5.5.5.5/32, rev 14
local binding: label: 19
remote binding: lsr: 3.3.3.3:0, label: 18
remote binding: lsr: 1.1.1.1:0, label: 17
R3
R3#show mpls ldp bindings
lib entry: 1.1.1.1/32, rev 2
local binding: label: 16
remote binding: lsr: 4.4.4.4:0, label: 16
remote binding: lsr: 2.2.2.2:0, label: 16
lib entry: 5.5.5.5/32, rev 8
local binding: label: 18
remote binding: lsr: 4.4.4.4:0, label: 17
remote binding: lsr: 2.2.2.2:0, label: 19
R4
R4#show mpls ldp bindings
lib entry: 1.1.1.1/32, rev 2
local binding: label: 16
remote binding: lsr: 5.5.5.5:0, label: 24004
remote binding: lsr: 3.3.3.3:0, label: 16
lib entry: 5.5.5.5/32, rev 6
local binding: label: 17
remote binding: lsr: 5.5.5.5:0, label: imp-null
remote binding: lsr: 3.3.3.3:0, label: 18
R5-XRv-PE
RP/0/0/CPU0:R5-XRv-PE#show mpls ldp bindings
Tue Aug 10 07:21:05.140 UTC
1.1.1.1/32, rev 35
Local binding: label: 24004
Remote bindings: (1 peers)
Peer Label
----------------- ---------
4.4.4.4:0 16
5.5.5.5/32, rev 2
Local binding: label: ImpNull
Remote bindings: (1 peers)
Peer Label
----------------- ---------
4.4.4.4:0 17
LIB table is clearly reduced. We can also check LFIB table.
R1-PE
R1-PE#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
17 19 5.5.5.5/32 0 Fa0/0.12 10.1.2.2
R5-XRv-PE
RP/0/0/CPU0:R5-XRv-PE#show mpls forwarding
Tue Aug 10 07:22:55.433 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24004 16 1.1.1.1/32 Gi0/0/0/1.45 10.4.5.4 0
And ultimate verification will be traceroute from PE to PE.
R1-PE#traceroute 5.5.5.5 source 1.1.1.1 numeric
Type escape sequence to abort.
Tracing the route to 5.5.5.5
VRF info: (vrf in name/id, vrf out name/id)
1 10.1.2.2 [MPLS: Label 19 Exp 0] 60 msec 64 msec 56 msec
2 10.2.3.3 [MPLS: Label 18 Exp 0] 52 msec 40 msec 52 msec
3 10.3.4.4 [MPLS: Label 17 Exp 0] 40 msec 44 msec 40 msec
4 10.4.5.5 56 msec * 100 msec
As we can see packets in the core are forwarded based on label and output shows that we have end-to-end LSP between PEs.
We were able to optimize our network, while still providing L3 VPN to the Customer. L3 VPN configs were intentionally omitted in this post because I wanted to focus on core MPLS routing.
Our client has reachability between sites.
R6-CE#trace 7.7.7.7 source 6.6.6.6 numeric
Type escape sequence to abort.
Tracing the route to 7.7.7.7
VRF info: (vrf in name/id, vrf out name/id)
1 10.1.6.1 21 msec 12 msec 12 msec
2 10.1.2.2 [MPLS: Labels 19/24007 Exp 0] 64 msec 71 msec 85 msec
3 10.2.3.3 [MPLS: Labels 18/24007 Exp 0] 66 msec 42 msec 46 msec
4 10.3.4.4 [MPLS: Labels 17/24007 Exp 0] 58 msec 48 msec 57 msec
5 10.4.5.5 [MPLS: Label 24007 Exp 0] 28 msec 39 msec 45 msec
6 10.5.7.7 54 msec * 18 msec