Full Mesh Auto-Tunnels

Load mpls.te.base.config.with.ospf.cfg

#IOS-XE
config replace flash:mpls.te.base.config.with.ospf.cfg

#IOS-XR
configure
load bootflash:mpls.te.base.config.with.ospf.cfg
commit replace
y

Using the full mesh auto-tunnel feature, configure CSR8 and XR11 so that they have TE tunnels to each other, plus CSR4 and CSR5. Do not configure CSR4 and CSR5. They will not have any headend TE tunnels. Use a tunnel ID range of 1000-1999 on CSR8 and XR11.

Answer

#CSR8
mpls traffic-eng auto-tunnel mesh
mpls traffic-eng auto-tunnel mesh tunnel-num min 1000 max 1999
!
interface Auto-Template500
 ip unnumbered Loopback0
 tunnel mode mpls traffic-eng
 tunnel destination access-list 10
 tunnel mpls traffic-eng autoroute destination
 tunnel mpls traffic-eng path-option 1 dynamic
!
access-list 10 permit 5.5.5.5
access-list 10 permit 11.11.11.11
access-list 10 permit 4.4.4.4
access-list 10 permit 8.8.8.8

#XRv11
ipv4 unnumbered mpls traffic-eng Loopback0
!
ipv4 prefix-list TUNNEL_ENDPOINTS
 permit 8.8.8.8/32
 permit 4.4.4.4/32
 permit 5.5.5.5/32
 permit 11.11.11.11/32
!
mpls traffic-eng
 auto-tunnel mesh
  group 10
   attribute-set MESH_ATTRS
   destination-list TUNNEL_ENDPOINTS
  !
  tunnel-id min 1000 max 1999
 !
 attribute-set auto-mesh MESH_ATTRS
  autoroute announce

Explanation

Full mesh auto-tunnels allow you dynamically create tunnels to all endpoints in an ACL using a template tunnel interface. This allows you to to more easily create a full mesh of TE tunnels with less configuration overhead. Additionally, adding a new TE tunnel to a new PE is simply a matter of adding an entry to the ACL.

The auto-mesh feature requires an ACL be defined to determine the tunnel endpoints. On IOS-XR you use a prefix-list. You can define the local PE itself in the ACL or prefix-list, it doesn’t hurt anything. This can allow you to copy+paste the ACL/prefix-list on every PE.

#IOS-XE
access-list 10 permit 5.5.5.5
access-list 10 permit 11.11.11.11
access-list 10 permit 4.4.4.4
access-list 10 permit 8.8.8.8

#IOS-XR
ipv4 prefix-list TUNNEL_ENDPOINTS
 permit 8.8.8.8/32
 permit 4.4.4.4/32
 permit 5.5.5.5/32
 permit 11.11.11.11/32

Next, you create a template tunnel interface. On IOS-XR you instead create an attribute-set which contains the attributes of the template tunnel interface. On IOS-XR we are limited to only doing a dynamic path-option. This cannot be specified. IOS-XR’s attribute-set seems limited to things like affinity group.

#IOS-XE
interface Auto-Template500
 ip unnumbered Loopback0
 tunnel mode mpls traffic-eng
 tunnel destination access-list <STANDARD ACL>
 tunnel mpls traffic-eng autoroute destination
 tunnel mpls traffic-eng path-option 1 dynamic

#IOS-XR
ipv4 unnumbered mpls traffic-eng Loopback0
!
mpls traffic-eng
 auto-tunnel mesh
  group 10
   attribute-set MESH_ATTRS
   destination-list TUNNEL_ENDPOINTS
 !
 attribute-set auto-mesh MESH_ATTRS
  autoroute announce

Finally, on IOS-XE we activate the feature globally and optionally define a tunnel ID range.

#IOS-XE
mpls traffic-eng auto-tunnel mesh
mpls traffic-eng auto-tunnel mesh tunnel-num min 1000 max 1999

On IOS-XR, we define the tunnel ID range under the mpls traffic-eng auto-tunnel mesh section. Also remember to globally define the MPLS-TE unnumbered loopback.

#IOS-XR
ipv4 unnumbered mpls traffic-eng Loopback0
!
mpls traffic-eng
 auto-tunnel mesh
  tunnel-id min 1000 max 1999

Verification

On CSR8, we can verify the auto-tunnel mesh config and the generated tunnel interfaces using the following command:

The dynamically created tunnel interfaces cannot be viewed in the running config, but they can be view using show derived-config.

You can see how this feature is actually fairly simplistic. The router just takes every valid entry in the standard ACL and builds a new tunnel interface with that entry as the destination.

Using our standard show command we can verify the status of the tunnels.

We can also verify that autoroute is working.

We can preform this same verification on XRv11. Note that I had previously used a 0.0.0.0/0 le 32 prefix-list entry on XRv11, which created 13 total tunnels. These have been removed, which is indicated by the output at the bottom (cumulative counters).

We can see that the default and only path-option on these auto-tunnels is dynamic.

show mpls traffic-eng tun br gives us an indication of which tunnels were auto-created by the auto-tunnel feature using the + symbol.

Finally, we should be using these tunnels for routes to the endpoints due to autoroute.

PreviousFRR Backup Auto-Tunnels with SRLGNextFull Mesh Dynamic Auto-Tunnels

Last updated