SR-TE PCC Features
Load isis.sr.vpnv4.and.te.enabled.cfg
configure
load bootflash:isis.sr.vpnv4.and.te.enabled.cfg
commit replace
y
Configure R10 as a PCE and R1 as a PCC. Use the password PASSWORD for the PCEP session.
Configure a locally-calculated policy on R1 with R7 as the endpoint using an IGP metric. Configure R1 to report this policy to R10.
Answer
#R1
segment-routing
traffic-eng
policy POL1
color 10 end-point ipv4 7.7.7.1
candidate-paths
preference 100
dynamic
metric
type igp
!
pcc
source-address ipv4 1.1.1.1
pce address ipv4 10.10.10.1
password clear PASSWORD
!
report-all
#R10
pce
address ipv4 10.10.10.1
password clear PASSWORD
Explanation
Similar to BGP and LDP, you can use TCP option 19 (MD5 Signature) for authentication with PCEP sessions. You simply specify a password for the pce server:
#R1
segment-routing
traffic-eng
pcc
source-address ipv4 1.1.1.1
pce address ipv4 10.10.10.1
password clear PASSWORD
#R10
pce
address ipv4 10.10.10.1
password clear PASSWORD
You can verify that the MD5 flag is on in the TCP details:

By default, the PCC does not report its locally-calculated policies to the PCE. You might want even locally-calculated policies to be reported to the PCE so that it can use that information itself, or provide all path information to applications through the PCE’s own northbound interface. At this moment, I’ve configured the policy on R1 but I am not reporting all policies to the PCE yet. Notice that R10 does not know of any LSPs yet:

We’ll now configure R1 to report all LSPs:
#R1
segment-routing
traffic-eng
pcc
report-all
Immediately, R1 reports its single LSP to the PCE.


Above, we can tell that this policy was only reported to the PCE because the computed path section is “None.”
Last updated