Basic SR with OSPF
Load blank.cfg
Configure OSPF in the core
Use a metric of 50 for dashed links and a metric of 10 for solid links
Using SR, configure a prefix SID for each router’s Lo1 using the router number as the index
Configure OSPF using a group
All links should belong to area 0
Only advertise the loopback prefix in OSPF
All Gig interfaces should be point-to-point
Answer
Explanation
SR is enabled for OSPF similarly to ISIS, using the segment-routing mpls command under the process and setting the prefix-sid under the loopback. Just like with ISIS, we can use the prefix-sid absolute label value which would be translated into an index.
Using the command show ospf sid-database we can get similar output to ISIS’s show isis segment-routing label table. The L means local.
OSPF uses the opaque LSA to advertise SR information. The opaque LSAs are of type 9 (link local), type 10 (area wide), and type 11 (domain wide). These are used to convey information within OSPF that is not directly used by OSPF for SPF. This information is “opaque” to OSPF.
SR primarily uses type 10 opaque LSAs. We can see the opaque-area LSAs that R1 has generated:
The LSA ID is broken down into X.Y.Y.Y, where X is the type, and Y is the ID. There are four opaque-area LSA types that are used:
Type 1 - TE information
Link State ID = 0 for router information (TE RID)
Link State ID = ifIndex for link TE information
Type 4 - Router information
Link State ID = 0 for SR router capabilities
Type 7 - Extended Prefix
Link State ID = random number? or loopback number?
Contains the prefix SID for a prefix
Type 8 - Extended Link
Link State ID = ifIndex
Constains the Adj SID(s) for an adjacency
Type 1 (TE Information)
In OSPF, the TE information opaque-area LSAs (type 1) are automatically generated when you enable SR. Note that this appears to be different from ISIS, in which you must manually specify a TE RID and enable the MPLS-TE process to get the ISIS node to advertise a TE RID. This then lets you populate the SR-TED. However, in OSPF, simply as things are configured now, we can distribute link-state on a router and have a fully populated TED.
Let’s examine R1’s TE information LSAs. Below we look at the router information and a single link, just for brevity. This is the same opaque LSA used with regular MPLS-TE (RSVP-TE).
The goal of SR was to de-couple itself from classic MPLS-TE. For this reason, the SR information, prefix SIDs, and adj SIDs are advertised in completely separate Opaque-area LSAs.
Type 4 (Router Information)
The type 4 router information Opaque-area LSA advertises SR capabilities, such as the algos supported, SRGB range, SRLB range, max sid depth, and the hostname (giving OSPF the same hostname-learning capability of ISIS).
Note that, like ISIS, the router does not allocate the SRLB default range by default. If you turn on segment-routing globally, you will see the default SRLB is advertised.
Type 7 (Extended Prefix)
The type 7 Opaque-area LSA simply advertises a prefix and its associated prefix SID. This is not used for transit prefixes which do not have a prefix SID. Only prefixes with a prefix SID have a type 7 LSA.
Below we can see the AF is 0, which is IPv4. OSPFv2 of course only supports IPv4. The SID index, algo (0), and flags are included for 1.1.1.1/32 as a sub-TLV.
The flags are difficult to understand in OSPF. The parser doesn’t translate the hex value for us.
For a prefix SID, the flags are as follows:
A means attached. It is set to indicate that the prefix is IA (inter-area) but attached directly to the ABR advertising the prefix SID
N means node SID
We can see above the 0x40 means only the N flag is set. 0x8 would mean only the A flag is set. 0xc0 means both flags are set.
The SID sub-TLV also has its own flags, which are as follows:
NP means No-PHP. This is set to disable PHP.
M means mapping-server. The prefix SID was advertised by a mapping server.
E means explicit-null. When E=1 and NP=1, you get expnull without PHP behavior.
V means the absolute value is used. This is never set for prefix SIDs.
L means the SID is locally significant. This is never set for prefix SIDs.
Above, we see that all flags are disabled for this prefix SID.
Type 8 (Extended Link)
The type 8 Opaque-area LSA includes the Adj SID(s) for a link. We can see one of the ext-link opaque-area LSAs R1 is advertising below:
The flags for the Adj sub-TLV work as follows:
B means Backup. It is set for protected Adj SIDs
V means absolute value. This is always set for Adj SIDs.
L means locally significant. This is always set for Adj SIDs.
S means set. It is set of the SID represents a set of adjancencies. This feature is not supported in XR.
The flags will always be either 0xe0 (protected Adj SID) or 0x60 (unprotected Adj SID).
We can see an example of a protected Adj SID by enabling TI-LFA on R1.
Using show ospf nei gi0/0/0/3 detail we can confirm the Adj SID values:
This is advertised in the opaque-area ext-link LSA:
Other notes
Just like ISIS, when SR is enabled for OSPF, it automatically enables MPLS on each interface:
Like ISIS, the routes in the RIB will show via “labeled SR”:
Differences between OSPF and ISIS
You’ll find that SR for OSPF and ISIS is nearly identical. There are only a few very minor differences to be aware of.
In OSPF, sr-prefer is a separate command, while in ISIS, it is a keyword to the command which enables SR.
In OSPF, TI-LFA can be enabled globally under the process. The normal rules of inheritance apply. You can enable TI-LFA at any level (process, area, interface). In ISIS, you can only enable TI-LFA under the interface.
This difference also leads to a difference with how the TI-LFA tiebreakers work for OSPF and ISIS. For OSPF, the higher index is preferred. The TI-LFA breakers are directly comparable for LFA tiebreakers. This means the same inheritance rules apply as normal. You can configure tiebreakers under the process, area, or interface.
For ISIS, the lower index is preferred. Also, the TI-LFA tiebreakers are completely separate from the LFA tiebreakers. The tiebreakers configured under the ISIS address-family are not inherited by the interface, as these tiebreakers are only for LFA, not TI-LFA. The following configuration tries both node and SRLG protection first, then prefers node protection if a path protecting both cannot be found. In ISIS, only node and SRLG protection can be used with TI-LFA.
In OSPF, this concept of trying both protections first is the same. However, OSPF can also use lc-disjoint and lowest-backup-metric in the TI-LFA tiebreakers rules as well.
More information on this is present in the TI-LFA labs.
Finally, one last difference is that ISIS is able to support IPv6 for both the SR-MPLS dataplane and SRv6 dataplane. OSPFv3 would be the only option for IPv6 support, but SR is not supported for OSPFv3 as of now.
Last updated
