CCIE SPv5.1 Labs
  • Page
  • Intro
    • Setup
  • MVPN
    • Start
    • Topology
    • Profile 0
    • Profile 0 with data MDTs
    • Profile 1
    • Profile 1 w/ Redundant Roots
    • Profile 1 with data MDTs
    • Profile 6
    • Profile 7
    • Profile 3
    • Profile 3 with S-PMSI
    • Profile 11
    • Profile 11 with S-PMSI
    • Profile 11 w/ Receiver-only Sites
    • Profile 9 with S-PMSI
    • Profile 12
    • Profile 13
    • UMH (Upstream Multicast Hop) Challenge
    • Profile 13 w/ Configuration Knobs
    • Profile 13 w/ PE RP
    • Profile 12 w/ PE Anycast RP
    • Profile 14 (Partitioned MDT)
    • Profile 14 with Extranet option #1
    • Profile 14 with Extranet option #2
    • Profile 14 w/ IPv6
    • Profile 17
    • Profile 19
    • Profile 21
  • MVPN SR
    • Start
    • Topology
    • Profile 27
    • Profile 27 w/ Constraints
    • Profile 27 w/ FRR
    • Profile 28
    • Profile 28 w/ Constraints and FRR
    • Profile 28 w/ Data MDTs
    • Profile 29
  • Segment Routing
    • Start
    • Topology
    • Basic SR with ISIS
    • Basic SR with OSPF
    • SRGB Modifcation
    • SR with ExpNull
    • SR Anycast SID
    • SR Adjacency SID
    • SR LAN Adjacency SID (Walkthrough)
    • SR and RSVP-TE interaction
    • SR basic inter-area with ISIS
    • SR basic inter-area with OSPF
    • SR basic inter-IGP (redistribution)
    • SR basic inter-AS using BGP
    • SR BGP Data Center (eBGP)
    • SR BGP Data Center (iBGP)
    • LFA
    • LFA Tiebreakers (ISIS)
    • LFA Tiebreakers (OSPF)
    • Remote LFA
    • RLFA Tiebreakers?
    • TI-LFA
    • Remote LFA or TILFA?
    • TI-LFA Node Protection
    • TI-LFA SRLG Protection
    • TI-LFA Protection Priorities (ISIS)
    • TI-LFA Protection Priorities (OSPF)
    • Microloop Avoidance
    • SR/LDP Interworking
    • SR/LDP SRMS OSPF Inter-Area
    • SR/LDP Design Challenge #1
    • SR/LDP Design Challenge #2
    • Migrate LDP to SR (ISIS)
    • OAM with SR
    • SR-MPLS using IPv6
    • Basic SR-TE with AS
    • Basic SR-TE with AS and ODN
    • SR-TE with AS Primary/Secondary Paths
    • SR-TE Dynamic Policies
    • SR-TE Dynamic Policy with Margin
    • SR-TE Explicit Paths
    • SR-TE Disjoint Planes using Anycast SIDs
    • SR-TE Flex-Algo w/ Latency
    • SR-TE Flex-Algo w/ Affinity
    • SR-TE Disjoint Planes using Flex-Algo
    • SR-TE BSIDs
    • SR-TE RSVP-TE Stitching
    • SR-TE Autoroute Include
    • SR inter-IGP using PCE
    • SR-TE PCC Features
    • SR-TE PCE Instantiated Policy
    • SR-TE PCE Redundancy
    • SR-TE PCE Redundancy w/ Sync
    • SR-TE Basic BGP EPE
    • SR-TE BGP EPE for Unified MPLS
    • SR-TE Disjoint Paths
    • SR Converged SDN Transport Challenge
    • SR OAM DPM
    • SR OAM Tools
    • Performance-Measurement (Interface Delay)
  • EVPN
    • Start
    • Topology
    • EVPN VPWS
    • EVPN VPWS Multihomed
    • EVPN VPWS Multihomed Single-Active
    • Basic Single-homed EVPN E-LAN
    • EVPN E-LAN Service Label Allocation
    • EVPN E-LAN Ethernet Tag
    • EVPN E-LAN Multihomed
    • EVPN E-LAN on XRv
    • EVPN IRB
    • EVPN-VPWS Multihomed IOS-XR (All-Active)
    • EVPN-VPWS Multihomed IOS-XR (Port-Active)
    • EVPN-VPWS Multihomed IOS-XR (Single-Active)
    • EVPN-VPWS Multihomed IOS-XR (Non-Bundle)
    • PBB-EVPN (Informational)
  • VPWS
    • Start
    • Topology
    • Basic VPWS
    • VPWS with Tag Manipulation
    • Redundant VPWS
    • Redundant VPWS (IOS-XR)
    • VPWS with PW interfaces
    • Manual VPWS
    • VPWS with Sequencing
    • Pseudowire Logging
    • VPWS with FAT-PW
    • MS-PS (Pseudowire stitching)
    • VPWS with BGP AD
  • VPLS
    • Start
    • Topology
    • Basic VPLS with LDP
    • VPLS with LDP and BGP
    • VPLS with BGP only
    • Hub and Spoke VPLS
    • Tunnel L2 Protocols over VPLS
    • Basic H-VPLS
    • H-VPLS with BGP
    • H-VPLS with QinQ
    • H-VPLS with Redundancy
    • VPLS with Routing
    • VPLS MAC Protection
    • Basic E-TREE
    • VPLS with LDP/BGP-AD and XRv RR
    • VPLS with BGP and XRv RR
    • VPLS with Storm Control
  • BGP Multi-Homing (XE)
    • Start
    • Topology
    • Lab1 ECMP
    • Lab2 UCMP
    • Lab3 Backup Path
    • Lab4 Shadow Session
    • Lab5 Shadow RR
    • Lab6 RR with Add-Path
    • Lab7 MPLS + Add Path ECMP
    • Lab8 MPLS + Shadow RR
    • Lab9 MPLS + RDs + UCMP
  • BGP Multi-Homing (XR)
    • Start
    • Topology
    • Lab1 ECMP
    • Lab2 UCMP
    • Lab3 Backup Path
    • Lab4 “Shadow Session”
    • Lab5 “Shadow RR”
    • Lab6 RR with Add-Path
    • Lab7 MPLS + Add Path ECMP
    • Lab8 MPLS + “Shadow RR”
    • Lab9 MPLS + RDs + UCMP
    • Lab10 MPLS + Same RD + Add-Path + UCMP
    • Lab11 MPLS + Same RD + Add-Path + Repair Path
  • BGP
    • Start
    • Conditional Advertisement
    • Aggregation and Deaggregation
    • Local AS
    • BGP QoS Policy Propagation
    • Non-Optimal eBGP Routing
    • Multihomed Enterprise Challenge
    • Provider Communities
    • Destination-Based RTBH
    • Destination-Based RTBH (Community-Based)
    • Source-Based RTBH
    • Source-Based RTBH (Community-Based)
    • Multihomed Enterprise Challenge (XRv)
    • Provider Communities (XRv)
Powered by GitBook
On this page
  • Answer
  • Explanation
  • Exclude interfaces
  1. Segment Routing

LFA

PreviousSR BGP Data Center (iBGP)NextLFA Tiebreakers (ISIS)

Last updated 21 days ago

Load lfa.init.cfg

#R3-R6, R10 only
configure
load bootflash:lfa.init.cfg
commit replace
y

The topology has been reduced to the five routers above. All links have a metric of 10. SR is not configured in the network, only pure IP using ISIS.

Configure R3 so that it calculates an LFA for 10.10.10.1/32.

Answer

#R3
router isis 1
 int Gi0/0/0/4
  add ipv4 uni
   fast-reroute per-prefix

Explanation

In this topology, R3 can use R5 as a LFA (loop-free alternate) for the prefix 10.10.10.1/32. Under normal conditions, R3 will use R4 as the nexthop, as the total cost is 20, and the path through R5 is 30. R5 will use R6 as its nexthop, as that path is 20. Because R5 does not use the protected link under normal conditions, it is a loop-free alternate.

The inequality that an LFA must satisfy is the following:

Dist(N, D) < Dist(N, PLR) + Dist(PLR, D)

  • N = Neighbor

  • D = Destination prefix

  • PLR = Point of Local Repair

So the neighbor’s distance to 10.10.10.1/32 must be less than the PLR’s cost to this prefix plus the neighbor’s cost to the PLR. If the neighbor’s distance to the prefix was greater or equal, there is risk of the neighbor loopback packets back to the PLR during convergence.

R5’s distance to 10.10.10.1/32 is 20, R5’s cost to R3 (PLR) is 10, and R3’s cost to 10.10.10.1/32 is 20.

Dist(N, D) < Dist(N, PLR) + Dist(PLR, D)
    20     <      10      +       20
    20     <      30

We can see before making any changes that R3 only has a single route in the RIB for 10.10.10.1/32:

If we add LFA to the interface under ISIS, we now see a backup path via R5:

This can be seen in the show isis fast-reroute output as well:

The above flag NP means node protecting. We did not specify it, but this backup path happens to be node protecting. The other flags are:

  • P = Primary path

  • TM = Total metric via backup path

  • LC = Line card disjoint

  • D = Downstream

  • SRLG = Path is SRLG disjoint

This backup path is installed as a repair route in the FIB:

We can also see a summary of FRR to see how many prefixes are currently protected:

Currently only 1 out of 4 prefixes are protected. This is because we enabled LFA only on Gi0/0/0/4. If we enable LFA on Gi0/0/0/5 we achieve 50% protection: 

#R3
router isis 1
 int Gi0/0/0/5
  add ipv4
   fast-reroute per-prefix

By default, /32 routes appear to be medium priority. Low priority would be interface prefixes (/30s).

Exclude interfaces

We can also exclude interfaces from being used for LFAs. This is kind of a more extreme version of SRLG-disjoint, which you will see in the next lab. You might think you can just assign the local interface and LFA-candidate interface to the same SRLG and add srlg-disjoint to the tiebreakers. But this still allows the other interface to be used if no other paths exist. To completely force the interface not to be used, we can use the following configuration:

router isis 1
 interface GigabitEthernet0/0/0/4
  address-family ipv4 unicast
   fast-reroute per-prefix exclude interface GigabitEthernet0/0/0/5

Now we have no LFA for 10.10.10.1/32: