TI-LFA Node Protection
Load basic.isis.sr.enabled.cfg
Configure TI-LFA on R3 for the Gi0/0/0/5 link. TI-LFA by default uses only link protection and finds the post-convergence shortest path. R3’s LFA takes the path R3-R9-R5 to prefixes beyond R5 (such as 7.7.7.1/32).
Configure TI-LFA so that it prefers node-protecting LFAs instead, even if these have a higher IGP metric.
Answer
Explanation
Before configuring node-protection, we see that R3 prefers the LFA via the shortest IGP path that simply protects the Gi0/0/0/5 link. Notice that the NP (node protecting) flag is “No.”
To instruct the router to prefer node-protecting LFAs, we must use tiebreakers. The tiebreakers for TI-LFA work slightly differently from LFA. With TI-LFA, we always have link protection on by default. We can additionally activate node protection and SRLG protection. To give preference to one or the other, we use the index value, where a lower index is preferred. If we want to only use node protection, or only use SRLG protection, the index number doesn’t actually matter. (Whatever the index number is, it will be better than the other type of protection, as the other type of protection is not configured).
We can confirm whether node or SRLG protection is enabled for TI-LFA on a per-interface basis using the below show command:
To instruct the router to add node protection, we simply add it as a tiebreaker and give it any index value.
Now we see that node protection is enabled:
When node protection is enabled, the router first tries to find a node protecting path by running CSPF with the node excluded from the topology. If no path is found, it will default to using a link-protecting path.
We see that R3 calculates a node protecting path for 7.7.7.1/32 via the LSP: R3-R6-R7. An Adj-SID must be used to force R6 to route traffic out the high-metric link to R7. Since R6 is directly connected, a prefix SID representing R6 is not needed, so the Label for R6 is ImpNull.
Last updated