Common Configuration Mistakes

By now, you should understand how to configure MPLS TE. Although a basic MPLS TE configuration is simple, there are lots of things to type, and it's easy to get one or two things wrong. This section presents problems that can arise from common configuration mistakes.

Portions of the configuration are highlighted to call your attention to potential problem areas. MPLS TE configuration can be divided into two parts:

• Common configuration (needed on all participating LSRs)

• Headend configuration (needed at the tunnel headends only)

Common Configuration on All MPLS TE Routers

Common configuration has three parts:

• Global configuration

• Interface-level configuration

• Routing protocol configuration

Global Configuration

Two commands are required on LSRs that are participating in MPLS TE:

ip cef {distributed}

mpls traffic-eng tunnels

These commands, and the effects of not having them, are covered in the following two sections.

ip cef {distributed} Command

The ip cef command configures CEF forwarding on the LSR. Some platforms, such as the 7500 or 12000 series of routers, use distributed forwarding line cards, and as such, should be configured with ip cef distributed.

If the LSR is a 12000 series router, CEF is the only forwarding mechanism. CEF is also the default forwarding method in Cisco IOS Software Release 12.0 and later, so ip cef {distributed} might not show up in your configuration. By and large, you should be running CEF on every device in your network.

MPLS TE tunnels don't come up if you don't have CEF enabled on your router. Example 11-2 shows the MPLS Traffic Engineering state when CEF is turned on.

Example 11-2 MPLS TE Tunnels State When CEF Is Enabled

7200a#show mpls traffic-eng tunnels brief

Signalling Summary:

    LSP Tunnels Process:            running

    RSVP Process:                   running

    Forwarding:                     enabled

    Periodic reoptimization:        every 3600 seconds, next in 3134 seconds

    Periodic FRR Promotion:         every 300 seconds, next in 134 seconds

    Periodic auto-bw collection:    disabled

TUNNEL NAME                      DESTINATION      UP IF     DOWN IF   STATE/PROT

Primary tunnel 7200a->12008a...  12.12.12.12      -         PO3/0     up/up

Displayed 1 (of 1) heads, 0 (of 0) midpoints, 0 (of 0) tails

As you can see from the highlighted text in Example 11-2, the primary tunnel is up/up, and forwarding is enabled. Example 11-3 shows what you see when CEF is disabled.

Example 11-3 MPLS TE Tunnels State After CEF Is Disabled

7200a#configure terminal

Enter configuration commands, one per line.  End with CNTL/Z.

7200a(config)#no ip cef

7200a(config)#end

00:27:50: %SYS-5-CONFIG_I: Configured from console by console

00:28:01: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to

  down

7200a#show mpls traffic-eng tunnels brief

Signalling Summary:

    LSP Tunnels Process:            running

    RSVP Process:                   running

    Forwarding:                     disabled

    Periodic reoptimization:        every 3600 seconds, next in 2025 seconds

    Periodic FRR Promotion:         every 300 seconds, next in 225 seconds

    Periodic auto-bw collection:    disabled

TUNNEL NAME                      DESTINATION      UP IF     DOWN IF   STATE/PROT

Primary tunnel 7200a->12008a...  12.12.12.12      -         unknown   up/down

Displayed 1 (of 1) heads, 0 (of 0) midpoints, 0 (of 0) tails

As you can see from Example 11-3, tunnel1 goes down immediately after CEF is disabled. The forwarding state is disabled, and the primary tunnel is up/down. You can use show ip cef summary to check if CEF is enabled on your router. Example 11-4 shows the output of show ip cef summary when CEF is turned on.

Example 11-4 show ip cef summary When CEF Is Turned On

mpls-7200a#show ip cef summary

IP CEF with switching (Table Version 631), flags=0x0, bits=8

  51 routes, 0 reresolve, 0 unresolved (0 old, 0 new), peak 2

  51 leaves, 52 nodes, 61808 bytes, 235 inserts, 184 invalidations

  3 load sharing elements, 1032 bytes, 3 references

  universal per-destination load sharing algorithm, id B7E4AF56

  2(1) CEF resets, 268 revisions of existing leaves

  405 in-place/0 aborted modifications

  Resolution Timer: Exponential (currently 1s, peak 1s)

  refcounts:  13711 leaf, 13568 node



  Table epoch: 0 (51 entries at this epoch)



Adjacency Table has 9 adjacencies

Example 11-5 shows the output of show ip cef summary when CEF is turned off.

Example 11-5 show ip cef summary When CEF Is Turned Off

mpls-7200a#show ip cef summary

IP CEF without switching (Table Version 563), flags=0x0, bits=8

  0 routes, 0 reresolve, 0 unresolved (0 old, 0 new), peak 1

  0 leaves, 0 nodes, 0 bytes, 175 inserts, 175 invalidations

  0 load sharing elements, 0 bytes, 0 references

  universal per-destination load sharing algorithm, id B7E4AF56

  2(1) CEF resets, 258 revisions of existing leaves

  397 in-place/0 aborted modifications

  Resolution Timer: Exponential (currently 1s, peak 1s)

  refcounts:  0 leaf, 0 node



  Table epoch: 0



%CEF not running

As you can see, when CEF is not running, this is indicated in a few places.

mpls traffic-eng tunnels Command

Configuring mpls traffic-eng tunnels at the global level starts various internal subsystems that comprise MPLS TE. They are collectively referred to as the LSP Tunnels Process. Example 11-6 shows what the LSP Tunnels Process state looks like when you have the mpls traffic-eng tunnels command on the router at the global level.

Example 11-6 LSP Tunnels Process State When mpls traffic-eng tunnels Is Configured at the Global Level

7200a#show mpls traffic-eng tunnels brief | include Process

Signalling Summary:

    LSP Tunnels Process:            running

    RSVP Process:                   running

As you can see from the highlighted text in Example 11-6, the LSP Tunnels Process shows running. Example 11-7 shows what you see if mpls traffic-eng tunnels is not configured at the global level.

Example 11-7 LSP Tunnels Process State When mpls traffic-eng tunnels Is Not Configured at the Global Level

7200a#configure terminal

Enter configuration commands, one per line.  End with CNTL/Z.

7200a(config)#no mpls traffic-eng tunnels

7200a(config)#end

00:49:32: %SYS-5-CONFIG_I: Configured from console by console

00:49:51: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to

  down

7200a#show mpls traffic-eng tunnels brief | include Process

    LSP Tunnels Process:            not running, disabled

    RSVP Process:                   running

As you might expect, tunnel1 goes down, and the LSP tunnels process shows not running, disabled.

Interface-Level Configuration

The following two interface-level commands are required for MPLS TE:

mpls traffic-eng tunnels

ip rsvp bandwidth {bandwidth}[{bandwidth}] [sub-pool bandwidth]

For all nonzero-bandwidth tunnels, you need to configure the ip rsvp bandwidth statement on each MPLS TE interface. In addition, the configured bandwidth needs to be large enough to satisfy the bandwidth requested by the primary tunnel if you want the primary tunnel to choose this interface.

The mpls traffic-eng tunnels command has to be configured on both sides of a link at the interface level. Failure to do so results in the link not being flooded in the IGP, which causes Path Computation's (PCALC's) bidirectionality check to fail, and the link in question will never be used for any TE tunnels in either direction.

Omitting either of these two configurations at the interface level will make the link unavailable to headends when they do their CSPF computation. This could have two undesirable results:

• Tunnels that are configured with only an explicit path option that uses this link do not come up.

• Tunnels that have a second path option configured (either explicit or dynamic) are rerouted using the second path option, which might not be as desirable in some cases.

The way 7200a has been configured (see Example 11-1), it falls into the second category, because it has a second path option—path option 6 configured under the tunnel1 interface.

If you remove the mpls traffic-eng tunnels command on interface POS1/1 of 12008c, as shown in Figure 11-2, 7200a reroutes the primary tunnel.

This is demonstrated in the following four steps. First, debug mpls traffic-eng tunnels events detail is enabled on the headend, as shown in Example 11-8. You can see what happens in Example 11-10.

Example 11-8 Turning on debug mpls traffic-eng tunnels events detail on 7200a

7200a#debug mpls traffic-eng tunnels events detail

MPLS traffic-eng tunnels system events debugging is on (detailed)

Next, mpls traffic-eng tunnels is removed from interface POS1/1 on 12008c, as shown in Example 11-9.

Example 11-9 Removing mpls traffic-eng tunnels on Interface POS1/1 on 12008c

12008c#configure terminal

12008c(config)#interface pos 1/1

12008c(config-if)#no mpls traffic-eng tunnels

7200a realizes that the link is no longer in the TE database, and then 7200a falls back to the next configured path option, rerouting the LSP, as shown in Example 11-10.

Example 11-10 Output of debug mpls traffic-eng tunnel events detail Shows the Tunnel Being Rerouted

*Apr  3 21:52:46.382: LSP-TUNNEL: received event: TPDB--link down

  [10.0.5.11 -> 10.0.5.5]

*Apr  3 21:52:46.382: LSP-TUNNEL: posting action(s) to all-tunnels:

*Apr  3 21:52:46.382:               verify all LSPs

*Apr  3 21:52:46.382: LSP-TUNNEL: scheduling pending actions on all-tunnels

*Apr  3 21:52:46.386: LSP-TUNNEL: receiving LSA change events for node 11.11.11.

11 (0.0.0.0, ospf 100  area 0)

*Apr  3 21:52:46.386: LSP-TUNNEL: received event: TPDB--link bw chg

  [10.0.17.11 -> 10.0.17.12]

*Apr  3 21:52:46.386: LSP-TUNNEL: posting action(s) to all-tunnels:

*Apr  3 21:52:46.386:               LSP path lookup

*Apr  3 21:52:46.386: LSP-TUNNEL: processing actions list...

*Apr  3 21:52:46.386: LSP-TUNNEL: applying actions to all-tunnels, as follows:

*Apr  3 21:52:46.386:               verify all LSPs, LSP path lookup

*Apr  3 21:52:46.386: LSP-TUNNEL: done COMPLETE processing of actions list

As you can see from the highlighted output of Example 11-11, the primary tunnel now uses path option 6 (dynamic), and the ERO has changed from what you saw in Example 11-1.

Example 11-11 Primary Tunnel Is Now Dynamic Path Option 6 After the Reroute

7200a#show mpls traffic tunnels tunnel1



Name: Primary tunnel 7200a->12008a->12... (Tunnel1) Destination: 12.12.12.12

  Status:

    Admin: up         Oper: up     Path: valid       Signalling: connected



    path option 6, type dynamic (Basis for Setup, path weight 4)

    path option 5, type explicit primary



  Config Parameters:

    Bandwidth: 100      kbps (Global)  Priority: 7  7   Affinity: 0x0/0xFFFF

    Metric Type: TE (default)

    AutoRoute:  enabled   LockDown: disabled  Loadshare: 100      bw-based

    auto-bw: disabled



  InLabel  :  -

  OutLabel : POS3/0, 12325

  RSVP Signalling Info:

       Src 4.4.4.4, Dst 12.12.12.12, Tun_Id 1, Tun_Instance 53

    RSVP Path Info:

      My Address: 4.4.4.4

      Explicit Route: 10.0.3.5 10.0.13.16 10.0.7.11 10.0.17.12

                      12.12.12.12

      Record   Route:   NONE

Routing Protocol Configuration

For all LSRs participating in MPLS TE, you also need to configure your IGP:

• OSPF:

  
  mpls traffic-eng area area 0-4294967295
  
  mpls traffic-eng router-id interface
  
  

• IS-IS:

  
  mpls traffic-eng {level1 | level2}
  
  mpls traffic-eng router-id interface
  
  metric-style wide [transition][{level-1 | level-1-2 | level-2}]
  
  

Table 11-1 shows the potential problems that arise from misconfiguring these commands.

Table 11-1. Effects of Misconfiguring the Routing Protocol for MPLS TE

Command Parameter	Effect of Misconfiguration
mpls traffic-eng area in OSPF	Configuring the wrong area or omitting this command leads to headends not receiving the required OSPF-TE flooding. Headends will not use the MPLS TE links configured on this router.
mpls traffic-eng {level1 | level2}	Configuring the wrong level or omitting this command leads to headends not receiving the required IS-IS-TE flooding. Headends will not use the MPLS TE links configured on this router.
mpls traffic-eng router-id in either OSPF or IS-IS	Omitting this command leads to headends not sending/receiving the required IGP flooding. Headends will not use the MPLS TE links configured on this router.
metric-style wide or metric-style transition in IS-IS	Omitting this command leads to headends not receiving the required IS-IS-TE flooding. Headends will not use the MPLS TE links configured on this router. You need either metric-style wide or metric-style transition. metric-style wide is recommended. See Chapter 3 for a discussion of metric styles and Chapter 10 for a discussion of how to migrate from narrow to wide metrics.

Headend Configuration

As you know by now, a TE tunnel is configured at the headend LSR only.

Example 11-12 shows the configuration for Tunnel1 in the sample network. The most important TE commands are highlighted.

Example 11-12 Headend Tunnel Configuration on 7200a

7200a#show running-config interface tunnel 1

Building configuration...



Current configuration : 425 bytes

!

interface Tunnel1

 description Primary tunnel 7200a->12008a->12008c->7200c

 ip unnumbered Loopback0

 no ip directed-broadcast

 tunnel destination 12.12.12.12

 tunnel mode mpls traffic-eng

 tunnel mpls traffic-eng autoroute announce

 tunnel mpls traffic-eng priority 7 7

 tunnel mpls traffic-eng bandwidth  100

 tunnel mpls traffic-eng path-option 5 explicit name primary

 tunnel mpls traffic-eng path-option 6 dynamic

end



7200a#show ip explicit-paths name primary

PATH primary (strict source route, path complete, generation 6)

    1: next-address 10.0.3.5

    2: next-address 10.0.5.11

    3: next-address 10.0.17.12

    4: next-address 12.12.12.12

Table 11-2 lists the effects of misconfiguring the highlighted commands in Example 11-12.

Table 11-2. Effects of Misconfiguring Tunnel Parameters at the Headend

Command Parameter	Effect of Misconfiguration
ip unnumbered Loopback0	If this command is omitted, the tunnel does not have an IP address, and the tunnel interface is not used in the routing table. As a result, no traffic is sent through this tunnel.
tunnel destination	In addition to the tunnel destination's being configured to the correct tail LSR, the tunnel destination has to be the TE-ID of that tail. In the sample network, 12.12.12.12 is the 7200c's (tail) TE-ID. If you use an interface address on 7200c, such as 10.0.17.12, the primary tunnel does not come up.
autoroute announce	If you don't use autoroute announce or point static routes over the TE tunnel, no traffic goes over the tunnel. Although autoroute announce is not mandatory, and other ways exist to steer traffic down a tunnel, it is extremely common.
bandwidth	If the bandwidth you advertise on interfaces doesn't satisfy the bandwidth you configure on a TE tunnel interface, the tunnel does not come up.
explicit name primary	If you want the tunnel to try the explicit path and use the dynamic path (less control) only if the explicit path is unavailable, you need to make sure you actually define the explicit path.
next-address	Make sure all the next-address statements are correct. If you use RIDs in the next-address statement instead of the interface address and you have multiple links between two nodes, the headend might not choose the link you want it to go over—it might choose one of the other links. You might want to use interface addresses to control which links this tunnel goes over.