MPLS Traffic Engineering without a Link State routing protocol

You've probably heard the joke about the honest salesmen: it's not that they're lying, what they know isn't true. I had a similar problem recently: in the 10 MPLS traffic engineering myths and half truths I wrote “Half-truth: MPLS TE only works with OSPF and IS-IS routing protocols.” Ivan Kuchin understood that as “You can run MPLS TE without OSPF or IS-IS.” Although I haven't written that anywhere, I also thought that was the case … so let me try to weasel out of this mess.

I remember being involved in a situation years ago (around the 12.0T release) where someone wanted to use MPLS TE without IS-IS (which was the only supported protocol in those days) and somehow the solution was to set up tunnels using explicit paths, where you have to specify hop-by-hop IP addresses. When you think about it, it makes perfect sense: if you list every IP address in the path, there is no need for constraint-based path calculation (PCALC). However, as it turns out, the later additions to MPLS TE (loose source routing, address exclusion, inter-area MPLS TE, inter-AS MPLS TE) changed the IOS code sufficiently that even the hop-by-hop tunnels cannot be set up without operational OSPF or IS-IS:

  • In order to have MPLS TE running on a router, you need an MPLS TE router-id, and you can only specify that in OSPF or IS-IS routing protocol.
  • Even though the hop-by-hop explicit path is static, the router wants to run PCALC for every hop in the path. If the next-hop IP address is not in the OSPF topology database, the router will not even try to set up the tunnel.

If you want to run MPLS TE in your network, you thus need to run OSPF or IS-IS, even though you might not want to use them for IP packet forwarding. For example, you could enable one of them only on the links actually used for MPLS TE and set the distance to 255 to prevent their routes from getting into the IP routing table (and I've tested it in the lab before writing this post).

6 comments:

  1. Hi, Ivan.

    Well, you actually can run MPLS TE without any link state IGP. The key is 'verbatim' option which is available in certain IOS versions.

    I have blogged about it before (coincidently it was exactly one year ago): http://dbg.livejournal.com/50208.html

    The blog antry is in Russian, and the google translation is less than adequate. Though the entry includes a drawing and lots of configs and verification, so even if you don't read Russian well, it demonstrates enough. Or if you like, I can write a more sane translation to English than google produces.

    ReplyDelete
  2. Thanks for the information. I was quickly able to find the link to verbatim path support in your entry. Currently this feature is only supported in Service Provider images (7200, 7600, Cat6K ...). Let's hope it will eventually leak into a more mainstream image ;)

    ReplyDelete
  3. Hi Ivan

    and i think that also implies that Tunnel source and destination must be IGP/TE Router-ID
    i tried many OSPF/ISIS MPLS TE labs and it never comes up unless spesificing MPLS TE RID to be the same as IGP RID and use RID as tunnel source and destination

    i think that is what cisco called Topology database verification

    ReplyDelete
  4. @Janitor: You're absolutely correct. Not sure about the tunnel source, but the destination has to be the MPLS TE RID of the tunnel tail-end router.

    ReplyDelete
  5. yes you are right about Tunnel source it can be set to any address or unnumbered to interface but just of sake of sainty , normaly its configured to be Loopback interface used as IGP RID
    so is there any feature always a router to have mutiple MPLS TE RID ?

    i don't think so and in this case , parallel tunnels between same PE routers will use same tunnel destination but with different tunnel attributes according to the case

    ReplyDelete
  6. There is a good post on the same topic which i just read.

    http://blog.codergenie.com/blog/post/2012/12/03/MPLS-TE-tunnels-without-IGP.aspx

    Hope you enjoy it.. :)

    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.