Segment Routing

Egress Peer Engineering

Clarence Filsfils
Kris Michielsen
Egress Peer Engineering (EPE)
• Egress Peer Engineering introduction
• Configure Egress Peer Engineering on egress nodes
• Advertise BGP Peering Segment IDs in BGP-LS
• Implement Egress Peer Engineering Policy on ingress node
Egress Peer Engineering
Introduction
(Centralized) Egress Peer Engineering
• Egress Peer Engineering problem statement:
“A centralized controller should be able to instruct an ingress
PE or a content source within the domain to use a specific
egress PE and a specific external interface/neighbor to
reach a particular destination.”
draft-filsfils-spring-segment-routing-central-epe
(Centralized) Egress Peer Engineering
• Egress Peer Engineering (EPE) functionality can be enabled
without requiring a change in the existing BGP network
design
– Next-hop-self is OK
– No requirement to distribute peering links in IGP
• EPE functionality is only required at EPE egress border
router and EPE controller
(Centralized) Egress Peer Engineering
• A Centralized Controller collects topology information,
including the EPE information, and uses that information to
compute and implement per-flow traffic steering
• Per-flow Policy state is only created on the ingress node
– ingress node imposes a list of segments to steer a traffic flow along a
selected path within the AS, towards a selected egress border router
of the AS and towards a specific external peer
Reference Topology
 Link addresses: NodeX:
Link X-Y: 99.X.Y.X/24 with X<Y Loopback: 1.1.1.X/32

Reference Topology 2nd link X-Y: 77.X.Y.X/24 with X<Y AS1 Nodes:
BGP destination in AS6: Same SRGB on all:
6.1.1.6/32 [16,000-23,999] (default)
Prefix-SID: 16000 + X

AS1 AS4 AS6

2 4 6.1.1.6/32

1 10 11 6

3 5
AS5
BGP best-path
Reference Topology
• AS1 has an ingress Node1 and two egress Node2 and Node3
• AS6 advertises a BGP prefix 6.1.1.6/32 to AS4 and AS5
• AS1 peers with AS4 (Node4) and AS5 (Node5)
• Node1’s BGP best path to BGP destination 6.1.1.6/32 in AS6 is via
egress Node2 and Node4, AS4
BGP Best Path
RP/0/0/CPU0:xrvr-1#show bgp 6.1.1.6/32
BGP routing table entry for 6.1.1.6/32
Versions:
AS1 Process
Speaker
bRIB/RIB SendTblVer
4 4
AS4 AS6
Last Modified: Oct 6 20:02:05.302 for 21:05:04
Paths: (2 available, best #1)
Not advertised to any peer
2 4
Path #1: Received by speaker 0
Not advertised to any peer Best path via Node2
1 10 4 6
11
1.1.1.2 (metric 30) from 1.1.1.2 (1.1.1.2)
6
Origin IGP, localpref 100, valid, internal, best, group-best
Received Path ID 0, Local Path ID 1, version 4
Path #2: Received by speaker 0
Not advertised to any peer 3 5
4 6
AS5
1.1.1.3 (metric 30) from 1.1.1.3 (1.1.1.3)
Origin IGP, localpref 100, valid, internal
Received Path ID 0, Local Path ID 0, version 0
Segment Routing

AS1 AS4 AS6

2 4
Segment
1 10 11 6
Routing
3 5
16003 AS5
Payload router isis 1
interface Loopback0
address-family ipv4 unicast
prefix-sid absolute 16003
Segment Routing
• Segment Routing is enabled in AS1
– The examples assume SR is enabled under IS-IS or OSPF
– Prefix-SIDs can also be distributed by BGP (SR BGP), e.g. within a
Data Center Fabric
>See “BGP prefix-SID” section

• Egress Node3 advertises prefix-SID 16003 with its loopback

address
– All SR nodes in AS1 can reach Node3 using prefix-SID 16003
Segment Routing – Egress Peer Engineering
RP/0/0/CPU0:xrvr-1#traceroute 1.1.1.3

Type escape sequence to abort.

Traceroute from 1 to 3
Tracing the route to 1.1.1.3

1 AS1
99.1.10.10 [MPLS: Label 16003 Exp 0] 9 msec 9 msec 9 msec AS4 AS6
2 99.10.11.11 [MPLS: Label 16003 Exp 0] 19 msec 9 msec 19 msec
3 99.3.11.3 9 msec 9 msec 9 msec
2 4
Segment
1 10 11 6
Routing
3 5
16003 AS5
Payload router isis 1
interface Loopback0
address-family ipv4 unicast
prefix-sid absolute 16003
BGP Peering Segment
BGP Peering Segment
• “Pop and Forward to the BGP peer”
• Local Segment
AS1 30024
AS4
– Dynamically allocated
2 4
• Value 300XY (for illustration)
– X is “from” 1 10 11
– Y is “to”
3 5
• Signaled by BGP-LS (topology AS5
information) to the controller
BGP Peering SID types
• PeerNode SID: to eBGP Peer
– MPLS Dataplane: Pop and Forward on any interface to the peer

• PeerAdj SID: to eBGP Peer via interface

– MPLS Dataplane: Pop and Forward on the related interface

• PeerSet SID: to set of eBGP peers

– MPLS Dataplane: Pop and Forward on any interface to the set of peers
– All the peers in a set might not be in the same AS
– Not available yet
BGP Peering SID types
• Example on Node2:
– PeerNode SIDs: AS1 AS4
>30,024: Pop and forward to Peer4 30,024

>30,025: Pop and Forward to Peer5, on any of the 2 links

2 4
30,125

– PeerAdj SIDs:
1 10 11 30,225 30,025

>30,125: Pop and Forward to Peer5 on top link

>30,225: Pop and Forward to Peer5 on bottom link 3 5
AS5
Single-hop eBGP
Multi-hop eBGP
Egress Peer Engineering
Configuration
EPE configuration example
router bgp 1
bgp router-id 1.1.1.2
address-family ipv4 unicast
!
AS1
neighbor 1.1.1.5 Node5 eBGP AS4 AS6
remote-as 5
ebgp-multihop 255
loopback
egress-engineering 2 4
description eBGP peer xrvr-5
update-source Loopback0
1 10
address-family ipv4 unicast 11 6
route-policy bgp_in in eBGP
route-policy bgp_out out
!
neighbor 99.2.4.4 Link to 3 5
remote-as 4
egress-engineering
Node4 AS5
description eBGP peer xrvr-4
address-family ipv4 unicast
route-policy bgp_in in
route-policy bgp_out out
Single-hop eBGP
!
! Multi-hop eBGP
!
Egress Peer Engineering configured on egress
• Egress Node2 has EPE configured for all its eBGP peers
• Node2 automatically allocates BGP Peering SIDs for each of its eBGP peers
– PeerNode SID(4): label 30,024
>PeerAdj SID(4_link1): label 30,125
>PeerAdj SID(4_link2): label 30,225
– PeerNode SID(5): label 30,025

• Node2 installs the Peering SIDs in the FIB

– PeerNode SID: Pop and Forward to peer
– PeerAdj SID: Pop and Forward to peer over link

• Node2 advertises the Peering SIDs to the Controller using BGP-LS

EPE PeerNode SID
RP/0/0/CPU0:xrvr-2#show bgp egress-engineering

Egress Engineering Peer Set: 99.2.4.4/32 (10b291a4)

PeerNode SID(4): 30,024
Nexthop: 99.2.4.4
Version: 5, rn_version: 5
AS1
Flags: 0x00000006 eBGP AS4 AS6
Local ASN: 1
Remote ASN: 4 Link to 30,024
Local RID: 1.1.1.2
Remote RID: 1.1.1.4
Node4 2 4
30,125
First Hop: 99.2.4.4
NHID: 1 30,225
1 10
Label: 30024, Refcount: 3
rpc_set: 105cfd34
11 eBGP
30,025
6
<continue...>
3 5
AS5

Single-hop eBGP
Multi-hop eBGP
EPE PeerNode SID
<...continue>
Egress Engineering Peer Set: 1.1.1.5/32 (10b48fec)
Nexthop: 1.1.1.5
Version: 2, rn_version: 2
Flags: 0x00000006
AS1
Local ASN: 1 eBGP AS4 AS6
Remote ASN: 5 Node5 30,024
Local RID: 1.1.1.2
Remote RID: 1.1.1.5 loopback 2 4
First Hop: 99.2.5.5, 77.2.5.5 30,125
NHID: 0, 0
Label: 30025, Refcount: 3 30,225
1
rpc_set: 10c34c24 10 11 eBGP
30,025
6
<continue...>

3 5
PeerNodeAS5
SID(5): 30,025

Single-hop eBGP
Multi-hop eBGP
EPE PeerAdj SIDs
<...continue>
Egress Engineering Peer Set: 99.2.5.5/32 (10d92234)
Nexthop: 99.2.5.5
Version: 3, rn_version: 5
AS1
Flags: 0x0000000a
Local ASN: 1
eBGP AS4 AS6
Remote ASN: 5 Link1 to 30,024
Local RID: 1.1.1.2
Remote RID: 1.1.1.5 Node5 2 4
First Hop: 99.2.5.5 30,125
NHID: 2 PeerAdj SID(5_1): 30,125
30,225
1 10
Label: 30125, Refcount: 3
rpc_set: 10e37684
11 eBGP
30,025
6
Egress Engineering Peer Set: 77.2.5.5/32 (10c931f0)
Nexthop: 77.2.5.5
Version: 4, rn_version: 5 3 5
Flags: 0x0000000a
Local ASN: 1
Remote ASN: 5 Link2 to AS5 30,225
PeerAdj SID(5_2):
Local RID: 1.1.1.2
Remote RID: 1.1.1.5
Node5
First Hop: 77.2.5.5
NHID: 4
Label: 30225, Refcount: 3
Single-hop eBGP
rpc_set: 10e58fa4 Multi-hop eBGP
BGP Peering SIDs in forwarding table

AS1 eBGP AS4 AS6

30,024
2 4
30,125

30,225
1 10 11 eBGP
30,025
6

3 5
RP/0/0/CPU0:xrvr-2#show mpls forwarding
Local Outgoing Prefix Outgoing Next Hop
AS5
Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
30025 Pop No ID Gi0/0/0/1 99.2.5.5 0
PeerNode SID(5)
Pop No ID Gi0/0/0/2 77.2.5.5 0
30125 Pop No ID Gi0/0/0/1 99.2.5.5 0
PeerAdj SID(5_1&2)
30225 Pop No ID Gi0/0/0/2 77.2.5.5 0
30024 Pop No ID Gi0/0/0/0 99.2.4.4 0
PeerNode SID(4)
BGP Peering SIDs in forwarding table
RP/0/0/CPU0:xrvr-3#show mpls label table detail
Table Label Owner State Rewrite
----- ------- ------------------------------- ------ -------
<. . .> Label context
0 30025 BGP-VPNv4(A):bgp-default InUse Yes
AS1
(L3VPN NH SET, vers:0, 'default':4U, nh_set_id = 0x1 ) eBGP AS4 AS6
0 30125 BGP-VPNv4(A):bgp-default InUse Yes
(L3VPN NH SET, vers:0, 'default':4U, nh_set_id = 0x2 ) 30,024
0 30225 BGP-VPNv4(A):bgp-default InUse Yes
(L3VPN NH SET, vers:0, 'default':4U, nh_set_id = 0x3 ) 2 4
0 30024 BGP-VPNv4(A):bgp-default InUse Yes 30,125
(L3VPN NH SET, vers:0, 'default':4U, nh_set_id = 0x4 )
<. . .> 30,225
1 10
RP/0/0/CPU0:xrvr-2#show bgp nexthop-set 1
11 eBGP
30,025
6
Resilient per-CE nexthop set, ID 1
Number of nexthops 2, Label 30025, Flags 0x1
Nexthops:
99.2.5.5
3 5
77.2.5.5
Reference count 2, AS5
RP/0/0/CPU0:xrvr-2#show bgp nexthop-set 2
Resilient per-CE nexthop set, ID 2
Number of nexthops 1, Label 30125, Flags 0x1
Nexthops:
99.2.5.5
Reference count 2,
BGP Peering SID persistency
• Allocated labels are persistent by using a “label context”
– When an MPLS Application (e.g. EPE) allocates a label, it specifies the context
of the label
>EPE label context example on previous slide
– If the eBGP neighbor goes down, the Peering SID label is freed
– Label Switch Database (LSD) holds on to the freed label (with its context) for
some time (~30min)
– If the eBGP neighbor comes up, a label is requested with the label context
(same context if same neighbor recovered)
– If LSD still has the label with that context, it will return that label
• Label persistency will not survive a full reboot
BGP Peering SIDs
in BGP-LS
Advertising BGP Peering SIDs in BGP-LS
• BGP-LS carries internal topology information as
well as external connectivity (EPE) information
– See “BGP-LS” section for more details AS1
BGP-LS
• Egress Peer Engineering enabled egress nodes 2
automatically advertise their BGP Peering SIDs
in BGP-LS
– Each EPE egress node must have a BGP-LS session
directly to the Controller or via a RR Controller 3
• Controller can use the BGP-LS information to
compute and implement per-flow traffic steering
Advertising BGP Peering SIDs in BGP-LS
RP/0/0/CPU0:xrvr-10#show bgp link-state link-state
BGP router identifier 1.1.1.10, local AS number 1

Status codes: s suppressed, d damped, h history, * valid, > best

i - internal, r RIB-failure, S stale, N Nexthop-discard
AS1 AS4
Origin codes: i - IGP, e - EGP, ? - incomplete AS6
BGP-LS
Prefix codes: E link, V node, T IP reacheable route, u/U unknown
I Identifier, N local node, R remote node, L link, P
prefix 2 4
L1/L2 ISIS level-1/level-2, O OSPF, D direct, S
static/peer-node
a area-ID, l link-ID, t topology-ID, s ISO-ID,
1 10 11 6
c confed-ID/ASN, b bgp-identifier, r router-ID,
i if-address, n nbr-address, o OSPF Route-type, p IP-
prefix
d designated router address
Controller Network 3 Next Hop 5 Metric LocPrf Weight Path
*>i[E][B][I0x0][N[c1][b0.0.0.0][q1.1.1.2]][R[c4][q1.1.1.4]][L[i99.2.4.2]
[n99.2.4.4]]/600
AS5
1.1.1.2 100 0 i
*>i[E][B][I0x0][N[c1][b0.0.0.0][q1.1.1.2]][R[c5][q1.1.1.5]][L[i1.1.1.2][
n1.1.1.5]]/600
1.1.1.2 100 0 i
*>i[E][B][I0x0][N[c1][b0.0.0.0][q1.1.1.2]][R[c5][q1.1.1.5]][L[i99.2.5.2]
[n99.2.5.5]]/600
1.1.1.2 100 0 I
<...>

Note: An IOS XR router is acting as “Controller”

BGP-LS routes on Controller
RP/0/0/CPU0:xrvr-10#show bgp link-state link-state <...continue>
[E][B][I0x0][N[c1][b0.0.0.0][q1.1.1.2]][R[c5][q1.1.1.5]][L
[i1.1.1.2][n1.1.1.5]]/600 detail Paths: (1 available, best #1)
BGP routing table entry for Not advertised to any peer
[E][B][I0x0][N[c1][b0.0.0.0][q1.1.1.2]][R[c5][q1.1.1.5]][L Path #1: Received by speaker 0
[i1.1.1.2][n1.1.1.5]]/600 Flags: 0x4000000001060005, import: 0x20
“Protocol ID” field
NLRI Type: Link Not advertised to any peer
Protocol: BGP “Identifier” field Local
Identifier: 0x0 “AS Number” TLV 1.1.1.2 (metric 20) from 1.1.1.2 (1.1.1.2)
Local Node Descriptor: “BGP-LS ID” TLV Origin IGP, localpref 100, valid, internal, best,
AS Number: 1 group-best
BGP Identifier: 0.0.0.0 “BGP Router-ID” TLV Received Path ID 0, Local Path ID 1, version 5
BGP Router Identifier: 1.1.1.2 Link-state: Peer-SID: 30025
“AS Number” TLV
Remote Node Descriptor:
AS Number: 5 “BGP Router-ID” TLV
BGP Router Identifier: 1.1.1.5
Link Descriptor: BGP session local address
Local Interface Address IPv4: 1.1.1.2 BGP session peer address
Neighbor Interface Address IPv4: 1.1.1.5

Versions:
Process bRIB/RIB SendTblVer
Speaker 5 5
Flags: 0x04000001+0x00000000;
Last Modified: Oct 6 20:14:51.140 for 1d00h BGP-LS entry Peer Node-SID
<continue...>
from Node2
for peer Node5
BGP-LS routes on Controller
RP/0/0/CPU0:xrvr-10#show bgp link-state link-state <...continue>
[E][B][I0x0][N[c1][b0.0.0.0][q1.1.1.2]][R[c5]
[q1.1.1.5]][L[i99.2.5.2][n99.2.5.5]]/600 detail Paths: (1 available, best #1)
BGP routing table entry for Not advertised to any peer
[E][B][I0x0][N[c1][b0.0.0.0][q1.1.1.2]][R[c5][q1.1.1.5]][L Path #1: Received by speaker 0
[i99.2.5.2][n99.2.5.5]]/600 Flags: 0x4000000001060005, import: 0x20
“Protocol ID” field
NLRI Type: Link Not advertised to any peer
Protocol: BGP “Identifier” field Local
Identifier: 0x0 “AS Number” TLV 1.1.1.2 (metric 20) from 1.1.1.2 (1.1.1.2)
Local Node Descriptor: “BGP-LS ID” TLV Origin IGP, localpref 100, valid, internal, best,
AS Number: 1 group-best
BGP Identifier: 0.0.0.0 “BGP Router-ID” TLV Received Path ID 0, Local Path ID 1, version 4
BGP Router Identifier: 1.1.1.2 Link-state: Peer-Adj-SID: 30125
“AS Number” TLV
Remote Node Descriptor:
AS Number: 5 “BGP Router-ID” TLV
BGP Router Identifier: 1.1.1.5
Link Descriptor: BGP session local address
Local Interface Address IPv4: 99.2.5.2 BGP session peer address
Neighbor Interface Address IPv4: 99.2.5.5

Versions:
Process bRIB/RIB SendTblVer
Speaker 4 4
Flags: 0x04000001+0x00000000;
Last Modified: Oct 6 20:14:51.140 for 1d00h BGP-LS entry Peer Adj-SID
<continue...>
from Node2
for peer Node5
Programming EPE Policy
on ingress
Controller programs ingress node
• Controller can program the ingress Node1 to steer traffic to
6.1.1.6/32 via egress Node3 and AS5 (peer 5), using:
– BGP Segment Routing TE (BGP SR-TE)
– Segment Routing Traffic Engineering (SR-TE)
>PCEP
>CLI/XML
– BGP-LU (RFC3107)
>Currently limited to imposition of two labels: prefix-SID to egress node and EPE label
(PeerNode SID or PeerAdj SID)
AS1 AS4 AS6
– Other: host, netconf, … BGP-LS

2 4 6.1.1.6/32

1 10 11 6
Controller 3 5
AS5
Program ingress node
BGP SR-TE
Program ingress node – BGP SR-TE
• Describe BGP SRTE
Program ingress node
SR-TE
Program ingress node – SR-TE
• Instantiate SR-TE Policy with EPE label as last hop
– Instantiation can be done using CLI/XML, PCEP
• SR-TE allows to steer the traffic in the local domain towards
a specific egress node and out to a specific external peer
• See “SR-TE” section for more details
Segment Routing – Egress Peer Engineering
explicit-path name EPE_VIA_3_5
index 10 next-address strict ipv4 unicast 1.1.1.11 !! Node11
index 20 next-address strict ipv4 unicast 1.1.1.3 !! Node3
index 30 next-label 30035 !! PeerNode SID to 5
!
AS1 interface tunnel-te1 AS4 AS6
ipv4 unnumbered Loopback0
autoroute destination 6.1.1.6
destination 1.1.1.3 2 4 6.1.1.6/32
path-option 1 explicit name EPE_VIA_3_5 segment-routing

1 10 11 Peer 5: label 30,035 6

3 5
AS5
SR-TE Policy
Destination and traffic steering
• In the example on previous slide, the SRTE destination is
chosen to be the egress Node3 and the traffic is steered into
the SRTE Policy by using autoroute destination
 steering traffic with destination 6.1.1.6/32 into SRTE Policy
• Other steering mechanisms are possible
– See “SR-TE traffic steering section”
Segment Routing – Egress Peer Engineering
RP/0/0/CPU0:xrvr-1#show mpls traffic-eng tunnels 1
Name: tunnel-te1 Destination: 1.1.1.3 Ifhandle:0x780
Signalled-Name: xrvr-1_t1
Status:
Admin: up Oper: up Path: valid Signalling: connected

path option 1, (Segment-Routing) type explicit EPE_VIA_3_5 (Basis for Setup)

<...>
AS1 Segment-Routing Path Info (IS-IS 1 level-2)
AS4 AS6
Segment0[Node]: 1.1.1.11, Label: 16011
Segment1[Node]: 1.1.1.3, Label: 16003
Segment2[ - ]: Label: 30035 2 4
RP/0/0/CPU0:xrvr-1#show mpls forwarding tunnels detail
Tunnel Outgoing Outgoing Next Hop Bytes
1 10
Name Label11 Interface Switched 6
------------- ----------- ------------ --------------- ------------
tt1 (SR) 16011 Gi0/0/0/0 99.1.10.10 480
Updated: Oct 8 09:37:19.892
Controller
Version: 35, Priority: 2 3
Label Stack (Top -> Bottom): { 16011 16003 30035 }
5
tunnel-te1 label stack
NHID: 0x0, Path idx: 0, Backup path idx: 0, Weight: 0
MAC/Encaps: 14/26, MTU: 1500 AS5
Packets Switched: 15

Interface Handle: 0x00000780, Local Label: 24005

Forwarding Class: 0, Weight: 0
Packets/Bytes Switched: 38/1064
Segment Routing – Egress Peer Engineering
RP/0/0/CPU0:xrvr-1#show route 6.1.1.6/32

Routing entry for 6.1.1.6/32

Known via "application", distance 2, metric 30 (connected)
Installed Oct 8 08:23:56.033 for 00:05:25
Routing Descriptor Blocks
directly connected, via tunnel-te1
Route metric is 30
AS1 No advertising protos.
AS4 AS6
RP/0/0/CPU0:xrvr-1#show cef 6.1.1.6/32
2 4
6.1.1.6/32, version 111, attached, internal 0x1000041 0x0 (ptr 0xa14840f4) [1],
0x0 (0xa14696c8), 0xa20 (0xa151f208)
Updated Oct 8 08:23:56.053
Prefix Len 32, traffic index 0, precedence n/a, priority 3
1 10 11
via tunnel-te1, 5 dependencies, weight 0, class 0 [flags 0x8] 6
path-idx 0 NHID 0x0 [0xa0f033a0 0x0]
local adjacency
labels imposed {None} Only impose tunnel-te1 labels
Controller 3 5
AS5
Egress Peer Engineering – data plane
RP/0/0/CPU0:xrvr-1#traceroute 6.1.1.6 source 1.1.1.1

Type escape sequence to abort.

Tracing the route to 6.1.1.6

AS1 1
2
AS4 AS6
99.1.10.10 [MPLS: Labels 16011/16003/30035 Exp 0] 39 msec 19 msec 19 msec
99.10.11.11 [MPLS: Labels 16003/30035 Exp 0] 19 msec 19 msec 29 msec
3 99.3.11.3 [MPLS: Label 30035 Exp 0] 19 msec 19 msec 29 msec
4 99.3.5.5 19 msec 19 msec 19 msec
5 99.5.6.6 19 msec 19 msec 29 msec2 4

1 10 11 Peer 5: label 30,035 6

16011
16003
30035
Controller 3 5
30035
Payload Payload PayloadAS5
Program ingress node
BGP-LU (RFC3107)
Controller programs ingress node
BGP-LU (RFC3107)
• Controller sends a more preferred BGP-LU path update to
ingress Node1
– NLRI: the destination prefix to engineer: e.g. 6.1.1.6/32
– Nhop: the selected egress border router: 3
– Label: the selected egress peerNode SID: 30,035
– AS path: reflecting the valid AS path of the selected
– Some BGP policy to ensure it is selected as best by the ingress router
Segment Routing – Egress Peer Engineering

AS1 BGP-LU AS4 AS6

RFC3107 2 4 6.1.1.6/32

1 10 11 6

Controller 3 5
AS5
Segment Routing – Egress Peer Engineering
route-policy I_AM_CONTROLLER
if destination in (6.1.1.6) then
set next-hop 1.1.1.3
set label 30035
set local-preference 1000
AS4 AS6
AS1 BGP-LU
endif
end-policy
RFC3107 ! 2 4 Using IOS XR as
router bgp 1 Controller using BGP-LU.
bgp router-id 1.1.1.10
This is the configuration
1 10 11 address-family ipv4 unicast 6
used to do that
network 6.1.1.6/32
allocate-label all
!
Controller 3
neighbor 1.1.1.1
5
remote-as 1
AS5
update-source Loopback0
address-family ipv4 labeled-unicast
route-policy I_AM_CONTROLLER out
!
!
!
Segment Routing – Egress Peer Engineering
RP/0/0/CPU0:xrvr-1#show bgp 6.1.1.6/32
BGP routing table entry for 6.1.1.6/32
Versions:
Process bRIB/RIB SendTblVer
Speaker 8 8
AS1 BGP-LU Local Label: 24004
Last Modified: Oct 8 09:15:04.302 for 00:10:05
AS4 AS6
Paths: (3 available, best #3)
Not advertised to any peer
RFC3107Path #1: Received by speaker 0 2 4
Not advertised to any peer
4 6
1.1.1.2 (metric 30) from 1.1.1.2 (1.1.1.2)
1 10 11
Origin IGP, localpref 100, valid, internal, group-best 6
Received Path ID 0, Local Path ID 0, version 0
Path #2: Received by speaker 0
Not advertised to any peer
4 Controller
6 3 5
1.1.1.3 (metric 30) from 1.1.1.3 (1.1.1.3)
Origin IGP, localpref 100, valid, internal
AS5
Received Path ID 0, Local Path ID 0, version 0
Path #3: Received by speaker 0
Not advertised to any peer
Local
New best path: via Node3, peer 5
1.1.1.3 (metric 30) from 1.1.1.10 (1.1.1.10)
Received Label 30035
Origin IGP, metric 0, localpref 1000, valid, internal, best, group-best
Received Path ID 0, Local Path ID 1, version 8
Segment Routing – Egress Peer Engineering
• Ingress Node1 pushes label stack on packets to 6.1.1.6/32
{prefix-SID(egress Node3); peerNode-SID(AS5 peer 5)}
= {16,003; 30,035}
• Traffic steering on Node1 is per BGP destination
– Example: for traffic destined to 6.1.1.6/32 impose {16,003; 30,035}
Segment Routing – Egress Peer Engineering
RP/0/0/CPU0:xrvr-1#show cef 6.1.1.6/32
6.1.1.6/32, version 121, internal 0x5000001 0x0 (ptr 0xa14840f4) [1],
0x0 (0xa14696c8), 0xa08 (0xa151f208)
Updated Oct 8 09:15:04.093
Prefix Len 32, traffic index 0, precedence n/a, priority 4 prefix-SID(egress Node3)
via 1.1.1.3/32, 3 dependencies, recursive [flags 0x6000]
path-idx 0 NHID 0x0 [0xa15877f4 0x0]
AS1 BGP-LUrecursion-via-/32
AS4 AS6
next hop 1.1.1.3/32 via 16003/0/21 peerNode-SID(AS5 peer 5)
local label 24004
RFC3107 2 4
next hop 99.1.10.10/32 Gi0/0/0/0 labels imposed {16003 30035}

1 10 11 Peer 5: label 30,035 6

16003
30035 Controller 3 5
Payload 30035
Payload AS5
Payload
Segment Routing – Egress Peer Engineering
RP/0/0/CPU0:xrvr-1#traceroute 6.1.1.6 source 1.1.1.1

Type escape sequence to abort.

Tracing the route to 6.1.1.6

1 99.1.10.10 [MPLS: Labels 16003/30035 Exp 0] 19 msec 19 msec 19 msec

2 99.10.11.11 [MPLS: Labels 16003/30035 Exp 0] 19 msec 19 msec 29 msec
AS1 BGP-LU AS4
3 99.3.11.3 [MPLS: Label 30035 Exp 0] 19 msec 19 msec 19 msec AS6
4 99.3.5.5 19 msec 19 msec 19 msec
5 99.5.6.6 29 msec 19 msec 19 msec
RFC3107 2 4

1 10 11 Peer 5: label 30,035 6

16003
30035 Controller 3 5
Payload 30035
Payload AS5
Payload
IETF
IETF
• The Egress Peer Engineering implementation will follow the
IETF drafts
– https://tools.ietf.org/html/draft-ietf-spring-segment-routing-central-epe
– https://tools.ietf.org/html/draft-ietf-idr-bgpls-segment-routing-epe
• It currently (5.3.2) follows https://tools.ietf.org/html/draft-
previdi-idr-bgpls-segment-routing-epe-02
draft-ietf-idr-bgpls-segment-routing-epe
• The BGP Peer Segments are distributed in BGP-LS using
the existing Link-Type NLRI
– New Protocol ID (7)
– New (sub-)TLVs are defined for BGP EPE
• Format of (existing) Link NLRI Type:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+
| Protocol-ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Identifier |
| (64 bits) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// Local Node Descriptors //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// Remote Node Descriptors //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// Link Descriptors //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+
| Protocol-ID |

BGP-LS Link-Type NLRI +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

|
|
Identifier
(64 bits)
|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// Local Node Descriptors //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
• Protocol-ID: 7 (BGP EPE) // Remote Node Descriptors //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// Link Descriptors //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

• Identifier:
– “Both OSPF and IS-IS MAY run multiple routing protocol instances
over the same link. See [RFC6822] and [RFC6549]. These instances
define independent "routing universes". The 64-Bit 'Identifier' field is
used to identify the "routing universe" where the NLRI belongs.”
– Default: 0
– Configurable: 2-65535
router isis 2
is-type level-2-only
net 49.0002.0000.0000.0003.00
distribute bgp-ls instance-id 255
 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+
| Protocol-ID |

BGP-LS Link-Type NLRI +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

|
|
Identifier
(64 bits)
|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// Local Node Descriptors //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
• Local Node Descriptors: // Remote Node Descriptors //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// Link Descriptors //

– Mandatory TLVs: +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

>BGP Router ID (TLV 516), contains the BGP Identifier of the local BGP EPE
node
>Autonomous System Number (TLV 512), contains the local ASN or local
confederation identifier (ASN) if confederations are used
>BGP-LS Identifier (TLV 513)
– Optional TLVs:
>Member-ASN (TLV 517), contains the ASN of the confederation member
(when BGP confederations are used)
>Other Node Descriptors as defined in ietf-idr-ls-distribution
 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+
| Protocol-ID |

BGP-LS Link-Type NLRI +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

|
|
Identifier
(64 bits)
|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// Local Node Descriptors //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
• Remote Node Descriptors: // Remote Node Descriptors //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// Link Descriptors //

– Mandatory TLVs: +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

>BGP Router ID (TLV 516), contains the BGP Identifier of the peer node
>Autonomous System Number (TLV 512), contains the peer ASN or the peer
confederation identifier (ASN), if confederations are used
– Optional TLVs:
>Member-ASN (TLV 517), contains the ASN of the confederation member
(when BGP confederations are used)
>Other Node Descriptors as defined in ietf-idr-ls-distribution
 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+
| Protocol-ID |

BGP-LS Link-Type NLRI +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

|
|
Identifier
(64 bits)
|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// Local Node Descriptors //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
• Link Descriptors: // Remote Node Descriptors //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// Link Descriptors //

– Contain the addresses and interface +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

identifiers used by the BGP session

– As defined in ietf-idr-ls-distribution
 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+
| Protocol-ID |

BGP-LS Link-Type NLRI +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

|
|
Identifier
(64 bits)
|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// Local Node Descriptors //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
• Link Descriptors for Peer Node // Remote Node Descriptors //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Segment NLRI: // Link Descriptors //

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

– IPv4 Interface Address (TLV 259), contains the BGP session IPv4 local
address.
– IPv4 Neighbor Address (TLV 260), contains the BGP session IPv4 peer
address.
– IPv6 Interface Address (TLV 261), contains the BGP session IPv6 local
address.
– IPv6 Neighbor Address (TLV 262), contains the BGP session IPv6 peer
address.
 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+
| Protocol-ID |

BGP-LS Link-Type NLRI +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

|
|
Identifier
(64 bits)
|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// Local Node Descriptors //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
• Link Descriptors for Peer Adjacency // Remote Node Descriptors //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Segment NLRI: // Link Descriptors //

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

– Link Local/Remote Identifiers (TLV 258), contains the 4-octet Link Local
Identifier followed by the 4-octet value 0 indicating the Link Remote Identifier is
unknown [RFC5307].
– IPv4 Neighbor Address (TLV 260), contains the IPv4 address of the peer
interface used by the BGP session.
– IPv6 Neighbor Address (TLV 262), contains the IPv6 address of the peer
interface used by the BGP session.
BGP-LS Link Attributes
• The following BGP-LS Attributes TLVs are used with the Link NLRI:
– Adjacency Segment ID (TLV 1099)
>Defined in gredler-idr-bgp-ls-segment-routing-extension
– Peer Segment ID (TLV 1036): SID representing the peer of the BGP session.
>The format is the same as defined for the Adj-SID
– Peer Set Segment ID (TLV 1037): SID representing the group the peer is part
of.
>The format is the same as defined for the Adj-SID
– In addition, BGP-LS Link Attributes, as defined in ietf-idr-ls-distribution, MAY be
inserted in order to advertise the characteristics of the link.
Thank you.
References
• https://tools.ietf.org/html/draft-filsfils-spring-segment-routing-
central-epe
• https://tools.ietf.org/html/draft-previdi-idr-bgpls-segment-
routing-epe
Backup