‘APNIC APNIC SDN Workshop Lab Module 3 — Segment Routing Configuration Lab ‘Objective: All the routers are pre-configured with basic interface and OSPF configuration according to the following topology diagram. As part of the exercise, you will need to enable Segment Routing under OSPF and observe operation with common and different SRGBs. In addition, you will need to configure a traffic-engineered Segment Routing tunnel. Prerequisites: Knowledge of IGP, EGP, MPLS and Segment Routing is required. ‘The following will be the common topology and IP address plan used for this lab. (OSPF instance 1 Area 0.0.0.0 Figure 1 —Segment Routing Lab Base Configuration Lab Notes The basic Segment Routing lab topology comprises of 6 routers: R1,R2, R3,R4, RS and R6. Multiple sets of identical topologies will be used, Workshop attendees will be split up into groups of 6 where each group member will be responsible for the configuration of a specific router. All routers are running Cisco IOS-XRv 6.1.2 within GNS3. Login credentials are: ‘Username: cisco Password: cisco Please spend some time to be familiar with the network topology and addressing plan before you start building the configuration on the routers. In module 3 all required configurations are done in 3 parts. T zaneMonday, September 04,2017 Part 1.Base Segment Routing configuration. The following figure reflects the base Segment Routing configuration Lg OSPF instance 1 Area 0.0.00 After the base Segment Routing configuration there will be a number of node and adjacency SIDs allocated as per the table below: Node SID ‘Adjacency SID Ri=> 16001 RI=SRZ R2=> 16002 R3=> 16003 R4=> 16004 RS=> 16005 R6=> 16006‘APNIC APNIC SDN Workshop Lab Part 2.Using SID index values with different SRGBs on all routers ‘The following reflects the Segment Routing configuration using SID index values and different (OSPF Instance 1 Area 0.0.0.0 In this part, we use indexes instead of absolute SID values. In addition, we configure different SRGBS on each of the routers. Part 3.Traffic-engineering Segment Routing tunnel ‘The following figure includes the additional configuration required for this part [2k se] son toooase L___ ‘pd 24 4Monday, September 04,2017 We configure explicitly-routed traffic-engineered paths and resolve them using Segment Routing SIDs. Each router configures a unique path as per the table below. Router Destination Path RI Re RERZRERERS-RO RZ RI R2RERERSRIRI RS RS, R3-RI-RZRERGRS Ra, RZ R&-R6RS-RERIRZ RS, R6 RS-RERERZRERG RS RI RGRERSRERIRI‘APNIC APNIC SDN Workshop Lab Lab Exercise 1. Base Segment Routing configuration: ‘The following figure reflects the base Segment Routing configuration. (28. aL] =) Ss) Les, atte | (OSPF instance 1 Area 0.0.0.0 Here is an example configuration for RI config t mpls traffic-eng ! Enables traffic engineering functionality on the node. router oapf 1 segnent-routing global-block 16000 23999 ! Configure the SRGB for this node segnent-routing mpls ! Enables Segment Routing using the mpls dataplane. Also enables Segment Routing on all areas and interfaces. Is also required to install SIDs received by OSPF into the forwarding table. mpls traffic-eng router-id loopback) ! Configures loopback 0 as the traflic-engineering router identifier. area 0.0.9.0 mpls traffic-eng |! Enables traffic-engineering functionality for OSPF. interface loopback 0 prefix-sid absolute 16001 ! Assigns an absolute SID value to loopback 0 (your SID value will depend on your router as per the figure) end ‘pd 4 4Monday, September 04, 2017 Please wait for all routers in your group to be configured before you issue the following verification commands. Please also do not move to the next part until advised to do so by your instructors. Verify your configuration: Use the following commands to vet the operation of Segment Routing: show mpls label table detail ! Ensure you thoroughly understand each entry. show mpls label range show mpls forwarding show mpla forwarding labels 16006 detail ! Select a label value for a router other than your own. show ospf database opaque-area self-originate ! Shows contents of the opaque area-scope LSAs originated by the router in detail. show ip cof 172.16.1.6/32 ! Select a loopback address for a router other than your own. ping mpls nit-fec labels 16006 ovtput interface gigabitRthernet 0/0/0/0 nexthop 10.1.2.2 ! Ping a loopback prefix SID for a router other than your own. Change output interface and next- hop accordingly. trace mpls nil-fec labels 16006 output interface gigabitEchernet 0/0/0/0 nexthop 10.1.2.2 ! Trace a loopback prefix SID for a router other than your own, Change output interface and next- hop accordingly. Segment Routing Debugging debug mple p: show Logging debug no debug mpls packetIC APNIC SDN Workshop Lab 2. Using SID index values with different SRGBs on all routers ‘The following figure includes the additional configuration required for this part ees. Se] ooh ee Le Le Here is an example configuration for RI config t router ospf 2 area 0.0.0.0 interface loopback 0 prefix-sid index 100 | Assigns a SID index of 100 to loopback 0 (your index will depend on your router as per the figure) exit exit segnent-routing global-bleck 16000 16999 ! Changes the SRGB of the node to 16000-16999 (your range will depend on your router as per the figure) end Please wait for all routers in your group to be configured before you issue the following verification commands. Please also do not move ¢o the next part until advised to do so by your instructors. Verify your configuration: Use the following commands to verify the operation of Segment Routing: show mpls label table detail 7 Ea emit Sie eaeMonday, September 04, 2017 ! Ensure you thoroughly understand each entry. show mpls label range show mpls forwarding show mpls forwarding labels 16600 detail ! Select a label value for a router other than your own. show ospf database opaque-area self-originate ! Shows contents of the opaque area-scope LSAs originated by the router in detail. show ip cef 172.16.1.6/32 ! Select a loopback address for a router other than your own. ping wpls ail-fec labels 17600 output interface gigabitEthernet 0/0/0/0 nexthop 10.1.2.2 ! Ping a loopback prefix SID for a router other than your own. Change output interface and next- hop accordingly, trace mpls nil-fec labels 17600 output interface gigabitethernet 0/0/0/0 nexthop 10.1.2.2 ! Trace a loopback prefix SID for a router other than your own. Change output interface and next- hop accordingly, 3. Traffic-engineering Segment Routing tunnel ‘The following figure includes the additional configuration required for this part [ee es] Each router needs to be configured with a different explicit tunnel as per the table below.APNIC SDN Workshop Lab Router Destination Path RI Re RERZRERIRS-RO RZ RI R2RGERERSRIRI RS, RS, R3-RI-RZRERGRS Ra RZ R&-RGRS-RERERD RS, RS RS-RERERZRERG RG RI RGRERSRIERERI Here is an example configuration for RI based on the above table. cont t explicit-path name S8- index 1 next-address unicast 1.2 index 2 next-address unicas: 13 index 3 next-addres: unicast 172.1611 index 4 next-address 3 unicast 172.16.1.5 index 5 next-address 16 ! create an explicit path named SR-TE-PATH-1 with an explicitly-specified list of hops interface tunnel-ted ipv4 unnumbered Loopback0 destination 112.16.1.6 path-option 1 explicit name SR-TE-PATH-: segment-routing | create a tunnel interface with a destination of R6 and link the previously-created explicit path SR-TE-PATHC-I with it int Lol ipv4 addzese 1.1,1.1/32 exit | create @ new loopback address on the router (use the address corresponding to your router as per the diagram) | create a static route to R6's loopback address (choose a target router based on the destination of the tunnel interface created earlier) address~ 6.6.6.6/32 Please wait for all routers in your group to be configured before you issue the following verification commands. ‘Verify your configuration: Use the following commands to verify your configuration: show mpla traffie~eng tunnels 0 deta ! Ensure you thoroughly understand the output and, in particular, the resolution of the IP loopback addresses to SID values. 7 zaneMonday, September 04,2017 ping 6.6.6.6 | verify the static route 7APNIC APNIC SDN Workshop Lab Workshop templates for reference purpose only: RI Base Segment Routing configuration config t mpls traffic-eng router spf 1 segnent-routing global-block 16000 23999, segnent-routing mpls mpls traffic-eng router-id loophacko area 0.0.0.0 mpls traffic-eng interface loopaack 0 prefix-sid absolute 16001 ond Verification Commands: show mple label table detail show mpls label range show mpls forwarding show mpls forwarding labels 16006 detail show ospf database opaque-area se. show ip cef 172.16.1.6/32 ping mpls nil-fec labels 16006 output interface gigabitBthernet 0/0/0/0 nexthop 10.1.2.2 trace mpls nil-fec labels 16006 output interface gigabitEthernet 0/0/0/0 nexthop 10.2.2.2 originate Using SID index values with different SRGBs on all routers config t router ospf 1 area 0.0.0.0 interface loopback 0 prefix-sid index 100 exit exit segnent-routing global-block 16000 16999 end Verification Commands: show mpis label table detail show mpls label range show mpls forwarding show mpls forwarding labels 16600 detail show ospf database opaque iginate show ip cef 172.16.1.6/32 ping mpis nil-fec labels 17600 output interface gigabitEthernet 0/0/0/0 nexthop 10.1.2.2 trace mpls nil-fec labels 17600 output interface gigabitEthernet 0/0/0/0 nexthop 10.1.2.2 u (Er ene Sie eaeMonday, September 04,2017 ‘Traffic-engineering Segment Routing tunnel cont t explicit-path name SR-TE-PATE-1 index 1 next-address strict ipvd unicast 172.16.1.2 index 2 next-address strict ipv4 unicast 172.16.1.3 index 3 next-address strict ipv4 unicast 172.16.1. index 4 next-address strict ipv4 unicast 172.16.1.5 index 5 next-address strict ipv4 unicast 172.16.1. interface tunnel-ved ipvd unnumbered Loopback? destination 172.16.1.6 path-option 1 explicit name SR-TE-PATH-1 segment-routing int lol Apv4 address 1.1.1.1/32 exit router static address~fanily ipv4 unicast 6.6.6.6/32 tunnel-ted exit end Verification Commands: show mpls traffic-eng tunnels 0 detail ping 6.6.6.6APNIC SDN Werkshop Lab Base Segment Routing configuration. config t mpls trafficceng router ospf 1 segnent-routing global-block 16000 23999 segnent-routing mpls mpls traffic-eng router-id loopbackd area 0.0.0.0 mpls traffic-eng interface loopback 0 prefix-sid absolute 16002 snd Verification Commands: show mpl label table detail show mpls label range show mpls forwarding show mpis forwarding labels 16006 detail show ospf database opaque-area self-originat; show ip cef 112.16.1.6/32 ping mpis nil-fec labels 16006 output interface gigabitEthernet 0/0/0/1 nexthop 10.2.4.4 trace mpls nil-fec labels 16006 output interface gigabitRthernet 0/0/0/1 nexthop 10.2.4.4 Using SID index values with different SRGBs on all routers config t router ospf 1 area 0.0.0.0 interface loopback 0 prefix-sid index 200 exit exit segnent-routing global-block 1 end Verification Commands: show mpls label table detail show mpis label range show mpls forwarding show mpls forwarding labels 17600 detail show ospf database opaque-area self-originate show ip cef 172.16.1.6/32 ping mpls nil-fec labels 19600 output interface gigabitEthernet 0/0/0/1 nexthop 10.2.4.4 trace mpls nil-fec labels 19600 output interface gigabitmthernet 0/0/0/1 nexthop 10.2.4.4 8 (Er ene Sie eaeMonday, September 04,2017 ‘Traffic-engineering Segment Routing tunnel cont t explicit-path name SR-TE-PATE-1 index 1 next-address strict ipvd unicast 172.16.1.4 index 2 next-address strict ipvd unicast 172.16.1. index 3 next-address strict ipv4 unicast 172-16.1.5 index 4 next-address strict ipvd unicast 172.16.1.3 index 5 next-address strict ipv4 unicast 172-16.1-1 interface tunnel-ved ipvd unnumbered Loopback? destination 172.16.1.1 path-option 1 explicit name SR-TE-PATH-1 segment-routing int lol Apv4 address 2.2.2.2/32 exit router static address~fanily ipv4 unicast, 1.1,1,1/32 tunnel-ted exit end Verification Commands: show mpls traffic-eng tunnels 0 detail ping 1.1.1.2APNIC SDN Werkshop Lab Base Segment Routing configuration. config t mpls trafficceng router ospf 1 segnent-routing global-block 16000 23999 segnent-routing mpls mpls traffic-eng router-id loopbackd area 0.0.0.0 mpls traffic-eng interface loopback 0 prefix-sid absolute 16003 ond Verification Commands: show mpl label table detail show mpls label range show mpls forwarding show mpls forwarding labels 16006 detail show ospf database opaque-area self-originat; show ip cef 112.16.1.6/32 ping mpis nil-fec labels 16006 output interface gigabitEthernet 0/0/0/1 nexthop 10.3.5.5 trace mpls nil-fec labels 16006 output interface gigabitRthernet 0/0/0/1 nexthop 10.3.5.5 Using SID index values with different SRGBs on all routers config t router ospf 1 area 0.0.0.0 interzace loopback 0 prefix-sid index 300 exit exit segnent-routing global-block 18000 18999 end Verification Commands: show mpls label table detail show mpis label range show mpls forwarding show mpls forwarding labels 18600 detail show ospf database opaque-area self-originate show ip cef 172.16.1.6/32 ping mpls nil-fec labels 20600 output interface gigabitEthernet 0/0/0/1 nexthop 10.3.5.5 trace mpls nil-fec labels 20600 output interface gigabitmthernet 0/0/0/1 nexthop 10.3.5.5 6 (Er ene Sie eaeMonday, September 04,2017 ‘Traffic-engineering Segment Routing tunnel cont t explicit-path name SR-TE-PATE-1 index 1 next-address strict ipv unicast 172.16.1.1 index 2 next-address strict ipv4 unicast 172.16.1.2 index 3 next-address strict ipv4 unicast 172.16.1.4 index 4 next-address strict ipvd unicast 172.16.1.6 index 5 next-address strict ipv4 unicast 172-16.1.5 interface tunnel-ved ipvd unnumbered Loopback? destination 172.16.1. path-option 1 explicit name SR-TE-PATH-1 segment-routing int lol Apv4 address 3.3.3.3/32 exit router static address~fanily ipv4 unicast, 5.5.5,5/32 tunnel-ted exit end Verification Commands: show mpls traffic-eng tunnels 0 detail ping §.5.5.5APNIC SDN Werkshop Lab Base Segment Routing configuration. config t mpls trafficceng router ospf 1 segnent-routing global-block 16000 23999 segnent-routing mpls mpls traffic-eng router-id loopbackd area 0.0.0.0 mpls traffic-eng interface loopback 0 prefix-sid absolute 16004 snd Verification Commands: show mpl label table detail show mpls label range show mpls forwarding show mpis forwarding labels 16006 detail show ospf database opaque-area self-originats show ip cef 112.16.1.1/32 ping mpis nil-fec labels 16001 output interface gigabitEthernet 0/0/0/1 nexthop 10.2.4.2 trace mpls nil-fec labels 16001 output interface gigabitRthernet 0/0/0/1 nexthop 10.2.4.2 Using SID index values with different SRGBs on all routers config t router ospf 1 area 0.0.0.0 intertace loopback 0 prefix-sid index 100 exit exit segment-routing global-block 19000 19999 end Verification Commands: show mpls label table detail show mpis label range show mpls forwarding show mpls forwarding labels 19100 detail show ospf database opaque-area self-originate show ip cef 172.16.1.1/32 ping mpls nil-fec labels 17100 output interface gigabitEthernet 0/0/0/1 nexthop 10.2.4.2 trace mpls nil-fec labels 17100 output interface gigabitmthernet 0/0/0/1 nexthop 10.2.4.2 " (Er ene Sie eaeMonday, September 04, 2017 ‘Traffic-engineering Segment Routing tunnel cont t explicit-path name SR-TE-PATE-1 index 1 next-address strict ipvd unicast 172.16.1.6 index 2 next-address strict ipv4 unicast 172.16.1.5 index 3 next-address strict ipv4 unicast 172-16.1.3 index 4 next-address strict ipv4 unicast 172.16.1.1 index 5 next-address strict ipv4 unicast 172.16.1. interface tunnel-ved ipvd unnumbered Loopback0 destination 172.16.1.. path-option 1 explicit name SR-TE-PATH-1 segment-routing int lol ipv4 address 4.4.4.4/32 exit router static address~fanily ipv4 unicast, 2.2.2.2/32 cunnel-ted exit end Verification Commands: show mpls traffic-eng tunnels 0 detail ping 2.2.2.2APNIC SDN Werkshop Lab Base Segment Routing configuration. config t mpls traffic-eng router ospf 1 segnent-routing global-block 16000 23999 segnent-routing mpls mpls traffic-eng router-id loopbackd area 0.0.0.0 mpls traffic-eng interface loopback 0 prefix-sid absolute 16005 snd Verification Commands: show mpl label table detail show mpls label range show mpls forwarding show mpis forwarding labels 16001 detail show ospf database opaque-area self-originats show ip cef 112.16.1.1/32 ping mpis nil-fec labels 16001 output interface gigabitEthernet 0/0/0/1 nexthop 10.3.5.3 trace mpls nil-fec labels 16001 output interface gigabitRthernet 0/0/0/1 nexthop 10.3.5.3 Using SID index values with different SRGBs on all routers config t router ospf 1 area 0.0.0.0 interface loopback 0 prefix-sid index 500 exit exit secment-routing global-block 20000 20999 end Verification Commands: show mpls label table detail show mpis label range show mpls forwarding show mpls forwarding labels 20100 detail show ospf database opaque-area self-originate show ip cef 172.16.1.1/32 ping mpls nil-fec labels 18100 output interface gigabitEthernet 0/0/0/1 nexthop 10.3.5.3 trace mpls nil-fec labels 18100 output interface gigabitmthernet 0/0/0/1 nexthop 10.3.5.3 e (Er ene Sie eaeMonday, September 04, 2017 ‘Traffic-engineering Segment Routing tunnel cont t explicit-path name SR-TE-PATE-1 index 1 next-address strict ipvd unicast, index 2 next-addrese strict ipvd unicast index 3 next-address strict ipvd unicast index 4 next-address strict ipvd unicast. index 5 next-address stzict ipvd unicast interface tunnel-ved ipvd unnumbered Loopback? destination 172.16.1.6 path-option 1 explicit name SR-TS-parH-1 int lol ipv4 address §.9.9.5/32 exit router static address~fanily ipv4 unicast, 6.6.6.6/32 tunnel-ted exit end Verification Commands: show mpls traffic-eng tunnels 0 detail ping 6.6.6.6 172.16.1.3 172.16.1.1 2721161112 172.16.1.4 1721161116 segment-routiagAPNIC SDN Werkshop Lab Base Segment Routing configuration config t mpls trafficmeng router ospf 1 segnent-routing global-block 16000 23999 segnent-routing mpls mpls traffic-eng router-id loopbackd area 0.0.0.0 mpls traffic-eng interface loopback 0 prefix-sid absolute 16006 snd Verification Commands: show mpl label table detail show mpls label range show mpls forwarding show mpis forwarding labels 16001 detail show ospf database opaque-area self-originat) show ip cef 112.16.1.1/32 ping mpis nil-fec labels 16001 output interface gigabitEthernet 0/0/0/1 nexthop 10.5.6.5 trace mpls nil-fec labels 16001 output interface gigabitRthernet 0/0/0/1 nexthop 10.5.6.5 Using SID index values with different SRGBs on all routers config t router ospf 1 area 0.0.0.0 intertace loopback 0 prefix-sid index 600 exit exit segment-routing global-block 21000 21999 end Verification Commands: show mpls label table detail show mpis label range show mpls forwarding show mpls forwarding labels 21100 detail show ospf database opaque-area self-originate show ip cef 172.16.1.1/32 ping mpls nil-fec labels 20100 output interface gigabitEthernet 0/0/0/1 nexthop 10.5.6.5 trace mpls nil-fec labels 20100 output interface gigabitmthernet 0/0/0/1 nexthop 10.5.6.5 a (Er ene Sie eaeMonday, September 04,2017 ‘Traffic-engineering Segment Routing tunnel cont t explicit-path name SR-TE-PATE-1 index 1 next-address strict ipvd unicast 172.16.1.4 index 2 next-address strict ipv4 unicast 172.16.1.5 index 3 next-address strict ipv4 unicast 172.16.1.2 index 4 next-address strict ipvd unicast 172.16.1.3 index 5 next-address strict ipv4 unicast 172-16.1-1 interface tunnel-ved ipvd unnumbered Loopback? destination 172.16.1.1 path-option 1 explicit name SR-TE-PATH-1 segment-routing int lol ipvd address 6.6.6.6/32 exit router static address~fanily ipv4 unicast, 1.1,1,1/32 tunnel-ted exit end Verification Commands: show mpls traffic-eng tunnels 0 detail ping 1.1.1.2, H