Cisco Release 12.4 User Manual
MPLS LDP Configuration Guide, Cisco IOS
Release 12.4
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS,
INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED
WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED
WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version
of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL
FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE
PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR
ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL:
www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship
between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output,
network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content
is unintentional and coincidental.
© 2011 Cisco Systems, Inc. All rights reserved.
C O N T E N T S
MPLS Label Distribution Protocol (LDP)
1
Finding Feature Information 1
Prerequisites for MPLS LDP 1
Information About MPLS LDP 1
Introduction to MPLS LDP 2
MPLS LDP Functional Overview 2
LDP and TDP Support 2
Introduction to LDP Sessions 3
Directly Connected MPLS LDP Sessions 3
Nondirectly Connected MPLS LDP Sessions 4
Introduction to LDP Label Bindings Label Spaces and LDP Identifiers 4
How to Configure MPLS LDP 5
Enabling Directly Connected LDP Sessions 6
Establishing Nondirectly Connected MPLS LDP Sessions 8
Saving Configurations MPLS Tag Switching Commands 11
Specifying the LDP Router ID 12
Preserving QoS Settings with MPLS LDP Explicit Null 14
Protecting Data Between LDP Peers with MD5 Authentication 18
MPLS LDP Configuration Examples 21
Configuring Directly Connected MPLS LDP Sessions Example 21
Establishing Nondirectly Connected MPLS LDP Sessions Example 23
Additional References 25
Feature Information for MPLS Label Distribution Protocol 26
MPLS LDP Session Protection 31
Finding Feature Information 31
Restrictions for MPLS LDP Session Protection 31
Information About MPLS LDP Session Protection 31
MPLS LDP Session Protection Customizations 32
How to Configure MPLS LDP Session Protection 33
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
iii
Contents
Enabling MPLS LDP Session Protection 33
Verifying MPLS LDP Session Protection 35
Troubleshooting Tips 36
Configuration Examples for MPLS LDP Session Protection 36
Additional References 39
Command Reference 40
MPLS LDP Inbound Label Binding Filtering 41
Finding Feature Information 41
Restrictions 41
Information about MPLS LDP Inbound Label Binding Filtering 41
How to Configure MPLS LDP Inbound Label Binding Filtering 42
Configuring MPLS LDP Inbound Label Binding Filtering 42
Verifying that MPLS LDP Inbound Label Bindings are Filtered 44
Configuration Examples for MPLS LDP Inbound Label Binding Filtering 45
Additional References 46
Feature Information for MPLS LDP Inbound Label Binding Filtering Feature 47
Glossary 48
MPLS LDP Autoconfiguration 51
Finding Feature Information 51
Restrictions for MPLS LDP Autoconfiguration 51
Information About MPLS LDP Autoconfiguration 52
MPLS LDP Autoconfiguration on OSPF and IS-IS Interfaces 52
How to Configure MPLS LDP Autoconfiguration 52
Configuring MPLS LDP Autoconfiguration with OSPF Interfaces 52
Disabling MPLS LDP Autoconfiguration from Selected OSPF Interfaces 54
Verifying MPLS LDP Autoconfiguration with OSPF 55
Configuring MPLS LDP Autoconfiguration with IS-IS Interfaces 57
Disabling MPLS LDP Autoconfiguration from Selected IS-IS Interfaces 59
Verifying MPLS LDP Autoconfiguration with IS-IS 60
Troubleshooting Tips 61
Configuration Examples for MPLS LDP Autoconfiguration 61
MPLS LDP Autoconfiguration with OSPF Example 61
MPLS LDP Autoconfiguration with IS-IS Examples 62
Additional References 62
Feature Information for MPLS LDP Autoconfiguration 63
iv
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
Contents
MPLS LDP Graceful Restart 65
Finding Feature Information 65
Restrictions 65
Information About MPLS LDP Graceful Restart 66
How MPLS LDP Graceful Restart Works 66
How a Route Processor Advertises That It Supports MPLS LDP Graceful Restart 67
What Happens If a Route Processor Does Not Have LDP Graceful Restart 67
How to Configure MPLS LDP Graceful Restart 67
Configuring MPLS LDP Graceful Restart 67
Verifying the Configuration 69
Configuration Example for MPLS LDP Graceful Restart 69
Additional References 72
Feature Information for MPLS LDP Graceful Restart 73
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
v
Contents
vi
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
MPLS Label Distribution Protocol (LDP)
Multiprotocol Label Switching (MPLS) Label Distribution Protocol (LDP) enables peer label switch
routers (LSRs) in an MPLS network to exchange label binding information for supporting hop-by-hop
forwarding in an MPLS network. This module explains the concepts related to MPLS LDP and describes
how to configure MPLS LDP in a network.
• Finding Feature Information, page 1
• Prerequisites for MPLS LDP, page 1
• Information About MPLS LDP, page 1
• How to Configure MPLS LDP, page 5
• MPLS LDP Configuration Examples, page 21
• Additional References, page 25
• Feature Information for MPLS Label Distribution Protocol, page 26
Finding Feature Information
Your software release may not support all the features documented in this module. For the latest feature
information and caveats, see the release notes for your platform and software release. To find information
about the features documented in this module, and to see a list of the releases in which each feature is
supported, see the Feature Information Table at the end of this document.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support.
To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Prerequisites for MPLS LDP
Label switching on a router requires that Cisco Express Forwarding (CEF) be enabled on that router.
Information About MPLS LDP
• Introduction to MPLS LDP, page 2
• MPLS LDP Functional Overview, page 2
• LDP and TDP Support, page 2
• Introduction to LDP Sessions, page 3
• Introduction to LDP Label Bindings Label Spaces and LDP Identifiers, page 4
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
1
Information About MPLS LDP
Introduction to MPLS LDP
MPLS LDP provides the means for LSRs to request, distribute, and release label prefix binding information
to peer routers in a network. LDP enables LSRs to discover potential peers and to establish LDP sessions
with those peers for the purpose of exchanging label binding information.
MPLS LDP enables one LSR to inform another LSR of the label bindings it has made. Once a pair of
routers communicate the LDP parameters, they establish a label-switched path (LSP). MPLS LDP enables
LSRs to distribute labels along normally routed paths to support MPLS forwarding. This method of label
distribution is also called hop-by-hop forwarding. With IP forwarding, when a packet arrives at a router the
router looks at the destination address in the IP header, performs a route lookup, and forwards the packet to
the next hop. With MPLS forwarding, when a packet arrives at a router the router looks at the incoming
label, looks up the label in a table, and then forwards the packet to the next hop. MPLS LDP is useful for
applications that require hop-by-hop forwarding, such as MPLS VPNs.
MPLS LDP Functional Overview
Cisco MPLS LDP provides the building blocks for MPLS-enabled applications, such as MPS Virtual
Private Networks (VPNs).
Introduction to MPLS LDP
LDP provides a standard methodology for hop-by-hop, or dynamic label, distribution in an MPLS network
by assigning labels to routes that have been chosen by the underlying Interior Gateway Protocol (IGP)
routing protocols. The resulting labeled paths, called label switch paths (LSPs), forward label traffic across
an MPLS backbone to particular destinations. These capabilities enable service providers to implement
MPLS-based IP VPNs and IP+ATM services across multivendor MPLS networks.
LDP and TDP Support
LDP supercedes Tag Distribution Protocol (TDP). See the table below for information about LDP and TDP
support in Cisco IOS releases.
Use caution when upgrading the image on a router that uses TDP. Ensure that the TDP sessions are
established when the new image is loaded. You can accomplish this by issuing the global configuration
command mpls label protocol tdp. Issue this command and save it to the startup configuration before
loading the new image. Alternatively, you can enter the command and save the running configuration
immediately after loading the new image.
Table 1
Train and Release LDP/TDP Support
12.0S Train
LDP and TDP Support
• TDP is enabled by default.
• Cisco IOS Release 12.0(29)S and earlier releases: TDP is
supported for LDP features.
• Cisco IOS Release 12.0(30)S and later releases: TDP is
not support for LDP features.
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
2
Introduction to LDP Sessions
Train and Release LDP/TDP Support
Directly Connected MPLS LDP Sessions
12.2S, SB, and SR Trains
12.T/Mainline Trains
Introduction to LDP Sessions
When you enable MPLS LDP, the LSRs send out messages to try to find other LSRs with which they can
create LDP sessions. The following sections explain the differences between directly connected LDP
sessions and nondirectly connected LDP sessions.
• Directly Connected MPLS LDP Sessions, page 3
• Nondirectly Connected MPLS LDP Sessions, page 4
• LDP is enabled by default.
• Cisco IOS Release 12.2(25)S and earlier releases: TDP is
supported for LDP features.
• Cisco IOS Releases 12.2(27)SBA, 12.2(27)SRA,
12.2(27)SRB and later releases: TDP is not supported for
LDP features.
• Cisco IOS Release 12.3(14)T and earlier releases: TDP is
enabled by default.
• Cisco IOS Releases 12.4 and 12.4T and later releases:
LDP is enabled by default.
• Cisco IOS Release 12.3(11)T and earlier releases: TDP is
supported for LDP features.
• Cisco IOS Release 12.3(14)T and later releases: TDP is
not support ed for LDP features.
Directly Connected MPLS LDP Sessions
If an LSR is one hop from its neighbor, it is directly connected to its neighbor. The LSR sends out LDP link
Hello messages as User Datagram Protocol (UDP) packets to all the routers on the subnet (multicast). A
neighboring LSR may respond to the link Hello message, allowing the two routers to establish an LDP
session. This is called basic discovery.
To initiate an LDP session between routers, the routers determine which router will take the active role and
which router will take the passive role. The router that takes the active role establishes the LDP TCP
connection session and initiates the negotiation of the LDP session parameters. To determine the roles, the
two routers compare their transport addresses. The router with the higher IP address takes the active role
and establishes the session.
After the LDP TCP connection session is established, the LSRs negotiate the session parameters, including
the method of label distribution to be used. Two methods are available:
• Downstream Unsolicited: An LSR advertises label mappings to peers without being asked to.
• Downstream on Demand: An LSR advertises label mappings to a peer only when the peer asks for
them.
For information about creating LDP sessions, see the Enabling Directly Connected LDP Sessions, page
6.
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
3
Nondirectly Connected MPLS LDP Sessions
Nondirectly Connected MPLS LDP Sessions
If the LSR is more than one hop from its neighbor, it is nondirectly connected to its neighbor. For these
nondirectly connected neighbors, the LSR sends out a targeted Hello message as a UDP packet, but as a
unicast message specifically addressed to that LSR. The nondirectly connected LSR responds to the Hello
message and the two routers begin to establish an LDP session. This is called extended discovery.
An MPLS LDP targeted session is a label distribution session between routers that are not directly
connected. When you create an MPLS traffic engineering tunnel interface, you need to establish a label
distribution session between the tunnel headend and the tailend routers. You establish nondirectly
connected MPLS LDP sessions by enabling the transmission of targeted Hello messages.
You can use the mpls ldp neighbor targetedcommand to set up a targeted session when other means of
establishing targeted sessions do not apply, such as configuring mpls ipon a traffic engineering (TE) tunnel
or configuring Any Transport over MPLS (AToM) virtual circuits (VCs). For example, you can use this
command to create a targeted session between directly connected MPLS label switch routers (LSRs) when
MPLS label forwarding convergence time is an issue.
The mpls ldp neighbor targetedcommand can improve label convergence time for directly connected
neighbor LSRs when the link(s) directly connecting them are down. When the links between the neighbor
LSRs are up, both the link and targeted Hellos maintain the LDP session. If the links between the neighbor
LSRs go down, the targeted Hellos maintain the session, allowing the LSRs to retain labels learned from
each other. When a link directly connecting the LSRs comes back up, the LSRs can immediately reinstall
labels for forwarding use without having to reestablish their LDP session and exchange labels.
The exchange of targeted Hello messages between two nondirectly connected neighbors can occur in
several ways, including the following:
Introduction to LDP Label Bindings Label Spaces and LDP Identifiers
• Router 1 sends targeted Hello messages carrying a response request to Router 2. Router 2 sends
targeted Hello messages in response if its configuration permits. In this situation, Router 1 is
considered to be active and Router 2 is considered to be passive.
• Router 1 and Router 2 both send targeted Hello messages to each other. Both routers are considered to
be active. Both, one, or neither router can also be passive, if they have been configured to respond to
requests for targeted Hello messages from each other.
The default behavior of an LSR is to ignore requests from other LSRs that send targeted Hello messages.
You can configure an LSR to respond to requests for targeted Hello messages by issuing the mpls ldp
discovery targeted-hello accept command.
The active LSR mandates the protocol that is used for a targeted session. The passive LSR uses the protocol
of the received targeted Hello messages.
For information about creating MPLS LDP targeted sessions, see the Establishing Nondirectly Connected
MPLS LDP Sessions, page 8.
Introduction to LDP Label Bindings Label Spaces and LDP Identifiers
An LDP label binding is an association between a destination prefix and a label. The label used in a label
binding is allocated from a set of possible labels called a label space.
LDP supports two types of label spaces:
• Interface-specific--An interface-specific label space uses interface resources for labels. For example,
label-controlled ATM (LC-ATM) interfaces use virtual path identifiers/virtual circuit identifiers (VPIs/
VCIs) for labels. Depending on its configuration, an LDP platform may support zero, one, or more
interface-specific label spaces.
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
4
MPLS Label Distribution Protocol (LDP)
• Platform-wide--An LDP platform supports a single platform-wide label space for use by interfaces that
can share the same labels. For Cisco platforms, all interface types, except LC-ATM, use the platformwide label space.
LDP uses a 6-byte quantity called an LDP Identifier (or LDP ID) to name label spaces. The LDP ID is
made up of the following components:
• The first four bytes, called the LPD router ID, identify the LSR that owns the label space.
• The last two bytes, called the local label space ID, identify the label space within the LSR. For the
platform-wide label space, the last two bytes of the LDP ID are always both 0.
The LDP ID takes the following form:
<LDP router ID> : <local label space ID>
The following are examples of LPD IDs:
• 172.16.0.0:0
• 192.168.0.0:3
The router determines the LDP router ID as follows, if the mpls ldp router-id command is not executed,
How to Configure MPLS LDP
The router examines the IP addresses of all operational interfaces.
1
If these IP addresses include loopback interface addresses, the router selects the largest loopback
2
address as the LDP router ID.
Otherwise, the router selects the largest IP address pertaining to an operational interface as the LDP
3
router ID.
The normal (default) method for determining the LDP router ID may result in a router ID that is not usable
in certain situations. For example, the router might select an IP address as the LDP router ID that the
routing protocol cannot advertise to a neighboring router. The mpls ldp router-id command allows you to
specify the IP address of an interface as the LDP router ID. Make sure the specified interface is operational
so that its IP address can be used as the LDP router ID.
When you issue the mpls ldp router-id command without the force keyword, the router select selects the
IP address of the specified interface (provided that the interface is operational) the next time it is necessary
to select an LDP router ID, which is typically the next time the interface is shut down or the address is
configured.
When you issue the mpls ldp router-idcommand with the force keyword, the effect of the mpls ldp
router-idcommand depends on the current state of the specified interface:
• If the interface is up (operational) and if its IP address is not currently the LDP router ID, the LDP
router ID changes to the IP address of the interface. This forced change in the LDP router ID tears
down any existing LDP sessions, releases label bindings learned via the LDP sessions, and interrupts
MPLS forwarding activity associated with the bindings.
•
If the interface is down (not operational) when the mpls ldp router-idinterface force command is
issued, when the interface transitions to up, the LDP router ID changes to the IP address of the
interface. This forced change in the LDP router ID tears down any existing LDP sessions, releases
label bindings learned via the LDP sessions, and interrupts MPLS forwarding activity associated with
the bindings.
How to Configure MPLS LDP
• Enabling Directly Connected LDP Sessions, page 6
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
5
How to Configure MPLS LDP
• Establishing Nondirectly Connected MPLS LDP Sessions, page 8
• Saving Configurations MPLS Tag Switching Commands, page 11
• Specifying the LDP Router ID, page 12
• Preserving QoS Settings with MPLS LDP Explicit Null, page 14
• Protecting Data Between LDP Peers with MD5 Authentication, page 18
Enabling Directly Connected LDP Sessions
This procedure explains how to configure MPLS LDP sessions between two directly connected routers.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
mpls ip
4.
mpls label protocol {ldp | tdp | both}
5.
Router(config)# interface type number
6.
mpls ip
7.
exit
8.
exit
9.
show mpls interfaces [interface] [detail
10.
show mpls ldp discovery [all | vrf vpn-name] [detail
11.
show mpls ldp neighbor [[vrf vpn-name] [address | interface] [detail] | [all]]
Enabling Directly Connected LDP Sessions
DETAILED STEPS
Command or Action
Step 1
Step 2
Step 3
enable
Example:
Router> enable
configure terminal
Example:
Router# configure terminal
mpls ip
Example:
Router(config)# mpls ip
Purpose
Enables privileged EXEC mode.
• Enter your password if prompted.
Enters global configuration mode.
Configures MPLS hop-by-hop forwarding globally.
•
The mpls ip command is enabled by default; you do not have
to specify this command.
• Globally enabling MPLS forwarding does not enable it on the
router interfaces. You must enable MPLS forwarding on the
interfaces as well as for the router.
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
6
MPLS Label Distribution Protocol (LDP)
Command or Action Purpose
How to Configure MPLS LDP
Step 4
Step 5
Step 6
Step 7
mpls label protocol {ldp | tdp | both}
Example:
Router(config)# mpls label protocol ldp
Router(config)# interface type number
Example:
Router(config)# interface ethernet3/0
mpls ip
Example:
Router(config-if)# mpls ip
exit
Example:
Router(config-if)# exit
Configures the use of LDP on all interfaces. LDP is the default.
• If you set all interfaces globally to LDP, you can override
specific interfaces with either the tdp or both keyword by
specifying the command in interface configuration mode.
Specifies the interface to be configured and enters interface
configuration mode.
Configures MPLS hop-by-hop forwarding on the interface.
• You must enable MPLS forwarding on the interfaces as well
as for the router.
Exits interface configuration mode and enters global configuration
mode.
Step 8
Step 9
Step 10
exit
Example:
Router(config)# exit
show mpls interfaces [interface] [detail
Example:
Router# show mpls interfaces
show mpls ldp discovery [all | vrf vpn-name] [detail
Example:
Router# show mpls ldp discovery
Exits global configuration mode and enters privileged EXEC
mode.
Verifies that the interfaces have been configured to use LDP, TDP,
or both.
Verifies that the interface is up and is sending Discovery Hello
messages.
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
7
How to Configure MPLS LDP
Command or Action Purpose
Establishing Nondirectly Connected MPLS LDP Sessions
Step 11
show mpls ldp neighbor [[vrf vpn-name] [address |
interface] [detail] | [all]]
Example:
Router# show mpls ldp neighbor
Examples
The following show mpls interfaces command verifies that interfaces Ethernet 1/0 and 1/1 have been
configured to use LDP:
Router# show mpls interfaces
Interface IP Tunnel BGP Static Operational
Ethernet3/0 Yes (ldp) No No No Yes
Ethernet3/1 Yes No No No Yes
The following show mpls ldp discovery command verifies that the interface is up and is sending LDP
Discovery Hello messages (as opposed to TDP Hello messages):
Router# show mpls ldp discovery
Local LDP Identifier:
172.16.12.1:0
Discovery Sources:
Interfaces:
Ethernet3/0 (ldp): xmit
The following example shows that the LDP session between routers was successfully established:
Displays the status of LDP sessions.
Router# show mpls ldp neighbor
Peer LDP Ident: 10.1.1.2:0; Local LDP Ident 10.1.1.1:0
TCP connection: 10.1.1.2.18 - 10.1.1.1.66
State: Oper; Msgs sent/rcvd: 12/11; Downstream
Up time: 00:00:10
LDP discovery sources:
FastEthernet1/0, Src IP addr: 10.20.10.2
Addresses bound to peer LDP Ident:
10.1.1.2 10.20.20.1 10.20.10.2
For examples on configuring directly connected LDP sessions, see the Configuring Directly Connected
MPLS LDP Sessions Example, page 21.
Establishing Nondirectly Connected MPLS LDP Sessions
This section explains how to configure nondirectly connected MPLS LDP sessions, which enable you to
establish an LDP session between routers that are not directly connected.
• MPLS requires CEF.
• You must configure the routers at both ends of the tunnel to be active or enable one router to be
passive with the mpls ldp discovery targeted-hello accept command.
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
8
MPLS Label Distribution Protocol (LDP)
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
mpls ip
4.
mpls label protocol {ldp | tdp | both}
5.
interface tunnelnumber
6.
tunnel destination ip-address
7.
mpls ip
8.
exit
9.
exit
10.
show mpls ldp discovery [all | vrf vpn-name] [detail
DETAILED STEPS
Command or Action Purpose
How to Configure MPLS LDP
Step 1
Step 2
Step 3
Step 4
enable
Example:
Router> enable
configure terminal
Example:
Router# configure terminal
mpls ip
Example:
Router(config)# mpls ip
mpls label protocol {ldp | tdp | both}
Example:
Router(config)# mpls label protocol ldp
Enables privileged EXEC mode.
• Enter your password if prompted.
Enters global configuration mode.
Configures MPLS hop-by-hop forwarding globally.
•
The mpls ip command is enabled by default; you do not have to
specify this command.
• Globally enabling MPLS forwarding does not enable it on the
router interfaces. You must enable MPLS forwarding on the
interfaces as well as for the router.
Configures the use of LDP on all interfaces. LDP is the default.
• If you set all interfaces globally to LDP, you can override
specific interfaces with either the tdp or both keyword by
specifying the command in interface configuration mode.
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
9
How to Configure MPLS LDP
Command or Action Purpose
MPLS Label Distribution Protocol (LDP)
Step 5
Step 6
Step 7
Step 8
interface tunnelnumber
Example:
Router(config)# interface tunnel1
tunnel destination ip-address
Example:
Router(config-if)# tunnel destination
172.16.1.1
mpls ip
Example:
Router(config-if)# mpls ip
exit
Example:
Configures a tunnel interface and enters interface configuration
mode.
Assigns an IP address to the tunnel interface.
Configures MPLS hop-by-hop forwarding on the interface.
• You must enable MPLS forwarding on the interfaces as well as
for the router.
Exits interface configuration mode and enters global configuration
mode.
Step 9
Step 10
Router(config-if)# exit
exit
Example:
Router(config)# exit
show mpls ldp discovery [all | vrf vpn-name]
[detail
Example:
Router# show mpls ldp discovery
Example
The following example shows the output of the show mpls ldp discovery command for a nondirectly
connected LDP session.
Router# show mpls ldp discovery
Local LDP Identifier:
172.16.0.0:0
Discovery Sources:
Exits global configuration mode and enters privileged EXEC mode.
Verifies that the interface is up and is sending Discovery Hello
messages.
10
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
Saving Configurations MPLS Tag Switching Commands
Interfaces:
POS2/0 (ldp): xmit/recv
LDP Id: 172.31.255.255:0
Tunnel1 (ldp): Targeted -> 192.168.255.255
Targeted Hellos:
172.16.0.0 -> 192.168.255.255 (ldp): active, xmit/recv
LDP Id: 192.168.255.255:0
172.16.0.0 -> 192.168.0.0 (tdp): passive, xmit/recv
TDP Id: 192.168.0.0:0
This command output indicates that:
• The local LSR (172.16.0.0) sent LDP link Hello messages on interface POS2/0 and discovered
neighbor 172.31.255.255.
• The local LSR sent LDP targeted Hello messages associated with interface Tunnel1 to target
192.168.255.255. The LSR was configured to use LDP.
• The local LSR is active for targeted discovery activity with 192.168.255.255; this means that the
targeted Hello messages it sends to 192.168.255.255 carry a response request. The local LSR was
configured to have an LDP session with the nondirectly connected LSR 192.168.255.255.
• The local LSR is not passive from the discovery activity with 192.168.255.255 for one of the
following reasons:
◦ The targeted Hello messages it receives from 192.168.255.255 do not carry a response request.
◦ The local LSR has not been configured to respond to such requests.
• The local LSR sent TDP directed Hello messages to the target LSR 192.168.0.0. This LSR uses TDP
because the Hello messages received from the target LSR 192.168.0.0 were TDP directed Hello
messages.
• The local LSR is passive in discovery activity with LSR 192.168.0.0. This means that the directed
Hello messages it receives from LSR 192.168.0.0 carry a response request and that the local LSR has
been configured with the mpls ldp discovery targeted-hello accept command to respond to such
requests from LSR 192.168.0.0.
• The local LSR is not active in discovery activity with LSR 192.168.0.0, because no application that
requires an LDP session with LSR 192.168.0.0 has been configured on the local LSR.
How to Configure MPLS LDP
For examples of configuring LDP targeted sessions, see the Establishing Nondirectly Connected MPLS
LDP Sessions Example, page 23.
Saving Configurations MPLS Tag Switching Commands
In releases of Cisco IOS software prior to 12.4(2)T, some MPLS commands had both a tag-switching
version and an MPLS version. For example, the two commands tag-switching ip and mpls ip were the
same. To support backward compatibility, the tag-switching form of the command was written to the saved
configuration.
Starting in Cisco IOS Release 12.4(2)T, the MPLS form of the command is written to the saved
configuration.
For example, if an ATM interface is configured using the following commands, which have both a tagswitching form and an MPLS form:
Router(config)# interface ATM3/0
Router(config-if)# ip unnumbered Loopback0
router(config-if)# tag-switching ip
Router(config-if)# mpls label protocol ldp
After you enter these commands and save this configuration or display the running configuration with the
show runningcommand, the commands saved or displayed appear as follows:
interface ATM3/0
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
11
How to Configure MPLS LDP
ip unnumbered Loopback0
mpls ip
mpls label protocol ldp
Specifying the LDP Router ID
The mpls ldp router-id command allows you to establish the IP address of an interface as the LDP router
ID.
The following steps describe the normal process for determining the LDP router ID:
The router considers all the IP addresses of all operational interfaces.
1
If these addresses include loopback interface addresses, the router selects the largest loopback address.
2
Configuring a loopback address helps ensure a stable LDP ID for the router, because the state of
loopback addresses does not change. However, configuring a loopback interface and IP address on each
router is not required.
The loopback IP address does not become the router ID of the local LDP ID under the following
circumstances:
• ◦ If the loopback interface has been explicitly shut down.
◦
If the mpls ldp router-id command specifies that a different interface should be used as the LDP
router ID.
Specifying the LDP Router ID
If you use a loopback interface, make sure that the IP address for the loopback interface is configured with
a /32 network mask. In addition, make sure that the routing protocol in use is configured to advertise the
corresponding /32 network.
Otherwise, the router selects the largest interface address.
1
The router might select a router ID that is not usable in certain situations. For example, the router might
select an IP address that the routing protocol cannot advertise to a neighboring router.
The router implements the router ID the next time it is necessary to select an LDP router ID. The effect of
the command is delayed until the next time it is necessary to select an LDP router ID, which is typically the
next time the interface is shut down or the address is deconfigured.
If you use the force keyword with the mpls ldp router-id command, the router ID takes effect more
quickly. However, implementing the router ID depends on the current state of the specified interface:
• If the interface is up (operational) and its IP address is not currently the LDP router ID, the LDP router
ID is forcibly changed to the IP address of the interface. This forced change in the LDP router ID tears
down any existing LDP sessions, releases label bindings learned via the LDP sessions, and interrupts
MPLS forwarding activity associated with the bindings.
• If the interface is down, the LDP router ID is forcibly changed to the IP address of the interface when
the interface transitions to up. This forced change in the LDP router ID tears down any existing LDP
sessions, releases label bindings learned via the LDP sessions, and interrupts MPLS forwarding
activity associated with the bindings.
Make sure the specified interface is operational before assigning it as the LDP router ID.
12
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
MPLS Label Distribution Protocol (LDP)
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
mpls ip
4.
mpls label protocol {ldp | tdp | both}
5.
mpls ldp router-id interface [force]
6.
exit
7.
show mpls ldp discovery [all | detail |vrf vpn-name]
DETAILED STEPS
Command or Action Purpose
How to Configure MPLS LDP
Step 1
Step 2
Step 3
Step 4
enable
Example:
Router> enable
configure terminal
Example:
Router# configure terminal
mpls ip
Example:
Router(config)# mpls ip
mpls label protocol {ldp | tdp | both}
Example:
Router(config)# mpls label protocol ldp
Enables privileged EXEC mode.
• Enter your password if prompted.
Enters global configuration mode.
Configures MPLS hop-by-hop forwarding globally.
•
The mpls ip command is enabled by default; you do not have
to specify this command.
• Globally enabling MPLS forwarding does not enable it on the
router interfaces. You must enable MPLS forwarding on the
interfaces as well as for the router.
Configures the use of LDP on all interfaces. LDP is the default.
• If you set all interfaces globally to LDP, you can override
specific interfaces with either the tdp or both keyword by
specifying the command in interface configuration mode.
Step 5
mpls ldp router-id interface [force]
Example:
Router(config)# mpls ldp
Specifies the preferred interface for determining the LDP router ID.
router-id pos2/0/0
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
13
How to Configure MPLS LDP
Command or Action Purpose
Preserving QoS Settings with MPLS LDP Explicit Null
Step 6
Step 7
exit
Example:
Router(config)# exit
show mpls ldp discovery [all | detail |vrf vpnname]
Example:
Router# show mpls ldp discovery
Example
The following example assigns interface pos2/0/0 as the LDP router ID:
Router> enable
Router# configure terminal
Router(config)# mpls ip
Router(config)# mpls label protocol ldp
Router(config)#
mpls ldp router-id pos2/0/0 force
The following example displays the LDP router ID (10.15.15.15):
Exits global configuration mode and enters privileged EXEC mode.
Displays the LDP identifier for the local router.
Router# show mpls ldp discovery
Local LDP Identifier:
10.15.15.15:0
Discovery Sources:
Interfaces:
Ethernet4 (ldp): xmit/recv
LDP Id: 10.14.14.14:0
Preserving QoS Settings with MPLS LDP Explicit Null
Normally, LDP advertises an Implicit Null label for directly connected routes. The Implicit Null label
causes the second last (penultimate) label switched router (LSR) to remove the MPLS header from the
packet. In this case, the penultimate LSR and the last LSR do not have access to the quality of service
(QoS) values that the packet carried before the MPLS header was removed. To preserve the QoS values,
you can configure the LSR to advertise an explicit NULL label (a label value of zero). The LSR at the
penultimate hop forwards MPLS packets with a NULL label instead of forwarding IP packets.
Note
An explicit NULL label is not needed when the penultimate hop receives MPLS packets with a label stack
that contains at least two labels and penultimate hop popping is performed. In that case, the inner label can
still carry the QoS value needed by the penultimate and edge LSR to implement their QoS policy.
When you issue the mpls ldp explicit-null command, Explicit Null is advertised in place of Implicit Null
for directly connected prefixes.
14
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
MPLS Label Distribution Protocol (LDP)
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
mpls ip
4.
mpls label protocol {ldp | tdp | both}
5.
interface type number
6.
mpls ip
7.
exit
8.
mpls ldp explicit-null [for prefix-acl | to peer-acl | for prefix-acl to peer-acl]
9.
exit
10.
show mpls forwarding-table [network {mask | length} | labels label [- label] | interface interface |
next-hop address | lsp-tunnel[tunnel-id]] [vrf vpn-name] [detail]
DETAILED STEPS
How to Configure MPLS LDP
Step 1
Step 2
Step 3
Step 4
Command or Action Purpose
enable
Enables privileged EXEC mode.
• Enter your password if prompted.
Example:
Router> enable
configure terminal
Example:
Router# configure terminal
mpls ip
Example:
Enters global configuration mode.
Configures MPLS hop-by-hop forwarding globally.
•
The mpls ip command is enabled by default; you do not
have to specify this command.
• Globally enabling MPLS forwarding does not enable it on
Router(config)# mpls ip
the router interfaces. You must enable MPLS forwarding on
the interfaces as well as for the router.
mpls label protocol {ldp | tdp | both}
Configures the use of LDP on all interfaces. LDP is the default.
• If you set all interfaces globally to LDP, you can override
Example:
Router(config)# mpls label protocol ldp
specific interfaces with either the tdp or both keyword by
specifying the command in interface configuration mode.
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
15
How to Configure MPLS LDP
Command or Action Purpose
MPLS Label Distribution Protocol (LDP)
Step 5
Step 6
Step 7
Step 8
interface type number
Example:
Router(config)# interface atm2/0
mpls ip
Example:
Router(config-if)# mpls ip
exit
Example:
Router(config-if)# exit
mpls ldp explicit-null [for prefix-acl | to peer-acl |
for prefix-acl to peer-acl]
Specifies the interface to be configured and enters interface
configuration mode.
Configures MPLS hop-by-hop forwarding on the interface.
• You must enable MPLS forwarding on the interfaces as well
as for the router.
Exits interface configuration mode and enters global
configuration mode.
Advertises an Explicit Null label in situations where it would
normally advertise an Implicit Null label.
Step 9
Step 10
Example:
Router(config)# mpls ldp explicit-null
exit
Example:
Router(config)# exit
show mpls forwarding-table [network {mask |
length} | labels label [- label] | interface interface |
next-hop address | lsp-tunnel[tunnel-id]] [vrf vpnname] [detail]
Example:
Router# show mpls forwarding-table
Exits global configuration mode and enter privileged EXEC
mode.
Verifies that MPLS packets are forwarded with an explicit-null
label (value of 0).
16
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
MPLS Label Distribution Protocol (LDP)
Examples
Enabling explicit-null on an egress LSR causes that LSR to advertise the explicit-null label to all adjacent
MPLS routers.
Router# configure terminal
Router(config)# mpls ldp explicit-null
If you issue the show mpls forwarding-table command on an adjacent router, the output shows that MPLS
packets are forwarded with an explicit-null label (value of 0). In the following example, the second column
shows that entries have outgoing labels of 0, where once they were marked “Pop label”.
Router# show mpls forwarding-table
Local Outgoing Prefix Bytes label Outgoing Next Hop
label label or VC or Tunnel Id switched interface
19 Pop tag 10.12.12.12/32 0 Fa2/1/0 172.16.0.1
22 0 10.14.14.14/32 0 Fa2/0/0 192.168.0.2
23 0 172.24.24.24/32 0 Fa2/0/0 192.168.0.2
24 0 192.168.0.0/8 0 Fa2/0/0 192.168.0.2
25 0 10.15.15.15/32 0 Fa2/0/0 192.168.0.2
26 0 172.16.0.0/8 0 Fa2/0/0 192.168.0.2
27 25 10.16.16.16/32 0 Fa2/0/0 192.168.0.22
28 0 10.34.34.34/32 0 Fa2/0/0 192.168.0.2
Enabling explicit-null and specifying the forkeyword with a standard access control list (ACL) changes all
adjacent MPLS routers' tables to swap an explicit-null label for only those entries specified in the accesslist. In the following example, an access-list is created that contains the 10.24.24.24/32 entry. Explicit null
is configured and the access list is specified.
How to Configure MPLS LDP
Router# configure terminal
Router(config)# mpls label protocol ldp
Router(config)# access-list 24 permit host 10.24.24.24
Router(config)# mpls ldp explicit-null for 24
If you issue the show mpls forwarding-table command on an adjacent router, the output shows that the
only the outgoing labels for the addresses specified (172.24.24.24/32) change from Pop label to 0. All other
Pop label outgoing labels remain the same.
Router# show mpls forwarding-table
Local Outgoing Prefix Bytes label Outgoing Next Hop
label label or VC or Tunnel Id switched interface
19 Pop tag 10.12.12.12/32 0 Fa2/1/0 172.16.0.1
22 0 10.14.14.14/32 0 Fa2/0/0 192.168.0.2
23 0 172.24.24.24/32 0 Fa2/0/0 192.168.0.2
24 0 192.168.0.0/8 0 Fa2/0/0 192.168.0.2
25 0 10.15.15.15/32 0 Fa2/0/0 192.168.0.2
26 0 172.16.0.0/8 0 Fa2/0/0 192.168.0.2
27 25 10.16.16.16/32 0 Fa2/0/0 192.168.0.22
28 0 10.34.34.34/32 0 Fa2/0/0 192.168.0.2
Enabling explicit null and adding the to keyword and an access list enables you to advertise explicit-null
labels to only those adjacent routers specified in the access-list.To advertise explicit-null to a particular
router, you must specify the router's LDP ID in the access-list.
In the following example, an access-list contains the 10.15.15.15/32 entry, which is the LDP ID of an
adjacent MPLS router. The router that is configured with explicit null advertises explicit-null labels only to
that adjacent router.
Router# show mpls ldp discovery
Local LDP Identifier:
10.15.15.15:0
Discovery Sources:
Interfaces:
Ethernet4 (ldp): xmit/recv
TDP Id: 10.14.14.14:0
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
17
How to Configure MPLS LDP
Router# configure terminal
Router(config)# mpls label protocol ldp
Router(config)# access-list 15 permit host 10.15.15.15
Router(config)# mpls ldp explicit-null to 15
If you issue the show mpls forwarding-table command, the output shows that explicit null labels are
going only to the router specified in the access list.
Router# show mpls forwarding-table
Local Outgoing Prefix Bytes label Outgoing Next Hop
label label or VC or Tunnel Id switched interface
19 Pop tag 10.12.12.12/32 0 Fa2/1/0 172.16.0.1
22 0 10.14.14.14/32 0 Fa2/0/0 192.168.0.2
23 0 172.24.24.24/32 0 Fa2/0/0 192.168.0.2
24 0 192.168.0.0/8 0 Fa2/0/0 192.168.0.2
25 0 10.15.15.15/32 0 Fa2/0/0 192.168.0.2
26 0 172.16.0.0/8 0 Fa2/0/0 192.168.0.2
27 25 10.16.16.16/32 0 Fa2/0/0 192.168.0.22
28 0 10.34.34.34/32 0 Fa2/0/0 192.168.0.2
Enabling explicit-null with both the forand tokeywords enables you to specify which routes to advertise
with explicit-null labels and to which adjacent routers to advertise these explicit-null labels.
Router# show access 15
Standard IP access list 15
permit 10.15.15.15 (7 matches)
Router# show access 24
Standard IP access list 24
permit 10.24.24.24 (11 matches)
Router# configure terminal
Router(config)# mpls label protocol ldp
Router(config)# mpls ldp explicit-null for 24 to 15
If you issue the show mpls forwarding-table command on the router called 47K-60-4, the output shows
that it receives explicit null labels for 10.24.24.24/32.
Protecting Data Between LDP Peers with MD5 Authentication
Router# show mpls forwarding-table
Local Outgoing Prefix Bytes label Outgoing Next Hop
label label or VC or Tunnel Id switched interface
17 0 <--- 10.24.24.24/32 0 Et4 172.16.0.1
20 Pop tag 172.16.0.0/8 0 Et4 172.16.0.1
21 20 10.12.12.12/32 0 Et4 172.16.0.1
22 16 10.0.0.0/8 0 Et4 172.16.0.1
23 21 10.13.13.13/32 0 Et4 172.16.0.1
25 Pop tag 10.14.14.14/32 0 Et4 172.16.0.1
27 Pop tag 192.168.0.0/8 0 Et4 172.16.0.1
28 25 10.16.16.16/32 0 Et4 172.16.0.1
29 Pop tag 192.168.34.34/32 0 Et4 172.16.0.1
Protecting Data Between LDP Peers with MD5 Authentication
You can enable authentication between two LDP peers, which verifies each segment sent on the TCP
connection between the peers. You must configure authentication on both LDP peers using the same
password; otherwise, the peer session is not established.
Authentication uses the Message Digest 5 (MD5) algorithm to verify the integrity of the communication
and authenticate the origin of the message.
To enable authentication, issue the mpls ldp neighborcommand with the passwordkeyword. This causes
the router to generate an MD5 digest for every segment sent on the TCP connection and check the MD5
digest for every segment received from the TCP connection.
When you configure a password for an LDP neighbor, the router tears down existing LDP sessions and
establishes new sessions with the neighbor.
18
MPLS LDP Configuration Guide, Cisco IOS Release 12.4
Loading...