[c-nsp] MPLS VPN traffic engineering tunnel selection

Peter Rathlev peter at rathlev.dk
Thu Apr 10 08:35:22 EDT 2008 

Hi,

I have this really "simple" thing about MPLS TE that I don't understand.
I have TE working nicely-ish in the lab with no problems, but I'm
missing a crucial part in my understanding of the MPLS VPN + TE
combination.

The setup is as follows:
                   
         +-----+             +-----+
+-----+  |     |-------------|     |  +-----+
| CE1 |--| PE1 |   +----+    | PE2 |--| CE2 |
+-----+  |     |---| P1 |----|     |  +-----+
         +-----+   +----+    +-----+
 
It's ISIS for an IGP. PE's and P are all 6500/Sup720 running SXF.
Regular MPLS VPN (rfc2547) works with no problems. TE configuration went
smooth too, having what seems like all the right information in the ISIS
database. For PE-CE I tried both BGP and static routing.

I tested MPLE TE explicit path, and it works like a charm. Natural path
(PE1 directly to PE2) is replaced by an explicit path through P1. I
haven't tested CBR yet, but can't see why it shouldn't work.

Now to the problem: What I don't understand is how I can use a tunnel
selectively in a specific VRF. Right now, any traffic from PE1 to PE2
uses the tunnel. In "regular" MPLS VPN, a prefix from CE2 looks
something like "impose {X Y}" on PE1, with X and Y being VPN and
next-hop/loopback-labels. Using explicit path, I get "impose {Z Y}",
with Z being the new LSP to PE2 through the tunnel. That works fine, but
I would like to have only e.g. VRF A use a specific path, not all MPLS
traffic between PEs. And I really can't seem to find out how that's
accomplished.

I tried (creatively) something like:

ip route vrf A 10.66.0.0 255.255.255.0 Tunnel40 10.22.0.1 global

explicitly on PE1, where 10.66.0.0/24 is a net originating from CE2 and
10.22.0.1 is PE2s loopback. This semi "works": I can have the packets
use the TE LSP, but PE1 then only imposes the TE label on entry, not the
VPN label. How the fudge does it work? ;-) I'm probably overlooking
something simple. Can anybody give me a clue?

I tried browsing through LOTS of documents on cisco.com, but can't seem
to find any that describe how to use tunnels selectively, apart from
Class Based Tunnel Selection, which is not what I want.

Thanks in advance,
Peter

More information about the cisco-nsp mailing list