[c-nsp] IOS XR PIC (+ multipath)

Oliver Boehmer (oboehmer) oboehmer at cisco.com
Wed Jan 9 06:02:49 EST 2013 

Adam.

>Thank you very much for clarifying the multipath-protect feature.
>Right for multipath there are alternate paths installed in FIB already so
>in
>case one fails others serve as backup.
>
>I've just realized I forgot the "advertise best-external" cmd in configs
>below
>-which is necessary to get the alternate paths propagated across the
>network
>
>Now to my question
>I was strongly advised by the SE team NOT to use the combo of multipath +
>backup-path:
>The reasoning behind it was basically that it was not tested by big ISPs
>-so
>I guess no one really knows how it behaves in production networks.

Well, I agree that we don't have much deployment exposure of
multipath+backup, but I don't consider this such a big deal as the
mechanisms are the same, we just have more than one active path. I guess
one use case could be if both active next-hops share the same risk group
(i.e. both could go down at the same time), where a backup path could be
benefitial. If this is not the case in your environment, I would not
enable mulitpath-protect.

> 
>I also heard an argument that best-external could cause loops in some
>cases
>-though I can't really think of such a scenario -and would love to be
>schooled on that.

hmm, the only real loop situation I know is when you use per-vrf labels.
the active PE-CE link fails, the active PE sends the packets to the
standby, who performs an aggregate lookup on the vrf label. As its RIB/FIB
haven't been updated (BGP control-plane hasn't converged), it still sees
the active path as best, and sends the packet back to the active. With
per-prefix labels, this won't happen as the standby PE won't need to do a
VRF IP lookup and just switches the packet to the CE.

But this loop is not limited to best-external, it can also occur if you
use eibgp load-sharing with per-vrf labels.

So not sure what you mean, I would consider best-external a safe and
required feature to achieve fast convergence in active/standby scenarios.

> 
> 
>router bgp 123
> vrf test
>  address-family ipv4 unicast
>   additional-paths selection route-policy RP-PIC
>   advertise best-external
>   maximum-paths eibgp 8
>
>So please are there any issues/corner cases where it can cause issues -or
>it's just a lack of production testing?

assuming you are referring to multipath-protect: I don't see a big risk it
causing issues, maybe you want to double-check by giving it a bit more
testing it in your environment, but I would wonder why you want to use it?

	oli

P.S: Did I mention that I'll do a full breakout session on BGP-PIC at
CiscoLive London end of the month? ;-)

More information about the cisco-nsp mailing list