[j-nsp] Prefix independent convergence and FIB backup path

Michael Hare michael.hare at wisc.edu
Thu Feb 8 08:31:42 EST 2018 

Hi Mark-

We had a long thread on a similar topic last spring, if you haven't browsed through this you may find it valuable.

https://puck.nether.net/pipermail/juniper-nsp/2017-April/034145.html

-Michael

> -----Original Message-----
> From: juniper-nsp [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf
> Of Mark Smith
> Sent: Thursday, February 8, 2018 6:02 AM
> To: juniper-nsp at puck.nether.net
> Subject: [j-nsp] Prefix independent convergence and FIB backup path
> 
> Hi list,
> 
> Test topology below. 2x MX80 with dual ip transit (full table ~600k
> prefixes). TRA1 preferred over TRA2 (Localpref 200 set by PE1 import
> policy). Plain unlabeled inet.0, no mpls in use. In lab topology both
> transits belong to same AS65502.
> 
> What I'm trying to accomplish is somewhat faster failover time in case
> of primary transit failure. In case of no tuning the failover (FIB
> programming) can take up to 10 minutes.
> 
> 
> --------        --------
> | TRA1 |        | TRA2 |   AS65502
> --------        --------
>    | xe-1/3/0      | xe-1/3/0
> -------         -------
> | PE1 | --ae0-- | PE2 |    AS65501
> -------         -------
>    |
> -----------
> | test pc |
> -----------
> 
> In the lab PE1 and PE2 are MX80s running 15.1R6.7.
> I have configured BGP add-path and PIC edge (routing-options protect
> core) on both PEs.
> All looks ok on PE1. Both primary and backup paths are installed in
> FIB. PE1 converges fast.
> The backup path is missing in PE2 FIB. When PE1-TRA1 cable is cut PE1
> quickly switches to backup path but PE2 does not and the result is a
> temporary routing loop between PE1 and PE2.
> If I switch the active transit to PE2 (set LP220 on TRA2 import on
> PE2, no other changes), the situation is reversed. All looks ok on PE2
> but not on PE1. So it looks like the PIC works only on the box
> connected to primary transit (=EBGP route is better than IBGP route).
> NHS/no-NHS on ibgp export does not have an effect. Is this a bug,
> feature, or am I doing something wrong?
> 
> I know that a better solution could be to get rid of full table and
> just use 2x default route from upstream... anyways I would like to get
> more familiar with PIC.
> 
> Stable situation, all ok on PE1:
> admin at PE1> show route table inet.0 8.8.8.8
> 
> inet.0: 607797 destinations, 1823329 routes (607797 active, 0
> holddown, 0 hidden)
> @ = Routing Use Only, # = Forwarding Use Only
> + = Active Route, - = Last Active, * = Both
> 
> 8.8.8.0/24         @[BGP/170] 05:03:44, localpref 200
>                       AS path: 65502 65200 25091 15169 I,
> validation-state: unverified
>                     > to 10.100.100.133 via xe-1/3/0.0
>                     [BGP/170] 05:05:55, localpref 100, from 10.100.100.40
>                       AS path: 65502 65200 25091 15169 I,
> validation-state: unverified
>                     > to 10.100.100.137 via ae0.0
>                    #[Multipath/255] 05:02:54
>                     > to 10.100.100.133 via xe-1/3/0.0
>                       to 10.100.100.137 via ae0.0
> 
> admin at PE1> show route forwarding-table destination 8.8.8.8 table
> default extensive
> Routing table: default.inet [Index 0]
> Internet:
> 
> Destination:  8.8.8.0/24
>   Route type: user
>   Route reference: 0                   Route interface-index: 0
>   Multicast RPF nh index: 0
>   Flags: sent to PFE, rt nh decoupled
>   Next-hop type: unilist               Index: 1048575  Reference: 607767
>   Nexthop: 10.100.100.133
>   Next-hop type: unicast               Index: 826      Reference: 4
>   Next-hop interface: xe-1/3/0.0    Weight: 0x1
>   Nexthop: 10.100.100.137
>   Next-hop type: unicast               Index: 827      Reference: 3
>   Next-hop interface: ae0.0         Weight: 0x4000
> 
> 
> But not on PE2:
> admin at PE2> show route table inet.0 8.8.8.8
> 
> inet.0: 607798 destinations, 1215564 routes (607798 active, 607766
> holddown, 0 hidden)
> @ = Routing Use Only, # = Forwarding Use Only
> + = Active Route, - = Last Active, * = Both
> 
> 8.8.8.0/24         *[BGP/170] 00:02:10, localpref 200, from 10.100.100.30
>                       AS path: 65502 65200 25091 15169 I,
> validation-state: unverified
>                     > to 10.100.100.136 via ae0.0
>                     [BGP/170] 1d 01:54:47, localpref 100
>                       AS path: 65502 65200 25091 15169 I,
> validation-state: unverified
>                     > to 10.100.100.134 via xe-1/3/0.0
> 
> admin at PE2> show route forwarding-table destination 8.8.8.8 table
> default extensive
> Routing table: default.inet [Index 0]
> Internet:
> 
> Destination:  8.8.8.0/24
>   Route type: user
>   Route reference: 0                   Route interface-index: 0
>   Multicast RPF nh index: 0
>   Flags: sent to PFE
>   Next-hop type: indirect              Index: 1048574  Reference: 607767
>   Nexthop: 10.100.100.136
>   Next-hop type: unicast               Index: 790      Reference: 11
>   Next-hop interface: ae0.0
> 
> 
> 
> During TRA1 failure before PE2 convergence
> --------------------------------------------
> 
> [root at test-pc ~]# traceroute -n 8.8.8.8
> traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
>  1  192.168.23.1  0.542 ms  0.574 ms  0.543 ms
>  2  10.100.100.137  0.289 ms  0.274 ms  0.250 ms
>  3  10.100.100.136  0.533 ms  0.521 ms  0.508 ms
>  4  10.100.100.137  0.299 ms  0.283 ms  0.276 ms
>  5  10.100.100.136  0.442 ms  0.401 ms  0.388 ms
>  6  10.100.100.137  0.325 ms  0.271 ms  0.257 ms
>  7  10.100.100.136  0.298 ms  0.297 ms  0.314 ms
>  8  10.100.100.137  0.316 ms  0.310 ms  0.288 ms
>  9  10.100.100.136  0.264 ms  0.382 ms  0.303 ms
> 10  10.100.100.137  0.339 ms  0.326 ms  0.315 ms
> 11  10.100.100.136  0.348 ms  0.331 ms  0.306 ms
> 12  10.100.100.137  0.297 ms  0.353 ms  0.330 ms
> 13  10.100.100.136  0.347 ms  0.338 ms  0.316 ms
> 14  10.100.100.137  0.346 ms  0.324 ms  0.300 ms
> 15  10.100.100.136  0.329 ms  0.352 ms  0.334 ms
> 16  10.100.100.137  0.381 ms  0.363 ms  0.353 ms
> 17  10.100.100.136  0.328 ms  0.329 ms  0.317 ms
> 18  10.100.100.137  0.475 ms  0.386 ms  0.370 ms
> 19  10.100.100.136  0.392 ms  0.373 ms  0.369 ms
> 20  10.100.100.137  0.394 ms  0.463 ms  0.407 ms
> 21  10.100.100.136  0.368 ms  0.374 ms  0.404 ms
> 22  10.100.100.137  0.457 ms  0.416 ms  0.404 ms
> 23  10.100.100.136  0.353 ms  1.448 ms  1.405 ms
> 24  10.100.100.137  0.468 ms  0.455 ms  0.475 ms
> 25  10.100.100.136  1.240 ms  1.276 ms  1.256 ms
> 26  10.100.100.137  0.438 ms  0.475 ms  0.414 ms
> 27  10.100.100.136  1.106 ms  1.097 ms  1.082 ms
> 28  10.100.100.137  0.475 ms  0.452 ms  0.415 ms
> 29  10.100.100.136  0.924 ms  0.880 ms  0.827 ms
> 30  10.100.100.137  0.459 ms  0.443 ms  0.423 ms
> 
> (Note about lab: 8.8.8.8 is a loopback address on the MX router acting
> as both TRA1 and TRA2. DFZ is fed to that box with bgp_simple script)
> 
> 
> Thanks
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list