[j-nsp] Longest Match for LDP (RFC5283)
James Bensley
jwbensley at gmail.com
Mon Jul 30 05:14:43 EDT 2018
Hi Krasimir, Krzysztof,
On 24 July 2018 at 17:25, Krasimir Avramski <krasi at smartcom.bg> wrote:
> It is used in Access Nodes(default route to AGN) with
> LDP-DOD(Downstream-on-Demand) Seamless MPLS architectures - RFC7032
> A sample with LDP->BGP-LU redistribution on AGN is here.
Thanks Krasimir. Sorry for the delay, I read
https://tools.ietf.org/html/rfc7032,
https://tools.ietf.org/html/rfc5283 and
https://tools.ietf.org/html/draft-ietf-mpls-seamless-mpls-07 before
responding.
On 25 July 2018 at 09:14, Krzysztof Szarkowicz <kszarkowicz at gmail.com> wrote:
> The purpose of “Longest Match for LDP” is to be able to distribute /32 LDP
> FECs, if corresponding /32 routes are not available in IGP.
> So, on ABR you inject e.g. default route into access IGP domain. ABR has /32
> LDP FECs, and advertises this /32 FECs in LDP (but not in IGP) downstream
> into access domain. In access domain, LDP readvertises hop-by-hop these /32
> LDP FECs, assigning the labels.
>
> It is typically used with LDP DoD. On the other hand, however, nothing
> prevents you from having LDP policy on ABR to inject into access domain only
> specific /32 LDP FECs.
Thanks Krzysztof, that was my understanding from the Juniper link I
provided and the RFC, but it's still nice to have my understanding
clarified by someone else.
After reading the above RFCs I see that the specific use case for this
feature is when using LDP in Downstream on Demand mode, although that
isn't actually called out in RFC5283 anywhere or the Juniper
documentation. I was thinking in DU mode in my head :)
In DU mode, an agg node will advertise all labels to the access node.
If the access node has say 10.0.0.0/22 summary route (an example range
loopback IPs are assigned from) and RFC5283 enabled, and the agg node
advertises 1024 /32 IPv4 FEC labels (one for each loopback assuming
1000 PEs exist) the access node will keep all 1000 labels even if it
only needs a few of them, matching them against the summary route.
This is the default LDP DU behaviour unless we create horrible per-LDP
neighbour policies on the agg node that only allow the labels for the
exact loopbacks that access node needs to reach. So relaxing the LDP
exact match rules is kind of useless for LDP DU. In LDP DoD mode, the
access nodes only request the label mappings for the labels they need,
so no need for per-LDP neighbour policies, but we would still need
per-LDP neighbour IP routing policies to only advertise the /32
loopback IPs that neighbor needs in the IGP, unless we use RFC5283 and
advertise a summary route (or install a static summary route).
Cheers,
James.
More information about the juniper-nsp
mailing list