cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1373
Views
17
Helpful
7
Replies

Policy based routing on VRF interfaces to route traffic through TE Tunnel

anasubra_2
Level 1
Level 1

Hi All,

Is there a method to do policy based routing on VRF interfaces and route data traffic through one TE tunnel and non-data traffic through another TE tunnel.

The tunnel is already build up with these below config

interface Tunnel25

ip unnumbered Loopback0

tunnel destination 10.250.16.250

tunnel mode mpls traffic-eng

tunnel mpls traffic-eng path-option 10 explicit name test

!

ip explicit-path name test enable

next-address x.x.x.x

next-address y.y.y.y

!

router ospf 1

mpls traffic-eng router-id Loopback0

mpls traffic-eng area 0

!

mpls traffic-eng tunnels

!

nterface GigabitEthernet5/2

mpls traffic-eng tunnels

mpls ip

Is there additional config needed to work ,also in the destination end for the return traffic,we want to use the normal PATH --I mean non TE tunnel.

We tested with the above scenario,but couldn't able to reach the destination.Meantime we had a question,when the packet uses the policy map while ingress,it may not know the associatuion with VRF(Is that right? --If so ,how to make it happen)

Any help would be really appreciated

Thanks

Regards

Anantha Subramanian Natarajan

7 Replies 7

n.nandrekar
Level 4
Level 4

Hi Anantha!

I dont think it will be possible to do PBR to select the outgoing TE tunnel. PBR is not supported on ip-to-tag path (atleast on 6500 - and hence 7600).

But for your requirement, you can achieve it through CBTS (class based tunnel selection).

http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/gscbts.html

You can have different TEW tunnels for different markings. All you need to do is do ingress marking on PE / or trust the cust markings and configure the CBST feature. You have to create a master tunnel to 1 PE and multiple COS.PREC based tunnels within that.

Hope this helps.

Regards,

Niranjan

(pls rate helpful posts)

Hi Niranjan,

Thank you very much for the reply . We went through the CBTS option but seems would require IOS to be 12.2SR on 7600. We are currently running 12.2(18)SXF4 and preferably would like to find a soltion without an IOS upgrade.Is there a solution which is supported in this train.

Also,on CBTS scenario,If some of our core links on WS67xx series,Sup720 gig ports,does the same is supported?

Thanks for your assistance.

Regards

Anantha Subramanian Natarajan

hi!

You are right! CBTS is supported only after SRB in 7600 and SXH in 6500. SXF wouldnt support it.

Also, the hardware should not make any difference in the functionality as TE tunnel imposition/disposition is done by the PFC. So for L3-VPN no restrictions. FOR L2VPN,eompls,atom,vpls etc. the h/w restrictions of those features will take care.

As of now I cant think of any other way of achieving your aim in SXF. Will get back if i get something else.

Regards,

Niranjan

Hi Niranjan,

Thank you very much for the reply.

Also I have couple of questions on CBTS,

1)If we use CBTS to acheive this by upgrading the IOS on the router and use the autoroute announce on the Tunnel created,will there be issue with MVPN traffic,I would assume RPF would fail if the multicast traffic travels through the tunnel. If this understanding is right?,is there a way to make multicast work .For us,Multicast traffic can take any core path at this moment.

2) Is there a way to force the EOMPLS traffic towards the specific path on the core by using CBTS or some other method

Any help would be really appreciated.

Regards

Anantha Subramanian Natarajan

hi Anantha!

I might not be the right person to comment on your first question. I have not configured MVPNs yet and not very confertable with the topic.

But I am sure that if you read through the CBTS doc thoroughly, you might be able to derive the answer yourself. One thing I notice is that " a Tunnel will be selected regularly according to the routing process (even isf it is cbts enabled). From the tunnels selected using the regular best path selection, the traffic is mapped to a perticular tunnel in the group if specific class is mapped to that tunnel.

So a master tunnel can be the only tunnel between the 2 devices over which the routing (bgp next hops) are exchanged and all other tunnels can be members of this tunnel. So your RPF might not fail.

You might have to explore on this a bit more and read about the co-existance of multicast and TE. This will be the same as that.

For your second question, the answer would be easy :

If you want a specific eompls cust to take a particular tunnel/path, just create a seperate pair of loopbacks on the PEs. Make the loopback learnt on the remote PE through the tunnel/path that you want the eompls to take. Then establish the xconnect with this loopback. I am assuming that your question is that a particular eompls session should take a particular path.

If you meant that certain traffic from the same eompls session take a different path/tunnel, then CBTS will work.

Regards,

Niranjan

Hi Niranjan,

Thank you very much for the answer of question 2.

Regarding question 1,sure will read the CBTS doc and my initially understanding/concern is,since tunnel are unidirectional ,when RPF check happens,it may not understand the incoming interface of the Multicast traffic .....

Again thanks for your answer .......Really appreciated .

Regards

Anantha Subramanian Natarajan

Hello Niranjan

Can you please help me in the script to classify and mark the traffic so that the PE can forward traffic based on EXP bits?

Regards

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: