6500 TCAM usage for MPLS

Unanswered Question
Jun 1st, 2010


Hello!

I'm using cat6500 WS-SUP720-3BXL as BGP router for 3 full view upstream an several clients. Different clients want to use different upstream for output traffic, but output should be redundant . So I should implement VRF + BGP.

I have done the following config:


=-=-=-=-=-=

ip vrf Upsream1

rd Y:Z

     import map Bacup1-rmap

route-target export Y:Z

route-target import N:M

!

ip vrf Upsream2

rd N:M

import map Bacup2-rmap

route-target import Y:Z

route-target export N:M


!

router bgp XXX

!

  address-family ipv4 vrf Upsream1

  neighbor Y.Y.Y.Y remote-as ZZZ

  neighbor description  GoodUplink

!

  address-family ipv4 vrf Upsream2

  neighbor N.N.N.N remote-as MMM

  neighbor description  BadUplink

!

=-=-=-=-=-=

after loading full view in to table I get error

MLSCEF-SP-7-FIB_EXCEPTION: FIB TCAM exception, Some entries will be
software switched

#show platform hardware capacity forwarding


L3 Forwarding Resources

FIB TCAM usage:                     Total        Used       %Used

72 bits (IPv4, MPLS, EoM)     1032192      1002192         95%

144 bits (IP mcast, IPv6)        8192           8          1%


detail:      Protocol                    Used       %Used

IPv4                      600035         64%

MPLS                       32992          31%


=-=-=-=-=-=

Command

#show mpls forwarding-table

show all routes with label.

=-=-=-=-=-=

Question: is can I some how use VRF+BGP but disable TCAM MPLS table usage, and label generation  for my platform?


Cisco say

Ipv4 routes ---1 TCAM entry

ipv4 routes(vpn/vrf) -- 1 TCAM entry

ipv4 multicast -- 2 TCAM entry

ipv6 (anycast/unicast) -- 2 TCAM entry

MPLS labels --  1 TCAM entry


But look like BGP+VRF =2 TCAM entry.


Is there any workaround to use 1 TCAM entry for one route in VRF from BGP for 6500?

Thank you for answer!
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Wed, 06/02/2010 - 10:34

Hello Sergiy,


if you are using MPLS L3 VPN you need MPLS labels only for the loopbacks or remote PE nodes.


if you are doing VRF lite you actually don't need any label.


An attempt to reduce MPLS forwarding table size can be done by using a filter to be applied to LDP


so you start from


mpls ip


you add


access-list 11 permit 10.80.0.0 0.0.255.255


no mpls advertise-label

mpls advertise-label for 11


you need to do this on all PE nodes for consistency this may reduce the MPLS forwarding table size.


Hope to help

Giuseppe

Laurent Aubert Fri, 06/04/2010 - 06:26

Hi,


You can't disable TCAM utilisation as this is what allows traffic swithing in hw. But they have limited number of entries (1M in your case) so when the TCAM is full, new entry can't be programmed and will be switch in software impacting the CPU.


Do you really need the full routing table in several VRF ? it's not a recommanded design. If you need to bind a customer with an upstream SP, a default route received from each SP is enough. Each upstream VRF export it with different RT and on customer vrf, you import two of them for redundancy.



HTH


Laurent.

belovell Fri, 06/04/2010 - 09:12

laaubert wrote:


Do you really need the full routing table in several VRF ? it's not a recommanded design.

Agreed.



To be clear, vpnv4 routes will use two TCAM entries irrelvant to whether it's VRF lite or MPLS L3 VPN.


1 ipv4 route = 1 TCAM entry from ipv4 space.

1 vpnv4 route = 1 TCAM entry from ipv4 space + 1 entry from MPLS space. So two entries total.


You can reallocate your 1M TCAM entries so that approx 512K are ipv4 and 512K are MPLS(leave a little for other things) and then you have can ~500K vpnv4 routes but as Laaubert indicated this is not a great way to go about things.


-Ben

Sergiy Pyvovaroff Mon, 06/07/2010 - 03:53

Hello! thanks for the tips. I found on the same forum an interesting solution of the problem.
MPLS VPN—Per VRF Label
http://www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_vpn_per_vrf_lbl.html
With this tecnology ony one mpls lable used by one VRF:
But it requires inclusion of beta-future in the network core.
Who can tell how stable this feature  and whether it will be realised?



Today I decided to use two technologies that have already passed the test of time.
The first
BGP Support for IP Prefix Import from Global Table into a VRF Table
No MPLS LABEL for route from Global.
http://www.cisco.com/en/US/docs/ios/12_2s/feature/guide/fs_bgivt.html
Multi-VRF Selection Using Policy Based Routing (PBR)
And http://www.cisco.com/en/US/docs/ios/12_2sr/12_2srb/feature/guide/srb2mvrf.html


Sergiy A. Pyvovaroff

belovell Mon, 06/07/2010 - 06:59

Per VRF label will not change anything about TCAM usage. This is why I made the point that it does not matter if the route is vpnv4 or vrf-lite. Any time a route(label or not) is in a VRF routing table on the 6500 is will use extra TCAM entries.


-Ben

Actions

This Discussion

Related Content