In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-06 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
Technorati tag: MPLS,CCIE,LDP,LDP session protection, Convergence
LDP Convergence Summary Summary:
If a network with redundant links, the main link down, then the convergence time of LDP = the convergence time of IGP. (approximately equal to)
When the main link is restored, the convergence of LDP needs to wait for IGP to converge before LDP can re-establish neighbors (TCP/UDP 646, establish LPD drawing and neighbors), and then exchange labels.
There will be a gap period in between, the next hop of IGP is inconsistent with LSP, and the IGP neighbor is established, and the tag status of LDP is drop. LSP is incomplete, and finally IP is used to forward the message.
-LDP session protection can solve the problem of gap period after the main link is restored.
So the question is, is there a technology that in a redundant link network environment, as soon as the link of the IGP is restored, then the LDP is restored immediately? Here is the advanced feature of LDP, which will be covered in all the details.
Timer for LPD:
Of course, there is a technology to ensure the convergence of LDP, which is the advanced feature of LDP.
For everyday applications, there is no need to modify any of the LDP timers.
Directed LDP neighbor: (LDP directly connected neighbor, listening to Multicast 224.0.0.2)
Session hold time=180s and keepalive=60s.---- are for the time of TCP connection.
Mpls ldp holdtime
Discovery hello: hold time = 15s, interval=5s. -this is UDP's hello bag. After the neighbor is established with the neighbor before it is established.
It needs to be saturated with UDP's hello. To perceive the presence of neighbors.
Command: mpls ldp discovery hello holdtime xxxx
Mpls ldp discovery hello interval xxxx
Targeted LDP neighbor:
The following timers are used for establishment between non-directly connected LDP neighbors:
We know that the establishment of LDP sends 224.0.0.2 multicast, and then directly connected routers listen on the multicast port and then establish LDP neighbors. However, if it is not directly connected, unicast can only be sent for neighbor establishment and saturation.
So targeted LDP neighbors cannot be discovered automatically and need to be defined manually.
Holdtime=90s interval=10s.
Command:
Ldp discovery targeted hello holdtime xxx
Ldp discovery targeted hello interval xxx
Certification of LDP:
The authentication of LDP uses MD5's hash algorithm for encryption:
Mpls ldp neigbhor 22.1.1.1 password Hank
22.1.1.1 is the neighbor's router-id, followed by the configuration of a password, using md5.
Directly under the global configuration.
Note:
When our LDP neighbor is up, configure the password. No matter whether the neighbor exceeds the holdtime or not, the down will not be dropped. Because the neighbor has been established, and the keepalive is always saturated, as long as there is no problem with the link, the neighbor will never down down, so the configuration password needs to be authenticated before the ldp establishes a neighbor.
Automatic configuration of LDP (auto config):
After this function runs, there is no need to type mpls ip under the interface.
For example, the routing protocol is ospf:
Router ospf 1
Mpls ldp autoconfig area x
Network 0.0.0.0 255.255.255.255 a 0
Exit
In this way, all interfaces of the router in OSPF can automatically run mpls ip and run LDP protocol.
Establish LDP neighbors.
If mpls ldp autoconfig is configured in the IGP routing process, not even no mpls ip under the interface, the system will give you a prompt:
At this point, you need to no mpls ldp igp autoconfig under the interface to remove the interface.
LDP session protection: (advanced feature for LDP convergence)
-LDP fast convergence
There are two paths from R1 to R5:
Active Link: R1--R2--R4--R5
Backup link: R1--R3--R2--R4--R5
When the active link R1--R2 down is down. At this point, IGP deletes the R 2 path from R 1 to R 5 next hop in the core routing table. When IGP converges, because there are tags assigned by R3 in LDP database, when the active link down, then the convergence time of IGP is about equal to that of LDP.
When the active link is restored, first R 1 and R 2 need to establish IGP neighbors.
When R1 and R2 IGP neighbors are established, the LDP of R1 and R2 begins to establish neighbors. The paths of IGP and LSP are inconsistent, which leads to the following:
When the active link between R1 and R2 is restored and the IGP neighbors of R1 and R2 are established, the label assigned by R3 to R1 will immediately switch the state to Drop. The label is not available. At this time to return the message, R 1 because there is no MPLS tag, and will directly go to IP to forward. In this way, there is actually no MPLS.
There are two ways to solve this problem:
1) session protection of LDP
2) the synchronization time of LDP,IGP is shortened.
LDP Link Protection: (targeted LDP)
Session protection
Main link failure, down:
R1, LDP neighbor OK.Targeted LDP, R2, OK.
If the link down is dropped, then the IGP converges (the LDP neighbor relationship between R1 and R2 will not be down, because it is target LDP).
R1 to R5, the path is R1-R4-R2-R3-R5. (LDP convergence is approximately equal to IGP convergence)
Primary link recovery:
R1 and R2 IGP converge. Then the next hop from R1 to R5 must become R2. At this time, the label assigned to me from the LDP binding table with respect to 55.1.1.1x32 is loaded into MPLS Forwarding table again, so that LDP is convergent.
Summary:
With targeted LDP, when the main link is restored, the convergence time of almost LDP can be equal to the convergence time of IGP, or slightly longer than that of IGP. Because LDP doesn't have to re-establish neighbors. This is the advantage of Targeted LDP neighbor.
Solution: enable target LDP session at both ends of LDP neighbors to maintain session across multiple hops.
Configuration method:
1, configure on all routers that support session protection: mpls ldp session protection
2, configure on routers that do not support session protection: mpls ldp discovery targeted-hello accept
Session protection means that after the primary link is restored and IGP convergence is completed, LDP is required to establish neighbors, where session protection and targeted LDP neighbor technologies do not re-establish neighbors. This greatly reduces the LDP convergence time, because the LDP does not need to re-establish neighbors, only need to reload the MPLS Forwarding table label.
Test:
On R1 and R2, type: mpls ldp session protection globally
As a result, other configurations are the same as before.
Now let's observe the phenomenon.
The preferred path for R1 to get to R5's 55.1.1.1x32 is R1muri-> R2muri-> R3muri-> R5.
When the active link is normal, let's take a look at the table entries of R1:
As you can see below, labels, R 2 and R 4 are all assigned tags to R 1.
On R1, show mpls ldp nei, you can find that R2 shows Targeted hello 11.1.1.1-> 22.1.1.1, active.passive
Now shutdown the link between R1 and R2.
Here, when the e 0 shutdown of R1 is 0, the LDP neighbor is not down, but hold up.
At this time, let's take a look at the tag database of R1. We are surprised to find that although the neighbors of R1 and R2 have down, the system still retains the label assigned by R2 for 55.1.1.1tab 32:
And the LDP neighbors of R1, 11.1.1.1 to 22.1.1.1, are still retained:\
But at this time, in the MPLS tag forwarding table on R1, because IGP has switched to R4 for the next hop, the MPLS tag table has also switched to the 40x tag assigned by R4:
When the link is restored, the e _ 0ramp _ 0 of R1 does the no shutdown operation:
You can see here that the LDP neighbor recovered successfully.
Once IGP ospf has converged, what LDP needs to do is not to build neighbors, because LDP neighbors have no down from beginning to end.
What LDP needs to do is to load the tags assigned by R2 which were previously retained in the LDP database into the MPLS tag forwarding table to achieve a fast convergence effect.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.