MPLS VPN Per VRF Label
Table of Contents
Introduction
Per-prefix label is one of the methods use to allocate a VPN label. It creates one per each vrf.
Per Prefix Label
- Biggest advantage is that it reduces the memory usage on distributed platforms with line cards and distributed forwarding.
- The one disadvantage is that once a packet gets to the PE, the transport label is popped, the VPN label forwards it to the correct vrf, but then the PE will have to do an IP lookup to find the next-hop. This an added processing associated with this feature.
- Enabling this feature can cause an outage during convergence.
- By default all connected interface and redistributed on PE will use a per-vrf aggregate label (includes: connected, redistributed, static to null0 and bgp aggregates).
- By default all learn routers from CEs will use a per-prefix label.
- When enabling per-vrf allocation mode all type of prefixes are per-vrf.
- Changing the allocation mode can be done per:
- Individual VRF.
- Protocol - bgp-vpnv4, bgp-vpnv6 or all all-afs.
- Allocation option are per-prefix, per-vrf and vrf-conn-aggr.
- In IOS-XR up to 4.3.1, the only allocation mode supported was per-ce with the command label-allocation-mode per-ce. At 4.3.1 this command became hidden and replaced by label mode per-vrf
Example
- To demonstrate the difference, vrf A has a default per-prefix allocation method.
R2#sh vrf detail
VRF A (VRF Id = 1); default RD 100:1; default VPNID <not set>
Interfaces:
Fa1/0
Address family ipv4 (Table ID = 1 (0x1)):
Export VPN route-target communities
RT:100:1
Import VPN route-target communities
RT:100:1
No import route-map
No global export route-map
No export route-map
VRF label distribution protocol: not configured
VRF label allocation mode: per-prefix <----per prefix
Address family ipv6 not active
- The next hop 10.1.2.1 is the CE that is advertising two prefixes: 1.1.1.1/32 and 11.11.11.11/32. They both have labels 28 and 29 respectively.
R2#sh mpls forwarding-table next-hop 10.1.2.1
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
28 No Label 1.1.1.1/32[V] 0 Fa1/0 10.1.2.1
29 No Label 11.11.11.11/32[V] \
0 Fa1/0 10.1.2.1 '
- Changing the allocation mode can be done per:
- Individual VRF.
- Protocol - bgp-vpnv4, bgp-vpnv6 or all all-afs.
- Allocation option are per-prefix, per-vrf and vrf-conn-aggr.
R2(config)#mpls label mode all-vrfs protocol bgp-vpnv4 per-vrf
- After making the change, you won't be able to lookup a prefix based on the next hop. IP lookup is required to find the next hop.
R2#sh mpls forwarding-table next-hop 10.1.2.1
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
- VPNv4 BGP shows advertising the same VPN labels for prefixes from the same VRF.
R2#sh bgp vpnv4 unicast all 11.11.11.11/32
BGP routing table entry for 100:1:11.11.11.11/32, version 5
Paths: (1 available, best #1, table A)
Advertised to update-groups:
2
Refresh Epoch 1
1
10.1.2.1 from 10.1.2.1 (1.1.1.1)
Origin IGP, metric 0, localpref 100, valid, external, best
Extended Community: RT:100:1
mpls labels in/out IPv4 VRF Aggr:30/nolabel <---label 30
rx pathid: 0, tx pathid: 0x0
R2#sh bgp vpnv4 unicast all 1.1.1.1/32
BGP routing table entry for 100:1:1.1.1.1/32, version 4
Paths: (1 available, best #1, table A)
Advertised to update-groups:
2
Refresh Epoch 1
1
10.1.2.1 from 10.1.2.1 (1.1.1.1)
Origin IGP, metric 0, localpref 100, valid, external, best
Extended Community: RT:100:1
mpls labels in/out IPv4 VRF Aggr:30/nolabel <---label 30
rx pathid: 0, tx pathid: 0x0
R2#sh mpls forwarding-table labels 30
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
30 Pop Label IPv4 VRF[V] 0 aggregate/A
Relevant IOS Commands
mpls label mode
Changes the VPN label allocation mode.
R1(config)# mpls label mode (all-vrfs | vrf (name) ) protocol (all-afs | bgp-vpnv4 | bgp-vpnv6) (per-prefix | per-vrf | vrf-conn-aggr )
Relevant IOS-XR Commands
label mode
Introduced in IOS-XR 4.3.1, the labe mode command allows for per-ce, per-vrf and route policy allocation mode.
label mode { per-ce | | per-vrf | route-policy }
The route-policy can be use to specifies a route policy to select prefixes for setting the label mode.
RP/0/RSP0/CPU0:router# configure t
RP/0/RSP0/CPU0:router(config)# router bgp 1
RP/0/RSP0/CPU0:router(config-bgp)# vrf A
RP/0/RSP0/CPU0:router(config-bgp-vrf)# address-family ipv4 unicast
RP/0/RSP0/CPU0:router(config-bgp-vrf)# label mode per-vrf
Additional Resources
MP VPN VRF Label - Cisco Configuration Guide.
MPLS VPN Per VRF Label feature - Packet-forwarding.net blog.