Enabling LDP Auto FRR

LDP Auto FRR is enabled on the ingress or a transit node.

Context

LDP Auto FRR depends on IGP Auto FRR. When IGP Auto FRR is enabled, LDP Auto FRR will be automatically enabled. To change a policy for triggering LSP establishment, you can run the auto-frr lsp-trigger command.

Before you enable Remote LFA FRR, configure the Remote LFA algorithm when you configure IGP Auto FRR.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run mpls ldp

    The MPLS-LDP view is displayed.

  3. (Optional) Run ipv4-family

    The MPLS LDP IPv4 view is displayed.

  4. (Optional) Run auto-frr lsp-trigger { all | host | ip-prefix ip-prefix-name | none }

    A policy for triggering LSP establishment is configured.

    If both the auto-frr lsp-trigger command and the lsp-trigger command are run, the established backup LSPs satisfy both the policy for triggering LDP LSP establishment and the policy for triggering backup LDP LSP establishment.

    The auto-frr lsp-trigger command takes effect in either the MPLS-LDP view or MPLS LDP IPv4 view. If the command is configured in both views, only the configuration in the MPLS LDP IPv4 view takes effect.

  5. To enable Remote LFA FRR, perform the following steps on a PQ node in the MPLS-LDP view:
    1. Run accept target-hello { all | peer-group ip-prefix ip-prefix-name }

      The PQ node is enabled to automatically establish a remote LDP session with a remote LDP peer after the PQ node receives a Targeted Hello message sent by the remote LDP peer.

      In a Remote LFA FRR scenario, after an ingress uses the Remote LFA algorithm to calculate a PQ node, LDP automatically establishes a remote LDP session with the destination IP address set to the PQ node's IP address between the ingress and the PQ node. To enable the PQ node to implement this function, run the accept target-hello command on the PQ node.

      The following parameters can be configured:

      • all: enables a PQ device to establish remote LDP sessions based on all received Targeted Hello messages.
      • peer-group ip-prefix ip-prefix-name: enables a PQ device to establish remote LDP sessions based on Targeted Hello messages sent by LDP peers that meet a specified IP prefix list.

      After the accept target-hello command is run, the PQ node is prone to Targeted Hello packet-based attacks. After receiving a large number of Targeted Hello packets, the PQ node establishes many remote LDP sessions. To prevent such an attack, perform either of the following operations:

      • Configure peer-group ip-prefix ip-prefix-name in the accept target-hello command to limit the LDP peers with which a PQ node can establish remote LDP sessions.
      • Configure LDP security authentication for LDP peers in batches. For details, see Configuring LDP Security Features.

    2. Run send-message address all-loopback

      The PQ node is enabled to advertise all loopback IP addresses to LDP peers.

      In a Remote LFA FRR scenario, LDP uses the PQ node's IP address calculated using an IGP to establish a remote LDP session between a local node and the PQ node. Then the two nodes establish a Remote LFA FRR LSP. The PQ node's IP address can be any loopback interface IP address, including an LSR ID. To advertise the loopback addresses to LDP peers, run the send-message address all-loopback command on a PQ node so that a Remote LFA FRR LSP can be established.

  6. Run commit

    The configurations are committed.

  7. (Optional) Enable LDP FRR/ECMP poison reverse.
    1. Run interface interface-type interface-number

      The interface or sub-interface view is displayed.

      The view of an Eth-Trunk interface, Eth-Trunk sub-interface, GE interface, or GE sub-interface is displayed.

    2. Run mpls poison-reverse enable

      LDP FRR/ECMP poison reverse is enabled.

      On an LDP/SR-MPLS BE ring network with FRR/TI-LFA configured, if the primary LDP LSP fails, the ingress switches traffic from the primary LSP to the backup LSP. If routes are not converged before the LSP switchover is complete, the transit node sends traffic back to the ingress. As a result, a loop occurs. To resolve this issue, run the mpls poison-reverse enable command to enable LDP FRR/ECMP poison reverse on the traffic inbound interface of the transit node. With this function enabled, the transit node rapidly switches traffic to the backup LSP after learning that the outbound interface is the same as the inbound interface.

      This command also applies to an LDP/SR-MPLS BE ring network with two ECMP paths configured.

    3. Run commit

      The configurations are committed.

Parent Topic: Configuring LDP Auto FRR
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >