Configuring Traffic Steering into SR-MPLS BE Tunnels

Traffic steering into SR-MPLS BE tunnels is to recurse routes to SR-MPLS BE tunnels and forward data using these tunnels.

Usage Scenario

After an SR-MPLS BE tunnel is configured, traffic needs to be steered into the tunnel for forwarding. This process is called traffic steering. Currently, SR-MPLS BE tunnels can be used for various routes and services, such as BGP and static routes as well as BGP4+ 6PE, BGP L3VPN, and EVPN services. The main traffic steering modes supported by SR-MPLS BE tunnels are as follows:
  • Static route: When configuring a static route, set the next hop of the route to the destination IP address of an SR-MPLS BE tunnel so that traffic transmitted over the route is steered into the SR-MPLS BE tunnel. For details about how to configure a static route, see Creating IPv4 Static Routes.
  • Tunnel policy: The tunnel policy mode is implemented through tunnel selector configuration. This mode allows both VPN services and non-labeled public routes to recurse to SR-MPLS BE tunnels. The configuration varies according to the service type.

This section describes how to configure routes and services to recurse to SR-MPLS BE tunnels through tunnel policies.

Pre-configuration Tasks

Before configuring traffic steering into SR-MPLS BE tunnels, complete the following tasks:

  • Configure BGP routes, static routes, BGP4+ 6PE services, BGP L3VPN services, BGP L3VPNv6 services, and EVPN services correctly.

  • Configure a filter, such as an IP prefix list, if you want to restrict the route recursive to a specified SR-MPLS BE tunnel.

Procedure

  1. Configure a tunnel policy.

    Perform any of the following configurations based on the traffic steering mode you select.

    Comparatively speaking, the tunnel selection sequence mode applies to all scenarios, and the tunnel selector mode applies to inter-AS VPN Option B and inter-AS VPN Option C scenarios.

    • Tunnel selection sequence

      1. Run system-view

        The system view is displayed.

      2. Run tunnel-policy policy-name

        A tunnel policy is created and the tunnel policy view is displayed.

      3. (Optional) Run description description-information

        Description information is configured for the tunnel policy.

      4. Run tunnel select-seq sr-lsp load-balance-number load-balance-number [ unmix ]

        The tunnel selection sequence and number of tunnels for load balancing are configured.

      5. Run commit

        The configuration is committed.

      6. Run quit

        Return to the system view.

    • Tunnel selector

      1. Run system-view

        The system view is displayed.

      2. Run tunnel-selector tunnel-selector-name { permit | deny } node node

        A tunnel selector is created and the view of the tunnel selector is displayed.

      3. (Optional) Configure if-match clauses.

      4. Run apply tunnel-policy tunnel-policy-name

        A specified tunnel policy is applied to the tunnel selector.

      5. Run commit

        The configuration is committed.

      6. Run quit

        Return to the system view.

  2. Configure routes and services to recurse to SR-MPLS BE tunnels.

    • Configure non-labeled public BGP routes and static routes to recurse to SR-MPLS BE tunnels.

      1. Run route recursive-lookup tunnel [ ip-prefix ip-prefix-name ] [ tunnel-policy policy-name

        The function to recurse non-labeled public BGP routes and static routes to SR-MPLS BE tunnels is enabled.

      2. Run commit

        The configuration is committed.

    • Configure non-labeled public BGP routes to recurse to SR-MPLS BE tunnels.

      For details about how to configure a non-labeled public BGP route, see Configuring Basic BGP Functions.

      1. Run bgp { as-number-plain | as-number-dot }

        The BGP view is displayed.

      2. Run unicast-route recursive-lookup tunnel [ tunnel-selector tunnel-selector-name ]

        The function to recurse non-labeled public BGP routes to SR-MPLS BE tunnels is enabled.

        The unicast-route recursive-lookup tunnel command and route recursive-lookup tunnel command are mutually exclusive. You can select either of them for configuration.

      3. Run commit

        The configuration is committed.

    • Configure static routes to recurse to SR-MPLS BE tunnels.

      For details about how to configure a static route, see Creating IPv4 Static Routes.

      1. Run ip route-static recursive-lookup tunnel [ ip-prefix ip-prefix-name ] [ tunnel-policy policy-name ]

        The function to recurse static routes to SR-MPLS BE tunnels for MPLS forwarding is enabled.

        The ip route-static recursive-lookup tunnel command and route recursive-lookup tunnel command are mutually exclusive. You can select either of them for configuration.

      2. Run commit

        The configuration is committed.

    • Configure BGP L3VPN services to recurse to SR-MPLS BE tunnels.

      For details about how to configure a BGP L3VPN service, see BGP/MPLS IP VPN Configuration.

      1. Run ip vpn-instance vpn-instance-name

        The VPN instance view is displayed.

      2. Run ipv4-family

        The VPN instance-specific IPv4 address family view is displayed.

      3. Run tnl-policy policy-name

        A specified tunnel policy is applied to the VPN instance-specific IPv4 address family.

      4. Run commit

        The configuration is committed.

    • Configure BGP L3VPNv6 services to recurse to SR-MPLS BE tunnels.

      For details about how to configure a BGP L3VPNv6 service, see BGP/MPLS IPv6 VPN Configuration.

      1. Run ip vpn-instance vpn-instance-name

        The VPN instance view is displayed.

      2. Run ipv6-family

        The VPN instance-specific IPv6 address family view is displayed.

      3. Run tnl-policy policy-name

        A specified tunnel policy is applied to the VPN instance-specific IPv6 address family.

      4. Run commit

        The configuration is committed.

    • Configure BGP4+ 6PE services to recurse to SR-MPLS BE tunnels.

      For details about how to configure a BGP4+ 6PE service, see Configuring BGP4+ 6PE.

      Method 1: Apply a tunnel policy to a specified BGP4+ peer.

      1. Run bgp { as-number-plain | as-number-dot }

        The BGP view is displayed.

      2. Run ipv6-family unicast

        The BGP IPv6 unicast address family view is displayed.

      3. Run peer ipv4-address enable

        A specified 6PE peer is enabled.

      4. Run peer ipv4-address tnl-policy tnl-policy-name

        A specified tunnel policy is applied to the 6PE peer.

      5. Run commit

        The configuration is committed.

      Method 2: Apply a tunnel selector to all the routes of a specified BGP IPv6 unicast address family.

      1. Run bgp { as-number-plain | as-number-dot }

        The BGP view is displayed.

      2. Run ipv6-family unicast

        The BGP IPv6 unicast address family view is displayed.

      3. Run unicast-route recursive-lookup tunnel-v4 [ tunnel-selector tunnel-selector-name ]

        The function to recurse non-labeled public BGP routes to SR-MPLS BE tunnels is enabled.

        The unicast-route recursive-lookup tunnel command and route recursive-lookup tunnel command are mutually exclusive. You can select either of them for configuration.

      4. Run commit

        The configuration is committed.

    • Configure EVPN services to recurse to SR-MPLS BE tunnels.

      For details on how to configure EVPN, see EVPN Configuration. The configuration varies according to the service type.

      To apply a tunnel policy to an EVPN L3VPN instance, perform the following steps:

      1. Run ip vpn-instance vpn-instance-name

        The VPN instance view is displayed.

      2. Run ipv4-family or ipv6-family

        The VPN instance-specific IPv4/IPv6 address family view is displayed.

      3. Run tnl-policy policy-name evpn

        A specified tunnel policy is applied to the EVPN L3VPN instance.

      4. Run commit

        The configuration is committed.

      To apply a tunnel policy to a BD EVPN instance, perform the following steps:

      1. Run evpn vpn-instance vpn-instance-name bd-mode

        The BD EVPN instance view is displayed.

      2. Run tnl-policy policy-name

        A specified tunnel policy is applied to the BD EVPN instance.

      3. Run commit

        The configuration is committed.

      To apply a tunnel policy to an EVPN instance that works in EVPN VPWS mode, perform the following steps:

      1. Run evpn vpn-instance vpn-instance-name vpws

        The view of a specified EVPN instance that works in EVPN VPWS mode is displayed.

      2. Run tnl-policy policy-name

        A specified tunnel policy is applied to the EVPN instance that works in EVPN VPWS mode.

      3. Run commit

        The configuration is committed.

      To apply a tunnel policy to a basic EVPN instance, perform the following steps:

      1. Run evpn vpn-instance vpn-instance-name

        The EVPN instance view is displayed.

      2. Run tnl-policy policy-name

        A specified tunnel policy is applied to the basic EVPN instance.

      3. Run commit

        The configuration is committed.

Parent Topic: Segment Routing MPLS Configuration
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >