3 The goal of this test is to verify that the all the basic functionality
4 of ldpd is working as expected, be it running on Linux or OpenBSD. In
5 addition to that, more advanced features are also tested, like LDP
6 sessions over IPv6, MD5 authentication and pseudowire signaling.
8 In the topology below there are 3 PE routers, 3 CE routers and one P
9 router (not attached to any consumer site).
11 All routers have IPv4 addresses and OSPF is used as the IGP. The
12 three routers from the bottom of the picture, P, PE2 and PE3, are also
13 configured for IPv6 (dual-stack) and static IPv6 routes are used to
14 provide connectivity among them.
16 The three CEs share the same VPLS membership. LDP is used to set up the
17 LSPs among the PEs and to signal the pseudowires. MD5 authentication is
18 used to protect all LDP sessions.
34 +------+ IOS XR+------+
37 10.0.2.0/24 | | 10.0.3.0/24
38 2001:db8:2::/64 | | 2001:db8:3::/64
42 |OpenBSD+-------------+ Linux |
44 +---+---+ 10.0.4.0/24 +---+---+
47 172.16.1.2/24 CE2 CE3 172.16.1.3/24
53 1 - Enable IPv4/v6 forwarding:
55 # sysctl -w net.ipv4.ip_forward=1
56 # sysctl -w net.ipv6.conf.all.forwarding=1
59 2 - Enable MPLS forwarding:
61 # modprobe mpls-router
62 # modprobe mpls-iptunnel
63 # echo 100000 > /proc/sys/net/mpls/platform_labels
64 # echo 1 > /proc/sys/net/mpls/conf/eth1/input
65 # echo 1 > /proc/sys/net/mpls/conf/eth2/input
68 3 - Set up the interfaces:
70 # ip link add name lo1 type dummy
71 # ip link set dev lo1 up
72 # ip addr add 4.4.4.4/32 dev lo1
73 # ip -6 addr add 4:4:4::4/128 dev lo1
74 # ip link set dev eth1 up
75 # ip addr add 10.0.4.4/24 dev eth1
76 # ip -6 addr add 2001:db8:4::4/64 dev eth1
77 # ip link set dev eth2 up
78 # ip addr add 10.0.3.4/24 dev eth2
79 # ip -6 addr add 2001:db8:3::4/64 dev eth2
82 4 - Set up the bridge and pseudowire interfaces:
84 # ip link add type bridge
85 # ip link set dev bridge0 up
86 # ip link set dev eth0 up
87 # ip link set dev eth0 master bridge0
88 # ip link add name mpw0 type dummy
89 # ip link set dev mpw0 up
90 # ip link set dev mpw0 master bridge0
91 # ip link add name mpw1 type dummy
92 # ip link set dev mpw1 up
93 # ip link set dev mpw1 master bridge0
96 > NOTE: MPLS support in the Linux kernel is very recent and it still
97 doesn't support pseudowire interfaces. We are using here dummy interfaces
98 just to show how the VPLS configuration should look like in the future.
100 5 - Add static IPv6 routes for the remote loopbacks:
102 # ip -6 route add 2:2:2::2/128 via 2001:db8:3::2
103 # ip -6 route add 3:3:3::3/128 via 2001:db8:4::3
106 6 - Edit /etc/frr/ospfd.conf:
109 network 4.4.4.4/32 area 0.0.0.0
110 network 10.0.3.4/24 area 0.0.0.0
111 network 10.0.4.4/24 area 0.0.0.0
115 7 - Edit /etc/frr/ldpd.conf:
117 debug mpls ldp messages recv
118 debug mpls ldp messages sent
123 dual-stack cisco-interop
124 neighbor 1.1.1.1 password opensourcerouting
125 neighbor 2.2.2.2 password opensourcerouting
126 neighbor 3.3.3.3 password opensourcerouting
129 discovery transport-address 4.4.4.4
130 label local advertise explicit-null
138 discovery transport-address 4:4:4::4
149 member interface eth0
151 member pseudowire mpw0
152 neighbor lsr-id 1.1.1.1
155 member pseudowire mpw1
156 neighbor lsr-id 3.3.3.3
157 neighbor address 3:3:3::3
163 > NOTE: We have to disable ttl-security under the ipv6 address-family
164 in order to interoperate with the IOS-XR router. GTSM is mandatory for
165 LDPv6 but the IOS-XR implementation is not RFC compliant in this regard.
167 8 - Run zebra, ospfd and ldpd.
170 1 - Enable IPv4/v6 forwarding:
172 # sysctl net.inet.ip.forwarding=1
173 # sysctl net.inet6.ip6.forwarding=1
176 2 - Enable MPLS forwarding:
178 # ifconfig em2 10.0.2.3/24 mpls
179 # ifconfig em3 10.0.4.3/24 mpls
182 3 - Set up the interfaces:
184 # ifconfig lo1 alias 3.3.3.3 netmask 255.255.255.255
185 # ifconfig lo1 inet6 3:3:3::3/128
186 # ifconfig em2 inet6 2001:db8:2::3/64
187 # ifconfig em3 inet6 2001:db8:4::3/64
190 4 - Set up the bridge and pseudowire interfaces:
192 # ifconfig bridge0 create
193 # ifconfig bridge0 up
195 # ifconfig bridge0 add em1
196 # ifconfig mpw0 create
198 # ifconfig bridge0 add mpw0
199 # ifconfig mpw1 create
201 # ifconfig bridge0 add mpw1
204 5 - Add static IPv6 routes for the remote loopbacks:
206 # route -n add 4:4:4::4/128 2001:db8:4::4
207 # route -n add 2:2:2::2/128 2001:db8:2::2
210 6 - Edit /etc/frr/ospfd.conf:
213 network 10.0.2.3/24 area 0
214 network 10.0.4.3/24 area 0
215 network 3.3.3.3/32 area 0
219 7 - Edit /etc/frr/ldpd.conf:
221 debug mpls ldp messages recv
222 debug mpls ldp messages sent
227 dual-stack cisco-interop
228 neighbor 1.1.1.1 password opensourcerouting
229 neighbor 2.2.2.2 password opensourcerouting
230 neighbor 4.4.4.4 password opensourcerouting
233 discovery transport-address 3.3.3.3
234 label local advertise explicit-null
242 discovery transport-address 3:3:3::3
255 member pseudowire mpw0
256 neighbor lsr-id 1.1.1.1
259 member pseudowire mpw1
260 neighbor lsr-id 4.4.4.4
261 neighbor address 4:4:4::4
267 8 - Run zebra, ospfd and ldpd.
272 interface FastEthernet0/0
273 ip address 172.16.1.1 255.255.255.0
280 interface FastEthernet0/0
281 ip address 172.16.1.2 255.255.255.0
288 interface FastEthernet0/0
289 ip address 172.16.1.3 255.255.255.0
296 mpls ldp neighbor 2.2.2.2 password opensourcerouting
297 mpls ldp neighbor 3.3.3.3 password opensourcerouting
298 mpls ldp neighbor 4.4.4.4 password opensourcerouting
300 l2vpn vfi context VFI
306 member GigabitEthernet1 service-instance 1
310 ip address 1.1.1.1 255.255.255.255
312 interface pseudowire1
316 interface pseudowire2
320 interface GigabitEthernet3
321 ip address 10.0.1.1 255.255.255.0
325 network 0.0.0.0 255.255.255.255 area 0
332 ipv4 address 2.2.2.2 255.255.255.255
333 ipv6 address 2:2:2::2/128
335 interface GigabitEthernet0/0/0/0
336 ipv4 address 10.0.1.2 255.255.255.0
338 interface GigabitEthernet0/0/0/1
339 ipv4 address 10.0.2.2 255.255.255.0
340 ipv6 address 2001:db8:2::2/64
343 interface GigabitEthernet0/0/0/2
344 ipv4 address 10.0.3.2 255.255.255.0
345 ipv6 address 2001:db8:3::2/64
349 address-family ipv6 unicast
350 3:3:3::3/128 2001:db8:2::3
351 4:4:4::4/128 2001:db8:3::4
356 address-family ipv4 unicast
360 interface GigabitEthernet0/0/0/0
362 interface GigabitEthernet0/0/0/1
364 interface GigabitEthernet0/0/0/2
371 1.1.1.1:0 password clear opensourcerouting
372 3.3.3.3:0 password clear opensourcerouting
373 4.4.4.4:0 password clear opensourcerouting
378 discovery transport-address 2:2:2::2
380 interface GigabitEthernet0/0/0/0
384 interface GigabitEthernet0/0/0/1
390 interface GigabitEthernet0/0/0/2
399 ## Verification - Control Plane
401 Using the CLI on the Linux box, the goal is to ensure that everything
402 is working as expected.
404 First, verify that all the required adjacencies and neighborships sessions
408 linux# show mpls ldp discovery
409 Local LDP Identifier: 4.4.4.4:0
413 LDP Id: 3.3.3.3:0, Transport address: 3.3.3.3
415 LDP Id: 3.3.3.3:0, Transport address: 3:3:3::3
418 LDP Id: 2.2.2.2:0, Transport address: 2.2.2.2
420 LDP Id: 2.2.2.2:0, Transport address: 2:2:2::2
423 4.4.4.4 -> 1.1.1.1: xmit/recv
424 LDP Id: 1.1.1.1:0, Transport address: 1.1.1.1
426 4:4:4::4 -> 3:3:3::3: xmit/recv
427 LDP Id: 3.3.3.3:0, Transport address: 3:3:3::3
430 linux# show mpls ldp neighbor
431 Peer LDP Identifier: 1.1.1.1:0
432 TCP connection: 4.4.4.4:40921 - 1.1.1.1:646
433 Session Holdtime: 180 sec
434 State: OPERATIONAL; Downstream-Unsolicited
436 LDP Discovery Sources:
438 Targeted Hello: 1.1.1.1
440 Peer LDP Identifier: 2.2.2.2:0
441 TCP connection: 4:4:4::4:52286 - 2:2:2::2:646
442 Session Holdtime: 180 sec
443 State: OPERATIONAL; Downstream-Unsolicited
445 LDP Discovery Sources:
451 Peer LDP Identifier: 3.3.3.3:0
452 TCP connection: 4:4:4::4:60575 - 3:3:3::3:646
453 Session Holdtime: 180 sec
454 State: OPERATIONAL; Downstream-Unsolicited
456 LDP Discovery Sources:
460 Targeted Hello: 3:3:3::3
464 Note that the neighborships with the P and PE2 routers were established
465 over IPv6, since this is the default behavior for dual-stack LSRs, as
466 specified in RFC 7552. If desired, the **dual-stack transport-connection
467 prefer ipv4** command can be used to establish these sessions over IPv4
468 (the command should be applied an all routers).
470 Now, verify that there's a remote label for each PE address:
472 linux# show mpls ldp binding
474 Local binding: label: 20
477 ----------------- ---------
482 Local binding: label: 21
485 ----------------- ---------
490 Local binding: label: 22
493 ----------------- ---------
498 Local binding: label: imp-null
501 ----------------- ---------
506 Local binding: label: 23
509 ----------------- ---------
514 Local binding: label: 24
517 ----------------- ---------
522 Local binding: label: imp-null
525 ----------------- ---------
530 Local binding: label: imp-null
533 ----------------- ---------
538 Local binding: label: 18
541 ----------------- ---------
545 Local binding: label: 19
548 ----------------- ---------
551 Local binding: label: imp-null
554 ----------------- ---------
558 Local binding: label: -
561 ----------------- ---------
565 Local binding: label: imp-null
568 ----------------- ---------
571 Local binding: label: imp-null
574 ----------------- ---------
578 Check if the pseudowires are up:
580 linux# show l2vpn atom vc
581 Interface Peer ID VC ID Name Status
582 --------- --------------- ---------- ---------------- ----------
583 mpw1 3.3.3.3 100 ENG UP
584 mpw0 1.1.1.1 100 ENG UP
587 Check the label bindings of the pseudowires:
589 linux# show l2vpn atom binding
590 Destination Address: 1.1.1.1, VC ID: 100
592 Cbit: 1, VC Type: Ethernet, GroupID: 0
595 Cbit: 1, VC Type: Ethernet, GroupID: 0
597 Destination Address: 3.3.3.3, VC ID: 100
599 Cbit: 1, VC Type: Ethernet, GroupID: 0
602 Cbit: 1, VC Type: Ethernet, GroupID: 0
606 ## Verification - Data Plane
608 Verify that all the exchanged label mappings were installed in zebra:
610 linux# show mpls table
612 Label Type Nexthop Label
613 -------- ------- --------------- --------
614 17 LDP 2001:db8:3::2 3
615 19 LDP 2001:db8:3::2 24005
616 20 LDP 10.0.3.2 24000
618 22 LDP 10.0.3.2 24001
623 linux# show ip route ldp
624 Codes: K - kernel route, C - connected, S - static, R - RIP,
625 O - OSPF, I - IS-IS, B - BGP, P - PIM, A - Babel, L - LDP,
626 > - selected route, * - FIB route
628 L>* 1.1.1.1/32 [0/0] via 10.0.3.2, eth2 label 24000
629 L>* 3.3.3.3/32 [0/0] via 10.0.3.2, eth2 label 24001
632 Verify that all the exchanged label mappings were installed in the kernel:
635 17 via inet6 2001:db8:3::2 dev eth2 proto zebra
636 19 as to 24005 via inet6 2001:db8:3::2 dev eth2 proto zebra
637 20 as to 24000 via inet 10.0.3.2 dev eth2 proto zebra
638 21 via inet 10.0.3.2 dev eth2 proto zebra
639 22 as to 24001 via inet 10.0.3.2 dev eth2 proto zebra
640 23 via inet 10.0.3.2 dev eth2 proto zebra
641 24 via inet 10.0.3.2 dev eth2 proto zebra
642 25 via inet 10.0.3.2 dev eth2 proto zebra
644 $ ip route | grep mpls
645 1.1.1.1 encap mpls 24000 via 10.0.3.2 dev eth2 proto zebra metric 20
646 3.3.3.3 encap mpls 24001 via 10.0.3.2 dev eth2 proto zebra metric 20
649 Now ping PE1's loopback using lo1's address as a source address:
651 $ ping -c 5 -I 4.4.4.4 1.1.1.1
652 PING 1.1.1.1 (1.1.1.1) from 4.4.4.4 : 56(84) bytes of data.
653 64 bytes from 1.1.1.1: icmp_seq=1 ttl=253 time=3.02 ms
654 64 bytes from 1.1.1.1: icmp_seq=2 ttl=253 time=3.13 ms
655 64 bytes from 1.1.1.1: icmp_seq=3 ttl=253 time=3.19 ms
656 64 bytes from 1.1.1.1: icmp_seq=4 ttl=253 time=3.07 ms
657 64 bytes from 1.1.1.1: icmp_seq=5 ttl=253 time=3.27 ms
659 --- 1.1.1.1 ping statistics ---
660 5 packets transmitted, 5 received, 0% packet loss, time 4005ms
661 rtt min/avg/max/mdev = 3.022/3.140/3.278/0.096 ms
664 Verify that the ICMP echo request packets are leaving with the MPLS
665 label advertised by the P router. Also, verify that the ICMP echo reply
666 packets are arriving with an explicit-null MPLS label:
668 # tcpdump -n -i eth2 mpls and icmp
669 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
670 listening on eth2, link-type EN10MB (Ethernet), capture size 262144 bytes
671 10:01:40.758771 MPLS (label 24000, exp 0, [S], ttl 64) IP 4.4.4.4 > 1.1.1.1: ICMP echo request, id 13370, seq 1, length 64
672 10:01:40.761777 MPLS (label 0, exp 0, [S], ttl 254) IP 1.1.1.1 > 4.4.4.4: ICMP echo reply, id 13370, seq 1, length 64
673 10:01:41.760343 MPLS (label 24000, exp 0, [S], ttl 64) IP 4.4.4.4 > 1.1.1.1: ICMP echo request, id 13370, seq 2, length 64
674 10:01:41.763448 MPLS (label 0, exp 0, [S], ttl 254) IP 1.1.1.1 > 4.4.4.4: ICMP echo reply, id 13370, seq 2, length 64
675 10:01:42.761758 MPLS (label 24000, exp 0, [S], ttl 64) IP 4.4.4.4 > 1.1.1.1: ICMP echo request, id 13370, seq 3, length 64
676 10:01:42.764924 MPLS (label 0, exp 0, [S], ttl 254) IP 1.1.1.1 > 4.4.4.4: ICMP echo reply, id 13370, seq 3, length 64
677 10:01:43.763193 MPLS (label 24000, exp 0, [S], ttl 64) IP 4.4.4.4 > 1.1.1.1: ICMP echo request, id 13370, seq 4, length 64
678 10:01:43.766237 MPLS (label 0, exp 0, [S], ttl 254) IP 1.1.1.1 > 4.4.4.4: ICMP echo reply, id 13370, seq 4, length 64
679 10:01:44.764552 MPLS (label 24000, exp 0, [S], ttl 64) IP 4.4.4.4 > 1.1.1.1: ICMP echo request, id 13370, seq 5, length 64
680 10:01:44.767803 MPLS (label 0, exp 0, [S], ttl 254) IP 1.1.1.1 > 4.4.4.4: ICMP echo reply, id 13370, seq 5, length 64