7 The *ldpd* daemon is a standardised protocol that permits exchanging MPLS label
8 information between MPLS devices. The LDP protocol creates peering between
9 devices, so as to exchange that label information. This information is stored in
10 MPLS table of *zebra*, and it injects that MPLS information in the underlying
11 system (Linux kernel or OpenBSD system for instance).
12 *ldpd* provides necessary options to create a Layer 2 VPN across MPLS network.
13 For instance, it is possible to interconnect several sites that share the same
16 FRR implements LDP as described in :rfc:`5036`; other LDP standard are the
17 following ones: :rfc:`6720`, :rfc:`6667`, :rfc:`5919`, :rfc:`5561`, :rfc:`7552`,
19 Because MPLS is already available, FRR also supports :rfc:`3031`.
24 The *ldpd* daemon can be invoked with any of the common
25 options (:ref:`common-invocation-options`).
27 .. option:: --ctl_socket
29 This option allows you to override the path to the ldpd.sock file
30 used to control this daemon. If specified this option overrides
31 the -N option path addition.
33 The *zebra* daemon must be running before *ldpd* is invoked.
35 Configuration of *ldpd* is done in its configuration file
39 .. _understanding-ldp:
41 Understanding LDP principles
42 ============================
44 Let's first introduce some definitions that permit understand better the LDP
47 - `LSR` : Labeled Switch Router. Networking devices handling labels used to
48 forward traffic between and through them.
50 - `LER` : Labeled Edge Router. A Labeled edge router is located at the edge of
51 an MPLS network, generally between an IP network and an MPLS network.
54 ``LDP`` aims at sharing label information across devices. It tries to establish
55 peering with remote LDP capable devices, first by discovering using UDP port 646
56 , then by peering using TCP port 646. Once the TCP session is established, the
57 label information is shared, through label advertisements.
59 There are different methods to send label advertisement modes. The
60 implementation actually supports the following : Liberal Label Retention +
61 Downstream Unsolicited + Independent Control.
62 The other advertising modes are depicted below, and compared with the current
65 - Liberal label retention versus conservative mode
66 In liberal mode, every label sent by every LSR is stored in the MPLS table.
67 In conservative mode, only the label that was sent by the best next hop
68 (determined by the IGP metric) for that particular FEC is stored in the MPLS
71 - Independent LSP Control versus ordered LSP Control
72 MPLS has two ways of binding labels to FEC’s; either through ordered LSP
73 control, or independent LSP control.
74 Ordered LSP control only binds a label to a FEC if it is the egress LSR, or
75 the router received a label binding for a FEC from the next hop router. In
76 this mode, an MPLS router will create a label binding for each FEC and
77 distribute it to its neighbors so long as he has a entry in the RIB for the
79 In the other mode, label bindings are made without any dependencies on another
80 router advertising a label for a particular FEC. Each router makes it own
81 independent decision to create a label for each FEC.
82 By default IOS uses Independent LSP Control, while Juniper implements the
83 Ordered Control. Both modes are interoperable, the difference is that Ordered
84 Control prevent blackholing during the LDP convergence process, at cost of
85 slowing down the convergence itself
87 - unsolicited downstream versus downstream on demand
88 Downstream on demand label distribution is where an LSR must explicitly
89 request that a label be sent from its downstream router for a particular FEC.
90 Unsolicited label distribution is where a label is sent from the downstream
91 router without the original router requesting it.
95 .. _ldp-configuration:
102 Enable or disable LDP daemon
104 .. clicmd:: router-id A.B.C.D
106 The following command located under MPLS router node configures the MPLS
107 router-id of the local device.
109 .. clicmd:: ordered-control
111 Configure LDP Ordered Label Distribution Control.
113 .. clicmd:: address-family [ipv4 | ipv6]
115 Configure LDP for IPv4 or IPv6 address-family. Located under MPLS route node,
116 this subnode permits configuring the LDP neighbors.
118 .. clicmd:: interface IFACE
120 Located under MPLS address-family node, use this command to enable or disable
121 LDP discovery per interface. IFACE stands for the interface name where LDP is
122 enabled. By default it is disabled. Once this command executed, the
123 address-family interface node is configured.
125 .. clicmd:: discovery transport-address A.B.C.D | A:B::C:D
127 Located under mpls address-family interface node, use this command to set
128 the IPv4 or IPv6 transport-address used by the LDP protocol to talk on this
131 .. clicmd:: ttl-security disable
133 Located under the LDP address-family node, use this command to disable the
134 GTSM procedures described in RFC 6720 (for the IPv4 address-family) and
135 RFC 7552 (for the IPv6 address-family).
137 Since GTSM is mandatory for LDPv6, the only effect of disabling GTSM for the
138 IPv6 address-family is that *ldpd* will not discard packets with a hop limit
139 below 255. This may be necessary to interoperate with older implementations.
140 Outgoing packets will still be sent using a hop limit of 255 for maximum
143 If GTSM is enabled, multi-hop neighbors should have either GTSM disabled
144 individually or configured with an appropriate ttl-security hops distance.
146 .. clicmd:: neighbor A.B.C.D password PASSWORD
148 The following command located under MPLS router node configures the router
149 of a LDP device. This device, if found, will have to comply with the
150 configured password. PASSWORD is a clear text password wit its digest sent
153 .. clicmd:: neighbor A.B.C.D holdtime HOLDTIME
155 The following command located under MPLS router node configures the holdtime
156 value in seconds of the LDP neighbor ID. Configuring it triggers a keepalive
157 mechanism. That value can be configured between 15 and 65535 seconds. After
158 this time of non response, the LDP established session will be considered as
159 set to down. By default, no holdtime is configured for the LDP devices.
161 .. clicmd:: neighbor A.B.C.D ttl-security disable
163 Located under the MPLS LDP node, use this command to override the global
164 configuration and enable/disable GTSM for the specified neighbor.
166 .. clicmd:: neighbor A.B.C.D ttl-security hops (1-254)
168 Located under the MPLS LDP node, use this command to set the maximum number
169 of hops the specified neighbor may be away. When GTSM is enabled for this
170 neighbor, incoming packets are required to have a TTL/hop limit of 256
171 minus this value, ensuring they have not passed through more than the
172 expected number of hops. The default value is 1.
174 .. clicmd:: discovery hello holdtime HOLDTIME
176 .. clicmd:: discovery hello interval INTERVAL
178 INTERVAL value ranges from 1 to 65535 seconds. Default value is 5 seconds.
179 This is the value between each hello timer message sent.
180 HOLDTIME value ranges from 1 to 65535 seconds. Default value is 15 seconds.
181 That value is added as a TLV in the LDP messages.
183 .. clicmd:: dual-stack transport-connection prefer ipv4
185 When *ldpd* is configured for dual-stack operation, the transport connection
186 preference is IPv6 by default (as specified by :rfc:`7552`). On such
187 circumstances, *ldpd* will refuse to establish TCP connections over IPv4.
188 You can use above command to change the transport connection preference to
189 IPv4. In this case, it will be possible to distribute label mappings for
190 IPv6 FECs over TCPv4 connections.
192 .. _show-ldp-information:
197 These commands dump various parts of *ldpd*.
199 .. clicmd:: show mpls ldp neighbor [A.B.C.D]
201 This command dumps the various neighbors discovered. Below example shows that
202 local machine has an operation neighbor with ID set to 1.1.1.1.
206 west-vm# show mpls ldp neighbor
207 AF ID State Remote Address Uptime
208 ipv4 1.1.1.1 OPERATIONAL 1.1.1.1 00:01:37
211 .. clicmd:: show mpls ldp neighbor [A.B.C.D] capabilities
213 .. clicmd:: show mpls ldp neighbor [A.B.C.D] detail
215 Above commands dump other neighbor information.
217 .. clicmd:: show mpls ldp discovery [detail]
219 .. clicmd:: show mpls ldp ipv4 discovery [detail]
221 .. clicmd:: show mpls ldp ipv6 discovery [detail]
223 Above commands dump discovery information.
225 .. clicmd:: show mpls ldp ipv4 interface
227 .. clicmd:: show mpls ldp ipv6 interface
229 Above command dumps the IPv4 or IPv6 interface per where LDP is enabled.
230 Below output illustrates what is dumped for IPv4.
234 west-vm# show mpls ldp ipv4 interface
235 AF Interface State Uptime Hello Timers ac
236 ipv4 eth1 ACTIVE 00:08:35 5/15 0
237 ipv4 eth3 ACTIVE 00:08:35 5/15 1
240 .. clicmd:: show mpls ldp ipv4|ipv6 binding
242 Above command dumps the binding obtained through MPLS exchanges with LDP.
246 west-vm# show mpls ldp ipv4 binding
247 AF Destination Nexthop Local Label Remote Label In Use
248 ipv4 1.1.1.1/32 1.1.1.1 16 imp-null yes
249 ipv4 2.2.2.2/32 1.1.1.1 imp-null 16 no
250 ipv4 10.0.2.0/24 1.1.1.1 imp-null imp-null no
251 ipv4 10.115.0.0/24 1.1.1.1 imp-null 17 no
252 ipv4 10.135.0.0/24 1.1.1.1 imp-null imp-null no
253 ipv4 10.200.0.0/24 1.1.1.1 17 imp-null yes
257 LDP debugging commands
258 ========================
261 .. clicmd:: debug mpls ldp KIND
263 Enable or disable debugging messages of a given kind. ``KIND`` can
277 Below configuration gives a typical MPLS configuration of a device located in a
278 MPLS backbone. LDP is enabled on two interfaces and will attempt to peer with
279 two neighbors with router-id set to either 1.1.1.1 or 3.3.3.3.
285 neighbor 1.1.1.1 password test
286 neighbor 3.3.3.3 password test
289 discovery transport-address 2.2.2.2
299 Deploying LDP across a backbone generally is done in a full mesh configuration
300 topology. LDP is typically deployed with an IGP like OSPF, that helps discover
301 the remote IPs. Below example is an OSPF configuration extract that goes with
307 ospf router-id 2.2.2.2
308 network 0.0.0.0/0 area 0
312 Below output shows the routing entry on the LER side. The OSPF routing entry
313 (10.200.0.0) is associated with Label entry (17), and shows that MPLS push action
314 that traffic to that destination will be applied.
318 north-vm# show ip route
319 Codes: K - kernel route, C - connected, S - static, R - RIP,
320 O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
321 T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
323 > - selected route, * - FIB route
325 O>* 1.1.1.1/32 [110/120] via 10.115.0.1, eth2, label 16, 00:00:15
326 O>* 2.2.2.2/32 [110/20] via 10.115.0.1, eth2, label implicit-null, 00:00:15
327 O 3.3.3.3/32 [110/10] via 0.0.0.0, loopback1 onlink, 00:01:19
328 C>* 3.3.3.3/32 is directly connected, loopback1, 00:01:29
329 O>* 10.0.2.0/24 [110/11] via 10.115.0.1, eth2, label implicit-null, 00:00:15
330 O 10.100.0.0/24 [110/10] is directly connected, eth1, 00:00:32
331 C>* 10.100.0.0/24 is directly connected, eth1, 00:00:32
332 O 10.115.0.0/24 [110/10] is directly connected, eth2, 00:00:25
333 C>* 10.115.0.0/24 is directly connected, eth2, 00:00:32
334 O>* 10.135.0.0/24 [110/110] via 10.115.0.1, eth2, label implicit-null, 00:00:15
335 O>* 10.200.0.0/24 [110/210] via 10.115.0.1, eth2, label 17, 00:00:15
339 Additional example demonstrating use of some miscellaneous config options:
350 dual-stack cisco-interop
351 neighbor 10.0.1.5 password opensourcerouting
352 neighbor 172.16.0.1 password opensourcerouting
355 discovery transport-address 10.0.1.1
356 label local advertise explicit-null
364 discovery transport-address 2001:db8::1
372 member interface eth2
374 member pseudowire mpw0
375 neighbor lsr-id 1.1.1.1