MPLS Traffic Engineering

MPLS TE, FRR, and Merge Point concepts + Configuration

www.noction.com
Table of Contents MPLS Traffic Engineering

Introduction 3

1. MPLS TE Configuration 4
1.1 PE1 Configuration 4
1.2 P1, P2, P3 and P4 Configuration 5
1.3 PE2 Configuration 6
1.4 Verification 6

2. MPLS TE Fast Reroute Link Protection 9

2.1 Backup Tunnel Configuration on P1 9
2.2 Backup Tunnel Configuration on P3 10
2.3 PE1 Configuration 10
2.4 Verification 10

3. Testing MPLS TE Fast Reroute Link Protection 11

Conclusion 13

Page 2
Introduction
In MPLS Traffic Engineering (TE), a Merge Point (MP) is a router or
a point in the network where backup paths merge with primary Lo0 5.5.5.5/32

paths to provide faster traffic restoration in case of link or node

P2
Gi0/0 Gi0/2
.2

failures.
.1
30.30.30.0/30
.9 40.40.40.0/30
SP
upL Gi0/2
Lo0 8.8.8.8/32
Lo0 2.2.2.2/32 ck
Ba Gi0/2
PE2
PE1 P1 .2 P4

Fast Reroute (FRR) is a technique used in MPLS TE to minimize

.1 20.20.20.0/30 .2 Gi0/2 .1 50.50.50.0/30 .2
.1 40.40.40.8/30
.6

the impact of link or node failures on traffic. When a failure

.5 Gi0/1 Gi0/0G i0/0
Gi0/0G i0/0 Gi0/1
Gi0/1
Lo1 192.168.1.1/24 Primary LSP .10 Lo0 7.7.7.7/32 Lo1 192.168.2.1/24
occurs, FRR allows traffic to be quickly rerouted onto a backup
Gi0/0 Gi0/2
30.30.30.4/30 .6 P3 .5
40.40.40.4/30

path without waiting for the network to converge on a new path. MP

Therefore, MP is a critical component of FRR because it is where Lo0 6.6.6.6/32

the backup and primary paths converge.

When a failure occurs on the primary path, the backup path is
activated, and traffic is rerouted to the MP. At the Merge Point,
the traffic from the primary and backup paths are merged and
forwarded toward the destination.
To illustrate this concept, consider the topology depicted in
Figure 1. In the topology, the red path represents the primary
LSP (Label Switched Path) and carries the traffic. The green path,
on the other hand, represents the backup LSP and is used only in
case of failure. If a link fails, such as between Router P1 and P3,
the traffic cannot be carried between Router PE1 and PE2 through
the red LSP.
Figure 1 - Network Topology
A fast reroute is used to ensure that traffic can continue to flow over
an alternate path within 50 milliseconds. When the link between P1
and P3 fails, Router P1 learns about the failure first, since it is direct-
ly attached to the failed link. Router P1 then redirects traffic to the
green LSP, which is terminated at router P3. The node P3 is called
the Merge Point (MP) because the backup LSP is merged with the
primary LSP at that node. If traffic reaches Node P1 after the P1-P3
link failure, Node P3 can continue forwarding traffic to the destina-
tion (Router PE2) over the green LSP.

Page 3
MPLS Traffic Engineering

1. MPLS TE Configuration
MPLS tunnels are unidirectional, which means we need one tunnel interface Loopback1
ip address 192.168.1.1 255.255.255.0
in each direction to send traffic. In the case of tunnel12 from PE1 to
PE2, the headend or start of the tunnel is Router PE1 with 20.20.20.1
configured, while the tailend is 50.50.50.2 configured on PE2.
Enable MPLS TE and RSVP on all Gigabit-Ethernet interfaces with a
Similarly, for tunnel 21 from PE2 to PE1, the headend is Router PE2,
bandwidth reservation of 512 kbps.
and the tailend is PE1.

interface GigabitEthernet0/0
To exchange link and loopback subnets, OSPF is enabled on all
ip address 20.20.20.1 255.255.255.252
routers. mpls traffic-eng tunnels
ip rsvp bandwidth 1024 1024
To reserve and exchange labels, it is necessary to enable RSVP on all
interfaces except loopback interfaces.
Enable MPLS TE and RSVP on all Gigabit-Ethernet interfaces with a
1.1 PE1 Configuration bandwidth reservation of 512 kbps.

mpls traffic-eng tunnels

router ospf 1
mpls traffic-eng router-id Loopback0
interface Loopback0
mpls traffic-eng area 0
ip address 2.2.2.2 255.255.255.255
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
Note that the Loopback1 IP address 192.168.1.1 is used for testing network 20.20.20.0 0.0.0.3 area 0
tunnel connectivity between PE1 and PE2 routers and is not related
to the MPLS TE configuration.

Page 4
MPLS Traffic Engineering

Define explicit path for PE1-PE2 tunnel: PE1-> P1->P3-> P4 and PE2. 1.2 P1, P2, P3 and P4 Configuration
We will only showcase the configuration of the P1 transit router, as
ip explicit-path name PE1-PE2 enable the configuration of the other routers is similar and, therefore, not
next-address 20.20.20.2
next-address 30.30.30.6
necessary to present.
next-address 40.40.40.6
next-address 50.50.50.2 mpls traffic-eng tunnels

Create a tunnel interface, and define the MPLS-TE tunnel encapsula- interface Loopback0
tion method, tunnel destination, bandwidth, priority, and other rele- ip address 4.4.4.4 255.255.255.255
vant parameters.
interface GigabitEthernet0/0
ip address 20.20.20.2 255.255.255.252
interface Tunnel12
mpls traffic-eng tunnels
ip unnumbered Loopback0
ip rsvp bandwidth 1024 1024
tunnel mode mpls traffic-eng
tunnel destination 8.8.8.8
interface GigabitEthernet0/1
tunnel mpls traffic-eng priority 2 2
ip address 30.30.30.5 255.255.255.252
tunnel mpls traffic-eng bandwidth 512
mpls traffic-eng tunnels
tunnel mpls traffic-eng path-option 1 explicit name PE1-PE2
ip rsvp bandwidth 1024 1024
tunnel mpls traffic-eng fast-reroute
no routing dynamic
interface GigabitEthernet0/2
ip address 30.30.30.1 255.255.255.252
We also need to route traffic to the 192.168.2.1 loopback interface of mpls traffic-eng tunnels
ip rsvp bandwidth 1024 1024
PE2 through the tunnel12 interface.
router ospf 1
mpls traffic-eng router-id Loopback0
ip route 192.168.2.0 255.255.255.0 Tunnel12 mpls traffic-eng area 0
router-id 4.4.4.4
network 0.0.0.0 255.255.255.255 area 0

Page 5
MPLS Traffic Engineering

1.3 PE2 Configuration tunnel mpls traffic-eng priority 2 2

mpls traffic-eng tunnels
interface Loopback0
ip address 8.8.8.8 255.255.255.255
tunnel mpls traffic-eng bandwidth 512
tunnel mpls traffic-eng path-option 1 explicit name PE2-PE1
tunnel mpls traffic-eng fast-reroute
no routing dynamic
ip route 192.168.1.0 255.255.255.0 Tunnel21

interface Loopback1
ip address 192.168.2.1 255.255.255.0 1.4 Verification
interface GigabitEthernet0/0 To begin, we verify the operational status of tunnel 12 on router PE1,
ip address 50.50.50.2 255.255.255.252 as shown in Figure 2.
mpls traffic-eng tunnels
ip rsvp bandwidth 1024 1024
PE1# show mpls traffic-eng tunnels
router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
router-id 8.8.8.8
network 8.8.8.8 0.0.0.0 area 0
network 50.50.50.0 0.0.0.3 area 0

ip explicit-path name PE2-PE1 enable

next-address 50.50.50.1
next-address 40.40.40.1
next-address 30.30.30.1
next-address 20.20.20.1

interface Tunnel21
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 2.2.2.2

Page 6
MPLS Traffic Engineering

Figure 3 - P1 MPLS Forwarding Table

We can see in Figure 4 that the MPLS TE Tunnel31 on PE2 is also up

and running. Any traffic destined for PE2 is placed into the tunnel and
takes a path that passes through P4, P2, P1, and finally reaches PE1.

Figure 2 - Checking MPLS TE Tunnels on PE1 - Tunnel12

Figure 2 shows the RSVP Resv path label information used by each
hop along the path from PE1 to PE2. At the start of the path, PE1
(2.2.2.2) pushes label 17 to the packets and forwards them to P1.
Upon receiving the packets, P1 (4.4.4.4) swaps label 17 with a new
label 16 before forwarding the traffic to P3, as shown in Figure 3. Then,
at P3 (6.6.6.6), the incoming label 16 is swapped with a new label 17,
and the traffic is forwarded to P4. Finally, at PE4 (7.7.7.7), label 17 is
popped, and the traffic is sent to PE2 with no MPLS header.

Page 7
MPLS Traffic Engineering

To check connectivity and make sure that traffic is passing through the
tunnel, we use the traceroute command:

Figure 5 - Checking Connectivity from PE1 to PE2

Figure 4 - Checking MPLS TE Tunnels on PE2 – Tunnel 21

Page 8
MPLS Traffic Engineering

2. MPLS TE Fast Reroute Link Protection

We have set up a primary MPLS TE tunnel between PE1 and PE2, with 2.1 Backup Tunnel Configuration on P1
a path through P1, P3, and P4. However, if the link between P1 and Assuming that the primary tunnel from PE1 to P2 is already config-
P3 fails, we'll lose connectivity to the tunnel endpoint, since the path ured and operational, we start configuring the backup tunnel on P1.
is explicitly configured on PE1.

interface Tunnel100
MPLS TE Fast Reroute (FRR) is a mechanism that provides fast description "Link Protection Tunnel"
protection against link and node failures in the network, ensuring ip unnumbered Loopback0
that traffic is rerouted quickly and efficiently to avoid data loss. By tunnel mode mpls traffic-eng
default, MPLS TE calculates a new best path when there is a failure tunnel destination 6.6.6.6
tunnel mpls traffic-eng path-option 1 explicit name P1-P3
in the primary tunnel, but this process can be too slow for delay-
no routing dynamic
sensitive applications such as VOIP. With MPLS TE fast reroute,
traffic is forwarded down a backup tunnel when there is a failure in interface GigabitEthernet0/1
the primary tunnel, allowing a faster recovery time of less than 50 ms. ip address 30.30.30.5 255.255.255.252
mpls traffic-eng tunnels
mpls traffic-eng backup-path Tunnel100
To bypass the link between P1 and P3, we will configure a backup ip rsvp bandwidth 1024 1024
NHOP (Next Hop) tunnel from P1 through P2, terminating at P3. The
headend router of the backup tunnel is node P1, and the tailend ip explicit-path name P1-P3 enable
router is the merge point (MP) – node P3. If the link between next-address 30.30.30.2
P1 and P3 fails, we'll still have a path to the TE tunnel endpoint, next-address 40.40.40.10
avoiding data loss.

In the following parts, we will enable link protection backup tunnel

100 on both P1 and P3 and associate the interface Gi0/1 with the
backup tunnel on P1. When the interface Gi0/1 goes down, the
backup tunnel is activated.

Page 9
MPLS Traffic Engineering

2.2 Backup Tunnel Configuration on P3 2.4 Verification

Firstly, we will check the status of the backup tunnel on P1 router
interface Tunnel100 (Figure 6):
description "Protection tunnel"
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 4.4.4.4
tunnel mpls traffic-eng path-option 1 explicit name P3-P1
no routing dynamic

ip explicit-path name P3-P1 enable

next-address 40.40.40.9
next-address 30.30.30.1
Figure 6 - Checking MPLS TE FRR Database Before Link Failure Between P1 and P3

2.3 PE1 Configuration
After configuring a backup tunnel on both P1 and P3 and associating
it with the gi0/1 on both P1, one more step is required to ensure its
proper functioning. Specifically, fast-reroute must be enabled on the
TE tunnel configured on PE1 so that tunnel12 is fast-rerouted.
The backup tunnel is currently in a ready state and will be activated
automatically if interface Gi0/1 on P1 goes down. When packets are
sent from PE1 to P1, they are labeled 17 and forwarded with label
16. The router P3 expects the label to be 16, but if the link between
P1 and P3 path to label 16 is broken, we must ensure that label 16
remains protected for proper packet forwarding.

interface Tunnel12 Therefore, packets sent from P1 to P2 via the backup path from the
tunnel mpls traffic-eng fast-reroute Gi0/2 interface when the backup tunnel is activated will have two
labels. The inner label expected by P3 is 16, and the outer label
inserted by P1 is 18 (Figure 7).

Page 10
MPLS Traffic Engineering

3. Testing MPLS TE Fast Reroute Link Protection

We now disable the Gi0/1 interface on P1 to simulate a link failure
between P1 and P3:

P1(config)# int gi0/1

P1(config-if)# sh

The backup path via P2 is now activated, and the status changes from
ready to active (Figure 8).

Figure 8 - Checking MPLS TE FRR Database After Link Failure Between P1 and P3

Figure 9 shows an additional label 18, that was inserted into the
network traffic by P1.

PE1# traceroute 192.168.2.1

Figure 7 - Checking Backup Tunnel 100 on P1

Page 11
MPLS Traffic Engineering

Lo0 5.5.5.5/32
18 P2
16 Gi0/0 Gi0/2
.2 .1
30.30.30.0/30
P .9 40.40.40.0/30
p LS Gi0/2
Lo0 2.2.2.2/32 17 cku Lo0 8.8.8.8/32
Ba Gi0/2
PE2
PE1 P1 .2 P4
.1 20.20.20.0/30 .2 Gi0/2 .1 50.50.50.0/30 .2
.1 40.40.40.8/30 16
.5 .6
Gi0/0G i0/0 Gi0/1 Gi0/0G i0/0
Gi0/1
Gi0/1
Lo1 192.168.1.1/24 Primary LSP .10 Lo0 7.7.7.7/32 Lo1 192.168.2.1/24
Gi0/0 Gi0/2
30.30.30.4/30 .6 P3 .5

Figure 9 - Checking Connectivity between PE1 and PE2 After Link Failure on P1
40.40.40.4/30
16 MP 17

Lo0 6.6.6.6/32

Indeed, a screenshot of the packets captured on the link between P1

and P2 shows that both labels 18 and 16 are presented in the traffic
Figure 11 - MPLS Label Assignment on Backup Path from PE to PE2
(Figure 10).

At P2, label 18 is popped, and the traffic is subsequently redirected

to P3 with only label 16, as depicted in Figure 12.

Figure 10 - Capture Packets between PE1 and PE2 After Link Failure on P1

Notice the primary (red and the backup (green) paths and particular Figure 12 - Popping Label 18 on P2

labels assignment depicted in Figure 11.

Finally, the backup LSP is merged with the primary LSP at the Merge
Point, which is router P3.

Page 12
MPLS Traffic Engineering

Conclusion
MPLS Traffic Engineering (TE) provides a way to optimize network
traffic and ensure efficient use of network resources.

Using a Merge Point (MP) and Fast Reroute (FRR) techniques in MPLS
TE enables network operators to minimize the impact of link and
node failures on traffic and ensure faster restoration of services.

The MP is a critical component of FRR, ensuring that traffic from the

primary and backup paths is seamlessly merged without any packet
loss or duplication.

Network operators need to understand the concept of MP, FRR, and

MPLS TE to deploy these technologies effectively and enhance the
overall resiliency of their networks. By leveraging these techniques,
network operators can ensure that their networks are always
available and provide high-quality services to their customers.

Page 13
This ebook was brought to
you by Noction

Copyright © Noction Inc., All Rights Reserved.

Noction logos, and trademarks or registered
trademarks of Noction Inc. or its subsidiaries
in the United States and other countries.

Other names and brands may be claimed as

the property of others. Information regarding
third party products is provided solely for
educational purposes.

Noction Inc. is not responsible for

the performance or support of third
party products and does not make any
representations or warranties whatsoever
regarding quality, reliability, functionality, or
compatibility of these devices or products.

Copyright © Noction Inc.