下記手順を実施すれば誰でも簡単にCisco XRdでSRv6 L3VPN挙動確認環境を構築できるはず
Cisco XRd入手が最大の困難ポイントではあるけど
環境
VMインスタンス(Google Cloud)
- Debian GNU/Linux 12 (bookworm)
- n2-standard-8
- Cisco XRdを5台起動させるため、n2で最大初期選択可能な8vCPU構成
- spot
- 節約のため
containerlab
- version 0.57.5
Cisco XRd
- version 7.10.2
手順
- VMインスタンス(Google Cloud)作成
- containerlabインストール
- Cisco XRd使用環境構築
- containerlab topology作成
- SRv6 L3VPN設定
1. VMインスタンス(Google Cloud)作成
gloud CLIでサクッと構築。glcoud CLIの初期設定等は省略
gcloud compute instances create clab --machine-type=n2-standard-8 --image-family=debian-12 --image-project=debian-cloud --provisioning-model=SPOT
2. containerlabインストール
以降はVM(Google Cloud)上でコマンド実施
下記コマンドにてdocker等含めて必要なtool群を一括インストール
curl -sL https://containerlab.dev/setup | sudo -E bash -s "all"
こんな感じで表示されたらインストール完了
root@clab:~# clab version
____ ___ _ _ _____ _ ___ _ _ _____ ____ _ _
/ ___/ _ \| \ | |_ _|/ \ |_ _| \ | | ____| _ \| | __ _| |__
| | | | | | \| | | | / _ \ | || \| | _| | |_) | |/ _` | '_ \
| |__| |_| | |\ | | |/ ___ \ | || |\ | |___| _ <| | (_| | |_) |
\____\___/|_| \_| |_/_/ \_\___|_| \_|_____|_| \_\_|\__,_|_.__/
version: 0.57.5
commit: fbca124e
date: 2024-09-30T10:53:07Z
source: https://github.com/srl-labs/containerlab
rel. notes: https://containerlab.dev/rn/0.57/#0575
3. Cisco XRd使用環境構築
Cisco XRdを頑張って入手
Cisco XRdを動かすためには必要な初期設定があり、何が必要かはxrd-toolのhost-checkスクリプトで確認可能
git clone https://github.com/ios-xr/xrd-tools.git
cd xrd-tools/scripts
./host-check
Cisco XRdはxrd-control-planeを使用するので、base checksとxrd-control-plane cheksにてFAILとなっている箇所の対処が必要。今回の環境ではInotify max user instancesの設定を変更する必要あり(xrd-vrouter checksに表示されているFAILはスルーで問題なし)
host-checkのログは以下
root@clab:~# git clone https://github.com/ios-xr/xrd-tools.git
Cloning into 'xrd-tools'...
remote: Enumerating objects: 552, done.
remote: Counting objects: 100% (346/346), done.
remote: Compressing objects: 100% (136/136), done.
remote: Total 552 (delta 286), reused 218 (delta 210), pack-reused 206 (from 1)
Receiving objects: 100% (552/552), 208.25 KiB | 1.79 MiB/s, done.
Resolving deltas: 100% (341/341), done.
root@clab:~# cd xrd-tools/scripts/
root@clab:~/xrd-tools/scripts# ./host-check
==============================
Platform checks
==============================
base checks
-----------------------
PASS -- CPU architecture (x86_64)
PASS -- CPU cores (8)
PASS -- Kernel version (6.1)
PASS -- Base kernel modules
Installed module(s): dummy, nf_tables
INFO -- Cgroups
Cgroups v2 is in use - this is not supported for production environments.
FAIL -- Inotify max user instances
The kernel parameter fs.inotify.max_user_instances is set to 128 but
should be at least 4000 (sufficient for a single instance) - the
recommended value is 64000.
This can be addressed by adding 'fs.inotify.max_user_instances=64000'
to /etc/sysctl.conf or in a dedicated conf file under /etc/sysctl.d/.
For a temporary fix, run:
sysctl -w fs.inotify.max_user_instances=64000
PASS -- Inotify max user watches
250300 - this is expected to be sufficient for 62 XRd instance(s).
WARN -- Socket kernel parameters
The kernel socket parameters are insufficient for running XRd in a
production deployment. They may be used in a lab deployment, but must
be increased to the required minimums for production deployment.
Lower values may result in XR IPC loss and unpredictable behavior,
particularly at higher scale.
The required minimum settings are:
net.core.netdev_max_backlog=300000
net.core.optmem_max=67108864
net.core.rmem_default=67108864
net.core.rmem_max=67108864
net.core.wmem_default=67108864
net.core.wmem_max=67108864
The current host settings are:
net.core.netdev_max_backlog=1000
net.core.optmem_max=20480
net.core.rmem_default=212992
net.core.rmem_max=212992
net.core.wmem_default=212992
net.core.wmem_max=212992
Values can be changed by adding e.g.
'net.core.rmem_default=67108864' to /etc/sysctl.conf or
in a dedicated conf file under /etc/sysctl.d/.
Or for a temporary fix, running e.g.:
sysctl -w net.core.rmem_default=67108864
WARN -- UDP kernel parameters
The kernel UDP parameters are insufficient for running XRd in a
production deployment. They may be used in a lab deployment, but must
be increased to the required minimums for production deployment.
Lower values may result in XR IPC loss and unpredictable behavior,
particularly at higher scale.
The required minimum settings are:
net.ipv4.udp_mem=1124736 10000000 67108864
The current host settings are:
net.ipv4.udp_mem=766851 1022471 1533702
Values can be changed by adding
'net.ipv4.udp_mem=1124736 10000000 67108864' to /etc/sysctl.conf or
in a dedicated conf file under /etc/sysctl.d/.
Or for a temporary fix, running:
sysctl -w net.ipv4.udp_mem='1124736 10000000 67108864'
INFO -- Core pattern (core files managed by XR)
PASS -- ASLR (full randomization)
WARN -- Linux Security Modules
AppArmor is enabled. XRd is currently unable to run with the
default docker profile, but can be run with
'--security-opt apparmor=unconfined' or equivalent.
However, some features might not work, such as ZTP.
PASS -- Kernel module parameters
Kernel modules loaded with expected parameters.
xrd-control-plane checks
-----------------------
PASS -- RAM
Available RAM is 30.6 GiB.
This is estimated to be sufficient for 15 XRd instance(s), although memory
usage depends on the running configuration.
Note that any swap that may be available is not included.
xrd-vrouter checks
-----------------------
PASS -- CPU extensions (sse4_1, sse4_2, ssse3)
PASS -- RAM
Available RAM is 30.6 GiB.
This is estimated to be sufficient for 6 XRd instance(s), although memory
usage depends on the running configuration.
Note that any swap that may be available is not included.
FAIL -- Hugepages
Hugepages are not enabled. These are required for XRd to function correctly.
To enable hugepages, see the instructions at:
https://www.kernel.org/doc/Documentation/vm/hugetlbpage.txt.
FAIL -- Interface kernel driver
None of the expected PCI drivers are loaded.
The following PCI drivers are installed but not loaded: vfio-pci.
Run 'modprobe <pci driver>' to load a driver.
SKIP -- IOMMU
Skipped due to failed checks: Interface kernel driver
SKIP -- PCI devices
Skipped due to failed checks: Interface kernel driver
PASS -- Shared memory pages max size (17179869184.0 GiB)
PASS -- Real-time Group Scheduling (disabled in kernel config)
============================================================================
!! XR platforms NOT supported: xrd-control-plane, xrd-vrouter !!
============================================================================
root@clab:~/xrd-tools/scripts#
下記コマンドにてFAIL対処
sysctl -w fs.inotify.max_user_instances=64000
パケットを確認するためtsharkをインストール
apt install -y tshark
4. containerlab topology作成
今回作成するtopologyは以下サイトのチュートリアル構成
以下のyamlファイルを作成
root@clab:~# cat srv6.yaml
name: srv6
mgmt:
network: fixedips
ipv4-subnet: 172.30.5.0/24
ipv6-subnet: 2001:172:30:5::/80
topology:
nodes:
xr01:
kind: cisco_xrd
image: ios-xr/xrd-control-plane:7.10.2
mgmt-ipv4: 172.30.5.201
mgmt-ipv6: 2001:172:30:5::201
xr02:
kind: cisco_xrd
image: ios-xr/xrd-control-plane:7.10.2
mgmt-ipv4: 172.30.5.202
mgmt-ipv6: 2001:172:30:5::202
xr03:
kind: cisco_xrd
image: ios-xr/xrd-control-plane:7.10.2
mgmt-ipv4: 172.30.5.203
mgmt-ipv6: 2001:172:30:5::203
xr04:
kind: cisco_xrd
image: ios-xr/xrd-control-plane:7.10.2
mgmt-ipv4: 172.30.5.204
mgmt-ipv6: 2001:172:30:5::204
xr05:
kind: cisco_xrd
image: ios-xr/xrd-control-plane:7.10.2
mgmt-ipv4: 172.30.5.205
mgmt-ipv6: 2001:172:30:5::205
links:
- endpoints: ["xr01:Gi0-0-0-1", "xr02:Gi0-0-0-0"]
- endpoints: ["xr02:Gi0-0-0-1", "xr03:Gi0-0-0-0"]
- endpoints: ["xr03:Gi0-0-0-1", "xr04:Gi0-0-0-0"]
- endpoints: ["xr04:Gi0-0-0-1", "xr05:Gi0-0-0-0"]
- endpoints: ["xr05:Gi0-0-0-1", "xr01:Gi0-0-0-0"]
デプロイを実施
clab deploy -t srv6.yaml
ログは以下。docker psで起動していれば問題なし
root@clab:~# clab deploy -t srv6.yaml
INFO[0000] Containerlab v0.57.5 started
INFO[0000] Parsing & checking topology file: srv6.yaml
INFO[0000] Creating docker network: Name="fixedips", IPv4Subnet="172.30.5.0/24", IPv6Subnet="2001:172:30:5::/80", MTU=0
INFO[0000] Creating lab directory: /root/clab-srv6
INFO[0000] Creating container: "xr03"
INFO[0000] Creating container: "xr05"
INFO[0000] Creating container: "xr01"
INFO[0000] Creating container: "xr04"
INFO[0000] Creating container: "xr02"
INFO[0001] Created link: xr05:Gi0-0-0-1 <--> xr01:Gi0-0-0-0
INFO[0001] Created link: xr04:Gi0-0-0-1 <--> xr05:Gi0-0-0-0
INFO[0002] Created link: xr03:Gi0-0-0-1 <--> xr04:Gi0-0-0-0
INFO[0002] Created link: xr01:Gi0-0-0-1 <--> xr02:Gi0-0-0-0
INFO[0002] Created link: xr02:Gi0-0-0-1 <--> xr03:Gi0-0-0-0
INFO[0002] Adding containerlab host entries to /etc/hosts file
INFO[0002] Adding ssh config for containerlab nodes
+---+----------------+--------------+---------------------------------+-----------+---------+-----------------+-----------------------+
| # | Name | Container ID | Image | Kind | State | IPv4 Address | IPv6 Address |
+---+----------------+--------------+---------------------------------+-----------+---------+-----------------+-----------------------+
| 1 | clab-srv6-xr01 | 159e3df7deba | ios-xr/xrd-control-plane:7.10.2 | cisco_xrd | running | 172.30.5.201/24 | 2001:172:30:5::201/80 |
| 2 | clab-srv6-xr02 | 1add229bf444 | ios-xr/xrd-control-plane:7.10.2 | cisco_xrd | running | 172.30.5.202/24 | 2001:172:30:5::202/80 |
| 3 | clab-srv6-xr03 | d04b8ace6755 | ios-xr/xrd-control-plane:7.10.2 | cisco_xrd | running | 172.30.5.203/24 | 2001:172:30:5::203/80 |
| 4 | clab-srv6-xr04 | 7783423c563d | ios-xr/xrd-control-plane:7.10.2 | cisco_xrd | running | 172.30.5.204/24 | 2001:172:30:5::204/80 |
| 5 | clab-srv6-xr05 | f5bd2f5a9523 | ios-xr/xrd-control-plane:7.10.2 | cisco_xrd | running | 172.30.5.205/24 | 2001:172:30:5::205/80 |
+---+----------------+--------------+---------------------------------+-----------+---------+-----------------+-----------------------+
root@clab:~#
root@clab:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7783423c563d ios-xr/xrd-control-plane:7.10.2 "/usr/sbin/init" 15 seconds ago Up 13 seconds clab-srv6-xr04
f5bd2f5a9523 ios-xr/xrd-control-plane:7.10.2 "/usr/sbin/init" 15 seconds ago Up 14 seconds clab-srv6-xr05
159e3df7deba ios-xr/xrd-control-plane:7.10.2 "/usr/sbin/init" 15 seconds ago Up 14 seconds clab-srv6-xr01
1add229bf444 ios-xr/xrd-control-plane:7.10.2 "/usr/sbin/init" 15 seconds ago Up 13 seconds clab-srv6-xr02
d04b8ace6755 ios-xr/xrd-control-plane:7.10.2 "/usr/sbin/init" 15 seconds ago Up 13 seconds clab-srv6-xr03
各Cisco XRdには、Name欄のhost名に対してsshでのログインが可能
root@clab:~# ssh clab@clab-srv6-xr01
Warning: Permanently added 'clab-srv6-xr01' (ED25519) to the list of known hosts.
(clab@clab-srv6-xr01) Password:
RP/0/RP0/CPU0:xr01#
RP/0/RP0/CPU0:xr01#show ip int bri
Fri Oct 11 06:53:13.487 UTC
Interface IP-Address Status Protocol Vrf-Name
MgmtEth0/RP0/CPU0/0 172.30.5.201 Up Up default
GigabitEthernet0/0/0/0 unassigned Shutdown Down default
GigabitEthernet0/0/0/1 unassigned Shutdown Down default
RP/0/RP0/CPU0:xr01#
5. SRv6 L3VPN設定
各RouterにConfig投入。Config解説は別途記載予定
- XR1
conf
interface gigabitEthernet 0/0/0/0
ipv6 enable
no shutdown
interface gigabitEthernet 0/0/0/1
ipv6 enable
no shutdown
segment-routing
srv6
locators
locator MAIN
micro-segment behavior unode psp-usd
prefix fcbb:bb00:1::/48
router isis 1
is-type level-1
net 49.0.0.1.00
address-family ipv6 unicast
metric-style wide
segment-routing srv6
locator MAIN
interface gigabitEthernet 0/0/0/0
point-to-point
address-family ipv6 unicast
interface gigabitEthernet 0/0/0/1
point-to-point
address-family ipv6 unicast
vrf 1
address-family ipv4 unicast
import route-target
1:1
export route-target
1:1
interface Loopback101
vrf 1
ipv4 address 1.1.1.1 255.255.255.255
int lo0
ipv6 addr fcbb:bb00:1::1/128
router bgp 1
bgp router-id 1.0.0.1
address-family vpnv4 unicast
address-family vpnv6 unicast
neighbor-group RRC
remote-as 1
update-source Loopback0
address-family vpnv4 unicast
route-reflector-client
address-family vpnv6 unicast
route-reflector-client
neighbor fcbb:bb00:2::1
use neighbor-group RRC
neighbor fcbb:bb00:3::1
use neighbor-group RRC
neighbor fcbb:bb00:4::1
use neighbor-group RRC
neighbor fcbb:bb00:5::1
use neighbor-group RRC
vrf 1
rd 1:1
address-family ipv4 unicast
segment-routing srv6
locator MAIN
alloc mode per-vrf
redistribute connected
router isis 1
address-family ipv6 unicast
microloop avoidance segment-routing
interface gigabitEthernet 0/0/0/0
address-family ipv6 unicast
fast-reroute per-prefix
fast-reroute per-prefix ti-lfa
interface gigabitEthernet 0/0/0/1
address-family ipv6 unicast
fast-reroute per-prefix
fast-reroute per-prefix ti-lfa
performance-measurement
interface gigabitEthernet 0/0/0/0
delay-measurement
interface gigabitEthernet 0/0/0/1
delay-measurement
segment-routing
srv6
locators
locator LATENCY
micro-segment behavior unode psp-usd
prefix fcbb:bb01:1::/48
algorithm 128
router isis 1
flex-algo 128
metric-type delay
advertise-definition
address-family ipv6 unicast
segment-routing srv6
locators locator LATENCY
vrf 2
address-family ipv6 unicast
import route-target
1:2
export route-target
1:2
interface Loopback102
vrf 2
ipv6 address 2001:7543::1/128
router bgp 1
vrf 2
rd 1:2
address-family ipv6 unicast
segment-routing srv6
locator MAIN
alloc mode per-vrf
redistribute connected
commit
- XR2
conf
interface gigabitEthernet 0/0/0/0
ipv6 enable
no shutdown
interface gigabitEthernet 0/0/0/1
ipv6 enable
no shutdown
segment-routing
srv6
locators
locator MAIN
micro-segment behavior unode psp-usd
prefix fcbb:bb00:2::/48
router isis 1
is-type level-1
net 49.0.0.2.00
address-family ipv6 unicast
metric-style wide
segment-routing srv6
locator MAIN
interface gigabitEthernet 0/0/0/0
point-to-point
address-family ipv6 unicast
interface gigabitEthernet 0/0/0/1
point-to-point
address-family ipv6 unicast
vrf 1
address-family ipv4 unicast
import route-target
1:1
export route-target
1:1
interface Loopback101
vrf 1
ipv4 address 1.1.1.2 255.255.255.255
int lo0
ipv6 addr fcbb:bb00:2::1/128
router bgp 1
bgp router-id 1.0.0.2
address-family vpnv4 unicast
address-family vpnv6 unicast
neighbor fcbb:bb00:1::1
remote-as 1
update-source Loopback0
address-family vpnv4 unicast
address-family vpnv6 unicast
vrf 1
rd 1:1
address-family ipv4 unicast
segment-routing srv6
locator MAIN
alloc mode per-vrf
redistribute connected
router isis 1
address-family ipv6 unicast
microloop avoidance segment-routing
interface gigabitEthernet 0/0/0/0
address-family ipv6 unicast
fast-reroute per-prefix
fast-reroute per-prefix ti-lfa
interface gigabitEthernet 0/0/0/1
address-family ipv6 unicast
fast-reroute per-prefix
fast-reroute per-prefix ti-lfa
performance-measurement
interface gigabitEthernet 0/0/0/0
delay-measurement
interface gigabitEthernet 0/0/0/1
delay-measurement
segment-routing
srv6
locators
locator LATENCY
micro-segment behavior unode psp-usd
prefix fcbb:bb01:2::/48
algorithm 128
router isis 1
flex-algo 128
metric-type delay
advertise-definition
address-family ipv6 unicast
segment-routing srv6
locators locator LATENCY
vrf 2
address-family ipv6 unicast
import route-target
1:2
export route-target
1:2
interface Loopback102
vrf 2
ipv6 address 2001:7543::2/128
router bgp 1
vrf 2
rd 1:2
address-family ipv6 unicast
segment-routing srv6
locator MAIN
alloc mode per-vrf
redistribute connected
commit
- XR3
conf
interface gigabitEthernet 0/0/0/0
ipv6 enable
no shutdown
interface gigabitEthernet 0/0/0/1
ipv6 enable
no shutdown
segment-routing
srv6
locators
locator MAIN
micro-segment behavior unode psp-usd
prefix fcbb:bb00:3::/48
router isis 1
is-type level-1
net 49.0.0.3.00
address-family ipv6 unicast
metric-style wide
segment-routing srv6
locator MAIN
interface gigabitEthernet 0/0/0/0
point-to-point
address-family ipv6 unicast
interface gigabitEthernet 0/0/0/1
point-to-point
address-family ipv6 unicast
vrf 1
address-family ipv4 unicast
import route-target
1:1
export route-target
1:1
interface Loopback101
vrf 1
ipv4 address 1.1.1.3 255.255.255.255
int lo0
ipv6 addr fcbb:bb00:3::1/128
router bgp 1
bgp router-id 1.0.0.3
address-family vpnv4 unicast
address-family vpnv6 unicast
neighbor fcbb:bb00:1::1
remote-as 1
update-source Loopback0
address-family vpnv4 unicast
address-family vpnv6 unicast
vrf 1
rd 1:1
address-family ipv4 unicast
segment-routing srv6
locator MAIN
alloc mode per-vrf
redistribute connected
router isis 1
address-family ipv6 unicast
microloop avoidance segment-routing
interface gigabitEthernet 0/0/0/0
address-family ipv6 unicast
fast-reroute per-prefix
fast-reroute per-prefix ti-lfa
interface gigabitEthernet 0/0/0/1
address-family ipv6 unicast
fast-reroute per-prefix
fast-reroute per-prefix ti-lfa
performance-measurement
interface gigabitEthernet 0/0/0/0
delay-measurement
interface gigabitEthernet 0/0/0/1
delay-measurement
segment-routing
srv6
locators
locator LATENCY
micro-segment behavior unode psp-usd
prefix fcbb:bb01:3::/48
algorithm 128
router isis 1
flex-algo 128
metric-type delay
advertise-definition
address-family ipv6 unicast
segment-routing srv6
locators locator LATENCY
vrf 2
address-family ipv6 unicast
import route-target
1:2
export route-target
1:2
interface Loopback102
vrf 2
ipv6 address 2001:7543::3/128
router bgp 1
vrf 2
rd 1:2
address-family ipv6 unicast
segment-routing srv6
locator MAIN
alloc mode per-vrf
redistribute connected
commit
- XR4
conf
interface gigabitEthernet 0/0/0/0
ipv6 enable
no shutdown
interface gigabitEthernet 0/0/0/1
ipv6 enable
no shutdown
segment-routing
srv6
locators
locator MAIN
micro-segment behavior unode psp-usd
prefix fcbb:bb00:4::/48
router isis 1
is-type level-1
net 49.0.0.4.00
address-family ipv6 unicast
metric-style wide
segment-routing srv6
locator MAIN
interface gigabitEthernet 0/0/0/0
point-to-point
address-family ipv6 unicast
interface gigabitEthernet 0/0/0/1
point-to-point
address-family ipv6 unicast
vrf 1
address-family ipv4 unicast
import route-target
1:1
export route-target
1:1
interface Loopback101
vrf 1
ipv4 address 1.1.1.4 255.255.255.255
int lo0
ipv6 addr fcbb:bb00:4::1/128
router bgp 1
bgp router-id 1.0.0.4
address-family vpnv4 unicast
address-family vpnv6 unicast
neighbor fcbb:bb00:1::1
remote-as 1
update-source Loopback0
address-family vpnv4 unicast
address-family vpnv6 unicast
vrf 1
rd 1:1
address-family ipv4 unicast
segment-routing srv6
locator MAIN
alloc mode per-vrf
redistribute connected
router isis 1
address-family ipv6 unicast
microloop avoidance segment-routing
interface gigabitEthernet 0/0/0/0
address-family ipv6 unicast
fast-reroute per-prefix
fast-reroute per-prefix ti-lfa
interface gigabitEthernet 0/0/0/1
address-family ipv6 unicast
fast-reroute per-prefix
fast-reroute per-prefix ti-lfa
performance-measurement
interface gigabitEthernet 0/0/0/0
delay-measurement
interface gigabitEthernet 0/0/0/1
delay-measurement
segment-routing
srv6
locators
locator LATENCY
micro-segment behavior unode psp-usd
prefix fcbb:bb01:4::/48
algorithm 128
router isis 1
flex-algo 128
metric-type delay
advertise-definition
address-family ipv6 unicast
segment-routing srv6
locators locator LATENCY
vrf 2
address-family ipv6 unicast
import route-target
1:2
export route-target
1:2
interface Loopback102
vrf 2
ipv6 address 2001:7543::4/128
router bgp 1
vrf 2
rd 1:2
address-family ipv6 unicast
segment-routing srv6
locator MAIN
alloc mode per-vrf
redistribute connected
commit
- XR5
conf
interface gigabitEthernet 0/0/0/0
ipv6 enable
no shutdown
interface gigabitEthernet 0/0/0/1
ipv6 enable
no shutdown
segment-routing
srv6
locators
locator MAIN
micro-segment behavior unode psp-usd
prefix fcbb:bb00:5::/48
router isis 1
is-type level-1
net 49.0.0.5.00
address-family ipv6 unicast
metric-style wide
segment-routing srv6
locator MAIN
interface gigabitEthernet 0/0/0/0
point-to-point
address-family ipv6 unicast
interface gigabitEthernet 0/0/0/1
point-to-point
address-family ipv6 unicast
vrf 1
address-family ipv4 unicast
import route-target
1:1
export route-target
1:1
interface Loopback101
vrf 1
ipv4 address 1.1.1.5 255.255.255.255
int lo0
ipv6 addr fcbb:bb00:5::1/128
router bgp 1
bgp router-id 1.0.0.5
address-family vpnv4 unicast
address-family vpnv6 unicast
neighbor fcbb:bb00:1::1
remote-as 1
update-source Loopback0
address-family vpnv4 unicast
address-family vpnv6 unicast
vrf 1
rd 1:1
address-family ipv4 unicast
segment-routing srv6
locator MAIN
alloc mode per-vrf
redistribute connected
router isis 1
address-family ipv6 unicast
microloop avoidance segment-routing
interface gigabitEthernet 0/0/0/0
address-family ipv6 unicast
fast-reroute per-prefix
fast-reroute per-prefix ti-lfa
interface gigabitEthernet 0/0/0/1
address-family ipv6 unicast
fast-reroute per-prefix
fast-reroute per-prefix ti-lfa
performance-measurement
interface gigabitEthernet 0/0/0/0
delay-measurement
interface gigabitEthernet 0/0/0/1
delay-measurement
segment-routing
srv6
locators
locator LATENCY
micro-segment behavior unode psp-usd
prefix fcbb:bb01:5::/48
algorithm 128
router isis 1
flex-algo 128
metric-type delay
advertise-definition
address-family ipv6 unicast
segment-routing srv6
locators locator LATENCY
vrf 2
address-family ipv6 unicast
import route-target
1:2
export route-target
1:2
interface Loopback102
vrf 2
ipv6 address 2001:7543::5/128
router bgp 1
vrf 2
rd 1:2
address-family ipv6 unicast
segment-routing srv6
locator MAIN
alloc mode per-vrf
redistribute connected
commit
確認
XR1とXR3でicmpv6を実行した結果をtsharkで取得
ip netns exec clab-srv6-xr02 tshark -i Gi0-0-0-1 -V ip6
Internet Protocol Version 6, Src: fcbb:bb00:3::1, Dst: fcbb:bb00:1:e005::
0110 .... = Version: 6
.... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT)
.... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0)
.... .... ..00 .... .... .... .... .... = Explicit Congestion Notification: Not ECN-Capable Transport (0)
.... 0000 0000 0000 0000 0000 = Flow Label: 0x00000
Payload Length: 100
Next Header: IPv6 (41)
Hop Limit: 64
Source Address: fcbb:bb00:3::1
Destination Address: fcbb:bb00:1:e005::
Internet Protocol Version 6, Src: 2001:7543::3, Dst: 2001:7543::1
0110 .... = Version: 6
.... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT)
.... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0)
.... .... ..00 .... .... .... .... .... = Explicit Congestion Notification: Not ECN-Capable Transport (0)
.... 0000 0000 0000 0000 0000 = Flow Label: 0x00000
Payload Length: 60
Next Header: ICMPv6 (58)
Hop Limit: 60
Source Address: 2001:7543::3
Destination Address: 2001:7543::1
Internet Control Message Protocol v6
Type: Echo (ping) request (128)
Code: 0
Checksum: 0x6f95 [correct]
[Checksum Status: Good]
Identifier: 0x218d
Sequence: 4
Data (52 bytes)
多分SRv6 L3VPNはできてる感じ。この構成でuSID、TI-LFA、microloop avoidance、Flexible Algorithmが確認できるみたいなので色々確認してみる。
configや挙動は全く理解してないけど今回の目標は環境構築なのでとりあえず目標達成。詳細は適宜修正予定