M Configuring srv6 Traffic Engineering 8000
M Configuring srv6 Traffic Engineering 8000
M Configuring srv6 Traffic Engineering 8000
This module provides information about Segment Routing over IPv6 (SRv6) Traffic Engineering, how to
configure SRv6-TE, and how to steer traffic into an SRv6-TE policy.
SRv6-TE Overview
Segment Routing over IPv6 Traffic Engineering (SRv6-TE ) allows you to steer traffic across a network based
on specific policies and requirements and provides greater control over how traffic flows through the network.
SRv6-TE also allows you to create explicit paths through the network for specific traffic flows where a
particular application or service requires a specific quality of service (QoS) level, such as low latency or high
bandwidth.
SRv6-TE uses the concept of source routing, where the source calculates the path and encodes it in the packet
header as a list of segments. This list of segments is added to an IPv6 routing header called the SRv6 Segment
Routing Header (SRH) in the incoming packet. With SRv6-TE, the network does not need to maintain
per-application and per-flow state on each node. Instead, only the head-end nodes on the edge of the network
where the traffic enters the policy need to maintain a state.
The remaining nodes obey the forwarding instructions that are included in the packet. SRv6-TE can utilize
network bandwidth more effectively than traditional MPLS RSVP-TE using ECMP within each segment. In
addition, by using a single intelligent source it relieves remaining routers from the task of calculating the
required path through the network.
Traffic engineering over SRv6 can be accomplished in the following ways:
• End-to-End Flexible Algorithm: This is used for traffic engineering intents achieved with Flexible
Algorithm, including low latency, multi-plane disjointness, affinity inclusion/exclusion, and SRLG
exclusion. See SRv6 Flexible Algorithm, on page 21.
• SRv6-TE Policy: This is used for traffic engineering intents beyond Flex Algo capabilities, such as path
disjointness that rely on path computation by a PCE. In addition, this is used for user-configured explicit
paths. SRv6-TE Policy, on page 6.
Supported Features
The following are the supported functionalities:
• SRv6 policies with SRv6 uSID segments
• SRv6 policies with PCE-delegated dynamic paths
• SRv6 policies with explicit paths
• SRv6 policies with single or multiple candidate paths (CP)
• SRv6 policies with a single SID list per CP
• SRv6 policies with multiple (weighted ECMP) SID lists per CP
• Path delegation and reporting with PCEPv4
• Path delegation and reporting with PCEPv6
• PCEPv4 and PCEPv6 sessions with different PCEs
• PCEs with PCEP state-sync sessions must be either PCEPv4 or PCEPv6.
• PCEP path delegation with the following optimization objective (metric) types:
• IGP metric
• TE metric
• Delay (latency)
• Hop-count
• Segment protection-type:
• Protected-only
• Protected-preferred
• Unprotected-only
• Unprotected-preferred
• SRv6 policy with TI-LFA (protection of the first segment in the segment list at the head-end)
• Steering over SRv6 policies with Automated Steering for the following services:
• L3 BGP-based services (IPv4 L3VPN, IPv6 L3VPN, IPv4 BGP global, IPv6 BGP global)
Unsupported Features
The following functionalities are not supported:
• SRv6 policy counters
• PCE-initiated SRv6 policies via PCEP
• SRv6 policies with head-end computed dynamic paths
• PCE path delegation with segment-type Flex Algo constraint
• PCEPv4 and PCEPv6 sessions with same PCE
• Steering over SRv6 policies based on incoming BSID (remote automated steering)
• PCC with user-configured PCE groups
• SR-PM delay-measurement over SRv6 policies
• SR-PM liveness detection over SRv6 policies
• L3 services with BGP PIC over SRv6 policies
• SRv6 policy ping
• L2 BGP-based service (EVPN VPWS)
By default, 1K polices are supported. If MPLS tunnels are not configured on the router, use the following
commands to get higher SRv6-TE scale:
• If the support for LDPoTE or SRoSR-TE MPLS features are not required, use the following command
to configure higher RSVP-TE/SR-TE scale.
hw-module profile cef te-tunnel highscale-no-ldp-over-te
• If the support for LDPoTE is required but not SRoSR-TE MPLS features, use the following command
to configure higher tunnel scale.
hw-module profile cef te-tunnel highscale-ldp-over-te-no-sr-over-srte
SRv6-TE Policy
SRv6-TE uses a “policy” to steer traffic through the network. An SRv6-TE policy path is expressed as a list
of micro-segments that specifies the path, called a micro-segment ID (uSID) list. Each segment list is an
end-to-end path from the source to the destination, and instructs the routers in the network to follow the
specified path instead of following the shortest path calculated by the IGP. If a packet is steered into an
SRv6-TE policy, the uSID list is pushed on the packet by the head-end. The rest of the network executes the
instructions embedded in the uSID list.
An SRv6-TE policy is identified as an ordered list (head-end, color, end-point):
• Head-end – Where the SRv6-TE policy is instantiated
• Color – A numerical value that distinguishes between two or more policies to the same node pairs
(Head-end – End point)
• End-point – The destination of the SRv6-TE policy
Every SRv6-TE policy has a color value. Every policy between the same node pairs requires a unique color
value.
An SRv6-TE policy uses one or more candidate paths. A candidate path can be made up of a single SID-list
or a set of weighted SID-lists (for weighted equal cost multi-path [WECMP]).
A SID list can be either the result of a dynamic path computation by a PCE or a user-configured explicit path.
See SRv6-TE Policy for more information.
Explicit Paths
An explicit path is a specified SID-list or set of SID-lists.
When configuring an explicit path using IP addresses of links along the path, the SRv6-TE process prefers
the protected Adj-SID of the link, if one is available. In addition, when manual Adj-SIDs are configured, the
SRv6-TE process prefers a manual-protected Adj-SID over a dynamic-protected Adj-SID.
You can configure the path to prefer the protected or unprotected Adj-SID, or to use only protected or
unprotected Adj-SID. See Segment Protection-Type Constraint, on page 20.
You can enable SRv6-TE explicit segment list SID validation to allow the head-end node to validate the SIDs
in an explicit SRv6-TE segment list against the SR-TE topology database. See SRv6-TE Explicit Segment
List SID Validation, on page 11.
A segment list can use uSIDs or uSID carrier, or a combination of both.
Running Configuration
Router# show running-config
. . .
segment-routing
traffic-eng
segment-lists
srv6
sid-format usid-f3216
!
segment-list p1_r8_1
srv6
index 10 sid FCBB:BB00:10:feff::
index 15 sid FCBB:BB00:100:fe00::
index 20 sid FCBB:BB00:2::
index 30 sid FCBB:BB00:3:::
index 40 sid FCBB:BB00:4::
index 50 sid FCBB:BB00:5::
index 60 sid FCBB:BB00:6::
!
!
!
policy POLICY1
srv6
locator loc1 binding-sid dynamic behavior ub6-encaps-reduced
!
color 10 end-point ipv6 fcbb:bb00:2::1
candidate-paths
preference 100
explicit segment-list p1_r8_1
!
!
!
!
!
!
Verification
Verify the SR-TE policy configuration using:
Router# show segment-routing traffic-eng policy name srte_c_10_ep_fcbb:bb00:2::1 d
Name: POLICY1
Requested BSID: dynamic
Constraints:
Protection Type: protected-preferred
Maximum SID Depth: 13
Explicit: segment-list p1_r8_1 (inactive)
Weight: 1, Metric Type: TE
SID[0]: FCBB:BB00:10:feff::
SID[1]: FCBB:BB00:100:fe00::
SID[2]: FCBB:BB00:1::
SID[3]: FCBB:BB00:1:fe00::
SID[4]: FCBB:BB00:fe00::
SID[5]: FCBB:BB00:5::
SID[6]: FCBB:BB00:6::
SRv6 Information:
Locator: loc1
Binding SID requested: Dynamic
Binding SID behavior: End.B6.Encaps.Red
Attributes:
Forward Class: 0
Steering labeled-services disabled: no
Steering BGP disabled: no
IPv6 caps enable: yes
Invalidation drop enabled: no
Max Install Standby Candidate Paths: 0
Configuration Example
Running Configuration
Router# show running-config
. . .
segment-routing
traffic-eng
segment-lists
srv6
sid-format usid-f3216
!
segment-list p1_r8_3
srv6
index 10 sid FCBB:BB00:10:fe01::
index 20 sid FCBB:BB00:1::
index 30 sid FCBB:BB00:1:fe00::
index 40 sid FCBB:BB00:fe00::
index 50 sid FCBB:BB00:5::
index 60 sid FCBB:BB00:6::
!
!
segment-list igp_ucmp1
srv6
index 10 sid FCBB:BB00:1::
index 20 sid FCBB:BB00:4::
index 30 sid FCBB:BB00:5::
!
!
!
policy po_r8_1001
srv6
locator loc1 binding-sid dynamic behavior ub6-encaps-reduced
!
color 1001 end-point ipv6 fcbb:bb00:2::1
candidate-paths
preference 1000
explicit segment-list p1_r8_3
weight 4
!
explicit segment-list igp_ucmp1
weight 2
!
!
!
!
!
!
Enable SID validation globally for all SRv6 explicit segment lists
Prior to enabling SRv6 explicit segment list SID validation, use the show segment-routing traffic-eng
topology command to verify if the SR-TE topology is available on the headend PCC router.
To enable SID validation globally, use the segment-routing traffic-eng segment-lists srv6 topology-check
command.
Router(config)# segment-routing traffic-eng
Router(config-sr-te)# segment-lists
Router(config-sr-te-segment-lists)# srv6
Router(config-sr-te-sl-global-srv6)# topology-check
To enable SID validation for a specific explicit SID list, use the segment-routing traffic-eng segment-lists
segment-list name srv6 topology-check command.
Router(config)# segment-routing traffic-eng
Router(config-sr-te)# segment-lists
The following example shows how to enable SID validation globally and disable SID validation for a specific
SRv6 explicit segment list:
Router(config)# segment-routing traffic-eng
Router(config-sr-te)# segment-lists
Router(config-sr-te-segment-lists)# srv6
Router(config-sr-te-sl-global-srv6)# topology-check
Router(config-sr-te-sl-global-srv6)# exit
Router(config-sr-te-segment-lists)# segment-list p1_r8_1
Router(config-sr-te-sl)# srv6
Router(config-sr-te-sl-srv6)# no topology-check
Running Configuration
segment-routing
traffic-eng
segment-lists
srv6
topology-check
!
segment-list p1_r8_1
srv6
no topology-check
!
!
!
!
!
Verification
Router# show segment-routing traffic-eng policy name srte_c_10_ep_fcbb:bb00:2::1 detail
SID[6]: fccc:0:6::
SRv6 Information:
Locator: loc1
Binding SID requested: Dynamic
Binding SID behavior: End.B6.Encaps.Red
Attributes:
Forward Class: 0
Steering labeled-services disabled: no
Steering BGP disabled: no
IPv6 caps enable: yes
Invalidation drop enabled: no
Max Install Standby Candidate Paths: 0
Dynamic Paths
A dynamic path is based on an optimization objective and a set of constraints. The head-end computes a
solution, resulting in a SID-list or a set of SID-lists. When the topology changes, a new path is computed. If
the head-end does not have enough information about the topology, the head-end might delegate the computation
to a Segment Routing Path Computation Element (SR-PCE). For information on configuring SR-PCE, see
Configure Segment Routing Path Computation Element chapter.
An SRv6-TE policy initiates a single (selected) path in RIB/FIB. This is the preferred valid candidate path.
A candidate path has the following characteristics:
• It has a preference – If two policies have same {color, endpoint} but different preferences, the policy
with the highest preference is selected.
• It is associated with a single Binding SID (uB6) – A uB6 SID conflict occurs when there are different
SRv6 policies with the same uB6 SID. In this case, the policy that is installed first gets the uB6 SID and
is selected.
• It is valid if it is usable.
A path is selected when the path is valid and its preference is the best among all candidate paths for that policy.
Note The protocol of the source is not relevant in the path selection logic.
For a dynamic path that traverses a specific interface between nodes (segment), the algorithm may encode
this segment using an Adjacency uSID (uA SID).
Optimization Objectives
Optimization objectives allow the head-end router to compute a uSID-list that expresses the shortest dynamic
path according to the selected metric type:
• Hopcount — Use the least number of hops for path computation.
• IGP metric — Refer to the Implementing IS-IS and Implementing OSPF chapters in the Routing
Configuration Guide for Cisco 8000 Series Routers
• TE metric — See the Configure Interface TE Metrics, on page 14 section for information about configuring
TE metrics.
• Delay (latency) — See the Configure Performance Measurementchapter for information about measuring
delay for links or SRv6 policies.
This example shows a dynamic path from head-end router 1 to end-point router 3 that minimizes IGP or TE
metric:
• The blue path uses the minimum IGP metric: Min-Metric (1 → 3, IGP) = uSID-list {cafe:0:3::}; cumulative
IGP metric: 20
• The green path uses the minimum TE metric: Min-Metric (1 → 3, TE) = uSID-list {cafe:0:5:4:3::};
cumulative TE metric: 23
Running Configuration
The following configuration example shows how to set the TE metric for various interfaces:
segment-routing
traffic-eng
interface TenGigE0/0/0/0
metric 100
!
interface TenGigE0/0/0/1
metric 1000
!
interface TenGigE0/0/2/0
metric 50
!
!
end
Constraints
Constraints allow the head-end router to compute a dynamic path according to the selected metric type:
Note For path-computation on PCE, configuring both affinity and disjoint-path is not supported.
• Affinity — You can apply a color or name to links or interfaces by assigning affinity bit-maps to them.
You can then specify an affinity (or relationship) between an SRv6 policy path and link colors. SRv6-TE
computes a path that includes or excludes links that have specific colors,or combinations of colors. See
the Named Interface Link Admin Groups and SRv6-TE Affinity Maps, on page 18section for information
on named interface link admin groups and SRv6-TE Affinity Maps.
• Disjoint — SRv6-TE computes a path that is disjoint from another path in the same disjoint-group.
Disjoint paths do not share network resources. Path disjointness may be required for paths between the
same pair of nodes, between different pairs of nodes, or a combination (only same head-end or only same
end-point).
• Segment protection-type behavior — You can control whether protected or unprotected segments are
used when encoding the SID-list of an SRv6 policy candidate path. The types of segments that could be
used when building a SID-list include uSIDs and adjacency SIDs (uA SID). See the Segment
Protection-Type Constraint, on page 20 for details and usage guidelines.
Note • If you do not specify a customized per-policy locator and BSID behavior,
the policy will use the global locator and BSID behavior.
• If you do not specify a customized per-policy source address, the policy will
use the local IPv6 source address.
Note Disjoint-path and affinity constraints cannot be configured at the same time.
Configuration Example
The following example shows a configuration of an SRv6 policy at an SRv6-TE head-end router using the
global locator and source address. The policy has a dynamic path with optimization objectives and affinity
constraints computed by the SR-PCE.
Node1(config)# segment-routing
Node1(config-sr)# traffic-eng
Node1(config-sr-te)# srv6
Running Confiuration
segment-routing
traffic-eng
srv6
locator Node1 binding-sid dynamic behavior ub6-encaps-reduced
!
candidate-paths
all
source-address ipv6 cafe:0:1::1
!
!
policy pol_node1_node4_te
color 20 end-point ipv6 cafe:0:4::4
candidate-paths
preference 100
dynamic
pcep
!
metric
type te
!
!
constraints
affinity
exclude-any
name brown
!
!
!
!
!
!
!
!
The following example shows a configuration of a manual SRv6 policy at an SRv6-TE head-end router with
customized locator and source address. The policy has a dynamic path with optimization objectives and affinity
constraints computed by the SR-PCE.
Node1(config)# segment-routing
Node1(config-sr)# traffic-eng
Node1(config-sr-te)# policy pol_node1_node4_te
Node1(config-sr-te-policy)# source-address ipv6 cafe:0:1::1
Node1(config-sr-te-policy)# srv6
Node1(config-sr-te-policy-srv6)# locator Node1 binding-sid dynamic behavior ub6-encaps-reduced
Node1(config-sr-te-policy-srv6)# exit
Node1(config-sr-te-policy)# color 20 end-point ipv6 cafe:0:4::4
Node1(config-sr-te-policy)# candidate-paths
Node1(config-sr-te-policy-path)# preference 100
Node1(config-sr-te-policy-path-pref)# dynamic
Node1(config-sr-te-pp-info)# pcep
Node1(config-sr-te-path-pcep)# exit
Node1(config-sr-te-pp-info)# metric type te
Node1(config-sr-te-pp-info)# exit
Node1(config-sr-te-policy-path-pref)# constraints
Node1(config-sr-te-path-pref-const)# affinity
Node1(config-sr-te-path-pref-const-aff)# exclude-any
Node1(config-sr-te-path-pref-const-aff-rule)# name brown
Running Config
segment-routing
traffic-eng
policy pol_node1_node4_te
srv6
locator Node1 binding-sid dynamic behavior ub6-encaps-reduced
!
source-address ipv6 cafe:0:1::1
color 20 end-point ipv6 cafe:0:4::4
candidate-paths
preference 100
dynamic
pcep
!
metric
type te
!
!
constraints
affinity
exclude-any
name brown
!
!
!
!
!
!
!
!
Verification
Node1# show segment-routing traffic-eng policy color 20
Note You can configure affinity constraints using attribute flags or the Flexible Name Based Policy Constraints
scheme; however, when configurations for both schemes exist, only the configuration pertaining to the new
scheme is applied.
Configure Named Interface Link Admin Groups and SRv6-TE Affinity Maps
Configure affinity maps on the following routers:
• Routers with interfaces that have an associated admin group attribute.
• Routers that act as SRv6-TE head-ends for SR policies that include affinity constraints.
To define affinity maps, use the segment-routing traffic-eng affinity-map name bit-position bit-position
command. The bit-position range is from 0 to 255.
Router(config-sr-te)# affinity-map
Router(config-sr-te-affinity-map)# name brown bit-position 1
Running Configuration
segment-routing
traffic-eng
interface HundredGigE0/0/0/0
affinity
name brown
!
!
affinity-map
name brown bit-position 1
!
end
The following example shows how to configure the SRv6 ODN policy that must be encoded using protected
segments:
Router(config)# segment-routing traffic-eng
Router(config-sr-te)# on-demand color 20
Router(config-sr-te-color)# constraints
Router(config-sr-te-color-const)# segments
Router(config-sr-te-color-const-seg)# protection protected-only
IS-IS in Node1 computes shortest paths for each locator and programs them in the FIB:
Node1 and Node2 are PEs of a common VPN. PEs advertise VPN routes via BGP with different transport
SLAs. For example, traffic to a set of prefixes is to be delivered over the min-cost slice, while for another set
of prefixes is to be delivered over the min-delay slice. To achieve this, the egress PE’s service route
advertisement includes the locator of the intended transport SLA type.
• Hardware Efficiency
• Egress PE Node2 processes multiple uSIDs with a single /64 lookup
• FCBB:BB00:0002:F009/64
• Hardware Efficiency
• Egress PE 2 processes multiple uSIDs with a single /64 lookup
• FCBB:BB01:0002:F009/64
4. SRv6 allows for seamless deployment where any transit node (SRv6-capable or not) simply routes based
on a /48 longest prefix match lookup.
For example, transit node (Node 3) forwards traffic along the Algo 0 (min-cost) shortest path for the
remote prefix FCBB:BB00:0002::/48.
5. Egress PE (Node 2) matches local SID FCBB:BB00:0002:F009/64. Node 2 applies “VPN Decaps”
behavior into VRF9 by removing the IPv6 encapsulation and looking up the payload’s DA on the
corresponding VPN table.
Automated Steering
Automated steering (AS) allows service traffic to be automatically steered onto the required transport SLA
path programmed by an SRv6 policy.
With AS, BGP automatically steers traffic onto an SRv6 policy based on the next-hop and color of a BGP
service route. The color of a BGP service route is specified by a color extended community attribute. This
color is used as a transport SLA indicator, such as min-delay or min-cost.
When the next-hop and color of a BGP service route matches the end-point and color of an SRv6 policy, BGP
automatically installs the route resolving onto the BSID of the matching SRv6 policy. Recall that an SRv6
policy on a head-end is uniquely identified by an end-point and color.
When a BGP route has multiple extended-color communities, each with a valid SRv6 policy, the BGP process
installs the route on the SRv6 policy giving preference to the color with the highest numerical value.
The granularity of AS behaviors can be applied at multiple levels, for example:
• At a service level—When traffic destined to all prefixes in a given service is associated to the same
transport path type. All prefixes share the same color.
• At a destination/prefix level—When traffic destined to a prefix in a given service is associated to a
specific transport path type. Each prefix could be assigned a different color.
• At a flow level—When flows destined to the same prefix are associated with different transport path
types.
Protocols
A segment routing path can be derived from various mechanisms. This section specifies extensions to the
Path Computation Element Communication Protocol (PCEP) that allow a stateful PCE to compute Traffic
Engineering (TE) paths as well as a PCC to request a path subject to certain constraints and optimization
criteria in SR networks.
• The total number of PCEP sessions does not exceed the limit on the total number of PCEP sessions on
the PCE.
• The KA interval indicated by PCC is acceptable to the PCE.
Configuration Example
The following example shows how to configure an SR-TE head-end router with the following functionality:
/* Enable the SR-TE head-end router as a PCEP client (PCC) with 2 PCEP servers (PCE) with
different precedence values.*/
Node1(config-sr)# traffic-eng
Node1(config-sr-te)# pcc
Node1(config-sr-te-pcc)# source-address ipv6 cafe:0:1::1
Node1(config-sr-te-pcc)# pce address ipv6 cafe:0:2::2
Node1(config-pcc-pce)# precedence 10
Node1(config-pcc-pce)# exit
Node1(config-sr-te-pcc)# pce address ipv6 cafe:0:3::3
Node1(config-pcc-pce)# precedence 20
Node1(config-pcc-pce)# exit
Verification
Node1# show segment-routing traffic-eng pcc ipv6 peer brief
You can customize the Maximum SID Depth (MSD) signaled by PCC during PCEP session establishment.
For cases with path computation at PCE, a PCC can signal its MSD to the PCE in the following ways:
• During PCEP session establishment – The signaled MSD is treated as a node-wide property.
MSD is configured under segment-routing traffic-eng maximum-sid-depth command.
The MSD is expressed as a number uSIDs. The number of uSID is expressed as a number of carriers and
the number of uSID per carrier.
• During PCEP LSP path request – The signaled MSD is treated as an LSP property.
• Local SR Policy: MSD is configured using the segment-routing traffic-eng policy command.
Note If the configured MSD values are different, the per-LSP MSD takes precedence
over the per-node MSD.
After path computation, the resulting uSID stack size is verified against the MSD requirement.
• If the uSID stack size is larger than the MSD and path computation is performed by PCE, then the PCE
returns a "no path" response to the PCC.
• If the uSID stack size is larger than the MSD and path computation is performed by PCC, then the PCC
will not install the path.
Note A sub-optimal path (if one exists) that satisfies the MSD constraint could be computed in the following cases:
• For a dynamic path with TE metric, when the PCE is configured with the pce segment-routing te-latency
command or the PCC is configured with the segment-routing traffic-eng te-latency command.
• For a dynamic path with LATENCY metric
• For a dynamic path with affinity constraints
For example, if the PCC MSD is 4 and the optimal path (with an accumulated metric of 100) requires 5 uSIDs,
but a sub-optimal path exists (with accumulated metric of 110) requiring 4 uSIDs, then the sub-optimal path
is installed.
Note ECMP-aware path computation is enabled by default for IGP and LATENCY metrics.
Router(config-sr-te)# te-latency
• TCP-AO: TCP-AO uses Message Authentication Codes (MACs), which provides the following:
• Protection against replays for long-lived TCP connections
• More details on the security association with TCP connections than TCP MD5
• A larger set of MACs with minimal system and operational changes
TCP-AO is compatible with Master Key Tuple (MKT) configuration. TCP-AO also protects connections
when using the same MKT across repeated instances of a connection. TCP-AO protects the connections
by using traffic key that are derived from the MKT, and then coordinates changes between the endpoints.
Any TCP segment coming from the PCC that does not contain a MAC matching the configured key
chain will be rejected. Use the include-tcp-options keyword to include other TCP options in the header
for MAC calculation.
Router(config-sr-te-pcc)# pce address ipv6 ipv6-PCE-address tcp-ao key-chain
[include-tcp-options]
Note TCP-AO and TCP MD5 are never permitted to be used simultaneously. TCP-AO supports IPv6, and is fully
compatible with the proposed requirements for the replacement of TCP MD5.
• To specify how long the remote peers wait before bringing down the PCEP session if no PCEP messages
are received from this PCC, use the timers deadtimer command. The range is from 1 to 255 seconds;
the default value is 120.
Router(config-sr-te-pcc)# timers deadtimer seconds
• To specify how long a delegated SR policy can remain up without an active connection to a PCE, use
the timers delegation-timeout command. The range is from 0 to 3600 seconds; the default value is 60.
• To specify the amount of time that a PCE-initiated SR policy will remain delegated to a PCE peer that
is no longer reachable by the PCC, use the timers initiated orphans command. The range is from 10 to
180 seconds; the default value is 180.
Router(config-sr-te-pcc)# timers initiated orphans seconds
• To specify the amount of time that a PCE-initiated SR policy will remain programmed while not being
delegated to any PCE, use the timers initiated state command . The range is from 15 to 14440 seconds
(24 hours); the default value is 600.
Router(config-sr-te-pcc)# timers initiated state seconds
SRv6 Traffic Accounting Release 7.10.1 You can now enable the router to
record the number of bytes
transmitted on a specific egress
interface for IPv6 traffic using the
SRv6 locator counter.
You can use this data to create
deterministic data tools to anticipate
and plan for future capacity
planning solutions.
This feature introduces or modifies
the following changes:
CLI:
• accounting prefixes ipv6
mode per-prefix per-nexthop
srv6-locators
SRv6 traffic accounting is an integral part of today’s network for planning and forecasting traffic. Traffic
accounting is the volume of aggregated traffic flows that enter, traverse, and leave the network in a given
time. Traffic accounting is a solution to monitor the traffic that helps to measure traffic flows and record how
much customer traffic is passing through the SR network.
To design a network topology and meet the defined Service-Level Agreement (SLA), capacity planning
becomes essential for forecasting traffic load and failures. A complete view of the traffic in your network
enables you to anticipate common failures, and provision for network expansion.
You can now monitor traffic on an ingress node of a domain that is SRv6 encapsulated towards an egress
node of the domain. The traffic is recorded at the source using the per-locator, per-egress-interface (LOC.INT.E)
counter, which is the locator per interface at egress to account the traffic. For a given locator (L) and interface
(I), the router counts the number of bytes for the traffic transmitted on the interface (I) with a destination
address (DA) matching the locator L.
When this feature is enabled on routers, all traffic passing through the routers are accounted. These counters
are periodically streamed through telemetry and you can retrieve the counters at any point.
To enable traffic accounting on PE and P routers, use the accounting prefixes ipv6 mode per-prefix command.
You can retrieve the number of packets transmitted and received on the specific interface of a PE or P routers
by using the following telemetry:
Cisco-IOS-XR-fib-common-oper:cef-accounting/vrfs/vrf[vrf-name='default']/afis/afi[afi-type=ipv6]/pfx/srv6locs/srv6loc
Benefits
Monitoring the traffic provides numerous benefits, and here are a few:
• To optimize network utilization and achieve a balance between underutilized and overutilized paths.
• To plan and optimize network capacity and avoid congestion.
• To plan the service provisioning and choose the right path and create an optimized backup path (for using
SRLG's affinity, and so on).
Topology
Let’s understand this feature with the following topology:
Consider the topology where traffic is passing from CE1 to CE2 through PE1. The traffic sent and received
from CE1 is considered as the external traffic. The traffic from PE4 destined to PE2 is considered as the
internal traffic.
Figure 1: Sample Topology for SRv6 Traffic Accounting
PE1 learns CE2 reachability through PE2. Consider PE1 has ECMP paths via P21 and P22 to reach PE2.
• When traffic reaches PE1, PE1 imposes traffic with the PE2 locator fcbb:bb00:2::.
• SRv6 traffic accounting LOC.INT.E is per prefix per egress interface accounting.
When traffic exits the PE1 interface (fa21) through P21, PE1 keeps the count of this traffic that is sent.
Also, when traffic exits the PE1 interface (fa22) through P22, PE1 keeps the count of this traffic that is
sent. The traffic is accounted irrespective of the path PE1 takes to send traffic.
Here is the SRv6 label of the outgoing traffic for PE2:
<fcbb:bb00:1::1, fcbb:bb00:2:f2d1::> [CUSTTraffic]
• When the next set of packets are received and passed through PE1, the counters are incremented on
fa21or fa22 interface based on the path the traffic sent through PE2.
Let's see how the SRv6 traffic is calculated using the demand matrix.
The Demand Matrix (DM) also known as a traffic matrix is a representation of the amount of data transmitted
between every pair of routers. Each cell in the DM represents a traffic volume from one router to another.
DM gives a complete view of the traffic in your network.
In the topology, the amount of external traffic destined for PE2 is a combination of external and internal
traffic.
Figure 2: SampleTopology for Demand Matrix
The external traffic that PE2 receives is equal to the total traffic sent out from PE1 minus the received internal
traffic.
= (Total traffic sent out from PE1) - (Internal traffic received by PE1)
= (sum of all Loc.int.E counters on PE1) - ( sum of the Loc.int.E counters of all neighbors
of PE1)
So, PE2 recieves 18 gigabits per second external traffic from PE1.
The calculation for external traffic for routers follows a similar approach. Let's see few examples in the
following demand matrix.
Table 3: Demand Matrix showing traffic transmitted from PE1 and PE4 to PE2
• SRv6 VPNv4
• SRv6 VPNv6
• SRv6 INETv4
• SRv6 INETv6
Configuration Example
To enable SRv6 traffic accounting:
Router#configure
Router(config)#accounting
Router(config-acct)#prefixes ipv6 mode per-prefix per-nexthop srv6-locators
Router(config-acct)#commit
Running Configuration
Router#show run
accounting
prefixes
ipv6
mode per-prefix per-nexthop srv6-locators
!
!
!
Verification
Verify the Stats ID allocated for remote locator. The following example shows the SRv6 locator ID and the
stats ID allocated for the prefixes with the locator ID.
Router#show route ipv6 fccc:cc00:1:: detail
Router#show run
grpc
port 57400
no-tls
!
telemetry model-driven
sensor-group s1
sensor-path
Cisco-IOS-XR-fib-common-oper:cef-accounting/vrfs/vrf[vrf-name='default']/afis/afi[afi-type=ipv6]/pfx/srv6locs/srv6loc
!
subscription sub1
sensor-group-id s1 sample-interval 30000
!
!
{
"Cisco-IOS-XR-fib-common-oper:cef-accounting": {
"vrfs": {
"vrf": [
{
"vrf-name": "default",
"afis": {
"afi": [
{
"afi-type": "ipv6",
"pfx": {
"srv6locs": {
"srv6loc": [
{
"ipv6-address": " fccc:cc00:1::",
"prefix-length": 48,
"ipv6-prefix": " fccc:cc00:1::",
"ipv6-prefix-length": 48,
"accounting-information": [
{
"number-of-tx-packets": "1500000", <========= Accounting data
"number-of-tx-bytes": "378000000", <========= Accounting data
"path-index": 0,
"outgoing-interface": "Bundle-Ether1201",
"nexthop-addr": "fe80::2/128"
},
{
"number-of-tx-packets": "1000000", <========= Accounting data
"number-of-tx-bytes": "252000000", <========= Accounting data
"path-index": 1,
"outgoing-interface": "TenGigE0/0/0/22",
"nexthop-addr": "fe80::2/128"
}
],
"total-number-of-packets-switched": "2500000",
"total-number-of-bytes-switched": "630000000"
}
]
}
}
}
]
}
}
]
}
}
}