Segment Types
Think of segments as a set of instructions. In Segment Routing, a source (an ingress router, as an example) chooses a certain path through the network and encodes the path in the packet header as an ordered list of instructions. These instructions are termed segments because they describe components of a divided whole.
In SR-MPLS (Segment Routing based on MPLS data plane), such an identifier refers to an ordered list of segments represented by a stack of MPLS labels. When you instruct routers to follow these labels in a given sequence, the packets will take this path through the network. In SRv6 (Segment Routing based on IPv6 data plane), it refers to an ordered list of segments encoded into a routing extension header. When you instruct routers to follow this list, the packets will flow via this path. In Figure 15-1, assigning such identifiers to routers can provide instructions for a specific path to send packets.
)
Figure 15.1 Assigning Segments to Network
Global Segments
Every router in a Segment Routing, or SR, domain understands such instruction and installs it in its forwarding table. This instruction is a domain-wide (watch the misleading name global because it is not known globally around the world) unique label value (a numerical number) that comes from the Segment Routing Global Block (SRGB) database. Table 15-2 shows how the Label Switching Database (LSD) carves the following default ranges (some can be changed) on Cisco routers running Segment Routing–capable software.
Table 15-2 LSD Label Ranges
Label Range |
Reserved for |
Examples |
|---|---|---|
0–15 |
Base special-purpose MPLS labels |
0—IPv4 Explicit NULL 3—Implicit NULL |
16–15,999 |
Static MPLS labels |
LDP assigned |
16,000–23,999 |
SRGB |
Global Segments (i.e., SR) |
24,000–1,048,575 |
Dynamic allocation |
Adjacency Segments |
In Figure 15-1, every node in the domain knows that label 16002 always and uniquely represents Router PE2, 16003 always represents Router PE3, and so on. These are referred to as Node SIDs (Segment Identifiers).
A Node SID is a type of Prefix SID, as it represents any prefix linked to a node. To send a set of segment routing instructions is to specify these labels (Node SIDs); 16002, 16003 literally means “send this traffic via shortest ECMP path to PE2, then same to PE3.” If the “uniqueness” rule is broken (two distinct routers are assigned the same label value), there will be an issue on your network because the nodes will not be able to accurately determine the appropriate path for routing traffic. (Technically, what happens is that IS-IS will prioritize the “first programmed” label and ignore the “second” one. This can get complex as to what “first programmed” means, as in when a router reboots or has failed, which router becomes “first programmed”? OSPF, on the other hand, will withdraw both SIDs. Don’t worry about this because this topic is highly unlikely to show up on the exam, but good to know.)
Global Segments are always distributed as a unique value via IGP (remember that SR no longer relies on LDP as the label distribution mechanism). This value must be unique and comes from a combination of a label range (SRGB) + index. The default SRGB range for Cisco routers is 16000–23999 (notice how it does not overlap with the LDP range) and the index is zero based (the first index = 0). In our scenario, we start adding index values to our routers (index 2 for PE2, index 3 for PE3), so we will come up with globally known unique values of 16002 and 16003 for these routers. Cisco gives an option to also define these as an absolute value. There is no difference in daily operations whether absolute or relative indexes are used.
There are two minimum requirements to enable Segment Routing:
Configure the Segment Routing Global Block (SRGB)
Enable Segment Routing and Node SID in the IGP (shown later in the chapter under respective protocols)
Example 15-1 demonstrates SRGB assignment on both IOS XE as well as IOS XR operating systems.
Example 15-1 SRGB Verification on IOS XE and IOS XR
IOS PE2# show running-config segment routing ! segment-routing global-block 16000 23999 ! PE2#
IOS XR RP/0/0/CPU0:PE4# show running-config segment-routing ! segment-routing global-block 16000 23999 ! RP/0/0/CPU0:PE4#
When you’re configuring an SRGB block, the recommendation is to configure it globally (again misleading, in the global, i.e., router-wide configuration), not per individual IGP; this way, all IGP instances as well as BGP can use the global (i.e., router-wide) SRGB. This is important because, later on, if you choose to add another protocol and the SRGB range has to change, you will have to reload the router. To avoid this, it is better to assign the SRGB block globally in the router so that multiple protocols (including BGP) can use it, not just a specific IGP. You should have a homogenous SRGB block (same SRGB range) on all routers on the network. If you do not, you will have fun times building end-to-end LSPs.
Local Segments
This instruction is allocated and understood by the originating node. It is locally significant only (which aligns with the intended meaning regarding the local router). A locally allocated MPLS label would be a good example of a local segment. Sometimes a router has more than a single link for forwarding traffic. The operator can prefer one of these paths over the other. In Figure 15-2, a packet arrives at PE3 (via label 16003). PE3 intends to send this packet to PE6, and there are two shortest available paths—through P4 and P5. These links are identified with local labels 24100 and 24150. Selecting one of them will instruct the local router to pick the appropriate link.
)
Figure 15.2 Assigning Local Segments to Network
IGP Segments
Segments construct a path through a network. There are two building blocks distributed by IGP: Prefix Segments and Adjacency Segments.
IGP Prefix Segments
Think of an IGP Prefix Segment as a shortest path to the IGP prefix. Note that it is
Known as Prefix-SID
Associated with an IP prefix
Represents an ECMP (Equal Cost Multi-Path)-aware shortest path to a prefix
Likely a multihop path
A Global Segment—known uniquely on the SR domain
A Label (16000 + Index) that is advertised as an index
Distributed via IGP (ISIS/OSPF)
Observe this behavior in Figure 15-3 (note that we removed two links to better illustrate our example), where different routers are used to forward traffic to P5 based on label 16005, destined to the loopback address of 10.1.100.5. For this Segment Routing domain, PE3, P4, PE6, and PE7 send traffic directly to P5 because when these routers look at the MPLS forwarding table, label 16005 will be associated with the one interface directly connecting to P5. The only exception is PE2 which will have two equal paths available due to ECMP. How did all the routers learn that prefix 10.1.100.5/32 is associated with label 16005? R5 has generated this value from the combination of the SRGB label base 16000, added its operator assigned index +5, and advertised this label via IGP.
)
Figure 15.3 IGP Prefix Segment Behavior
I need to point something out here. Technically, there is a difference between a Node SID (which we just showed you) and a Prefix SID. A Node SID points to a router that can be a visiting point on the network. A Prefix SID is a label for a network prefix that is advertised by a router. This causes a point of confusion at times. Note that a special N flag is set to indicate that a SID represents a router (node) on the network. This is advanced and is unlikely to show up on the exam, but we include Example 15-2 to clear up any confusion regarding the difference.
Example 15-2 Node SID and the N Flag
RP/0/0/CPU0:R2# show isis database R1.00-00 detail verbose
Thu May 9 13:03:44.757 UTC
IS-IS lab (Level-1) Link State Database
LSPID LSP Seq Num LSP Checksum LSP Holdtime/Rcvd ATT/P/OL
The requested LSP R1.00-00 was not found in the IS-IS lab Level-1 LSP Database
IS-IS lab (Level-2) Link State Database
LSPID LSP Seq Num LSP Checksum LSP Holdtime/Rcvd ATT/P/OL
R1.00-00 0x00000007 0xf6b7 1108 /1199 0/0/0
Area Address: 49.0001
NLPID: 0xcc
NLPID: 0x8e
IP Address: 1.1.1.1
Metric: 10 IP-Extended 10.1.12.0/24
Prefix Attribute Flags: X:0 R:0 N:0
Metric: 10 IP-Extended 10.1.13.0/24
Prefix Attribute Flags: X:0 R:0 N:0
Metric: 0 IP-Extended 1.1.1.1/32
Prefix-SID Index: 1, Algorithm:0, R:0 N:1 P:0 E:0 V:0 L:0
Prefix Attribute Flags: X:0 R:0 N:1
Hostname: R1
IPv6 Address: 2001:1:1:1::1
Metric: 10 MT (IPv6 Unicast) IPv6 2001:10:1:12::/64
Prefix Attribute Flags: X:0 R:0 N:0
Metric: 10 MT (IPv6 Unicast) IPv6 2001:10:1:13::/64
Prefix Attribute Flags: X:0 R:0 N:0
Metric: 0 MT (IPv6 Unicast) IPv6 2001:1:1:1::1/128
Prefix-SID Index: 1001, Algorithm:0, R:0 N:1 P:0 E:0 V:0 L:0
Prefix Attribute Flags: X:0 R:0 N:1
MT: Standard (IPv4 Unicast)
MT: IPv6 Unicast 0/0/0
Metric: 10 IS-Extended R2.07
Interface IP Address: 10.1.12.1
Link Maximum SID Depth:
Label Imposition: 10
LAN-ADJ-SID: F:0 B:0 V:1 L:1 S:0 P:0 weight:0 Adjacency-sid: 24001 System ID:R2
Metric: 10 MT (IPv6 Unicast) IS-Extended R2.07
Interface IPv6 Address: 2001:10:1:12::1
Link Maximum SID Depth:
Label Imposition: 10
LAN-ADJ-SID: F:1 B:0 V:1 L:1 S:0 P:0 weight:0 Adjacency-sid: 24003 System ID:R2
Router Cap: 1.1.1.1 D:0 S:0
Segment Routing: I:1 V:1, SRGB Base: 16000 Range: 8000
SR Local Block: Base: 15000 Range: 1000
SR Algorithm:
Algorithm: 0
Algorithm: 1
Node Maximum SID Depth:
Label Imposition: 10
RP/0/0/CPU0:R2#
This example from IS-IS shows the R2 is receiving SR information from R1, which has IPv4 (1.1.1.1/32) and IPv6 (2001:1:1:1::1/128) prefixes advertised with the N (Node) flag set to 1—a Node SID, not a Prefix SID.
IGP Adjacency Segment
An IGP Adjacency Segment is an identifier that describes a particular link between two routers. It is used to direct traffic over a specific link within the IGP routing domain. Routers can be given an instruction to forward based on the IGP adjacency. Note that adjacency segment is
Known as Adj-SID
Represents a hop over a specific link between two IGP-speaking routers
Likely a one-hop path
A Local Segment—significant only on a particular router
Advertised as a label value
Distributed via IGP (ISIS/OSPF)
Figure 15-4 illustrates this. Now, the packet has arrived at P5 and needs to travel further to PE6 (10.1.100.6). The operator has a choice to impose a local decision on P5 on which links to use—the direct link to PE6 or two-hop link via PE7. In this case, the link to PE7 is preferred (higher bandwidth, lower latency, encryption—take your pick), and label 24150 steers the traffic toward PE7.
)
Figure 15.4 IGP Prefix Segment Behavior with Adjacency Segments
Combining IGP Segments
By combining segment IDs, you can groom traffic on any path in the network:
Specify the sequential list of segment IDs in the packet header, known as a label stack with the top label being read first.
Path is not signaled, and per flow state is not created (as in RSVP-TE).
A single protocol (IS-IS, OSPF, BGP) distributes this instruction.
In Figure 15-5, a network operator instructs PE2 to steer traffic to PE6 by sending it to P5 first via two available ECMP paths. Once P5 gets the packet, the top label 16005 is removed, and P5 uses the direct link to PE6 by looking up this interface in the forwarding table where it is associated with the dynamic adjacency label 24100.
)
Figure 15.5 Combining IGP Segment IDs for Traffic Steering
By combining segment IDs (Prefix-SID and Adj-SID) in this way, you can put a packet on any path through the network, no matter how complex or unnatural this path may be. That is the power and essence of Segment Routing. At each hop, the top segment identifies the next hop. Segment IDs are stacked in sequential order at the top of the packet header. When the top segment ID contains the identity of another router, the receiving node uses equal cost multipaths (ECMP) to move the packet to the next hop. When the identity is the receiving router itself, the router will pop the top segment and perform the task required by the next segment.
)
Figure 15.6 Label Stack Example