summaryrefslogtreecommitdiff
path: root/docs/configuration/protocols
diff options
context:
space:
mode:
Diffstat (limited to 'docs/configuration/protocols')
-rw-r--r--docs/configuration/protocols/babel.rst210
-rw-r--r--docs/configuration/protocols/bfd.rst2
-rw-r--r--docs/configuration/protocols/bgp.rst38
-rw-r--r--docs/configuration/protocols/failover.rst103
-rw-r--r--docs/configuration/protocols/igmp.rst2
-rw-r--r--docs/configuration/protocols/index.rst3
-rw-r--r--docs/configuration/protocols/segment-routing.rst357
7 files changed, 711 insertions, 4 deletions
diff --git a/docs/configuration/protocols/babel.rst b/docs/configuration/protocols/babel.rst
new file mode 100644
index 00000000..58436178
--- /dev/null
+++ b/docs/configuration/protocols/babel.rst
@@ -0,0 +1,210 @@
+.. _babel:
+
+####
+Babel
+####
+
+Babel is a modern routing protocol designed to be robust and efficient
+both in ordinary wired networks and in wireless mesh networks.
+By default, it uses hop-count on wired networks and a variant of ETX
+on wireless links, It can be configured to take radio diversity into account
+and to automatically compute a link's latency and include it in the metric.
+It is defined in :rfc:`8966`.
+
+Babel a dual stack protocol.
+A single Babel instance is able to perform routing for both IPv4 and IPv6.
+
+General Configuration
+---------------------
+
+VyOS does not have a special command to start the Babel process.
+The Babel process starts when the first Babel enabled interface is configured.
+
+.. cfgcmd:: set protocols babel interface <interface>
+
+ This command specifies a Babel enabled interface by interface name. Both
+ the sending and receiving of Babel packets will be enabled on the interface
+ specified in this command.
+
+Optional Configuration
+----------------------
+
+.. cfgcmd:: set protocols babel parameters diversity
+
+ This command enables routing using radio frequency diversity.
+ This is highly recommended in networks with many wireless nodes.
+
+ .. note:: If you enable this, you will probably want to
+ set diversity-factor and channel below.
+
+.. cfgcmd:: set protocols babel parameters diversity-factor <1-256>
+
+ This command sets the multiplicative factor used for diversity routing,
+ in units of 1/256; lower values cause diversity to play a more important role
+ in route selection.
+ The default it 256, which means that diversity plays no role in route
+ selection; you will probably want to set that to 128 or less on nodes
+ with multiple independent radios.
+
+.. cfgcmd:: set protocols babel parameters resend-delay <milliseconds>
+
+ This command specifies the time in milliseconds after which an 'important'
+ request or update will be resent. The default is 2000 ms.
+
+.. cfgcmd:: set protocols babel parameters smoothing-half-life <seconds>
+
+ This command specifies the time constant, in seconds, of the smoothing
+ algorithm used for implementing hysteresis.
+ Larger values reduce route oscillation at the cost of very slightly increasing
+ convergence time. The value 0 disables hysteresis, and is suitable for wired
+ networks. The default is 4 s.
+
+Interfaces Configuration
+------------------------
+
+.. cfgcmd:: set protocols babel interface <interface> type <auto|wired|wireless>
+
+ This command sets the interface type:
+
+ **auto** – automatically determines the interface type.
+ **wired** – enables optimisations for wired interfaces.
+ **wireless** – disables a number of optimisations that are only correct
+ on wired interfaces. Specifying wireless is always correct,
+ but may cause slower convergence and extra routing traffic.
+
+.. cfgcmd:: set protocols babel interface <interface> split-horizon <default|disable|enable>
+
+ This command specifies whether to perform split-horizon on the interface.
+ Specifying no babel split-horizon is always correct, while babel split-horizon
+ is an optimisation that should only be used on symmetric
+ and transitive (wired) networks.
+
+ **default** – enable split-horizon on wired interfaces, and disable
+ split-horizon on wireless interfaces.
+ **enable** – enable split-horizon on this interfaces.
+ **disable** – disable split-horizon on this interfaces.
+
+.. cfgcmd:: set protocols babel interface <interface> hello-interval <milliseconds>
+
+ This command specifies the time in milliseconds between two scheduled hellos.
+ On wired links, Babel notices a link failure within two hello intervals;
+ on wireless links, the link quality value is reestimated at every hello
+ interval.
+ The default is 4000 ms.
+
+.. cfgcmd:: set protocols babel interface <interface> update-interval <milliseconds>
+
+ This command specifies the time in milliseconds between two scheduled updates.
+ Since Babel makes extensive use of triggered updates,
+ this can be set to fairly high values on links with little packet loss.
+ The default is 20000 ms.
+
+.. cfgcmd:: set protocols babel interface <interface> rxcost <1-65534>
+
+ This command specifies the base receive cost for this interface.
+ For wireless interfaces, it specifies the multiplier used for computing
+ the ETX reception cost (default 256);
+ for wired interfaces, it specifies the cost that will be advertised to
+ neighbours.
+
+.. cfgcmd:: set protocols babel interface <interface> rtt-decay <1-256>
+
+ This command specifies the decay factor for the exponential moving average
+ of RTT samples, in units of 1/256.
+ Higher values discard old samples faster. The default is 42.
+
+.. cfgcmd:: set protocols babel interface <interface> rtt-min <milliseconds>
+
+ This command specifies the minimum RTT, in milliseconds,
+ starting from which we increase the cost to a neighbour.
+ The additional cost is linear in (rtt - rtt-min). The default is 10 ms.
+
+.. cfgcmd:: set protocols babel interface <interface> rtt-max <milliseconds>
+
+ This command specifies the maximum RTT, in milliseconds, above which
+ we don't increase the cost to a neighbour. The default is 120 ms.
+
+
+.. cfgcmd:: set protocols babel interface <interface> max-rtt-penalty <milliseconds>
+
+ This command specifies the maximum cost added to a neighbour because of RTT,
+ i.e. when the RTT is higher or equal than rtt-max.
+ The default is 150.
+ Setting it to 0 effectively disables the use of a RTT-based cost.
+
+.. cfgcmd:: set protocols babel interface <interface> enable-timestamps
+
+ This command enables sending timestamps with each Hello and IHU message
+ in order to compute RTT values.
+ It is recommended to enable timestamps on tunnel interfaces.
+
+.. cfgcmd:: set protocols babel interface <interface> channel <1-254|interfering|noninterfering>
+
+ This command set the channel number that diversity routing uses for this
+ interface (see diversity option above).
+
+ **1-254** – interfaces with a channel number interfere with
+ interfering interfaces and interfaces with the same channel number.
+ **interfering** – interfering interfaces are assumed to interfere with all other channels except
+ noninterfering channels.
+ **noninterfering** – noninterfering interfaces are assumed to only interfere
+ with themselves.
+
+Redistribution Configuration
+----------------------------
+
+.. cfgcmd:: set protocols babel redistribute <ipv4|ipv6> <route source>
+
+ This command redistributes routing information from the given route source
+ to the Babel process.
+
+ IPv4 route source: bgp, connected, eigrp, isis, kernel, nhrp, ospf, rip, static.
+
+ IPv6 route source: bgp, connected, eigrp, isis, kernel, nhrp, ospfv3, ripng, static.
+
+.. cfgcmd:: set protocols babel distribute-list <ipv4|ipv6> access-list <in|out> <number>
+
+ This command can be used to filter the Babel routes using access lists.
+ :cfgcmd:`in` and :cfgcmd:`out` this is the direction in which the access
+ lists are applied.
+
+.. cfgcmd:: set protocols babel distribute-list <ipv4|ipv6> interface <interface> access-list <in|out> <number>
+
+ This command allows you apply access lists to a chosen interface to
+ filter the Babel routes.
+
+.. cfgcmd:: set protocols babel distribute-list <ipv4|ipv6> prefix-list <in|out> <name>
+
+ This command can be used to filter the Babel routes using prefix lists.
+ :cfgcmd:`in` and :cfgcmd:`out` this is the direction in which the prefix
+ lists are applied.
+
+.. cfgcmd:: set protocols babel distribute-list <ipv4|ipv6> interface <interface> prefix-list <in|out> <name>
+
+ This command allows you apply prefix lists to a chosen interface to
+ filter the Babel routes.
+
+Configuration Example
+---------------------
+
+Simple Babel configuration using 2 nodes and redistributing connected interfaces.
+
+**Node 1:**
+
+.. code-block:: none
+
+ set interfaces loopback lo address 10.1.1.1/32
+ set interfaces loopback lo address fd12:3456:dead:beef::1/128
+ set protocols babel interface eth0 type wired
+ set protocols babel redistribute ipv4 connected
+ set protocols babel redistribute ipv6 connected
+
+**Node 2:**
+
+.. code-block:: none
+
+ set interfaces loopback lo address 10.2.2.2/32
+ set interfaces loopback lo address fd12:3456:beef:dead::2/128
+ set protocols babel interface eth0 type wired
+ set protocols babel redistribute ipv4 connected
+ set protocols babel redistribute ipv6 connected
diff --git a/docs/configuration/protocols/bfd.rst b/docs/configuration/protocols/bfd.rst
index dac1bf0f..faec71bc 100644
--- a/docs/configuration/protocols/bfd.rst
+++ b/docs/configuration/protocols/bfd.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2022-02-05
+:lastproofread: 2023-01-27
.. include:: /_include/need_improvement.txt
diff --git a/docs/configuration/protocols/bgp.rst b/docs/configuration/protocols/bgp.rst
index 6593730f..737e98fa 100644
--- a/docs/configuration/protocols/bgp.rst
+++ b/docs/configuration/protocols/bgp.rst
@@ -206,6 +206,41 @@ Defining Peers
peers ASN is the same as mine as specified under the :cfgcmd:`protocols
bgp <asn>` command the connection will be denied.
+.. cfgcmd:: set protocols bgp neighbor <address|interface> local-role
+ <role> [strict]
+
+ BGP roles are defined in RFC :rfc:`9234` and provide an easy way to
+ add route leak prevention, detection and mitigation. The local Role
+ value is negotiated with the new BGP Role capability which has a
+ built-in check of the corresponding value. In case of a mismatch the
+ new OPEN Roles Mismatch Notification <2, 11> would be sent.
+ The correct Role pairs are:
+
+ Provider - Customer
+
+ Peer - Peer
+
+ RS-Server - RS-Client
+
+ If :cfgcmd:`strict` is set the BGP session won’t become established
+ until the BGP neighbor sets local Role on its side. This
+ configuration parameter is defined in RFC :rfc:`9234` and is used to
+ enforce the corresponding configuration at your counter-parts side.
+
+ Routes that are sent from provider, rs-server, or the peer local-role
+ (or if received by customer, rs-client, or the peer local-role) will
+ be marked with a new Only to Customer (OTC) attribute.
+
+ Routes with this attribute can only be sent to your neighbor if your
+ local-role is provider or rs-server. Routes with this attribute can
+ be received only if your local-role is customer or rs-client.
+
+ In case of peer-peer relationship routes can be received only if OTC
+ value is equal to your neighbor AS number.
+
+ All these rules with OTC will help to detect and mitigate route leaks
+ and happen automatically if local-role is set.
+
.. cfgcmd:: set protocols bgp neighbor <address|interface> shutdown
This command disable the peer or peer group. To reenable the peer use
@@ -904,8 +939,7 @@ IBGP (called confederation BGP). Confederation mechanism is described in
of the autonomous system that internally includes multiple sub-autonomous
systems (a confederation).
-.. cfgcmd:: set protocols bgp parameters confederation confederation
- peers <nsubasn>
+.. cfgcmd:: set protocols bgp parameters confederation peers <nsubasn>
This command sets other confederations <nsubasn> as members of autonomous
system specified by :cfgcmd:`confederation identifier <asn>`.
diff --git a/docs/configuration/protocols/failover.rst b/docs/configuration/protocols/failover.rst
new file mode 100644
index 00000000..72201ade
--- /dev/null
+++ b/docs/configuration/protocols/failover.rst
@@ -0,0 +1,103 @@
+.. _routing-static:
+
+########
+Failover
+########
+
+Failover routes are manually configured routes, but they install
+to the routing table if the health-check target is alive.
+If the target is not alive the route is removed from the routing table
+until the target will be available.
+
+***************
+Failover Routes
+***************
+
+.. cfgcmd:: set protocols failover route <subnet> next-hop <address> check
+ target <target-address>
+
+ Configure next-hop `<address>` and `<target-address>` for an IPv4 static
+ route. Specify the target
+ IPv4 address for health checking.
+
+.. cfgcmd:: set protocols failover route <subnet> next-hop <address> check
+ timeout <timeout>
+
+ Timeout in seconds between health target checks.
+
+ Range is 1 to 300, default is 10.
+
+.. cfgcmd:: set protocols failover route <subnet> next-hop <address> check
+ type <protocol>
+
+ Defines protocols for checking ARP, ICMP, TCP
+
+ Default is ``icmp``.
+
+.. cfgcmd:: set protocols failover route <subnet> next-hop <address>
+ interface <interface>
+
+ Next-hop interface for the route
+
+.. cfgcmd:: set protocols failover route <subnet> next-hop <address>
+ metric <metric>
+
+ Route metric
+
+ Default 1.
+
+
+*******
+Example
+*******
+
+**One gateway:**
+
+.. code-block:: none
+
+ set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 check target '192.0.2.1'
+ set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 check timeout '5'
+ set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 check type 'icmp'
+ set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 interface 'eth0'
+ set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 metric '10'
+
+Show the route
+
+.. code-block:: none
+
+ vyos@vyos:~$ show ip route 203.0.113.1
+ Routing entry for 203.0.113.1/32
+ Known via "kernel", distance 0, metric 10, best
+ Last update 00:00:39 ago
+ * 192.0.2.1, via eth0
+
+**Two gateways and different metrics:**
+
+.. code-block:: none
+
+ set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 check target '192.0.2.1'
+ set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 check timeout '5'
+ set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 check type 'icmp'
+ set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 interface 'eth0'
+ set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 metric '10'
+
+ set protocols failover route 203.0.113.1/32 next-hop 198.51.100.1 check target '198.51.100.99'
+ set protocols failover route 203.0.113.1/32 next-hop 198.51.100.1 check timeout '5'
+ set protocols failover route 203.0.113.1/32 next-hop 198.51.100.1 check type 'icmp'
+ set protocols failover route 203.0.113.1/32 next-hop 198.51.100.1 interface 'eth2'
+ set protocols failover route 203.0.113.1/32 next-hop 198.51.100.1 metric '20'
+
+Show the route
+
+.. code-block:: none
+
+ vyos@vyos:~$ show ip route 203.0.113.1
+ Routing entry for 203.0.113.1/32
+ Known via "kernel", distance 0, metric 10, best
+ Last update 00:08:06 ago
+ * 192.0.2.1, via eth0
+
+ Routing entry for 203.0.113.1/32
+ Known via "kernel", distance 0, metric 20
+ Last update 00:08:14 ago
+ * 198.51.100.1, via eth2
diff --git a/docs/configuration/protocols/igmp.rst b/docs/configuration/protocols/igmp.rst
index 0c7a470b..d3492632 100644
--- a/docs/configuration/protocols/igmp.rst
+++ b/docs/configuration/protocols/igmp.rst
@@ -1,4 +1,4 @@
-:lastproofread: 2021-09-30
+:lastproofread: 2023-01-27
.. _multicast:
diff --git a/docs/configuration/protocols/index.rst b/docs/configuration/protocols/index.rst
index c302d6a9..29dc230f 100644
--- a/docs/configuration/protocols/index.rst
+++ b/docs/configuration/protocols/index.rst
@@ -7,11 +7,14 @@ Protocols
:maxdepth: 1
:includehidden:
+ babel
bfd
bgp
+ failover
igmp
isis
mpls
+ segment-routing
ospf
rip
rpki
diff --git a/docs/configuration/protocols/segment-routing.rst b/docs/configuration/protocols/segment-routing.rst
new file mode 100644
index 00000000..5ee710e9
--- /dev/null
+++ b/docs/configuration/protocols/segment-routing.rst
@@ -0,0 +1,357 @@
+.. _segment-routing:
+
+###############
+Segment Routing
+###############
+
+Segment Routing (SR) is a network architecture that is similar to source-routing
+. In this architecture, the ingress router adds a list of segments, known as
+SIDs, to the packet as it enters the network. These segments represent different
+portions of the network path that the packet will take.
+
+The SR segments are portions of the network path taken by the packet, and are
+called SIDs. At each node, the first SID of the list is read, executed as a
+forwarding function, and may be popped to let the next node read the next SID of
+the list. The SID list completely determines the path where the packet is
+forwarded.
+
+Segment Routing can be applied to an existing MPLS-based data plane and defines
+a control plane network architecture. In MPLS networks, segments are encoded as
+MPLS labels and are added at the ingress router. These MPLS labels are then
+exchanged and populated by Interior Gateway Protocols (IGPs) like IS-IS or OSPF
+which are running on most ISPs.
+
+
+.. note:: Segment routing defines a control plane network architecture and
+ can be applied to an existing MPLS based dataplane. In the MPLS networks,
+ segments are encoded as MPLS labels and are imposed at the ingress router.
+ MPLS labels are exchanged and populated by IGPs like IS-IS.Segment Routing
+ as per RFC8667 for MPLS dataplane. It supports IPv4, IPv6 and ECMP and has
+ been tested against Cisco & Juniper routers.however,this deployment is still
+ EXPERIMENTAL for FRR.
+
+
+IS-IS SR Configuration
+----------------------
+
+Segment routing (SR) is used by the IGP protocols to interconnect network
+devices, below configuration shows how to enable SR on IS-IS:
+
+
+.. note:: ``Known limitations:``
+
+ No support for level redistribution (L1 to L2 or L2 to L1)
+
+ No support for binding SID
+
+ No support for SRLB
+
+ Only one SRGB and default SPF Algorithm is supported
+
+
+
+.. cfgcmd:: set protocols isis segment-routing global-block high-label-value
+ <label-value>
+
+ Set the Segment Routing Global Block i.e. the label range used by MPLS to
+ store label in the MPLS FIB for Prefix SID. Note that the block size may
+ not exceed 65535.
+
+.. cfgcmd:: set protocols isis segment-routing global-block low-label-value
+ <label-value>
+
+ Set the Segment Routing Global Block i.e. the low label range used by MPLS to
+ store label in the MPLS FIB for Prefix SID. Note that the block size may
+ not exceed 65535.
+
+.. cfgcmd:: set protocols isis segment-routing local-block high-label-value
+ <label-value>
+
+ Set the Segment Routing Local Block i.e. the label range used by MPLS to
+ store label in the MPLS FIB for Prefix SID. Note that the block size may
+ not exceed 65535.Segment Routing Local Block, The negative command always
+ unsets both.
+
+.. cfgcmd:: set protocols isis segment-routing local-block <low-label-value
+ <label-value>
+
+ Set the Segment Routing Local Block i.e. the low label range used by MPLS to
+ store label in the MPLS FIB for Prefix SID. Note that the block size may
+ not exceed 65535.Segment Routing Local Block, The negative command always
+ unsets both.
+
+.. cfgcmd:: set protocols isis segment-routing maximum-label-depth <1-16>
+
+ Set the Maximum Stack Depth supported by the router. The value depend of
+ the MPLS dataplane.
+
+.. cfgcmd:: set protocols isis segment-routing prefix <address> index value
+ <0-65535>
+
+ A segment ID that contains an IP address prefix calculated by an IGP in the
+ service provider core network. Prefix SIDs are globally unique, this value
+ indentify it
+
+.. cfgcmd:: set protocols isis segment-routing prefix <address> index
+ <no-php-flag | explicit-null| n-flag-clear>
+
+ this option allows to configure prefix-sid on SR. The ‘no-php-flag’ means NO
+ Penultimate Hop Popping that allows SR node to request to its neighbor to
+ not pop the label. The ‘explicit-null’ flag allows SR node to request to its
+ neighbor to send IP packet with the EXPLICIT-NULL label. The ‘n-flag-clear’
+ option can be used to explicitly clear the Node flag that is set by default
+ for Prefix-SIDs associated to loopback addresses. This option is necessary
+ to configure Anycast-SIDs.
+
+
+.. opcmd:: show isis segment-routing node
+
+ Show detailed information about all learned Segment Routing Nodes
+
+.. opcmd:: show isis route prefix-sid
+
+ Show detailed information about prefix-sid and label learned
+
+.. note:: more information related IGP - :ref:`routing-isis`
+
+
+
+OSPF SR Configuration
+----------------------
+
+Segment routing (SR) is used by the IGP protocols to interconnect network
+devices, below configuration shows how to enable SR on OSPF:
+
+.. cfgcmd:: set protocols ospf parameters opaque-lsa
+
+ Enable the Opaque-LSA capability (rfc2370), necessary to transport label
+ on IGP
+
+
+.. cfgcmd:: set protocols ospf segment-routing global-block high-label-value
+ <label-value>
+
+ Set the Segment Routing Global Block i.e. the label range used by MPLS to
+ store label in the MPLS FIB for Prefix SID. Note that the block size may
+ not exceed 65535.
+
+.. cfgcmd:: set protocols ospf segment-routing global-block low-label-value
+ <label-value>
+
+ Set the Segment Routing Global Block i.e. the low label range used by MPLS to
+ store label in the MPLS FIB for Prefix SID. Note that the block size may
+ not exceed 65535.
+
+.. cfgcmd:: set protocols ospf segment-routing local-block high-label-value
+ <label-value>
+
+ Set the Segment Routing Local Block i.e. the label range used by MPLS to
+ store label in the MPLS FIB for Prefix SID. Note that the block size may
+ not exceed 65535.Segment Routing Local Block, The negative command always
+ unsets both.
+
+.. cfgcmd:: set protocols ospf segment-routing local-block <low-label-value
+ <label-value>
+
+ Set the Segment Routing Local Block i.e. the low label range used by MPLS to
+ store label in the MPLS FIB for Prefix SID. Note that the block size may
+ not exceed 65535.Segment Routing Local Block, The negative command always
+ unsets both.
+
+.. cfgcmd:: set protocols ospf segment-routing maximum-label-depth <1-16>
+
+ Set the Maximum Stack Depth supported by the router. The value depend of
+ the MPLS dataplane.
+
+.. cfgcmd:: set protocols ospf segment-routing prefix <address> index value
+ <0-65535>
+
+ A segment ID that contains an IP address prefix calculated by an IGP in the
+ service provider core network. Prefix SIDs are globally unique, this value
+ indentify it
+
+.. cfgcmd:: set protocols ospf segment-routing prefix <address> index
+ <no-php-flag | explicit-null| n-flag-clear>
+
+ this option allows to configure prefix-sid on SR. The ‘no-php-flag’ means NO
+ Penultimate Hop Popping that allows SR node to request to its neighbor to
+ not pop the label. The ‘explicit-null’ flag allows SR node to request to its
+ neighbor to send IP packet with the EXPLICIT-NULL label. The ‘n-flag-clear’
+ option can be used to explicitly clear the Node flag that is set by default
+ for Prefix-SIDs associated to loopback addresses. This option is necessary
+ to configure Anycast-SIDs.
+
+.. note:: more information related IGP - :ref:`routing-ospf`
+
+Configuration Example
+---------------------
+
+we described the configuration SR ISIS / SR OSPF using 2 connected with them to
+share label information.
+
+Enable IS-IS with Segment Routing (Experimental)
+================================================
+
+**Node 1:**
+
+.. code-block:: none
+
+ set interfaces loopback lo address '192.168.255.255/32'
+ set interfaces ethernet eth1 address '192.0.2.1/24'
+
+ set protocols isis interface eth1
+ set protocols isis interface lo
+ set protocols isis net '49.0001.1921.6825.5255.00'
+ set protocols isis segment-routing global-block high-label-value '599'
+ set protocols isis segment-routing global-block low-label-value '550'
+ set protocols isis segment-routing prefix 192.168.255.255/32 index value '1'
+ set protocols isis segment-routing prefix 192.168.255.255/32 index explicit-null
+ set protocols mpls interface 'eth1'
+
+**Node 2:**
+
+.. code-block:: none
+
+ set interfaces loopback lo address '192.168.255.254/32'
+ set interfaces ethernet eth1 address '192.0.2.2/24'
+
+ set protocols isis interface eth1
+ set protocols isis interface lo
+ set protocols isis net '49.0001.1921.6825.5254.00'
+ set protocols isis segment-routing global-block high-label-value '599'
+ set protocols isis segment-routing global-block low-label-value '550'
+ set protocols isis segment-routing prefix 192.168.255.254/32 index value '2'
+ set protocols isis segment-routing prefix 192.168.255.254/32 index explicit-null
+ set protocols mpls interface 'eth1'
+
+
+
+This gives us MPLS segment routing enabled and labels for far end loopbacks:
+
+.. code-block:: none
+
+ Node-1@vyos:~$ show mpls table
+ Inbound Label Type Nexthop Outbound Label
+ ----------------------------------------------------------------------
+ 552 SR (IS-IS) 192.0.2.2 IPv4 Explicit Null <-- Node-2 loopback learned on Node-1
+ 15000 SR (IS-IS) 192.0.2.2 implicit-null
+ 15001 SR (IS-IS) fe80::e87:6cff:fe09:1 implicit-null
+ 15002 SR (IS-IS) 192.0.2.2 implicit-null
+ 15003 SR (IS-IS) fe80::e87:6cff:fe09:1 implicit-null
+
+ Node-2@vyos:~$ show mpls table
+ Inbound Label Type Nexthop Outbound Label
+ ---------------------------------------------------------------------
+ 551 SR (IS-IS) 192.0.2.1 IPv4 Explicit Null <-- Node-1 loopback learned on Node-2
+ 15000 SR (IS-IS) 192.0.2.1 implicit-null
+ 15001 SR (IS-IS) fe80::e33:2ff:fe80:1 implicit-null
+ 15002 SR (IS-IS) 192.0.2.1 implicit-null
+ 15003 SR (IS-IS) fe80::e33:2ff:fe80:1 implicit-null
+
+Here is the routing tables showing the MPLS segment routing label operations:
+
+.. code-block:: none
+
+ Node-1@vyos:~$ show ip route isis
+ Codes: K - kernel route, C - connected, S - static, R - RIP,
+ O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
+ T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR,
+ f - OpenFabric,
+ > - selected route, * - FIB route, q - queued, r - rejected, b - backup
+ t - trapped, o - offload failure
+
+ I 192.0.2.0/24 [115/20] via 192.0.2.2, eth1 inactive, weight 1, 00:07:48
+ I>* 192.168.255.254/32 [115/20] via 192.0.2.2, eth1, label IPv4 Explicit Null, weight 1, 00:03:39
+
+ Node-2@vyos:~$ show ip route isis
+ Codes: K - kernel route, C - connected, S - static, R - RIP,
+ O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
+ T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR,
+ f - OpenFabric,
+ > - selected route, * - FIB route, q - queued, r - rejected, b - backup
+ t - trapped, o - offload failure
+
+ I 192.0.2.0/24 [115/20] via 192.0.2.1, eth1 inactive, weight 1, 00:07:46
+ I>* 192.168.255.255/32 [115/20] via 192.0.2.1, eth1, label IPv4 Explicit Null, weight 1, 00:03:43
+
+
+Enable OSPF with Segment Routing (Experimental):
+================================================
+
+**Node 1**
+
+.. code-block:: none
+
+ set interfaces loopback lo address 10.1.1.1/32
+ set interfaces ethernet eth0 address 192.168.0.1/24
+ set protocols ospf area 0 network '192.168.0.0/24'
+ set protocols ospf area 0 network '10.1.1.1/32'
+ set protocols ospf parameters opaque-lsa
+ set protocols ospf parameters router-id '10.1.1.1'
+ set protocols ospf segment-routing global-block high-label-value '1100'
+ set protocols ospf segment-routing global-block low-label-value '1000'
+ set protocols ospf segment-routing prefix 10.1.1.1/32 index explicit-null
+ set protocols ospf segment-routing prefix 10.1.1.1/32 index value '1'
+
+**Node 2**
+
+.. code-block:: none
+
+ set interfaces loopback lo address 10.1.1.2/32
+ set interfaces ethernet eth0 address 192.168.0.2/24
+ set protocols ospf area 0 network '192.168.0.0/24'
+ set protocols ospf area 0 network '10.1.1.2/32'
+ set protocols ospf parameters opaque-lsa
+ set protocols ospf parameters router-id '10.1.1.2'
+ set protocols ospf segment-routing global-block high-label-value '1100'
+ set protocols ospf segment-routing global-block low-label-value '1000'
+ set protocols ospf segment-routing prefix 10.1.1.2/32 index explicit-null
+ set protocols ospf segment-routing prefix 10.1.1.2/32 index value '2'
+
+
+This gives us MPLS segment routing enabled and labels for far end loopbacks:
+
+.. code-block:: none
+
+ Node-1@vyos:~$ show mpls table
+ Inbound Label Type Nexthop Outbound Label
+ -----------------------------------------------------------
+ 1002 SR (OSPF) 192.168.0.2 IPv4 Explicit Null <-- Node-2 loopback learned on Node-1
+ 15000 SR (OSPF) 192.168.0.2 implicit-null
+ 15001 SR (OSPF) 192.168.0.2 implicit-null
+
+ Node-2@vyos:~$ show mpls table
+ Inbound Label Type Nexthop Outbound Label
+ -----------------------------------------------------------
+ 1001 SR (OSPF) 192.168.0.1 IPv4 Explicit Null <-- Node-1 loopback learned on Node-2
+ 15000 SR (OSPF) 192.168.0.1 implicit-null
+ 15001 SR (OSPF) 192.168.0.1 implicit-null
+
+Here is the routing tables showing the MPLS segment routing label operations:
+
+.. code-block:: none
+
+ Node-1@vyos:~$ show ip route ospf
+ Codes: K - kernel route, C - connected, S - static, R - RIP,
+ O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
+ T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR,
+ f - OpenFabric,
+ > - selected route, * - FIB route, q - queued, r - rejected, b - backup
+ t - trapped, o - offload failure
+
+ O 10.1.1.1/32 [110/0] is directly connected, lo, weight 1, 00:03:43
+ O>* 10.1.1.2/32 [110/1] via 192.168.0.2, eth0, label IPv4 Explicit Null, weight 1, 00:03:32
+ O 192.168.0.0/24 [110/1] is directly connected, eth0, weight 1, 00:03:43
+
+ Node-2@vyos:~$ show ip route ospf
+ Codes: K - kernel route, C - connected, S - static, R - RIP,
+ O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
+ T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR,
+ f - OpenFabric,
+ > - selected route, * - FIB route, q - queued, r - rejected, b - backup
+ t - trapped, o - offload failure
+
+ O>* 10.1.1.1/32 [110/1] via 192.168.0.1, eth0, label IPv4 Explicit Null, weight 1, 00:03:36
+ O 10.1.1.2/32 [110/0] is directly connected, lo, weight 1, 00:03:51
+ O 192.168.0.0/24 [110/1] is directly connected, eth0, weight 1, 00:03:51
+
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-28 00:33:19 +0000