#CiscoLive

SR IGP Flexible-Algorithms

Kamrul Islam – Customer Delivery Architect, @kamrul2525

Matt Breneisen – Customer Delivery Architect, @mattbreneisen

BRKMPL-2129

#CiscoLive
Cisco Webex App

Questions?
Use Cisco Webex App to chat
with the speaker after the session

How
1 Find this session in the Cisco Live Mobile App

2 Click “Join the Discussion”

3 Install the Webex App or go directly to the Webex space Enter your personal notes here

4 Enter messages/questions in the Webex space

Webex spaces will be moderated

by the speaker until June 9, 2023. https://ciscolive.ciscoevents.com/ciscolivebot/#BRKMPL-2129

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Why are we here?

• Wouldn’t it be nice to be able to manipulate the IGP to our own

specific needs? If we could add our own attribute or constraint?

• Only use a route with a cumulative delay based on a measured per link delay
• Have a highly reliable network achieving 5 or even 6 9’s of uptime.
• If we only want to use a secure path. Such as paths with MACsec only
• Define a path traversing high speed links for bandwidth sensitive traffic
• Only use a subset of the routers in your network

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
Agenda

• Introduction
• MPLS Traffic Engineering Evolution
• SR IGP Flexible-Algorithm (Flex-Algo)
• SRTE ODN Policy using Flex-Algo
• Use Cases
• Conclusion

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
What we won’t be able to cover
• Basics of Segment Routing
• ISIS or OSPF basics of label transport

Recommended Sessions to review or attend

• LAPSP-1581 Segment Routing Introduction - Walk-in Lab
• LABMPL-2011 How to use the Segment Routing PCE – Walk-in Lab
• BKRMPL-2131 Deploying VPNs Over Segment Routed Networks Made Easy
• BRKMPL-3624 Troubleshooting Segment Routing – On Demand Session
• BRKMPL-2135 Preparing for a Successful Segment Routing Deployment
• TECMPL-2143 SR MPLS to Optimize Path Selection utilizing Enterprise platforms

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
MPLS Traffic Engineering Evolution
RSVP-TE (Traffic-Engineering)
SEA
• RSVP-TE includes IGP and MPLS data plane
• RSVP use for path signaling, label distribution, BW
control, etc.
DEN CHI NYC
• TE Path
• TE tunnel from NYC to LA via DEN and SEA

Path computation is complex & lack of scale

LA
• RSVP control plane is not simple ATL
• To protect the primary TE path, required FRR PHX
DAL
• backup tunnels for link/node protection
• TE states built in all the nodes from head-end to tail-end
• RSVP-TE is not ECMP friendly
Higher IGP cost path
Lower IGP cost path

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
SR-TE / SR-TE Policy (SR-Segment Routing)
• No RSVP Except IGP and MPLS Data Plane
• SR Labels (SID) are distributed by IGP SEA
• Source-based routing

DEN CHI NYC

• TE Path
• TE tunnel from NYC to LA via DEN and SEA
LA
• Simplify and Scale Better ATL
• Head-end accumulates labels to reach destination, PHX DAL
align with centralized controller concept
• TI-LFA auto create backup paths for link/node
protection and supports micro-loop avoidance
• TE states built only at head-end node
• Inherent support of ECMP and UCMP Higher IGP cost path
Lower IGP cost path

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
SR ODN Policy using Flexible-Algorithm (Flex-Algo)

• In addition to SR-TE benefits, Flex-Algo SEA

brings the following added capabilities:

• On-Demand Next-hop (ODN) Policy DEN CHI NYC

• Single ODN policy can support multiple tail-ends
• Automated Steering (AS) based on intent LA
• Support Inter-domain latency and SRLG for disjoint path
ATL
• Use Flex-algo label, no Adj label i.e., PHX
DAL
decrease number of labels in packet header

Higher IGP cost path

Lower IGP cost path

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
SR IGP Flex-Algo
SR IGP Flexible-Algorithm (Flex-Algo)

• Flex-Algo is a mechanism that allows a network operator to influence a path

computation by associating Metric-type and Constraints to Flex-Algo instead of
using link-cost based SFP. RFC 9350 – IGP Flexible Algorithm

• Flex-Algo instance (K) is defined as

• Metric-type: IGP-metric or Delay-metric or TE
• Constraints: Exclude/Include Link-affinity (Link color), Shared Risk Link Group (SRLG)
for path dis-jointness,

• Flex-algo is distributed by ISIS/OSPF

• TI-LFA honors Flex-algo constraints for backup path e.g. the backup path is
optimized based on Flex-Algo

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
Currently Defined Flex-Algo(s)

• Flex-Algo(K): One octet numeric value,128-255 are for user useable, 0-127 are reserved

• Algo 0: Shortest Path First (SPF) algorithm based on IGP metric

This is the well-known shortest path algorithm as computed by the IS-IS decision process.
consistent with the deployed practice for link-state protocols, algorithm 0 permits any node to
overwrite the SPF path with a different path based on local policy

• Algo 1: Strict Shortest Path First (SPF) algorithm based on IGP metric
The algorithm is identical to algorithm 0 but algorithm 1 requires that all nodes along the path
will honor the SPF routing decision. Local policy MUST NOT alter the forwarding decision
computed by algorithm 1 at the node claiming to support algorithm

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
Flex-Algo Prefix-SID
• Flex-Algo Participation Advertisement - node wants to participate in Flex-algo
• Slicing the network
Node belongs to Flex-algo:
Flex-Algo
• Nodes 0 and 9 participate to Algo 0, 128 and 129
0,128,129
• Nodes 1,2,3 and 4 participate to Algo 0 and 128 Flex-Algo
1 3
Algo 0,128 0,128,129
• Nodes 5,6,7 and 8 participate to Algo 0 and 129
0 2 4
Node 3 Flex-Algo Participation Adv:
• Prefix-SID for FA 0 = loopback0 +FA 0 + 16300 5 7 9
• Prefix-SID for FA 128 = loopback0 +FA 128 + 16308 Algo 0,129
6 8
Node 7 Flex-Algo Participation Adv:
• Prefix-SID for FA 0 = loopback0 +FA 0 + 16700
Flex-algo(s) – 128-255, operator useable
• Prefix-SID for FA 128 = loopback0 +FA 129 + 16709 Default SRGB is 16000 - 23999

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
Flex-Algo Definition (FAD)
• Operator can associate the desired metric
type, and constraints to Flex-algo(s) FAD
• IGP metric or latency metric or TE metric Flex-Algo
• Link affinity and/or SRLG 0,128,129
Flex-Algo
1 3 0,128,129
• All nodes MUST agree on same definition Algo 0,128
of the Flex-Algo(s) for loop free forwarding 0 2 4

• Example, Node 3 and 8 Advertisement: 9

5 7
• FA 128 = metric is IGP + exclude purple link Algo 0,129
FAD
• FA 129 = metric is delay + exclude red link 6 8

• Multiple FAD nodes are recommended for

redundancy

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
Network Slicing with SR IGP Flex-Algo
1 3
0 2 4
Default slice Algo 0
Algo 0 5 7 9
IGP metric
6 8
No SLA

Secured slice
1 3
Algo 128 Algo 128
IGP metric 0 2 4
IPsec/MacSec enabled 9
links

0
Low delay slice
Algo 129 5 7 9
Delay metric- mini delay Algo 129
6 8

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
Example – Prefix-SID 16900 of Algo(0)
Flex-Algo
0,128,129 1 3
Algo 0,128
0 2 4
L0:10.0.0.9/32

5 7 9 Prefix-SID 16900 for Algo(0)

Algo 0,129
6 8

Let’s say same IGP metric in all links, will follow ECMP

• Flex-algo 0 is default flex-algo and metric type is IGP, will use entire topology
• Flex-algo leverage TI-LFA and micro-loop avoidance

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
Example – Prefix-SID 16908 of Algo(128)
Flex-Algo
0,128,129

ODN Policy template 1 3

Flex-algo 128 Algo 0,128
2 L0:10.0.0.9/32
0 4
Prefix-SID 16900 for Algo(0)
Prefix-SID 16908 for Algo(128)
5 7 9
Algo 0,129
6 8

Let’s say same IGP metric in all links, will follow ECMP

• Algo 128 is operator defined, compute path thru the nodes participate to algo 128
• TI-LFA backup path honor constraints and micro-loop avoidance

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
Example – Prefix-SID 16909 of Algo(129)
Flex-Algo
0,128,129

ODN Policy template 1 3

Flex-algo 129 Algo 0,128
0 2 4 L0:10.0.0.9/32
Prefix-SID 16900 for Algo(0)
Prefix-SID 16909 for Algo(129)
5 7 9
Algo 0,129
6 8

Let’s say same IGP metric in all links, will follow ECMP

• Algo 129 is operator defined, compute path thru nodes participate to algo 129
• TI-LFA backup path honor constraints and micro-loop avoidance

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
Flex-Algo Path Computation
• Let’s say node N needs to compute a path using Flex-Algo 128
• Node N is needed to enable Flex-algo 128 for participation
• Node N has a consistent definition for algo 128

• 1st step is to define the topology for algo 128

• Node N prunes any node that is not advertising participation to algo 128
• Node N prunes any link that is excluded by the algorithm of algo 128

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
Flex-Algo Prefix-SID installation
• 2nd step is to build shortest-path tree for Topo(128) with the metric
defined by 128
• It could be the IGP metric, the TE metric or the delay

• 3rd step is to install reachability for Prefix-SID Flex-Algo 128 in the

forwarding table

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
 Binding SID (BSID)
• Binding SID is a local Segment ID or label bound to an SRTE Policy
• A BSID is associated with a single SRTE Policy, an SR Policy is defined (endpoint, color)
• By default, the head-end dynamically allocates the BSID, but the BSID can also be explicitly defined
• A BSID identifies a SRTE policy
• Packet received with BSID as Top Label is steered into the SRTE Policy associated with the BSID
• BSID label is push and pop at the head-end, and then tail-end Flex-algo prefix label is push
16004
2 3 4

BSID: 74001 5 6 7
FA-SID:16004 FA-SID:16004

Packet to 4 Packet to 4

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
SR ODN Policy using Flex-Algo
Auto Steering - Per-Destination Policy (PDP)

• Per-destination policy
• Steer traffic based on next-hop and color of a BGP service route
• Color is a BGP extended community attribute
• Color is used for transport SLA indicator, for instance min-delay or min-cost

IGP shortest-path
SR ODN Policy: 1.x/24 Intent: Best-effort
1.x/24: metric IGP, dest 4 1 3 4 2.x/24 Intent: Min-delay
2.X/24: metric delay, dest 4
Min-delay path
2

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
Auto Steering - Per-Flow Policy (PFP)
• Per-flow policy
• Steer traffic based on incoming packets classification (IPP, DSCP, EXP, ACL etc.)
• Then set local Forward-Class up to 8, range 0-7
• An ingress PBR policy applied to an input interface

IGP shortest-path
IGP, dest 4
FC1:DSCP 34
<16004>
1 3 4 3.x/24
FC2: DSCP 46 Delay, dest 4
<16002, 16004> Min-delay path
2

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
SR ODN Policy – Per Destination
• Steps to build the SR ODN policy

1. Flex-Algo Prefix-SID, node wants to participate in Flex-algo

2. Flex-Algo Definition (FAD), associate metric & link constraints to Flex-algo
3. Flex-Algo Link Affinity-map, exclude or include a link for path computation by Flex-algo
4. BGP Extended Color Community, add color to BGP prefix for intended ODN path
5. Finally, SR ODN Policy, auto dynamic path computation based on intended SLA

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
1. Flex-Algo Prefix-SID
• Flex-Algo Prefix-SID is the node that wants to participate in Flex-algo(s)
• Use existing loopback address
Flex-Algo 1 3
0,128,129 Algo 0,128 Flex-Algo
0 2 4 0,128,129

5 7 9
Algo 0,129
6 8

Node3: IOS-XR Node7: IOS-XE Node9: IOS-XR

router isis 1 router isis 1 router isis 1
Flex-algo 128 Flex-algo 129 Flex-algo 128
interface Loopback0 ! Flex-algo 129
passive segment-routing mpls interface Loopback0
address-family ipv4 unicast connected-prefix-sid-map passive
prefix-sid absolute 16300 address-family ipv4 address-family ipv4 unicast
prefix-sid algorithm 128 absolute 16308 10.0.0.7/32 absolute 16700 range 1 prefix-sid absolute 16900
exit-address-family prefix-sid algorithm 128 absolute 16908
address-family ipv4 algorithm 129 prefix-sid algorithm 129 absolute 16909
10.0.0.7/32 absolute 16709 range 1
exit-address-family
#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
2. Flex-Algo Definition (FAD)
• ISIS uses Sub-TLV and OSPF uses TLV to advertise FAD

Node 3 and 8 IOS-XR FAD

router isis 1 1 MacSec 3

!
flex-algo 128
priority 250 0 2 ISP1 4
(By-default metric-type is IGP)
advertise-definition
affinity exclude-any ISP1
5 ISP2 7 9
!
flex-algo 129
FAD
priority 250 6 IPVPN 8
advertise-definition
metric-type delay

Note: Setup lower priority to node 8 Select more than one node to advertise FAD with priority
for active and standby FAD

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
3. Flex-Algo Link affinity-map (Link color)
Node 1 # IOS-XR
Router isis 1
affinity-map MACSec bit-position 1
affinity-map ISP1 bit-position 2 1 MacSec
3
affinity-map ISP2 bit-position 3
affinity-map IPVPN bit-position 4
! 0 2 ISP1 4
interface tenG0/0/0/1
affinity flex-algo MACSec
5 ISP2 7 9
Node 5 # IOS-XE

Router isis 1 6 IPVPN 8

affinity-map MACSec bit-position 1
affinity-map ISP1 bit-position 2
affinity-map ISP2 bit-position 3
affinity-map IPVPN bit-position 4
!
interface tenG0/0/0/1 Link affinity-map bit-position MUST be matched in all
Isis affinity flex-algo the nodes within the path computation domain.
name ISP2

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
4. BGP Extended Color Community
• Setup BGP extended color community for SLA
Node9 # IOS-XR
extcommunity-set opaque COLOR_100
100
end-set
Ingress
extcommunity-set opaque COLOR_200
Node MacSec
200 1 3
end-set
prefix-set PREFIX_8 Egress
8.0.0.0/24
0 2 ISP1 4 Node
end-set
prefix-set PREFIX_9
9.0.0.0/24
end-set 5 ISP2 7 9
!
route-policy BGP_COLOR L0:10.0.0.9/32
if destination in PREFIX_8 then 8.0.0.0/24 – Set BGP Color 100
6 IPVPN 8 9.0.0.0/24 – Set BGP Color 200
set extcommunity color COLOR_100
else
if destination in PREFIX_9 then
set extcommunity COLOR_200
else
pass
end-policy

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
5.1 SR ODN Policy - Candidate Path
• Automated Steering by leveraging IGP Flex-Algo
Tail-end
Flex-Algo
Node0 # IOS-XR Head-end 0,128,129
Flex-Algo MacSec
segment-routing
0,128,129 1 3
traffic-eng L0:10.0..0.100/32
!
0 2 ISP1 4 100 6.0.0.0/24 – BGP color 100
on-demand color 100 7.0.0.0/24 – BGP Color 200
steering
path-invalidation drop L0:10.0..0.9/32
restrict IP_ACL BSID 5 ISP2 7 9 8.0.0.0/24 – BGP color 100
dynamic 9.0.0.0/24 – BGP Color 200
sid-algorithm 128
! 6 IPVPN – Low Delay 8
Tail-end
on-demand color 200
Flex-Algo
dynamic
0,128,129
sid-algorithm 129

• Flex-algo 128, metric is IGP, excluded ISP1 link, Prefix color 100, label 16908
• Flex-algo 129, metric is delay, Prefix color 200, label 16909
• The BGP next-hop IP address and Prefix-SID IP address must be same Loopback

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
5.2 SR ODN Policy – Multi-Candidate Paths
• Automated Steering by leveraging IGP Flex-Algo

Head-end
Flex-Algo Tail-end
Node0 # IOS-XE
segment-routing traffic-eng
0,128,129
1 MacSec X 3 Flex-Algo
0,128,129
on-demand color 100
authorize
candidate-paths 0 2 ISP1 4
preference 100
constraints
segments 9
dataplane mpls 5 ISP2 7 L0:10.0.0.9/32
algorithm 128 8.8.8.0/24 – Set BGP Color 100
!
preference 90 6 IPVPN 8
constraints
segments
dataplane mpls
algorithm 129
• Flex-algo 128, metric is IGP, excluded ISP1 link, Prefix color 100, label 16908
• Flex-algo 129, metric is delay, include IPVPN link, Prefix color 200, label 16909

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
Multi-domain – SR ODN Policy with Flex-Algo

1. Redistribute Flex-algo Prefix-SID between the domains

2. PCE for Inter-domain Link-states reachability

1. Redistribute Flex-algo Prefix-SID between the domains

1 3 5
L0:10.0.0.9/32
Algo 0, SID: 16900
ISIS 1 Algo 128, SID: 16928
0 ISIS 2 9 Algo 129, SID: 16929
Level-2 Level-2

2 4 6

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
 Multi-domain SR ODN Policy with Flex-Algo
• PCE for Inter-domain Link-states reachability
PCC#
segment-routing traffic-eng
pcc
source-address ipv4 2.2.2.2 PCEP SR
pce address ipv4 1.1.1.1
PCE IBGP
precedence 100
PCE# LS Address-family
pce
address ipv4 1.1.1.1 1 ABR1 5
router bgp 65001
address-family link-state link-state
! 0
PCC 9
neighbor-group BGP-LS
remote-as 65001 ISIS 1 ISIS 2
Algo 128, SID: 16928
update-source Loopback0 Level-2 Level-2
Algo 129, SID: 16929
address-family link-state link-state
ABR# 2 ABR2 6
8.8.8.0/24 → Color 100
router isis 1 9.9.9.0/24 → Color 200
distribute link-state
distribute link-state instance-id 100 PCC: Path computation client
level 2 PCE: Path computation element
PCEP: PCE protocol

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
Multi-domain SR ODN Policy Example
• The BGP prefix and policy color are matched then dynamically steer traffic to BGP next-hop address
based on Flex-algo metric and constraints

segment-routing Preference: 100 (BGP ODN) (active)

show segment-routing traffic-eng policy endpoint Requested BSID: dynamic
traffic-eng PCC info:
ipv4 10.100.0.6 color 850
logging Symbolic name:
policy status Color: 850, End-point: 10.100.0.6
bgp_c_850_ep_10.100.0.6_discr_100
PLSP-ID: 3
! Name: srte_c_850_ep_10.100.0.6
Constraints:
Status:
on-demand color 850 Prefix-SID Algorithm: 128
Admin: up Operational: up for 00:31:07 (since Feb
dynamic 11 20:52:45.268)
Protection Type: protected-preferred
Maximum SID Depth: 12
! Candidate-paths:
Dynamic (pce 10.100.101.2) (valid)
Preference: 200 (BGP ODN) (inactive)
sid-algorithm 128 Metric Type: NONE, Path Accumulated Metric:
Requested BSID: dynamic
0
PCC info:
16092 [Prefix-SID, 10.100.0.2]
Symbolic name:
Note: Router local DB is failed to find 36131 [Prefix-SID, 10.100.0.6]
bgp_c_850_ep_10.100.0.6_discr_200
the LS info in pref 200 then look to PLSP-ID: 4
Attributes:
PCE and find the LS info for other Binding SID: 76517
Constraints:
area/domain in pref 100. Forward Class: Not Configured
Prefix-SID Algorithm: 128
Steering labeled-services disabled: no
Protection Type: protected-preferred
Steering BGP disabled: no
Maximum SID Depth: 12
IPv6 caps enable: yes
Dynamic (inactive)
Invalidation drop enabled: no
Last error: [Prefix-SID: 10.100.0.6, Algorithm: 128],
Max Install Standby Candidate Paths: 0
not found
Metric Type: IGP, Path Accumulated Metric: 0

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
Performance Measurement
 Per-link Delay Measurement
performance-measurement performance-measurement
interface GigE0/0/0/0 interface GigE0/0/0/0
delay-measurement TX Timestamp T2 delay-measurement
TX Timestamp T1
PM Query Packet
Sender
1 2 Reflector
Probe packet is sent every
PM Response Packet
30 seconds
TX Timestamp T4 TX Timestamp T3

• Router discover per-link DM and flood to IGP also can report to centralized controller via telemetry
• Two-way delay = (T2-T1)+(T4-T3) is by default, no clock synchronization is required
• One-way delay = Two-way delay/2, clock synchronization is required
• Sender and Reflector required HW Timestamping
• Two-Way Active Measurement Protocol (TWAMP-Light) uses RFC 5357 with IP/UDP encapsulation

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
Per-link delay Measurement
router isis 1
• Over a measurement internal is-type level-2-only
net 49.0001.0000.0000.0002.00
• Minimum flex-algo 128
Used as delay metric for SR ODN Policy
metric-type delay
• Average !
address-family ipv4 unicast
• Maximum Not used by SR ODN Policy router-id 1.1.1.2
segment-routing mpls
• Variance !
interface Loopback0
address-family ipv4 unicast
prefix-sid absolute 16002
prefix-sid algorithm 128 absolute 16802
!
performance-measurement
interface GigE0/0/2/6
delay-measurement

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
Use Cases
Here we are again?
• We can manipulate the IGP to our own specific needs. We can add
our own attribute or constraint.

• We can use a route with a cumulative delay based on a measured per link delay
• We can have a highly reliable network achieving 5 or even 6 9’s of uptime.
• We can use only the secure path. Such as paths with MACsec only
• We can define a path traversing high speed links for bandwidth sensitive traffic
• We can pre-define and use a subset of the routers in our network

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
Use Case 1 – Secure Path
Head-end FAD
Node 0 IOS-XR# Flex-Algo MacSec Tail-end
0,128,129 Flex-Algo
router isis 1
1 3
0,128,129
flex-algo 128 ISP1
!
0 2 4
address-family ipv4 unicast
router-id Loopback0
segment-routing mpls ISP2
!
9
interface Loopback0 5 7
L0:10.0.0.9/32
address-family ipv4 unicast
IPVPN – low delay 8.8.8.0/24 – Set BGP Color 100
prefix-sid absolute 16000
prefix-sid algorithm 128 absolute 16800 6 8
! FAD
segment-routing
traffic-eng
!
on-demand color 100
dynamic • All nodes support Algo 0, 128 and 129
sid-algorithm 128 • Algo 128 is associated with IGP metric and exclude ISP1, ISP2
!

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
Use Case 2– Real-time communications and
applications
Head-end FAD
Node 0 IOS-XR# Flex-Algo MacSec Tail-end
router isis 1 0,128,129 Flex-Algo
flex-algo 129
1 3
0,128,129
! ISP1
address-family ipv4 unicast
0 2 4
router-id Loopback0
segment-routing mpls
! ISP2
interface Loopback0
9
address-family ipv4 unicast 5 7
prefix-sid absolute 16000 L0:10.0.0.9/32
prefix-sid algorithm 129 absolute 16900 IPVPN: Low delay 9.9.9.0/24 – Set BGP Color 200
! 6 8
performance-measurement FAD
interface GigabitEthernet0/0/0/X
delay-measurement
!
segment-routing
traffic-eng • All nodes participating Algo 0, 128 and 129
! • Algo 129 is associated with delay metric and no link affinity included or excluded
on-demand color 200 • Per-link delay measurement is flood to IGP
dynamic
sid-algorithm 129
!

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
Use Case 3– Dual Plane / Multi-plane
Head-end FAD
Node 0 IOS-XR# Flex-Algo MacSec Tail-end
router isis 1 0,128,129 Flex-Algo
1 3
flex-algo 128 0,128,129
! ISP1
address-family ipv4 unicast 2
router-id Loopback0 0 4
segment-routing mpls
!
MacSec 9
interface Loopback0
address-family ipv4 unicast
5 7
L0:10.0.0.9/32
prefix-sid absolute 16000
prefix-sid algorithm 128 absolute 16800 IPVPN 8.8.8.0/24 – Set BGP Color 100
! 6 8 9.9.9.0/24 – Set BGP Color 200
segment-routing FAD
traffic-eng
!
on-demand color 100
dynamic
sid-algorithm 128 • Algo 128 is associated with IGP metric and exclude ISP1
! • Algo 129 is associated with IGP metric and exclude IPVPN
on-demand color 200
dynamic
sid-algorithm 129

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
Additional Use Cases
• Only use a subset of the routers in your network

• Define a path traversing high speed links for bandwidth sensitive traffic

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
Flex-Algo support Highlights

• ISIS Flex-Algo
• OSPF Flex-Algo
• MPLS-PM: per-link delay measurement
• MPLS-PM: end-to-end SR Policy delay measurement
• SR Data Plane Monitoring (SR-DPM)
• Inter-domain ECMP and UCMP

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
SR ODN Support Highlights

• The SR ODN Policy supports the following services:

• IPv4 BGP global routes
• IPv6 BGP global routes (6PE)
• VPNv4
• VPNv6 (6vPE)
• EVPN-VPWS (single-homing)
• EVPN-VPWS (multi-homing)
• EVPN (single-homing/multi-homing)

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
 IETF
• draft-ietf-spring-segment-routing
• Prefix-SID per Algorithm

• draft-filsfils-spring-segment-routing-policy
• SRTE architecture, ODN, AS

• draft-hegdeppsenak-isis-sr-flex-algo
• Customization of Algo and consistency

• draft-ietf-isis-te-app
• Used to flood Flex-Algo specific link affinities

• RFC7810 (IS-IS Traffic Engineering (TE) Metric Extensions)

• Used to advertise extended TE metrics – e.g., link delay

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
Stay up-to-date
amazon.com/

segment-routing.net

linkedin.com/groups/8266623

twitter.com/SegmentRouting

facebook.com/SegmentRouting/
#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
Conclusion
Cisco Learning and Certifications
Pay for Learning with
Cisco Learning Credits
(CLCs) are prepaid training
vouchers redeemed directly
From technology training and team development to Cisco certifications and learning with Cisco.
plans, let us help you empower your business and career. www.cisco.com/go/certs

Learn Train Certify

Cisco U. Cisco Training Bootcamps Cisco Certifications and
IT learning hub that guides teams Intensive team & individual automation Specialist Certifications
and learners toward their goals and technology training programs Award-winning certification
program empowers students
Cisco Digital Learning Cisco Learning Partner Program and IT Professionals to advance
Subscription-based product, technology, Authorized training partners supporting their technical careers
and certification training Cisco technology and career certifications
Cisco Guided Study Groups
Cisco Modeling Labs Cisco Instructor-led and 180-day certification prep program
Network simulation platform for design, Virtual Instructor-led training with learning and support
testing, and troubleshooting Accelerated curriculum of product,
technology, and certification courses Cisco Continuing
Cisco Learning Network Education Program
Resource community portal for Recertification training options
certifications and learning for Cisco certified individuals

Here at the event? Visit us at The Learning and Certifications lounge at the World of Solutions

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 50
Fill out your session surveys!

Attendees who fill out a minimum of four session

surveys and the overall event survey will get
Cisco Live-branded socks (while supplies last)!

Attendees will also earn 100 points in the

Cisco Live Challenge for every survey completed.

These points help you get on the leaderboard and increase your chances of winning daily and grand prizes

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
 • Visit the Cisco Showcase
for related demos

• Book your one-on-one

Meet the Engineer meeting

• Attend the interactive education

with DevNet, Capture the Flag,
Continue and Walk-in Labs

your education • Visit the On-Demand Library

for more sessions at
www.CiscoLive.com/on-demand

BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
Thank you

#CiscoLive
Gamify your Cisco Live experience!
Get points for attending this session!

How:
1 Open the Cisco Events App.

2 Click on 'Cisco Live Challenge’ in the side menu.

3 Click on View Your Badges at the top.

4 Click the + at the bottom of the screen and scan the QR code:

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
#CiscoLive
Additional Flex-Algo Slides
SR IGP Flex-Algo

• Leverages the SR-TE benefits of simplicity, automation and scalable

• Automated sub-50msec FRR (TILFA), backup path honors Flex-Algo constraints

• On-Demand Policy (ODN) and Automated Steering (AS)
• Scale, no core state: state at the headend only
• Supports Inter-domain latency and disjointed path
• Use Prefix-SID label, no Adjacency label

• Example
• Operator1 defines Flex-Algo(128) as “minimize IGP metric and avoid link-affinity green”
• Operator2 defines Flex-Algo(128) as “minimize delay metric and avoid link-affinity blue”

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 57
 Automated Steering – ODN Policy
• An on-demand SR policy is created dynamically for BGP, VPN traffic

• The ODN solution is solely related to dynamic instantiation of a candidate path

• An SR Policy is identified by three attributes, tuple:

• Head-end: where the policy is instantiated
• End-point: where the policy ends, the BGP next-hop address
• Color: a numerical value assigned to a BGP prefix, represents an intent for SRTE policy

SR ODN Policy 2 3 4
Head-end: 1
Color: Green 1
End-point: 4
5 6 7

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
SR ODN Policy Color
• Each SR Policy has a color
• BGP color is used to provide certain treatment (SLA) to some applications by SR ODN policy
• Each SRTE ODN Policy has a unique triplet (H,C,E)
• A prefix with multiple colors will choose highest numerical value to steer traffic

8.8.8.0/24
SR ODN Policy
9.9.9.0/24
1,green,4 2 3 4
steer 8.8.8.0/24 via low delay path Low-delay
1
SR ODN Policy 5 6 7
1,red,4
steer 9.9.9.0/24 via Low-cost path Low-cost

The BGP color extended community is specified in RFC5512

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
 BSID – Binding SID
• BSID - auto generated label to inject the right prefix on to the right SR ODN Policy

• Policy Head-end: • BGP prefix:

! # sh bgp vpnv4 unicast vrf CUSTOMER1 11.103.1.1

on-demand color 800
steering 10.101.1.4 C: 800 (bsid:76623) (metric 200040) from
dynamic 10.100.0.1 (10.101.1.4)
sid-algorithm 128
SR policy color 800, up, registered, bsid 76623, if-handle
#sh segment-routing traffic-eng policy 0x3c0080d4 Local, (received-only)
end-point ipv4 10.101.1.4
10.101.1.4 C:800 (bsid:76623) (metric 200040) from
SR-TE policy database 10.100.0.1 (10.101.1.4
---------------------
Color: 850, End-point: 10.101.1.4
Binding SID: 76623

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
 Automated Steering - Per-Flow Policy (PFP)
Traffic Classification: policy-map type pbr MyPFP interface GigabitEthernet0/0/0/0
class type traffic MinDelay description PE_Ingress_Interface
class-map type traffic match-any MinDelay set forward-class 1 service-policy type pbr input MyPFP
match dscp46 !
end-class-map class type traffic PremiumHosts
! set forward-class 2
class-map type traffic match-any PremiumHosts !
match access-group ipv4 PrioHosts class type traffic class-default
end-class-map set forward-class 0

Per-Flow Policy: on-demand color 20 on-demand color 1000

dynamic per-flow
segment-routing sid-algorithm 129 forward-class 0 color 10
traffic-eng ! forward-class 1 color 20
on-demand color 30 forward-class 2 color 30
on-demand color 10 dynamic
dynamic sid-algorithm 130
sid-algorithm 128
!

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
SRTE Path Computation without and with Flex-Algo

24001
24002 16128
16006 Payload to 6
10.1.1.6/32
10.1.1.6/32
Payload to 6 FA 128: 16128
FA 0:16006

2 4 2 4

24001 24002
6 Flex-algo
6
1 No Flex-algo 1 128
3 5 3 5

(a) Path Computation without Flex-algo (b) Path Computation with Flex-algo,
no adjacency label

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 62
UCMP – Unequal Cost Multi-Path

• UCMP = ECMP + Bandwidth, Per destination

• Same IGP metric but different BW

BW =200M, Metric = 100

BW =100M, Metric = 100
1 BW =20M, Metric = 100
2
BW =10M, Metric = 100

Unequal Cost Multi-path

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
UCMP – Unequal Cost Multi-Path
• UCMP = ECMP + Bandwidth, Per destination
• Apply ”ucmp local” under ISIS process

#show mpls forwarding-table labels 26042 detail | in Tu|load

Destination Prefix-SID
Label Label or Tunnel Id Switched interface
0 Tu3002161 point2point
Per-destination load-sharing, slots: 0
0 Tu3002141 point2point
Per-destination load-sharing, slots: 1
0 Tu3002151 point2point
Per-destination load-sharing, slots: 2
0 Tu3002131 point2point
Per-destination load-sharing, slots: 3 6
0 Tu3002111 point2point
Per-destination load-sharing, slots: 4 7 9 11 13 15
0 Tu3002121 point2point
Per-destination load-sharing, slots: 5 8 10 12 14

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
Headend SRTE DB – IGP Config

• Enable the following command under ISIS/OSPF to feed the SRTE DB

on the head-end:

router ospf 1
router isis 1
distribute link-state
distribute link-state

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
SRTE ODN Policy– Multi-Candidate Paths
IOS-XE:
segment-routing traffic-eng
!
SR
on-demand color 100 PCE
authorize
candidate-paths Algo 128
preference 200 SID: 16888
Algo 128, SID: 16928
constraints
segments PE2 ABR1 PE4 Algo 129, SID: 16929
dataplane mpls
algorithm 128 8.8.8.0/24 → Color 100
! ISIS 1
PE1 ISIS 2 PE9
dynamic
pcep
Level-2 Level-2
!
preference 100
constraints
PE3 ABR2 PE5
segments
dataplane mpls Algo 129
algorithm 129 SID: 16999
!
dynamic
pcep
!
pcc • For network 8.8.8.0/24, Flex-algo 128 Green nodes are primary
pce address 192.168.0.10 source-address 192.168.0.1 • path and Flex-algo 129 Red nodes are backup path.

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 66
SRTE ODN Policy– Multi-Candidate Paths

IOS-XE: IOS-XE:
PE1#sh segment-routing traffic-eng policy all PE1#sh bgp vrf GREEN 8.8.8.1
BGP routing table entry for 1:1:8.8.8.0/24, version 64
Name: *192.168.0.9|100 (Color: 100 End-point: 192.168.0.9)) Paths: (1 available, best #1, table GREEN)
Candidate-paths: Not advertised to any peer
Preference 200 (BGP): Refresh Epoch 1
Constraints: Local
Algorithm: 128 192.168.0.9 (metric 120) (via default) from 192.168.0.10 (192.168.0.10)
Dynamic (pce 192.168.0.10) (active) Origin incomplete, metric 0, localpref 100, valid, internal, best
16011 [Prefix-SID, 192.168.0.11] Extended Community: RT:1:10 Color:100
16008 [Prefix-SID, 192.168.0.9] Originator: 192.168.0.9, Cluster list: 192.168.0.10
Preference 100 (BGP): mpls labels in/out nolabel/24000
Constraints: binding SID: 22 (color - 100) (state - UP)
Algorithm: 129 rx pathid: 0, tx pathid: 0x0
Dynamic (pce 192.168.0.10) (inactive) Updated on Apr 21 2022 01:49:24 UTC
16012 [Prefix-SID, 192.168.0.12]
16009 [Prefix-SID, 192.168.0.9]
Attributes:
Binding SID: 22
Allocation mode: dynamic
State: Programmed
IPv6 caps enabled

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 67
ODN Policy – Per-Destination (Inter-Domain)
IOS-XR:
PE1#show segment-routing traffic-eng policy color 100
SR-TE policy database Pref 200 is failed because for Inter-domain
--------------------- ODN policy, the local DB has no link info for
Color: 100, End-point: 192.168.0.9 other domain and then it moved to PCE with
Name: srte_c_100_ep_192.168.0.9 pref 100 and succeed.
Status:
Admin: up Operational: up
Candidate-paths:
Preference: 200 (BGP ODN) (inactive)
Preference: 100 (BGP ODN) (active)
Requested BSID: dynamic For inter-domain it uses two prefix-SIDs, 1st
Constraints:
SID for head-end to ABR router and 2nd SID for
Prefix-SID Algorithm: 128
Dynamic (pce 192.168.0.10) (valid)
ABR to tail-end.
16888 [Prefix-SID, 192.168.0.11]
16928 [Prefix-SID, 192.168.0.9]
Attributes:
Binding SID: 24010

PE1# sh bgp vrf GREEN 8.8.8.1

BGP routing table entry for 8.8.8.0/24, Route Distinguisher: 1:1
Local
192.168.0.9 C:100 (bsid:24010) (metric 120) from 192.168.0.10
(192.168.0.9)

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 68
Minimum delay is of interest for SRTE

• Minimum delay provides the propagation delay

• fiber length / speed of light

• A property of the topology

• with awareness of DWDM circuit change

• SRTE (Policy or Flex-Algo) can optimize on min delay

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 69
 Default
• Every 3 second, a query
• a two-way query is sent

• Every 30 seconds, a probe

• min, avg, max, var are computed over the last 10 queries
• Last-Probe EDT trigger with (min, avg, max, var)

• Every 120 seconds, an aggregation

• min, avg, max, var over the last 4 probes are computed
• Last-Aggregation Even Driven Telemetry trigger with (min, avg, max, var)
• IF [abs(min-F.min)/F.min >= 10%] and [abs(min-F.min)>=1000usec]
THEN an LSDB change is triggered to flood the new link delay values
a last-advertisement EDT is triggered with these values

F.min is the last flooded value of min-delay. This is what the rest of the network thinks of this link min delay.

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 70
TI-LFA Zero Segment
Zero Segment Example:
9
Packet source is N0 and destination N3 10 10

TI-LFA for link N0-N1, on N0 3(D) 4

TI-LFA find post-convergence SPT 10 10

N0 will steer traffic towards LFA N2 1 2

0(S) 100
10

TILFA label to N3 -→ 16003 (Global N3)

Default metric is 10

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 71
TI-LFA Single Segment
Single Segment Example:

Q Space Q Space
Packet source N0 and destination N3 10
9
10

TI-LFA for link N0-N1, on N0 P Space

3(D) 4
TI-LFA find post-convergence SPT 10 10

N0 will steer traffic towards LFA N4 1 2

0(S) 5
10

TILFA label to N3 → 16004 (Global N4)

Default metric is 10
16003 (Global N3)

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 72
TI-LFA Double Segment
Double Segment Example:

9
Packet source, N0 – destination N3 Q Space 10 100

TI-LFA for link N0-N1, on N0 3(D) 4

TI-LFA find post-convergence SPT P Space
10 10
N0 will steer traffic towards LFA N4 1 2

0(S) 5
10
TILFA label to N3 → 16004 (GlobalN4)
24004 (Adj N9)
Default metric is 10
6003 (Global N3)

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 73
 Micro-loop Avoidance

Traffic source is N0 and destination is N9

1. Link down between N0-N1, IGP floods topology change database to all Nodes

2. BFD trigger in 50ms 9(D)

10 40
3. TI-LFA kick in after 50ms and push traffic N0 to N9 via N2->N4->N9.
This point N0 does not wait for IGP convergence, initiate TI-LFA post convergence path
Backup
3 4
[Let’s say, N0 converge ISIS DB in 200ms and N2 converge in 300ms and there is no Micro- loop Primary
avoidance is enabled in N0.] 10 10

4. After the incident traffic flows 50-200ms (TILFA) and then when N0 converge in 200ms 1 2
and FIB table is built, TILFA path is dropped and N0 use new forwarding path next-hop
N2 to reach N9. This point N2 is not yet converged, it is taking 300ms. From 200-300ms, 10 10
0(S)
N0 send to N2 and N2 send back to N0, this 100ms looping period is called Micro-loop.

5. N0 is enabled Micro-loop avoidance, Micro-loop avoidance hold the TILFA for 5

seconds by default, by this time all the nodes across the path will re-converge.

#CiscoLive BRKMPL-2129 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 74