QuistED.net

Comparing Inter-AS MPLS L3VPN Options (A, B, C)

When an L3VPN service needs to span across two different service providers, an Inter-AS L3VPN solution is required. This scenario is common for national or international circuits where a single service provider is not present in both locations. The routers connecting the two autonomous systems (AS) are known as Autonomous System Border Routers (ASBRs) or boundary routers. In this article I will go into the three primary options for connecting L3VPNs across autonomous system boundaries: Option A, Option B, and Option C, highlighting their distinct characteristics, operational mechanisms, and suitability for various deployment scenarios.

Inter-AS L3VPN Options: Overview

Inter-AS Option A – Back-to-Back VRF

Topology

Theory

(more…)

SD-Access under the hood; Locator/ID Separation Protocol (LISP)

When it comes to Cisco’s software-defined access (SD-Access), one of the key technologies working behind the scenes is Locator/ID Separation Protocol (LISP). At first glance, LISP might seem like just another routing protocol, but it plays a much bigger role. It fundamentally changes how network addressing works by decoupling identity from location. This separation is especially important in SD-Access environments, where flexibility, scalability, and mobility are critical.

In this article, I will break down the funadementals of LISP, the core components that make up its architecture, and how it fits into the SD-Access framework. Whether you’re managing campus networks or diving into next-gen network design, understanding LISP is essential to grasp how SD-Access delivers secure, automated, and policy-driven access.

LISP Fundamentals

Logical View;

Phyical view;

(more…)

Cisco Live 2025 Amsterdam

Introduction

Cisco Live has been on my bucket list for a many years. I heard the stories, watched the streams and VODs and wondered what the event would be like in person. This year Routz facilitated the opportunity and together with a couple colleagues I was able to attend Cisco Live EMEA 2025 in Amsterdam.
My focus from a technology perspective was on SD-Access, Catalyst Center, Service Provider Technologies, Segment Routing, Multi-Domain Segmentation and IPv6. 

Cisco Champions

Being part of the Cisco Champions made the experience even better because I was able to meet people from our community in person. I got to talk to Champions from America, Iceland, Azerbaijan, Germany, Sweden and many more countries from all over the world. The Cisco Champions gave us access to behind-the-scenes tours before the event started, whisper sessions on many topics and domains, and feedback session with Bonny Shapira who is charge of planning Cisco Live EMEA.

(more…)

Intermediate System to Intermediate System (IS-IS)

Intermediate System to Intermediate System (IS-IS) is a dynamic link-state routing protocol widely used in large-scale networks, especially in service provider environments. In this post I will look at the following IS-IS configurations;

• Redistribution of OSPF into IS-IS, and the differences between L1 and L2.
• IS-IS Path selection when L1 and L2 routes are available.
• How and where to apply IS-IS Route Summarization.

IS-IS Lab Setup

Using Cisco’s Modeling Labs (CML) I build the following IS-IS and OSPF topology:

• 2 x L2 Router ( Top )  (R1, R2) running XRv with IOS-XR.
• 2 x L1L2 Router ( left ) (R3, R4) running XRv with IOS-XR.
• 2 x L1 Router ( left ) (R7, R8) running IOS with IOSv.
• 2 x L1L2 Router ( Center ) (R5, R6) running XRv with IOS-XR.
• 2 x L1 Router ( Center ) (R9, R10) running IOS with IOSv.
• 1 x OSPF Router (R11) running IOS with IOSv.

Logical View:

Physical View:

(more…)

Intermediate System to Intermediate System (IS-IS)

Intermediate System to Intermediate System (IS-IS) is a dynamic link-state routing protocol widely used in large-scale networks, especially in service provider environments. One of its features is interlevel routing, which allows communication between IS-IS levels (Level 1 and Level 2). This post explains IS-IS interlevel routing and provides configuration examples to implement it in practical scenarios.

IS-IS Lab Setup

Using Cisco’s Modeling Labs (CML) I build the following IS-IS topology:

• 2 x L2 Router ( Top )  (R1, R2) running XRv with IOS-XR.
• 2 x L1L2 Router ( left ) (R3, R4) running XRv with IOS-XR.
• 2 x L1 Router ( left ) (R9, R10) running IOS with IOSv.
• 2 x L1L2 Router ( Center ) (R5, R6) running XRv with IOS-XR.
• 2 x L1 Router ( Center ) (R11, R12) running IOS with IOSv.
• 2 x L1L2 Router ( Right ) (R7, R8) running XRv with IOS-XR.
• 2 x L1 Router ( Right ) (R13, R14) running IOS with IOSv.

Logical View:

Physical View:

(more…)

Cisco Modeling Labs 2.7

Cisco Modeling Labs (CML) is a powerful, scalable network simulation platform that enables network engineers, IT administrators, and developers to design, build, and test networks in a controlled environment. The latest version, Cisco Modeling Labs 2.7, introduces new features and enhancements, including an improved REST API that enables seamless automation and integration. In this article, we’ll discuss how to get started with CML 2.7 and use Postman to interact with its API for network automation tasks.

CML API Documentation

Log in to Cisco Modeling Labs: Go to the CML web interface, typically accessed via your browser.

Find API Documentation: CML’s built-in documentation is available under Help > API Documentation. This provides detailed information on available API endpoints, request formats, and expected responses.

A new page will open with the documentation:

Here you can find all the information on the available CML API calls that you might need. 

(more…)

What is Fast Reroute (FRR) in an MPLS network?

In an MPLS network with Segment Routing (SR), ensuring rapid recovery from link or node failures is crucial for maintaining high network availability. Cisco’s IOS-XR supports various Fast Reroute (FRR) mechanisms within MPLS Segment Routing environments, including Link Protection, Node Protection, and Topology Independent Loop-Free Alternate (TI-LFA). This article will provide a configuration guide and explanations for these MPLS-SR FRR mechanisms in an MPLS SR-enabled network running OSPF as the Interior Gateway Protocol (IGP).

What is TI-LFA in an MPLS network?

TI-LFA (Topology-Independent Loop-Free Alternate) is a fast reroute (FRR) mechanism in MPLS Segment Routing (MPLS-SR) designed to provide sub-50ms recovery from link or node failures in IP/MPLS networks. Unlike traditional LFA, which relies on specific topological conditions and may not cover all failure scenarios, TI-LFA is “topology-independent,” meaning it ensures protection for all traffic flows regardless of network topology. TI-LFA works by precomputing backup paths based on Segment Routing (SR) policies, allowing traffic to be quickly rerouted through alternate paths without complex recalculations. In the event of a failure, traffic is redirected via pre-established repair paths that adhere to the shortest path routing principles (SPF), minimizing packet loss and maintaining high availability across the network.

MPLS-SR Lab Setup (Baseline)

Using Cisco’s Modeling Labs (CML) I build the following MPLS-SR lab using OSPF as the IGP.

• 2 x PE router ( Left ) (PE5, PE6) running XRv with IOS-XR.
• 4 x P router ( Center )  (P1, P2, P3, P4) running XRv with IOS-XR.
• 2 x PE router ( Right ) (PE7, PE8) running IOSv with IOS.

Logical View:

Interfaces:

(more…)

What is MPLS Segment Routing (MPLS-SR)?

In short MPLS Segment Routing (MPLS-SR) is a modern approach to routing in MPLS (Multiprotocol Label Switching) networks. It allows for the efficient steering of traffic through predefined network segments. These segments are advertised by link-state routing protocols (IS-IS, OSPFv2, and OSPFv3) within IGP topologies. With MPLS-SR, path control and traffic engineering can be achieved without the need for protocols like LDP or RSVP-TE, which are typically used to set up traffic-engineered paths in traditional MPLS networks. These segments are stacked as labels in packet headers, allowing routers to follow predefined paths for traffic without this additional state tracking. This simplifies traffic engineering, enhances scalability, and enables efficient routing.

In this lab I will demonstrate the process of migrating from a traditional MPLS setup (using MPLS, OSPF, and LDP) to an MPLS-SR configuration on IOS-XR and IOS-XE. In this guide, you will see the configuration steps required and differences between both operating systems.
Following this, I will configure a Segment Routing Mapping Server (SRMS) to map the prefixes of IOSv routers since they don’t support MPLS-SR.

MPLS Lab Setup (Baseline)

Using Cisco’s Modeling Labs (CML) I build the following MPLS lab using OSPF and LDP neighbor relationships. 

• 2 x PE router ( Left ) (PE5, PE6) running CSR1000v with IOS-XE.
• 4 x P router ( Center )  (P1, P2, P3, P4) running XRv with IOS-XR.
• 2 x PE router ( Right ) (PE7, PE8) running IOSv with IOS.

Logical View:

Interfaces:

Firmware:

(more…)

Cisco Modeling Labs 2.7

As of Cisco Modeling Labs (CML) version 2.7, the standard IOS-XRv image has limited support and fewer features compared to the newer IOS-XRv 9000 image, which is the preferred option for IOS XR simulations in CML. The IOS-XRv image is not included in the refplat ISO and the only option available after a fresh CML 2.7 install is XRV9K. 

The IOS-XRv 9000 image includes more robust MPLS and VRF capabilities, such as successful L3 MPLS VPN implementations, making it a better choice for complex routing scenarios. However, the IOS-XRv image itself remains available with limitations, including a lack of L2 MPLS VPN support in certain scenarios.

XRv vs XRv9K resources

The only challenge with the IOS-XRv 9000 image is that it requires slightly more resources than the IOS-XRv image.

(more…)

MPLS – Segment Routing (MPLS-SR)

Multiprotocol Label Switching (MPLS) is a data-forwarding technique that uses labels to route packets along predefined paths, rather than traditional IP routing, which relies on layer-3 addresses. By attaching labels to packets, MPLS allows for high-speed data transfers and efficient traffic engineering, making it a go-to for large-scale carrier and enterprise networks.

Segment Routing (SR), is an extension for link-state IGPs (OSPF and IS-IS). Traditional MPLS forms Label Switched Paths (LSPs) through label distribution protocols such as LDP or RSVP-TE. SR simplifies this by eliminating these protocols and allowing source-based routing. In SR, the source node attaches a list of segments (labels) to the packet, guiding it through the desired path without the need for intermediate nodes to compute routing decisions. This shift enables networks to be more adaptable and scalable.

• RFC 8660 – Segment Routing with the MPLS Data Plane
• RFC 8665 – OSPF Extensions for Segment Routing
• RFC 8667 – IS-IS Extensions for Segment Routing

(more…)