MPLS - Source routing

RouterOS Forwarding Protocols
1 
50.50.22.4 -> 50.50.22.2 +-> 50.50.22.32
                         +-> 50.50.22.3  -> 50.50.22.33
                         +-> 50.50.22.1

50.50.22.4, 50.50.22.32, 50.50.22.33 and 50.50.22.1 are MPLS LERs (label edge routers).
50.50.22.2 and 50.50.22.3 are MPLS LSRs (label switching routers).

The LSRs do not run BGP and exclusively learn loopback IPs and point-to-point subnets using OSPF. The LERs also run OSPF, but additionally run iBGP with redundant route reflectors and recursively resolve nexthop loopback destinations.


Sending packets from 50.50.22.4 towards a subnet learnt via non-default gateway works perfectly:

Routing table contains prefix for 41.74.197.214:

[admin@50.50.22.4] > ip route print detail where 41.74.197.214 in dst-address
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit

 4 ADb  dst-address=41.74.196.0/22 pref-src=50.50.22.4 gateway=50.50.22.1 gateway-status=50.50.22.1 recursive via 198.19.19.237 vlan10
        distance=200 scope=40 target-scope=30 bgp-as-path="37235" bgp-local-pref=198 bgp-origin=igp bgp-communities=64512:2000
        received-from=50.50.22.6

 5  Db  dst-address=41.74.196.0/22 pref-src=50.50.22.4 gateway=50.50.22.1 gateway-status=50.50.22.1 recursive via 198.19.19.237 vlan10
        distance=200 scope=40 target-scope=30 bgp-as-path="37235" bgp-local-pref=198 bgp-origin=igp bgp-communities=64512:2000
        received-from=50.50.22.7

Nexthop is resolved using OSPF as an IGP:

[admin@50.50.22.4] > ip route print detail where dst-address=50.50.22.1/32
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit
 0 ADo  dst-address=50.50.22.1/32 pref-src=50.50.22.4 gateway=198.19.19.237 gateway-status=198.19.19.237 reachable via  vlan10
        distance=110 scope=20 target-scope=10 ospf-metric=320 ospf-type=intra-area

Confirmation that there is no MPLS labeled path for the destination subnet, only the recursive gateway:

[admin@50.50.22.4] > mpls forwarding-table print where destination=41.74.196.0/22
Flags: L - ldp, V - vpls, T - traffic-eng
 #   IN-LABEL   OUT-LABELS   DESTINATION     INTERFACE   NEXTHOP

Herewith the MPLS label path towards 50.50.22.1:

[admin@50.50.22.4] > mpls forwarding-table print where destination=50.50.22.1/32
Flags: L - ldp, V - vpls, T - traffic-eng
 #   IN-LABEL   OUT-LABELS   DESTINATION     INTERFACE   NEXTHOP
 0 L 37120      4156         50.50.22.1/32   vlan10      198.19.19.237

[admin@50.50.22.2] > mpls forwarding-table print where destination=50.50.22.1/32
Flags: L - ldp, V - vpls, T - traffic-eng 
 #   IN-LABEL   OUT-LABELS   DESTINATION     INTERFACE   NEXTHOP        
 0 L 4156                    50.50.22.1/32   vlan1117    198.19.28.198

Trace route shows the next hop as the MPLS switched destination:

[admin@50.50.22.4] > tool traceroute 41.74.197.214
 # ADDRESS           LOSS SENT    LAST     AVG    BEST   WORST STD-DEV STATUS
 1 50.50.22.1          0%    2   0.7ms     0.8     0.7     0.9     0.1
 2 196.223.14.70       0%    2   0.7ms     0.8     0.7     0.9     0.1
 3 41.74.197.214       0%    1   1.8ms     1.8     1.8     1.8     1.8

I’m attempting to define a recursive gateway using a static route, to override dynamic routing entries. This is essentially to do source based routing:

In this example I am trying to set a static recursive gateway for 8.8.8.0/24 via 50.50.22.33 and have adjusted the target-scope to be equal or larger than the scope of the route towards the recursive gateway:

/ip route
  add dst-address=8.8.8.0/24 check-gateway=ping distance=1 gateway=50.50.22.33 pref-src=50.50.22.4 target-scope=20

Route becomes active, as expected:

[admin@50.50.22.4] > ip route print detail where 8.8.8.8 in dst-address
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit
 0 ADo  dst-address=0.0.0.0/0 pref-src=50.50.22.4 gateway=198.19.19.237 gateway-status=198.19.19.237 reachable via  vlan10
        distance=110 scope=20 target-scope=10 ospf-metric=21 ospf-type=external-type-1

 1 A S  dst-address=8.8.8.0/24 pref-src=50.50.22.4 gateway=50.50.22.33 gateway-status=50.50.22.33 recursive via 198.19.19.237 vlan10
        check-gateway=ping distance=1 scope=30 target-scope=20

 2  Db  dst-address=8.8.8.0/24 pref-src=50.50.22.4 gateway=50.50.22.32 gateway-status=50.50.22.32 recursive via 198.19.19.237 vlan10
        distance=200 scope=40 target-scope=30 bgp-as-path="15169" bgp-local-pref=200 bgp-med=0 bgp-origin=igp
        bgp-communities=64512:2000 received-from=50.50.22.6

 3  Db  dst-address=8.8.8.0/24 pref-src=50.50.22.4 gateway=50.50.22.32 gateway-status=50.50.22.32 recursive via 198.19.19.237 vlan10
        distance=200 scope=40 target-scope=30 bgp-as-path="15169" bgp-local-pref=200 bgp-med=0 bgp-origin=igp
        bgp-communities=64512:2000 received-from=50.50.22.7

Nexthop is resolved using OSPF as an IGP:

[admin@50.50.22.4] > ip route print detail where dst-address=50.50.22.33/32
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit
 0 ADo  dst-address=50.50.22.33/32 pref-src=50.50.22.4 gateway=198.19.19.237 gateway-status=198.19.19.237 reachable via  vlan10
        distance=110 scope=20 target-scope=10 ospf-metric=40 ospf-type=intra-area

Herewith confirmation that there is a MPLS labeled path from 50.50.22.4, through 50.50.22.2, through 50.50.22.3 to 50.50.22.33:

[admin@50.50.22.4] > mpls forwarding-table print where destination=50.50.22.33/32
Flags: L - ldp, V - vpls, T - traffic-eng
 #   IN-LABEL   OUT-LABELS   DESTINATION     INTERFACE   NEXTHOP
 0 L 37060      4145         50.50.22.33/32  vlan10      198.19.19.237

[admin@50.50.22.2] > mpls forwarding-table print where destination=50.50.22.33/32
Flags: L - ldp, V - vpls, T - traffic-eng
 #   IN-LABEL   OUT-LABELS   DESTINATION     INTERFACE   NEXTHOP
 0 L 4145       8250         50.50.22.33/32  vlan9       198.19.19.254

[admin@50.50.22.3] > mpls forwarding-table print where destination=50.50.22.33/32
Flags: L - ldp, V - vpls, T - traffic-eng 
 #   IN-LABEL   OUT-LABELS   DESTINATION     INTERFACE   NEXTHOP
 0 L 8250                    50.50.22.33/32  vlan7       198.19.28.18

Packets however do not leave the router with an MPLS label (verified using packet capture on 50.50.22.2):

[admin@50.50.22.4] > tool traceroute 8.8.8.8
 # ADDRESS                          LOSS SENT    LAST     AVG    BEST   WORST STD-DEV STATUS
 1 50.50.22.2                         0%    3   0.3ms     0.4     0.2     0.8     0.3
 2 50.50.22.32                        0%    3   0.2ms     0.3     0.2     0.3       0
 3 72.14.239.33                       0%    3   0.3ms     0.3     0.3     0.3       0
 4 8.8.8.8                            0%    3   0.7ms     0.6     0.6     0.7       0

Herewith confirmation that 50.50.22.33 has a direct route out to Google:

[admin@50.50.22.33] > tool traceroute 8.8.8.8
 # ADDRESS                          LOSS SENT    LAST     AVG    BEST   WORST STD-DEV STATUS
 1 196.60.8.166                       0%   23   0.3ms     0.9     0.3     6.8     1.4
 2 72.14.239.53                       0%   23   0.5ms     4.3     0.5    85.7    17.4
 3 8.8.8.8                            0%   23   0.2ms     0.3     0.2     0.4     0.1

Herewith the trace route to Google via 50.50.22.32:

[admin@50.50.22.32] > tool traceroute 8.8.8.8
 # ADDRESS                          LOSS SENT    LAST     AVG    BEST   WORST STD-DEV STATUS
 1 72.14.239.33                       0%   53   0.3ms     0.4     0.2     5.4     0.8
 2 8.8.8.8                            0%   53   0.5ms     0.5     0.4     1.7     0.2
Recursive static route does not apply MPLS labels