networking:containerlab:srv6_default_vrf
Table of Contents
SRv6 Global VRF (RFC 9252) with FRRouting & Containerlab
Introduction & Summary
This document outlines the deployment of a pure Segment Routing over IPv6 (SRv6) fabric using FRRouting (FRR 10.6+) and Linux.
Unlike traditional deployments that rely on L3VPNs (VRFs) to carry customer traffic, this architecture implements RFC 9252 (BGP Based L3 Service over SRv6) directly in the Global Routing Table (Default VRF). It supports both Global IPv4 and Global IPv6 over an SRv6 core.
Key Achievements of this Lab:
- No VRFs required on the PE routers.
- BGP dynamically allocates SRv6 SIDs (End.DT4 and End.DT6) for global connected/redistributed routes.
- IS-IS is used as the IPv6 underlay.
- Custom MTU handling to accommodate SRv6 encapsulation overhead without impacting standard 1500-byte client MTUs.
Key Findings & Important Workarounds
Implementing Global SRv6 (RFC 9252) natively in Linux/FRR without VRFs exposes a conflict between FRRouting's dynamic SID allocation and the Linux kernel's security model. Below are the critical “gotchas” discovered:
1. The Kernel Decapsulation Conflict (End.DT4 vs Table 254)
When doing global IPv4 over SRv6, BGP assigns the End.DT4 behavior to the IPv4 prefix. However, the Linux Kernel's seg6local engine strictly expects End.DT4 (IPv4 decapsulation) to point to an explicit VRF table. When FRR attempts to install this instruction into the global routing table (table 254), the kernel throws an EINVAL error, and FRR marks the SRv6 instruction as Rejected (B>r).
- The Fix: Bypass the kernel's SRv6 engine entirely using native Linux local routing.
- By routing the entire SRv6 Locator block to the
localrouting table, the native Linux IPv6 stack will intercept the packets. It sees the Next Header is IPv4 (4), automatically strips the outer IPv6 SRv6 header, and routes the inner IPv4 payload natively, completely bypassing theEnd.DT4kernel restriction. - Add this to the startup script of every PE router:
ip -6 route add local 2001:db8:b::/48 dev lo
2. BGP Encapsulation Relax
Standard BGP ipv4 unicast and ipv6 unicast address families silently drop SRv6 Prefix-SID attributes (Attribute 40) because they are typically reserved for L3VPNs.
- The Fix: Explicitly tell BGP to attach and accept SRv6 SIDs on global routes using the
relaxkeyword on PEs and Route Reflectors:
neighbor RR encapsulation-srv6-relax
3. MTU and SRv6 Overhead
SRv6 adds exactly 64 bytes of overhead (40 bytes for the outer IPv6 header + 24 bytes for the Segment Routing Header containing 1 SID).
- The Fix: To allow clients to send standard 1500-byte payloads without fragmentation, the core links (between P and PE routers) must have their MTU increased to at least 1564 bytes.
Containerlab Topology
name: srv6-1060 mgmt: network: clab-mgmt-net ipv4-subnet: 172.99.20.0/24 ipv6-subnet: "" topology: nodes: rr1: kind: linux image: quay.io/frrouting/frr:10.6.1 cmd: bash -c "ip link add sr0 type dummy; ip link set sr0 up; /usr/lib/frr/frrinit.sh start && tail -f /dev/null" sysctls: net.ipv4.ip_forward: 1 net.ipv4.conf.all.forwarding: 1 net.ipv6.conf.all.forwarding: 1 net.ipv6.conf.default.forwarding: 1 net.ipv6.seg6_flowlabel: 1 net.ipv6.conf.default.seg6_enabled: 1 net.ipv6.conf.all.seg6_enabled: 1 net.vrf.strict_mode: 0 net.ipv6.conf.all.accept_source_route: 1 binds: - rr1/daemons:/etc/frr/daemons - rr1/frr.conf:/etc/frr/frr.conf - rr1/vtysh.conf:/etc/frr/vtysh.conf exec: - ip link add dummy0 type dummy - ip link set dummy0 up - ip link add sr0 type dummy - ip link set sr0 up - sysctl -w net.ipv6.conf.eth1.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth2.seg6_enabled=1 rr2: kind: linux image: quay.io/frrouting/frr:10.6.1 cmd: bash -c "ip link add sr0 type dummy; ip link set sr0 up; /usr/lib/frr/frrinit.sh start && tail -f /dev/null" sysctls: net.ipv4.ip_forward: 1 net.ipv4.conf.all.forwarding: 1 net.ipv6.conf.all.forwarding: 1 net.ipv6.conf.default.forwarding: 1 net.ipv6.seg6_flowlabel: 1 net.ipv6.conf.default.seg6_enabled: 1 net.ipv6.conf.all.seg6_enabled: 1 net.vrf.strict_mode: 0 net.ipv6.conf.all.accept_source_route: 1 binds: - rr2/daemons:/etc/frr/daemons - rr2/frr.conf:/etc/frr/frr.conf - rr2/vtysh.conf:/etc/frr/vtysh.conf exec: - ip link add dummy0 type dummy - ip link set dummy0 up - ip link add sr0 type dummy - ip link set sr0 up - sysctl -w net.ipv6.conf.eth1.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth2.seg6_enabled=1 p1: kind: linux image: quay.io/frrouting/frr:10.6.1 cmd: bash -c "ip link add sr0 type dummy; ip link set sr0 up; /usr/lib/frr/frrinit.sh start && tail -f /dev/null" sysctls: net.ipv4.ip_forward: 1 net.ipv4.conf.all.forwarding: 1 net.ipv6.conf.all.forwarding: 1 net.ipv6.conf.default.forwarding: 1 net.ipv6.seg6_flowlabel: 1 net.ipv6.conf.default.seg6_enabled: 1 net.ipv6.conf.all.seg6_enabled: 1 net.vrf.strict_mode: 0 net.ipv6.conf.all.accept_source_route: 1 binds: - p1/daemons:/etc/frr/daemons - p1/frr.conf:/etc/frr/frr.conf - p1/vtysh.conf:/etc/frr/vtysh.conf exec: - ip link add dummy0 type dummy - ip link set dummy0 up - ip link add sr0 type dummy - ip link set sr0 up - sysctl -w net.ipv6.conf.eth1.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth2.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth3.seg6_enabled=1 p2: kind: linux image: quay.io/frrouting/frr:10.6.1 cmd: bash -c "ip link add sr0 type dummy; ip link set sr0 up; /usr/lib/frr/frrinit.sh start && tail -f /dev/null" sysctls: net.ipv4.ip_forward: 1 net.ipv4.conf.all.forwarding: 1 net.ipv6.conf.all.forwarding: 1 net.ipv6.conf.default.forwarding: 1 net.ipv6.seg6_flowlabel: 1 net.ipv6.conf.default.seg6_enabled: 1 net.ipv6.conf.all.seg6_enabled: 1 net.vrf.strict_mode: 0 net.ipv6.conf.all.accept_source_route: 1 binds: - p2/daemons:/etc/frr/daemons - p2/frr.conf:/etc/frr/frr.conf - p2/vtysh.conf:/etc/frr/vtysh.conf exec: - ip link add dummy0 type dummy - ip link set dummy0 up - ip link add sr0 type dummy - ip link set sr0 up - sysctl -w net.ipv6.conf.eth1.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth2.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth3.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth4.seg6_enabled=1 p3: kind: linux image: quay.io/frrouting/frr:10.6.1 cmd: bash -c "ip link add sr0 type dummy; ip link set sr0 up; /usr/lib/frr/frrinit.sh start && tail -f /dev/null" sysctls: net.ipv4.ip_forward: 1 net.ipv4.conf.all.forwarding: 1 net.ipv6.conf.all.forwarding: 1 net.ipv6.conf.default.forwarding: 1 net.ipv6.seg6_flowlabel: 1 net.ipv6.conf.default.seg6_enabled: 1 net.ipv6.conf.all.seg6_enabled: 1 net.vrf.strict_mode: 0 net.ipv6.conf.all.accept_source_route: 1 binds: - p3/daemons:/etc/frr/daemons - p3/frr.conf:/etc/frr/frr.conf - p3/vtysh.conf:/etc/frr/vtysh.conf exec: - ip link add dummy0 type dummy - ip link set dummy0 up - ip link add sr0 type dummy - ip link set sr0 up - sysctl -w net.ipv6.conf.eth1.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth2.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth3.seg6_enabled=1 p4: kind: linux image: quay.io/frrouting/frr:10.6.1 cmd: bash -c "ip link add sr0 type dummy; ip link set sr0 up; /usr/lib/frr/frrinit.sh start && tail -f /dev/null" sysctls: net.ipv4.ip_forward: 1 net.ipv4.conf.all.forwarding: 1 net.ipv6.conf.all.forwarding: 1 net.ipv6.conf.default.forwarding: 1 net.ipv6.seg6_flowlabel: 1 net.ipv6.conf.default.seg6_enabled: 1 net.ipv6.conf.all.seg6_enabled: 1 net.vrf.strict_mode: 0 net.ipv6.conf.all.accept_source_route: 1 binds: - p4/daemons:/etc/frr/daemons - p4/frr.conf:/etc/frr/frr.conf - p4/vtysh.conf:/etc/frr/vtysh.conf exec: - ip link add dummy0 type dummy - ip link set dummy0 up - ip link add sr0 type dummy - ip link set sr0 up - sysctl -w net.ipv6.conf.eth1.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth2.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth3.seg6_enabled=1 p5: kind: linux image: quay.io/frrouting/frr:10.6.1 cmd: bash -c "ip link add sr0 type dummy; ip link set sr0 up; /usr/lib/frr/frrinit.sh start && tail -f /dev/null" sysctls: net.ipv4.ip_forward: 1 net.ipv4.conf.all.forwarding: 1 net.ipv6.conf.all.forwarding: 1 net.ipv6.conf.default.forwarding: 1 net.ipv6.seg6_flowlabel: 1 net.ipv6.conf.default.seg6_enabled: 1 net.ipv6.conf.all.seg6_enabled: 1 net.vrf.strict_mode: 0 net.ipv6.conf.all.accept_source_route: 1 binds: - p5/daemons:/etc/frr/daemons - p5/frr.conf:/etc/frr/frr.conf - p5/vtysh.conf:/etc/frr/vtysh.conf exec: - ip link add dummy0 type dummy - ip link set dummy0 up - ip link add sr0 type dummy - ip link set sr0 up - sysctl -w net.ipv6.conf.eth1.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth2.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth3.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth4.seg6_enabled=1 p6: kind: linux image: quay.io/frrouting/frr:10.6.1 cmd: bash -c "ip link add sr0 type dummy; ip link set sr0 up; /usr/lib/frr/frrinit.sh start && tail -f /dev/null" sysctls: net.ipv4.ip_forward: 1 net.ipv4.conf.all.forwarding: 1 net.ipv6.conf.all.forwarding: 1 net.ipv6.conf.default.forwarding: 1 net.ipv6.seg6_flowlabel: 1 net.ipv6.conf.default.seg6_enabled: 1 net.ipv6.conf.all.seg6_enabled: 1 net.vrf.strict_mode: 0 net.ipv6.conf.all.accept_source_route: 1 binds: - p6/daemons:/etc/frr/daemons - p6/frr.conf:/etc/frr/frr.conf - p6/vtysh.conf:/etc/frr/vtysh.conf exec: - ip link add dummy0 type dummy - ip link set dummy0 up - ip link add sr0 type dummy - ip link set sr0 up - sysctl -w net.ipv6.conf.eth2.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth3.seg6_enabled=1 pe1: kind: linux image: quay.io/frrouting/frr:10.6.1 cmd: bash -c "ip link add sr0 type dummy; ip link set sr0 up; /usr/lib/frr/frrinit.sh start && tail -f /dev/null" sysctls: net.ipv4.ip_forward: 1 net.ipv4.conf.all.forwarding: 1 net.ipv6.conf.all.forwarding: 1 net.ipv6.conf.default.forwarding: 1 net.ipv6.seg6_flowlabel: 1 net.ipv6.conf.default.seg6_enabled: 1 net.ipv6.conf.all.seg6_enabled: 1 net.vrf.strict_mode: 0 net.ipv6.conf.all.accept_source_route: 1 binds: - pe1/daemons:/etc/frr/daemons - pe1/frr.conf:/etc/frr/frr.conf - pe1/vtysh.conf:/etc/frr/vtysh.conf exec: - sleep 4 - ip link add dummy0 type dummy - ip link set dummy0 up - ip link add sr0 type dummy - ip link set sr0 up - sysctl -w net.ipv4.conf.sr0.forwarding=1 - sysctl -w net.ipv6.conf.sr0.forwarding=1 - sysctl -w net.ipv6.conf.sr0.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth1.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth2.seg6_enabled=1 - ip -6 route add local 2001:db8:b::/48 dev lo pe4: kind: linux image: quay.io/frrouting/frr:10.6.1 cmd: bash -c "ip link add sr0 type dummy; ip link set sr0 up; /usr/lib/frr/frrinit.sh start && tail -f /dev/null" sysctls: net.ipv4.ip_forward: 1 net.ipv4.conf.all.forwarding: 1 net.ipv6.conf.all.forwarding: 1 net.ipv6.conf.default.forwarding: 1 net.ipv6.seg6_flowlabel: 1 net.ipv6.conf.default.seg6_enabled: 1 net.ipv6.conf.all.seg6_enabled: 1 net.vrf.strict_mode: 0 net.ipv6.conf.all.accept_source_route: 1 binds: - pe4/daemons:/etc/frr/daemons - pe4/frr.conf:/etc/frr/frr.conf - pe4/vtysh.conf:/etc/frr/vtysh.conf exec: - sleep 4 - ip link add dummy0 type dummy - ip link set dummy0 up - ip link add sr0 type dummy - ip link set sr0 up - sysctl -w net.ipv4.conf.sr0.forwarding=1 - sysctl -w net.ipv6.conf.sr0.forwarding=1 - sysctl -w net.ipv6.conf.sr0.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth1.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth2.seg6_enabled=1 - ip -6 route add local 2001:db8:e::/48 dev lo pe3: kind: linux image: quay.io/frrouting/frr:10.6.1 cmd: bash -c "ip link add sr0 type dummy; ip link set sr0 up; /usr/lib/frr/frrinit.sh start && tail -f /dev/null" sysctls: net.ipv4.ip_forward: 1 net.ipv4.conf.all.forwarding: 1 net.ipv6.conf.all.forwarding: 1 net.ipv6.conf.default.forwarding: 1 net.ipv6.seg6_flowlabel: 1 net.ipv6.conf.default.seg6_enabled: 1 net.ipv6.conf.all.seg6_enabled: 1 net.vrf.strict_mode: 0 net.ipv6.conf.all.accept_source_route: 1 binds: - pe3/daemons:/etc/frr/daemons - pe3/frr.conf:/etc/frr/frr.conf - pe3/vtysh.conf:/etc/frr/vtysh.conf exec: - sleep 4 - ip link add dummy0 type dummy - ip link set dummy0 up - ip link add sr0 type dummy - ip link set sr0 up - sysctl -w net.ipv4.conf.sr0.forwarding=1 - sysctl -w net.ipv6.conf.sr0.forwarding=1 - sysctl -w net.ipv6.conf.sr0.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth1.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth2.seg6_enabled=1 - ip -6 route add local 2001:db8:d::/48 dev lo pe6: kind: linux image: quay.io/frrouting/frr:10.6.1 cmd: bash -c "ip link add sr0 type dummy; ip link set sr0 up; /usr/lib/frr/frrinit.sh start && tail -f /dev/null" sysctls: net.ipv4.ip_forward: 1 net.ipv4.conf.all.forwarding: 1 net.ipv6.conf.all.forwarding: 1 net.ipv6.conf.default.forwarding: 1 net.ipv6.seg6_flowlabel: 1 net.ipv6.conf.default.seg6_enabled: 1 net.ipv6.conf.all.seg6_enabled: 1 net.vrf.strict_mode: 0 net.ipv6.conf.all.accept_source_route: 1 binds: - pe6/daemons:/etc/frr/daemons - pe6/frr.conf:/etc/frr/frr.conf - pe6/vtysh.conf:/etc/frr/vtysh.conf exec: - sleep 4 - ip link add dummy0 type dummy - ip link set dummy0 up - ip link add sr0 type dummy - ip link set sr0 up - sysctl -w net.ipv4.conf.sr0.forwarding=1 - sysctl -w net.ipv6.conf.sr0.forwarding=1 - sysctl -w net.ipv6.conf.sr0.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth1.seg6_enabled=1 - sysctl -w net.ipv6.conf.eth2.seg6_enabled=1 - ip -6 route add local 2001:db8:10::/48 dev lo clienta1-1: kind: linux image: alpine:latest exec: - apk add iputils-ping - ip -4 addr add 192.168.131.2/24 dev eth1 - ip link set dev eth1 up - ip -4 route del default - ip -4 route add 0.0.0.0/0 via 192.168.131.1 - ip -6 address add fdd8:8b9e:07c5::2/64 dev eth1 - ip -6 route add ::/0 via fdd8:8b9e:07c5::1 clienta1-3: kind: linux image: alpine:latest exec: - apk add iputils-ping - ip -4 addr add 192.168.133.2/24 dev eth1 - ip link set dev eth1 up - ip -4 route del default - ip -4 route add 0.0.0.0/0 via 192.168.133.1 - ip -6 address add fdf2:f16f:a002::2/64 dev eth1 - ip -6 route add ::/0 via fdf2:f16f:a002::1 clienta1-4: kind: linux image: alpine:latest exec: - apk add iputils-ping - ip -4 addr add 192.168.134.2/24 dev eth1 - ip link set dev eth1 up - ip -4 route del default - ip -4 route add 0.0.0.0/0 via 192.168.134.1 - ip -6 address add fde4:1b4c:2ef0::2/64 dev eth1 - ip -6 route add ::/0 via fde4:1b4c:2ef0::1 clienta1-6: kind: linux image: alpine:latest exec: - apk add iputils-ping - ip -4 addr add 192.168.136.2/24 dev eth1 - ip link set dev eth1 up - ip -4 route del default - ip -4 route add 0.0.0.0/0 via 192.168.136.1 - ip -6 address add fdcb:a001:3440::2/64 dev eth1 - ip -6 route add ::/0 via fdcb:a001:3440::1 links: - endpoints: ["p1:eth1", "p2:eth1"] mtu: 1564 - endpoints: ["p1:eth2", "p4:eth2"] mtu: 1564 - endpoints: ["p2:eth2", "p3:eth2"] mtu: 1564 - endpoints: ["p2:eth3", "p5:eth3"] mtu: 1564 - endpoints: ["p3:eth1", "p6:eth1"] mtu: 1564 - endpoints: ["p6:eth2", "p5:eth2"] mtu: 1564 - endpoints: ["p5:eth1", "p4:eth1"] mtu: 1564 - endpoints: ["p1:eth3", "pe1:eth1"] mtu: 1564 - endpoints: ["p4:eth3", "pe4:eth1"] mtu: 1564 - endpoints: ["p3:eth3", "pe3:eth1"] mtu: 1564 - endpoints: ["p6:eth3", "pe6:eth1"] mtu: 1564 - endpoints: ["p2:eth4", "rr1:eth1"] mtu: 1564 - endpoints: ["p5:eth4", "rr2:eth1"] mtu: 1564 - endpoints: ["pe1:eth2", "clienta1-1:eth1"] mtu: 1500 - endpoints: ["pe3:eth2", "clienta1-3:eth1"] mtu: 1500 - endpoints: ["pe4:eth2", "clienta1-4:eth1"] mtu: 1500 - endpoints: ["pe6:eth2", "clienta1-6:eth1"] mtu: 1500
PE Configurations
PE1
- pe1 config
frr version 10.6.1_git frr defaults traditional hostname pe1 ! ip prefix-list LAN_IPV4 seq 10 permit 192.168.131.0/24 ! ipv6 prefix-list LAN_IPV6 seq 10 permit fdd8:8b9e:7c5::/64 ! route-map GLOBAL_IPV4-OUT permit 10 match ip address prefix-list LAN_IPV4 exit ! route-map GLOBAL_IPV4-OUT deny 999 exit ! route-map GLOBAL_IPV6-OUT permit 10 match ipv6 address prefix-list LAN_IPV6 exit ! route-map GLOBAL_IPV6-OUT deny 999 exit ! ip router-id 172.16.0.11 ! interface eth1 description "to p1 - eth3" ipv6 address 2001:db8:1a::2/64 ipv6 router isis SR isis network point-to-point exit ! interface eth2 description "to clienta-1 - eth1" ip address 192.168.131.1/24 ipv6 address fdd8:8b9e:7c5::1/64 exit ! interface lo ipv6 address 2001:db8:b::1/128 ipv6 router isis SR isis passive exit ! router bgp 65577 neighbor RR peer-group neighbor RR remote-as 65577 neighbor RR password cisco123 neighbor RR update-source 2001:db8:b::1 neighbor RR capability extended-nexthop neighbor 2001:db8:101::1 peer-group RR neighbor 2001:db8:102::1 peer-group RR ! segment-routing srv6 locator locator0 exit ! address-family ipv4 unicast redistribute connected route-map GLOBAL_IPV4-OUT neighbor RR encapsulation-srv6-relax sid export auto exit-address-family ! address-family ipv6 unicast redistribute connected route-map GLOBAL_IPV6-OUT neighbor RR activate neighbor RR encapsulation-srv6-relax sid export auto exit-address-family exit ! router isis SR net 49.0000.0000.0000.0011.00 segment-routing srv6 locator locator0 exit exit ! segment-routing srv6 locators locator locator0 prefix 2001:db8:b::/48 exit ! exit ! exit ! exit !
PE3
- pe3 config
frr version 10.6.1_git frr defaults traditional hostname pe3 ! ip prefix-list LAN_IPV4 seq 10 permit 192.168.133.0/24 ! ipv6 prefix-list LAN_IPV6 seq 10 permit fdf2:f16f:a002::/64 ! route-map GLOBAL_IPV4-OUT permit 10 match ip address prefix-list LAN_IPV4 exit ! route-map GLOBAL_IPV4-OUT deny 999 exit ! route-map GLOBAL_IPV6-OUT permit 10 match ipv6 address prefix-list LAN_IPV6 exit ! route-map GLOBAL_IPV6-OUT deny 999 exit ! ip router-id 172.16.0.13 ! interface eth1 description "to p3 - eth3" ipv6 address 2001:db8:3a::2/64 ipv6 router isis SR isis network point-to-point exit ! interface eth2 description "to clienta-3 - eth1" ip address 192.168.133.1/24 ipv6 address fdf2:f16f:a002::1/64 exit ! interface lo ipv6 address 2001:db8:d::1/128 ipv6 router isis SR isis passive exit ! router bgp 65577 neighbor RR peer-group neighbor RR remote-as 65577 neighbor RR password cisco123 neighbor RR update-source 2001:db8:d::1 neighbor RR capability extended-nexthop neighbor 2001:db8:101::1 peer-group RR neighbor 2001:db8:102::1 peer-group RR ! segment-routing srv6 locator locator0 exit ! address-family ipv4 unicast redistribute connected route-map GLOBAL_IPV4-OUT neighbor RR encapsulation-srv6-relax sid export auto exit-address-family ! address-family ipv6 unicast redistribute connected route-map GLOBAL_IPV6-OUT neighbor RR activate neighbor RR encapsulation-srv6-relax sid export auto exit-address-family exit ! router isis SR net 49.0000.0000.0000.0013.00 segment-routing srv6 locator locator0 exit exit ! segment-routing srv6 locators locator locator0 prefix 2001:db8:d::/48 exit ! exit ! exit ! exit !
PE4
- pe4 config
frr version 10.6.1_git frr defaults traditional hostname pe4 ! ip prefix-list LAN_IPV4 seq 10 permit 192.168.134.0/24 ! ipv6 prefix-list LAN_IPV6 seq 10 permit fde4:1b4c:2ef0::/64 ! route-map GLOBAL_IPV4-OUT permit 10 match ip address prefix-list LAN_IPV4 exit ! route-map GLOBAL_IPV4-OUT deny 999 exit ! route-map GLOBAL_IPV6-OUT permit 10 match ipv6 address prefix-list LAN_IPV6 exit ! route-map GLOBAL_IPV6-OUT deny 999 exit ! ip router-id 172.16.0.14 ! interface eth1 description "to p4 - eth3" ipv6 address 2001:db8:4a::2/64 ipv6 router isis SR isis network point-to-point exit ! interface eth2 description "to clienta-4 - eth1" ip address 192.168.134.1/24 ipv6 address fde4:1b4c:2ef0::1/64 exit ! interface lo ipv6 address 2001:db8:e::1/128 ipv6 router isis SR isis passive exit ! router bgp 65577 neighbor RR peer-group neighbor RR remote-as 65577 neighbor RR password cisco123 neighbor RR update-source 2001:db8:e::1 neighbor RR capability extended-nexthop neighbor 2001:db8:101::1 peer-group RR neighbor 2001:db8:102::1 peer-group RR ! segment-routing srv6 locator locator0 exit ! address-family ipv4 unicast redistribute connected route-map GLOBAL_IPV4-OUT neighbor RR encapsulation-srv6-relax sid export auto exit-address-family ! address-family ipv6 unicast redistribute connected route-map GLOBAL_IPV6-OUT neighbor RR activate neighbor RR encapsulation-srv6-relax sid export auto exit-address-family exit ! router isis SR net 49.0000.0000.0000.0014.00 segment-routing srv6 locator locator0 exit exit ! segment-routing srv6 locators locator locator0 prefix 2001:db8:e::/48 exit ! exit ! exit ! exit !
PE6
- pe6 config
frr version 10.6.1_git frr defaults traditional hostname pe6 ! ip prefix-list LAN_IPV4 seq 10 permit 192.168.136.0/24 ! ipv6 prefix-list LAN_IPV6 seq 10 permit fdcb:a001:3440::/64 ! route-map GLOBAL_IPV4-OUT permit 10 match ip address prefix-list LAN_IPV4 exit ! route-map GLOBAL_IPV4-OUT deny 999 exit ! route-map GLOBAL_IPV6-OUT permit 10 match ipv6 address prefix-list LAN_IPV6 exit ! route-map GLOBAL_IPV6-OUT deny 999 exit ! ip router-id 172.16.0.16 ! interface eth1 description "to p6 - eth3" ipv6 address 2001:db8:6a::2/64 ipv6 router isis SR isis network point-to-point exit ! interface eth2 description "to clienta-6 - eth1" ip address 192.168.136.1/24 ipv6 address fdcb:a001:3440::1/64 exit ! interface lo ipv6 address 2001:db8:10::1/128 ipv6 router isis SR isis passive exit ! router bgp 65577 neighbor RR peer-group neighbor RR remote-as 65577 neighbor RR password cisco123 neighbor RR update-source 2001:db8:10::1 neighbor RR capability extended-nexthop neighbor 2001:db8:101::1 peer-group RR neighbor 2001:db8:102::1 peer-group RR ! segment-routing srv6 locator locator0 exit ! address-family ipv4 unicast redistribute connected route-map GLOBAL_IPV4-OUT neighbor RR encapsulation-srv6-relax sid export auto exit-address-family ! address-family ipv6 unicast redistribute connected route-map GLOBAL_IPV6-OUT neighbor RR activate neighbor RR encapsulation-srv6-relax sid export auto exit-address-family exit ! router isis SR net 49.0000.0000.0000.0016.00 segment-routing srv6 locator locator0 exit exit ! segment-routing srv6 locators locator locator0 prefix 2001:db8:10::/48 exit ! exit ! exit ! exit !
P configurations
P1
- p1 config
frr version 10.5.1_git frr defaults traditional hostname p1 ! ip router-id 172.16.0.1 ! interface eth1 description "to p2 - eth1" ipv6 address 2001:db8:12::1/64 ipv6 router isis SR isis network point-to-point exit ! interface eth2 description "to p4 - eth2" ipv6 address 2001:db8:14::1/64 ipv6 router isis SR isis network point-to-point exit ! interface eth3 description "to pe1 - eth3" ipv6 address 2001:db8:1a::1/64 ipv6 router isis SR isis network point-to-point exit ! interface eth4 description "to gw1 - eth1" ipv6 address 2001:db8:f11::1/64 ipv6 router isis SR isis network point-to-point exit ! interface lo ipv6 address 2001:db8:1::1/128 ipv6 router isis SR isis passive exit ! router isis SR net 49.0000.0000.0000.0001.00 segment-routing srv6 locator locator0 exit exit ! segment-routing srv6 static-sids sid 2001:db8:1::1/128 locator locator0 behavior uN exit ! exit ! srv6 locators locator locator0 prefix 2001:db8:1::/48 exit ! exit ! exit ! exit !
P2
- p2 config
frr version 10.5.1_git frr defaults traditional hostname p2 ! ip router-id 172.16.0.2 ! interface eth1 description "to p1 - eth1" ipv6 address 2001:db8:12::2/64 ipv6 router isis SR isis network point-to-point exit ! interface eth2 description "to p3 - eth2" ipv6 address 2001:db8:23::2/64 ipv6 router isis SR isis network point-to-point exit ! interface eth3 description "to p5 - eth3" ipv6 address 2001:db8:25::2/64 ipv6 router isis SR isis network point-to-point exit ! interface eth4 description "to rr1 - eth1" ipv6 address 2001:db8:2101::1/64 ipv6 router isis SR isis network point-to-point exit ! interface lo ipv6 address 2001:db8:2::1/128 ipv6 router isis SR isis passive exit ! router isis SR net 49.0000.0000.0000.0002.00 segment-routing srv6 locator locator0 exit exit ! segment-routing srv6 static-sids sid 2001:db8:2::1/128 locator locator0 behavior uN exit ! exit ! srv6 locators locator locator0 prefix 2001:db8:2::/48 exit ! exit ! exit ! exit !
P3
- p3 config
frr version 10.5.1_git frr defaults traditional hostname p3 ! ip router-id 172.16.0.3 ! interface eth1 description "to p6 - eth1" ipv6 address 2001:db8:36::3/64 ipv6 router isis SR isis network point-to-point exit ! interface eth2 description "to p2 - eth2" ipv6 address 2001:db8:23::3/64 ipv6 router isis SR isis network point-to-point exit ! interface eth3 description "to pe3 - eth1" ipv6 address 2001:db8:3a::1/64 ipv6 router isis SR isis network point-to-point exit ! interface lo ipv6 address 2001:db8:3::1/128 ipv6 router isis SR isis passive exit ! router isis SR net 49.0000.0000.0000.0003.00 segment-routing srv6 locator locator0 exit exit ! segment-routing srv6 static-sids sid 2001:db8:3::1/128 locator locator0 behavior uN exit ! exit ! srv6 locators locator locator0 prefix 2001:db8:3::/48 exit ! exit ! exit ! exit !
P4
- p4 config
frr version 10.5.1_git frr defaults traditional hostname p4 ! ip router-id 172.16.0.4 ! interface eth1 description "to p5 - eth1" ipv6 address 2001:db8:45::4/64 ipv6 router isis SR isis network point-to-point exit ! interface eth2 description "to p1 - eth2" ipv6 address 2001:db8:12::4/64 ipv6 router isis SR isis network point-to-point exit ! interface eth3 description "to pe4 - eth1" ipv6 address 2001:db8:4a::1/64 ipv6 router isis SR isis network point-to-point exit ! interface lo ipv6 address 2001:db8:4::1/128 ipv6 router isis SR isis passive exit ! router isis SR net 49.0000.0000.0000.0004.00 segment-routing srv6 locator locator0 exit exit ! segment-routing srv6 static-sids sid 2001:db8:4::1/128 locator locator0 behavior uN exit ! exit ! srv6 locators locator locator0 prefix 2001:db8:4::/48 exit ! exit ! exit ! exit !
P5
- p5 config
frr version 10.5.1_git frr defaults traditional hostname p5 ! ip router-id 172.16.0.5 ! interface eth1 description "to p4 - eth1" ipv6 address 2001:db8:45::5/64 ipv6 router isis SR isis network point-to-point exit ! interface eth2 description "to p6 - eth2" ipv6 address 2001:db8:56::5/64 ipv6 router isis SR isis network point-to-point exit ! interface eth3 description "to p2 - eth3" ipv6 address 2001:db8:25::5/64 ipv6 router isis SR isis network point-to-point exit ! interface eth4 description "to rr2 - eth1" ipv6 address 2001:db8:5102::1/64 ipv6 router isis SR isis network point-to-point exit ! interface lo ipv6 address 2001:db8:5::1/128 ipv6 router isis SR isis passive exit ! router isis SR net 49.0000.0000.0000.0005.00 segment-routing srv6 locator locator0 exit exit ! segment-routing srv6 static-sids sid 2001:db8:5::1/128 locator locator0 behavior uN exit ! exit ! srv6 locators locator locator0 prefix 2001:db8:5::/48 exit ! exit ! exit ! exit !
P6
- p6 config
frr version 10.5.1_git frr defaults traditional hostname p6 ! ip router-id 172.16.0.6 ! interface eth1 description "to p3 - eth1" ipv6 address 2001:db8:36::6/64 ipv6 router isis SR isis network point-to-point exit ! interface eth2 description "to p5 - eth2" ipv6 address 2001:db8:56::6/64 ipv6 router isis SR isis network point-to-point exit ! interface eth3 description "to pe6 - eth1" ipv6 address 2001:db8:6a::1/64 ipv6 router isis SR isis network point-to-point exit ! interface eth4 description "to gw2 - eth1" ipv6 address 2001:db8:f62::1/64 ipv6 router isis SR isis network point-to-point exit ! interface lo ipv6 address 2001:db8:6::1/128 ipv6 router isis SR isis passive exit ! router isis SR net 49.0000.0000.0000.0006.00 segment-routing srv6 locator locator0 exit exit ! segment-routing srv6 static-sids sid 2001:db8:6::1/128 locator locator0 behavior uN exit ! exit ! srv6 locators locator locator0 prefix 2001:db8:6::/48 exit ! exit ! exit ! exit !
Route Reflectors configuration
RR1
- rr1 config
frr version 10.6.1_git frr defaults traditional hostname rr1 ! interface eth1 description "to p2 - eth4" ipv6 address 2001:db8:2101::2/64 ipv6 router isis SR isis network point-to-point exit ! interface lo ipv6 address 2001:db8:101::1/128 ipv6 router isis SR isis passive exit ! router bgp 65577 bgp route-reflector allow-outbound-policy neighbor PE peer-group neighbor PE remote-as 65577 neighbor PE password cisco123 neighbor PE update-source 2001:db8:101::1 neighbor PE capability extended-nexthop neighbor 2001:db8:b::1 peer-group PE neighbor 2001:db8:b::1 description "PE1" neighbor 2001:db8:d::1 peer-group PE neighbor 2001:db8:d::1 description "PE3" neighbor 2001:db8:e::1 peer-group PE neighbor 2001:db8:e::1 description "PE4" neighbor 2001:db8:10::1 peer-group PE neighbor 2001:db8:10::1 description "PE6" neighbor 2001:db8:11::1 peer-group PE neighbor 2001:db8:11::1 description "GW1" neighbor 2001:db8:12::1 peer-group PE neighbor 2001:db8:12::1 description "GW2" ! address-family ipv4 unicast neighbor PE route-reflector-client neighbor PE encapsulation-srv6-relax exit-address-family ! address-family ipv6 unicast neighbor PE activate neighbor PE route-reflector-client neighbor PE encapsulation-srv6-relax exit-address-family exit ! router isis SR net 49.0000.0000.0000.0101.00 segment-routing srv6 locator locator0 exit exit !
RR2
- rr2 config
frr version 10.6.1_git frr defaults traditional hostname rr2 ! ip router-id 172.16.0.102 ! interface eth1 description "to p5 - eth4" ipv6 address 2001:db8:5102::2/64 ipv6 router isis SR isis network point-to-point exit ! interface lo ipv6 address 2001:db8:102::1/128 ipv6 router isis SR isis passive exit ! router bgp 65577 bgp route-reflector allow-outbound-policy neighbor PE peer-group neighbor PE remote-as 65577 neighbor PE password cisco123 neighbor PE update-source 2001:db8:102::1 neighbor PE capability extended-nexthop neighbor 2001:db8:b::1 peer-group PE neighbor 2001:db8:b::1 description "PE1" neighbor 2001:db8:d::1 peer-group PE neighbor 2001:db8:d::1 description "PE3" neighbor 2001:db8:e::1 peer-group PE neighbor 2001:db8:e::1 description "PE4" neighbor 2001:db8:10::1 peer-group PE neighbor 2001:db8:10::1 description "PE6" neighbor 2001:db8:11::1 peer-group PE neighbor 2001:db8:11::1 description "GW1" neighbor 2001:db8:12::1 peer-group PE neighbor 2001:db8:12::1 description "GW2" ! address-family ipv4 unicast neighbor PE route-reflector-client neighbor PE encapsulation-srv6-relax exit-address-family ! address-family ipv6 unicast neighbor PE activate neighbor PE route-reflector-client neighbor PE encapsulation-srv6-relax exit-address-family exit ! router isis SR net 49.0000.0000.0000.0102.00 segment-routing srv6 locator locator0 exit exit !
networking/containerlab/srv6_default_vrf.txt · Last modified: by jonathan