Configuration guidelines

When you configure a tunnel policy, follow these guidelines:

• To select a preferred tunnel, create a tunnel policy and configure the preferred tunnel with the preferred-path command. The destination address of the preferred tunnel identifies a peer PE so the PE will forward traffic destined for that peer PE over the preferred tunnel.

  • If you configure multiple preferred tunnels that have the same destination address in a tunnel policy, only the first configured tunnel takes effect.

  • If the first tunnel is not available, the second tunnel is used, and so forth. No load balancing will be performed on these tunnels.

  This method explicitly specifies an MPLS TE tunnel or a GRE tunnel for an MPLS VPN, facilitating traffic planning. As a best practice, use this method.

• To select multiple tunnels for load sharing, create a tunnel policy and specify the tunnel selection order and the number of tunnels by using the select-seq load-balance-number command. A tunnel type closer to the select-seq keyword has a higher priority. For example, the select-seq lsp gre load-balance-number 3 command gives LSP higher priority over GRE. If no LSP is available or the number of LSPs is less than 3, VPN uses GRE tunnels. The tunnels selected by this method are not fixed, complicating traffic planning. As a best practice, do not use this method.

If you configure both methods for a tunnel policy, the tunnel policy selects tunnels in the following steps:

1. If the destination address of a preferred tunnel identifies a peer PE, the tunnel policy uses the preferred tunnel to forward traffic destined for the peer PE.

2. If not, the tunnel policy selects tunnels as configured by the select-seq load-balance-number command.

As shown in Figure 47, PE 1 and PE 2 have multiple tunnels in between and they are connected to multiple MPLS VPNs. You can control the paths for VPN traffic by using one of the following methods:

• Configure multiple tunnel policies, and specify a preferred tunnel for each policy by using the preferred-path command. Apply these policies to different MPLS VPNs to forward the traffic of each VPN over a specific tunnel.

• Configure one tunnel policy, and use the select-seq load-balance-number command to specify the tunnel selection order and the number of tunnels for load balancing. Apply the tunnel policy to MPLS VPNs to forward the traffic of every VPN over multiple tunnels.

The second method distributes traffic of a single VPN to multiple tunnels. The transmission delays on different tunnels can vary by a large amount. Therefore, the destination device or the upper layer application might take a great time to sequence the packets. As a best practice, do not use the second method.