From: McCallum, Robert (robert.mccallum@thus.net)
Date: Thu Nov 11 2004 - 08:23:01 GMT-3
Jay,
Below you speak about being unable to ping from a vrf perspective. Then
your pings show a normal mpls ping? Can you list the show mpls for vrf
whatever it is? Infact can you list your configs of each router that would
probably be easier.
Robert McCallum
CCIE #8757 R&S
01415663448
07818002241
> -----Original Message-----
> From: Dalu-Chandu, Jay [mailto:JD163604@NCR.COM]
> Sent: 11 November 2004 11:10
> To: McCallum, Robert
> Cc: comserv@groupstudy.com; ccielab@groupstudy.com; Mark
> Lewis; Mike Bernico
> Subject: RE: MPLS/VPN/ISIS
>
>
> Robert,
>
> You've seen this before I take it?
>
> R5#show mpls ldp neighbor
> Peer LDP Ident: 192.168.3.3:0; Local LDP Ident 192.168.5.5:0
> TCP connection: 192.168.3.3.646 - 192.168.5.5.11009
> State: Oper; Msgs sent/rcvd: 53/54; Downstream
> Up time: 00:31:33
> LDP discovery sources:
> Serial4/3, Src IP addr: 172.16.35.6
> Addresses bound to peer LDP Ident:
> 172.16.136.3 150.50.100.5 150.50.100.9
> 150.50.100.13
> 172.16.35.6 192.168.3.3 192.168.100.1
> 192.168.101.1
> 172.16.136.10
>
> R1#show mpls ldp neigh
> Peer LDP Ident: 192.168.3.3:0; Local LDP Ident 192.168.1.1:0
> TCP connection: 192.168.3.3.11650 - 192.168.1.1.646
> State: Oper; Msgs sent/rcvd: 33/35; Downstream
> Up time: 00:14:10
> LDP discovery sources:
> Serial4/0.1, Src IP addr: 150.50.100.9
> Addresses bound to peer LDP Ident:
> 172.16.136.3 172.16.35.6 192.168.3.3
> 192.168.100.1
> 192.168.101.1 172.16.136.10 150.50.100.5
> 150.50.100.13
> 150.50.100.9
> R1#
>
> Regards
>
> Jay
>
>
> -----Original Message-----
> From: McCallum, Robert [mailto:robert.mccallum@thus.net]
> Sent: 11 November 2004 10:30
> To: Dalu-Chandu, Jay; Mike Bernico
> Cc: comserv@groupstudy.com; ccielab@groupstudy.com; Mark Lewis
> Subject: RE: MPLS/VPN/ISIS
>
> you have a host route untagged - BAD NEWS. Can you show a
> show mpls neighbor.
>
> Robert McCallum
> CCIE #8757 R&S
> 01415663448
> 07818002241
>
> > -----Original Message-----
> > From: Dalu-Chandu, Jay [mailto:JD163604@NCR.COM]
> > Sent: 11 November 2004 09:57
> > To: Mike Bernico
> > Cc: comserv@groupstudy.com; ccielab@groupstudy.com; Mark Lewis
> > Subject: RE: MPLS/VPN/ISIS
> >
> >
> > Mike,
> >
> > Thanks for your advice. I have done all the basic checks and
> > confirmed my configuration. I have also tested this
> scenario using 3
> > different routers successfully.
> >
> > I have tried clearing the cef table and reloading R5 but the same
> > problem persists. I have noticed that labels are being
> propagated and
> > received for R1's loopback address but not installed in the
> Lfib. See
> > commands below;
> >
> > R5#show mpls ldp bindings 192.168.1.1 32
> > tib entry: 192.168.1.1/32, rev 65
> > local binding: tag: 508
> > remote binding: tsr: 192.168.3.3:0, tag: 307 R5#show mpls
> > forwarding-table 192.168.1.1
> > Local Outgoing Prefix Bytes tag Outgoing Next Hop
> > tag tag or VC or Tunnel Id switched interface
> > 508 Untagged 192.168.1.1/32 0 Se4/3
> point2point
> > R5#show ip cef 192.168.1.1
> > 192.168.1.1/32, version 47, epoch 0, cached adjacency to
> > Serial4/3 0 packets, 0 bytes
> > tag information set, shared
> > local tag: 508
> > via 172.16.35.6, Serial4/3, 1 dependency
> > next hop 172.16.35.6, Serial4/3
> > valid cached adjacency
> > tag rewrite with Se4/3, point2point, tags imposed: {}
> >
> > The mpls ping command is available and works both ways. R5#ping tag
> > 192.168.1.1
> >
> > Type escape sequence to abort.
> > Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2
> > seconds: !!!!! Success rate is 100 percent (5/5), round-trip
> > min/avg/max = 16/16/20 ms R5#
> >
> > R1#ping tag 192.168.5.5
> >
> > Type escape sequence to abort.
> > Sending 5, 100-byte ICMP Echos to 192.168.5.5, timeout is 2
> > seconds: !!!!! Success rate is 100 percent (5/5), round-trip
> > min/avg/max = 16/16/20 ms R1#
> >
> > Any further thoughts?
> >
> > Regards
> >
> > Jay
> >
> > -----Original Message-----
> > From: Mike Bernico [mailto:mbernico@illinois.net]
> > Sent: 10 November 2004 19:45
> > To: Dalu-Chandu, Jay; comserv@groupstudy.com; ccielab@groupstudy.com
> > Subject: RE: MPLS/VPN/ISIS
> >
> > Hard to say without your configs. Here are some things to try that
> > might help...
> >
> > Since you're only getting one label in your cef show
> command, you must
> > be missing one.
> >
> > Does your version of IOS support mpls ping? That definitely helps.
> > If it does, do an extended mpls ping from loopback to loopback and
> > verify you've got yourself an LSP that works.
> >
> > It sounds like you've already done the most important part,
> by making
> > sure that the exact route exists end-to-end for your loopbacks.
> >
> > Also you should probably verify the obvious stuff if you
> haven't. LDP
> > neighbors, cef on all routers, stuff like that.
> >
> > Also maybe use "show mpls forwarding-table" to check the lsp by hand
> > if you can't mpls ping.
> >
> > Ok, so then if all that works, maybe it is the label BGP sends?
> > Possibly check to make sure that neighbor x.x.x.x send-community
> > extended is turned on.
> >
> > Anyway, that's what I'd try first. Let me know what it is when you
> > find it!
> >
> > Good Luck,
> > Mike
> >
> >
> >
> >
> > -----Original Message-----
> > From: Dalu-Chandu, Jay [mailto:JD163604@NCR.COM]
> > Sent: Wednesday, November 10, 2004 11:50 AM
> > To: comserv@groupstudy.com; ccielab@groupstudy.com
> > Subject: MPLS/VPN/ISIS
> >
> > Guys,
> >
> > I have a question regarding a sample lab configuration I'm currently
> > working on. The IGP used is ISIS with two areas
> > 49.0001 and 49.0005. Within area 1 I have an L1 only
> router attached
> > to a L1L2 router, which is in turn attached to a L2 router
> in area 5.
> >
> > R1(L1)--------R3(L1/L2)----------R5(L2)
> >
> > R1 and R5 are PE routers, R3 is a P router. A BGP relationship for
> > vpnv4 has been established to the loopbacks of the PE
> devices. I can
> > see the vrf routes associated on each PE device. When I
> try to ping
> > an IP address within the vrf from R1 to R5 I see cef drops
> (debug ip
> > cef drops). I notice that no label exists for the
> next-hop-address of
> > R5 because I am only receiving the default from R3. To
> correct this I
> > route-leaked L2 into L1 for R5's loopback.
> >
> > Now I have a label and no more cef packet drops on R1. But I still
> > cannot ping. R5 complains that it does not have a parent
> tag when I
> > try pinging from there (debug ip cef drops). I also notice
> that only
> > a single label is imposed when looking at show ip cef vrf
> xxx A.B.C.D?
> > Can anyone help, am I missing something obvious?
> >
> > Regards
> >
> > Jay Dalu-Chandu
> >
> > --
> > Network Consultant (BEng, CCNP)
> > NCR UK Limited
> > Mobile: 07803231944
> > Email: jay.dalu-chandu@ncr.com
> >
> >
> _____________________________________________________________________
> > Subscription information:
> http://www.groupstudy.com/list/comserv.html
> >
> >
> ______________________________________________________________
> > _________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Thu Dec 02 2004 - 06:57:41 GMT-3