MPLS VPN Encapsulation problem

I'm hoping that I missed something very simple here, or maybe not since I
have spent an inordinate amount of time trying to figure out what I did
wrong.

I am just getting started with MPLS VPNs and setup a simple network with R1
(CE) <> R2 (PE) <> R3(PE) <> R4 (CE), so no P routers in the mix at all (I
tried it with a P router between the PEs but it didn't work so this is my
stripped down version to help me narrow the problem down).

I am running iBGP between R2 and R3 and am redistributing static routes for
each CE routers loopbacks on the PE routers as well as redistributing
connected into the ipv4 vrf address-family in BGP. Each PE has only a
single VRF tied to its CE facing interface.

My problem is that I cannot ping from CE to CE or from VRF interface to VRF
interface between the PE routers. All routes show up across BGP and
populate into the VRF routing tables fine, but when I try to ping from the
VRF interface on R2 to the VRF interface on R3, I get an MPLS encapsulation
failed error. I have checked the CEF table, the label bindings and label
forwarding tables and everything looks good.

Here is what I get when I do a PING VRF CA 10.1.34.3 so 10.1.12.2. This is
R2's CE facing VRF CA interface to R3's CE facing VRF CB interface.

*Mar 1 01:30:01.675: IP: s=10.1.12.2 (local), d=10.1.34.3
(FastEthernet0/1), len 100, MPLS encapsulation failed
*Mar 1 01:30:01.679: ICMP type=8, code=0

I am assuming that I am missing something small, but I can't seem to figure
out what it is.

Here are my configs on R2 and R3:

R2:

ip vrf CA
 rd 1:1
 route-target export 1:100
 route-target import 1:100
!
interface Loopback0
 ip address 2.2.2.2 255.0.0.0
!
interface FastEthernet0/0
 ip vrf forwarding CA
 ip address 10.1.12.2 255.255.255.0
 mpls ip
!
interface FastEthernet0/1
 ip address 10.1.23.2 255.255.255.0
 mpls ip
!
router bgp 100
 no bgp default ipv4-unicast
 bgp log-neighbor-changes
 neighbor 3.3.3.3 remote-as 100
 neighbor 3.3.3.3 update-source Loopback0
 !
 address-family ipv4
  neighbor 3.3.3.3 activate
  neighbor 3.3.3.3 next-hop-self
  no auto-summary
  no synchronization
 exit-address-family
 !
 address-family vpnv4
  neighbor 3.3.3.3 activate
  neighbor 3.3.3.3 send-community both
 exit-address-family
 !
 address-family ipv4 vrf CA
  redistribute connected
  redistribute static
  no synchronization
 exit-address-family
!
ip forward-protocol nd
ip route 3.3.3.3 255.255.255.255 10.1.23.3
ip route vrf CA 1.1.1.1 255.255.255.255 10.1.12.1

R3:

ip vrf CB
 rd 2:2
 route-target export 1:100
 route-target import 1:100
!
interface Loopback0
 ip address 3.3.3.3 255.0.0.0
!
interface FastEthernet0/0
 ip vrf forwarding CB
 ip address 10.1.34.3 255.255.255.0
 mpls ip
!
interface FastEthernet0/1
 ip address 10.1.23.3 255.255.255.0
 mpls ip
!
router bgp 100
 no bgp default ipv4-unicast
 bgp log-neighbor-changes
 neighbor 2.2.2.2 remote-as 100
 neighbor 2.2.2.2 update-source Loopback0
 !
 address-family ipv4
  neighbor 2.2.2.2 activate
  no auto-summary
  no synchronization
 exit-address-family
 !
 address-family vpnv4
  neighbor 2.2.2.2 activate
  neighbor 2.2.2.2 send-community both
 exit-address-family
 !
 address-family ipv4 vrf CB
  redistribute connected
  redistribute static
  no synchronization
 exit-address-family
!
ip forward-protocol nd
ip route 2.2.2.2 255.255.255.255 10.1.23.2
ip route vrf CB 4.4.4.4 255.255.255.255 10.1.34.4
!

Blogs and organic groups at http://www.ccie.net
Received on Sun Nov 22 2009 - 19:05:03 ART