Re: pinging across an MPLS cloud (PE-PE) not working

To clarify, with OSPF non-broadcast in a hub and spoke setup, R2 will see the next hop to 4.4.4.4 through R4 and not R3. However, LDP will see the next hop through R3. Since the next hops are not consistant you will run into an issue because R2 will not have a label to the next hop.

With OSPF p2m R2 will see the next hop to 4.4.4.4 through R3 and the problem goes away.

As you said, you will see routes fine, but the underlying LSP will be broken.

HTH!

Sent from my Verizon Wireless BlackBerry

Regards,

Joe Astorino
CCIE #24347

"He not busy being born is busy dying" - Dylan

-----Original Message-----
From: Jules Eyabane <jep7619_at_gmail.com>
Sender: nobody_at_groupstudy.com
Date: Fri, 17 Jun 2011 23:09:25
To: Steve Di Bias<sdibias_at_gmail.com>
Reply-To: Jules Eyabane <jep7619_at_gmail.com>
Cc: ccielab_at_groupstudy.com<ccielab_at_groupstudy.com>
Subject: Re: pinging across an MPLS cloud (PE-PE) not working

all i see is one-way traffic from R2 to R4's target. same debug (with icmp
filter) shows nothing on R4:

R2's output below
R2-PE(config)#access-list 101 permit icmp any any
R2-PE(config)#end
R2-PE#un all
All possible debugging has been turned off
R2-PE#de
*Mar 1 06:39:43.982: %SYS-5-CONFIG_I: Configured from console by console
R2-PE#debug ip pac
R2-PE#debug ip packet det
R2-PE#debug ip packet detail 101
IP packet debugging is on (detailed) for access list 101
R2-PE#ping vrf HOME 10.1.45.4 source loo11

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.45.4, timeout is 2 seconds:
Packet sent with a source address of 22.2.2.2

*Mar 1 06:39:54.422: IP: tableid=1, s=22.2.2.2 (local), d=10.1.45.4
(Serial0/0), routed via FIB
*Mar 1 06:39:54.426: IP: s=22.2.2.2 (local), d=10.1.45.4 (Serial0/0), len
100, sending
*Mar 1 06:39:54.430: ICMP type=8, code=0.
*Mar 1 06:39:56.422: IP: tableid=1, s=22.2.2.2 (local), d=10.1.45.4
(Serial0/0), routed via FIB
*Mar 1 06:39:56.426: IP: s=22.2.2.2 (local), d=10.1.45.4 (Serial0/0), len
100, sending
*Mar 1 06:39:56.430: ICMP type=8, code=0.
*Mar 1 06:39:58.422: IP: tableid=1, s=22.2.2.2 (local), d=10.1.45.4
(Serial0/0), routed via FIB
*Mar 1 06:39:58.426: IP: s=22.2.2.2 (local), d=10.1.45.4 (Serial0/0), len
100, sending
*Mar 1 06:39:58.430: ICMP type=8, code=0.
*Mar 1 06:40:00.422: IP: tableid=1, s=22.2.2.2 (local), d=10.1.45.4
(Serial0/0), routed via FIB
*Mar 1 06:40:00.426: IP: s=22.2.2.2 (local), d=10.1.45.4 (Serial0/0), len
100, sending
*Mar 1 06:40:00.430: ICMP type=8, code=0.
*Mar 1 06:40:02.422: IP: tableid=1, s=22.2.2.2 (local), d=10.1.45.4
(Serial0/0), routed via FIB
*Mar 1 06:40:02.426: IP: s=22.2.2.2 (local), d=10.1.45.4 (Serial0/0), len
100, sending
*Mar 1 06:40:02.430: ICMP type=8, code=0.
Success rate is 0 percent (0/5)
R2-PE#

On Fri, Jun 17, 2011 at 10:54 PM, Steve Di Bias <sdibias_at_gmail.com> wrote:

> What do you see when running a ping while running a debug ip packet detail?
> On Jun 17, 2011 7:43 PM, "Jules Eyabane" <jep7619_at_gmail.com> wrote:
> > i have the following setup:
> >
> > R1----R2---R3---R4---R5
> >
> > R1 and R5 are CE routers
> > R2 and R4 are PE routers
> > R3 is a P router
> >
> > i have OSPF running as the underlining IGP between R2, R3 and R4, then i
> > have MP-BGP running between the 2 PEs (R2 and R4)
> > CE R1 uses EIGRP as the routing protocol of choice with PE R2, and CE R5
> > uses RIP to talk to PE R4.
> > LDP configured across R2, R3 and R4.
> > Single VRF called HOME on both PEs.
> > Routes are propagating across the PEs fine, but when from R1 between R5
> > (sourcing from known ip to the remote end), it fails. So i moved closer
> and
> > attempted ping between R2 and R4. fails too.
> > On R2, R4's loopback (4.4.4.4) is listed as the next hop to all routes
> > beyond it. But recursive lookup on 4.4.4.4 from R2's VRF CEF and LFIB
> tables
> > fail
> >
> > Any suggestions would be appreciated!!!
> >
> > Some outputs below:
> >
> > R2-PE#sho ip bgp vpnv4 all
> > BGP table version is 67, local router ID is 2.2.2.2
> > Status codes: s suppressed, d damped, h history, * valid, > best, i -
> > internal,
> > r RIB-failure, S Stale
> > Origin codes: i - IGP, e - EGP, ? - incomplete
> >
> > Network Next Hop Metric LocPrf Weight Path
> > Route Distinguisher: 12:0 (default for vrf HOME)
> > *> 1.0.0.0 10.1.12.1 409600 32768 ?
> > *>i5.0.0.0 4.4.4.4 5 100 0 ?
> > *> 10.1.12.0/24 0.0.0.0 0 32768 ?
> > *>i10.1.45.0/24 4.4.4.4 0 100 0 ?
> > *> 11.0.0.0 10.1.12.1 409600 32768 ?
> > *> 22.0.0.0 0.0.0.0 0 32768 ?
> > *>i44.0.0.0 4.4.4.4 0 100 0 ?
> > *>i55.0.0.0 4.4.4.4 5 100 0 ?
> > R2-PE#sho mpls ld
> > R2-PE#sho mpls ldp bin
> > R2-PE#sho mpls ldp bindings
> > tib entry: 2.0.0.0/8, rev 6
> > local binding: tag: imp-null
> > tib entry: 2.2.2.2/32, rev 17
> > remote binding: tsr: 3.3.3.3:0, tag: 301
> > tib entry: 3.0.0.0/8, rev 15
> > remote binding: tsr: 3.3.3.3:0, tag: imp-null
> > tib entry: 3.3.3.3/32, rev 12
> > local binding: tag: 201
> > tib entry: 4.4.4.4/32, rev 10
> > local binding: tag: 200
> > remote binding: tsr: 3.3.3.3:0, tag: 300
> > tib entry: 10.1.23.0/24, rev 4
> > local binding: tag: imp-null
> > remote binding: tsr: 3.3.3.3:0, tag: imp-null
> > tib entry: 10.1.34.0/24, rev 14
> > local binding: tag: 202
> > remote binding: tsr: 3.3.3.3:0, tag: imp-null
> > tib entry: 33.0.0.0/8, rev 16
> > remote binding: tsr: 3.3.3.3:0, tag: imp-null
> > R2-PE#sho mpls
> > R2-PE#sho mpls for
> > R2-PE#sho mpls forwarding-table
> > Local Outgoing Prefix Bytes tag Outgoing Next Hop
> > tag tag or VC or Tunnel Id switched interface
> > 200 300 4.4.4.4/32 0 Se0/0 point2point
> > 201 Untagged 3.3.3.3/32 0 Se0/0 point2point
> > 202 Pop tag 10.1.34.0/24 0 Se0/0 point2point
> > 204 Aggregate 22.0.0.0/8[V] <http://22.0.0.0/8%5BV%5D> 0
> > 205 Aggregate 10.1.12.0/24[V] <http://10.1.12.0/24%5BV%5D> 0
> > 207 Untagged 1.0.0.0/8[V] <http://1.0.0.0/8%5BV%5D> 0 Fa0/0 10.1.12.1
> > 208 Untagged 11.0.0.0/8[V] <http://11.0.0.0/8%5BV%5D> 0 Fa0/0 10.1.12.1
> > R2-PE#sho ip route vr
> > R2-PE#sho ip route vrf HOME
> >
> > Routing Table: HOME
> > Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
> > D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
> > N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
> > E1 - OSPF external type 1, E2 - OSPF external type 2
> > i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
> > ia - IS-IS inter area, * - candidate default, U - per-user static
> > route
> > o - ODR, P - periodic downloaded static route
> >
> > Gateway of last resort is not set
> >
> > D 1.0.0.0/8 [90/409600] via 10.1.12.1, 01:39:24, FastEthernet0/0
> > B 55.0.0.0/8 [200/5] via 4.4.4.4, 00:34:25
> > B 5.0.0.0/8 [200/5] via 4.4.4.4, 00:34:25
> > C 22.0.0.0/8 is directly connected, Loopback11
> > 10.0.0.0/24 is subnetted, 2 subnets
> > C 10.1.12.0 is directly connected, FastEthernet0/0
> > B 10.1.45.0 [200/0] via 4.4.4.4, 00:34:25
> > D 11.0.0.0/8 [90/409600] via 10.1.12.1, 01:39:25, FastEthernet0/0
> > B 44.0.0.0/8 [200/0] via 4.4.4.4, 00:34:25
> > R2-PE#sho ip int brief
> > Interface IP-Address OK? Method Status
> > Protocol
> > FastEthernet0/0 10.1.12.2 YES manual up
> > up
> > Serial0/0 10.1.23.2 YES NVRAM up
> > up
> > FastEthernet0/1 unassigned YES NVRAM administratively down
> > down
> > Serial0/1 unassigned YES NVRAM administratively down
> > down
> > Loopback0 2.2.2.2 YES NVRAM up
> > up
> > Loopback11 22.2.2.2 YES manual up
> > up
> > R2-PE#ping vr
> > R2-PE#ping vrf HOME 10.1.45.4 sou
> > R2-PE#ping vrf HOME 10.1.45.4 source loo11
> >
> > Type escape sequence to abort.
> > Sending 5, 100-byte ICMP Echos to 10.1.45.4, timeout is 2 seconds:
> > Packet sent with a source address of 22.2.2.2
> > .....
> > Success rate is 0 percent (0/5)
> >
> > ======================
> > R2's config below
> >
> > hostname R2-PE
> > !
> > boot-start-marker
> > boot-end-marker
> > !
> > !
> > no aaa new-model
> > memory-size iomem 5
> > ip cef
> > !
> > ip vrf HOME
> > rd 12:0
> > route-target export 24:24
> > route-target import 42:42
> > !
> > no ip domain lookup
> > !
> > mpls label range 200 299
> > mpls label protocol ldp
> > multilink bundle-name authenticated
> > !
> > !!
> > !
> > archive
> > log config
> > hidekeys
> > !
> > !
> > interface Loopback0
> > ip address 2.2.2.2 255.0.0.0
> > !
> > interface Loopback11
> > ip vrf forwarding HOME
> > ip address 22.2.2.2 255.0.0.0
> > !
> > interface FastEthernet0/0
> > ip vrf forwarding HOME
> > ip address 10.1.12.2 255.255.255.0
> > duplex auto
> > speed auto
> > !
> > interface Serial0/0
> > ip address 10.1.23.2 255.255.255.0
> > mpls ip
> > clock rate 2000000
> > !
> > interface FastEthernet0/1
> > no ip address
> > shutdown
> > duplex auto
> > speed auto
> > !
> > interface Serial0/1
> > no ip address
> > shutdown
> > clock rate 2000000
> > !
> > router eigrp 22
> > no auto-summary
> > !
> > address-family ipv4 vrf HOME
> > redistribute bgp 6500 metric 1 1 1 1 1
> > network 10.1.12.0 0.0.0.255
> > network 22.2.2.0 0.0.0.255
> > no auto-summary
> > autonomous-system 12
> > eigrp router-id 2.2.2.2
> > exit-address-family
> > eigrp router-id 2.2.2.2
> > !
> > router ospf 1
> > router-id 2.2.2.2
> > log-adjacency-changes
> > network 2.2.2.2 0.0.0.0 area 0
> > network 10.1.23.0 0.0.0.255 area 0
> > !
> > router bgp 6500
> > no bgp default ipv4-unicast
> > bgp log-neighbor-changes
> > neighbor 4.4.4.4 remote-as 6500
> > neighbor 4.4.4.4 update-source Loopback0
> > !
> > address-family vpnv4
> > neighbor 4.4.4.4 activate
> > neighbor 4.4.4.4 send-community both
> > exit-address-family
> > !
> > address-family ipv4 vrf HOME
> > redistribute eigrp 12
> > no synchronization
> > exit-address-family
> > !
> > ip forward-protocol nd
> > !
> > !
> > ip http server
> > no ip http secure-server
> > !
> > access-list 1 permit 4.4.4.4
> > !
> > !!
> > mpls ldp router-id Loopback0
> > !
> >
> >
> >
> > =======================
> > R4's config below
> > hostname R4-PE
> > !
> > boot-start-marker
> > boot-end-marker
> > !
> > !
> > no aaa new-model
> > memory-size iomem 5
> > ip cef
> > !
> > ip vrf HOME
> > rd 12:0
> > route-target export 42:42
> > route-target import 24:24
> > !
> > no ip domain lookup
> > !
> > mpls label range 400 499
> > mpls label protocol ldp
> > multilink bundle-name authenticated
> > !
> >
> > archive
> > log config
> > hidekeys
> > !
> >
> > interface Loopback0
> > ip address 4.4.4.4 255.0.0.0
> > !
> > interface Loopback11
> > ip vrf forwarding HOME
> > ip address 44.4.4.4 255.0.0.0
> > !
> > interface FastEthernet0/0
> > ip vrf forwarding HOME
> > ip address 10.1.45.4 255.255.255.0
> > duplex auto
> > speed auto
> > !
> > interface Serial0/0
> > no ip address
> > shutdown
> > clock rate 2000000
> > !
> > interface FastEthernet0/1
> > no ip address
> > shutdown
> > duplex auto
> > speed auto
> > !
> > interface Serial0/1
> > ip address 10.1.34.4 255.255.255.0
> > mpls ip
> > clock rate 2000000
> > !
> > router ospf 1
> > router-id 4.4.4.4
> > log-adjacency-changes
> > network 4.4.4.4 0.0.0.0 area 0
> > network 10.1.34.0 0.0.0.255 area 0
> > !
> > router ospf 4
> > router-id 10.1.45.4
> > log-adjacency-changes
> > network 10.1.45.0 0.0.0.255 area 45
> > !
> > router rip
> > version 2
> > passive-interface default
> > no passive-interface FastEthernet0/0
> > no passive-interface Loopback0
> > no auto-summary
> > !
> > address-family ipv4 vrf HOME
> > redistribute bgp 6500 metric 5
> > network 4.0.0.0
> > network 10.0.0.0
> > network 44.0.0.0
> > no auto-summary
> > version 2
> > exit-address-family
> > !
> > router bgp 6500
> > no bgp default ipv4-unicast
> > bgp log-neighbor-changes
> > neighbor 2.2.2.2 remote-as 6500
> > neighbor 2.2.2.2 update-source Loopback0
> > !
> > address-family vpnv4
> > neighbor 2.2.2.2 activate
> > neighbor 2.2.2.2 send-community both
> > exit-address-family
> > !
> > address-family ipv4 vrf HOME
> > redistribute rip metric 5
> > no synchronization
> > exit-address-family
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Sat Jun 18 2011 - 04:06:19 ART