MPLS VPN problem

From: Bryan Stair <uptown.ccie_at_gmail.com>
Date: Sun, 11 Dec 2011 15:00:19 -0500

Gents,

Need a little help on this not sure what's wrong. I setup MPLS VPN between
2 routers say R4/R5. I believe I have everything setup correctly, however I
cannot ping the vrf forwarding interfaces between the VPN. The routes are
in the vrf routing table, but if I show cef entries for the vrf it states
it unusable. Configs are included can a new set of eyes tell me whats wrong.

R4

ip vrf VPN_AB
 rd 100:47
 route-target export 100:47
 route-target import 100:74
!
interface Loopback0
 ip address 150.1.4.4 255.255.255.255
!
interface Ethernet0/1
 ip vrf forwarding VPN_AB
 ip address 136.1.44.4 255.255.255.0
!
interface Serial2/0
 ip address 136.1.245.4 255.255.255.0
 ip pim sparse-dense-mode
 encapsulation frame-relay
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 CISCO
 ip ospf network point-to-multipoint
 mpls ldp discovery transport-address interface
 mpls label protocol tdp
 mpls ip
 serial restart-delay 0
 frame-relay map ip 136.1.245.5 405 broadcast
 no frame-relay inverse-arp
 frame-relay lmi-type ansi
!
interface Serial2/1
 ip address 136.1.45.4 255.255.255.0
 encapsulation ppp
 ip ospf cost 65534
 mpls ldp discovery transport-address interface
 mpls label protocol tdp
 mpls ip
 serial restart-delay 0
 ppp authentication pap
 ppp pap sent-username R4 password 0 CISCO
!
router bgp 200
 no synchronization
 bgp router-id 150.1.4.4
 bgp log-neighbor-changes
 neighbor 150.1.5.5 remote-as 200
 neighbor 150.1.5.5 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
  neighbor 150.1.5.5 activate
  neighbor 150.1.5.5 send-community both
 exit-address-family
 !
 address-family ipv4 vrf VPN_AB
  redistribute connected
  no synchronization
 exit-address-family

R4#sh ip route vrf VPN_AB
Routing Table: VPN_AB
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static
route
       o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
     136.1.0.0/24 is subnetted, 2 subnets
C 136.1.44.0 is directly connected, Ethernet0/1
B 136.1.57.0 [200/0] via 150.1.5.5, 00:27:10

R4#sh ip cef vrf VPN_AB 150.1.5.5
0.0.0.0/0
  no route
R4#sh ip cef vrf VPN_AB 136.1.57.5
136.1.57.0/24
  nexthop 136.1.245.5 Serial2/0 unusable: no label
R4#ping vrf VPN_AB 136.1.57.5 source e0/1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 136.1.57.5, timeout is 2 seconds:
Packet sent with a source address of 136.1.44.4
.....
Success rate is 0 percent (0/5)

############################################################################

R5
!
ip vrf VPN_AB
 rd 100:47
 route-target export 100:74
 route-target import 100:47
!
interface Loopback0
 ip address 150.1.5.5 255.255.255.255
!
interface Ethernet0/1
 ip vrf forwarding VPN_AB
 ip address 136.1.57.5 255.255.255.0
!
interface Serial2/0.245 multipoint
 ip address 136.1.245.5 255.255.255.0
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 CISCO
 ip ospf network point-to-multipoint
 snmp trap link-status
 mpls ldp discovery transport-address interface
 mpls label protocol tdp
 mpls ip
 frame-relay map ip 136.1.245.2 502 broadcast
 frame-relay map ip 136.1.245.4 504 broadcast
!
interface Serial2/1
 ip address 136.1.45.5 255.255.255.0
 encapsulation ppp
 ip ospf cost 65534
 mpls ldp discovery transport-address interface
 mpls label protocol tdp
 mpls ip
 serial restart-delay 0
 ppp authentication pap
 ppp pap sent-username R5 password 0 CISCO
!
router bgp 200
 no synchronization
 bgp router-id 150.1.5.5
 bgp log-neighbor-changes
 neighbor 136.1.15.1 remote-as 100
 neighbor 136.1.245.2 remote-as 300
 neighbor 136.1.245.2 weight 100
 neighbor 150.1.4.4 remote-as 200
 neighbor 150.1.4.4 update-source Loopback0
 neighbor 192.10.1.254 remote-as 254
 neighbor 192.10.1.254 password CISCO
 no auto-summary
 !
 address-family vpnv4
  neighbor 150.1.4.4 activate
  neighbor 150.1.4.4 send-community both
 exit-address-family
 !
 address-family ipv4 vrf VPN_AB
  redistribute connected
  no synchronization
 exit-address-family

R5#SH IP ROUTE VRF VPN_AB
Routing Table: VPN_AB
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static
route
       o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
     136.1.0.0/24 is subnetted, 2 subnets
B 136.1.44.0 [200/0] via 150.1.4.4, 00:27:59
C 136.1.57.0 is directly connected, Ethernet0/1

R5#SH ip cef vrf VPN_AB 150.1.4.4
0.0.0.0/0
  no route
R5#
R5#
R5#SH ip cef vrf VPN_AB 136.1.44.4
136.1.44.0/24
  nexthop 136.1.245.4 Serial2/0.245 unusable: no label

R5#ping vrf VPN_AB 136.1.44.4 SOurce e0/1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 136.1.44.4, timeout is 2 seconds:
Packet sent with a source address of 136.1.57.5
.....
Success rate is 0 percent (0/5)

Thanks

Bryan

Blogs and organic groups at http://www.ccie.net
Received on Sun Dec 11 2011 - 15:00:19 ART

This archive was generated by hypermail 2.2.0 : Sun Jan 01 2012 - 08:27:00 ART