Re: [nsp] 7500 tag switching bugs

From: jlewis@lewis.org
Date: Fri Aug 10 2001 - 11:40:33 EDT

Next message: Kevin Gannon: "[nsp] VPNSC ?"
Previous message: Bill Warner: "Re: [nsp] Troubleshooting an E1"
In reply to: Zaheer Aziz: "Re: [nsp] 7500 tag switching bugs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

On Wed, 8 Aug 2001, Zaheer Aziz wrote:

> >We just noticed that if we traceroute from the internet to certain (not
> >all) non-VPN DSL customers terminated on a 3640 that happens to be one of
> >the PE's on the right, the last hop the traceroute sees is the 7500.
> >Packet debugging shows the P and PE routers are seeing and at least
> >claiming to respond with ttl exceeded, but the packets don't make it back
> >through the 7500.
>
> Was the debugging through a sniffer or debug outputs?

debug ip icmp on the routers and an access-list:

Extended IP access list debug_icmp
permit icmp any z.y.x.0 0.0.0.255 time-exceeded log-input (72 matches)
permit ip any any (21901116 matches)

where z.y.x.0 is the remote network I was doing the traceroutes from, and
the access-list was applied to the egress interface on each router other
than the 7500.

> If you have the luxury the enable tag-switching back I like to get the
> following output from
>
> 7500,P,3600
>
> sh ip cef non-vpn customer route
> sh ip cef internet source
>
> if 7500 is running distributed cef then
> above sh ip cef output from the line card facing P router and facing internet
> (if-con to the interface).

(7500)
7500#sh ip cef 209.208.24.212
209.208.24.212/32, version 4306327, cached adjacency to Serial1/1/1
0 packets, 0 bytes
  tag information set
    local tag: 203
    fast tag rewrite with Se1/1/1, point2point, tags imposed: {204}
  via 209.208.2.38, Serial1/1/1, 0 dependencies
    next hop 209.208.2.38, Serial1/1/1
    valid cached adjacency
    tag rewrite with Se1/1/1, point2point, tags imposed: {204}

VIP-Slot1>sh ip cef 209.208.24.212
209.208.24.212/32, version 760883, cached adjacency to Serial1/1
0 packets, 0 bytes
  tag information set
    local tag: 203
    fast tag rewrite with Se1/1, point2point, tags imposed: {204}
  via 209.208.2.38, Serial1/1/1, 0 dependencies
    next hop 209.208.2.38, Serial1/1/1
    valid cached adjacency
    tag rewrite with Se1/1, point2point, tags imposed: {204}

7500#sh ip cef 208.152.224.2
208.152.224.0/24, version 3844861, cached adjacency to Serial2/0/0
0 packets, 0 bytes
  tag information from 144.232.154.20/30, shared
    local tag: implicit-null
  via 144.232.154.21, 0 dependencies, recursive
    next hop 144.232.154.21, Serial2/0/0 via 144.232.154.20/30
    valid cached adjacency

VIP-Slot2>sh ip cef 208.152.224.2
208.152.224.0/24, version 299417, cached adjacency to Serial0/0
0 packets, 0 bytes
  via 144.232.154.21, 0 dependencies, recursive
    next hop 144.232.154.21, Serial2/0/0 via 144.232.154.20/30
    valid cached adjacency

(P)
gsvlflma-br-1-7200#sh ip cef 209.208.24.212
209.208.24.212/32, version 3750633, cached adjacency to Serial1/0
0 packets, 0 bytes
  tag information set
    local tag: 204
    fast tag rewrite with Se1/0, point2point, tags imposed: {484}
  via 209.208.6.126, Serial1/0, 0 dependencies
    next hop 209.208.6.126, Serial1/0
    valid cached adjacency
    tag rewrite with Se1/0, point2point, tags imposed: {484}
gsvlflma-br-1-7200#sh ip cef 208.152.224.2
0.0.0.0/0, version 3730210, cached adjacency to Serial1/1
0 packets, 0 bytes
  tag information set
    local tag: 540
  via 209.208.2.37, Serial1/1, 0 dependencies
    next hop 209.208.2.37, Serial1/1
    valid cached adjacency
    tag rewrite with Se1/1, point2point, tags imposed: {}

(PE)
gsvlfl-office-co#sh ip cef 209.208.24.212
209.208.24.212/32, version 2927, attached, connected, cached adjacency to
Virtual-Access50
0 packets, 0 bytes
  tag information set
    local tag: 484
  via Virtual-Access50, 0 dependencies
    valid cached adjacency
    tag rewrite with Vi50, point2point, tags imposed: {}
gsvlfl-office-co#sh ip cef 208.152.224.2
0.0.0.0/0, version 148, cached adjacency to Hssi1/0
0 packets, 0 bytes
  tag information set
    local tag: 97
    fast tag rewrite with Hs1/0, point2point, tags imposed: {540}
  via 209.208.6.125, Hssi1/0, 0 dependencies
    next hop 209.208.6.125, Hssi1/0
    valid cached adjacency
    tag rewrite with Hs1/0, point2point, tags imposed: {540}

> In addition if you could provide the debugging information from P and PE
> that you mention, would be nice.

I can't mess around with this particular PE right now...it's become wildly
unstable and crashes every few hours...more frequently if we mess around
with it. I think it's 3640 MPLS bugs...TAC thinks our chassis has gone
bad. It's case B711175. From P:

(with deb ip icmp)
*Aug 10 08:21:01: ICMP: time exceeded (time to live) sent to 208.152.224.2
(dest was 209.208.24.212)
*Aug 10 08:21:06: ICMP: time exceeded (time to live) sent to 208.152.224.2
(dest was 209.208.24.212)
*Aug 10 08:21:11: ICMP: time exceeded (time to live) sent to 208.152.224.2
(dest was 209.208.24.212)

-- 
----------------------------------------------------------------------
 Jon Lewis *jlewis@lewis.org*|  I route
 System Administrator        |  therefore you are
 Atlantic Net                |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________

Next message: Kevin Gannon: "[nsp] VPNSC ?"
Previous message: Bill Warner: "Re: [nsp] Troubleshooting an E1"
In reply to: Zaheer Aziz: "Re: [nsp] 7500 tag switching bugs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:49 EDT