[c-nsp] VRF Route-leaking question

Peter Rathlev peter at rathlev.dk
Sun Jan 13 14:01:10 EST 2008


On Sun, 2008-01-13 at 20:13 +0200, Mihai Tanasescu wrote:
> Sorry for that..I wanted to avoid giving private information from my config.

That's understandable. But it's better to copy+paste and then
remove/replace the private things. :-)

> My scenario only uses local VRFs (VRF-lite) so I thought there was no
> need to import from myself.

If you're only using the local VRF, you basically just need the "rd"
statement, yes. But doing leaking, and leaking being a BGP thing, I
think it's best to import/export from yourself also, just to stick with
the common template. I did a small test though, and for local leaking
you should have no problems, neither with nor without import from
yourself.

> The idea was to have:
<snip>
> The config + info you required:
<snip>
> #ping vrf vrf_test 86.104.125.9
> 
> Type escape sequence to abort.
> Sending 5, 100-byte ICMP Echos to 86.104.125.9, timeout is 2 seconds:
> ..
> Success rate is 0 percent (0/2)
> 
> and the loop appears in the logs.
> 
> The CEF part:
> 
> 86.104.125.9, 2 etc are from vrf_metro
> 
> 
> #show mls cef vrf vrf_test 86.104.125.2
> 
> Codes: decap - Decapsulation, + - Push Label
> Index  Prefix              Adjacency
> 1006   86.104.125.2/32     Gi1/34          , 000e.0cba.8cba
> 
> #show mls cef vrf vrf_metro 86.104.125.2
> 
> Codes: decap - Decapsulation, + - Push Label
> Index  Prefix              Adjacency
> 434    86.104.125.2/32     Gi1/34          , 000e.0cba.8cba
> 
> and for the IP on the interface: 86.104.125.9
> 
> #show mls cef vrf vrf_test 86.104.125.9
> 
> Codes: decap - Decapsulation, + - Push Label
> Index  Prefix              Adjacency
> 444    86.104.125.9/32     receive
> 
> #show mls cef vrf vrf_metro 86.104.125.9
> 
> Codes: decap - Decapsulation, + - Push Label
> Index  Prefix              Adjacency
> 432    86.104.125.9/32     receive
> 

Everything looks fine as far as I can tell. It could be a
software-problem. According to the Error Message Decoder, the variant
that mentions IP addresses is a software error:

""
1. %IP-3-LOOPPAK: Looping packet detected and dropped -\n
src=[IP_address], dst=[IP_address], hl=[int], tl=[int], prot=[int],
sport=[int], dport=[int]\n in=[chars], nexthop=[IP_address],
out=[chars]\n options=[chars]

A software error occurred.

Recommended Action:Copy the error message exactly as it appears on the
console or in the system log, contact your Cisco technical support
representative, and provide the representative with the gathered
information.
""

http://www.cisco.com/cgi-bin/Support/Errordecoder/index.cgi?action=search&counter=0&paging=5&query=IP-3-LOOPPAK
http://tinyurl.com/3cecvr

(CCO login required)

So you could try an IOS upgrade and/or open a case with TAC. Or you
could try removing and reentering the configuration from scratch. That
has helped me a few times when things went bananas by themselves.


Regards,
Peter




More information about the cisco-nsp mailing list