[c-nsp] Aggregate label not generated
Oliver Boehmer (oboehmer)
oboehmer at cisco.com
Thu Jun 19 05:10:55 EDT 2008
Pshem Kowalczyk <mailto:pshem.k at gmail.com> wrote on Thursday, June 19,
2008 10:23 AM:
> Hi,
>>> The question here is why is there no label on PE1 at all? It has a
>>> locally connected interface that gets into bgp using a network
>>> statement - it should generate a label for it. Unless I'm completely
>>> wrong here ...
>>
>> right, PE1 should generate a label, possibly a bug related to the 0/1
>> prefix. Do you see a lable generated for the 128/1?
>
>
> There is a label for the 128/1.
Ok. And does traffic towards prefixes in the 128/1 work, i.e. is
correctly forwarded from the 28xx to the 6500 and back via the MPLS
cloud to another PE?
>> Regarding your overall idea/approach: My gut doesn't like it ;-) in
>> the older LFIB infrastructure (i.e. pre-12.2SB/33S/some-other),
>> packets coming from the MPLS cloud to a PE and going back out to
>> another PE doesn't always work. In my opinion, a 2547-architecture
>> really asks for a PE to hold all routes for a given VPN, and if this
>> number is too high (I don't think a 28xx is too weak to hold 40k
>> pfx), build a hub&spoke VPN where the default is generated by some
>> hub-CE, rather than on the hub-PE.
>
> Unfortunately due to amount of traffic (majority of the traffic
> (>1Gb/s) goes between those two PEs) and some other physical
> constrains (in the PoP where those two 6500s sit we ran out of space
> and air con) we can't add anything that could do a proper layer 3
> lookup.
>
> So to just sum up:
> 1. it might be a bug or
> 2. i shouldn't expect it to work altogether ;-)
I guess both :-) At least in SXF and earlier, I wouldn't be terribly
surprised if traffic PE1 --> PE2 --> PE3 (where PE2 does an aggregate
lookup pointing to a distant PE3) doesn't work reliably.
> Perhaps I asked a wrong question here.
> Is there a way to force a layer3 lookup on a PE within a vrf?
Using an aggregate label, as you've done. However: The key is the packet
path. Is it tag2ip (i.e. leaves the aggregate as an IP) or tag2tag (i.e.
packet goes back out via MPLS). I think (not 100% sure) you need the new
MFI infrastructure in 12.2(33)SXH for the latter case.
oli
More information about the cisco-nsp
mailing list