[c-nsp] L3VPN traceroute from ce--->vpn cloud---->ce

Vinny_Abello at Dell.com Vinny_Abello at Dell.com
Fri Apr 20 17:29:17 EDT 2012


Yes, that makes sense to me. You're receiving 10.0.0.0/8 via BGP (likely from your vendor's PE router belonging to AS 65002 based on the AS-path and IP you peer with of 192.168.1.1, assuming next-hop-self on the PE) with the origin AS of the route being 65333. That AS is tacked on each hop in a traceroute on your CE router for IP's that are part of the 10.0.0.0/8 aggregate as a result. At least that's my interpretation. If anyone sees differently, please feel free to jump in. Again, this is all based on my observations and assumptions of how and why an AS number appears in a traceroute, not on any documentation.

-Vinny

-----Original Message-----
From: Aaron [mailto:aaron1 at gvtc.com] 
Sent: Friday, April 20, 2012 5:17 PM
To: Abello, Vinny; cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] L3VPN traceroute from ce--->vpn cloud---->ce

Vinny, et al, Looks like my attempts to alter my info for sensitive purposes
may have led you all astray.  That 65111 wasn't really 65111...it's actually
65333 (not sure why I changed it since it's a private AS anyway....paranoia
I guess)... look what my ce router has for AS 65333.  Interesting how it
used that bgp entry to match those 10dot ip hops as coming from that AS in
it local bgp table.

Ce-router#sh ip bgp | in 65333
r> 10.0.0.0         192.168.1.1                        0 65002 65001 65003
65333 i

Aaron

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Aaron
Sent: Friday, April 20, 2012 3:02 PM
To: Vinny_Abello at Dell.com; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] L3VPN traceroute from ce--->vpn cloud---->ce

Thanks Vinny....

The ce I'm tracing from is talking ospf with it's directly connected pe.

Also, last hop 10.101.18.2 is a directly connected ce device hanging off of
last hop PE (10.101.1.6).  path back from that ce device 10.101.18.2 is a
def route from it.

Still not seeing how/why this strange AS number would show up like this.

Aaron

-----Original Message-----
From: Vinny_Abello at Dell.com [mailto:Vinny_Abello at Dell.com]
Sent: Friday, April 20, 2012 2:49 PM
To: aaron1 at gvtc.com; cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] L3VPN traceroute from ce--->vpn cloud---->ce

In my experience and understanding of this based purely on observation, when
you run BGP, traceroutes will check the BGP routing table on each hop for a
matching route and display that AS number on the hop for the current active
route in the BGP table. Since 65111 is a private AS, your CE is likely
configured with BGP talking to a PE router which is feeding you matching
routes for each hop (or maybe just a simple default route) which is why that
AS number shows on each hop.

-Vinny

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Aaron
Sent: Friday, April 20, 2012 2:56 PM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] L3VPN traceroute from ce--->vpn cloud---->ce

What's the deal with the traceroute from CE (cisco device) via mpls l3vpn
showing some strange AS number ?  AS 65111 ?

 

...tracing from ce... so it's  ce--->pe--->p--->p--->pe----ce

 

Ce-router#traceroute 10.101.18.2

Type escape sequence to abort.
Tracing the route to 10.101.18.2

  1 1.2.3.17 0 msec 0 msec 0 msec
  2 10.101.1.34 [AS 65111] [MPLS: Labels 16022/16033 Exp 0] 4 msec 0 msec 4
msec
  3 10.101.1.2 [AS 65111] [MPLS: Labels 16022/16033 Exp 0] 0 msec 0 msec 0
msec
  4 10.101.1.6 [AS 65111] 0 msec 4 msec 0 msec
  5 10.101.18.2 [AS 65111] 0 msec *  0 msec



 

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/




More information about the cisco-nsp mailing list