[c-nsp] ME3600 does not forward frames out one interface in service instance

daniel.dib at reaper.nu daniel.dib at reaper.nu
Tue Jan 21 03:56:23 EST 2014 

 

Hi, 

I have an issue with ME3600 running 15.3(1)S. I have a BDI used for CPE
management. 

cisco ME-3600X-24FS-M 

Cisco IOS Software, ME360x Software (ME360x-UNIVERSALK9-M), Version
15.3(1)S, RELEASE SOFTWARE (fc1) 

This is the BDI and VRF configuration: 

interface Vlan1620
 ip vrf forwarding 65000:1620
 ip address 10.232.28.1 255.255.252.0
 no ip redirects 

ip vrf 65000:1620
 rd 65000:1620
 route-target export 65000:1620
 route-target import 65000:1620 

address-family ipv4 vrf 65000:1620
 redistribute connected 

The MPLS part is working fine, no issues there. There is also a DHCP
pool handing out IPs to the CPEs. 

ip dhcp pool 65000:1620
 vrf 65000:1620
 network 10.232.28.0 255.255.252.0
 domain-name xyz
 default-router 10.232.28.1
 option 66 ascii 10.232.28.1
 dns-server 8.8.8.8
 lease 0 0 30 

This also works fine and I have verified that CPE has both IP and GW.
Then for the service instance configuration: 

interface GigabitEthernet0/5
 switchport trunk allowed vlan none
 switchport mode trunk
 service instance 1620 ethernet
 encapsulation dot1q 1620
 rewrite ingress tag pop 1 symmetric
 bridge-domain 1620 

interface GigabitEthernet0/11
 switchport trunk allowed vlan none
 switchport mode trunk
 service instance 1620 ethernet
 encapsulation dot1q 1620
 rewrite ingress tag pop 1 symmetric
 bridge-domain 1620 

Traffic to CPEs behind Gi0/11 works: 

sh ip arp vrf 65000:1620 vlan 1620 | i 29.26
Internet 10.232.29.26 0 0022.07f3.3450 ARPA Vlan1620 

show mac-address-table address 0022.07f3.3450
 Mac Address Table
------------------------------------------- 

Vlan Mac Address Type Ports
---- ----------- -------- -----
1620 0022.07f3.3450 DYNAMIC Gi0/11+Efp1620
Total Mac Addresses for this criterion: 1 

Pinging 10.232.29.26 with 32 bytes of data:
Reply from 10.232.29.26: bytes=32 time=33ms TTL=61
Reply from 10.232.29.26: bytes=32 time=32ms TTL=61
Reply from 10.232.29.26: bytes=32 time=34ms TTL=61
Reply from 10.232.29.26: bytes=32 time=32ms TTL=61 

Traffic to CPEs behind Gi0/5 does not work. 

sh ip arp vrf 65000:1620 vlan 1620 | i 28.190
Internet 10.232.28.190 2 0022.07f2.76a6 ARPA Vlan1620 

show mac-address-table address 0022.07f2.76a6
 Mac Address Table
------------------------------------------- 

Vlan Mac Address Type Ports
---- ----------- -------- -----
1620 0022.07f2.76a6 DYNAMIC Gi0/5+Efp1620
Total Mac Addresses for this criterion: 1 

Pinging 10.232.28.190 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out. 

This is also confirmed by looking at counters. There seems to be no
egress traffic on Gi0/5. 

Service Instance 1620, Interface GigabitEthernet0/11
 Pkts In Bytes In Pkts Out Bytes Out
 31717 2955368 4569808 1709207624 

Service Instance 1620, Interface GigabitEthernet0/5
 Pkts In Bytes In Pkts Out Bytes Out
 4850878 367975447 0 0 

It does work to ping locally from the 3600 though: 

ping vrf 65000:1620 10.232.28.190
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.232.28.190, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms 

I'm not sure how to troubleshoot it further. I've also tried setting up
ERSPAN sessions for RX traffic on Gi0/5 but I don't get anything in
unless I ping 28.1 which is the IP of the interface on the 3600. 

Any clues? 

Regards, 

Daniel Dib 

CCIE #37149

More information about the cisco-nsp mailing list