[c-nsp] 2 x "new" ME3600's, 1 fails to reach one PE only in VRF's

Adam Vitkovsky Adam.Vitkovsky at gamma.co.uk
Mon Apr 20 04:46:26 EDT 2015


Hi,

Looks like control plane works if you can see the VPN routes learned via BGP. 
Maybe the data plane is not operational for some reason. 

Does the MPLS ping works between the two routers? -that would verify that the transport (i.e. LDP) labels for PE loopbacks are in place. 
ping mpls ipv4 x.x.x.x/32 source y.y.y.y 

Try cmd " sh mpls forwarding-table" on both PEs and try to search for each other's loopback IP /32 address. 
On each PE -for the other PEs loopback in Outgoing Label column there should either be a "label value" or a "Pop Label" if the PEs are directly connected. 
If it displays No Label then labels are not advertised/received for some reason. 
-most of the times the problem is that LDP neighbours don't see each other via Hello messages multicasted over the directly connected interface but only via the targeted LDP session.  
	- this can be caused when the interface is not enabled for MPLS i.e. cmd "mpls ip" is not enabled under the interface. 
	- or LDP passwords do not match. 
(this will also be accompanied by OSPF advertising maximum metric for the link to avoid forwarding of MPLS packets over the link when the MPLS is actually not functional on the interface). 

-or there's a problem with access-list controlling the label advertisement on the neighbouring router. 
   
-if the above is not the case it might be a HW programing issue. 
The outgoing label for the other PE's loopback IP address should be visible when you issue cmd "sh ip cef x.x.x.x/32 detail" *not sure about the exact syntax. 
  
adam
> -----Original Message-----
> From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of
> CiscoNSP List
> Sent: 20 April 2015 03:34
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] 2 x "new" ME3600's, 1 fails to reach one PE only in VRF's
> 
> Hi Everyone,
> 
> Have 2 new ME3600's (ME3600-01(Working fine) + ME3600-02(fails to reach
> any VRF IP on 1 PE..all other PE's(~10 other PE's) reachability is fine), both RR-
> clients, both have no problems reaching all our other PE's IP's in global and
> VRF's)
> 
> If I run a "show ip route vrf CUSTA" on both ME's, all routes displayed are
> identical...including the problematic PE.
> 
> ME3600-01 can happily reach all VRF IP's on this PE, as well as Global
> 
> MR3600-02 can happily reach all global IP's on this PE, but no VRF IP's...all VRF
> IP's are displayed (sh ip route vrf foo), just cant ping them, and traces to
> them fail...stars on first hop...same in reverse(i.e. from problem PE...traces
> back to ME01, work fine, traces to ME02, I get stars on first hop)
> 
> 
> Traces to/from problem PE + both ME's Loops(Used for IGP+BGP) take same
> path, and work.
> 
> 
> Any suggestions are greatly appreciated!
> 
> 
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
---------------------------------------------------------------------------------------
 This email has been scanned for email related threats and delivered safely by Mimecast.
 For more information please visit http://www.mimecast.com
---------------------------------------------------------------------------------------


More information about the cisco-nsp mailing list