[c-nsp] 2 x "new" ME3600's, 1 fails to reach one PE only in VRF's

CiscoNSP List cisconsp_list at hotmail.com
Mon Apr 20 05:29:28 EDT 2015


Thanks Adam - 

No, MPLS ping to that problem PE looks to fail from ME02, it responds with "QQQQQ" (ie. request not sent)

ME01, it times out? "...."

sh mpls forwarding-table on ME02 shows "No Label" and it is not in the list on ME01?

mpls is definitely enabled on the interfaces (The ME's are directly connected, the problem PE is 4 hops away)...there are multiple other VRF's on the problem PE that are working fine, and I can create vrf's on the 2 ME's, and they can reach each other.

sh ip cef, ME01 looks "ok", but ME02 does not (i.e. no label?)...and it also mentions "local label info: global/20625"?....ME01 does not?

ME01:
sh ip cef xxx.xxx.xxx.222/32 detail 
xxx.xxx.xxx.222/32, epoch 0
  2 RR sources [heavily shared]
  nexthop xxx.xxx.xxx.236 GigabitEthernet0/1 label 40420

ME02:
#sh ip cef xxx.xxx.xxx.222/32 detail 
xxx.xxx.xxx.222/32, epoch 0
  local label info: global/20625
  2 RR sources [heavily shared]
  nexthop xxx.xxx.xxx.232 GigabitEthernet0/3 label [none|674]
    repair: attached-nexthop xxx.xxx.xxx.234 Vlan36
  nexthop xxx.xxx.xxx.234 Vlan36, repair


Thanks for your suggestions/assistance

From: Adam.Vitkovsky at gamma.co.uk
To: cisconsp_list at hotmail.com; cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] 2 x "new" ME3600's, 1 fails to reach one PE only in VRF's
Date: Mon, 20 Apr 2015 08:46:26 +0000

Hi,



Looks like control plane works if you can see the VPN routes learned via BGP. 

Maybe the data plane is not operational for some reason. 



Does the MPLS ping works between the two routers? -that would verify that the transport (i.e. LDP) labels for PE loopbacks are in place. 

ping mpls ipv4 x.x.x.x/32 source y.y.y.y 



Try cmd " sh mpls forwarding-table" on both PEs and try to search for each other's loopback IP /32 address. 

On each PE -for the other PEs loopback in Outgoing Label column there should either be a "label value" or a "Pop Label" if the PEs are directly connected. 

If it displays No Label then labels are not advertised/received for some reason. 

-most of the times the problem is that LDP neighbours don't see each other via Hello messages multicasted over the directly connected interface but only via the targeted LDP session.  

	- this can be caused when the interface is not enabled for MPLS i.e. cmd "mpls ip" is not enabled under the interface. 

	- or LDP passwords do not match. 

(this will also be accompanied by OSPF advertising maximum metric for the link to avoid forwarding of MPLS packets over the link when the MPLS is actually not functional on the interface). 



-or there's a problem with access-list controlling the label advertisement on the neighbouring router. 

   

-if the above is not the case it might be a HW programing issue. 

The outgoing label for the other PE's loopback IP address should be visible when you issue cmd "sh ip cef x.x.x.x/32 detail" *not sure about the exact syntax. 

  

adam

> -----Original Message-----

> From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of

> CiscoNSP List

> Sent: 20 April 2015 03:34

> To: cisco-nsp at puck.nether.net

> Subject: [c-nsp] 2 x "new" ME3600's, 1 fails to reach one PE only in VRF's

> 

> Hi Everyone,

> 

> Have 2 new ME3600's (ME3600-01(Working fine) + ME3600-02(fails to reach

> any VRF IP on 1 PE..all other PE's(~10 other PE's) reachability is fine), both RR-

> clients, both have no problems reaching all our other PE's IP's in global and

> VRF's)

> 

> If I run a "show ip route vrf CUSTA" on both ME's, all routes displayed are

> identical...including the problematic PE.

> 

> ME3600-01 can happily reach all VRF IP's on this PE, as well as Global

> 

> MR3600-02 can happily reach all global IP's on this PE, but no VRF IP's...all VRF

> IP's are displayed (sh ip route vrf foo), just cant ping them, and traces to

> them fail...stars on first hop...same in reverse(i.e. from problem PE...traces

> back to ME01, work fine, traces to ME02, I get stars on first hop)

> 

> 

> Traces to/from problem PE + both ME's Loops(Used for IGP+BGP) take same

> path, and work.

> 

> 

> Any suggestions are greatly appreciated!

> 

> 

> 

> _______________________________________________

> cisco-nsp mailing list  cisco-nsp at puck.nether.net

> https://puck.nether.net/mailman/listinfo/cisco-nsp

> archive at http://puck.nether.net/pipermail/cisco-nsp/



  This email has been scanned for email related threats and delivered safely by Mimecast.
 For more information please visit http://www.mimecast.com   		 	   		  


More information about the cisco-nsp mailing list