[j-nsp] L2VPN debugging...
Hoogen
hoogen82 at gmail.com
Mon Feb 15 02:10:43 EST 2010
Connection is as follows
C1--R4--R5--R6--C2... R4-R5 are cbgp connections.. R5-R6 is a ibgp
connections. R5 is a route reflector. R4 and R6 are PE's C1 and C2 are CE's
The topology is similar to the JNCIE book by Harry Reynolds..
R4 Configuration
lab at r4# show interfaces ge-0/0/2
vlan-tagging;
encapsulation vlan-ccc;
unit 0 {
bandwidth 100m;
vlan-id 1;
family inet {
address 172.16.0.5/30;
}
}
unit 600 {
encapsulation vlan-ccc;
bandwidth 100m;
vlan-id 600;
}
[edit]
lab at r4#
lab at r4# show protocols bgp
group cbgp {
type external;
export ibgp;
peer-as 65001;
neighbor 10.0.2.9 {
family inet {
unicast;
}
family inet-vpn {
unicast;
}
family l2vpn {
signaling;
}
}
}
lab at r4# show routing-instances
vpnc-1 {
instance-type l2vpn;
interface ge-0/0/2.600;
route-distinguisher 10.0.3.4:1;
vrf-import c1-import;
vrf-export c1-export;
protocols {
l2vpn {
encapsulation-type ethernet-vlan;
site c1 {
site-identifier 1;
interface ge-0/0/2.600;
}
}
}
}
lab at r4# run show interfaces terse ge-0/0/2
Interface Admin Link Proto Local Remote
ge-0/0/2 up up
ge-0/0/2.0 up up inet 172.16.0.5/30
ge-0/0/2.600 up up ccc
ge-0/0/2.32767 up up
[edit]
lab at r4#
lab at r4# run show mpls lsp ingress
Ingress LSP: 2 sessions
To From State Rt ActivePath P LSPname
*10.0.9.6 10.0.3.4 Up 0 * r4-r6*
10.0.9.7 10.0.3.4 Up 0 * r4-r7
Total 2 displayed, Up 2, Down 0
[edit]
lab at r4#
lab at r4# show policy-options
policy-statement c1-export {
term 1 {
then {
community add c1-c2-rt;
accept;
}
}
}
policy-statement c1-import {
term 1 {
from {
protocol bgp;
community c1-c2-rt;
}
then accept;
}
}
community c1-c2-rt members target:65412:300;
[edit]
lab at r4#
lab at r5# show routing-options
rib inet.3 {
static {
route 0.0.0.0/0 discard;
}
}
autonomous-system 65001;
confederation 65412 members [ 65000 65001 ];
[edit]
lab at r5#
lab at r5# show protocols bgp
group cbgp {
type external;
peer-as 65000;
neighbor 10.0.2.2;
neighbor 10.0.2.10 {
family inet {
unicast;
}
family inet-vpn {
unicast;
}
family l2vpn {
signaling;
}
}
}
group cluster-2 {
type internal;
local-address 10.0.3.5;
cluster 2.2.2.2;
neighbor 10.0.9.6 {
family inet {
unicast;
}
family inet-vpn {
unicast;
}
family l2vpn {
signaling;
}
}
}
[edit]
lab at r5#
lab at r6# show protocols bgp
group cluster-2 {
type internal;
local-address 10.0.9.6;
export ibgp;
neighbor 10.0.3.5 {
family inet {
unicast;
}
family inet-vpn {
unicast;
}
family l2vpn {
signaling;
}
}
}
[edit]
lab at r6#
lab at r6# run show interfaces terse ge-0/0/1
Interface Admin Link Proto Local Remote
ge-0/0/1 up up
ge-0/0/1.0 up up inet 172.16.0.9/30
ge-0/0/1.600 up up ccc
ge-0/0/1.32767 up up
[edit]
lab at r6#
lab at r6# show routing-instances
vpna-2 {
instance-type vrf;
interface ge-0/0/1.0;
route-distinguisher 65412:302;
vrf-target {
import target:65412:301;
export target:65412:302;
}
protocols {
bgp {
group c2 {
type external;
peer-as 65020;
neighbor 172.16.0.10;
}
}
}
}
vpnc-1 {
instance-type l2vpn;
interface ge-0/0/1.600;
route-distinguisher 10.0.9.6:2;
vrf-import c2-import;
vrf-export c2-export;
protocols {
l2vpn {
encapsulation-type ethernet-vlan;
site c2 {
site-identifier 2;
interface ge-0/0/1.600;
}
}
}
}
[edit]
lab at r6#
lab at r6# run show mpls lsp ingress
Ingress LSP: 3 sessions
To From State Rt ActivePath P LSPname
*10.0.3.4 10.0.9.6 Up 0 * r6-r4*
10.0.6.2 10.0.9.6 Up 1 use-r1 * lsp-c
10.0.9.7 10.0.9.6 Up 0 * r6-r7
Total 3 displayed, Up 3, Down 0
[edit]
lab at r6#
lab at r4# show policy-options
policy-statement c2-export {
term 1 {
then {
community add c1-c2-rt;
accept;
}
}
}
policy-statement c2-import {
term 1 {
from {
protocol bgp;
community c1-c2-rt;
}
then accept;
}
}
community c1-c2-rt members target:65412:300;
[edit]
lab at r6#
Hopefully I have covered all the configurations here... It is a Juniper to
Juniper scenario.. I am using J-Series with code 8.3R4.3 . Do let me know if
you do need more information... VC-Dn status usually would mean lsp to
neighbor not present.. But that's not the case in my scenario... Any input
is highly appreciated...
lab at r4# run show l2vpn connections
Layer-2 VPN connections:
Legend for connection status (St)
EI -- encapsulation invalid NC -- interface encapsulation not
CCC/TCC/VPLS
EM -- encapsulation mismatch WE -- interface and instance encaps not
same
VC-Dn -- Virtual circuit down NP -- interface hardware not present
CM -- control-word mismatch -> -- only outbound connection is up
CN -- circuit not provisioned <- -- only inbound connection is up
OR -- out of range Up -- operational
OL -- no outgoing label Dn -- down
LD -- local site signaled down CF -- call admission control failure
RD -- remote site signaled down SC -- local and remote site ID collision
LN -- local site not designated LM -- local site ID not minimum designated
RN -- remote site not designated RM -- remote site ID not minimum designated
XX -- unknown connection status IL -- no incoming label
Legend for interface status
Up -- operational
Dn -- down
Instance: vpnc-1
Local site: c1 (1)
connection-site Type St Time last up # Up trans
2 rmt VC-Dn ----- 0
Local interface: ge-0/0/2.600, Status: Up, Encapsulation: VLAN
Remote PE: 10.0.9.6, Negotiated control-word: Yes (Null)
Incoming label: 800003, Outgoing label: 800004
[edit]
lab at r4#
Thanks,
Hoogen
On Sun, Feb 14, 2010 at 10:32 PM, Sean Clarke <sean1207 at gmail.com> wrote:
>
> What are you connecting too ? Another Juniper ?
>
> Please send messages from both ends, also configs, and confirm interfaces
> are UP on each end of the circuit.
>
> cheers
> Sean
>
>
>
> On 2/15/10 2:43 AM, Hoogen wrote:
>
>> Hi All,
>>
>> I am having some issues with L2Vpn.. The circuit stays down.. and error
>> messages don't say much... Appreciate it if someone help out here..
>>
>> [edit]
>> lab at r4# Feb 15 01:44:04.829253 rt_flash_update_callback: flash
>> vpnc-1-l2vpn
>> (vpnc-1.l2vpn.0) start
>> Feb 15 01:44:04.829288 Flash call for L2VPN from vpnc-1.L2VPN.0
>> Feb 15 01:44:04.829300 Label-block (off 1, rng 1, label-base 800000,
>> encaps
>> 4) add from remote site 2 (RD 10.0.9.6:2:)
>> Feb 15 01:44:04.829335 task_timer_ucreate: created timer vpnc-1-l2vpn_Site
>> change flags<>
>> Feb 15 01:44:04.829343 New site with site-id 2 configured on remote PE
>> (RD 10.0.9.6:2:)
>> Feb 15 01:44:04.829350 Remote Site 2 encaps type updated to 4
>> Feb 15 01:44:04.829359 Site<remote site> ID 2: Starting timer for change
>> processing, change flags 1C, reason: remote adv recv -- RD 10.0.9.6:2:
>> Feb 15 01:44:04.829367 task_timer_reset: reset vpnc-1-l2vpn_Site change
>> Feb 15 01:44:04.829378 task_timer_set_oneshot_latest: timer
>> vpnc-1-l2vpn_Site change interval set to 0.046218
>> Feb 15 01:44:04.829385 Flash processing complete for L2VPN from
>> vpnc-1.L2VPN.0
>> Feb 15 01:44:04.829401 rt_flash_update_callback: flash vpnc-1-l2vpn
>> (vpnc-1.l2vpn.0) done
>> Feb 15 01:44:04.889158 task_timer_dispatch: calling vpnc-1-l2vpn_Site
>> change, late by 0.013
>> Feb 15 01:44:04.889166 Handling change processing for remote-site 2:
>> Feb 15 01:44:04.889172 Starting change processing for remote-site 2: flags
>> 0x1c
>> Feb 15 01:44:04.889181 Insert/update vc from local-site c1(1) to
>> remote-site 2
>> Feb 15 01:44:04.889186 new vc
>> Feb 15 01:44:04.889193 Insert/update vc (VPN : vpnc-1, local-site
>> :
>> 1, remote-site : 2)
>> Feb 15 01:44:04.889224 circuit 0 updated to ge-0/0/2.600
>> Feb 15 01:44:04.889230 updated circuit 0 to ge-0/0/2.600, status
>> UP
>> Feb 15 01:44:04.889236 add rti for ifl 300/16
>> Feb 15 01:44:04.889241 add nhi: ifl ge-0/0/2.600, cw action STRIP
>> Feb 15 01:44:04.889247 Triggering VC status update timer for intf
>> ge-0/0/2.600
>> Feb 15 01:44:04.889257 Ingress label changed to (800003)
>> Feb 15 01:44:04.889264 add rti for ifl 0 label 800003 op 0/36
>> Feb 15 01:44:04.889275 add route with prefix ifl 0 label 800003 op
>> 0/36 and nexthop: ifl ge-0/0/2.600, cw action STRIP
>> Feb 15 01:44:04.889299 updated ingress-label to 800003
>> Feb 15 01:44:04.889305 Egress VPN label changed to (800000)
>> Feb 15 01:44:04.889310 Route to remote PE updated
>> Feb 15 01:44:04.889321 add nhi: indirect nexthop: 10.0.9.6, cw
>> action ADD bw 0bps
>> Feb 15 01:44:04.889330 add route with prefix ifl 300/16 and
>> indirect
>> nexthop: 10.0.9.6, cw action ADD, bw 0bps
>> Feb 15 01:44:04.889367 Site change processing done for site<remote site>
>> ID
>> 2; cancelling running site change processing timer
>> Feb 15 01:44:04.889375 task_timer_reset: reset vpnc-1-l2vpn_Site change
>> Feb 15 01:44:04.889380 Handling change processing for remote-site 2 done
>> Feb 15 01:44:04.889386 task_timer_dispatch: returned from
>> vpnc-1-l2vpn_Site
>> change, rescheduled in 0
>> Feb 15 01:44:04.889673 Route flash received from mpls.0 : Flash
>> Feb 15 01:44:04.889683 Triggering VC status update timer for intf
>> ge-0/0/2.600
>> Feb 15 01:44:06.229230 rt_flash_update_callback: flash vpnc-1-l2vpn
>> (vpnc-1.l2vpn.0) start
>> Feb 15 01:44:06.229263 Flash call for L2VPN from vpnc-1.L2VPN.0
>> Feb 15 01:44:06.229274 Label-block (off 1, rng 1, label-base 800000,
>> encaps
>> 4) add from remote site 2 (RD 10.0.9.6:2:)
>> Feb 15 01:44:06.229286 Site<remote site> ID 2: Starting timer for change
>> processing, change flags 18, reason: remote adv recv -- RD 10.0.9.6:2:
>> Feb 15 01:44:06.229295 task_timer_reset: reset vpnc-1-l2vpn_Site change
>> Feb 15 01:44:06.229307 task_timer_set_oneshot_latest: timer
>> vpnc-1-l2vpn_Site change interval set to 0.046559
>> Feb 15 01:44:06.229313 Flash processing complete for L2VPN from
>> vpnc-1.L2VPN.0
>> Feb 15 01:44:06.229320 rt_flash_update_callback: flash vpnc-1-l2vpn
>> (vpnc-1.l2vpn.0) done
>> Feb 15 01:44:06.289041 task_timer_dispatch: calling vpnc-1-l2vpn_Site
>> change, late by 0.013
>> Feb 15 01:44:06.289050 Handling change processing for remote-site 2:
>> Feb 15 01:44:06.289056 Starting change processing for remote-site 2: flags
>> 0x18
>> Feb 15 01:44:06.289082 Insert/update vc from local-site c1(1) to
>> remote-site 2
>> Feb 15 01:44:06.289090 Insert/update vc (VPN : vpnc-1, local-site
>> :
>> 1, remote-site : 2)
>> Feb 15 01:44:06.289095 Triggering VC status update timer for intf
>> ge-0/0/2.600
>> Feb 15 01:44:06.289102 Site change processing done for site<remote site>
>> ID
>> 2; cancelling running site change processing timer
>> Feb 15 01:44:06.289108 task_timer_reset: reset vpnc-1-l2vpn_Site change
>> Feb 15 01:44:06.289113 Handling change processing for remote-site 2 done
>> Feb 15 01:44:06.289119 task_timer_dispatch: returned from
>> vpnc-1-l2vpn_Site
>> change, rescheduled in 0
>> Feb 15 01:44:06.549028 Recomputing the status of the VC for interface :
>> ge-0/0/2.600
>>
>>
>> [edit]
>> lab at r4# run show l2vpn connections extensive
>> Layer-2 VPN connections:
>>
>> Legend for connection status (St)
>> EI -- encapsulation invalid NC -- interface encapsulation not
>> CCC/TCC/VPLS
>> EM -- encapsulation mismatch WE -- interface and instance encaps not
>> same
>> VC-Dn -- Virtual circuit down NP -- interface hardware not present
>> CM -- control-word mismatch -> -- only outbound connection is up
>> CN -- circuit not provisioned<- -- only inbound connection is up
>> OR -- out of range Up -- operational
>> OL -- no outgoing label Dn -- down
>> LD -- local site signaled down CF -- call admission control failure
>> RD -- remote site signaled down SC -- local and remote site ID collision
>> LN -- local site not designated LM -- local site ID not minimum
>> designated
>> RN -- remote site not designated RM -- remote site ID not minimum
>> designated
>> XX -- unknown connection status IL -- no incoming label
>>
>> Legend for interface status
>> Up -- operational
>> Dn -- down
>>
>> Instance: vpnc-1
>> Local site: c1 (1)
>> Number of local interfaces: 1
>> Number of local interfaces up: 1
>> ge-0/0/2.600 2
>> Interface flags: VC-Down
>> 800002 1 2 100
>> status-vector: 80
>> connection-site Type St Time last up # Up
>> trans
>> * 2 rmt VC-Dn -----
>> 0
>> *
>> Local interface: ge-0/0/2.600, Status: Up, Encapsulation: VLAN
>> Remote PE: 10.0.9.6, Negotiated control-word: Yes (Null)
>> Incoming label: 800003, Outgoing label: 800000
>> Time Event Interface/Lbl/PE
>> Feb 15 01:44:04 2010 PE route changed
>> Feb 15 01:44:04 2010 Out lbl Update 800000
>> Feb 15 01:44:04 2010 In lbl Update 800003
>> Feb 15 01:44:04 2010 loc intf up ge-0/0/2.600
>>
>> [edit]
>> lab at r4#
>>
>> Thanks,
>> Hoogen
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>>
>>
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list