[j-nsp] L2VPN debugging...
Hoogen
hoogen82 at gmail.com
Mon Feb 15 03:57:07 EST 2010
Hi Dermot,
Thank you for the suggestion... I had done it.. but no change... I guess if
you see the output from l2vpn connections... It has detected the other site
id correctly... also I guess the ctrl status is up... It's just complaining
I am assuming about the data plane..
Thanks,
Hoogen
On Mon, Feb 15, 2010 at 12:36 AM, Dermot Williams <
Dermot.Williams at imaginegroup.ie> wrote:
> Hi,
>
> Have you tried adding the appropriate remote site id to each of your
> routing-instances?
>
> vpnc-1 {
> instance-type l2vpn;
> interface ge-0/0/2.600;
> route-distinguisher 10.0.3.4:1;
> vrf-import c1-import;
> vrf-export c1-export;
> protocols {
> l2vpn {
> encapsulation-type ethernet-vlan;
> site c1 {
> site-identifier 1;
> interface ge-0/0/2.600 {
> remote-site-id 2;
> }
> }
> }
> }
> }
>
> Dermot
>
> > -----Original Message-----
> > From: juniper-nsp-bounces at puck.nether.net [mailto:juniper-nsp-
> > bounces at puck.nether.net] On Behalf Of Hoogen
> > Sent: 15 February 2010 07:11
> > To: Sean Clarke; mtinka at globaltransit.net
> > Cc: juniper-nsp at puck.nether.net
> > Subject: Re: [j-nsp] L2VPN debugging...
> >
> > Connection is as follows
> >
> > C1--R4--R5--R6--C2... R4-R5 are cbgp connections.. R5-R6 is a ibgp
> > connections. R5 is a route reflector. R4 and R6 are PE's C1 and C2 are
> > CE's
> >
> > The topology is similar to the JNCIE book by Harry Reynolds..
> >
> > R4 Configuration
> >
> > lab at r4# show interfaces ge-0/0/2
> > vlan-tagging;
> > encapsulation vlan-ccc;
> > unit 0 {
> > bandwidth 100m;
> > vlan-id 1;
> > family inet {
> > address 172.16.0.5/30;
> > }
> > }
> > unit 600 {
> > encapsulation vlan-ccc;
> > bandwidth 100m;
> > vlan-id 600;
> > }
> >
> > [edit]
> > lab at r4#
> >
> > lab at r4# show protocols bgp
> > group cbgp {
> > type external;
> > export ibgp;
> > peer-as 65001;
> > neighbor 10.0.2.9 {
> > family inet {
> > unicast;
> > }
> > family inet-vpn {
> > unicast;
> > }
> > family l2vpn {
> > signaling;
> > }
> > }
> > }
> >
> > lab at r4# show routing-instances
> > vpnc-1 {
> > instance-type l2vpn;
> > interface ge-0/0/2.600;
> > route-distinguisher 10.0.3.4:1;
> > vrf-import c1-import;
> > vrf-export c1-export;
> > protocols {
> > l2vpn {
> > encapsulation-type ethernet-vlan;
> > site c1 {
> > site-identifier 1;
> > interface ge-0/0/2.600;
> > }
> > }
> > }
> > }
> >
> > lab at r4# run show interfaces terse ge-0/0/2
> > Interface Admin Link Proto Local
> > Remote
> > ge-0/0/2 up up
> > ge-0/0/2.0 up up inet 172.16.0.5/30
> > ge-0/0/2.600 up up ccc
> > ge-0/0/2.32767 up up
> >
> > [edit]
> > lab at r4#
> >
> > lab at r4# run show mpls lsp ingress
> > Ingress LSP: 2 sessions
> > To From State Rt ActivePath P
> LSPname
> > *10.0.9.6 10.0.3.4 Up 0 *
> r4-r6*
> > 10.0.9.7 10.0.3.4 Up 0 * r4-r7
> > Total 2 displayed, Up 2, Down 0
> >
> > [edit]
> > lab at r4#
> >
> > lab at r4# show policy-options
> > policy-statement c1-export {
> > term 1 {
> > then {
> > community add c1-c2-rt;
> > accept;
> > }
> > }
> > }
> > policy-statement c1-import {
> > term 1 {
> > from {
> > protocol bgp;
> > community c1-c2-rt;
> > }
> > then accept;
> > }
> > }
> > community c1-c2-rt members target:65412:300;
> >
> > [edit]
> > lab at r4#
> >
> >
> > lab at r5# show routing-options
> > rib inet.3 {
> > static {
> > route 0.0.0.0/0 discard;
> > }
> > }
> > autonomous-system 65001;
> > confederation 65412 members [ 65000 65001 ];
> >
> > [edit]
> > lab at r5#
> >
> > lab at r5# show protocols bgp
> > group cbgp {
> > type external;
> > peer-as 65000;
> > neighbor 10.0.2.2;
> > neighbor 10.0.2.10 {
> > family inet {
> > unicast;
> > }
> > family inet-vpn {
> > unicast;
> > }
> > family l2vpn {
> > signaling;
> > }
> > }
> > }
> > group cluster-2 {
> > type internal;
> > local-address 10.0.3.5;
> > cluster 2.2.2.2;
> > neighbor 10.0.9.6 {
> > family inet {
> > unicast;
> > }
> > family inet-vpn {
> > unicast;
> > }
> > family l2vpn {
> > signaling;
> > }
> > }
> > }
> >
> > [edit]
> > lab at r5#
> >
> > lab at r6# show protocols bgp
> > group cluster-2 {
> > type internal;
> > local-address 10.0.9.6;
> > export ibgp;
> > neighbor 10.0.3.5 {
> > family inet {
> > unicast;
> > }
> > family inet-vpn {
> > unicast;
> > }
> > family l2vpn {
> > signaling;
> > }
> > }
> > }
> >
> > [edit]
> > lab at r6#
> >
> > lab at r6# run show interfaces terse ge-0/0/1
> > Interface Admin Link Proto Local
> > Remote
> > ge-0/0/1 up up
> > ge-0/0/1.0 up up inet 172.16.0.9/30
> > ge-0/0/1.600 up up ccc
> > ge-0/0/1.32767 up up
> >
> > [edit]
> > lab at r6#
> >
> > lab at r6# show routing-instances
> > vpna-2 {
> > instance-type vrf;
> > interface ge-0/0/1.0;
> > route-distinguisher 65412:302;
> > vrf-target {
> > import target:65412:301;
> > export target:65412:302;
> > }
> > protocols {
> > bgp {
> > group c2 {
> > type external;
> > peer-as 65020;
> > neighbor 172.16.0.10;
> > }
> > }
> > }
> > }
> > vpnc-1 {
> > instance-type l2vpn;
> > interface ge-0/0/1.600;
> > route-distinguisher 10.0.9.6:2;
> > vrf-import c2-import;
> > vrf-export c2-export;
> > protocols {
> > l2vpn {
> > encapsulation-type ethernet-vlan;
> > site c2 {
> > site-identifier 2;
> > interface ge-0/0/1.600;
> > }
> > }
> > }
> > }
> >
> > [edit]
> > lab at r6#
> >
> >
> > lab at r6# run show mpls lsp ingress
> > Ingress LSP: 3 sessions
> > To From State Rt ActivePath P
> LSPname
> > *10.0.3.4 10.0.9.6 Up 0 *
> r6-r4*
> > 10.0.6.2 10.0.9.6 Up 1 use-r1 * lsp-c
> > 10.0.9.7 10.0.9.6 Up 0 * r6-r7
> > Total 3 displayed, Up 3, Down 0
> >
> > [edit]
> > lab at r6#
> >
> > lab at r4# show policy-options
> > policy-statement c2-export {
> > term 1 {
> > then {
> > community add c1-c2-rt;
> > accept;
> > }
> > }
> > }
> > policy-statement c2-import {
> > term 1 {
> > from {
> > protocol bgp;
> > community c1-c2-rt;
> > }
> > then accept;
> > }
> > }
> > community c1-c2-rt members target:65412:300;
> >
> > [edit]
> > lab at r6#
> >
> > Hopefully I have covered all the configurations here... It is a
> Juniper
> > to
> > Juniper scenario.. I am using J-Series with code 8.3R4.3 . Do let me
> > know if
> > you do need more information... VC-Dn status usually would mean lsp to
> > neighbor not present.. But that's not the case in my scenario... Any
> > input
> > is highly appreciated...
> > lab at r4# run show l2vpn connections
> > Layer-2 VPN connections:
> >
> > Legend for connection status (St)
> > EI -- encapsulation invalid NC -- interface encapsulation not
> > CCC/TCC/VPLS
> > EM -- encapsulation mismatch WE -- interface and instance encaps
> > not
> > same
> > VC-Dn -- Virtual circuit down NP -- interface hardware not present
> > CM -- control-word mismatch -> -- only outbound connection is up
> > CN -- circuit not provisioned <- -- only inbound connection is up
> > OR -- out of range Up -- operational
> > OL -- no outgoing label Dn -- down
> > LD -- local site signaled down CF -- call admission control failure
> > RD -- remote site signaled down SC -- local and remote site ID
> > collision
> > LN -- local site not designated LM -- local site ID not minimum
> > designated
> > RN -- remote site not designated RM -- remote site ID not minimum
> > designated
> > XX -- unknown connection status IL -- no incoming label
> >
> > Legend for interface status
> > Up -- operational
> > Dn -- down
> >
> > Instance: vpnc-1
> > Local site: c1 (1)
> > connection-site Type St Time last up # Up
> > trans
> > 2 rmt VC-Dn -----
> > 0
> > Local interface: ge-0/0/2.600, Status: Up, Encapsulation: VLAN
> > Remote PE: 10.0.9.6, Negotiated control-word: Yes (Null)
> > Incoming label: 800003, Outgoing label: 800004
> >
> > [edit]
> > lab at r4#
> >
> > Thanks,
> > Hoogen
> >
> >
> >
> > On Sun, Feb 14, 2010 at 10:32 PM, Sean Clarke <sean1207 at gmail.com>
> > wrote:
> >
> > >
> > > What are you connecting too ? Another Juniper ?
> > >
> > > Please send messages from both ends, also configs, and confirm
> > interfaces
> > > are UP on each end of the circuit.
> > >
> > > cheers
> > > Sean
> > >
> > >
> > >
> > > On 2/15/10 2:43 AM, Hoogen wrote:
> > >
> > >> Hi All,
> > >>
> > >> I am having some issues with L2Vpn.. The circuit stays down.. and
> > error
> > >> messages don't say much... Appreciate it if someone help out here..
> > >>
> > >> [edit]
> > >> lab at r4# Feb 15 01:44:04.829253 rt_flash_update_callback: flash
> > >> vpnc-1-l2vpn
> > >> (vpnc-1.l2vpn.0) start
> > >> Feb 15 01:44:04.829288 Flash call for L2VPN from vpnc-1.L2VPN.0
> > >> Feb 15 01:44:04.829300 Label-block (off 1, rng 1, label-base
> 800000,
> > >> encaps
> > >> 4) add from remote site 2 (RD 10.0.9.6:2:)
> > >> Feb 15 01:44:04.829335 task_timer_ucreate: created timer vpnc-1-
> > l2vpn_Site
> > >> change flags<>
> > >> Feb 15 01:44:04.829343 New site with site-id 2 configured on
> > remote PE
> > >> (RD 10.0.9.6:2:)
> > >> Feb 15 01:44:04.829350 Remote Site 2 encaps type updated to 4
> > >> Feb 15 01:44:04.829359 Site<remote site> ID 2: Starting timer for
> > change
> > >> processing, change flags 1C, reason: remote adv recv -- RD
> > 10.0.9.6:2:
> > >> Feb 15 01:44:04.829367 task_timer_reset: reset vpnc-1-l2vpn_Site
> > change
> > >> Feb 15 01:44:04.829378 task_timer_set_oneshot_latest: timer
> > >> vpnc-1-l2vpn_Site change interval set to 0.046218
> > >> Feb 15 01:44:04.829385 Flash processing complete for L2VPN from
> > >> vpnc-1.L2VPN.0
> > >> Feb 15 01:44:04.829401 rt_flash_update_callback: flash vpnc-1-l2vpn
> > >> (vpnc-1.l2vpn.0) done
> > >> Feb 15 01:44:04.889158 task_timer_dispatch: calling vpnc-1-
> > l2vpn_Site
> > >> change, late by 0.013
> > >> Feb 15 01:44:04.889166 Handling change processing for remote-site
> 2:
> > >> Feb 15 01:44:04.889172 Starting change processing for remote-site
> 2:
> > flags
> > >> 0x1c
> > >> Feb 15 01:44:04.889181 Insert/update vc from local-site c1(1)
> to
> > >> remote-site 2
> > >> Feb 15 01:44:04.889186 new vc
> > >> Feb 15 01:44:04.889193 Insert/update vc (VPN : vpnc-1,
> > local-site
> > >> :
> > >> 1, remote-site : 2)
> > >> Feb 15 01:44:04.889224 circuit 0 updated to ge-0/0/2.600
> > >> Feb 15 01:44:04.889230 updated circuit 0 to ge-0/0/2.600,
> > status
> > >> UP
> > >> Feb 15 01:44:04.889236 add rti for ifl 300/16
> > >> Feb 15 01:44:04.889241 add nhi: ifl ge-0/0/2.600, cw action
> > STRIP
> > >> Feb 15 01:44:04.889247 Triggering VC status update timer for
> > intf
> > >> ge-0/0/2.600
> > >> Feb 15 01:44:04.889257 Ingress label changed to (800003)
> > >> Feb 15 01:44:04.889264 add rti for ifl 0 label 800003 op
> > 0/36
> > >> Feb 15 01:44:04.889275 add route with prefix ifl 0 label
> > 800003 op
> > >> 0/36 and nexthop: ifl ge-0/0/2.600, cw action STRIP
> > >> Feb 15 01:44:04.889299 updated ingress-label to 800003
> > >> Feb 15 01:44:04.889305 Egress VPN label changed to (800000)
> > >> Feb 15 01:44:04.889310 Route to remote PE updated
> > >> Feb 15 01:44:04.889321 add nhi: indirect nexthop: 10.0.9.6,
> > cw
> > >> action ADD bw 0bps
> > >> Feb 15 01:44:04.889330 add route with prefix ifl 300/16 and
> > >> indirect
> > >> nexthop: 10.0.9.6, cw action ADD, bw 0bps
> > >> Feb 15 01:44:04.889367 Site change processing done for site<remote
> > site>
> > >> ID
> > >> 2; cancelling running site change processing timer
> > >> Feb 15 01:44:04.889375 task_timer_reset: reset vpnc-1-l2vpn_Site
> > change
> > >> Feb 15 01:44:04.889380 Handling change processing for remote-site 2
> > done
> > >> Feb 15 01:44:04.889386 task_timer_dispatch: returned from
> > >> vpnc-1-l2vpn_Site
> > >> change, rescheduled in 0
> > >> Feb 15 01:44:04.889673 Route flash received from mpls.0 : Flash
> > >> Feb 15 01:44:04.889683 Triggering VC status update timer for
> > intf
> > >> ge-0/0/2.600
> > >> Feb 15 01:44:06.229230 rt_flash_update_callback: flash vpnc-1-l2vpn
> > >> (vpnc-1.l2vpn.0) start
> > >> Feb 15 01:44:06.229263 Flash call for L2VPN from vpnc-1.L2VPN.0
> > >> Feb 15 01:44:06.229274 Label-block (off 1, rng 1, label-base
> 800000,
> > >> encaps
> > >> 4) add from remote site 2 (RD 10.0.9.6:2:)
> > >> Feb 15 01:44:06.229286 Site<remote site> ID 2: Starting timer for
> > change
> > >> processing, change flags 18, reason: remote adv recv -- RD
> > 10.0.9.6:2:
> > >> Feb 15 01:44:06.229295 task_timer_reset: reset vpnc-1-l2vpn_Site
> > change
> > >> Feb 15 01:44:06.229307 task_timer_set_oneshot_latest: timer
> > >> vpnc-1-l2vpn_Site change interval set to 0.046559
> > >> Feb 15 01:44:06.229313 Flash processing complete for L2VPN from
> > >> vpnc-1.L2VPN.0
> > >> Feb 15 01:44:06.229320 rt_flash_update_callback: flash vpnc-1-l2vpn
> > >> (vpnc-1.l2vpn.0) done
> > >> Feb 15 01:44:06.289041 task_timer_dispatch: calling vpnc-1-
> > l2vpn_Site
> > >> change, late by 0.013
> > >> Feb 15 01:44:06.289050 Handling change processing for remote-site
> 2:
> > >> Feb 15 01:44:06.289056 Starting change processing for remote-site
> 2:
> > flags
> > >> 0x18
> > >> Feb 15 01:44:06.289082 Insert/update vc from local-site c1(1)
> to
> > >> remote-site 2
> > >> Feb 15 01:44:06.289090 Insert/update vc (VPN : vpnc-1,
> > local-site
> > >> :
> > >> 1, remote-site : 2)
> > >> Feb 15 01:44:06.289095 Triggering VC status update timer for
> > intf
> > >> ge-0/0/2.600
> > >> Feb 15 01:44:06.289102 Site change processing done for site<remote
> > site>
> > >> ID
> > >> 2; cancelling running site change processing timer
> > >> Feb 15 01:44:06.289108 task_timer_reset: reset vpnc-1-l2vpn_Site
> > change
> > >> Feb 15 01:44:06.289113 Handling change processing for remote-site 2
> > done
> > >> Feb 15 01:44:06.289119 task_timer_dispatch: returned from
> > >> vpnc-1-l2vpn_Site
> > >> change, rescheduled in 0
> > >> Feb 15 01:44:06.549028 Recomputing the status of the VC for
> > interface :
> > >> ge-0/0/2.600
> > >>
> > >>
> > >> [edit]
> > >> lab at r4# run show l2vpn connections extensive
> > >> Layer-2 VPN connections:
> > >>
> > >> Legend for connection status (St)
> > >> EI -- encapsulation invalid NC -- interface encapsulation not
> > >> CCC/TCC/VPLS
> > >> EM -- encapsulation mismatch WE -- interface and instance
> encaps
> > not
> > >> same
> > >> VC-Dn -- Virtual circuit down NP -- interface hardware not
> > present
> > >> CM -- control-word mismatch -> -- only outbound connection is
> > up
> > >> CN -- circuit not provisioned<- -- only inbound connection is up
> > >> OR -- out of range Up -- operational
> > >> OL -- no outgoing label Dn -- down
> > >> LD -- local site signaled down CF -- call admission control
> > failure
> > >> RD -- remote site signaled down SC -- local and remote site ID
> > collision
> > >> LN -- local site not designated LM -- local site ID not minimum
> > >> designated
> > >> RN -- remote site not designated RM -- remote site ID not minimum
> > >> designated
> > >> XX -- unknown connection status IL -- no incoming label
> > >>
> > >> Legend for interface status
> > >> Up -- operational
> > >> Dn -- down
> > >>
> > >> Instance: vpnc-1
> > >> Local site: c1 (1)
> > >> Number of local interfaces: 1
> > >> Number of local interfaces up: 1
> > >> ge-0/0/2.600 2
> > >> Interface flags: VC-Down
> > >> 800002 1 2 100
> > >> status-vector: 80
> > >> connection-site Type St Time last up #
> > Up
> > >> trans
> > >> * 2 rmt VC-Dn -----
> > >> 0
> > >> *
> > >> Local interface: ge-0/0/2.600, Status: Up, Encapsulation:
> VLAN
> > >> Remote PE: 10.0.9.6, Negotiated control-word: Yes (Null)
> > >> Incoming label: 800003, Outgoing label: 800000
> > >> Time Event
> > Interface/Lbl/PE
> > >> Feb 15 01:44:04 2010 PE route changed
> > >> Feb 15 01:44:04 2010 Out lbl Update
> > 800000
> > >> Feb 15 01:44:04 2010 In lbl Update
> > 800003
> > >> Feb 15 01:44:04 2010 loc intf up ge-
> > 0/0/2.600
> > >>
> > >> [edit]
> > >> lab at r4#
> > >>
> > >> Thanks,
> > >> Hoogen
> > >> _______________________________________________
> > >> juniper-nsp mailing list juniper-nsp at puck.nether.net
> > >> https://puck.nether.net/mailman/listinfo/juniper-nsp
> > >>
> > >>
> > >
> > >
> > > _______________________________________________
> > > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/juniper-nsp
> > >
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list