User not logged in - login - register
Home Calendar Books School Tool Photo Gallery Message Boards Users Statistics Advertise Site Info
go to bottom | |
 Message Boards » » Anyone here know MPLS? Page [1] 2, Next  
wut
Suspended
977 Posts
user info
edit post

Im having some problems with EIGRP redistribution in to MP-BGP for VPN connectivity. Trying to pass the MPLS exam but I havent taken the BSCI exam yet so Im having to learn as I go (not as painful as I thought it would be). Route redistribution is giving me the most problems right now, obviously.

If anyone has some quick "gotchas" to share that'd be cool. I have a mid term tuesday so it will be later this week before I can post configs.

3/16/2008 10:42:02 PM

Aficionado
Suspended
22518 Posts
user info
edit post

wut?

3/16/2008 10:46:19 PM

wut
Suspended
977 Posts
user info
edit post

exactly the response I get from most people

3/16/2008 11:15:35 PM

cdubya
All American
3046 Posts
user info
edit post

I think you're probably going to have to be a bit more specific than you have been to get any useful advice. A countless number of books have been written about MPLS VPNs and routing redistribution- it's not really a task best summarized in a quick list of 'gotchas' on a college message board.

If you want to post more details regarding your current configs, show command output, and exactly what the perceived problem is, I'd be more than happy to help the best that I can.

Good luck

3/16/2008 11:39:27 PM

wut
Suspended
977 Posts
user info
edit post

Thanks - Ill do that.

In short, I can get static routes to redistribute in to MP-BGP just fine. I even think I got RIP working (have to look back through the saved configs).

My problem was getting EIGRP to work. I think the problem is that I am using EIGRP as the backbone IGP as well as the PE-CE RP. I dont know if you have to use a entirely separate EIGRP process for the PE-CE RP if youre using EIGRP as the IGP in the cloud as well. :shrug: I dunno, but Ill post everything I got in a few days. Ive failed this exam twice already so... yea, retooling etc at the moment.

I appreciate the help in advance!

3/16/2008 11:58:16 PM

cdubya
All American
3046 Posts
user info
edit post

If you can, you'll want to pick up "MPLS and VPN Architectures, Volume II" by Guichard and Apcar. For your issue in particular, PE-CE routing, you'll want to start around page 152.

To answer your question regarding the separation of EIGRP processes, iirc this should be accomplished by creating separate VRFs each associated with a particular EIGRP AS number. Interconnecting these sites will be accomplished just like any other CE->PE situation, by redistributing these VRFs into your BGP process. Not sure how complex your particular situation is, but you should be able to get rolling from there.

The only 'gotchas' that come to mind immediately are to be cautious of the implications of synchronization (although I think this is automatically disabled with vrfs???) in bgp and auto-summary in eigrp, but that's probably something you've already bumped into with the protocol.

3/17/2008 1:00:20 AM

cdubya
All American
3046 Posts
user info
edit post

Just realized you were the cisco fan boi from the other thread! No more advice for you, sir

3/17/2008 1:06:21 AM

wut
Suspended
977 Posts
user info
edit post

^^ auto summary wont prevent the MPLS VPN from working, but what it will do is cause an unnecessary L3 lookup in the forwarding (data plane) path of the packets from A to B.

Ill take a look at the MPLS/VPN Vol 2. I have the Vol 1 "CCIP" edition but I think the "Vol 1 and Vol 2" books are newer. I also have the MPLS fundamentals, and Configuring MPLS on Cisco IOS software books which have been helpful. At this point Im kinda lost in my ways a bit.

3/17/2008 7:39:51 AM

robster
All American
3545 Posts
user info
edit post

I have never seen a real customer using eigrp as the real core RP underneath their mpls vpn/bgp network.

However, using eigrp as the pe-ce protocol is pretty common.

When configuring eigrp for use as the "global" and vrf RP, you have to do the following:

router eigrp 100
no auto
address-family ipv4
network x.x.x.x
(other regular igp commands that you want to use in the baseline eigrp network
address-family ipv4 vrf VPN1
autonomous-system 100
network y.y.y.y
redistribute bgp 65000
address-family ipv4 vrf VPN2
autonomous-system 100
network z.z.z.z
redistribute bgp 65000

Thats pretty much the general eigrp shell to use in terms of mpls vpn environments.

Rob

3/17/2008 2:54:53 PM

wut
Suspended
977 Posts
user info
edit post

yea.. I def need you guys to look at the configs then.

Ill post them tomorrow night. Tonight I cram for an exam yaay!!!!

3/17/2008 3:19:43 PM

cdubya
All American
3046 Posts
user info
edit post

How'd that exam go? Which exam was it, exactly?

3/18/2008 1:33:05 PM

pmcassel
All American
1553 Posts
user info
edit post

robster giving more advice to tww than he does to customers

3/19/2008 10:45:50 PM

wut
Suspended
977 Posts
user info
edit post

Mid term went well. It was for a system design and analysis course. I put in a 12 hour shift today and have some urgent tasks I need to complete by cob tomorrow by I'll load the configs in webiou and post the info tomorrow.

I'm surprised how many cisco engineers are on this board. I couldn't even get this toe of response on the groupstudy listserv...

3/19/2008 9:54:42 PM

cdubya
All American
3046 Posts
user info
edit post

that's where all the cool kids work

3/19/2008 11:20:03 PM

robster
All American
3545 Posts
user info
edit post

^^^ pmcassel only makes jokes because I ignore his stupid questions all day, as he sits across the aisle from me.

3/21/2008 6:41:56 AM

wut
Suspended
977 Posts
user info
edit post

I lost my eigrp>bgp redistribution configs for MPLS VPN, have to re-do them.

I was thinking of rick rolling the for-sale list.

Good idea for a Friday?

[ ] confirm
[ ] deny

[Edited on March 21, 2008 at 8:54 AM. Reason : .]

3/21/2008 8:54:01 AM

wut
Suspended
977 Posts
user info
edit post

One important question before I re-create this.

Here is the toplogy




note: the network between R3 and R4 is 10.0.1.x

Since both sides of the network are simply config mirrors of each other (what is done on one side is the method implemented on the other), lets focus on the left side of this toplogy.

Understand that R2 (PE1a) is merely passing routes from R1 (cust1) to R3 (PE1).

What I have been doing is creating 2 EIGRP processes (1 and 100). Process 1 is for the backbone network through the cloud (10.0.1.x and the loopback 100.0.0.3). The customer facing networks are in EIGRP 100 (192.168.0.x, 100.0.0.2, 10.0.0.x, and 50.0.0.1).

On the PE I would redistribute EIGRP 100 in BGP, visa versa.

Now admittedly, in looking at this again after Ive cooled off I think I have identified some errors on my own.

I do believe if I were to do it this way the loopback ip on R3 would need to be in EIGRP process 100, not in the "backbone" process 1.

However, before I travel down that path should 2 EIGRP processes even be used? I dont know why I did this other than to try to "segment" the routes in EIGRP (mostly bc I not familiar with advanced EIGRP configs).

Shouldnt this all be done within one EIGRP process and just put the customer facing route in the EIGRP IPv4 address family?

I do believe this to be solely an EIGRP issue and not an issue with the BGP config (BGP config is pretty straight forward)

Here are the sh ip route and sh ip eigrp neigh outputs from R2 (PE1a) and R3 (PE1)


PE1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

100.0.0.0/32 is subnetted, 2 subnets
D 100.0.0.7 [90/3833856] via 10.0.1.2, 02:01:05, Serial0/0
C 100.0.0.3 is directly connected, Loopback0
200.0.0.0/32 is subnetted, 3 subnets
D 200.0.0.4 [90/2297856] via 10.0.1.2, 23:46:07, Serial0/0
D 200.0.0.5 [90/2809856] via 10.0.1.2, 08:06:35, Serial0/0
D 200.0.0.6 [90/3321856] via 10.0.1.2, 02:01:05, Serial0/0
172.16.0.0/24 is subnetted, 2 subnets
D 172.16.0.0 [90/2681856] via 10.0.1.2, 23:46:07, Serial0/0
D 172.16.1.0 [90/3193856] via 10.0.1.2, 08:06:35, Serial0/0
10.0.0.0/24 is subnetted, 2 subnets
D 10.0.2.0 [90/3705856] via 10.0.1.2, 02:01:05, Serial0/0
C 10.0.1.0 is directly connected, Serial0/0


PE1#sh ip eigrp nei
IP-EIGRP neighbors for process 1
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 10.0.1.2 Se0/0 12 1d00h 39 234 0 24
IP-EIGRP neighbors for process 100


and


PE1a#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

50.0.0.0/32 is subnetted, 1 subnets
D 50.0.0.1 [90/2297856] via 10.0.0.1, 09:24:29, Serial1/0
100.0.0.0/32 is subnetted, 1 subnets
C 100.0.0.2 is directly connected, Loopback0
10.0.0.0/24 is subnetted, 1 subnets
C 10.0.0.0 is directly connected, Serial1/0
C 192.168.0.0/24 is directly connected, Serial0/0


PE1a#sh ip eigrp nei
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 10.0.0.1 Se1/0 14 09:24:45 40 240 0 7



I troubleshot my problems to EIGRP before, but I could never get real clarity on how this should be done.

I really love MPLS technology but I need to iron out these fundamentals before I can consider moving on with other MPLS implementations and the rest of my CCIP.

[Edited on March 21, 2008 at 10:45 AM. Reason : .]

3/21/2008 10:38:49 AM

robster
All American
3545 Posts
user info
edit post

You havent really cleared up what you are actually trying to accomplish in terms of overall design here.

CsC is a term that is used more and more loosely these days.

In terms of MPLS VPN, it appears from your image that you are just trying to run MPLS ONLY in the CsC network, not in the ISPa networks.

If this is true, then I dont think it matters what you do with EIGRP on the ISP network.

From the diagram, it seems that you would just want to advertise all EIGRP routes (which would include the end customers 50.0.0.x loopbacks, from the PE1 (R3 and R7 routers) to the CSC PE routers (R4 and R6, respectively).

Then, via MP-BGP, the two CsC PE routers would exchange routes for that ISPa VPN, and the ISP essentially has one big Continuous network, instead of two broken apart networks on the other side of the world from each other.

So, really, this isnt CsC, but rather just basic MPLS VPN.

Now, if you wanted to really truely extend this into CsC, then you should stop worrying about connecting EIGRP as one giant IGP, because in the real world, ISPa would not have a shared IGP with the CsC network which would support its backbone connection from the left network to the right network. Instead, your main goal would be to use the CsC network to create the Virtual IGP between Left and Right ISPa networks, and then use that virtual IGP as the backbone for your ISPa MPLS VPN, which would connect Customer Yellow to its remote sites as if they were one big continuous network as well.

3/21/2008 8:57:53 PM

wut
Suspended
977 Posts
user info
edit post

Quote :
"rather just basic MPLS VPN."

Yes.

All Im doing is a basic simple MPLS VPN all within one BGP AS.

Im only having problems with the PE-CE protocol redistributing in to MP-BGP.

Once I get one site on each side up and running then I can move toward using different PE-CE protocols, and from there I can move to using 2 different BGP AS's, and after all that I can move to doing some traffic engineering configurations (as simple and impractical as it might be with this topology).

This webiou example is just giving me the stick time to help me further understand implementation and configuration for the MPLS exam.


I verified with one of the contractors who teached the MPLS 5 day class here that I need to contain all EIGRP networks within one EIGRP process and just advertise the cu networks in the ipv4 address family.

I dont know why I am making this so much harder than it needs to be.

3/22/2008 9:13:40 AM

robster
All American
3545 Posts
user info
edit post

Yeah, so at the CsC PE on the left, you want to configure eigrp with a vrf. Then redistribute that eigrp vrf into the bgp address family. That will send all the eigrp routes on the left to the other PE on the right, where you will redistribute bgp address family vrf ISPa into eigrp address family vrf ISPa.

SO, the example eigrp config I sent you would be used on router 4 and 6. And you would make the interface connecting R4 to R3 (s1/0 on R4) ip vrf forwarding ISPa, as well as S0/0 on R6 which is connected to R7.

ISPa would not have any vrf aware interfaces, nor would it have vrfs configured at all.


Get it?

3/22/2008 11:50:20 AM

wut
Suspended
977 Posts
user info
edit post

Oh yea - I know how the operation of an MPLS VPN occurs and can explain that just fine. Every component of the network is configured as its supposed to be, I just effed it all up with the EIGRP config.

Ill work on it when I get off shift and post the configs. Been one hell of a week.

My problem was the specific configuration of EIGRP and why I was separating the routes in 2 different processes. Silly me.

3/22/2008 11:53:21 AM

robster
All American
3545 Posts
user info
edit post

Here is a great simple example from the config guide:

http://www.cisco.com/en/US/docs/ios/12_4/ip_route/configuration/guide/h_eipece_ps6350_TSD_Products_Configuration_Guide_Chapter.html#wp1027258


EIGRP MPLS VPN Configuration Example

The following configuration example in global configuration mode creates a VRF named RED and associates it with an interface:

ip vrf RED

rd 100:1

route-target both 100:1

exit

interface FastEthernet 0/0

ip vrf forwarding RED

ip address 10.0.0.1 255.255.255.0

end

BGP Network Configuration Example

The following configuration example shows the minimum BGP configuration required on the PE routers to support the EIGRP MPLS VPN:

router bgp 10

no synchronization

neighbor 10.0.0.1 remote-as 10

neighbor 10.0.0.1 update-source loopback 0

address-family vpnv4

neighbor 10.0.0.1 activate

neighbor 10.0.0.1 send-community extended

exit-address-family

address-family ipv4 vrf RED

redistribute eigrp 101

no synchronization

exit-address-family

EIGRP Redistribution Example

The following configuration example configures EIGRP redistribution through the MPLS VPN over the BGP core network:

router eigrp 1

address-family ipv4 vrf RED

network 172.16.0.0 0.0.255.255

redistribute bgp 10 metric 10000 100 255 1 1500

autonomous-system 101

exit-address-family

3/22/2008 11:54:25 AM

wut
Suspended
977 Posts
user info
edit post

^ yes!


All I would need to do to that is add the backbone EIGRP networks in to the global EIGRP config and thats all she wrote!

3/22/2008 11:57:22 AM

ScHpEnXeL
Suspended
32613 Posts
user info
edit post

This thread makes me glad I'm not pursuing my cisco certs anymore and got a new job in a new direction

3/22/2008 12:01:19 PM

wut
Suspended
977 Posts
user info
edit post

Cisco sets the bar pretty high I have to admit.

Although Im kind of glad given the average salaries of some of the certifications.

3/22/2008 12:02:11 PM

pmcassel
All American
1553 Posts
user info
edit post

Quote :
"^^^ pmcassel only makes jokes because I ignore his stupid questions all day, as he sits across the aisle from me."


im a newbie, i'll give you that
all 4 questions ive asked you over the last month have been pretty good

but at least i knew that the gym spitter wasn't an eyewash

3/23/2008 11:45:32 AM

jimmy123
Veteran
395 Posts
user info
edit post

going for CCIP soon, increasingly scared

3/23/2008 11:50:48 PM

csdozier
All American
510 Posts
user info
edit post

^ I recommend taking the BGP+MPLS test if still possible rather than the BGP test then the MPLS test, it is a bit easier that way

3/24/2008 7:09:49 AM

wut
Suspended
977 Posts
user info
edit post

You SHOULD proceed through the CCIP in this order:

1 BSCI, 2 BGP, 3 QoS, 4 MPLS

However, if you are going to take the MPLS+BGP exam, do so after the BCSI.

There really arent any questions regarding QoS other than look at the interface config and identify why it wont work (what command is missing), etc.

You really dont need the BSCI before the MPLS but trust me, after doing it this way myself, just make it easier on yourself and take the BCSI first. You have to remember that the MPLS exam is IMPLEMENTING MPLS, which means its pretty lab/configuration based for a typical exam.

3/24/2008 7:46:15 AM

csdozier
All American
510 Posts
user info
edit post

Although we really dont have many openings at the moment.. If anybody wants to work on a real mpls network and apply at Verizon Business, let me know so I can get a recruiting bonus

3/25/2008 7:57:19 AM

robster
All American
3545 Posts
user info
edit post

Although we really don't have many openings at the moment.. If anybody wants to troubleshoot many real mpls networks and apply at Cisco Systems, let me know so I can get a recruiting bonus.

3/25/2008 8:01:42 AM

RhoIsWar1096
All American
3857 Posts
user info
edit post

RPs are teh suck, VoIP ftw

3/25/2008 10:39:37 AM

wut
Suspended
977 Posts
user info
edit post

^^^ Ive got my resume out looking at external opportunities.

^^ Oh, hai!

[Edited on March 25, 2008 at 11:25 AM. Reason : .]

3/25/2008 11:25:07 AM

wut
Suspended
977 Posts
user info
edit post

I corrected EIGRP and am running everything under the same process.

However routes are not being sent across via MP-BGP. I think it might have something to do with incorrectly implementing the AS numbers in the redistribution. I was unsure if you referenced the EIGRP or BGP AS under the BGP ipv4 vrf add-family and visa versa with the redistribution statement in EIGRP.

The correct routes from each side are showing up correctly in the sh ip route vrf [name]

Here are the configs:


PE1#sh run
Building configuration...

Current configuration : 1539 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PE1
!
boot-start-marker
boot-end-marker
!
!
clock timezone PST -8
no aaa new-model
ip subnet-zero
ip cef
!
ip vrf cust1
rd 1:1
route-target export 1:1
route-target import 1:1
!
!
!
interface Loopback0
ip address 100.0.0.3 255.255.255.255
no clns route-cache
!
interface Serial0/0
ip address 10.0.1.1 255.255.255.0
tag-switching ip
serial restart-delay 0
no clns route-cache
!
interface Serial1/0
ip vrf forwarding cust1
ip address 192.168.0.2 255.255.255.0
serial restart-delay 0
no clns route-cache
!
router eigrp 1
network 10.0.1.0 0.0.0.255
no auto-summary
!
address-family ipv4 vrf cust1
redistribute bgp 100 metric 1000 100 255 1 1500
network 100.0.0.3 0.0.0.0
network 192.168.0.0
no auto-summary
autonomous-system 1
exit-address-family
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 100.0.0.7 remote-as 100
neighbor 100.0.0.7 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 100.0.0.7 activate
neighbor 100.0.0.7 send-community both
exit-address-family
!
address-family ipv4 vrf cust1
redistribute eigrp 1
no auto-summary
no synchronization
exit-address-family
!
ip classless
no ip http server
!
!
!
!
!
line con 0
transport preferred all
transport output all
line aux 0
transport preferred all
transport output all
line vty 0 4
login
transport preferred all
transport input all
transport output all
!
end



and the other side



PE2#sh run
Building configuration...

Current configuration : 1539 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PE2
!
boot-start-marker
boot-end-marker
!
!
clock timezone EST -5
no aaa new-model
ip subnet-zero
ip cef
!
ip vrf cust2
rd 2:1
route-target export 1:1
route-target import 1:1
!
!
!
interface Loopback0
ip address 100.0.0.7 255.255.255.255
no clns route-cache
!
interface Serial0/0
ip vrf forwarding cust2
ip address 192.168.2.1 255.255.255.0
serial restart-delay 0
no clns route-cache
!
interface Serial1/0
ip address 10.0.2.2 255.255.255.0
tag-switching ip
serial restart-delay 0
no clns route-cache
!
router eigrp 1
network 10.0.2.0 0.0.0.255
no auto-summary
!
address-family ipv4 vrf cust2
redistribute bgp 100 metric 1000 100 255 1 1500
network 100.0.0.7 0.0.0.0
network 192.168.2.0
no auto-summary
autonomous-system 1
exit-address-family
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 100.0.0.3 remote-as 100
neighbor 100.0.0.3 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 100.0.0.3 activate
neighbor 100.0.0.3 send-community both
exit-address-family
!
address-family ipv4 vrf cust2
redistribute eigrp 1
no auto-summary
no synchronization
exit-address-family
!
ip classless
no ip http server
!
!
!
!
!
line con 0
transport preferred all
transport output all
line aux 0
transport preferred all
transport output all
line vty 0 4
login
transport preferred all
transport input all
transport output all
!
end



R7 and R3 are BGP neighbors according to the sh ip bgp summary command output.

Any idea whats wrong?

[Edited on March 25, 2008 at 12:49 PM. Reason : .]

3/25/2008 12:46:07 PM

robster
All American
3545 Posts
user info
edit post

Are you still doing CsC? I ask because I am wondering if your underlying mpls scheme from PE1 to PE2 is setup correctly.

Also, post the output from show ip bgp vpnv4 summ, show ip route vrf cust2, etc.

3/25/2008 1:40:07 PM

CarZin
patent pending
10527 Posts
user info
edit post

Ugh. I have to teach a class on OSPF and MPLS next week. The OSPF part is a breeze. Been too long away from MPLS for the lecture to be anything more than an intro.

3/25/2008 1:45:16 PM

robster
All American
3545 Posts
user info
edit post

wut, This is how the ISP side of a CsC network should be setup.


(from the mpls csc guide) ...

http://www.cisco.com/en/US/docs/ios/12_0st/12_0st14/feature/guide/csc.html#wp1046565

Look at the diagram there. The ISP mp-bgp connection is done between the far end PEs, not the ISP-CEs that are connected to the CsC network.

[Edited on March 25, 2008 at 1:50 PM. Reason : .]

3/25/2008 1:50:22 PM

robster
All American
3545 Posts
user info
edit post

^^ where do you teach at? Whats the audience?

How much will you pay me to do the MPLS part

3/25/2008 1:51:41 PM

wut
Suspended
977 Posts
user info
edit post

Honestly I dont know what CsC is. If youre wondering from whats written on the picture then no.

Ignore the shaded areas of that picture and just think of this as 9 daisy chained routers together. R3 and R7 are the PE's - ignore the blue and yellow shaded logical designations.

R2 is just passing routes from R1 to R3, its not doing anything invasive.

This is pulled from R7 in the picture.


PE2#sh ip bgp vpnv4 all
BGP table version is 11, local router ID is 100.0.0.7
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 2:1 (default for vrf cust2)
*> 10.0.0.0 192.168.2.2 2681856 32768 ?
*> 50.0.0.9/32 192.168.2.2 2809856 32768 ?
*> 192.168.2.0 0.0.0.0 0 32768 ?



PE2#sh ip route vrf cust2

Routing Table: cust2
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

50.0.0.0/32 is subnetted, 1 subnets
D 50.0.0.9 [90/2809856] via 192.168.2.2, 01:51:15, Serial0/0
D 10.0.0.0/8 [90/2681856] via 192.168.2.2, 01:51:15, Serial0/0
C 192.168.2.0/24 is directly connected, Serial0/0



PE2# sh ip cef vrf cust2
Prefix Next Hop Interface
0.0.0.0/0 drop Null0 (default route handler entry)
0.0.0.0/32 receive
10.0.0.0/8 192.168.2.2 Serial0/0
50.0.0.9/32 192.168.2.2 Serial0/0
192.168.2.0/24 attached Serial0/0
192.168.2.0/32 receive
192.168.2.1/32 receive
192.168.2.255/32 receive
224.0.0.0/4 drop
224.0.0.0/24 receive
255.255.255.255/32 receive


PE2#sh ip bgp ipv4 unicast summary
BGP router identifier 100.0.0.7, local AS number 100
BGP table version is 1, main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
100.0.0.3 4 100 21 17 0 0 0 1d00h Active




[Edited on March 25, 2008 at 2:10 PM. Reason : .]

3/25/2008 2:08:28 PM

robster
All American
3545 Posts
user info
edit post

show ip bgp vpnv4 summ

show mpls for

3/25/2008 4:17:41 PM

wut
Suspended
977 Posts
user info
edit post

Quote :
"PE2#sh ip bgp vpnv4 summ
^
% Invalid input detected at '^' marker.
"



Thats why I gave you the sh ip bgp vpnv4 all output - there is no summary command.

PE2#sh mpls forwarding-table 
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Untagged 200.0.0.6/32 0 Se1/0 point2point
17 Untagged 172.16.1.0/24 0 Se1/0 point2point
18 Untagged 200.0.0.5/32 0 Se1/0 point2point
19 Untagged 172.16.0.0/24 0 Se1/0 point2point
20 Untagged 200.0.0.4/32 0 Se1/0 point2point
21 Untagged 10.0.1.0/24 0 Se1/0 point2point
22 Untagged 50.0.0.9/32[V] 0 Se0/0 point2point
23 Untagged 10.0.0.0/8[V] 0 Se0/0 point2point
24 Aggregate 192.168.2.0/24[V] 0



Hrmm I think MPLS isnt turned on in the P network somewhere.





PE2#sh mpls ldp bindings
tib entry: 10.0.1.0/24, rev 14
local binding: tag: 21
tib entry: 10.0.2.0/24, rev 16
local binding: tag: imp-null
tib entry: 100.0.0.7/32, rev 15
local binding: tag: imp-null
tib entry: 172.16.0.0/24, rev 10
local binding: tag: 19
tib entry: 172.16.1.0/24, rev 6
local binding: tag: 17
tib entry: 200.0.0.4/32, rev 12
local binding: tag: 20
tib entry: 200.0.0.5/32, rev 8
local binding: tag: 18
tib entry: 200.0.0.6/32, rev 4
local binding: tag: 16


PE2#sh mpls ldp neighbor






Hrmm..

I think the problem is the loopbacks of both PE routers are put in the ipv4 add family instead of the global EIGRP process which would prevent ldp from neighboring with the next hop egress router on each side.

[Edited on March 26, 2008 at 12:54 PM. Reason : .]

3/26/2008 12:33:45 PM

wut
Suspended
977 Posts
user info
edit post

Yup, I was right.

router eigrp 1
network 10.0.2.0 0.0.0.255
no auto-summary
!
address-family ipv4 vrf cust2
redistribute bgp 100 metric 1000 100 255 1 1500
network 100.0.0.7 0.0.0.0
network 192.168.2.0
no auto-summary
autonomous-system 1
exit-address-family

PE2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
PE2(config)#router eigrp 1
PE2(config-router)#add
PE2(config-router)#address-family ipv4 vrf cust2
PE2(config-router-af)#no network 100.0.0.7 0.0.0.0
PE2(config-router-af)#exiot
^
% Invalid input detected at '^' marker.

PE2(config-router-af)#exit
PE2(config-router)#router eigrp 1
PE2(config-router)#net 100.0.0.7 0.0.0.0
PE2(config-router)#end
PE2#wr
Building configuration...
[OK]
PE2#
*Mar 26 17:55:12.464: %LDP-5-NBRCHG: TDP Neighbor 200.0.0.6:0 is UP
*Mar 26 17:55:12.784: %SYS-5-CONFIG_I: Configured from console by console
PE2#
*Mar 26 17:56:18.716: %BGP-5-ADJCHANGE: neighbor 100.0.0.3 Up
PE2#sh mpls for
PE2#sh mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 200.0.0.6/32 0 Se1/0 point2point
17 Pop tag 172.16.1.0/24 0 Se1/0 point2point
18 16 200.0.0.5/32 0 Se1/0 point2point
19 17 172.16.0.0/24 0 Se1/0 point2point
20 19 200.0.0.4/32 0 Se1/0 point2point
21 20 10.0.1.0/24 0 Se1/0 point2point
22 Untagged 50.0.0.9/32[V] 0 Se0/0 point2point
23 Untagged 10.0.0.0/8[V] 0 Se0/0 point2point
24 Aggregate 192.168.2.0/24[V] 0
25 21 100.0.0.3/32 0 Se1/0 point2point
PE2#


Same result on the other side.

Ill try to verify w/ping through vrf.

There is also another command, but Im a bit vague if this is the correct one. I think its sh ip cef vrf [name] will show you the next hop PE if done from a PE.

brb

[Edited on March 26, 2008 at 1:11 PM. Reason : .]

3/26/2008 12:58:24 PM

wut
Suspended
977 Posts
user info
edit post

yup I fixted it

PE2#sh ip cef vrf cust2
Prefix Next Hop Interface
0.0.0.0/0 drop Null0 (default route handler entry)
0.0.0.0/32 receive
10.0.0.0/8 192.168.2.2 Serial0/0
10.0.0.0/24 10.0.2.1 Serial1/0
50.0.0.1/32 10.0.2.1 Serial1/0
50.0.0.9/32 192.168.2.2 Serial0/0
100.0.0.2/32 10.0.2.1 Serial1/0
192.168.0.0/24 10.0.2.1 Serial1/0
192.168.2.0/24 attached Serial0/0
192.168.2.0/32 receive
192.168.2.1/32 receive
192.168.2.255/32 receive
224.0.0.0/4 drop
224.0.0.0/24 receive
255.255.255.255/32 receive



PE2#ping vrf cust2 50.0.0.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 50.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/51/88 ms
PE2#


[Edited on March 26, 2008 at 1:00 PM. Reason : .]

3/26/2008 12:59:50 PM

robster
All American
3545 Posts
user info
edit post

Yeah it wasnt looking like you had labels, or vpnv4 routes for that matter...

Gotta have that core working!!

BTW, show ip cef vrf NAME shows you the next hop (p device), not pe device, unless directly connecting PE routers.

show ip bgp vrf NAME (or whatever) will show you the next hop PE device, and then you would do a global route/mpls label lookup for that next hop PE address to determine how the packet will be switched through the MPLS core.

Good job fixing your lab though. Run through it a few more times, and youll have a pretty good grasp of this stuff, for sure.

3/26/2008 9:11:54 PM

wut
Suspended
977 Posts
user info
edit post

I forget the command but its in the 5 day MPLS class book we have internally. I just know it showed you the next hop for the VPN which would have been the remote PE label. Ill have to look it up when I get home.

Thanks for the encouragement though.

I will spend a few days just wr erasing the PE and rebuilding the config so I get used to it and memorize it. One of the things that makes this difficult is that there are so many different components to this type of L3 vpn. It turns from troubleshooting an issue hierarchically (l2 to l3 etc) to horizontally (is it bgp, eigrp, mpls, ldp neighbor configured, etc).

For now Id say Im 70% ready for the exam again.

For the PE-CE protocols Im good now with

static
ripv2
eigrp

but I need work on using

bgp
ospf - Im god aweful with OSPF, especially if its used in the backbone. I remember the lab we had in the class and had to create a super backbone etc etc. I had nightmares from that portion of the class.

3/27/2008 10:42:42 AM

robster
All American
3545 Posts
user info
edit post

Yeah, I would practice with an OSPF core from here on out if I were you. Thats really the main way people implement it these days (along with IS-IS). Also, make it a bgp free core, and try using a route-reflector (not configured with mpls) to get it all working. That is the ideal topology, and if you understood the intricacies of it, your knowledge would be pretty valuable, and you would be very close to the CCIE-SP and CCIP in my opinion.

3/28/2008 6:33:31 AM

wut
Suspended
977 Posts
user info
edit post

Well the good news is that I understand everything you said. The bad news is that it will take a good while to figure out how to implement that with webIOU. In other words Ill have to figure out where to put what in that topology.

Baby steps I suppose...

3/28/2008 7:49:45 AM

robster
All American
3545 Posts
user info
edit post

or use the real version, and make up your own topo alot easier. You can run it on the internal servers, you know, where the releases are kept.

3/28/2008 8:55:17 AM

cdubya
All American
3046 Posts
user info
edit post

Quote :
"OSPF core "

Quote :
"along with IS-IS"


Agreed- and a requirement if you're going to deploy mpls-te.

3/28/2008 9:33:21 AM

wut
Suspended
977 Posts
user info
edit post

Of course its a requirement to run OSPF or IS-IS for MPLS TE. Those are the only 2 protocols that have been extended for TE.

However, TE is a very very small portion of the CCIP MPLS exam. And if you do get questions on it, they are typically very superficial.

3/28/2008 9:51:31 AM

 Message Boards » Tech Talk » Anyone here know MPLS? Page [1] 2, Next  
go to top | |
Admin Options : move topic | lock topic

© 2024 by The Wolf Web - All Rights Reserved.
The material located at this site is not endorsed, sponsored or provided by or on behalf of North Carolina State University.
Powered by CrazyWeb v2.39 - our disclaimer.