Ping to PE interface

Answered Question
Aug 25th, 2007

I configured the MPLSVPN in my test topology which is chain of 6 router 1 and 6 routers are CE routers and all other are for provier network in which 2 and 5 is PE1 and PE2 router, as PE-CE communication i am using RIP, In both the CE router i have configured 3 loop back interface as internal network.

Here i can see the loopback of each other CEs in their routing tables but i cannot able to ping those loopbacks why?

other strang thing is i can not ping the PE routers interface which are connected with the CE routers so i want to know why i cannot ping the PE routers interface facing to CE routers?

How can i make all those loopback reachable to each other?

Correct Answer by swaroop.potdar about 9 years 6 months ago

Dan, how are you trying to ping. I am sure you are using the "ping vrf "

If you use the plain ipv4 ping like "ping " it wpont work.

HTH-Cheers,

Swaroop

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.8 (5 ratings)
Loading.
dangal.43 Sat, 08/25/2007 - 23:51

I tried to using the subnet mask issue of the Loopback interface by advertising the configured subnet mask in ospf. but now strange problem is i am not able to ping my PE1 and PE2 routers interfaces which are connected with the Customer from same PE routers how to solve this issue?

swaroop.potdar Sun, 08/26/2007 - 08:38

Can you pls provide answers in brief for these questions.

1) Ping the remote CE loopback from local CE.

Pass Fail

2) Ping the same subnet from the local PE.

Pass Fail

3) Ping the same subnet from the remote PE connecting the remote CE.

Pass Fail.

4) Check this at Local PE ( show mpls forwarding x.x.x.x [where x.x.x.x is the remote PE loopback])

Pass Fail

5) Check this at the remote PE (show mpls for x.x.x.x [where x.x.x.x is the PE loopback for the local PE])

Pass Fail

6) Finally do a MPLS traceroute or ping from one PE to other.

Pass Fail.

PS: if you dont have MPLS ping/trace in your IOS then do a normal trace from one PE to ther and paste the output.(ideally you should see label swaps with each hop except for the last hop)

This will helps us or may be before you come back, you your self would be able to solve it successfully.

If the above doesnt solve, pls provide a output of "show mpls for" ,a show ip route vrf xx and show ip bgp vpnv4 all vrf xx form both PE's. "show ip route" form both CE's.

Pls mention the PE loopback used for LDP and MPBGP and also the subnet with the problem between CE's.

HTH-Cheers,

Swaroop

dangal.43 Sun, 08/26/2007 - 09:51

Swaroop,

No ping from one CE to other CE.

as i told you i can not ping the both the PE client facing interface from PE it self.

I can ping to the PE Clientfacing interface from CE only, its also strange....

I have all the remote CE routes in my local CE thats also strange....

and I will post all most all the show after few mins as i just weak up....

but can you tell me what will be the logical reason behind that?

Correct Answer
swaroop.potdar Sun, 08/26/2007 - 15:24

Dan, how are you trying to ping. I am sure you are using the "ping vrf "

If you use the plain ipv4 ping like "ping " it wpont work.

HTH-Cheers,

Swaroop

dangal.43 Sun, 08/26/2007 - 15:57

yes Swaroop i am pinging like normal IPv4 ping!!!!

so wht kind of ping i have to test?

and why its not working with normal ping?

dangal.43 Sun, 08/26/2007 - 16:26

Swaroop,

I have configured only one customer having two site with CE router CE1A and CE1B now I have all the routes of CE1B in CE1A routing table and vice versa.... it means i have reachability from one site to other site right!!!!

so on CE1A also i have to use different kind of ping to CE1B too. when i tried to ping the CE1B router loopback from CE1A then i got U.U.U response of ping....

swaroop.potdar Sun, 08/26/2007 - 21:42

Dan, you need to use the vrf ping as the forwarding tables used on a PE are broken down into different virtual tables for each VRF and one for the global.

For Eg: to ping a VRF 'A' interface from a PE,

"ping vrf A x.x.x.x" where x.x.x.x is the IP in the VRF routing table.

If you are getting the U.U. then can you check as per the steps given in my first post and give the outputs.

Basically verify whether you are getting the following routes in CE1A routing table.

1) route of the PE1B and CE1B interface.

2) route of CE1B loopback.

3) do a trace from you PE1A to PE1B and note whether you observe the label swaps per hop.

do the same from the other side.

HTH-Cheers,

Swaroop

dangal.43 Wed, 08/29/2007 - 10:03

Swaroop,

Now its up and running.... I configured Loopbakc with /32 on P1 and P2 too....

hey what is the logic behind using the exact subnet mask in OSPF propagation and LDP?

swaroop.potdar Thu, 08/30/2007 - 06:58

Dan, you can again assign the loopbacks with /24 and observe the behaviour as below.

1) Do a "show mpls forwarding".

You will see only a local label is assigned and outgoing label is specified as no label.

2) Then on the same router do "show mpls ldp bindings" You will observe that the local routers is assigning a local label for a /32 prefix and the remote lsr binding is for a /24 prefix of the loopback.

So the label assignment is seen as for different prefixes. Hence there wont be any labels available to switch the traffic.

Now coming to why this happens is, in OSPF a loopback is advertised by default as a /32 irrespective of its orginal mask.

In the same setup with a /24 mask for the loopback, if you can force OSPF to advertise it with its orginal mask as below then it will still work.

1) go into thr interface mode of the loopback and specify "ip ospf network point-to-point"

2) Or redistribute the loopback into OSPF so that it gets advertised with its original mask.

The above is for academic purposes only, so as to understand the behaviour properly, as a best practise always assign the loopback as a /32, infact with some other vendors any other mask than /32 for a loopback is not allowed.

HTH-Cheers,

Swaroop

Harold Ritter Thu, 08/30/2007 - 07:22

Dan,

IOS should generally warn you abut this situation with the following message:

00:01:07: %BGP-4-VPNV4NH_MASK: Nexthop 192.168.4.1 may not be reachable from neigbor 192.168.3.1 - not /32 mask

Regards,

swaroop.potdar Thu, 08/30/2007 - 08:12

Dan, Harold,

This log would be generated by the Egress PE whose mask is not configured as /32. but only a PE can do this. And also this proactive feature is there in 12.4T I believe.

Dan in your case since you had a P router configured with a non /32 mask you will not get this message.

HTH-Cheers,

Swaroop

dangal.43 Thu, 08/30/2007 - 10:08

Thanks Swaroop and Harold,

One more question now: so we need same subnet mask of all loopback interface on each router of service provider network or it is something like you can have different mask of loopback interfaces on different router but I just have to make sure the OSPF should advertise the exact configured mask of the Loopback interface to other routers right!!!

It means LDP will use the the exact configured mask of interface where as ospf will by default advertise loopback with /32 so i have to make ospf to advertise the exact subnet mask right!!!

swaroop.potdar Thu, 08/30/2007 - 10:53

Dan, LDP advertises label bindings to prefixes as in the IGP table.The loopback is seen with its actual mask (/24 in your case) in the IGP table as it shows directly connected to the PE in its routing table. So he advertises a label mapping to /24. But OSPF advertises it with /32 as its a stub host for OSPF. So the other side router is not able to map a label to /24 as he doesnt have that route.

So its not like LDP advertises the right mask and OSPF doesnt, LDP just relies on the routing table to generate labels, which means OSPF has to be tweaked to get it working (only in a controlled LAB enviornment) As a practise configure and advertise a loopback with a /32 throughout your network be it service provider or enterprise.

HTH-Cheers,

Swaroop

Actions

This Discussion