should i use mpls ip propagate-ttl "forwarded" or "local" if i want to hide traceroute result in the PE cloud.
meaning, only lan/CE traceroute and the internet GW will be shown, and any PE router will be hide. please advice.
I would say that you need the "forwarded" option, but it is not clear to me if you intend the traceroute result to be hidden for customer initiated traceroute's only.
Please have a look at the following "mpls ip propagate-ttl" documentation, which at the end includes traceroute examples for every possible configured option: