Routing Between CE Routers

Unanswered Question
Jan 5th, 2009

Do I need to establish BGP Peering between two PE's that connect to different CE's within the same VRF?

I see the routes on one of the PE's in the VRF's routing table, but not the other. Not sure why.

I would think that I first need to see the routes advertised routers in the PE's before I can even think about having the routes end up in the CE's.

What troubleshooting steps do I need to take?

Is there a troubleshooting doc that I can reference?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (4 ratings)
Loading.
Harold Ritter Mon, 01/05/2009 - 15:51

Mark,

Yes, you do need to have a BGP session between the two PEs under the VPNv4 address family (either direct or through a route reflector).

This session should be established using the IP address of the loopback interface on each PE. Also to avoid any issues, make sure that the IP address of the loopback interface is configured as a /32.

Regards

mheick Mon, 01/05/2009 - 16:53

So I have the PE's configured for BGP, attempting to make an IBGP connection but not being successful. I have removed and readded the config. The BGP state is staying active.

The route for PE2 appears in the routing table for PE1 via OSPF and vice versa.

Here is the network diagram

PE1->MPLS-BB1->MPLS-BB2->PE2

When I do a trace for PE2 from PE1 it stops at MPLS-BB1 and when I do a trace for PE1 from PE2 it stops at MPLS-BB2.

Here is the config:

PE1

interface Loopback0

ip address 68.2.0.1 255.255.255.255

router ospf 1

router-id 68.2.0.1

log-adjacency-changes

redistribute bgp 65000

network 68.0.0.0 0.255.255.255 area 0

!

router bgp 65000

no synchronization

bgp log-neighbor-changes

redistribute connected

redistribute ospf 1

neighbor 68.2.0.3 remote-as 65000

neighbor 68.2.0.3 update-source Loopback0

no auto-summary

!

address-family vpnv4

neighbor 68.2.0.3 activate

neighbor 68.2.0.3 send-community extended

exit-address-family

**MPLS-BB1**

router ospf 1

router-id 68.1.0.1

log-adjacency-changes

network 68.0.0.0 0.255.255.255 area 0

**MPLS-BB2**

router eigrp 2

redistribute connected

passive-interface default

no passive-interface GigabitEthernet1/0/1

network 10.0.0.0

no auto-summary

!

router ospf 1

router-id 68.1.0.2

log-adjacency-changes

redistribute eigrp 2

network 68.0.0.0 0.255.255.255 area 0

default-information originate

**PE2**

interface Loopback0

ip address 68.2.0.3 255.255.255.255

router ospf 1

router-id 68.2.0.1

log-adjacency-changes

network 68.0.0.0 0.255.255.255 area 0

!

router bgp 65000

no synchronization

bgp log-neighbor-changes

redistribute connected

redistribute ospf 1

neighbor 68.2.0.3 remote-as 65000

neighbor 68.2.0.3 update-source Loopback0

no auto-summary

!

address-family vpnv4

neighbor 68.2.0.3 activate

neighbor 68.2.0.3 send-community extended

exit-address-family

Harold Ritter Mon, 01/05/2009 - 17:56

Mark,

1. It looks like you are using the same ospf router id on both PE1 and PE2 (68.2.0.1). They should definitely be different.

2. On PE2, the bgp neighbor address should be 68.2.0.1 rather than 68.2.0.3, which is the local address. This is probably just a typo.

3. You should not redistribute ospf in bgp (redistribute ospf 1) on both PEs.

Regards

mheick Tue, 01/06/2009 - 08:52

I have to call ID10T error on that one. I pasted the config from PE1 and pasted it as the config for PE2. I apologize for wasting your time on that turn.

I have cleaned up the config with your guidance. The situation now is that I can ping 68.2.3.2 from MPLS-BB1 but not the Loopback on PE2. From PE1, I can't ping 68.2.3.2 or the Loopback of 68.2.0.3 of PE2. The same holds true for MPLS-BB2 and PE1, I can ping 68.2.1.2 but not the Loopback of 68.2.0.1.

Do I need to place redistribute connected on all of the ospf and bgp instances in the network?

Do I need to redistribute bgp into ospf?

Here are the latest configs:

*****PE1*****

router ospf 1

router-id 68.2.0.1

log-adjacency-changes

redistribute connected

network 68.0.0.0 0.255.255.255 area 0

!

router bgp 65000

no synchronization

bgp log-neighbor-changes

redistribute connected

neighbor 68.2.0.3 remote-as 65000

neighbor 68.2.0.3 update-source Loopback0

no auto-summary

!

address-family vpnv4

neighbor 68.2.0.3 activate

neighbor 68.2.0.3 send-community extended

exit-address-family

!

address-family ipv4 vrf vpn-mtb

redistribute connected

neighbor 68.139.201.30 remote-as 1

neighbor 68.139.201.30 activate

neighbor 68.139.201.30 as-override

no auto-summary

no synchronization

exit-address-family

*****MPLS-BB1*****

interface Loopback0

ip address 68.1.0.1 255.255.255.255

!

interface FastEthernet0/0

ip address 68.1.1.1 255.255.255.252

duplex auto

speed auto

tag-switching ip

!

interface FastEthernet1/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet2/0

ip address 68.2.1.1 255.255.255.252

duplex auto

speed auto

tag-switching ip

!

interface FastEthernet2/1

ip address 68.2.2.1 255.255.255.252

duplex auto

speed auto

tag-switching ip

!

router ospf 1

router-id 68.1.0.1

log-adjacency-changes

redistribute connected

network 68.0.0.0 0.255.255.255 area 0

*****MPLS-BB2*****

interface Loopback0

ip address 68.1.0.2 255.255.255.255

!

interface FastEthernet1/0/1

no switchport

ip address 68.2.3.1 255.255.255.252

no snmp trap link-status

mpls ip

!

interface FastEthernet1/0/2

no switchport

ip address 68.2.4.1 255.255.255.252

no snmp trap link-status

mpls ip

******truncated

router eigrp 2

redistribute connected

passive-interface default

no passive-interface GigabitEthernet1/0/1

network 10.0.0.0

no auto-summary

!

router ospf 1

router-id 68.1.0.2

log-adjacency-changes

redistribute connected

redistribute eigrp 2

network 68.0.0.0 0.255.255.255 area 0

default-information originate

*****PE2*****

interface Loopback0

ip address 68.2.0.3 255.255.255.255

!

interface Ethernet0/0

ip address 68.2.3.2 255.255.255.252

half-duplex

tag-switching ip

!

interface Ethernet0/1

ip vrf forwarding vpn-mtb

ip address 152.162.21.77 255.255.255.252

full-duplex

!

router ospf 1

router-id 68.2.0.3

log-adjacency-changes

redistribute connected

network 68.0.0.0 0.255.255.255 area 0

!

router bgp 65000

no synchronization

bgp log-neighbor-changes

neighbor 68.2.0.1 remote-as 65000

neighbor 68.2.0.1 update-source Loopback0

no auto-summary

!

address-family vpnv4

neighbor 68.2.0.1 activate

neighbor 68.2.0.1 send-community extended

exit-address-family

!

address-family ipv4 vrf vpn-mtb

redistribute connected

neighbor 152.162.21.78 remote-as 1

neighbor 152.162.21.78 activate

neighbor 152.162.21.78 as-override

no auto-summary

no synchronization

exit-address-family

Harold Ritter Tue, 01/06/2009 - 09:36

Mark,

Thanks for the update. The lack of full IP connectivity is probably due to an ospf misconfiguration.

Are the ospf adjacencies up between all neighbors? Could you also check that both PE1 and PE2 are advertising their loopback interface IP address in their own router LSA (show ip ospf database router self-originate).

You should not need to redistribute BGP into ospf or vice versa. You should not need to redistribute the connected routes either as the network statement configured for ospf includes all of the core interfaces, including the loopback addresses.

Could you also attach the full configs for PE1, MPLS-BB1, MPLS-BB2 and PE2.

Regards

mheick Tue, 01/06/2009 - 10:08

Harold,

Here is the info you requested.

PE1#show ip ospf database router self-originate

OSPF Router with ID (68.2.0.1) (Process ID 1)

Router Link States (Area 0)

LS age: 32

Options: (No TOS-capability, DC)

LS Type: Router Links

Link State ID: 68.2.0.1

Advertising Router: 68.2.0.1

LS Seq Number: 80000051

Checksum: 0xB2B7

Length: 48

Number of Links: 2

Link connected to: a Stub Network

(Link ID) Network/subnet number: 68.2.0.1

(Link Data) Network Mask: 255.255.255.255

Number of TOS metrics: 0

TOS 0 Metrics: 1

Link connected to: a Transit Network

(Link ID) Designated Router address: 68.2.1.1

(Link Data) Router Interface address: 68.2.1.2

Number of TOS metrics: 0

TOS 0 Metrics: 1

PE2#show ip ospf database router self-originate

OSPF Router with ID (68.2.0.3) (Process ID 1)

Router Link States (Area 0)

LS age: 7

Options: (No TOS-capability, DC)

LS Type: Router Links

Link State ID: 68.2.0.3

Advertising Router: 68.2.0.3

LS Seq Number: 80000009

Checksum: 0xA2FC

Length: 48

Number of Links: 2

Link connected to: a Stub Network

(Link ID) Network/subnet number: 68.2.0.3

(Link Data) Network Mask: 255.255.255.255

Number of TOS metrics: 0

TOS 0 Metrics: 1

Link connected to: a Transit Network

(Link ID) Designated Router address: 68.2.3.1

(Link Data) Router Interface address: 68.2.3.2

Number of TOS metrics: 0

TOS 0 Metrics: 10

Thanks.

Harold Ritter Tue, 01/06/2009 - 10:55

Mark,

A couple of things.

1. CEF is not enabled on MPLS-BB2. This is probably not the cause of the lack of IP connectivity but will cause MPLS not to work later on.

2. Eigrp is still enabled on MPLS-BB2. You should probably disable it.

3. Could you run a "show ip ospf data" on PE1 and PE2 and post the results.

Regards

mheick Tue, 01/06/2009 - 11:04

I added CEF on MPLS-BB2.

I removed EIGRP from BB2.

Here is the show ip osfp data

*****PE1*****

PE1#show ip ospf database

OSPF Router with ID (68.2.0.1) (Process ID 1)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count

68.1.0.1 68.1.0.1 303 0x80000052 0x000C6A 4

68.1.0.2 68.1.0.2 1664 0x80000009 0x004E5E 4

68.2.0.1 68.2.0.1 935 0x80000053 0x00AEB9 2

68.2.0.3 68.2.0.3 326 0x8000000C 0x009CFF 2

Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum

68.1.1.1 68.1.0.1 558 0x80000007 0x007BA0

68.2.1.1 68.1.0.1 1569 0x80000005 0x0071AB

68.2.3.1 68.1.0.2 1664 0x80000005 0x007B9B

Type-5 AS External Link States

Link ID ADV Router Age Seq# Checksum Tag

0.0.0.0 68.1.0.2 1921 0x80000008 0x00B2B1 1

*****PE2*****

PE2#show ip ospf database

OSPF Router with ID (68.2.0.3) (Process ID 1)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count

68.1.0.1 68.1.0.1 413 0x80000052 0x000C6A 4

68.1.0.2 68.1.0.2 1772 0x80000009 0x004E5E 4

68.2.0.1 68.2.0.1 1047 0x80000053 0x00AEB9 2

68.2.0.3 68.2.0.3 432 0x8000000C 0x009CFF 2

Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum

68.1.1.1 68.1.0.1 668 0x80000007 0x007BA0

68.2.1.1 68.1.0.1 1679 0x80000005 0x0071AB

68.2.3.1 68.1.0.2 1772 0x80000005 0x007B9B

Type-5 AS External Link States

Link ID ADV Router Age Seq# Checksum Tag

0.0.0.0 68.1.0.2 2029 0x80000008 0x00B2B1 1

Harold Ritter Tue, 01/06/2009 - 11:11

Mark,

This looks good to me. Can you do a "show ip route" on both PE1 and PE2. Can you also trace from PE1 to PE3 loopback address and vice versa and post the result.

Regards

Harold Ritter Tue, 01/06/2009 - 11:19

Mark,

While you are at it, can you also provide a "show ip route" from MPLS-BB1 and MPLS-BB2 as well.

Regards

Harold Ritter Tue, 01/06/2009 - 12:12

Mark,

Can you provide the following commands

From PE1:

"sh ip cef 68.2.0.3"

"ping 68.2.0.3"

From MPLS-BB1:

"show mpls for"

From MPLS-BB2:

"show mpls for"

From PE2:

"sh ip cef 68.2.0.1"

"ping 68.2.0.1"

Regards

Harold Ritter Tue, 01/06/2009 - 13:33

Mark,

The output for the "show mpls forwarding" on MPLS-BB2 doesn't look right. What kind of device is MPLS-BB2 and what level of IOS is it running?

If this is just for a lab test, I would suggest taking MPLS-BB2 out of the picture by connecting PE2 directly to MPLS-BB1 and see if it fixes the issue.

Regards

mheick Tue, 01/06/2009 - 13:45

MPLS-BB2 is a 3750 Metro running Version 12.2(35)SE5.

I would prefer to use this device if I can. I have plans to build out the lab to include more nodes and this device obviously has the ports to allow me to do this.

Harold Ritter Tue, 01/06/2009 - 13:57

Mark,

Could you please save the configuration and reload the MPLS-BB2 to see if the output of the "show mpls forwarding" still shows the outgoing interface as drop for 68.2.0.1 or if the reload fixes the issue.

Regards

mheick Tue, 01/06/2009 - 14:03

The reload didn't fix the issue. Are we thinking bug?

Harold Ritter Tue, 01/06/2009 - 14:19

Mark,

It looks like it. I cut and pasted your configs on low end routers and I could readily ping/traceroute PE3 loopback interface address from PE1 and vice versa, hence the suggestion to take BB2 out of the picture just to validate the hypothesis of a bug.

Regards

mheick Tue, 01/06/2009 - 18:08

Is there a particular release that you would recommend?

mheick Thu, 01/08/2009 - 13:45

Harold,

Since I upgrade the software and it didn't help. I tried connecting to the ES ports but my links would come up. Long story short, as advised I took the 3750 out of the picture and voila, I have an MPLS network. Thanks for the guidance.

mlund Wed, 01/07/2009 - 03:43

Hi

I have followed this conversation, I have however not opend the attachments, because Harold makes an exellent job (as usual).

I may be wrong here, but isn't the only ports on 3750 metro that can run mpls the uplinkports? Is it supported for P-router functionality?

This was just a couple of thoughts, that may be a mpls connetivity problem but not a IP problem.

/Mikael

Harold Ritter Wed, 01/07/2009 - 06:36

Hi Mikael,

Thanks for jumping in. 3750ME is not my specialty and I think you are quite right about this limitation.

Mark,

You should try linking MPLS-BB2 to PE2 using the second GE interface instead of using the FE interface.

Regards

Harold Ritter Wed, 01/07/2009 - 07:04

Mark,

You need to make sure that you use the Enhanced Services ports and not just any of the GigE ports to connect MPLS-BB2 to both MPLS-BB1 and PE2.

Here is a confirmation of the 3750ME limitation from the documentation:

"MPLS functionality is supported only on the enhanced-services (ES) ports"

http://www.cisco.com/en/US/docs/switches/metro/catalyst3750m/software/release/12.2_40_se/configuration/guide/swmpls.html

Regards

Actions

This Discussion