I have a question regarding LDP tunnel LSP which I can't think of a satisfied answer.
Suppose we have two routers connected back to back, but, LDP is not enabled on either router's interface. If I configure EoMPLS in between , a LDP targeted session will be initiated and both prefix-fec and VC-fec mapping will be exchanged. In current IOS image, the l2 vc will not come up because the tunnel LSP is not ready. Now my question is, why do we need to enable LDP on the interface in order to bring up the tunnle LSP? from either router's point of view, it has label mapping to peer's router-id and peer is directly connected, it should just install the label (either implicit-null or explicit null) in its LFIB, and declare LSP is ready, right?
Anybody can please tell me why the router decides not to install the tunnel label?
maybe an analogy can help to clarify this: assume you have two routers back to back with no IP address on either interface. Even if you install static routes to each others loopbacks pointing to the connecting interface, no IP forwarding takes place. The reason is, that for IP forwarding to take place a valid IP needs to be configured on the interface enabling this protocol (0x0800).
Similar, "mpls ip" enables the usage and forwarding of MPLS labeled packets (protocol 0x8847) over an interface. Works as designed.
[Edit] From another point of view: this might be seen as a secutrity feature. Assume a MPLS PE connecting through an IP interface to a customer CE. The customer can NOT send labeled packets (DoS), which would then be forwarded, because MPLS is not enabled on the interface.
Actually there are other scenarios that when "mpls ip" is not configured on an interface but still the interface can forward tagged packet, ie, "mpls traffic-enginnering tunnel" and "mpls bgp forwarding", the sole result of configuring "mpls ip" is to enable interface to sent LDP link-hellos to discover a neighbor.
I got your point, if a specific application is not configured on an interface, the interface should not allow any traffic of that application to come in or out.
1. Introduction Internet security is important with the increasing
attacks that are happening every day. Many internet and browsing
security solutions exist, but some are not very easy to use or maybe the
question is how can I enable them? In this referen...
Cisco Software Manager Server API Guide This document describes the
programmatic interfaces, RESTful APIs, which are supported by Cisco
Software Manager Server (CSM Server). Overview CSM Server supports a set
of finite RESTful APIs. The first step to use ...
If you are using Cisco's new linux-based Cisco Software Manager server,
then you probably want to make sure there is a startup service for
it.I'll assume that you've already installed the CSM server on a
systemd-based linux system. The commands given belo...