MPLS on 12.2T and Inter-AS VPN issue

owaisberg · ‎09-13-2006

Trying to connect 2 PEs and one ASBR in one AS to second AS with one ASBR and one PE:

AS1

PE1 ---- PE2

\ /

ASBR1

|

ASBR2

|

PE2

AS2

One of the PEs in the AS1 running 12.2T on c3640 and as it looks like doesn't inject its neighboring PEs/ASBR tags into TFIB which makes VPN connected to it unaccessible. Second PE in the same AS1 has identical config and full Inter-AS connectivity. As well PE1 cannot get to VPN on PE2 (due to reason above). PE2 from AS2 can get to VPN on PE1 in AS1. Configs on all PEs are identical, control plane is fine so the only problem is with that 12.2 router.

How can I make it work on 12.2T PE without performing IOS upgrade ?

Thanks.

OW

swaroop.potdar · ‎09-13-2006

Hi

1) Which Inter-AS Option are you implementing as per RFC2547bis.

2) Can u show some output which you used to confirms the break in the forwarding plane and proper functionality of the control plane.

HTH-Cheers,

Swaroop

owaisberg · ‎09-13-2006

No RRs, no IGP on Inter-AS link, no redistribute connected on ASBRs. MP-eBGP

peering between ASBRs and Next-hop-self

through IPv4&VPNv4 peerings towards PEs on

ASBRs.

I've attached some outputs and configs.

Please review and let me know if you can

see anything. Again, when all routers are

12.3/12.4 I have no issues at all it is only

that PE with 12.2T. I tested it in my lab and had similar results.

Coudn't attach PE2 from AS1 the one that runs 12.2T code .....not allowed more than 3

swaroop.potdar · ‎09-14-2006

Hi,

The output from of show ip bgp vpnv4 all and sjow mpls forwarding from your PE2-AS1 would have been very important to understand more.

Anyways, you are receiving the updates from MPBGP but the same updates are not being installed into the forwarding table ??

Some questions if this is right.

1) are you able to communicate form PE2-AS1 to other VPN's in the same AS.

2) Can u send the output of PE2-AS1 bgp vpnv4 and forwarding table.

HTH-CHeers,

Swaroop

olorunloba · ‎09-14-2006

Are your LDP or TDP sessions on the PE2 up? Note that the default distribution protocol was changed somewhere within 12.2 and 12.3 (can't remember exactly).

PE2 should have no business with the Inter-AS configuration, so I suspect that there is a problem with either TDP or LDP on the router.

owaisberg · ‎09-14-2006

It is TDP, I'll check if it is the case

What did you mean by " PE2 should have no

business with Inter-AS config" In fact it is

since VPN connected to that PE is as well

in the second AS too (since it is the same

company we're talking about ...just different sites)

olorunloba · ‎09-14-2006

What I mean by " PE2 should have no

business with Inter-AS config" is that the configuration to enable the Inter-AS configuration does not reside on the PE2, but on the ASBR. The PE does not have to support the Inter-AS feature, nor does it need any extra configuration asides what will allow it to communicate within its AS.

owaisberg · ‎09-14-2006

Absolutely agree on that....PE has nothing

to do with Inter-AS options in place so the

issue is on that specific router (PE2-AS1)

owaisberg · ‎09-14-2006

Hi Swaroop,

Output for PE2-AS1 attached. as you can see

the difference between the rest of the PEs

is that one has no entries for its VPNV4 neighbors in its TFIB. PE2-AS1 cannot communicate (VPN wise of course) to any other

PE within its AS and accross AS either.

olorunloba · ‎09-14-2006

All your outgoing labels are untagged. This implies that it has not recieved any labels from its neighbors. The most likely reason for this is that it has not formed any LDP/TDP adjacency with the neighbors. Confirm this with the following commands

show mpls ldp neigh

show tag tdp neigh

sh mpls ldp discovery

sh tag tdp discovery

show mpls inter

show tag inter

(I included both mpls and tag-switching commands, but they are equivalent, only that some old IOS do not have some commands).

HTH

owaisberg · ‎09-14-2006

I'll give it a shot today and see if it is

the case. Current mpls global config on 12.2 router I have is:

---

mpls label range 8000 8999

mpls label protocol tdp

tag-switching tdp router-id Loopback0

---

Which specifies tdp globally......why would I have TDP adjacencies in place when image is

12.3/12.4 and not in 12.2T regtardless of the

defaults ....since I don't use defaults in that case ?

owaisberg · ‎09-14-2006

All TDP adjacencies are in place

sh mpls ldp neighbor

Peer LDP Ident: 146.11.4.4:0; Local LDP Ident 146.11.8.8:0

TCP connection: 146.11.4.4.646 - 146.11.8.8.11033

State: Oper; Msgs sent/rcvd: 12/13; Downstream

Up time: 00:01:31

LDP discovery sources:

Ethernet1/0.34, Src IP addr: 146.11.34.4

Addresses bound to peer LDP Ident:

146.11.4.4 146.11.24.4 146.11.34.4 146.11.46.4

Peer TDP Ident: 146.11.2.2:0; Local TDP Ident 146.11.8.8:0

TCP connection: 146.11.2.2.711 - 146.11.8.8.11034

State: Oper; PIEs sent/rcvd: 5/5; Downstream

Up time: 00:01:31

TDP discovery sources:

Ethernet1/0.23, Src IP addr: 146.11.23.2

Addresses bound to peer TDP Ident:

146.11.2.2 146.11.23.2 146.11.24.2

owaisberg · ‎09-14-2006

The untagged ones you see are the VPN routes

from VRF on the same PE

swaroop.potdar · ‎09-14-2006

Hi

I have seen the attachments given by you.

You can go to the ASBR-AS1 and enable this command on the interface connecting to the PE2-AS1. "mpls label protocol both"

This should solve the problem.

Do let me know.

HTH-Cheers!

Swaroop

owaisberg · ‎09-14-2006

Hi,

I'll check it today soon.....and let you know

paying extra attention on LDP/TDP adjacencies

as it was expressed by other guys as well that it can be a reason of that issue.

Thanks again.