TE Tunnels Not Carrying Customer Traffic

ranjeetba · ‎10-12-2013

Hi,

I have configured TE tunnels between PE's Cisco 7204 and Juniper 2320 and 2611 as P router in my Home lab, the Tunnels are UP but not able to carry customer traffic. I am presenting the configuration and topology here. Experts please help in iidentifying the problem.

Cisco

BOMBAY#show mpls traffic-eng tunnels br

BOMBAY#show mpls traffic-eng tunnels brief

Signalling Summary:

LSP Tunnels Process: running

RSVP Process: running

Forwarding: enabled

Periodic reoptimization: every 3600 seconds, next in 3025 seconds

TUNNEL NAME DESTINATION UP IF DOWN IF STATE/PROT

BOMBAY_t0 97.9.15.1 - Fa0/0 up/up

FROM_JUNIPER_GOING_CISCO 97.9.15.2 Fa0/0 - up/up

Displayed 1 (of 1) heads, 0 (of 0) midpoints, 1 (of 1) tails

root@LONDON> show mpls lsp

Ingress LSP: 1 sessions

To From State Rt P ActivePath LSPname

97.9.15.2 97.9.15.1 Up 0 * FROM_JUNIPER_GOI

NG_CISCO

Total 1 displayed, Up 1, Down 0

Egress LSP: 1 sessions

To From State Rt Style Labelin Labelout LSPname

97.9.15.1 97.9.15.2 Up 0 1 SE 3 - BOMBAY_t0

Total 1 displayed, Up 1, Down 0

Transit LSP: 0 sessions

Total 0 displayed, Up 0, Down 0

BOMBAY#show run

Building configuration...

Current configuration : 2735 bytes

!

version 12.2

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname BOMBAY

!

boot bootldr bootflash:c7200-kboot-mz.122-5.bin

enable secret 5 $1$4K.m$FMR0tP7erbqAYUOypCnJx.

enable password password

!

ip subnet-zero

!

no ip domain-lookup

!

ip vrf London

rd 200:200

route-target export 200:200

route-target import 200:200

ip cef

mpls traffic-eng tunnels

call rsvp-sync

!

controller T1 5/0

framing esf

linecode b8zs

!

controller T1 5/1

framing esf

linecode b8zs

!

controller T1 5/2

framing esf

linecode b8zs

!

controller T1 5/3

framing esf

linecode b8zs

!

interface Loopback0

ip address 97.9.15.2 255.255.255.255

!

interface Tunnel0

ip unnumbered Loopback0

tunnel destination 97.9.15.1

tunnel mode mpls traffic-eng

tunnel mpls traffic-eng path-option 10 dynamic

!

interface FastEthernet0/0

ip address 220.225.33.2 255.255.255.0

duplex auto

speed auto

mpls traffic-eng tunnels

no cdp enable

ip rsvp bandwidth 50000 50000

!

interface FastEthernet0/1

ip address 10.255.8.1 255.255.255.0

duplex auto

speed auto

no cdp enable

!

interface FastEthernet1/0

no ip address

shutdown

duplex half

!

interface POS2/0

no ip address

shutdown

!

interface Serial3/0

no ip address

shutdown

!

interface Serial3/1

no ip address

shutdown

!

interface Serial3/2

no ip address

shutdown

!

interface Serial3/3

no ip address

shutdown

!

interface Ethernet4/0

no ip address

shutdown

duplex half

!

interface Ethernet4/1

no ip address

shutdown

duplex half

!

interface Ethernet4/2

no ip address

shutdown

duplex half

!

interface Ethernet4/3

no ip address

shutdown

duplex half

!

interface ATM6/0

no ip address

shutdown

no atm ilmi-keepalive

!

router ospf 200

router-id 97.9.15.2

log-adjacency-changes

network 97.9.15.0 0.0.0.255 area 0

network 220.225.33.0 0.0.0.255 area 0

mpls traffic-eng router-id Loopback0

mpls traffic-eng area 0

!

router bgp 200

no synchronization

bgp log-neighbor-changes

neighbor 97.9.15.127 remote-as 200

neighbor 97.9.15.127 ebgp-multihop 5

neighbor 97.9.15.127 update-source Loopback0

no auto-summary

!

address-family ipv4 vrf London

redistribute connected

redistribute static

no auto-summary

no synchronization

exit-address-family

!

address-family vpnv4

neighbor 97.9.15.127 activate

neighbor 97.9.15.127 send-community both

no auto-summary

exit-address-family

!

ip classless

ip route 200.200.200.0 255.255.255.0 Tunnel0

ip route vrf London 194.1.1.0 255.255.255.0 10.255.8.2

ip route vrf London 194.1.2.0 255.255.255.0 10.255.8.2

no ip http server

ip pim bidir-enable

dial-peer cor custom

gatekeeper

shutdown

line con 0

line aux 0

line vty 0 4

password password

login

!

end

Juniper

show configuration

## Last commit: 2013-10-11 16:55:29 IST by root

version 10.0R4.7;

system {

host-name LONDON;

domain-name IBHANAN.com;

time-zone Asia/Calcutta;

location building "Lake View County Apartments";

root-authentication {

encrypted-password "$1$UaKIM2Vv$cLACzAalf5.QhCdfoqmNZ0"; ## SECRET-DATA

}

login {

user ranjeet {

full-name "RANJEET ASHOK BADHE";

uid 2007;

class super-user;

authentication {

encrypted-password "$1$tscx4Gf.$XEnMrWOC8kxW6603AAUA2."; ## SECRET-DATA

}

user sujata {

full-name "Sujata Badhe";

uid 2008;

---(more)---

class operator;

authentication {

encrypted-password "$1$.FRRmZF5$8qybrOXGWClAmG0EOKm9W0"; ## SECRET-DATA

}

services {

ftp;

ssh;

telnet;

web-management {

http {

interface [ ge-0/0/0.0 ge-0/0/3.0 ];

}

control {

max-threads 15;

}

session {

idle-timeout 1000;

}

---(more 17%)---

syslog {

user * {

any emergency;

}

host 195.195.195.195 {

any any;

log-prefix Cisco_Juniper;

}

file messages {

any any;

authorization info;

}

file interactive-commands {

interactive-commands any;

}

source-address 195.195.195.194;

}

archival {

configuration {

transfer-on-commit;

archive-sites {

"ftp://sujata:password@195.195.195.195";

}

---(more 26%)---

}

license {

autoupdate {

url https://ae1.juniper.net/junos/key_retrieval;

}

interfaces {

ge-0/0/0 {

unit 0;

}

fe-0/0/1 {

unit 0;

}

ge-0/0/1 {

unit 0 {

family inet {

address 200.200.200.1/24;

}

ge-0/0/2 {

---(more 36%)---

unit 0 {

family inet {

address 220.225.34.1/24;

}

family mpls;

}

ge-0/0/3 {

unit 0 {

family inet {

address 195.195.195.194/24;

}

lo0 {

unit 0 {

family inet {

address 97.9.15.1/24;

}

snmp {

---(more 45%)---

trap-group CISCO_JUNIPER {

categories {

chassis;

routing;

configuration;

sonet-alarms;

}

targets {

195.195.195.195;

}

routing-options {

router-id 97.9.15.1;

autonomous-system 200;

}

protocols {

rsvp {

interface ge-0/0/2.0;

}

mpls {

no-cspf;

label-switched-path FROM_JUNIPER_GOING_CISCO {

---(more 54%)---

to 97.9.15.2;

}

path FROM_JUNIPER_GOING_CISCO {

97.9.15.1 loose;

}

interface ge-0/0/2.0;

}

bgp {

group SESSION-ROUTER2600 {

type internal;

family inet-vpn {

unicast;

}

peer-as 200;

neighbor 97.9.15.127;

}

ospf {

traffic-engineering;

area 0.0.0.0 {

interface ge-0/0/2.0;

interface lo0.0;

}

---(more 63%)---

}

ldp {

interface ge-0/0/2.0;

interface all;

}

policy-options {

policy-statement London_Export {

term 1 {

from protocol [ static direct ];

then {

community add London;

accept;

}

term 2 {

then reject;

}

policy-statement London_Import {

term 1 {

from {

protocol bgp;

---(more 73%)---

community London;

}

then accept;

}

term 2 {

then reject;

}

community London members target:200:200;

}

class-of-service {

classifiers {

dscp VOICE {

import default;

forwarding-class expedited-forwarding {

loss-priority low code-points [ ef 001100 010111 ];

}

drop-profiles {

HIGH {

fill-level 25 drop-probability 25;

}

---(more 82%)---

}

forwarding-classes {

queue 0 EF;

}

scheduler-maps {

HIGH {

forwarding-class expedited-forwarding scheduler HIGH;

forwarding-class assured-forwarding scheduler HIGH;

}

schedulers {

HIGH {

transmit-rate percent 25;

buffer-size temporal 2;

priority high;

drop-profile-map loss-priority low protocol any drop-profile HIGH;

}

security {

forwarding-options {

family {

mpls {

---(more 91%)---

mode packet-based;

}

routing-instances {

London {

instance-type vrf;

interface ge-0/0/1.0;

route-distinguisher 200:200;

vrf-import London_Import;

vrf-export London_Export;

vrf-target target:200:200;

vrf-table-label;

routing-options {

static {

route 192.168.0.0/16 next-hop 200.200.200.2;

}

P Router

Password:

NEWYORK>en

Password:

NEWYORK#sh ip rsvp ne

0.0.0.0 Unknown

220.225.33.2 RSVP

220.225.34.1 RSVP

NEWYORK#show run

Building configuration...

Current configuration : 1820 bytes

!

version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname NEWYORK

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$ApJw$4c2zUN.TrmJkVxKU9Fjt1/

enable password password

!

no network-clock-participate slot 1

no network-clock-participate wic 0

no aaa new-model

ip subnet-zero

ip cef

no ip domain lookup

ip audit po max-events 100

mpls traffic-eng tunnels

interface Loopback0

ip address 97.9.15.127 255.255.255.255

!

interface FastEthernet0/0

ip address 220.225.33.127 255.255.255.0

duplex auto

speed auto

mpls traffic-eng tunnels

no cdp enable

ip rsvp bandwidth 50000

!

interface FastEthernet0/1

ip address 220.225.34.127 255.255.255.0

duplex auto

speed auto

mpls traffic-eng tunnels

no cdp enable

ip rsvp bandwidth 50000

!

router ospf 200

mpls traffic-eng router-id Loopback0

mpls traffic-eng area 0

router-id 97.9.15.127

log-adjacency-changes

network 97.9.15.0 0.0.0.255 area 0

network 220.225.33.0 0.0.0.255 area 0

network 220.225.34.0 0.0.0.255 area 0

!

router bgp 200

no synchronization

bgp log-neighbor-changes

neighbor 97.9.15.1 remote-as 200

neighbor 97.9.15.1 update-source Loopback0

neighbor 97.9.15.2 remote-as 200

neighbor 97.9.15.2 update-source Loopback0

neighbor 97.9.15.2 route-reflector-client

no auto-summary

!

address-family vpnv4

neighbor 97.9.15.1 activate

neighbor 97.9.15.1 send-community both

neighbor 97.9.15.2 activate

neighbor 97.9.15.2 send-community both

exit-address-family

!

ip classless

!

no ip http server

no ip http secure-server

!

dialer-list 1 protocol ip permit

dialer-list 1 protocol ipx permit

no cdp run

!

line con 0

line aux 0

line vty 0 4

exec-timeout 35791 0

password password

login

!

end

NEWYORK#

Nagendra Kumar Nainar · ‎10-13-2013

HI,

When you say tunel not carrying cusotmer traffic, Can you be more specific?. I can see that you havea static route to 200200.200.0/24 with tunnel as egress interface.

When you ping 200.200.200.0 do you see it works?.

-Nagendra