01-20-2014 10:19 AM
Hi there,
I have an issue where i am unable to route from the hub to the remote site when using FLEXoMPLS,
Everything works and the tunnel sets up fine, though the cloned virtual-access interface isn't used in any routing table as a recursive.
The route shoud be attached to the virtual-access interface
hub#sho ip cef vrf BLUE detail | sec label
192.168.99.0/24, epoch 0, flags rib defined all labels
recursive via 10.0.0.1 label 17
recursive via 0.0.0.0/0
recursive via 172.16.1.1
attached to Ethernet0/2
hub#
hub#sho ip int brie
...Loopback0 10.0.0.254 YES NVRAM up up
Virtual-Access1 10.0.0.254 YES unset up up
Virtual-Template1 10.0.0.254 YES unset up down
my hub configuration is attached....
any help would be appreciated!!
01-20-2014 12:37 PM
Lee,
Just for clarification, this is MPLS over Flex not Flex over MPLS :-)
I've been interested in this kind of deployment for a while, I'll try to setup it up tomorrow or the day after and see what I can get for you.
What's the IOS version you're running this one.
M.
01-20-2014 12:52 PM
That would be great thanks.... I am planning to use this for approx 500 sites as VRFs are used at remotes and want to remain separate up to the headend...
The only version of code I have at the mo is 15.2T, hoping it isn't a bug...
Thx,
Lee
Sent from Cisco Technical Support iPad App
01-21-2014 06:42 AM
Lee,
Had some problems with 15.2, but tried with 15.4.1T1.
Hub#traceroute vrf BLUE 192.168.101.1 source e1/1
Type escape sequence to abort.
Tracing the route to 192.168.101.1
VRF info: (vrf in name/id, vrf out name/id)
1 192.168.101.1 6 msec * 5 msec
Hub#show ip cef vrf BLUE 192.168.101.1 det
192.168.101.0/24, epoch 0, flags rib defined all labels
recursive via 10.1.1.178 label 16
attached to Virtual-Access3
Hub#sh run | s r b
router bgp 65001
bgp log-neighbor-changes
bgp listen range 10.1.1.0/24 peer-group Spokes
neighbor Spokes peer-group
neighbor Spokes remote-as 65001
neighbor 2001:DB8:1999:: remote-as 65001
neighbor 2001:DB8:1999:: update-source Loopback100
neighbor 192.168.0.2 remote-as 65001
!
address-family ipv4
network 192.168.0.0
neighbor Spokes activate
no neighbor 2001:DB8:1999:: activate
neighbor 192.168.0.2 activate
neighbor 192.168.0.2 route-reflector-client
neighbor 192.168.0.2 next-hop-self all
neighbor 192.168.0.2 unsuppress-map ALL
exit-address-family
!
address-family vpnv4
neighbor Spokes activate
neighbor Spokes send-community extended
exit-address-family
!
address-family ipv6
neighbor 2001:DB8:1999:: activate
exit-address-family
!
address-family ipv4 vrf BLUE
network 192.168.0.0
redistribute connected
exit-address-family
Hub#sh ip route vrf BLUE
Routing Table: BLUE
(...)
Gateway of last resort is not set
192.168.0.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.0.0/24 is directly connected, Ethernet1/1
L 192.168.0.1/32 is directly connected, Ethernet1/1
B 192.168.101.0/24 [200/0] via 10.1.1.178, 00:07:13
B 192.168.102.0/24 [200/0] via 10.1.1.179, 00:07:13
from spoke
Spoke1#traceroute vrf BLUE 192.168.0.1 source e1/1
Type escape sequence to abort.
Tracing the route to 192.168.0.1
VRF info: (vrf in name/id, vrf out name/id)
1 192.168.0.1 5 msec * 6 msec
Spoke1#show ip cef vrf BLUE 192.168.0.1 det
192.168.0.0/24, epoch 0, flags rib defined all labels
recursive via 10.1.1.1 label 16
attached to Tunnel1
Spoke1#sh run | s r b
router bgp 65001
bgp log-neighbor-changes
network 192.168.101.0
neighbor 10.1.1.1 remote-as 65001
!
address-family vpnv4
neighbor 10.1.1.1 activate
neighbor 10.1.1.1 send-community extended
exit-address-family
!
address-family ipv4 vrf BLUE
network 192.168.101.0
redistribute connected
exit-address-family
Spoke1#sh ip route vrf BLUE
Routing Table: BLUE
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
B 192.168.0.0/24 [200/0] via 10.1.1.1, 00:08:35
192.168.101.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.101.0/24 is directly connected, Ethernet1/1
L 192.168.101.1/32 is directly connected, Ethernet1/1
01-21-2014 12:39 PM
Thanks a lot Marvin!... So the IOS I have looks to be limited.
Out of interest does the virtual-access interface show in the global routing table?
Sent from Cisco Technical Support iPad App
01-21-2014 02:42 PM
Lee,
Hub#sh run | s Virtual
interface Virtual-Template1 type tunnel
ip unnumbered Loopback100
ip mtu 1400
ip nhrp network-id 2
ip nhrp redirect
ip tcp adjust-mss 1360
ipv6 unnumbered Loopback100
ipv6 enable
mpls bgp forwarding
tunnel path-mtu-discovery
tunnel protection ipsec profile default
Hub#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 No Label 192.168.0.0/24[V] \
0 aggregate/BLUE
Everything is global.
I'm wondering if this is actually a valid way to do things, let me pick brains of some of the MPLS folks here.
M.
01-22-2014 10:01 AM
Hi Marcin,
I will have a topology of 4 ASR hub routers, 2 at one site, 2 in another. I am planning on the spoke routers having 4 tunnels constantly up, one to each hub. I have read in one of your web pages that Cisco recommend iBGP between hub and spoke routers. This is fine, though will need to route-reflect between all the hubs.
The tunnels will be authenticated with a RADIUS a the headend, hence I don't believe with shortcut routing we can authenticate against the RADIUS, or will the Hub router still proxy auth requests for spoke to spoke?
Cheers,
Lee.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: