cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
794
Views
0
Helpful
2
Replies

Trace route from HQ CE to branch CE didn't show the Bracnh PE ip address

jackie_gx
Level 1
Level 1

I trace route from HQ to 2 branches, Branch 1 and Branch 2, it is going through the mpls could. Branch 1 didn't show the branch PE ip address but Branch 2 did. Any idea why this is happen?

HQ#trace x.x.x.110 --> Branch 1

Type escape sequence to abort.

Tracing the route to x.x.x.110

1 x.x.x.121 12 msec 12 msec 12 msec -> HQ PE

2 x.x.x.110 32 msec 96 msec * ->Branch CE

HQ#trace x.x.x.254 -- branch2

Type escape sequence to abort.

Tracing the route to x.x.x.254

1 x.x.x.121 12 msec 12 msec 12 msec ->HQ PE

2 x.x.x.253 36 msec 36 msec 36 msec ->Branch PE

3 x.x.x.254 48 msec 92 msec * ->Branch CE

1 Accepted Solution

Accepted Solutions

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Guo,

an MPLS service provider has faculty to show or hide the intermediate router hops in a traceroute started by a customer.

There is a specific command for this

mpls ip propagate-ttl

with some options

Probably your SP hasn't a coherent configuration of this in all of these routers PE nodes and from this comes the different behaviour of the two traceroutes.

By the way the real number of service providers nodes is hidden also by the fact you are probably inside a L3 VPN service.

So the command described above has effects only on exit PE.

I mean between HQ PE and Branch PE there can be one or more devices that perform MPLS switching.

So in any case your result doesn't reflect the real path.

In fact, the tracerouter works by sending probes with increasing TTL.

However once TTL=2 the packet travels up to the exit PE devices in the middle don't process it if the MPLS TTL is not a copy of the carried packet.

the exit PE can appear on the traceroute or not depending on the settings of ip mpls propagate-ttl

Hope to help

Giuseppe

View solution in original post

2 Replies 2

johnlloyd_13
Level 9
Level 9

your SP may configured the branch 1 PE router to prohibit icmp or any diagnostic packets to run through on it. this would be due to security issues, but you should talk to your SP and escalate this with them since you pay for the service.

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Guo,

an MPLS service provider has faculty to show or hide the intermediate router hops in a traceroute started by a customer.

There is a specific command for this

mpls ip propagate-ttl

with some options

Probably your SP hasn't a coherent configuration of this in all of these routers PE nodes and from this comes the different behaviour of the two traceroutes.

By the way the real number of service providers nodes is hidden also by the fact you are probably inside a L3 VPN service.

So the command described above has effects only on exit PE.

I mean between HQ PE and Branch PE there can be one or more devices that perform MPLS switching.

So in any case your result doesn't reflect the real path.

In fact, the tracerouter works by sending probes with increasing TTL.

However once TTL=2 the packet travels up to the exit PE devices in the middle don't process it if the MPLS TTL is not a copy of the carried packet.

the exit PE can appear on the traceroute or not depending on the settings of ip mpls propagate-ttl

Hope to help

Giuseppe

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco