cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2227
Views
0
Helpful
11
Replies

Unable to ping remote LAN from PE

Jobin Varghese
Level 1
Level 1

I have a new MPLS connection and the setup is completed. I am able to ping from CORE_Router to CORE_ROUTER_QAT, however I am not able to ping LAN on both the sides. Below is the layout.

                                                     BGP.jpg

CORE_ROUTER carries the following configuration :

version 15.1

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname CORE_Router

!

boot-start-marker

boot-end-marker

!

!

logging buffered 51200 warnings

!

no aaa new-model

!

no ipv6 cef

ip source-route

ip cef

!

!

!

!

!

no ip domain lookup

ip name-server 84.235.x.x

ip name-server 84.235.x.x

multilink bundle-name authenticated

!

!

crypto pki token default removal timeout 0

!

crypto pki trustpoint TP-self-signed-144954112

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-144954112

revocation-check none

rsakeypair TP-self-signed-144954112

!

!

crypto pki certificate chain TP-self-signed-144954112

certificate self-signed 01

  xxxxx

        quit

license udi pid CISCO2911/K9 sn FCZ154670GK

!

!

!

!

!

!

!

!

interface Loopback0

ip address 20.20.20.20 255.255.255.0

!

interface Embedded-Service-Engine0/0

no ip address

shutdown

!

interface GigabitEthernet0/0

no ip address

duplex auto

speed auto

!

interface GigabitEthernet0/0.2400

description $STC_DIA6$

encapsulation dot1Q 2400

ip address 84.235.x.x 255.255.255.252

ip nat outside

ip virtual-reassembly in

!

interface GigabitEthernet0/1

description $VPN_LAN$

ip address 128.1.0.100 255.255.255.248

duplex auto

speed auto

!

interface GigabitEthernet0/2

description $WAN_LAN$

ip address 84.235.x.x 255.255.255.240

ip nat inside

ip virtual-reassembly in

duplex auto

speed auto

!

interface FastEthernet0/0/0

no ip address

duplex auto

speed auto

!        

interface FastEthernet0/0/0.446

description $STC_MPLS$

encapsulation dot1Q 446

ip address 172.31.83.114 255.255.255.252

!

router bgp 100

bgp log-neighbor-changes

network 128.1.0.0 mask 255.255.248.0

network 172.18.0.0

network 172.19.0.0

neighbor 172.31.53.169 remote-as 65272

neighbor 172.31.92.42 remote-as 65272

!

ip forward-protocol nd

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip route 0.0.0.0 0.0.0.0 84.235.x.x

ip route 128.1.0.0 255.255.248.0 GigabitEthernet0/1

ip route 172.17.0.0 255.255.0.0 172.31.92.41

ip route 172.18.0.0 255.255.0.0 GigabitEthernet0/1

ip route 172.19.0.0 255.255.0.0 GigabitEthernet0/1

ip route 172.31.53.168 255.255.255.252 172.31.83.113

ip route 172.31.92.40 255.255.255.252 172.31.83.113

!

!

!

!

control-plane

!

!

!

line con 0

logging synchronous

login local

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line vty 0 4

access-class 23 in

privilege level 15

login local

transport input telnet ssh

line vty 5 15

access-class 23 in

privilege level 15

login local

transport input telnet ssh

!

scheduler allocate 20000 1000

end

This router also carries a WAN connection along with the MPLS.

The route table for CORE_ROUTER:

Gateway of last resort is 84.235.x.x to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 84.235.x.x

      20.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

C        20.20.20.0/24 is directly connected, Loopback0

L        20.20.20.20/32 is directly connected, Loopback0

      84.0.0.0/8 is variably subnetted, 4 subnets, 3 masks

C        84.235.x.x/28 is directly connected, GigabitEthernet0/2

L        84.235.x.x/32 is directly connected, GigabitEthernet0/2

C        84.235.x.x/30 is directly connected, GigabitEthernet0/0.2400

L        84.235.x.x/32 is directly connected, GigabitEthernet0/0.2400

      128.1.0.0/16 is variably subnetted, 3 subnets, 3 masks

S        128.1.0.0/21 is directly connected, GigabitEthernet0/1

C        128.1.0.96/29 is directly connected, GigabitEthernet0/1

L        128.1.0.100/32 is directly connected, GigabitEthernet0/1

S     172.17.0.0/16 [1/0] via 172.31.92.41

S     172.18.0.0/16 is directly connected, GigabitEthernet0/1

S     172.19.0.0/16 is directly connected, GigabitEthernet0/1

      172.31.0.0/16 is variably subnetted, 4 subnets, 2 masks

S        172.31.53.168/30 [1/0] via 172.31.83.113

C        172.31.83.112/30 is directly connected, FastEthernet0/0/0.446

L        172.31.83.114/32 is directly connected, FastEthernet0/0/0.446

S        172.31.92.40/30 [1/0] via 172.31.83.113

The BGP information on the same router:

CORE_Router#sh ip bgp

BGP table version is 4, local router ID is 20.20.20.20

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale, m multipath, b backup-path, x best-external, f RT-Filter

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 128.1.0.0/21     0.0.0.0                  0         32768 i

*> 172.18.0.0       0.0.0.0                  0         32768 i

*> 172.19.0.0       0.0.0.0                  0         32768 i

on the CORE_ROUTER_QAT I have done the following configuration:

version 15.1

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname CORE_ROUTER_QAT

!

boot-start-marker

boot-end-marker

!

!

logging buffered 51200 warnings

enable secret 5 xxx

!

no aaa new-model

!

no ipv6 cef

ip source-route

ip cef   

!

!

!

!

!

no ip domain lookup

multilink bundle-name authenticated

!

!

crypto pki token default removal timeout 0

!

crypto pki trustpoint TP-self-signed-437488504

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-437488504

revocation-check none

rsakeypair TP-self-signed-437488504

!

!

crypto pki certificate chain TP-self-signed-437488504

certificate self-signed 01

  xxx

        quit

license udi pid CISCO2911/K9 sn FCZ161370A1

!

!

!

!

!

!        

!

!

interface Embedded-Service-Engine0/0

no ip address

shutdown

!

interface GigabitEthernet0/0

ip address 172.31.92.42 255.255.255.252

duplex auto

speed auto

!

interface GigabitEthernet0/1

  no ip address

duplex auto

speed auto

!

interface GigabitEthernet0/1.2

description $VPN_LAN$

encapsulation dot1Q 2

ip address 172.17.0.250 255.255.255.0

!

interface GigabitEthernet0/2

no ip address

shutdown

duplex auto

speed auto

!

router bgp 200

bgp log-neighbor-changes

network 172.17.0.0

neighbor 172.31.53.169 remote-as 65272

neighbor 172.31.83.113 remote-as 65272

!

ip forward-protocol nd

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip route 0.0.0.0 0.0.0.0 172.31.92.41

ip route 172.17.0.0 255.255.0.0 GigabitEthernet0/1.2

ip route 172.19.0.0 255.255.0.0 172.31.83.113

!

!

!

!        

control-plane

!

!

!

line con 0

logging synchronous

login local

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line vty 0 4

access-class 23 in

privilege level 15

login local

transport input telnet ssh

line vty 5 15

access-class 23 in

privilege level 15

login local

transport input telnet ssh

!

scheduler allocate 20000 1000

end

The route table and bgp information:

CORE_ROUTER_QAT#sh ip route

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

       + - replicated route, % - next hop override

Gateway of last resort is 172.31.92.41 to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 172.31.92.41

      172.17.0.0/16 is variably subnetted, 3 subnets, 3 masks

S        172.17.0.0/16 is directly connected, GigabitEthernet0/1.2

C        172.17.0.0/24 is directly connected, GigabitEthernet0/1.2

L        172.17.0.250/32 is directly connected, GigabitEthernet0/1.2

      172.31.0.0/16 is variably subnetted, 2 subnets, 2 masks

C        172.31.92.40/30 is directly connected, GigabitEthernet0/0

L        172.31.92.42/32 is directly connected, GigabitEthernet0/0

CORE_ROUTER_QAT#sh ip bgp

BGP table version is 2, local router ID is 172.31.92.42

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale, m multipath, b backup-path, x best-external, f RT-Filter

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 172.17.0.0       0.0.0.0                  0         32768 i

Now the problems I am facing are like this

On CORE_ROUTER:

CORE_Router#ping 172.17.0.250

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.17.0.250, timeout is 2 seconds:

U.U.U

Success rate is 0 percent (0/5)

CORE_Router#traceroute 172.17.0.250

Type escape sequence to abort.

Tracing the route to 172.17.0.250

VRF info: (vrf in name/id, vrf out name/id)

  1 172.31.83.113 0 msec 0 msec 0 msec

  2 172.31.83.113 !H  *  !H

CORE_Router#ping 172.31.92.42

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.92.42, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

on CORE_ROUTER_QAT:

CORE_ROUTER_QAT#ping 128.1.0.100

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 128.1.0.100, timeout is 2 seconds:

U.U.U

Success rate is 0 percent (0/5)

CORE_ROUTER_QAT#traceroute 128.1.0.100

Type escape sequence to abort.

Tracing the route to 128.1.0.100

VRF info: (vrf in name/id, vrf out name/id)

  1 172.31.92.41 4 msec 4 msec 0 msec

  2 172.31.92.41 !H  *  !H

CORE_ROUTER_QAT#ping 172.31.83.114

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.114, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

Other than this I also face an Issue with CORE_ROUTER_QAT communicating with its local VLANS (I guess it might be due to the Alcatel at that site):

CORE_ROUTER_QAT#ping 172.17.0.254

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.17.0.254, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

CORE_ROUTER_QAT#traceroute 172.17.0.254

Type escape sequence to abort.

Tracing the route to 172.17.0.254

VRF info: (vrf in name/id, vrf out name/id)

  1 172.17.0.254 4 msec 0 msec 4 msec

CORE_ROUTER_QAT#ping 172.17.6.10

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.17.6.10, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_ROUTER_QAT#traceroute 172.17.6.10

Type escape sequence to abort.

Tracing the route to 172.17.6.10

VRF info: (vrf in name/id, vrf out name/id)

  1  *  *  *

  2  *  *  *

  3  *  *  *

  4  *  *  *

  5  *  *  *

  6  *  *  *

  7  *  *  *

  8  *  *  *

  9  *  *  *

10  *  *  *

11  *  *  *

12  *  *  *

13  *  *  *

14  *  *  *

15  *  *  *

16  *  *  *

17  *  *  *

18  *  *  *

19  *  *  *

20  *  *  *

21  *  *  *

22  *  *  *

23  *  *  *

24  *  *  *

25  *  *  *

26  *  *  *

27  *  *  *

28  *  *  *

29  *  *  *

30  *  *  *

I hope someone will be able to help me out with this issue.

11 Replies 11

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Jobin,

you are dealing with eBGP multihop sessions on the first router, by default eBGP sessions use TTL=1 and a command is needed to setup the eBGP session in this case

you can check that eBGP sessions are not established with

show ip bgp sum

router bgp 100

neighbor x.x.x.x ebgp-multihop 255

neighbor y.y.y.y ebgp-multihop 255

repeat show ip bgp sum after the state of the BGP sessions should change to established

You may need to do the same on the other site

Hope to help

Giuseppe

Have a few doubts regarding this. By using the multihop should I be doing like this

router bgp 100

neighbor 172.31.92.41 ebgp-multihop 255

neighbor 172.31.53.169 ebgp-multihop 255

on the first router and similarly on the second router, where these IP's are the MPLS IP's or should I be using the IP for the remote site network ?

Hello Jobin,

it is exactly what I was meaning the command is an additional command that refers to the eBGP neighbors locally defined on the box

the resulting configuration on first device will be:

router bgp 100

neighbor 172.31.53.169 remote-as 65272

neighbor 172.31.92.42 remote-as 65272

neighbor 172.31.92.42 ebgp-multihop 255

neighbor 172.31.53.169 ebgp-multihop 255

do in a similar way on the other site if needed

you can check the state of BGP sessions with

show ip bgp summary

Hope to help

Giuseppe

Hi Giuseppe,

Did lik you had suggested however there are no changes in the bgp summary table.

Tagir Temirgaliyev
Spotlight
Spotlight

hi

1. simple way to do it is gre tunnel from core_router to core_router_qat

2. another way is ipsec tunnel from f0/0/0.446 core_router to g0/0 core_router_qat

3. bgp inside mpls cloud

4. there are of course many ather ways to do it

I would like to configure the best possible method, Wouldn't bgp inside mpls cloud be better ? Considering that other sites to be added along to this which would be better ?

Jobin Varghese
Level 1
Level 1

A few change to teh initial layout that I failed to mention.

                    

The core switches on both the sides do not carry any bgp protocol, shoudl these switches also be enabled with the bgp ?

on the CORE_ROUTER_QAT I have done the following configuration:

version 15.1

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname CORE_ROUTER_QAT

!

boot-start-marker

boot-end-marker

!

!

logging buffered 51200 warnings

enable secret 5 xxx

!

no aaa new-model

!

no ipv6 cef

ip source-route

ip cef   

!

!

!

!

!

no ip domain lookup

multilink bundle-name authenticated

!

!

crypto pki token default removal timeout 0

!

crypto pki trustpoint TP-self-signed-437488504

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-437488504

revocation-check none

rsakeypair TP-self-signed-437488504

!

!

crypto pki certificate chain TP-self-signed-437488504

certificate self-signed 01

  xxx

        quit

license udi pid CISCO2911/K9 sn FCZ161370A1

!

!

!

!

!

!        

!

!

interface Embedded-Service-Engine0/0

no ip address

shutdown

!

interface GigabitEthernet0/0

ip address 172.31.92.42 255.255.255.252

duplex auto

speed auto

!

interface GigabitEthernet0/1

  no ip address

duplex auto

speed auto

!

interface GigabitEthernet0/1.2

description $VPN_LAN$

encapsulation dot1Q 2

ip address 172.17.0.250 255.255.255.0

!

interface GigabitEthernet0/2

no ip address

shutdown

duplex auto

speed auto

!

router bgp 200

bgp log-neighbor-changes

network 172.17.0.0

neighbor 172.31.53.169 remote-as 65272

neighbor 172.31.83.113 remote-as 65272

!

ip forward-protocol nd

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip route 0.0.0.0 0.0.0.0 172.31.92.41

ip route 172.17.0.0 255.255.0.0 GigabitEthernet0/1.2

ip route 172.19.0.0 255.255.0.0 172.31.83.113

!

!

!

!        

control-plane

!

!

!

line con 0

logging synchronous

login local

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line vty 0 4

access-class 23 in

privilege level 15

login local

transport input telnet ssh

line vty 5 15

access-class 23 in

privilege level 15

login local

transport input telnet ssh

!

scheduler allocate 20000 1000

end

The route table and bgp information:

CORE_ROUTER_QAT#sh ip route

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

       + - replicated route, % - next hop override

Gateway of last resort is 172.31.92.41 to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 172.31.92.41

      172.17.0.0/16 is variably subnetted, 3 subnets, 3 masks

S        172.17.0.0/16 is directly connected, GigabitEthernet0/1.2

C        172.17.0.0/24 is directly connected, GigabitEthernet0/1.2

L        172.17.0.250/32 is directly connected, GigabitEthernet0/1.2

      172.31.0.0/16 is variably subnetted, 2 subnets, 2 masks

C        172.31.92.40/30 is directly connected, GigabitEthernet0/0

L        172.31.92.42/32 is directly connected, GigabitEthernet0/0

Even though there is a route to 172.19.0.0 mentioned in the router, why such i snot being displayed in  my routing table ?

Jobin Varghese
Level 1
Level 1

After a few additions to configuration, ebg-multihop and gre tunnel, still there seems to be know reply from remote lan.

version 15.1

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname CORE_Router

!

boot-start-marker

boot-end-marker

!

!

logging buffered 51200 warnings

!

no aaa new-model

!

no ipv6 cef

ip source-route

ip cef

!

!

!

!

!

no ip domain lookup

ip name-server 84.235.x.x

ip name-server 84.235.x.x

multilink bundle-name authenticated

!

!

crypto pki token default removal timeout 0

!

crypto pki trustpoint TP-self-signed-144954112

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-144954112

revocation-check none

rsakeypair TP-self-signed-144954112

!

!

crypto pki certificate chain TP-self-signed-144954112

certificate self-signed 01

xxxxxx

        quit

license udi pid CISCO2911/K9 sn FCZ154670GK

!

!

!

!

!

!

!

!

interface Loopback0

ip address 20.20.20.20 255.255.255.255

!

interface Tunnel12

ip address 192.168.1.1 255.255.255.0

tunnel source FastEthernet0/0/0.446

tunnel destination 172.31.92.41

!

interface Embedded-Service-Engine0/0

no ip address

shutdown

!

interface GigabitEthernet0/0

no ip address

duplex auto

speed auto

!

interface GigabitEthernet0/0.2400

description $STC_DIA6$

encapsulation dot1Q 2400

ip address 84.235.x.x 255.255.255.252

ip nat outside

ip virtual-reassembly in

!

interface GigabitEthernet0/1

description $VPN_LAN$

ip address 128.1.0.100 255.255.255.248

duplex auto

speed auto

!

interface GigabitEthernet0/2

description $WAN_LAN$

ip address 84.235.x.x 255.255.255.240

ip nat inside

ip virtual-reassembly in

duplex auto

speed auto

!        

interface FastEthernet0/0/0

no ip address

duplex auto

speed auto

!

interface FastEthernet0/0/0.446

description $STC_MPLS$

encapsulation dot1Q 446

ip address 172.31.83.114 255.255.255.252

!

router bgp 100

bgp log-neighbor-changes

network 128.1.0.0 mask 255.255.248.0

network 172.18.0.0

network 172.19.0.0

redistribute connected

neighbor 172.31.53.169 remote-as 65272

neighbor 172.31.53.169 ebgp-multihop 255

neighbor 172.31.92.41 remote-as 65272

neighbor 172.31.92.41 ebgp-multihop 255

!

ip forward-protocol nd

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip route 0.0.0.0 0.0.0.0 84.235.x.x

ip route 128.1.0.0 255.255.248.0 GigabitEthernet0/1

ip route 172.18.0.0 255.255.0.0 GigabitEthernet0/1

ip route 172.19.0.0 255.255.0.0 GigabitEthernet0/1

ip route 172.31.53.168 255.255.255.252 172.31.83.113

ip route 172.31.92.40 255.255.255.252 172.31.83.113

!

!

!

!

control-plane

!

!

!

line con 0

logging synchronous

login local

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line vty 0 4

access-class 23 in

privilege level 15

login local

transport input telnet ssh

line vty 5 15

access-class 23 in

privilege level 15

login local

transport input telnet ssh

!

scheduler allocate 20000 1000

end

version 15.1

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname CORE_ROUTER_QAT

!

boot-start-marker

boot-end-marker

!

!

logging buffered 51200 warnings

!

no aaa new-model

!

no ipv6 cef

ip source-route

ip cef

!

!

!

!

!

no ip domain lookup

multilink bundle-name authenticated

!

!

crypto pki token default removal timeout 0

!

crypto pki trustpoint TP-self-signed-437488504

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-437488504

revocation-check none

rsakeypair TP-self-signed-437488504

!

!

crypto pki certificate chain TP-self-signed-437488504

certificate self-signed 01

  xxxxxxxx

        quit

license udi pid CISCO2911/K9 sn FCZ161370A1

!

!

!

!

!

!

!

!

interface Loopback0

ip address 20.20.20.21 255.255.255.255

!

interface Tunnel12

ip address 192.168.1.2 255.255.255.0

tunnel source GigabitEthernet0/0

tunnel destination 172.31.83.113

!

interface Embedded-Service-Engine0/0

no ip address

shutdown

!

interface GigabitEthernet0/0

description $STC_MPLS$

ip address 172.31.92.42 255.255.255.252

duplex auto

speed auto

!

interface GigabitEthernet0/1

no ip address

duplex auto

speed auto

!

interface GigabitEthernet0/1.2

description $VPN_LAN$

encapsulation dot1Q 2

ip address 172.17.0.250 255.255.255.0

!

interface GigabitEthernet0/2

no ip address

shutdown

duplex auto

speed auto

!

router bgp 200

bgp log-neighbor-changes

network 172.17.0.0

redistribute connected

neighbor 172.31.83.113 remote-as 65272

neighbor 172.31.83.113 ebgp-multihop 255

!

ip forward-protocol nd

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip route 0.0.0.0 0.0.0.0 172.31.92.41

ip route 172.19.0.0 255.255.0.0 Tunnel12

!

!

!

!

control-plane

!

!

line con 0

logging synchronous

login local

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line vty 0 4

access-class 23 in

privilege level 15

login local

transport input telnet ssh

line vty 5 15

access-class 23 in

privilege level 15

login local

transport input telnet ssh

!

scheduler allocate 20000 1000

end

The tables display the following details now, though briefly it did show the bpg as active it continues to show as idle.

CORE_Router#sh ip route

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

       + - replicated route, % - next hop override

Gateway of last resort is 84.235.x.x to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 84.235.x.x

      20.0.0.0/32 is subnetted, 1 subnets

C        20.20.20.20 is directly connected, Loopback0

      84.0.0.0/8 is variably subnetted, 4 subnets, 3 masks

C        84.235.x.x/28 is directly connected, GigabitEthernet0/2

L        84.235.x.x/32 is directly connected, GigabitEthernet0/2

C        84.235.x.x/30 is directly connected, GigabitEthernet0/0.2400

L        84.235.x.x/32 is directly connected, GigabitEthernet0/0.2400

      128.1.0.0/16 is variably subnetted, 3 subnets, 3 masks

S        128.1.0.0/21 is directly connected, GigabitEthernet0/1

C        128.1.0.96/29 is directly connected, GigabitEthernet0/1

L        128.1.0.100/32 is directly connected, GigabitEthernet0/1

S     172.18.0.0/16 is directly connected, GigabitEthernet0/1

S     172.19.0.0/16 is directly connected, GigabitEthernet0/1

      172.31.0.0/16 is variably subnetted, 4 subnets, 2 masks

S        172.31.53.168/30 [1/0] via 172.31.83.113

C        172.31.83.112/30 is directly connected, FastEthernet0/0/0.446

L        172.31.83.114/32 is directly connected, FastEthernet0/0/0.446

S        172.31.92.40/30 [1/0] via 172.31.83.113

      192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.1.0/24 is directly connected, Tunnel12

L        192.168.1.1/32 is directly connected, Tunnel12

CORE_Router#sh ip bgp sum

BGP router identifier 20.20.20.20, local AS number 100

BGP table version is 16, main routing table version 16

9 network entries using 1224 bytes of memory

9 path entries using 504 bytes of memory

2/2 BGP path/bestpath attribute entries using 256 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory

BGP using 1984 total bytes of memory

BGP activity 9/0 prefixes, 9/0 paths, scan interval 60 secs

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd

172.31.53.169   4        65272       0       0        1    0    0 never    Idle

172.31.92.41    4        65272       0       0        1    0    0 never    Idle

CORE_ROUTER_QAT#sh ip route

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

       + - replicated route, % - next hop override

Gateway of last resort is 172.31.92.41 to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 172.31.92.41

      20.0.0.0/32 is subnetted, 1 subnets

C        20.20.20.21 is directly connected, Loopback0

      172.17.0.0/16 is variably subnetted, 2 subnets, 2 masks

C        172.17.0.0/24 is directly connected, GigabitEthernet0/1.2

L        172.17.0.250/32 is directly connected, GigabitEthernet0/1.2

S     172.19.0.0/16 is directly connected, Tunnel12

      172.31.0.0/16 is variably subnetted, 2 subnets, 2 masks

C        172.31.92.40/30 is directly connected, GigabitEthernet0/0

L        172.31.92.42/32 is directly connected, GigabitEthernet0/0

      192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.1.0/24 is directly connected, Tunnel12

L        192.168.1.2/32 is directly connected, Tunnel12

CORE_ROUTER_QAT#sh ip bgp sum

BGP router identifier 20.20.20.21, local AS number 200

BGP table version is 1, main routing table version 1

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd

172.31.83.113   4        65272       0       0        1    0    0 never    Idle

However, the tunnel interfaces in no way seems to communicate each other too, with no trace when using traceroute function

CORE_Router#ping 192.168.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

CORE_Router#ping 192.168.1.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_ROUTER_QAT#ping 192.168.1.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

CORE_ROUTER_QAT#ping 192.168.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

This has me all lost now, any suggestions ?

Hello Jobin,

looking again at your second network diagram I think I have found the root cause:

the expected eBGP configuration is that each CE node has an eBGP session with the locally connected PE node, you don't need to attempt to create BGP sessions with the CE or the PE at the remote site. This job is performed by SP network using their BGP signalling infrastructure.

L3 MPLS VPN uses a peer model for signaling that means that you just care of peering with local PE node in each site and SP does all the job for you.

So on router named core_router you need an eBGP session with local PE node

CORE_router:

router bgp 100

neighbor 172.31.83.113 remote-as 65272

and on the other CE node:

CORE_ROUTER_QAT

router bgp 100

neighbor 172.31.92.41 remote-as 65272

You can delete all the other BGP sessions as they are not needed and even not correct in theory for this service model.

Hope to help

Giuseppe

Hi Giuseppe, I did changes to the bgp configurtaion on both the routers. The sh ip bgp summary gave the following result

CORE_Router#sh ip bgp sum

BGP router identifier 20.20.20.20, local AS number 100

BGP table version is 139, main routing table version 139

8 network entries using 1088 bytes of memory

8 path entries using 448 bytes of memory

2/2 BGP path/bestpath attribute entries using 256 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory

BGP using 1792 total bytes of memory

BGP activity 25/17 prefixes, 86/78 paths, scan interval 60 secs

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd

172.31.83.113   4        65272       0       0        1    0    0 never    Idle

CORE_ROUTER_QAT#sh ip bgp sum

BGP router identifier 20.20.20.21, local AS number 200

BGP table version is 364, main routing table version 364

3 network entries using 408 bytes of memory

3 path entries using 168 bytes of memory

1/1 BGP path/bestpath attribute entries using 128 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory

BGP using 704 total bytes of memory

BGP activity 46/43 prefixes, 199/196 paths, scan interval 60 secs

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State

/PfxRcd

172.31.92.41    4        65272       0       0        1    0    0 never    Idle

I tried to telnet port 179 on both the router at the result was connection refused.

CORE_Router#telnet 172.31.92.42 179 /source-interface fastEthernet 0/0/0.446

Trying 172.31.92.42, 179 ...

% Connection refused by remote host

CORE_Router#telnet 172.31.92.42 179                                        

Trying 172.31.92.42, 179 ...

% Connection refused by remote host

CORE_ROUTER_QAT#telnet 172.31.83.114 179

Trying 172.31.83.114, 179 ...

% Connection refused by remote host

CORE_ROUTER_QAT#$31.83.114 179 /source-interface gigabitEthernet 0/0

Trying 172.31.83.114, 179 ...

% Connection refused by remote host

Later I added changes to bgp on both the switches adding the neigbhor CE bgp.

on CORE_ROUTER:

router bgp 100

bgp log-neighbor-changes

bgp graceful-restart restart-time 120

bgp graceful-restart stalepath-time 360

bgp graceful-restart

network 128.1.0.0 mask 255.255.248.0

network 172.18.0.0

network 172.19.0.0

redistribute connected

neighbor 172.31.83.113 remote-as 65272

neighbor 172.31.83.113 ebgp-multihop 255

neighbor 172.31.92.42 remote-as 200

neighbor 172.31.92.42 ebgp-multihop 255

on CORE_ROUTER_QAT:

router bgp 200

bgp log-neighbor-changes

bgp graceful-restart restart-time 120

bgp graceful-restart stalepath-time 360

bgp graceful-restart

network 172.17.0.0

redistribute connected

neighbor 172.31.83.114 remote-as 100

neighbor 172.31.83.114 ebgp-multihop 255

neighbor 172.31.92.41 remote-as 65272

neighbor 172.31.92.41 ebgp-multihop 255

The bgp summary showed active connections but the communication to CE interface is awkward:

CORE_Router#sh ip bgp

BGP table version is 142, local router ID is 20.20.20.20

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale, m multipath, b backup-path, x best-external, f RT-Filter

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 20.20.20.20/32   0.0.0.0                  0         32768 ?

*> 20.20.20.21/32   172.31.92.42             0             0 200 ?

*> 84.235.x.x/28 0.0.0.0                  0         32768 ?

*> 84.235.x.x/30   0.0.0.0                  0         32768 ?

*> 128.1.0.0/21     0.0.0.0                  0         32768 i

*> 128.1.0.96/29    0.0.0.0                  0         32768 ?

*> 172.17.0.0/24    172.31.92.42             0             0 200 ?

*> 172.18.0.0       0.0.0.0                  0         32768 i

*> 172.19.0.0       0.0.0.0                  0         32768 i

*> 172.31.83.112/30 0.0.0.0                  0         32768 ?

r> 172.31.92.40/30  172.31.92.42             0             0 200 ?

CORE_Router#sh ip bgp sum

BGP router identifier 20.20.20.20, local AS number 100

BGP table version is 142, main routing table version 142

11 network entries using 1496 bytes of memory

11 path entries using 616 bytes of memory

3/3 BGP path/bestpath attribute entries using 384 bytes of memory

1 BGP AS-PATH entries using 24 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory

BGP using 2520 total bytes of memory

BGP activity 28/17 prefixes, 89/78 paths, scan interval 60 secs

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd

172.31.83.113   4        65272       0       0        1    0    0 never    Idle

172.31.92.42    4          200       5       6      139    0    0 00:00:25        3

CORE_Router#sh ip route

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

       + - replicated route, % - next hop override

Gateway of last resort is 84.235.x.x to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 84.235.x.x

      20.0.0.0/32 is subnetted, 2 subnets

C        20.20.20.20 is directly connected, Loopback0

B        20.20.20.21 [20/0] via 172.31.92.42, 00:00:30

      84.0.0.0/8 is variably subnetted, 4 subnets, 3 masks

C        84.235.x.x/28 is directly connected, GigabitEthernet0/2

L        84.235.x.x/32 is directly connected, GigabitEthernet0/2

C        84.235.x.x/30 is directly connected, GigabitEthernet0/0.2400

L        84.235.x.x/32 is directly connected, GigabitEthernet0/0.2400

      128.1.0.0/16 is variably subnetted, 3 subnets, 3 masks

S        128.1.0.0/21 is directly connected, GigabitEthernet0/1

C        128.1.0.96/29 is directly connected, GigabitEthernet0/1

L        128.1.0.100/32 is directly connected, GigabitEthernet0/1

      172.17.0.0/24 is subnetted, 1 subnets

B        172.17.0.0 [20/0] via 172.31.92.42, 00:00:30

S     172.18.0.0/16 is directly connected, GigabitEthernet0/1

S     172.19.0.0/16 is directly connected, GigabitEthernet0/1

      172.31.0.0/16 is variably subnetted, 4 subnets, 2 masks

S        172.31.53.168/30 [1/0] via 172.31.83.113

C        172.31.83.112/30 is directly connected, FastEthernet0/0/0.446

L        172.31.83.114/32 is directly connected, FastEthernet0/0/0.446

S        172.31.92.40/30 [1/0] via 172.31.83.113

CORE_ROUTER_QAT#sh ip bgp

BGP table version is 379, local router ID is 20.20.20.21

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale, m multipath, b backup-path, x best-externa

l, f RT-Filter

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*  20.20.20.20/32   172.31.83.114            0             0 100 ?

*> 20.20.20.21/32   0.0.0.0                  0         32768 ?

*  84.235.x.x/28 172.31.83.114            0             0 100 ?

*  84.235.x.x/30   172.31.83.114            0             0 100 ?

*  128.1.0.0/21     172.31.83.114            0             0 100 i

*  128.1.0.96/29    172.31.83.114            0             0 100 ?

*> 172.17.0.0/24    0.0.0.0                  0         32768 ?

*  172.18.0.0       172.31.83.114            0             0 100 i

*  172.19.0.0       172.31.83.114            0             0 100 i

*> 172.31.83.112/30 172.31.83.114            0             0 100 ?

*> 172.31.92.40/30  0.0.0.0                  0         32768 ?

CORE_ROUTER_QAT#sh ip bgp sum

BGP router identifier 20.20.20.21, local AS number 200

BGP table version is 379, main routing table version 379

11 network entries using 1496 bytes of memory

11 path entries using 616 bytes of memory

3/2 BGP path/bestpath attribute entries using 384 bytes of memory

1 BGP AS-PATH entries using 24 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory

BGP using 2520 total bytes of memory

BGP activity 54/43 prefixes, 207/196 paths, scan interval 60 secs

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State

/PfxRcd

172.31.83.114   4          100       8       7        1    0    0 00:01:51

  8

172.31.92.41    4        65272       0       0        1    0    0 never    Idle

CORE_ROUTER_QAT#sh ip route

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

       + - replicated route, % - next hop override

Gateway of last resort is 172.31.92.41 to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 172.31.92.41

      20.0.0.0/32 is subnetted, 1 subnets

C        20.20.20.21 is directly connected, Loopback0

      172.17.0.0/16 is variably subnetted, 2 subnets, 2 masks

C        172.17.0.0/24 is directly connected, GigabitEthernet0/1.2

L        172.17.0.250/32 is directly connected, GigabitEthernet0/1.2

      172.31.0.0/16 is variably subnetted, 3 subnets, 2 masks

B        172.31.83.112/30 [20/0] via 172.31.83.114, 00:01:59

C        172.31.92.40/30 is directly connected, GigabitEthernet0/0

L        172.31.92.42/32 is directly connected, GigabitEthernet0/0

CORE_Router#ping 172.31.92.41

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.92.41, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

CORE_Router#ping 172.31.92.42

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.92.42, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_Router#traceroute 172.31.92.42

Type escape sequence to abort.

Tracing the route to 172.31.92.42

VRF info: (vrf in name/id, vrf out name/id)

  1 172.31.83.113 0 msec 0 msec 0 msec

  2  *  *  *

  3  *  *  *

  4  *  *  *

  5  *  *  *

  6  *  *  *

  7  *  *  *

  8  *  *  *

  9  *  *  *

10  *  *  *

11  *  *  *

12  *  *

    172.31.92.42 8 msec

CORE_Router#ping 172.31.92.42     

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.92.42, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_Router#traceroute 172.31.92.42

Type escape sequence to abort.

Tracing the route to 172.31.92.42

VRF info: (vrf in name/id, vrf out name/id)

  1 172.31.83.113 24 msec 4 msec 52 msec

  2  *  *  *

  3  *  *  *

  4  *  *  *

  5  *  *  *

  6  *  *  *

  7  *  *  *

  8  *  *  *

  9  *  *  *

10  *  *  *

11  *  *

CORE_Router#ping 172.31.92.41     

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.92.41, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

CORE_Router#ping 172.31.92.42     

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.92.42, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_Router#ping 172.31.92.41

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.92.41, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

CORE_Router#ping 172.31.92.42

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.92.42, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_Router#ping 172.31.92.42

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.92.42, timeout is 2 seconds:

..!!!

Success rate is 60 percent (3/5), round-trip min/avg/max = 1/3/4 ms

CORE_Router#ping 172.31.92.42

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.92.42, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

CORE_Router#ping 172.17.0.250

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.17.0.250, timeout is 2 seconds:

U.U.

Success rate is 0 percent (0/4)

CORE_Router#ping 172.31.92.42

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.92.42, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_ROUTER_QAT#ping 172.31.83.113

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:

...!!

Success rate is 40 percent (2/5), round-trip min/avg/max = 4/4/4 ms

CORE_ROUTER_QAT#ping 172.31.83.113

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

CORE_ROUTER_QAT#ping 172.31.83.114

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.114, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

CORE_ROUTER_QAT#ping 172.31.83.114

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.114, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_ROUTER_QAT#ping 172.31.83.114

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.114, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_ROUTER_QAT#ping 172.31.83.113

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_ROUTER_QAT#ping 172.31.83.113

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_ROUTER_QAT#ping 172.31.83.114

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.114, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_ROUTER_QAT#ping 172.31.83.113

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_ROUTER_QAT#ping 172.31.83.113

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:

...!!

Success rate is 40 percent (2/5), round-trip min/avg/max = 4/4/4 ms

CORE_ROUTER_QAT#traceroute 172.31.83.113

Type escape sequence to abort.

Tracing the route to 172.31.83.113

VRF info: (vrf in name/id, vrf out name/id)

  1  *  *  *

  2  *

CORE_ROUTER_QAT#ping 172.31.83.113

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_ROUTER_QAT#ping 172.31.83.113

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_ROUTER_QAT#ping 172.31.83.113

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_ROUTER_QAT#ping 172.31.83.113

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_ROUTER_QAT#ping 172.31.83.113

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_ROUTER_QAT#ping 172.31.83.113

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_ROUTER_QAT#ping 172.31.83.113

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/8 ms

CORE_ROUTER_QAT#ping 172.31.83.114

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.114, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CORE_ROUTER_QAT#ping 172.31.83.114

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.31.83.114, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

Hello Jobin,

contact the MPLS service provider it looks like that they haven't configured their side the PE-CE eBGP sessions.

The Service Provider has the configuration to route the PE-CE links and this allows you to ping the remote PE but you cannot ping the remote CE as the PE-CE eBGP sessions are not established.

The eBGP session with the remote CE is not usual in this kind of setup as I have noted previously it may be able to go up but it doesn't solve your issues you need to contact the MPLS SP tech support.

Hope to help

Giuseppe

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco