CSC: MPLS VPN – triple stack

CSC - MPLS VPN
R1#show ip bgp vpnv4 all
BGP table version is 11, local router ID is 172.12.1.16
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf GREEN)
i22.22.22.22/32   2.2.2.2                  0    100      0 i
 172.11.1.0/24    0.0.0.0                  0         32768 i
i172.11.2.0/24    2.2.2.2                  0    100      0 i
Route Distinguisher: 100:2 (default for vrf ORANGE)
 172.12.1.0/24    0.0.0.0                  0         32768 i
i172.12.2.0/24    2.2.2.2                  0    100      0 i

So lets take a Route in VRF Green

R1#traceroute vrf GREEN 22.22.22.22
Type escape sequence to abort.
   Tracing the route to 22.22.22.22
1 192.168.15.5 [MPLS: Labels    18/24 Exp 0] 400 msec 396 msec 400 msec
2 192.168.37.7 [MPLS: Labels    25/24 Exp 0] 356 msec 384 msec 400 msec
3 192.168.37.3 [MPLS: Labels 18/33/24 Exp 0] 324 msec 300 msec 328 msec
4 192.168.34.4 [MPLS: Labels 19/33/24 Exp 0] 308 msec 360 msec 420 msec
5 192.168.68.8 [MPLS: Labels    33/24 Exp 0] 352 msec 300 msec 300 msec
6 192.168.68.6 [MPLS: Labels    17/24 Exp 0] 332 msec 300 msec 300 msec
7 22.22.22.22 116 msec *  112 msec

Step 1: 192.168.15.5 [MPLS: Labels 18/24 Exp 0] 400 msec 396 msec 400 msec

R1#show ip bgp vpnv4 all labels
Network          Next Hop      In label/Out label
Route Distinguisher: 100:1 (GREEN)
22.22.22.22/32   2.2.2.2         nolabel/24

Looking at the BGP VPN4 we can see that the packet is labeled with label 24 in order to reach network 22.22.22.22
The VRF FIB Table indicates

R1#show ip cef vrf GREEN 22.22.22.22
22.22.22.22/32, version 9, epoch 0, cached adjacency to Serial0/0/0.101
0 packets, 0 bytes
tag information set
local tag: VPN-route-head
fast tag rewrite with Se0/0/0.101, point2point, tags imposed: {18 24}
via 2.2.2.2, 0 dependencies, recursive
next hop 192.168.15.5, Serial0/0/0.101 via 2.2.2.2/32
valid cached adjacency
tag rewrite with Se0/0/0.101, point2point, tags imposed: {18 24}

That we are using label 18 to reach the next hop and label 24 to reach the VPNV4 Route via R2

We can see then that to reach R2 we use label 18

R1#show mpls ldp bindings 2.2.2.2 32
tib entry: 2.2.2.2/32, rev 30
local binding:  tag: 16
remote binding: tsr: 5.5.5.5:0, tag: 18

Step 2 192.168.37.7 [MPLS: Labels 25/24 Exp 0] 356 msec 384 msec 400 msec

Now the FIB table at R5

R5#show ip cef 2.2.2.2
2.2.2.2/32, version 63, epoch 0, cached adjacency to Serial0/0/0.102
0 packets, 0 bytes
tag information set
local tag: 18
fast tag rewrite with Se0/0/0.102, point2point, tags imposed: {25}
via 192.168.57.7, 0 dependencies, recursive
next hop 192.168.57.7, Serial0/0/0.102 via 192.168.57.7/32
valid cached adjacency
tag rewrite with Se0/0/0.102, point2point, tags imposed: {25}

Show that R5 generate label 18, and if he receive something with label 18, he must swap it with label 25, and he sends that packet to R7 via the directly conected interface s0/0/0.102

R7#show mpls forwarding-table vrf YELLOW 2.2.2.2
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
tag    tag or VC   or Tunnel Id      switched   interface
25     18          2.2.2.2/32[V]     58997      Se0/0/0.111 point2point
R7#

The same here 25 is swap with label 18

R7#show ip bgp vpnv4 all lab | in 2.2.2.2
2.2.2.2/32       8.8.8.8         nolabel/33

Step 3: 192.168.37.3 [MPLS: Labels 18/33/24 Exp 0] 324 msec 300 msec 328 msec

R7 to reach the loopback of R8, he is distributing unsolicited label 19,

R7#show ip cef 8.8.8.8
8.8.8.8/32, version 39, epoch 0, cached adjacency to Serial0/0/0.111
0 packets, 0 bytes
tag information set, shared
local tag: 19
fast tag rewrite with Se0/0/0.111, point2point, tags imposed: {18}
via 192.168.37.3, Serial0/0/0.111, 4 dependencies
next hop 192.168.37.3, Serial0/0/0.111
valid cached adjacency
tag rewrite with Se0/0/0.111, point2point, tags imposed: {18}
R7#

and if we receive something with 19 we swap it with label 18

Step 4: 192.168.34.4 [MPLS: Labels 19/33/24 Exp 0] 308 msec 360 msec 420 msec

at the LFIB of R3

R3#show mpls forwarding-table 8.8.8.8
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
tag    tag or VC   or Tunnel Id      switched   interface
18     19          8.8.8.8/32        220979     Se0/0/0.112 point2point

We can determine that he is swapping label 18 with 19

Step 5: 192.168.68.8 [MPLS: Labels 33/24 Exp 0] 352 msec 300 msec 300 msec

At the LFIB of R4

R4#show mpls forwarding-table 8.8.8.8
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
tag    tag or VC   or Tunnel Id      switched   interface
19     Pop tag     8.8.8.8/32        215211     Se0/0/0.111 point2point

19 is poped and send it as a label packet with 2 labels.

Step 6: 192.168.68.6 [MPLS: Labels 17/24 Exp 0] 332 msec 300 msec 300 msec

R8, is generating label 17

R8#show mpls forwarding-table vrf YELLOW 2.2.2.2
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
tag    tag or VC   or Tunnel Id      switched   interface
33     17          2.2.2.2/32[V]     64537      Se0/0/0.112 point2point

and is sending this to R6

R6#show mpls forwarding-table 2.2.2.2
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
tag    tag or VC   or Tunnel Id      switched   interface
17     Pop tag     2.2.2.2/32        64164      Se0/0/0.101 point2point

Step 7: 22.22.22.22 116 msec * 112 msec

R2 now remove the upper label

R2#show mpls forwarding-table
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
tag    tag or VC   or Tunnel Id      switched   interface
16     16          1.1.1.1/32        0          Se0/0/0.101 point2point
17     19          5.5.5.5/32        0          Se0/0/0.101 point2point
18     18          192.168.15.0/24   0          Se0/0/0.101 point2point
19     20          192.168.57.0/24   0          Se0/0/0.101 point2point
20     Pop tag     6.6.6.6/32        0          Se0/0/0.101 point2point
21     Pop tag     192.168.68.0/24   0          Se0/0/0.101 point2point
22     Aggregate   172.12.2.0/24[V]  0
23     Aggregate   172.11.2.0/24[V]  26792
24     Aggregate   22.22.22.22/32[V] 9576

and 24 here is the label that R1 use at the VPVN4 label

R2#show mpls forwarding-table vrf GREEN 22.22.22.22
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
tag    tag or VC   or Tunnel Id      switched   interface
24     Aggregate   22.22.22.22/32[V] 9576

the label operation by
http://www.ciscopress.com/articles/article.asp?p=680824
is as follows:
Pop: The top label is removed. The packet is forwarded with the remaining label stack or as an unlabeled packet.
Swap:
The top label is removed and replaced with a new label.
Push:
The top label is replaced with a new label (swapped), and one or more labels are added
(pushed) on top of the swapped label.
Untagged/No Label:
The stack is removed, and the packet is forwarded unlabeled.
Aggregate:
The label stack is removed, and an IP lookup is done on the IP packet.

A Networker Blog

Advertisements

2 thoughts on “CSC: MPLS VPN – triple stack

  1. Hi Victor,

    I’m in the middle of nowhere looking for Tags Imposed means.
    And this great post help me a lot.
    Specially your how to steps to read mpls verifications.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s