Following the labels

This post is related to the following IOS Message, that got my attention while preparing to Study MPLS TE %BGP-4-VPNV4NH_IF: Nexthop 192.168.89.8 may not be reachab le from neigbor 192.168.79.7 – not a loopback

Initial Configurations

router bgp 789
no synchronization
bgp log-neighbor-changes
neighbor 7.7.7.7 remote-as 789
neighbor 7.7.7.7 shutdown
neighbor 7.7.7.7 update-source Loopback0
neighbor 192.168.79.7 remote-as 789
neighbor 192.168.79.7 update-source Serial0/0/0.89
no auto-summary
!
address-family vpnv4
neighbor 7.7.7.7 activate
neighbor 7.7.7.7 send-community extended
neighbor 192.168.79.7 activate
neighbor 192.168.79.7 send-community extended
exit-address-family
!
address-family ipv4 vrf AS56
redistribute ospf 1 vrf AS56 match internal external 1 external 2
no synchronization
network 8.8.8.8 mask 255.255.255.255
exit-address-family

We can tell from the output that I am pering with R7 interface connected to R9 from R8, the same holds true for the

R7, R8 peering, using interface connecting R8 – R9

R8#show ip bgp vpnv4 all summ | b Neigh
Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
7.7.7.7         4   789       8       8        0    0    0 00:01:14 Idle (Admin)
192.168.79.7    4   789       8       8       55    0    0 00:01:03        3

Now in R7

R7#show ip bgp vpnv4 rd 8.8.8.8:68
BGP table version is 54, local router ID is 7.7.7.7
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete</pre>
<pre>Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 8.8.8.8:68
*i6.6.6.6/32       192.168.89.8            65    100      0 ?
*i8.8.8.8/32       192.168.89.8             0    100      0 i
*i192.168.68.0     192.168.89.8             0    100      0 ?

and one Client that is haging over VRF AS56

R5#show ip route ospf
6.0.0.0/32 is subnetted, 1 subnets
O IA    6.6.6.6 [110/129] via 192.168.57.7, 00:00:00, Serial0/0/0.57
8.0.0.0/32 is subnetted, 1 subnets
O E2    8.8.8.8 [110/1] via 192.168.57.7, 00:00:00, Serial0/0/0.57
O IA 192.168.68.0/24 [110/65] via 192.168.57.7, 00:00:00, Serial0/0/0.57

Notice that those routes are INTER Area OSPF Learned routes, we can conclude that the sham link is not operating

corretly.

R5#show ip route 6.6.6.6
Routing entry for 6.6.6.6/32
Known via “ospf 1″, distance 110, metric 129, type inter area
Last update from 192.168.57.7 on Serial0/0/0.57, 00:04:30 ago
Routing Descriptor Blocks:
* 192.168.57.7, from 192.168.57.7, 00:04:30 ago, via Serial0/0/0.57
Route metric is 129, traffic share count is 1</pre>

R5 should see this route as INTRAArea, because of a Sham Link configuration between R7 and R8, we

can tell here, that we have a Problem inside the ISP BB, remember I have R7 and R8 peering to each other using

the interfaces that they connect to R9, in order to force a pop at R9 to R7 or viceversas. looking at the problem in

more detail view at the LSP between R7 and R8 , R7 is receiving this labels from R8 to be used as the VPNV4 label.

R7#show ip bgp vpnv4 rd 8.8.8.8:68 labels
Network          Next Hop      In label/Out label
Route Distinguisher: 8.8.8.8:68
6.6.6.6/32       192.168.89.8    nolabel/20
8.8.8.8/32       192.168.89.8    nolabel/21
192.168.68.0     192.168.89.8    nolabel/19

now R7, must perform a lookup to reach 6.6.6.6 next hop, which is found in the global routing table using label:

R7(config)#do show ip cef 192.168.89.8
192.168.89.0/24, version 46, epoch 0, cached adjacency to Serial0/0/0.79
0 packets, 0 bytes
tag information set, shared
local tag: 16
via 192.168.79.9;, Serial0/0/0.79, 3 dependencies
next hop 192.168.79.9, Serial0/0/0.79
valid cached adjacency

POP, COOL!!!
192.168.89.8 which is the next hop, R7 is receiving POP from R9, looking at the LIB

R7(config)#do show mpls ldp bind <strong>192.168.89.0 24
tib entry: 192.168.89.0/24, rev 8
local binding:  tag: 16
remote binding: tsr: 9.9.9.9:0, tag: imp-null

and looking the same information at the LFIB

R7#show mpls forwarding-table 192.168.89.0
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
tag    tag or VC   or Tunnel Id      switched   interface
16     Pop tag     192.168.89.0/24   0          Se0/0/0.79 point2point

The same shows in R9 now.

R9#show mpls ldp bin 192.168.89.0 24
tib entry: 192.168.89.0/24, rev 2
local binding:  tag: imp-null
remote binding: tsr: 8.8.8.8:0, tag: imp-null
remote binding: tsr: 7.7.7.7:0, tag: 16

Let change the now, the BGP peering, from R7 and R8 but now using the loopbacks to establish the peering.

R7(config)#router bgp 789
R7(config-router)#neigh 192.168.89.8 sh

%BGP-5-ADJCHANGE: neighbor 192.168.89.8 Down Admin. shutdown
R7(config-router)#
R7(config-router)#no neigh 8.8.8.8 sh

The same for R8

R8#show ip bgp summ
BGP router identifier 8.8.8.8, local AS number 789
BGP table version is 1, main routing table version
Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
7.7.7.7         4   789       8       8        0    0    0 00:21:04 Idle (Admin)
192.168.79.7    4   789      27      27        0    0    0 00:00:14 Active

R8#conf ter
Enter configuration commands, one per line.  End with CNTL/Z.
R8(config)#router bgp 789
R8(config-router)#no neigh 7.7.7.7 sh
R8(config-router)#
%BGP-5-ADJCHANGE: neighbor 7.7.7.7 Up
R8(config-router)#
R8(config-router)# neigh 192.168.79.7 sh

Now the BGP Peering came up from each PE router using now the loopbacks

R8(config)#do show ip bgp summ
BGP router identifier 8.8.8.8, local AS number 789
BGP table version is 1, main routing table version 1</pre>
Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
7.7.7.7         4   789      15      15        1    0    0 00:00:14        0
192.168.79.7    4   789      27      27        0    0    0 00:00:35 Idle (Admin)

And I got this a few seconds later the BGP between PE Router came up

%OSPF-5-ADJCHG: Process 1, Nbr 192.168.57.7 on OSPF_SL0 from LOADING to FULL, Loading Done

We can see also that the Sham Link Went UP as well ) So it seems like a good indication

that we are now configuring MPLS VPN correctly for this particular case.

– Quick show ip route in R5

R5#show ip route ospf
6.0.0.0/32 is subnetted, 1 subnets
O       6.6.6.6 [110/130] via 192.168.57.7, 00:07:33, Serial0/0/0.577.0.0.0/32 is subnetted,
                                            1 subnets
O E2    7.7.7.7 [110/1] via 192.168.57.7, 00:07:33, Serial0/0/0.57
8.0.0.0/32 is subnetted, 1 subnets
O E2    8.8.8.8 [110/1] via 192.168.57.7, 00:07:33, Serial0/0/0.57
O    192.168.68.0/24 [110/129] via 192.168.57.7, 00:07:33, Serial0/0/0.57
R5#

You can see that now the routes are intra area routes. Let see how this different commands can be used to know thelabels are now used, in the LSP to reach the R6 lo0 from R7 at the VRF

R7#show mpls for vrf AS56 6.6.6.6
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
tag    tag or VC   or Tunnel Id      switched   interface
None   18          6.6.6.6/32        0          Se0/0/0.79 point2point

the VPN Label learn from R8

R7#show ip bgp vpnv4 rd 8.8.8.8:68 labels
Network          Next Hop      In label/Out label
Route Distinguisher: 8.8.8.8:68
6.6.6.6/32       8.8.8.8         nolabel/20
8.8.8.8/32       8.8.8.8         nolabel/21
192.168.68.0     8.8.8.8         nolabel/19

Now R7 to reach the Next hop is going to impose label 20 going out to destination 6.6.6.6 but to reach the next hop( 8.8.8.8 ) he is

R7#show mpls forwarding-table 8.8.8.8 32
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
tag    tag or VC   or Tunnel Id      switched   interface
17     18          8.8.8.8/32        0          Se0/0/0.79 point2point

going to use label 18. Lets do a Traceroute from R5 which is acting as a Client VRF to R6, that isconnected to the VRF that is importing R5 Route Targets inside the VRF,

R7#traceroute vrf AS56 6.6.6.6 so lo756
Type escape sequence to abort.
Tracing the route to 6.6.6.6</pre>
<pre>1 192.168.79.9 [MPLS: Labels 18/20 Exp 0] 168 msec 200 msec 200 msec
2 192.168.68.8 [MPLS: Label 20 Exp 0] 228 msec 60 msec 60 msec
3 192.168.68.6 44 msec *  44 msec

Now R9

R9#show mpls forwarding-table 8.8.8.8
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
tag    tag or VC   or Tunnel Id      switched   interface
18     Pop tag     8.8.8.8/32        3506       Se0/0/0.89 point2point

if a label packet comes with 18 it should POP the packet and send it to Se0/0/0.89 where R8 is, now R8 is going tosee the following label arricing arriving as MPLS: Label 20 Exp 0

MPLS: Se0/0/0.89: recvd: CoS=0, TTL=253, Label(s)=20
MPLS: Se0/0/0.68: xmit: (no label)</pre>
R8#show mpls forwarding-table labels 20
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
tag    tag or VC   or Tunnel Id      switched   interface
20     Untagged    6.6.6.6/32[V]     40032      Se0/0/0.68 point2point

He is sending the packet as Normal IP Packet to R6, and then normal IP Destination based routing is perform on R6,since we just have basic Routing configured there.

R8#show ip vrf interfaces
Interface              IP-Address      VRF                              Protocol
Se0/0/0.68             192.168.68.8    AS56                             up
Lo856                  8.8.8.8         AS56                             up

MPLS VPNS, cool thing!!

A Networker Blog

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s