MPLS L3VPN Shared services nat no ping reply

MarkG71 · ‎07-24-2024

Hi, I´m studying CCNP for the first time and I don´t catch an issue. My lab is configured with ospf between PEs for ldp and BGP as normally, 2 clients, 1 with ospf and 1 with bgp (others process apart from the mpls network), clients in a vrf and nat (pat). I configured l3vpn shared services that I understand is an internet vrf that share internet with clients.

Everything is working fine, all neighbors, all communications, all table routes, etc. are ok (I think) but when a client pings to internet and I capture the traffic icmp echo request is ok, but echo reply is not present. I made some labs and I noticed this issue is when there are more hops within the mspl network even if I see the rights next-hops, but if a client is directly connected to the PE with internet all is fine.

(it´s not the images of cisco devices because I tried with some).

I share the config and the lab, I hope you can help me with a clue.

thank you so much!

MHM Cisco World · ‎07-25-2024

there are three Op for Internet in MPLS
https://learningnetwork.cisco.com/s/article/mpls-l3vpn-internet-access-option-1-x

https://learningnetwork.cisco.com/s/article/mpls-l3vpn-internet-access-option-3-x

https://learningnetwork.cisco.com/s/article/mpls-l3vpn-internet-access-option-2-x

MHM

Flavio Miranda · ‎07-25-2024

@MarkG71

Maybe a too basic question but I think it worth ask. Does the Internet knows how to reply to client? If you see the echo request but not the reply the problem rely on the internet site probably

MarkG71 · ‎07-26-2024

@Flavio Miranda but internet doesn´t have to know clients, that´s why nat is configured, if there isn´t nat then yes.

thank you

Flavio Miranda · ‎07-27-2024

Hi @MarkG71

Make sense. But, how is the routing on the internet side? Do you have a default route or a route to the Natted IP address?

The behavior you described suggest some not returning traffic and this seems to be related to routes.