Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1553
Views
0
Helpful
7
Replies

Direct traffic onto an LSP based on packets ToS value

tarkeshpatel
Level 1
Level 1

‎04-01-2012 01:07 PM

Hello...

I am trying to push traffic onto an LSP thats mutiple paths created as below.  

interface Tunnel3080

ip unnumbered Loopback0

tunnel destination 10.253.253.136

tunnel mode mpls traffic-eng

tunnel mpls traffic-eng path-option 11 explicit name CTel-C32-CGx-CSnf-Cwil

tunnel mpls traffic-eng path-option 12 explicit name CTel-CGlb-C1275-CMar-CWil

tunnel mpls traffic-eng path-option protect 11 explicit name CTel-CGlb-C1275-CMar-CWil

ip explicit-path name CTel-CGlb-C1275-CMar-CWil enable

next-address 10.254.0.241

next-address 10.254.0.242

next-address 10.254.0.2

next-address 10.254.1.82

next-address 10.254.13.1

ip explicit-path name CTel-C32-CGx-CSnf-Cwil enable

next-address 10.254.0.242

next-address 10.254.0.241

next-address 10.254.0.2

next-address 10.254.1.82

next-address 10.254.13.1

Traffic is coming in from an interface vlan 503;  and is going to lets say 10.11.1.2.

I've an ACL as below to catch the traffic into an ACL.

ip access-list extended TOS9TrafficTo10-11-1

   10 permit ip 10.32.21.2 10.11.1.2 tos 9

I tried with below to direct the traffic onto an above tunnel LSP.

route-map BO_LA permit 10

match ip address TOS9TrafficTo10-11-1

set interface Tunnel3080

and then applied the map to the interface as below...

interface vlan 503

ip policy route-map BO_LA

Its not working..   and need some assistance..  I know route maps are not the solution here as they're used for routes and not the actual traffic, I believe.  Is there any other solution.

-Tarkesh

Labels:
0 Helpful
7 Replies 7

Peter Paluch
Cisco Employee
Cisco Employee

‎04-01-2012 01:21 PM

Tarkesh,

This should actually work because a route-map can also be used for policy-based routing and not just for routing information manipulation. I am in fact surprised that your configuration has no effect. The first thing coming to my mind here: is the interface Vlan503 the incoming interface for this traffic you want to send via specific MPLS TE tunnels? Is the traffic actually routed, i.e. passing through the Vlan503, or is it simply switched within VLAN 503?

Also, how do you know your configuration has no effect?

There is an option of class-based tunnel selection for ingress traffic, however, that feature is supported only on selected platforms. You can read (much) more here:

http://www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_te_tun_select.html

0 Helpful

tarkeshpatel
Level 1
Level 1
In response to Peter Paluch

‎04-01-2012 02:17 PM

VLAN503 is the interface from which traffic is coming in, and I want that traffic to ride over the Tunnel.   VLAN 503 is the SVI interface with an IP address /30, so its actually routed.  The router with the other end of that /30 is actually has a static route that forces the traffic to this router.

I noticed that the tunnel is not increasing any packets when I do show inter tunnel 3080 or show inter traff eng tunnels tunnel 3080 accounting.

also when I do show route-map, the packets are not matched...for some reason..

For now, I have a static route for that destination pointing to the tunnel; however its directing all the traffic and not only ToS9 traffic.  Lets say if I want to direct ToS11 traffic to some other tunnel, I can't do that righ tnow.

???  I'll look into that class-based tunnel selection.

0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee
In response to tarkeshpatel

‎04-01-2012 03:04 PM

Hi Tarkesh,

Just a quick test: if you removed the tos 9 from your ACL and left it in this form:

ip access-list extended TOS9TrafficTo10-11-1

   10 permit ip host 10.32.21.2 host 10.11.1.2

would the traffic start flowing via the MPLS TE tunnel? Of course, such ACL would apply to all traffic from 10.32.21.2 to 10.11.1.2. The point of my test is to verify whether the policy-based routing is working at all.

Best regards,

Peter

0 Helpful

tarkeshpatel
Level 1
Level 1
In response to Peter Paluch

‎04-03-2012 02:04 PM

I tried with no ToS..  and i think it works..   the ping doesn't work  but when I do traceroutes the route-map shows the matches, and traceroute goes using the path I have in the tunnel.

So..  without ToS it works, but there is no point..  as I wanted to send two flows with same source address and same destination with two different ToS bits inserted so that they can be diverse using the Tunnels (LSPs).  I'll try doing it with the DSCP values.

Any other Idea?  Thanks in advance.

0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee
In response to tarkeshpatel

‎04-04-2012 05:16 AM

Hi Tarkesh,

I was just about to suggest using DSCP. Please give it a try and let me know.

Best regards,

Peter

0 Helpful

Kishore Chennupati
Level 7
Level 7
In response to tarkeshpatel

‎04-09-2012 07:08 AM

HI Tarkesh,

Just curious. how did you go with using dscp? Any luck?

Regards, Kishore

0 Helpful

tarkeshpatel
Level 1
Level 1
In response to Kishore Chennupati

‎05-09-2012 01:14 PM

Sorry guys.. I didn't get a chance to test this as they pulled the routers off the lab.   I can't do it in the production network. 

Let me know if anyone of you happened to do so.  I"ll try to to test it when I get a chance or get my lab router back.

-TK

0 Helpful
Customers Also Viewed These Support Documents