cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1385
Views
0
Helpful
2
Replies

Help with an MPLS/OSPF issue

luisfmolina
Level 1
Level 1

Hi, I have a problem with a traffic between PE01 and PE03 (please see attached diagram).

When PE03 tries to reach a network in CLI, this traffic uses MPLS, but when it returns it uses generic IP, it is normal? How can avoid this behavior?

I want to put a Firewall between PE01 and PE03 but then it discards the packets cause its header doesn´t match (Stateful behavior)

 

Here are some show commands output:

 

PE03#show ip route 10.30.0.2
Routing entry for 10.30.0.2/32
Known via "ospf 100", distance 110, metric 21, type inter area
Last update from X.X.X.129 on Ethernet0/0, 05:56:48 ago
Routing Descriptor Blocks:
* X.X.X.129, from 192.168.48.1, 05:56:48 ago, via Ethernet0/0
Route metric is 21, traffic share count is 1
PE03#

 

PE03#show mpls forwarding-table 10.30.0.2
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 18 10.30.0.2/32 0 Et0/0 X.X.X.129
PE03#

 

PE03#show ip cef 10.30.0.2
10.30.0.2/32
nexthop X.X.X.129 Ethernet0/0 label 18
PE03#

 

PE03#traceroute 10.30.0.2
Type escape sequence to abort.
Tracing the route to 10.30.0.2
VRF info: (vrf in name/id, vrf out name/id)
1 X.X.X.129 [MPLS: Label 18 Exp 0] 2 msec 7 msec 5 msec
2 192.168.220.130 5 msec 9 msec 1 msec
PE03#

 

PE03#ping 10.30.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.30.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/5 ms

 

Why if PE03 knows how to reach 10.30.0.2 via OSPF, it uses MPLS to reach this network? Thank you.

1 Accepted Solution

Accepted Solutions

Harold Ritter
Spotlight
Spotlight

Hi,

 

This is because x.x.x.154 is directly connected to PE1, hence PE1 not using an MPLS LSP to get to it. You should add another router like CLI and connect it to PE3 and then ping from its loopback address to CLI loobpack address. You should then see both incoming and outgoing flow as labeled.

 

Regards, 

Regards,
Harold Ritter, CCIE #4168 (EI, SP)

View solution in original post

2 Replies 2

Harold Ritter
Spotlight
Spotlight

Hi,

 

This is because x.x.x.154 is directly connected to PE1, hence PE1 not using an MPLS LSP to get to it. You should add another router like CLI and connect it to PE3 and then ping from its loopback address to CLI loobpack address. You should then see both incoming and outgoing flow as labeled.

 

Regards, 

Regards,
Harold Ritter, CCIE #4168 (EI, SP)

Virendra Pratap
Level 1
Level 1

in return path PE1 perform PHP operation  so label is removed