Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
926
Views
0
Helpful
2
Replies

Help with an MPLS/OSPF issue

Go to solution
luisfmolina
Level 1
Level 1

‎02-15-2019 12:55 PM

Hi, I have a problem with a traffic between PE01 and PE03 (please see attached diagram).

When PE03 tries to reach a network in CLI, this traffic uses MPLS, but when it returns it uses generic IP, it is normal? How can avoid this behavior?

I want to put a Firewall between PE01 and PE03 but then it discards the packets cause its header doesn´t match (Stateful behavior)

 

Here are some show commands output:

 

PE03#show ip route 10.30.0.2
Routing entry for 10.30.0.2/32
Known via "ospf 100", distance 110, metric 21, type inter area
Last update from X.X.X.129 on Ethernet0/0, 05:56:48 ago
Routing Descriptor Blocks:
* X.X.X.129, from 192.168.48.1, 05:56:48 ago, via Ethernet0/0
Route metric is 21, traffic share count is 1
PE03#

 

PE03#show mpls forwarding-table 10.30.0.2
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 18 10.30.0.2/32 0 Et0/0 X.X.X.129
PE03#

 

PE03#show ip cef 10.30.0.2
10.30.0.2/32
nexthop X.X.X.129 Ethernet0/0 label 18
PE03#

 

PE03#traceroute 10.30.0.2
Type escape sequence to abort.
Tracing the route to 10.30.0.2
VRF info: (vrf in name/id, vrf out name/id)
1 X.X.X.129 [MPLS: Label 18 Exp 0] 2 msec 7 msec 5 msec
2 192.168.220.130 5 msec 9 msec 1 msec
PE03#

 

PE03#ping 10.30.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.30.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/5 ms

 

Why if PE03 knows how to reach 10.30.0.2 via OSPF, it uses MPLS to reach this network? Thank you.

Labels:
Preview file
90 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Harold Ritter
Cisco Employee
Cisco Employee

‎02-15-2019 01:10 PM

Hi,

 

This is because x.x.x.154 is directly connected to PE1, hence PE1 not using an MPLS LSP to get to it. You should add another router like CLI and connect it to PE3 and then ping from its loopback address to CLI loobpack address. You should then see both incoming and outgoing flow as labeled.

 

Regards, 

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Harold Ritter
Cisco Employee
Cisco Employee

‎02-15-2019 01:10 PM

Hi,

 

This is because x.x.x.154 is directly connected to PE1, hence PE1 not using an MPLS LSP to get to it. You should add another router like CLI and connect it to PE3 and then ping from its loopback address to CLI loobpack address. You should then see both incoming and outgoing flow as labeled.

 

Regards, 

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

Go to solution
Virendra Pratap
Level 1
Level 1

‎02-21-2019 02:12 AM

in return path PE1 perform PHP operation  so label is removed 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents