08-02-2018 08:51 AM - edited 08-02-2018 08:52 AM
Hi,
I'm having a weird issue with a couple of ME-3600X units, On IOS version 15.4(3)S9 we configured some EoMPLS pseudowires, the come up an work fine, but I upgrade to 15.5.3S7 or 15.6.2-SP4 which are the "
A end: #show mpls l2transport vc 1337 detail Local interface: Gi0/23 up, line protocol up, Ethernet up Destination address: 10.2.11.8, VC ID: 1337, VC status: up Output interface: Vl101, imposed label stack {27 169} Preferred path: not configured Default path: active Next hop: xx.xx.xx.xx Create time: 00:06:07, last status change time: 00:05:34 Last label FSM state change time: 00:05:34 Last peer autosense occurred at: 00:05:34 Signaling protocol: LDP, peer 10.2.11.8:0 up Targeted Hello: 10.2.11.9(LDP Id) -> 10.2.11.8, LDP is UP Graceful restart: not configured and not enabled Non stop routing: not configured and not enabled Status TLV support (local/remote) : enabled/supported LDP route watch : enabled Label/status state machine : established, LruRru Last local dataplane status rcvd: No fault Last BFD dataplane status rcvd: Not sent Last BFD peer monitor status rcvd: No fault Last local AC circuit status rcvd: No fault Last local AC circuit status sent: No fault Last local PW i/f circ status rcvd: No fault Last local LDP TLV status sent: No fault Last remote LDP TLV status rcvd: No fault Last remote LDP ADJ status rcvd: No fault MPLS VC labels: local 170, remote 169 Group ID: local n/a, remote 0 MTU: local 1500, remote 1500 Remote interface description: Test: testing - 01 Sequencing: receive disabled, send disabled Control Word: Off (configured: autosense) Dataplane: SSM segment/switch IDs: 20487/4097 (used), PWID: 11 VC statistics: transit packet totals: receive 0, send 13 transit byte totals: receive 0, send 1664 transit packet drops: receive 0, seq error 0, send 0 B end: #show mpls l2transport vc 1337 detail Local interface: Gi0/23 up, line protocol up, Ethernet up Destination address: 10.2.11.9, VC ID: 1337, VC status: up Output interface: Vl101, imposed label stack {24081 170} Preferred path: not configured Default path: active Next hop: xx.xx.xx.xx Create time: 00:11:52, last status change time: 00:11:13 Last label FSM state change time: 00:11:13 Last peer autosense occurred at: 00:11:13 Signaling protocol: LDP, peer 10.2.11.9:0 up Targeted Hello: 10.2.11.8(LDP Id) -> 10.2.11.9, LDP is UP Graceful restart: not configured and not enabled Non stop routing: not configured and not enabled Status TLV support (local/remote) : enabled/supported LDP route watch : enabled Label/status state machine : established, LruRru Last local dataplane status rcvd: No fault Last BFD dataplane status rcvd: Not sent Last BFD peer monitor status rcvd: No fault Last local AC circuit status rcvd: No fault Last local AC circuit status sent: No fault Last local PW i/f circ status rcvd: No fault Last local LDP TLV status sent: No fault Last remote LDP TLV status rcvd: No fault Last remote LDP ADJ status rcvd: No fault MPLS VC labels: local 169, remote 170 Group ID: local n/a, remote 0 MTU: local 1500, remote 1500 Remote interface description: Test: testing - 01 Sequencing: receive disabled, send disabled Control Word: Off Dataplane: SSM segment/switch IDs: 16390/4097 (used), PWID: 11 VC statistics: transit packet totals: receive 0, send 24 transit byte totals: receive 0, send 3072 transit packet drops: receive 0, seq error 0, send 0
version 15.6 no service pad service timestamps debug datetime msec show-timezone service timestamps log datetime msec show-timezone service password-encryption service unsupported-transceiver platform bfd allow-svi ! clock summer-time BST recurring last Sun Mar 2:00 last Sun Oct 2:00 clock calendar-valid no ip source-route ip routing ! mpls label protocol ldp mpls traffic-eng tunnels mpls traffic-eng logging lsp path-errors mpls traffic-eng logging lsp reservation-errors mpls traffic-eng auto-tunnel backup mpls traffic-eng auto-tunnel backup timers removal unused 1800 1800 mpls traffic-eng auto-tunnel backup tunnel-num min 401 max 599 xconnect logging pseudowire status ! spanning-tree mode rapid-pvst spanning-tree extend system-id diagnostic bootup level minimal errdisable recovery cause udld errdisable recovery cause link-flap errdisable recovery cause storm-control ! transceiver type all monitoring vlan internal allocation policy ascending ! vlan 101 name ospf-pathA ! vlan 102 name ospf-pathB ! l2 router-id 10.2.11.9 ! interface Loopback0 ip address 10.2.11.9 255.255.255.255 ! <interfaces snip>
! interface GigabitEthernet0/23 description Test: testing - 01 no switchport no ip address xconnect 10.2.11.8 1337 encapsulation mpls ! interface GigabitEthernet0/24 description Test: testing - 02 no switchport no ip address xconnect 10.2.11.8 1338 encapsulation mpls ! interface TenGigabitEthernet0/1 description PathA switchport trunk allowed vlan 101 switchport mode trunk mtu 9212 ! interface TenGigabitEthernet0/2 description Path B switchport trunk allowed vlan 102 switchport mode trunk mtu 9212 ! interface Vlan101 description OSPF - PathA mtu 9000 ip address xx.xx.xx.xx 255.255.255.254 no ip redirects no ip proxy-arp ip ospf authentication null ip ospf network point-to-point ip ospf dead-interval 15 ip ospf hello-interval 5 ip ospf cost 100 ipv6 address xxx::xxx/126 ipv6 enable ipv6 nd ra suppress ipv6 ospf authentication null mpls ip mpls traffic-eng tunnels mpls traffic-eng administrative-weight 100 ipv6 ospf 1 area 0 ipv6 ospf network point-to-point ipv6 ospf hello-interval 5 ipv6 ospf dead-interval 15 ! interface Vlan102 description OSPF - PathB mtu 9000 ip address xx.xx.xx.xx. 255.255.255.254 no ip redirects no ip proxy-arp ip ospf authentication null ip ospf network point-to-point ip ospf dead-interval 15 ip ospf hello-interval 5 ip ospf cost 100 ipv6 address xxx::xxx/126 ipv6 enable ipv6 nd ra suppress ipv6 ospf authentication null mpls ip mpls traffic-eng tunnels mpls traffic-eng administrative-weight 100 ipv6 ospf 1 area 0 ipv6 ospf network point-to-point ipv6 ospf hello-interval 5 ipv6 ospf dead-interval 15 ! router ospf 1 router-id 10.2.11.9 no auto-cost area 0 authentication message-digest redistribute connected subnets redistribute static subnets passive-interface default no passive-interface Vlan101 no passive-interface Vlan102 network xx.xx.xx.xx 0.0.0.1 area 0 network xx.xx.xx.xx 0.0.0.1 area 0 mpls traffic-eng router-id Loopback0 mpls traffic-eng area 0 ! router bgp xxxxx bgp router-id 10.2.11.9 no bgp enforce-first-as bgp log-neighbor-changes no bgp default ipv4-unicast neighbor iBGP-vpls peer-group neighbor iBGP-vpls remote-as xxxxx neighbor iBGP-vpls update-source Loopback0 neighbor 10.2.11.8 remote-as xxxxx neighbor 10.2.11.8 peer-group iBGP-vpls ! address-family l2vpn vpls neighbor iBGP-vpls suppress-signaling-protocol ldp neighbor 10.2.11.8 activate exit-address-family ! ip forward-protocol nd ! ipv6 router ospf 1 router-id 10.2.11.9 no auto-cost passive-interface default no passive-interface Vlan101 no passive-interface Vlan102 redistribute connected redistribute static ! mpls ldp router-id Loopback0
version 15.6 no service pad service timestamps debug datetime msec show-timezone service timestamps log datetime msec show-timezone service password-encryption service unsupported-transceiver platform bfd allow-svi ! clock summer-time BST recurring last Sun Mar 2:00 last Sun Oct 2:00 clock calendar-valid no ip source-route ip routing ! mpls label protocol ldp mpls traffic-eng tunnels mpls traffic-eng logging lsp path-errors mpls traffic-eng logging lsp reservation-errors mpls traffic-eng auto-tunnel backup mpls traffic-eng auto-tunnel backup timers removal unused 1800 1800 mpls traffic-eng auto-tunnel backup tunnel-num min 401 max 599 xconnect logging pseudowire status ! spanning-tree mode rapid-pvst spanning-tree extend system-id diagnostic bootup level minimal errdisable recovery cause udld errdisable recovery cause link-flap errdisable recovery cause storm-control ! transceiver type all monitoring vlan internal allocation policy ascending ! vlan 101 name ospf-pathA ! vlan 102 name ospf-pathA ! l2 router-id 10.2.11.8 ! interface Loopback0 ip address 10.2.11.8 255.255.255.255 ! <interfaces snip> ! interface GigabitEthernet0/23 description Test: testing - 01 no switchport no ip address xconnect 10.2.11.9 1337 encapsulation mpls ! interface GigabitEthernet0/24 description Test: testing - 02 no switchport no ip address xconnect 10.2.11.9 1338 encapsulation mpls ! interface TenGigabitEthernet0/1 description PathA switchport trunk allowed vlan 101 switchport mode trunk mtu 9212 ! interface TenGigabitEthernet0/2 description PathB switchport trunk allowed vlan 102 switchport mode trunk mtu 9212 ! interface Vlan101 description OSPF - PathA mtu 9000 ip address xx.xx.xx.xx 255.255.255.254 no ip redirects no ip proxy-arp ip ospf authentication null ip ospf network point-to-point ip ospf dead-interval 15 ip ospf hello-interval 5 ip ospf cost 100 ipv6 address xxx::xxx/126 ipv6 enable ipv6 nd ra suppress ipv6 ospf authentication null mpls ip mpls traffic-eng tunnels mpls traffic-eng administrative-weight 100 ipv6 ospf 1 area 0 ipv6 ospf network point-to-point ipv6 ospf hello-interval 5 ipv6 ospf dead-interval 15 ! interface Vlan102 description OSPF - PathB mtu 9000 ip address xx.xx.xx.xx 255.255.255.254 no ip redirects no ip proxy-arp ip ospf authentication null ip ospf network point-to-point ip ospf dead-interval 15 ip ospf hello-interval 5 ip ospf cost 100 ipv6 address xxx::xxx/126 ipv6 enable ipv6 nd ra suppress ipv6 ospf authentication null mpls ip mpls traffic-eng tunnels mpls traffic-eng administrative-weight 100 ipv6 ospf 1 area 0 ipv6 ospf network point-to-point ipv6 ospf hello-interval 5 ipv6 ospf dead-interval 15 ! router ospf 1 router-id 10.2.11.8 no auto-cost area 0 authentication message-digest redistribute connected subnets redistribute static subnets passive-interface default no passive-interface Vlan101 no passive-interface Vlan102 network xx.xx.xx.xx 0.0.0.1 area 0 network xx.xx.xx.xx 0.0.0.1 area 0 mpls traffic-eng router-id Loopback0 mpls traffic-eng area 0 ! router bgp xxxxx bgp router-id 10.2.11.8 no bgp enforce-first-as bgp log-neighbor-changes no bgp default ipv4-unicast neighbor iBGP-vpls peer-group neighbor iBGP-vpls remote-as xxxxx neighbor iBGP-vpls update-source Loopback0 neighbor 10.2.11.9 remote-as xxxxx neighbor 10.2.11.9 peer-group iBGP-vpls ! address-family l2vpn vpls neighbor iBGP-vpls suppress-signaling-protocol ldp neighbor 10.2.11.9 activate exit-address-family ! ip forward-protocol nd ! ipv6 router ospf 1 no auto-cost passive-interface default no passive-interface Vlan101 no passive-interface Vlan102 redistribute connected redistribute static ! ! mpls ldp router-id Loopback0
05-14-2019 04:19 AM - edited 05-18-2019 07:24 AM
Hi,
Downgrading to 15.4, from 15.5(3)S8, more specifically to 15.4(3)S10, solved my problems with the xconnect, the same problems described by the previous post.
I really don't know why is this happening. It behaves the same way as described - counters increment only on output on the xconnect, no input packets are entering the xconnect. Everything is up, no errors, no even slight information regarding the missing encapsulation. Ping via MPLS/IP works, i.e. the control-plane, but no actual encapsulation/forwarding.
At the same time, even if there are matches on input, because you've moved the B-end to another device, (not me3600x - say a router on the B-end), there is no any successful communication happening, i.e. no 2-way packet flow, but only one way, from the router towards the me3600x. At the router xconnect, no counters ncrement on receiving. The whole communication is still unsuccessful though.
Looks to me some sort of miscommunicaiton between the Cisco IOS and the FPGA driver and/or FPGA firmware?
IPv6 B
P.S. No warranty , no responsibility whatsoever are given to anyone , implied or other. No advice or anything else, have been given by this comment. Your decisions are solely yours. I am not responsible for any of your actions, and the consequences on those actions are yours, and only yours.
05-15-2019 02:57 AM
Hello,
thanks for you feedback on this issue.
It looks like a SW bug on 15.6 release.
However, this configuration are about port based EoMPLS that I have used in ME3600 in the past to allow trustsec traffic to pass over it.
Port based EoMPLS may be seen as legacy, but there are some use cases where it is still needed as the one above. Because using EVC based syntax blocks trustsec frames only with port based EoMPLS the device goes down to OSI layer1 and carries them happily.
I wonder if with EVC syntax the behaviour changes on the affected IOS release.
Rated as it deserves
Best Regards
Giuseppe
09-09-2019 10:29 AM
Hi Giuseppe,
I hit this issue too. I call it an issue because Cisco won't let me call it a bug without them seeing it first hand on my network. I applied the work around by moving the VLAN interface to the physical interface when we hit this issue after an upgrade. I now have another 3600X I need to configure EoMPLS on that has a MPLS VLAN uplink interface that I can't move to the physical interface. I opened a ticket for your question about using EVC syntax and getting nowhere. Do you or anyone on this forum have the bug ID for this issue? Any help is appreciated.
Thank you,
Mark
09-09-2019 11:48 PM
Please refer below link for known limitation in ME3600/Me3800:
SVI Limitations:
https://www.cisco.com/c/en/us/td/docs/switches/metro/me3600x_3800x/software/release/15-5_1_S/configuration/guide/3800x3600xscg/swmpls.html
Supported and Unsupported configurations on ME3600 and 3800X:
https://www.cisco.com/c/en/us/td/docs/switches/metro/me3600x_3800x/software/release/15-1_2_ey/configuration/guide/3800x3600xscg/swevc.html#80207
BUG ID:
CSCvh12010 ME3600: When configuring MPLS VPN over SVI, SVI cannot be part of a switchport trunk === > this is the doc bug raised for this unsupported config (limitation) (not visible for customers)
CSCug42508 RPW CE to CE Ping fails with SVI Trunk as Core === > this bug is closed due to unsupported config.
09-10-2019 12:44 AM
Thanks for the reply. Got the same from my TAC engineer minus the bug IDs. Not confident with the answer though. Why did this work for so long and then all of a sudden it doesn’t work? That SVI limitation line is without detail and not sure it applies since it is in version docs where it clearly worked. Another reason I’m not confident with the answer is that the engineer gave examples of this limitation that were nowhere close to the config that has this issue.
09-10-2019 01:23 AM - edited 09-10-2019 01:26 AM
You're pasting different IOS versions. Every version may have different SW/HW support. We should read carefully the release notes..So I am not surprised one is supporting something the other doesn't. On the contrary - It is natural. Yes, there should be inheritance, but ...
06-15-2019 01:49 PM
We investigated this with TAC some time ago, latest release your config will work is 15.5.3.S5. All later releases reqest you to use "no switchport" on uplink ports facing to core. No ospf and mpls on int vlans. This confirmed feature, as Cisco saying that using int vlans upstreams, facing core is not supported.
09-10-2019 01:20 AM
I would not upgrade then!
I would simply stick with the current or older versions that work.
This statement 'supported' or 'not supported' is obviously a choice someone is making, based on data he/she has and priority he/she follows.
If it is not supported, why has it worked in the first place? So, no - I don't think this is an ASIC issue.
Probably it is just a matter of priority choice in the development of the product.
IPv6
09-12-2019 02:54 PM
I was able to test this out. EVC config does work on the CE facing interface but you have to change the uplink physical interface to an EVC also. It doesn't work with a traditional trunk on the uplink. I was hoping port-based EoMPLS would work in the EVC uplink setup, but it didn't.
I did find that port-based EoMPLS does work with a VLAN MPLS uplink interface and a layer 2 access port. I tried every combination I could think of to make this work using loopbacks on the 3600X. The 3600X just doesn't like to receive traffic from itself. Can't even ping the uplink peer in this setup. I did get peered to the uplink router using an uplink VRF and looping into that. routing worked and the EoMPLS VC came up, but it still would not pass port-based EoMPLS traffic over it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide