07-30-2014 07:10 AM
Hi,
How to deny packets with labels on a ingress LER?
For example, if a LER receives a labeled packet, may it refuses this packet?
If you have documents, rfc, which refers to this mechanism, I am interested
Thx
P.
Solved! Go to Solution.
07-31-2014 02:01 AM
Hi,
If you receive labeled packet on an interface which is not MPLS interface (like PE-CE) or may be with wrong label, packet will be discarded.
http://www.faqs.org/rfcs/rfc4381.html
For security reasons, a PE router should never accept a packet with a label from a CE router.
http://www.faqs.org/rfcs/rfc3031.html
3.18. Invalid Incoming Labels What should an LSR do if it receives a labeled packet with a particular incoming label, but has no binding for that label? It is tempting to think that the labels can just be removed, and the packet forwarded as an unlabeled IP packet. However, in some cases, doing so could cause a loop. If the upstream LSR thinks the label is bound to an explicit route, and the downstream LSR doesn't think the label is bound to anything, and if the hop by hop routing of the unlabeled IP packet brings the packet back to the upstream LSR, then a loop is formed. It is also possible that the label was intended to represent a route which cannot be inferred from the IP header. Therefore, when a labeled packet is received with an invalid incoming label, it MUST be discarded, UNLESS it is determined by some means (not within the scope of the current document) that forwarding it unlabeled cannot cause any harm.
07-30-2014 10:26 PM
Hi,
Please explain your requirement clearly. If a router is advertising label then only it will receive labeled packets. If you don't advertise label then you wont receive traffic. We can control advertising label for particular prefix with help of command
-Akash
07-31-2014 12:51 AM
Thank for your reply.
I would like to know if an ingress LER can accept labelled packet from a CE.
I know that normally, a CE send an IP packet (unlabelled) and the LER push a tag. But if a CE sends a labelled packet what happen?
P.
07-31-2014 02:01 AM
Hi,
If you receive labeled packet on an interface which is not MPLS interface (like PE-CE) or may be with wrong label, packet will be discarded.
http://www.faqs.org/rfcs/rfc4381.html
For security reasons, a PE router should never accept a packet with a label from a CE router.
http://www.faqs.org/rfcs/rfc3031.html
3.18. Invalid Incoming Labels What should an LSR do if it receives a labeled packet with a particular incoming label, but has no binding for that label? It is tempting to think that the labels can just be removed, and the packet forwarded as an unlabeled IP packet. However, in some cases, doing so could cause a loop. If the upstream LSR thinks the label is bound to an explicit route, and the downstream LSR doesn't think the label is bound to anything, and if the hop by hop routing of the unlabeled IP packet brings the packet back to the upstream LSR, then a loop is formed. It is also possible that the label was intended to represent a route which cannot be inferred from the IP header. Therefore, when a labeled packet is received with an invalid incoming label, it MUST be discarded, UNLESS it is determined by some means (not within the scope of the current document) that forwarding it unlabeled cannot cause any harm.
08-01-2014 01:20 AM
Ok thx you for your answer.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide