07-14-2012 09:48 AM
Dear all,
I have the following Network; I have 3 routers are running L2TP V3 (R2,R2,R3) one HUB and 2 Remotes to carry MPLS traffic from MPLS Routers (R4,R5,R6) as diagram shows
I have attached the configurations of MPLS routers:
When I issue this command from R4 traceroute vrf DATA 2.2.2.2 or traceroute vrf DATA 3.3.3.3 i received time out
And the same thing I do the same command from R5 and R5.
While issuing this command show ip route vrf DATA gives the right answer.
One more thing how can test traffic, I mean PING from ONE SIDE TO other side over MPLS-VPN
hostname R4
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
ip vrf DATA
rd 100:110
route-target export 100:1000
route-target import 100:1000
!
!
mpls label protocol ldp
multilink bundle-name authenticated
!
!
interface Loopback0
ip address 192.168.133.1 255.255.255.252
!
interface Loopback1
ip vrf forwarding DATA
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.92
encapsulation dot1Q 92
ip address 192.168.10.10 255.255.255.0
ip ospf 1 area 0
mpls ip
!
interface FastEthernet0/0.100
encapsulation dot1Q 100
!
interface FastEthernet0/0.200
encapsulation dot1Q 200
ip address 192.168.30.1 255.255.255.0
ip ospf 1 area 0
mpls ip
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 192.168.10.0 0.0.0.255 area 0
network 192.168.30.0 0.0.0.255 area 0
network 192.168.133.0 0.0.0.3 area 0
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 192.168.144.1 remote-as 100
neighbor 192.168.144.1 update-source Loopback0
neighbor 192.168.155.1 remote-as 100
neighbor 192.168.155.1 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 192.168.144.1 activate
neighbor 192.168.144.1 send-community both
neighbor 192.168.155.1 activate
neighbor 192.168.155.1 send-community both
exit-address-family
!
address-family ipv4 vrf DATA
redistribute connected
no synchronization
exit-address-family
!
ip forward-protocol nd
ip route 192.168.10.0 255.255.255.0 FastEthernet0/0.92
!
!
ip http server
no ip http secure-server
!
!
!
!
hostname R5
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
ip vrf DATA
rd 100:1000
route-target export 100:1000
route-target import 100:1000
!
no ip domain lookup
!
mpls label protocol ldp
multilink bundle-name authenticated
!
interface Loopback0
ip address 192.168.155.1 255.255.255.252
!
interface Loopback1
ip vrf forwarding DATA
ip address 3.3.3.3 255.255.255.0
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.92
encapsulation dot1Q 92
ip address 192.168.10.1 255.255.255.0
ip ospf 1 area 0
mpls ip
!
interface FastEthernet0/0.100
encapsulation dot1Q 100
ip address 192.168.20.1 255.255.255.0
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 192.168.10.0 0.0.0.255 area 0
network 192.168.155.0 0.0.0.3 area 0
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 192.168.133.1 remote-as 100
neighbor 192.168.133.1 update-source Loopback0
neighbor 192.168.144.1 remote-as 100
neighbor 192.168.144.1 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 192.168.133.1 activate
neighbor 192.168.133.1 send-community both
neighbor 192.168.144.1 activate
neighbor 192.168.144.1 send-community both
exit-address-family
!
address-family ipv4 vrf DATA
redistribute connected
no synchronization
exit-address-family
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
hostname R6
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
ip vrf DATA
rd 100:110
route-target export 100:1000
route-target import 100:1000
!
!
mpls label protocol ldp
multilink bundle-name authenticated
!
interface Loopback0
ip address 192.168.144.1 255.255.255.252
!
interface Loopback1
ip vrf forwarding DATA
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.100
encapsulation dot1Q 100
ip address 192.168.20.20 255.255.255.0
!
interface FastEthernet0/0.200
encapsulation dot1Q 200
ip address 192.168.30.30 255.255.255.0
ip ospf 1 area 0
mpls ip
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 192.168.30.0 0.0.0.255 area 0
network 192.168.144.0 0.0.0.3 area 0
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 192.168.133.1 remote-as 100
neighbor 192.168.133.1 update-source Loopback0
neighbor 192.168.155.1 remote-as 100
neighbor 192.168.155.1 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 192.168.133.1 activate
neighbor 192.168.133.1 send-community both
neighbor 192.168.155.1 activate
neighbor 192.168.155.1 send-community both
exit-address-family
!
address-family ipv4 vrf DATA
redistribute connected
no synchronization
exit-address-family
!
ip forward-protocol nd
!
!
ip http server
no ip http secure-server
!
07-16-2012 01:23 AM
any suggestions
07-16-2012 07:11 AM
Some questions / comments:
1. Did you define the pseudowire-class PW-manual and l2tp-class L2TP-manual at R1, R2 and R3? I didn't find it at the picture.
2. There are mismatching l2tp ids between remote 1 and hub. Check that.
3. There is also L2TP cookies mismatch between routers. Check that.
4. Check if the hardware (including the linecards, for distributed platforms), IOS and feature set you are using support L2TPv3. (www.cisco.com/go/cfn amd CCO documentation)
5. Use show commands and debug xconnect to troubleshoot the problem. (eg.:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gtl2tpv3.html#wp1046458)
HTH
07-16-2012 09:31 AM
thanks Ander,
I have fixed the L2TP and it is working I am able to ping each other the , my concern is MPLS-vpn that the tracerout vrf DATA ip 1.1.1.1 command gives time
07-16-2012 10:49 AM
Hi,
1. Can you ping the loopback0 from each router using the source loopback0?
For example: from R4: ping 192.168.155.1 source lo0
2. Is the LDP session up and running?
=> Use the commands "show mpls ldp discovery" and "show mpls ldp neighbor" to check.
3. Can you ping the Loopback1 from each VPN using source Loopback1?
For example: from R4: ping vrf DATA 3.3.3.3 source lo1
If the answer to question 1 is negative, you need to check L2VPN configuration and routing.
If the answer to questions 2 or 3 are negative, you need to check your L3VPN configuration (LDP, MPBGP, MPLS forwarding, etc).
HTH
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide