Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1985
Views
0
Helpful
4
Replies

MPLS-vpn over L2TPv3

Abdallah Alkhader
Level 1
Level 1

‎07-14-2012 09:48 AM

Dear all,

I have the following Network; I have 3 routers are  running L2TP V3 (R2,R2,R3) one HUB and 2 Remotes  to carry MPLS traffic from MPLS Routers (R4,R5,R6) as diagram shows

I have attached the configurations of MPLS routers:

When I issue this command from R4 traceroute vrf DATA 2.2.2.2 or traceroute vrf DATA 3.3.3.3
 i received time out 
 
And the same thing I do the same command from R5 and R5.
While issuing this command show ip route vrf DATA gives the right answer.
 
One more thing how can test traffic, I mean PING from ONE SIDE TO other side over MPLS-VPN

hostname R4

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

ip cef

!

!

!

!

ip vrf DATA

rd 100:110

route-target export 100:1000

route-target import 100:1000

!

!

mpls label protocol ldp

multilink bundle-name authenticated

!

!

interface Loopback0

ip address 192.168.133.1 255.255.255.252

!

interface Loopback1

ip vrf forwarding DATA

ip address 1.1.1.1 255.255.255.255

!

interface FastEthernet0/0

no ip address

duplex auto

speed auto

!

interface FastEthernet0/0.92

encapsulation dot1Q 92

ip address 192.168.10.10 255.255.255.0

ip ospf 1 area 0

mpls ip

!

interface FastEthernet0/0.100

encapsulation dot1Q 100

!

interface FastEthernet0/0.200

encapsulation dot1Q 200

ip address 192.168.30.1 255.255.255.0

ip ospf 1 area 0

mpls ip

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

router ospf 1

log-adjacency-changes

network 192.168.10.0 0.0.0.255 area 0

network 192.168.30.0 0.0.0.255 area 0

network 192.168.133.0 0.0.0.3 area 0

!

router bgp 100

no synchronization

bgp log-neighbor-changes

neighbor 192.168.144.1 remote-as 100

neighbor 192.168.144.1 update-source Loopback0

neighbor 192.168.155.1 remote-as 100

neighbor 192.168.155.1 update-source Loopback0

no auto-summary

!

address-family vpnv4

  neighbor 192.168.144.1 activate

  neighbor 192.168.144.1 send-community both

  neighbor 192.168.155.1 activate

  neighbor 192.168.155.1 send-community both

exit-address-family

!

address-family ipv4 vrf DATA

  redistribute connected

  no synchronization

exit-address-family

!

ip forward-protocol nd

ip route 192.168.10.0 255.255.255.0 FastEthernet0/0.92

!

!

ip http server

no ip http secure-server

!

!

!

!

hostname R5

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

ip cef

!

!

!

!

ip vrf DATA

rd 100:1000

route-target export 100:1000

route-target import 100:1000

!

no ip domain lookup

!

mpls label protocol ldp

multilink bundle-name authenticated

!

interface Loopback0

ip address 192.168.155.1 255.255.255.252

!

interface Loopback1

ip vrf forwarding DATA

ip address 3.3.3.3 255.255.255.0

!

interface FastEthernet0/0

no ip address

duplex auto

speed auto

!

interface FastEthernet0/0.92

encapsulation dot1Q 92

ip address 192.168.10.1 255.255.255.0

ip ospf 1 area 0

mpls ip

!

interface FastEthernet0/0.100

encapsulation dot1Q 100

ip address 192.168.20.1 255.255.255.0

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

router ospf 1

log-adjacency-changes

network 192.168.10.0 0.0.0.255 area 0

network 192.168.155.0 0.0.0.3 area 0

!

router bgp 100

no synchronization

bgp log-neighbor-changes

neighbor 192.168.133.1 remote-as 100

neighbor 192.168.133.1 update-source Loopback0

neighbor 192.168.144.1 remote-as 100

neighbor 192.168.144.1 update-source Loopback0

no auto-summary

!

address-family vpnv4

  neighbor 192.168.133.1 activate

  neighbor 192.168.133.1 send-community both

  neighbor 192.168.144.1 activate

  neighbor 192.168.144.1 send-community both

exit-address-family

!

address-family ipv4 vrf DATA

  redistribute connected

  no synchronization

exit-address-family

!

ip forward-protocol nd

!

!

no ip http server

no ip http secure-server

!

hostname R6

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

ip cef

!

!

!

!

ip vrf DATA

rd 100:110

route-target export 100:1000

route-target import 100:1000

!

!

mpls label protocol ldp

multilink bundle-name authenticated

!

interface Loopback0

ip address 192.168.144.1 255.255.255.252

!

interface Loopback1

ip vrf forwarding DATA

ip address 2.2.2.2 255.255.255.255

!

interface FastEthernet0/0

no ip address

duplex auto

speed auto

!

interface FastEthernet0/0.100

encapsulation dot1Q 100

ip address 192.168.20.20 255.255.255.0

!

interface FastEthernet0/0.200

encapsulation dot1Q 200

ip address 192.168.30.30 255.255.255.0

ip ospf 1 area 0

mpls ip

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

router ospf 1

log-adjacency-changes

network 192.168.30.0 0.0.0.255 area 0

network 192.168.144.0 0.0.0.3 area 0

!

router bgp 100

no synchronization

bgp log-neighbor-changes

neighbor 192.168.133.1 remote-as 100

neighbor 192.168.133.1 update-source Loopback0

neighbor 192.168.155.1 remote-as 100

neighbor 192.168.155.1 update-source Loopback0

no auto-summary

!

address-family vpnv4

  neighbor 192.168.133.1 activate

  neighbor 192.168.133.1 send-community both

  neighbor 192.168.155.1 activate

  neighbor 192.168.155.1 send-community both

exit-address-family

!

address-family ipv4 vrf DATA

  redistribute connected

  no synchronization

exit-address-family

!

ip forward-protocol nd

!

!

ip http server

no ip http secure-server

!

Labels:
Preview file
62 KB
0 Helpful
4 Replies 4

Abdallah Alkhader
Level 1
Level 1

‎07-16-2012 01:23 AM

any suggestions

0 Helpful

Andre Gustavo Albuquerque
Cisco Employee
Cisco Employee

‎07-16-2012 07:11 AM

Some questions / comments:

1. Did you define the pseudowire-class PW-manual and l2tp-class L2TP-manual at R1, R2 and R3? I didn't find it at the picture.

2. There are mismatching l2tp ids between remote 1 and hub. Check that.

3. There is also L2TP cookies mismatch between routers. Check that.

4. Check if the hardware (including the linecards, for distributed platforms), IOS and feature set you are using support L2TPv3. (www.cisco.com/go/cfn amd CCO documentation)

5. Use show commands and debug xconnect to troubleshoot the problem. (eg.:

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gtl2tpv3.html#wp1046458)

HTH

0 Helpful

Abdallah Alkhader
Level 1
Level 1
In response to Andre Gustavo Albuquerque

‎07-16-2012 09:31 AM

thanks Ander,

I have fixed the L2TP and it is working I am able to ping each other the , my concern is MPLS-vpn that the tracerout vrf DATA ip 1.1.1.1 command gives time

0 Helpful

Andre Gustavo Albuquerque
Cisco Employee
Cisco Employee
In response to Abdallah Alkhader

‎07-16-2012 10:49 AM

Hi,

1. Can you ping the loopback0 from each router using the source loopback0?

     For example: from R4: ping 192.168.155.1 source lo0

2. Is the LDP session up and running?

    => Use the commands "show mpls ldp discovery" and "show mpls ldp neighbor" to check.

3. Can you ping the Loopback1 from each VPN using source Loopback1?

    For example: from R4: ping vrf DATA 3.3.3.3 source lo1

If the answer to question 1 is negative, you need to check L2VPN configuration and routing.

If the answer to questions 2 or 3 are negative, you need to check your L3VPN configuration (LDP, MPBGP, MPLS forwarding, etc).

HTH

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents