cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1180
Views
6
Helpful
22
Replies

Targeted ldp session issue in IOSXR

qus83
Level 1
Level 1

Hello

i have issue in targeted hello for non directly connected peer

 

show mpls ldp discovery

Targeted Hellos:
x.x.x.x-> x.x.x.x (active), xmit
Established: N/A

 

remote router 

x.x.x.x -> x.x.x.x (active/passive), xmit/recv
LDP Id: x.x.x.x:0
Hold time: 90 sec (local:90 sec, peer:90 sec)
Established: May 26 05:31:33.063 (6w1d ago)

issue PW doesn't come up

PW: neighbor x.x.x.x, PW ID 222, state is down ( provisioned ) (Segment-down)

 

22 Replies 22

MHM

Hi @MHM Cisco World ,

Targeted LDP is also used for LDP based L2VPN. This is the case for the OP.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Harold Ritter
Level 12
Level 12

Hi @qus83 ,

Can you verify that the source and destination addresses match on both sides. 

Other thing to check is any ACL that would prevent LDP hello messages (UDP port 646) between the two PEs.

Also need to make sure TCP port 646 is allowed between the PEs for the targeted LDP session.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

MHM

Hi @MHM Cisco World ,

Targeted LDP is used for L2VPN to exchange service labels between the two PEs.

https://www.cisco.com/c/en/us/support/docs/multiprotocol-label-switching-mpls/mpls/213238-mpls-l2vpn-pseudowire.html

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

In ios xe xconnect PW not need target ldp maybe in ios xr it different.

But there is two rule in ios xe and I think same in ios xr 

1-xconnect use ldp-id of routers

2-there is reachable between ldp-id in both routers

MHM

Hi @MHM Cisco World ,

The targeted LDP session would be required regardless whether you use IOS-XE or IOS-XR. This is how L2VPN based on LDP signalling works. Please refer to the following RFC4906 for more information.

https://datatracker.ietf.org/doc/html/rfc4906#page-8

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Thanks @Harold Ritter 
as always you are correct 
I run lab run xconnect encap mpls 
I see there are two neighbor in head routers
the direct connect neighbor and non-direct connect neighbor 

I thought that the direct connect neighbor can exchange the label between the two head routes of xconnect but after read doc. you share and run lab I was wrong 
anyway 
still point if he use LO as interface in xconnect and he not allocate label for host IP the xconnect is down 
issue is not L3 reachable but it MPLS missing label with direct connect neighbor 

THANKS A LOT 

MHM
Screenshot (784).pngScreenshot (783).png

Hi @MHM Cisco World .

still point if he use LO as interface in xconnect and he not allocate label for host IP

This is not the issue as he already verified that the end to end LSP is correct by performing a "ping mpls" between the two PEs loopback addresses.

I have provided the OP with some commands he can run to further troubleshoot the issue. Let's see what he says.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

qus83
Level 1
Level 1

 

Thanks for the reply 

Also need to make sure TCP port 646 is allowed between the PEs for the targeted LDP session

How can we check tcp ?  @Harold Ritter 

Hi @qus83 ,

I am referring to port TCP 646 being accessible from an ACL standpoint. To verify you could try to "telnet <peer-id> 646 source-interface <loopback interface used for l2vpn peering>" from one PE to the other.

But you first need to check why UDP traffic can't make it between the 2 PEs as seen in the output of the following command:

show mpls ldp discovery

Targeted Hellos:
x.x.x.x-> x.x.x.x (active), xmit

The first step would be to check if you can ping from one loopback to the other.

ping <remote ldp peer-id> source <local ldp peer-id>

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

 

the issue from one PE-A side , no ping without source

but the other side can ping without source

 

ping mpls ipv4 x.x.x.x/32 source x.x.x.x
Wed Jul 10 09:39:08.606 AST

Sending 5, 100-byte MPLS Echos to x.x.x.x/32,
timeout is 2 seconds, send interval is 0 msec:

Codes: '!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'I' - unknown upstream index,
'X' - unknown return code, 'x' - return code 0

Type escape sequence to abort.

!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/6 ms

 

 

ping mpls ipv4 x.x.x.x/32
Wed Jul 10 09:38:43.013 AST

Sending 5, 100-byte MPLS Echos to x.x.x.x/32,
timeout is 2 seconds, send interval is 0 msec:

Codes: '!' - success, 'Q' - request not sent, '.' - timeout,
'L' - labeled output interface, 'B' - unlabeled output interface,
'D' - DS Map mismatch, 'F' - no FEC mapping, 'f' - FEC mismatch,
'M' - malformed request, 'm' - unsupported tlvs, 'N' - no rx label,
'P' - no rx intf label prot, 'p' - premature termination of LSP,
'R' - transit router, 'I' - unknown upstream index,
'X' - unknown return code, 'x' - return code 0

Type escape sequence to abort.

.....
Success rate is 0 percent (0/5)

 

 

The ldp id must reachable via 

IGP and ldp 

If ypu ping success and ping mpls failed then there is issue in mpls label' mostly from you config ios xr to not label host prefix 

If you ping failed abd sure ping mpls failed then LO is not advertise via IGP you run between PE's

MHM

Hi @qus83 ,

You should be fine, as long as the "ping mpls" works from loopback to loopback.

Did you have a chance to verify why udp traffic to port 646 does not make it in one direction?

show mpls ldp discovery

Targeted Hellos:
x.x.x.x-> x.x.x.x (active), xmit
Established: N/A

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México