Can't see MPLC label in traceroute result

Vannara Vuth · ‎01-11-2013

Hi All,

I'm a new MPLS learner and i've been trying to test a MPLS VPN in GNS3. Everything is working fine except i can't see MPLS label in traceroute result from CE to CE. However i'm able to see MPLS label when i do traceroute from PE to PE and from P to P. Could someone advise what is the possible issue with this? Below are traceroute results:

************ From CE to CE **************** NO Label found *****************

CE-R7#trac 20.20.20.1

Type escape sequence to abort.

Tracing the route to 20.20.20.1

1 172.16.1.1 84 msec 120 msec 24 msec

2 10.1.1.2 200 msec 236 msec 360 msec

3 10.1.3.3 176 msec 304 msec 208 msec

4 172.16.2.1 264 msec 192 msec 228 msec

5 172.16.2.2 232 msec * 224 msec

********** From PE to PE ************** Can see the label******************

PE-R1#trac 6.6.6.6

Type escape sequence to abort.

Tracing the route to 6.6.6.6

1 10.1.2.2 [MPLS: Label 23 Exp 0] 216 msec

10.1.1.2 [MPLS: Label 19 Exp 0] 140 msec

10.1.2.2 [MPLS: Label 23 Exp 0] 100 msec

2 10.1.3.3 [MPLS: Label 17 Exp 0] 144 msec

10.1.3.4 [MPLS: Label 23 Exp 0] 68 msec

10.1.3.3 [MPLS: Label 17 Exp 0] 320 msec

3 10.1.5.2 120 msec

10.1.4.2 160 msec *

Appeciate for any reply.

Vannara,

John Blakley · ‎01-11-2013

If you have "no mpls ip propagate-ttl" your traceroutes will not show the label on the ce routers. Is this enabled?

Sent from Cisco Technical Support iPhone App

HTH, John *** Please rate all useful posts ***

Vannara Vuth · ‎01-13-2013

Hi John, Thanks for your reply.

This command hasn't been enabled on all PE & P routers. However, as mentioned in my prevoius message, i'm able to see MPLS label in my traceroute from PE to PE but not from CE to CE. Is there any further suggestion/recommendation?

Vannara

adnane dakna · ‎01-14-2013

Hello ,

I think , you're seeing normal behavior of MPLS Network , the label will be pop at PE edge : because packet at CE is IP packet not labeled packet : when LSR receive labeled packet it strip off label and send it as IP packet to CE router.

Vannara Vuth · ‎01-14-2013

Hi Adnane, I think so, however based on the lab (link below) from which i've practiced, i can see their traceroute result from CE to CE having MPLS label. Not sure why it does.

http://packetlife.net/blog/2011/may/16/creating-mpls-vpn/

CE1A# traceroute 172.16.0.2

Type escape sequence to abort.
Tracing the route to 172.16.0.2

1 10.0.1.1 4 msec 4 msec 8 msec
  2 10.0.9.5 [MPLS: Labels 19/22 Exp 0] 16 msec 12 msec 24 msec
  3 10.0.9.2 [MPLS: Labels 19/22 Exp 0] 24 msec 20 msec 16 msec
  4 10.0.2.1 [MPLS: Label 22 Exp 0] 20 msec 16 msec 24 msec
  5 10.0.2.2 16 msec *  36 msec

Thanks all for your reply.

John Blakley · ‎01-14-2013

Technically, you only need it enabled on the PEs to hide the labels from the CEs end-to-end...

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

Vannara Vuth · ‎01-15-2013

John, I wish MPLS label also displayed from CE to CE traceroute. Any idea how to make it?

B Regards,

Vannara

John Blakley · ‎01-15-2013

Can you post your config of the PEs and a diagram? Also, this depends on what IOS you're using. I remember when I was labbing this up, I couldn't get the labels to go away until I updated the IOS. So you could have the opposite problem. If I have the same IOS version that you have, I could lab it up and see what I come up with...

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

Vannara Vuth · ‎01-15-2013

Hi John, here is IOS version i'm using,

P-R2#show version

Cisco IOS Software, 3700 Software (C3725-ADVENTERPRISEK9-M), Version 12.4(12), RELEASE SOFTWARE (fc1)

******* PE1******************

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname PE-R1

!

boot-start-marker

boot-end-marker

!

no aaa new-model

memory-size iomem 5

ip cef

!

ip vrf Customer_A

rd 120:120

route-target export 20:20

route-target import 30:30

!

no ip domain lookup

ip domain name lab.local

!

!!

!

interface Loopback0

ip address 1.1.1.1 255.255.255.255

!

interface FastEthernet0/0

ip address 10.1.1.1 255.255.255.252

duplex auto

speed auto

mpls ip

!

interface FastEthernet0/1

ip address 10.1.2.1 255.255.255.252

duplex auto

speed auto

mpls ip

!

interface FastEthernet1/0

ip vrf forwarding Customer_A

ip address 172.16.1.1 255.255.255.252

ip ospf 2 area 0

duplex auto

speed auto

!

router ospf 2 vrf Customer_A

router-id 172.16.1.1

log-adjacency-changes

redistribute bgp 6500 subnets

!

router ospf 1

log-adjacency-changes

redistribute connected metric-type 1 subnets

redistribute static

passive-interface default

no passive-interface FastEthernet0/0

no passive-interface FastEthernet0/1

network 10.1.1.1 0.0.0.0 area 0

network 10.1.2.1 0.0.0.0 area 0

!

router bgp 6500

no synchronization

bgp log-neighbor-changes

neighbor 6.6.6.6 remote-as 6500

neighbor 6.6.6.6 update-source Loopback0

no auto-summary

!

address-family vpnv4

neighbor 6.6.6.6 activate

neighbor 6.6.6.6 send-community extended

exit-address-family

!

address-family ipv4 vrf Customer_A

redistribute connected metric 1

redistribute ospf 2 vrf Customer_A

no synchronization

exit-address-family

!

no ip http server

no ip http secure-server

!

control-plane

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

login

!

end

************* CE1 *******************

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname CE-R7

!

boot-start-marker

boot-end-marker

!

no aaa new-model

memory-size iomem 5

ip cef

!

no ip domain lookup

ip domain name lab.local

!

interface Loopback0

ip address 192.168.1.1 255.255.255.255

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet1/0

ip address 172.16.1.2 255.255.255.252

duplex auto

speed auto

!

router ospf 1

log-adjacency-changes

redistribute connected metric-type 1 subnets

passive-interface default

no passive-interface FastEthernet1/0

no passive-interface Loopback0

network 172.16.1.2 0.0.0.0 area 0

network 192.168.1.1 0.0.0.0 area 0

!

no ip http server

no ip http secure-server

!

control-plane

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

login

!

end

***************** PE2 ************************************

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname PE-R6

!

boot-start-marker

boot-end-marker

!

no aaa new-model

memory-size iomem 5

ip cef

!

ip vrf Customer_A

rd 120:120

route-target export 30:30

route-target import 20:20

!

no ip domain lookup

ip domain name lab.local

!

interface Loopback0

ip address 6.6.6.6 255.255.255.255

!

interface FastEthernet0/0

ip address 10.1.4.2 255.255.255.252

duplex auto

speed auto

mpls ip

!

interface FastEthernet0/1

ip address 10.1.5.2 255.255.255.252

duplex auto

speed auto

mpls ip

!

interface FastEthernet1/0

ip vrf forwarding Customer_A

ip address 172.16.2.1 255.255.255.252

ip ospf 2 area 0

duplex auto

speed auto

!

router ospf 2 vrf Customer_A

router-id 172.16.2.1

log-adjacency-changes

redistribute bgp 6500 subnets

!

router ospf 1

log-adjacency-changes

redistribute connected metric-type 1 subnets

redistribute static

passive-interface default

no passive-interface FastEthernet0/0

no passive-interface FastEthernet0/1

network 10.1.4.2 0.0.0.0 area 0

network 10.1.5.2 0.0.0.0 area 0

!

router bgp 6500

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.1 remote-as 6500

neighbor 1.1.1.1 update-source Loopback0

no auto-summary

!

address-family vpnv4

neighbor 1.1.1.1 activate

neighbor 1.1.1.1 send-community extended

exit-address-family

!

address-family ipv4 vrf Customer_A

redistribute connected metric 1

redistribute ospf 2 vrf Customer_A

no synchronization

exit-address-family

!

no ip http server

no ip http secure-server

!

control-plane

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

login

!

end

******************CE2 *********************

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname CE2-R8

!

boot-start-marker

boot-end-marker

!

no aaa new-model

memory-size iomem 5

ip cef

!

no ip domain lookup

ip domain name lab.local

!

interface Loopback0

ip address 20.20.20.1 255.255.255.255

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet1/0

ip address 172.16.2.2 255.255.255.252

duplex auto

speed auto

!

router ospf 1

log-adjacency-changes

redistribute connected metric-type 1 subnets

passive-interface default

no passive-interface FastEthernet1/0

no passive-interface Loopback0

network 20.20.20.1 0.0.0.0 area 0

network 172.16.2.2 0.0.0.0 area 0

!

no ip http server

no ip http secure-server

!

control-plane

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

login

!

end

Vannara Vuth · ‎01-15-2013

Xei Yao, according to document and if i'm not confused, it is not recommended to enable MPLS interface toward customer's equipments. MPLS are only to ne enabled on interface pointing to core network. That is why didn't do that.

John Blakley · ‎01-15-2013

It very well could be a bug...I have 12.4(15)T14 and it seems to work fine:

R1#traceroute 172.45.0.5

Type escape sequence to abort.

Tracing the route to 172.45.0.5

1 172.12.0.2 32 msec 16 msec 4 msec

2 10.23.0.3 [MPLS: Labels 16/20 Exp 0] 64 msec 60 msec 68 msec

3 172.45.0.4 80 msec 60 msec 56 msec

4 172.45.0.5 92 msec * 84 msec

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

Vannara Vuth · ‎01-16-2013

Hi John/All,

Thanks for all your advice. Finally i'm able to see MPLS label after upgradeing IOS in CE routers.

Version 12.4(24)T, RELEASE SOFTWARE (fc1)

CE1#trac 172.16.1.1

Type escape sequence to abort.

Tracing the route to 172.16.1.1

1 10.1.1.2 92 msec 132 msec 28 msec

2 60.1.1.2 [MPLS: Labels 18/24 Exp 0] 108 msec 96 msec 152 msec

3 20.1.1.2 [MPLS: Label 24 Exp 0] 136 msec 112 msec *

4 20.1.1.1 140 msec * 280 msec

Again, appreciated all your support.

XIE YAO · ‎01-15-2013

I am not sure whether this is a IOS bug or not, but I do remember that if you enable mpls under the interface of CE router, you should be able to see the label, try that.

HTH

Yao Xie

a-gould · ‎03-30-2023

yes, this is true, i was unable to see mpls labels in the cli traceroute output* on the CE, but I can now with enabling "mpls ip" on an interface of that CE router. I recall learning this a year ago, and had to learn it all over again today! interestingly, you don't even have to do it on the WAN interface where the traceroute replies enter, you can even use the LAN interface if you wish. i guess a bug, look others have said.

using IOS in EVE-NG for a 3735 node...

R1#traceroute 10.10.12.2 probe 1 numeric

Type escape sequence to abort.
Tracing the route to 10.10.12.2

1 10.10.1.1 24 msec
2 10.10.10.1 112 msec
3 10.10.10.6 92 msec
4 10.10.10.10 60 msec
5 10.10.11.2 92 msec
6 10.10.12.2 80 msec
R1#
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#int f0/0
R1(config-if)#mpls ip
R1(config-if)#^Z
R1#
R1#traceroute 10.10.12.2 probe 1 numeric

Type escape sequence to abort.
Tracing the route to 10.10.12.2

1 10.10.1.1 16 msec
2 10.10.10.1 [MPLS: Label 23 Exp 0] 68 msec
3 10.10.10.6 [MPLS: Label 23 Exp 0] 72 msec
4 10.10.10.10 [MPLS: Label 20 Exp 0] 52 msec
5 10.10.11.2 48 msec
6 10.10.12.2 72 msec
R1#
R1#sh ver | in IOS
Cisco IOS Software, 3700 Software (C3725-ADVENTERPRISEK9-M), Version 12.4(9)T7, RELEASE SOFTWARE (fc3)
R1#

also, i think this is based on RFC 4884 and/or 4950, ICMP Multi-Part Extensions

Harold Ritter · ‎03-30-2023

Hi @a-gould ,

It appears that the traceroute would not display the labels unless the local mpls component was enabled (i.e. "mpls ip" on any interface). This is not a restriction anymore with more recent ios versions.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México