Re: Not able to classify traffic on output to MPLS

Leo Gal · ‎07-30-2010

Have a scenario with hairpin between two VRFs on PE router

Sending traffic to PE from MPLS network via one vrf and sending it back via second vrf.

Everything works, traffic flows. (Theres no CE in this moment, or I do not need it now)

I am not able to classify traffic based on DSCP, IP addressess, anything on OUTPUT back to MPLS.

Basically what I would need, I would need to set COS on output back to MPLS so I could test

the providers line, whether it transports all cos numbers.

Could anyone give me any hint?

Thaaaaaank you :-)

Leo

Giuseppe Larosa · ‎07-30-2010

Hello Leo,

are you doing true L3 VPN MPLS? or VRF lite?

if you are doing L3 VPN MPLS the outgoing packets are encapsulated within MPLS frames so you should classify traffic based on EXP bits of MPLS header not on inner fields of payload.

match mpls exp instead of match ip precedence in class maps definition

Be aware that by default EXP bits contain a copy of IP Prec bits of transported IPv4 packet.

What device are you using as PE router ? What IOS image is running on it?

Hope to help

Giuseppe

Leo Gal · ‎07-30-2010

This is true MPLS L3 VPN

PE router is ASR 1006

well, with those EXP bits...

the traffic comes from MPLS core network into lets say vrf PGUP

than it goes via gre tunnel (hairpin) into another vrf PGDN

so it comes to vrf PGDN as if it came from a regular CE...if I understand it correctly.

and it goes back somewhere into MPLS network and I need to set cos on it.

but since it came from gre tunnel it doesnt have any labels on it and I cant match on EXP bits.

AND...match access-group, or match dscp doesnt work...

think it might work somehow?

Leo

PS: and thanks for replying of course

Giuseppe Larosa · ‎07-30-2010

Hello Leo,

please provide a network diagram your setup is quite complex

Hope to help

Giuseppe