cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5821
Views
0
Helpful
68
Replies

Stuck on this network

Steven Williams
Level 4
Level 4

                   Capture223.PNG

Routers 1 - 8 are running IS-IS and they are tag-switching. I can reach all routers loopbacks within the core network.

Now I am peering eBGP with R4 and R7 and I have R4 and R7 peering iBGP. Now from R4 and R7 I can see routes from end to end, but R12 and R9 cannot see each others routes/networks.

I need to redistribute these from R4 and R7 so that R9 and R12 can see them....How can I do this without those routers seeing all the subnets and routes in the core of the network?

68 Replies 68

R9#wr
Building configuration...
[OK]
R9#show ip bgp 192.168.12.0 255.255.255.0
BGP routing table entry for 192.168.12.0/24, version 12
Paths: (1 available, best #1, table Default-IP-Routing-Table)
  Not advertised to any peer
  65000 64712
    172.16.9.2 from 172.16.9.2 (10.10.10.4)
      Origin incomplete, localpref 100, valid, external, best
R9#show ip route 192.168.12.0
Routing entry for 192.168.12.0/24
  Known via "bgp 64709", distance 20, metric 0
  Tag 65000, type external
  Last update from 172.16.9.2 00:11:45 ago
  Routing Descriptor Blocks:
  * 172.16.9.2, from 172.16.9.2, 00:11:45 ago
      Route metric is 0, traffic share count is 1
      AS Hops 2
      Route tag 65000

R9#

Steven

Check the IP routing table on R12 and pick a network advertised from R9. Then from R9 ping 192.168.12.1 with the source IP from the network R12 has an entry for in it's routing table.

Jon

Jon Marshall
Hall of Fame
Hall of Fame

Steven

Apologies but i should have said you need to redistribute BGP into IS-IS but not the other way round. This is because the intermediate routers between R4 and R7 need to know about the networks on R9 and R12.

The alternative is to run a full IBGP mesh between every router within your AS or use route reflectors.

Once again sorry i made the same stupid mistake in another thread recently.

Edit - by redistributing BGP into IS-IS you could actually leave synchronization on but you would still have needed to fix the next-hop self issue.

Jon

Ok so my logical thinking of having to redistro BGP into ISIS was correct. I wonder if ISPs are running full BGP mesh in the mpls cloud...

Steven

Yes, my mistake.

In terms of MPLS it works slightly differently. So with your setup the external routes eg. 192.168.12.0/24 have to redistributed into the IGP. Then when R4 receives a packet for 192.168.12.x it looks up the next hop and sees it is R7 and to go get to R7 it needs to send the packet to R1.

R1 on receiving the packet does a route lookup for 192.168.12.x and sends it to R3 (probably ie. it could via the R2 to R3 link depending on metrics etc). and so on. So each internal router does a route lookup on the destination IP.

MPLS does not work like this. The PE devices (R4/R7) exchange routing information for external networks, VPN information etc using IBGP or more specifically MP-IBGP. An IGP is run within the MPLS network so that all PE devices and P devices (eg. R11/2/3) can exchange routes and together with label exchanges an MPLS forwarding table is built on each device.

Note that the EBGP learnt routes on the PE devices are not redistributed into the IGP.

So each PE device in terms of finding the next hop for a destination IP external to the MPLS network uses the same procedure as with R4/R7 as in your setup. The PE device then looks in it's MPLS forwarding table to see how to get the egress PE device and sees it needs to send it to the next hop P device (P devices in your network would be R1/R2/R3).

It then adds an MPLS label to the header of the packet and sends it to the first P device. This P devices simply extracts the label, sees the incoming label value, looks in it's MPLS forwarding table and finds an entry that says a label received on this interface with this value should be sent out of the interface connected to the next P device with a specific value. So it simply adds a new label with the new value and sends it on to the next P device etc.

At no point does any P device actually do a route lookup for the destination IP. In fact they don't even look into the IP header for that information, they simply use labels. So that is why you do not need to redistribute PE EBGP learned routes into the IGP.

The above is a brief description as to how MPLS works. Obviously it hasn't really covered VPNs, how the MPLS forwarding table is built, certain features such as PHP (Penultimate Hop Popping) etc.

I didn't want to confuse the main point but if you need clarification please ask.

Jon

So how do I know if I am running MPLS in my core correctly? You mentioned a MPLS routing table? How do I see that?

Steven

So how do I know if I am running MPLS in my core correctly?

If you are running MPLS in your setup then you do not redistribute the EBGP routes into your IGP. So assuming you don't redistribute and you cannot ping from an external network on one side to an external network on the other side using the correct IP as a source IP then your MPLS setup is not working properly.

The command should be "sh mpls forwarding-table"

Depending on IOS version the actual command used to enable MPLS may be slightly different.

Edit - i missed the bit about tag switching your initial post so you are running MPLS.

Jon

I am trying to learn more about MPLS and how it works, so I went through this:

http://www.cisco.com/en/US/tech/tk436/tk428/technologies_configuration_example09186a0080093fcc.shtml

So it had me doing "tag-switcing ip" commands...I am not really sure what I have going on.

Steven

No problem. I am probably not helping as i missed the point about MPLS in your initial post so i have confused the issue.

Not one of my better posts.

So to recap. You do not need any redistribution either way if this is MPLS.

From that document you linked to it looks like you are using an older IOS (or document) as the commands have changed now ie. where you have "sh tag-switching forwarding table", most modern IOS versions use "sh mpls forwarding table". Some IOS versions allow you to use either.

Bear in mind you can use any IGP you are familiar with.

So have you run the commands in the verify section to of your link on all routers to see what is happening ?

Jon

I was just looking to get up an MPLS network in GNS3 fast to work on PE-CE peering, but I got pretty deep into ISIS and was enjoying it so I kept going. I am seeing reference to MPLS for commands like vpnv4 and looks a lot more VRF's involved. But no worries to you, your posts have had some good stuff that I wouldnt have known...like the next-hop-self command, I never really knew what that was for.

R1#show mpls forwarding-table

Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop   

tag    tag or VC   or Tunnel Id      switched   interface             

16     Untagged    10.10.10.4/32     195        Se0/0      point2point 

17     Untagged    10.10.10.5/32     0          Se0/3      point2point 

18     Pop tag     10.10.10.2/32     304        Se0/2      point2point 

19     Pop tag     10.1.1.28/30      0          Se0/2      point2point 

20     Pop tag     10.10.10.3/32     194        Se0/1      point2point 

21     16          10.10.10.6/32     0          Se0/1      point2point 

22     17          10.10.10.7/32     0          Se0/1      point2point 

23     Pop tag     10.1.1.20/30      0          Se0/1      point2point 

24     Pop tag     10.1.1.24/30      0          Se0/1      point2point 

25     Pop tag     10.1.1.8/30       0          Se0/1      point2point 

26     22          10.10.10.8/32     0          Se0/2      point2point 

R1#

R7#show mpls forwarding-table

Tag switching is not operational.

CEF or tag switching has not been enabled.

Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop   

tag    tag or VC   or Tunnel Id      switched   interface             

R7#

R1#show mpls forwarding-table
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop   
tag    tag or VC   or Tunnel Id      switched   interface             
16     Untagged    10.10.10.4/32     195        Se0/0      point2point 
17     Untagged    10.10.10.5/32     0          Se0/3      point2point 
18     Pop tag     10.10.10.2/32     304        Se0/2      point2point 
19     Pop tag     10.1.1.28/30      0          Se0/2      point2point 
20     Pop tag     10.10.10.3/32     194        Se0/1      point2point 
21     16          10.10.10.6/32     0          Se0/1      point2point 
22     17          10.10.10.7/32     0          Se0/1      point2point 
23     Pop tag     10.1.1.20/30      0          Se0/1      point2point 
24     Pop tag     10.1.1.24/30      0          Se0/1      point2point 
25     Pop tag     10.1.1.8/30       0          Se0/1      point2point 
26     22          10.10.10.8/32     0          Se0/2      point2point 
R1#

Doesnt look R7 (PE) has anything??

R7#show mpls forwarding-table

Tag switching is not operational.

CEF or tag switching has not been enabled.

Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop   

tag    tag or VC   or Tunnel Id      switched   interface             

R7#

Steven

You need to run this command on all MPLS routers and if it is not enabled then make sure it is.

Without all PE/P devices having forwarding tables end to end connectivity won't work.

Jon

Ok it was the "ip cef" was not configured on some other routers. But even now I do not see any info on the external 192.168. networks in this table? Also what does "Untagged" mean?

Steven

Untagged simply means the packet will not have a tag/label.

I thought you were seeing the routes on R4 and R7. If you mean you are not seeing them on the P devices (R1/R2/R3) then you shouldn't be because you are not redistributing from BGP and the P devices only need labels to forward the traffic.

But all MPLS routers ie. PE and P devices need MPLS forwarding tables.

So can you confirm where you are not seeing the external routes ?

Jon

Correct, I see the table in all P and PE routers, but PE's do not reflect 192.168.x.x addresses. No redistribution has been done since I do not want to do it that way.

R7#show mpls forwarding-table

Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop   

tag    tag or VC   or Tunnel Id      switched   interface             

16     Untagged    10.10.10.8/32     0          Se1/0      point2point 

17     Untagged    10.1.1.8/30       0          Se1/0      point2point 

18     Untagged    10.1.1.12/30      0          Se1/0      point2point 

19     Untagged    10.10.10.2/32     0          Se1/0      point2point 

20     Untagged    10.10.10.3/32     0          Se1/0      point2point 

21     Untagged    10.1.1.0/30       0          Se1/0      point2point 

22     Untagged    10.10.10.1/32     0          Se1/0      point2point 

23     Untagged    10.10.10.6/32     0          Se1/0      point2point 

24     Untagged    10.10.10.4/32     0          Se1/0      point2point 

25     Untagged    10.1.1.4/30       0          Se1/0      point2point 

26     Untagged    10.10.10.5/32     0          Se1/0      point2point 

27     Untagged    10.1.1.28/30      0          Se1/0      point2point 

28     Untagged    10.1.1.16/30      0          Se1/0      point2point 

29     Untagged    10.1.1.20/30      0          Se1/0      point2point