cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
682
Views
5
Helpful
3
Replies

Traceroute behavior within MPLS Domain

wood20011
Level 1
Level 1

Hi

 

From the LAN side of my CE (Customer Edge) router, I am able to ping and traceroute across my MPLS network to the other CE router on the LAN side.

 

My VRF (METERING) is supposed to traverse an MPLS-TE tunnel (unidirectional) to the P router. As this is unidirectional, I have also established a MPLS-TE tunnel in the opposite direction from the P router back towards my PE router.

 

My question is:- when I perform a traceroute, I see all the intermediate hops from the LAN side of the CE to far end of the other CE (LAN side).

The fact that I am traversing the MPLS-TE tunnel and the MPLS network, shouldn't the intermediate hops (MPLS routers) be transparent to the customer's traceroute ?

Similar to the traceroute results when implementing DMVPN IPSEC.

 

The following is an extract of my PE router:-

NB:- ip cef distributed has been enabled.

 

CISCO_MPLS_RTR#show run
Building configuration...

!
Current configuration : 4248 bytes
!
!
version 15.5
service timestamps debug datetime msec
service timestamps log datetime msec
no platform punt-keepalive disable-kernel-core
!
hostname CISCO_MPLS_RTR
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
!
no aaa new-model
!
ip vrf METERING
description VRF_METERING
rd 24316:6100
route-target export 24316:6001
route-target import 24316:6001
bgp next-hop Loopback0 -------------------map vrf METERING to loopback 0
!
subscriber templating
mpls label protocol ldp
mpls traffic-eng tunnels
multilink bundle-name authenticated
!
!
!
!
license udi pid ISR4351/K9 sn FDO22302P0W
license boot level appxk9
!
spanning-tree extend system-id
!
!
redundancy
mode none
!
!
vlan internal allocation policy ascending
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ip router isis 1
!
interface Tunnel1
ip unnumbered Loopback0
mpls ip
mpls label protocol ldp
mpls traffic-eng tunnels
tunnel mode mpls traffic-eng
tunnel destination 10.64.X.XX -------------------------------to P router 1
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng forwarding-adjacency
tunnel mpls traffic-eng priority 7 7
tunnel mpls traffic-eng bandwidth 100
tunnel mpls traffic-eng path-option 1 dynamic
tunnel mpls traffic-eng record-route
isis metric 10
!
interface Tunnel2
ip unnumbered Loopback0
mpls ip
mpls label protocol ldp
mpls traffic-eng tunnels
tunnel mode mpls traffic-eng
tunnel destination 10.64.X.XXX---------------------------to P router 2
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng forwarding-adjacency
tunnel mpls traffic-eng priority 7 7
tunnel mpls traffic-eng bandwidth 100
tunnel mpls traffic-eng path-option 1 dynamic
tunnel mpls traffic-eng record-route
isis metric 10
!
interface GigabitEthernet0/0/0
ip address 192.168.243.1 255.255.255.252----------------to next PE router within MPLS domain
ip router isis 1
ip policy route-map TEST
media-type rj45
negotiation auto
mpls ip
mpls label protocol ldp
mpls traffic-eng tunnels
ip rsvp bandwidth
!
!
interface GigabitEthernet0/0/2
no ip address
negotiation auto
!
interface GigabitEthernet0/0/2.5-------------------------to CE router (Cisco CGS2520)
encapsulation dot1Q 50
ip vrf forwarding METERING
ip address 172.172.10.1 255.255.255.252
!
interface Vlan1
no ip address
shutdown
!
router isis 1
net 49.0007.0100.6400.9999.00
metric-style wide
log-adjacency-changes
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2
!
!
router bgp 24316
bgp router-id 1.1.1.1
bgp log-neighbor-changes
neighbor 10.64.X.XX remote-as 24316--------------------to PE router 1
neighbor 10.64.X.XX update-source Loopback0
neighbor 10.64.X.XXX remote-as 24316------------------to PE router 2
neighbor 10.64.X.XXX update-source Loopback0
!
address-family ipv4
neighbor 10.64.X.XX activate
neighbor 10.64.X.XXX activate
exit-address-family
!
address-family vpnv4
neighbor 10.64.X.XX activate
neighbor 10.64.X.XX send-community extended
neighbor 10.64.X.XXX activate
neighbor 10.64.X.XXX send-community extended
exit-address-family
!
address-family ipv4 vrf METERING
neighbor 172.172.10.2 remote-as 1234 ----------------to CE router using BGP
neighbor 172.172.10.2 activate
neighbor 172.172.10.2 default-originate
exit-address-family
!
ip forward-protocol nd
no ip http server
no ip http secure-server
ip tftp source-interface GigabitEthernet0
ip route 1.1.1.1 255.255.255.255 Tunnel1--------------------map loopback 0 to tunnel 1
!
!
access-list 1 permit 172.172.10.0 0.0.0.255----------tried this command as above config would not work.
!
route-map TEST permit 10
match ip address 1
set interface Tunnel1
!
!
!
control-plane
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
!
end

 

Regards 

 

Michael

1 Accepted Solution

Accepted Solutions

Hi Julian

 

I tried the command "no mpls ip propagate-ttl" and it worked as descibed.

No more intermediary steps.

 

Thankyou for your assistance.

 

Regards

 

Michael

View solution in original post

3 Replies 3

julian.bendix
Level 3
Level 3

Hi!

The fact that you (or the Customer) are seeing the Routers within the MPLS cloud is actually the default behavior.

So until now everything seems working as designed.

I think what you want to do is exactly this:
https://www.cisco.com/c/en/us/support/docs/multiprotocol-label-switching-mpls/mpls/26585-mpls-traceroute.html#no_mpls

By adding the "#no mpls ip propagate-ttl" command you would suppress the MPLS Routers from the Traceroutes comming from outside of the MPLS Cloud.

Take the time to read through the section describing this command in the linke above :)

Is that solving your case?

Best regards
Julian

Hi Julian

 

I tried the command "no mpls ip propagate-ttl" and it worked as descibed.

No more intermediary steps.

 

Thankyou for your assistance.

 

Regards

 

Michael

Hi!

Glad to hear! :)

Best regards
Julian

 

P.S. please always mark helpful replies or other replies from other users as solution if applicable

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: