05-28-2012 09:52 AM - edited 03-04-2019 04:29 PM
I have a new MPLS connection and the setup is completed. I am able to ping from CORE_Router to CORE_ROUTER_QAT, however I am not able to ping LAN on both the sides. Below is the layout.
CORE_ROUTER carries the following configuration :
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CORE_Router
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
!
!
!
!
no ip domain lookup
ip name-server 84.235.x.x
ip name-server 84.235.x.x
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-144954112
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-144954112
revocation-check none
rsakeypair TP-self-signed-144954112
!
!
crypto pki certificate chain TP-self-signed-144954112
certificate self-signed 01
xxxxx
quit
license udi pid CISCO2911/K9 sn FCZ154670GK
!
!
!
!
!
!
!
!
interface Loopback0
ip address 20.20.20.20 255.255.255.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/0.2400
description $STC_DIA6$
encapsulation dot1Q 2400
ip address 84.235.x.x 255.255.255.252
ip nat outside
ip virtual-reassembly in
!
interface GigabitEthernet0/1
description $VPN_LAN$
ip address 128.1.0.100 255.255.255.248
duplex auto
speed auto
!
interface GigabitEthernet0/2
description $WAN_LAN$
ip address 84.235.x.x 255.255.255.240
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface FastEthernet0/0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0/0.446
description $STC_MPLS$
encapsulation dot1Q 446
ip address 172.31.83.114 255.255.255.252
!
router bgp 100
bgp log-neighbor-changes
network 128.1.0.0 mask 255.255.248.0
network 172.18.0.0
network 172.19.0.0
neighbor 172.31.53.169 remote-as 65272
neighbor 172.31.92.42 remote-as 65272
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip route 0.0.0.0 0.0.0.0 84.235.x.x
ip route 128.1.0.0 255.255.248.0 GigabitEthernet0/1
ip route 172.17.0.0 255.255.0.0 172.31.92.41
ip route 172.18.0.0 255.255.0.0 GigabitEthernet0/1
ip route 172.19.0.0 255.255.0.0 GigabitEthernet0/1
ip route 172.31.53.168 255.255.255.252 172.31.83.113
ip route 172.31.92.40 255.255.255.252 172.31.83.113
!
!
!
!
control-plane
!
!
!
line con 0
logging synchronous
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
end
This router also carries a WAN connection along with the MPLS.
The route table for CORE_ROUTER:
Gateway of last resort is 84.235.x.x to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 84.235.x.x
20.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 20.20.20.0/24 is directly connected, Loopback0
L 20.20.20.20/32 is directly connected, Loopback0
84.0.0.0/8 is variably subnetted, 4 subnets, 3 masks
C 84.235.x.x/28 is directly connected, GigabitEthernet0/2
L 84.235.x.x/32 is directly connected, GigabitEthernet0/2
C 84.235.x.x/30 is directly connected, GigabitEthernet0/0.2400
L 84.235.x.x/32 is directly connected, GigabitEthernet0/0.2400
128.1.0.0/16 is variably subnetted, 3 subnets, 3 masks
S 128.1.0.0/21 is directly connected, GigabitEthernet0/1
C 128.1.0.96/29 is directly connected, GigabitEthernet0/1
L 128.1.0.100/32 is directly connected, GigabitEthernet0/1
S 172.17.0.0/16 [1/0] via 172.31.92.41
S 172.18.0.0/16 is directly connected, GigabitEthernet0/1
S 172.19.0.0/16 is directly connected, GigabitEthernet0/1
172.31.0.0/16 is variably subnetted, 4 subnets, 2 masks
S 172.31.53.168/30 [1/0] via 172.31.83.113
C 172.31.83.112/30 is directly connected, FastEthernet0/0/0.446
L 172.31.83.114/32 is directly connected, FastEthernet0/0/0.446
S 172.31.92.40/30 [1/0] via 172.31.83.113
The BGP information on the same router:
CORE_Router#sh ip bgp
BGP table version is 4, local router ID is 20.20.20.20
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x best-external, f RT-Filter
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 128.1.0.0/21 0.0.0.0 0 32768 i
*> 172.18.0.0 0.0.0.0 0 32768 i
*> 172.19.0.0 0.0.0.0 0 32768 i
on the CORE_ROUTER_QAT I have done the following configuration:
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CORE_ROUTER_QAT
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
enable secret 5 xxx
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
!
!
!
!
no ip domain lookup
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-437488504
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-437488504
revocation-check none
rsakeypair TP-self-signed-437488504
!
!
crypto pki certificate chain TP-self-signed-437488504
certificate self-signed 01
xxx
quit
license udi pid CISCO2911/K9 sn FCZ161370A1
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
ip address 172.31.92.42 255.255.255.252
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/1.2
description $VPN_LAN$
encapsulation dot1Q 2
ip address 172.17.0.250 255.255.255.0
!
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
!
router bgp 200
bgp log-neighbor-changes
network 172.17.0.0
neighbor 172.31.53.169 remote-as 65272
neighbor 172.31.83.113 remote-as 65272
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip route 0.0.0.0 0.0.0.0 172.31.92.41
ip route 172.17.0.0 255.255.0.0 GigabitEthernet0/1.2
ip route 172.19.0.0 255.255.0.0 172.31.83.113
!
!
!
!
control-plane
!
!
!
line con 0
logging synchronous
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
end
The route table and bgp information:
CORE_ROUTER_QAT#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 172.31.92.41 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 172.31.92.41
172.17.0.0/16 is variably subnetted, 3 subnets, 3 masks
S 172.17.0.0/16 is directly connected, GigabitEthernet0/1.2
C 172.17.0.0/24 is directly connected, GigabitEthernet0/1.2
L 172.17.0.250/32 is directly connected, GigabitEthernet0/1.2
172.31.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.31.92.40/30 is directly connected, GigabitEthernet0/0
L 172.31.92.42/32 is directly connected, GigabitEthernet0/0
CORE_ROUTER_QAT#sh ip bgp
BGP table version is 2, local router ID is 172.31.92.42
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x best-external, f RT-Filter
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 172.17.0.0 0.0.0.0 0 32768 i
Now the problems I am facing are like this
On CORE_ROUTER:
CORE_Router#ping 172.17.0.250
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.17.0.250, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
CORE_Router#traceroute 172.17.0.250
Type escape sequence to abort.
Tracing the route to 172.17.0.250
VRF info: (vrf in name/id, vrf out name/id)
1 172.31.83.113 0 msec 0 msec 0 msec
2 172.31.83.113 !H * !H
CORE_Router#ping 172.31.92.42
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.92.42, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
on CORE_ROUTER_QAT:
CORE_ROUTER_QAT#ping 128.1.0.100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 128.1.0.100, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
CORE_ROUTER_QAT#traceroute 128.1.0.100
Type escape sequence to abort.
Tracing the route to 128.1.0.100
VRF info: (vrf in name/id, vrf out name/id)
1 172.31.92.41 4 msec 4 msec 0 msec
2 172.31.92.41 !H * !H
CORE_ROUTER_QAT#ping 172.31.83.114
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.114, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
Other than this I also face an Issue with CORE_ROUTER_QAT communicating with its local VLANS (I guess it might be due to the Alcatel at that site):
CORE_ROUTER_QAT#ping 172.17.0.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.17.0.254, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
CORE_ROUTER_QAT#traceroute 172.17.0.254
Type escape sequence to abort.
Tracing the route to 172.17.0.254
VRF info: (vrf in name/id, vrf out name/id)
1 172.17.0.254 4 msec 0 msec 4 msec
CORE_ROUTER_QAT#ping 172.17.6.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.17.6.10, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_ROUTER_QAT#traceroute 172.17.6.10
Type escape sequence to abort.
Tracing the route to 172.17.6.10
VRF info: (vrf in name/id, vrf out name/id)
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
I hope someone will be able to help me out with this issue.
05-28-2012 10:10 AM
Hello Jobin,
you are dealing with eBGP multihop sessions on the first router, by default eBGP sessions use TTL=1 and a command is needed to setup the eBGP session in this case
you can check that eBGP sessions are not established with
show ip bgp sum
router bgp 100
neighbor x.x.x.x ebgp-multihop 255
neighbor y.y.y.y ebgp-multihop 255
repeat show ip bgp sum after the state of the BGP sessions should change to established
You may need to do the same on the other site
Hope to help
Giuseppe
05-29-2012 10:26 PM
Have a few doubts regarding this. By using the multihop should I be doing like this
router bgp 100
neighbor 172.31.92.41 ebgp-multihop 255
neighbor 172.31.53.169 ebgp-multihop 255
on the first router and similarly on the second router, where these IP's are the MPLS IP's or should I be using the IP for the remote site network ?
05-30-2012 05:20 AM
Hello Jobin,
it is exactly what I was meaning the command is an additional command that refers to the eBGP neighbors locally defined on the box
the resulting configuration on first device will be:
router bgp 100
neighbor 172.31.53.169 remote-as 65272
neighbor 172.31.92.42 remote-as 65272
neighbor 172.31.92.42 ebgp-multihop 255
neighbor 172.31.53.169 ebgp-multihop 255
do in a similar way on the other site if needed
you can check the state of BGP sessions with
show ip bgp summary
Hope to help
Giuseppe
05-31-2012 10:07 AM
Hi Giuseppe,
Did lik you had suggested however there are no changes in the bgp summary table.
05-28-2012 07:57 PM
hi
1. simple way to do it is gre tunnel from core_router to core_router_qat
2. another way is ipsec tunnel from f0/0/0.446 core_router to g0/0 core_router_qat
3. bgp inside mpls cloud
4. there are of course many ather ways to do it
05-29-2012 10:49 PM
I would like to configure the best possible method, Wouldn't bgp inside mpls cloud be better ? Considering that other sites to be added along to this which would be better ?
05-29-2012 10:33 PM
A few change to teh initial layout that I failed to mention.
The core switches on both the sides do not carry any bgp protocol, shoudl these switches also be enabled with the bgp ?
on the CORE_ROUTER_QAT I have done the following configuration:
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CORE_ROUTER_QAT
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
enable secret 5 xxx
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
!
!
!
!
no ip domain lookup
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-437488504
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-437488504
revocation-check none
rsakeypair TP-self-signed-437488504
!
!
crypto pki certificate chain TP-self-signed-437488504
certificate self-signed 01
xxx
quit
license udi pid CISCO2911/K9 sn FCZ161370A1
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
ip address 172.31.92.42 255.255.255.252
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/1.2
description $VPN_LAN$
encapsulation dot1Q 2
ip address 172.17.0.250 255.255.255.0
!
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
!
router bgp 200
bgp log-neighbor-changes
network 172.17.0.0
neighbor 172.31.53.169 remote-as 65272
neighbor 172.31.83.113 remote-as 65272
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip route 0.0.0.0 0.0.0.0 172.31.92.41
ip route 172.17.0.0 255.255.0.0 GigabitEthernet0/1.2
ip route 172.19.0.0 255.255.0.0 172.31.83.113
!
!
!
!
control-plane
!
!
!
line con 0
logging synchronous
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
end
The route table and bgp information:
CORE_ROUTER_QAT#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 172.31.92.41 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 172.31.92.41
172.17.0.0/16 is variably subnetted, 3 subnets, 3 masks
S 172.17.0.0/16 is directly connected, GigabitEthernet0/1.2
C 172.17.0.0/24 is directly connected, GigabitEthernet0/1.2
L 172.17.0.250/32 is directly connected, GigabitEthernet0/1.2
172.31.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.31.92.40/30 is directly connected, GigabitEthernet0/0
L 172.31.92.42/32 is directly connected, GigabitEthernet0/0
Even though there is a route to 172.19.0.0 mentioned in the router, why such i snot being displayed in my routing table ?
05-31-2012 10:22 AM
After a few additions to configuration, ebg-multihop and gre tunnel, still there seems to be know reply from remote lan.
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CORE_Router
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
!
!
!
!
no ip domain lookup
ip name-server 84.235.x.x
ip name-server 84.235.x.x
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-144954112
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-144954112
revocation-check none
rsakeypair TP-self-signed-144954112
!
!
crypto pki certificate chain TP-self-signed-144954112
certificate self-signed 01
xxxxxx
quit
license udi pid CISCO2911/K9 sn FCZ154670GK
!
!
!
!
!
!
!
!
interface Loopback0
ip address 20.20.20.20 255.255.255.255
!
interface Tunnel12
ip address 192.168.1.1 255.255.255.0
tunnel source FastEthernet0/0/0.446
tunnel destination 172.31.92.41
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/0.2400
description $STC_DIA6$
encapsulation dot1Q 2400
ip address 84.235.x.x 255.255.255.252
ip nat outside
ip virtual-reassembly in
!
interface GigabitEthernet0/1
description $VPN_LAN$
ip address 128.1.0.100 255.255.255.248
duplex auto
speed auto
!
interface GigabitEthernet0/2
description $WAN_LAN$
ip address 84.235.x.x 255.255.255.240
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface FastEthernet0/0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0/0.446
description $STC_MPLS$
encapsulation dot1Q 446
ip address 172.31.83.114 255.255.255.252
!
router bgp 100
bgp log-neighbor-changes
network 128.1.0.0 mask 255.255.248.0
network 172.18.0.0
network 172.19.0.0
redistribute connected
neighbor 172.31.53.169 remote-as 65272
neighbor 172.31.53.169 ebgp-multihop 255
neighbor 172.31.92.41 remote-as 65272
neighbor 172.31.92.41 ebgp-multihop 255
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip route 0.0.0.0 0.0.0.0 84.235.x.x
ip route 128.1.0.0 255.255.248.0 GigabitEthernet0/1
ip route 172.18.0.0 255.255.0.0 GigabitEthernet0/1
ip route 172.19.0.0 255.255.0.0 GigabitEthernet0/1
ip route 172.31.53.168 255.255.255.252 172.31.83.113
ip route 172.31.92.40 255.255.255.252 172.31.83.113
!
!
!
!
control-plane
!
!
!
line con 0
logging synchronous
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
end
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CORE_ROUTER_QAT
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
!
!
!
!
no ip domain lookup
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-437488504
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-437488504
revocation-check none
rsakeypair TP-self-signed-437488504
!
!
crypto pki certificate chain TP-self-signed-437488504
certificate self-signed 01
xxxxxxxx
quit
license udi pid CISCO2911/K9 sn FCZ161370A1
!
!
!
!
!
!
!
!
interface Loopback0
ip address 20.20.20.21 255.255.255.255
!
interface Tunnel12
ip address 192.168.1.2 255.255.255.0
tunnel source GigabitEthernet0/0
tunnel destination 172.31.83.113
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description $STC_MPLS$
ip address 172.31.92.42 255.255.255.252
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/1.2
description $VPN_LAN$
encapsulation dot1Q 2
ip address 172.17.0.250 255.255.255.0
!
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
!
router bgp 200
bgp log-neighbor-changes
network 172.17.0.0
redistribute connected
neighbor 172.31.83.113 remote-as 65272
neighbor 172.31.83.113 ebgp-multihop 255
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip route 0.0.0.0 0.0.0.0 172.31.92.41
ip route 172.19.0.0 255.255.0.0 Tunnel12
!
!
!
!
control-plane
!
!
line con 0
logging synchronous
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
end
The tables display the following details now, though briefly it did show the bpg as active it continues to show as idle.
CORE_Router#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 84.235.x.x to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 84.235.x.x
20.0.0.0/32 is subnetted, 1 subnets
C 20.20.20.20 is directly connected, Loopback0
84.0.0.0/8 is variably subnetted, 4 subnets, 3 masks
C 84.235.x.x/28 is directly connected, GigabitEthernet0/2
L 84.235.x.x/32 is directly connected, GigabitEthernet0/2
C 84.235.x.x/30 is directly connected, GigabitEthernet0/0.2400
L 84.235.x.x/32 is directly connected, GigabitEthernet0/0.2400
128.1.0.0/16 is variably subnetted, 3 subnets, 3 masks
S 128.1.0.0/21 is directly connected, GigabitEthernet0/1
C 128.1.0.96/29 is directly connected, GigabitEthernet0/1
L 128.1.0.100/32 is directly connected, GigabitEthernet0/1
S 172.18.0.0/16 is directly connected, GigabitEthernet0/1
S 172.19.0.0/16 is directly connected, GigabitEthernet0/1
172.31.0.0/16 is variably subnetted, 4 subnets, 2 masks
S 172.31.53.168/30 [1/0] via 172.31.83.113
C 172.31.83.112/30 is directly connected, FastEthernet0/0/0.446
L 172.31.83.114/32 is directly connected, FastEthernet0/0/0.446
S 172.31.92.40/30 [1/0] via 172.31.83.113
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, Tunnel12
L 192.168.1.1/32 is directly connected, Tunnel12
CORE_Router#sh ip bgp sum
BGP router identifier 20.20.20.20, local AS number 100
BGP table version is 16, main routing table version 16
9 network entries using 1224 bytes of memory
9 path entries using 504 bytes of memory
2/2 BGP path/bestpath attribute entries using 256 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1984 total bytes of memory
BGP activity 9/0 prefixes, 9/0 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.31.53.169 4 65272 0 0 1 0 0 never Idle
172.31.92.41 4 65272 0 0 1 0 0 never Idle
CORE_ROUTER_QAT#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 172.31.92.41 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 172.31.92.41
20.0.0.0/32 is subnetted, 1 subnets
C 20.20.20.21 is directly connected, Loopback0
172.17.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.17.0.0/24 is directly connected, GigabitEthernet0/1.2
L 172.17.0.250/32 is directly connected, GigabitEthernet0/1.2
S 172.19.0.0/16 is directly connected, Tunnel12
172.31.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.31.92.40/30 is directly connected, GigabitEthernet0/0
L 172.31.92.42/32 is directly connected, GigabitEthernet0/0
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, Tunnel12
L 192.168.1.2/32 is directly connected, Tunnel12
CORE_ROUTER_QAT#sh ip bgp sum
BGP router identifier 20.20.20.21, local AS number 200
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.31.83.113 4 65272 0 0 1 0 0 never Idle
However, the tunnel interfaces in no way seems to communicate each other too, with no trace when using traceroute function
CORE_Router#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
CORE_Router#ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_ROUTER_QAT#ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
CORE_ROUTER_QAT#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
This has me all lost now, any suggestions ?
06-01-2012 05:47 AM
Hello Jobin,
looking again at your second network diagram I think I have found the root cause:
the expected eBGP configuration is that each CE node has an eBGP session with the locally connected PE node, you don't need to attempt to create BGP sessions with the CE or the PE at the remote site. This job is performed by SP network using their BGP signalling infrastructure.
L3 MPLS VPN uses a peer model for signaling that means that you just care of peering with local PE node in each site and SP does all the job for you.
So on router named core_router you need an eBGP session with local PE node
CORE_router:
router bgp 100
neighbor 172.31.83.113 remote-as 65272
and on the other CE node:
CORE_ROUTER_QAT
router bgp 100
neighbor 172.31.92.41 remote-as 65272
You can delete all the other BGP sessions as they are not needed and even not correct in theory for this service model.
Hope to help
Giuseppe
06-01-2012 09:48 AM
Hi Giuseppe, I did changes to the bgp configurtaion on both the routers. The sh ip bgp summary gave the following result
CORE_Router#sh ip bgp sum
BGP router identifier 20.20.20.20, local AS number 100
BGP table version is 139, main routing table version 139
8 network entries using 1088 bytes of memory
8 path entries using 448 bytes of memory
2/2 BGP path/bestpath attribute entries using 256 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1792 total bytes of memory
BGP activity 25/17 prefixes, 86/78 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.31.83.113 4 65272 0 0 1 0 0 never Idle
CORE_ROUTER_QAT#sh ip bgp sum
BGP router identifier 20.20.20.21, local AS number 200
BGP table version is 364, main routing table version 364
3 network entries using 408 bytes of memory
3 path entries using 168 bytes of memory
1/1 BGP path/bestpath attribute entries using 128 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 704 total bytes of memory
BGP activity 46/43 prefixes, 199/196 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State
/PfxRcd
172.31.92.41 4 65272 0 0 1 0 0 never Idle
I tried to telnet port 179 on both the router at the result was connection refused.
CORE_Router#telnet 172.31.92.42 179 /source-interface fastEthernet 0/0/0.446
Trying 172.31.92.42, 179 ...
% Connection refused by remote host
CORE_Router#telnet 172.31.92.42 179
Trying 172.31.92.42, 179 ...
% Connection refused by remote host
CORE_ROUTER_QAT#telnet 172.31.83.114 179
Trying 172.31.83.114, 179 ...
% Connection refused by remote host
CORE_ROUTER_QAT#$31.83.114 179 /source-interface gigabitEthernet 0/0
Trying 172.31.83.114, 179 ...
% Connection refused by remote host
Later I added changes to bgp on both the switches adding the neigbhor CE bgp.
on CORE_ROUTER:
router bgp 100
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
network 128.1.0.0 mask 255.255.248.0
network 172.18.0.0
network 172.19.0.0
redistribute connected
neighbor 172.31.83.113 remote-as 65272
neighbor 172.31.83.113 ebgp-multihop 255
neighbor 172.31.92.42 remote-as 200
neighbor 172.31.92.42 ebgp-multihop 255
on CORE_ROUTER_QAT:
router bgp 200
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
network 172.17.0.0
redistribute connected
neighbor 172.31.83.114 remote-as 100
neighbor 172.31.83.114 ebgp-multihop 255
neighbor 172.31.92.41 remote-as 65272
neighbor 172.31.92.41 ebgp-multihop 255
The bgp summary showed active connections but the communication to CE interface is awkward:
CORE_Router#sh ip bgp
BGP table version is 142, local router ID is 20.20.20.20
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x best-external, f RT-Filter
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 20.20.20.20/32 0.0.0.0 0 32768 ?
*> 20.20.20.21/32 172.31.92.42 0 0 200 ?
*> 84.235.x.x/28 0.0.0.0 0 32768 ?
*> 84.235.x.x/30 0.0.0.0 0 32768 ?
*> 128.1.0.0/21 0.0.0.0 0 32768 i
*> 128.1.0.96/29 0.0.0.0 0 32768 ?
*> 172.17.0.0/24 172.31.92.42 0 0 200 ?
*> 172.18.0.0 0.0.0.0 0 32768 i
*> 172.19.0.0 0.0.0.0 0 32768 i
*> 172.31.83.112/30 0.0.0.0 0 32768 ?
r> 172.31.92.40/30 172.31.92.42 0 0 200 ?
CORE_Router#sh ip bgp sum
BGP router identifier 20.20.20.20, local AS number 100
BGP table version is 142, main routing table version 142
11 network entries using 1496 bytes of memory
11 path entries using 616 bytes of memory
3/3 BGP path/bestpath attribute entries using 384 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2520 total bytes of memory
BGP activity 28/17 prefixes, 89/78 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.31.83.113 4 65272 0 0 1 0 0 never Idle
172.31.92.42 4 200 5 6 139 0 0 00:00:25 3
CORE_Router#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 84.235.x.x to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 84.235.x.x
20.0.0.0/32 is subnetted, 2 subnets
C 20.20.20.20 is directly connected, Loopback0
B 20.20.20.21 [20/0] via 172.31.92.42, 00:00:30
84.0.0.0/8 is variably subnetted, 4 subnets, 3 masks
C 84.235.x.x/28 is directly connected, GigabitEthernet0/2
L 84.235.x.x/32 is directly connected, GigabitEthernet0/2
C 84.235.x.x/30 is directly connected, GigabitEthernet0/0.2400
L 84.235.x.x/32 is directly connected, GigabitEthernet0/0.2400
128.1.0.0/16 is variably subnetted, 3 subnets, 3 masks
S 128.1.0.0/21 is directly connected, GigabitEthernet0/1
C 128.1.0.96/29 is directly connected, GigabitEthernet0/1
L 128.1.0.100/32 is directly connected, GigabitEthernet0/1
172.17.0.0/24 is subnetted, 1 subnets
B 172.17.0.0 [20/0] via 172.31.92.42, 00:00:30
S 172.18.0.0/16 is directly connected, GigabitEthernet0/1
S 172.19.0.0/16 is directly connected, GigabitEthernet0/1
172.31.0.0/16 is variably subnetted, 4 subnets, 2 masks
S 172.31.53.168/30 [1/0] via 172.31.83.113
C 172.31.83.112/30 is directly connected, FastEthernet0/0/0.446
L 172.31.83.114/32 is directly connected, FastEthernet0/0/0.446
S 172.31.92.40/30 [1/0] via 172.31.83.113
CORE_ROUTER_QAT#sh ip bgp
BGP table version is 379, local router ID is 20.20.20.21
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x best-externa
l, f RT-Filter
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 20.20.20.20/32 172.31.83.114 0 0 100 ?
*> 20.20.20.21/32 0.0.0.0 0 32768 ?
* 84.235.x.x/28 172.31.83.114 0 0 100 ?
* 84.235.x.x/30 172.31.83.114 0 0 100 ?
* 128.1.0.0/21 172.31.83.114 0 0 100 i
* 128.1.0.96/29 172.31.83.114 0 0 100 ?
*> 172.17.0.0/24 0.0.0.0 0 32768 ?
* 172.18.0.0 172.31.83.114 0 0 100 i
* 172.19.0.0 172.31.83.114 0 0 100 i
*> 172.31.83.112/30 172.31.83.114 0 0 100 ?
*> 172.31.92.40/30 0.0.0.0 0 32768 ?
CORE_ROUTER_QAT#sh ip bgp sum
BGP router identifier 20.20.20.21, local AS number 200
BGP table version is 379, main routing table version 379
11 network entries using 1496 bytes of memory
11 path entries using 616 bytes of memory
3/2 BGP path/bestpath attribute entries using 384 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2520 total bytes of memory
BGP activity 54/43 prefixes, 207/196 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State
/PfxRcd
172.31.83.114 4 100 8 7 1 0 0 00:01:51
8
172.31.92.41 4 65272 0 0 1 0 0 never Idle
CORE_ROUTER_QAT#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 172.31.92.41 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 172.31.92.41
20.0.0.0/32 is subnetted, 1 subnets
C 20.20.20.21 is directly connected, Loopback0
172.17.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.17.0.0/24 is directly connected, GigabitEthernet0/1.2
L 172.17.0.250/32 is directly connected, GigabitEthernet0/1.2
172.31.0.0/16 is variably subnetted, 3 subnets, 2 masks
B 172.31.83.112/30 [20/0] via 172.31.83.114, 00:01:59
C 172.31.92.40/30 is directly connected, GigabitEthernet0/0
L 172.31.92.42/32 is directly connected, GigabitEthernet0/0
CORE_Router#ping 172.31.92.41
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.92.41, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
CORE_Router#ping 172.31.92.42
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.92.42, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_Router#traceroute 172.31.92.42
Type escape sequence to abort.
Tracing the route to 172.31.92.42
VRF info: (vrf in name/id, vrf out name/id)
1 172.31.83.113 0 msec 0 msec 0 msec
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * *
172.31.92.42 8 msec
CORE_Router#ping 172.31.92.42
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.92.42, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_Router#traceroute 172.31.92.42
Type escape sequence to abort.
Tracing the route to 172.31.92.42
VRF info: (vrf in name/id, vrf out name/id)
1 172.31.83.113 24 msec 4 msec 52 msec
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * *
CORE_Router#ping 172.31.92.41
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.92.41, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
CORE_Router#ping 172.31.92.42
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.92.42, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_Router#ping 172.31.92.41
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.92.41, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
CORE_Router#ping 172.31.92.42
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.92.42, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_Router#ping 172.31.92.42
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.92.42, timeout is 2 seconds:
..!!!
Success rate is 60 percent (3/5), round-trip min/avg/max = 1/3/4 ms
CORE_Router#ping 172.31.92.42
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.92.42, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
CORE_Router#ping 172.17.0.250
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.17.0.250, timeout is 2 seconds:
U.U.
Success rate is 0 percent (0/4)
CORE_Router#ping 172.31.92.42
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.92.42, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_ROUTER_QAT#ping 172.31.83.113
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:
...!!
Success rate is 40 percent (2/5), round-trip min/avg/max = 4/4/4 ms
CORE_ROUTER_QAT#ping 172.31.83.113
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
CORE_ROUTER_QAT#ping 172.31.83.114
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.114, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
CORE_ROUTER_QAT#ping 172.31.83.114
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.114, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_ROUTER_QAT#ping 172.31.83.114
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.114, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_ROUTER_QAT#ping 172.31.83.113
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_ROUTER_QAT#ping 172.31.83.113
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_ROUTER_QAT#ping 172.31.83.114
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.114, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_ROUTER_QAT#ping 172.31.83.113
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_ROUTER_QAT#ping 172.31.83.113
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:
...!!
Success rate is 40 percent (2/5), round-trip min/avg/max = 4/4/4 ms
CORE_ROUTER_QAT#traceroute 172.31.83.113
Type escape sequence to abort.
Tracing the route to 172.31.83.113
VRF info: (vrf in name/id, vrf out name/id)
1 * * *
2 *
CORE_ROUTER_QAT#ping 172.31.83.113
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_ROUTER_QAT#ping 172.31.83.113
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_ROUTER_QAT#ping 172.31.83.113
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_ROUTER_QAT#ping 172.31.83.113
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_ROUTER_QAT#ping 172.31.83.113
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_ROUTER_QAT#ping 172.31.83.113
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_ROUTER_QAT#ping 172.31.83.113
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.113, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/8 ms
CORE_ROUTER_QAT#ping 172.31.83.114
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.114, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CORE_ROUTER_QAT#ping 172.31.83.114
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.83.114, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
06-01-2012 11:56 AM
Hello Jobin,
contact the MPLS service provider it looks like that they haven't configured their side the PE-CE eBGP sessions.
The Service Provider has the configuration to route the PE-CE links and this allows you to ping the remote PE but you cannot ping the remote CE as the PE-CE eBGP sessions are not established.
The eBGP session with the remote CE is not usual in this kind of setup as I have noted previously it may be able to go up but it doesn't solve your issues you need to contact the MPLS SP tech support.
Hope to help
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide