Solved: Cisco-Juniper MPLS VPNv4 not working

lma9962@hotmail.com · ‎04-05-2018

Hi

I configured OSPF then MPLS/LDP then I created VRFs in PE routers then BGP and Finally VPN. I'm facing a problem I don't know how to solve(troubleshoot). BGP peering is okay. Just CEs cant see each other(ping).

Harold Ritter · ‎04-07-2018

I noted a few things looking at your configuration on R2.

1. You should not redistribute routes from BGP to the main OSPF process

router ospf 1
redistribute bgp 100 subnets

2. You should rather redistribute from BGP (vrf MPLS) to "router ospf 2 vrf MPLS"

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

Harold Ritter · ‎04-07-2018

As in any troubleshooting scenarios, you need to have a structured way to look at this issue.

1. Are routes propagated from the CE to the ingress PE?

2. Are routes installed in local VRF on the ingress PE?

3. Are local VRF routes exported in VPNv4 on ingress PE?

4. Are VPNv4 routes propagated from ingress PE to egress PE?

5. Are routes from VPNv4 imported in the local VRF on the egress PE?

6. Are routes propagated from egress PE to CE via ospf?

7. Repeat the above steps for the routes in the other directions.

You can probably add some details, but you I am sure you get the general idea of the step by step approach.

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Harold Ritter · ‎04-07-2018

I noted a few things looking at your configuration on R2.

1. You should not redistribute routes from BGP to the main OSPF process

router ospf 1
redistribute bgp 100 subnets

2. You should rather redistribute from BGP (vrf MPLS) to "router ospf 2 vrf MPLS"

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

lma9962@hotmail.com · ‎04-09-2018

I tried that but still no improvement. thanks for responding.

Harold Ritter · ‎04-09-2018

Hi,

It is very hard to help you if you are not providing more information. Could you please go through the troubleshooting procedure I provided and see if you can fix the issue or provide more information so we can help you fix it.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

lma9962@hotmail.com · ‎04-16-2018

The redistribution was the main problem.

I was able to see the BGP peering, and the routing table was populated (#show ip route vrf MPLS), but the CE (cisco) was isolated. I did a lot of troubleshooting and finally, it worked. there was some issue with my subnetting. I never thought the subnet of the loopback would create a problem. I learned the hard way, it does.

Thank you so much,

If anyone has the same problem, I uploaded my configuration with a picture of the topology.

This is most important resources I used.

Juniper

1- https://www.juniper.net/documentation/en_US/junos/topics/example/mpls-qfx-series-vpn-layer3.html#table-egress-pe-switch

Cisco

1-https://www.cisco.com/c/en/us/support/docs/multiprotocol-label-switching-mpls/mpls/13734-mpls-vpn-tsh.html

2-https://www.cisco.com/c/en/us/support/docs/multiprotocol-label-switching-mpls/mpls/13733-mpls-vpn-basic.html

3- really good tutorial form VPNv4. https://mycexp.joomla.com/routmenu/13-cisco-mpls-vpn

Harold Ritter · ‎04-18-2018

Thanks for the follow-up and feedback. It is very much appreciated.

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México