Issue with Cell Mode MPLS

From: Raffy Armistead (Raffy.Armistead@gmail.com)
Date: Tue Feb 24 2009 - 01:46:22 ARST

I am having an issue with cell mode MPLS. I am following the IE SP COD class
and on Day 2 Part 4 of VPNs it mentions the use of a management VRF over
Cell Mode MPLS. I am trying to implement it myself and I am having issues
getting the configuration to work. I am running with Dynagen and I am not
sure if that is the issue. The configuration appears to be just like what
Brian has configured during the class.

If I ping R7 from R9 I am able to see R7 receive the request and it is
sending the reply.

Rack1R7#debug ip icmp
> ICMP packet debugging is on
> Rack1R7#
> Cisco-2801#9
> [Resuming connection 9 to R9 ... ]
>
> Rack1R9#ping vrf MGMT 7.7.7.7 source 9.9.9.9
>
> Type escape sequence to abort.
> Sending 5, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
> Packet sent with a source address of 9.9.9.9
> .
> Cisco-2801#7
> [Resuming connection 7 to R7 ... ]
>
> *Mar 1 19:15:20.627: ICMP: echo reply sent, src 7.7.7.7, dst 9.9.9.9
> Rack1R7#
> Rack1R7#
> *Mar 1 19:15:24.615: ICMP: echo reply sent, src 7.7.7.7, dst 9.9.9.9
> Rack1R7#
> *Mar 1 19:15:26.623: ICMP: echo reply sent, src 7.7.7.7, dst 9.9.9.9
> Rack1R7#
> *Mar 1 19:15:28.623: ICMP: echo reply sent, src 7.7.7.7, dst 9.9.9.9
> Rack1R7#
>

R7 and R3 shows the correct next hop.

Rack1R7#show ip cef 9.9.9.9
> 9.9.9.9/32, version 44, epoch 0, cached adjacency 10.1.37.3
> 0 packets, 0 bytes
> via 10.1.37.3, FastEthernet1/3, 0 dependencies
> next hop 10.1.37.3, FastEthernet1/3
> valid cached adjacency
> Rack1R7#
> Cisco-2801#3
> [Resuming connection 3 to R3 ... ]
>
> Rack1R3#show ip cef vrf MGMT 9.9.9.9
> 9.9.9.9/32, version 16, epoch 0, cached adjacency to Serial1/2
> 0 packets, 0 bytes
> tag information set
> local tag: VPN-route-head
> fast tag rewrite with Se1/2, point2point, tags imposed: {25 30}
> via 150.1.9.9, 0 dependencies, recursive
> next hop 150.1.13.1, Serial1/2 via 150.1.9.0/24
> valid cached adjacency
> tag rewrite with Se1/2, point2point, tags imposed: {25 30}
> Rack1R3#show ip bgp vpnv4 all labels | in 9.9.9.9
> 9.9.9.9/32 150.1.9.9 nolabel/30
> 9.9.9.9/32 150.1.9.9 nolabel/30
> Rack1R3#show mpls forwarding-table 150.1.9.9
> Local Outgoing Prefix Bytes tag Outgoing Next Hop
> tag tag or VC or Tunnel Id switched interface
> 33 25 150.1.9.0/24 0 Se1/2 point2point
> Rack1R3#
>

If I run debug MPLS packet on the R1 I am seeing the return traffic come in
from R3 and is sent to the cell mode MPLS router.

Rack1R1#debug mpls packet
> Packet debugging is on
> Rack1R1#
> Cisco-2801#7
> [Resuming connection 7 to R7 ... ]
>
> Rack1R7#ping 9.9.9.9 source 7.7.7.7
>
> Type escape sequence to abort.
> Sending 5, 100-byte ICMP Echos to 9.9.9.9, timeout is 2 seconds:
> Packet sent with a source address of 7.7.7.7
>
> Cisco-2801#1
> [Resuming connection 1 to R1 ... ]
>
> 19:25:00: MPLS turbo: Se2/1: rx: Len 112 Stack {25 0 254} {30 0 254} - ipv4
> data
> 19:25:00: MPLS turbo: AT3/0.101: tx: Len 112 Stack {0 0 253} {30 0 254} -
> ipv4 data
> Rack1R1#
> 19:25:02: MPLS turbo: Se2/1: rx: Len 112 Stack {25 0 254} {30 0 254} - ipv4
> data
> 19:25:02: MPLS turbo: AT3/0.101: tx: Len 112 Stack {0 0 253} {30 0 254} -
> ipv4 data
> 19:25:04: MPLS turbo: Se2/1: rx: Len 112 Stack {25 0 254} {30 0 254} - ipv4
> data
> 19:25:04: MPLS turbo: AT3/0.101: tx: Len 112 Stack {0 0 253} {30 0 254} -
> ipv4 data
> Rack1R1#
> 19:25:06: MPLS turbo: Se2/1: rx: Len 112 Stack {25 0 254} {30 0 254} - ipv4
> data
> 19:25:06: MPLS turbo: AT3/0.101: tx: Len 112 Stack {0 0 253} {30 0 254} -
> ipv4 data
> 19:25:08: MPLS turbo: Se2/1: rx: Len 112 Stack {25 0 254} {30 0 254} - ipv4
> data
> 19:25:08: MPLS turbo: AT3/0.101: tx: Len 112 Stack {0 0 253} {30 0 254} -
> ipv4 data
> Rack1R1#u all
> All possible debugging has been turned off
>
> Rack1R1#show mpls forwarding-table | in ^25
> 25 1/36 150.1.9.0/24 160266 AT3/0.101
> point2point
> Rack1R1#show mpls atm-ld
> Rack1R1#show mpls atm-ldp bindings 150.1.9.0 24
> Destination: 150.1.9.0/24
> Headend Router ATM3/0.101 (1 hop) 1/36 Active, VCD=5
>
> Rack1R1#
> Rack1R1#show atm pvc
> VCD / Peak Avg/Min Burst
> Interface Name VPI VCI Type Encaps SC Kbps Kbps
> Cells Sts
> 3/0.101 2 1 33 TVC MUX UBR
> 155000 UP
> 3/0.101 3 1 34 TVC MUX UBR
> 155000 UP
> 3/0.101 4 1 35 TVC MUX UBR
> 155000 UP
> 3/0.101 5 1 36 TVC MUX UBR
> 155000 UP
> 3/0.101 6 1 37 TVC MUX UBR
> 155000 UP
> 3/0.101 7 1 38 TVC MUX UBR
> 155000 UP
> 3/0.101 9 1 40 TVC MUX UBR
> 155000 UP
> 3/0.101 10 1 41 TVC MUX UBR
> 155000 UP
> 3/0.101 11 1 42 TVC MUX UBR
> 155000 UP
> 3/0.101 12 1 43 TVC MUX UBR
> 155000 UP
> 3/0.101 13 1 44 TVC MUX UBR
> 155000 UP
> 3/0.101 15 1 46 TVC MUX UBR
> 155000 UP
> 3/0.101 1 1 64 PVC SNAP UBR
> 155000 UP
> 4/0 1 0 102 PVC SNAP UBR
> 155000 UP
> Rack1R1#
> Rack1R9#show mpls forwarding-table 150.1.9.9
> Local Outgoing Prefix Bytes Label Outgoing Next Hop
> Label Label or VC or Tunnel Id Switched interface
> None No Label 150.1.9.9/32 0 aggr-punt
> Rack1R9#
> Rack1R9#show mpls atm-ldp bindings 150.1.9.0 24
> Destination: 150.1.9.0/24
> Tailend Router ATM3/0.109 1/33 Active, VCD=2
> Rack1R9#show mpls forwarding-table vrf MGMT detail
> Local Outgoing Prefix Bytes Label Outgoing Next Hop
> Label Label or VC or Tunnel Id Switched interface
> 30 Pop Label 9.9.9.9/32[V] 0 aggregate/MGMT
> MAC/Encaps=0/0, MRU=0, Label Stack{}
> VPN route: MGMT
> No output feature configured
>
> Rack1R9#

If I just try to ping R9 from R3 under the global table it seems to respond
properly:

Rack1R3#show ip cef 150.1.9.9
> 150.1.9.0/24, version 29, epoch 0, cached adjacency to Serial1/2
> 0 packets, 0 bytes
> tag information set, shared
> local tag: 33
> fast tag rewrite with Se1/2, point2point, tags imposed: {25}
> via 150.1.13.1, Serial1/2, 2 dependencies
> next hop 150.1.13.1, Serial1/2
> valid cached adjacency
> tag rewrite with Se1/2, point2point, tags imposed: {25}
> Rack1R3#ping 150.1.9.9 reo
> Rack1R3#ping 150.1.9.9 rep
> Rack1R3#ping 150.1.9.9 repeat 10
>
> Type escape sequence to abort.
> Sending 10, 100-byte ICMP Echos to 150.1.9.9, timeout is 2 seconds:
> !!!!!!!
> Cisco-2801#9
> [Resuming connection 9 to R9 ... ]
>
> 19:31:08: MPLS turbo: AT3/0.109: rx: Len 108 Stack {0 0 253} - ipv4 data
> 19:31:08: ICMP: echo reply sent, src 150.1.9.9, dst 150.1.13.3
> 19:31:08: MPLS turbo: AT3/0.109: rx: Len 108 Stack {0 0 253} - ipv4 data
> 19:31:08: ICMP: echo reply sent, src 150.1.9.9, dst 150.1.13.3
> 19:31:08: MPLS turbo: AT3/0.109: rx: Len 108 Stack {0 0 253} - ipv4 data
> 19:31:08: ICMP: echo reply sent, src 150.1.9.9, dst 150.1.13.3
> 19:31:08: MPLS turbo: AT3/0.109: rx: Len 108 Stack {0 0 253} - ipv4 data
> 19:31:08: ICMP: echo reply sent, src 150.1.9.9, dst 150.1.13.3
> 19:31:08: MPLS turbo: AT3/0.109: rx: Len 108 Stack {0 0 253} - ipv4 data
> 19:31:08: ICMP: echo reply sent, src 150.1.9.9, dst 150.1.13.3
> Rack1R9#
> 19:31:08: MPLS turbo: AT3/0.109: rx: Len 108 Stack {0 0 253} - ipv4 data
> 19:31:08: ICMP: echo reply sent, src 150.1.9.9, dst 150.1.13.3
> 19:31:08: MPLS turbo: AT3/0.109: rx: Len 108 Stack {0 0 253} - ipv4 data
> 19:31:08: ICMP: echo reply sent, src 150.1.9.9, dst 150.1.13.3
> 19:31:08: MPLS turbo: AT3/0.109: rx: Len 108 Stack {0 0 253} - ipv4 data
> 19:31:08: ICMP: echo reply sent, src 150.1.9.9, dst 150.1.13.3
> 19:31:08: MPLS turbo: AT3/0.109: rx: Len 108 Stack {0 0 253} - ipv4 data
> 19:31:08: ICMP: echo reply sent, src 150.1.9.9, dst 150.1.13.3
> 19:31:08: MPLS turbo: AT3/0.109: rx: Len 108 Stack {0 0 253} - ipv4 data
> 19:31:08: ICMP: echo reply sent, src 150.1.9.9, dst 150.1.13.3
> Rack1R9#
> 19:31:10: MPLS turbo: AT3/0.109: rx: Len 48 Stack {0 6 253} - ipv4 data
> Rack1R9#
>
>
>
> Rack1R9#show run
> ip vrf MGMT
> rd 100:4
> route-target export 100:4
> route-target import 100:4
> !
> interface Loopback9
> ip vrf forwarding MGMT
> ip address 9.9.9.9 255.255.255.255
> no clns route-cache
> !
> interface ATM3/0.109 mpls
> ip address 150.1.109.9 255.255.255.0
> no atm enable-ilmi-trap
> mpls label protocol tdp
> mpls ip
> !
> router bgp 100
> no synchronization
> bgp log-neighbor-changes
> neighbor 150.1.3.3 remote-as 100
> neighbor 150.1.3.3 update-source Loopback0
> no auto-summary
> !
> address-family vpnv4
> neighbor 150.1.3.3 activate
> neighbor 150.1.3.3 send-community extended
> exit-address-family
> !
> address-family ipv4 vrf MGMT
> redistribute connected
> no auto-summary
> no synchronization
> exit-address-family
>
> Rack1R9#show ip route vrf MGMT
>
> Routing Table: MGMT
>
> Gateway of last resort is not set
>
> 7.0.0.0/32 is subnetted, 1 subnets
> B 7.7.7.7 [200/409600] via 150.1.3.3, 00:20:27
> 8.0.0.0/32 is subnetted, 1 subnets
> B 8.8.8.8 [200/11] via 150.1.6.6, 00:20:27
> 9.0.0.0/32 is subnetted, 1 subnets
> C 9.9.9.9 is directly connected, Loopback9
> Rack1R9#
> Rack1R9#show ver
> Cisco IOS Software, 7200 Software (C7200-K91P-M), Version 12.2(31)SB14,
> RELEASE SOFTWARE (fc5)
> Technical Support: http://www.cisco.com/techsupport
> Copyright (c) 1986-2009 by Cisco Systems, Inc.
> Compiled Thu 22-Jan-09 14:02 by thvk
>
> ROM: ROMMON Emulation Microcode
> BOOTLDR: 7200 Software (C7200-K91P-M), Version 12.2(31)SB14, RELEASE
> SOFTWARE (fc5)
>
> Rack1R9 uptime is 20 hours, 3 minutes
> System returned to ROM by unknown reload cause - suspect
> boot_data[BOOT_COUNT] 0x0, BOOT_COUNT 0, BOOTDATA 19
> System image file is "tftp://255.255.255.255/unknown"
>
>
> This product contains cryptographic features and is subject to United
> States and local country laws governing import, export, transfer and
> use. Delivery of Cisco cryptographic products does not imply
> third-party authority to import, export, distribute or use encryption.
> Importers, exporters, distributors and users are responsible for
> compliance with U.S. and local country laws. By using this product you
> agree to comply with applicable laws and regulations. If you are unable
> to comply with U.S. and local laws, return this product immediately.
>
> A summary of U.S. laws governing Cisco cryptographic products may be found
> at:
> http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
>
> If you require further assistance please contact us by sending email to
> export@cisco.com.
>
> Cisco 7206VXR (NPE400) processor (revision A) with 245760K/16384K bytes of
> memory.
> Processor board ID 4294967295
> R7000 CPU at 150Mhz, Implementation 0x27, Rev 2.1, 256KB L2 Cache
> 6 slot VXR midplane, Version 2.1
>
> Last reset from power-on
>
> PCI bus mb0_mb1 (Slots 0, 1, 3 and 5) has a capacity of 600 bandwidth
> points.
> Current configuration on bus mb0_mb1 has a total of 500 bandwidth points.
> This configuration is within the PCI bus capacity and is supported.
>
> PCI bus mb2 (Slots 2, 4, 6) has a capacity of 600 bandwidth points.
> Current configuration on bus mb2 has a total of 300 bandwidth points
> This configuration is within the PCI bus capacity and is supported.
>
> Please refer to the following document "Cisco 7200 Series Port Adaptor
> Hardware Configuration Guidelines" on Cisco.com <http://www.cisco.com>
> for c7200 bandwidth points oversubscription and usage guidelines.
>
>
> 1 FastEthernet interface
> 2 ATM interfaces
> 125K bytes of NVRAM.
>
> 8192K bytes of ATA PCMCIA card at slot 0 (Sector size 512 bytes).
> 8192K bytes of Flash internal SIMM (Sector size 256K).
> Configuration register is 0x2102
>
> Rack1R9#
>
>
> Rack1R3#show run
> Building configuration...
>
> ip vrf MGMT
> rd 100:4
> route-target export 100:4
> route-target import 100:4
> !
> ip vrf VPN_A
> rd 100:1
> export map MGMT_EXPORT
> route-target export 100:1
> route-target import 100:1
> route-target import 100:4
> !
>
> !
> !
> !
> !
> !
> interface Ethernet0/0
> ip vrf forwarding VPN_A
> ip address 10.1.37.3 255.255.255.0
> full-duplex
> !
> router eigrp 1
> redistribute bgp 100
> no auto-summary
> !
> address-family ipv4 vrf VPN_A
> redistribute bgp 100 metric 1500 1 255 255 1500
> network 10.0.0.0
> no auto-summary
> autonomous-system 100
> exit-address-family
> eigrp router-id 150.1.3.3
> !
> router bgp 100
> no synchronization
> bgp log-neighbor-changes
> neighbor 150.1.4.4 remote-as 100
> neighbor 150.1.4.4 update-source Loopback0
> neighbor 150.1.6.6 remote-as 100
> neighbor 150.1.6.6 update-source Loopback0
> neighbor 150.1.9.9 remote-as 100
> neighbor 150.1.9.9 update-source Loopback0
> neighbor 150.1.9.9 route-reflector-client
> no auto-summary
> !
> address-family vpnv4
> neighbor 150.1.4.4 activate
> neighbor 150.1.4.4 send-community extended
> neighbor 150.1.4.4 route-reflector-client
> neighbor 150.1.6.6 activate
> neighbor 150.1.6.6 send-community extended
> neighbor 150.1.6.6 route-reflector-client
> neighbor 150.1.9.9 activate
> neighbor 150.1.9.9 send-community extended
> exit-address-family
> !
> address-family ipv4 vrf VPN_B
> neighbor 204.12.1.254 remote-as 54
> neighbor 204.12.1.254 activate
> no synchronization
> exit-address-family
> !
> address-family ipv4 vrf VPN_A
> redistribute eigrp 100
> no synchronization
> exit-address-family
> !
> address-family ipv4 vrf MGMT
> no synchronization
> exit-address-family
> !
> ip prefix-list MGMT_EXPORT seq 5 permit 7.7.7.7/32
> !
> route-map MGMT_EXPORT permit 10
> match ip address prefix-list MGMT_EXPORT
> set extcommunity rt 100:4
> Rack1R3#show ip route vrf MGMT
>
> Routing Table: MGMT
> Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
> D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
> N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
> E1 - OSPF external type 1, E2 - OSPF external type 2
> i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS
> level-2
> ia - IS-IS inter area, * - candidate default, U - per-user static
> route
> o - ODR, P - periodic downloaded static route
>
> Gateway of last resort is not set
>
> 7.0.0.0/32 is subnetted, 1 subnets
> B 7.7.7.7 [20/409600] via 10.1.37.7 (VPN_A), 19:36:00, Ethernet0/0
> 8.0.0.0/32 is subnetted, 1 subnets
> B 8.8.8.8 [200/11] via 150.1.6.6, 00:22:57
> 9.0.0.0/32 is subnetted, 1 subnets
> B 9.9.9.9 [200/0] via 150.1.9.9, 00:22:42
> Rack1R3#
> 

-- 
Raffy Armistead
CCIE# 16248

Blogs and organic groups at http://www.ccie.net

This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:12 ARST