Info on mpls
Hi,
i am new to mpls would appreciate if any body in forum could specify any books/links on where to start MPLS basics from.
thanks
For resources on the web besides Cisco.com, try these
http://www.mplsforum.org/
http://www.mplsrc.com/
- Paul
Similar Messages
-
MPLS - Routing info from the same BGP AS
Hi everyone,
I'm working on MPLS - (lab) and I was wondering how is it possible (or command) to pass traffic to and from the same AS? In my lab I have to specifiy "nei allow-as in" in order to see routes from routers in my AS. I have 5 routers in my lab - One in AS 777 mpls and the other four in AS 6500). Everything in AS 6500 has the bgp sub command neig "ip addy" allow-as in. This is the only way I can see routes advertised from neighbors.
Thanks in advance.Hi
Another (and I believe more used) possibility is to configure as-override on the PE towards CE
router bg MPLS-CORE
address-family ipv6 vrf test
neighbour x.x.x.x as-override
(syntax might be wrong)
Jon -
Hello. I am not to well versed in MPLS but would like to know if there is something that provides the PRO's and CON's to MPLS plus learning a little something to be able to help. I have a client that just moved into a ATM cloud with an ISP and they have some 75xx, 73xx, and 38xx routers and wants some documentation on cost, feasability, and if it's worth the effort. Anything would be helpful.
ThanksI think the best thing to do at this point is to familiarize yourself with MPLS. A good starting point would be www.cisco.com/go/mpls, which contains a wealth of information pertaining to MPLS.
Hope this helps, -
In our enterprise MPLS network we are using 192.168.20.0/24 subnet, in this subnet we have not assigned the IP 192.168.20.200/30 & 204/30, But still these subnets are reachable . Are these NNI IP ...Please explain.
I have checked with ISP, there response is like below:
Those are the NNI to GBNET IPs for Dominican Republic. They are Network IPs. You should be able to ping them-that means they are working.
WANRT01#show ip route | include 192.168.20.20
B 192.168.20.200/30 [20/0] via 192.168.20.226, 02:18:29
B 192.168.20.204/30 [20/0] via 192.168.20.226, 02:18:29
Here its shows from any of our MPLS site we are able to trace the IP and it seems like, 192.168.20.204/30 is one more site but in actual its not.
INMUMWANRT01#ping 192.168.20.205
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.20.205, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 224/232/260 ms
INMUMWANRT01#trace
INMUMWANRT01#traceroute 192.168.20.205
Type escape sequence to abort.
Tracing the route to 192.168.20.205
VRF info: (vrf in name/id, vrf out name/id)
1 192.168.20.226 24 msec 24 msec 24 msec
2 192.168.20.206 [AS 8035] 232 msec 232 msec 252 msec
3 192.168.20.205 [AS 8035] 224 msec 224 msec * -
Does BT IP Clear MPLS support multicast?
Hi
Requirement is to multicast music on hold RTP stream from a Data Center to a remote site over BT IP Clear MPLS network. Catalyst 3750 switches (both running IP Services Image) will BGP peer with BT PE equipment. The Catalyst 3750 switches will also be configured with PIM-SM.
Does BT MPLS support IP Multicast? I could not find any info on the web so I am hoping people have tried it and (hopefully) it worked for them!
Are there any restictictions/limitations using Catalyst 3750 for BGP peering?
Thankssidhu
If you are looking for multicast support on mpls link then you need to ask your SP to provide you the mVPN services. Because they need to configure the default and data mdt under the vrf.
regards
shivlu jain -
Hi. Is there an easy way to check if MPL is currently up or down? Is there a table in the database that can tell this status?
We have a file upload process that are automatically picked up by MPL and loaded in staging tables.
Thank you.I am looking for this information as well, and spl.sh -m isup doesn't work. At least not on Red Hat Linux. This is the output I see here:
*$ spl.sh -m isup*
*111026.11:24:12 <info> Startup/Shutdown logs will go to /spl/CCB231DEV/logs/system/spl.sh.log*
*$*
And the log basically parrots that same info. Any idea on a way to check in this case? I want to be notified if the service drops for any reason, and either attempt to restart it automatically or manually. -
Best internet access method over MPLS?
Hello!!
once again, i have to choose between design opinions and I'd like to hear about your exeperiences... Now referred to internet access.
I have several customer needing to learn full internet routing and stablishing bgp connection with our PE's (for access backup pourposes).
When needing to use more specific than default routes, it's said to be more conventient to use global routing tables to distribute full internet routes, in order to save memory on the PE's.
Now my doubt: if this design forces me to use diferent subinterfaces and VRF's for a client needing both VPN and internet access, and knowing that maybe I could use the same vpn for providing internet to all our customers, sho internet routes will be available in just one VRF... wouldn't it be cleaner using just one vpn (and one vrf in every PE router) for internet access for all the customer (yet Knowing it will use three times more memory)...?
know ebgp sessions in a PE could be stablished through de internet access vrf. Moreover, any client needing private VPN could use a diferent (sub)interface
what do you think about? global routes or just one vrf carrying internet routes?
Thanks in advanceWell, both are good options, and we have designed networks for SP's with both these options. The deciding factor for them however has been, the requirements form the INternet Service, Wthether this service is for A) End customer who want default or partial/full routing table. Or wtherther this service is for a B) ISP who can serve his TIer 2/3 ISP customer.
A) For End Enterprise Customers.
If its meant for end customer who simply want a default route and some customer who may want partial/full routes but who arent ISP's then You can consider the VRF solution, as it would be very easy for you to provision and deprovision within the network. Just a little more load on the memory but since its one VRF your typical PE can handle the Internet in a VRF with 1 gig of MEM.
B) For Tier2/3 ISP Customers
Now if its for your T2/T3 ISP customer, then the VRF method has certain drawbacks,
Drawback ) ISP customers dont want a single best route coming to them from a RR, Since you are their provider ISP you would be having many connection to upstream peering points and NAP/IXP. So your ISP customers want all these routes so they can themselves decide the best route for different service requirements of their end customer.
Solution) Now if you have to give all these routes to the ISP you have to assign a different RD value for ech upstream peering point,
Caveat) This ould increase your memory requirement on the PE's and RR's tremendously as they would be holding duplicates of you Internet Routing table bcos of different RD values.
Differen Approach ) Having said that, some ISP's have implemented the best of both world, but it comes with cost constraints. You can extend you IBGP of the Internet AS withing a VRF, that is infra routes only within VRF and have dedicated Internet Peering Edge Routers at all locations where you consider to provide this service to ISP's, so you extend you IBGP using the VRF, hence none of the P or PE routes hold no internet routes in any form, they only have the infra routes in the VRF. using these Infra routes, the Internet Peering Edge Routers form IBGP with a Internet RR which is your dedciated regular RR for Internet routers, and exchange all internet routes, and give them to your downstream ISP customers.
Global Routing Table )
Ntohign wrong with this, method, everything works as it was working before your MPLS network was there, except the fact that your intermediate routers dont hold Internet Tabel and its a BGP Free Core.
This is better than the VRF option A method
as you wont hold internet routing table with more memory which is bcos of the VPNV4. And the Second VRF option B is far superior to this method but with added one time cost.
Hope this info helps u to decide better.
HTH-Cheers,
Swaroop -
Managing Route-Map based MPLS VPN
1) How to derive the VPN information of the MPLS VPN configured using route-maps? As I understand, stitching route-maps information to derive VPN is complex as it is difficult to derive & correlate the filters tied to each of the route-maps that are tied to a VRF :(
2) Is there any MIB to get from the MIB
a) Route-maps tied to each VRF
b) What is the filter associated with each route-map?
c) Definition of each of the above filter
It would have been nice if the route-maps' name had global-significance within AS, so that we could have treated route-maps, pretty much like the route-tragets. Alas, I doubt it is :(
It should be noted here that if the MPLS VPN is configured using route targets, the VPN information derivation is fairly straight forward throught MplsVpn MIB.
So, the question is what is the simplest way to derive the MPLS VPN info given that they are configured using route-maps in BGP for labelled-route-distribution & for the pkt association with the VRFs.
Thanks,
Suresh REach CE in a customer VPN is also added to the management VPN by selecting the Join the management VPN option in the service request user interface.
The function of the management route map is to allow only the routes to the specific CE into the management VPN. The Cisco IOS supports only one export route map and one import route map per VRF.
http://www.cisco.com/en/US/products/sw/netmgtsw/ps4748/products_user_guide_chapter09186a0080353ac3.html -
DMVPN + MPLS best-path selection
Dear Community
We're in the process of deploying DMVPN as a backup solution to MPLS. All that is working great!
The DMVPN wan is dual-cloud, with 2 hub routers in each cloud. Phase 3 (nhrp shortcut) is enabled on all the spokes.
For routing, all the customer subnets are advertised in MPLS, whereas for DMVPN hub advertises only a summary to 10.0.0.0/8. The protocol for both is BGP. For DMVPN, the hub routers resides in one AS (65002) and all the spokes another common AS 65102. DMVPN is therefore peered eBGP hub > spoke.
For customers connected to MPLS, the DMVPN serves as backup only solution. Best-path selection by longest prefix match.
We have other customers coming on board who wish to join the same WAN but don't have the $$$ for MPLS so are opting for DMVPN only.
Now, I have a requirement to enable spoke-to-spoke for a DMVPN only site (spokeA) to an MPLS site (spokeB). The problem is it doesn't seem to work properly as the hub router sees the best path to spokeB site via MPLS, not via DMVPN. The spoke-to-spoke is never formed, and remains spokeA > hub > mpls > spokeB. The return path is better = spokeB > DMVPN > hub > spokeA (this is because spokeB sees no route from MPLS for spokeA, so follows 10.0.0.0/8) route.
I look for any feedback that can help to meet this requirement?
And if any advice on the general design would be really appreciated.
Thanks a lot!
PhilPhil,
I did a short lab around this ... wanted to make sure I'm not saying something stupid.
While I can't claim it's the _optimal_ solution for your setup it seems to work in my lab.
Spoke1 LAN 192.168.101.0/24 (AS 65001)
Spoke2 LAN 192.168.102.0/24 (AS 65002)
HUB LAN 192.168.111.0/24 (AS 65000)
192.168.1.0/24 DMVPN subnet.
A single (i)VRF - DMVPN exists on hub, only and is assigned only to DMVPN tunnel interface.
Excuse a few hacks a had to use... default routed via default-originate for example :-)
Hub
R10-P#sh run int tu0
Building configuration...
Current configuration : 281 bytes
interface Tunnel0
vrf forwarding DMVPN
ip address 192.168.1.1 255.255.255.0
no ip redirects
ip nhrp map multicast dynamic
ip nhrp network-id 1
ip nhrp shortcut
ip nhrp redirect
tunnel source Loopback0
tunnel mode gre multipoint
tunnel protection ipsec profile PRO
end
R10-P#sh run | s r b
router bgp 65000
bgp log-neighbor-changes
network 192.168.111.0
redistribute static
neighbor 10.112.112.1 remote-as 65001
neighbor 10.112.112.1 route-map SPOKES_MPLS in
default-information originate
address-family ipv4 vrf DMVPN
neighbor 192.168.1.101 remote-as 65001
neighbor 192.168.1.101 activate
neighbor 192.168.1.102 remote-as 65002
neighbor 192.168.1.102 activate
exit-address-family
R10-P#sh run | s vrf defini
vrf definition DMVPN
rd 1:1
route-target export 100:1
route-target import 100:1
address-family ipv4
import ipv4 unicast map DEFAULT
export ipv4 unicast map SPOKE_SUBNETS
route-target export 100:1
route-target import 100:1
exit-address-family
address-family ipv6
route-target export 100:1
route-target import 100:1
exit-address-family
Result on spoke
R1-PE#traceroute 192.168.102.1 source e2/0
Type escape sequence to abort.
Tracing the route to 192.168.102.1
VRF info: (vrf in name/id, vrf out name/id)
1 192.168.1.1 [AS 65000] 5 msec 10 msec 2 msec
2 192.168.1.102 [AS 65000] 4 msec * 5 msec
R1-PE#traceroute 192.168.102.1 source e2/0
Type escape sequence to abort.
Tracing the route to 192.168.102.1
VRF info: (vrf in name/id, vrf out name/id)
1 192.168.1.102 [AS 65000] 6 msec * 6 msec
routing on hub
(sanitized)
R10-P# sho ip route
Gateway of last resort is 10.100.100.2 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 10.100.100.2
10.0.0.0/8 is variably subnetted, 13 subnets, 2 masks
B 192.168.101.0/24 [20/0] via 10.112.112.1, 00:06:40
B 192.168.102.0/24 [20/0] via 192.168.1.102 (DMVPN), 00:00:03
192.168.111.0/24 is variably subnetted, 2 subnets, 2 masks
R10-P# sho ip route vrf DMVPN
Routing Table: DMVPN
Gateway of last resort is 10.100.100.2 to network 0.0.0.0
B* 0.0.0.0/0 [20/0] via 10.100.100.2, 00:06:40
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, Tunnel0
L 192.168.1.1/32 is directly connected, Tunnel0
B 192.168.101.0/24 [20/0] via 192.168.1.101, 00:06:40
B 192.168.102.0/24 [20/0] via 192.168.1.102, 00:06:25 -
MPLS BGP routes push to DMVPN spokes
I have an MPLS with BGP. I also have sites that are not connected directly to the MPLS, but have a s2s VPN to hub sites that are connected to the MPLS and that way they access the MPLS resources. I need to communicate the route changes to the MPLS when the DMVPN fails-over to another hub.
Currently this is my config:
Datacenter (MPLS only)
interface GigabitEthernet0/1
description MPLS
ip address 192.168.0.34 255.255.255.252
interface Vlan2
ip address 192.168.96.2 255.255.255.0
router bgp 65511
bgp log-neighbor-changes
network 192.168.96.0
neighbor 192.168.0.33 remote-as 65510
Hub site 1 (MPLS + internet)
interface Tunnel200
ip address 10.99.99.1 255.255.255.0
no ip redirects
ip mtu 1400
ip nhrp authentication auth
ip nhrp map multicast dynamic
ip nhrp network-id 12345
ip nhrp holdtime 600
tunnel source GigabitEthernet0/0
tunnel mode gre multipoint
tunnel key 200
tunnel protection ipsec profile dmvpn
interface GigabitEthernet0/1
description MPLS
ip address 192.168.1.2 255.255.255.0 secondary
ip address 192.168.0.2 255.255.255.252
router bgp 65001
bgp log-neighbor-changes
network 192.168.1.0
network 192.168.21.0
!10.99 clients are DMVPN spokes
neighbor 10.99.99.3 remote-as 99010
neighbor 10.99.99.3 route-reflector-client
neighbor 10.99.99.21 remote-as 99001
neighbor 10.99.99.21 route-reflector-client
!as 65000 is the MPLS PE
neighbor 192.168.0.1 remote-as 65000
Hub Site 2, has the same configuration, except for local ip address and router BGP ID.
Spoke site:
interface Tunnel200
ip address 10.99.99.3 255.255.255.0
no ip redirects
ip mtu 1400
ip nhrp authentication auth
ip nhrp map 10.99.99.1 PUBLIC_IP_HUB_1
ip nhrp map 10.99.99.16 PUBLIC_IP_HUB_2
ip nhrp network-id 12345
ip nhrp holdtime 600
ip nhrp nhs 10.99.99.1 priority 1
ip nhrp nhs 10.99.99.16 priority 5
ip nhrp nhs fallback 60
tunnel source GigabitEthernet0/0
tunnel mode gre multipoint
tunnel key 200
tunnel protection ipsec profile dmvpn
interface GigabitEthernet0/1
description Internal
ip address 192.168.3.1 255.255.255.192
router bgp 99010
bgp log-neighbor-changes
network 192.168.3.0
neighbor 10.99.99.1 remote-as 65001
neighbor 10.99.99.16 remote-as 65013
On this spoke site
#sh ip route
B 192.168.1.0/24 [20/0] via 10.99.99.1, 00:47:01
which is the HUB network, but the rest of the MPLS routes are not "learned".
What am I missing?
Thanks!Hi Jon, I've ommited the configuration of the MPLS provider routers in between. The DC is connected to a router that has the AS 65510.
DC:CPE---PE:{MPLS}PE---CPE:HUB---{internet}---Spoke
The DC is ok getting the network information via BGP:
#sh ip route
B 192.168.3.0/24 [20/0] via 192.168.0.33, 3d05h
B 192.168.21.0/24 [20/0] via 192.168.0.33, 3d05h
#sh ip bgp 192.168.21.0
BGP routing table entry for 192.168.21.0/24, version 559
Paths: (1 available, best #1, table default)
Not advertised to any peer
Refresh Epoch 1
65510 3549 6140 3549 65000
192.168.0.33 from 192.168.0.33 (###.###.###.###)
Origin IGP, localpref 100, valid, external, best
#sh ip route 192.168.21.0
Routing entry for 192.168.21.0/24
Known via "bgp 65511", distance 20, metric 0
Tag 65510, type external
Last update from 192.168.0.33 3d05h ago
Routing Descriptor Blocks:
* 192.168.0.33, from 192.168.0.33, 3d05h ago
Route metric is 0, traffic share count is 1
AS Hops 5
Route tag 65510
MPLS label: none
Spoke:
#sh ip bgp
BGP table version is 494, local router ID is 192.168.21.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 10.0.129.32/27 10.99.99.16 0 65013 65012 3549 ?
*> 192.168.96.0 10.99.99.16 0 65013 65012 3549 6745 65510 ?
#sh ip route 192.168.96.0
Routing entry for 192.168.96.0/24
Known via "bgp 99001", distance 20, metric 0
Tag 65013, type external
Last update from 10.99.99.16 00:02:11 ago
Routing Descriptor Blocks:
* 10.99.99.16, from 10.99.99.16, 00:02:11 ago
Route metric is 0, traffic share count is 1
AS Hops 5
Route tag 65013
MPLS label: none
#sh ip bgp 192.168.96.0
BGP routing table entry for 192.168.96.0/24, version 465
Paths: (1 available, best #1, table default)
Not advertised to any peer
Refresh Epoch 2
65013 65012 3549 6745 65510
10.99.99.16 from 10.99.99.16 (10.2.16.1)
Origin incomplete, localpref 100, valid, external, best
The route is not being updated to the rest of the routers, and the 192.168.21.0 network is still announced via the old route.
(from spoke)
ping 192.168.96.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.96.2, timeout is 2 seconds:
Success rate is 0 percent (0/5)
From DC
#traceroute 192.168.21.1
Type escape sequence to abort.
Tracing the route to 192.168.21.1
VRF info: (vrf in name/id, vrf out name/id)
1 192.168.0.33 [AS 65510] 0 msec 0 msec 0 msec
2 172.50.1.33 [AS 65510] 56 msec 36 msec 36 msec
3 10.80.1.1 [AS 3549] 44 msec 44 msec 44 msec
4 10.80.1.2 [AS 3549] 172 msec 172 msec 168 msec
5 172.50.1.1 [AS 3549] 168 msec 168 msec 172 msec
6 172.50.1.2 [AS 3549] 180 msec 180 msec 176 msec
7 192.168.0.2 [AS 65000] 172 msec 172 msec 168 msec <- old route, should be 192.168.0.9
8 192.168.0.2 [AS 65000] !H * !H -
MPLS for Private WAN between 2 service provider
Hello All,
we are current running an MPLS network from service provider 1 across our Branch office network. we need moe redudnancy and are looking to add another MPLS cloud from service provider 2. How would we integrate service provider 2 onto the same Cisco routers due to the fact the only 1 BGP AS can run inside the router? Any info would be appreciated.Hi vpollifrone
For this Scenario whereby we have a single router and already peered with one ISP on private AS and now need peering with another ISP on Public AS we can make use of the "local-as" feature provided we own a Public AS...
This way we can establish peering with the new ISP using the Public AS as the local AS in the neighbourship config and also reatain the existing peering with old ISP..What we need to make sure is that while sending update to the second ISP we replace the original private AS with the Public AS....
Below commands will be handy for same..
R5(config)#router bgp 64515
R5(config-router)#neighbor x.x.x.x local-as zzzz ?
no-prepend Do not prepend local-as to updates from ebgp peers
R5(config-router)#neighbor x.x.x.x local-as zzzz no
R5(config-router)#neighbor x.x.x.x local-as zzzz no-prepend ?
replace-as Replace real AS with local AS in the EBGP updates
R5(config-router)#neighbor x.x.x.x local-as zzzz no-prepend
R5(config-router)#neighbor x.x.x.x local-as zzzz no-prepend replace-as
You can refer the below very Useful Cisco Document for same
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t11/feature/guide/gtbgpdas.html
Hope this helps to answer your query.
Regards
Varma -
What card would I need to terminate MPLS?
I am thinking I would need a couple of VWIC2-2MFT-T1/E1's?
I have two routers where I need to purchase some sort of T1 module that can terminate a connection for MPLS. All things being equal I guess I’d like to install a module that can support two T1’s.
I’m including the sh ver and sh inventory for each site.
Please let me know if you need additional information.
GW-MAD#sh ver
Cisco IOS Software, 2800 Software (C2800NM-ADVSECURITYK9-M), Version 12.4(15)T7, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Wed 13-Aug-08 17:09 by prod_rel_team
ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)
GW-MAD uptime is 1 year, 30 weeks, 4 days, 10 hours, 2 minutes
System returned to ROM by Reload Command
System restarted at 21:59:36 CST Wed Nov 4 2009
System image file is "flash:c2800nm-advsecurityk9-mz.124-15.T7.bin"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
Cisco 2811 (revision 53.51) with 249856K/12288K bytes of memory.
Processor board ID FTX1315A01A
2 FastEthernet interfaces
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity enabled.
239K bytes of non-volatile configuration memory.
62720K bytes of ATA CompactFlash (Read/Write)
Configuration register is 0x2102
GW-MAD#sh inventory
NAME: "2811 chassis", DESCR: "2811 chassis"
PID: CISCO2811 , VID: V06 , SN: FTX1315A01A
GW-NY#sh ver
Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.0(1)M4, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Thu 28-Oct-10 18:32 by prod_rel_team
ROM: System Bootstrap, Version 15.0(1r)M9, RELEASE SOFTWARE (fc1)
GW-NY uptime is 18 weeks, 6 hours, 10 minutes
System returned to ROM by reload at 03:00:00 EST Tue Feb 1 2011
System restarted at 03:01:24 EST Tue Feb 1 2011
System image file is "flash0:c2900-universalk9-mz.SPA.150-1.M4.bin"
Last reload type: Normal Reload
Last reload reason: Reload Command
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
Cisco CISCO2901/K9 (revision 1.0) with 483328K/40960K bytes of memory.
Processor board ID FTX145001FM
2 Gigabit Ethernet interfaces
1 Serial interface
DRAM configuration is 64 bits wide with parity enabled.
255K bytes of non-volatile configuration memory.
254464K bytes of ATA System CompactFlash 0 (Read/Write)
License Info:
License UDI:
Device# PID SN
*0 CISCO2901/K9 FTX145001FM
Technology Package License Information for Module:'c2900'
Technology Technology-package Technology-package
Current Type Next reboot
ipbase ipbasek9 Permanent ipbasek9
security None None None
uc None None None
data datak9 Permanent datak9
Configuration register is 0x2102
GW-NY#sh inventory
NAME: "CISCO2901/K9 chassis", DESCR: "CISCO2901/K9 chassis"
PID: CISCO2901/K9 , VID: V02 , SN: FTX145001FM
NAME: "WAN Interface Card - HWIC CSU/DSU on Slot 0 SubSlot 0", DESCR: "WAN Interface Card - HWIC CSU/DSU"
PID: HWIC-1DSU-T1 , VID: V01 , SN: FOC14472D53
NAME: "C1941/C2901 AC Power Supply", DESCR: "C1941/C2901 AC Power Supply"
PID: PWR-1941-2901-AC , VID: , SN:
GW-NY#Both 3800 and 3900 series support T1 interfaces. I see, you already have one serial interface in your 3900.
As for MPLS, you don't have to necessarily run MPLS. You can peer from each location with the service provider and let them take care of MPLS/VPN etc...
http://www.cisco.com/en/US/products/ps5855/products_relevant_interfaces_and_modules.html
HTH -
Point to Mulipoint L2VPN trunks over MPLS
Can we have trunk between more than 2 CE over MPLS in short we are looking for the point to multipoint MPLS L2 VPN where more than 2 CE will share the common ethernet segment over MPLS to share the vlan database
Let me give more info @ solution which we are trying find out
CE1,CE2,CE3 & CE4 are the core switches at respective location, we are looking for the same vlan database between these core switches over the MPLS
CE1 will be connected to PE1
CE2 will be connected to PE2
CE3 will be connected to PE3
CE4 will be connected to PE4
so can we have the L2 vpn between CE1,CE2,CE3 & CE4 where the interface connected to respective PE's will be TRUNK ?hi
thanks for the pdf, I had tried the VPLS earlier. the circuit are coming up but I am not able to ping between CE's Vlan ip address although VC are up
PE end config
interface GigabitEthernet1/35
description L2 Connectivity to KBL039SW1 (TEMP)
switchport
switchport access vlan 100
switchport mode dot1q-tunnel
l2protocol-tunnel cdp
CE-1 end config
interface FastEthernet1/0/48
switchport trunk encapsulation dot1q
switchport mode trunk
end
int vlan 100
ip address 10.10.10.1 255.255.255.0
other end vlan 100 ip address is 10.10.10.2 but not able to ping this ip address from CE-1
any guess what cpuld be the problem? -
Cisco Prime LMS MPLS monitoring
Hi all, have anyone used Cisco Prime LMS for MPLS xconnect monitoring?
Currently when these traps arrive to Cisco Prime LMS they are classified as "InformAlarm Unidentified Trap Generic".
Is it maybe possible to load the correct MIB for these traps and get Cisco Prime LMS to understand them correctly?
The raw traps looks like this:
xconnect down:
09:58:42.352760 IP (tos 0x40, ttl 245, id 12, offset 0, flags [none], proto: UDP (17), length: 114) routerhost.51591 > lmshost.snmptrap: [udp sum ok] { SNMPv1 { Trap(71) E:cisco.10.106.2 10.130.1.13 enterpriseSpecific s=1 424011509 E:cisco.10.106.1.2.1.26.2=2 E:cisco.10.106.1.2.1.26.2=2 } }
xconnect up:
09:59:48.597894 IP (tos 0x40, ttl 245, id 14, offset 0, flags [none], proto: UDP (17), length: 114) routerhost.51591 > lmshost.snmptrap: [udp sum ok] { SNMPv1 { Trap(71) E:cisco.10.106.2 10.130.1.13 enterpriseSpecific s=2 424018144 E:cisco.10.106.1.2.1.26.2=1 E:cisco.10.106.1.2.1.26.2=1 } }
I found some more info about the traps at:
http://tools.cisco.com/Support/SNMP/do/BrowseMIB.do?local=en&step=2&mibName=CISCO-IETF-PW-MIB-V1SMI
BR /CrilleHere is an update:
After discussing with TAC there seems to be 2 possible solutions in LMS right now:
1. Create a threshold that monitors the specific OID for the xconnect vc and generate alarm if it changes.
2. Configure the device to send syslog when a xconnect state changes and create an "automated syslog action".
I have not tried either of them yet so I dont know which one works best, but option 2 seems easiest (its a one time config). -
MPLS issues with redundant PE routers
Hello,
i'd like to set up an mpls lab. the layout of the gear is attached (mpls.jpg) At site A i have to PE router R4 and R6 which should have knowledge of the network 10.0.129.0/24 from site B. Router R1 is configured as a route reflector. the configuration of R1, R4, R5 and R6 are attached as well.
with the configuration
Routing Table R6
O E2 10.0.129.0 [110/1] via 172.16.128.9, 00:04:37, FastEthernet0/1.200
Routing table R4
B 10.0.129.0 [200/11] via 150.1.5.5, 00:05:00
a traceroute shows the path goes through R4 instead direkt through R1
Tracing the route to 10.0.129.1
VRF info: (vrf in name/id, vrf out name/id)
1 172.16.128.9 4 msec 0 msec 4 msec
2 172.16.128.1 [MPLS: Labels 19/29 Exp 0] 96 msec 100 msec 96 msec
3 150.1.0.2 [MPLS: Labels 19/29 Exp 0] 68 msec 64 msec 68 msec
4 172.16.129.9 [MPLS: Label 29 Exp 0] 64 msec 64 msec 64 msec
5 172.16.129.10 40 msec * 36 msec
show bgp vpnv4 unicast all 10.0.129.0 indicates an error
Rack1R6# show bgp vpnv4 unicast all 10.0.129.0
BGP routing table entry for 200:1:10.0.129.0/24, version 63
Paths: (1 available, best #1, table CENTRAL, RIB-failure(17) - next-hop mismatch)
Not advertised to any peer
Local
150.1.5.5 (metric 67) from 150.1.1.1 (150.1.1.1)
Origin incomplete, metric 11, localpref 100, valid, internal, best
Extended Community: RT:200:1 OSPF DOMAIN ID:0x0005:0x000000C80200
OSPF RT:0.0.0.0:3:0 OSPF ROUTER ID:172.16.129.242:0
Originator: 150.1.5.5, Cluster list: 150.1.1.1
mpls labels in/out nolabel/29
Rack1R4#show bgp vpnv4 unicast all 10.0.129.0
BGP routing table entry for 200:1:10.0.129.0/24, version 146
Paths: (1 available, best #1, table CENTRAL)
Not advertised to any peer
Local
150.1.5.5 (metric 67) from 150.1.1.1 (150.1.1.1)
Origin incomplete, metric 11, localpref 100, valid, internal, best
Extended Community: RT:200:1 OSPF DOMAIN ID:0x0005:0x000000C80200
OSPF RT:0.0.0.0:3:0 OSPF ROUTER ID:172.16.129.242:0
Originator: 150.1.5.5, Cluster list: 150.1.1.1
mpls labels in/out nolabel/29
any ideas what i have to do in order to have a redundant path towards site B?
thanks in advanced
AlexHi Alex,
I think you still have redundancy via R6, but BGP route on R6 is not getting installed in routing table because it is having OSPF route with lesser AD value. If R4 goes down, R6 will loose OSPF route for 10.0.129.0/24 coming from R4, install BGP route ,redistribute this to OSPF and will advertise it to SW4.
Routing Table R6
O E2 10.0.129.0 [110/1] via 172.16.128.9, 00:04:37, FastEthernet0/1.200
Rack1R6# show bgp vpnv4 unicast all 10.0.129.0
BGP routing table entry for 200:1:10.0.129.0/24, version 63
Paths: (1 available, best #1, table CENTRAL, RIB-failure(17) - next-hop mismatch)
Not advertised to any peer
Local
150.1.5.5 (metric 67) from 150.1.1.1 (150.1.1.1)
Origin incomplete, metric 11, localpref 100, valid, internal, best
Extended Community: RT:200:1 OSPF DOMAIN ID:0x0005:0x000000C80200
OSPF RT:0.0.0.0:3:0 OSPF ROUTER ID:172.16.129.242:0
Originator: 150.1.5.5, Cluster list: 150.1.1.1
mpls labels in/out nolabel/29
Maybe you are looking for
-
Satellite P300D-10V - Turn off by high temperature
Hi! I have a TOSHIBA Satellite P300D-10V and I have a problem with overheating! When I load my CPU with 2,2 GHz for a long time, it turn off by high temperature! What must be my solution about this problem? "Normal" temperature for my laptop is aroun
-
How do I email an event from iCal on the iPad?
Hi, how do I email an event to someone from the iCal app on the iPad? Does it populate in an email? Thank you, Chris
-
How do I copy a dvd onto my macbook pro?
how do I copy a DVD onto my macbook pro?
-
How do I install Camera Raw 4.6 ?
I have PS CS3 and a Nikon D90, To open the RAW (NEF) files I obviously need to install a compatible version of camera raw which is 4.6 (CS3 is camera raw 4) I have downloaded camera raw 4.6 from adobe website but it makes no difference, I still cant
-
I'm thinking of buying Aperture and importing my iPhoto library into it. Once I've done this, can I restore the photo within Aperture to its original version as it was when it was originally imported into iPhoto? Thanks Steve