MPLS network CE1A pinging CE1B other side

Im trying to expand my knowledge about MPLS but have a bunch of questions. Here is one. In a MPLS network, should the CEA1 from one side ping the the other CEB1 and viceversa? I can see the route in the routing table from both side, however ping doesnt past thru.  Explain?             

Hi Pedro,
Yuu should be able to ping, if you have setup MPLS L3 VPN correctly  and if you don't have any configs to drop the ping
First you need to chec kif your LSP is fine.
1. Check if  you have MPLS IP configured on the core devices and Core facing interfaces of PE. make sure you have cef enabled on the routers
To check if the LSP is fine, try a ping between PEs using source and destination as VRF IPs
Share your topoplogy. That will hep

Similar Messages

  • I have two location one is Delhi(IP-192.168.100.*) and another is Mumbai(IP-192.168.1.*) and both are connected by MPLS line and ping with each other. We have one DC in Delhi location and domain name is CAPLDC and Delhi location all PC is member of this

    I have two location one is Delhi(IP-192.168.100.*) and another is Mumbai(IP-192.168.1.*) and both are connected by MPLS line and ping with each other.
    We have one DC in Delhi location and domain name is CAPLDC and Delhi location all PC is member of this domain and working properly.
    now i am trying join the Mumbai location PC with my Domain(CAPLDC) but they are not join with my DC and generate the error.
    I have chek the DNS and nslookup all are correct but this is generate error. 
     Is this possible Mumbai location join with this Domain(CAPLDC)???
    One more thing when i have created another DC with this name (papldc.com) then Mumbai location is joined properly.
    Pls find the error message below and also find the attachment.
    Note: This information is intended for a network administrator.  If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt.
    The domain name "capldc" might be a NetBIOS domain name.  If this is the case, verify that the domain name is properly registered with WINS.
    If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.
    DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain "capldc":
    The query was for the SRV record for _ldap._tcp.dc._msdcs.capldc
    The following domain controllers were identified by the query:
    capldcserver.capldc
    win-dyfq2poc88q.capldc
    However no domain controllers could be contacted.
    Common causes of this error include:
    - Host (A) or (AAAA) records that map the names of the domain controllers to their IP addresses are missing or contain incorrect addresses.
    - Domain controllers registered in DNS are not connected to the network or are not running.
    Pankaj Kumar

    Why are you using a single labeled domain? I would recommend renaming the domain name to be something like domain.com.
    Please refer to the articles below to fix your current issue:
    http://www.wincert.net/tips/networking/1614-cant-join-pc-to-a-domain-with-single-label.html
    http://www.itgeared.com/articles/1128-using-single-label-dns-names-for-active/
    This posting is provided AS IS with no warranties or guarantees , and confers no rights.
    Ahmed MALEK
    My Website Link
    My Linkedin Profile
    My MVP Profile

  • I want to increase my wireless network coverage upstairs and to the other side of my house. I have an airport extreme down stairs, can I get another one upstairs and hard wire it in?

    I want to increase my wireless network coverage upstairs and to the other side of my house. I have an airport extreme down stairs, can I get another one upstairs and hard wire it in?

    Yes.
    It has been covered recently. I as interested in same question matter of fact but I will have to look up details or you could search.
    Bob Timmons has contributed to this question so look his up and find it as well.
    See this link;
    https://discussions.apple.com/message/18017606#18017606
    Also this;
    https://discussions.apple.com/message/18077215#18077215
    Message was edited by: WilliamNewMart, to add links and correct spelling.

  • In our enterprise MPLS network we are using 192.168.20.0/24 subnet, in this subnet we have not assigned the IP 192.168.20.200/30 & 204/30, But still these subnets are reachable . Are these NNI IP ...Please explain.

    In our enterprise MPLS network we are using 192.168.20.0/24 subnet, in this subnet we have not assigned the IP 192.168.20.200/30 & 204/30, But still these subnets are reachable . Are these NNI IP ...Please explain.

    I have checked with ISP, there response is like below:
    Those are the NNI to GBNET IPs for Dominican Republic. They are Network IPs. You should be able to ping them-that means they are working.
    WANRT01#show  ip route | include 192.168.20.20
    B        192.168.20.200/30 [20/0] via 192.168.20.226, 02:18:29
    B        192.168.20.204/30 [20/0] via 192.168.20.226, 02:18:29
    Here its shows from any of our MPLS site we are able to trace the IP and it seems like, 192.168.20.204/30 is one more site but in actual its not.
    INMUMWANRT01#ping 192.168.20.205
    Type escape sequence to abort.
    Sending 5, 100-byte ICMP Echos to 192.168.20.205, timeout is 2 seconds:
    Success rate is 100 percent (5/5), round-trip min/avg/max = 224/232/260 ms
    INMUMWANRT01#trace              
    INMUMWANRT01#traceroute 192.168.20.205
    Type escape sequence to abort.
    Tracing the route to 192.168.20.205
    VRF info: (vrf in name/id, vrf out name/id)
      1 192.168.20.226 24 msec 24 msec 24 msec
      2 192.168.20.206 [AS 8035] 232 msec 232 msec 252 msec
      3 192.168.20.205 [AS 8035] 224 msec 224 msec *

  • MPLS network design questions

    we have in our company 230 remote sites, and we are changing all of our circuits to MPLS. wondering if i need to get a high end router in our Data Center? currently we have 3925. also what is the best routing protocol to use in this kind of network? Eigrp or ospf? MPLS will be hosted by the service provider

    I have found that the provider typically wants to know exactly what routes you will be advertising when using EIGRP or OSPF. This is something they will have to configure on their network to allow. For example EIGRP routes flow from Site A to Site B and you have a new subnet to use for an application. You put the proper network statements in EIGRP and are not learning routes on the other side. You would then have to fill out a form or call a support number to get your new network to the other side.
    With BGP there is much more control over what you can advertise with adding networks. With 230 sites you will feel the benefit quickly if you start growing and adding subnets in data centers or additional sites.

  • Debugging and monitoring MPLS networks

    Hi ,
    I've had the following problem with a customer of ours and I'd like to know if there's any tools I can use in the future to better diagnose the problem if it may arise again.
    The customer is a bank with hundreds of brnach sites. All of them are connected to the corporate via a MPLS network managed by a local TELCO company .
    In the last ten days they have experienced long delays during logons of users in the branch sites . This delay has been initially thought due to new operating systems deployed on the clients ( XP ) . In fact there's a rollout of XP computers at all the branch sites .
    Trying to troubleshoot the problem we have started looking at all OS related known problems but found nothing important.
    Next I tried looking at the network connections with the few tools I have ( basically ping , traceroute and protocol analyzer ) but all seemed ok .
    Having no access to the telco routers I monitored the corporate's switch ports to which the two telco router are attched .
    Finally I found some packet discarded and could call the telco and having the routers checked.
    They found a problem , they didn't told us what it was , and suddendly most of the problems were gone.
    This was really tricky because a part from the slow logon we had no other mulfunctions . I found the problem thanks to a Microsoft tool to check group policy problem which point me to possible networks problem.
    The question , after this long post , is ; is there any tool, agent , software I can install or use to check MPLS network efficiency having no access to the TELCO routers ?
    Thanks in advance
    Stefano Colombo
    CCNA - CCSP
    MCSE NT/2k/2003 Messaging

    havent not told us what the actual problem was it is kinda difficult to suggest tools. However IF this was an MTU issue then you should have used ping with the DF bit set to see how big a packet you could get over the mpls network. Let us know what the issue was and hopefully we can be a bit more detailed in our responses.
    HTH

  • Venturing into MPLS Network

    Hi all, it is just my curiousity that ended up with a small discussion like this. Here's about it...
    My company has a main client which have tonnes of remote sites connecting to both their HQ and Disaster Recovery Centre. Some of the remote sites still running on frame-relay, while other is purely leased-line. There's a few question I wish I can clear up as follows:
    i. When the client have frame-relay device, what we do is create a tunnel and route all the frame-relay traffic over. Is there any advantage if we change it over to MPLS?
    ii. Even if comparing to leased-line services, what kind of advantages I can expect if our cliet migrate over to leased-line?
    iii. If one customer is running purely on frame-relay connectivity, any difficulties will arise when they want to switch over to MPLS network?
    I still never has any hands on experience on the MPLS, that's why need to gather some info in the first place, I'm currently have a glance through those MPLS guides and configuration examples, but I knew that perhaps in real-life network, things may differs, in the meanwhile I'm studying through it, hope to gather some precious opinions. Regards

    Hello,
    Regarding answer iii: What you have to use inside the MPLS cloud is MBGP to route the customer prefixes. In your LAN however you will have an IGP like EIGRP. This means you need mutual redistribution between MBGP and your IGP. So a routing loop can occur once you have at least two pathes. An Example:
    N1-CE1 - PE1 - PE2 - CE2
    with: CE1 - PE1 using RIP, CE2 - PE2 using RIP, PE1 - PE2 using MBGP and a FR PVC between CE1 - CE2 using RIP
    This would be the case when you migrate from FR to MPLS VPN and do not shut down FR the very moment you activate the MPLS links.
    What can happen in this scenario is: CE1 is announcing Network N1 through RIP to CE2 directly over the FR PVC and also to PE1. PE1 will redistribute N1 into MBGP, send the prefix to PE2, which will redistribute N1 into RIP and send the update to CE2.
    Now depending on implementation and metrics this will result in all traffic flowing over FR or MPLS (when adjusting metrics). No major problem yet.
    The problem might occur once CE1 looses network N1. It will send an update directly to CE2 and to PE1 and a race condition exists. CE2 will still have one valid path to N1 learned from PE2 and announce this one to CE1, which will announce it to PE1 and then PE2, CE2, CE1 again and so on.
    This is an intermittend or even persistent routing loop, depending on what you have done with hop count during redistribution.
    By designing your overall routing solution carefully you can avoid this scenario.
    Hope this helps! Please rate all posts.
    Regards, Martin

  • Access issue with Terminal server in MPLS network

    Hi,
    i have MPLS network and i have installed windows server 2003 with terminal server.
    Problem - every 40 minutes, 2 hours server stopped pinging in spoke network while this worked in LAN,when we trace it by pinging of server IP address we get RTO,
    after rebooting the server, we can easily access the server and work for again 40 to 2 hours.i am not able to understand the problem
    i have troubleshoot -
    1. restarted all network media during the problem
    2. reset the LAN card of server
    3. restarted the server
    after all, it is not resolved.
    please help me here to solve this issue.
    Thanks,
    Damodar
    Regards, Damodar

    Hi Abrante
    thanks for your response but the issue of tftpboot still seems to be there. I am unable to find the issue here. We users try to load their images from the /tftpboot directory on the routers they get the following error messages
    Error loading file: errno = 0x3c.
    Can't load boot file!!
    They are able to connect to another tftpboot server without any issues at all. I am not sure if I have missed out any configuration parameters while enabling tftp. Is there anywhy I can find tftp log files on the server.

  • Path Selection for Routes Across MPLS Network

    Customer hub site has two CE routers with two links connected to two seperate PE routers in the Carrier's MPLS network. At the customer's remote site one CE router on a single link is connected to PE router in MPLS network.
    How can I configure the CE routers at the hub site to advertised the same network across the MPLS network to the CE router at the remote site? Also, how can I configure the CE router at the remote site to select on of the router as the primary and the other as secondary? Can I use local-preference on the CE router at the remote site to selected on path over the other.
    I'm not sure if this makes any sense. Any help will be appreciated. Thanks

    Even with multiple RDs for VRFs belonging to the same VPN, you still need IBGP multipath, correct? Multiple RDs is just to get around the RR restriction.
    Also, you posted this message a while back:
    "If you have many VPN customers all using the same addresses (most likely rfc1918), the fact that they have different RDs and that the PE prepends the RD to the prefixes exchanged between PEs will make the same prefixes different in the MPLS VPN core
    cust1 advertises 192.168.1.0/24 with RD 1:1 therefore
    VPNv4 prefix is 1:1:192.168.1.0
    cust2 advertises 192.168.1.0/24 with RD 1:2 therefore
    VPNv4 prefix is 1:2:192.168.1.0"
    My test lab does not support the IBGP multipath command, and thus even with different RDs, it still only installs one best path.
    I understand that RD = make unique VPNv4 routes in SP space, and that RT = what to import into the VRF. However, I am having a hard time visualizing the scenario with mutiple RDs for the same VPN for load balancing purposes. I am trying to understand the logic behind it.
    Per your example, if both 1:1 and 1:2 are received by the remote PE, assuming IBGP multipath is enabled, why would the remote PE load balance between the two links? Why would it assume that the hub subnets are reachable via two different PEs, and that it's not two different, isolated VPNs altogether?
    Is it b/c you imported both 1:1 and 1:2 into a VRF at the remote PE?

  • L3 mpls network with out P router, all PE to PE plus daisy chainging

    Guys, is it possible to run a core l3 MPLS network over 7600s and 3800s with out any P routers? The reason i aak is because of the particular situation where we will have to daisy chain PE routers due to lack of fiber.
    any thoughts?

    As martin says absolutley limited problems with this it will work a charm UNTIL yo urun into scaling issues. You are daisy chaining all the PEs which would also suggest to me that you are daisy chaining your RRs. In an mpls network the RR's have enough state to handle to keep them busy enough without also having to deal with passing labels about the network. Also you will have any cisco account team breaking down your door putting the fear of god into you for not having at least 2 P routers ;-). So yes you can indeed run it like you say but the lifetime of your network will be very limited indeed. If your not an SP then dont be concerned - unless you are an enterprise with 10000000s routes then id start to worry. Oh they (cisco) also state that PEs also have enough to do in their life without passing labelled packets about the place. sit and think about what your poor PE is having to do daily it could be 100 vrfs routing tables, which in turn means layer 3 lookups to find out where the packet has to go, qos, multicast, bgp, ospf, rip, eigrp, your own internal IGP, TE tunnels, RSVP - this poor router has enough to do without also adding transit traffic. ;-)

  • Interface flapping and always shows up/up even other side is shutdown

    Hi, there, I have a interface flapping issue in my network. 2 Cat3560 is connected through 2 trunk port configured with port-channel. When I shutdown one of port in Vlan100, other 2 ports in the same vlan will flap going up and down and OSPF will lose the neighbor. One thing I notice that is when I shutdown the switch port, on the other side of router, the L1-L2 is still up/up. I think it should be up/down. I have a keepalive setting on the router interface to 1800. Any body can give me some hints here to troubleshoot?
    Here is the switch configs.
    Building configuration...
    no service pad
    ip subnet-zero
    ip routing
    no ip domain-lookup
    spanning-tree mode pvst
    no spanning-tree optimize bpdu transmission
    spanning-tree extend system-id
    interface Port-channel1
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 999
    switchport trunk allowed vlan 100,200,300,400,600,700
    switchport mode trunk
    interface GigabitEthernet0/1
    switchport access vlan 600
    speed 100
    duplex full
    interface GigabitEthernet0/2
    switchport access vlan 100
    speed 100
    duplex full
    interface GigabitEthernet0/3
    switchport access vlan 600
    speed 100
    duplex full
    interface GigabitEthernet0/4
    switchport access vlan 700
    speed 100
    duplex full
    interface GigabitEthernet0/5
    switchport access vlan 700
    speed 100
    duplex full
    interface GigabitEthernet0/6
    switchport access vlan 100
    speed 100
    duplex full
    interface GigabitEthernet0/7
    switchport access vlan 100
    speed 100
    duplex full
    interface GigabitEthernet0/8
    switchport access vlan 100
    interface GigabitEthernet0/9
    switchport access vlan 100
    speed 100
    duplex full
    interface GigabitEthernet0/10
    switchport access vlan 100
    speed 100
    duplex full
    interface GigabitEthernet0/11
    switchport access vlan 100
    speed 100
    duplex full
    interface GigabitEthernet0/12
    switchport access vlan 100
    speed 100
    duplex full
    interface GigabitEthernet0/13
    switchport access vlan 100
    speed 100
    duplex full
    interface GigabitEthernet0/14
    switchport access vlan 100
    speed 100
    duplex full
    interface GigabitEthernet0/15
    switchport access vlan 100
    speed 100
    duplex full
    interface GigabitEthernet0/16
    switchport access vlan 100
    speed 100
    duplex full
    interface GigabitEthernet0/17
    speed 100
    duplex full
    interface GigabitEthernet0/27
    switchport access vlan 400
    interface GigabitEthernet0/28
    switchport access vlan 400
    interface GigabitEthernet0/29
    switchport access vlan 400
    interface GigabitEthernet0/30
    switchport access vlan 200
    interface GigabitEthernet0/31
    switchport access vlan 200
    interface GigabitEthernet0/45
    switchport access vlan 500
    speed 100
    duplex full
    interface GigabitEthernet0/46
    switchport access vlan 500
    speed 100
    duplex full
    interface GigabitEthernet0/47
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 999
    switchport trunk allowed vlan 100,200,300,400,600,700
    switchport mode trunk
    channel-group 1 mode on
    interface GigabitEthernet0/48
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 999
    switchport trunk allowed vlan 100,200,300,400,600,700
    switchport mode trunk
    channel-group 1 mode on
    interface Vlan1
    no ip address
    shutdown
    interface Vlan100
    ip address 192.168.40.11 255.255.252.0
    no ip redirects
    no ip proxy-arp
    standby 1 ip 192.168.40.1
    standby 1 priority 110
    standby 1 preempt
    standby 1 track Vlan600 20
    interface Vlan200
    no ip address
    interface Vlan600
    ip address 192.168.35.1 255.255.255.0
    router ospf 7
    log-adjacency-changes
    network 192.168.0.0 0.0.255.255 area 0
    ip classless
    =====================
    When I shutdown interface gig 0/2, interface gig0/3 and gig0/4 will go down as well and come back online after a while.
    Thanks for your help.

    Your question is really missing a BUNCH of details, but I will take a stab at it:
    1) Why on earth do you have a keepalive set to 1800 seconds on the router?
    2) Your discussion and config above only talks about qty 2 c3560 switches. Where is the router in this topology?
    3) You are going against several Cisco best practices here with your trunk ports:
    a) I would never config a port-channel as mode 'on' because the switches will ignore any errors on the ports that would not keep the channel stable because you have configured them to hard set on. ALWAYS set the port channel to mode 'desirable silent'. The config needs to match on both ends of the link.
    b) I would never config a port as a trunk mode 'on' without also running UDLD. It appears that your 2-port port-channel trunk above is using copper ports. You MUST enable UDLD on the copper gigabit ports manually (UDLD is enable by default on fiber gigabit ports). You may need to 'udld enable' globally on the switch depending on the IOS version. Obviously, as above, the same config needs to be done on both switches.
    4) The log message that you get when you say ports g0/3 and g0/4 go down, is that for just VLAN 100 or are they line-protocol messages?
    5) When port g0/2 goes down, are there any other ports in VLAN 100 still up?
    6) What are the results of the following commands:
    show int g0/3 switchport
    show spanning-tree summary
    show spanning-tree int po1
    show spanning-tree int g0/2
    show spanning-tree int g0/3
    show spanning-tree int g0/4
    show spanning-tree vlan 100
    show spanning-tree vlan 600
    show int status
    show etherchannel summary
    show etherchannel detail
    show int trunk mod 0
    Post more details and I'll try to help...

  • Equivalent for an "IP accounting" in MPLS Network

    Do we have an equivalent for an IP accounting in an interface in MPLS network. I would like to know this to identify traffic flowing across a WAN interface which is being tag/label switched

    Thanks gopal. However this command "show tag-switching forwarding table" did not help me find a host in a network choking up the WAN link. I heard from one of the cisco reps saying cisco is releasing an IOS to do this in Feb. I hope that helps.

  • VOIP MPLS network only 40-50% utilized

    We are in the process of upgrading our bandwidth at our branch locations into 3 Mbps MPLS networ and we only run Citrix traffic and IP Voice (Interoffice calls) from our Branch locations into our HQ.
    We expect Bandwith utilization to typically max out at 1.6 MBPS. Do you think we need to configure QoS for the voice traffic since the circuit will only be 40-50 percent utilized? My thinking was why should I configure QoS if the bandwidth is only at 40 - 50 percent. The voice traffic should have enough bandwidth to communicate over the wire.
    Is my thinking correct or should I configure QoS across this MPLS network? If I should confiure QoS what type do you recommend.
    Any responses are greatly appreciated

    Hi,
    I would configure QoS, because there are not only sunny days in life ...
    What if you catch Nimda version 7.2beta, i.e. the newest worm out there trying to blast any valid IP in your network? I would not want to explain to my CEO why we lost telephony as well ...
    So on a more technical level: QoS is needed to do resource management. As such you are right in that QoS is not needed if you have enough resources. Yet, who can guarantee this in an IP network at any point in time? I would put it QoS just as an insurance though it would not be needed during normal operation.
    Saying this I might add that this is the appropriate usage anyhow, as QoS will not solve issues arising from constant lack of bandwidth. Queueing is meant to handle exceptions. There is always the possibility of the unforseen.
    Hope this helps! Please rate all posts.
    Regards, Martin

  • Running Large Backups over an MPLS Network

    We are opening up a second data center at my organization. The location is about 60 miles from our primary data center.
    At our primary data center we use an MPLS network for our WAN. We have ll remote locations on our WAN and we have a DS-3 that connects to our primary data center.
    At our new second data center we will connect it to the MPLS network.
    Do you think we should run our backups between the 2 data centers across the MPLS or do you think we should order a seperate private line or ethernet type service between the 2 data centers? All back ups from our primary data center will continually move across the network to our new secondary data center.
    Do you think MPLS is a good technology to run large back ups across? Is it reliable enough

    "Do you think MPLS is a good technology to run large back ups across?"
    Sure.
    "Is it reliable enough"
    Depends more on your MPLS provider than the technology itself.
    Two issues that may be more important to you vs. how "reliable" MPLS is, might be cost of bandwidth vs. other technologies or sharing the MPLS bandwidth with non-backup applications. The latter would depend much on what QoS that might be available to you to insure your backup traffic doesn't adversely impact non-backup traffic.

  • MPLS network design challenge

    Hi,
    I have a design issue for which I really like your help.
    In a MPLS network there are twoPOP gateway routers (G1,G2) peering with various MPLS VPN Service providers via B2B vrf eBGP peering are in 4 different ASN's. They inturn all peer via VPNv4 eBGP with the Core ASN which comprises of  2 Nos VPNv4 RR's and every site in the ASN haveing 2 P/PE per site. Every P/PE is peering via VPNv4- iBGP with the VPNv4 RR's. The RR's are not in the forwarding path of the traffic.
    Every site has 2 Nos CE routers and each CE router does a vrf based ebgp peering with the P/PE's.
    The P/PE routers import 2Nos RT exported by the 2 Nos POP G/w routers and inturn selects the best path and pass it to the CE routers.
    Now it is seen that the P/PE of all sites is selecting the best path adverstised by G1 instead of  G2 based on the AS PATH length and the shortest path is being adverstised by G1. So till a situation arises that the G1 is down till that time the P/PE's are forwarding the outbound traffic from the CE to G1 even also when the IGP cost is adding up high and when there is a direct link failure from the P/PE site to G1 site.
    It therefore makes sense that if the direct physical link form a P/PE site to the site G1 is located goes down ,the P/PE's then should choose  G2 via another path even when G1 is available.
    Does these sort of requirements ever come in SP environments from customers ? if so what are the solutions ..
    Thanks in advance
    Kas

    Hi kas,
    This type of requirement come to providers and there are few options which provider can implement.
    1- Play with local preference along with import map in vrf if requirement is customer specific. I mean if one customer want that G1 should be primary exit point and other customer want G2 as primary exit than he can use import map (which is similar to route-map )
    ip vrf ABCD
    rd XX
    import map ABCD
    route-target export XX
    route-target import YY
    route-map ABCD permit 20
    set local-preference >100
    2- Or you can play with As-path prepending option if you want to skip selection based on local preference.
    it is in provider interest to provide you solution. as there are options of affecting traffic by using communities.
    Please provide diagram and some config for complete solution.
    Regards
    Mahesh

Maybe you are looking for