MPLS-TE Tunnel (FRR) Issue

Hi
Need some discussion on MPLS - TE tunnel issue.
One of Tunnel with FRR configured, creates problem after a while affects the traffic running on the link until I shut the tunnel manually.
Configs are ok because same configurations made for different cities to authenticate to a AAA server located in one of city.
following is the generic diagram and complete config for respective links in all 3 cities but the tunnel on link highlighted with RED arrow creates problem after a while not at once until I shut the tunnel,
The Platform is Cisco CISCO7609-S and all links are on 7600-SIP-400 module
interface GigabitEthernet2/2/0
description *** Physical Interface ***
dampening
mtu 9216
ip address x.x.x.x x.x.x.x
no ip redirects
no ip proxy-arp
ip ospf message-digest-key 1 md5 7 xxx
ip ospf network point-to-point
load-interval 30
carrier-delay msec 0
negotiation auto
mpls traffic-eng tunnels
mpls traffic-eng backup-path Tunnel2300
mpls ip
service-policy output egress_policy
hold-queue 4096 in
hold-queue 4096 out
ip rsvp bandwidth percent 95
ip rsvp signalling dscp 48
end
x.x.x.x#sh running-config int tun 1300
Building configuration...
Current configuration : 377 bytes
interface Tunnel1300
description *** Primary Tunnel ***
ip unnumbered Loopback0
shutdown
mpls ip
tunnel destination x.x.x.x
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng path-option 10 explicit name path-1300
tunnel mpls traffic-eng fast-reroute
end
x.x.x.x#sh running-config int tun 2300
Building configuration...
Current configuration : 332 bytes
interface Tunnel2300
description *** Backup Tunnel ***
ip unnumbered Loopback0
shutdown
mpls ip
tunnel destination x.x.x.x
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng path-option 10 explicit name path-2300
tunnel mpls traffic-eng record-route
end

Hi,
Issue was figured out, the traffic was dropping dut to EF tagged traffic in the service policy applied under the physical interface.
The limit of EF tagged traffic was defined less as per actual traffic which was causing drop in peak hours

Similar Messages

MPLS TE tunnel not coming up - RSVP issue?

Hello,
I have two routers R2 and R5 back to back and I am trying to create an MPLS TE tunnel between them. R2 already has one tunnel up and running to another router R1.
I think my issue is that no RSVP traffic is being sent by R2 or R5. Here is my interface config on R5 and some show commands:
R5#show run int s2/0
Building configuration...
Current configuration : 143 bytes
interface Serial2/0
ip address 192.168.25.5 255.255.255.0
mpls traffic-eng tunnels
fair-queue 64 256 32
ip rsvp bandwidth 1000 1000
end
R5#show ip int brief s2/0
Interface IP-Address OK? Method Status Protocol
Serial2/0 192.168.25.5 YES NVRAM up up
R5#show ip rsvp counters in s2/0
Serial2/0 Recv Xmit Recv Xmit
Path 0 0 Resv 0 0
PathError 0 0 ResvError 0 0
PathTear 0 0 ResvTear 0 0
ResvConfirm 0 0 ResvTearConfirm 0 0
UnknownMsg 0 0 Errors 0 0
R5#
I have mpls traffic-eng tunnels on all routers and interfaces. Here here is my tunnel config on R5 towards R2:
R5#show run int tun 2
Building configuration...
Current configuration : 174 bytes
interface Tunnel2
ip unnumbered Loopback0
tag-switching ip
tunnel destination 10.0.0.2
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng path-option 1 dynamic
end
I also am learning all addresses via OSPF so R5 does have a route (and can ping) 10.0.0.2 (R2's loopback)
Any ideas where this is failing? Why isn't RSVP sending packets?
Thanks,

Here you go. I have made some changes since then but nothing major. Just adding interfaces under the OSPF MPLS traffic-eng to see if that will work. Also, there is a couple tunnels you see that I have not started to work on yet. Tunnel 5 on R2 points to R5. Tunnel 2 on R5 points to R2.
=====================================
R2:
R2# show run
Building configuration...
Current configuration : 1965 bytes
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname R2
logging buffered 16384 debugging
ip subnet-zero
ip cef
no ip domain-lookup
mpls label protocol ldp
mpls traffic-eng tunnels
tag-switching tdp router-id Loopback0
interface Loopback0
ip address 10.0.0.2 255.255.255.255
interface Tunnel1
ip unnumbered Loopback0
tunnel destination 10.0.0.1
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng path-option 1 dynamic
interface Tunnel3
ip unnumbered Loopback0
tag-switching ip
tunnel destination 10.0.0.3
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng path-option 1 dynamic
interface Tunnel5
ip unnumbered Loopback0
tunnel destination 10.0.0.5
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng path-option 1 dynamic
interface FastEthernet1/0
ip address 205.127.233.242 255.255.254.0
speed 100
full-duplex
interface Serial2/0
ip address 192.168.12.2 255.255.255.0
mpls traffic-eng tunnels
fair-queue 64 256 37
ip rsvp bandwidth 1500 1500
interface Serial2/1
bandwidth 20000
ip address 192.168.25.2 255.255.255.0
mpls traffic-eng tunnels
fair-queue 64 256 37
ip rsvp bandwidth 1000 1000
interface Serial2/2
no ip address
shutdown
interface Serial2/3
no ip address
shutdown
router ospf 1
router-id 10.0.0.2
log-adjacency-changes
network 10.0.0.2 0.0.0.0 area 0
network 192.168.12.0 0.0.0.255 area 0
network 192.168.23.0 0.0.0.255 area 0
network 192.168.25.0 0.0.0.255 area 0
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
mpls traffic-eng interface Serial2/0 area 0
mpls traffic-eng interface Serial2/1 area 0
mpls traffic-eng interface Loopback0 area 0
ip classless
ip http server
ip pim bidir-enable
call rsvp-sync
mgcp profile default
dial-peer cor custom
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
end
R2#
====================================
R5:
R5#show run
Building configuration...
Current configuration : 1492 bytes
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
hostname R5
logging buffered 16384 debugging
ip subnet-zero
no ip domain-lookup
mpls label protocol ldp
mpls traffic-eng tunnels
tag-switching tdp router-id Loopback0
interface Loopback0
ip address 10.0.0.5 255.255.255.255
interface Tunnel2
ip unnumbered Loopback0
tunnel destination 10.0.0.2
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng path-option 1 dynamic
interface Serial2/0
ip address 192.168.25.5 255.255.255.0
mpls traffic-eng tunnels
fair-queue 64 256 32
ip rsvp bandwidth 1000 1000
interface Serial2/1
ip address 192.168.45.5 255.255.255.0
shutdown
mpls traffic-eng tunnels
fair-queue 64 256 37
ip rsvp bandwidth 1000 1000
interface Serial2/2
no ip address
shutdown
fair-queue 64 256 37
ip rsvp bandwidth 10000 10000
interface Serial2/3
no ip address
shutdown
router ospf 1
router-id 10.0.0.5
log-adjacency-changes
network 10.0.0.5 0.0.0.0 area 0
network 192.168.25.0 0.0.0.255 area 0
network 192.168.45.0 0.0.0.255 area 0
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
mpls traffic-eng interface Serial2/0 area 0
mpls traffic-eng interface Loopback0 area 0
ip classless
ip http server
ip pim bidir-enable
call rsvp-sync
mgcp profile default
dial-peer cor custom
end
R5#
======================================
thanks

MPLS TE tunnels doesn't come up after BGP arrived at the scene

Hi folks,
I was running a little lab where I had an mpls te tunnel running fine from one router located at the border of the network to the other, I was using ISIS as the IGP. Everything was fine untill I added BGP to the lab and suddenly the tunnel turn down. I want to know if I got to add an additional configuration to my PE routers to succesfully bring up my tunnel like before. My tunnel's explicits path were LSR-PE2 and LSR PE1. My topology looks like this.
                                 LSR
         eBGP         /               \          eBGP
ASx ------------ PE1 ----------------- PE2--------------ASy
                               iBGP
Thanks,
Francis.

Here I leave the configurations and I correct myself about the network topology, I added a pic about the exact topology too. The tunnel is built PE1-R1-R3.
PE1 - R0
clns routing
mpls label protocol ldp
mpls traffic-eng tunnels
interface Loopback0
ip address 10.201.0.0 255.255.255.255
ip router isis
interface Tunnel0
ip unnumbered Loopback0
tunnel destination 10.201.0.3
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng priority 5 5
tunnel mpls traffic-eng bandwidth 1000
tunnel mpls traffic-eng path-option 10 explicit name te
no routing dynamic
interface FastEthernet0/0
bandwidth 100000
ip address 10.200.0.1 255.255.255.252
ip router isis
duplex auto
speed auto
mpls label protocol ldp
mpls ip
mpls traffic-eng tunnels
ip rsvp bandwidth 75000
ip rsvp resource-provider none
interface FastEthernet1/0
bandwidth 100000
ip address 10.200.0.5 255.255.255.252
ip router isis
duplex auto
speed auto
mpls label protocol ldp
mpls ip
mpls traffic-eng tunnels
ip rsvp bandwidth 85000
ip rsvp resource-provider none
interface FastEthernet2/0
ip address 190.80.239.1 255.255.255.252
duplex auto
speed auto
router isis
net 49.0123.0000.0000.0000.00
is-type level-1
metric-style wide
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-1
router bgp 6400
no synchronization
bgp log-neighbor-changes
network 190.80.239.0 mask 255.255.255.252
neighbor 10.201.0.4 remote-as 6400
neighbor 10.201.0.4 password cisco
neighbor 10.201.0.4 update-source Loopback0
neighbor 190.80.239.2 remote-as 1630
neighbor 190.80.239.2 password cisco
no auto-summary
ip explicit-path name te enable
next-address 10.201.0.1
next-address 10.201.0.3
mpls ldp router-id Loopback0
LSR- R1
clns routing
mpls label protocol ldp
mpls traffic-eng tunnels
interface Loopback0
ip address 10.201.0.1 255.255.255.255
ip router isis
interface FastEthernet0/0
bandwidth 100000
ip address 10.200.0.6 255.255.255.252
ip router isis
duplex auto
speed auto
mpls label protocol ldp
mpls ip
mpls mtu 1508
mpls traffic-eng tunnels
ip rsvp bandwidth 75000
ip rsvp resource-provider none
interface Serial1/0
bandwidth 1500
ip address 10.200.0.9 255.255.255.252
ip router isis
encapsulation ppp
mpls label protocol ldp
mpls ip
mpls traffic-eng tunnels
serial restart-delay 0
ip rsvp bandwidth 1200
ip rsvp resource-provider none
interface Ethernet2/0
bandwidth 10000
ip address 10.200.0.13 255.255.255.252
ip router isis
full-duplex
mpls label protocol ldp
mpls ip
mpls mtu 1508
mpls traffic-eng tunnels
ip rsvp bandwidth 7500
ip rsvp resource-provider none
router isis
net 49.0123.0000.0000.0001.00
is-type level-1
metric-style wide
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-1
mpls ldp router-id Loopback0
LSR-R3
ip cef
no ip domain lookup
mpls label protocol ldp
mpls traffic-eng tunnels
interface Loopback0
ip address 10.201.0.3 255.255.255.255
ip router isis
interface Tunnel0
ip unnumbered Loopback0
tunnel destination 10.201.0.0
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng priority 5 5
tunnel mpls traffic-eng bandwidth 1000
tunnel mpls traffic-eng path-option 10 explicit name te
no routing dynamic
interface FastEthernet0/0
bandwidth 100000
ip address 10.200.0.2 255.255.255.252
ip router isis
duplex auto
speed auto
mpls label protocol ldp
mpls ip
mpls traffic-eng tunnels
ip rsvp bandwidth 75000
ip rsvp resource-provider none
interface Serial1/0
bandwidth 1500
ip address 10.200.0.10 255.255.255.252
ip router isis
encapsulation ppp
mpls label protocol ldp
mpls ip
mpls traffic-eng tunnels
serial restart-delay 0
isis metric 1677214
ip rsvp bandwidth 1200
interface Ethernet2/0
bandwidth 10000
ip address 10.200.0.14 255.255.255.252
ip router isis
full-duplex
mpls label protocol ldp
mpls ip
mpls traffic-eng tunnels
ip rsvp bandwidth 7500
ip rsvp resource-provider none
interface FastEthernet3/0
bandwidth 100000
ip address 10.200.0.17 255.255.255.252
ip router isis
duplex auto
speed auto
mpls label protocol ldp
mpls ip
mpls traffic-eng tunnels
isis metric 1677214
ip rsvp bandwidth 75000
router isis
net 49.0123.0000.0000.0003.00
is-type level-1
metric-style wide
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-1
ip explicit-path name te enable
next-address 10.200.0.13
next-address 10.201.0.0
mpls ldp router-id Loopback0
PE2- R4
ip cef
no ip domain lookup
clns routing
mpls label protocol ldp
mpls traffic-eng tunnels
interface Loopback0
ip address 10.201.0.4 255.255.255.255
ip router isis
interface FastEthernet0/0
bandwidth 10000
ip address 10.200.0.18 255.255.255.252
ip router isis
duplex auto
speed auto
mpls label protocol ldp
mpls ip
mpls traffic-eng tunnels
ip rsvp bandwidth 75000
interface FastEthernet1/0
ip address 190.80.239.5 255.255.255.252
duplex auto
speed auto
router isis
net 49.0123.0000.0000.0004.00
is-type level-1
metric-style wide
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-1
router bgp 6400
no synchronization
bgp log-neighbor-changes
network 190.80.239.4 mask 255.255.255.252
neighbor 10.201.0.0 remote-as 6400
neighbor 10.201.0.0 password cisco
neighbor 10.201.0.0 update-source Loopback0
neighbor 190.80.239.6 remote-as 36256
neighbor 190.80.239.6 password cisco
no auto-summary
mpls ldp router-id Loopback0

MPLS TE tunnels with DS-TE - step2

Dear Sir!
in Further to my previous thread (MPLS TE tunnels with DS-TE), I'll want to implement this solution:
One of the ways to solve this problem is to use different BGP next-hops for the prefixes (probably VoIP prefixes) that attract the LLQ-bound traffic .
PE1----PE2
Either PE2 would need to change the next-hop from Loo0 to Loo10 (say) and advertise those (VoIP) VPN prefixes (for this VPN) to PE1,
or let PE1 change the next-hop for the relevant prefixes via an import-map within that VRF.
And then you could use the tunnel10's destination to be the Loop10 IP address
Rajiv Asati .
as Rajiv Asati says, because of I've 36x0 routers, which don't support CBTS (Class Based TUnnel selection).
But when I try to make tunnel10's destination to be the Loop10 IP address, then I find that line protocol of this tunnel is DOWN (of course, Lo10-network are in IGP protocol of MPLS TE domain)
when I make
PE1:
interface Tunnel10
description for LLQ
ip unnumbered Loopback0
tunnel destination PE2-lo10-ip
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng priority 0 0
tunnel mpls traffic-eng bandwidth sub-pool 2048
tunnel mpls traffic-eng path-option 1 dynamic
end
sh mpls traf tu Tu10
command I find that:
Shortest Unconstrained Path Info:
Path Weight: UNKNOWN
Explicit Route: UNKNOWN
History:
Tunnel:
Time since created: 9 minutes, 46 seconds
Path Option 1:
Last Error: PCALC:: Destination IP address, PE2-lo10-ip, not found
(of course, Lo10-network are in IGP protocol of MPLS TE domain)
I don't understand - why (can I've for MPLS TE tunnel destination other address that MPLS TE RID)?
Can you suppose what is my possible mistake?
Best regards,
Maxim Denisov

You need to change the next-hop outbound under address-family vpnv4 as follow:
bgp xx
address-family vpnv4
neighbor route-map setNH out
route-map setNH permit 10
match extcommunity 1
set ip next-hop
route-map setNH permit 20
match extcommunity 2
set ip next-hop
route-map setNH permit 30
ip extcommunity-list 1 permit rt
ip extcommunity-list 2 permit rt
Hope this helps,

MPLS TE tunnel autoroute announce metric in SPF computation

Hi, I have a doubt whether MPLS TE tunnel metric is taking into SPF computation when the tunnel has "autoroute announce" configured.
From the book "MPLS traffice enginnering" written by Osbourn, IGP SPF computation is always performed before tunnel metric is modified, I found this is only true if IGP is ISIS, but if IGP is OSPF, tunnel metric specified by "autoroute metric" will always be taken into SPF computation, a.k.a, if tunnel metric is configured to be less than underlying IGP metric, a suboptimal routing will always happen to destination routers that are in between tunnel head and tunnel tail.
Any idea why there is a inconsistent behavior between OSPF and ISIS SPF computation? or I missed anything?

Hi,
You're right. There is a different behavior between OSPF and ISIS on how they handle the autoroute metric feature.
ISIS: TE tunnel metric is not taken into account during SPF computation.
OSPF: TE tunnel metric is taken into account during SPF computation.
So playing with this feature can change the SPT if your IGP is OSPF.
The difference seems coming from the SPF implementation of OSPF and ISIS
HTH
Laurent.

MPLS TE Tunnel priority

Hi ,
I have a doubt on MPLS TE tunnel selection for LSP. I understood that by using the TE tunnels , suppose if have 3 different path to reach the next hop router. we can set a priority by using the command tunnel mpls traffic-eng priority (set priority) (hold priority).
if i have configured tunnel 1 and i have given tunnel mpls traffic-eng priority 1 1 and the back up tunnel for this is tunnel 2 and the relevant priority is tunnel mpls traffic-eng priority 2 2 , so now the first tunnel is the first best path to reach the desired next hop Ldp ID and if the link associated with that tunnel is down the automatically the back up tunnel with the priority 2 2 should come up.
and i need in rare case if both the links associated with the Tunnel 1 and tunnel are down then the 3rd tunnel should come up. For achieving this is it enough if i create another one tunnel 3 and give the command tunnel mpls traffic-eng priority 3 3.
Or since i have 3 seperate path to reach the next hop router , is it possible to do the load balancing between LSP. if its good to do the load balancing how can we achieve this.
Regards,
Hariharan k

yes, you can configure load balancing, all tunnels toward the same destination appear as equal-cost paths, even when their TE bandwidths are not the same.
config is given below
interface Tunnel0
ip unnumbered Loopback0
tunnel destination a.b.c.d
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng priority 7 7
tunnel mpls traffic-eng path-option 1 explicit path1
interface Tunnel1
ip unnumbered Loopback0
tunnel destination 172.16.0.21
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng priority 7 7
tunnel mpls traffic-eng path-option 1 explicit path2
after this if you run the show ip route command, you will see the two paths listed in routing table.
regards
shivlu jain

MPLS TE tunnel problem

Hi,
i created MPLS TE tunnel between three Cisco 2811 series routers and configured that MPLS TE tunnel will reserve 1Mbps of bandwidth.Then I started to send constant 3 Mbps data flow trough the MPLS TE tunnel (everything looks ok: tunnel is up, bandwidth is reserved, all the data flow entering the tunnel). The problem is that data flow leaving the tunnel at 3Mbps rate. Why tunnel dont limit data rate?????

The tunnel doesn't do rate-limiting. Bandwidth at the tunnel level is only a control plane feature.
You need to configure admission control on the tunnel headend with CAR or some other form of rate limiting if you want to enforce the tunnel reserved bandwidth.
Hope this helps,

MPLS TE tunnel protection (FRR) in a ring topology

Hi Friends,
Requesting you all to please share your experiences on MPLS-TE protection (in a ring), like best practices, caveats, feasibility, 'should I really think about it', etc...
Thanks
~sultan

Hello Martin,
Glad to see your response!
My objective is to achieve sub sec failover for L2/L3VPNs.
Basic background:
Currently we have two POPs for providing L2/L3VPNs, and will be adding two more.
We have FRR enabled with static LSPs.
We use 7600 for L3VPNs (7600 PE/P) and connecting to the STM backbone.
While for L2VPNs we use ME6524 (PE for L2VPN) with 7600 acting as 'P' for the same.
There are TE tunnels on 7600 for L3VPNs and 6524s for L2VPNs.
Connectivity within the POPs is through GigE links.
I hope these details would help...
Thanks again..
~sultan

MPLS-TE Tunnel up/down

Hi,
Trying to build out an xconnect to follow a specific path (a longer path). I cannot get the tunnel to come up. I dont know what I missed. everything else looks ok. All interfaces are up and working, except the tunnel itself.
I've included the MPLS portion of the config, if I missed something let me know. I did enable the MPLS-TE in OSPF on the routers inbetween. I have connectivity inbetween.
Router 1:
ip cef
mpls label protocol ldp
mpls traffic-eng tunnels
mpls label protocol ldp
mpls traffic-eng tunnels
pseudowire-class 5001
encapsulation mpls
preferred-path interface Tunnel5001
interface Loopback10
ip address 10.201.1.4 255.255.255.255
interface Tunnel5001
ip unnumbered Loopback10
tunnel mode mpls traffic-eng
tunnel destination 10.201.1.2
tunnel mpls traffic-eng path-option 1 explicit name strict
tunnel mpls traffic-eng path-selection metric te
interface FastEthernet2/0
xconnect 10.201.1.2 5001 encapsulation mpls pw-class 5001
router ospf 100
router-id 10.201.1.4
mpls traffic-eng router-id Loopback10
mpls traffic-eng area 0
ip route 10.201.1.2 255.255.255.255 Tunnel5001
ip explicit-path name strict enable
next-address 10.201.1.3
next-address 10.201.1.1
next-address 10.201.1.2
Router 2:
ip cef
mpls label protocol ldp
mpls traffic-eng tunnels
pseudowire-class 5001
encapsulation mpls
preferred-path interface Tunnel5001
interface Loopback10
ip address 10.201.1.2 255.255.255.255
interface Tunnel5001
ip unnumbered Loopback10
tunnel mode mpls traffic-eng
tunnel destination 10.201.1.4
tunnel mpls traffic-eng path-option 1 explicit name strict
tunnel mpls traffic-eng path-selection metric te
interface FastEthernet2/0
xconnect 10.201.1.4 5001 encapsulation mpls pw-class 5001
router ospf 102
router-id 10.201.1.2
mpls traffic-eng router-id Loopback10
mpls traffic-eng area 0
ip route 10.201.1.4 255.255.255.255 Tunnel5001
ip explicit-path name strict enable
next-address 10.201.1.1
next-address 10.201.1.3
next-address 10.201.1.4
From router 1. Both Router 1 and Router 2 show the samething.
show mpls l2transport vc detail
Local interface: Fa2/0 up, line protocol up, Ethernet up
Destination address: 10.201.1.2, VC ID: 5001, VC status: up
Output interface: Fa1/1, imposed label stack {22}
Preferred path: Tunnel5001, no route
Default path: active
Next hop: 192.168.102.13
Create time: 00:10:13, last status change time: 00:10:13
Last label FSM state change time: 00:10:13
Signaling protocol: LDP, peer 10.201.1.2:0 up
Targeted Hello: 10.201.1.4(LDP Id) -> 10.201.1.2, LDP is UP
Status TLV support (local/remote) : enabled/supported
LDP route watch : enabled
Label/status state machine : established, LruRru
Last local dataplane status rcvd: No fault
Last BFD dataplane status rcvd: Not sent
Last BFD peer monitor status rcvd: No fault
Last local AC circuit status rcvd: No fault
Last local AC circuit status sent: No fault
Last local PW i/f circ status rcvd: No fault
Last local LDP TLV status sent: No fault
Last remote LDP TLV status rcvd: No fault
Last remote LDP ADJ status rcvd: No fault
MPLS VC labels: local 22, remote 22
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description:
Sequencing: receive disabled, send disabled
Control Word: On (configured: autosense)
Dataplane:
SSM segment/switch IDs: 4101/4100 (used), PWID: 1
VC statistics:
transit packet totals: receive 0, send 0
transit byte totals: receive 0, send 0
transit packet drops: receive 0, seq error 0, send 0
show int tun 5001
Tunnel5001 is up, line protocol is down
Hardware is Tunnel
Interface is unnumbered. Using address of Loopback10 (10.201.1.4)
MTU 17936 bytes, BW 100 Kbit/sec, DLY 50000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
Tunnel source 10.201.1.4, destination 10.201.1.2
Tunnel protocol/transport Label Switching
Tunnel transmit bandwidth 8000 (kbps)
Tunnel receive bandwidth 8000 (kbps)
Last input never, output never, output hang never
Last clearing of "show interface" counters 00:27:10
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/0 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out

Hi,
One issue what i can see is, you have mentioned loopback ips in the explicit-path not the interface ip addresses. This can not be strict path and you have to mention next-address as loose (which means router will refer IGP to reach the next-hop)
ip explicit-path name strict enable
next-address 10.201.1.1
next-address 10.201.1.3
next-address 10.201.1.4
Correct way
ip explicit-path name strict enable
next-address loose 10.201.1.1
next-address loose 10.201.1.3
next-address loose 10.201.1.4
To troubleshoot TE
- first you can remove the explicit path and try to bring it up with dynamic path, which will help to confirm that configuration is ok on all routers in the path
- i hope you have configured "ip rsvp" on all physical intrfaces.
- If with dynamic path option also link does not come up, please share output of command "show mpls traffic-eng tunnels tunnel5001
--Pls dont forget to rate helpful posts--
Regards,
Akash

Guest Wireless Tunnelling - DHCP Issue

Hi,
I'm attempting to implement Guest Anchor tunnelling between two WLC's but I've run into an odd issue I cannot find a clear answer to.
We have two 5508 WLC's, both Running 7.4.100.0.
The Guest Anchor Controller obviously resides in a DMZ, it's functionality has been proven by connecting an AP directly to it, and connecting the the guest WLAN.
The two controllers have been configured as Mobility Peers, the Mobility Tunnel between them is up (mping and eping both successful, status is up).
The Guest WLAN has been replicated on both controllers, I have set the Mobility Anchor on the WLAN. The Guest Anchor has itself as the mobility anchor and the Internal Controller has the Guest Anchor set.
DHCP is provided by the Guest Anchor's internal DHCP Server. DHCP Proxy is enabled on both Controllers, with the Option 82 format set to AP-MAC. Both Controllers WLAN settings are set to DHCP Server Override, pointed to the Management IP of the Guest Anchor and DHCP Addr. Assignment required.
The problem I'm experiencing is with connecting clients through the Internal WLC. The Client Associates to the Internal WLC and obtains a lease from the Guest Anchor and connects to the network. A few seconds later the client is dessociated from the internal controller. On every subsequent connection attempt, the client does not recieve a response to it's DHCP Requests, and hence ends up with an apipa address.
The Message logs on two controllers return the following errors:
INTERNAL CONTROLLER:
*apfReceiveTask: Jun 27 14:03:25.839: #APF-4-HANDOFF_END_RCVD: apf_mm.c:1626 Handoff end received in wrong role (peer Ip: 0.0.0.0, sender:GUEST_ANCHOR_IP, Role:0) for mobile Client_MAC
GUEST ANCHOR CONTROLLER:
*DHCP Server: Jun 27 14:03:14.466: #DHCP-4-REQIP_NOT_PRESENT: dhcpd.c:559 Received a packet without a requested ip!.
Has anyone else seen similar behaviour? Does anyone have an ideas what might be causing this?
Many Thanks,
Paul

Hi George,
Thanks for the reply.
The Guest WLAN on the Internal Controller is Anchored to the WLC in the DMZ. The Guest Anchor is anchored to itself.
There are only two controllers in the configuration, so breaking off one of the Anchors isn't really an option.
I have tested the Guest Anchor as a Standalone WLC by connecting an AP directly to it, in that configuration DHCP works as expected.

Ping Packet Loss across MPLS TE Tunnels

Hello...Please Help,
I have a Single Area OPSF network running across 4 main routers via GigEth Ckts. The OSPF Network is working correctly. I recently implemented MPLS TE creating two Tunnels - One Explicit Path and One Dynamic Path. Two of the Routers also have a T1 Frame Relay Link over which the Explicit path is configured. It is up and woking but I am experiencing 50-60 percent packet loss when pinging between these PE routers. When I force it to the dynamic tunnel it follows the same FR path and experiences the same packet loss. There is no packet loss anywhere else in the network.
This is a Lab environment w/three LAN's Two 7206VXR & Two 3745 routers and Three 3550 Switches - one per LAN
Suggestions?

Thank You for your response. The problem may not be an MPLS TE problem.
But would my "path-option" and "priority" being set the same for the Dynamic and Explicit Tunnels cause one tunnel to come up and the other go down and cease to signal. Right now I have one or the other working when viewed w/the "show mpls traffic-eng tunnels" command. If I take one down the other works.
The IPs are 10.1.101.1 & 2/30 respectively for the FR Link. That was a Typo...I have corrected it.
The FR interfaces are not SubInt's as the Serial Interface holds the IP address. These are strictly Point to Point but I have the "IP OSPF Network Broadcast" command set and OSPF going across them.
I have SubInt's set on the Gi0/3 Interface.
Gi0/3.1 & 3.10 for VLAN's 1 & 10
There are not any drops when pinging from Within the routers "Interface to Interface".
But when I ping the LAN Node to Node or from within the Router "if" I do not specify an "interface source" I receive the drops.
The result is the same from either side of the Network on both of the 7206 Routers.
Thanks, Kevin

MPLS TE tunnel Bandwidth and ip rsvp bandwidth

I have some questions about how to reserve bandwidth in MPLS TE enviorment.
1. We must IP RSVP bandwidth in all concern interface in MPLS TE enviroment, right?
2. What's the goal of ip rsvp bandwidth?
3. Tunnel MPLS traffic-enginerring bandwitdh XXX, the command define flow bandwidth initiated by head-end, if sending more than XXX flow, how does it work? Drop excessive packet in the flow?
Any point is welcome! Thanks!

Hello,
just today I found some time to read RFCs. and found:
4124 Protocol Extensions for Support of Diffserv-aware MPLS Traffic Engineering. F. Le Faucheur, Ed.. June 2005. (Format: TXT=79265 bytes) (Status: PROPOSED STANDARD)
4125 Maximum Allocation Bandwidth Constraints Model for Diffserv-aware MPLS Traffic Engineering. F. Le Faucheur, W. Lai. June 2005. (Format: TXT=22585 bytes) (Status: EXPERIMENTAL)
4126 Max Allocation with Reservation Bandwidth Constraints Model for Diffserv-aware MPLS Traffic Engineering & Performance Comparisons. J. Ash. June 2005. (Format: TXT=51232 bytes) (Status: EXPERIMENTAL)
4127 Russian Dolls Bandwidth Constraints Model for Diffserv-aware MPLS Traffic Engineering. F. Le Faucheur, Ed.. June 2005. (Format: TXT=23694 bytes) (Status: EXPERIMENTAL)
4128 Bandwidth Constraints Models for Differentiated Services (Diffserv)-aware MPLS Traffic Engineering: Performance Evaluation. W. Lai. June 2005. (Format: TXT=58691, PDF=201138 bytes) (Status: INFORMATIONAL)
4201 Link Bundling in MPLS Traffic Engineering (TE). K. Kompella, Y. Rekhter, L. Berger. October 2005. (Format: TXT=27033 bytes) (Updates RFC3471, RFC3472, RFC3473) (Status: PROPOSED STANDARD)
Basically these standards allow to combine congestion management and MPLS TE. The standard says a router "may allocate ressources" based on the MPLS TE reservations.
So MPLS DiffServ-aware TE can deliver both TE and QoS.
Regards, Martin

Mpls-te tunnel bakcup

which are cisco mpls-te supporting about frr,
lsp backup,link backup and node backup.
thanks.

Sorry I jumped the gun. Path protection will be available in 12.0(30)S, which is scheduled to be out sometime this month.
Hope this helps,

SA520W - SSLVPN Tunnel Installation issues

Our SA520W SSLVPN has been working great for past 3 months, however since yesterday no one is able to connect to it. Everyone is getting this error.
Error: A connection to the remote computer could not be established. You might need to change the network settings for this connection.
Coudl someone help me with this error, what is it, and what caused it? Nothing changed on the SA520.

Let’s try these steps on your machines:
1.       Logon to https://SA500publicipaddress
a.      Username and Password is
b.     Click on "VPN Tunnel
c.       Click on SSL tunnel icon.
d.     Once in log off.
2.       Clear your "view objects" Xtunnel.dll
a.       Tools
b.     Internet options.
c.       On the general tab -> click on the settings button on the
Browser history section.
d.     Click on the view objects
e.     Clear your Xtunnel.dll file
3.       Logon to your 2.1.72 box
try this fix, this might indicate that the previous VPN client did not uninstall correctly from your PC. Workaround Clean up the previous client installation by following these
Steps:
* In Internet Explorer, on the Tools menu, click Internet Options.
* On the General tab, click Settings.
* Click View Objects.
* Delete all object files then prelaunch the browser.
If this workaround does not resolve the problem, do the following:
* Click Start and then click Control Panel. Double-click System.
* On the Hardware tab, click Device Manager.
* Double-click Network Adapters. Right-click the Vpn Tunnel ssldrv adapter and click Uninstall.
* Restart your system.
Jasbryan

MPLS TE Tunnels configuration

Hello.
I have the following doubt. What happens if I configure one TE tunnel in both ends. I have read that is enough configure only one side.
Thanks

The LSP starts on PE on which Tunnel was built and ends on some ther PE, and its unidirectional. To have bidirectional you need to make two Tunnels on each end.
HTH,
Gaurav Prakash

MPLS-TE Tunnel (FRR) Issue

Similar Messages

Maybe you are looking for