Routing to MPLS network

Hi,
We have several branch offices connected via a managed MPLS network. Each MPLS router in the branch office is connected to the local LAN switch, with its separate firewall and internet access router. How do we direct traffic from the local network (unmanaged) to the private IP addresses in the MPLS network (managed)? Can static routes be configured on the ASA5505 firewall to route traffic to MPLS router?
ISP router>local router>ASA5505 firewall>LAN switch>MPLS router>MPLS cloud.

Said
Is the LAN switch layer 2 only or layer 3 capable. If you do not have access to the MPLS router you have 2 options
1) Add a route on the ASA for the private MPLS networks pointing to the MPLS router. You will need to enable hairpinning on the ASA.
Set the default-gateway of the clients on your LAN switch to be the ASA.
2) If your switch is a Layer 3 switch then you can do this in a much cleaner way. Create the L3 vlan interface(s) for the client vlan(s) on the switch and then you can use statics on the L3 switch eg.
ip route 0.0.0.0 0.0.0.0 "ASA inside interface"
ip route "MPLS private net" "subnet mask" "MPLS router inside interface"
Jon

Similar Messages

  • Path Selection for Routes Across MPLS Network

    Customer hub site has two CE routers with two links connected to two seperate PE routers in the Carrier's MPLS network. At the customer's remote site one CE router on a single link is connected to PE router in MPLS network.
    How can I configure the CE routers at the hub site to advertised the same network across the MPLS network to the CE router at the remote site? Also, how can I configure the CE router at the remote site to select on of the router as the primary and the other as secondary? Can I use local-preference on the CE router at the remote site to selected on path over the other.
    I'm not sure if this makes any sense. Any help will be appreciated. Thanks

    Even with multiple RDs for VRFs belonging to the same VPN, you still need IBGP multipath, correct? Multiple RDs is just to get around the RR restriction.
    Also, you posted this message a while back:
    "If you have many VPN customers all using the same addresses (most likely rfc1918), the fact that they have different RDs and that the PE prepends the RD to the prefixes exchanged between PEs will make the same prefixes different in the MPLS VPN core
    cust1 advertises 192.168.1.0/24 with RD 1:1 therefore
    VPNv4 prefix is 1:1:192.168.1.0
    cust2 advertises 192.168.1.0/24 with RD 1:2 therefore
    VPNv4 prefix is 1:2:192.168.1.0"
    My test lab does not support the IBGP multipath command, and thus even with different RDs, it still only installs one best path.
    I understand that RD = make unique VPNv4 routes in SP space, and that RT = what to import into the VRF. However, I am having a hard time visualizing the scenario with mutiple RDs for the same VPN for load balancing purposes. I am trying to understand the logic behind it.
    Per your example, if both 1:1 and 1:2 are received by the remote PE, assuming IBGP multipath is enabled, why would the remote PE load balance between the two links? Why would it assume that the hub subnets are reachable via two different PEs, and that it's not two different, isolated VPNs altogether?
    Is it b/c you imported both 1:1 and 1:2 into a VRF at the remote PE?

  • L3 mpls network with out P router, all PE to PE plus daisy chainging

    Guys, is it possible to run a core l3 MPLS network over 7600s and 3800s with out any P routers? The reason i aak is because of the particular situation where we will have to daisy chain PE routers due to lack of fiber.
    any thoughts?

    As martin says absolutley limited problems with this it will work a charm UNTIL yo urun into scaling issues. You are daisy chaining all the PEs which would also suggest to me that you are daisy chaining your RRs. In an mpls network the RR's have enough state to handle to keep them busy enough without also having to deal with passing labels about the network. Also you will have any cisco account team breaking down your door putting the fear of god into you for not having at least 2 P routers ;-). So yes you can indeed run it like you say but the lifetime of your network will be very limited indeed. If your not an SP then dont be concerned - unless you are an enterprise with 10000000s routes then id start to worry. Oh they (cisco) also state that PEs also have enough to do in their life without passing labelled packets about the place. sit and think about what your poor PE is having to do daily it could be 100 vrfs routing tables, which in turn means layer 3 lookups to find out where the packet has to go, qos, multicast, bgp, ospf, rip, eigrp, your own internal IGP, TE tunnels, RSVP - this poor router has enough to do without also adding transit traffic. ;-)

  • Routing Protocol recommendation for MPLS Network

    I am in the process of building a 14 site MPLS network for voice and data traffic. The vendor installing the network has configured RIPv2 as the routing protocol. I am considering switching this over to EIGRP. Can anyone explain to me why this would be better or should I just stay with RIP.
    Thanks

    Hi Chip,
    Its not very clear whether you are implementing a MPLS network or implementing a Network over MPLS for an end user with 14 sites.
    1) If MPLS network then other IGP variants than OSPF and ISIS best avoided. Now if the choice is between ISIS and OSPF then my personal recommendation would be OSPF. And this decision is purely driven by Operational Considerations rather than any technical advantages. Since at the end of the day what matters is how easy it is to implement add delete or troubleshoot the network.
    2)If for End User then it would not be right to recommend EIGRP or RIP or OSPF without knowing the current size & topology of each of these 14 sites, as well as the desired expansion plans. But if these 14 sites are the only sites and are all standalone branch sites connecting over MPLS VPN then RIP,EIGRP or OSPF can be implemented as per your and customer comfort.
    HTH-Cheers,
    Swaroop

  • In our enterprise MPLS network we are using 192.168.20.0/24 subnet, in this subnet we have not assigned the IP 192.168.20.200/30 & 204/30, But still these subnets are reachable . Are these NNI IP ...Please explain.

    In our enterprise MPLS network we are using 192.168.20.0/24 subnet, in this subnet we have not assigned the IP 192.168.20.200/30 & 204/30, But still these subnets are reachable . Are these NNI IP ...Please explain.

    I have checked with ISP, there response is like below:
    Those are the NNI to GBNET IPs for Dominican Republic. They are Network IPs. You should be able to ping them-that means they are working.
    WANRT01#show  ip route | include 192.168.20.20
    B        192.168.20.200/30 [20/0] via 192.168.20.226, 02:18:29
    B        192.168.20.204/30 [20/0] via 192.168.20.226, 02:18:29
    Here its shows from any of our MPLS site we are able to trace the IP and it seems like, 192.168.20.204/30 is one more site but in actual its not.
    INMUMWANRT01#ping 192.168.20.205
    Type escape sequence to abort.
    Sending 5, 100-byte ICMP Echos to 192.168.20.205, timeout is 2 seconds:
    Success rate is 100 percent (5/5), round-trip min/avg/max = 224/232/260 ms
    INMUMWANRT01#trace              
    INMUMWANRT01#traceroute 192.168.20.205
    Type escape sequence to abort.
    Tracing the route to 192.168.20.205
    VRF info: (vrf in name/id, vrf out name/id)
      1 192.168.20.226 24 msec 24 msec 24 msec
      2 192.168.20.206 [AS 8035] 232 msec 232 msec 252 msec
      3 192.168.20.205 [AS 8035] 224 msec 224 msec *

  • MPLS network design challenge

    Hi,
    I have a design issue for which I really like your help.
    In a MPLS network there are twoPOP gateway routers (G1,G2) peering with various MPLS VPN Service providers via B2B vrf eBGP peering are in 4 different ASN's. They inturn all peer via VPNv4 eBGP with the Core ASN which comprises of  2 Nos VPNv4 RR's and every site in the ASN haveing 2 P/PE per site. Every P/PE is peering via VPNv4- iBGP with the VPNv4 RR's. The RR's are not in the forwarding path of the traffic.
    Every site has 2 Nos CE routers and each CE router does a vrf based ebgp peering with the P/PE's.
    The P/PE routers import 2Nos RT exported by the 2 Nos POP G/w routers and inturn selects the best path and pass it to the CE routers.
    Now it is seen that the P/PE of all sites is selecting the best path adverstised by G1 instead of  G2 based on the AS PATH length and the shortest path is being adverstised by G1. So till a situation arises that the G1 is down till that time the P/PE's are forwarding the outbound traffic from the CE to G1 even also when the IGP cost is adding up high and when there is a direct link failure from the P/PE site to G1 site.
    It therefore makes sense that if the direct physical link form a P/PE site to the site G1 is located goes down ,the P/PE's then should choose  G2 via another path even when G1 is available.
    Does these sort of requirements ever come in SP environments from customers ? if so what are the solutions ..
    Thanks in advance
    Kas

    Hi kas,
    This type of requirement come to providers and there are few options which provider can implement.
    1- Play with local preference along with import map in vrf if requirement is customer specific. I mean if one customer want that G1 should be primary exit point and other customer want G2 as primary exit than he can use import map (which is similar to route-map )
    ip vrf ABCD
    rd XX
    import map ABCD
    route-target export XX
    route-target import YY
    route-map ABCD permit 20
    set local-preference >100
    2- Or you can play with As-path prepending option if you want to skip selection based on local preference.
    it is in provider interest to provide you solution. as there are options of affecting traffic by using communities.
    Please provide diagram and some config for complete solution.
    Regards
    Mahesh

  • MPLS Network Backup

    We have a MPLS network between Head office & varios branch office located across the globe. Can you suggest me the best possible backup(automatic) for this MPLS? as we are facing lot of breaks/cuts in the MPLS Network.

    This is to give a fair idea.
    Pls modify the conifg to suit your setup.
    router ospf x
    router-id x.x.x.x
    network 192.168.1.0 0.0.0.255 area 1
    network 192.168.2.0 0.0.0.255 area 1
    network 192.168.3.0 0.0.0.255 area 1
    Assumption that you have Area 0 at your MPLS CE for upwards and other VPN router upwards.
    interface fa1/0
    Description Connection ot MPLS CE
    ip add 192.168.1.1 255.255.255.0
    ip ospf cost 10
    interface fa1/1
    Description Connection to Backup VPN CE
    ip add 192.168.2.1 255.255.255.0
    ip ospf cost 100
    interface vlan 10
    Description Connection to Servers Subnet
    ip add 192.168.3.1 255.255.255.0
    HTH-Cheers,
    Swaroop

  • Full internet routes in MPLS-VRF

    hi~ all
    I just have some confused , whether it's good way load full internet routes in MPLS VRF , which there's no any service routing in core network but topology routing . but there's dual upstream ISP connecting ASBR , I'm afraid if I load these two full internet routes into VRF on 7600 , is it possible ? does it take so long time for loading routes in VRF ?
    could someone give me some proposal about it or some experience about internet routes in VRF , thanks.

    Its not a good practise to load all the internet rouetes in the vrf. Do use vrf leaking. For this create a vrf of named internet which will be loaded with the default route and export that route with the rd and mport that route in your particular vrf. With this you will be having only 1 route in the vrf.
    regards
    shivlu

  • Connectivity problems on ATM MPLS network

    We have implemented a country wide MPLS network based on 8500 platforms. We have encountered some strange connectivity problems between some PE's. Without apparent reason connectivity is lost between some PEs and restored after some time. The global routing table is perfectly stable among all the routers on the path between respective PE's. Also the LVC's & TAGs are stable and practically we were unable to find any change between the working and not working state. As a curious thing, during the outage (minutes) clearing routes into a PE VRF was restoring connectivity on the respective VRF and all other VRFs on the respective PE also!
    Has enyone seeing similar problems before?
    PE routers are 3660 series and we've tried all IOS available on CCO.

    Have you made any provisioning (upgrading connectivity) bet the PEs and Ps....I suffer such a similar problem with our network PEs and I notice that this happen after provisioning links between our PEs (RPMs in MGX 8850) and the ATM LSR (BPX 8600).
    when i issue "clear ip route vrf *" or reload the RPM.....all the VRFs operate normally again.....so I get used to such a problem after any network provisioning process but still i couldn't relate this to problems with VRFs.

  • Influencing BGP attributes within MPLS network

    pls take a look at my question and diagram is attached in the file. pls help me to fix this problem.
    I have following requirement about traffic paths within the 
    MPLS network.MPLS network is running MP-BGP4.
    1.Traffic from Europe branch to Asia branch go through London
      router.
    2.Traffic from America branch to Asia branch go through Los Angeles
      router.
    3.The two paths through London and Los Angeles should have redundancy.
      That is if path through London is not accessible all the traffic must
      go through Los Angeles. IF Los Angeles path go down all the traffic must
      go through London.
    4.Traffic from Asia to Europe and America is controlled by redistributing
      BGP4 learned routes with different metrics at the London and Los Angeles
      routers.So that trafic from Asia branch to Europe go through London and
      traffic from Asia to America go through Los Angeles.
    I have been using below configs on the PE routers. But it is not working.
    In the MPLS network only one path is selected for both traffic from Europe
    and America.Pls can anyone help me to fix this problem.
    #PE3
    ip vrf CUSTOMER
    rd 1:10
    route-target export 1:20
    route-target import 1:40
    export map EXPORT-ROUTE
    import map IMPORT-ROUTE
    interface FastEthernet0/0
    description LONDON-GW
    ip vrf forwarding CUSTOMER
    ip address 1.1.1.2 255.255.255.252
    router bgp 65400
    address-family ipv4 vrf CUSTOMER
    redistribute connected
    neighbor 1.1.1.1 remote-as 65401
    neighbor 1.1.1.1 activate
    neighbor 1.1.1.1 next-hop-self
    neighbor 1.1.1.1 soft-reconfiguration inbound
    no auto-summary
    no synchronization
    exit-address-family
    ip extcommunity-list 1 permit rt 1:10
    ip extcommunity-list 2 permit rt 1:40
    route-map EXPORT-ROUTE permit 10
    description LONDON-GW
    match extcommunity 1
    set extcomm-list 1 delete
    set extcommunity rt 1:20 additive
    route-map IMPORT-ROUTE permit 10
    description EU & US-BRANCH
    match extcommunity 2
    #PE4
    ip vrf CUSTOMER
    rd 1:10
    route-target export 1:30
    route-target import 1:40
    export map EXPORT-ROUTE
    import map IMPORT-ROUTE
    interface FastEthernet0/0
    description LA-GW
    ip vrf forwarding CUSTOMER
    ip address 2.2.2.2 255.255.255.252
    router bgp 65400
    address-family ipv4 vrf CUSTOMER
    redistribute connected
    neighbor 2.2.2.1 remote-as 65402
    neighbor 2.2.2.1 activate
    neighbor 2.2.2.1 next-hop-self
    neighbor 2.2.2.1 soft-reconfiguration inbound
    no auto-summary
    no synchronization
    exit-address-family
    ip extcommunity-list 1 permit rt 1:10
    ip extcommunity-list 2 permit rt 1:40
    route-map EXPORT-ROUTE permit 10
    description LA-GW
    match extcommunity 1
    set extcomm-list 1 delete
    set extcommunity rt 1:30 additive
    route-map IMPORT-ROUTE permit 10
    description EU & US-BRANCH
    match extcommunity 2
    #PE1
    ip vrf CUSTOMER
    rd 1:10
    route-target export 1:40
    route-target import 1:20
    route-target import 1:30
    export map EXPORT-ROUTE
    import map IMPORT-ROUTE
    interface FastEthernet0/0
    description EU-BRANCH
    ip vrf forwarding CUSTOMER
    ip address 3.3.3.2 255.255.255.252
    router bgp 65400
    address-family ipv4 vrf CUSTOMER
    redistribute connected
    redistribute static
    no auto-summary
    no synchronization
    exit-address-family
    ip route vrf CUSTOMER 172.16.1.0 255.255.255.0 FastEthernet0/0 3.3.3.1 name EU-BRANCH
    ip extcommunity-list 1 permit rt 1:10
    ip extcommunity-list 2 permit rt 1:20
    ip extcommunity-list 3 permit rt 1:30
    route-map EXPORT-ROUTE permit 10
    description EU-BRANCH
    match extcommunity 1
    set extcomm-list 1 delete
    set extcommunity rt 1:40 additive
    route-map IMPORT-ROUTE permit 10
    description LONDON-GW(MAIN)
    match extcommunity 2
    set metric 100
    route-map IMPORT-ROUTE permit 20
    description LA-GW(BACKUP)
    match extcommunity 3
    set metric 200
    route-map IMPORT-ROUTE permit 30
    description OTHER
    #PE2
    ip vrf CUSTOMER
    rd 1:10
    route-target export 1:40
    route-target import 1:20
    route-target import 1:30
    export map EXPORT-ROUTE
    import map IMPORT-ROUTE
    interface FastEthernet0/0
    description US-BRANCH
    ip vrf forwarding CUSTOMER
    ip address 4.4.4.2 255.255.255.252
    router bgp 65400
    address-family ipv4 vrf CUSTOMER
    redistribute connected
    redistribute static
    no auto-summary
    no synchronization
    exit-address-family
    ip route vrf CUSTOMER 192.168.1.0 255.255.255.0 FastEthernet0/0 4.4.4.1 name US-BRANCH
    ip extcommunity-list 1 permit rt 1:10
    ip extcommunity-list 2 permit rt 1:20
    ip extcommunity-list 3 permit rt 1:30
    route-map EXPORT-ROUTE permit 10
    description US-BRANCH
    match extcommunity 1
    set extcomm-list 1 delete
    set extcommunity rt 1:40 additive
    route-map IMPORT-ROUTE permit 10
    description LONDON-GW(BACKUP)
    match extcommunity 2
    set metric 200
    route-map IMPORT-ROUTE permit 20
    description LA-GW(MAIN)
    match extcommunity 3
    set metric 100
    route-map IMPORT-ROUTE permit 30
    description OTHER

    Hi Manoj
    "send-community both" will export both Standard and Extended Communities
    The Standard Community Values which we are setting up New on PE3 and PE4 and Matching on PE1 and PE2 can be anything in ASN:nn Format..I Just randomly chose them as 65400:1111 on PE3/PE1 and 65400:2222 on PE4/PE2.
    The extcommunity values to be used on PE3/PE4 will be the export RT values used in the VRF Customer Config as posted in your first post..
    #PE3
    ip vrf CUSTOMER
    rd 1:10
    route-target export 1:20
    route-target import 1:40
    export map EXPORT-ROUTE
    import map IMPORT-ROUTE
    #PE4
    ip vrf CUSTOMER
    rd 1:10
    route-target export 1:30
    route-target import 1:40
    export map EXPORT-ROUTE
    import map IMPORT-ROUTE
    I think I mixed up little with PE3 as PE1 and PE4 as PE2 instead ..Revised corrected config would be
    On PE3-- Under VPNv4 We enable sending out the normal community values out to the RR.Then we match the extcommunity rt for the VRF Customer and set the community value to 65400:1111 which will be matched at PE1
    router bgp 65400
    address-family vpnv4
    neighbor "RR-IP" send-community both
    neighbor "RR-IP" route-map community out
    exit-address-family
    route-map community permit 10
    match extcommunity CUSTOMER
    set community 65400:1111
    route-map community permit 20
    ip extcommunity-list standard CUSTOMER permit rt 1:20
    On PE4-- Under VPNv4 We enable sending out the normal community values out to the RR.Then we match the extcommunity rt for the VRF Customer and set the community value to 65400:2222 which will be matched at PE2
    router bgp 65400
    address-family vpnv4
    neighbor "RR-IP" send-community both
    neighbor "RR-IP" route-map community out
    exit-address-family
    route-map community permit 10
    match extcommunity CUSTOMER
    set community 65400:2222
    route-map community permit 20
    ip extcommunity-list standard CUSTOMER permit rt 1:30
    On PE1-- Under VPNv4 We match the community value 65400:1111 which was set at PE3 and set the LP to 110
    router bgp 65400
    address-family vpnv4
    neighbor "RR-IP" route-map community in
    exit-address-family
    route-map community permit 10
    match community CUSTOMER
    set local-preference 110
    route-map community permit 20
    ip community-list standard CUSTOMER permit 65400:1111
    On PE2-- Under VPNv4 We match the community value 65400:2222 which was set at PE4 and set the LP to 110
    router bgp 65400
    address-family vpnv4
    neighbor "RR-IP" route-map community in
    exit-address-family
    route-map community permit 10
    match community CUSTOMER
    set local-preference 110
    route-map community permit 20
    ip community-list standard CUSTOMER permit 65400:2222
    Make Sure that RR is enabled to propogate the normal BGP communities as well...
    Hope this helps to answer your question..Please let me know for any clarifications..
    Regards
    Varma

  • Debugging and monitoring MPLS networks

    Hi ,
    I've had the following problem with a customer of ours and I'd like to know if there's any tools I can use in the future to better diagnose the problem if it may arise again.
    The customer is a bank with hundreds of brnach sites. All of them are connected to the corporate via a MPLS network managed by a local TELCO company .
    In the last ten days they have experienced long delays during logons of users in the branch sites . This delay has been initially thought due to new operating systems deployed on the clients ( XP ) . In fact there's a rollout of XP computers at all the branch sites .
    Trying to troubleshoot the problem we have started looking at all OS related known problems but found nothing important.
    Next I tried looking at the network connections with the few tools I have ( basically ping , traceroute and protocol analyzer ) but all seemed ok .
    Having no access to the telco routers I monitored the corporate's switch ports to which the two telco router are attched .
    Finally I found some packet discarded and could call the telco and having the routers checked.
    They found a problem , they didn't told us what it was , and suddendly most of the problems were gone.
    This was really tricky because a part from the slow logon we had no other mulfunctions . I found the problem thanks to a Microsoft tool to check group policy problem which point me to possible networks problem.
    The question , after this long post , is ; is there any tool, agent , software I can install or use to check MPLS network efficiency having no access to the TELCO routers ?
    Thanks in advance
    Stefano Colombo
    CCNA - CCSP
    MCSE NT/2k/2003 Messaging

    havent not told us what the actual problem was it is kinda difficult to suggest tools. However IF this was an MTU issue then you should have used ping with the DF bit set to see how big a packet you could get over the mpls network. Let us know what the issue was and hopefully we can be a bit more detailed in our responses.
    HTH

  • Full mesh VPN solution for on MPLS network with PE and CPEs

    Hi,
    We are trying to evaluate some best solution for Hub-Spoke mesh vpn solution in a MPLS network. The VPN hub router will be in PE router and all the VPN spoke will be in CPE.
    Can someone please let us know what will be the best vpn solution, we understands that there will be some technical limitations going with GETVPN but still we did counld find any documenation for possiblity of using DMVPN.
    How about the recent flexvpn, can fex-vpn work on this requirement, where can i get a design/configuration document.?
    thanks in advance.

    Hello,
    GetVPN is intended for (ANY-to-ANY) type of VPN communication, over an MPLS network with Hub and Spoke Topology, your best Option is to look for Cisco (DMVPN) implementation where this type of VPN is primarily designed for Hub & Spoke.
    Regards,
    Mohamed

  • Why CEF needed in MPLS Network??

    I have read the MPLS Fundamentals book by Luc De Ghein, So I understand from the from book that cef needs to enabled in edge routers to tag or untag labels (for Ip packets). I am eager to know why Mpls (Not a cisco proprietary) depends on a cisco proprietary CEF?? If I use Non-Cisco routers in the mpls edge how come the labels get tagged for ip packets??
    <<<<<<<<<Taken from Book>>>>>>>>>>>>>
    MPLS Fundamentals - Luc De Ghein
    Why Is CEF Needed in MPLS Networks?
    Concerning MPLS, CEF is special for a certain reason; otherwise, this book would not explicitly
    cover it. Labeled packets that enter the router are switched according to the label forwarding
    information base (LFIB) on the router. IP packets that enter the router are switched according to
    the CEF table on the router. Regardless of whether the packet is switched according to the LFIB
    or the CEF table, the outgoing packet can be a labeled packet or an IP packet
    <<<<<<<<>>>>>>>>>>

    Hello Bava,
    the key point is that LDP or RSVP TE are able to generate distribute labels for FECs but they do not create the FECs from stratch.
    FEC = Forwarding Equivalent Class
    a destination IP subnet is a typical FEC.
    cisco MPLS code takes advantage of the work done by CEF and uses as input data the FIB (Forwarding Information Base) mantained by CEF, to build the LFIB that is the table where for each FEC there is an association with a label taken from the local node label space.
    The work done by CEF is not so different from what is needed by MPLS: the biggest difference is that the CEF table is kept local and not exported to any other device. MPLS FEC/label bindings are advertised.
    In MPLS frame mode the labels are distributed in unsolicited downstream mode.
    Unsolicited means that the label/FEC association is buiilt based on the topology FIB instead  of waiting for some device to ask a label for the FEC.
    downstream means the labels are sent in the opposite direction of that used by traffic.
    Other attributes are:
    indipendent : means each LSR is free to create its own FEC/label association before receiving the label from the edge LSR that owns the prefix or from a device that is nerarest to the IP subnet (upstream)
    liberal retention: the device will keep note of labels advertised by neighbors even if they are currently not on the best path. This can be seen in the output of show mpls ldp binding and allows for faster recover in case of failure of the best path.
    The unsolicited and liberal retention in standard frame mode comes from the relatively big label space (roughly one milllion labels)
    This was not possible in MPLS cell mode where the label space was small. So MPLS cell mode used on demand downstream label binding and no retention.
    Also MPLS allows for label stacking = use of multiple levels of MPLS Label for services like L3 VPNs
    to be noted other implementations are different in some aspects and each vendor has its internal tecnique to build a table of FECs to be used as starting point for MPLS code.
    For example indipendent label/FEC mapping has its own drawbacks it may be better to wait for a label to be received from a device upstream = nearest to the IP prefix in order to ensure the path is end to end.
    Hope to help
    Giuseppe

  • Venturing into MPLS Network

    Hi all, it is just my curiousity that ended up with a small discussion like this. Here's about it...
    My company has a main client which have tonnes of remote sites connecting to both their HQ and Disaster Recovery Centre. Some of the remote sites still running on frame-relay, while other is purely leased-line. There's a few question I wish I can clear up as follows:
    i. When the client have frame-relay device, what we do is create a tunnel and route all the frame-relay traffic over. Is there any advantage if we change it over to MPLS?
    ii. Even if comparing to leased-line services, what kind of advantages I can expect if our cliet migrate over to leased-line?
    iii. If one customer is running purely on frame-relay connectivity, any difficulties will arise when they want to switch over to MPLS network?
    I still never has any hands on experience on the MPLS, that's why need to gather some info in the first place, I'm currently have a glance through those MPLS guides and configuration examples, but I knew that perhaps in real-life network, things may differs, in the meanwhile I'm studying through it, hope to gather some precious opinions. Regards

    Hello,
    Regarding answer iii: What you have to use inside the MPLS cloud is MBGP to route the customer prefixes. In your LAN however you will have an IGP like EIGRP. This means you need mutual redistribution between MBGP and your IGP. So a routing loop can occur once you have at least two pathes. An Example:
    N1-CE1 - PE1 - PE2 - CE2
    with: CE1 - PE1 using RIP, CE2 - PE2 using RIP, PE1 - PE2 using MBGP and a FR PVC between CE1 - CE2 using RIP
    This would be the case when you migrate from FR to MPLS VPN and do not shut down FR the very moment you activate the MPLS links.
    What can happen in this scenario is: CE1 is announcing Network N1 through RIP to CE2 directly over the FR PVC and also to PE1. PE1 will redistribute N1 into MBGP, send the prefix to PE2, which will redistribute N1 into RIP and send the update to CE2.
    Now depending on implementation and metrics this will result in all traffic flowing over FR or MPLS (when adjusting metrics). No major problem yet.
    The problem might occur once CE1 looses network N1. It will send an update directly to CE2 and to PE1 and a race condition exists. CE2 will still have one valid path to N1 learned from PE2 and announce this one to CE1, which will announce it to PE1 and then PE2, CE2, CE1 again and so on.
    This is an intermittend or even persistent routing loop, depending on what you have done with hop count during redistribution.
    By designing your overall routing solution carefully you can avoid this scenario.
    Hope this helps! Please rate all posts.
    Regards, Martin

  • MPLS network CE1A pinging CE1B other side

    Im trying to expand my knowledge about MPLS but have a bunch of questions. Here is one. In a MPLS network, should the CEA1 from one side ping the the other CEB1 and viceversa? I can see the route in the routing table from both side, however ping doesnt past thru.  Explain?             

    Hi Pedro,
    Yuu should be able to ping, if you have setup MPLS L3 VPN correctly  and if you don't have any configs to drop the ping
    First you need to chec kif your LSP is fine.
    1. Check if  you have MPLS IP configured on the core devices and Core facing interfaces of PE. make sure you have cef enabled on the routers
    To check if the LSP is fine, try a ping between PEs using source and destination as VRF IPs
    Share your topoplogy. That will hep

Maybe you are looking for

  • New Infinity order

    Hey just a quick question, placed an order to switch my telephone line and broadband to BT from a full Sky LLU package. Today my line switched over successfully, can anyone tell me when the order for Infinity 2 will be placed? and how long it takes o

  • Unable to generate users.xml file

    Hi All, I have installed OCS 10.1.2.0.0.and applied the cumulative patchset and now on OCS 10.1.2.3.0 Now i am trying to migrate users and their mail box from exchange 5.5 running on Windows NT 4 server. I have installed the esmigration tool on a mac

  • Show previous requisition requests link is missing in MSS.

    Hi All, In Manager Self-Service ->Recruiting->New Requisition Request->Request to fill postion. Here link show previous requisition requests missing. How to enable the link? This link is missed after portal is upgraded. Regards, Srinivasu.Y

  • Help in pnp

    Hallow I doing a program that use logical data base pnpce and It working o.k. The problem is when I choose one org. unit and I wont see the Data just on her I get other org unit that I don’t choose Maybe I forget something in my code Regards START-OF

  • Financial statement version INT does not exist

    Hello Friends, I hope someone can help me figure this out and I've read discussions similar, just not exactly what I'm looking for.  When I run the following reports: S_ALR_87012271 S_ALR_87012272 S_ALR_87012273 I receive the following error message: