Venturing into MPLS Network

Similar Messages

• Path Selection for Routes Across MPLS Network

  Customer hub site has two CE routers with two links connected to two seperate PE routers in the Carrier's MPLS network. At the customer's remote site one CE router on a single link is connected to PE router in MPLS network.
  How can I configure the CE routers at the hub site to advertised the same network across the MPLS network to the CE router at the remote site? Also, how can I configure the CE router at the remote site to select on of the router as the primary and the other as secondary? Can I use local-preference on the CE router at the remote site to selected on path over the other.
  I'm not sure if this makes any sense. Any help will be appreciated. Thanks

  Even with multiple RDs for VRFs belonging to the same VPN, you still need IBGP multipath, correct? Multiple RDs is just to get around the RR restriction.
  Also, you posted this message a while back:
  "If you have many VPN customers all using the same addresses (most likely rfc1918), the fact that they have different RDs and that the PE prepends the RD to the prefixes exchanged between PEs will make the same prefixes different in the MPLS VPN core
  cust1 advertises 192.168.1.0/24 with RD 1:1 therefore
  VPNv4 prefix is 1:1:192.168.1.0
  cust2 advertises 192.168.1.0/24 with RD 1:2 therefore
  VPNv4 prefix is 1:2:192.168.1.0"
  My test lab does not support the IBGP multipath command, and thus even with different RDs, it still only installs one best path.
  I understand that RD = make unique VPNv4 routes in SP space, and that RT = what to import into the VRF. However, I am having a hard time visualizing the scenario with mutiple RDs for the same VPN for load balancing purposes. I am trying to understand the logic behind it.
  Per your example, if both 1:1 and 1:2 are received by the remote PE, assuming IBGP multipath is enabled, why would the remote PE load balance between the two links? Why would it assume that the hub subnets are reachable via two different PEs, and that it's not two different, isolated VPNs altogether?
  Is it b/c you imported both 1:1 and 1:2 into a VRF at the remote PE?

• L3 mpls network with out P router, all PE to PE plus daisy chainging

  Guys, is it possible to run a core l3 MPLS network over 7600s and 3800s with out any P routers? The reason i aak is because of the particular situation where we will have to daisy chain PE routers due to lack of fiber.
  any thoughts?

  As martin says absolutley limited problems with this it will work a charm UNTIL yo urun into scaling issues. You are daisy chaining all the PEs which would also suggest to me that you are daisy chaining your RRs. In an mpls network the RR's have enough state to handle to keep them busy enough without also having to deal with passing labels about the network. Also you will have any cisco account team breaking down your door putting the fear of god into you for not having at least 2 P routers ;-). So yes you can indeed run it like you say but the lifetime of your network will be very limited indeed. If your not an SP then dont be concerned - unless you are an enterprise with 10000000s routes then id start to worry. Oh they (cisco) also state that PEs also have enough to do in their life without passing labelled packets about the place. sit and think about what your poor PE is having to do daily it could be 100 vrfs routing tables, which in turn means layer 3 lookups to find out where the packet has to go, qos, multicast, bgp, ospf, rip, eigrp, your own internal IGP, TE tunnels, RSVP - this poor router has enough to do without also adding transit traffic. ;-)

• VOIP MPLS network only 40-50% utilized

  We are in the process of upgrading our bandwidth at our branch locations into 3 Mbps MPLS networ and we only run Citrix traffic and IP Voice (Interoffice calls) from our Branch locations into our HQ.
  We expect Bandwith utilization to typically max out at 1.6 MBPS. Do you think we need to configure QoS for the voice traffic since the circuit will only be 40-50 percent utilized? My thinking was why should I configure QoS if the bandwidth is only at 40 - 50 percent. The voice traffic should have enough bandwidth to communicate over the wire.
  Is my thinking correct or should I configure QoS across this MPLS network? If I should confiure QoS what type do you recommend.
  Any responses are greatly appreciated

  Hi,
  I would configure QoS, because there are not only sunny days in life ...
  What if you catch Nimda version 7.2beta, i.e. the newest worm out there trying to blast any valid IP in your network? I would not want to explain to my CEO why we lost telephony as well ...
  So on a more technical level: QoS is needed to do resource management. As such you are right in that QoS is not needed if you have enough resources. Yet, who can guarantee this in an IP network at any point in time? I would put it QoS just as an insurance though it would not be needed during normal operation.
  Saying this I might add that this is the appropriate usage anyhow, as QoS will not solve issues arising from constant lack of bandwidth. Queueing is meant to handle exceptions. There is always the possibility of the unforseen.
  Hope this helps! Please rate all posts.
  Regards, Martin

• Connectivity problems on ATM MPLS network

  We have implemented a country wide MPLS network based on 8500 platforms. We have encountered some strange connectivity problems between some PE's. Without apparent reason connectivity is lost between some PEs and restored after some time. The global routing table is perfectly stable among all the routers on the path between respective PE's. Also the LVC's & TAGs are stable and practically we were unable to find any change between the working and not working state. As a curious thing, during the outage (minutes) clearing routes into a PE VRF was restoring connectivity on the respective VRF and all other VRFs on the respective PE also!
  Has enyone seeing similar problems before?
  PE routers are 3660 series and we've tried all IOS available on CCO.

  Have you made any provisioning (upgrading connectivity) bet the PEs and Ps....I suffer such a similar problem with our network PEs and I notice that this happen after provisioning links between our PEs (RPMs in MGX 8850) and the ATM LSR (BPX 8600).
  when i issue "clear ip route vrf *" or reload the RPM.....all the VRFs operate normally again.....so I get used to such a problem after any network provisioning process but still i couldn't relate this to problems with VRFs.

• MTU Ethernet MPLS Network

  Actually I have implemented MPLS in my Ethernet network using Cisco 75XX as part of my core (P) and Huawei equipments for access (PE). We realized that customers can not navigate to certain pages like hotmail, msn, hi5, etc. Reviewing possible solutions we found two options:
  - Change the MTU 1492 in the CE equipment
  - Adjust TCP MSS size to 1440 in CE.
  Making this our customers finished complianing. Besides this all interface working under MPLS are using MPLS MTU 1508 command but Huawei PE?s dont support a similar command.
  My question is what is the real effect of mpls mtu command? is it change the mtu size for predefined Ethernet??
  Do you have any suggestion or similar cases, to make "transparent" for customes transition to MPLS network and not change values in CE equipment??
  I really appreciate your answers and sugestions,
  Best Regards
  Jack

  Hi Jack,
  1) Why a Datagram is Fragmented:
  When a frame is carrying an unlabeled IP datagram, the Frame
  Payload is just the IP datagram itself. When a frame is
  carrying a labeled IP datagram, the Frame Payload consists of
  the label stack entries and the IP datagram.
  Now when this frame payload as defined as above exceeds the
  conventional layer 2 media MTU then the frame is fragmented.
  In case of ethernet this MTU is 1500.
  So for example when a unlabelled frame with payload of 1500
  bytes is received and the same has to be sent further to
  the remote destination by labelling it, then the payload
  has to be fragmented.
  2) Why the MPLS MTU command:
  Once you receive an unlabelled frame, first the PE router
  receives it, labels it and then its put out for forwarding,
  when its to be forwarded, it needs to be fragmented.
  The problem comes here, when before being forwarded out of
  the interface if it gets fragmented, it would create two
  fragments or frames.
  By conventional fragmentation, the label which is inserted
  in the header may not be preserved into the new fragments
  created and the frame may be simply discarded as it loses
  the forwarding address which was the label.
  So to avoid this MPLS MTU command needs to be configured,
  so when there is fragmentation, it takes care of putting
  in the same label into the fragments created.
  Now in IOS even is MPLS MTU command is not configured
  it takes the default MTU as the MPLS MTU value.
  3) Solution to your problem:
  To aviod configuring the CE devices with MTU 1492,
  what you need to take care of is configure all you
  core facings links, with an physical MTU of 1508.
  So automatically your TCP packets which if total
  to 1500 bytes payload with a DF bit set wont need
  to be fragmented from PE at one end to other end.
  For this your PE <--->P link ethernet media MTU
  should be 1508, (if you can configure 1512 or 1516
  that would also be great if you plan to increase the
  stack size or later provide IPV6 VPN's.)
  You P<-->P links ethernet media MTU should also be
  the same as set between PE to P. if you have any
  SONET/POS links in your backbone then you dont have
  to do anything for the MTU.
  So the net effect of this would be any TCP sessions
  as which are prone to setting the DF bit can be
  transparently sent across without send ICMP error message.
  HTH-Cheers!
  Swaroop
  You may also like to see the RFC 3032 about label stack.

• Frame Relay access into MPLS with QOS

  My provider is telling me that I can take my frame relay network and map it into their MPLS network. Basically all my sites would connect into the providers Frame network and then mapped into the proivders MPLS network. Now I know this will work; but my concern is VoIP and QOS. If I have a single PVC and I am marking VoIP packets with an IPPREC of 5 how will the providers frame realy network see that? And how will it be honered from CE => Provider FR => PE => P => PE => Provider FR => CE

  Todd, I doubt how would your SP provide you guranteed QOS SLA's with that setup. As there is no one to one mapping of PREC/EXP values to FR based QOS.
  But although, if he gurantees or ensures that the FR access cloud is never going to be congested and everything is fifo in there then he can provide your per hop QOS behaviour based on your PREC value across the MPLS cloud.
  HTH-Cheers,
  Swaroop

• In our enterprise MPLS network we are using 192.168.20.0/24 subnet, in this subnet we have not assigned the IP 192.168.20.200/30 & 204/30, But still these subnets are reachable . Are these NNI IP ...Please explain.

  In our enterprise MPLS network we are using 192.168.20.0/24 subnet, in this subnet we have not assigned the IP 192.168.20.200/30 & 204/30, But still these subnets are reachable . Are these NNI IP ...Please explain.

  I have checked with ISP, there response is like below:
  Those are the NNI to GBNET IPs for Dominican Republic. They are Network IPs. You should be able to ping them-that means they are working.
  WANRT01#show  ip route | include 192.168.20.20
  B        192.168.20.200/30 [20/0] via 192.168.20.226, 02:18:29
  B        192.168.20.204/30 [20/0] via 192.168.20.226, 02:18:29
  Here its shows from any of our MPLS site we are able to trace the IP and it seems like, 192.168.20.204/30 is one more site but in actual its not.
  INMUMWANRT01#ping 192.168.20.205
  Type escape sequence to abort.
  Sending 5, 100-byte ICMP Echos to 192.168.20.205, timeout is 2 seconds:
  Success rate is 100 percent (5/5), round-trip min/avg/max = 224/232/260 ms
  INMUMWANRT01#trace              
  INMUMWANRT01#traceroute 192.168.20.205
  Type escape sequence to abort.
  Tracing the route to 192.168.20.205
  VRF info: (vrf in name/id, vrf out name/id)
    1 192.168.20.226 24 msec 24 msec 24 msec
    2 192.168.20.206 [AS 8035] 232 msec 232 msec 252 msec
    3 192.168.20.205 [AS 8035] 224 msec 224 msec *

• How do I keep my Airport Extreme from logging into other networks?

  How can I tell my network to always log into our network and ignore the other signals it finds?
  In older MacOS's you could tell WiFi to only use trusted networks. My problem is that in my neighborhood there are lots of WiFi users and my airport network is always trying to use one of them (even though the signal strength is the same). The most annoying is Comcast, which seems to show up the most. I have Comcast for TV etc., but have the WiFi feature disabled on the modem. I want more control. Yesterday it got on one of my neighbors that isn't even secure?

  1. Have you ticked to "Ask to join new networks" ??
  2. Have you deleted all the other possible wireless networks from your listing.
  The network which should be the first in the list will be the one that is connected first. But we find it is best to empty the list.
  Maybe also check to require admin authorisation to change networks.
  Other than those things nothing else is offered..
  I have many wireless networks here and I have not seen the issue even on Mavericks.. but if any OS is going to give you grief Mavericks is the one.

• How to automatically saved a pdf form into a network folder using a submit button

  Good evening to everyone,
  I'm more than a beginner on adobe development reason why I would like to apologize first if my questions are dumbs. :-(
  I would like to know if 'Adobe 9 Professional Extended' has the possibility to put some code into a submit button in order for the pdf form to be saved with a unique name and into a Network folder located into an Encryption Server where we handle our PII. Is it? Over the past two weeks I've been digging into the documentation but I'm unable to find something that will help me to accomplish our headquarters requirements.
  If there is no possibility, is there any programming language that adobe accepts in order to configure a piece of code that will store the file into a network folder? Perhaps VB or C-SHARP?
  Whatever feedback anyone can give, I deeply appreciate it.
  Thanks,

  Thanks for the reply Mr. Chaney!
  I do have more questions based on your recomendation.
  From my understanding, JavaScript or FormCalc will be my only options, right? If that's the case, how can a scripting language (client server side) allow me to transfer automatic saved files into a Network folder within my company intranet? I downloaded the Scripting Basic manual and all the scenarios and code are client server side such as, changing background color, add effects to a button and so on.
  I did find a command under FormCalc called "PUT" can I use this command to transfer a pdf file into a Virtual Directory folder? All the examples I saw were for XML files.
  Greetings,

• HT201328 Hello I bought my iPhone from liverpools apple store, I put a giffgaff cArd inside and it locked my phone into 02 network. I contacted o2 as you suggested and they told me that they didn't lock my iPhone. Please find me some gelp

  Hello I bought my iPhone from liverpools apple store, I put a giffgaff cArd inside and it locked my phone into 02 network. I contacted o2 as you suggested and they told me that they didn't lock my iPhone. Please find me some help

  I guess you mean unlock the device. To lock it would mean to be possible to se it only with one carrier.
  So no, unlocking the device must be done by the original carrier, you should contact them to do that.

• Vista - a cable is not plugged into the network adapter

  It works fine on the following:-
  Mac 10.5
  Wifi vai apple extreme
  Enthernet via DSL
  But on Vista (with same machine BootCamp)
  Wifi Ok
  Enthernet via DSL failed with the error message "a cable is not plugged into the network adaper "local area connection"
  I have update the drive of Marvell Yokon 88E8058

  It's on the rear, just above the LAN cable (internet cable).    PS> Your not reading all that is asked.
  Step 1: Checking cables and connections
  Use the following steps to check connections and networking hardware.
  Check the activity light next to the network connector on the back of the computer.
  I am a volunteer. I am not an HP employee.
  To say THANK YOU, press the "thumbs up symbol" to render a KUDO. Please click Accept as Solution, if your problem is solved. You can render both Solution and KUDO.
  The Law of Effect states that positive reinforcement increases the probability of a behavior being repeated. (B.F.Skinner). You toss me KUDO and/or Solution, and I perform better.
  (2) HP DV7t i7 3160QM 2.3Ghz 8GB
  HP m9200t E8400,Win7 Pro 32 bit. 4GB RAM, ASUS 550Ti 2GB, Rosewill 630W. 1T HD SATA 3Gb/s
  Custom Asus P8P67, I7-2600k, 16GB RAM, WIN7 Pro 64bit, EVGA GTX660 2GB, 750W OCZ, 1T HD SATA 6Gb/s
  Custom Asus P8Z77, I7-3770k, 16GB RAM, WIN7 Pro 64bit, EVGA GTX670 2GB, 750W OCZ, 1T HD SATA 6Gb/s
  Both Customs use Rosewill Blackhawk case.
  Printer -- HP OfficeJet Pro 8600 Plus

• Equivalent for an "IP accounting" in MPLS Network

  Do we have an equivalent for an IP accounting in an interface in MPLS network. I would like to know this to identify traffic flowing across a WAN interface which is being tag/label switched

  Thanks gopal. However this command "show tag-switching forwarding table" did not help me find a host in a network choking up the WAN link. I heard from one of the cisco reps saying cisco is releasing an IOS to do this in Feb. I hope that helps.

• Running Large Backups over an MPLS Network

  We are opening up a second data center at my organization. The location is about 60 miles from our primary data center.
  At our primary data center we use an MPLS network for our WAN. We have ll remote locations on our WAN and we have a DS-3 that connects to our primary data center.
  At our new second data center we will connect it to the MPLS network.
  Do you think we should run our backups between the 2 data centers across the MPLS or do you think we should order a seperate private line or ethernet type service between the 2 data centers? All back ups from our primary data center will continually move across the network to our new secondary data center.
  Do you think MPLS is a good technology to run large back ups across? Is it reliable enough

  "Do you think MPLS is a good technology to run large back ups across?"
  Sure.
  "Is it reliable enough"
  Depends more on your MPLS provider than the technology itself.
  Two issues that may be more important to you vs. how "reliable" MPLS is, might be cost of bandwidth vs. other technologies or sharing the MPLS bandwidth with non-backup applications. The latter would depend much on what QoS that might be available to you to insure your backup traffic doesn't adversely impact non-backup traffic.

• MPLS network design challenge

  Hi,
  I have a design issue for which I really like your help.
  In a MPLS network there are twoPOP gateway routers (G1,G2) peering with various MPLS VPN Service providers via B2B vrf eBGP peering are in 4 different ASN's. They inturn all peer via VPNv4 eBGP with the Core ASN which comprises of  2 Nos VPNv4 RR's and every site in the ASN haveing 2 P/PE per site. Every P/PE is peering via VPNv4- iBGP with the VPNv4 RR's. The RR's are not in the forwarding path of the traffic.
  Every site has 2 Nos CE routers and each CE router does a vrf based ebgp peering with the P/PE's.
  The P/PE routers import 2Nos RT exported by the 2 Nos POP G/w routers and inturn selects the best path and pass it to the CE routers.
  Now it is seen that the P/PE of all sites is selecting the best path adverstised by G1 instead of  G2 based on the AS PATH length and the shortest path is being adverstised by G1. So till a situation arises that the G1 is down till that time the P/PE's are forwarding the outbound traffic from the CE to G1 even also when the IGP cost is adding up high and when there is a direct link failure from the P/PE site to G1 site.
  It therefore makes sense that if the direct physical link form a P/PE site to the site G1 is located goes down ,the P/PE's then should choose  G2 via another path even when G1 is available.
  Does these sort of requirements ever come in SP environments from customers ? if so what are the solutions ..
  Thanks in advance
  Kas

  Hi kas,
  This type of requirement come to providers and there are few options which provider can implement.
  1- Play with local preference along with import map in vrf if requirement is customer specific. I mean if one customer want that G1 should be primary exit point and other customer want G2 as primary exit than he can use import map (which is similar to route-map )
  ip vrf ABCD
  rd XX
  import map ABCD
  route-target export XX
  route-target import YY
  route-map ABCD permit 20
  set local-preference >100
  2- Or you can play with As-path prepending option if you want to skip selection based on local preference.
  it is in provider interest to provide you solution. as there are options of affecting traffic by using communities.
  Please provide diagram and some config for complete solution.
  Regards
  Mahesh