beautypg.com

Caution – Panasonic NN46240-710 User Manual

Page 91

Attention! The text in this document has been recognized automatically. To view the original document, you can use the "Original mode".

background image

3 BGP/MPLS IP VPN troubleshooting

Nortel Secure Router 8000 Series

_________ Troubleshooting - VPN

- If BGP VPNv4 peers establish between PEs, check whether VPN targets of the two

PEs match. The export VPN target of the local PE must be consistent with the import

VPN target of the remote PE. The import VPN target of local PE must be consistent
with the export VPN target. If not, modify the configuration.

- If BGP VPNv4 peers do not establish between PEs, the possible cause can be failure to

establish BGP peers between PEs. Use the display bgp peer command to view public

network BGP peers of PE. For information about the public network route problem
between PEs, see Nortel Secure Router 8000 Series Troubleshooting - IP Routing

(NN46240-706).

CD

NOTE

The VPNv4 routes between PEs are transferred by peers in the VPNv4 address family. The establishment
of BGP VPNv4 peers depends on BGP peers in the public network.

A

CAUTION

Specify the loopback interface used for BGP connection when you configure IGBP neighbors.

Use the peer peer-ip-address connect-interface loopback interface-number command to

specify IBGP peers.

On PE, check VPN routes of the remote CE. If you specify the next hop, but not the loopback
interface of the remote PE, the public network route cannot be associated with the LSP of the

public network.

If BGP configuration is correct and all BGP peers establish correctly, but no routes to the

remote CE are found by using the display ip routing-table vpn-instance command, the reason

is that no LSP is established between PE and the next hop of the routes to the remote CE. This
situation restricts the route from finding the associated LSP.

Use the display ip routing-table vpn-instance vpn-name ip-address [ mask | mask-length ]
verbose command, and you can find that the value of the tunnel ID is 0x0. The following is an

example:

display ip routing-table vpn-instance vpna 10.2.1.202 32 verbose

Destination: 10.1.1.202/32

Protocol:

BGP

Process ID:

0

Preference:

255

Cost:

0

NextHop:

3.3.3.3

Interface:

NULL0

RelayNextHop:

0.0.0.0

Neighbour:

3.3.3.3

Label:

15360

Tunnel ID:

0x0

SecTunnel ID:

0x0

BkNextHop:

0.0.0.0

BkInterface:

BkLabel:

NULL

Tunnel ID:

0x0

SecTunnel ID:

0x0

State:

Inactive

Adv WaitQ Age:

00h01m05s

Tag:

0

Use the display bgp vpnv4 all routing-table label command on both the local PE and the
remote PE to check whether the labels at both the ends match. The private network label

assigned by the local PE is referred to as an incoming label for the local PE, and an outgoing
label for the remote PE.

If they match, go to Step 3.

3-12

Nortel Networks Inc.

Issue 5.3 (30 March2009)

See also other documents in the category Panasonic Hardware: