beautypg.com

2 ces cannot communicate, Fault symptom, Fault analysis – Panasonic NN46240-710 User Manual

Page 96: 2 ces cannot communicate -17, Ces cannot communicate

Attention! The text in this document has been recognized automatically. To view the original document, you can use the "Original mode".

background image

Nortel Secure Router 8000 Series

Troubleshooting - VPN___________

3 BGP/MPLS IP VPN troubleshooting

3.3.2 CEs cannot communicate

Fault symptom

Figure 3-6 BGP/MPLS VPN networking diagram

Loopback 1

PE1

Loopback 1

PE2

P1

P2

CE1

CE2

The BGP/MPLS VPN service is configured in the network as shown in Figure 3-6. CE1 and
CE2 belong to the same VPN. After the configuration, CE1 cannot successfully ping CE2.

Fault analysis

CQ NOTE

Consider the configuration of PE2 as an example. The configuration of PE1 is similar to that of PE2, and is

not covered in this chapter.

Use the display bgp peer command on PE2 to check the IBGP peer relationship between PE2

and PE1. The IBGP peer relationship is not set up successfully.

Query the distribution of labels, and find that P2 distributes a label of 3 to the previous hop P1.

In normal cases, PE2 distributes a label less than 16 to the previous hop P2, and P2 distributes a
label larger than 16 to the previous hop P1. Then it can be determined that the error lies in
incorrect judgment of hops.

A router judges whether it is the egress node of the LSP because a direct route exists to the

outbound interface of the IBGP session. Check the routing table on P2. Find that a direct route

to PE2 exists, the endpoint of IBGP.

Check the configuration and find that the loopback interface is not specified by using the peer

peer-ip-address connect-interface loopback interface-number command as the outbound

interface of the local IBGP peer session.

If the outbound interface is not specified for the local IBGP session, the default is the outbound
interface of data streams. Because the outbound interface of data streams connects P2 directly;
P2 considers itself as the egress node of the LSP. The P2 mistakenly distributes a label with a

value less than 16 to P1, which causes the label at the stack bottom to pop up ahead of schedule

and results in interworking failure.

Currently, the Secure Router 8000 Series, by default, distributes labels only for the route with a
32-bit mask. This type of configuration error can cause another phenomenon where the public

network route or private network route has no corresponding LSPs.

Issue 5.3 (30 March 2009)

Nortel Networks Inc.

3-17

See also other documents in the category Panasonic Hardware: