No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

VPN Routes Cannot Be Exchanged Due to the Problem with the Mask of the Loopback Address in MPLS VPN

Publication Date:  2012-07-27 Views:  37 Downloads:  0
Issue Description
The local engineer found that two PEs could not exchange their VPN routes and their IP addresses could not be pinged when testing the MPLS VPN.
For the test, the topology can be simplified as follows:
PE1-------------P--------------PE2
Create two loopback interfaces on the two PEs respectively and bind the interfaces with the vpn-instance test.
The IP addresses of the loopback interfaces are respectively 1.1.1.1 and 1.1.1.2. 
 
Alarm Information
Null
Handling Process
The troubleshooting based on the preceding analysis found that:
1. OSPF was enabled between PE1 and P and between PE2 and P and the IP addresses of the peer loopback interfaces existed in the routing table.
2. The configuration was confirmed to be correct through the check of the MPLS peer and LSPs.
3. The configuration was confirmed to be correct through the check of BGP and the peer was normally created upon the dis bgp peer command.
4. The peer 1.1.1.X enable command was configured under vpnv4 and the peer was normally created and could send the VPN route of 1.1.1.X normally upon the dis bgp vpnv4 all peer command.
Based on the preceding findings, the engineer re-checked the VPN routing table and found only one route:
1.1.1.0/24 direct
This is the route of the loopback interface of the router. Then the engineer found that the mask was a 24-bit mask instead of a 32-bit one.
The engineer checked the configuration of this router and found that the mask was a 24-bit mask as displayed. That is to say, the IP addresses of the loopback interfaces of the two PEs were in the same segment. As a matter of fact, the routers had received the VPN routes. However, because the IP addresses of their loopback interfaces were in the same segment, the routers seemed to have two equivalent routes, the direct route and the BGP route. In this case, the routers preferentially chose the direct routes for their own routing tables. That was why the routing tables contained no BGP VPN routes and the IP addresses of the two routers could not be pinged.
After the mask of the IP address of the loopback interface was modified to 32 bits, the problem was solved. 
 
Root Cause
It must be a configuration problem, which is probably caused by:
1. The lack of the IP addresses of the peer loopback interfaces in the routing table.
2. The incorrect configuration of MPLS.
3. The failure to create the BGP peer because the connect-interface-loopback command is not run in the course of creating the peer.
4. The failure to configure peer 1.1.1.X enable in the vpnv4 view. 
 
Suggestions
We must pay attention to details when conducting the configuration. Some seemingly critical problems are actually caused by negligence of details. 

END