The networking is as follows:
In the network topology, R2 and R5 are P devices and the others are PEs. All these devices use loopback addresses to establish MBGP and BGP. The loopback address of R1 is A, the loopback address of R3 is B, and the loopback address of R4 is C.
After VPN A is established, the VPN can work normally between R1 and R4 and between R4 and R3, but cannot between R1 and R3.
1. It is confirmed that there are no conflicting IP addresses.
2. The host route has been used for the loooback address of MBGP on R4, as seen on R1. The loopback address of R4 can be successfully pinged from R1 using the ping command containing the source loopback address.
3. Check the status of BGP and MBGP neighbors. The status of all these neighbors is ESTABLISH, which is taken as normal.
4. Run the mpls ldp session command on R1. It is found that LDP sessions are normally established. The public network label of R4 can be seen on R1, but the public network label of R1 cannot be seen on R4. Because VPN communications proceed normally between R4 and R3, MPLS must be enabled on the interfaces connecting R2 with R3. Thus, it is deduced that the failure of VPN communication is caused by LSPs that cannot be created.
Log in to R2 to view the MPLS configuration:
lsp-trigger ip-prefix LSP-CELUE
ip ip-prefix LSP-CELUE index 10 permit B 32
ip ip-prefix LSP-CELUE index 10 permit C 32
For LSPs established through LDP, it is required to configure the FEC to trigger LSP establishment. The preceding LSP trigger policy does not allow the loopback address of R1 to trigger LSP establishment. As a result, the LSP between R1 and R3 cannot be established. But the LSP trigger policy allows the loopback address of R2 to trigger LSP establishment. Therefore, VPN communication can proceed normally between R2 and R4.
Run the ip ip-prefix LSP-CELUE index 10 permit A 32 command to add the corresponding IP prefix to the IP prefix list. The problem is thus solved.
Possible causes are as follows:
1. There are conflicting IP addresses.
2. The 32-bit host routes are lacking for PEs.
3. There is problem with the status of IBGP and MBGP neighbors.
4. LSPs cannot be established.
In this case, the failure of VPN communication is caused by the improper LSP trigger policy that makes it impossible to create LSPs.
To locate the problem of LSP establishment, consider whether the corresponding LSP trigger policy is configured on the P device.