No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

The Improper LSP Trigger Policy Causes the Failure of MPLS VPN Communication

Publication Date:  2012-07-27 Views:  28 Downloads:  0
Issue Description
The networking is as follows:
vpna--R1--R5--R2--R3--vpna
             |
        R4--vpna
In the network topology, R2 and R5 are P devices and the others are PEs. All these devices use loopback addresses to establish MBGP and BGP. The loopback address of R1 is A, the loopback address of R3 is B, and the loopback address of R4 is C.
After VPN A is established, the VPN can work normally between R1 and R4 and between R4 and R3, but cannot between R1 and R3. 
 
Alarm Information
Null
Handling Process
1. It is confirmed that there are no conflicting IP addresses.
2. The host route has been used for the loooback address of MBGP on R4, as seen on R1. The loopback address of R4 can be successfully pinged from R1 using the ping command containing the source loopback address.
3. Check the status of BGP and MBGP neighbors. The status of all these neighbors is ESTABLISH, which is taken as normal.
4. Run the mpls ldp session command on R1. It is found that LDP sessions are normally established. The public network label of R4 can be seen on R1, but the public network label of R1 cannot be seen on R4. Because VPN communications proceed normally between R4 and R3, MPLS must be enabled on the interfaces connecting R2 with R3. Thus, it is deduced that the failure of VPN communication is caused by LSPs that cannot be created.
Log in to R2 to view the MPLS configuration:
mpls
lsp-trigger ip-prefix LSP-CELUE
ip ip-prefix LSP-CELUE index 10 permit B 32
ip ip-prefix LSP-CELUE index 10 permit C 32
For LSPs established through LDP, it is required to configure the FEC to trigger LSP establishment. The preceding LSP trigger policy does not allow the loopback address of R1 to trigger LSP establishment. As a result, the LSP between R1 and R3 cannot be established. But the LSP trigger policy allows the loopback address of R2 to trigger LSP establishment. Therefore, VPN communication can proceed normally between R2 and R4.
Run the ip ip-prefix LSP-CELUE index 10 permit A 32 command to add the corresponding IP prefix to the IP prefix list. The problem is thus solved. 
 
Root Cause
Possible causes are as follows:
1. There are conflicting IP addresses.
2. The 32-bit host routes are lacking for PEs.
3. There is problem with the status of IBGP and MBGP neighbors.
4. LSPs cannot be established.
In this case, the failure of VPN communication is caused by the improper LSP trigger policy that makes it impossible to create LSPs. 
 
Suggestions
To locate the problem of LSP establishment, consider whether the corresponding LSP trigger policy is configured on the P device. 

END