No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Troubleshooting Guide

CloudEngine 16800, 12800, 12800E, 8800, 7800, 6800, and 5800 Series Switches

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Troubleshooting Procedure

Troubleshooting Procedure

After commands are configured to troubleshoot faults, pay attention to the configuration validation mode to ensure that the configurations take effect. Unless otherwise specified, this manual defaults to the two-phase validation mode.

  • In immediate validation mode, the configuration takes effect immediately after you run a command and press Enter.
  • In two-phase validation mode, you must run the commit command after commands are configured to commit the configuration.

Save the results of each troubleshooting step, so you can provide related information to Huawei technical support if your troubleshooting fails.

Procedure

  1. Check whether the next hops of routes are reachable.

    Run the display bgp vpnv4 vpn-instance vpn-instance-name routing-table ipv4-address [ mask | mask-length ] command on the local PE that sends routes to check whether the target route exists. ipv4-address specifies the prefix of the target route.

    • If the target route does not exist, check whether the route of a CE is advertised to the local PE.

    • If the target route exists, check whether it is active. The following is an example in which the target route is a route to 10.1.1.1/32:

    The following command output shows that this route is valid and is the best. The original next hop and iterated next hop of this route are 10.3.3.3 and 10.2.1.2, respectively.

    <HUAWEI> display bgp vpnv4 vpn-instance vpna routing-table 10.1.1.1
    
     BGP local router ID : 10.2.1.2
     Local AS number : 100
     Paths:   1 available, 1 best, 1 select
     BGP routing table entry information of 10.1.1.1/32:
     From: 20.1.1.1 (10.1.1.1)
     Route Duration: 00h00m03s
     : 10.2.1.2
     : Vlanif50
     : 10.3.3.3
     Qos information : 0x0
     AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, , internal, , select, active, pre 255
     Not advertised to any peer yet

    • If the target route is inactive, check whether there is a route to the original next hop in the IP routing table. If no route to the original next hop exists, the BGP route is not advertised because its next hop is unreachable. Determine why there is no route to the original next hop.

    • If the target route is valid and the best one available but there is no information indicating that this route is sent to the remote PE, perform Step 2 to check the outbound policy applied to the local PE.

    • Run the display bgp vpnv4 all routing-table ipv4-address { mask | mask-length } command on the remote PE to check whether it has received the target route.

      • If the remote PE has received the target route, perform Step 1 again to check whether the next hop of the route is reachable and whether this route is selected.

      • If the remote PE has not received the target route, perform Step 2 to check the inbound policy of the remote PE.

  2. Check whether the routing policies are configured correctly.

    Run the display current-configuration configuration bgp command on the local PE and remote PE to check whether the inbound and outbound policies are configured.

    Focus on the peers of the BGP-VPNv4 address family or BGP-VPN instance address family in this troubleshooting case because the private network traffic is interrupted.

    <HUAWEI> display current-configuration configuration bgp
    #
    bgp 100
     peer 10.1.1.1 as-number 200
     #
     ipv4-family unicast
      peer 10.1.1.1 enable
     #
     ipv4-family vpnv4
      policy vpn-target
      peer 10.1.1.1 enable
      peer 10.1.1.1 
      peer 10.1.1.1 
      peer 10.1.1.1 
      peer 10.1.1.1 
      peer 10.1.1.1 
      peer 10.1.1.1 
      peer 10.1.1.1 
      peer 10.1.1.1 
     #
     ipv4-family vpn-instance vpna
      peer 10.1.1.1 as-number 300
      peer 10.1.1.1 
      peer 10.1.1.1 
      peer 10.1.1.1 
      peer 10.1.1.1 
      peer 10.1.1.1 
      peer 10.1.1.1 
      peer 10.1.1.1 
      peer 10.1.1.1 
    #
    return

    • If the inbound and outbound policies are configured on the two devices, check whether the target route fails to be transmitted because it is filtered by these policies. For detailed configurations of a routing policy.

    • If the inbound and outbound policies are not configured on the two devices, go to Step 3.

  3. Check whether the routes can be iterated to a tunnel.

    Run the display bgp vpnv4 all routing-table ipv4-address [ mask | mask-length ] command on the remote PE to check whether the target route can be iterated to a tunnel.

    In the following example, the target route is a route to 10.5.1.2/32. If the Relay Tunnel Name field in the command output is not empty, this route can be iterated to a tunnel.

    <HUAWEI> dis bgp vpnv4 all routing-table 10.5.1.2
    BGP local router ID : 10.2.2.2
     Local AS number : 100
     Total routes of Route Distinguisher(1:2): 1
     BGP routing table entry information of 10.5.1.2/32:
     Label information (Received/Applied): 13316/NULL
     From: 10.1.1.1 (10.1.1.1)
     Route Duration: 00h00m08s
     Relay IP Nexthop: 10.2.1.1
     Relay IP Out-Interface: Vlanif50
      ldp
     Original nexthop: 10.1.1.1
     Qos information : 0x0
     Ext-Community:RT <1 : 1>
     AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, valid, internal, best, select, pre 255     
     Not advertised to any peer yet
     Total routes of vpn-instance vpna: 1
     BGP routing table entry information of 50.1.1.2/32:
     Label information (Received/Applied): 13316/NULL
     From: 10.1.1.1 (10.1.1.1)
     Route Duration: 00h00m07s
      ldp
     Original nexthop: 10.1.1.1
     Qos information : 0x0
     Ext-Community:RT <1 : 1>
     AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, valid, internal, , select, active, pre 255
     Not advertised to any peer yet

    • If the target route fails to be iterated to a tunnel, check whether an associated tunnel exists or the tunnel configurations are correct.

    • If the target route can be iterated to a tunnel, go to Step 4.

  4. Check whether the routes fail to be added to the VPN routing table because the configured import RT and export RT do not match.

    Run the display current-configuration configuration vpn-instance command on the local PE and remote PE to check whether the routes fail to be added to the VPN routing table of the remote PE after being sent to the remote PE because the export RT of the local VPN instance does not match the import RT of the remote VPN instance.

    export-extcommunity indicates an export RT, and import-extcommunity indicates an import RT.

    <HUAWEI> display current-configuration configuration vpn-instance
    #
    ip vpn-instance vpna
     route-distinguisher 1:1
     apply-label per-instance
     
     
    ip vpn-instance vpnb
     route-distinguisher 1:2
     vpn-target 1:1 export-extcommunity
     vpn-target 1:1 import-extcommunity
    #
    return
    • If the export RT of the local VPN instance does not match the import RT of the remote VPN instance, configure matching VPN-targets in the VPN instance.

    • If the export RT of the local VPN instance matches the import RT of the remote VPN instance, go to Step 5.

  5. (Only for CE12800) Check whether the number of labels is lower than the upper limit.

    Check whether MPLS is enabled on the local PE. Then, run the display bgp vpnv4 all routing-table ipv4-address [ mask | mask-length ] command to check whether the target route is assigned a VPN label.

    If no Label information field in the command output exists, the labels may be insufficient. As a result, the target route is not assigned a label and is not advertised to the peer.

    <HUAWEI> display bgp vpnv4 all routing-table 10.10.1.1
    
     BGP local router ID : 10.1.1.2
     Local AS number : 100
     Total routes of Route Distinguisher(1:1): 1
     BGP routing table entry information of 10.10.1.0/24:
     Imported route.
      (Received/Applied): NULL/13312
     From: 0.0.0.0 (0.0.0.0)
     Route Duration: 00h21m24s
     Direct Out-interface: NULL0
     Original nexthop: 0.0.0.0
     Qos information : 0x0
     Ext-Community:RT <1 : 1>
     AS-path Nil, origin incomplete, MED 0, pref-val 0, valid, local, best, select, pre 255
     Advertised to such 1 peers:
        10.1.1.1
     Total routes of vpn-instance vpna: 1
     BGP routing table entry information of 10.10.1.0/24:
     Imported route.
     From: 0.0.0.0 (0.0.0.0)
     Route Duration: 00h21m24s
     Direct Out-interface: NULL0
     Original nexthop: 0.0.0.0
     Qos information : 0x0
     AS-path Nil, origin incomplete, MED 0, pref-val 0, valid, local, best, select, pre 60
     Not advertised to any peer yet
    • If the labels are insufficient, run the apply-label per-instance command in the VPN instance view to configure the device to assign one label to each instance to save labels. You can also configure route summarization to reduce the number of routes.

    • If the labels are sufficient, go to Step 6.

  6. Check whether the number of routes is lower than the upper limit.

    Run the display current-configuration configuration bgp | include peer destination-address or display current-configuration configuration bgp | include peer group-name command on the remote PE to check whether the upper limit on the number of routes to be received is configured on the remote PE.

    For example, if the upper limit is set to 5, subsequent routes are dropped and a log is recorded after the remote PE receives five routes from the local PE at 10.1.1.1.

    <HUAWEI> display current-configuration configuration bgp | include peer 10.1.1.1
     peer 10.1.1.1 as-number 100
     peer 10.1.1.1 
      peer 10.1.1.1 enable

    If a peer is added to a peer group, there may be no configurations of the upper limit in the command output.

    <HUAWEI> display current-configuration configuration bgp | include peer 10.1.1.1
     peer 10.1.1.1 as-number 100
     peer 10.1.1.1 
      peer 10.1.1.1 enable
      peer 10.1.1.1 

    In this case, run the display current-configuration configuration bgp | include peer group-name command to check the configurations of this peer group.

    <HUAWEI> display current-configuration configuration bgp | include peer IBGP
     peer 
      peer IBGP enable

    If the alarm BGP_1.3.6.1.4.1.2011.5.25.177.1.3.6 hwBgpPeerRouteExceed is generated when traffic is interrupted, the target route is dropped because the number of routes received has exceeded the upper limit. When this occurs, increase the upper limit.

    Changing the upper limit on the number of routes to be received from a peer interrupts the BGP peer relationship. Therefore, reduce the number of sent routes by configuring route summarization on the local device.

  7. Collect the following information and contact technical support personnel.

    • Results of this troubleshooting procedure
    • Configuration files, log files, and alarm files of the devices

Translation
Download
Updated: 2020-01-07

Document ID: EDOC1000060766

Views: 614250

Downloads: 2962

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next