No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - VPN 01

NE05E and NE08E V300R003C10SPC500

This is NE05E and NE08E V300R003C10SPC500 Configuration Guide - VPN
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Maintaining BGP/MPLS IPv6 VPN

Maintaining BGP/MPLS IPv6 VPN

This section describes how to maintain BGP/MPLS IPv6 VPN.

Monitoring the Running Status of a BGP/MPLS IPv6 VPN

Monitoring the running status of a BGP/MPLS IPv6 VPN involves checking VPN instance information, VPNv6 peer information, and BGP peer log information.

Context

In routine maintenance, the following commands can be run in any view to display BGP/MPLS IPv6 VPN information.

Procedure

  • Run the display ipv6 routing-table vpn-instance vpn-instance-name [ [ filter-option ] [ verbose ] | statistics ] command on the PE to check the routing table of the VPN instance IPv6 address family.
  • Run the display ip vpn-instance [ verbose | brief ] [ vpn-instance-name ] command to check information about the VPN instance IPv6 address family.
  • Run the display mpls lsp command to check LSP information.
  • Run the display bgp vpnv6 { all | route-distinguisher route-distinguisher | vpn-instance vpn-instance-name } routing-table destination-address [ mask-length ] command to check entries in the routing table of the BGP-VPN instance IPv6 address family.
  • Run the display bgp vpnv6 { all | route-distinguisher route-distinguisher | vpn-instance vpn-instance-name } routing-table statistics [ match-options ] command to check information about the routing table of the BGP-VPN instance IPv6 address family.
  • Run the display bgp vpnv6 { all | route-distinguisher route-distinguisher | vpn-instance vpn-instance-name } routing-table [ match-options ] command to check information about the routing table of the BGP-VPN instance IPv6 address family.
  • Run the display bgp vpnv6 { all | vpn-instance vpn-instance-name } group [ group-name ] command to check VPNv6 BGP peer group information.
  • Run the display bgp vpnv6 { all | vpn-instance vpn-instance-name } peer [ [ peer-address ] verbose ] command to check VPNv6 BGP peer information.
  • Run the display bgp vpnv6 { all | vpn-instance vpn-instance-name } network command to check VPNv6 route information advertised by BGP.
  • Run the display bgp vpnv6 vpn-instance vpn-instance-name peer { group-name | ipv6-address } log-info command to check log information about the BGP peers in the BGP-VPN instance IPv6 address family.

Checking Network Connectivity and Reachability

This section describes how to use the ping command to detect the network connectivity between the source and destination, and how to use the tracert command to check the devices through which data packets are sent from the source to the destination.

Procedure

  • Run the ping ipv6 [ -a source-ipv6-address | -c echo-number | -m wait-time | -s byte-number | -t time-out | -tc traffic-class | vpn-instance vpn-instance-name ]* host-name [ -i interface-type interface-number ] command check whether an IPv6 network is correctly set up between the sending device and the destination.
  • Run the tracert ipv6 [ -f first-hop-limit | -m max-hop-limit | -p port-number | -q probes | -w wait-time | vpn-instance vpn-instance-name ]* host-name command to check the gateways through which the IPv6 packets are sent from the sending device to the destination.
  • Run the ping [ ip ] [ -a source-ip-address | -c count | -d | { -f | ignore-mtu } | -h ttl-value | { -si source-interface-type source-interface-number | -nexthop nexthop-address } | -i interface-type interface-number | -m time | -p pattern | -q | -r | { -s packetsize | -range [ [ min min-size | max max-size | step step-size ] * ] } | -system-time | -t timeout | { -tos tos-value | -dscp dscp-value } | -v | -vpn-instance vpn-instance-name | -ri | -8021p 8021p-value ] * host [ ip-forwarding ] command to check whether the IPv4 backbone network is correctly set up between the sending device and the destination.
  • Run thetracert [ -a source-ip-address | -f first-TTL | -m max-TTL | -p port | -q nqueries | -vpn-instance vpn-instance-name | -w timeout ]* dest-address command to check the gateways through which the IPv4 packets are sent from the sending device to the destination on the IPv4 backbone network.

Example

After completing IPv6 VPN configurations, run the ping command with ipv6 vpn-instance vpn-instance-name on a PE to check whether the PE can communicate with a CE in the same IPv6 VPN. If the ping fails, run the tracert command with vpn-instance vpn-instance-name to locate the fault.

If multiple interfaces on a PE are bound to the same VPN instance enabled with an IPv6 address family, specify the source IP address when you ping the remote CE that accesses the peer PE. This means that the parameter -a source-ipv6-address needs to be specified in the ping command. If you do not specify a source IP address, the PE selects the address of its interface bound to the VPN instance as the source address of the ICMPv6 packet. If the CE does not have a route to the selected IPv6 address, the ICMPv6 packet sent back from the peer PE will be discarded.

NOTE:

By default, after a NE receives a single-tagged MPLS packet whose TTL has expired, the router returns an ICMPv6 packet along the local IP route, a public network route. No VPN route, however, exists in the public network routing table of the ASBR. As a result, the ICMPv6 packet is discarded when being sent to or returned by an ASBR.

Checking the Route Statistics of a VPN Instance IPv6 Address Family

This section describes how to check the statistics about the routes learned using various protocols in the VPN instance IPv6 address family.

Procedure

  • Run the display ipv6 routing-table vpn-instance vpn-instance-name statistics command to check the route statistics of a specified VPN instance IPv6 address family.

Clearing the BGP Statistics of a VPN Instance IPv6 Address Family

The BGP statistics of the VPN instance IPv6 address family cannot be restored after being cleared. Exercise caution when clearing the statistics.

Context

The BGP statistics of the VPN instance IPv6 address family cannot be restored after being cleared. Exercise caution when clearing the statistics.

Procedure

  • Run the reset bgp vpn-instance vpn-instance-name ipv6-family [ ipv6-address ] flap-info command in the user view to clear the statistics about BGP peer flapping from the specified VPN instance IPv6 address family.
  • Run the reset bgp vpn-instance vpn-instance-name ipv6-family dampening [ ipv6-address mask-length ] command in the user view to clear the statistics about route dampening from the specified VPN instance IPv6 address family.

Resetting BGP Connections

If a faulty BGP connection needs to be reset or a new BGP connection configuration needs to take effect, you can reset or softly reset the BGP connection. Note that resetting a BGP connection will interrupt VPN services.

Context

Resetting BGP connections interrupts VPN services. Exercise caution when running this command.

After changing a BGP connection configuration, you can reset or softly reset the BGP connection for the new configuration to take effect. Soft reset requires BGP peers to be able to refresh routes. That means BGP peers must support Route-Refresh messages.

Procedure

  • Run the refresh bgp vpn-instance vpn-instance-name ipv6-family { all | ipv6-address | group group-name | internal | external } { import | export } command to trigger the soft reset of the VPN instance IPv6 address family's BGP connections in the inbound or outbound direction.
  • Run the refresh bgp vpnv6 { all | ipv4-address | group group-name | internal | external } { import | export } command to trigger the soft reset of BGP VPNv6 connections in the inbound or outbound direction.
  • Run the reset bgp vpn-instance vpn-instance-name ipv6-family { all | as-number | ipv6-address | group group-name | external } command to reset the BGP connections of a specified VPN instance IPv6 address family.
  • Run the reset bgp vpnv6 { as-number | ipv4-address | group group-name | all | internal | external } command to reset BGP VPNv6 connections.
Translation
Download
Updated: 2019-01-14

Document ID: EDOC1100058925

Views: 33770

Downloads: 59

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next