No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - VPN

CloudEngine 12800 and 12800E V200R005C10

This document describes the configurations of VPN, including GRE, BGP/MPLS IP VPN, BGP/MPLS IPv6 VPN, VLL, PWE3, and VPLS.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Verifying Network Connectivity and Reachability

Verifying Network Connectivity and Reachability

Context

After completing VPN configuration, you can:
  • Run the ping command on the local CE to check whether the local CE and the remote CE in the same VPN can communicate with each other. If the ping fails, run the tracert command to locate the faulty node.
  • Run the ping command with the -vpn-instance vpn-instance-name parameter on the PE to check whether the PE and the CE in the same VPN as the PE can communicate with each other. If the ping fails, run the tracert command with the -vpn-instance vpn-instance-name parameter to locate the faulty node.

If multiple interfaces on the PE are bound to the same VPN, specify the source IP address. That is, specify the -a source-ip-address when using the ping or tracert command to check the connection to the remote CE that accesses the peer PE. If no source IP address is specified, the PE selects the smallest IP address from the IP addresses of the interfaces on the PE bound to this VPN. The PE uses the selected IP address as the source address of the Internet Control Message Protocol (ICMP) messages. If the CE has no route to the selected IPv4 route, the CE discards the returned ICMP message.

NOTE:

For the MPLS time to live (MPLS TTL) timeout packet with a single label, the switch returns the ICMP message according to the local IP route (that is, the public network route). This is the default action. However, no VPN route exists in the public network routing table of the ASBR. Therefore, the ICMP message is discarded when being sent to or returned by the ASBR.

Procedure

  • Run the ping [ ip ] [ -a source-ip-address | -c count | -d | -f | -h ttl-value | -i interface-type interface-number | -m time |-p pattern | -q | -r | -s packetsize | -system-time | -t timeout | -tos tos-value | -v | -vpn-instance vpn-instance-name ] * host [ ip-forwarding ] command to check network connectivity from the local device to a specified destination IP address.
  • Run the tracert [ -a source-ip-address | -f first-ttl | -m max-ttl | -p port | -q nqueries | -vpn-instance vpn-instance-name | -w timeout ] * host command to check the gateways through which a data packet passes when it is sent from the local device to the destination.
  • Run the ping lsp [ -a source-ip | -c count | -exp exp-value | -h ttl-value | -m interval | -r reply-mode | -s packet-size | -t time-out | -v | -g ] * ip destination-iphost mask-length [ ip-address ] [ nexthop nexthop-address ] command to check connectivity of a Label Switched Path (LSP).
  • Run the tracert lsp [ -a source-ip | -exp exp-value | -h ttl-value | -r reply-mode | -t time-out| -s size | -g ] * ip destination-iphost mask-length [ ip-address ] [ nexthop nexthop-address ] command to check the gateways through which a data packet passes when it is sent from the local device to the destination along the LSP.
Translation
Download
Updated: 2019-04-03

Document ID: EDOC1100075353

Views: 14564

Downloads: 25

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next