No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


RT undue configure lead to the service impassable after routing cross.

Publication Date:  2012-10-18 Views:  134 Downloads:  0

Issue Description

NE20 VPN - A users can't go to the network.

Description: NE20 and NE80E is PE, E500 is CE. NE20 configure VPN-A instance, NE80E configuration has two VPN instance VPN - A and VPN - B, which RT value of NE20 VPN - A instance and NE80E VPN - A instance is coupling. NE80E and E500 is a GE interconnection, in NE80E configure two GE sub-interface binding VPN - A and VPN - B instance, then respectively go into zone A and B which is the E500 sub-interface in.

Alarm Information


Handling Process

1, NE20 VPN - A users go to the network, first check NE20 VPN - A whether have default route to NE80E, secondly check NE80E VPN - A default route whether point to E500, finally check E500 whether there is a VPN - A user return routing pointing to NE80E. Through the inspection find they are all no problems.
2, check RT value configuration, found NE80E VPN - A and NE20 VPN - A RT value for coupling, this may lead to NE20 VPN - A default route cross to NE80E VPN - B, it also means the default route enter the B zone, rather than normal A zone, then through the extranet zone (untrust) to go out, when packet return to untrust zone, find the VPN - A return routing export zone is zone A, because E500 is based on session table item to forward packet, and that packet come-and-go path are different, message is discarded off.
3, modify the NE80E RT, make NE80E VPN - B and NE20 VPN - A RT value can't coupling, so that NE20 VPN - A only routing cross to NE80E VPN - A, also make packets from A zone to untrust and out, again from untrust return to A zone.

Root Cause

1, the default routing problem.
2, RT configuration problem.


When configure RT, need to pay attention to routing cross situation, whether cross export is right.