Problem Description: The customer had tested the MPLS/VPLS functionality on the S7703 and it works fine in their labs; however, when they deployed it to site they had issues with VPLS.
Configuration script and operation scenario:
What is working:
- - LDP session is up from both ends (Huawei switch and Brocade router)
- - VSI is up from both ends (Huawei switch and Brocade router)
- -Firewall is allowing all traffic.
- -Capturing traffic in and out of the switch shows that normal LDP hello packets are traversing the switch.
- - End points connected to VPLS not able to ping each other
- - VSI not learning remote nor local mac addresses. MAC address only learned on VLAN
<CTSC-RTR-01>debugging mpls ldp all
Apr 25 2017 14:08:23.370.1 CTSC-RTR-01 LDP/7/PDU:
11:1218: Receive UDP Message from Peer: 172.19.255.250. Message content:
01 00 00 1c 00 00 14 f3 04 00 00 04 00 2d c0 00
04 01 00 04 ac 13 ff fa 04 02 00 04 00 00 00 01
The message type: Hello Message..
Apr 25 2017 14:08:23.370.2 CTSC-RTR-01 LDP/7/Discovery:
43:10984: Unable to find remote entity for peer: 172.19.255.250
Apr 25 2017 14:08:23.370.3 CTSC-RTR-01 LDP/7/Discovery:
14:1586: Decode hello failed(peer = 172.19.255.250, interface = Vlanif1018, errcode = 4)
Apr 25 2017 14:08:27.990.2 CTSC-RTR-01 LDP/7/Main:
36:123: LDP ScanFib(InstanceId=0, TriggerHost=1, Ret=0, FibCount=2, Break=0, Read RouteType=1, Dest=172.19.255 .250).
Apr 25 2017 14:08:27.990.3 CTSC-RTR-01 LDP/7/Main:
36:403: LDP read global success(instance = 0, FEC=172.19.255.250/0xFFFFFFFF, count = 1, instance-status = 0x0, route-type = 2).
Apr 25 2017 14:08:27.990.4 CTSC-RTR-01 LDP/7/Policy:
33:4999: fec try egress policy fail(Instance = 0, FEC = 172.19.255.250/0xFFFFFFFF, RouteType = 2, nexthop = 192.168.20.1, Matn = 0, reason = egress policy deny).
Confirmed whether the same device was used in both lab and live environment.
The customer confirmed that the device used in lab environment was different so I checked more information regarding those logs and also board type.
Asked for debugging mpls ldp policy & debugging mpls ldp discovery interface vlanif 1018
- Although the LDP session is up, I have noticed abnormal things:
1- “display mpls ldp interface” shows that there are no received hello packets
2- “display mpls ldp lsp” shows that lsp’s not established and has no out interface.
3- When removing “mpls ldp remote-peer” command, ldp session goes down. (although it works perfectly in the lab without this targeted ldp command)
4- When pinging, the mac address only appears on “show mac-address vlan” , not on “show mac-address vsi”. This was not the case in our lab test where the mac only appears on the vsi
MPU version information :
1. PCB Version : LE02MCUA VER.C
2. MAB Version : 8
3. Board Type : ES0D00MCUA00
4. CPLD0 Version : 1501.0914
5. BootROM Version : 0208.00e7
6. BootLoad Version : 0208.00f1
In the S7700 documentation, I found that SA series cards does not support MPLS LDP function.
Solution: The customer needed to use another line card except X1E series of V200R005 and SA series.
In the lab he usede a different line card, “ES0DG48CEAT0”.
In this case, the MPLS interface is up, LDP session is up, and the port on line card (ES0D0G24SA00) was sending LDP hello packets.
Use another line card except X1E series of V200R005 and SA series in order to support MPLS LDP.