Sunday, May 3, 2009

12 Days to Go...

Today was a tough day.. Even though i said i have done IPExpert Vol 3 Lab 5 before, i just remembered that i skipped a section last time without knowing what was missing. But, i found out what was the problem today.. Anyway, it's a difficult lab with topology of 3 AS Inter-AS VPN + CsC. IPExpert really likes to put everything into one lab. So, it has both pros and cons. You can learn a lot of features from one lab, but, you need more time to get the lab done. It has some interesting commands like below commands

  • isis authentication send-only
  • mpls label protocol both
  • mpls ldp explicit-null for

This lab took me like 10 hours to finish it. I had the same problem when i did it the last time but, couldn't figure out what was that. The solution guide is wrong here also. Let's see the partial topology first

As you can see in the diagram, SP1 and SP2 are providing CsC service to SP2000. BB_CE2 and BB_CE3 are actually a single BB router with 2 different vrf. The problem there was CE3 and CE4 can see each other loopback address but, you just cannot ping each other.
I did troubleshooting like hell but, never expected the BB router. Later i found out that BB router is not forwarding the packets. I wondered why and went and took into BB router. Then, i noticed that routing table for BB_CE2 didin't have routes from CE4 and routing table for BB_CE3 didn't have routes CE3.

Damn.. what would cause the BB router not to have the routes from other side of the MPLS clould while CE routers have the routes. I though the routes were pass to CE routers by BB_CE2 and BB_CE3 ospf routing processes. Later i figured that BB ospf routing processes were not putting in the routes came from PE routers with down-bit into routing tables but passing them to CE routers which cause the CE routers to see each other routes.

There is one command to fix this problem. I beleive most of you have already known the command. For those who haven't, the command is here. But, it doesn't explain why the router didn't install the routes into routing table and why you need to use it. Details can be found in "MPLS and VPN Architures Volume II"

No comments:

Post a Comment