in
IEOC CCIE Forums

IEOC - INE's Online Community

Welcome to INE's Online Community - IEOC - a place for CCIE and CCENT candidates to connect, share, and learn. Our Online Community features CCIE forums and discussions for all tracks including Routing & Switching, Voice, Security, Service Provider, Wireless,, and Storage. Through these online communities you can discuss your questions with thousands of your peers, hundreds of CCIE's and INE's own team of world renowned CCIE instructors and authors, Brian Dennis - Quintuple CCIE #2210, Brian McGahan – Triple CCIE #8593, Petr Lapukhov - Quad CCIE #16379, and Mark Snow - Dual CCIE #14073.
Latest post 07-01-2008 8:00 AM by Internetwork Expert Archive. 1 replies.
Page 1 of 1 (2 items)
Sort Posts: Previous Next
  • 07-01-2008 8:00 AM

    5.5: Central Services VPN

    Locked Contact
    Hi,

    for some reason I cannot ping the loopback on R9 which is in vrf CENTRAL_SERVICES from any device. From all these devices I can get to all networks in the other VPNs, eg VRF 100, VRF200, VRF54.

    The 192.168.1.0/24 network does show up in the vrf routing tables as expected and next hop/vpn/label info looks correct.

    Currently I am just trying to reach the central services network 192.168.1.9 by pinging from R3 in the vrf with no luck.

    I have pasted all the outputs below and double checked the configs so was wondering if anyone had issues with this part of the lab.

    VRF routing table on R3
    -------------------------
    Routing Table: CENTRAL_SERVICES
    Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
    D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
    N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
    E1 - OSPF external type 1, E2 - OSPF external type 2
    i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
    ia - IS-IS inter area, * - candidate default, U - per-user static route
    o - ODR, P - periodic downloaded static route

    Gateway of last resort is not set

    172.30.0.0/24 is subnetted, 1 subnets
    C 172.30.103.0 is directly connected, Ethernet1/0.3000
    B 192.168.1.0/24 [200/0] via 150.1.9.9, 00:10:37

    VPN label assigned to prefix
    -----------------------------
    R3#show ip bgp vpnv4 all l
    Network Next Hop In label/Out label
    Route Distinguisher: 12349:9 (CENTRAL_SERVICES)
    172.30.103.0/24 0.0.0.0 30/aggregate(CENTRAL_SERVICES)
    192.168.1.0 150.1.9.9 nolabel/16

    Route or next hop which is pingable.
    -----------------------------
    R3#show ip route 150.1.9.9
    Routing entry for 150.1.9.9/32
    Known via "isis", distance 115, metric 40, type level-2
    Redistributing via isis
    Last update from 150.1.23.2 on Ethernet0/0, 3d18h ago
    Routing Descriptor Blocks:
    * 150.1.23.2, from 150.1.9.9, via Ethernet0/0
    Route metric is 40, traffic share count is 1

    Cef output for igp and vpn tag
    -----------------------------
    R3#show ip cef vrf CENTRAL_SERVICES 192.168.1.9
    192.168.1.0/24, version 13, epoch 0, cached adjacency 150.1.23.2
    0 packets, 0 bytes
    tag information set
    local tag: VPN-route-head
    fast tag rewrite with Et0/0, 150.1.23.2, tags imposed: {22 16}
    via 150.1.9.9, 0 dependencies, recursive
    next hop 150.1.23.2, Ethernet0/0 via 150.1.9.9/32
    valid cached adjacency
    tag rewrite with Et0/0, 150.1.23.2, tags imposed: {22 16}


    Forwarding table info for next hop
    -----------------------------
    R3#show mpls forwarding-table 150.1.9.9
    Local Outgoing Prefix Bytes tag Outgoing Next Hop
    tag tag or VC or Tunnel Id switched interface
    18 22 150.1.9.9/32 0 Et0/0 150.1.23.2


    Transit router igp label for bgp next hop
    -----------------------------
    R2#show mpls forwarding-table | inc ^22
    22 1/35 150.1.9.9/32 717065 AT2/0.1 point2point
    R2#

    R9 vc verfication
    -----------------------------
    R9#show atm vc
    VCD / Peak Avg/Min Burst
    Interface Name VPI VCI Type Encaps SC Kbps Kbps Cells Sts
    0/0.1 25 1 35 TVC MUX UBR UP

    R9#

    VPN label correct.
    -----------------------------
    R9#show ip bgp vpnv4 all labels
    Network Next Hop In label/Out label
    Route Distinguisher: 12349:9 (CENTRAL_SERVICES)
    192.168.1.0 0.0.0.0 16/nolabel




    R9# show mpls forwarding-table
    Local Outgoing Prefix Bytes Label Outgoing Next Hop
    Label Label or VC or Tunnel Id Switched interface
    16 Pop Label 192.168.1.0/24[V] 0 aggregate/CENTRAL_SERVICES
    19 1/35 150.1.2.2/32 0 AT0/0.1 point2point


    Thx in advance
    • Post Points: 5
  • 07-01-2008 8:00 AM In reply to

    Re: 5.5: Central Services VPN

    Locked Contact
    I found the problem, for some reason the connected network 172.30.103.3 which is in the central services vrf on R3 and configured in rip to be redistributed into bgp never made it to the CS vrf routing table on R9.

    After clearing, bouncing etc etc and not seeing it I finally removed the vrf config and reapplied it and its now there on the R9 VRF table for CS.

    Thx




    • Post Points: 5
Page 1 of 1 (2 items)
IEOC CCIE Forums Internetwork Expert CCIE Training
About IEOC | Terms of Use | RSS | Privacy Policy
© 2010 Internetwork Expert, Inc. All Rights Reserved