MPLS – check the label switching path with Juniper Junos and Cisco IOS

How yall doing guys. It has been some times putting anything new to my blog. I think I will put some more materials that focus on troubleshooting wise stuffs. This time, I will present the way to check the label switching path or routing path of the MPLS VPN traffic that run on top of the OSPF and LDP protocols.

Here is the Topology. The lab is build with both Cisco IOS (C1000v) and JunOS. There is 2 subnets in the VRF which are 192.168.104.0/24 and 192.168.109.0/24 and they are located in the R3 and R10 respectively.

20161215-mpls-lab

 

If there is traffic sending from 192.168.104.2 to 192.168.109.10, the packet will send from the vASA-F14 and pass to R03 s VRF instance, and the packet will traffic all the way via the MPLS cloud and pass it to R09 and route to the Workstation.

So when the packet with destination of 192.168.109.10/32 reach to R06 the MPLS VPN ingress router, how do we know where does the packet route via? So, we could check the route table of the VRF in router 06 as listed below.

R06:
netuser@net-AS5052-vMX-R06> show route table 1060010010.inet | find 192.168.109.0/24

192.168.109.0/24 *[BGP/170] 17:47:02, MED 0, localpref 100, from 10.50.0.8
AS path: ?, validation-state: unverified
> to 10.50.1.14 via ge-0/0/1.3993, Push 42, Push 420720(top)
When the packet reach to the ingress router, this packet will add 2 different LABELS on top of the packet. The first one is called the inner label; and the second label is called outer label , which is a Label stack on top of the inner label. In this case, the packet will be encapsulated with inner label of 42 and the outer label of 420720.

After the packet is being encapsulated, it will be routed to the next hop of 10.50.1.14 (R05) via ge-0/0/1.3993.

 


So in Router 05, we will be checking the packet switching path or routing path in the label table now.

R05:

netuser@net-AS5052-vMX-R05> show route table mpls.0 | find 420720
420720 *[LDP/9] 00:00:05, metric 1
> to 10.50.1.6 via ge-0/0/1.3997, Swap 404432

In the label switching table, we can observe the reaction of how the router 05 handle the packet with the label of 420720 passed from the router 03. We can see the router 05 would “SWAP” the outer label from 420720 to 404432. After the outer laber of the packet is being SWAPPED, the packet will be passed to 10.50.1.6 (R01) via ge-0/0/1.3997.

 


In router 01, the reaction of handling the labeled packet is a bit different than router 05 since router 01 is the second last hop of the egress router. It will remove (POP) the outer label of 404432 from the packet and pass it to 10.50.1.35 (R10) via ge-0/0/1.3982. This is what the default behavior of the penultimate router and penultimate router are usually the second last hop of the egress router. At this time, the packet is still having the inner label of 42 attached in the packet.

netuser@net-AS5052-vMX-R01> show route table mpls.0 | find 404432
404432 *[LDP/9] 17:50:02, metric 1
> to 10.50.1.35 via ge-0/0/1.3982, Pop
404432(S=0) *[LDP/9] 17:50:02, metric 1
> to 10.50.1.35 via ge-0/0/1.3982, Pop

 

When the packet with inner laber pass to router 10 (running with IOS), R10 will remove all labels (NO Label) from the packet and pass it to 10.50.2.5 via gi3.3981 (the VRF interface). Once the packet are stripped out all the labels, it will route to Router 09 as regular packet based on the routing table.

net-AS5052-c1kv-R10#sho mpls forwarding-table | begin 42
42 No Label 192.168.109.0/24[V] \
19863792 Gi3.3981 10.50.2.5
So what about the path for the returning packets from 192.168.109.10 to 192.168.104.2??
In this time, we will do the similar in router 10 and check the reaction when R 10 receive packet with destination to 192.168.104.2.


R10:
net-AS5052-c1kv-R10#sho ip cef vrf 1100010010 detail | be 192.168.104.0/24
192.168.104.0/24, epoch 0, flags [rib defined all labels]
recursive via 10.50.0.3 label 16
nexthop 10.50.1.34 GigabitEthernet2.3982 label 384720-(local:23)

The router 10 will put the inner label of 16 and outter label of 384720 on top of the received packet, and pass it to 10.50.1.34 (R01) via Gi2.3982.

When it reaches to router 01, the outter label will swap from 384720 to 362096 and pass to 10.50.1.7 (R05).

R01:
netuser@net-AS5052-vMX-R01> show route table mpls.0 | find 384720
384720 *[LDP/9] 00:48:15, metric 1
> to 10.50.1.7 via ge-0/0/1.3997, Swap 362096

In router 05, it removes (POP) the outter label of 362096 and pass to 10.50.1.16 (R03).

R05:
netuser@net-AS5052-vMX-R05> show route table mpls | find 362096
362096 *[LDP/9] 00:32:22, metric 1
> to 10.50.1.16 via ge-0/0/1.3992, Pop
362096(S=0) *[LDP/9] 00:32:22, metric 1
> to 10.50.1.16 via ge-0/0/1.3992, Pop

In the router 03 (penultimate router), it removes (POP) the inner label of 16 and pass the packet to VRF 1030010010, and based on the route table of VRF, it will pass to the 10.50.2.10 (vASA)

netuser@net-AS5052-vMX-R03> show route table mpls.0 | find 16
16 *[VPN/0] 00:52:41
to table 1030010010.inet.0, Pop

netuser@net-AS5052-vMX-R03> show route table 1030010010.inet.0 | find 192.168.104
192.168.104.0/24 *[Static/5] 00:54:36
> to 10.50.2.10 via ge-0/0/2.3979

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s