登录站点

用户名

密码

MPLS VPN ----cp

已有 887 次阅读  2016-04-05 15:59   标签mpls 

Troubleshooting MPLS VPNs

Expert Ivan Pepelnjak explains how to troubleshoot each MPLS VPN service below: 

Troubleshooting L3 MPLS VPNs 

If your L3 MPLS VPN service connection is down, then there are only a few things you can do before sending a help desk ticket to your service provider:

  1. Check the WAN link status on your CE routers. If it's down, then that's the source of the problem.
  2. Check the routing protocol status on the CE routers. If you can’t reach the provider edge (PE) router, either the PE router failed or the local link has failed in a way that’s not reflected in Layer-1/Layer-2 link status. (See the Troubleshooting pseudowires section below.)
  3. If the CE routers communicate with the PE routers but you still can’t get the routes across the MPLS VPN network, the service provider has routing issues that you can do nothing about.
Troubleshooting MPLS-based pseudowires 

When troubleshooting pseudowires, you may run into any one of these scenarios: 

  • MTU mismatch. See whether the maximum transmission unit (MTU) could be larger than the Ethernet’s default setting due to jumbo frames used in typical data center environments or additional header fields imposed by your private MPLS-based solutions. Use a tool like mturoute for Windows or tracepath for Linux to measure the actual end-to-end MTU.
  • Pseudowire might not be transparent. Verify that your edge devices can see each other using a Layer 2 protocol like Cisco’s Discovery Protocol (CDP) or Link Layer Discover Protocol (LLDP). Non-transparent pseudowires might not affect routed L3 connections, but they can devastate L 2 data center interconnect.
  • Pseudowire might not provide end-to-end state signaling. When the link is lost at one end of the pseudowire or broken somewhere in the service provider cloud, the other end may still appear operational.
Troubleshooting VPLS 

Since VPLS is built with a full mesh of pseudowires, you might experience some of the problems described in the previous section. Also, if you have MTU problems, those can be detected using the tools mentioned above. However, if some edge devices are connecting while others are not, then you have partial connectivity within the VPLS cloud due to broken or misconfigured pseudowires. Pepelnjak suggests troubleshooting partially connected VPLS services this way: 

  1. Identify the endpoints that cannot communicate.
  2. Check the routing tables on the first-hop routers. If they don’t have routes to the destination, you’ll have to perform traditional routing protocol troubleshooting.
  3. Do a traceroute between the endpoints. If the trace stops at the edge of the VPLS service, you might be experiencing VPLS connectivity issues.
  4. To verify your diagnosis, perform pings between routers directly attached to the VPLS service. If the initial pings succeed, don’t forget to repeat the tests with the maximum MTU size you expect to be able to transport across the VPLS service.
分享 举报