Thursday, October 29, 2009


Yesterday, I was troubleshooting one of the customer call and checking the forwarding table on each and every hop. surprisingly, one of the router was showing "Tag switching is not operational", "CEF or TAG switching has not been enabled.

Figure 1

I had checked all the configuration and seem to be fined as usual. After that enabled ip cef and was able to see the forwardng table entries. According to the perception, it may be a cef hang issue but the srange thing is that after 5 minutes I rolled back to the previous condition. No cef and tag switching was working but MPLS LDP peering was up with the adjacent neighbors.

The next output astonished me after seeing the ping received from other PE routers of the local vrf created on the router. All the vpnv4 labels were properly advertising to the MPLS cloud. I thought may be I was not seeing anything but everything working fine in the background. So I checked the PHP behaviour of loopback to the adjacent routers.

Figure 2

The adjacent routers showing untagged instead of pop tag. The ios was spservicesk9-mz.123-14.YT1.bin.

Below depicted is the output of vrf and ping from the other PE router.

Figure 3

Figure 4

End to end MPLS was working fine without cef,ldp and rsvp. But we cannot live with this situtaion so need to change the IOS.

Click Here To Read Rest Of The Post...

Tuesday, October 27, 2009

Remembering PE-CE EIGRP

1.The EIGRP configuration is identical to RIP.
2.The autonomous system aka AS number can be manually set under the EIGRP VRF routing process.
3. If same AS is used among PE routers
- Internal VPN routes of VPN will be learned as internal routes to other VPN.
- External routes will be seen as external to another VPN sites.
4. If different AS is used among PE routers
- Internal VPN routes of VPN will be learned as external routes to other VPN.
- External routes will be seen as external to another VPN sites.
5. BGP MED and extended communities are used to carry the AS number, route type and metric.
6. BGP Cost community plays an vital role in EIGRP. This is the only community which helps to select the route on the basics of cost not on administrative distance that's why iBGP route selects over the EIGRP route even EIGRP route has more AD number than iBGP.

Click Here To Read Rest Of The Post...

Monday, October 26, 2009

RIPv2 Points Need To Be Remembered

1. The simplest dynamic routing protocol for PE-CE.
2. Configuration done under vrf address family.
3. MED is used to carry rip metric which remains the same throughout the MPLSVPN cloud.
4. It avoids the routing loops.

Click Here To Read Rest Of The Post...

Friday, October 23, 2009

Establish IPv6 Peering

During the lab, one must look forward for ipv6 addresses for testing purposes. Tunnel Broker is the organisation which is providing free of cost tunnelling and bgp peering with them. Only need to provide the ipv4 address incase of tunnel and as number incase if bgp peering. Once its done, global ipv6 cloud is reachable free of cost. After creating ipv6 session, telnet to and look for the show ipv6 route or show ipv6 bgp. Now ping ip addresses found in route server from your ipv6 tunnel router.

Click Here To Read Rest Of The Post...

Thursday, October 22, 2009

CCIE SP Written Cleared

Finally I cleared my CCIE SP Written exam yesterday with good marks. Now looking forward for CCIE SP Lab soon.
Click Here To Read Rest Of The Post...

Thursday, October 15, 2009

Preserve Autonomous System While Using Third Party Service Provider

During the expansion of network, service providers may want to expand the MPLS VPN backhauls to various locations. Imagine if the direct media between the two locations is not available but the availability of another service provider is there between the two. In this scenario, the best option is to use the transparent services of the service provider who is running ip backhauls. This could be achieved very easily with the help of xconnect and the third service provider will become a transparent cloud or another words we can say end to end lease circuit. The advantage of using this technique is that the customers which are being served by MPLS VPN service provider won't be able to see the ip cloud. For customers end to end media is of MPLS VPN service providers.
Below is the depicted diagram:-

Click Here To Read Rest Of The Post...

Wednesday, October 14, 2009

Improving WAN Throughput With Forward Error Correction

Forward Error Correction aka as FEC but in cisco terminilogy it is forward equivalence class which is totally different. FEC is a technology which is well known to correct bit errors at the physical layer. But it is being adapted by network layer to improve the application performance across the wan link consequently wan link performance also increases. FEC mainly comes in picture where the statical multiplexing is used. When TCP senses the packet loss over the wan link, it actually reduces the amount of data transfer over the link. These type of problems actually back off the data transmission rate and companies never utilize the link properly. This all works according to the nagle's algorithm. To over these problems FEC is used to increase the performance and throughput of the wan link. FEC plays vital role in the wan acceleration.

Click Here To Read Rest Of The Post...

Friday, October 9, 2009

Redistribute Connected Routes Always Prefer Over Redistribute Protocol

During the lab or in real life you will be stumble to see when you add redistribute connected with route map under any IGP protocol; all the routes which are receiving by redistribution of any protocol vanishes automatically. This could happen inadvertently or one can say it's a cisco bug. In fact, this is the right behaviour. The redistribution of connected routes with route map always prefered over the protcol redistribution. This is the reason you will receive only the routes which are mentioned in route map for connected subnets. If you want to receive the protcol redistributes routes also, then need to match one of the interface of that protcol and call it in the route map.

Click Here To Read Rest Of The Post...

Thursday, October 8, 2009

Solution Of Multihomed Redundancy

Most of the answers received for quiz is that configure the secondary route on PE2 with higher metric for CE1 lan in case of static routing or configure dynamic routing. But I am more concerned towards the static routing solution. If static routes are configured on secondary PE2 with higher metric will not come into play because the local originated weight of route is 32768 but the route which is received by MP-iBGP is having weight of 0, so the metric will not play and by default traffic forwarding for CE1 lan will happen from PE2 back door link configured for CE1. The higher metric route will be selected during that time when it is being received by multiple sources. To overcome this problem I have tested the solution by configuring the route map with weight 0 for CE1 lan. This route map is called under address family of vpn with redistribute static. Once this will be done one can see the weight of local originated route will become 0. There after configure the static route for CE1 lan with metric more than 200. Once this will be done PE2 will receive the routes from RR and local originated route and compare both the routes having same weight and then check for the lowest AD. The lowest AD configured route is receiving by RR, os it will be preferred and traffic will start flowing by PE1 instead of PE2. Once the PE1 primary link fails, that floating static route will add in the table.
For dynamic back door links refer to the previous post of BGP as PE-CE with back door link and it's simulated results.

Click Here To Read Rest Of The Post...

Wednesday, October 7, 2009

GRE Tunnel IP Facing Latency But Destination Address Doesn't

According to the customer, when he pings the GRE tunnel ip address a latency of 300-400ms is receiving but the latency of destination address of tunnel is 40ms. Really such a weird issue and ping outputs are phenomenal. During the analysis, we find backbone is having two equal cost path and destination based packet forwarding is configured. After running show ip cef exact route , we find that the packet forwading is occuring from the second path which is very less utilize and ist path is fully choked. But not able to check the same results with GRE ip address. There after, per packet based forwarding is configured and problem completely vanishes.
Does anyone know how to check the cef exact route for GRE tunnel address?

Click Here To Read Rest Of The Post...

Tuesday, October 6, 2009

Quiz: Multihomed Redundancy With Static Routes

Given scenario describes that CE1,CE2 and CE3 belongs to the same VPN and CE1 is multihomed with PE1 and PE2 router. Static routing is configured for CE 1 lan routes. When CE3 & CE2 desires to communicate with CE1 lan during that time the traffic of CE3 comes to PE2 and follow the back up link which customer doesnot want. The CE1 requirement is that everytime it's primary link should be used and secondary come into play when primary fails.
Post abstracts in comments or mail me directly shivludotjain at gmail dot com.

Click Here To Read Rest Of The Post...

Saturday, October 3, 2009

Choking Bandwidth Wan HSRP

In previous post of HSRP, a problem has highlighted of reverse and forwarding traffic when customer use the HSRP in LAN. This post is highlighting the problems when HSRP runs in PE-CE wan. Below is the diagram shown for reference purpose.

Customer R6 is connected with two PE routers for high availability. R3 is the active router with priority 255 and R2 is the standby router with priority 200. R1 ie receiving the lan routes from R2 as well as from R3 but selecting R2 as the best path because of smallest router-id assuming the cost of the both links in cloud is same. So the forwarding from R6 is happening via R3 router and reverse traffic is coming via R2.
Which Problems Could Come
1.The different reverse and forwarding could cause problems ofin customers applications if applications are jitter or latency senstive.
2. If the primary and backup path has different bandwidth allocation, In that case backup could be obstructed at anytime.

How to overcome the problem
1.Change the IGP path cost which may bring other difficulties.
2.Change the router id.

Apart from these remedies I am seeking another solution which could solve the current problem. If anyone is having anyidea , please share.

Click Here To Read Rest Of The Post...

Thursday, October 1, 2009

Hierarchical FIB - BGP PIC

During down convergence of link; loss of packets leads to the service distruptions in the network and service level aggrements are highly affected. In normal conditions, if BGP is being used as edge protocol, next hop information is passed on per prefix basics. Consequence sender has to update the database in terms of best path calculation, RIB/FIB updates and peer updates. The whole process consumes few of the seconds due to which the services are affected. But the use of hierarchical FIB with BGP PIC (Prefix Independent Convergence) edge and PIC core saves all the convergence time and with no services affecting. Hierarchical FIB allows much lower CPU consumption, routing convergence and higher robustness.

Click Here To Read Rest Of The Post...