Debugging packets flows through MPLS networks

Objective
This guide walks you through the routing of packets between two VRF’s on an MPLS network. The objective is to understand exactly what MPLS and IP CEF are doing as the traffic traverses the network.

Consider the following network diagram

tracing packets through an MPLS network

To test the network, we are trying to ping from the VRF V100-green interface on PE1 to the VRF V100-green interface on PE2.

PE1#ping vrf V100-green 192.168.11.1 source 192.168.10.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.11.1, timeout is 2 seconds:
Packet sent with a source address of 192.168.10.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/20/24 ms
PE1#

Step 1 – PE1
If you look at the VRF route table on PE1, you will see the following entry for the destination IP address.

PE1#show ip route vrf V100-green 192.168.11.1
Routing entry for 192.168.11.0/24
Known via “bgp 64512″, distance 200, metric 0, type internal
Last update from 192.168.0.2 6d22h ago
Routing Descriptor Blocks:
* 192.168.0.2 (Default-IP-Routing-Table), from 192.168.0.2, 6d22h ago
Route metric is 0, traffic share count is 1
AS Hops 0

PE1#

You can see that the route has been learned via BGP router 64512, from (BGP) neighbor router 192.168.0.2 (PE2).

when PE1 receives the IP packet inside the VRF, it will use its Cisco Express Forwarding table (CEF) to forward the packet. To see how it will forward the table,

PE1#show ip cef vrf V100-green 192.168.11.1 detail
192.168.11.0/24, epoch 0
recursive via 192.168.0.2 label 33
nexthop 10.1.1.2 FastEthernet0/0 label 62
PE1#PE1#

What we can see here is that IP CEF is going to label the packet with two labels.

The second line shows us that the first label on the stack is label 33 which will stay on the packet until it reaches the hop before 192.168.0.2 (the last to penultimate hop).

The second label on the stack (the top of the stack) is label 62, which will be added before transmitting the packet to 10.1.1.2 via Fas 0/0. This label, is the label required to get the packet to the final destination router 192.168.0.2.

At this point, the router puts the 10 byte MPLS header on the packet and forwards the packet to P1. The packet is now an MPLS packet, NOT and IP packet.

The packet that came into PE1 was an IP packet, so the MPLS forwarding table WILL NOT be used in any way for the forwarding of the packet, but we can use the MPLS forwarding table to see the labels being advertised from P1

PE1#show mpls forwarding-table 192.168.0.2
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
58 62 192.168.0.2/32 0 Fa0/0 10.1.1.2
PE1#

You can see the outbound label for a destination of 192.168.0.2 matches the label that CEF is going to insert on the packet for the same destination (62).

Step 2 – P1
P1 will receive the MPLS packet. To see what the packet is going to do we need to look at the MPLS forwarding table for the destination, not the IP route or CEF tables as we did previously on PE1.

P1#show mpls forwarding-table 192.168.0.2
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
62 39 192.168.0.2/32 0 Tu4001 point2point
P1#

You can see that local label for the destination is 62 (which is what was advertised to PE1, which is why PE1 originally labelled the packet with a top label of 62). The next hop router is advertising a label of 39 for that destination on interface tun 1, so P1 is going to swap the top label (62) for a new label (39) and forward the packet out tunnel 1.

We can see the packet come in and leave the router with the top label swapped, in an MPLS packet debug.

Jan 21 03:56:39.391: MPLS les: Fa0/0: rx: Len 126 Stack {62 0 255} {33 0 255} – ipv4 data
Jan 21 03:56:39.395: MPLS les: Tu1: tx: Len 132 Stack {39 0 254} {33 0 255} – ipv4 data

NOTE: to get this debug, you need an access list, and to turn on MPLS packet debugging
the access list is:

access-list 2700 permit any 62 any any

and to turn on debug is

debug MPLS packet 2700

Step 3 – P2
P2, will do the same as P1. It will swap the top label from the label it received, too the label it transmits. You can see what is is going to happen in the MPLS forwarding table

P2#show mpls forwarding-table 192.168.0.2
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
39 39 192.168.0.2/32 431958 Fa0/0 10.1.1.10
P2#

It is a complete co-incidence that the local and outgoing labels are both 39 in this case. MPLS labels are distributed via the label distribution protocol (LDP). LDP allocates labels to entries in its route table. The dynamic route entries in the route table are populated via OSPF, but any other router protocol will achieve the same thing. The router is responsible for creating its own unique set of labels for each entry in the route table, and then it passing these labels to its neighbor routers. Labels are not propagated beyond the neighbor routers. If your still concentrating, you are probably wondering where the second label on the stack (33) came from . This was not transmitted via LDP, but rather via BGP 64512 between the source and destination routers.

debug on P2 will show you the packet passing through the router.

Jan 21 05:32:34.405: MPLS les: Tu1: rx: Len 108 Stack {39 0 254} {33 0 255} – ipv4 data
Jan 21 05:32:34.405: MPLS les: Fa0/0: tx: Len 126 Stack {39 0 253} {33 0 255} – ipv4 data

Note in the debug that the last entry in the label has decremented. i.e. {39 0 254} is now {39 0 253}. The last field is the time to live (TTL). You can also see that the bottom label still has a TTL of 255, so from the perspective of the VRF, the whole MPLS network is one IP hop.

Step 4 – P3
P3 now receives the packet from P2. If we look at the MPLS forwarding table on P3; we can see that it is the last to penultimate router, which means that it is being told to pop the label of the stack.

P3#show mpls forwarding-table 192.168.0.2
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
39 Pop Label 192.168.0.2/32 0 Tu1 point2point
P3#

If we debug the packet as it traverses this router, we will see it pop the top label, so now there is only on label on the stack but the packet is still an MPLS packet

Jan 21 05:37:21.675: MPLS les: Fa0/0: rx: Len 126 Stack {39 0 253} {33 0 255} – ipv4 data
Jan 21 05:37:21.675: MPLS les: Tu1: tx: Len 128 Stack {33 0 252} – ipv4 data

Step 5 – PE2
We can see what PE2 is going to do with the packet, with a slightly difference command. This command shows what will happen to a packet with label 33.

PE2#show mpls forwarding-table labels 33
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
33 No Label 192.168.11.0/24[V] 12855933 aggregate/V100-green
PE2#

PE2 is going to remove the final label, effectively turning the MPLS packet back into an IP packet. The outgoing interface in this case is a VRF (identified by the [V]), and the outbound VRF is V100-green.

This gets the packet to the final router. The ICMP-request packet that we created is going to generate an ICMP-reply packet from the destination. You can see what PE2 is going to do with that reply packet here.

PE2#show ip cef vrf V100-green 192.168.10.1 detail
191.168.1.0/24, epoch 0
recursive via 192.168.0.1 label 61
nexthop 10.1.1.13 Tunnel1 label 32
PE2#

by looking at the MPLS forwarding and CEF tables along the path, you should be able to predict, and then debug and verify the packets labels as to passes back to the source.

0 Response to “Debugging packets flows through MPLS networks”


  • No Comments

Leave a Reply