350-501 SPCOR Cisco CCNP Service Provider – MPLS Label Distribution Protocol part 5

8. MPLS LDP Troubleshooting

MPLS LDP troubleshooting. Now, we are on the last step of the LDP. Probably we’ll see how to how to verify and troubleshoot your MPL configurations. So I have listed some of the possible issues here like MLS IP and then I have listed some of the specific Show commands which I generally use if I want to verify LDP configurations. Let’s go back and check check what are the possible issues you may come across in case if there is no LDP neighborship is established. So I’m going to take a router one and router two here and I’m going to assume that router one and router two are not forming the neighborship or not. Actually they are sending or receiving the labels. Now, what’s the reason for that? The first possible reason always you need to check the basic thing.

This is the order which I generally prefer to check. You need to ensure that MLS IP command must be given on the interface. Now, if these two interfaces are not forming the LDP membership, the first thing we need to check whether did you enable MPLS IP command on both the sites or not? Now, we can verify that by using a command called Show MPLS interfaces. Now, Show MLS interfaces will list all the interfaces which are enabled with MPLS IP command. If this interface, let’s say S one by zero is not listed inside this command, then probably the MPLS IP command will be missing on that interfaces. Now, in case if you realize that, okay, MPLS IP command is given on both the sides, but still they are not forming the neighbor ship.

The second thing I’ll ensure that is there any protocol mismatch because remember, always on both the sites they should be running a common label protocol in order to have a neighborship established, in order to have a label switch path to pay it. Okay? So protocol mismanage also, one of the reason we need to check out and this also we can verify by using a command called Show MLS interfaces. It will also show you what protocol it is using, whether it is using LDP or TDP. And also I can use this command show run include mPLUS because if you configure any other protocol other than LDP, probably we can also verify with this command. Now, next thing you realize that both the sites M plus IP is given and both the sites we are running a common LDP protocol, but still they are not forming the neighborship.

Now, the third possible reason I generally check route ready because if you remember we have discussed that in order to have a neighbor relationship, the router ID of both the routers must be reachable. It’s really important to have a reachability between both the route IDs that only they will be able to send and receive the LDP messages and they will form LDP membership. Now, there might be cases like you didn’t configure MPLS LDP out ID command and maybe you have some higher loop back, let’s say some router has taken an out ready. If you don’t configure, it will take automatically the highest type of the loop back and maybe that loadback is not advertised inside your IGP. So there are two possible solutions.

Either you can advertise this loadback whatever the route ready or make a route ready any specific loadback which is already advertised. So, how we can verify this? Again, I use Showrunning to the MPNs command to verify whether that command is given or not. If not given, then I’ll verify with Show IP interface to see what are the loop bags I have and which loopback is the highest loop back and whether that particular loop back is advertised or not. And finally, what I’ll do is I’ll also verify authentication. You can also configure authentication between the LDP neighbors, but not compulsory. If you want, we can do that if there is a mismatch of authentication on both the sites. In that case also they will not form the neighbor ship.

And finally, very less generally, you can have some filtering applied on that specific interface. Now, in this scenario here, maybe the interface connecting to the other side, maybe there is some filtering applied like ACL, or maybe there is some policy maps applied which might be dropping your LDP packets on port number of 646. So in case if you realize that there is an ACL or policy map applied on those specific interfaces, they need to ensure that particular ACL or policy map is going to permit your LDP packets. So, very rare, but commonly you’ll find this in your production network. So these are some of the very basic things you need to keep in mind when you are doing some troubleshooting of LDP.

And these are the specific Show commands, which I use show MLS LDP enables to verify the neighborship, show an interface command to verify the exact configuration on the interfaces show and include MPLS. It will show you all the MLS configurations, whatever configured and then show MPLS interfaces. Let’s get back to my actual physical topology now. Just now I have pre configured some of the possible errors on all the routers. So our job is to now fix those issues. So I need to make sure that in this scenario, router two must have a LDB neighborship with router one and router three. And the router three must have an LDB neighborship with these two routers.

And finally, end to end I should have reachable T from ten to 40 through labels which path, the entire labels which path should be working. So the first command, whenever I want to do some troubleshooting, the first command I’ll use, I’ll go to router one and router to better to verify on the middle router because on this middle router I can see both the neighbors. So I’ll go to Router Two and I’ll verify show MP’s LDP neighbors. I can see I don’t see a single neighbor here, because I have pre configured some of the configurations which actually affects your neighborship or LDP. Now, our job is to troubleshoot.

Now, whenever you realize these kind of things, the first thing you need to check, did you enable MLS IP or not? So, I’ll give show M plus interfaces on the router two, we can see on both the sites I have given MPLS IP command and protocol is LDP running on both the sites. So most likely there is no problem on the router two. So first we’ll try to fix the neighborship between router one and router two. So mostly on the router two, everything seems to be okay. You can see there is no MLS IP command is there and protocol is also same. And maybe I’ll go and check on the router two. So show MPLS LDP neighbor neighborship is not coming here. So the first thing what I’ll do is I’ll give you show MPLS interfaces.

Now, on the router one, there should be one interface. That is s one by zero should be enabled with MPLS IP. So did you see any interface here? There is no interface because the S one by zero is not enabled with MLS IP command. So the MLS IP command is missing on router one. So I’m going to add that one. Now, probably I should see the neighbor ship between router one and router two should come up. You can see the neighbor ship between one and two is up now. So show employees LDB neighbors. I can see neighbor ship is up now the neighbor ship between one and two is fixed now. Now we’ll try to fix the neighbor ship between router two and router three. Now let’s go back to router two.

Once again to verify the neighbor ship between two and three. So show MPLS LDB neighbors. So neighborship is not coming between router two and router three. So the first thing will verify show MLS interfaces. S one by one is the interface which is facing towards router three. It’s enabled with MPLS IP and then also lev protocol is running. So most likely there is no problem on router two. If I give short and include MPLS. Now, route three is perfect, but if you see here there is an authentication configuration on the router two might be missing on the router three. Let’s go and verify on the router three, because either you should not have any authentication on both the routers. So to configure authentication, it’s very easy.

You just need to go to config mode and then say MPLS LDP neighbor, whatever the router ID of the neighbor, and then password and whatever the password you want. Let’s go and verify on the router three to check. Sure and include MPLS. Now, here you can see there is no neighbor, there’s no LDP neighbor command, and also there is something called TDP configured. But first, let us try to fix the neighbor’s neighbor issue first, so I’ll configure on the router three also. So I’ll say McLaren LDP neighbor 120, that’s the router ID of the router two. Then I’m going to use the password of Cisco on both the sides. If I verify show impress LDP neighbors, I don’t see a single neighbor.

Now if I verify Show impress interfaces on S one by zero. The interface which is connecting router two, it’s running TDP here. And this side we are running LDP. So there is a protocol mismatch between router two and router three. Actually there are two problems here. The first problem we fixed already, there was authentication issue just now, we fixed that and hopefully it is correct. And then there is a protocol mismatch on both the sides. So we’ll try to figure out and then remove this and change it to LDP. So you can see here, I can clearly see here. So now I need to see because here now the protocol mismatch can be globally or it can be interface specific.

Now here it is interface specific because if you see the TDP is only enabled on S one by zero, but not on S one by one. So if you see all both the interfaces is shown as TDP, which means there is a command called Show MPLS label protocol. TDP is enabled only on interface specific here. So if it is enabled globally, you will see both the interfaces will be using TDP. Now if you want to check, you can go to specific interface and you can say you just need to remove this command because if I remove that command by default it’s going to run LEP. So now if I verify Show MPLS interfaces, you can see both the interfaces are LDP.

Now, and if I use Show MLS LDB neighbors on the route, on both the routers sorry, I can I can see the neighborhood between router two and router three is coming up. Now, between router two, router three, there were two issues. The one was authentication. I fixed that and then now LDP mismatch the protocol mismatch, I also fixed that one. Now router two and router three are forming the neighborship. Now but if you see there is a problem between router three and router four. Also there was a very small diagram. So I just tried my best to cover up each and every possible issue in a small diagram. Now let’s try to figure out what is the problem on between router three and router four. The first thing again. I’ll verify show MPLS interfaces.

So S one by one is enabled with MP’s IP and also it’s a NDP protocol. And let’s go to router four and check the same thing show MPLS interfaces s one by zero is enabled with MPLS IP and the protocol is LDP. Let me verify with this command show run include MPLS. Now here there’s one thing we need to keep in mind here. There is no route ridic command given here we can see. Now if you don’t give the route ready command, if you don’t give the route ready command, then automatically it is going to take the highest IP of the loop back. Now, in my scenario the highest IP of the loop back is 140. If you remember, I think we did not advertised loop back three here. So did we die loop back three? The loop back three is not advertised.

Now, in my scenario the route ID low back zero on the router three and here the router is loop back three but there is no reachability between these two. Now the solution will be either you advertise this loop back three, there is one solution or you need to change the route ready to loop back zero which is already advertised. So the best way is go with the second option. So what I’ll do is I’ll go to router four and I’ll simply say MPs LDP router loopback zero. So whenever you’re modifying the router ID, always it’s important for you to give a command called force because the router four has already chosen its route ready as a loopback three IP that is 43 one.

Now, if you want to override with a new route ready, it’s mandatory, you have to give a keyboard called force or else you have to reload the devices saving the configure and reloading. So we don’t want to go with that. So I’ll simply save force. Now, once we do this, it is going to remove. So if I just go and check and hopefully the neighborship between three and four should come up. And in case if it doesn’t come up then we need to check, there might be one more issue. Now you can see the neighborship comes up so show MP’s LDB neighbors. I can see router four is forming the neighborhood with router three also. Now this way I just tried to cover up all the possible issues here.

I didn’t confirm any filtering here to deny, but probably that is something you need to keep in mind if you have any ACL or policy map including that. So these are the most commonly possible reasons which can affect your LDP neighborship or LDP exchange of the routes. And one more thing you need to keep in mind if you realize that LDP is forming the neighborhood but they are not propagating the labels, you need to ensure that safe is enabled. So you can always check which show IPSF command. If the safe is disabled then it will not propagate the labels. So there is also one more thing you need to keep in mind when you are doing some troubleshooting. So before you configure any way we’ll verify if is enabled or not. But it’s always the best practice to check all these things.