[an error occurred while processing this directive][an error occurred while processing this directive]

Pinging the Remote CE Router from the Local PE Router

The following procedure is effective for Layer 3 VPNs only. To ping a remote CE router from a local PE router in a Layer 3 VPN, you need to configure the following interfaces:

  1. Configure a logical unit for the loopback interface.

    To configure an additional logical unit on the loopback interface of the PE router, configure the unit statement at the [edit interfaces lo0] hierarchy level:

    [edit interfaces]lo0 {unit number {family inet {address address;}}}
  2. Configure the loopback interface for the Layer 3 VPN routing instance on the local PE router. You can associate one logical loopback interface with each Layer 3 VPN routing instance, enabling you to ping a specific routing instance on a router.

    Specify the loopback interface you configured in Step 1 using the interface statement at the [edit routing-instances routing-instance-name] hierarchy level:

    [edit routing-instances routing-instance-name]interface interface-name;

    The interface-name is the logical unit on the loopback interface (for example, lo0.1).

  3. From the VPN interface on PE router, you can now ping the logical unit on the loopback interface on the remote CE router:
    user@host> ping interface interface host

    Use interface to specify the new logical unit on the loopback interface (for example, lo0.1). For more information about how to use the ping interface command, see the JUNOS Interfaces Command Reference.

Limitation on Pinging a Remote CE Router from a PE Router

If you attempt to ping a remote CE router from a PE router, ICMP echo requests are sent from the PE router, with the PE router’s VPN interface as the source. Other PE routers have a route back to that address with a VPN label. When the echo replies return, they include a label. The PE router pops the VPN label and sends the packet from the VPN interface to the local CE router. The local CE router sends it back to the PE router, its actual destination.

When a Juniper Networks routing platform receives a labeled packet, the label is popped (depending on the label operation specified), and the packet is forwarded to an interface, even if the packet is destined for that particular PE router. Labeled packets are not analyzed further for the IP information under the label.

If there is a problem with the connection to the local CE router, packets are sent out but do not return to the PE router, and the ping fails. If the connection between your PE router and local CE router is down, sending a ping to the remote CE router fails even though the connection to the remote CE router might be functional.


Published: 2010-04-27

[an error occurred while processing this directive]