Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Using MPLS to Diagnose LSPs, VPNs, and Layer 2 Circuits

MPLS Connection Checking Overview

Use either the J-Web ping MPLS diagnostic tool or the CLI commands ping mpls, ping mpls l2circuit, ping mpls l2vpn, and ping mpls l3vpn to diagnose the state of label-switched paths (LSPs), Layer 2 and Layer 3 virtual private networks (VPNs), and Layer 2 circuits.

Based on how the LSP or VPN outbound (egress) node at the remote endpoint of the connection replies to the probes, you can determine the connectivity of the LSP or VPN.

Each probe is an echo request sent to the LSP or VPN exit point as an MPLS packet with a UDP payload. If the outbound node receives the echo request, it checks the contents of the probe and returns a value in the UDP payload of the response packet. If the device receives the response packet, it reports a successful ping response.

Responses that take longer than 2 seconds are identified as failed probes.

Table 1 summarizes the options for using either the J-Web ping MPLS diagnostic tool or the CLI ping mpls command to display information about MPLS connections in VPNs and LSPs.

Table 1: Options for Checking MPLS Connections

J-Web Ping MPLS Tool

ping mpls Command

Purpose

Additional Information

Ping RSVP-signaled LSP

ping mpls rsvp

Checks the operability of an LSP that has been set up by the Resource Reservation Protocol (RSVP). The device pings a particular LSP using the configured LSP name.

When an RSVP-signaled LSP has several paths, the device sends the ping requests on the path that is currently active.

Ping LDP-signaled LSP

ping mpls ldp

Checks the operability of an LSP that has been set up by the Label Distribution Protocol (LDP). The device pings a particular LSP using the forwarding equivalence class (FEC) prefix and length.

When an LDP-signaled LSP has several gateways, the device sends the ping requests through the first gateway.

Ping requests sent to LDP-signaled LSPs use only the master routing instance.

Ping LSP to Layer 3 VPN prefix

ping mpls l3vpn

Checks the operability of the connections related to a Layer 3 VPN. The device tests whether a prefix is present in a provider edge (PE) device’s VPN routing and forwarding (VRF) table, by means of a Layer 3 VPN destination prefix.

The device does not test the connection between a PE device and a customer edge (CE) router.

Locate LSP using interface name

ping mpls l2vpn interface

Checks the operability of the connections related to a Layer 2 VPN. The device directs outgoing request probes out the specified interface.

Instance to which this connection belongs

ping mpls l2vpn instance

Checks the operability of the connections related to a Layer 2 VPN. The device pings on a combination of the Layer 2 VPN routing instance name, the local site identifier, and the remote site identifier, to test the integrity of the Layer 2 VPN circuit (specified by the identifiers) between the inbound and outbound PE routers.

Locate LSP from interface name

ping mpls l2circuit interface

Checks the operability of the Layer 2 circuit connections. The device directs outgoing request probes out the specified interface.

Locate LSP from virtual circuit information

ping mpls l2circuit virtual-circuit

Checks the operability of the Layer 2 circuit connections. The device pings on a combination of the IPv4 prefix and the virtual circuit identifier on the outbound PE router, testing the integrity of the Layer 2 circuit between the inbound and outbound PE routers.

Ping end point of LSP

ping mpls lsp-end-point

Checks the operability of an LSP endpoint. The device pings an LSP endpoint using either an LDP FEC prefix or an RSVP LSP endpoint address.

Understanding Ping MPLS

Before using the ping MPLS feature, make sure that the receiving interface on the VPN or LSP remote endpoint has MPLS enabled, and that the loopback interface on the outbound node is configured as 127.0.0.1. The source address for MPLS probes must be a valid address on the J Series device.

This section includes the following topics:

MPLS Enabled

To process ping MPLS requests, the remote endpoint of the VPN or LSP must be configured appropriately. You must enable MPLS on the receiving interface of the outbound node for the VPN or LSP. If MPLS is not enabled, the remote endpoint drops the incoming request packets and returns an “ICMP host unreachable” message to the J Series device.

Loopback Address

The loopback address (lo0) on the outbound node must be configured as 127.0.0.1. If this interface address is not configured correctly, the outbound node does not have this forwarding entry. It drops the incoming request packets and returns a “host unreachable” message to the J Series device.

Source Address for Probes

The source IP address you specify for a set of probes must be an address configured on one of the J Series device interfaces. If it is not a valid J Series device address, the ping request fails with the error message “Can't assign requested address.”

Using the ping Command

You can perform certain tasks only through the CLI. Use the CLI ping command to verify that a host can be reached over the network. This command is useful for diagnosing host and network connectivity problems. The device sends a series of ICMP echo (ping) requests to a specified host and receives ICMP echo responses.

Enter the ping command with the following syntax:

Table 2 describes the ping command options.

To quit the ping command, press Ctrl-C.

Table 2: CLI ping Command Options

Option

Description

host

Pings the hostname or IP address you specify.

interface source-interface

(Optional) Sends the ping requests on the interface you specify. If you do not include this option, ping requests are sent on all interfaces.

bypass-routing

(Optional) Bypasses the routing tables and sends the ping requests only to hosts on directly attached interfaces. If the host is not on a directly attached interface, an error message is returned.

Use this option to ping a local system through an interface that has no route through it.

countnumber

(Optional) Limits the number of ping requests to send. Specify a count from 1 through 2,000,000,000. If you do not specify a count, ping requests are continuously sent until you press Ctrl-C.

do-not-fragment

(Optional) Sets the Don't Fragment (DF) bit in the IP header of the ping request packet.

inet

(Optional) Forces the ping requests to an IPv4 destination.

inet6

(Optional) Forces the ping requests to an IPv6 destination.

interval seconds

(Optional) Sets the interval between ping requests, in seconds. Specify an interval from 0.1 through 10,000. The default value is 1 second.

loose-source [hosts]

(Optional) For IPv4, sets the loose source routing option in the IP header of the ping request packet.

no-resolve

(Optional) Suppresses the display of the hostnames of the hops along the path.

pattern string

(Optional) Includes the hexadecimal string you specify, in the ping request packet.

rapid

(Optional) Sends ping requests rapidly. The results are reported in a single message, not in individual messages for each ping request. By default, five ping requests are sent before the results are reported. To change the number of requests, include the count option.

record-route

(Optional) For IPv4, sets the record route option in the IP header of the ping request packet. The path of the ping request packet is recorded within the packet and displayed on the screen.

routing-instance routing-instance-name

(Optional) Uses the routing instance you specify for the ping request.

size bytes

(Optional) Sets the size of the ping request packet. Specify a size from 0 through 65,468. The default value is 56 bytes, which is effectively 64 bytes because 8 bytes of ICMP header data are added to the packet.

source source-address

(Optional) Uses the source address that you specify, in the ping request packet.

strict

(Optional) For IPv4, sets the strict source routing option in the IP header of the ping request packet.

strict-source [hosts]

(Optional) For IPv4, sets the strict source routing option in the IP header of the ping request packet, and uses the list of hosts you specify for routing the packet.

tos number

(Optional) Sets the type-of-service (TOS) value in the IP header of the ping request packet. Specify a value from 0 through 255.

ttl number

(Optional) Sets the time-to-live (TTL) value for the ping request packet. Specify a value from 0 through 255.

wait seconds

(Optional) Sets the maximum time to wait after sending the last ping request packet. If you do not specify this option, the default delay is 10 seconds. If you use this option without the count option, the device uses a default count of 5 packets.

detail

(Optional) Displays the interface on which the ping response was received.

verbose

(Optional) Displays detailed output.

The following is sample output from a ping command:

The fields in the display are the same as those displayed by the J-Web ping host diagnostic tool.

Pinging Layer 2 Circuits

Enter the ping mpls l2circuit command with the following syntax:

Table 3 describes the ping mpls l2circuit command options.

Table 3: CLI ping mpls l2circuit Command Options

Option

Description

l2circuit interface interface-name

Sends ping requests out the specified interface configured for the Layer 2 circuit on the outbound PE device.

l2circuit virtual-circuit neighbor prefix-name virtual-circuit-id

Pings on a combination of the IPv4 prefix and the virtual circuit identifier on the outbound PE device, testing the integrity of the Layer 2 circuit between the inbound and outbound PE devices.

exp forwarding-class

(Optional) Specifies the value of the forwarding class to be used in the MPLS ping packets.

countnumber

(Optional) Limits the number of ping requests to send. Specify a count from 0 through 1,000,000. The default value is 5. If you do not specify a count, ping requests are continuously sent until you press Ctrl-C.

source source-address

(Optional) Uses the source address that you specify, in the ping request packet.

detail

(Optional) Displays detailed output about the echo requests sent and received. Detailed output includes the MPLS labels used for each request and the return codes for each request.

To quit the ping mpls l2circuit command, press Ctrl-C.

The following is sample output from a ping mpls l2circuit command:

The fields in the display are the same as those displayed by the J-Web ping MPLS diagnostic tool.

Pinging Layer 2 VPNs

Enter the ping mpls l2vpn command with the following syntax:

Table 4 describes the ping mpls l2vpn command options.

Table 4: CLI ping mpls l2vpn Command Options

Option

Description

l2vpn interface interface-name

Sends ping requests out the specified interface configured for the Layer 2 VPN on the outbound (egress) PE device.

l2vpn instance l2vpn-instance-name local-site-id local-site-id-number remote-site-id remote-site-id-number

Pings on a combination of the Layer 2 VPN routing instance name, the local site identifier, and the remote site identifier, testing the integrity of the Layer 2 VPN circuit (specified by the identifiers) between the inbound (ingress) and outbound PE devices.

bottom-label-ttl

(Optional) Displays the time-to-live (TTL) value for the bottom label in the MPLS label stack.

exp forwarding-class

(Optional) Specifies the value of the forwarding class to be used in the MPLS ping packets.

countnumber

(Optional) Limits the number of ping requests to send. Specify a count from 0 through 1,000,000. The default value is 5. If you do not specify a count, ping requests are continuously sent until you press Ctrl-C.

source source-address

(Optional) Uses the source address that you specify, in the ping request packet.

detail

(Optional) Displays detailed output about the echo requests sent and received. Detailed output includes the MPLS labels used for each request and the return codes for each request.

To quit the ping mpls l2vpn command, press Ctrl-C.

The following is sample output from a ping mpls l2vpn command:

The fields in the display are the same as those displayed by the J-Web ping MPLS diagnostic tool.

Pinging Layer 3 VPNs

Enter the ping mpls l3vpn command with the following syntax:

Table 5 describes the ping mpls l3vpn command options.

Table 5: CLI ping mpls l3vpn Command Options

Option

Description

l3vpn prefix prefix-name

Pings the remote host specified by the prefix to verify that the prefix is present in the PE device's VPN routing and forwarding (VRF) table. This option does not test the connectivity between a PE device and a CE device.

l3vpn-name

(Optional) Layer 3 VPN name.

bottom-label-ttl

(Optional) Displays the time-to-live (TTL) value for the bottom label in the MPLS label stack.

exp forwarding-class

(Optional) Specifies the value of the forwarding class to be used in the MPLS ping packets.

countnumber

(Optional) Limits the number of ping requests to send. Specify a count from 0 through 1,000,000. The default value is 5. If you do not specify a count, ping requests are continuously sent until you press Ctrl-C.

source source-address

(Optional) Uses the source address that you specify, in the ping request packet.

detail

(Optional) Displays detailed output about the echo requests sent and received. Detailed output includes the MPLS labels used for each request and the return codes for each request.

To quit the ping mpls l3vpn command, press Ctrl-C.

The following is sample output from a ping mpls l3vpn command:

The fields in the display are the same as those displayed by the J-Web ping MPLS diagnostic tool.

Pinging RSVP-Signaled LSPs and LDP-Signaled LSPs

Enter the ping mpls command with the following syntax:

Table 6 describes the ping mpls command options.

Table 6: CLI ping mpls ldp and ping mpls lsp-end-point Command Options

Option

Description

ldp fec

Pings an LDP-signaled LSP identified by the forwarding equivalence class (FEC) prefix and length.

lsp-end-point prefix-name

Pings an LSP endpoint using either an LDP FEC or a RSVP LSP endpoint address.

rsvp lsp-name

Pings an RSVP-signaled LSP identified by the specified LSP name.

exp forwarding-class

(Optional) Specifies the value of the forwarding class to be used in the MPLS ping packets.

countnumber

(Optional) Limits the number of ping requests to send. Specify a count from 0 through 1,000,000. The default value is 5. If you do not specify a count, ping requests are continuously sent until you press Ctrl-C.

source source-address

(Optional) Uses the source address that you specify, in the ping request packet.

detail

(Optional) Displays detailed output about the echo requests sent and received. Detailed output includes the MPLS labels used for each request and the return codes for each request.

To quit the ping mpls command, press Ctrl-C.

The following is sample output from a ping mpls command:

The fields in the display are the same as those displayed by the J-Web ping MPLS diagnostic tool.