Hello,
I have a L3VPN working with a Juniper router and and a Mikrotik 4.9, I am using RSVP for label distribution.
The following works:
Ping from CE to CE
Ping from local CE to local PE
The following does NOT work:
Ping from PE to PE
Ping from remote CE to PE
I have read that this was a limitation in the mpls-test package about a year ago but I was wondering if this limitation was or is planned to be fixed at some point.
Thanks,
Abel.
We need more information to help you here. I’m by no means a Juniper expert, but I’d love to give it a shot. How is your topology. Which devices are Juniper and which run RouterOS?
New condition, I rebooted everything and now it seems to be working.
However I can PING from Juniper PE (vrf address) to the Mikrotik PE (vrf address) but I can not telnet to it.
admin@MOP-LAB_Juniper> ping 3.3.3.1 routing-instance INTERNET
PING 3.3.3.1 (3.3.3.1): 56 data bytes
64 bytes from 3.3.3.1: icmp_seq=0 ttl=64 time=0.842 ms
64 bytes from 3.3.3.1: icmp_seq=1 ttl=64 time=0.672 ms
^C
--- 3.3.3.1 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.672/0.757/0.842/0.085 ms
admin@MOP-LAB_Juniper> telnet 3.3.3.1 routing-instance INTERNET
Trying 3.3.3.1...
telnet: connect to address 3.3.3.1: Operation timed out
telnet: Unable to connect to remote host
admin@MOP-LAB_Juniper>
For the PE to PE ping the topology is actually fair simply.
I have a Mikrotik 4.9 directly connected to a Juniper m10i. (It goes thru a few switches but its all L2).
I have a RSVP from the Mikrotik PE to the Juniper PE:
[admin@MikroTik] > /interface traffic-eng monitor 0
tunnel-id: 1
primary-path-state: established
primary-path: dyn
secondary-path-state: not-necessary
active-path: dyn
active-lspid: 1
active-label: impl-null
recorded-route: "192.168.90.14[3]"
reserved-bandwidth: 0bps
[admin@MikroTik] >
And I have another RSVP tunnel from the Juniper PE to the Mikrotik PE
admin@MOP-LAB_Juniper> show mpls lsp name m10i-to-mikrotik
Ingress LSP: 5 sessions
To From State Rt P ActivePath LSPname
192.168.90.11 192.168.90.252 Up 0 * m10i-to-mikrotik
Total 1 displayed, Up 1, Down 0
Routing table on mikrotik
[admin@MikroTik] > /routing bgp vpnv4-route print
Flags: L - label-present
# ROUTE-DISTINGUISHER DST-ADDRESS GATEWAY IN..
0 L 252.90.168.192:1 0.0.0.0/0 192.168.90.252 et..
1 L 252.90.168.192:1 64.89.14.44/30 192.168.90.252 et..
2 L 192.168.90.11:1 0.0.0.0/0 192.168.90.14
3 L 192.168.90.11:1 3.3.3.1/32 in..
[admin@MikroTik] >
Routing table on Juniper:
admin@MOP-LAB_Juniper> show route table INTERNET
INTERNET.inet.0: 5 destinations, 6 routes (5 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
0.0.0.0/0 *[Static/5] 10:15:52
> to 64.89.14.46 via ge-0/1/2.63
[BGP/170] 10:14:55, localpref 100, from 192.168.90.11
AS path: ?
> to 192.168.90.13 via ge-0/1/2.67, label-switched-path m10i-to-mikrotik
1.1.1.10/32 *[BGP/170] 10:14:36, MED 0, localpref 100, from 192.168.90.253
AS path: ?
> to 192.168.90.2 via ge-0/1/0.1, label-switched-path m10mop-to-8860
3.3.3.1/32 *[BGP/170] 00:05:48, localpref 100, from 192.168.90.11
AS path: ?
> to 192.168.90.13 via ge-0/1/2.67, label-switched-path m10i-to-mikrotik
64.89.14.44/30 *[Direct/0] 10:15:52
> via ge-0/1/2.63
64.89.14.45/32 *[Local/0] 10:16:20
Local via ge-0/1/2.63
RouterOS’ services, such as telnet and ssh, only listens to connections in the main routing table. So you cannot telnet to the router inside a VRF.